Sujet Précédent Sujet Suivant

Impossible mises à jour VISTA Grrr

DARKGOTH-666 -  
sKe69 Messages postés 21955 Statut Contributeur sécurité -
Bonjour,

Je sais qu'il y a déjà des tuto ouverts à ce sujets mais je ne sais + quoi faire =(
J'ai un pc portable Acer 5920G avec Windows Vista Edition Familiale Premium et depuis environ 6/8 mois, du jour au lendemain, mises à jour impossible, sans raison, j'ai beau essayé toutes les solutions déjà données mais sans résultats =( (c'est à dire désactiver pare feu + antivirus, mises à jour manuelles à partir de site internet, commande services.msc, ...), toujours cet erreur "Code erreur 80080005".

Please si quelqu'un peut m'aider, je suis ouvert toutes propositions.

Merci d'avance, au plaisir.

122 réponses

Précédent
Réponse 81 / 122
DARKGOTH-666
 
Re

Bon ça fait 20mn que Ad-remover tourne donc je mettrai le rapport demain matin ^^
0
Réponse 82 / 122
DARKGOTH-666
 
Voici le rapport de Ad-remover :

------- LOGFILE OF AD-REMOVER 1.1.3.4 | ONLY XP/VISTA -------

Updated by C_XX on 30/04/2009 at 20:00
Contact: AdRemover.contact@gmail.com
Website: http://pagesperso-orange.fr/NosTools/ad_remover.html

Start at: 9:25:12, 02/05/2009 | Boot mode: Normal Boot
Option: SCAN | Executed from: C:\Program Files\Ad-remover\Ad-remover.bat
Operating System: Microsoft® Windows Vista™ Home Premium (version 6.0.6000)
Computer Name: PC-DE-JE
Current User: je - Administrator
Drive(s):
- C:\ (File System: NTFS)
- D:\ (File System: NTFS)

============ Known Adwares Found ============

.
HKCU\Software\Grand Virtual
.

+-----------------| Eorezo Elements Found:

.

+-----------------| It's TV Elements Found:

.

+-----------------| Sweetim Elements Found:

.

+-----------------| Added Scan:

---- Mozilla FireFox Version 3.0.10 ----

ProfilePath: gtmiohnj.default (je)
.
.
.
.
.
.

---- Internet Explorer Version 7.0.6000.16575 ----

[HKEY_CURRENT_USER\..\Internet Explorer\Main]

Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Start page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome

[HKEY_USERS\S-1-5-21-208463-2846597275-3303112567-1000\..\Internet Explorer\Main]

Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Start page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome

[HKEY_LOCAL_MACHINE\..\Internet Explorer\Main]

Default_Page_URL: hxxp://go.microsoft.com/fwlink/?LinkId=69157
Default_Search_URL: hxxp://go.microsoft.com/fwlink/?LinkId=54896
Search Page: hxxp://go.microsoft.com/fwlink/?LinkId=54896
Start page: hxxp://fr.msn.com/

[HKEY_LOCAL_MACHINE\..\Internet Explorer\ABOUTURLS]

Tabs: hxxp://ieframe.dll/tabswelcome.htm

+---------------------------------------------------------------------------+

696 Byte(s) - C:\Ad-Report-Scan-01.05.2009.log
1923 Byte(s) - C:\Ad-Report-Scan-02.05.2009.log

End at: 9:53:54 | 02/05/2009
.
+-----------------| E.O.F
.
0
Réponse 83 / 122
sKe69 Messages postés 21955 Statut Contributeur sécurité 463
 
Bien ...

la suite dans l'ordre :

1-Nettoyage AD-Remover :

! Déconnecte toi et ferme toutes application en cours ( navigarteur compris ) !

* Relance "Ad-remover" : au menu principal choisis l'option "B" .

* A l'écran de sélection :

> choisis le(s) chiffre(s) suivant pour nettoyer les traces de :

1 - "Adwares connus" puis [entrée]

Une fois la sélection faite, tape S puis [entrée] pour lancer la suppression .

--> le programme va travailler , ne touche à rien ...

* Poste le rapport qui apparait à la fin + un nouvel Hijackthis pour analyse ...

( le rapport est sauvegardé aussi sous C:\Ad-report.log )

/!\ Si le Bureau ne réapparait pas, presse Ctrl + Alt + Suppr , Onglet "Fichier" , "Nouvelle tâche" , tape explorer.exe et valide ) /!\

============================

2- désinstalle proprement Ad-Remover ainsi :

* Relance l'outil , au menu principal choisis l'option C et valide ..
Lors de l'apparition du message d'avertissement , clique sur "Ok" .

* Supprime les fichiers : C:\Ad-report(date).log
Et supprime ensuite le répertoire C:\Program Files\AD-Remover qui sera vide .

===========================

3- Refais un coup de CCleaner ( registre compris )

============================

4- Télécharge se petit soft , ZEB_RESTORE :

ici http://telechargement.zebulon.fr/zeb-restore.html
ou https://forum.zebulon.fr/index.php?act=attach&type=blogentry&id=1153

Enregistre ce fichier sur ton bureau.

-Clique droit Zeb-Restore.zip ==> "Extraire tout" choisis comme lieu d'enregistrement le bureau.
-Ouvre le dossier ZR_1.0.0.37 ==> double clique sur Zeb-Restore.exe
---> Coche les cases devant ( et uniquement celles-ci ! ) :

* Windows Update : rétablit la fonction Windows Update
* Policies : remet en place des éléments désactivés par "Policies"

-Clique sur : " Restaurer " et laisse faire .... ( cela est assez rapide )

--> Une fois finit, redémarre ton PC .

> essaye ensuite les mises à jour de Windows et dis moi si cela fonctionne ....

0
Réponse 84 / 122
DARKGOTH-666
 
Voici déjà le rapport avec Ad-remover :

------- LOGFILE OF AD-REMOVER 1.1.3.4 | ONLY XP/VISTA -------

Updated by C_XX on 30/04/2009 at 20:00
Contact: AdRemover.contact@gmail.com
Website: http://pagesperso-orange.fr/NosTools/ad_remover.html

**** LIMITED TO ****

Known Adwares

********************

Start at: 10:21:52, 02/05/2009 | Boot mode: Normal Boot
Option: CLEAN | Executed from: C:\Program Files\Ad-remover\Ad-remover.bat
Operating System: Microsoft® Windows Vista™ Home Premium (version 6.0.6000)
Computer Name: PC-DE-JE
Current User: je - Administrator
Drive(s):
- C:\ (File System: NTFS)
- D:\ (File System: NTFS)

(!) ---- IE start pages/Tabs reset

============ Known Adwares Deleted ============

.
HKCU\Software\Grand Virtual
.

(!) ---- Temp files deleted.
(!) ---- Recycle bin emptied in all drives.

+-----------------| Added Scan :

---- Mozilla FireFox Version 3.0.10 ----

ProfilePath: gtmiohnj.default (je)
.
.
.
.
.
.

---- Internet Explorer Version 7.0.6000.16575 ----

[HKEY_CURRENT_USER\..\Internet Explorer\Main]

Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Search bar: hxxp://go.microsoft.com/fwlink/?linkid=54896
Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Start page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome

[HKEY_USERS\S-1-5-21-208463-2846597275-3303112567-1000\..\Internet Explorer\Main]

Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Search bar: hxxp://go.microsoft.com/fwlink/?linkid=54896
Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Start page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome

[HKEY_LOCAL_MACHINE\..\Internet Explorer\Main]

Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Search bar: hxxp://search.msn.com/spbasic.htm
Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Start page: hxxp://fr.msn.com/

[HKEY_LOCAL_MACHINE\..\Internet Explorer\ABOUTURLS]

Tabs: hxxp://ieframe.dll/tabswelcome.htm

+---------------------------------------------------------------------------+
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 85 / 122
sKe69 Messages postés 21955 Statut Contributeur sécurité 463
 
vu ...

la suite maintenant ... ^^

0
Réponse 86 / 122
DARKGOTH-666
 
Voici le rapport avec Hijackthis :

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:14:14, on 02/05/2009
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16575)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Acer\Empowering Technology\eDataSecurity\eDSLoader.exe
C:\Acer\Empowering Technology\eAudio\eAudio.exe
C:\Program Files\Launch Manager\QtZgAcer.EXE
C:\Program Files\Acer Arcade Deluxe\Play Movie\PMVService.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\Softwin\BitDefender10\bdmcon.exe
C:\Program Files\Softwin\BitDefender10\bdagent.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\Program Files\Acer\Acer VCM\AcerVCM.exe
C:\Program Files\WIBUKEY\Server\WkSvMgr.exe
C:\Acer\Empowering Technology\ENET\ENMTRAY.EXE
C:\Acer\Empowering Technology\EPOWER\EPOWER_DMC.EXE
C:\Acer\Empowering Technology\ACER.EMPOWERING.FRAMEWORK.SUPERVISOR.EXE
C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXE
C:\Program Files\Acer\Acer VCM\VC.exe
C:\Program Files\Acer\Acer VCM\acp2HID.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\conime.exe
C:\Windows\explorer.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\trend micro\HijackThis\HijackThis.exe
C:\Windows\system32\DllHost.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://fr.rd.yahoo.com/customize/ycomp/defaults/su/*https://fr.yahoo.com/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\system32\eDStoolbar.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
O4 - HKLM\..\Run: [eAudio] "C:\Acer\Empowering Technology\eAudio\eAudio.exe"
O4 - HKLM\..\Run: [PLFSet] rundll32.exe C:\Windows\PLFSet.dll,PLFDefSetting
O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\QtZgAcer.EXE
O4 - HKLM\..\Run: [PlayMovie] "C:\Program Files\Acer Arcade Deluxe\Play Movie\PMVService.exe"
O4 - HKLM\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe
O4 - HKLM\..\Run: [WarReg_PopUp] C:\Acer\WR_PopUp\WarReg_PopUp.exe
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [IaNvSrv] C:\Program Files\Intel\Intel Matrix Storage Manager\OROM\IaNvSrv\IaNvSrv.exe
O4 - HKLM\..\Run: [BDMCon] C:\PROGRA~1\Softwin\BITDEF~1\bdmcon.exe
O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\Softwin\BitDefender10\bdagent.exe"
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\ipoint.exe"
O4 - HKLM\..\Run: [QuickTime Task] "D:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - Global Startup: Acer VCM.lnk = ?
O4 - Global Startup: Empowering Technology Launcher.lnk = ?
O4 - Global Startup: Serveur réseau.lnk = C:\Program Files\WIBUKEY\Server\WkSvMgr.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - http://download.divx.com/player/DivXBrowserPlugin.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O20 - AppInit_DLLs: eNetHook.dll
O23 - Service: ALaunch Service (ALaunchService) - Unknown owner - C:\Acer\ALaunch\ALaunchSvc.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdss.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: eDSService.exe (eDataSecurity Service) - HiTRSUT - C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
O23 - Service: eLock Service (eLockService) - Acer Inc. - C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
O23 - Service: eNet Service - Acer Inc. - C:\Acer\Empowering Technology\eNet\eNet Service.exe
O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
O23 - Service: eSettings Service (eSettingsService) - Unknown owner - C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - SOFTWIN S.R.L. - C:\Program Files\Common Files\Softwin\BitDefender Update Service\livesrv.exe
O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: PACSPTISVR - Unknown owner - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: SonicStage Back-End Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SsBeSvc.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - SOFTWIN S.R.L. - C:\Program Files\Softwin\BitDefender10\vsserv.exe
O23 - Service: ePower Service (WMIService) - acer - C:\Acer\Empowering Technology\ePower\ePowerSvc.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
O23 - Service: BitDefender Communicator (XCOMM) - SOFTWIN S.R.L - C:\Program Files\Common Files\Softwin\BitDefender Communicator\xcommsvr.exe
0
Réponse 87 / 122
DARKGOTH-666
 
Donc j'ai terminé les manip, j'ai été dans le Centre de sécurité et déjà tout est activé (y compris mises à jour automatique).
Mais quand je vais dans Windows Update (déjà il est long pour ouvrir la page) et que je clique sur Recherches les mises à jour, il mouline et me marque "erreur 80080005" comme au tout début du problème. =(

PS: Les mises à jour restent toujours activées même si je ne peux pas les faire.
0
sKe69 Messages postés 21955 Statut Contributeur sécurité 463
 
Essaye en désactivent au préalable Bitdefender pour voir ... dis moi ce que cela a donné ...



ensuite si cela n'a pas foncyionner , fais ceci pour voire :


Télécharge OTViewIt ( de Old Timer's ) sur ton bureau :

http://oldtimer.geekstogo.com/OTViewIt.exe


* Double clique sur " OTViewIt.exe " Pour lancer le prg .
Sous "File Age": Choisis "60 Days"

* Maintenant clique sur "Run Scan" pour lancer le scan .

Laisse travailler l'outil et ne touche à rien !

* Une fois le scan terminé , deux rapports s'ouvrent avec le bloc-note :
> OTViewIt.Txt
> Extras.Txt

Poste ces deux rapports pour analyse et attends la suite ...


--
"Baby, I'm going on an airplane, And I don't know if I'll be back again"
IMPORTANT : ne vous croyez pas tiré d'affaire tant qu'on ne 
vous l'a pas dit !
0
Réponse 88 / 122
DARKGOTH-666
 
Même en désactivant Bitdefender, cela ne change rien ...

