svchost.exe et avertissements

[Bacter]

Bonjour,

Ce matin, alors que je travaillais, Windows s'est d'abord arrêté avec un écran bleu signalant un arrêt de sécurité, puis après redémarrage, il m'a été demandé si je voulais démarrer normalement ou en mode sans échec. Ayant choisi le mode normal, j'ai vu apparaître sur mon bureau habituel et normal une fenêtre avec un texte : "Windows a repéré un arrêt non planifié. etc..."

Tout semble fonctionner normalement dans mes programmes, sauf qu'à la fermeture et à l'ouverture de Windows, je retrouve les "écrans bleus" signalés précédemment et la fenêtre sur mon bureau "signalant un arrêt non planifié" revient à chaque fois.

Inquiet, j'ai lancé Avast qui ne signale rien mais Spybot est plus pessimiste :

Spybot-Search & Destroy souligne un problème avec svchost.exe :

Click.GiftLoad: [sBI $89783858] Réglages utilisateur (Valeur du Registre, nothing done)HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main\featurecontrol\FEATURE_BROWSER_EMULATION\svchost.exe

Dans le menu de Spybot j'ai demandé la suppression du problème signalé, non sans certaine appréhension. La suppression du problème par Spybot a été considérée comme effectuée. Ultérieurement, la relance de Windows a été identique et Spybot retrouve le même problème...

Après renseignement pris j'ai lu que svchost.exe est un programme important de Windows...

S'agit-il d'un virus, la base de registre serait-elle infectée ? Que puis-je faire ?

A toutes fins utiles un rapport HijackThis (beaucoup de lignes avec ce "fameux svchost.exe" !)

==========================

ogfile of Trend Micro HijackThis v2.0.4

Scan saved at 17:22:47, on 25/04/2011

Platform: Windows Vista SP2 (WinNT 6.00.1906)

MSIE: Internet Explorer v9.00 (9.00.8112.16421)

Boot mode: Normal

 

Running processes:

C:\Windows\system32\Dwm.exe

C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe

C:\Windows\Explorer.EXE

C:\Windows\system32\taskeng.exe

C:\Program Files\NVIDIA Corporation\Display\nvtray.exe

C:\Program Files\Windows Defender\MSASCui.exe

C:\Windows\RtHDVCpl.exe

C:\Program Files\Avira\AntiVir Desktop\avgnt.exe

C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe

C:\Program Files\Adobe\Acrobat 10.0\Acrobat\acrotray.exe

C:\Program Files\Logitech\SetPointP\SetPoint.exe

C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe

C:\Program Files\Windows Media Player\wmpnscfg.exe

C:\Windows\system32\wbem\unsecapp.exe

C:\Users\Alain\AppData\Local\Temp\RtkBtMnt.exe

C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE

C:\Program Files\HACE\Mmm\Mmm.exe

C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe

C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe

C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Windows\system32\Macromed\Flash\FlashUtil10p_ActiveX.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Program Files\Mozilla Firefox\plugin-container.exe

C:\Windows\explorer.exe

C:\Users\Alain\Downloads\HijackThis\HiJackThis.exe

 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://fr.rd.yahoo.com/customize/ycomp/defaults/sp/*http://fr.yahoo.com

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.fr/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.fr.acer.yahoo.com'>http://fr.fr.acer.yahoo.com

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896'>http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.fr.acer.yahoo.com

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://fr.rd.yahoo.com/customize/ycomp/defaults/su/*http://fr.yahoo.com

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)

O2 - BHO: QuickStores-Toolbar - {10EDB994-47F8-43F7-AE96-F2EA63E9F90F} - mscoree.dll (file missing)

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL

O2 - BHO: ShowBarObj Class - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Windows\system32\ActiveToolBand.dll

O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll

O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL

O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll

O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\system32\eDStoolbar.dll

O3 - Toolbar: Foxit PDF Creator Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll

O3 - Toolbar: QuickStores-Toolbar - {10EDB994-47F8-43F7-AE96-F2EA63E9F90F} - mscoree.dll (file missing)

O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll

O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide

O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe

O4 - HKLM\..\Run: [skytel] Skytel.exe

O4 - HKLM\..\Run: [PLFSet] rundll32.exe C:\Windows\PLFSet.dll,PLFDefSetting

O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min

O4 - HKLM\..\Run: [service Scheduler2 Acronis] "C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe"

O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe"

O4 - HKLM\..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe /launchGaming

O4 - HKLM\..\Run: [Adobe Acrobat Speed Launcher] "C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe"

O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe

O4 - HKCU\..\Run: [Mmm] "C:\Program Files\HACE\Mmm\Mmm.exe"

O4 - HKUS\S-1-5-18\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe (User 'Default user')

O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

O8 - Extra context menu item: &Envoyer à OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105

O8 - Extra context menu item: Ajouter la cible du lien à un fichier PDF existant - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html

O8 - Extra context menu item: Ajouter à un fichier PDF existant - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html

O8 - Extra context menu item: Convertir au format Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html

O8 - Extra context menu item: Convertir la cible du lien au format Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html

O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000

O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll

O9 - Extra button: Notes &liées OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

O9 - Extra 'Tools' menuitem: Notes &liées OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL

O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll

O23 - Service: Service Scheduler2 Acronis (AcrSch2Svc) - Acronis - C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe

O23 - Service: @%SystemRoot%\system32\aelupsvc.dll,-1 (AeLookupSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: Service Acronis Nonstop Backup (afcdpsrv) - Acronis - C:\Program Files\Common Files\Acronis\CDP\afcdpsrv.exe

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe

O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe

O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe

O23 - Service: @%systemroot%\system32\appinfo.dll,-100 (Appinfo) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-204 (AudioEndpointBuilder) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-200 (Audiosrv) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\bfe.dll,-1001 (BFE) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\qmgr.dll,-1000 (BITS) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%systemroot%\system32\browser.dll,-100 (Browser) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\certprop.dll,-11 (CertPropSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\cryptsvc.dll,-1001 (CryptSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @oleres.dll,-5012 (DcomLaunch) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe

O23 - Service: @%SystemRoot%\system32\dhcpcsvc.dll,-100 (Dhcp) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\System32\dnsapi.dll,-101 (Dnscache) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\dot3svc.dll,-1102 (dot3svc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\dps.dll,-500 (DPS) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%systemroot%\system32\eapsvc.dll,-1 (EapHost) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\ehome\ehrecvr.exe,-101 (ehRecvr) - Unknown owner - C:\Windows\ehome\ehRecvr.exe

O23 - Service: @%SystemRoot%\ehome\ehsched.exe,-101 (ehSched) - Unknown owner - C:\Windows\ehome\ehsched.exe

O23 - Service: @%SystemRoot%\ehome\ehstart.dll,-101 (ehstart) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\emdmgmt.dll,-1000 (EMDMgmt) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe

O23 - Service: eSettings Service (eSettingsService) - Unknown owner - C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe

O23 - Service: @%SystemRoot%\system32\wevtsvc.dll,-200 (Eventlog) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @comres.dll,-2450 (EventSystem) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe

O23 - Service: @%systemroot%\system32\fdPHost.dll,-100 (fdPHost) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\fdrespub.dll,-100 (FDResPub) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\FntCache.dll,-100 (FontCache) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @gpapi.dll,-112 (gpsvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\System32\hidserv.dll,-101 (hidserv) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\kmsvc.dll,-6 (hkmsvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: hpqcxs08 - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: Service HP CUE DeviceDiscovery (hpqddsvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: HP Network Devices Support (HPSLPSVC) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

O23 - Service: @%SystemRoot%\system32\ikeext.dll,-501 (IKEEXT) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\IPBusEnum.dll,-102 (IPBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\iphlpsvc.dll,-200 (iphlpsvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe

O23 - Service: @comres.dll,-2946 (KtmRm) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%systemroot%\system32\srvsvc.dll,-100 (LanmanServer) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\wkssvc.dll,-100 (LanmanWorkstation) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe

O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe

O23 - Service: @%SystemRoot%\system32\lltdres.dll,-1 (lltdsvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\lmhsvc.dll,-101 (lmhosts) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: Ma-Config Service (maconfservice) - Unknown owner - C:\Program Files\ma-config.com\maconfservice.exe

O23 - Service: @%systemroot%\system32\mmcss.dll,-100 (MMCSS) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe

O23 - Service: @%SystemRoot%\system32\FirewallAPI.dll,-23090 (MpsSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe

O23 - Service: @%SystemRoot%\system32\iscsidsc.dll,-5000 (MSiSCSI) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\msimsg.dll,-27 (msiserver) - Unknown owner - C:\Windows\system32\msiexec.exe

O23 - Service: @%SystemRoot%\system32\qagentrt.dll,-6 (napagent) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: Net Driver HPZ12 - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe

O23 - Service: @%SystemRoot%\system32\netman.dll,-109 (Netman) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\netprof.dll,-246 (netprofm) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\nlasvc.dll,-1 (NlaSvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\nsisvc.dll,-200 (nsi) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe

O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe

O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8004 (p2pimsvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8006 (p2psvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\pcasvc.dll,-1 (PcaSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\pla.dll,-500 (pla) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\umpnpmgr.dll,-100 (PlugPlay) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: Pml Driver HPZ12 - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8002 (PNRPAutoReg) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8000 (PNRPsvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\polstore.dll,-5010 (PolicyAgent) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\profsvc.dll,-300 (ProfSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe

O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%Systemroot%\system32\rasauto.dll,-200 (RasAuto) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%Systemroot%\system32\rasmans.dll,-200 (RasMan) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel® Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe

O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe

O23 - Service: @oleres.dll,-5010 (RpcSs) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe

O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe

O23 - Service: @%SystemRoot%\System32\SCardSvr.dll,-1 (SCardSvr) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\schedsvc.dll,-100 (Schedule) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\System32\certprop.dll,-13 (SCPolicySvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\sdrsvc.dll,-107 (SDRSVC) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\Sens.dll,-200 (SENS) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\System32\SessEnv.dll,-1026 (SessionEnv) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\shsvcs.dll,-12288 (ShellHWDetection) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe

O23 - Service: @%SystemRoot%\system32\SLUINotify.dll,-103 (SLUINotify) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe

O23 - Service: @%systemroot%\system32\ssdpsrv.dll,-100 (SSDPSRV) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\sstpsvc.dll,-200 (SstpSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: Acquisition d'image Windows (WIA) (stisvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\System32\swprv.dll,-103 (swprv) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\sysmain.dll,-1000 (SysMain) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\TabSvc.dll,-100 (TabletInputService) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\tapisrv.dll,-10100 (TapiSrv) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\tbssvc.dll,-100 (TBS) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\termsrv.dll,-268 (TermService) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\shsvcs.dll,-8192 (Themes) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%systemroot%\system32\mmcss.dll,-102 (THREADORDER) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\servicing\TrustedInstaller.exe,-100 (TrustedInstaller) - Unknown owner - C:\Windows\servicing\TrustedInstaller.exe

O23 - Service: @C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe

O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe

O23 - Service: @%systemroot%\system32\upnphost.dll,-213 (upnphost) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\dwm.exe,-2000 (UxSms) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\uxtuneup.dll,-4096 (UxTuneUp) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe

O23 - Service: @%SystemRoot%\system32\w32time.dll,-200 (W32Time) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\wcncsvc.dll,-3 (wcncsvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\WcsPlugInService.dll,-200 (WcsPlugInService) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\wdi.dll,-502 (WdiServiceHost) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%systemroot%\system32\wdi.dll,-500 (WdiSystemHost) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%systemroot%\system32\webclnt.dll,-100 (WebClient) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\wecsvc.dll,-200 (Wecsvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\System32\wercplsupport.dll,-101 (wercplsupport) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\wersvc.dll,-100 (WerSvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%ProgramFiles%\Windows Defender\MsMpRes.dll,-103 (WinDefend) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\winhttp.dll,-100 (WinHttpAutoProxySvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%Systemroot%\system32\wbem\wmisvc.dll,-205 (Winmgmt) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%Systemroot%\system32\wsmsvc.dll,-101 (WinRM) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\wlansvc.dll,-257 (Wlansvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe

O23 - Service: ePower Service (WMIService) - acer - C:\Acer\Empowering Technology\ePower\ePowerSvc.exe

O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files\Windows Media Player\wmpnetwk.exe

O23 - Service: @%SystemRoot%\system32\wpcsvc.dll,-100 (WPCSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\wpdbusenum.dll,-100 (WPDBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @c:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100 (WPFFontCache_v0400) - Unknown owner - C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe

O23 - Service: @%SystemRoot%\System32\wscsvc.dll,-200 (wscsvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%systemroot%\system32\wuaueng.dll,-105 (wuauserv) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\wudfsvc.dll,-1000 (wudfsvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--

End of file - 25335 bytes

 

Merci d'avance, Bacter

Modifié le 25 avril 2011 par Bacter

[lance_yien]

Bonjour Bacter,

 

---

Très Important!

