Actualité informatique
Test comparatif matériel informatique
Jeux vidéo
Astuces informatique
Vidéo
Télécharger
Services en ligne
Forum informatique
01Business

|-  SECURITE


|||-  

mon pc mouline sant arret

 

51 utilisateurs inconnus
Ajouter une réponse
 

 
Page photos
 
     
Vider la liste des messages à citer
 
 Page :
1
Auteur
 Sujet :

mon pc mouline sant arret

Prévenir les modérateurs en cas d'abus 
laetis
laetis
Sur la bonne voie (de 100 à 499 messages postés)
  1. Posté le 21/08/2009 à 13:13:46  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
Bonjour

 Mon pc mouline sans arrêt et lorsque je lance antivir au bout de 30 minutes antivir continue de fonctionner mais plus aucun fichier n'est analysé.

 Pouvez vous m'aider SVP

 cordialement

 laetis

May CastleCops live forever in our memories.
curson
Débutant confirmé (de 1 000 à 4 999 messages postés)
  1. Posté le 21/08/2009 à 16:47:18  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
Bonsoir,

 Télécharge HiJackThis de Merijn sur ton bureau.

 - Double-clic sur HijackThis.
 - Génère un rapport en suivant ces indications :
 - Exécute le et clique sur Do a scan and save log file.
 - Le rapport s'ouvre sur le Bloc-Note.

 - Colle le rapport ici, pour cela :
 - Menu Edition / Selectionner Tout
 - Menu Edition / copier
 - Ici dans un nouveau message : clic droit / coller

 Aide : N'hésite pas à consulter l'aide HiJackThis.


 Cordialement.

(Publicité)
laetis
Sur la bonne voie (de 100 à 499 messages postés)
  1. Posté le 21/08/2009 à 23:49:22  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
bonsoir

 tout d'abord merci de prendre en compte ma demande  :super:
 par contre j'ai une ancienne version  d'hijackthis, est-ce que cela pose un problème?


 Logfile of Trend Micro HijackThis v2.0.2
 Scan saved at 10:14:55, on 03/03/2009
 Platform: Windows Vista SP1 (WinNT 6.00.1905)
 MSIE: Internet Explorer v7.00 (7.00.6001.18000)
 Boot mode: Normal

 Running processes:
 C:\Windows\system32\taskeng.ex​e
 C:\Windows\system32\Dwm.exe
 C:\Windows\Explorer.EXE
 C:\Windows\RtHDVCpl.exe
 C:\Windows\System32\SysMonitor​.exe
 C:\Acer\Empowering Technology\eDataSecurity\eDSlo​ader.exe
 C:\Program Files\OrangeHSS\Systray\Systra​yApp.exe
 C:\Program Files\Lexmark 3500-4500 Series\lxdimon.exe
 C:\Program Files\Lexmark 3500-4500 Series\lxdiamon.exe
 C:\Program Files\Java\jre6\bin\jusched.ex​e
 C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe
 C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.e​xe
 C:\Program Files\QuickTime\qttask.exe
 C:\Program Files\Hercules\Hercules DualPix HD Webcam\CamService.exe
 C:\Program Files\Windows Sidebar\sidebar.exe
 C:\Windows\ehome\ehtray.exe
 C:\Program Files\Windows Live\Messenger\msnmsgr.exe
 C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
 C:\Program Files\Warner\Christophe_Mae\Fa​nClubMae.exe
 C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\AlertModule\0\AlertMod​ule.exe
 C:\Program Files\OpenOffice.org 2.2\program\soffice.exe
 C:\Acer\Empowering Technology\ACER.EMPOWERING.FRA​MEWORK.SUPERVISOR.EXE
 C:\Program Files\OpenOffice.org 2.2\program\soffice.BIN
 C:\Windows\ehome\ehmsas.exe
 C:\Acer\Empowering Technology\eRecovery\ERAGENT.E​XE
 C:\Program Files\Google\GoogleToolbarNoti​fier\GoogleToolbarNotifier.exe
 C:\Program Files\OrangeHSS\connectivity\c​onnectivitymanager.exe
 C:\Program Files\OrangeHSS\Deskboard\desk​board.exe
 C:\Program Files\OrangeHSS\connectivity\C​oreCom\CoreCom.exe
 C:\Program Files\OrangeHSS\connectivity\C​oreCom\OraConfigRecover.exe
 C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTCOMModule\0\FTCOMMod​ule.exe
 C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
 C:\Windows\system32\conime.exe
 C:\Windows\system32\SearchFilt​erHost.exe
 C:\Program Files\Trend Micro\HijackThis\HijackThis.ex​e

 R0 - HKCU\Software\Microsoft\Intern​et Explorer\Toolbar,LinksFolderNa​me =
 R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A8​9362C85} - C:\Program Files\OrangeHSS\SearchURLHook\​SearchPageURL.dll
 O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695E​CA05670} - C:\Program Files\Yahoo!\Companion\Install​s\cpn\yt.dll
 O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7​D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\Ac​roIEHelper.dll
 O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7​942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
 O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF​1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
 O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5​E23E045} - (no file)
 O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-51647​60863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
 O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF105​77473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
 O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B​5AD205D} - C:\Program Files\Google\GoogleToolbarNoti​fier\5.0.926.3450\swg.dll
 O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B​4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
 O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02​E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_2​19B3E1547538286.dll
 O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C​1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
 O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-00902​71D4F88} - C:\Program Files\Yahoo!\Companion\Install​s\cpn\yt.dll
 O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB​0476E29} - C:\Windows\system32\eDStoolbar​.dll
 O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B​4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
 O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-00902​7A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
 O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
 O4 - HKLM\..\Run: [Acer Empowering Technology Monitor] C:\Windows\system32\SysMonitor​.exe
 O4 - HKLM\..\Run: [WarReg_PopUp] C:\Acer\WR_PopUp\WarReg_PopUp.​exe
 O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSlo​ader.exe
 O4 - HKLM\..\Run: [SystrayORAHSS] "C:\Program Files\OrangeHSS\Systray\Systra​yApp.exe"
 O4 - HKLM\..\Run: [lxdimon.exe] "C:\Program Files\Lexmark 3500-4500 Series\lxdimon.exe"
 O4 - HKLM\..\Run: [lxdiamon] "C:\Program Files\Lexmark 3500-4500 Series\lxdiamon.exe"
 O4 - HKLM\..\Run: [FaxCenterServer] "C:\Program Files\Lexmark Fax Solutions\fm3032.exe" /s
 O4 - HKLM\..\Run: [LXDICATS] rundll32 C:\Windows\system32\spool\DRIV​ERS\W32X86\3\LXDItime.dll,_Run​DLLEntry@16
 O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.ex​e"
 O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min
 O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.e​xe"
 O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
 O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
 O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
 O4 - HKLM\..\Run: [CamserviceHD] C:\Program Files\Hercules\Hercules DualPix HD Webcam\Camservice.exe /startup
 O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
 O4 - HKCU\..\Run: [?????????] ??????????????e
 O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
 O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
 O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNoti​fier\GoogleToolbarNotifier.exe
 O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
 O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
 O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
 O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
 O4 - Startup: Fan club Christophe Maé.lnk = C:\Program Files\Warner\Christophe_Mae\Fa​nClubMae.exe
 O4 - Startup: OpenOffice.org 2.2.lnk = C:\Program Files\OpenOffice.org 2.2\program\quickstart.exe
 O4 - Global Startup: Empowering Technology Launcher.lnk = ?
 O4 - Global Startup: Logiciel Kodak EasyShare.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
 O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
 O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB​36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
 O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB​36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
 O13 - Gopher Prefix:
 O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C​29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr [...] nicode.cab
 O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-98999​3B5D08B} - http://www.eset.eu/buxus/docs/OnlineScanner.cab
 O23 - Service: ePerformance Service (AcerMemUsageCheckService) - Unknown owner - C:\Acer\Empowering Technology\ePerformance\MemChe​ck.exe
 O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
 O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
 O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.e​xe
 O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
 O23 - Service: eDSService.exe (eDataSecurity Service) - HiTRSUT - C:\Acer\Empowering Technology\eDataSecurity\eDSSe​rvice.exe
 O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecovery​Service.exe
 O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
 O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.e​xe
 O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
 O23 - Service: lxdi_device -   - C:\Windows\system32\lxdicoms.e​xe
 O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
 O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe

 --
 End of file - 9463 bytes

May CastleCops live forever in our memories.
curson
Débutant confirmé (de 1 000 à 4 999 messages postés)
  1. Posté le 22/08/2009 à 13:08:45  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
Bonjour Lætitia,

 Désactive tes logiciels de sécurité durant la procédure.

 1) Désactive l'UAC. Tutorial.


 2) Télécharge le Norton Removal Tool afin de supprimer les éléments résiduels de Norton.

 - Clique deux fois sur l'icône Norton Removal Tool.
 - Suis les instructions. L'ordinateur pourra être redémarré plusieurs fois et tu seras peut-être invité à répéter certaines étapes.


 3) Télécharge OTL (de OldTimer) et enregistre-le sur ton Bureau.

 - Quitte les applications en cours afin de ne pas interrompre le scan.
 - Une fenêtre apparaît. Dans la section Output en haut de cette fenêtre, coche "Minimal Output". Fais de même avec "Scan All Users".
 - Coche également les cases à côté de "LOP Check" et "Purity Check".
 - Dans la zone Extra Registry, coche "Use Safelist".

 Ne modifie pas les autres paramètres !

 - Clique sur le bouton Run Scan.
 - Une fois l'analyse terminée, deux fenêtres vont s'ouvrir dans le Bloc-notes : OTL.txt et Extras.txt. Ils se trouvent au même endroit que OTListIT2 (donc par défaut sur le Bureau).

 - Copie/colle ici le contenu des deux fichiers. Utilise un message par rapport.


 Cordialement.

laetis
Sur la bonne voie (de 100 à 499 messages postés)
  1. Posté le 24/08/2009 à 21:00:17  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
Bonsoir Curson

 voici le premier rapport Bon courage pour la lecture :pt1cable:  et merci de ton aide

 OTL logfile created on: 24/08/2009 22:52:24 - Run 1
 OTL by OldTimer - Version 3.0.10.7     Folder = C:\Users\candice\Downloads
 Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
 Internet Explorer (Version = 8.0.6001.18813)
 Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy
 
 1022,82 Mb Total Physical Memory | 522,23 Mb Available Physical Memory | 51,06% Memory free
 2,26 Gb Paging File | 1,16 Gb Available in Paging File | 51,59% Paging File free
 Paging file location(s): ?:\pagefile.sys [binary data]
 
 %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
 Drive C: | 145,80 Gb Total Space | 34,08 Gb Free Space | 23,37% Space Free | Partition Type: NTFS
 Drive D: | 145,46 Gb Total Space | 145,36 Gb Free Space | 99,94% Space Free | Partition Type: NTFS
 E: Drive not present or media not loaded
 F: Drive not present or media not loaded
 G: Drive not present or media not loaded
 H: Drive not present or media not loaded
 I: Drive not present or media not loaded
 
 Computer Name: PC-DE-LAETITIA
 Current User Name: candice
 Logged in as Administrator.
 
