Demande aide éradication clic.giftload après tentatives infructueuses

[Philoo]

Ci-dessous le rapport demandé (Réalisé en mode sans échec) :

 

Processus en mémoire: C:\Windows\System32\svchost.exe:872 BackDoor.Tdss.565 Eradiqué.

Process.exe C:\Windows\system32 Tool.Killproc.3 Quarantaine.

 

Après redémarrage en mode normal :

 

Processus en mémoire: C:\Windows\System32\svchost.exe:1124 BackDoor.Tdss.565 Eradiqué.

 

J'ai ensuite réussi à installer mozilla qui semble fonctionner bcp mieux que ie. IE ne fonctionne d'ailleurs plus... il bloque en mode normal.

 

par contre pour docteur web, je n'ai fait qu'une analyse rapide.

 

Merci

[lance_yien]

Bonjour,

 

Fais le scan complet pour y voir plus clair (avec un peu de chance).

On essayera une réparation si IE et d'autre programme ne fonctionnent toujours pas.

[Philoo]

Bonjour,

 

Et bien j'avais lancé le scan complet dans la nuit et il vient de se terminer...

Voilà le verdict :

 

Processus en mémoire: C:\Windows\System32\svchost.exe:1160 BackDoor.Tdss.565 Eradiqué.

MigLog.xml C:\Documents and Settings\Philippe\AppData\Local\Application Data\MigWiz Probablement SCRIPT.Virus Irréparable.Quarantaine.

MigLog.xml C:\Documents and Settings\Philippe\AppData\Local\MigWiz Probablement SCRIPT.Virus Chemin invalide pour le fichier

Process.exe C:\Documents and Settings\Philippe\DoctorWeb\Quarantine Tool.Killproc.3 Irréparable.Quarantaine.

Launch.exe C:\Program Files\Acer GameZone\Agatha Christie Death on the Nile Trojan.DownLoader1.5449 Irréparable.Quarantaine.

Launch.exe C:\Program Files\Acer GameZone\Alice Greenfingers Trojan.DownLoader1.5449 Irréparable.Quarantaine.

Launch.exe C:\Program Files\Acer GameZone\Azada Trojan.DownLoader1.5449 Irréparable.Quarantaine.

Launch.exe C:\Program Files\Acer GameZone\Backspin Billiards Trojan.DownLoader1.5449 Irréparable.Quarantaine.

Launch.exe C:\Program Files\Acer GameZone\Big Kahuna Reef Trojan.DownLoader1.5449 Irréparable.Quarantaine.

Launch.exe C:\Program Files\Acer GameZone\Bricks of Egypt Trojan.DownLoader1.5449 Irréparable.Quarantaine.

Launch.exe C:\Program Files\Acer GameZone\Cake Mania Trojan.DownLoader1.5449 Irréparable.Quarantaine.

Launch.exe C:\Program Files\Acer GameZone\Chicken Invaders 3 Trojan.DownLoader1.5449 Irréparable.Quarantaine.

Launch.exe C:\Program Files\Acer GameZone\Chuzzle Trojan.DownLoader1.5449 Irréparable.Quarantaine.

Launch.exe C:\Program Files\Acer GameZone\Diner Dash Flo on the Go Trojan.DownLoader1.5449 Irréparable.Quarantaine.

Launch.exe C:\Program Files\Acer GameZone\Jewel Quest Solitaire Trojan.DownLoader1.5449 Irréparable.Quarantaine.

Launch.exe C:\Program Files\Acer GameZone\Kick N Rush Trojan.DownLoader1.5449 Irréparable.Quarantaine.

Launch.exe C:\Program Files\Acer GameZone\Mahjong Escape Ancient China Trojan.DownLoader1.5449 Irréparable.Quarantaine.

Launch.exe C:\Program Files\Acer GameZone\Mahjongg Artifacts Trojan.DownLoader1.5449 Irréparable.Quarantaine.

Launch.exe C:\Program Files\Acer GameZone\Mystery Case Files - Huntsville Trojan.DownLoader1.5449 Irréparable.Quarantaine.

Launch.exe C:\Program Files\Acer GameZone\Mystery Solitaire - Secret Island Trojan.DownLoader1.5449 Irréparable.Quarantaine.

Launch.exe C:\Program Files\Acer GameZone\Turbo Pizza Trojan.DownLoader1.5449 Irréparable.Quarantaine.

Launch.exe C:\Program Files\Acer GameZone\Zuma Deluxe Trojan.DownLoader1.5449 Irréparable.Quarantaine.

MigLog.xml C:\Users\Philippe\AppData\Local\MigWiz Probablement SCRIPT.Virus Chemin invalide pour le fichier

 

 

Je viens de réussir à envoyer le post avec internet explorer qui a miraculeusement démarré, mais je pense que c'est parce que le processus svchost vérolé n'est pas revenu en mémoire, ce qui ne devrait pas tarder si ça fait comme hier ...

 

Merci d'avance.

[lance_yien]

Bon boulot,

On essaie ComboFix!

 

Imprimer ces instructions ou les enregistrer dans un fichier texte sur le Bureau pour les consulter facilement à tout moment et télécharger, sur le Bureau:

• ComboFix© (par sUBs) depuis ici ou ici
• DeFogger (par jpshortstuff) depuis ici

 

>>> Désactiver les drivers d'émulation CD pour éviter toute interférence avec nos outils: Fermer toutes le fenêtres et applications ouvertes et double-cliquer sur Defogger.exe (Vista/W7 cliquer-droi => "Exécuter en tant qu'administrateur").

Cliquer sur le bouton Disable.

Cliquer sur Yes pour continuer puis, au message "Finished!", cliquer sur OK

Si le programme demande de redémarrer la machine, cliquer sur OK

Ne pas réactiver ces drivers sans y être invité.

 

 

>>> Utiliser ComboFix: Fermer toutes les applications et fenêtres ouvertes, désactiver antivirus/ pare-feu/ antispyware et cliquer ComboFix.exe. Suivre les instructions.

Accepter l'Agrément de la licence et l'installation de la Console de Récupération (proposée sous XP si pas installée).

NE PAS TOUCHER la machine avant la fin (même si les choses semblent ne pas avancer).

 

Quand c'est fini, un rapport (ComboFix.txt) s'affiche. Il est sauvegardé, automatiquement, à la racine de la partition système (généralement C:\)

Poster son contenu.

[Philoo]

Et ben rebelotte pour combofix, écran bleu à la fin du chargement de la barre bleue

Signature du problème :

Nom d’événement de problème: BlueScreen

Version du système: 6.1.7600.2.0.0.768.3

Identificateur de paramètres régionaux: 1036

 

Informations supplémentaires sur le problème :

BCCode: 100000d1

BCP1: 4EA58B80

BCP2: 00000002

BCP3: 00000008

BCP4: 4EA58B80

OS Version: 6_1_7600

Service Pack: 0_0

Product: 768_1

 

Fichiers aidant à décrire le problème :

C:\Windows\Minidump\042811-22042-01.dmp

C:\Users\Philippe\AppData\Local\Temp\WER-46862-0.sysdata.xml

 

Lire notre déclaration de confidentialité en ligne :

http://go.microsoft.com/fwlink/?linkid=104288&clcid=0x040c

 

Si la déclaration de confidentialité en ligne n’est pas disponible, lisez la version hors connexion :

C:\Windows\system32\fr-FR\erofflps.txt

 

J'ai aussi essayé en redémarrant en mode sans échec et en lançant Dr web juste pour éradiqué le processus svchost avant de lancer combofix et même résultat...

 

Ah oui j'allais oublié.

J'ai aussi des redirections vers des sites divers et variés après une recherche google qui semble ok en cliquant sur le lien, je suis redirigé vers d'autres sites. C'est le premier coup que ça me le fait...

[lance_yien]

Mince alors!

On voit avec OTL et surveille le comportement de ton PC pour me dire plus tard tout ce qui peine à y aller.

 

Imprimer ces instructions ou les enregistrer dans un fichier texte sur le Bureau pour les consulter facilement à tout moment et télécharger, sur le Bureau OTL (par OldTimer) depuis ici ou ici.

 

Fermer toutes les applications et fenêtres ouvertes et cliquer-droit sur OTL.exe => Exécuter en tant qu'Admin.

Sans rien changer ni rajouter, cliquer sur le bouton bleu Analyse et laisser faire.

A la fin du scan, 2 rapports seront créés: OTL.txt (qui s'ouvre dans le bloc-note) et Extras.txt (qui sera minimisé dans la Barre des tâches).

 

Copier/ Coller le contenu de chaque rapport, un seul par message parce qu'ils sont souvent très longs et dépassent la limite autorisée par le forum.

[Philoo]

rapport OTl : (pour info, ie ne fonctionne pratiquement plus en mode normal, par contre mozilla, ça va si pas de recherches google...)