 

>>> A faire immédiatement:

- En haut de ce message cliquer sur le bouton "Suivre ce sujet", en choisissant "Notification immédiate" => "Soumettre" tu seras avisé en temps réel pour les réponses apportées à ton sujet et de ce fait, ta machine sera nettoyée dans les meilleurs délais.

- Sauvegarder (en copiant) tous les documents personnels sur un support autre que la partition système: Clé USB, CD/DVD, Disque Dur externe etc.

 

>>> Que faire durant ce nettoyage: Merci de NE PAS utiliser, installer et/ou désinstaller aucun programme à part ceux qui sont proposés à chaque étape ce qui a pour but d'éviter tout problème d'incompatibilité entre les outils.

 

>>> Que faire à la réception de nouvelles instructions:

• Lire la totalité du message.
  
• TOUS LES UTILITAIRES doivent être lancés depuis le Bureau (sauf indication spécifique). Aussi, il est demandé de les télécharger et enregistrer DIRECTEMENT sur le Bureau ou les déplacer (tout de suite après par un clic-droit dessus => "Couper" puis clic-droit sur le Bureau => "Coller".
  Certains programmes peuvent créer des problèmes s'ils ne sont pas lancés depuis le Bureau.
  
• Prendre l'habitude de désactiver tous les programmes de protection au début de chaque nouvelle étape et de les réactiver à la fin.
  
• Procéder toujours dans l'ordre donné et demander des clarifications si nécessaire AVANT de commencer.
  
• NE PAS hésiter à commenter et signaler tout changement (en bien ou en mal) dans le comportement de la machine ou par rapport au problème initial.
  

>>> Comment répondre:

- Cliquer sur le bouton (et non sur car je n'ai pas besoin de relire mes messages précédents).

- Coller le contenu des rapports SANS y ajouter AUCUN formatage de texte (en citation, code, couleur etc...).

 

>>> Ne pas abandonner son sujet avant d'avoir été informé(e) que tout est OK.

---

 

>>> Ask.com: Utiliser cet utilitaire pour désinstaller tout programme et application appartenant à Ask.com parce qu'ils font de la pub de leur barre d'outils sur des sites réservés aux enfants (plus susceptibles de tomber dans leurs pièges) ou utilisant des pop-ups faisant croire que c'est de la pub pour d'autres applications.

Pire encore, ils utilisent des spywares venant d'autre sociétés.

Cette barre d'outils s'installe sans rien demander aux utilisateurs et opère à des modifications dans les paramètres des navigateurs pour se faire de l'argent par redirection vers d'autres sites.

--

 

Imprimer ces instructions ou les enregistrer dans un fichier texte sur le Bureau pour les consulter facilement à tout moment et télécharger, sur le Bureau:

• Malware Bytes Anti-Malware depuis ici.
• Security Check (par screen317) depuis ici ou ici.

 

>>> Utiliser Malwarebytes' Anti-Malware: Fermer toutes les applications et fenêtres ouvertes et double-cliquer sur mbam-setup.exe (pour Vista/ Windows7, cliquer-droit sur mbam-setup.exe => "Exécuter en tant qu'administrateur"). Suivre les indications en laissant tout par défaut. Cliquer sur Terminer sans rien changer.

- Lancer le programme depuis son icône sur le bureau ou depuis "Démarrer" => "Tous les programmes" => "Malwarebytes' Anti-Malware".

- Faire les Mises à jour depuis l'onglet du même nom. Si problème avec les mises à jour automatiques, cliquer ICI pour les télécharger et les installer manuellement.

- Dans l'onglet "Recherche" laisser la case "Exécuter un examen rapide" cochée et cliquer sur "Rechercher".

 

 

Patienter jusqu'à la fin (affichage du message ci-dessous)

 

 

Cliquer sur OK, pour fermer ce message.

 

- Cliquer sur "Afficher les résultats" puis s'assurer que tout est coché et cliquer sur "Supprimer la sélection".

 

Le programme procède alors au nettoyage. S'il vous demande de redémarrer le PC, ACCEPTER (c'est pour supprimer certains fichiers spécifiques).

A la fin un rapport s'affiche (accessible à tout moment depuis l'onglet Rapport/Logs de la fenêtre principale de MBAM. Poster son contenu dans la prochaine réponse.

 

 

>>> Utiliser SecurityCheck: Fermer tout et double-cliquer sur "SecurityCheck.exe" pour lancer le programme.

Appuyer sur une touche comme demandé et suivre les indications.

Note: Si un des programmes de sécurité demande la permission d'accéder à Internet depuis dig.exe, acceptez.

Le Rapport checkup.txt s'ouvre à la fin. Poster son contenu.

Ce rapport ne sera pas enregistré automatiquement. Si vous voulez en garder une copie, cliquez sur "Fichier" => "Enregistrer sous", choisissez un endroit (Bureau par exemple) et cliquez sur "Enregistrer" en bas à droite.

Poster son contenu.

 

 

Rapports demandés:

• Malwarebytes Anti-Malware log
• checkup.txt

[Bacter]

Bonsoir et merci lance_yien de vous pencher sur mon problème de svchost.

J'ai effectué les opérations que vous m'avez demandées :

===============================================

pour Malwarebytes Anti-Malware log voici le log :

===============================================

Malwarebytes' Anti-Malware 1.50.1.1100

www.malwarebytes.org

 

Version de la base de données: 6443

 

Windows 6.0.6002 Service Pack 2

Internet Explorer 9.0.8112.16421

 

25/04/2011 20:05:44

mbam-log-2011-04-25 (20-05-44).txt

 

Type d'examen: Examen rapide

Elément(s) analysé(s): 162081

Temps écoulé: 5 minute(s), 7 seconde(s)

 

Processus mémoire infecté(s): 0

Module(s) mémoire infecté(s): 0

Clé(s) du Registre infectée(s): 0

Valeur(s) du Registre infectée(s): 0

Elément(s) de données du Registre infecté(s): 0

Dossier(s) infecté(s): 0

Fichier(s) infecté(s): 0

 

Processus mémoire infecté(s):

(Aucun élément nuisible détecté)

 

Module(s) mémoire infecté(s):

(Aucun élément nuisible détecté)

 

Clé(s) du Registre infectée(s):

(Aucun élément nuisible détecté)

 

Valeur(s) du Registre infectée(s):

(Aucun élément nuisible détecté)

 

Elément(s) de données du Registre infecté(s):

(Aucun élément nuisible détecté)

 

Dossier(s) infecté(s):

(Aucun élément nuisible détecté)

 

Fichier(s) infecté(s):

(Aucun élément nuisible détecté)

 

===============================================

le checkup.txt est en dessous :

===============================================

Results of screen317's Security Check version 0.99.10

Windows Vista Service Pack 2 (UAC is enabled)

Internet Explorer 8

``````````````````````````````

Antivirus/Firewall Check:

Avira AntiVir Personal - Free Antivirus

WMI entry may not exist for antivirus; attempting automatic update.

Avira successfully updated!

```````````````````````````````

Anti-malware/Other Utilities Check:

Malwarebytes' Anti-Malware

TuneUp Utilities

TuneUp Utilities Language Pack (fr-FR)

TuneUp Utilities

CCleaner

EasyCleaner

Java 6 Update 24

Adobe Flash Player 10.2.159.1

Adobe Reader 9.4.3 - Français

Out of date Adobe Reader installed!

Mozilla Firefox (x86 fr..)

````````````````````````````````

Process Check:

objlist.exe by Laurent

Windows Defender MSASCui.exe

Avira Antivir avgnt.exe

Avira Antivir avguard.exe

Empowering Technology eSettings Service capuserv.exe

Windows Defender MSASCui.exe

``````````End of Log````````````

===============================================

Je suis attentif pour la suite.

Merci et à plus tard. Bacter

[Bacter]

Re-bonjour lance-yien

Un petit point, je n'ai pas vu comment après avoir cliqué sur le bouton "Suivre ce sujet", comment choisir "Notification immédiate" => "Soumettre" pour être avisé en temps réel des réponses apportées à mon sujet... J'ai dû oublier quelque chose ou alors avoir mal compris.

Bonne soirée? Bacter

[lance_yien]

Bonjour,

 

Le bouton [suivre ce sujet] se trouve en haut à droite juste avant [Ajouter une réponse] et [Commencer un sujet].

Quand tu as cliqué dessus et suivi les instructions, il se transforme en [Arrêter de suivre ce sujet].

Vérifie lequel tu as en ce moment et as-tu reçu un e mail comme quoi j'ai répondu à ton sujet.

--

 

Tes rapports ne montrent pas d'infection, on continue la recherche!

Imprimer ces instructions ou les enregistrer dans un fichier texte sur le Bureau pour les consulter facilement à tout moment et télécharger, sur le Bureau OTL (par OldTimer) depuis ici ou ici.

Brancher et allumer tous les médias amovibles (Disques externes, clés USB etc...).

Fermer toutes les applications et fenêtres ouvertes et double-cliquer sur OTL.exe (Vista/ Windows7, cliquer-droit dessus => Exécuter en tant qu'Admin).

Copiez/ Collez ces lignes (commençant par netsvcs) dans l'espace sous "Personnalisation":

 

netsvcs

drivers32

%SYSTEMDRIVE%\*.*

%systemroot%\*. /mp /s

%systemroot%\system32\*.dll /lockedfiles

%systemroot%\Tasks\*.job /lockedfiles

%systemroot%\System32\config\*.sav

%systemroot%\system32\drivers\*.sys /90

CREATERESTOREPOINT

HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs

SAVEMBR:0

Sans rien changer, cliquer sur le bouton bleu Analyse et laisser faire.

A la fin du scan, 2 rapports seront créés: OTL.txt (qui s'ouvre dans le bloc-note) et Extras.txt (qui sera minimisé dans la Barre des tâches).

 

Copier/ Coller le contenu de chaque rapport, un seul par message parce qu'ils sont souvent très longs et dépassent la limite autorisée par le forum.