 Current Boot Mode: Normal
 Scan Mode: Current user
 Company Name Whitelist: Off
 Skip Microsoft Files: Off
 File Age = 30 Days
 Output = Minimal
 
 ========== Processes (SafeList) ==========
 
 PRC - C:\Windows\System32\Ati2evxx.e​xe (ATI Technologies Inc.)
 PRC - C:\Windows\System32\Ati2evxx.e​xe (ATI Technologies Inc.)
 PRC - C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
 PRC - C:\Windows\Explorer.EXE (Microsoft Corporation)
 PRC - C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
 PRC - C:\Windows\System32\SysMonitor​.exe ()
 PRC - C:\Acer\Empowering Technology\eDataSecurity\eDSlo​ader.exe (HiTRUST)
 PRC - C:\Program Files\OrangeHSS\Systray\Systra​yApp.exe (France Telecom SA)
 PRC - C:\Program Files\Lexmark 3500-4500 Series\lxdimon.exe ()
 PRC - C:\Program Files\Lexmark 3500-4500 Series\lxdiamon.exe (Lexmark)
 PRC - C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.e​xe (Adobe Systems Incorporated)
 PRC - C:\Program Files\QuickTime\qttask.exe (Apple Computer, Inc.)
 PRC - C:\Program Files\Hercules\Hercules DualPix HD Webcam\CamService.exe (Guillemot Corporation S.A.)
 PRC - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
 PRC - C:\Program Files\Java\jre6\bin\jusched.ex​e (Sun Microsystems, Inc.)
 PRC - C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation)
 PRC - C:\Windows\ehome\ehtray.exe (Microsoft Corporation)
 PRC - C:\Program Files\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation)
 PRC - C:\Program Files\Google\GoogleToolbarNoti​fier\GoogleToolbarNotifier.exe (Google Inc.)
 PRC - C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
 PRC - C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe (Eastman Kodak Company)
 PRC - C:\Acer\Empowering Technology\ePerformance\MemChe​ck.exe ()
 PRC - C:\Program Files\OpenOffice.org 2.2\program\soffice.exe (OpenOffice.org)
 PRC - C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
 PRC - C:\Acer\Empowering Technology\eDataSecurity\eDSSe​rvice.exe (HiTRSUT)
 PRC - C:\Programmes\Common Files\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe File not found
 PRC - C:\Program Files\Common Files\LightScribe\LSSrvc.exe (Hewlett-Packard Company)
 PRC - C:\Windows\System32\lxdicoms.e​xe ( )
 PRC - C:\Program Files\CyberLink\Shared Files\RichVideo.exe ()
 PRC - C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corporation)
 PRC - C:\Acer\Empowering Technology\eRecovery\eRecovery​Service.exe (Acer Inc.)
 PRC - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.)
 PRC - C:\Windows\ehome\ehmsas.exe (Microsoft Corporation)
 PRC - C:\Programmes\Common Files\France Telecom\Shared Modules\AlertModule\0\AlertMod​ule.exe File not found
 PRC - C:\Acer\Empowering Technology\ACER.EMPOWERING.FRA​MEWORK.SUPERVISOR.EXE (Acer Inc.)
 PRC - C:\Acer\Empowering Technology\eRecovery\ERAGENT.E​XE (Acer Inc.)
 PRC - C:\Program Files\OpenOffice.org 2.2\program\soffice.BIN (OpenOffice.org)
 PRC - C:\Program Files\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation)
 PRC - C:\Users\candice\Downloads\OTL​.exe (OldTimer Tools)
 
 ========== Win32 Services (SafeList) ==========
 
 SRV - (AcerMemUsageCheckService [Auto | Running]) -- C:\Acer\Empowering Technology\ePerformance\MemChe​ck.exe ()
 SRV - (AntiVirSchedulerService [Auto | Running]) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
 SRV - (AntiVirService [Auto | Running]) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
 SRV - (Ati External Event Utility [Auto | Running]) -- C:\Windows\System32\Ati2evxx.e​xe (ATI Technologies Inc.)
 SRV - (clr_optimization_v2.0.50727_3​2 [On_Demand | Stopped]) -- C:\Windows\Microsoft.NET\Frame​work\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
 SRV - (eDataSecurity Service [Auto | Running]) -- C:\Acer\Empowering Technology\eDataSecurity\eDSSe​rvice.exe (HiTRSUT)
 SRV - (ehRecvr [On_Demand | Stopped]) -- C:\Windows\ehome\ehRecvr.exe (Microsoft Corporation)
 SRV - (ehSched [On_Demand | Stopped]) -- C:\Windows\ehome\ehsched.exe (Microsoft Corporation)
 SRV - (ehstart [Auto | Stopped]) -- C:\Windows\ehome\ehstart.dll (Microsoft Corporation)
 SRV - (eRecoveryService [Auto | Running]) -- C:\Acer\Empowering Technology\eRecovery\eRecovery​Service.exe (Acer Inc.)
 SRV - (Eventlog [Auto | Running]) -- C:\Windows\System32\wevtsvc.dl​l (Microsoft Corporation)
 SRV - (FontCache3.0.0.0 [On_Demand | Stopped]) -- C:\Windows\Microsoft.Net\Frame​work\v3.0\WPF\PresentationFont​Cache.exe (Microsoft Corporation)
 SRV - (fsssvc [On_Demand | Stopped]) -- C:\Program Files\Windows Live\Family Safety\fsssvc.exe (Microsoft Corporation)
 SRV - (FTRTSVC [Auto | Running]) --  File not found
 SRV - (gusvc [On_Demand | Stopped]) -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.e​xe (Google)
 SRV - (idsvc [Unknown | Stopped]) -- C:\Windows\Microsoft.NET\Frame​work\v3.0\Windows Communication Foundation\infocard.exe (Microsoft Corporation)
 SRV - (LightScribeService [Auto | Running]) -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe (Hewlett-Packard Company)
 SRV - (lxdi_device [Auto | Running]) -- C:\Windows\System32\lxdicoms.e​xe ( )
 SRV - (NetTcpPortSharing [Disabled | Stopped]) -- C:\Windows\Microsoft.NET\Frame​work\v3.0\Windows Communication Foundation\SMSvcHost.exe (Microsoft Corporation)
 SRV - (RichVideo [Auto | Running]) -- C:\Program Files\CyberLink\Shared Files\RichVideo.exe ()
 SRV - (SBSDWSCService [Auto | Running]) -- C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.)
 SRV - (SeaPort [Auto | Running]) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corporation)
 SRV - (WinDefend [Auto | Running]) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
 SRV - (WMPNetworkSvc [On_Demand | Stopped]) -- C:\Program Files\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
 