 

OTL logfile created on: 28/04/2011 15:06:01 - Run 7

OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\Philippe\Desktop

Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation

Internet Explorer (Version = 8.0.7600.16385)

Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

 

3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 74,00% Memory free

6,00 Gb Paging File | 6,00 Gb Available in Paging File | 85,00% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files

Drive C: | 232,59 Gb Total Space | 120,86 Gb Free Space | 51,96% Space Free | Partition Type: NTFS

Drive D: | 596,17 Gb Total Space | 531,39 Gb Free Space | 89,13% Space Free | Partition Type: NTFS

Drive E: | 348,93 Gb Total Space | 347,56 Gb Free Space | 99,61% Space Free | Partition Type: NTFS

 

Computer Name: PC | User Name: Philippe | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: All users

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

 

========== Processes (SafeList) ==========

 

PRC - [2011/04/28 15:05:12 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Philippe\Desktop\OTL.exe

PRC - [2011/04/18 19:25:12 | 003,460,784 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe

PRC - [2011/04/18 19:25:10 | 000,042,184 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe

PRC - [2010/10/28 18:55:02 | 000,294,912 | ---- | M] () -- C:\Program Files\HTC\HTC Sync 3.0\htcUPCTLoader.exe

PRC - [2010/10/27 12:36:24 | 003,365,176 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files\Samsung\Kies\KiesTrayAgent.exe

PRC - [2010/09/16 15:06:22 | 000,080,896 | ---- | M] () -- C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe

PRC - [2010/09/06 09:16:58 | 000,095,568 | ---- | M] (Devguru Co., Ltd.) -- C:\Windows\System32\dgdersvc.exe

PRC - [2010/09/06 09:11:32 | 000,217,088 | ---- | M] (Teruten) -- C:\Windows\System32\FsUsbExService.Exe

PRC - [2010/03/04 23:38:00 | 000,071,096 | ---- | M] () -- C:\Program Files\CDBurnerXP\NMSAccessU.exe

PRC - [2009/11/25 05:17:34 | 000,368,640 | ---- | M] (AMD) -- C:\Windows\System32\atieclxx.exe

PRC - [2009/11/25 05:17:04 | 000,172,032 | ---- | M] (AMD) -- C:\Windows\System32\atiesrxx.exe

PRC - [2009/10/31 07:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe

PRC - [2009/08/13 16:54:30 | 000,024,576 | ---- | M] () -- C:\Program Files\Acer\Empowering Technology\Service\ETService.exe

PRC - [2009/07/14 03:14:42 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe

PRC - [2008/09/08 12:09:40 | 000,184,320 | ---- | M] () -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe

PRC - [2008/08/04 11:16:00 | 006,265,376 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe

PRC - [2008/06/06 12:40:00 | 000,069,632 | ---- | M] () -- C:\Program Files\Common Files\Portrait Displays\Shared\DTSRVC.exe

PRC - [2008/06/04 18:59:34 | 000,090,112 | ---- | M] (Portrait Displays, Inc.) -- C:\Program Files\Common Files\Portrait Displays\Drivers\pdisrvc.exe

 

 

========== Modules (SafeList) ==========

 

MOD - [2011/04/28 15:05:12 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Philippe\Desktop\OTL.exe

MOD - [2011/04/18 19:25:09 | 000,199,792 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\snxhk.dll

MOD - [2010/08/21 07:21:32 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll

 

 

========== Win32 Services (SafeList) ==========

 

SRV - [2011/04/18 19:25:10 | 000,042,184 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)

SRV - [2010/09/16 15:06:22 | 000,080,896 | ---- | M] () [Auto | Running] -- C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe -- (PassThru Service)

SRV - [2010/09/06 09:16:58 | 000,095,568 | ---- | M] (Devguru Co., Ltd.) [Auto | Running] -- C:\Windows\System32\dgdersvc.exe -- (dgdersvc)

SRV - [2010/09/06 09:11:32 | 000,217,088 | ---- | M] (Teruten) [Auto | Running] -- C:\Windows\System32\FsUsbExService.Exe -- (FsUsbExService)

SRV - [2010/06/14 16:07:14 | 000,615,936 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)

SRV - [2010/03/04 23:38:00 | 000,071,096 | ---- | M] () [Auto | Running] -- C:\Program Files\CDBurnerXP\NMSAccessU.exe -- (NMSAccess)

SRV - [2009/11/25 05:17:04 | 000,172,032 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility)

SRV - [2009/08/21 22:10:05 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)

SRV - [2009/08/13 16:54:30 | 000,024,576 | ---- | M] () [Auto | Running] -- C:\Program Files\Acer\Empowering Technology\Service\ETService.exe -- (ETService)

SRV - [2009/07/14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)

SRV - [2009/07/14 03:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)

SRV - [2009/01/26 16:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) [Auto | Stopped] -- C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe -- (SBSDWSCService)

SRV - [2008/09/08 12:09:40 | 000,184,320 | ---- | M] () [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe -- (nSvcIp)

SRV - [2008/07/29 18:53:00 | 000,500,784 | ---- | M] (Egis Incorporated) [Disabled | Stopped] -- C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe -- (eDataSecurity Service)

SRV - [2008/06/06 12:40:00 | 000,069,632 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\Portrait Displays\Shared\DTSRVC.exe -- (DTSRVC)

SRV - [2008/06/04 18:59:34 | 000,090,112 | ---- | M] (Portrait Displays, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Portrait Displays\Drivers\pdisrvc.exe -- (PdiService)

SRV - [2008/05/20 18:50:50 | 000,269,448 | ---- | M] (CyberLink) [Disabled | Stopped] -- C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe -- (Acer HomeMedia Connect Service)

 

 

========== Driver Services (SafeList) ==========

 

DRV - [2011/04/18 19:17:46 | 000,441,176 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSnx.sys -- (aswSnx)

DRV - [2011/04/18 19:17:34 | 000,307,288 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)

DRV - [2011/04/18 19:16:18 | 000,049,240 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)

DRV - [2011/04/18 19:13:21 | 000,025,432 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr.sys -- (aswRdr)

DRV - [2011/04/18 19:13:09 | 000,053,592 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)

DRV - [2011/04/18 19:12:58 | 000,019,544 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)

DRV - [2010/09/06 09:16:58 | 000,018,120 | ---- | M] (Devguru Co., Ltd) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\dgderdrv.sys -- (dgderdrv)

DRV - [2010/09/06 09:11:32 | 000,036,640 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\FsUsbExDisk.Sys -- (FsUsbExDisk)

DRV - [2010/08/28 16:23:11 | 000,441,760 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\timntr.sys -- (timounter)

DRV - [2010/08/28 16:23:11 | 000,044,384 | ---- | M] (Acronis) [File_System | Auto | Running] -- C:\Windows\System32\drivers\tifsfilt.sys -- (tifsfilter)

DRV - [2010/08/12 13:07:48 | 000,298,216 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvmf6232.sys -- (NVNET)

DRV - [2010/07/20 12:38:24 | 000,121,576 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadmdm.sys -- (ssadmdm)

DRV - [2010/07/20 12:38:24 | 000,096,488 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadbus.sys -- (ssadbus) SAMSUNG Android USB Composite Device driver (WDM)

DRV - [2010/07/20 12:38:24 | 000,012,776 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadmdfl.sys -- (ssadmdfl) SAMSUNG Android USB Modem (Filter)

DRV - [2010/06/23 11:24:56 | 000,023,040 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\htcnprot.sys -- (htcnprot)

DRV - [2010/04/27 04:25:20 | 000,132,424 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sscdmdm.sys -- (sscdmdm)

DRV - [2010/04/27 04:25:20 | 000,104,648 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sscdbus.sys -- (sscdbus) SAMSUNG USB Composite Device driver (WDM)

DRV - [2010/04/27 04:25:20 | 000,014,920 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sscdmdfl.sys -- (sscdmdfl)

DRV - [2010/04/25 18:32:20 | 000,017,920 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvsmu.sys -- (nvsmu)

DRV - [2010/04/25 18:32:18 | 000,212,000 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\nvstor32.sys -- (nvstor32)

DRV - [2010/04/25 18:32:18 | 000,139,296 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\nvrd32.sys -- (nvrd32)

DRV - [2010/02/26 15:32:58 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)

DRV - [2010/02/26 15:32:46 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerflt.sys -- (upperdev)

DRV - [2010/02/26 15:32:44 | 000,022,528 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmbo.sys -- (nmwcdc)

DRV - [2010/02/26 15:32:44 | 000,018,176 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmb.sys -- (nmwcd)

DRV - [2009/11/25 05:51:32 | 005,143,552 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)

DRV - [2009/11/12 14:48:56 | 000,007,168 | ---- | M] () [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\StarOpen.sys -- (StarOpen)

DRV - [2009/10/26 09:54:24 | 000,025,088 | ---- | M] (HTC, Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ANDROIDUSB.sys -- (HTCAND32)

DRV - [2009/08/06 04:59:30 | 000,750,592 | ---- | M] (Ralink Technology Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\netr28u.sys -- (netr28u)