Voivi le rapport de OTViewIt ( de Old Timer's )

OTViewIt.Txt :

OTViewIt logfile created on: 02/05/2009 12:13:23 - Run
OTViewIt by OldTimer - Version 1.0.21.0 Folder = C:\Users\je\Desktop
Windows Vista Home Premium Edition (Version = 6.0.6000) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6000.16575)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

2,00 Gb Total Physical Memory | 0,95 Gb Available Physical Memory | 47,64% Memory free
4,00 Gb Paging File | 2,79 Gb Available in Paging File | 69,70% Paging File free
Paging file location(s): ?:\pagefile.sys;

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 69,77 Gb Total Space | 19,29 Gb Free Space | 27,64% Space Free | Partition Type: NTFS
Drive D: | 66,27 Gb Total Space | 50,05 Gb Free Space | 75,51% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: PC-DE-JE
Current User Name: je
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Whitelist: On
File Age = 60 Days

[color=orange]========== Processes ==========/color

[2006/11/02 11:45:57 | 00,095,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wininit.exe
[2006/11/02 11:45:21 | 00,210,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lsm.exe
[2007/08/18 11:27:51 | 02,605,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SLsvc.exe
[2006/11/02 11:45:04 | 00,083,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dwm.exe
[2006/11/02 11:45:48 | 00,166,400 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskeng.exe
[2007/01/26 14:24:42 | 00,050,688 | ---- | M] () -- C:\Acer\ALaunch\ALaunchSvc.exe
[2006/02/28 13:42:38 | 00,229,376 | ---- | M] (Apple Computer, Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe
[2007/04/12 17:43:16 | 00,457,512 | ---- | M] (HiTRSUT) -- C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
[2007/03/14 10:52:30 | 00,024,576 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
[2007/05/22 15:00:02 | 00,135,168 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\eNet\eNet Service.exe
[2007/02/12 14:38:04 | 00,355,096 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
[2007/01/17 11:20:10 | 00,061,440 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe
[2006/11/24 12:57:54 | 00,107,008 | ---- | M] () -- C:\Acer\Mobility Center\MobilityService.exe
[2006/07/19 20:36:58 | 00,262,247 | ---- | M] () -- C:\Program Files\CyberLink\Shared Files\RichVideo.exe
[2006/11/02 14:34:46 | 00,287,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SearchIndexer.exe
[2007/03/15 02:49:00 | 00,386,560 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\System32\drivers\XAudio.exe
[2006/11/09 13:33:04 | 00,086,016 | ---- | M] (SOFTWIN S.R.L) -- C:\Program Files\Common Files\Softwin\BitDefender Communicator\xcommsvr.exe
[2007/02/13 06:26:50 | 00,053,248 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
[2007/05/10 14:05:36 | 00,024,576 | ---- | M] () -- C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
[2008/08/07 18:25:03 | 00,278,528 | ---- | M] (SOFTWIN S.R.L.) -- C:\Program Files\Common Files\Softwin\BitDefender Update Service\livesrv.exe
[2007/05/16 22:15:22 | 00,163,840 | ---- | M] (acer) -- C:\Acer\Empowering Technology\ePower\ePowerSvc.exe
[2006/11/02 11:46:00 | 00,245,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\WmiPrvSE.exe
[2006/11/02 11:45:50 | 00,037,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\unsecapp.exe
[2006/11/02 11:46:00 | 00,245,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\WmiPrvSE.exe
[2006/11/02 11:45:48 | 00,166,400 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskeng.exe
[2006/11/02 11:45:37 | 00,044,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rundll32.exe
[2007/04/12 17:42:26 | 00,457,728 | ---- | M] (HiTRUST) -- C:\Acer\Empowering Technology\eDataSecurity\eDSLoader.exe
[2006/11/02 11:45:37 | 00,044,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rundll32.exe
[2007/04/26 17:54:56 | 01,286,144 | ---- | M] (CyberLink) -- C:\Acer\Empowering Technology\eAudio\eAudio.exe
[2006/11/02 11:44:59 | 00,068,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conime.exe
[2007/05/03 11:16:04 | 00,206,952 | ---- | M] (CyberLink Corp.) -- C:\Program Files\Acer Arcade Deluxe\Play Movie\PMVService.exe
[2007/02/12 14:37:58 | 00,174,872 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
[2007/08/17 18:38:15 | 00,290,816 | ---- | M] (SOFTWIN S.R.L.) -- C:\Program Files\Softwin\BitDefender10\bdmcon.exe
[2007/03/26 15:49:46 | 00,069,632 | ---- | M] (SOFTWIN S.R.L.) -- C:\Program Files\Softwin\BitDefender10\bdagent.exe
[2007/02/06 01:52:10 | 00,849,280 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft IntelliPoint\ipoint.exe
[2009/05/01 17:57:46 | 00,148,888 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jusched.exe
[2008/01/10 11:57:25 | 01,232,896 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Sidebar\sidebar.exe
[2007/08/18 11:38:47 | 00,171,448 | ---- | M] (Google Inc.) -- C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
[2007/04/27 14:08:28 | 01,208,320 | ---- | M] (Acer) -- C:\Program Files\Acer\Acer VCM\AcerVCM.exe
[2008/07/01 12:00:00 | 03,768,320 | ---- | M] (WIBU-SYSTEMS AG) -- C:\Program Files\WIBUKEY\Server\WkSvMgr.exe
[2007/05/22 15:00:04 | 00,753,664 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\eNet\eNMTray.exe
[2007/05/16 18:37:26 | 00,528,384 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\ePower\ePower_DMC.exe
[2007/04/25 11:35:56 | 00,323,584 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\Acer.Empowering.Framework.Supervisor.exe
[2007/02/09 06:35:54 | 00,397,312 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\eRecovery\eRAgent.exe
[2006/11/02 11:45:50 | 00,037,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\unsecapp.exe
[2007/04/03 11:28:46 | 00,999,424 | ---- | M] (Acer) -- C:\Program Files\Acer\Acer VCM\VC.exe
[2007/03/27 12:00:32 | 00,196,608 | ---- | M] (Acer Inc.) -- C:\Program Files\Acer\Acer VCM\acp2HID.exe
[2009/04/29 08:15:11 | 00,307,704 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
[2006/12/20 17:33:08 | 00,081,920 | ---- | M] () -- C:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdss.exe
[2007/10/26 22:29:16 | 00,466,944 | ---- | M] (SOFTWIN S.R.L.) -- C:\Program Files\Softwin\BitDefender10\vsserv.exe
[2009/05/02 12:10:58 | 00,422,912 | ---- | M] (OldTimer Tools) -- C:\Users\je\Desktop\OTViewIt.exe

[color=orange]========== (O23) Win32 Services ==========/color

[2007/01/26 14:24:42 | 00,050,688 | ---- | M] () -- C:\Acer\ALaunch\ALaunchSvc.exe -- (ALaunchService [Auto | Running])
File not found -- -- (Autodesk Licensing Service [On_Demand | Stopped])
[2009/05/02 11:41:42 | 00,000,000 | ---- | M] () -- C:\Windows\System32\bdss.log -- (bdss [Auto | Running])
File not found -- -- (Bonjour Service [Auto | Running])
File not found -- -- (CertPropSvc [Unknown | Stopped])
[2006/11/02 08:34:11 | 00,059,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32 [On_Demand | Stopped])
File not found -- -- (CLTNetCnService [Auto | Stopped])
File not found -- -- (DcomLaunch [Unknown | Running])
[2006/11/02 14:36:25 | 02,089,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dfsr.exe -- (DFSR [On_Demand | Stopped])
[2007/08/30 22:05:54 | 00,134,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dps.dll -- (DPS [Unknown | Stopped])
[2007/04/12 17:43:16 | 00,457,512 | ---- | M] (HiTRSUT) -- C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe -- (eDataSecurity Service [Auto | Running])
[2006/11/02 14:35:28 | 00,291,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehrecvr.exe -- (ehRecvr [On_Demand | Stopped])
[2006/11/02 14:35:29 | 00,131,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehsched.exe -- (ehSched [On_Demand | Stopped])
[2007/03/14 10:52:30 | 00,024,576 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe -- (eLockService [Auto | Running])
[2007/05/22 15:00:02 | 00,135,168 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\eNet\eNet Service.exe -- (eNet Service [Auto | Running])
[2007/02/13 06:26:50 | 00,053,248 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe -- (eRecoveryService [Auto | Running])
[2007/05/10 14:05:36 | 00,024,576 | ---- | M] () -- C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe -- (eSettingsService [Auto | Running])
File not found -- -- (FLEXnet Licensing Service [On_Demand | Stopped])
[2006/11/02 14:36:00 | 00,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe -- (FontCache3.0.0.0 [On_Demand | Stopped])
[2006/11/02 11:46:05 | 00,569,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\gpsvc.dll -- (gpsvc [Unknown | Running])
File not found -- -- (gusvc [On_Demand | Stopped])
File not found -- -- (IAANTMON [Auto | Running])
File not found -- -- (IDriverT [On_Demand | Stopped])
File not found -- -- (LightScribeService [Auto | Running])
File not found -- -- (LIVESRV [Auto | Running])
File not found -- -- (Microsoft Office Groove Audit Service [On_Demand | Stopped])
[2006/11/24 12:57:54 | 00,107,008 | ---- | M] () -- C:\Acer\Mobility Center\MobilityService.exe -- (MobilityService [Auto | Running])
File not found -- -- (MSCSPTISRV [On_Demand | Stopped])
[2006/11/02 15:04:14 | 00,000,000 | ---D | M] -- C:\Windows\System32\Msdtc -- (MSDTC [Unknown | Stopped])
[2006/11/02 14:36:02 | 00,122,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing [Disabled | Stopped])
File not found -- -- (odserv [On_Demand | Stopped])
File not found -- -- (ose [On_Demand | Stopped])
File not found -- -- (PACSPTISVR [On_Demand | Stopped])
File not found -- -- (RichVideo [Auto | Running])
[2006/11/02 11:46:12 | 00,095,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SCardSvr.dll -- (SCardSvr [Unknown | Stopped])
File not found -- -- (Schedule [Unknown | Running])
File not found -- -- (SCPolicySvc [Unknown | Stopped])
[2007/08/18 11:27:51 | 02,605,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SLsvc.exe -- (slsvc [Auto | Running])
[2006/11/02 11:45:46 | 00,012,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\snmptrap.exe -- (SNMPTRAP [On_Demand | Stopped])
File not found -- -- (SonicStage Back-End Service [On_Demand | Stopped])
File not found -- -- (SPTISRV [On_Demand | Stopped])
File not found -- -- (SSScsiSV [On_Demand | Stopped])
[2006/11/02 11:45:50 | 00,035,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\UI0Detect.exe -- (UI0Detect [On_Demand | Stopped])
[2006/11/02 11:45:50 | 00,392,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\vds.exe -- (vds [On_Demand | Stopped])
File not found -- -- (VSSERV [Auto | Running])
File not found -- -- (WdiServiceHost [Unknown | Stopped])
File not found -- -- (WdiSystemHost [Unknown | Stopped])
File not found -- -- (wercplsupport [Unknown | Stopped])
File not found -- -- (WinHttpAutoProxySvc [Unknown | Stopped])
[2007/05/16 22:15:22 | 00,163,840 | ---- | M] (acer) -- C:\Acer\Empowering Technology\ePower\ePowerSvc.exe -- (WMIService [Auto | Running])
[2006/11/02 14:34:46 | 00,287,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SearchIndexer.exe -- (WSearch [Auto | Running])
[2007/03/15 02:49:00 | 00,386,560 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\System32\drivers\XAudio.exe -- (XAudioService [Auto | Running])
[2006/08/22 16:08:52 | 00,077,824 | ---- | M] (Softwin) -- C:\Windows\System32\xcomm.dll -- (XCOMM [Auto | Running])