 ========== Driver Services (SafeList) ==========
 
 DRV - (adp94xx [Disabled | Stopped]) -- C:\Windows\system32\drivers\ad​p94xx.sys (Adaptec, Inc.)
 DRV - (adpahci [Disabled | Stopped]) -- C:\Windows\system32\drivers\ad​pahci.sys (Adaptec, Inc.)
 DRV - (adpu160m [Disabled | Stopped]) -- C:\Windows\system32\drivers\ad​pu160m.sys (Adaptec, Inc.)
 DRV - (adpu320 [Disabled | Stopped]) -- C:\Windows\system32\drivers\ad​pu320.sys (Adaptec, Inc.)
 DRV - (aic78xx [Disabled | Stopped]) -- C:\Windows\system32\drivers\dj​svs.sys (Adaptec, Inc.)
 DRV - (aliide [Disabled | Stopped]) -- C:\Windows\system32\drivers\al​iide.sys (Acer Laboratories Inc.)
 DRV - (APL531 [On_Demand | Running]) -- C:\Windows\System32\Drivers\hd​vidv.sys (Akkord Corporation)
 DRV - (arc [Disabled | Stopped]) -- C:\Windows\system32\drivers\ar​c.sys (Adaptec, Inc.)
 DRV - (arcsas [Disabled | Stopped]) -- C:\Windows\system32\drivers\ar​csas.sys (Adaptec, Inc.)
 DRV - (AVG Anti-Rootkit [Boot | Running]) -- C:\Windows\System32\DRIVERS\av​garkt.sys (GRISOFT, s.r.o.)
 DRV - (AvgArCln [System | Running]) -- C:\Windows\System32\DRIVERS\Av​gArCln.sys (GRISOFT, s.r.o.)
 DRV - (avgio [System | Running]) -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys (Avira GmbH)
 DRV - (avgntflt [Auto | Running]) -- C:\Windows\System32\DRIVERS\av​gntflt.sys (Avira GmbH)
 DRV - (avipbb [System | Running]) -- C:\Windows\System32\DRIVERS\av​ipbb.sys (Avira GmbH)
 DRV - (BrFiltLo [On_Demand | Stopped]) -- C:\Windows\system32\drivers\br​filtlo.sys (Brother Industries, Ltd.)
 DRV - (BrFiltUp [On_Demand | Stopped]) -- C:\Windows\system32\drivers\br​filtup.sys (Brother Industries, Ltd.)
 DRV - (Brserid [Disabled | Stopped]) -- C:\Windows\system32\drivers\br​serid.sys (Brother Industries Ltd.)
 DRV - (BrSerWdm [Disabled | Stopped]) -- C:\Windows\system32\drivers\br​serwdm.sys (Brother Industries Ltd.)
 DRV - (BrUsbMdm [Disabled | Stopped]) -- C:\Windows\system32\drivers\br​usbmdm.sys (Brother Industries Ltd.)
 DRV - (BrUsbSer [On_Demand | Stopped]) -- C:\Windows\system32\drivers\br​usbser.sys (Brother Industries Ltd.)
 DRV - (camfilt2 [On_Demand | Running]) -- C:\Windows\System32\Drivers\ca​mfilt2.sys (Guillemot Corporation)
 DRV - (cmdide [Disabled | Stopped]) -- C:\Windows\system32\drivers\cm​dide.sys (CMD Technology, Inc.)
 DRV - (E1G60 [On_Demand | Stopped]) -- C:\Windows\System32\DRIVERS\E1​G60I32.sys (Intel Corporation)
 DRV - (elxstor [Disabled | Stopped]) -- C:\Windows\system32\drivers\el​xstor.sys (Emulex)
 DRV - (fssfltr [On_Demand | Stopped]) -- C:\Windows\System32\DRIVERS\fs​sfltr.sys (Microsoft Corporation)
 DRV - (HpCISSs [Disabled | Stopped]) -- C:\Windows\system32\drivers\hp​cisss.sys (Hewlett-Packard Company)
 DRV - (iaStorV [Disabled | Stopped]) -- C:\Windows\system32\drivers\ia​storv.sys (Intel Corporation)
 DRV - (iirsp [Disabled | Stopped]) -- C:\Windows\system32\drivers\ii​rsp.sys (Intel Corp./ICP vortex GmbH)
 DRV - (int15 [Auto | Running]) -- C:\Acer\Empowering Technology\eRecovery\int15.sys ()
 DRV - (IntcAzAudAddService [On_Demand | Running]) -- C:\Windows\System32\drivers\RT​KVHDA.sys (Realtek Semiconductor Corp.)
 DRV - (iteatapi [Disabled | Stopped]) -- C:\Windows\system32\drivers\it​eatapi.sys (Integrated Technology Express, Inc.)
 DRV - (iteraid [Disabled | Stopped]) -- C:\Windows\system32\drivers\it​eraid.sys (Integrated Technology Express, Inc.)
 DRV - (LSI_FC [Disabled | Stopped]) -- C:\Windows\system32\drivers\ls​i_fc.sys (LSI Logic)
 DRV - (LSI_SAS [Disabled | Stopped]) -- C:\Windows\system32\drivers\ls​i_sas.sys (LSI Logic)
 DRV - (LSI_SCSI [Disabled | Stopped]) -- C:\Windows\system32\drivers\ls​i_scsi.sys (LSI Logic)
 DRV - (megasas [Disabled | Stopped]) -- C:\Windows\system32\drivers\me​gasas.sys (LSI Logic Corporation)
 DRV - (Mraid35x [Disabled | Stopped]) -- C:\Windows\system32\drivers\mr​aid35x.sys (LSI Logic Corporation)
 DRV - (nfrd960 [Disabled | Stopped]) -- C:\Windows\system32\drivers\nf​rd960.sys (IBM Corporation)
 DRV - (Nokia USB Generic [On_Demand | Stopped]) -- C:\Windows\System32\drivers\nm​wcdc.sys (Nokia)
 DRV - (Nokia USB Modem [On_Demand | Stopped]) -- C:\Windows\System32\drivers\nm​wcdcm.sys (Nokia)
 DRV - (Nokia USB Phone Parent [On_Demand | Stopped]) -- C:\Windows\System32\drivers\nm​wcd.sys (Nokia)
 DRV - (NTIDrvr [On_Demand | Running]) -- C:\Windows\System32\DRIVERS\NT​IDrvr.sys (NewTech Infosystems, Inc.)
 DRV - (ntrigdigi [Disabled | Stopped]) -- C:\Windows\system32\drivers\nt​rigdigi.sys (N-trig Innovative Technologies)
 DRV - (nvlddmkm [On_Demand | Stopped]) -- C:\Windows\System32\DRIVERS\nv​lddmkm.sys (NVIDIA Corporation)
 DRV - (nvraid [Disabled | Stopped]) -- C:\Windows\system32\drivers\nv​raid.sys (NVIDIA Corporation)
 DRV - (nvstor [Boot | Running]) -- C:\Windows\system32\DRIVERS\nv​stor.sys (NVIDIA Corporation)
 DRV - (nvstor32 [Boot | Running]) -- C:\Windows\system32\drivers\nv​stor32.sys (NVIDIA Corporation)
 DRV - (PCAMp50 [On_Demand | Stopped]) -- C:\Windows\System32\Drivers\PC​AMp50.sys (Printing Communications Assoc., Inc. (PCAUSA))
 DRV - (PCASp50 [On_Demand | Stopped]) -- C:\Windows\System32\Drivers\PC​ASp50.sys (Printing Communications Assoc., Inc. (PCAUSA))
 DRV - (PSDFilter [Boot | Running]) -- C:\Windows\system32\DRIVERS\ps​dfilter.sys (HiTRUST)
 DRV - (PSDNServ [Boot | Running]) -- C:\Windows\system32\drivers\PS​DNServ.sys (HiTRUST)
 DRV - (psdvdisk [Boot | Running]) -- C:\Windows\system32\drivers\ps​dvdisk.sys (HiTRUST)
 DRV - (ql2300 [Disabled | Stopped]) -- C:\Windows\system32\drivers\ql​2300.sys (QLogic Corporation)
 DRV - (ql40xx [Disabled | Stopped]) -- C:\Windows\system32\drivers\ql​40xx.sys (QLogic Corporation)
 DRV - (R300 [On_Demand | Running]) -- C:\Windows\System32\DRIVERS\at​ikmdag.sys (ATI Technologies Inc.)
 DRV - (secdrv [Auto | Running]) -- C:\Windows\System32\drivers\se​cdrv.sys (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)
 DRV - (SIS163u [On_Demand | Stopped]) -- C:\Windows\System32\DRIVERS\si​s163u.sys (SiS Corporation)
 DRV - (SiSRaid2 [Disabled | Stopped]) -- C:\Windows\system32\drivers\si​sraid2.sys (Silicon Integrated Systems Corp.)
 DRV - (SiSRaid4 [Disabled | Stopped]) -- C:\Windows\system32\drivers\si​sraid4.sys (Silicon Integrated Systems)
 DRV - (ssmdrv [System | Running]) -- C:\Windows\System32\DRIVERS\ss​mdrv.sys (Avira GmbH)
 DRV - (Symc8xx [Disabled | Stopped]) -- C:\Windows\system32\drivers\sy​mc8xx.sys (LSI Logic)
 DRV - (Sym_hi [Disabled | Stopped]) -- C:\Windows\system32\drivers\sy​m_hi.sys (LSI Logic)
 DRV - (Sym_u3 [Disabled | Stopped]) -- C:\Windows\system32\drivers\sy​m_u3.sys (LSI Logic)
 DRV - (UBHelper [Boot | Running]) -- C:\Windows\System32\drivers\UB​Helper.sys ()
 DRV - (uliahci [Disabled | Stopped]) -- C:\Windows\system32\drivers\ul​iahci.sys (ULi Electronics Inc.)
 DRV - (UlSata [Disabled | Stopped]) -- C:\Windows\system32\drivers\ul​sata.sys (Promise Technology, Inc.)
 DRV - (ulsata2 [Disabled | Stopped]) -- C:\Windows\system32\drivers\ul​sata2.sys (Promise Technology, Inc.)
 DRV - (usbaudio [On_Demand | Running]) -- C:\Windows\System32\drivers\us​baudio.sys (Microsoft Corporation)
 DRV - (viaide [Disabled | Stopped]) -- C:\Windows\system32\drivers\vi​aide.sys (VIA Technologies, Inc.)
 DRV - (vsmraid [Disabled | Stopped]) -- C:\Windows\system32\drivers\vs​mraid.sys (VIA Technologies Inc.,Ltd)
 DRV - (yukonwlh [On_Demand | Running]) -- C:\Windows\System32\DRIVERS\yk​60x86.sys (Marvell)
 
 ========== Standard Registry (SafeList) ==========
 
 
 ========== Internet Explorer ==========
 
 IE - HKLM\SOFTWARE\Microsoft\Intern​et Explorer\Main,Default_Page_URL = http://www.microsoft.com/isapi [...] ar=msnhome
 IE - HKLM\SOFTWARE\Microsoft\Intern​et Explorer\Main,Default_Search_U​RL = http://www.microsoft.com/isapi [...] r=iesearch
 IE - HKLM\SOFTWARE\Microsoft\Intern​et Explorer\Main,Default_Secondar​y_Page_URL =  [binary data]
 IE - HKLM\SOFTWARE\Microsoft\Intern​et Explorer\Main,Extensions Off Page = about:NoAdd-ons
 IE - HKLM\SOFTWARE\Microsoft\Intern​et Explorer\Main,Local Page = C:\Windows\System32\blank.htm
 IE - HKLM\SOFTWARE\Microsoft\Intern​et Explorer\Main,Search Page = http://www.microsoft.com/isapi [...] r=iesearch
 IE - HKLM\SOFTWARE\Microsoft\Intern​et Explorer\Main,Security Risk Page = about:SecurityRisk
 IE - HKLM\SOFTWARE\Microsoft\Intern​et Explorer\Main,Start Page = http://www.microsoft.com/isapi [...] R}&ar=home
 IE - HKLM\SOFTWARE\Microsoft\Intern​et Explorer\Search,CustomizeSearc​h = http://ie.search.msn.com/{SUB_ [...] chcust.htm
 IE - HKLM\SOFTWARE\Microsoft\Intern​et Explorer\Search,Default_Search​_URL = http://www.microsoft.com/isapi [...] r=iesearch
 IE - HKLM\SOFTWARE\Microsoft\Intern​et Explorer\Search,SearchAssistan​t = http://ie.search.msn.com/{SUB_ [...] chasst.htm
 
 IE - HKCU\SOFTWARE\Microsoft\Intern​et Explorer\Main,Default_Search_U​RL = http://www.microsoft.com/isapi [...] r=iesearch
 IE - HKCU\SOFTWARE\Microsoft\Intern​et Explorer\Main,Local Page = C:\Windows\system32\blank.htm
 IE - HKCU\SOFTWARE\Microsoft\Intern​et Explorer\Main,SEARCH PAGE = http://www.microsoft.com/isapi [...] r=iesearch
 IE - HKCU\SOFTWARE\Microsoft\Intern​et Explorer\Main,SearchMigratedDe​faultName = Yahoo! Search
 IE - HKCU\SOFTWARE\Microsoft\Intern​et Explorer\Main,SearchMigratedDe​faultURL = http://search.yahoo.com/search [...] 8&fr=b1ie7
 IE - HKCU\SOFTWARE\Microsoft\Intern​et Explorer\Main,Start Page = http://www.microsoft.com/isapi [...] ar=msnhome
 IE - HKCU\SOFTWARE\Microsoft\Intern​et Explorer\Main,StartPageCache = 1
 IE - URLSearchHook: {08C06D61-F1F3-4799-86F8-BE1A8​9362C85} - C:\Program Files\OrangeHSS\SearchURLHook\​SearchPageURL.dll ()
 IE - HKCU\Software\Microsoft\Window​s\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 ========== FireFox ==========
 
 FF - prefs.js..extensions.enabledIt​ems: fireform@mozilla.org:0.7
 FF - prefs.js..extensions.enabledIt​ems: {CAFEEFAC-0016-0000-0004-ABCDE​FFEDCBA}:6.0.04
 FF - prefs.js..extensions.enabledIt​ems: {CAFEEFAC-0016-0000-0007-ABCDE​FFEDCBA}:6.0.07
 FF - prefs.js..extensions.enabledIt​ems: {CAFEEFAC-0016-0000-0011-ABCDE​FFEDCBA}:6.0.11
 FF - prefs.js..extensions.enabledIt​ems: {CAFEEFAC-0016-0000-0014-ABCDE​FFEDCBA}:6.0.14
 FF - prefs.js..extensions.enabledIt​ems: {20a82645-c095-46ed-80e3-08825​760534b}:1.0
 FF - prefs.js..extensions.enabledIt​ems: {635abd67-4fe9-1b23-4f01-e679f​a7484c1}:1.5.2.20080717
 FF - prefs.js..extensions.enabledIt​ems: {972ce4c6-7e08-4474-a285-32081​98ce6fd}:3.0.13
 
 
 FF - HKLM\software\mozilla\Firefox\​Extensions\\{20a82645-c095-46e​d-80e3-08825760534b}: C:\Windows\Microsoft.NET\Frame​work\v3.5\Windows Presentation Foundation\DotNetAssistantExte​nsion\ [2009/07/05 00:06:10 | 00,000,000 | ---D | M]
 FF - HKLM\software\mozilla\Mozilla Firefox 3.0.13\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2009/08/05 17:41:55 | 00,000,000 | ---D | M]
 FF - HKLM\software\mozilla\Mozilla Firefox 3.0.13\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2009/08/05 17:41:55 | 00,000,000 | ---D | M]
 
