Sujet Précédent Sujet Suivant

Fenetres pop up "Advertisement"

anto2b Messages postés 137 Statut Membre -  
Destrio5 Messages postés 99820 Statut Modérateur -
Bonjour,

Depuis quelques jours, lorsque je navigues sur internet des fenetre intempestives nommées "Advertisment" s'affichent. J'aimerais savoir d'ou vient le problème et comment le résoudre.

Merci ...
A voir également:

14 réponses

Réponse 1 / 14
Destrio5 Messages postés 99820 Statut Modérateur 10 305
 
Bonjour,

--> Télécharge Random's System Information Tool (RSIT) (par random/random) sur ton Bureau.

--> Double-clique sur RSIT.exe afin de lancer le programme.
(Sous Vista, il faut cliquer droit sur RSIT.exe et choisir Exécuter en tant qu'administrateur)

--> Clique sur Continue à l'écran Disclaimer.

--> Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu, si demandé) et tu devras accepter la licence.

--> Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront. Poste le contenu de log.txt (c'est celui qui apparaît à l'écran) ainsi que de info.txt (que tu verras dans la barre des tâches).

Note : les rapports sont sauvegardés dans le dossier C:\rsit.
0
Réponse 2 / 14
anto2b Messages postés 137 Statut Membre 1
 
Voila le rapport :