[color=orange]========== Driver Services ==========/color

[2006/11/02 11:51:38 | 00,420,968 | ---- | M] (Adaptec, Inc.) -- C:\Windows\System32\drivers\adp94xx.sys -- (adp94xx [Disabled | Stopped])
[2006/11/02 11:51:32 | 00,297,576 | ---- | M] (Adaptec, Inc.) -- C:\Windows\System32\drivers\adpahci.sys -- (adpahci [Disabled | Stopped])
[2006/11/02 11:50:35 | 00,098,408 | ---- | M] (Adaptec, Inc.) -- C:\Windows\System32\drivers\adpu160m.sys -- (adpu160m [Disabled | Stopped])
[2006/11/02 11:51:00 | 00,147,048 | ---- | M] (Adaptec, Inc.) -- C:\Windows\System32\drivers\adpu320.sys -- (adpu320 [Disabled | Stopped])
[2006/11/02 11:50:11 | 00,071,272 | ---- | M] (Adaptec, Inc.) -- C:\Windows\System32\drivers\djsvs.sys -- (aic78xx [Disabled | Stopped])
[2006/11/02 11:49:20 | 00,014,952 | ---- | M] (Acer Laboratories Inc.) -- C:\Windows\System32\drivers\aliide.sys -- (aliide [Disabled | Stopped])
[2006/11/02 11:49:59 | 00,054,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\AMDAGP.SYS -- (amdagp [On_Demand | Stopped])
[2006/11/02 11:49:26 | 00,015,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\amdide.sys -- (amdide [Disabled | Stopped])
[2006/11/02 10:30:18 | 00,038,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\amdk7.sys -- (AmdK7 [Disabled | Stopped])
[2006/11/02 10:30:18 | 00,040,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\amdk8.sys -- (AmdK8 [Disabled | Stopped])
[2006/11/02 11:50:09 | 00,067,688 | ---- | M] (Adaptec, Inc.) -- C:\Windows\System32\drivers\arc.sys -- (arc [Disabled | Stopped])
[2006/11/02 11:50:10 | 00,067,688 | ---- | M] (Adaptec, Inc.) -- C:\Windows\System32\drivers\arcsas.sys -- (arcsas [Disabled | Stopped])
[2007/02/08 09:03:20 | 00,179,712 | ---- | M] (Broadcom Corporation) -- C:\Windows\System32\drivers\b57nd60x.sys -- (b57nd60x [On_Demand | Stopped])
File not found -- -- (bdfdll [On_Demand | Running])
[2007/08/17 18:38:31 | 00,167,320 | ---- | M] (SOFTWIN S.R.L.) -- C:\Windows\System32\drivers\bdfsfltr.sys -- (bdfsfltr [On_Demand | Running])
File not found -- -- (bdpredir [System | Running])
File not found -- -- (BDRSDRV [Auto | Running])
[2006/11/02 10:31:12 | 00,069,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\bowser.sys -- (bowser [On_Demand | Running])
[2006/11/02 10:24:45 | 00,013,568 | ---- | M] (Brother Industries, Ltd.) -- C:\Windows\System32\drivers\BrFiltLo.sys -- (BrFiltLo [On_Demand | Stopped])
[2006/11/02 10:24:46 | 00,005,248 | ---- | M] (Brother Industries, Ltd.) -- C:\Windows\System32\drivers\BrFiltUp.sys -- (BrFiltUp [On_Demand | Stopped])
[2006/11/02 10:25:24 | 00,071,808 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\BrSerId.sys -- (Brserid [Disabled | Stopped])
[2006/11/02 10:24:44 | 00,062,336 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\BrSerWdm.sys -- (BrSerWdm [Disabled | Stopped])
[2006/11/02 10:24:44 | 00,012,160 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\BrUsbMdm.sys -- (BrUsbMdm [Disabled | Stopped])
[2006/11/02 10:24:47 | 00,011,904 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\BrUsbSer.sys -- (BrUsbSer [On_Demand | Stopped])
[2006/11/02 10:55:23 | 00,039,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\bthmodem.sys -- (BTHMODEM [Disabled | Stopped])
[2006/11/02 10:55:08 | 00,035,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\circlass.sys -- (circlass [On_Demand | Running])
[2006/11/02 11:51:25 | 00,221,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\clfs.sys -- (CLFS [Unknown | Running])
[2006/11/02 11:49:28 | 00,016,488 | ---- | M] (CMD Technology, Inc.) -- C:\Windows\System32\drivers\cmdide.sys -- (cmdide [Disabled | Stopped])
[2006/11/02 11:49:43 | 00,022,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\crcdisk.sys -- (crcdisk [Boot | Running])
[2006/11/02 10:30:18 | 00,038,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\crusoe.sys -- (Crusoe [Disabled | Stopped])
[2006/11/02 10:31:04 | 00,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\dfsc.sys -- (DfsC [System | Running])
[2007/05/04 06:24:00 | 00,021,264 | ---- | M] (Dritek System Inc.) -- C:\Windows\System32\drivers\DKbFltr.sys -- (DKbFltr [On_Demand | Running])
[2007/08/30 22:05:55 | 00,619,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\dxgkrnl.sys -- (DXGKrnl [On_Demand | Running])
[2006/11/02 09:30:54 | 00,117,760 | ---- | M] (Intel Corporation) -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60 [On_Demand | Stopped])
[2006/11/02 14:34:35 | 00,132,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\ecache.sys -- (Ecache [Boot | Running])
[2006/11/02 11:51:34 | 00,316,520 | ---- | M] (Emulex) -- C:\Windows\System32\drivers\elxstor.sys -- (elxstor [Disabled | Stopped])
[2006/11/02 11:49:58 | 00,056,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\fileinfo.sys -- (FileInfo [Boot | Running])
[2006/11/02 10:32:55 | 00,027,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\filetrace.sys -- (Filetrace [On_Demand | Stopped])
[2006/11/02 11:50:04 | 00,058,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\GAGP30KX.SYS -- (gagp30kx [On_Demand | Stopped])
[2006/11/02 09:36:49 | 00,235,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\HdAudio.sys -- (HdAudAddService [On_Demand | Stopped])
[2007/08/18 10:36:21 | 00,053,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\hdaudbus.sys -- (HDAudBus [On_Demand | Running])
[2006/11/02 10:55:22 | 00,029,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\hidbth.sys -- (HidBth [Disabled | Stopped])
[2006/11/02 10:55:01 | 00,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\hidir.sys -- (HidIr [On_Demand | Running])
[2006/11/02 11:50:10 | 00,037,480 | ---- | M] (Hewlett-Packard Company) -- C:\Windows\System32\drivers\HpCISSs.sys -- (HpCISSs [Disabled | Stopped])
[2006/11/02 09:41:49 | 00,200,704 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\System32\drivers\VSTAZL3.SYS -- (HSFHWAZL [On_Demand | Stopped])
[2007/03/15 02:49:00 | 00,985,600 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\System32\drivers\HSX_DPV.sys -- (HSF_DPV [On_Demand | Running])
[2007/03/15 02:49:00 | 00,207,360 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\System32\drivers\HSXHWAZL.sys -- (HSXHWAZL [On_Demand | Running])
[2007/03/11 01:11:02 | 00,210,432 | ---- | M] (Intel Corporation) -- C:\Windows\System32\drivers\iaNvStor.sys -- (iaNvStor [Boot | Running])
[2007/02/12 07:36:54 | 00,277,784 | ---- | M] (Intel Corporation) -- C:\Windows\System32\drivers\iaStor.sys -- (iaStor [Boot | Running])
[2006/11/02 11:51:25 | 00,232,040 | ---- | M] (Intel Corporation) -- C:\Windows\System32\drivers\iaStorV.sys -- (iaStorV [Boot | Running])
[2006/11/02 11:50:17 | 00,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) -- C:\Windows\System32\drivers\iirsp.sys -- (iirsp [Disabled | Stopped])
[2006/12/07 18:12:02 | 00,076,584 | ---- | M] () -- C:\Acer\Empowering Technology\eRecovery\int15.sys -- (int15 [Auto | Running])
[2007/05/10 12:25:00 | 01,775,712 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\System32\drivers\RTKVHDA.sys -- (IntcAzAudAddService [On_Demand | Running])
[2006/11/02 10:42:03 | 00,065,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\IPMIDrv.sys -- (IPMIDRV [Disabled | Stopped])
[2006/11/02 11:51:12 | 00,168,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\msiscsi.sys -- (iScsiPrt [On_Demand | Running])
[2006/11/02 11:50:07 | 00,035,944 | ---- | M] (Integrated Technology Express, Inc.) -- C:\Windows\System32\drivers\iteatapi.sys -- (iteatapi [Disabled | Stopped])
[2006/11/02 11:50:09 | 00,035,944 | ---- | M] (Integrated Technology Express, Inc.) -- C:\Windows\System32\drivers\iteraid.sys -- (iteraid [Disabled | Stopped])
[2006/11/02 10:51:12 | 00,015,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\kbdhid.sys -- (kbdhid [System | Running])
[2006/11/02 10:56:49 | 00,047,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\lltdio.sys -- (lltdio [Auto | Running])
[2006/11/02 11:50:04 | 00,065,640 | ---- | M] (LSI Logic) -- C:\Windows\System32\drivers\lsi_fc.sys -- (LSI_FC [Disabled | Stopped])
[2006/11/02 11:50:05 | 00,065,640 | ---- | M] (LSI Logic) -- C:\Windows\System32\drivers\lsi_sas.sys -- (LSI_SAS [Disabled | Stopped])
[2006/11/02 11:50:10 | 00,065,640 | ---- | M] (LSI Logic) -- C:\Windows\System32\drivers\lsi_scsi.sys -- (LSI_SCSI [Disabled | Stopped])
[2006/11/02 10:33:07 | 00,083,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\luafv.sys -- (luafv [Auto | Running])
[2007/03/15 02:49:00 | 00,012,672 | ---- | M] (Conexant) -- C:\Windows\System32\drivers\mdmxsdk.sys -- (mdmxsdk [Auto | Running])
[2006/11/02 11:49:53 | 00,028,776 | ---- | M] (LSI Logic Corporation) -- C:\Windows\System32\drivers\megasas.sys -- (megasas [Disabled | Stopped])
[2006/11/02 10:54:05 | 00,041,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\monitor.sys -- (monitor [On_Demand | Running])
[2006/11/02 11:50:16 | 00,078,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\mpio.sys -- (mpio [Disabled | Stopped])
[2007/08/18 11:29:40 | 00,063,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\mpsdrv.sys -- (mpsdrv [On_Demand | Running])
[2006/11/02 11:49:59 | 00,033,384 | ---- | M] (LSI Logic Corporation) -- C:\Windows\System32\drivers\Mraid35x.sys -- (Mraid35x [Disabled | Stopped])
[2006/11/02 10:31:27 | 00,211,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\mrxsmb10.sys -- (mrxsmb10 [On_Demand | Running])
[2007/12/12 13:46:19 | 00,058,368 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\mrxsmb20.sys -- (mrxsmb20 [On_Demand | Running])
[2006/11/02 11:49:44 | 00,023,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\msahci.sys -- (msahci [Disabled | Stopped])
[2006/11/02 11:50:17 | 00,080,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\msdsm.sys -- (msdsm [Disabled | Stopped])
[2006/11/02 11:49:20 | 00,013,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\msisadrv.sys -- (msisadrv [Boot | Running])
[2006/11/02 11:51:09 | 00,160,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\msrpc.sys -- (MsRPC [On_Demand | Stopped])
[2006/11/02 14:34:33 | 00,154,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\nwifi.sys -- (NativeWifiP [On_Demand | Running])
[2007/02/25 00:14:00 | 02,216,448 | ---- | M] (Intel Corporation) -- C:\Windows\System32\drivers\NETw4v32.sys -- (NETw4v32 [On_Demand | Running])
[2006/11/02 11:50:19 | 00,045,160 | ---- | M] (IBM Corporation) -- C:\Windows\System32\drivers\nfrd960.sys -- (nfrd960 [Disabled | Stopped])
[2006/11/02 10:57:30 | 00,016,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\nsiproxy.sys -- (nsiproxy [System | Running])
[2007/05/11 03:46:46 | 00,006,144 | ---- | M] (NewTech Infosystems, Inc.) -- C:\Windows\System32\drivers\NTIDrvr.sys -- (NTIDrvr [On_Demand | Running])
[2006/11/02 09:36:50 | 00,020,608 | ---- | M] (N-trig Innovative Technologies) -- C:\Windows\System32\drivers\ntrigdigi.sys -- (ntrigdigi [Disabled | Stopped])
[2007/05/04 06:35:00 | 07,496,256 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm [On_Demand | Running])
[2006/11/02 11:50:24 | 00,088,680 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\drivers\nvraid.sys -- (nvraid [Disabled | Stopped])
[2006/11/02 11:50:13 | 00,040,040 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\drivers\nvstor.sys -- (nvstor [Disabled | Stopped])
[2006/11/02 11:50:40 | 00,106,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\NV_AGP.SYS -- (nv_agp [On_Demand | Stopped])
[2008/06/19 16:24:30 | 00,028,544 | ---- | M] (Panda Security, S.L.) -- C:\Windows\System32\drivers\pavboot.sys -- (pavboot [Boot | Running])
[2006/11/02 11:04:35 | 00,878,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\PEAuth.sys -- (PEAUTH [Auto | Running])
[2006/11/08 09:02:40 | 00,024,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\point32k.sys -- (Point32 [On_Demand | Running])
[2007/08/30 22:05:55 | 00,070,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\pacer.sys -- (PSched [System | Running])
[2007/04/12 17:43:24 | 00,020,264 | ---- | M] (HiTRUST) -- C:\Windows\System32\drivers\psdfilter.sys -- (PSDFilter [Boot | Running])
[2007/04/12 17:43:30 | 00,016,680 | ---- | M] (HiTRUST) -- C:\Windows\System32\drivers\PSDNServ.sys -- (PSDNServ [Boot | Running])
[2007/04/12 17:43:28 | 00,060,712 | ---- | M] (HiTRUST) -- C:\Windows\System32\drivers\psdvdisk.sys -- (psdvdisk [Boot | Running])
[2006/10/18 02:00:00 | 00,036,624 | ---- | M] (Sonic Solutions) -- C:\Windows\System32\drivers\PxHelp20.sys -- (PxHelp20 [Boot | Running])
[2006/11/02 11:51:45 | 00,900,712 | ---- | M] (QLogic Corporation) -- C:\Windows\System32\drivers\ql2300.sys -- (ql2300 [Disabled | Stopped])
[2006/11/02 11:50:35 | 00,106,088 | ---- | M] (QLogic Corporation) -- C:\Windows\System32\drivers\ql40xx.sys -- (ql40xx [Disabled | Stopped])
[2006/11/02 14:34:31 | 00,031,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\qwavedrv.sys -- (QWAVEdrv [On_Demand | Stopped])
[2006/11/02 11:02:01 | 00,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\RDPENCDD.sys -- (RDPENCDD [System | Running])
[2007/02/24 14:42:22 | 00,039,936 | ---- | M] (REDC) -- C:\Windows\System32\drivers\rimmptsk.sys -- (rimmptsk [Auto | Running])
[2007/01/23 16:40:20 | 00,042,496 | ---- | M] (REDC) -- C:\Windows\System32\drivers\rimsptsk.sys -- (rimsptsk [Auto | Running])
[2007/03/21 22:02:04 | 00,037,376 | ---- | M] (REDC) -- C:\Windows\System32\drivers\rixdptsk.sys -- (rismxdp [Auto | Running])
[2006/11/02 10:56:49 | 00,060,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\rspndr.sys -- (rspndr [Auto | Running])
[2006/11/02 11:50:16 | 00,076,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\sbp2port.sys -- (sbp2port [Disabled | Stopped])
[2007/08/18 11:28:15 | 00,082,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\sdbus.sys -- (sdbus [On_Demand | Running])
[2006/11/02 08:37:21 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\Windows\System32\drivers\secdrv.sys -- (secdrv [Auto | Running])
[2006/11/02 10:51:11 | 00,019,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\sermouse.sys -- (sermouse [Disabled | Stopped])
[2006/11/02 10:51:38 | 00,013,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\sffdisk.sys -- (sffdisk [Disabled | Stopped])
[2006/11/02 10:51:40 | 00,012,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\sffp_mmc.sys -- (sffp_mmc [On_Demand | Stopped])
[2006/11/02 10:51:40 | 00,012,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\sffp_sd.sys -- (sffp_sd [On_Demand | Stopped])
[2006/11/02 11:49:51 | 00,053,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\SISAGP.SYS -- (sisagp [On_Demand | Stopped])
[2006/11/02 11:50:10 | 00,038,504 | ---- | M] (Silicon Integrated Systems Corp.) -- C:\Windows\System32\drivers\sisraid2.sys -- (SiSRaid2 [Disabled | Stopped])
[2006/11/02 11:50:16 | 00,071,784 | ---- | M] (Silicon Integrated Systems) -- C:\Windows\System32\drivers\sisraid4.sys -- (SiSRaid4 [Disabled | Stopped])
[2006/11/02 10:57:10 | 00,066,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\smb.sys -- (Smb [System | Running])
[2007/02/07 18:35:10 | 01,729,152 | ---- | M] () -- C:\Windows\System32\drivers\snp2uvc.sys -- (SNP2UVC [On_Demand | Running])
[2006/11/02 11:49:35 | 00,018,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\spldr.sys -- (spldr [Boot | Running])
[2007/12/12 13:46:18 | 00,130,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\srv2.sys -- (srv2 [On_Demand | Running])
[2007/12/12 13:46:18 | 00,084,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\srvnet.sys -- (srvnet [On_Demand | Running])
[2007/07/03 17:54:24 | 00,080,552 | ---- | M] (MCCI Corporation) -- C:\Windows\System32\drivers\sscdbus.sys -- (sscdbus [On_Demand | Stopped])
[2007/07/03 17:57:24 | 00,011,944 | ---- | M] (MCCI Corporation) -- C:\Windows\System32\drivers\sscdmdfl.sys -- (sscdmdfl [On_Demand | Stopped])
[2007/07/03 17:58:20 | 00,106,792 | ---- | M] (MCCI Corporation) -- C:\Windows\System32\drivers\sscdmdm.sys -- (sscdmdm [On_Demand | Stopped])
[2008/12/20 16:51:03 | 00,005,632 | ---- | M] () -- C:\Windows\System32\drivers\StarOpen.sys -- (StarOpen [System | Running])
[2006/11/02 11:50:05 | 00,035,944 | ---- | M] (LSI Logic) -- C:\Windows\System32\drivers\symc8xx.sys -- (Symc8xx [Disabled | Stopped])
[2006/11/02 11:49:56 | 00,031,848 | ---- | M] (LSI Logic) -- C:\Windows\System32\drivers\sym_hi.sys -- (Sym_hi [Disabled | Stopped])
[2006/11/02 11:50:03 | 00,034,920 | ---- | M] (LSI Logic) -- C:\Windows\System32\drivers\sym_u3.sys -- (Sym_u3 [Disabled | Stopped])
[2007/05/09 07:28:28 | 00,185,392 | ---- | M] (Synaptics, Inc.) -- C:\Windows\System32\drivers\SynTP.sys -- (SynTP [On_Demand | Running])
[2006/11/02 10:57:47 | 00,027,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\tcpipreg.sys -- (tcpipreg [Auto | Running])
[2006/11/02 10:57:35 | 00,068,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\tdx.sys -- (tdx [System | Running])
[2006/11/02 11:02:07 | 00,023,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\tssecsrv.sys -- (tssecsrv [On_Demand | Stopped])
[2007/08/18 11:29:39 | 00,015,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\TUNMP.SYS -- (tunmp [On_Demand | Running])
[2007/08/18 11:29:39 | 00,023,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\tunnel.sys -- (tunnel [On_Demand | Running])
[2006/11/02 11:49:59 | 00,056,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\UAGP35.SYS -- (uagp35 [On_Demand | Stopped])
[2006/11/02 11:50:04 | 00,058,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\ULIAGPKX.SYS -- (uliagpkx [On_Demand | Stopped])
[2006/11/02 11:51:25 | 00,235,112 | ---- | M] (ULi Electronics Inc.) -- C:\Windows\System32\drivers\uliahci.sys -- (uliahci [Disabled | Stopped])
[2006/11/02 11:50:35 | 00,098,408 | ---- | M] (Promise Technology, Inc.) -- C:\Windows\System32\drivers\ulsata.sys -- (UlSata [Disabled | Stopped])
[2006/11/02 11:50:45 | 00,115,816 | ---- | M] (Promise Technology, Inc.) -- C:\Windows\System32\drivers\ulsata2.sys -- (ulsata2 [Disabled | Stopped])
[2006/11/02 10:55:24 | 00,034,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\umbus.sys -- (umbus [On_Demand | Running])
[2006/11/02 10:55:09 | 00,068,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbcir.sys -- (usbcir [Disabled | Stopped])
[2006/11/02 10:53:56 | 00,026,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\vgapnp.sys -- (vga [On_Demand | Stopped])
[2006/11/02 10:30:19 | 00,039,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\viac7.sys -- (ViaC7 [Disabled | Stopped])
[2006/11/02 11:49:30 | 00,017,512 | ---- | M] (VIA Technologies, Inc.) -- C:\Windows\System32\drivers\viaide.sys -- (viaide [Disabled | Stopped])
[2006/11/02 11:50:24 | 00,050,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\volmgr.sys -- (volmgr [Boot | Running])
[2006/11/02 11:51:30 | 00,290,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\volmgrx.sys -- (volmgrx [Boot | Running])
[2006/11/02 11:50:41 | 00,112,232 | ---- | M] (VIA Technologies Inc.,Ltd) -- C:\Windows\System32\drivers\vsmraid.sys -- (vsmraid [Disabled | Stopped])
[2006/11/02 10:52:52 | 00,020,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\wacompen.sys -- (WacomPen [Disabled | Stopped])
[2006/11/02 11:49:38 | 00,019,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\wd.sys -- (Wd [Disabled | Stopped])
[2006/11/02 11:51:41 | 00,492,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\Wdf01000.sys -- (Wdf01000 [Boot | Running])
[2008/07/01 12:00:00 | 00,072,704 | ---- | M] (WIBU-SYSTEMS AG) -- C:\Windows\System32\drivers\WibuKey.sys -- (WIBUKEY [Auto | Running])
[2007/03/15 02:49:00 | 00,659,968 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\System32\drivers\HSX_CNXT.sys -- (winachsf [On_Demand | Running])
[2007/04/19 09:09:00 | 00,043,008 | ---- | M] (Winbond Electronics Corporation) -- C:\Windows\System32\drivers\winbondcir.sys -- (winbondcir [On_Demand | Running])
[2007/11/14 14:15:14 | 00,011,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\wmiacpi.sys -- (WmiAcpi [On_Demand | Running])
[2006/11/02 10:58:26 | 00,015,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\ws2ifsl.sys -- (ws2ifsl [Disabled | Stopped])
[2007/03/15 02:49:00 | 00,008,192 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio [Auto | Running])
File not found -- -- ({49DE1C67-83F8-4102-99E0-C16DCC7EEC796} [Auto | Running])