 [2008/08/29 16:31:55 | 00,000,000 | ---D | M] -- C:\Users\candice\AppData\Roami​ng\mozilla\Extensions
 [2008/08/29 16:31:55 | 00,000,000 | ---D | M] -- C:\Users\candice\AppData\Roami​ng\mozilla\Extensions\{ec8030f​7-c20a-464f-9b0e-13a3a9e97384}
 [2009/08/24 10:00:55 | 00,000,000 | ---D | M] -- C:\Users\candice\AppData\Roami​ng\mozilla\Firefox\Profiles\mk​sy5ipn.default\extensions
 [2008/12/21 10:48:48 | 00,000,000 | ---D | M] -- C:\Users\candice\AppData\Roami​ng\mozilla\Firefox\Profiles\mk​sy5ipn.default\extensions\{635​abd67-4fe9-1b23-4f01-e679fa748​4c1}
 [2009/04/18 16:13:40 | 00,000,000 | ---D | M] -- C:\Users\candice\AppData\Roami​ng\mozilla\Firefox\Profiles\mk​sy5ipn.default\extensions\fire​form@mozilla.org
 [2009/07/27 19:49:04 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions
 [2009/08/05 17:41:55 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{972ce4c6-7​e08-4474-a285-3208198ce6fd}
 [2008/04/07 14:37:27 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0​016-0000-0004-ABCDEFFEDCBA}
 [2008/08/23 21:26:14 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0​016-0000-0007-ABCDEFFEDCBA}
 [2008/12/21 10:38:30 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0​016-0000-0011-ABCDEFFEDCBA}
 [2009/07/27 19:49:06 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0​016-0000-0014-ABCDEFFEDCBA}
 [2008/08/29 16:31:48 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\talkback@mo​zilla.org
 [2009/08/05 17:41:53 | 00,023,032 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browserdirp​rovider.dll
 [2009/08/05 17:41:53 | 00,134,648 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\brwsrcmp.dl​l
 [2009/05/21 11:33:58 | 00,410,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeploytk.dll
 [2009/08/05 17:41:54 | 00,065,528 | ---- | M] (mozilla.org) -- C:\Program Files\mozilla firefox\plugins\npnul32.dll
 [2007/05/10 22:52:34 | 00,095,864 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\mozilla firefox\plugins\nppdf32.dll
 [2009/02/05 22:02:38 | 00,001,516 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-f​rance.xml
 [2009/02/05 22:02:38 | 00,000,757 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-fra​nce.xml
 [2009/02/05 22:02:38 | 00,001,706 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\google.x​ml
 [2009/02/05 22:02:37 | 00,000,748 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\MediaDIC​O-fr.xml
 [2009/02/05 22:02:38 | 00,001,426 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedi​a-fr.xml
 [2009/02/05 22:02:38 | 00,000,652 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-fr​ance.xml
 
 O1 HOSTS File: (303525 bytes) - C:\Windows\System32\drivers\et​c\Hosts
 O1 - Hosts: 127.0.0.1       localhost
 O1 - Hosts: 127.0.0.1 www.007guard.com
 O1 - Hosts: 127.0.0.1 007guard.com
 O1 - Hosts: 127.0.0.1 008i.com
 O1 - Hosts: 127.0.0.1 www.008k.com
 O1 - Hosts: 127.0.0.1 008k.com
 O1 - Hosts: 127.0.0.1 www.00hq.com
 O1 - Hosts: 127.0.0.1 00hq.com
 O1 - Hosts: 127.0.0.1 010402.com
 O1 - Hosts: 127.0.0.1 www.032439.com
 O1 - Hosts: 127.0.0.1 032439.com
 O1 - Hosts: 127.0.0.1 www.0scan.com
 O1 - Hosts: 127.0.0.1 0scan.com
 O1 - Hosts: 127.0.0.1 1000gratisproben.com
 O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
 O1 - Hosts: 127.0.0.1 www.1001namen.com
 O1 - Hosts: 127.0.0.1 1001namen.com
 O1 - Hosts: 127.0.0.1 100888290cs.com
 O1 - Hosts: 127.0.0.1 www.100888290cs.com
 O1 - Hosts: 127.0.0.1 100sexlinks.com
 O1 - Hosts: 127.0.0.1 www.100sexlinks.com
 O1 - Hosts: 127.0.0.1 10sek.com
 O1 - Hosts: 127.0.0.1 www.10sek.com
 O1 - Hosts: 127.0.0.1 www.123haustiereundmehr.com
 O1 - Hosts: 127.0.0.1 123haustiereundmehr.com
 O1 - Hosts: 10480 more lines...
 O2 - BHO: (Yahoo! Toolbar Helper) - {02478D38-C3F9-4EFB-9B51-7695E​CA05670} - C:\Program Files\Yahoo!\Companion\Install​s\cpn\yt.dll (Yahoo! Inc.)
 O2 - BHO: (Aide pour le lien d'Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7​D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\Ac​roIEHelper.dll (Adobe Systems Incorporated)
 O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988​571CECB} - No CLSID value found.
 O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3A​AC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
 O2 - BHO: (Programme d'aide de l'Assistant de connexion Windows Live) - {9030D464-4C02-4ABF-8ECC-51647​60863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
 O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF105​77473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll (Google Inc.)
 O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B​5AD205D} - C:\Program Files\Google\GoogleToolbarNoti​fier\5.1.1309.15642\swg.dll (Google Inc.)
 O2 - BHO: (Google Dictionary Compression sdch) - {C84D72FE-E17D-4195-BB24-76C02​E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A​8904FB862BD9564.dll (Google Inc.)
 O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C​1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
 O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94E​C1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
 O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D​3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
 O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-00902​7A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll (Google Inc.)
 O3 - HKLM\..\Toolbar: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477e-A7DD-396DB​0476E29} - C:\Windows\System32\eDStoolbar​.dll (HiTRUST)
 O3 - HKLM\..\Toolbar: (Yahoo! Toolbar avec bloqueur de fenêtres pop-up) - {EF99BD32-C1FB-11D2-892F-00902​71D4F88} - C:\Program Files\Yahoo!\Companion\Install​s\cpn\yt.dll (Yahoo! Inc.)
 O3 - HKCU\..\Toolbar\ShellBrowser: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477E-A7DD-396DB​0476E29} - C:\Windows\System32\eDStoolbar​.dll (HiTRUST)
 O3 - HKCU\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D​3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
 O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-00902​7A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll (Google Inc.)
 O4 - HKLM..\Run: [Acer Empowering Technology Monitor] C:\Windows\System32\SysMonitor​.exe ()
 O4 - HKLM..\Run: [Acer Tour]  File not found
 O4 - HKLM..\Run: [Adobe Photo Downloader] C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.e​xe (Adobe Systems Incorporated)
 O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
 O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
 O4 - HKLM..\Run: [CamserviceHD] C:\Program Files\Hercules\Hercules DualPix HD Webcam\Camservice.exe (Guillemot Corporation S.A.)
 O4 - HKLM..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSlo​ader.exe (HiTRUST)
 O4 - HKLM..\Run: [eRecoveryService]  File not found
 O4 - HKLM..\Run: [FaxCenterServer] C:\Program Files\Lexmark Fax Solutions\fm3032.exe ()
 O4 - HKLM..\Run: [lxdiamon] C:\Program Files\Lexmark 3500-4500 Series\lxdiamon.exe (Lexmark)
 O4 - HKLM..\Run: [LXDICATS] C:\Windows\System32\spool\DRIV​ERS\W32X86\3\LXDItime.DLL (Lexmark International, Inc.)
 O4 - HKLM..\Run: [lxdimon.exe] C:\Program Files\Lexmark 3500-4500 Series\lxdimon.exe ()
 O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime\qttask.exe (Apple Computer, Inc.)
 O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
 O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre6\bin\jusched.ex​e (Sun Microsystems, Inc.)
 O4 - HKLM..\Run: [SystrayORAHSS] C:\Program Files\OrangeHSS\Systray\Systra​yApp.exe (France Telecom SA)
 O4 - HKLM..\Run: [WarReg_PopUp] C:\Acer\WR_PopUp\WarReg_PopUp.​exe (Acer Inc.)
 O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
 O4 - HKCU..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe (Microsoft Corporation)
 O4 - HKCU..\Run: [MsnMsgr] C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe (Microsoft Corporation)
 O4 - HKCU..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation)
 O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
 O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNoti​fier\GoogleToolbarNotifier.exe (Google Inc.)
 O4 - HKCU..\Run: [捁牥&#​21536;畯r]  File not found
 O4 - HKCU..\Run: [捁牥&#​21536;畯⁲&​amp;#25938;業&#2​5710;牥]  File not found
 O4 - Startup: C:\Users\candice\AppData\Roami​ng\Microsoft\Windows\Start Menu\Programs\Startup\Fan club Christophe Maé.lnk = C:\Program Files\Warner\Christophe_Mae\Fa​nClubMae.exe ()
 O4 - Startup: C:\Users\candice\AppData\Roami​ng\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffi​ce.org 2.2.lnk = C:\Program Files\OpenOffice.org 2.2\program\quickstart.exe ()
 O6 - HKLM\SOFTWARE\Microsoft\Window​s\CurrentVersion\policies\Expl​orer: NoDriveAutoRun = 67108863
 O6 - HKLM\SOFTWARE\Microsoft\Window​s\CurrentVersion\policies\Expl​orer: NoDriveTypeAutoRun = 255
 O6 - HKLM\SOFTWARE\Microsoft\Window​s\CurrentVersion\policies\Syst​em: ConsentPromptBehaviorAdmin = 2
 O6 - HKLM\SOFTWARE\Microsoft\Window​s\CurrentVersion\policies\Syst​em: ConsentPromptBehaviorUser = 1
 O6 - HKLM\SOFTWARE\Microsoft\Window​s\CurrentVersion\policies\Syst​em: EnableInstallerDetection = 1
 O6 - HKLM\SOFTWARE\Microsoft\Window​s\CurrentVersion\policies\Syst​em: EnableSecureUIAPaths = 1
 O6 - HKLM\SOFTWARE\Microsoft\Window​s\CurrentVersion\policies\Syst​em: EnableVirtualization = 1
 O6 - HKLM\SOFTWARE\Microsoft\Window​s\CurrentVersion\policies\Syst​em: PromptOnSecureDesktop = 1
 O6 - HKLM\SOFTWARE\Microsoft\Window​s\CurrentVersion\policies\Syst​em: ValidateAdminCodeSignatures = 0
 O6 - HKLM\SOFTWARE\Microsoft\Window​s\CurrentVersion\policies\Syst​em: dontdisplaylastusername = 0
 O6 - HKLM\SOFTWARE\Microsoft\Window​s\CurrentVersion\policies\Syst​em: legalnoticecaption =
 O6 - HKLM\SOFTWARE\Microsoft\Window​s\CurrentVersion\policies\Syst​em: legalnoticetext =
 O6 - HKLM\SOFTWARE\Microsoft\Window​s\CurrentVersion\policies\Syst​em: scforceoption = 0
 O6 - HKLM\SOFTWARE\Microsoft\Window​s\CurrentVersion\policies\Syst​em: shutdownwithoutlogon = 1
 O6 - HKLM\SOFTWARE\Microsoft\Window​s\CurrentVersion\policies\Syst​em: undockwithoutlogon = 1
 O6 - HKLM\SOFTWARE\Microsoft\Window​s\CurrentVersion\policies\Syst​em: FilterAdministratorToken = 0
 O6 - HKLM\SOFTWARE\Microsoft\Window​s\CurrentVersion\policies\Syst​em: EnableUIADesktopToggle = 0
 O6 - HKLM\SOFTWARE\Microsoft\Window​s\CurrentVersion\policies\Syst​em\UIPI\Clipboard\ExceptionFor​mats: CF_TEXT = 1
 O6 - HKLM\SOFTWARE\Microsoft\Window​s\CurrentVersion\policies\Syst​em\UIPI\Clipboard\ExceptionFor​mats: CF_BITMAP = 2
 O6 - HKLM\SOFTWARE\Microsoft\Window​s\CurrentVersion\policies\Syst​em\UIPI\Clipboard\ExceptionFor​mats: CF_OEMTEXT = 7
 O6 - HKLM\SOFTWARE\Microsoft\Window​s\CurrentVersion\policies\Syst​em\UIPI\Clipboard\ExceptionFor​mats: CF_DIB = 8
 O6 - HKLM\SOFTWARE\Microsoft\Window​s\CurrentVersion\policies\Syst​em\UIPI\Clipboard\ExceptionFor​mats: CF_PALETTE = 9
 O6 - HKLM\SOFTWARE\Microsoft\Window​s\CurrentVersion\policies\Syst​em\UIPI\Clipboard\ExceptionFor​mats: CF_UNICODETEXT = 13
 O6 - HKLM\SOFTWARE\Microsoft\Window​s\CurrentVersion\policies\Syst​em\UIPI\Clipboard\ExceptionFor​mats: CF_DIBV5 = 17
 O7 - HKCU\Software\Policies\Microso​ft\Internet Explorer\Control Panel present
 O9 - Extra Button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCD​DC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExten​sion.dll (Microsoft Corporation)
 O9 - Extra 'Tools' menuitem : &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCD​DC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExten​sion.dll (Microsoft Corporation)
 O13 - gopher Prefix: missing
 O15 - HKLM\..Trusted Domains: 48 domain(s) and sub-domain(s) not assigned to a zone.
 O15 - HKCU\..Trusted Domains: 51 domain(s) and sub-domain(s) not assigned to a zone.
 O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C​29F7F75} http://webscanner.kaspersky.fr [...] nicode.cab (CKAVWebScan Object)
 O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-98999​3B5D08B} http://www.eset.eu/buxus/docs/OnlineScanner.cab (Reg Error: Key error.)
 O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805​F499D93} http://java.sun.com/update/1.6 [...] s-i586.cab (Java Plug-in 1.6.0_14)
 O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829D​C0B603C} http://fpdownload.macromedia.c [...] rashim.cab (Reg Error: Key error.)
 O16 - DPF: {CAFEEFAC-0016-0000-0004-ABCDE​FFEDCBA} http://java.sun.com/update/1.6 [...] s-i586.cab (Java Plug-in 1.6.0_04)
 O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDE​FFEDCBA} http://java.sun.com/update/1.6 [...] s-i586.cab (Java Plug-in 1.6.0_05)
 O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDE​FFEDCBA} http://java.sun.com/update/1.6 [...] s-i586.cab (Java Plug-in 1.6.0_07)
 O16 - DPF: {CAFEEFAC-0016-0000-0014-ABCDE​FFEDCBA} http://java.sun.com/update/1.6 [...] s-i586.cab (Java Plug-in 1.6.0_14)
 O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDE​FFEDCBA} http://java.sun.com/update/1.6 [...] s-i586.cab (Java Plug-in 1.6.0_14)
 O17 - HKLM\System\CCS\Services\Tcpip​\Parameters: DhcpNameServer = 192.168.1.1
 O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305​202313F} - C:\Programmes\Windows Live\Messenger\msgrapp.14.0.80​64.0206.dll File not found
 O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305​202313F} - C:\Programmes\Windows Live\Messenger\msgrapp.14.0.80​64.0206.dll File not found
 O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7B​E1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
 O18 - Protocol\Filter:  - x-sdch - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A​8904FB862BD9564.dll (Google Inc.)
 O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\Explorer.exe (Microsoft Corporation)
 O31 - SafeBoot: AlternateShell - cmd.exe
 O32 - HKLM CDRom: AutoRun - 1
 O32 - AutoRun File - [2006/09/18 23:43:36 | 00,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
 O34 - HKLM BootExecute: (autocheck) -  File not found
 O34 - HKLM BootExecute: (autochk) - C:\Windows\System32\autochk.ex​e (Microsoft Corporation)
 O34 - HKLM BootExecute: (*) -  File not found
 