[Bacter]

re-bonjour lance-yien,

Voici le deuxième rapport

===================

rapport Extras.txt

===================

OTL Extras logfile created on: 26/04/2011 10:48:37 - Run 1

OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\Alain\Downloads

Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation

Internet Explorer (Version = 9.0.8112.16421)

Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

 

2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 59,00% Memory free

4,00 Gb Paging File | 3,00 Gb Available in Paging File | 68,00% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files

Drive C: | 111,69 Gb Total Space | 61,93 Gb Free Space | 55,45% Space Free | Partition Type: NTFS

Drive D: | 108,19 Gb Total Space | 20,49 Gb Free Space | 18,94% Space Free | Partition Type: NTFS

Drive F: | 232,83 Gb Total Space | 0,23 Gb Free Space | 0,10% Space Free | Partition Type: FAT32

 

Computer Name: PC-DE-ALAIN | User Name: Alain | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

 

========== Extra Registry (SafeList) ==========

 

 

========== File Associations ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)

.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

 

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]

.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

 

========== Shell Spawning ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)

exefile [open] -- "%1" %*

helpfile [open] -- Reg Error: Key error.

hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)

htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation)

htmlfile [print] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" /p %1 (Microsoft Corporation)

http [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1"

https [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1"

inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()

Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()

Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)

Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

 

========== Security Center Settings ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"cval" = 1

"UacDisableNotify" = 0

"InternetSettingsDisableNotify" = 0

"AutoUpdateDisableNotify" = 0

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

"DisableMonitoring" = 1

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

"DisableMonitoring" = 1

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

"DisableMonitoring" = 1

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

"AntiVirusOverride" = 0

"AntiSpywareOverride" = 0

"FirewallOverride" = 0

"VistaSp1" = Reg Error: Unknown registry data type -- File not found

"VistaSp2" = Reg Error: Unknown registry data type -- File not found

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

 

========== Firewall Settings ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

"DisableNotifications" = 0

"EnableFirewall" = 1

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

"DisableNotifications" = 0

"EnableFirewall" = 1

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]

"DisableNotifications" = 0

"EnableFirewall" = 1

 

========== Authorized Applications List ==========

 

 

========== Vista Active Open Ports Exception List ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

"{1BA7A2D7-A3CB-4581-B34C-13C4456A09E1}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |

"{3A634136-FD28-4E26-8775-F3A1D63F44FD}" = rport=427 | protocol=17 | dir=in | svc=hpslpsvc | app=c:\windows\system32\svchost.exe |

"{3FDB757C-144C-483C-B53C-A75F4612812E}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |

"{43B83545-CA18-4409-B8BD-DED97DFBA6E0}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |

"{43EEABCB-C956-43FF-A7AE-84746D32015D}" = lport=48113 | protocol=17 | dir=in | name=maconfig_udp |

"{4A302B94-1969-420F-AC81-E925ADDEB579}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |

"{538DED8B-22DC-4384-B887-0DB3761727DB}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |

"{5D48B73D-F9F4-42F6-AB23-3F4635BAE88D}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |

"{7DCE690E-77E6-43E8-87AB-551B1507A75C}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |

"{964109B4-7E9B-4BEA-B4C4-1EDA06939ABF}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |

"{A7FD1603-C42C-4223-9AC5-76AA915181AB}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office14\outlook.exe |

"{C80881F8-5FA3-4DB6-9C32-C0887489406A}" = lport=48113 | protocol=6 | dir=in | name=maconfig_tcp |

"{D64308B3-A6DC-45B0-9927-869E3032F794}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |

"{FCE396CC-2754-4757-BC95-ED72B0773042}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |

 

========== Vista Active Application Exception List ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

"{02C0003E-C0CD-45CA-8D10-2CDCDD9EC7A3}" = protocol=17 | dir=in | app=c:\program files\directory lister pro\dirlisterpro.exe |

"{08414627-2567-4D39-B834-482BEF6CBECE}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqusgh.exe |

"{0A429078-415F-4635-825D-BCAD50D62E14}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqste08.exe |

"{1E7947FC-B159-4B20-97B5-DA5576F67F2D}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\groove.exe |

"{34EAE660-6D25-452C-AA00-B243496DCCCF}" = dir=in | app=c:\program files\acer arcade deluxe\videomagician\videomagician.exe |

"{388839F5-D9C7-440D-A5A0-CDEB65452EB9}" = protocol=17 | dir=in | app=c:\program files\directory lister pro\dirlisterpro.exe |

"{3AF4D534-05EC-4269-9EF8-F4820905539D}" = protocol=6 | dir=in | app=c:\program files\ma-config.com\maconfservice.exe |

"{430E6711-CA4C-454A-992C-3AB7FE8760AE}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpoews01.exe |

"{4D2F67F2-16C5-4E93-B9BA-9911DF4D90AD}" = dir=in | app=c:\program files\acer\acer vcm\vc.exe |

"{5210386B-28A1-4B6C-B673-5BD5B4335E8A}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |

"{6A59F20F-9CAE-4B30-8A8F-A7EA3840D129}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe |

"{6C498903-EA6C-412E-88AA-7FE3510E1302}" = dir=in | app=c:\program files\common files\hp\digital imaging\bin\hpqphotocrm.exe |

"{7C379FE2-1595-4124-A10E-5B22287B348D}" = dir=in | app=c:\program files\acer arcade deluxe\play movie\playmovie.exe |

"{7D115F10-5969-4B6C-8560-80C9484A4EF3}" = protocol=17 | dir=in | app=c:\program files\ma-config.com\maconfservice.exe |

"{804D25D1-B867-4D34-B457-0E14F1F7DE71}" = dir=in | app=c:\program files\acer arcade deluxe\play movie\pmvservice.exe |

"{827E1411-451E-4A2E-8DE1-EDF536CF1E13}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqkygrp.exe |

"{85C6BCF8-5B10-464C-8BC5-9287D5596F16}" = dir=in | app=c:\program files\windows live\contacts\wlcomm.exe |

"{8AC36771-579A-49E5-A644-AFD7FE12AEBB}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe |

"{8CB48207-3F7B-458F-A593-2640FB8D7108}" = dir=in | app=c:\program files\acer arcade deluxe\dv wizard\dv wizard.exe |

"{8F3223AE-3268-4FB9-8004-9FA91C90B8AF}" = dir=in | app=c:\program files\acer arcade deluxe\dvdivine\dvdivine.exe |

"{9485CF9D-A3D6-4E7C-BFC3-25A380D828FA}" = protocol=6 | dir=in | app=c:\program files\directory lister pro\dirlisterpro.exe |

"{9EB7BD2B-824C-40D8-B735-BFFC3D6A1596}" = dir=in | app=c:\program files\acer arcade deluxe\homemedia\homemedia.exe |

"{B61AC8A5-BF42-418A-AEC3-C2B2D2A274B8}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqgpc01.exe |

"{B736E544-8939-41EB-B6AC-0BB2FD98FFEC}" = dir=in | app=c:\program files\hp\digital imaging\bin\hposid01.exe |

"{BF4F99BD-373E-4AC3-807F-4B90AA5A920D}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqgplgtupl.exe |

"{C7FB1D3B-5666-4B39-9E96-E26685F0C2F6}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpfccopy.exe |

"{CDC7112E-6A12-49E6-B564-839CC7CF348F}" = dir=in | app=c:\program files\acer arcade deluxe\acer arcade deluxe\acer arcade deluxe.exe |

"{CF90A10A-6200-4C16-950A-1384F11D0F2B}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\groove.exe |

"{D08C9400-23B7-447A-848F-52F11D8EC68C}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqusgm.exe |

"{DD29A78B-CEF9-47E1-BF13-980A91FE24F7}" = protocol=6 | dir=in | app=c:\program files\directory lister pro\dirlisterpro.exe |

"{DDDA3544-1438-425D-B998-0CEE73C9E565}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqtra08.exe |

"{E714037E-EC51-430D-B5C0-0D16F9ABA15B}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe |

"{F4DCC466-A256-4A98-8DDB-4841C562F276}" = dir=in | app=e:\setup\hpznui01.exe |

"{F58FE2EB-585E-4543-9D8C-6CE7C13465A5}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpiscnapp.exe |

"{F82B3011-DB05-4E58-9098-0356D87850A7}" = dir=in | app=c:\program files\hp\hp software update\hpwucli.exe |

"TCP Query User{59FAB03D-911D-48BC-A4AB-5CE03C19A771}H:\sauvegardes pc-alain (avant formatage)\sauvegarde-data_25_03_2011\mowes_portable\mysql\bin\mysqld-nt.exe" = protocol=6 | dir=in | app=h:\sauvegardes pc-alain (avant formatage)\sauvegarde-data_25_03_2011\mowes_portable\mysql\bin\mysqld-nt.exe |

"TCP Query User{646E3E32-5D34-4CBC-92A9-7FC2680E5EB5}C:\program files\vidal\vidalcd\system\runtime\bin\java.exe" = protocol=6 | dir=in | app=c:\program files\vidal\vidalcd\system\runtime\bin\java.exe |

"TCP Query User{8A23AF6D-2E5B-4BFB-B235-74752B476115}D:\mowes_portable\apache2\bin\httpd.exe" = protocol=6 | dir=in | app=d:\mowes_portable\apache2\bin\httpd.exe |

"TCP Query User{AAA4308D-4539-4E8D-85A0-631E663868F7}H:\sauvegardes pc-alain (avant formatage)\sauvegarde-data_25_03_2011\mowes_portable\apache2\bin\httpd.exe" = protocol=6 | dir=in | app=h:\sauvegardes pc-alain (avant formatage)\sauvegarde-data_25_03_2011\mowes_portable\apache2\bin\httpd.exe |

"TCP Query User{AE6E7757-BA19-45CC-ACEF-B95DA182893C}D:\mowes_portable\mysql\bin\mysqld-nt.exe" = protocol=6 | dir=in | app=d:\mowes_portable\mysql\bin\mysqld-nt.exe |

"TCP Query User{EF6F95A2-04C9-4B24-B287-320891979252}C:\program files\videolan\vlc\vlc.exe" = protocol=6 | dir=in | app=c:\program files\videolan\vlc\vlc.exe |

"UDP Query User{024BBF0A-BF95-4EA7-A3C1-F46C4DCC3A87}H:\sauvegardes pc-alain (avant formatage)\sauvegarde-data_25_03_2011\mowes_portable\mysql\bin\mysqld-nt.exe" = protocol=17 | dir=in | app=h:\sauvegardes pc-alain (avant formatage)\sauvegarde-data_25_03_2011\mowes_portable\mysql\bin\mysqld-nt.exe |

"UDP Query User{03BB446B-031C-42CD-A113-33D7C6470C37}C:\program files\videolan\vlc\vlc.exe" = protocol=17 | dir=in | app=c:\program files\videolan\vlc\vlc.exe |

"UDP Query User{203776BB-2F33-403B-8E06-1D0E21B24329}D:\mowes_portable\mysql\bin\mysqld-nt.exe" = protocol=17 | dir=in | app=d:\mowes_portable\mysql\bin\mysqld-nt.exe |

"UDP Query User{8F7BB342-C824-4C64-8BE9-F25096D46295}H:\sauvegardes pc-alain (avant formatage)\sauvegarde-data_25_03_2011\mowes_portable\apache2\bin\httpd.exe" = protocol=17 | dir=in | app=h:\sauvegardes pc-alain (avant formatage)\sauvegarde-data_25_03_2011\mowes_portable\apache2\bin\httpd.exe |

"UDP Query User{B7024261-B5E7-4F56-BF91-A82A72B92E6D}D:\mowes_portable\apache2\bin\httpd.exe" = protocol=17 | dir=in | app=d:\mowes_portable\apache2\bin\httpd.exe |

"UDP Query User{D44D2784-36F2-4C91-93CF-7C5AEA4A1828}C:\program files\vidal\vidalcd\system\runtime\bin\java.exe" = protocol=17 | dir=in | app=c:\program files\vidal\vidalcd\system\runtime\bin\java.exe |