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:34:19, on 11/06/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
c:\windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Search Settings\SearchSettings.exe
C:\Windows\hcwemMON.exe
C:\Program Files\BitDefender\BitDefender 2009\bdagent.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Nuance\PDF Professional 5\PdfPro5Hook.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\BitDefender\BitDefender 2009\seccenter.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Windows\System32\mobsync.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\conime.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\michel\AppData\Local\Temp\Fichiers Internet temporaires\Content.IE5\324HELLM\HiJackThis[1].exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://fr.rd.yahoo.com/customize/ycomp/defaults/sp/*https://fr.yahoo.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.fr.acer.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://fr.yahoo.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\Orange HSS\SearchURLHook\SearchPageURL.dll
O1 - Hosts: ::1 localhost
O2 - BHO: btorbit.com - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Program Files\Orbitdownloader\orbitcth.dll
O2 - BHO: HP Print Clips - {053F9267-DC04-4294-A72C-58F732D338C0} - C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SnapFlash Class - {A44CBB0B-C77D-4BF5-87CC-B4EE79AD1B7E} - (no file)
O2 - BHO: (no name) - {C90DBB52-46E0-4E65-92BC-799ADEE54C86} - C:\PROGRA~1\Flash2X\FLASHP~1\FLASHP~1.DLL
O2 - BHO: ZeonIEEventHelper Class - {DA986D7D-CCAF-47B2-84FE-BFA1549BEBF9} - C:\Program Files\Nuance\PDF Professional 5\bin\ZeonIEFavClient.dll
O2 - BHO: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\kb125\SearchSettings.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\system32\eDStoolbar.dll
O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2009\IEToolbar.dll
O3 - Toolbar: Grab Pro - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - (no file)
O3 - Toolbar: Nuance PDF - {E3286BF1-E654-42FF-B4A6-5E111731DF6B} - C:\Program Files\Nuance\PDF Professional 5\bin\ZeonIEFavClient.dll
O4 - HKLM\..\Run: [SearchSettings] C:\Program Files\Search Settings\SearchSettings.exe
O4 - HKLM\..\Run: [CAPON] C:\Windows\system32\Spool\Drivers\w32x86\3\CAPONN.EXE
O4 - HKLM\..\Run: [hcwemMON] hcwemMON.exe
O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\BitDefender\BitDefender 2009\bdagent.exe"
O4 - HKLM\..\Run: [BitDefender Antiphishing Helper] "C:\Program Files\BitDefender\BitDefender 2009\IEShow.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [PDFHook] C:\Program Files\Nuance\PDF Professional 5\pdfpro5hook.exe
O4 - HKLM\..\Run: [PDF5 Registry Controller] C:\Program Files\Nuance\PDF Professional 5\RegistryController.exe
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [Nuance PDF Professional 5-reminder] "C:\Program Files\Nuance\PDF Professional 5\Ereg\Ereg.exe" -r "C:\ProgramData\Nuance\PDF Professional 5\Ereg\Ereg.ini"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [ISUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -startup
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-21-509820457-581268201-2954497472-1003\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun (User '?')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: &Download by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/201
O8 - Extra context menu item: &Grab video by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/204
O8 - Extra context menu item: Ajouter au fichier PDF existant - res://C:\Program Files\Nuance\PDF Professional 5\bin\ZeonIEFavClient.dll/ZeonIEAppend.HTML
O8 - Extra context menu item: Ajouter le contenu des liens sélectionnés à un fichier PDF existant - res://C:\Program Files\Nuance\PDF Professional 5\bin\ZeonIEFavClient.dll/ZeonIEAppendSelLinks.HTML
O8 - Extra context menu item: Ajouter le contenu du lien à un fichier PDF existant - res://C:\Program Files\Nuance\PDF Professional 5\bin\ZeonIEFavClient.dll/ZeonIEAppend.HTML
O8 - Extra context menu item: Créer des fichiers PDF à partir des liens sélectionnés - res://C:\Program Files\Nuance\PDF Professional 5\bin\ZeonIEFavClient.dll/ZeonIECaptureSelLinks.HTML
O8 - Extra context menu item: Créer fichier PDF - res://C:\Program Files\Nuance\PDF Professional 5\bin\ZeonIEFavClient.dll/ZeonIECapture.HTML
O8 - Extra context menu item: Créer un fichier PDF depuis le contenu du lien - res://C:\Program Files\Nuance\PDF Professional 5\bin\ZeonIEFavClient.dll/ZeonIECapture.HTML
O8 - Extra context menu item: Do&wnload selected by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/203
O8 - Extra context menu item: Down&load all by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/202
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Ouvrir avec Nuance PDF Converter 5.0 - res://C:\Program Files\Nuance\PDF Professional 5\cnvres_fre.dll /100
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~2.0_0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~2.0_0\bin\ssv.dll
O9 - Extra button: Livre de reliures HP - {58ECB495-38F0-49cb-A538-10282ABF65E7} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: Sélection intelligente HP - {700259D7-1666-479a-93B1-3250410481E8} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - SolidConverterPDF - (no file) (HKCU)
O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
O13 - Gopher Prefix:
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://appldnld.apple.com/QuickTime/qtactivex/qtplugin.cab
O16 - DPF: {04CB5B64-5915-4629-B869-8945CEBADD21} (Module de délivrance de certificat MINEFI) - https://static.impots.gouv.fr/abos/static/securite/certdgi1.cab
O16 - DPF: {0972B098-DEE9-4279-AC7E-4BAAA029102D} (PhotoboxPhotowaysUploader5 Control) - http://assets.photobox.com/assets/aurigma/ImageUploader5.cab?20090519143751
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{114AC870-814C-4B42-AA14-7836B57A6205}: NameServer = 85.255.112.170,85.255.112.235
O17 - HKLM\System\CCS\Services\Tcpip\..\{13A319F0-6451-4A06-95EA-9F7D9B2530C1}: NameServer = 81.253.149.9 80.10.246.132
O17 - HKLM\System\CCS\Services\Tcpip\..\{CB150540-7459-451F-BE4E-392551A5C409}: NameServer = 85.255.112.170,85.255.112.235
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 85.255.112.170,85.255.112.235
O17 - HKLM\System\CS1\Services\Tcpip\..\{114AC870-814C-4B42-AA14-7836B57A6205}: NameServer = 85.255.112.170,85.255.112.235
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 85.255.112.170,85.255.112.235
O17 - HKLM\System\CS2\Services\Tcpip\..\{114AC870-814C-4B42-AA14-7836B57A6205}: NameServer = 85.255.112.170,85.255.112.235
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.112.170,85.255.112.235
O23 - Service: ePerformance Service (AcerMemUsageCheckService) - Unknown owner - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
O23 - Service: Apache2 - Unknown owner - C:\Program Files\OCS Inventory NG\xampp\apache\bin\apache.exe (file missing)
O23 - Service: BitDefender Arrakis Server (Arrakis3) - BitDefender S.R.L. https://www.bitdefender.fr/ - C:\Program Files\Common Files\BitDefender\BitDefender Arrakis Server\bin\Arrakis3.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: EPGService - Hauppauge Computer Works - C:\PROGRA~1\WinTV\EPG Services\System\EPGService.exe
O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
O23 - Service: Google Update Service (gupdate1c98afb1b1243c0) (gupdate1c98afb1b1243c0) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender SRL - C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe
O23 - Service: mysql - Unknown owner - C:\Program.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: PDFProFiltSrv - Nuance Communications, Inc. - C:\Program Files\Nuance\PDF Professional 5\PDFProFiltSrv.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: SpeedTouch 330 Manager (st330service) - THOMSON Telecom Belgium - C:\Program Files/Thomson/ST330/service/st330service.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: TomTomHOMEService - TomTom - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
O23 - Service: @%SystemRoot%\System32\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software - C:\Windows\System32\TuneUpDefragService.exe
O23 - Service: @%SystemRoot%\System32\TUProgSt.exe,-1 (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\Windows\System32\TUProgSt.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S. R. L. - C:\Program Files\BitDefender\BitDefender 2009\vsserv.exe
0
Réponse 3 / 14
Destrio5 Messages postés 99820 Statut Modérateur 10 305
 