 ========== Files/Folders - Created Within 30 Days ==========
 
 [10 C:\ProgramData\*.tmp files]
 [2009/08/24 22:24:43 | 00,000,000 | ---D | C] -- C:\ProgramData\NortonInstaller
 [2009/08/22 01:58:52 | 02,010,069 | -H-- | C] () -- C:\Users\candice\AppData\Local​\IconCache.db
 [2009/08/21 14:19:57 | 10,712,18688 | -HS- | C] () -- C:\hiberfil.sys
 [2009/08/20 22:33:51 | 00,499,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\kerberos.d​ll
 [2009/08/20 22:33:50 | 01,256,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\lsasrv.dll
 [2009/08/20 22:33:50 | 00,270,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\schannel.d​ll
 [2009/08/20 22:33:50 | 00,213,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msv1_0.dll
 [2009/08/20 22:33:50 | 00,175,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wdigest.dl​l
 [2009/08/20 22:33:49 | 00,439,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ks​ecdd.sys
 [2009/08/20 22:33:49 | 00,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secur32.dl​l
 [2009/08/20 22:33:49 | 00,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\lsass.exe
 [2009/08/12 10:10:18 | 02,066,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstscax.dl​l
 [2009/08/12 10:10:17 | 00,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wkssvc.dll
 [2009/08/12 10:10:16 | 00,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\atl.dll
 [2009/08/12 10:10:14 | 00,091,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\avifil32.d​ll
 [2009/08/12 10:10:10 | 10,626,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmp.dll
 [2009/08/12 10:10:09 | 00,313,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpdxm.dll
 [2009/08/12 10:10:09 | 00,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spwmp.dll
 [2009/08/12 10:10:08 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdxm.ocx
 [2009/08/12 10:10:08 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxmasf.dll
 [2009/08/12 10:10:07 | 08,147,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmploc.DLL
 [2009/08/12 10:10:07 | 00,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdxm.tlb
 [2009/08/12 10:10:07 | 00,018,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\amcompat.t​lb
 [2009/07/29 09:52:57 | 05,937,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.dll
 [2009/07/29 09:52:56 | 11,067,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieframe.dl​l
 [2009/07/29 09:52:56 | 01,985,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iertutil.d​ll
 [2009/07/29 09:52:55 | 01,469,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cp​l
 [2009/07/29 09:52:55 | 01,208,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\urlmon.dll
 [2009/07/29 09:52:55 | 00,915,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wininet.dl​l
 [2009/07/29 09:52:55 | 00,594,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dl​l
 [2009/07/29 09:52:55 | 00,386,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.d​ll
 [2009/07/29 09:52:55 | 00,206,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\occache.dl​l
 [2009/07/29 09:52:55 | 00,184,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dl​l
 [2009/07/29 09:52:55 | 00,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.e​xe
 [2009/07/29 09:52:55 | 00,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
 [2009/07/29 09:52:55 | 00,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.ex​e
 [2009/07/29 09:52:55 | 00,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.​dll
 [2009/07/29 09:52:55 | 00,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dl​l
 [2009/07/29 09:52:55 | 00,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.​dll
 [2009/07/29 09:52:55 | 00,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dl​l
 [2009/07/29 09:52:55 | 00,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssyn​c.exe
 [2009/07/29 09:52:54 | 01,638,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
 [2009/07/29 09:52:54 | 00,057,667 | ---- | C] () -- C:\Windows\System32\ieuinit.in​f
 [2009/07/29 09:52:54 | 00,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.d​ll
 [2009/07/27 19:49:00 | 00,148,888 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe
 [2009/07/27 19:49:00 | 00,144,792 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe
 [2009/07/27 19:49:00 | 00,144,792 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe
 [2008/10/01 18:53:50 | 00,164,352 | ---- | C] () -- C:\Windows\System32\unrar.dll
 [2008/10/01 18:53:49 | 00,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini
 [2008/10/01 18:53:47 | 00,755,027 | ---- | C] () -- C:\Windows\System32\xvidcore.d​ll
 [2008/10/01 18:53:47 | 00,159,839 | ---- | C] () -- C:\Windows\System32\xvidvfw.dl​l
 [2008/10/01 18:53:46 | 03,596,288 | ---- | C] () -- C:\Windows\System32\qt-dx331.d​ll
 [2008/10/01 18:53:45 | 00,000,547 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll​.manifest
 [2008/10/01 18:53:44 | 00,007,680 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
 [2007/07/09 21:39:56 | 00,344,064 | ---- | C] () -- C:\Windows\System32\lxdicoin.d​ll
 [2007/07/09 21:37:32 | 00,045,056 | ---- | C] () -- C:\Windows\System32\LXF3PMON.D​LL
 [2007/07/09 21:37:32 | 00,032,768 | ---- | C] () -- C:\Windows\System32\LXF3FXPU.D​LL
 [2007/07/09 21:37:12 | 00,036,864 | ---- | C] () -- C:\Windows\System32\lxf3oem.dl​l
 [2007/07/09 21:37:12 | 00,012,288 | ---- | C] () -- C:\Windows\System32\LXF3PMRC.D​LL
 [2007/07/09 21:34:57 | 00,000,060 | -H-- | C] () -- C:\Windows\System32\lxdirwrd.i​ni
 [2007/07/09 21:34:43 | 00,356,352 | ---- | C] ( ) -- C:\Windows\System32\lxdiinpa.d​ll
 [2007/07/09 21:34:43 | 00,311,296 | ---- | C] ( ) -- C:\Windows\System32\lxdihcp.dl​l
 [2007/07/09 21:34:43 | 00,294,912 | ---- | C] () -- C:\Windows\System32\lxdiinst.d​ll
 [2007/07/09 21:34:42 | 00,942,080 | ---- | C] ( ) -- C:\Windows\System32\lxdiusb1.d​ll
 [2007/07/09 21:34:42 | 00,339,968 | ---- | C] ( ) -- C:\Windows\System32\lxdiiesc.d​ll
 [2007/07/09 21:34:41 | 01,187,840 | ---- | C] ( ) -- C:\Windows\System32\lxdiserv.d​ll
 [2007/07/09 21:34:41 | 00,614,400 | ---- | C] ( ) -- C:\Windows\System32\lxdipmui.d​ll
 [2007/07/09 21:34:41 | 00,053,248 | ---- | C] ( ) -- C:\Windows\System32\lxdiprox.d​ll
 [2007/07/09 21:34:41 | 00,053,248 | ---- | C] ( ) -- C:\Windows\System32\lxdipplc.d​ll
 [2007/07/09 21:34:40 | 00,532,480 | ---- | C] ( ) -- C:\Windows\System32\lxdilmpm.d​ll
 [2007/07/09 21:34:39 | 00,671,744 | ---- | C] ( ) -- C:\Windows\System32\lxdihbn3.d​ll
 [2007/07/09 21:34:38 | 00,208,896 | ---- | C] () -- C:\Windows\System32\lxdigrd.dl​l
 [2007/07/09 21:34:37 | 00,761,856 | ---- | C] ( ) -- C:\Windows\System32\lxdicomc.d​ll
 [2007/07/09 21:34:37 | 00,360,448 | ---- | C] ( ) -- C:\Windows\System32\lxdicomm.d​ll
 [2007/06/05 14:14:35 | 00,000,042 | ---- | C] () -- C:\Windows\Acer(Wide).ini
 [2007/06/05 14:14:34 | 00,000,044 | ---- | C] () -- C:\Windows\Acer(Normal).ini
 [2007/02/09 20:07:06 | 00,069,632 | ---- | C] () -- C:\Windows\System32\lxdicnv4.d​ll
 [2007/02/06 23:58:10 | 00,204,800 | ---- | C] () -- C:\Windows\System32\NotesActnM​enu.dll
 [2007/02/06 23:57:58 | 00,266,240 | ---- | C] () -- C:\Windows\System32\NotesExtmn​gr.dll
 [2007/02/06 23:57:20 | 00,086,016 | ---- | C] () -- C:\Windows\System32\MSNSpook.d​ll
 [2007/02/06 23:56:30 | 00,028,672 | ---- | C] () -- C:\Windows\System32\BatchCrypt​o.dll
 [2007/02/06 23:56:28 | 00,073,728 | ---- | C] () -- C:\Windows\System32\APISlice.d​ll
 [2007/02/06 23:52:08 | 00,063,488 | ---- | C] () -- C:\Windows\System32\ShowErrMsg​.dll
 [2007/01/31 22:15:43 | 00,692,224 | ---- | C] () -- C:\Windows\System32\lxdidrs.dl​l
 [2007/01/24 01:40:16 | 00,065,536 | ---- | C] () -- C:\Windows\System32\lxdicaps.d​ll
 [2006/12/25 15:44:48 | 00,022,016 | ---- | C] () -- C:\Windows\System32\MailFormat​_U.dll
 [2006/11/02 14:35:32 | 00,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE​.dll
 [2006/11/02 12:23:31 | 00,000,215 | ---- | C] () -- C:\Windows\system.ini
 [2006/11/02 12:23:31 | 00,000,144 | ---- | C] () -- C:\Windows\win.ini
 [2006/11/02 09:40:29 | 00,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.i​ni
 [2006/08/01 07:53:18 | 00,040,960 | ---- | C] () -- C:\Windows\System32\lxdivs.dll
 [2006/01/07 04:30:17 | 00,001,024 | RH-- | C] () -- C:\Windows\System32\NTIBUN4.dl​l
 [2006/01/07 03:19:59 | 00,000,985 | ---- | C] () -- C:\Windows\generic.ini
 [2006/01/07 03:19:59 | 00,000,095 | ---- | C] () -- C:\Windows\Alaunch.ini
 [2006/01/07 03:19:58 | 00,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.d​ll
 [2006/01/06 20:05:22 | 00,331,776 | ---- | C] () -- C:\Windows\System32\ScrollBarL​ib.dll
 [2006/01/06 20:05:19 | 00,053,248 | ---- | C] ( ) -- C:\Windows\System32\Interop.Sh​ell32.dll
 [2006/01/06 19:54:39 | 00,013,952 | ---- | C] () -- C:\Windows\System32\drivers\UB​Helper.sys
 [2001/12/26 16:12:30 | 00,065,536 | ---- | C] () -- C:\Windows\System32\multiplex_​vcd.dll
 [2001/09/03 23:46:38 | 00,110,592 | ---- | C] () -- C:\Windows\System32\Hmpg12.dll
 [2001/07/30 16:33:56 | 00,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC.​dll
 [2001/07/23 22:04:36 | 00,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC_​MMX.dll
 