DRV - [2009/07/14 01:51:11 | 000,034,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)

DRV - [2009/03/19 22:07:10 | 000,717,296 | ---- | M] (Duplex Secure Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\Drivers\sptd.sys -- (sptd)

DRV - [2008/10/01 11:04:16 | 000,012,832 | ---- | M] (Acer, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\int15.sys -- (int15)

DRV - [2008/08/26 11:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd)

DRV - [2008/07/22 05:11:16 | 000,024,608 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\NVAMACPI.sys -- (nvamacpi)

DRV - [2008/07/07 21:32:52 | 001,050,656 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nvmfdx32.sys -- (NVENETFD)

DRV - [2008/06/04 18:59:50 | 000,017,064 | ---- | M] (Portrait Displays, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\PdiPorts.sys -- (PdiPorts)

DRV - [2007/09/12 10:20:58 | 000,046,112 | ---- | M] (LogMeIn, Inc.) [File_System | Auto | Running] -- C:\Windows\System32\drivers\LMIRfsDriver.sys -- (LMIRfsDriver)

DRV - [2006/09/24 15:28:46 | 000,005,248 | ---- | M] (Windows ® 2000 DDK provider) [Kernel | Boot | Running] -- C:\Windows\system32\speedfan.sys -- (speedfan)

DRV - [1996/04/03 21:33:26 | 000,005,248 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\system32\giveio.sys -- (giveio)

 

 

========== Standard Registry (SafeList) ==========

 

 

========== Internet Explorer ==========

 

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = MSN : Hotmail, Messenger, Bing, Actualité et Sport

 

 

IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACAW&l=040c&s=1&o=vp32&d=1208&m=aspire_m7711

IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = Acer.com Worldwide - Select your local country or region [binary data]

IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1

IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = Acer.com Worldwide - Select your local country or region [binary data]

IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer.com/rdr.aspx?b=ACAW&l=040c&s=1&o=vp32&d=1208&m=aspire_m7711

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACAW&l=040c&s=1&o=vp32&d=1208&m=aspire_m7711

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = Acer.com Worldwide - Select your local country or region [binary data]

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = Acer.com Worldwide - Select your local country or region [binary data]

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer.com/rdr.aspx?b=ACAW&l=040c&s=1&o=vp32&d=1208&m=aspire_m7711

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

 

 

IE - HKU\S-1-5-21-1776301142-913054847-3571437473-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1

IE - HKU\S-1-5-21-1776301142-913054847-3571437473-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Google

IE - HKU\S-1-5-21-1776301142-913054847-3571437473-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1

IE - HKU\S-1-5-21-1776301142-913054847-3571437473-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-1776301142-913054847-3571437473-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

 

========== FireFox ==========

 

 

FF - HKLM\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2011/04/24 16:46:36 | 000,000,000 | ---D | M]

FF - HKLM\software\mozilla\Mozilla Firefox 4.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/04/27 22:59:07 | 000,000,000 | ---D | M]

FF - HKLM\software\mozilla\Mozilla Firefox 4.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/04/27 23:06:11 | 000,000,000 | ---D | M]

 

[2010/01/02 23:07:31 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Philippe\AppData\Roaming\mozilla\Extensions

[2010/03/11 21:31:40 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Philippe\AppData\Roaming\mozilla\Firefox\Profiles\0o42spbo.default\extensions

[2011/04/24 14:14:24 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Philippe\AppData\Roaming\mozilla\Firefox\Profiles\0o42spbo.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}

[2011/04/27 22:59:07 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\mozilla firefox\extensions

[2011/04/27 17:22:01 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}

File not found (No name found) --

[2011/03/18 19:58:47 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll

[2011/04/27 17:21:56 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll

[2010/01/01 10:00:00 | 000,001,516 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-france.xml

[2010/01/01 10:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml

[2010/01/01 10:00:00 | 000,001,822 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\cnrtl-tlfi-fr.xml

[2010/01/01 10:00:00 | 000,001,154 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-france.xml

[2010/01/01 10:00:00 | 000,001,426 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-fr.xml

[2010/01/01 10:00:00 | 000,000,956 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-france.xml

 

Hosts file not found

O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll (Safer Networking Limited)

O2 - BHO: (ShowBarObj Class) - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\ActiveToolBand.dll (Egis)

O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)

O3 - HKLM\..\Toolbar: (Easy-WebPrint) - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll ()

O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)

O3 - HKU\S-1-5-21-1776301142-913054847-3571437473-1000\..\Toolbar\ShellBrowser: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477E-A7DD-396DB0476E29} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll (Egis Incorporated.)

O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)

O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)

O4 - HKLM..\Run: [HTC Sync Loader] C:\Program Files\HTC\HTC Sync 3.0\htcUPCTLoader.exe ()

O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)

O4 - HKU\S-1-5-20..\Run: [4E3E0230F5B9F1D3] File not found

O4 - HKU\S-1-5-21-1776301142-913054847-3571437473-1000..\Run: [KiesTrayAgent] C:\Program Files\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0

O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\S-1-5-21-1776301142-913054847-3571437473-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O8 - Extra context menu item: Easy-WebPrint Ajouter à la liste d'impressions - C:\Program Files\Canon\Easy-WebPrint\Resource.dll ()

O8 - Extra context menu item: Easy-WebPrint Impression rapide - C:\Program Files\Canon\Easy-WebPrint\Resource.dll ()

O8 - Extra context menu item: Easy-WebPrint Imprimer - C:\Program Files\Canon\Easy-WebPrint\Resource.dll ()

O8 - Extra context menu item: Easy-WebPrint Prévisualiser - C:\Program Files\Canon\Easy-WebPrint\Resource.dll ()

O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll (Safer Networking Limited)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - File not found

O13 - gopher Prefix: missing

O16 - DPF: {3D3B42C2-11BF-4732-A304-A01384B70D68} https://picasaweb.google.com/s/v/71.37/uploader2.cab (UploadListView Class)

O16 - DPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} http://catalog.update.microsoft.com/v7/site/ClientControl/en/x86/MuCatalogWebControl.cab?1282142814755 (MUCatalogWebControl Class)

O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} http://www.nvidia.com/content/DriverDownload/nforce/NvidiaSmartScan.cab (NVIDIA Smart Scan)

O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos-beta/OnlineScanner.cab (Reg Error: Key error.)

O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab (Facebook Photo Uploader 5 Control)

O16 - DPF: {83A4D5A6-E2C1-4EDD-AD48-1A1C50BD06EF} http://www.photoweb.fr/telechargement/telechargement-photoweb-6.5.6.cab (Image Uploader Control)

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)

O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Value error.)

O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)

O16 - DPF: {FD3FF62E-61A7-48EE-A4A4-97CE7BD1F99D} https://vpnssl.cea.fr/postauthACC/SodaAgent.CAB (SodaAgt Class)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 212.27.40.240 212.27.40.241

O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)

O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)

O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\PROGRA~1\COMMON~1\MICROS~1\WEBCOM~1\10\OWC10.DLL (Microsoft Corporation)

O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)

O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found

O20 - Winlogon\Notify\NavLogon: DllName - Reg Error: Value error. - Reg Error: Value error. File not found

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.

O24 - Desktop WallPaper:

O24 - Desktop BackupWallPaper:

O32 - HKLM CDRom: AutoRun - 1

O34 - HKLM BootExecute: (autocheck autochk *) - File not found

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O35 - HKU\S-1-5-21-1776301142-913054847-3571437473-1000..exefile [open] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

O37 - HKU\S-1-5-21-1776301142-913054847-3571437473-1000\...exe [@ = exefile] -- "%1" %*

 

========== Files/Folders - Created Within 30 Days ==========

 

[2011/04/28 15:05:08 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Users\Philippe\Desktop\OTL.exe

[2011/04/28 15:02:03 | 000,000,000 | R--D | C] -- C:\32788R22FWJFW

[2011/04/27 23:15:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WhoCrashed

[2011/04/27 23:15:56 | 000,000,000 | ---D | C] -- C:\Program Files\WhoCrashed

[2011/04/27 20:46:50 | 000,000,000 | ---D | C] -- C:\Users\Philippe\DoctorWeb

[2011/04/27 18:12:47 | 000,000,000 | ---D | C] -- C:\ProgramData\NOS

[2011/04/27 18:12:47 | 000,000,000 | ---D | C] -- C:\Program Files\NOS

[2011/04/27 17:44:30 | 000,000,000 | ---D | C] -- C:\Users\Philippe\Pavark

[2011/04/27 17:22:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun

[2011/04/27 17:22:08 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java

[2011/04/27 17:22:00 | 000,472,808 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\deployJava1.dll

[2011/04/27 17:22:00 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe

[2011/04/27 17:22:00 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe

[2011/04/27 17:22:00 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe

[2011/04/27 17:21:55 | 000,000,000 | ---D | C] -- C:\Program Files\Java

[2011/04/26 22:27:16 | 000,000,000 | ---D | C] -- C:\Users\Philippe\Desktop\Starter