--> Désinstalle SearchSettings.

--> Désactive l'UAC le temps de la désinfection.

/!\ Désactive tes protections résidentes (Antivirus, etc...) /!\

--> Télécharge ComboFix (de sUBs) sur ton Bureau.
--> Clique droit sur ComboFix.exe (le .exe n'est pas forcément visible) et choisis Exécuter en tant qu'administrateur afin de le lancer.
--> Lorsque la recherche sera terminée, un rapport apparaîtra. Poste ce rapport (C:\Combofix.txt) dans ta prochaine réponse.

Pour t'aider : Un guide et un tutoriel sur l'utilisation de ComboFix
0
Réponse 4 / 14
anto2b Messages postés 137 Statut Membre 1
 
Quand j'exécute ComboFix en tant qu'admin j'ai un message qui apparait :

Combofix.exe a cessé de fonctionner
Comment faisons nous ?
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 14
Destrio5 Messages postés 99820 Statut Modérateur 10 305
 
Renomme ComboFix en CCM et essaie de le lancer.
0
Réponse 6 / 14
anto2b Messages postés 137 Statut Membre 1
 
Il me dise de désactivé mes logiciels anti-espions : Bitdefender
Comment on fait ?
0
Réponse 7 / 14
Destrio5 Messages postés 99820 Statut Modérateur 10 305
 
Pour désactiver BitDefender : double-clique sur la boule rouge dans la barre des tâches, Paramètres, Antivirus, Protection résidente, décocher la case.
0
Réponse 8 / 14
anto2b
 
Le rapport de Combo Fix :

ComboFix 09-06-10.02 - michel 11/06/2009 15:04.1 - NTFSx86
Microsoft® Windows Vista™ Édition Familiale Premium 6.0.6001.1.1252.33.1036.18.2815.1865 [GMT 2:00]
Lancé depuis: c:\users\michel\Desktop\CCM.exe
AV: BitDefender Antivirus *On-access scanning disabled* (Updated) {6C4BB89C-B0ED-4F41-A29C-4373888923BB}
FW: BitDefender Firewall *enabled* {4055920F-2E99-48A8-A270-4243D2B8F242}
SP: AVG Anti-Spyware *enabled* (Updated) {48F2E28D-ED66-4646-9C11-B3055B0AF604}
SP: BitDefender Antispyware *enabled* (Updated) {8B2012EC-32D4-494F-BC03-832DB3BDF911}
SP: Windows Defender *disabled* (Outdated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\users\michel\AppData\Roaming\drivers\downld
c:\windows\hcwemMON.exe
c:\windows\system32\AutoRun.inf
c:\windows\Tasks\{5B57CF47-0BFA-43c6-ACF9-3B3653DCADBA}.job

.
((((((((((((((((((((((((((((( Fichiers créés du 2009-05-11 au 2009-06-11 ))))))))))))))))))))))))))))))))))))
.