 

========== HKEY_LOCAL_MACHINE Uninstall List ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator

"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148

"{047F790A-7A2A-4B6A-AD02-38092BA63DAC}" = Acer VCM

"{04A3A6B0-8E19-49BB-82FF-65C5A55F917D}" = Acronis True Image Home 2011

"{06A1D88C-E102-4527-AF70-29FFD7AF215A}" = Scan

"{07FB17D8-7DB6-4F06-80C4-8BE1719CB6A1}" = hpWLPGInstaller

"{09F56A49-A7B1-4AAB-95B9-D13094254AD1}" = Windows Live UX Platform Language Pack

"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer

"{0F5B4A82-9DAF-3D13-8CB8-AEB25E4A614E}" = Microsoft .NET Framework 4 Client Profile FRA Language Pack

"{11316260-6666-467B-AC34-183FCB5D4335}" = Acer Mobility Center Plug-In

"{116FF17B-1A30-4FC2-9B01-5BC5BD46B0B3}" = Acer eLock Management

"{121634B0-2F4B-11D3-ADA3-00C04F52DD52}" = Windows Installer Clean Up

"{134EE273-0F1C-4A5B-817D-13111DB75B14}" = B109n-z

"{1577A05B-EE62-4BBC-9DB7-FE748FA44EC2}" = NTI CD & DVD-Maker

"{175F0111-2968-4935-8F70-33108C6A4DE3}" = MarketResearch

"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions

"{21A2F5EE-1DC5-488A-BE7E-E526F8C61488}" = DeviceDiscovery

"{26A24AE4-039D-4CA4-87B4-2F83216021FF}" = Java 6 Update 24

"{2800649E-1426-4514-ADEA-701629E87B08}" = Logiciel Intel® PROSet/Wireless WiFi

"{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}" = BufferChm

"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery

"{34319F1F-7CF2-4CC9-B357-1AE7D2FF3AC5}" = Windows Live

"{399C37FB-08AF-493B-BFED-20FBD85EDF7F}" = Acer Crystal Eye webcam

"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile

"{3CAC9760-14F6-4539-A75F-F240EC55FEE9}" = Ma-Config.com

"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel® Rapid Storage Technology

"{3E31821C-7917-367E-938E-E65FC413EA31}" = Microsoft .NET Framework 3.5 Language Pack SP1 - fra

"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = eReg

"{427967BF-09F8-46D5-9275-37001CCBBA5D}" = Winbond CIR Drivers

"{43CDF946-F5D9-4292-B006-BA0D92013021}" = WebReg

"{488F0347-C4A7-4374-91A7-30818BEDA710}" = Galerie de photos Windows Live

"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater

"{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}" = SolutionCenter

"{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}" = Windows Live PIMT Platform

"{57265292-228A-41FA-9AEC-4620CBCC2739}" = Acer eAudio Management

"{58E5844B-7CE2-413D-83D1-99294BF6C74F}" = Acer ePower Management

"{59F6A514-9813-47A3-948C-8A155460CC2A}" = RICOH R5C83x/84x Flash Media Controller Driver Ver.3.51.01

"{5DD4FCBD-A3C1-4155-9E17-4161C70AAABA}" = Segoe UI

"{61AD15B2-50DB-4686-A739-14FE180D4429}" = Windows Live ID Sign-in Assistant

"{63FF21C9-A810-464F-B60A-3111747B1A6D}" = GPBaseService2

"{656FDFA4-C7C6-40D9-99F7-F6F331412AEF}" = WarrantyExtension

"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites

"{67ADE9AF-5CD9-4089-8825-55DE4B366799}" = NTI Backup NOW! 4.7

"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE

"{6B1CB38D-E2E4-4a30-933D-EFDEBA76AD9C}" = Microsoft Works

"{6B2FFB21-AC88-45C3-9A7D-4BB3E744EC91}" = HPSSupply

"{6BBA26E9-AB03-4FE7-831A-3535584CA002}" = Toolbox

"{6DEC8BD5-7574-47FA-B080-492BBBE2FEA3}" = Windows Live Movie Maker

"{722B4A13-F24D-43AE-8813-5DB82C0B23C2}" = HP Photosmart Wireless B109n-z All-In-One Driver Software 13.0 Rel .6

"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable

"{76810709-A7D3-468D-9167-A1780C1E766C}" = Windows Live FolderShare

"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

"{79DD56FC-DB8B-47F5-9C80-78B62E05F9BC}" = Acer ScreenSaver

"{7B0A8F0E-3672-4DA5-9540-A8D0171C38D8}" = TuneUp Utilities Language Pack (fr-FR)

"{8466940C-84D8-484C-B1E3-C2E4D73FD5DD}" = PS_AIO_06_B109n-z_SW_Min

"{86B3F2D6-AC2B-0014-8AE1-F2F77F781B0C}" = EndNote X4

"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570

"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar

"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight

"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT

"{90140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010

"{90140000-0015-040C-0000-0000000FF1CE}" = Microsoft Office Access MUI (French) 2010

"{90140000-0016-040C-0000-0000000FF1CE}" = Microsoft Office Excel MUI (French) 2010

"{90140000-0018-040C-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (French) 2010

"{90140000-0019-040C-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (French) 2010

"{90140000-001A-040C-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (French) 2010

"{90140000-001B-040C-0000-0000000FF1CE}" = Microsoft Office Word MUI (French) 2010

"{90140000-001F-0401-0000-0000000FF1CE}" = Microsoft Office Proof (Arabic) 2010

"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010

"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010

"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010

"{90140000-001F-0413-0000-0000000FF1CE}" = Microsoft Office Proof (Dutch) 2010

"{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010

"{90140000-002C-040C-0000-0000000FF1CE}" = Microsoft Office Proofing (French) 2010

"{90140000-0044-040C-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (French) 2010

"{90140000-006E-040C-0000-0000000FF1CE}" = Microsoft Office Shared MUI (French) 2010

"{90140000-00A1-040C-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (French) 2010

"{90140000-00BA-040C-0000-0000000FF1CE}" = Microsoft Office Groove MUI (French) 2010

"{92127AF5-FDD8-4ADF-BC40-C356C9EE0B7D}" = 32 Bit HP CIO Components Installer

"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker

"{94389919-B0AA-4882-9BE8-9F0B004ECA35}" = Acer Tour

"{949D34E5-F53F-4830-9A50-1E2C39109043}_is1" = PNotes 7.5.110

"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting

"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

"{9E1BAB75-EB78-440D-94C0-A3857BE2E733}" = System Requirements Lab

"{a0fe116e-9a8a-466f-aee0-625cb7c207e3}" = Microsoft Visual C++ 2005 Redistributable - KB2467175

"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common

"{AA047D7C-5E7C-4878-B75C-77589151B563}" = Acer Crystal Eye webcam

"{AB6097D9-D722-4987-BD9E-A076E2848EE2}" = Acer Empowering Technology

"{AC1ACE88-C471-494E-B5FA-0B7C21F22E4F}" = Orion

"{AC76BA86-1033-F400-7760-000000000005}" = Adobe Acrobat X Pro - English, Français, Deutsch

"{AC76BA86-7AD7-1036-7B44-A94000000001}" = Adobe Reader 9.4.3 - Français

"{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9

"{AE8705FB-E13C-40A9-8A2D-68D6733FBFC2}" = Status

"{AEEAE013-92F1-4515-B278-139F1A692A36}" = Acer eDataSecurity Management

"{AFECFED6-0A43-488F-8511-1DC6B52F31C3}_is1" = Fast Duplicate File Finder 2.8.0.1

"{B2455727-ED8F-4643-8A6E-F4AB8DE3633D}" = Network

"{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Panneau de configuration NVIDIA 270.61

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Pilote graphique 270.61

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller Driver 270.61

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Logiciel système PhysX 9.10.0514

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Mises à jour NVIDIA 1.1.34

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components

"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy

"{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = PowerProducer 3.72

"{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}" = NVIDIA PhysX

"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations

"{BF839132-BD43-4056-ACBF-4377F4A88E2A}" = Acer ePresentation Management

"{C06554A1-2C1E-4D20-B613-EE62C79927CC}" = Acer eNet Management

"{C43326F5-F135-4551-8270-7F7ABA0462E1}" = HPProductAssistant

"{C75CDBA2-3C86-481e-BD10-BDDA758F9DFF}" = hpPrintProjects

"{C893D8C0-1BA0-4517-B11C-E89B65E72F70}" = Windows Live Photo Common

"{CAE4213F-F797-439D-BD9E-79B71D115BE3}" = HPPhotoGadget

"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware

"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1

"{CE386A4E-D0DA-4208-8235-BCE43275C694}" = LightScribe 1.4.142.1

"{CE65A9A0-9686-45C6-9098-3C9543A412F0}" = Acer eSettings Management

"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform

"{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}" = TuneUp Utilities

"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform

"{DC0A5F99-FD66-433F-9D3A-05DCBA64BE42}" = TrayApp

"{DDD5104F-1C44-49EB-9E6B-29EC5D27658B}" = HP Update

"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10

"{EFBDC2B0-FAA8-4B78-8DE1-AEBE7958FA37}" = Acer Arcade Deluxe

"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]

"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver

"{F1ED5BD7-4770-4037-9CBD-5DF9A5BEC408}" = Plus Pack for Acronis True Image Home 2011

"{F5346614-B7C4-4E94-826A-E2363155233D}" = EasyCleaner

"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022

"AACD" = AACD_v4

"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites

"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX

"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin

"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus

"Belarc Advisor" = Belarc Advisor 8.1

"CCleaner" = CCleaner

"CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFAOR2C06_118" = HDAUDIO Soft Data Fax Modem with SmartCP

"Defraggler" = Defraggler

"Directory Lister Pro_is1" = Directory Lister Pro v1.38

"FileZilla Client" = FileZilla Client 3.4.0

"Foxit PDF Editor" = Foxit PDF Editor

"Foxit Reader" = Foxit Reader

"Glary Utilities_is1" = Glary Utilities 2.33.0.1158

"GridVista" = Acer GridVista

"HP Imaging Device Functions" = HP Imaging Device Functions 13.0

"HP Print Projects" = HP Print Projects 1.0

"HP Solution Center & Imaging Support Tools" = HP Solution Center 13.0

"HPExtendedCapabilities" = HP Customer Participation Program 13.0

"InstallShield_{1577A05B-EE62-4BBC-9DB7-FE748FA44EC2}" = NTI CD & DVD-Maker

"jv16 PowerTools_is1" = jv16 PowerTools 1.3

"La boite a couleurs_is1" = La boite a couleurs version 1.6.15

"LManager" = Launch Manager

"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware

"Microsoft .NET Framework 3.5 Language Pack SP1 - fra" = Module linguistique Microsoft .NET Framework 3.5 SP1- fra

"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1

"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile

"Microsoft .NET Framework 4 Client Profile FRA Language Pack" = Module linguistique Microsoft .NET Framework 4 Client Profile FRA

"Mozilla Firefox 4.0 (x86 fr)" = Mozilla Firefox 4.0 (x86 fr)

"Notepad++" = Notepad++

"NVIDIA StereoUSB Driver" = NVIDIA 3D Vision Controller Driver

"Office14.PROPLUS" = Microsoft Office Professionnel Plus 2010

"ProInst" = Intel PROSet Wireless

"QuickMenuBuilder" = Quick Menu Builder 1.2

"QuickStores-Toolbar_is1" = QuickStores-Toolbar 1.1.0

"ResearchSoft Direct Export Helper" = ResearchSoft Direct Export Helper

"Shop for HP Supplies" = Shop for HP Supplies

"sp6" = Logitech SetPoint 6.22

"SynTPDeinstKey" = Synaptics Pointing Device Driver

"TreeSize Free_is1" = TreeSize Free V2.4

"TuneUp Utilities" = TuneUp Utilities

"Unlocker" = Unlocker 1.9.0

"Vidal CD" = Vidal CD

"VLC media player" = VLC media player 1.1.9

"WinLiveSuite" = Windows Live

"WinRAR archiver" = Logiciel d'archivage WinRAR

 

========== HKEY_CURRENT_USER Uninstall List ==========

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"Mmm" = Mmm

"PhotoFiltre Studio X" = PhotoFiltre Studio X

 

========== Last 10 Event Log Errors ==========

 

[ Application Events ]

Error - 21/04/2011 03:48:50 | Computer Name = PC-de-Alain | Source = Application Error | ID = 1000

Description = Application défaillante plugin-container.exe, version 2.0.0.4094,

horodatage 0x4d83749c, module défaillant FOXITR~1.OCX, version 1.0.1.224, horodatage

0x4b849404, code d’exception 0xc0000005, décalage d’erreur 0x00002dce, ID du processus

0x30c, heure de début de l’application 0x01cbfff88bc4a4fb.