[color=orange]========== (R ) Internet Explorer ==========/color

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main]
"Default_Page_URL"=http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
"Default_Search_URL"=http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
"Default_Secondary_Page_URL"=
"Extensions Off Page"=about:NoAdd-ons
"Local Page"=%SystemRoot%\system32\blank.htm
"Search Page"=http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
"Security Risk Page"=about:SecurityRisk
"Start Page"=https://www.msn.com/fr-fr

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Search]
"CustomizeSearch"=https://www.bing.com/?toHttps=1&redig=8F3F334EA60E4B1CB4D040DCFE393A89{SUB_RFC1766}/srchasst/srchcust.htm
"SearchAssistant"=https://www.bing.com/?toHttps=1&redig=8F3F334EA60E4B1CB4D040DCFE393A89{SUB_RFC1766}/srchasst/srchasst.htm

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main]
"Default_page_URL"=http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
"Default_search_url"=http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
"Local Page"=C:\Windows\system32\blank.htm
"SEARCH PAGE"=http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
"SearchMigratedDefaultName"=Yahoo! Search
"SearchMigratedDefaultURL"=https://search.yahoo.com/web{searchTerms}&ei=utf-8&fr=b1ie7
"Start Page"=http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
"StartPageCache"=

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchURL]
""=http://fr.rd.yahoo.com/customize/ycomp/defaults/su/*https://fr.yahoo.com/

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{CFBFAE00-17A6-11D0-99CB-00C04FD64497}" (HKLM) -- C:\Windows\System32\ieframe.dll (Microsoft Corporation)
"{EF99BD32-C1FB-11D2-892F-0090271D4F88}" (HKLM) -- Reg Error: Key does not exist or could not be opened. File not found

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings]
"ProxyEnable" = 0
"ProxyOverride" = *.local

[color=orange]========== (O1) Hosts File ==========/color

HOSTS File = (27 bytes) - C:\Windows\System32\drivers\etc\Hosts
First 25 entries...
127.0.0.1 localhost

[color=orange]========== (O2) BHO's ==========/color

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\]
{18DF081C-E8AD-4283-A596-FA578C2EBDC3} (HKLM) -- C:\Programmes\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll File not found
{72853161-30C5-4D22-B7F9-0BBC1D38A37E} (HKLM) -- C:\Programmes\Microsoft Office\Office12\GrooveShellExtensions.dll File not found
{AA58ED58-01DD-4d91-8333-CF10577473F7} (HKLM) -- c:\Programmes\Google\GoogleToolbar2.dll File not found
{DBC80044-A445-435b-BC74-9C25C1C588A9} (HKLM) -- C:\Programmes\Java\jre6\bin\jp2ssv.dll File not found

[color=orange]========== (O3) Toolbars ==========/color

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar]
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" (HKLM) -- c:\Programmes\Google\GoogleToolbar2.dll File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar]
"{5CBE3B7C-1E47-477e-A7DD-396DB0476E29}" (HKLM) -- C:\Windows\System32\eDStoolbar.dll (HiTRUST)

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser]
"{5CBE3B7C-1E47-477E-A7DD-396DB0476E29}" (HKLM) -- C:\Windows\System32\eDStoolbar.dll (HiTRUST)
"{2318C2B1-4965-11D4-9B18-009027A5CD4F}" (HKLM) -- c:\Programmes\Google\GoogleToolbar2.dll File not found

[color=orange]========== (O4) Run Keys ==========/color

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Acer Tour Reminder"=C:\Acer\AcerTour\Reminder.exe (Acer Inc.)
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" File not found
"BDAgent"="C:\Program Files\Softwin\BitDefender10\bdagent.exe" File not found
"BDMCon"=C:\PROGRA~1\Softwin\BITDEF~1\bdmcon.exe File not found
"eAudio"="C:\Acer\Empowering Technology\eAudio\eAudio.exe" (CyberLink)
"eDataSecurity Loader"=C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe (HiTRUST)
"IAAnotif"=C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe File not found
"IaNvSrv"=C:\Program Files\Intel\Intel Matrix Storage Manager\OROM\IaNvSrv\IaNvSrv.exe File not found
"IntelliPoint"="C:\Program Files\Microsoft IntelliPoint\ipoint.exe" File not found
"LManager"=C:\PROGRA~1\LAUNCH~1\QtZgAcer.EXE File not found
"NvCplDaemon"=RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup (NVIDIA Corporation)
"NvMediaCenter"=RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit (NVIDIA Corporation)
"NvSvc"=RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart (NVIDIA Corporation)
"PlayMovie"="C:\Program Files\Acer Arcade Deluxe\Play Movie\PMVService.exe" File not found
"PLFSet"=rundll32.exe C:\Windows\PLFSet.dll,PLFDefSetting ( )
"QuickTime Task"="D:\Program Files\QuickTime\QTTask.exe" -atboottime (Apple Inc.)
"SunJavaUpdateSched"="C:\Program Files\Java\jre6\bin\jusched.exe" File not found
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe File not found
"WarReg_PopUp"=C:\Acer\WR_PopUp\WarReg_PopUp.exe (Acer Inc.)