[2011/04/26 15:18:48 | 000,000,000 | ---D | C] -- C:\Users\Philippe\AppData\Roaming\Ovot

[2011/04/26 15:18:48 | 000,000,000 | ---D | C] -- C:\Users\Philippe\AppData\Roaming\Bozeoz

[2011/04/24 21:36:58 | 000,000,000 | ---D | C] -- C:\FyK

[2011/04/24 20:30:45 | 000,401,720 | ---- | C] (Trend Micro Inc.) -- C:\Users\Philippe\Desktop\HiJackThis.exe

[2011/04/24 16:46:41 | 000,307,288 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswSP.sys

[2011/04/24 16:46:41 | 000,019,544 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswFsBlk.sys

[2011/04/24 16:46:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Free Antivirus

[2011/04/24 16:46:40 | 000,441,176 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswSnx.sys

[2011/04/24 16:46:40 | 000,053,592 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswMonFlt.sys

[2011/04/24 16:46:40 | 000,049,240 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswTdi.sys

[2011/04/24 16:46:40 | 000,025,432 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswRdr.sys

[2011/04/24 16:46:35 | 000,199,304 | ---- | C] (AVAST Software) -- C:\Windows\System32\aswBoot.exe

[2011/04/24 16:46:35 | 000,040,112 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr

[2011/04/24 16:46:30 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software

[2011/04/24 16:46:30 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software

[2011/04/24 14:18:26 | 000,000,000 | ---D | C] -- C:\Windows\Minidump

[2011/04/16 22:35:04 | 000,000,000 | ---D | C] -- C:\Program Files\Nero

[2011/04/15 21:22:24 | 000,000,000 | R--D | C] -- C:\Users\Philippe\Dropbox

[2011/04/15 21:20:51 | 000,000,000 | ---D | C] -- C:\Users\Philippe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox

[2011/04/15 21:20:40 | 000,000,000 | ---D | C] -- C:\Users\Philippe\AppData\Roaming\Dropbox

[2008/10/31 14:57:25 | 000,049,152 | ---- | C] ( ) -- C:\Windows\Interop.IWshRuntimeLibrary.dll

 

========== Files - Modified Within 30 Days ==========

 

[2011/04/28 15:05:12 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Philippe\Desktop\OTL.exe

[2011/04/28 15:03:38 | 000,001,054 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job

[2011/04/28 15:03:27 | 000,000,306 | -HS- | M] () -- C:\Windows\tasks\rpqvpimpt.job

[2011/04/28 15:03:09 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat

[2011/04/28 15:02:58 | 3488,849,920 | -HS- | M] () -- C:\hiberfil.sys

[2011/04/28 14:44:38 | 000,010,896 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

[2011/04/28 14:44:38 | 000,010,896 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

[2011/04/28 14:41:43 | 000,704,242 | ---- | M] () -- C:\Windows\System32\perfh00C.dat

[2011/04/28 14:41:43 | 000,615,810 | ---- | M] () -- C:\Windows\System32\perfh009.dat

[2011/04/28 14:41:43 | 000,130,548 | ---- | M] () -- C:\Windows\System32\perfc00C.dat

[2011/04/28 14:41:43 | 000,106,190 | ---- | M] () -- C:\Windows\System32\perfc009.dat

[2011/04/28 14:31:59 | 004,332,172 | ---- | M] () -- C:\Users\Philippe\Desktop\ComboFix.exe

[2011/04/28 14:31:42 | 000,050,477 | ---- | M] () -- C:\Users\Philippe\Desktop\Defogger.exe

[2011/04/28 13:45:12 | 000,002,596 | ---- | M] () -- C:\Users\Philippe\Desktop\DrWeb total.csv

[2011/04/28 00:52:43 | 000,000,188 | -HS- | M] () -- C:\Windows\setup_9.0.0.722_28.04.2011_00-08drv.spi

[2011/04/27 23:16:10 | 000,027,681 | ---- | M] () -- C:\Users\Philippe\AppData\Local\Temp20.html

[2011/04/27 23:15:58 | 000,001,667 | ---- | M] () -- C:\Users\Philippe\AppData\Local\Temp1.html

[2011/04/27 23:06:12 | 000,001,993 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk

[2011/04/27 22:59:25 | 000,001,849 | ---- | M] () -- C:\Users\Philippe\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk

[2011/04/27 22:59:08 | 000,001,096 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk

[2011/04/27 22:58:06 | 000,000,090 | ---- | M] () -- C:\Users\Philippe\Desktop\DrWeb2.csv

[2011/04/27 21:33:57 | 000,000,152 | ---- | M] () -- C:\Users\Philippe\Desktop\DrWeb.csv

[2011/04/27 20:46:23 | 060,834,256 | ---- | M] () -- C:\Users\Philippe\Desktop\x4azzb89.exe

[2011/04/27 17:21:56 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\deployJava1.dll

[2011/04/27 17:21:56 | 000,157,472 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe

[2011/04/27 17:21:56 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe

[2011/04/27 17:21:56 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe

[2011/04/27 12:27:42 | 000,000,020 | ---- | M] () -- C:\Users\Philippe\defogger_reenable

[2011/04/26 20:21:07 | 000,054,016 | ---- | M] () -- C:\Windows\System32\drivers\vmjj.sys

[2011/04/26 15:41:35 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin

[2011/04/25 17:02:39 | 000,879,081 | ---- | M] () -- C:\Users\Philippe\Desktop\SecurityCheck.exe

[2011/04/24 20:30:48 | 000,401,720 | ---- | M] (Trend Micro Inc.) -- C:\Users\Philippe\Desktop\HiJackThis.exe

[2011/04/24 19:26:14 | 000,000,037 | ---- | M] () -- C:\Windows\wininit.ini

[2011/04/24 16:46:42 | 000,001,998 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk

[2011/04/24 16:46:40 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt

[2011/04/24 14:33:42 | 000,098,304 | RHS- | M] () -- C:\Windows\System32\config3.dll

[2011/04/18 19:25:12 | 000,040,112 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr

[2011/04/18 19:25:10 | 000,199,304 | ---- | M] (AVAST Software) -- C:\Windows\System32\aswBoot.exe

[2011/04/18 19:17:46 | 000,441,176 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswSnx.sys

[2011/04/18 19:17:34 | 000,307,288 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswSP.sys

[2011/04/18 19:16:18 | 000,049,240 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswTdi.sys

[2011/04/18 19:13:21 | 000,025,432 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswRdr.sys

[2011/04/18 19:13:09 | 000,053,592 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswMonFlt.sys

[2011/04/18 19:12:58 | 000,019,544 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswFsBlk.sys

[2011/04/15 21:32:11 | 177,620,002 | ---- | M] () -- C:\Users\Philippe\Desktop\Thierry.MOV

[2011/04/15 21:22:24 | 000,001,008 | ---- | M] () -- C:\Users\Philippe\Desktop\Dropbox.lnk

[2011/04/11 21:57:28 | 000,000,060 | ---- | M] () -- C:\Windows\wpd99.drv

[2011/04/11 21:52:55 | 000,090,653 | ---- | M] () -- C:\Users\Philippe\Desktop\tv pix.pdf

[2011/03/31 21:52:15 | 000,000,040 | ---- | M] () -- C:\Windows\System32\profile.dat

[2011/03/31 21:32:05 | 000,000,000 | ---- | M] () -- C:\Windows\vpc32.INI

 

========== Files Created - No Company Name ==========

 

[2011/04/28 14:31:42 | 000,050,477 | ---- | C] () -- C:\Users\Philippe\Desktop\Defogger.exe

[2011/04/28 14:31:33 | 004,332,172 | ---- | C] () -- C:\Users\Philippe\Desktop\ComboFix.exe

[2011/04/28 13:45:12 | 000,002,596 | ---- | C] () -- C:\Users\Philippe\Desktop\DrWeb total.csv

[2011/04/27 23:16:10 | 000,027,681 | ---- | C] () -- C:\Users\Philippe\AppData\Local\Temp20.html

[2011/04/27 23:15:58 | 000,001,667 | ---- | C] () -- C:\Users\Philippe\AppData\Local\Temp1.html

[2011/04/27 23:06:12 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk

[2011/04/27 23:06:12 | 000,001,993 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk

[2011/04/27 22:59:08 | 000,001,108 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk

[2011/04/27 22:59:08 | 000,001,096 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk

[2011/04/27 22:58:06 | 000,000,090 | ---- | C] () -- C:\Users\Philippe\Desktop\DrWeb2.csv

[2011/04/27 21:32:11 | 000,000,152 | ---- | C] () -- C:\Users\Philippe\Desktop\DrWeb.csv

[2011/04/27 20:43:11 | 060,834,256 | ---- | C] () -- C:\Users\Philippe\Desktop\x4azzb89.exe

[2011/04/27 12:27:28 | 000,000,020 | ---- | C] () -- C:\Users\Philippe\defogger_reenable