 

Error - 21/04/2011 08:03:06 | Computer Name = PC-de-Alain | Source = Application Error | ID = 1000

Description = Application défaillante hpqtra08.exe, version 130.0.376.0, horodatage

0x4a163449, module défaillant hpzidr12.dll, version 12.1.3.21, horodatage 0x49369936,

code d’exception 0xc0000005, décalage d’erreur 0x0000652f, ID du processus 0x1588,

heure de début de l’application 0x01cbfffb25f5893b.

 

Error - 24/04/2011 15:51:33 | Computer Name = PC-de-Alain | Source = Application Error | ID = 1000

Description = Application défaillante svchost.exe, version 6.0.6001.18000, horodatage

0x47918b89, module défaillant ntdll.dll, version 6.0.6002.18327, horodatage 0x4cb73436,

code d’exception 0xc000071b, décalage d’erreur 0x00088d15, ID du processus 0x5d8,

heure de début de l’application 0x01cc02b61ed1a88b.

 

Error - 24/04/2011 16:40:15 | Computer Name = PC-de-Alain | Source = SPP | ID = 16387

Description =

 

Error - 24/04/2011 16:40:15 | Computer Name = PC-de-Alain | Source = System Restore | ID = 8193

Description =

 

Error - 24/04/2011 16:40:15 | Computer Name = PC-de-Alain | Source = System Restore | ID = 8210

Description =

 

Error - 24/04/2011 16:59:02 | Computer Name = PC-de-Alain | Source = Application Error | ID = 1000

Description = Application défaillante svchost.exe, version 6.0.6001.18000, horodatage

0x47918b89, module défaillant ntdll.dll, version 6.0.6002.18327, horodatage 0x4cb73436,

code d’exception 0xc000071b, décalage d’erreur 0x00088d15, ID du processus 0x5cc,

heure de début de l’application 0x01cc02bb76c9cbf0.

 

Error - 24/04/2011 17:50:21 | Computer Name = PC-de-Alain | Source = Application Error | ID = 1000

Description = Application défaillante svchost.exe, version 6.0.6001.18000, horodatage

0x47918b89, module défaillant ntdll.dll, version 6.0.6002.18327, horodatage 0x4cb73436,

code d’exception 0xc000071b, décalage d’erreur 0x00088d15, ID du processus 0x5d0,

heure de début de l’application 0x01cc02c6b82483b8.

 

Error - 24/04/2011 18:02:25 | Computer Name = PC-de-Alain | Source = Application Error | ID = 1000

Description = Application défaillante svchost.exe, version 6.0.6001.18000, horodatage

0x47918b89, module défaillant ntdll.dll, version 6.0.6002.18327, horodatage 0x4cb73436,

code d’exception 0xc000071b, décalage d’erreur 0x00088d15, ID du processus 0x1340,

heure de début de l’application 0x01cc02c9abcb8bb8.

 

Error - 24/04/2011 18:43:10 | Computer Name = PC-de-Alain | Source = System Restore | ID = 8203

Description =

 

[ System Events ]

Error - 25/04/2011 17:01:59 | Computer Name = PC-de-Alain | Source = Service Control Manager | ID = 7000

Description =

 

Error - 25/04/2011 17:21:23 | Computer Name = PC-de-Alain | Source = DCOM | ID = 10005

Description =

 

Error - 25/04/2011 17:21:30 | Computer Name = PC-de-Alain | Source = DCOM | ID = 10005

Description =

 

Error - 25/04/2011 17:21:32 | Computer Name = PC-de-Alain | Source = DCOM | ID = 10005

Description =

 

Error - 25/04/2011 17:21:33 | Computer Name = PC-de-Alain | Source = DCOM | ID = 10005

Description =

 

Error - 25/04/2011 17:21:33 | Computer Name = PC-de-Alain | Source = DCOM | ID = 10005

Description =

 

Error - 26/04/2011 02:41:42 | Computer Name = PC-de-Alain | Source = EventLog | ID = 6008

Description = L'arrêt système précédant à 23:21:15 le 25/04/2011 n'était pas prévu.

 

Error - 26/04/2011 02:42:07 | Computer Name = PC-de-Alain | Source = Service Control Manager | ID = 7000

Description =

 

Error - 26/04/2011 04:01:14 | Computer Name = PC-de-Alain | Source = Service Control Manager | ID = 7032

Description =

 

Error - 26/04/2011 04:01:14 | Computer Name = PC-de-Alain | Source = Service Control Manager | ID = 7032

Description =

 

< End of report >

======================

A plus tard, Bacter

[Bacter]

Bonjour lance-yien,

Je n'arrive pas à passer le message contenant OTL.txt.

Où est le problème ? Y a-t-il une solution ?

Bacter

[Bacter]

Bonjour lance-yien,

Pour la notification immédiate, j'avais "oublié" de cocher l'option. Cette fois, c'est fait.

J'ai réaliser l'analyse OTL comme demandé. Comme il semble trop long pour le site, je le coupe en deux !

Voici le premier rapport (première partie),

=====================

rapport OTL.txt

============> début

OTL logfile created on: 26/04/2011 10:48:37 - Run 1

OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\Alain\Downloads

Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation

Internet Explorer (Version = 9.0.8112.16421)

Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

 

2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 59,00% Memory free

4,00 Gb Paging File | 3,00 Gb Available in Paging File | 68,00% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files

Drive C: | 111,69 Gb Total Space | 61,93 Gb Free Space | 55,45% Space Free | Partition Type: NTFS

Drive D: | 108,19 Gb Total Space | 20,49 Gb Free Space | 18,94% Space Free | Partition Type: NTFS

Drive F: | 232,83 Gb Total Space | 0,23 Gb Free Space | 0,10% Space Free | Partition Type: FAT32

 

Computer Name: PC-DE-ALAIN | User Name: Alain | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

 

========== Processes (SafeList) ==========

 

PRC - [2011/04/26 10:42:42 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Alain\Downloads\OTL.exe

PRC - [2011/04/21 01:20:19 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe

PRC - [2011/04/09 07:40:20 | 000,269,480 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe

PRC - [2011/04/08 07:14:00 | 002,218,600 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe

PRC - [2011/04/07 22:43:20 | 000,373,864 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\nvtray.exe

PRC - [2011/04/07 22:43:04 | 000,841,832 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe

PRC - [2011/04/04 22:30:53 | 000,877,568 | ---- | M] () -- C:\Program Files\HACE\Mmm\Mmm.exe

PRC - [2011/03/27 00:39:34 | 003,246,040 | ---- | M] (Acronis) -- C:\Program Files\Common Files\Acronis\CDP\afcdpsrv.exe

PRC - [2011/02/04 12:08:57 | 000,135,336 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe

PRC - [2011/02/04 12:08:48 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe

PRC - [2011/02/01 22:11:26 | 000,804,928 | ---- | M] (Acronis) -- C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe

PRC - [2010/11/09 22:08:58 | 000,146,000 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE

PRC - [2010/11/05 23:54:22 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

PRC - [2010/11/02 13:29:46 | 000,936,208 | ---- | M] (Intel® Corporation) -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe

PRC - [2010/11/02 13:15:50 | 000,477,456 | ---- | M] (Intel® Corporation) -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe

PRC - [2010/10/29 01:32:48 | 001,352,272 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Logitech\SetPointP\SetPoint.exe

PRC - [2010/09/30 17:17:38 | 000,743,232 | ---- | M] (TuneUp Software) -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe

PRC - [2010/09/30 17:15:52 | 001,051,968 | ---- | M] (TuneUp Software) -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe

PRC - [2010/08/16 01:52:57 | 000,208,896 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Users\Alain\AppData\Local\Temp\RtkBtMnt.exe

PRC - [2010/01/14 21:11:14 | 000,076,968 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe

PRC - [2009/04/11 08:28:15 | 000,117,248 | ---- | M] () -- \\?\C:\Windows\System32\wbem\WMIADAP.EXE

PRC - [2009/04/11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe

PRC - [2009/03/05 16:07:20 | 002,260,480 | RHS- | M] (Safer-Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe

PRC - [2009/01/26 15:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe

PRC - [2008/01/19 09:38:38 | 001,008,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe

PRC - [2007/09/04 12:39:00 | 004,702,208 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe

PRC - [2007/07/03 10:40:10 | 000,053,248 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe

PRC - [2007/06/28 18:50:52 | 000,024,576 | ---- | M] () -- C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe

PRC - [2007/06/13 11:23:54 | 000,167,936 | ---- | M] (acer) -- C:\Acer\Empowering Technology\ePower\ePowerSvc.exe

PRC - [2006/11/24 12:57:54 | 000,107,008 | ---- | M] () -- C:\Acer\Mobility Center\MobilityService.exe

 

 

========== Modules (SafeList) ==========

 

MOD - [2011/04/26 10:42:42 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Alain\Downloads\OTL.exe

MOD - [2010/08/31 17:43:52 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll

 

 

========== Win32 Services (SafeList) ==========

 

SRV - [2011/04/12 10:11:26 | 000,311,744 | ---- | M] (CybelSoft) [On_Demand | Stopped] -- C:\Program Files\ma-config.com\maconfservice.exe -- (maconfservice)

SRV - [2011/04/09 07:40:20 | 000,269,480 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)

SRV - [2011/04/08 07:14:00 | 002,218,600 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService)

SRV - [2011/03/27 00:39:34 | 003,246,040 | ---- | M] (Acronis) [Auto | Running] -- C:\Program Files\Common Files\Acronis\CDP\afcdpsrv.exe -- (afcdpsrv)

SRV - [2011/03/26 21:53:39 | 000,435,008 | ---- | M] (TuneUp Software) [On_Demand | Stopped] -- C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe -- (TuneUp.Defrag)

SRV - [2011/02/04 12:08:57 | 000,135,336 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)

SRV - [2011/02/01 22:11:26 | 000,804,928 | ---- | M] (Acronis) [Auto | Running] -- C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe -- (AcrSch2Svc)

SRV - [2010/11/05 23:54:22 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc) Intel®

SRV - [2010/11/02 13:29:46 | 000,936,208 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng) Intel®

SRV - [2010/11/02 13:15:50 | 000,477,456 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc) Intel®

SRV - [2010/10/28 12:13:30 | 000,293,456 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe -- (LBTServ)

SRV - [2010/09/30 17:15:52 | 001,051,968 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe -- (TuneUp.UtilitiesSvc)