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Acer Tour Reminder"= File not found
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe /autoRun File not found
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe File not found

[color=orange]========== (O6 & O7) Current Version Policies ==========/color

[HKEY_CURRENT_USER\Software\policies\microsoft\internet explorer\Control Panel]
"HomePage"=0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System]
"dontdisplaylastusername"=0
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"legalnoticecaption"=
"legalnoticetext"=

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
"NoDriveTypeAutoRun"=145

[color=orange]========== (O8) IE Context Menu Extensions ==========/color

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\]
E&xporter vers Microsoft Excel: C:\Programmes\Microsoft Office\Office12\EXCEL.EXE File not found

[color=orange]========== (O9) IE Extensions ==========/color

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\]
{92780B25-18CC-41C8-B9BE-3C9C571A8263}: Button: Research -- %SystemDrive%\Programmes\Microsoft Office\Office12\REFIEBAR.DLL File not found

[color=orange]========== (O12) Internet Explorer Plugins ==========/color

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\]
PluginsPage: "" = http://activex.microsoft.com/controls/find.asp?ext=%s&mime=%s
PluginsPageFriendlyName: "" = Microsoft ActiveX Gallery

[color=orange]========== (O13) Default Prefixes ==========/color

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix]
""=http://

[color=orange]========== (O16) DPF ==========/color

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\]
{67DABFBF-D0AB-41FA-9C46-CC0F21721616}: http://download.divx.com/player/DivXBrowserPlugin.cab -- Reg Error: Key does not exist or could not be opened.
{8AD9C840-044E-11D1-B3E9-00805F499D93}: http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab -- Java Plug-in 1.6.0_13
{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}: http://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab -- Reg Error: Key does not exist or could not be opened.
{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}: http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab -- Java Plug-in 1.6.0_13
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}: http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab -- Java Plug-in 1.6.0_13

[color=orange]========== (O17) DNS Name Servers ==========/color

{A1AA1CF1-BCB1-4242-B773-16021E09579F} (Servers: | Description: Intel(R) Wireless WiFi Link 4965AGN)
{F2283847-5629-4FB8-A4D2-4B4E011DF398} (Servers: | Description: Broadcom NetLink (TM) Gigabit Ethernet)

[color=orange]========== (O19) User Style Sheets ==========/color

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Styles]

[color=orange]========== (O20) AppInit_DLLs ==========/color

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_Dlls"=eNetHook.dll
>[2007/05/22 15:00:04 | 00,090,112 | ---- | M] (acer) -- C:\Windows\System32\eNetHook.dll

[color=orange]========== Shell Execute Hooks ==========/color

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}" (HKLM) -- C:\Programmes\Microsoft Office\Office12\GrooveShellExtensions.dll File not found

[color=orange]========== LSA *Security Packages* ==========/color

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"Security Packages"=kerberos,msv1_0,schannel,wdigest,tspkg,
>[2006/11/02 11:46:13 | 00,061,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\TSpkg.dll

[color=orange]========== Safeboot Options ==========/color

"AlternateShell"=cmd.exe

[color=orange]========== CDRom AutoRun Settings ==========/color

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom]
"AutoRun" = 1

[color=orange]========== Autorun Files on Drives ==========/color

autoexec.bat [REM Dummy file for NTVDM | ]
[2006/09/18 23:43:36 | 00,000,024 | ---- | M] () -- C:\autoexec.bat -- [ NTFS ]

autorun.inf []
[2009/04/28 11:45:26 | 00,000,000 | RHSD | M] -- C:\autorun.inf -- [ NTFS ]

autorun.inf []
[2009/04/28 11:45:26 | 00,000,000 | RHSD | M] -- D:\autorun.inf -- [ NTFS ]

[color=orange]========== Files/Folders - Created Within 60 Days ==========/color

[1 C:\Windows\*.tmp files]
[2009/05/02 12:10:55 | 00,422,912 | ---- | C] (OldTimer Tools) -- C:\Users\je\Desktop\OTViewIt.exe
[2009/05/01 23:47:45 | 00,000,000 | ---D | C] -- C:\Program Files\Ad-remover
[2009/05/01 21:03:26 | 00,000,000 | ---D | C] -- C:\_OTMoveIt
[2009/05/01 15:42:56 | 00,028,544 | ---- | C] (Panda Security, S.L.) -- C:\Windows\System32\drivers\pavboot.sys
[2009/05/01 15:42:53 | 00,000,000 | ---D | C] -- C:\Program Files\Panda Security
[2009/05/01 13:27:53 | 00,000,000 | ---D | C] -- C:\Windows\System32\Kaspersky Lab
[2009/05/01 12:42:59 | 00,001,878 | ---- | C] () -- C:\Users\je\Desktop\HijackThis.lnk
[2009/05/01 12:40:13 | 00,812,344 | ---- | C] (Trend Micro Inc.) -- C:\Users\je\Desktop\HJTInstall.exe
[2009/04/29 21:05:21 | 00,000,000 | ---D | C] -- C:\Users\je\AppData\Roaming\Malwarebytes
[2009/04/29 21:05:14 | 00,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2009/04/29 18:54:07 | 00,212,480 | ---- | C] (SteelWerX) -- C:\Windows\SWXCACLS.exe
[2009/04/29 18:54:07 | 00,161,792 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2009/04/29 18:54:07 | 00,136,704 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2009/04/29 18:54:07 | 00,115,712 | ---- | C] () -- C:\Windows\vFind.exe
[2009/04/29 18:54:07 | 00,098,816 | ---- | C] () -- C:\Windows\sed.exe_RenameGenProc
[2009/04/29 18:54:07 | 00,080,412 | ---- | C] () -- C:\Windows\grep.exe_RenameGenProc
[2009/04/29 18:54:07 | 00,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2009/04/29 18:54:07 | 00,029,696 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2009/04/29 14:49:26 | 00,000,000 | ---D | C] -- C:\Windows\ERDNT
[2009/04/28 11:45:26 | 00,000,000 | RHSD | C] -- C:\autorun.inf
[2009/04/27 20:45:59 | 00,000,000 | ---D | C] -- C:\Program Files\trend micro
[2009/04/26 10:10:58 | 00,000,000 | ---D | C] -- C:\Windows\Sun
[2009/04/25 10:54:55 | 00,000,712 | ---- | C] () -- C:\Users\je\Desktop\CCleaner.lnk
[2009/04/24 17:23:55 | 00,019,840 | ---- | C] (Generic) -- C:\Windows\System32\drivers\StMp3Rec.sys
[2009/04/17 22:11:23 | 00,001,728 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2009/04/04 09:56:44 | 05,151,232 | ---- | C] (Abvent) -- C:\Users\je\Desktop\ArtlantisStudio.exe
[2009/04/04 00:15:06 | 00,000,000 | ---D | C] -- C:\Users\je\AppData\Roaming\Abvent
[2009/04/04 00:15:06 | 00,000,000 | ---D | C] -- C:\ProgramData\Abvent
[2009/04/04 00:15:02 | 00,000,000 | ---D | C] -- C:\Users\je\AppData\Roaming\Abvent_Artlantis2
[2009/03/21 13:37:15 | 00,001,891 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2009/03/21 12:53:42 | 00,045,392 | ---- | C] (Adobe Systems Inc) -- C:\Windows\System32\AdobePDF.dll

[color=orange]========== Files - Modified Within 60 Days ==========/color

[1 C:\Windows\*.tmp files]
[2009/05/02 12:11:56 | 00,081,984 | ---- | M] () -- C:\Windows\System32\bdod.bin
[2009/05/02 12:10:58 | 00,422,912 | ---- | M] (OldTimer Tools) -- C:\Users\je\Desktop\OTViewIt.exe
[2009/05/02 11:40:57 | 00,000,396 | ---- | M] () -- C:\Windows\win.ini
[2009/05/02 11:31:54 | 00,700,222 | ---- | M] () -- C:\Windows\System32\perfh00C.dat
[2009/05/02 11:31:54 | 00,618,470 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2009/05/02 11:31:54 | 00,122,020 | ---- | M] () -- C:\Windows\System32\perfc00C.dat
[2009/05/02 11:31:54 | 00,107,614 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2009/05/02 11:31:53 | 01,538,854 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2009/05/02 11:26:07 | 00,012,884 | ---- | M] () -- C:\Users\je\AppData\Roaming\nvModes.001
[2009/05/02 11:25:02 | 00,003,072 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2009/05/02 11:25:01 | 00,003,072 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2009/05/02 11:24:58 | 00,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2009/05/02 11:24:56 | 00,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2009/05/02 11:24:51 | 21,458,20672 | -HS- | M] () -- C:\hiberfil.sys
[2009/05/02 11:23:26 | 04,041,822 | -H-- | M] () -- C:\Users\je\AppData\Local\IconCache.db
[2009/05/02 09:57:55 | 00,097,280 | ---- | M] () -- C:\Users\je\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/05/02 09:20:00 | 00,012,884 | ---- | M] () -- C:\Users\je\AppData\Roaming\nvModes.dat
[2009/05/01 12:42:59 | 00,001,878 | ---- | M] () -- C:\Users\je\Desktop\HijackThis.lnk
[2009/05/01 12:40:15 | 00,812,344 | ---- | M] (Trend Micro Inc.) -- C:\Users\je\Desktop\HJTInstall.exe
[2009/04/29 19:03:43 | 00,000,215 | ---- | M] () -- C:\Windows\system.ini
[2009/04/29 19:03:28 | 00,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2009/04/29 12:29:05 | 00,115,712 | ---- | M] () -- C:\Windows\vFind.exe
[2009/04/25 10:54:55 | 00,000,712 | ---- | M] () -- C:\Users\je\Desktop\CCleaner.lnk
[2009/04/17 22:11:23 | 00,001,728 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2009/04/02 20:59:25 | 05,151,232 | ---- | M] (Abvent) -- C:\Users\je\Desktop\ArtlantisStudio.exe
[2009/03/21 19:33:59 | 00,133,464 | ---- | M] () -- C:\Users\je\AppData\Local\GDIPFONTCACHEV1.DAT
[2009/03/21 19:32:18 | 01,790,240 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2009/03/21 13:37:15 | 00,001,891 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
< End of report >
0
Réponse 89 / 122
DARKGOTH-666
 
Extras.Txt :

OTViewIt Extras logfile created on: 02/05/2009 12:13:23 - Run
OTViewIt by OldTimer - Version 1.0.21.0 Folder = C:\Users\je\Desktop
Windows Vista Home Premium Edition (Version = 6.0.6000) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6000.16575)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

2,00 Gb Total Physical Memory | 0,95 Gb Available Physical Memory | 47,64% Memory free
4,00 Gb Paging File | 2,79 Gb Available in Paging File | 69,70% Paging File free
Paging file location(s): ?:\pagefile.sys;

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 69,77 Gb Total Space | 19,29 Gb Free Space | 27,64% Space Free | Partition Type: NTFS
Drive D: | 66,27 Gb Total Space | 50,05 Gb Free Space | 75,51% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: PC-DE-JE
Current User Name: je
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Whitelist: On
File Age = 60 Days
"MaxScriptStatements"=

[color=orange]========== File Associations ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- C:\Programmes\Internet Explorer\iexplore.exe File not found

[color=orange]========== Security Center Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval"=1
"UacDisableNotify"=0
"InternetSettingsDisableNotify"=0
"AutoUpdateDisableNotify"=0
"FirewallDisableNotify"=0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring"=1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring"=1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride"=0
"AntiSpywareOverride"=0
"FirewallOverride"=0

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile
"DisableNotifications"=0
"EnableFirewall"=1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\Logging]

[color=orange]========== Authorized Applications List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
[2008/03/08 23:17:44 | 00,587,568 | ---- | M] () -- D:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent

[color=orange]========== (O10) Winsock2 Catalogs ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\]
NameSpace_Catalog5\Catalog_Entries\000000000001 [@%SystemRoot%\system32\nlasvc.dll,-1000] -- C:\Windows\System32\nlaapi.dll (Microsoft Corporation)
NameSpace_Catalog5\Catalog_Entries\000000000004 [@%SystemRoot%\system32\napinsp.dll,-1000] -- C:\Windows\System32\NapiNSP.dll (Microsoft Corporation)
NameSpace_Catalog5\Catalog_Entries\000000000005 [@%SystemRoot%\system32\pnrpnsp.dll,-1000] -- C:\Windows\System32\pnrpnsp.dll (Microsoft Corporation)
NameSpace_Catalog5\Catalog_Entries\000000000006 [@%SystemRoot%\system32\pnrpnsp.dll,-1001] -- C:\Windows\System32\pnrpnsp.dll (Microsoft Corporation)
NameSpace_Catalog5\Catalog_Entries\000000000007 [mdnsNSP] -- C:\Programmes\Bonjour\mdnsNSP.dll File not found

[color=orange]========== HKEY_LOCAL_MACHINE Protocol Defaults ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ProtocolDefaults - Default Protocols
ldap -- 4 = Restricted sites (Not a Default Protocol)
news -- 4 = Restricted sites (Not a Default Protocol)
nntp -- 4 = Restricted sites (Not a Default Protocol)
oecmd -- 4 = Restricted sites (Not a Default Protocol)
snews -- 4 = Restricted sites (Not a Default Protocol)

[color=orange]========== (O18) Protocol Handlers ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\]
File not found C:\Programmes\Microsoft Office\Office12\GrooveSystemServices.dll (grooveLocalGWS:{88FED34C-F0CA-4636-A375-3CB6248B04CD} (HKLM) [Local Groove Web Services Protocol])
File not found C:\Programmes\Common Files\microsoft shared\Help\hxds.dll (ms-help:{314111c7-a502-11d2-bbca-00c04f8ec294} (HKLM) [HxProtocol Class])
File not found C:\Programmes\Common Files\microsoft shared\Information Retrieval\msitss.dll (ms-itss:{0A9007C0-4076-11D3-8789-0000F8105754} (HKLM) [Microsoft Infotech Storage Protocol for IE 4.0])