[2011/04/27 07:03:26 | 000,001,054 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job

[2011/04/26 20:21:07 | 000,054,016 | ---- | C] () -- C:\Windows\System32\drivers\vmjj.sys

[2011/04/26 14:05:10 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin

[2011/04/25 17:02:36 | 000,879,081 | ---- | C] () -- C:\Users\Philippe\Desktop\SecurityCheck.exe

[2011/04/24 16:46:42 | 000,001,998 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk

[2011/04/24 16:36:07 | 000,000,037 | ---- | C] () -- C:\Windows\wininit.ini

[2011/04/24 14:33:42 | 000,098,304 | RHS- | C] () -- C:\Windows\System32\config3.dll

[2011/04/24 14:33:42 | 000,000,306 | -HS- | C] () -- C:\Windows\tasks\rpqvpimpt.job

[2011/04/15 21:32:10 | 177,620,002 | ---- | C] () -- C:\Users\Philippe\Desktop\Thierry.MOV

[2011/04/15 21:22:24 | 000,001,008 | ---- | C] () -- C:\Users\Philippe\Desktop\Dropbox.lnk

[2011/04/11 21:52:53 | 000,090,653 | ---- | C] () -- C:\Users\Philippe\Desktop\tv pix.pdf

[2011/03/31 21:32:05 | 000,000,000 | ---- | C] () -- C:\Windows\vpc32.INI

[2010/11/20 18:58:33 | 000,110,592 | ---- | C] () -- C:\Windows\System32\FsUsbExDevice.Dll

[2010/11/20 18:58:33 | 000,036,640 | ---- | C] () -- C:\Windows\System32\FsUsbExDisk.Sys

[2010/09/06 09:19:40 | 000,974,848 | ---- | C] () -- C:\Windows\System32\cis-2.4.dll

[2010/09/06 09:19:40 | 000,081,920 | ---- | C] () -- C:\Windows\System32\issacapi_bs-2.3.dll

[2010/09/06 09:19:40 | 000,065,536 | ---- | C] () -- C:\Windows\System32\issacapi_pe-2.3.dll

[2010/09/06 09:19:40 | 000,057,344 | ---- | C] () -- C:\Windows\System32\issacapi_se-2.3.dll

[2010/08/18 21:40:24 | 000,013,931 | ---- | C] () -- C:\Windows\System32\RaCoInst.dat

[2010/07/24 16:03:00 | 000,000,571 | ---- | C] () -- C:\Windows\System32\FeMakro.ini

[2010/07/24 16:03:00 | 000,000,497 | ---- | C] () -- C:\Windows\System32\FeAnim.ini

[2010/06/15 23:28:42 | 000,007,168 | ---- | C] () -- C:\Windows\System32\drivers\StarOpen.sys

[2010/04/25 16:53:43 | 000,000,017 | ---- | C] () -- C:\Users\Philippe\AppData\Local\resmon.resmoncfg

[2010/02/09 23:06:43 | 000,003,584 | ---- | C] () -- C:\Users\Philippe\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2010/01/03 01:35:13 | 000,698,897 | ---- | C] () -- C:\Windows\unins000.exe

[2010/01/03 01:35:13 | 000,008,410 | ---- | C] () -- C:\Windows\unins000.dat

[2010/01/02 23:22:21 | 000,022,064 | ---- | C] () -- C:\Windows\System32\emptyregdb.dat

[2010/01/02 22:43:47 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin

[2009/10/22 17:59:00 | 000,196,565 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat

[2009/08/20 08:36:33 | 000,000,040 | ---- | C] () -- C:\Windows\INTER.INI

[2009/08/20 08:35:27 | 000,284,160 | ---- | C] () -- C:\Windows\unin040c.exe

[2009/07/14 10:39:49 | 000,704,242 | ---- | C] () -- C:\Windows\System32\perfh00C.dat

[2009/07/14 10:39:49 | 000,344,522 | ---- | C] () -- C:\Windows\System32\perfi00C.dat

[2009/07/14 10:39:49 | 000,130,548 | ---- | C] () -- C:\Windows\System32\perfc00C.dat

[2009/07/14 10:39:49 | 000,038,160 | ---- | C] () -- C:\Windows\System32\perfd00C.dat

[2009/07/14 06:57:37 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat

[2009/07/14 06:33:53 | 001,724,544 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT

[2009/07/14 04:05:48 | 000,615,810 | ---- | C] () -- C:\Windows\System32\perfh009.dat

[2009/07/14 04:05:48 | 000,291,294 | ---- | C] () -- C:\Windows\System32\perfi009.dat

[2009/07/14 04:05:48 | 000,106,190 | ---- | C] () -- C:\Windows\System32\perfc009.dat

[2009/07/14 04:05:48 | 000,031,548 | ---- | C] () -- C:\Windows\System32\perfd009.dat

[2009/07/14 04:05:05 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT

[2009/07/14 04:04:11 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat

[2009/07/14 01:55:01 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin

[2009/07/14 01:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll

[2009/07/14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll

[2009/06/10 23:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat

[2009/05/16 14:53:35 | 000,000,028 | ---- | C] () -- C:\Windows\pdf995.ini

[2009/05/16 14:51:43 | 000,000,060 | ---- | C] () -- C:\Windows\wpd99.drv

[2009/05/16 14:51:42 | 000,051,716 | ---- | C] () -- C:\Windows\System32\pdf995mon.dll

[2009/04/05 18:54:36 | 000,008,704 | ---- | C] () -- C:\Windows\System32\CNMVS78.DLL

[2009/04/02 22:28:31 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat

[2009/03/10 00:03:43 | 000,000,382 | ---- | C] () -- C:\Windows\ODBC.INI

[2009/03/09 23:53:24 | 000,000,040 | ---- | C] () -- C:\Windows\NAVIGMA.INI

[2009/03/09 01:19:25 | 000,000,000 | ---- | C] () -- C:\Windows\COMPANIONAPP.INI

[2009/03/09 00:47:13 | 000,000,000 | ---- | C] () -- C:\Windows\OpPrintServer.INI

[2009/03/07 23:32:10 | 000,000,000 | ---- | C] () -- C:\Windows\JCMKR32.INI

[2009/03/07 16:41:25 | 000,000,040 | ---- | C] () -- C:\Windows\System32\profile.dat

[2009/03/07 16:22:46 | 000,002,304 | ---- | C] () -- C:\Windows\System32\Machnm32.sys

[2009/02/18 18:55:22 | 000,294,912 | ---- | C] () -- C:\Windows\System32\ATIODE.exe

[2009/02/03 21:52:04 | 000,045,056 | ---- | C] () -- C:\Windows\System32\ATIODCLI.exe

[2008/12/23 13:33:11 | 000,000,044 | ---- | C] () -- C:\Windows\Acer(Normal).ini

[2008/12/23 13:33:11 | 000,000,042 | ---- | C] () -- C:\Windows\Acer(Wide).ini

[2008/10/31 06:45:08 | 000,001,024 | RH-- | C] () -- C:\Windows\System32\NTIOFM4.dll

[2008/10/31 06:45:08 | 000,001,024 | RH-- | C] () -- C:\Windows\System32\NTIBUN5.dll

[2008/10/31 06:35:00 | 000,487,424 | ---- | C] () -- C:\Windows\System32\INT15.dll

[2008/10/31 06:26:43 | 000,004,984 | R--- | C] () -- C:\Windows\System32\drivers\nvphy.bin

[2001/12/26 17:12:30 | 000,065,536 | ---- | C] () -- C:\Windows\System32\multiplex_vcd.dll

[2001/09/04 00:46:38 | 000,110,592 | ---- | C] () -- C:\Windows\System32\Hmpg12.dll

[2001/07/30 17:33:56 | 000,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC.dll

[2001/07/23 23:04:36 | 000,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC_MMX.dll

[1996/04/03 21:33:26 | 000,005,248 | ---- | C] () -- C:\Windows\System32\giveio.sys

 

< End of report >

[Philoo]

Par contre toujours pas de rapport extras... c'est indiqué run 7 ... Il était peut-être pas si bien désinstaller que ça hier.

Par contre, pour combofix, est-ce que ça vaut le coup que je le lance à partir d'un live cd (pas windows 7), déjà utiliser pour dépanner la famille sur une infection qui avait vérolé le pilote clavier... ou non ?

[Philoo]

Youpi

J'ai le rapport extras.txt

Avec purge outils ça me l'a désinstallé correctement...