SRV - [2010/09/30 17:12:44 | 000,030,016 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\System32\uxtuneup.dll -- (UxTuneUp)

SRV - [2010/03/25 11:25:22 | 030,969,208 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE -- (Microsoft SharePoint Workspace Audit Service)

SRV - [2009/01/26 15:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) [Auto | Running] -- C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe -- (SBSDWSCService)

SRV - [2008/01/19 09:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)

SRV - [2007/07/03 10:40:10 | 000,053,248 | ---- | M] (Acer Inc.) [Auto | Running] -- C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe -- (eRecoveryService)

SRV - [2007/06/28 18:50:52 | 000,024,576 | ---- | M] () [Auto | Running] -- C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe -- (eSettingsService)

SRV - [2007/06/13 16:54:36 | 000,135,168 | R--- | M] (Acer Inc.) [Disabled | Stopped] -- C:\Acer\Empowering Technology\eNet\eNet Service.exe -- (eNet Service)

SRV - [2007/06/13 11:23:54 | 000,167,936 | ---- | M] (acer) [Auto | Running] -- C:\Acer\Empowering Technology\ePower\ePowerSvc.exe -- (WMIService)

SRV - [2007/04/25 16:34:30 | 000,457,512 | ---- | M] (HiTRSUT) [Disabled | Stopped] -- C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe -- (eDataSecurity Service)

SRV - [2007/04/23 09:53:48 | 000,024,576 | ---- | M] (Acer Inc.) [Disabled | Stopped] -- C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe -- (eLockService)

SRV - [2006/11/24 12:57:54 | 000,107,008 | ---- | M] () [Auto | Running] -- C:\Acer\Mobility Center\MobilityService.exe -- (MobilityService)

 

 

========== Driver Services (SafeList) ==========

 

DRV - [2011/04/09 07:40:20 | 000,137,656 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)

DRV - [2011/04/08 07:14:00 | 010,690,024 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)

DRV - [2011/03/27 00:39:35 | 000,167,968 | ---- | M] (Acronis) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\afcdp.sys -- (afcdp)

DRV - [2011/03/27 00:39:29 | 000,752,128 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\tdrpm273.sys -- (tdrpman273) Acronis Try&Decide and Restore Points filter (build 273)

DRV - [2011/03/27 00:39:28 | 000,600,928 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\timntr.sys -- (timounter)

DRV - [2011/03/27 00:39:23 | 000,170,528 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\snapman.sys -- (snapman)

DRV - [2011/02/04 12:09:08 | 000,061,960 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)

DRV - [2010/10/07 04:11:38 | 006,639,616 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NETwLv32.sys -- (NETwLv32) Pilote de carte de la série Intel®

DRV - [2010/08/30 12:19:54 | 000,014,336 | ---- | M] (CybelSoft) [Kernel | On_Demand | Stopped] -- C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys -- (driverhardwarev2)

DRV - [2010/08/24 19:31:18 | 000,028,624 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LUsbFilt.sys -- (LUsbFilt)

DRV - [2010/08/24 19:31:02 | 000,037,328 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LMouFilt.Sys -- (LMouFilt)

DRV - [2010/08/24 19:30:52 | 000,038,864 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LHidFilt.Sys -- (LHidFilt)

DRV - [2010/06/17 14:28:02 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)

DRV - [2010/05/10 20:41:30 | 000,067,656 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)

DRV - [2010/02/25 11:18:08 | 000,010,064 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys -- (TuneUpUtilitiesDrv)

DRV - [2010/02/17 20:25:48 | 000,012,872 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS -- (SASDIFSV)

DRV - [2009/02/13 12:34:33 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys -- (avgio)

DRV - [2008/11/17 07:40:22 | 003,668,480 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NETw5v32.sys -- (NETw5v32) Intel®

DRV - [2007/06/26 09:33:00 | 000,008,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)

DRV - [2007/06/12 10:38:26 | 001,729,152 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\snp2uvc.sys -- (SNP2UVC) USB2.0 PC Camera (SNP2UVC)

DRV - [2007/04/19 09:09:00 | 000,043,008 | ---- | M] (Winbond Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\winbondcir.sys -- (winbondcir)

DRV - [2007/03/21 22:02:04 | 000,037,376 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rixdptsk.sys -- (rismxdp)

DRV - [2007/02/25 00:14:00 | 002,216,448 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NETw4v32.sys -- (NETw4v32) Pilote de carte Intel®

DRV - [2007/02/24 14:42:22 | 000,039,936 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimmptsk.sys -- (rimmptsk)

DRV - [2007/01/23 16:40:20 | 000,042,496 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimsptsk.sys -- (rimsptsk)

DRV - [2006/12/07 18:12:02 | 000,076,584 | ---- | M] () [Kernel | Auto | Running] -- C:\Acer\Empowering Technology\eRecovery\int15.sys -- (int15)

DRV - [2006/11/02 16:51:58 | 000,013,560 | ---- | M] (Cyberlink Corp.) [Kernel | Auto | Running] -- C:\Program Files\Acer Arcade Deluxe\Play Movie\000.fcl -- ({49DE1C67-83F8-4102-99E0-C16DCC7EEC796})

 

 

========== Standard Registry (SafeList) ==========

 

 

========== Internet Explorer ==========

 

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = Yahoo! France

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Yahoo! France

 

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SEARCH PAGE = Yahoo! France

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Yahoo! Search

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = {searchTerms} - Yahoo! Search Results

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Google

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = MSN : Hotmail, Messenger, Bing, Actualité et Sport

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = fr

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 7C E8 E0 ED 25 03 CC 01 [binary data]

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1

IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Reg Error: Key error. File not found

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

========== FireFox ==========

 

FF - prefs.js..browser.startup.homepage: "http://www.google.fr/"

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21

FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.6

FF - prefs.js..extensions.enabledItems: toolbar@ask.com:3.8.0.99999

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24

FF - prefs.js..extensions.enabledItems: web2pdfextension@web2pdf.adobedotcom:1.0

FF - prefs.js..extensions.enabledItems: newtaburl@sogame.cat:2.2.2

FF - prefs.js..network.proxy.type: 0

 

 

FF - HKLM\software\mozilla\Firefox\Extensions\\web2pdfextension@web2pdf.adobedotcom: C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2011/04/04 21:24:17 | 000,000,000 | ---D | M]

FF - HKLM\software\mozilla\Mozilla Firefox 4.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/04/21 01:20:33 | 000,000,000 | ---D | M]

FF - HKLM\software\mozilla\Mozilla Firefox 4.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/04/25 15:40:15 | 000,000,000 | ---D | M]

 

[2010/08/16 03:25:53 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Alain\AppData\Roaming\mozilla\Extensions

[2011/04/21 01:23:36 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Alain\AppData\Roaming\mozilla\Firefox\Profiles\rk3qiajc.default\extensions

[2011/04/20 22:45:47 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\Alain\AppData\Roaming\mozilla\Firefox\Profiles\rk3qiajc.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}

[2011/04/20 12:07:54 | 000,000,000 | ---D | M] (NewTabURL) -- C:\Users\Alain\AppData\Roaming\mozilla\Firefox\Profiles\rk3qiajc.default\extensions\newtaburl@sogame.cat

[2011/03/27 21:38:37 | 000,000,000 | ---D | M] ("Foxit Toolbar") -- C:\Users\Alain\AppData\Roaming\mozilla\Firefox\Profiles\rk3qiajc.default\extensions\toolbar@ask.com

[2011/04/21 00:34:39 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\mozilla firefox\extensions

[2010/08/16 15:25:51 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}

[2011/03/28 10:07:54 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}

File not found (No name found) --

[2011/04/21 01:20:18 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll

[2011/02/02 21:40:24 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll

[2010/08/16 12:09:49 | 000,075,208 | ---- | M] (Foxit Software Company) -- C:\Program Files\mozilla firefox\plugins\npFoxitReaderPlugin.dll

[2011/04/21 01:20:21 | 000,001,516 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-france.xml

[2011/04/21 01:20:21 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml

[2011/04/21 01:20:21 | 000,001,822 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\cnrtl-tlfi-fr.xml

[2011/04/21 01:20:22 | 000,001,154 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-france.xml

[2011/04/21 01:20:22 | 000,001,426 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-fr.xml

[2011/04/21 01:20:22 | 000,000,956 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-france.xml

 

Hosts file not found

O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll (Safer Networking Limited)

O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL (Microsoft Corporation)

O2 - BHO: (ShowBarObj Class) - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Windows\System32\ActiveToolBand.dll (HiTRUST)

O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL (Microsoft Corporation)

O2 - BHO: (Foxit PDF Creator Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)

O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

O3 - HKLM\..\Toolbar: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\System32\eDStoolbar.dll (HiTRUST)

O3 - HKLM\..\Toolbar: (Foxit PDF Creator Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)

O3 - HKCU\..\Toolbar\ShellBrowser: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477E-A7DD-396DB0476E29} - C:\Windows\System32\eDStoolbar.dll (HiTRUST)

O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

O3 - HKCU\..\Toolbar\WebBrowser: (Foxit PDF Creator Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)

O4 - HKLM..\Run: [] File not found

O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)

O4 - HKLM..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.)

O4 - HKLM..\Run: [PLFSet] C:\Windows\PLFSet.dll ( )

O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)

O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)

O4 - HKCU..\Run: [Mmm] C:\Program Files\HACE\Mmm\Mmm.exe ()

O4 - HKCU..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 3

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 3

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0

O8 - Extra context menu item: Ajouter à un fichier PDF existant - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

O8 - Extra context menu item: Ajouter la cible du lien à un fichier PDF existant - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

O8 - Extra context menu item: Convertir au format Adobe PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

O8 - Extra context menu item: Convertir la cible du lien au format Adobe PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

O9 - Extra Button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)

O9 - Extra 'Tools' menuitem : &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)

O9 - Extra Button: Notes &liées OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)

O9 - Extra 'Tools' menuitem : Notes &liées OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)

O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll (Safer Networking Limited)

O13 - gopher Prefix: missing

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)

O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 89.2.0.1 89.2.0.2

O18 - Protocol\Handler\belarc {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files\Belarc\Advisor\System\BAVoilaX.dll (Belarc, Inc.)

O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)

O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img8.jpg

O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img8.jpg

O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL (Microsoft Corporation)

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2006/09/18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]

O34 - HKLM BootExecute: (autocheck autochk *) - File not found

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

 

NetSvcs: UxTuneUp - C:\Windows\System32\uxtuneup.dll (TuneUp Software)

NetSvcs: FastUserSwitchingCompatibility - File not found

NetSvcs: Ias - File not found

NetSvcs: Nla - File not found

NetSvcs: Ntmssvc - File not found

NetSvcs: NWCWorkstation - File not found

NetSvcs: Nwsapagent - File not found

NetSvcs: SRService - File not found

NetSvcs: WmdmPmSp - File not found

NetSvcs: LogonHours - File not found

NetSvcs: PCAudit - File not found

NetSvcs: helpsvc - File not found

NetSvcs: uploadmgr - File not found

 

Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)

Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)

Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)

 

CREATERESTOREPOINT

Error creating restore point.

PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

 

=====> à suivre

A plus tard, Bacter

[Bacter]

re-re bonjour lance-yien,

Mon hypothèse devait être bonne : message trop long !