[color=orange]========== (O18) Protocol Filters ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Filter\] - Protocol Filters
File not found C:\Programmes\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL text/xml:{807563E5-5146-11D5-A672-00B0D022E945} (HKLM) [Microsoft Office InfoPath XML Mime Filter]

[color=orange]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00060000-0000-1004-8002-0000C06B5161}"=WIBU-KEY Setup (WIBU-KEY Remove)
"{0046FA01-C5B9-4985-BACB-398DC480FC05}"=Adobe Photoshop CS3
"{047F790A-7A2A-4B6A-AD02-38092BA63DAC}"=Acer VCM
"{04AF207D-9A77-465A-8B76-991F6AB66245}"=Adobe Help Viewer CS3
"{06A940CD-4924-485E-8500-476C9E08A820}"=Samsung PC Studio 3
"{08B32819-6EEF-4057-AEDA-5AB681A36A23}"=Adobe Bridge Start Meeting
"{0E4BC542-9CFD-4E97-B586-9F1E5516E7B9}"=Microsoft IntelliPoint 6.1
"{11316260-6666-467B-AC34-183FCB5D4335}"=Acer Mobility Center Plug-In
"{116FF17B-1A30-4FC2-9B01-5BC5BD46B0B3}"=Acer eLock Management
"{12E75B98-8463-4C1F-8DDA-F6CF31566A55}"=Google SketchUp Pro 6
"{1577A05B-EE62-4BBC-9DB7-FE748FA44EC2}"=NTI CD & DVD-Maker
"{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}"=Adobe WinSoft Linguistics Plugin
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}"=Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83216013FF}"=Java(TM) 6 Update 13
"{29E5EA97-5F74-4A57-B8B2-D4F169117183}"=Adobe Stock Photos CS3
"{399C37FB-08AF-493B-BFED-20FBD85EDF7F}"=Acer Crystal Eye webcam
"{427967BF-09F8-46D5-9275-37001CCBBA5D}"=Winbond CIR Drivers
"{51846830-E7B2-4218-8968-B77F0FF475B8}"=Adobe Color EU Extra Settings
"{54793AA1-5001-42F4-ABB6-C364617C6078}"=Adobe Linguistics CS3
"{5545EEE1-FA36-4F76-B6BE-5696E7F4E2D6}"=VBA (2627.01)
"{5545EEE3-FA36-4F76-B6BE-5696E7F4E2D6}"=VBA (2627.5)
"{57265292-228A-41FA-9AEC-4620CBCC2739}"=Acer eAudio Management
"{5783F2D7-6001-040C-0002-0060B0CE6BBA}"=AutoCAD 2008 - Français
"{58E5844B-7CE2-413D-83D1-99294BF6C74F}"=Acer ePower Management
"{59F6A514-9813-47A3-948C-8A155460CC2A}"=RICOH R5C83x/84x Flash Media Controller Driver Ver.3.51.01
"{5B09BD67-4C99-46A1-8161-B7208CE18121}"=QuickTime
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}"=Activation Assistant for the 2007 Microsoft Office suites
"{67ADE9AF-5CD9-4089-8825-55DE4B366799}"=NTI Backup NOW! 4.7
"{6ABE0BEE-D572-4FE8-B434-9E72A289431B}"=Adobe Fonts All
"{6B1CB38D-E2E4-4a30-933D-EFDEBA76AD9C}"=Microsoft Works
"{6E08CE13-C2AB-4749-9335-5900B958929E}"=Adobe Illustrator CS3
"{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}"=Adobe Asset Services CS3
"{7299052b-02a4-4627-81f2-1818da5d550d}"=Microsoft Visual C++ 2005 Redistributable
"{73B5D990-04EA-4751-B10F-5534770B91F2}"=Adobe Color EU Recommended Settings
"{79DD56FC-DB8B-47F5-9C80-78B62E05F9BC}"=Acer ScreenSaver
"{802771A9-A856-4A41-ACF7-1450E523C923}"=Adobe XMP Panels CS3
"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}"=Adobe Device Central CS3
"{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}"=Adobe Type Support
"{90120000-0015-0409-0000-0000000FF1CE}"=Microsoft Office Access MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}"=Microsoft Office Excel MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}"=Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}"=Microsoft Office Publisher MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}"=Microsoft Office Outlook MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}"=Microsoft Office Word MUI (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}"=Microsoft Office Proof (English) 2007
"{90120000-001F-040C-0000-0000000FF1CE}"=Microsoft Office Proof (French) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}"=Microsoft Office Proof (Spanish) 2007
"{90120000-002C-0409-0000-0000000FF1CE}"=Microsoft Office Proofing (English) 2007
"{90120000-0030-0000-0000-0000000FF1CE}"=Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{926CC8AE-8414-43DF-8EB4-CF26D9C3C663}"=
"{90120000-0044-0409-0000-0000000FF1CE}"=Microsoft Office InfoPath MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}"=Microsoft Office Shared MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}"=Microsoft Office OneNote MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}"=Microsoft Office Groove MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}"=Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}"=Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}"=Microsoft Office Access Setup Metadata MUI (English) 2007
"{90176341-0A8B-4CCC-A78D-F862228A6B95}"=Adobe Anchor Service CS3
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}"=Intel® Turbo Memory et Intel Matrix Storage Manager
"{94389919-B0AA-4882-9BE8-9F0B004ECA35}"=Acer Tour
"{95655ED4-7CA5-46DF-907F-7144877A32E5}"=Adobe Color NA Recommended Settings
"{9609871C-BE91-48A7-ADC0-628DF4706397}"=BitDefender Antivirus v10
"{98736A65-3C79-49EC-B7E9-A3C77774B0E6}"=Google SketchUp 6
"{9A346205-EA92-4406-B1AB-50379DA3F057}"=Autodesk DWF Viewer 7
"{9C9824D9-9000-4373-A6A5-D0E5D4831394}"=Adobe Bridge CS3
"{A0EB195B-5876-48E6-879D-33D4B2102610}"=SonicStage 4.3
"{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}"=Adobe CMaps
"{A2D81E70-2A98-4A08-A628-94388B063C5E}"=Adobe Color - Photoshop Specific
"{AA047D7C-5E7C-4878-B75C-77589151B563}"=Acer Crystal Eye webcam
"{AB6097D9-D722-4987-BD9E-A076E2848EE2}"=Acer Empowering Technology
"{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}"=PDF Settings
"{AC76BA86-7AD7-1036-7B44-A91000000001}"=Adobe Reader 9.1 - Français
"{AEEAE013-92F1-4515-B278-139F1A692A36}"=Acer eDataSecurity Management
"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}"=Adobe Camera Raw 4.0
"{B74F042E-E1B9-4A5B-8D46-387BB172F0A4}"=Apple Software Update
"{B7A0CE06-068E-11D6-97FD-0050BACBF861}"=PowerProducer
"{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}"=Adobe Default Language CS3
"{BB65C393-C76E-4F06-9B0C-2124AA8AF97B}"=Adobe Flash Player 9 ActiveX
"{BF839132-BD43-4056-ACBF-4377F4A88E2A}"=Acer ePresentation Management
"{C06554A1-2C1E-4D20-B613-EE62C79927CC}"=Acer eNet Management
"{C12D609B-EB71-411B-82C3-9BE6D40435D7}"=Google SketchUp LayOut 6
"{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}"=Adobe ExtendScript Toolkit 2
"{C4A4722E-79F9-417C-BD72-8D359A090C97}"=Samsung PC Studio 3
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}"=Microsoft .NET Framework 1.1
"{CCD663AE-610D-4BDF-AAB0-E914B044527D}"=OpenMG Secure Module 4.7.00
"{CE386A4E-D0DA-4208-8235-BCE43275C694}"=LightScribe 1.4.142.1
"{CE65A9A0-9686-45C6-9098-3C9543A412F0}"=Acer eSettings Management
"{CE67DBBB-2ED0-4F35-B482-0CFE4CFC1570}"=Adobe Setup
"{D0DFF92A-492E-4C40-B862-A74A173C25C5}"=Adobe Version Cue CS3 Client
"{D1BB4446-AE9C-4256-9A7F-4D46604D2462}"=Adobe Setup
"{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}"=Adobe PDF Library Files
"{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}"=Adobe Color Common Settings
"{DBEA1034-5882-4A88-8033-81C4EF0CFA29}"=Google Toolbar for Internet Explorer
"{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}"=Adobe Color JA Extra Settings
"{E69AE897-9E0B-485C-8552-7841F48D42D8}"=Adobe Update Manager CS3
"{EB459C2F-41CA-4222-B9CA-F8EBA40B8DAB}"=Google SketchUp 6 Exporters
"{EBA29752-DDD2-4B62-B2E3-9841F92A3E3A}"=Samsung PC Studio 3 USB Driver Installer
"{EFBDC2B0-FAA8-4B78-8DE1-AEBE7958FA37}"=Acer Arcade Deluxe
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}"=Realtek High Definition Audio Driver
"{F3BD8E81-C020-44F9-B014-1E0214D23556}"=SA30xx Media Converter
"{FF29A7E2-FF40-4D07-B7E4-2093DE59E10A}"=Adobe Color NA Extra Settings
"001FFFFFFF12FF00FF0501F02F02F000-R1"=ArchiCAD 12 FRA
"Activation Assistant for the 2007 Microsoft Office suites"=Activation Assistant for the 2007 Microsoft Office suites
"ActiveScan 2.0"=Panda ActiveScan 2.0
"Adobe Flash Player ActiveX"=Adobe Flash Player ActiveX
"Adobe Flash Player Plugin"=Adobe Flash Player 10 Plugin
"Adobe_2ac78060bc5856b0c1cf873bb919b58"=Adobe Photoshop CS3
"Adobe_e21d2df5563f0bf421cf2cc5ec26c42"=Adobe Illustrator CS3
"aMSN"=aMSN 0.97.2
"Artlantis Studio 2"=Artlantis Studio 2 2.0.2
"AutoCAD 2008 - Français"=AutoCAD 2008 - Français
"CCleaner"=CCleaner (remove only)
"CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFAOR2C06_118"=HDAUDIO Soft Data Fax Modem with SmartCP
"ENTERPRISE"=Microsoft Office Enterprise 2007
"GridVista"=Acer GridVista
"Guitar Pro 5_is1"=Guitar Pro 5.2
"HijackThis"=HijackThis 2.0.2
"InstallShield_{1577A05B-EE62-4BBC-9DB7-FE748FA44EC2}"=NTI CD & DVD-Maker
"InstallShield_{CCD663AE-610D-4BDF-AAB0-E914B044527D}"=OpenMG Secure Module 4.7.00
"LManager"=Launch Manager
"Microsoft .NET Framework 1.1 (1033)"=Microsoft .NET Framework 1.1
"Mozilla Firefox (3.0.10)"=Mozilla Firefox (3.0.10)
"NVIDIA Drivers"=NVIDIA Drivers
"OpenMG HotFix4.7-07-13-22-01"=OpenMG Limited Patch 4.7-07-14-05-01
"SAMSUNG Mobile Composite Device"=SAMSUNG Mobile Composite Device Software
"SAMSUNG Mobile Modem"=SAMSUNG Mobile Modem Driver Set
"Samsung Mobile phone USB driver"=Samsung Mobile phone USB driver Software
"SAMSUNG Mobile USB Modem"=SAMSUNG Mobile USB Modem Software
"SAMSUNG Mobile USB Modem 1.0"=SAMSUNG Mobile USB Modem 1.0 Software
"SynTPDeinstKey"=Synaptics Pointing Device Driver
"WinRAR archiver"=Archiveur WinRAR

[color=orange]========== HKEY_CURRENT_USER Uninstall List ==========[/color]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"BitTorrent"=BitTorrent 6.0
"BitTorrent DNA"=DNA

[color=orange]========== Last 10 Event Log Errors ==========[/color]

[ Application Events ]
Error - 01/05/2009 03:55:43 | Computer Name = PC-de-je | Source = Application Error | ID = 1000
Description = Application défaillante wsqmcons.exe, version 6.0.6000.16386, horodatage
0x4549aedd, module défaillant ntdll.dll, version 6.0.6000.16386, horodatage 0x4549bdc9,
code d’exception 0xc000012f, décalage d’erreur 0x00008fc7, ID du processus 0x1644,
heure de début de l’application 0x01c9ca323a6f9d3e.

Error - 01/05/2009 07:04:22 | Computer Name = PC-de-je | Source = Application Error | ID = 1000
Description = Application défaillante wsqmcons.exe, version 6.0.6000.16386, horodatage
0x4549aedd, module défaillant ntdll.dll, version 6.0.6000.16386, horodatage 0x4549bdc9,
code d’exception 0xc000012f, décalage d’erreur 0x00008fc7, ID du processus 0x178c,
heure de début de l’application 0x01c9ca4c94e4c49e.

Error - 01/05/2009 11:00:01 | Computer Name = PC-de-je | Source = Application Error | ID = 1000
Description = Application défaillante wsqmcons.exe, version 6.0.6000.16386, horodatage
0x4549aedd, module défaillant ntdll.dll, version 6.0.6000.16386, horodatage 0x4549bdc9,
code d’exception 0xc000012f, décalage d’erreur 0x00008fc7, ID du processus 0x16d0,
heure de début de l’application 0x01c9ca6d7fde3bd6.

Error - 01/05/2009 12:15:13 | Computer Name = PC-de-je | Source = Application Error | ID = 1000
Description = Application défaillante wsqmcons.exe, version 6.0.6000.16386, horodatage
0x4549aedd, module défaillant ntdll.dll, version 6.0.6000.16386, horodatage 0x4549bdc9,
code d’exception 0xc000012f, décalage d’erreur 0x00008fc7, ID du processus 0x1358,
heure de début de l’application 0x01c9ca78013b1668.