 

OTL Extras logfile created on: 28/04/2011 15:33:21 - Run 1

OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\Philippe\Desktop

Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation

Internet Explorer (Version = 8.0.7600.16385)

Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

 

3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 72,00% Memory free

6,00 Gb Paging File | 5,00 Gb Available in Paging File | 84,00% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files

Drive C: | 232,59 Gb Total Space | 120,85 Gb Free Space | 51,96% Space Free | Partition Type: NTFS

Drive D: | 596,17 Gb Total Space | 531,39 Gb Free Space | 89,13% Space Free | Partition Type: NTFS

Drive E: | 348,93 Gb Total Space | 347,56 Gb Free Space | 99,61% Space Free | Partition Type: NTFS

 

Computer Name: PC | User Name: Philippe | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

 

========== Extra Registry (SafeList) ==========

 

 

========== File Associations ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)

.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

 

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]

 

========== Shell Spawning ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)

exefile [open] -- "%1" %*

helpfile [open] -- Reg Error: Key error.

hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)

inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()

Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)

Directory [Digital Photo Professional] -- C:\Program Files\Canon\Digital Photo Professional\DPPViewer.exe /path "%1" (CANON INC.)

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Directory [Pixum EasyBook] -- "C:\Program Files\Pixum\Pixum EasyBook\Pixum EasyBook.exe" "%1" ()

Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()

Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [explore] -- Reg Error: Value error.

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

 

========== Security Center Settings ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"cval" = 1

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

"VistaSp1" = Reg Error: Unknown registry data type -- File not found

"AntiVirusOverride" = 0

"AntiSpywareOverride" = 0

"FirewallOverride" = 0

 

========== System Restore Settings ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]

"DisableSR" = 0

 

========== Firewall Settings ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

"DisableNotifications" = 0

"EnableFirewall" = 1

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

"DisableNotifications" = 0

"EnableFirewall" = 1

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]

"DisableNotifications" = 0

"EnableFirewall" = 1

 

========== Authorized Applications List ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

 

 

========== HKEY_LOCAL_MACHINE Uninstall List ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{0017A998-81D6-3C60-37BA-CC0270227FE4}" = CCC Help Norwegian

"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148

"{0046FA01-C5B9-4985-BACB-398DC480FC05}" = Adobe Photoshop CS3

"{0217E1D1-BCEF-4A61-AF6D-F7740F65A066}" = Pivot Software

"{04AF207D-9A77-465A-8B76-991F6AB66245}" = Adobe Help Viewer CS3

"{05308138-2A97-6457-DEFD-A9DAA0A4BB6B}" = Catalyst Control Center Localization Spanish

"{089DD780-DB3F-4CDB-A0C2-111360247298}" = PC Connectivity Solution

"{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting

"{0AD63F91-AC37-E543-AB30-2E31F101C6FD}" = Skins

"{0DD140D3-9563-481E-AA75-BA457CBDAEF2}" = PC Inspector File Recovery

"{0DEA342C-15CB-4F52-97B6-06A9C4B9C06F}" = SDK

"{0F5B4A82-9DAF-3D13-8CB8-AEB25E4A614E}" = Microsoft .NET Framework 4 Client Profile FRA Language Pack

"{1294D937-4D0A-2481-0AE5-713E10803544}" = CCC Help Japanese

"{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now Standard

"{132888AE-EF67-41C5-BCA2-7D5D2488AB63}" = Acer HomeMedia Connect

"{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}" = Adobe WinSoft Linguistics Plugin

"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser

"{1B9B5B3B-28E7-4E59-A80D-D670AA984514}" = Nokia Connectivity Cable Driver

"{1D0FDD6D-3C5E-4588-8ED0-02DC88014BF2}" = Upgrade Kit

"{1EFAA3FF-06D7-463A-0116-5AF5A9801BC3}" = Catalyst Control Center Localization Swedish

"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Outil de téléchargement Windows Live

"{212748BB-0DA5-46DE-82A1-403736DC9F27}" = MSVC80_x86

"{216AB108-2AE1-4130-B3D5-20B2C4C80F8F}" = QuickTime

"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT

"{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8

"{26163681-B371-4C9B-873B-9250E96FE6CD}" = LUHotFix

"{26A24AE4-039D-4CA4-87B4-2F83216024FF}" = Java 6 Update 24

"{28FA3609-B6E2-4BCA-B089-F5122AC417C5}" = Belkin N Wireless USB Adapter Setup

"{29E5EA97-5F74-4A57-B8B2-D4F169117183}" = Adobe Stock Photos CS3

"{2C11389D-7D84-25A8-6511-EDAC3C894CDF}" = Catalyst Control Center Localization Norwegian

"{31A559C1-9E4D-423B-9DD3-34A6C5398752}" = HTC BMP USB Driver

"{3474C36B-005C-5D61-3806-319C9F22B014}" = Catalyst Control Center Localization Finnish

"{3510C83C-0103-D6A6-42E2-2393D95E130A}" = Catalyst Control Center Graphics Full New

"{3594EE90-B157-4519-9E82-8B6F4711A0A1}" = Catalyst Control Center - Branding

"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform

"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile

"{3EE51BAD-9916-49C7-90BA-3D500B031E0C}_is1" = VSO Image Resizer 2.1.7.4

"{41581EF5-45A7-11DA-9D78-000129760D75}" = Acer SlideShow DVD

"{465E6ED3-E9C8-0578-2EAF-14306B537947}" = Catalyst Control Center Core Implementation

"{46ABBC54-1872-4AA3-95E2-F2C063A63F31}" = Installation Windows Live

"{46C045BF-2B3F-4BC4-8E4C-00E0CF8BD9DB}" = Adobe AIR

"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater

"{51846830-E7B2-4218-8968-B77F0FF475B8}" = Adobe Color EU Extra Settings

"{51BB0AA0-424C-67E9-0F3D-8A950B591FC0}" = ccc-utility

"{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3

"{5506C4D6-B86C-841A-C8FB-C0A1778DE588}" = Catalyst Control Center Localization Danish

"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml

"{57634571-FD82-4BEC-B822-A1ED7765474F}_is1" = SmartLauncher

"{5903BD7F-67A1-3EB7-1E38-D8E916DA18C6}" = CCC Help Dutch

"{5B4383F2-37EE-4E97-AD81-F5FF76F286DA}" = OutlookAddInNet3Setup

"{64D7A8CF-A1C5-F905-437F-E71DB9C20318}" = CCC Help Spanish

"{675F649A-1775-7D59-0724-906116A4FA41}" = Catalyst Control Center Localization Italian

"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update

"{6ABE0BEE-D572-4FE8-B434-9E72A289431B}" = Adobe Fonts All

"{6B1CB38D-E2E4-4a30-933D-EFDEBA76AD9C}" = Microsoft Works

"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2

"{6D6664A9-3342-4948-9B7E-034EFE366F0F}" = HTC Driver Installer

"{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}" = Adobe Asset Services CS3

"{70080BD1-A2DE-E4B2-AB57-4C1A940BCC72}" = Catalyst Control Center Localization German

"{70E8EBD5-78C9-4258-B20A-5098CCA000F0}" = Dolby Control Center

"{72552C46-944B-4E16-BBC8-0D85F31C1800}" = Aventail Access Manager

"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable

"{739941B6-3C0F-290A-0B76-08C7CEA6F0F3}" = Catalyst Control Center InstallProxy

"{74656168-CF28-40BD-9D87-700B07BAF9B6}" = HTC Sync

"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

"{770F1BEC-2871-4E70-B837-FB8525FFA3B1}" = Windows Live Messenger

"{79DD56FC-DB8B-47F5-9C80-78B62E05F9BC}" = Acer ScreenSaver

"{7CFA46E3-CC2F-4355-82AE-6012DC3633FD}" = NVIDIA ForceWare Network Access Manager

"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP

"{802771A9-A856-4A41-ACF7-1450E523C923}" = Adobe XMP Panels CS3

"{81B109ED-6ECA-49FF-9238-8E31FA5DB1A9}_is1" = RescuePRO 3.4.0.34

"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110111700}" = Zuma Deluxe

"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11029123}" = Bricks of Egypt

"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110322783}" = Big Kahuna Reef

"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110411970}" = Chuzzle

"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111118433}" = Mystery Case Files - Huntsville

"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111199750}" = Cake Mania

"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111252743}" = Mahjong Escape Ancient China

"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111324990}" = Kick N Rush

"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111543617}" = Backspin Billiards

"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111692950}" = Mahjongg Artifacts

"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111771833}" = Jewel Quest Solitaire

"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111796363}" = Mystery Solitaire - Secret Island

"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111872660}" = Diner Dash Flo on the Go

"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112531267}" = Chicken Invaders 3

"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112615863}" = Agatha Christie Death on the Nile

"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112920767}" = Alice Greenfingers

"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113009953}" = Turbo Pizza

"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113080210}" = Azada

"{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}" = Windows Live Call

"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable

"{83A0E37B-17DF-161A-7D5F-6CEB5B59D8C5}" = CCC Help French

"{87BB78C4-F36D-4D93-A7C7-F80F18219848}" = AMD DnD V1.0.19

"{887B7708-C997-4CD9-B3F6-270B97633CD2}" = Micro Application - Faire-part 2006

"{895B75F0-0EDA-6CC3-03FA-18068BC27ED4}" = Catalyst Control Center Localization Dutch