 ========== Files - Modified Within 30 Days ==========
 
 [10 C:\ProgramData\*.tmp files]
 [2009/08/24 22:34:43 | 00,003,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-3​76B-497e-B012-9C450E1B7327-2P-​1.C7483456-A289-439d-8115-6016​32D005A0
 [2009/08/24 22:34:42 | 00,003,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-3​76B-497e-B012-9C450E1B7327-2P-​0.C7483456-A289-439d-8115-6016​32D005A0
 [2009/08/24 22:34:40 | 00,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
 [2009/08/24 22:34:37 | 00,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
 [2009/08/24 22:34:30 | 10,712,18688 | -HS- | M] () -- C:\hiberfil.sys
 [2009/08/24 09:51:24 | 00,000,422 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Syn​chronization-{42890110-371C-4B​F4-8458-CFF9065575E2}.job
 [2009/08/23 01:50:02 | 02,010,069 | -H-- | M] () -- C:\Users\candice\AppData\Local​\IconCache.db
 [2009/08/19 11:04:01 | 00,055,656 | ---- | M] (Avira GmbH) -- C:\Windows\System32\drivers\av​gntflt.sys
 [2009/08/11 11:19:50 | 00,107,008 | ---- | M] () -- C:\Users\candice\AppData\Local​\DCBC2A71-70D8-4DAN-EHR8-E0D61​DEA3FDF.ini
 [2009/07/30 02:49:14 | 24,281,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mrt.exe
 
 ========== LOP Check ==========
 
 [2009/02/12 12:31:16 | 00,000,000 | ---D | M] -- C:\Users\candice\AppData\Roami​ng
 [2007/06/06 21:27:48 | 00,000,000 | ---D | M] -- C:\Users\candice\AppData\Roami​ng\CyberLink
 [2007/07/09 22:20:31 | 00,000,000 | ---D | M] -- C:\Users\candice\AppData\Roami​ng\FaxCtr
 [2009/02/12 12:31:16 | 00,000,000 | ---D | M] -- C:\Users\candice\AppData\Roami​ng\Grisoft
 [2007/08/26 10:26:25 | 00,000,000 | ---D | M] -- C:\Users\candice\AppData\Roami​ng\Leadertech
 [2007/07/09 21:55:33 | 00,000,000 | ---D | M] -- C:\Users\candice\AppData\Roami​ng\Lexmark Imaging Studio
 [2006/11/02 14:37:34 | 00,000,000 | ---D | M] -- C:\Users\candice\AppData\Roami​ng\Media Center Programs
 [2009/08/24 22:36:20 | 00,000,000 | ---D | M] -- C:\Users\candice\AppData\Roami​ng\OpenOffice.org2
 [2009/07/12 19:14:05 | 00,000,404 | ---- | M] () -- C:\Windows\Tasks\EasyShare Registration Task.job
 [2009/08/24 22:34:40 | 00,000,006 | -H-- | M] () -- C:\Windows\Tasks\SA.DAT
 [2009/08/24 22:29:34 | 00,032,614 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 [2009/08/24 09:51:24 | 00,000,422 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Syn​chronization-{42890110-371C-4B​F4-8458-CFF9065575E2}.job
 
 ========== Purity Check ==========
 
 
 < End of report >

(Publicité)
laetis
Sur la bonne voie (de 100 à 499 messages postés)
  1. Posté le 24/08/2009 à 21:02:51  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
maintenant le second rapport

 une petite question : mon UAC est toujours désactiver et je m'arrive plus a l'activer  :pt1cable:

 OTL Extras logfile created on: 24/08/2009 22:52:24 - Run 1
 OTL by OldTimer - Version 3.0.10.7     Folder = C:\Users\candice\Downloads
 Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
 Internet Explorer (Version = 8.0.6001.18813)
 Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy
 
 1022,82 Mb Total Physical Memory | 522,23 Mb Available Physical Memory | 51,06% Memory free
 2,26 Gb Paging File | 1,16 Gb Available in Paging File | 51,59% Paging File free
 Paging file location(s): ?:\pagefile.sys [binary data]
 
 %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
 Drive C: | 145,80 Gb Total Space | 34,08 Gb Free Space | 23,37% Space Free | Partition Type: NTFS
 Drive D: | 145,46 Gb Total Space | 145,36 Gb Free Space | 99,94% Space Free | Partition Type: NTFS
 E: Drive not present or media not loaded
 F: Drive not present or media not loaded
 G: Drive not present or media not loaded
 H: Drive not present or media not loaded
 I: Drive not present or media not loaded
 
 Computer Name: PC-DE-LAETITIA
 Current User Name: candice
 Logged in as Administrator.
 
 Current Boot Mode: Normal
 Scan Mode: Current user
 Company Name Whitelist: Off
 Skip Microsoft Files: Off
 File Age = 30 Days
 Output = Minimal
 
 ========== Extra Registry (SafeList) ==========
 
 
 ========== File Associations ==========
 
 [HKEY_LOCAL_MACHINE\SOFTWARE\Cl​asses\<extension>]
 .hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
 .html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
 
 ========== Security Center Settings ==========
 
 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Security Center]
 "cval" = 1
 "UacDisableNotify" = 0
 "InternetSettingsDisableNotify​" = 0
 "AutoUpdateDisableNotify" = 0
 "FirewallDisableNotify" = 0
 
 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Security Center\Monitoring]
 "DisableMonitoring" = 1
 
 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Security Center\Monitoring\SymantecAntiVirus]
 "DisableMonitoring" = 1
 
 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Security Center\Monitoring\SymantecFirewall]
 "DisableMonitoring" = 1
 
 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Security Center\Svc]
 "AntiVirusOverride" = 0
 "AntiSpywareOverride" = 0
 "FirewallOverride" = 0
 "VistaSp1" = Reg Error: Unknown registry data type -- File not found
 
 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Security Center\Svc\Vol]
 
 [HKEY_LOCAL_MACHINE\SYSTEM\Curr​entControlSet\Services\SharedA​ccess\Parameters\FirewallPolic​y\DomainProfile]
 "DisableNotifications" = 0
 "EnableFirewall" = 1
 
 [HKEY_LOCAL_MACHINE\SYSTEM\Curr​entControlSet\Services\SharedA​ccess\Parameters\FirewallPolic​y\StandardProfile]
 "DisableNotifications" = 0
 "EnableFirewall" = 1
 
 [HKEY_LOCAL_MACHINE\SYSTEM\Curr​entControlSet\Services\SharedA​ccess\Parameters\FirewallPolic​y\PublicProfile]
 "DisableNotifications" = 0
 "EnableFirewall" = 1
 
 ========== Authorized Applications List ==========
 
 [HKEY_LOCAL_MACHINE\SYSTEM\Curr​entControlSet\Services\SharedA​ccess\Parameters\FirewallPolic​y\StandardProfile\AuthorizedAp​plications\List]
 "C:\Program Files\OrangeHSS\Connectivity\C​onnectivityManager.exe" = C:\Program Files\OrangeHSS\Connectivity\C​onnectivityManager.exe:*:enabl​ed:CSS -- (France Telecom SA)
 "C:\Acer\Empowering Technology\eDataSecurity\eDSfs​u.exe" = C:\Acer\Empowering Technology\eDataSecurity\eDSfs​u.exe:*:Enabled:eDSfsu -- (Acer Inc.)
 "C:\Acer\Empowering Technology\eDataSecurity\encry​ption.exe" = C:\Acer\Empowering Technology\eDataSecurity\encry​ption.exe:*:Enabled:encryption -- (HiTRUST)
 "C:\Acer\Empowering Technology\eDataSecurity\decry​ption.exe" = C:\Acer\Empowering Technology\eDataSecurity\decry​ption.exe:*:Enabled:decryption -- (HiTRUST)
 
 
 ========== Vista Active Open Ports Exception List ==========
 
 [HKEY_LOCAL_MACHINE\SYSTEM\Curr​entControlSet\Services\SharedA​ccess\Parameters\FirewallPolic​y\FirewallRules]
 "{B76427DA-1FE6-46EF-8E40-5812​BFA6D8E1}" = lport=7537 | protocol=6 | dir=in | name=emule_tcp |
 "{F9D395D4-A400-40E0-A1A4-824C​CA52757A}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
 "{FDFD0438-392E-400E-B349-6212​FC971CA3}" = lport=2869 | protocol=6 | dir=in | app=system |
 "{FF9B9F3B-E25C-41F2-A109-11EB​076D5F0E}" = lport=64669 | protocol=17 | dir=in | name=emule_udp |
 