Error - 01/05/2009 15:15:05 | Computer Name = PC-de-je | Source = Application Error | ID = 1000
Description = Application défaillante wsqmcons.exe, version 6.0.6000.16386, horodatage
0x4549aedd, module défaillant ntdll.dll, version 6.0.6000.16386, horodatage 0x4549bdc9,
code d’exception 0xc000012f, décalage d’erreur 0x00008fc7, ID du processus 0x1110,
heure de début de l’application 0x01c9ca9122059ca2.

Error - 01/05/2009 15:41:01 | Computer Name = PC-de-je | Source = Application Error | ID = 1000
Description = Application défaillante wsqmcons.exe, version 6.0.6000.16386, horodatage
0x4549aedd, module défaillant ntdll.dll, version 6.0.6000.16386, horodatage 0x4549bdc9,
code d’exception 0xc000012f, décalage d’erreur 0x00008fc7, ID du processus 0x120c,
heure de début de l’application 0x01c9ca94c1cb5492.

Error - 01/05/2009 18:06:26 | Computer Name = PC-de-je | Source = Application Error | ID = 1000
Description = Application défaillante wsqmcons.exe, version 6.0.6000.16386, horodatage
0x4549aedd, module défaillant ntdll.dll, version 6.0.6000.16386, horodatage 0x4549bdc9,
code d’exception 0xc000012f, décalage d’erreur 0x00008fc7, ID du processus 0x168c,
heure de début de l’application 0x01c9caa90edecaa5.

Error - 02/05/2009 03:29:06 | Computer Name = PC-de-je | Source = Application Error | ID = 1000
Description = Application défaillante wsqmcons.exe, version 6.0.6000.16386, horodatage
0x4549aedd, module défaillant ntdll.dll, version 6.0.6000.16386, horodatage 0x4549bdc9,
code d’exception 0xc000012f, décalage d’erreur 0x00008fc7, ID du processus 0x480,
heure de début de l’application 0x01c9caf7a3621f9f.

Error - 02/05/2009 05:35:02 | Computer Name = PC-de-je | Source = Application Error | ID = 1000
Description = Application défaillante wsqmcons.exe, version 6.0.6000.16386, horodatage
0x4549aedd, module défaillant ntdll.dll, version 6.0.6000.16386, horodatage 0x4549bdc9,
code d’exception 0xc000012f, décalage d’erreur 0x00008fc7, ID du processus 0x13bc,
heure de début de l’application 0x01c9cb0944a0143c.

Error - 02/05/2009 06:00:02 | Computer Name = PC-de-je | Source = Application Error | ID = 1000
Description = Application défaillante wsqmcons.exe, version 6.0.6000.16386, horodatage
0x4549aedd, module défaillant ntdll.dll, version 6.0.6000.16386, horodatage 0x4549bdc9,
code d’exception 0xc000012f, décalage d’erreur 0x00008fc7, ID du processus 0x14ac,
heure de début de l’application 0x01c9cb0cc1756acc.

[ System Events ]
Error - 02/05/2009 05:31:47 | Computer Name = PC-de-je | Source = Service Control Manager | ID = 7023
Description =

Error - 02/05/2009 05:32:31 | Computer Name = PC-de-je | Source = Service Control Manager | ID = 7023
Description =

Error - 02/05/2009 05:35:02 | Computer Name = PC-de-je | Source = Service Control Manager | ID = 7023
Description =

Error - 02/05/2009 05:35:32 | Computer Name = PC-de-je | Source = Service Control Manager | ID = 7023
Description =

Error - 02/05/2009 05:36:02 | Computer Name = PC-de-je | Source = Service Control Manager | ID = 7023
Description =

Error - 02/05/2009 05:57:18 | Computer Name = PC-de-je | Source = ACPI | ID = 327693
Description =  : le contrôleur embarqué n’a pas répondu dans le délai imparti. Cette
erreur peut indiquer que le matériel ou le microprogramme du contrôleur embarqué
présente une erreur ou que le BIOS accède au contrôleur embarqué de manière incorrecte.
Contactez le fabricant de votre ordinateur afin de savoir si un BIOS mis à niveau
est disponible. Dans certains cas, cette erreur peut provoquer un fonctionnement
incorrect de l’application.

Error - 02/05/2009 06:09:55 | Computer Name = PC-de-je | Source = Service Control Manager | ID = 7023
Description =

Error - 02/05/2009 06:10:25 | Computer Name = PC-de-je | Source = Service Control Manager | ID = 7023
Description =

Error - 02/05/2009 06:10:55 | Computer Name = PC-de-je | Source = Service Control Manager | ID = 7023
Description =

Error - 02/05/2009 06:11:39 | Computer Name = PC-de-je | Source = Service Control Manager | ID = 7023
Description =

< End of report >
0
Réponse 90 / 122
sKe69 Messages postés 21955 Statut Contributeur sécurité 463
 
bon ...

analyse ceci sur VirusTotal stp : 

C:\Windows\System32\drivers\secdrv.sys 
C:\Windows\PLFSet.dll


poste les rapports obtenu stp ...

0
Réponse 91 / 122
DARKGOTH-666
 
Voici le rapport avec VirusTotal pour C:\Windows\System32\drivers\secdrv.sys :

Fichier secdrv.sys reçu le 2009.05.01 13:14:10 (CET)
Situation actuelle: terminé
Résultat: 0/39 (0.00%)
Formaté Formaté
Impression des résultats Impression des résultats
Antivirus Version Dernière mise à jour Résultat
a-squared 4.0.0.101 2009.05.01 -
AhnLab-V3 5.0.0.2 2009.05.01 -
AntiVir 7.9.0.160 2009.04.30 -
Antiy-AVL 2.0.3.1 2009.04.30 -
Authentium 5.1.2.4 2009.04.30 -
Avast 4.8.1335.0 2009.04.30 -
AVG 8.5.0.327 2009.05.01 -
BitDefender 7.2 2009.05.01 -
CAT-QuickHeal 10.00 2009.04.30 -
ClamAV 0.94.1 2009.05.01 -
Comodo 1141 2009.04.29 -
DrWeb 4.44.0.09170 2009.05.01 -
eSafe 7.0.17.0 2009.04.30 -
eTrust-Vet 31.6.6486 2009.05.01 -
F-Prot 4.4.4.56 2009.04.30 -
F-Secure 8.0.14470.0 2009.05.01 -
Fortinet 3.117.0.0 2009.05.01 -
GData 19 2009.05.01 -
Ikarus T3.1.1.49.0 2009.05.01 -
K7AntiVirus 7.10.720 2009.04.30 -
Kaspersky 7.0.0.125 2009.05.01 -
McAfee 5601 2009.04.30 -
McAfee+Artemis 5601 2009.04.30 -
McAfee-GW-Edition 6.7.6 2009.04.30 -
Microsoft 1.4602 2009.05.01 -
NOD32 4048 2009.05.01 -
Norman 6.01.05 2009.04.30 -
nProtect 2009.1.8.0 2009.05.01 -
Panda 10.0.0.14 2009.05.01 -
PCTools 4.4.2.0 2009.04.30 -
Rising 21.27.41.00 2009.05.01 -
Sophos 4.41.0 2009.05.01 -
Sunbelt 3.2.1858.2 2009.05.01 -
Symantec 1.4.4.12 2009.05.01 -
TheHacker 6.3.4.1.317 2009.04.30 -
TrendMicro 8.950.0.1092 2009.05.01 -
VBA32 3.12.10.4 2009.05.01 -
ViRobot 2009.5.1.1717 2009.05.01 -
VirusBuster 4.6.5.0 2009.04.30 -
Information additionnelle
File size: 20480 bytes
MD5...: 90a3935d05b494a5a39d37e71f09a677
SHA1..: 51613026e706f9bdcbc0c94cf2014bc9fb58a3e8
SHA256: f72733a69bc6e1a2bb91d7632ff3463c12563f60fdcc00a2cdd67ff20d479952
SHA512: a785847cc15f38190717fa75a842110cb720a72e90f2e3f36ee21399b38fbd5a
42ccc77f7d5beab8e408c7c166fb2f2488b8bf02863ab4a5d87c004f6ba793ff
ssdeep: 384:a/vKyQsDsoshs0nwhoDswXXthGHL/S/rKdkgTlgvLOFgYZyE93/pB5gve67:
ovpzhoDLdhGHLgakgTlaaFbnBH
PEiD..: -
TrID..: File type identification
Win64 Executable Generic (95.5%)
Generic Win/DOS Executable (2.2%)
DOS Executable Generic (2.2%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)
PEInfo: PE Structure information

( base data )
entrypointaddress.: 0x705f
timedatestamp.....: 0x45080528 (Wed Sep 13 13:18:32 2006)
machinetype.......: 0x14c (I386)

( 7 sections )
name viradd virsiz rawdsiz ntrpy md5
.text 0x1000 0x1a22 0x1c00 5.99 1f3cfd0d97a35c6986f10ac8103d0310
.rdata 0x3000 0x490 0x600 3.07 f47902e1bb24778b32243dfdc376ea53
.data 0x4000 0x754 0x600 2.23 f1c5efdc7342a6818f0406dcca9d0152
PAGE 0x5000 0x1337 0x1400 6.14 d900097a1bca84718cb1431d385b8cee
INIT 0x7000 0x53e 0x600 5.10 312aa51a35f027f741d09412efcbf740
.rsrc 0x8000 0x490 0x600 2.72 84ee54ba64e50685d8dc6d8b03a3a527
.reloc 0x9000 0x31e 0x400 4.72 96a88be6de5eee91e4dae7e352fe7785

( 1 imports )
> ntoskrnl.exe: RtlQueryRegistryValues, memset, PsGetVersion, RtlEqualUnicodeString, RtlInitUnicodeString, NtBuildNumber, ProbeForWrite, ProbeForRead, IoDeleteDevice, IoDeleteSymbolicLink, IoCreateSymbolicLink, KeTickCount, memcpy, ExAllocatePoolWithTag, ExFreePoolWithTag, IofCompleteRequest, KeBugCheckEx, RtlUnwind, MmGetSystemRoutineAddress, ZwClose, ZwSetSecurityObject, ObOpenObjectByPointer, IoDeviceObjectType, IoCreateDevice, RtlGetDaclSecurityDescriptor, RtlGetSaclSecurityDescriptor, RtlGetGroupSecurityDescriptor, RtlGetOwnerSecurityDescriptor, _snwprintf, RtlLengthSecurityDescriptor, SeCaptureSecurityDescriptor, SeExports, IoIsWdmVersionAvailable, _wcsnicmp, RtlAddAccessAllowedAce, RtlLengthSid, wcschr, RtlAbsoluteToSelfRelativeSD, RtlSetDaclSecurityDescriptor, RtlCreateSecurityDescriptor, ZwOpenKey, ZwCreateKey, ZwQueryValueKey, ZwSetValueKey, RtlFreeUnicodeString

( 0 exports )
PDFiD.: -
RDS...: NSRL Reference Data Set

( Microsoft )

> Installed Vista Ultimate: secdrv.sys

packers (Kaspersky): PE_Patch
0
Réponse 92 / 122
DARKGOTH-666
 
Voici le rapport avec VirusTotal pour C:\Windows\PLFSet.dll :

Fichier PLFSet.dll reçu le 2009.03.19 23:37:50 (CET)
Situation actuelle: terminé
Résultat: 0/39 (0.00%)
Formaté Formaté
Impression des résultats Impression des résultats
Antivirus Version Dernière mise à jour Résultat
a-squared 4.0.0.101 2009.03.19 -
AhnLab-V3 5.0.0.2 2009.03.19 -
AntiVir 7.9.0.120 2009.03.19 -
Authentium 5.1.2.4 2009.03.19 -
Avast 4.8.1335.0 2009.03.19 -
AVG 8.5.0.283 2009.03.19 -
BitDefender 7.2 2009.03.19 -
CAT-QuickHeal 10.00 2009.03.19 -
ClamAV 0.94.1 2009.03.19 -
Comodo 1066 2009.03.18 -
DrWeb 4.44.0.09170 2009.03.19 -
eSafe 7.0.17.0 2009.03.19 -
eTrust-Vet 31.6.6388 2009.03.09 -
F-Prot 4.4.4.56 2009.03.19 -
F-Secure 8.0.14470.0 2009.03.19 -
Fortinet 3.117.0.0 2009.03.19 -
GData 19 2009.03.19 -
Ikarus T3.1.1.48.0 2009.03.19 -
K7AntiVirus 7.10.676 2009.03.19 -
Kaspersky 7.0.0.125 2009.03.19 -
McAfee 5558 2009.03.19 -
McAfee+Artemis 5558 2009.03.19 -
McAfee-GW-Edition 6.7.6 2009.03.19 -
Microsoft 1.4502 2009.03.19 -
NOD32 3948 2009.03.19 -
Norman 6.00.06 2009.03.19 -
nProtect 2009.1.8.0 2009.03.19 -
Panda 10.0.0.10 2009.03.19 -
PCTools 4.4.2.0 2009.03.19 -
Prevx1 V2 2009.03.19 -
Rising 21.21.32.00 2009.03.19 -
Sophos 4.39.0 2009.03.19 -
Sunbelt 3.2.1858.2 2009.03.19 -
Symantec 1.4.4.12 2009.03.19 -
TheHacker 6.3.3.0.286 2009.03.19 -
TrendMicro 8.700.0.1004 2009.03.19 -
VBA32 3.12.10.1 2009.03.19 -
ViRobot 2009.3.19.1656 2009.03.19 -
VirusBuster 4.6.5.0 2009.03.19 -
Information additionnelle
File size: 45056 bytes
MD5...: 6e9bfdb5c4cd5085b20e9a54cc4c0968
SHA1..: 69ba17d47f58db65809101dc20452d48e33c7270
SHA256: 0042193cd52cc04e2ad95a445ffeb537d2b008da32fbfd0f01871dacd64eb844
SHA512: c78837a28faa831412807ca8d71bb7012d2c332c133dcd698d74592d961d5a41
0cd5d3c3d02538062baa8256a4c734b783325fee5b4030eadf7400a756e41fe9
ssdeep: 768:U6VMPOaHWqTm3Q2O/EZL4PFP2woU8Ta5:U6VM+qTmg2OsFCPNoJTA
PEiD..: Armadillo v1.xx - v2.xx
TrID..: File type identification
Win64 Executable Generic (59.6%)
Win32 Executable MS Visual C++ (generic) (26.2%)
Win32 Executable Generic (5.9%)
Win32 Dynamic Link Library (generic) (5.2%)
Generic Win/DOS Executable (1.3%)
PEInfo: PE Structure information