"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3

"{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}" = Adobe Type Support

"{8F1B6239-FEA0-450A-A950-B05276CE177C}" = Acer Empowering Technology

"{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3

"{9028040C-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Professional avec FrontPage

"{934528B2-09B3-C6E5-288A-4E554E6DF2B9}" = ATI Catalyst Install Manager

"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting

"{95655ED4-7CA5-46DF-907F-7144877A32E5}" = Adobe Color NA Recommended Settings

"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

"{9B0B46B3-10DF-4ADA-9501-0129D784563D}" = Aventail Web Proxy Agent

"{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3

"{9CF9ED6F-4AAC-DF47-0B98-D77B44F8FE58}" = CCC Help English

"{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}" = Adobe CMaps

"{A2D81E70-2A98-4A08-A628-94388B063C5E}" = Adobe Color - Photoshop Specific

"{A5633652-3795-4829-BB0B-644F0279E279}" = Acer eDataSecurity Management

"{A586DC50-B18D-48FB-B7CC-A598200457C2}" = Acer eDisplay Management

"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper

"{AA4BF92B-2AAF-11DA-9D78-000129760D75}" = Acer HomeMedia

"{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}" = PDF Settings

"{AC76BA86-7AD7-1036-7B44-AA0000000001}" = Adobe Reader X (10.0.1) - Français

"{B145EC69-66F5-11D8-9D75-000129760D75}" = Acer DVDivine

"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0

"{B3DAF54F-DB25-4586-9EF1-96D24BB14088}" = Windows Movie Maker 2.6

"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy

"{B580C409-E16F-44FF-904D-3AE94E113BE0}" = Acer HomeMedia Trial Creator

"{B69991AB-BE6D-C759-B3BC-5D318753592E}" = CCC Help Swedish

"{B9B02A9E-8074-4C3F-AAE5-311528F34FED}" = NTI Photo Maker Hot Fix

"{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}" = Adobe Default Language CS3

"{C06EFB22-B5DB-46C5-9215-BCB5C19C0858}" = LauncherMA

"{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}" = Adobe ExtendScript Toolkit 2

"{C3F677EC-AC3C-22AD-FF91-1FF1918CB182}" = Catalyst Control Center Localization Japanese

"{C768790F-04FB-11E0-9B2C-001AA037B01E}" = Google Earth

"{C885D139-5092-D20B-EC30-3FCAF3AC3EF2}" = CCC Help Danish

"{CE386A4E-D0DA-4208-8235-BCE43275C694}" = LightScribe 1.4.142.1

"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones

"{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client

"{D1BB4446-AE9C-4256-9A7F-4D46604D2462}" = Adobe Setup

"{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}" = Adobe PDF Library Files

"{D6CD26FD-CD7F-4C86-96A3-EEBFABE5FE47}" = Kies

"{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}" = Adobe Color Common Settings

"{DC24971E-1946-445D-8A82-CE685433FA7D}" = Realtek USB 2.0 Card Reader

"{DCE8CD14-FBF5-4464-B9A4-E18E473546C7}" = Assistant de connexion Windows Live

"{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}" = Adobe Color JA Extra Settings

"{DDA223A7-627F-4173-9CA4-A9C531BCBB62}" = NTI JewelCase Maker Hot Fix

"{E0326792-4269-7E77-2CA0-FAE03F45A388}" = Catalyst Control Center Graphics Previews Vista

"{E0E21795-C479-927B-AE38-968CDBC932EF}" = ccc-core-static

"{E40096C5-F047-C5A9-7119-A4DFB0DE0775}" = Catalyst Control Center Localization French

"{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3

"{ED854376-A148-5760-598B-EF3EFD647222}" = Catalyst Control Center Graphics Full Existing

"{EFBDC2B0-FAA8-4B78-8DE1-AEBE7958FA37}" = Acer Arcade Live Main Page

"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard

"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver

"{F2F704C8-0B59-A3B3-D69B-805D06629B08}" = CCC Help Italian

"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)

"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01

"{F6EFFB76-4A07-11DA-9D78-000129760D75}" = Acer DV Magician

"{F79A208D-D929-11D9-9D77-000129760D75}" = Acer VideoMagician

"{F8C7A3FD-81B8-E9F1-7989-D138A7D59047}" = Catalyst Control Center Graphics Light

"{FD06CF26-F9DB-C201-B3B0-6155DAB99514}" = CCC Help German

"{FD3D5956-1F39-9DA1-5780-4749847B965A}" = CCC Help Finnish

"504244733D18C8F63FF584AEB290E3904E791693" = Package de pilotes Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0)

"Acer GameZone Console_is1" = Acer GameZone Console DTV 2.0.1.1

"Adobe AIR" = Adobe AIR

"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX

"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin

"Adobe_2ac78060bc5856b0c1cf873bb919b58" = Adobe Photoshop CS3

"avast" = avast! Free Antivirus

"CameraWindowDC" = Canon Utilities CameraWindow DC

"CameraWindowDVC6" = Canon Utilities CameraWindow DC_DV 6 for ZoomBrowser EX

"CameraWindowLauncher" = Canon Utilities CameraWindow

"CANON iMAGE GATEWAY Task" = CANON iMAGE GATEWAY Task for ZoomBrowser EX

"Canon Internet Library for ZoomBrowser EX" = Canon Internet Library for ZoomBrowser EX

"Canon RAW Codec" = Canon RAW Codec

"Canon Setup Utility 2.0" = Canon Setup Utility 2.0

"CANONBJ_Deinstall_CNMCP78.DLL" = Canon iP4200

"DPP" = Canon Utilities Digital Photo Professional 3.5

"Easy-PhotoPrint" = Canon Utilities Easy-PhotoPrint

"Easy-PrintToolBox" = Canon Utilities Easy-PrintToolBox

"Easy-WebPrint" = Easy-WebPrint

"EOS Utility" = Canon Utilities EOS Utility

"EVEREST Home Edition_is1" = EVEREST Home Edition v2.20

"FileZilla Client" = FileZilla Client 3.2.2.1

"FreeCommander_is1" = FreeCommander 2009.02a

"Freeplayer" = Freeplayer

"HijackThis" = HijackThis 2.0.2

"InstallShield_{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now 5

"InstallShield_{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8

"InstallShield_{7CFA46E3-CC2F-4355-82AE-6012DC3633FD}" = NVIDIA ForceWare Network Access Manager

"InstallShield_{B9B02A9E-8074-4C3F-AAE5-311528F34FED}" = NTI Photo Maker Hot Fix

"InstallShield_{D6CD26FD-CD7F-4C86-96A3-EEBFABE5FE47}" = Kies

"InstallShield_{DDA223A7-627F-4173-9CA4-A9C531BCBB62}" = NTI JewelCase Maker Hot Fix

"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware

"MediaNavigation.CDLabelPrint" = CD-LabelPrint

"Microsoft .NET Framework 3.5 Language Pack SP1 - fra" = Module linguistique Microsoft .NET Framework 3.5 SP1- fra

"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile

"Microsoft .NET Framework 4 Client Profile FRA Language Pack" = Module linguistique Microsoft .NET Framework 4 Client Profile FRA

"Mozilla Firefox 4.0 (x86 fr)" = Mozilla Firefox 4.0 (x86 fr)

"MyCamera" = Canon Utilities MyCamera

"MyCameraDC" = Canon Utilities MyCamera DC

"NVIDIA Drivers" = NVIDIA Drivers

"Original Data Security Tools" = Canon Utilities Original Data Security Tools

"Pdf995" = Pdf995

"Permis de construire Expert CAD_is1" = Permis de construire Expert CAD

"PhotoRecord Gold" = Canon PhotoRecord Gold

"PhotoStitch" = Canon Utilities PhotoStitch

"Picture Style Editor" = Canon Utilities Picture Style Editor

"Pixum EasyBook" = Pixum EasyBook

"RAW Image Task" = Canon RAW Image Task for ZoomBrowser EX

"RemoteCaptureDC" = Canon Utilities RemoteCapture DC

"RemoteCaptureTask" = Canon Utilities RemoteCapture Task for ZoomBrowser EX

"SpeedFan" = SpeedFan (remove only)

"VLC media player" = VLC media player 1.1.7

"WhoCrashed_is1" = WhoCrashed 3.01

"WinLiveSuite_Wave3" = Installation Windows Live

"WinRAR archiver" = Logiciel d'archivage WinRAR

"WMInstall_is1" = WMInstall

"ZoomBrowser EX" = Canon Utilities ZoomBrowser EX

"ZoomBrowser EX Memory Card Utility" = Canon ZoomBrowser EX Memory Card Utility

 

========== HKEY_CURRENT_USER Uninstall List ==========

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{72552C46-944B-4E16-BBC8-0D85F31C1800}" = Aventail Access Manager

"Dropbox" = Dropbox

 

========== Last 10 Event Log Errors ==========

 

[ Application Events ]

Error - 28/04/2011 02:00:26 | Computer Name = PC | Source = SideBySide | ID = 16842785

Description = La création du contexte d’activation a échoué pour « C:\Program Files\Acer\Empowering

Technology\eDataSecurity\x64\eDScsp.exe ». Assembly dépendant Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"

introuvable. Utilisez sxstrace.exe pour un diagnostic détaillé.