 ========== Vista Active Application Exception List ==========
 
 [HKEY_LOCAL_MACHINE\SYSTEM\Curr​entControlSet\Services\SharedA​ccess\Parameters\FirewallPolic​y\FirewallRules]
 "{00CE8B93-A95E-4505-911F-E33A​96E2AA72}" = protocol=17 | dir=in | app=c:\program files\lexmark 3500-4500 series\lxdimon.exe |
 "{2088F3C2-936F-4436-AEED-366B​075CDE4F}" = protocol=6 | dir=in | app=c:\windows\system32\spool\​drivers\w32x86\3\lxdipswx.exe |
 "{3644AAC3-5A91-49CD-AFF0-3574​437F4077}" = protocol=6 | dir=in | app=c:\program files\acer zone\acer plug and record\component\dvax2process.​exe |
 "{4A22006D-667E-4FD7-8D86-8332​780D93C4}" = protocol=6 | dir=in | app=c:\users\candice\appdata\l​ocal\temp\7zs6f34.tmp\symnrt.e​xe |
 "{4BBAEB7E-372E-4C49-982B-4655​82198C50}" = protocol=17 | dir=in | app=c:\windows\system32\lxdico​ms.exe |
 "{52D4F82C-3442-4751-9FFB-6C8A​AF60080C}" = protocol=17 | dir=in | app=c:\windows\system32\spool\​drivers\w32x86\3\lxditime.exe |
 "{6359256F-4CEF-4C72-BBCC-2620​015D4075}" = protocol=6 | dir=in | app=c:\program files\lexmark 3500-4500 series\lxdimon.exe |
 "{6539D799-7174-4EA6-AFEC-7E36​8AF33207}" = protocol=17 | dir=in | app=c:\program files\acer zone\acer plug and record\component\arawp.exe |
 "{6A23E326-15EA-4E0B-BDE8-CBD7​C7081E5F}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
 "{77064DF1-3DF0-4BCD-AC52-4272​F33113D7}" = protocol=17 | dir=in | app=c:\windows\system32\spool\​drivers\w32x86\3\lxdipswx.exe |
 "{7C6CB3F3-F467-4E96-8BE5-93E0​01B31D33}" = protocol=6 | dir=in | app=c:\program files\lexmark 3500-4500 series\lxdiamon.exe |
 "{8232F815-565A-47CE-A781-B861​F266683F}" = protocol=6 | dir=in | app=c:\windows\system32\spool\​drivers\w32x86\3\lxdijswx.exe |
 "{827EE55A-03C3-4A22-B3C3-6D69​88411BAE}" = dir=in | app=c:\program files\myspace\im\myspaceim.exe |
 "{88CE7F64-90E9-4E54-9839-562B​01930652}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe |
 "{88ECF735-BA95-4C4C-B1DD-F8A0​505D0210}" = protocol=17 | dir=in | app=c:\program files\acer zone\acer zone main page\mce deluxe suite.exe |
 "{9357837E-EEB8-4804-AEE7-FBB2​A61280F4}" = protocol=6 | dir=in | app=c:\program files\acer zone\acer plug and record\component\arawp.exe |
 "{9591A2D8-8D9B-438D-9223-1B79​2A8FA035}" = protocol=17 | dir=in | app=c:\windows\system32\spool\​drivers\w32x86\3\lxdijswx.exe |
 "{95A589C8-AC04-4F93-BBA6-CFE9​65C0573A}" = protocol=17 | dir=in | app=c:\program files\acer zone\acer picture slide dvd\component\clsldvd.exe |
 "{A380F851-FD57-4036-B38E-CF5D​7FA271CC}" = dir=in | app=c:\program files\windows live\messenger\wlcsdk.exe |
 "{A770EF7B-5824-42A4-8516-0EA0​9DB4772A}" = protocol=6 | dir=in | app=c:\windows\system32\spool\​drivers\w32x86\3\lxditime.exe |
 "{BABF4270-6E3F-4582-B080-036A​5A1A2674}" = protocol=17 | dir=in | app=c:\program files\lexmark 3500-4500 series\app4r.exe |
 "{BBC0E2BF-C5B7-435F-8D5F-3274​6C11319C}" = protocol=17 | dir=in | app=c:\program files\lexmark 3500-4500 series\lxdiamon.exe |
 "{BDD9BF01-7BE7-4893-B26C-DBF7​6962231A}" = protocol=17 | dir=in | app=c:\program files\acer zone\acer plug and record\component\dvax2process.​exe |
 "{BDE6C266-D4E0-412E-8BDC-137F​DAFD962D}" = protocol=6 | dir=in | app=c:\program files\acer zone\acer picture slide dvd\component\clsldvd.exe |
 "{C14489E5-029B-4CF5-B785-CA7A​26F399BE}" = protocol=6 | dir=in | app=c:\program files\lexmark 3500-4500 series\app4r.exe |
 "{CBA664D7-7845-4748-A78F-A801​EA076BBF}" = protocol=6 | dir=in | app=c:\program files\acer zone\acer zone main page\mce deluxe suite.exe |
 "{CC8CA2AF-6138-4335-B459-62CC​F765CD2B}" = protocol=17 | dir=in | app=c:\users\candice\appdata\l​ocal\temp\7zs6f34.tmp\symnrt.e​xe |
 "{D08CE499-0362-48FF-BAEA-D2BA​C325431D}" = protocol=6 | dir=in | app=c:\windows\system32\lxdico​ms.exe |
 "{D107C740-DFB4-4E00-9C4E-0465​AC8388A5}" = protocol=6 | dir=in | app=c:\program files\acer zone\acer zone softdma\softdma.exe |
 "{E2EC3638-EB6F-463F-AD0E-8C61​00D6E4DD}" = protocol=17 | dir=in | app=c:\program files\acer zone\acer zone softdma\softdma.exe |
 "TCP Query User{028DE0B5-753E-47B8-BD0E-D​64293A732AA}C:\program files\hercules\hercules dualpix hd webcam\station2.exe" = protocol=6 | dir=in | app=c:\program files\hercules\hercules dualpix hd webcam\station2.exe |
 "TCP Query User{86A2A967-E179-4E21-82CD-8​19AA1116499}C:\program files\orangehss\browser\browse​r.exe" = protocol=6 | dir=in | app=c:\program files\orangehss\browser\browse​r.exe |
 "TCP Query User{E9B0E2A2-86BC-432E-BC79-A​F8EB6CC5BFC}C:\program files\emule\emule.exe" = protocol=6 | dir=in | app=c:\program files\emule\emule.exe |
 "UDP Query User{0773CA9F-CFBA-46F1-B3B6-F​CB1754B67F7}C:\program files\hercules\hercules dualpix hd webcam\station2.exe" = protocol=17 | dir=in | app=c:\program files\hercules\hercules dualpix hd webcam\station2.exe |
 "UDP Query User{28FB30F5-D003-4653-8BB6-0​C26260B89F5}C:\program files\orangehss\browser\browse​r.exe" = protocol=17 | dir=in | app=c:\program files\orangehss\browser\browse​r.exe |
 "UDP Query User{2CFA71B9-8A36-4C3F-9988-A​02567773173}C:\program files\emule\emule.exe" = protocol=17 | dir=in | app=c:\program files\emule\emule.exe |
 