( base data )
entrypointaddress.: 0x2031
timedatestamp.....: 0x45f13c4d (Fri Mar 09 10:51:57 2007)
machinetype.......: 0x14c (I386)

( 5 sections )
name viradd virsiz rawdsiz ntrpy md5
.text 0x1000 0x53ba 0x6000 6.08 7b3e39a0b36a91e1fa707666127c01b6
.rdata 0x7000 0xced 0x1000 4.75 f7db832b730f8888cff98e3c1925a4f4
.data 0x8000 0x2500 0x1000 2.30 d76d49a8c193c358ef4ccc006150b2dd
.rsrc 0xb000 0x3d0 0x1000 0.98 e9cd1c1f9953106dc4ee38c5e12ea01a
.reloc 0xc000 0xcca 0x1000 3.35 530440579c01f828ca5755fe46b56dd0

( 4 imports )
> KERNEL32.dll: lstrcpyW, WideCharToMultiByte, GetSystemDefaultLCID, Sleep, CloseHandle, RtlUnwind, GetCommandLineA, GetVersion, ExitProcess, TerminateProcess, GetCurrentProcess, GetCurrentThreadId, TlsSetValue, TlsAlloc, TlsFree, SetLastError, TlsGetValue, GetLastError, SetHandleCount, GetStdHandle, GetFileType, GetStartupInfoA, DeleteCriticalSection, GetModuleFileNameA, FreeEnvironmentStringsA, FreeEnvironmentStringsW, GetEnvironmentStrings, GetEnvironmentStringsW, HeapDestroy, HeapCreate, VirtualFree, HeapFree, WriteFile, SetFilePointer, EnterCriticalSection, LeaveCriticalSection, InterlockedDecrement, InterlockedIncrement, InitializeCriticalSection, HeapAlloc, GetCPInfo, GetACP, GetOEMCP, VirtualAlloc, HeapReAlloc, GetProcAddress, LoadLibraryA, SetStdHandle, MultiByteToWideChar, LCMapStringA, LCMapStringW, GetStringTypeA, GetStringTypeW, FlushFileBuffers
> ADVAPI32.dll: RegOpenKeyExA, RegSetValueExA, RegQueryValueExA, RegCloseKey
> SHELL32.dll: ShellExecuteA
> ole32.dll: CoUninitialize, CoInitialize, CoCreateInstance

( 2 exports )
PLFDefSetting, SetProc
0
Réponse 93 / 122
sKe69 Messages postés 21955 Statut Contributeur sécurité 463
 
Fais ceci :

Ouvre le bloc-notes (menu démarrer/accessoire/bloc-note) et fais un copier coller de ce qui est en citation en gras ci-dessous ( copie tout d'un trait ) : 

REGEDIT4 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] 
"AutoUpdateDisableNotify"=-

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] 
"AutoUpdateDisableNotify"=1


Sauvegarder le document sur ton bureau :
Va sur "fichier"/"enregistrer sous" :
---> Nom du fichier, tu tapes : fix.reg
Type de fichier, tu choisis : "tous les fichiers"
-> clique sur "enregistrer"

-!! Déconnecte toi et ferme toutes tes applications en cours !!

Double clique sur fix.reg qui est sur ton bureau => tu dois obligatoirement avoir un message "voulez-vous vraiment ajouter les informations contenues dans ce fichier .reg au registre ?"
Si c'est bien le cas, clique sur "oui"

redémarre le PC et retentes les mises à jours pour voire ...
0
Réponse 94 / 122
DARKGOTH-666
 
Manip ok mais toujours "erreur 80080005" et mises à jour pas possible =(
0
sKe69 Messages postés 21955 Statut Contributeur sécurité 463
 
essaye ce qui indiqué sur ce poste :

http://www.commentcamarche.net/forum/affich 5024880 mises a jour impossible avec windows update#24

0
Réponse 95 / 122
DARKGOTH-666
 
Ok merci je vais voir ça ;-)
0
Réponse 96 / 122
DARKGOTH-666
 
Re

J'ai essayé les quelques manip données mais sans résultats =(

Mais merci d'avoir pris de ton temps pour essayer de résoudre mon problème ^^
0
Réponse 97 / 122
sKe69 Messages postés 21955 Statut Contributeur sécurité 463
 
Bon ...

hors mis Windows Update qui a l'aire naze , le PC tourne bien ? ...

Re-poste un Hijackthis et on finalise ( un check-up en fin résoudra peut-être le prb ) ....

0
Réponse 98 / 122
DARKGOTH-666
 
Oui mise à part ça le PC tourne bien, mais depuis que je ne fais + les mises à jour, aucun périphériques USB ne marchent. J'ai récemment acheté un disque dur externe pour stocker au cas ou, le PC ne le reconnait même pas, j'ai testé avec plusieurs autres clé usb, c'est pareils... Et 2 amis informaticiens m'ont dis que ça ne marcherai pas tant que le PC ne fera pas les mises à jour.

Voici le rapport de Hijackthis :

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:16:10, on 02/05/2009
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16575)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\rundll32.exe
C:\Acer\Empowering Technology\eDataSecurity\eDSLoader.exe
C:\Windows\System32\rundll32.exe
C:\Acer\Empowering Technology\eAudio\eAudio.exe
C:\Windows\system32\conime.exe
C:\Program Files\Acer Arcade Deluxe\Play Movie\PMVService.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\Softwin\BitDefender10\bdmcon.exe
C:\Program Files\Softwin\BitDefender10\bdagent.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\Program Files\Acer\Acer VCM\AcerVCM.exe
C:\Program Files\WIBUKEY\Server\WkSvMgr.exe
C:\Acer\Empowering Technology\ENET\ENMTRAY.EXE
C:\Acer\Empowering Technology\EPOWER\EPOWER_DMC.EXE
C:\Acer\Empowering Technology\ACER.EMPOWERING.FRAMEWORK.SUPERVISOR.EXE
C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXE
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Acer\Acer VCM\VC.exe
C:\Program Files\Acer\Acer VCM\acp2HID.exe
D:\Program Files\BitTorrent\bittorrent.exe
D:\Program Files\aMSN\bin\wish.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\trend micro\HijackThis\HijackThis.exe
C:\Windows\system32\DllHost.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://fr.rd.yahoo.com/customize/ycomp/defaults/su/*https://fr.yahoo.com/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\system32\eDStoolbar.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
O4 - HKLM\..\Run: [eAudio] "C:\Acer\Empowering Technology\eAudio\eAudio.exe"
O4 - HKLM\..\Run: [PLFSet] rundll32.exe C:\Windows\PLFSet.dll,PLFDefSetting
O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\QtZgAcer.EXE
O4 - HKLM\..\Run: [PlayMovie] "C:\Program Files\Acer Arcade Deluxe\Play Movie\PMVService.exe"
O4 - HKLM\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe
O4 - HKLM\..\Run: [WarReg_PopUp] C:\Acer\WR_PopUp\WarReg_PopUp.exe
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [IaNvSrv] C:\Program Files\Intel\Intel Matrix Storage Manager\OROM\IaNvSrv\IaNvSrv.exe
O4 - HKLM\..\Run: [BDMCon] C:\PROGRA~1\Softwin\BITDEF~1\bdmcon.exe
O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\Softwin\BitDefender10\bdagent.exe"
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\ipoint.exe"
O4 - HKLM\..\Run: [QuickTime Task] "D:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - Global Startup: Acer VCM.lnk = ?
O4 - Global Startup: Empowering Technology Launcher.lnk = ?
O4 - Global Startup: Serveur réseau.lnk = C:\Program Files\WIBUKEY\Server\WkSvMgr.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - http://download.divx.com/player/DivXBrowserPlugin.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O20 - AppInit_DLLs: eNetHook.dll
O23 - Service: ALaunch Service (ALaunchService) - Unknown owner - C:\Acer\ALaunch\ALaunchSvc.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdss.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: eDSService.exe (eDataSecurity Service) - HiTRSUT - C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
O23 - Service: eLock Service (eLockService) - Acer Inc. - C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
O23 - Service: eNet Service - Acer Inc. - C:\Acer\Empowering Technology\eNet\eNet Service.exe
O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
O23 - Service: eSettings Service (eSettingsService) - Unknown owner - C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - SOFTWIN S.R.L. - C:\Program Files\Common Files\Softwin\BitDefender Update Service\livesrv.exe
O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: PACSPTISVR - Unknown owner - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: SonicStage Back-End Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SsBeSvc.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - SOFTWIN S.R.L. - C:\Program Files\Softwin\BitDefender10\vsserv.exe
O23 - Service: ePower Service (WMIService) - acer - C:\Acer\Empowering Technology\ePower\ePowerSvc.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
O23 - Service: BitDefender Communicator (XCOMM) - SOFTWIN S.R.L - C:\Program Files\Common Files\Softwin\BitDefender Communicator\xcommsvr.exe
0
Réponse 99 / 122
sKe69 Messages postés 21955 Statut Contributeur sécurité 463
 
re, 

mais depuis que je ne fais + les mises à jour, aucun périphériques USB ne marchent. J'ai récemment acheté un disque dur externe pour stocker au cas ou, le PC ne le reconnait même pas, j'ai testé avec plusieurs autres clé usb, c'est pareils... Et 2 amis informaticiens m'ont dis que ça ne marcherai pas tant que le PC ne fera pas les mises à jour.


moi je dirai plus que tu es encore infecté ! ... ce fameux disque dure , tu le branches éléctriquemenent et au PC ! Même si l'ordi ne le reconnait pas et on va refaire un coup d'UsbFix :

Télécharge UsbFix ( de C_XX, Chimay8 & Chiquitine29 ) sur ton bureau :

> http://sd-1.archive-host.com/membres/up/127028005715545653/UsbFix.exe

! Déconnecte toi d'internet et ferme toutes applications en cours !

--> Double-clique sur l' .exe pour lancer l'installation de l'outil ( ne touche pas aux paramètres d'installe ) .

Impératif :
Branche toutes tes unités externes à ton PC (clé USB, DD externe, flash disk, lecteur MP3, etc...) succeptibles d'avoir été infectés, ainsi que les CD et DVD rom dont tu te sers éventuellement le plus souvent ( mais sans les ouvrir ! ) .

# Double clique sur le raccourci UsbFix présent sur ton bureau pour lancer l'outil.

# Choisis l' option 1 ( Recherche )

# Laisse travailler l'outil et ne touche à rien pendant le scan .

# Une fois terminé, poste le rapport UsbFix.txt qui apparaitra.

Le rapport est en outre sauvegardé à la racine du disque maitre ( C:\UsbFix.txt ).

( CTRL+A Pour tout selectionner , CTRL+C pour copier et CTRL+V pour coller )

Note :
"Process.exe", une composante de l'outil, est détecté par certains antivirus (AntiVir, Dr.Web, Kaspersky Anti-Virus) comme étant un RiskTool.
Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus.
Mis entre de mauvaises mains, cet utilitaire pourrait arrêter des logiciels de sécurité (Antivirus, Firewall...) d'où l'alerte émise par ces antivirus.

Site de l'auteur > http://pagesperso-orange.fr/NosTools/usbfix.html

0
Réponse 100 / 122
DARKGOTH-666
 
Euh sorry mais ce disque dur externe je ne l'ai pas avec moi, du coup je l'ai prété à un pote puisqu'il ne marchait pas sur mon PC ! =(
0
sKe69 Messages postés 21955 Statut Contributeur sécurité 463
 
très mauvaise idée !!!

cela dis , ton pote peut servir de Cobaye ... ;)))

une fois que tu le récupèrera , tu lui demandera comment va son PC lol !!!

Puis une fois récupérer , fait ce que je t'ai demandé > télécharge UsbFix à ce moment là et fais la manipe ...
Poste moi le rapport demandé ...


A très bientôt j'espère ... :)


0

Discussions similaires

Table des matières dont les titres n'apparaissent pas..
Synua -
ggg -

10 réponses
mise à jour boitier X96 mini
Brunoche -
Vico -

3 réponses
mise a jour firmware android
seb63260 -
Seb63260 -

2 réponses
Colis remis en livraison
Jo -
Merci -

7 réponses
Mise à jour impossible à terminer
jeannets -
Salv -

27 réponses