Voici la suite du rapport (deuxième partie),

=====================

rapport OTL.txt

============> deuxième partie

========== Files/Folders - Created Within 30 Days ==========

 

[2011/04/25 23:10:33 | 000,000,000 | ---D | C] -- C:\Users\Alain\Documents\(Pc-de-alain)_fichiers

[2011/04/24 21:30:48 | 000,000,000 | ---D | C] -- C:\Windows\Minidump

[2011/04/24 21:19:46 | 000,000,000 | ---D | C] -- C:\Users\Alain\AppData\Roaming\GetRightToGo

[2011/04/24 21:19:46 | 000,000,000 | ---D | C] -- C:\Users\Alain\Documents\Downloads

[2011/04/21 09:58:31 | 000,000,000 | ---D | C] -- C:\Users\Alain\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PNotes

[2011/04/21 09:58:31 | 000,000,000 | ---D | C] -- C:\PNotes

[2011/04/21 01:46:34 | 000,000,000 | ---D | C] -- C:\Program Files\Ord-ixSofts

[2011/04/21 00:43:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN

[2011/04/21 00:41:31 | 000,000,000 | ---D | C] -- C:\Users\Alain\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Notepad++

[2011/04/20 22:45:53 | 000,000,000 | ---D | C] -- C:\Users\Alain\AppData\Roaming\HPAppData

[2011/04/20 21:32:13 | 000,000,000 | ---D | C] -- C:\Users\Alain\AppData\Roaming\Google Talk

[2011/04/20 12:50:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Directory Lister Pro

[2011/04/20 12:50:02 | 000,000,000 | ---D | C] -- C:\Program Files\Directory Lister Pro

[2011/04/20 12:34:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Media Get LLC

[2011/04/20 12:31:11 | 000,000,000 | ---D | C] -- C:\Users\Alain\AppData\Roaming\KRKsoft

[2011/04/20 12:21:55 | 000,000,000 | ---D | C] -- C:\Users\Alain\AppData\Roaming\OfferBox

[2011/04/20 12:21:35 | 000,000,000 | ---D | C] -- C:\Users\Alain\AppData\Local\MediaGet2

[2011/04/20 05:35:15 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll

[2011/04/20 05:35:15 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll

[2011/04/20 05:35:14 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll

[2011/04/20 05:35:14 | 000,162,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll

[2011/04/20 05:35:14 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll

[2011/04/20 05:35:14 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SetIEInstalledDate.exe

[2011/04/20 05:35:14 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe

[2011/04/20 05:35:14 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtmler.dll

[2011/04/20 05:35:13 | 003,695,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat

[2011/04/20 05:35:13 | 001,427,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl

[2011/04/20 05:35:13 | 000,434,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll

[2011/04/20 05:35:13 | 000,367,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec

[2011/04/20 05:35:13 | 000,353,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll

[2011/04/20 05:35:13 | 000,353,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll

[2011/04/20 05:35:13 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll

[2011/04/20 05:35:13 | 000,223,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll

[2011/04/20 05:35:13 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll

[2011/04/20 05:35:13 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe

[2011/04/20 05:35:13 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll

[2011/04/20 05:35:13 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll

[2011/04/20 05:35:12 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb

[2011/04/20 05:35:12 | 000,580,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll

[2011/04/20 05:35:12 | 000,420,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vbscript.dll

[2011/04/20 05:35:12 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wextract.exe

[2011/04/20 05:35:12 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iexpress.exe

[2011/04/20 05:35:12 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe

[2011/04/20 05:35:12 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inseng.dll

[2011/04/20 05:35:11 | 001,797,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll

[2011/04/20 05:35:11 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll

[2011/04/20 05:35:11 | 000,227,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll

[2011/04/20 05:35:11 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakui.dll

[2011/04/20 05:35:11 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakeng.dll

[2011/04/20 05:35:11 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll

[2011/04/20 05:35:11 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IEAdvpack.dll

[2011/04/20 05:35:11 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\admparse.dll

[2011/04/20 05:35:11 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pngfilt.dll

[2011/04/20 05:35:11 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll

[2011/04/20 05:35:11 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imgutil.dll

[2011/04/20 05:35:11 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe

[2011/04/20 05:24:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Intel

[2011/04/20 05:23:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel PROSet Wireless

[2011/04/20 05:23:27 | 000,000,000 | ---D | C] -- C:\Program Files\Cisco

[2011/04/20 05:23:23 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Intel

[2011/04/20 05:22:49 | 000,000,000 | ---D | C] -- C:\Users\Alain\AppData\Roaming\Intel

[2011/04/20 05:18:06 | 000,000,000 | ---D | C] -- C:\Users\Alain\AppData\Roaming\Intel Corporation

[2011/04/20 05:13:30 | 000,000,000 | ---D | C] -- C:\Users\Alain\AppData\Roaming\Leadertech

[2011/04/20 05:13:17 | 000,016,400 | ---- | C] (Logitech, Inc.) -- C:\Windows\System32\drivers\LNonPnP.sys

[2011/04/20 05:12:47 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\LogiShrd

[2011/04/20 05:12:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech

[2011/04/20 05:12:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Logishrd

[2011/04/20 05:12:34 | 000,000,000 | ---D | C] -- C:\Program Files\Logitech

[2011/04/20 05:12:27 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Logishrd

[2011/04/20 05:11:56 | 000,000,000 | ---D | C] -- C:\Users\Alain\AppData\Roaming\Logitech

[2011/04/20 05:11:56 | 000,000,000 | ---D | C] -- C:\Users\Alain\AppData\Roaming\Logishrd

[2011/04/20 05:08:59 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel

[2011/04/20 05:05:40 | 000,053,248 | ---- | C] (Windows XP Bundled build C-Centric Single User) -- C:\Windows\System32\CSVer.dll

[2011/04/20 05:00:45 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA

[2011/04/20 04:59:00 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation

[2011/04/20 04:58:03 | 015,227,496 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvoglv32.dll

[2011/04/20 04:58:03 | 006,299,752 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvwgf2um.dll

[2011/04/20 04:58:03 | 000,057,960 | ---- | C] (Khronos Group) -- C:\Windows\System32\OpenCL.dll

[2011/04/20 04:58:02 | 010,690,024 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\drivers\nvlddmkm.sys

[2011/04/20 04:58:02 | 005,180,824 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcuda.dll

[2011/04/20 04:58:02 | 002,765,928 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcuvid.dll

[2011/04/20 04:58:02 | 002,074,216 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcuvenc.dll

[2011/04/20 04:58:02 | 000,944,232 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvdispco3220140.dll

[2011/04/20 04:58:02 | 000,855,656 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvgenco322060.dll

[2011/04/20 04:58:00 | 013,007,464 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcompiler.dll

[2011/04/20 04:58:00 | 000,010,920 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\drivers\nvBridge.kmd

[2011/04/20 04:57:36 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation

[2011/04/20 04:53:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ma-config.com

[2011/04/20 04:53:57 | 000,000,000 | ---D | C] -- C:\ProgramData\ma-config.com

[2011/04/20 04:53:57 | 000,000,000 | ---D | C] -- C:\Program Files\ma-config.com

[2011/04/20 04:49:33 | 000,000,000 | ---D | C] -- C:\Users\Alain\AppData\Roaming\JAM Software

[2011/04/20 04:49:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TreeSize Free

[2011/04/20 04:49:30 | 000,000,000 | ---D | C] -- C:\Program Files\JAM Software

[2011/04/17 21:45:05 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ResearchSoft

[2011/04/17 21:44:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EndNote

[2011/04/17 21:43:23 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Wise Installation Wizard

[2011/04/14 15:00:29 | 000,000,000 | ---D | C] -- C:\Users\Alain\Documents\Mes numérisations

[2011/04/14 00:08:54 | 000,292,864 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll

[2011/04/14 00:08:54 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll

[2011/04/14 00:08:43 | 001,162,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc42u.dll

[2011/04/14 00:08:42 | 001,136,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc42.dll

[2011/04/14 00:08:40 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dnscacheugc.exe

[2011/04/14 00:08:39 | 002,041,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys

[2011/04/11 11:07:13 | 000,000,000 | ---D | C] -- C:\Users\Alain\AppData\Roaming\HpUpdate

[2011/04/11 11:07:10 | 000,000,000 | ---D | C] -- C:\Windows\Hewlett-Packard

[2011/04/08 23:35:27 | 000,000,000 | ---D | C] -- C:\Users\Alain\AppData\Local\Apps

[2011/04/08 21:06:18 | 000,000,000 | ---D | C] -- C:\Users\Alain\AppData\Roaming\PhotoFiltre Studio X

[2011/04/08 21:06:15 | 000,000,000 | ---D | C] -- C:\Users\Alain\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PhotoFiltre Studio X

[2011/04/08 21:06:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PhotoFiltre Studio X

[2011/04/08 21:06:12 | 000,000,000 | ---D | C] -- C:\Program Files\PhotoFiltre Studio X

[2011/04/08 15:58:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\La boite a couleurs

[2011/04/08 15:58:02 | 000,000,000 | ---D | C] -- C:\Program Files\LaBoiteACouleurs

[2011/04/08 10:53:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Quick Menu Builder

[2011/04/08 10:53:31 | 000,000,000 | ---D | C] -- C:\Program Files\Mattgo27 Apps

[2011/04/07 22:43:36 | 000,580,200 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\easyUpdatusAPIU.dll

[2011/04/07 22:43:34 | 002,582,120 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvsvcr.dll

[2011/04/07 22:43:34 | 000,293,992 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvhotkey.dll

[2011/04/07 22:43:34 | 000,111,208 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvmctray.dll

[2011/04/07 22:43:34 | 000,066,664 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvshext.dll

[2011/04/07 22:43:20 | 003,701,352 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcpl.dll

[2011/04/07 22:43:04 | 002,565,224 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvsvc.dll

[2011/04/04 23:29:37 | 000,000,000 | ---D | C] -- C:\Users\Alain\Desktop\PDF

[2011/04/04 23:10:44 | 000,000,000 | ---D | C] -- C:\Users\Alain\AppData\Roaming\Avira

[2011/04/04 22:32:56 | 000,000,000 | ---D | C] -- C:\Users\Alain\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mmm

[2011/04/04 22:32:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mmm

[2011/04/04 22:32:55 | 000,000,000 | ---D | C] -- C:\Program Files\HACE

[2011/04/04 21:27:00 | 000,000,000 | ---D | C] -- C:\ProgramData\regid.1986-12.com.adobe

[2011/04/04 21:24:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe LiveCycle ES2

[2011/04/04 21:17:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Google

[2011/04/04 20:56:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator

[2011/04/04 20:56:38 | 000,662,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSCOMCT2.OCX

[2011/04/04 20:56:38 | 000,137,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSMAPI32.OCX

[2011/04/04 20:56:36 | 000,141,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSCMCFR.DLL

[2011/04/04 20:56:36 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSCC2FR.DLL

[2011/04/04 20:56:36 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSMPIDE.DLL

[2011/04/04 20:56:36 | 000,000,000 | ---D | C] -- C:\Program Files\PDFCreator

[2011/04/04 18:12:47 | 000,000,000 | ---D | C] -- C:\Users\Alain\AppData\Local\Google

[2011/04/04 18:12:47 | 000,000,000 | ---D | C] -- C:\Program Files\Google

[2011/04/04 17:39:43 | 000,000,000 | ---D | C] -- C:\Users\Alain\AppData\Roaming\ArcSoft

[2011/04/04 17:39:37 | 000,000,000 | ---D | C] -- C:\Users\Alain\AppData\Roaming\HP SimpleSave Application

[2011/04/01 01:50:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vidal

[2011/04/01 01:49:13 | 000,000,000 | ---D | C] -- C:\Program Files\Vidal

[2011/03/28 10:07:49 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe

[2011/03/28 10:07:49 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe

[2011/03/28 10:07:49 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe

[2010/08/18 23:01:40 | 001,599,442 | ---- | C] (Funduc Software Inc. ) -- C:\Users\Alain\AppData\Roaming\file_3.exe