2009-06-11 13:12 . 2009-06-11 13:12 -------- d-----w- c:\users\Essaie\AppData\Local\temp
2009-06-11 12:29 . 2009-06-11 12:29 -------- d-----w- c:\program files\trend micro
2009-06-11 12:29 . 2009-06-11 12:29 -------- d-----w- C:\rsit
2009-06-10 11:27 . 2009-06-10 11:27 -------- d-----w- c:\program files\Namo
2009-05-25 19:00 . 2009-05-25 19:00 -------- d-----w- c:\program files\TI Education
2009-05-25 18:59 . 2009-05-25 18:59 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2009-05-21 14:09 . 2009-05-21 14:09 -------- d-----w- c:\users\michel\AppData\Local\Apple Computer
2009-05-21 14:07 . 2009-05-21 14:08 -------- d-----w- c:\program files\QuickTime
2009-05-21 14:07 . 2009-05-21 14:07 -------- d-----w- c:\programdata\Apple Computer
2009-05-21 12:50 . 2009-05-21 12:50 -------- d-----w- c:\users\michel\AppData\Local\WinAVI
2009-05-21 12:43 . 2009-05-21 12:43 -------- d-----w- c:\program files\MIKSOFT
2009-05-21 05:50 . 2009-05-21 05:50 -------- d-----w- c:\users\michel\AppData\Local\Scansoft
2009-05-20 13:08 . 2009-05-20 13:08 -------- d-----w- c:\programdata\KONAMI
2009-05-20 12:52 . 2009-05-20 12:52 -------- d-----w- c:\program files\KONAMI