 

Error - 28/04/2011 02:00:35 | Computer Name = PC | Source = SideBySide | ID = 16842785

Description = La création du contexte d’activation a échoué pour « C:\Program Files\Acer\Empowering

Technology\eDataSecurity\x64\eDStbmngr.exe ». Assembly dépendant Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"

introuvable. Utilisez sxstrace.exe pour un diagnostic détaillé.

 

Error - 28/04/2011 02:00:38 | Computer Name = PC | Source = SideBySide | ID = 16842785

Description = La création du contexte d’activation a échoué pour « C:\Program Files\Acer\Empowering

Technology\eDataSecurity\x64\eDSLoader.exe ». Assembly dépendant Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"

introuvable. Utilisez sxstrace.exe pour un diagnostic détaillé.

 

Error - 28/04/2011 02:00:44 | Computer Name = PC | Source = SideBySide | ID = 16842785

Description = La création du contexte d’activation a échoué pour « C:\Program Files\Acer\Empowering

Technology\eDataSecurity\x64\eDS_CCPSD.exe ». Assembly dépendant Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"

introuvable. Utilisez sxstrace.exe pour un diagnostic détaillé.

 

Error - 28/04/2011 02:00:57 | Computer Name = PC | Source = SideBySide | ID = 16842815

Description = La création du contexte d’activation a échoué pour « c:\program files\freecommander\DelZip179.dll ».

Erreur dans le fichier de manifeste ou de stratégie « c:\program files\freecommander\DelZip179.dll »

à la ligne 8. La valeur « * » de l’attribut « language » de l’élément « assemblyIdentity »

n’est pas valide.

 

Error - 28/04/2011 02:01:26 | Computer Name = PC | Source = SideBySide | ID = 16842785

Description = La création du contexte d’activation a échoué pour « c:\program files\pdf995\res\drivedir\copy64.exe ».

Assembly

dépendant Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"

introuvable. Utilisez sxstrace.exe pour un diagnostic détaillé.

 

Error - 28/04/2011 02:02:13 | Computer Name = PC | Source = SideBySide | ID = 16842785

Description = La création du contexte d’activation a échoué pour « c:\program files\Acer\empowering

technology\edatasecurity\x64\eDScsp.exe ». Assembly dépendant Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"

introuvable. Utilisez sxstrace.exe pour un diagnostic détaillé.

 

Error - 28/04/2011 02:02:13 | Computer Name = PC | Source = SideBySide | ID = 16842785

Description = La création du contexte d’activation a échoué pour « c:\program files\Acer\empowering

technology\edatasecurity\x64\eDSLoader.exe ». Assembly dépendant Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"

introuvable. Utilisez sxstrace.exe pour un diagnostic détaillé.

 

Error - 28/04/2011 02:02:13 | Computer Name = PC | Source = SideBySide | ID = 16842785

Description = La création du contexte d’activation a échoué pour « c:\program files\Acer\empowering

technology\edatasecurity\x64\eDStbmngr.exe ». Assembly dépendant Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"

introuvable. Utilisez sxstrace.exe pour un diagnostic détaillé.

 

Error - 28/04/2011 02:02:13 | Computer Name = PC | Source = SideBySide | ID = 16842785

Description = La création du contexte d’activation a échoué pour « c:\program files\Acer\empowering

technology\edatasecurity\x64\eDS_CCPSD.exe ». Assembly dépendant Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"

introuvable. Utilisez sxstrace.exe pour un diagnostic détaillé.

 

[ System Events ]

Error - 28/04/2011 09:03:36 | Computer Name = PC | Source = Service Control Manager | ID = 7001

Description = Le service SBSD Security Center Service dépend du service Centre de

sécurité qui n’a pas pu démarrer en raison de l’erreur : %%1058

 

Error - 28/04/2011 09:03:39 | Computer Name = PC | Source = Service Control Manager | ID = 7026

Description = Le pilote de démarrage système ou d’amorçage suivant n’a pas pu se

charger : DwProt

 

Error - 28/04/2011 09:03:45 | Computer Name = PC | Source = Microsoft-Windows-DNS-Client | ID = 1012

Description = Une erreur s’est produite lors de la lecture du fichier d’hôtes local.

 

Error - 28/04/2011 09:30:16 | Computer Name = PC | Source = BugCheck | ID = 1001

Description =

 

Error - 28/04/2011 09:30:28 | Computer Name = PC | Source = Microsoft-Windows-DNS-Client | ID = 1012

Description = Une erreur s’est produite lors de la lecture du fichier d’hôtes local.

 

Error - 28/04/2011 09:30:28 | Computer Name = PC | Source = Microsoft-Windows-DNS-Client | ID = 1012

Description = Une erreur s’est produite lors de la lecture du fichier d’hôtes local.

 

Error - 28/04/2011 09:30:34 | Computer Name = PC | Source = Service Control Manager | ID = 7001

Description = Le service SBSD Security Center Service dépend du service Centre de

sécurité qui n’a pas pu démarrer en raison de l’erreur : %%1058

 

Error - 28/04/2011 09:30:36 | Computer Name = PC | Source = Service Control Manager | ID = 7026

Description = Le pilote de démarrage système ou d’amorçage suivant n’a pas pu se

charger : DwProt

 

Error - 28/04/2011 09:30:41 | Computer Name = PC | Source = Microsoft-Windows-DNS-Client | ID = 1012

Description = Une erreur s’est produite lors de la lecture du fichier d’hôtes local.

 

Error - 28/04/2011 09:30:41 | Computer Name = PC | Source = Microsoft-Windows-DNS-Client | ID = 1012

Description = Une erreur s’est produite lors de la lecture du fichier d’hôtes local.

 

 

< End of report >

Modifié le 28 avril 2011 par Philoo

[lance_yien]

Par contre toujours pas de rapport extras... c'est indiqué run 7 ... Il était peut-être pas si bien désinstaller que ça hier.

Visiblement, non.

 

Par contre, pour combofix, est-ce que ça vaut le coup que je le lance à partir d'un live cd (pas windows 7), déjà utiliser pour dépanner la famille sur une infection qui avait vérolé le pilote clavier... ou non ?

Non, je ne te le conseille pas. C'est outil conçu pour un environnement Windows.

--

 

>>> Lancer OTL et copier la liste suivante (commençant par :OTL) et la coller dans l'espace sous "Personnalisation" (les : au début et le ] à la fin sont très important, merci de vérifier).

 

:OTL

 

 

:Services

 

:Reg

 

:Files

C:\Windows\tasks\rpqvpimpt.job

C:\Windows\setup_9.0.0.722_28.04.2011_00-08drv.spi

C:\Users\Philippe\AppData\Local\Temp20.html

C:\Users\Philippe\AppData\Local\Temp1.html

C:\Windows\System32\drivers\vmjj.sys

 

:Commands

[PURITY]

[EMPTYTEMP]

[EMPTYFLASH]

Cliquer sur le bouton rouge Correction et laisser faire.

Si un ou plusieurs fichiers ne peuvent pas être supprimés normalement, le programme demandera de redémarrer la machine pour finir le processus, cliquer sur Oui.

A la fin un rapport s'ouvre dans le bloc-note. Copier son contenu et le coller dans une nouvelle réponse. Fermer le rapport et OTL.

 

 

Faire dans l'ordre ces vérification:

 

• >>> Vérifier les fichiers système:
   
  1- Copier cette commande: sfc /scannow
  2- Cliquer sur "Démarrer" => "Tous les programmes" => "Accessoires" et cliquer-droit sur "Invite de commandes" => "Exécuter en tant qu'administrateur". Cliquer-droit dans l'angle haut à gauche => "Modifier" => "Coller" et presser la touche "Entrer" . Laisser faire (ça peut être assez long). Le CD/DVD d'installation Windows peut être demandé selon les cas.
  Saisir exit et presser la touche "Entrée" pour fermer la fenêtre quand c'est fini. Redémarrer la machine.
   
  
• >>> Vérifier le disque dur:
   
  1- Copier cette commande: chkdsk /f /r
  2- Cliquer sur "Démarrer" => "Tous les programmes" => "Accessoires" et cliquer-droit sur "Invite de commandes" => "Exécuter en tant qu'administrateur". Cliquer-droit dans l'angle haut à gauche => "Modifier" => "Coller" et presser la touche "Entrer".
  Saisir la lettre o et presser la touche "Entrée" pour confirmer la volonté d'exécuter la commande.
  Saisir exit et presser la touche "Entrée" pour fermer la fenêtre. Redémarrer la machine et patienter que la vérification se fasse avant l'affichage du Bureau de Windows. Redémarrer encore la machine et contrôler.

 

 

Rapports demandés:

• OTL.txt

Où en est-on après tout ça?