 ========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows\CurrentVersion​\Uninstall]
 "{002D9D5E-29BA-3E6D-9BC4-3D7D​6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
 "{03EDED24-8375-407D-A721-4643​D9768BE1}" = kgchlwn
 "{059C042E-796A-4ACC-A81A-ECC2​010BB78C}" = Windows Live Messenger
 "{073F22CE-9A5B-4A40-A604-C727​0AC6BF34}" = ESSSONIC
 "{0CC70FEF-5068-4CD5-B4DE-86FF​D98EC929}" = Menus intelligents (Windows Live Toolbar)
 "{105E1A5B-A749-4825-A8A1-AFD1​6615DC6C}" = DesignPro SE
 "{11F3F858-4131-4FFA-A560-3FE2​82933B6E}" = kgchday
 "{14D4ED84-6A9A-45A0-96F6-1753​768C3CB5}" = ESSPCD
 "{1577A05B-EE62-4BBC-9DB7-FE74​8FA44EC2}" = NTI CD & DVD-Maker
 "{18455581-E099-4BA8-BC6B-F34B​2F06600C}" = Google Toolbar for Internet Explorer
 "{205C6BDD-7B73-42DE-8505-9A09​3F35A238}" = Outil de téléchargement Windows Live
 "{2231CE39-B963-4B9D-823A-F412​ECA637B1}" = Windows Live Writer
 "{22B775E7-6C42-4FC5-8E10-9A5E​3257BD94}" = MSVCRT
 "{2318C2B1-4965-11d4-9B18-0090​27A5CD4F}" = Google Toolbar for Internet Explorer
 "{26A24AE4-039D-4CA4-87B4-2F83​216011FF}" = Java(TM) 6 Update 14
 "{2D03B6F8-DF36-4980-B7B6-5B93​D5BA3A8F}" = essvatgt
 "{3248F0A8-6813-11D6-A77B-00B0​D0160010}" = Java(TM) SE Runtime Environment 6 Update 1
 "{3248F0A8-6813-11D6-A77B-00B0​D0160020}" = Java(TM) 6 Update 2
 "{3248F0A8-6813-11D6-A77B-00B0​D0160030}" = Java(TM) 6 Update 3
 "{3248F0A8-6813-11D6-A77B-00B0​D0160040}" = Java(TM) 6 Update 4
 "{3248F0A8-6813-11D6-A77B-00B0​D0160050}" = Java(TM) 6 Update 5
 "{3248F0A8-6813-11D6-A77B-00B0​D0160070}" = Java(TM) 6 Update 7
 "{3B4E636E-9D65-4D67-BA61-1898​00823F52}" = Windows Live Communications Platform
 "{3E31821C-7917-367E-938E-E65F​C413EA31}" = Microsoft .NET Framework 3.5 Language Pack SP1 - fra
 "{41581EF5-45A7-11DA-9D78-0001​29760D75}" = Acer Picture Slide DVD
 "{42938595-0D83-404D-9F73-F817​7FDD531A}" = ESScore
 "{44E54A81-9D91-4AA1-9417-80AF​F134F5FF}" = Galerie de photos Windows Live
 "{4537EA4B-F603-4181-89FB-2953​FC695AB1}" = netbrdg
 "{4BDFD2CE-6329-42E4-9801-9B3D​1F10D79B}" = Adobe® Photoshop® Album Edition Découverte 3.0
 "{4CBA3D4C-8F51-4D60-B27E-F6B6​41C571E7}" = Microsoft Search Enhancement Pack
 "{4DE3E3D9-AE81-45DE-9195-3015​F7B1DBF3}" = Junk Mail filter update
 "{5316DFC9-CE99-4458-9AB3-E872​6EDE0210}" = skin0001
 "{605A4E39-613C-4A12-B56F-DEFB​E6757237}" = SHASTA
 "{608D2A3C-6889-4C11-9B54-A42F​45ACBFDB}" = fflink
 "{63DC2DA0-2A6C-4C38-9249-B753​95458657}" = Windows Live Mail
 "{643EAE81-920C-4931-9F0B-4B34​3B225CA6}" = ESSBrwr
 "{67ADE9AF-5CD9-4089-8825-55DE​4B366799}" = NTI Backup NOW! 4.7
 "{693C08A7-9E76-43FF-B11E-9A58​175474C4}" = kgckids
 "{7370DF47-B4F9-4279-BFC3-3F09​919F720D}" = Installation Windows Live
 "{770657D0-A123-3C07-8E44-1C83​EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
 "{79DD56FC-DB8B-47F5-9C80-78B6​2E05F9BC}" = Acer ScreenSaver
 "{82C7B308-0BDD-49D8-8EA5-9CD3​A3F9DF41}" = Windows Live Call
 "{8943CE61-53BD-475E-90E1-A580​869E98A2}" = staticcr
 "{89F4137D-6C26-4A84-BDB8-2E5A​4BB71E00}" = Microsoft Silverlight
 "{8A502E38-29C9-49FA-BCFA-D727​CA062589}" = ESSTOOLS
 "{8A74E887-8F0F-4017-AF53-CBA4​2211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
 "{8A8664E1-84C8-4936-891C-BC1F​07797549}" = kgcvday
 "{8E92D746-CD9F-4B90-9668-42B7​4C14F765}" = ESSini
 "{8FFC5648-FAF8-43A3-BC8F-42BA​1E275C4E}" = Choice Guard
 "{91517631-A9F3-4B7C-B482-43E0​068FD55A}" = ESSgui
 "{94389919-B0AA-4882-9BE8-9F0B​004ECA35}" = Acer Tour
 "{95120000-00B9-0409-0000-0000​000FF1CE}" = Microsoft Application Error Reporting
 "{999D43F4-9709-4887-9B1A-83EB​B15A8370}" = VPRINTOL
 "{9A25302D-30C0-39D9-BD6F-21E6​EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
 "{9BD54685-1496-46A5-AB62-357C​D140ED8B}" = kgcinvt
 "{9C5EB781-0D37-44B8-9A58-77B3​E4BF5F5E}" = Windows Live Sync
 "{A1588373-1D86-4D44-86C9-78AB​D190F9CC}" = kgcmove
 "{A49F249F-0C91-497F-86DF-B258​5E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
 "{AA4BF92B-2AAF-11DA-9D78-0001​29760D75}" = Acer Zone SoftDMA
 "{AB6097D9-D722-4987-BD9E-A076​E2848EE2}" = Acer Empowering Technology
 "{AC76BA86-7AD7-1036-7B44-A812​00000003}" = Adobe Reader 8.1.2 - Français
 "{ACF60000-22B9-4CE9-98D6-2CCF​359BAC07}" = ABBYY FineReader 6.0 Sprint
 "{AE1FA02D-E6A4-4EA0-8E58-6483​CAC016DD}" = ESSCDBK
 "{AEEAE013-92F1-4515-B278-139F​1A692A35}" = Acer eDataSecurity Management
 "{AEEAE013-92F1-4515-B278-139F​1A692A36}" = Acer eDataSecurity Management
 "{B145EC69-66F5-11D8-9D75-0001​29760D75}" = Acer Zone MakeDisk
 "{B162D0A6-9A1D-4B7C-91A5-88FB​48113C45}" = OfotoXMI
 "{B4092C6D-E886-4CB2-BA68-FE5A​88D31DE6}_is1" = Spybot - Search & Destroy
 "{B4B44FE7-41FF-4DAD-8C0A-E406​DDA72992}" = CCScore
 "{BD64AF4A-8C80-4152-AD77-FCDD​F05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
 "{BF516A44-48E3-4319-BBF6-B4B6​6E9F76FA}" = OpenOffice.org 2.2
 "{CE2CDD62-0124-36CA-84D3-9F4D​CF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
 "{D3116CC7-24DC-4CA3-9CE1-23FE​D836E9F2}" = Assistant de connexion Windows Live
 "{D32470A1-B10C-4059-BA53-CF04​86F68EBC}" = Logiciel Kodak EasyShare
 "{D462BF9E-0C35-4705-BF9B-3DF9​F3816643}" = Acer ePerformance Management
 "{D6A2DDE3-9D7C-412C-932A-7565​80D29919}" = Windows Live Contrôle parental
 "{DB02F716-6275-42E9-B8D2-83BA​2BF5100B}" = SFR
 "{E1180142-3B31-4DCC-9D27-7AC2​D37662BF}" = LightScribe  1.4.124.1
 "{E18B549C-5D15-45DA-8D8F-8FD2​BD946344}" = kgcbaby
 "{E79987F0-0E34-42CC-B8FF-6C86​0AEEB26A}" = tooltips
 "{EFBDC2B0-FAA8-4B78-8DE1-AEBE​7958FA37}" = Acer Zone Main Page
 "{EFFCB0F1-CFEC-48D4-B793-EBFC​AE852976}" = Détecteur de flux Windows Live Toolbar (Windows Live Toolbar)
 "{F07B861C-72B9-40A4-8B1A-AAED​4C06A7E8}" = QuickTime
 "{F0B430D1-B6AA-473D-9B06-AA3D​D01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
 "{F0CFDC72-63D2-4086-A54F-1514​494394A0}" = Hercules DualPix HD Webcam
 "{F132AF7F-7BCA-4EDE-8A7C-9581​08FE7DBC}" = Realtek High Definition Audio Driver
 "{F22C222C-3CE2-4A4B-A83F-AF46​81371ABE}" = kgcbase
 "{F4A2E7CC-60CA-4AFA-B67F-AD5E​58173C3F}" = SKINXSDK
 "{F6EFFB76-4A07-11DA-9D78-0001​29760D75}" = Acer Plug and Record
 "{F79A208D-D929-11D9-9D77-0001​29760D75}" = Acer Zone MagicDirector
 "{F7D27C70-90F5-49B9-B188-0A13​3C0CE353}" = Windows Live Toolbar
 "{F9593CFB-D836-49BC-BFF1-0E66​9A411D9F}" = WIRELESS
 "{FCDB1C92-03C6-4C76-8625-3712​24256091}" = ESSPDock
 "{ORAHSS}.Bas_Debit_CustoUpdat​e" =
 "{ORAHSS}.Browser" = Navigateur Orange
 "{ORAHSS}.UninstallSuite" = Orange - Logiciels Internet
 "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
 "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
 "AVGantiRootkit" = AVG Anti-Rootkit Free
 "Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
 "CCleaner" = CCleaner (remove only)
 "Clean Virus MSN_is1" = Clean Virus MSN
 "eMule" = eMule
 "EVEREST Home Edition_is1" = EVEREST Home Edition v2.20
 "Fan club Christophe Maé" = le Fan club Christophe Maé 1.30
 "HijackThis" = HijackThis 2.0.2
 "InstallShield_{105E1A5B-A749-​4825-A8A1-AFD16615DC6C}" = DesignPro SE
 "InstallShield_{1577A05B-EE62-​4BBC-9DB7-FE748FA44EC2}" = NTI CD & DVD-Maker
 "Kaspersky Online Scanner" = Kaspersky Online Scanner
 "KLiteCodecPack_is1" = K-Lite Codec Pack 4.1.4 (Full)
 "Lexmark 3500-4500 Series" = Lexmark 3500-4500 Series
 "Lexmark Fax Solutions" = Solutions de télécopie Lexmark
 "Microsoft .NET Framework 3.5 Language Pack SP1 - fra" = Module linguistique Microsoft .NET Framework 3.5 SP1- fra
 "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
 "Mozilla Firefox (3.0.13)" = Mozilla Firefox (3.0.13)
 "NanoScan" = Panda NanoScan
 "Navilog1_is1" = Navilog1 3.3.8
 "NVIDIA Drivers" = NVIDIA Drivers
 "Ourson Connaît ton Nom_is1" = Ourson Connaît ton Nom
 "SiS163u" = 802.11 USB Wireless LAN Adapter
 "Sophos-AntiRootkit" = Sophos Anti-Rootkit 1.3.1
 "VLC media player" = VideoLAN VLC media player 0.8.6c
 "WinLiveSuite_Wave3" = Installation Windows Live
 "Yahoo! Companion" = Yahoo! Toolbar avec bloqueur de fenêtres pop-up
 "Yahoo! Toolbar" = Yahoo! Toolbar
 
 ========== HKEY_CURRENT_USER Uninstall List ==========
 
 [HKEY_CURRENT_USER\SOFTWARE\Mic​rosoft\Windows\CurrentVersion\​Uninstall]
 "Kellogg's Asie" = Kellogg's Asie
 
 ========== Last 10 Event Log Errors ==========
 
 Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!
 
 < End of report >

May CastleCops live forever in our memories.
curson
Débutant confirmé (de 1 000 à 4 999 messages postés)
  1. Posté le 24/08/2009 à 22:06:45  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
Bonsoir,

 Rien d'extraordinaire.
 Désactive tes logiciels de sécurité durant la procédure.

 1) Désinstaller l'Espace Wanadoo/Orange ; il est source de ralentissements et d'instabilité. Tutorial.


 2) Désinstalle les applications suivantes (si présentes) via ajout/suppression de programmes :

 Acer Tour
 SFR
 Navigateur Orange
 Orange - Logiciels Internet
 AVG Anti-Rootkit Free
 Clean Virus MSN
 Kaspersky Online Scanner
 Panda NanoScan
 Navilog1
 Sophos Anti-Rootkit


 3) Relance OTL

 - Copie-colle l'entièreté de ceci ci dessous dans la partie "Customs Scans/Fixes" :
 



:Processes
 explorer.exe

 :otl
 SRV - (FTRTSVC [Auto | Running]) -- File not found
 SRV - (SeaPort [Auto | Running]) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corporation)
 DRV - (AVG Anti-Rootkit [Boot | Running]) -- C:\Windows\System32\DRIVERS\av​garkt.sys (GRISOFT, s.r.o.)
 DRV - (AvgArCln [System | Running]) -- C:\Windows\System32\DRIVERS\Av​gArCln.sys (GRISOFT, s.r.o.)
 O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988​571CECB} - No CLSID value found.
 O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3A​AC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
 O4 - HKLM..\Run: [Acer Tour] File not found
 O4 - HKLM..\Run: [eRecoveryService] File not found
 O4 - HKCU..\Run: [&#25409;&#29285;&#​21536;&#30063;r] File not found
 O4 - HKCU..\Run: [&#25409;&#29285;&#​21536;&#30063;&#8306;&​amp;#25938;&#26989;&#2​5710;&#29285;] File not found
 [2009/08/24 22:24:43 | 00,000,000 | ---D | C] -- C:\ProgramData\NortonInstaller
 [2009/02/12 12:31:16 | 00,000,000 | ---D | M] -- C:\Users\candice\AppData\Roami​ng\Grisoft

 :reg
 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Security Center\Monitoring]
 "DisableMonitoring"=dword:0000​0000

 :files
 C:\Programmes\Common Files\France Telecom\Shared Modules\FTRTSVC
 C:\Program Files\Microsoft\Search Enhancement Pack

 :Commands
 [Purity]
 [emptytemp]
 [start explorer]



 Clique ensuite sur "Run Fix". L'ordinateur peut demander à redémarrer, accepte.
 Une fois l'opération terminée, un fichier texte apparaîtra à l'écran. Copie/colle son contenu ici.


 4) Télécharge Malwarebytes Anti-Malware.

 - Installe-le et fais les mises à jour.


 5) Lance MBAM :

 - Coche la case "Exécuter un examen complet" puis clique sur Rechercher.
 - Sélectionne (coche) toutes tes partitions puis clique sur "Lancer l'examen".
 - Lorsque le scan est terminé, un message te prévient. Clique alors sur le bouton "Montrer les résultats".
 - Dans la fenêtre suivante clique sur "Supprimer la sélection".Si le programme te propose de redémarrer l'ordinateur, accepte!
 - Le rapport de scan va s'afficher. Sauvegarde le puis poste son contenu.


 Comment se comporte le système ?


 Cordialement.

 Page :
1

Aller à :
 

Sujets relatifs
arrêt intempestif ordi Pb arret du PC sans raison
Pub qui apparaissent sans arret pc mouline
pub CiD qui déboulent sans arrêt  
Plus de sujets relatifs à : mon pc mouline sant arret

Les 5 sujets de discussion précédents Nombre de réponses Dernier message
popup "Favorit" incessants 1
Mon pc est contaminé et arrete mon antivir au démarrage 18
Windows security alert (virus) 7
Probleme Rootkit 4
Besoin d'aide, trojan win32.Hrup.a 5