[2010/08/16 02:45:16 | 000,016,384 | ---- | C] ( ) -- C:\Windows\System32\ClearEvent.exe

[2010/08/16 01:40:22 | 000,172,032 | ---- | C] ( ) -- C:\Windows\System32\rsnp2uvc.dll

[2010/08/16 01:40:22 | 000,053,248 | ---- | C] ( ) -- C:\Windows\System32\csnp2uvc.dll

[2007/08/14 18:33:45 | 000,045,056 | ---- | C] ( ) -- C:\Windows\PLFSet.dll

[2007/08/14 10:56:52 | 000,053,248 | ---- | C] ( ) -- C:\Windows\System32\Interop.Shell32.dll

[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

 

========> à suivre

Bon courage, et à plus tard, Bacter

[Bacter]

En espérant ne pas avoir fait d'erreur(s), voici la suite du rapport (troisième partie),

=====================

rapport OTL.txt

============> troisième partie

========== Files - Modified Within 30 Days ==========

 

[2011/04/26 10:51:06 | 000,681,798 | ---- | M] () -- C:\Windows\System32\perfh00C.dat

[2011/04/26 10:51:06 | 000,598,900 | ---- | M] () -- C:\Windows\System32\perfh009.dat

[2011/04/26 10:51:06 | 000,127,504 | ---- | M] () -- C:\Windows\System32\perfc00C.dat

[2011/04/26 10:51:06 | 000,104,914 | ---- | M] () -- C:\Windows\System32\perfc009.dat

[2011/04/26 10:49:53 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin

[2011/04/26 10:42:56 | 000,000,814 | ---- | M] () -- C:\Users\Alain\Desktop\OTL.lnk

[2011/04/26 10:41:55 | 000,002,397 | ---- | M] () -- C:\Users\Alain\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Outlook 2010.lnk

[2011/04/26 10:41:51 | 000,003,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0

[2011/04/26 10:41:51 | 000,003,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0

[2011/04/26 10:09:40 | 000,002,627 | ---- | M] () -- C:\Users\Alain\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft PowerPoint 2010.lnk

[2011/04/26 10:00:19 | 000,000,312 | ---- | M] () -- C:\Windows\tasks\GlaryInitialize.job

[2011/04/26 09:54:03 | 000,002,772 | ---- | M] () -- C:\Users\Public\Documents\DME-SETTINGS.xml

[2011/04/26 09:54:03 | 000,000,300 | ---- | M] () -- C:\Windows\tasks\DMEPeriodicTask.job

[2011/04/26 09:51:29 | 000,002,697 | ---- | M] () -- C:\Users\Alain\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Word 2010.lnk

[2011/04/26 08:48:37 | 000,002,341 | ---- | M] () -- C:\Users\Alain\Application Data\Microsoft\Internet Explorer\Quick Launch\EndNote X4.lnk

[2011/04/26 08:41:37 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat

[2011/04/26 08:41:23 | 137,584,089 | ---- | M] () -- C:\Windows\MEMORY.DMP

[2011/04/25 23:10:33 | 000,239,116 | ---- | M] () -- C:\Users\Alain\Documents\(Pc-de-alain).html

[2011/04/25 21:29:19 | 000,002,317 | ---- | M] () -- C:\Users\Alain\Desktop\EndNote X4.lnk

[2011/04/25 20:50:00 | 004,612,608 | ---- | M] () -- C:\Users\Alain\Documents\166490_MESSAGER.PPS

[2011/04/25 19:30:43 | 000,000,910 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk

[2011/04/25 19:28:42 | 000,000,915 | ---- | M] () -- C:\Users\Alain\Desktop\mbam-setup-1.50.1.1100.lnk

[2011/04/25 19:28:36 | 000,000,870 | ---- | M] () -- C:\Users\Alain\Desktop\SecurityCheck.lnk

[2011/04/25 16:09:15 | 000,008,798 | ---- | M] () -- C:\Windows\System32\icrav03.rat

[2011/04/25 16:09:15 | 000,001,988 | ---- | M] () -- C:\Windows\System32\ticrf.rat

[2011/04/25 16:07:08 | 000,000,947 | ---- | M] () -- C:\Users\Alain\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk

[2011/04/24 23:43:36 | 000,018,098 | ---- | M] () -- C:\Users\Alain\Documents\cc_20110424_234332.reg

[2011/04/24 19:05:21 | 000,001,049 | ---- | M] () -- C:\Users\Alain\Desktop\Menu workshop.lnk

[2011/04/23 20:51:45 | 018,273,103 | ---- | M] () -- C:\Users\Alain\Documents\Revue de Presse du LIEN.pdf

[2011/04/22 22:58:25 | 000,241,359 | ---- | M] () -- C:\Users\Alain\Documents\Air France Malaga.pdf

[2011/04/22 11:58:24 | 001,351,214 | ---- | M] () -- C:\Users\Alain\Documents\Prilepin_Black Monkey.pdf

[2011/04/21 01:44:08 | 000,019,456 | ---- | M] () -- C:\Users\Alain\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2011/04/20 22:57:20 | 000,023,812 | ---- | M] () -- C:\Windows\hpqins15.dat

[2011/04/20 22:50:47 | 000,023,430 | ---- | M] () -- C:\Windows\hpqins15.dat.temp

[2011/04/20 22:28:37 | 000,072,789 | ---- | M] () -- C:\Users\Alain\Documents\Belarc Advisor Current Profile.pdf

[2011/04/20 22:04:48 | 000,004,226 | ---- | M] () -- C:\Users\Alain\Documents\cc_20110420_220444.reg

[2011/04/20 15:32:21 | 000,000,643 | ---- | M] () -- C:\Users\Alain\Desktop\TeamViewer.lnk

[2011/04/20 12:00:25 | 000,001,848 | ---- | M] () -- C:\Users\Alain\Desktop\ARTICLE Phagothérapie pour IBS Marc Bogard.lnk

[2011/04/20 05:35:15 | 000,161,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll

[2011/04/20 05:35:15 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll

[2011/04/20 05:35:14 | 000,176,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll

[2011/04/20 05:35:14 | 000,162,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll

[2011/04/20 05:35:14 | 000,086,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll

[2011/04/20 05:35:14 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SetIEInstalledDate.exe

[2011/04/20 05:35:14 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe

[2011/04/20 05:35:14 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtmler.dll

[2011/04/20 05:35:13 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat

[2011/04/20 05:35:13 | 001,427,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl

[2011/04/20 05:35:13 | 000,434,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll

[2011/04/20 05:35:13 | 000,367,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\html.iec

[2011/04/20 05:35:13 | 000,353,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll

[2011/04/20 05:35:13 | 000,353,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll

[2011/04/20 05:35:13 | 000,231,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\url.dll

[2011/04/20 05:35:13 | 000,223,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll

[2011/04/20 05:35:13 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll

[2011/04/20 05:35:13 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe

[2011/04/20 05:35:13 | 000,072,822 | ---- | M] () -- C:\Windows\System32\ieuinit.inf

[2011/04/20 05:35:13 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll

[2011/04/20 05:35:13 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll

[2011/04/20 05:35:12 | 002,382,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb

[2011/04/20 05:35:12 | 000,580,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll

[2011/04/20 05:35:12 | 000,420,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\vbscript.dll

[2011/04/20 05:35:12 | 000,152,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wextract.exe

[2011/04/20 05:35:12 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iexpress.exe

[2011/04/20 05:35:12 | 000,142,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe

[2011/04/20 05:35:12 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\inseng.dll

[2011/04/20 05:35:11 | 001,797,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll

[2011/04/20 05:35:11 | 000,716,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll

[2011/04/20 05:35:11 | 000,227,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll

[2011/04/20 05:35:11 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieakui.dll

[2011/04/20 05:35:11 | 000,130,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieakeng.dll

[2011/04/20 05:35:11 | 000,118,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll

[2011/04/20 05:35:11 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\IEAdvpack.dll

[2011/04/20 05:35:11 | 000,101,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\admparse.dll

[2011/04/20 05:35:11 | 000,054,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\pngfilt.dll

[2011/04/20 05:35:11 | 000,041,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll

[2011/04/20 05:35:11 | 000,035,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\imgutil.dll

[2011/04/20 05:35:11 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe

[2011/04/20 05:13:17 | 000,016,400 | ---- | M] (Logitech, Inc.) -- C:\Windows\System32\drivers\LNonPnP.sys

[2011/04/20 04:48:18 | 000,027,335 | ---- | M] () -- C:\Users\Alain\AppData\Roaming\nvModes.001

[2011/04/17 14:47:55 | 000,000,698 | ---- | M] () -- C:\Users\Alain\Desktop\CD en cours dernière version.lnk

[2011/04/14 08:20:09 | 000,383,464 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT

[2011/04/09 07:40:20 | 000,137,656 | ---- | M] (Avira GmbH) -- C:\Windows\System32\drivers\avipbb.sys

[2011/04/08 10:53:32 | 000,001,017 | ---- | M] () -- C:\Users\Alain\Desktop\Quick Menu Builder.lnk

[2011/04/08 07:14:00 | 015,227,496 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvoglv32.dll

[2011/04/08 07:14:00 | 013,007,464 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvcompiler.dll

[2011/04/08 07:14:00 | 010,690,024 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\drivers\nvlddmkm.sys

[2011/04/08 07:14:00 | 010,071,656 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvd3dum.dll

[2011/04/08 07:14:00 | 006,299,752 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvwgf2um.dll

[2011/04/08 07:14:00 | 005,180,824 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvcuda.dll

[2011/04/08 07:14:00 | 002,765,928 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvcuvid.dll

[2011/04/08 07:14:00 | 002,074,216 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvcuvenc.dll

[2011/04/08 07:14:00 | 002,034,280 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvapi.dll

[2011/04/08 07:14:00 | 000,944,232 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvdispco3220140.dll

[2011/04/08 07:14:00 | 000,855,656 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvgenco322060.dll

[2011/04/08 07:14:00 | 000,057,960 | ---- | M] (Khronos Group) -- C:\Windows\System32\OpenCL.dll

[2011/04/08 07:14:00 | 000,010,920 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\drivers\nvBridge.kmd

[2011/04/08 07:14:00 | 000,004,755 | ---- | M] () -- C:\Windows\System32\nvinfo.pb

[2011/04/07 22:43:36 | 000,580,200 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\easyUpdatusAPIU.dll

[2011/04/07 22:43:34 | 002,582,120 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvsvcr.dll

[2011/04/07 22:43:34 | 000,293,992 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvhotkey.dll

[2011/04/07 22:43:34 | 000,111,208 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvmctray.dll

[2011/04/07 22:43:34 | 000,066,664 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvshext.dll

[2011/04/07 22:43:20 | 003,701,352 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvcpl.dll

[2011/04/07 22:43:04 | 002,565,224 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvsvc.dll

[2011/04/04 18:14:42 | 000,000,680 | ---- | M] () -- C:\Users\Alain\AppData\Local\d3d9caps.dat

[2011/04/04 07:22:14 | 000,004,096 | -H-- | M] () -- C:\Users\Alain\AppData\Local\keyfile3.drm

[2011/04/03 19:26:28 | 000,000,915 | ---- | M] () -- C:\Users\Alain\Application Data\Microsoft\Internet Explorer\Quick Launch\FileZilla.lnk

[2011/04/03 18:23:23 | 000,027,335 | ---- | M] () -- C:\Users\Alain\AppData\Roaming\nvModes.dat

[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

 

=========> à suivre !

! Bacter