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-06-11 13:16 . 2008-12-10 18:04 158908 ----a-w- c:\windows\hpoins15.dat
2009-06-11 13:13 . 2007-09-28 17:51 -------- d-----w- c:\program files\WinTV
2009-06-11 13:12 . 2009-01-20 09:09 81984 ----a-w- c:\windows\system32\bdod.bin
2009-06-11 13:12 . 2009-01-16 14:33 -------- d--h--w- c:\users\michel\AppData\Roaming\drivers
2009-06-10 20:21 . 2008-11-29 13:50 -------- d-----w- c:\users\michel\AppData\Roaming\FileZilla
2009-06-10 19:42 . 2009-04-28 13:00 -------- d-----w- c:\program files\Jalbum
2009-06-10 13:54 . 2007-09-08 13:41 126208 ----a-w- c:\users\michel\AppData\Local\GDIPFONTCACHEV1.DAT
2009-06-10 11:27 . 2006-01-06 17:37 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-06-09 22:45 . 2007-12-26 17:50 -------- d-----w- c:\users\michel\AppData\Roaming\Azureus
2009-06-09 22:26 . 2008-12-07 13:23 -------- d-----w- c:\users\michel\AppData\Roaming\Shareaza
2009-06-09 22:23 . 2009-02-15 18:38 -------- d-----w- c:\program files\BitComet
2009-06-07 14:53 . 2008-01-09 18:11 -------- d-----w- c:\users\michel\AppData\Roaming\LimeWire
2009-06-06 16:58 . 2006-11-02 15:48 681474 ----a-w- c:\windows\system32\perfh00C.dat
2009-06-06 16:58 . 2006-11-02 15:48 128676 ----a-w- c:\windows\system32\perfc00C.dat
2009-06-05 16:18 . 2007-04-23 12:14 154742000 ----a-w- c:\windows\DUMP2efb.tmp
2009-05-28 17:58 . 2009-05-10 13:02 8 --sh--w- c:\users\michel\AppData\Roaming\.data001.dat
2009-05-28 17:58 . 2009-05-10 13:02 8 --sh--w- c:\users\michel\AppData\Roaming\.data000.dat
2009-05-28 17:58 . 2009-05-10 13:02 8 --sh--w- c:\users\michel\AppData\Roaming\.addit001.dat
2009-05-28 17:58 . 2009-05-10 13:02 8 --sh--w- c:\program files\.data211204.dat
2009-05-28 17:58 . 2009-05-10 13:02 8 --sh--w- c:\program files\.data211004.dat
2009-05-28 17:58 . 2009-05-10 13:02 8 --sh--w- c:\program files\.data110704.dat
2009-05-27 15:44 . 2009-05-10 13:01 -------- d-----w- c:\users\michel\AppData\Roaming\.Cabri3D-2.1
2009-05-25 19:00 . 2008-01-09 13:15 -------- d-----w- c:\program files\Common Files\TI Shared
2009-05-21 14:35 . 2009-05-21 14:35 -------- d-----w- c:\program files\AviSynth 2.5
2009-05-21 14:35 . 2009-05-21 14:35 -------- d-----w- c:\program files\eRightSoft
2009-05-20 17:55 . 2008-12-13 10:42 -------- d-----w- c:\programdata\Nuance
2009-05-20 17:54 . 2008-12-13 10:43 -------- d-----w- c:\program files\Common Files\ScanSoft Shared
2009-05-20 17:54 . 2008-12-13 10:42 -------- d-----w- c:\program files\Nuance
2009-05-19 17:23 . 2007-12-15 18:16 -------- d-----w- c:\program files\Google
2009-05-16 17:56 . 2007-11-01 17:11 -------- d-----w- c:\programdata\Microsoft Help
2009-05-16 17:54 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail
2009-05-11 20:28 . 2009-04-14 19:56 132 ----a-w- C:\httpdwl.dat
2009-05-11 18:10 . 2008-12-10 18:21 -------- d-----w- c:\programdata\HP Product Assistant
2009-05-11 18:10 . 2008-11-26 09:32 -------- d-----w- c:\program files\PhotoFiltre Studio
2009-05-10 13:02 . 2009-05-10 13:02 8 --sh--w- c:\users\michel\AppData\Roaming\.drv190904.dat
2009-05-10 13:02 . 2009-05-10 13:02 8 --sh--w- c:\users\michel\AppData\Roaming\.drv120205.dat
2009-05-10 13:02 . 2009-05-10 13:02 8 --sh--w- c:\users\michel\AppData\Roaming\.app190905.dat
2009-05-10 13:02 . 2009-05-10 13:02 8 --sh--w- c:\program files\.drv120405.dat
2009-05-10 13:02 . 2009-05-10 13:02 8 --sh--w- c:\program files\.dat000002.dat
2009-05-10 13:02 . 2009-05-10 13:02 8 --sh--w- c:\program files\.dat000001.dat
2009-05-10 13:01 . 2009-05-10 13:00 -------- d-----w- c:\program files\Cabri
2009-05-09 17:39 . 2009-05-09 17:38 -------- d-----w- c:\program files\Video Convert Master
2009-05-09 11:56 . 2009-05-09 11:56 -------- d-----w- c:\programdata\aHisoft
2009-05-03 13:56 . 2009-05-03 13:49 -------- d-----w- c:\users\michel\AppData\Roaming\Desktopicon
2009-05-03 13:48 . 2009-05-03 13:48 -------- d-----w- c:\program files\DsNET Corp
2009-05-03 13:40 . 2009-02-28 18:10 -------- d-----w- c:\program files\Free FLV Converter
2009-04-30 16:38 . 2007-12-18 13:16 -------- d-----w- c:\programdata\eMule
2009-04-28 14:59 . 2009-02-20 12:32 -------- d-----w- c:\users\michel\AppData\Roaming\DivX
2009-04-28 14:08 . 2009-04-28 12:59 -------- d-----w- c:\users\michel\AppData\Roaming\Jalbum AB
2009-04-24 12:00 . 2009-04-24 12:00 -------- d-----w- c:\program files\SourceTec
2009-04-23 21:55 . 2009-04-23 21:55 -------- d-----w- c:\program files\CoffeeCup Software
2009-04-23 21:04 . 2009-04-23 21:04 -------- d-----w- c:\users\michel\AppData\Roaming\GetRightToGo
2009-04-22 19:34 . 2009-04-22 19:34 -------- d-----w- c:\program files\Avanquest update
2009-04-22 19:34 . 2009-03-06 15:59 -------- d-----w- c:\programdata\BVRP Software
2009-04-22 10:38 . 2009-04-22 10:38 -------- d-----w- c:\program files\Avanquest
2009-04-21 19:04 . 2009-03-31 18:30 -------- d-----w- c:\program files\Orbitdownloader
2009-04-21 19:04 . 2009-01-22 14:03 -------- d-----w- c:\users\michel\AppData\Roaming\Orbit
2009-04-21 12:51 . 2009-02-28 18:10 294912 ----a-w- c:\windows\system32\TubeFinder.exe
2009-04-20 19:21 . 2008-12-22 18:08 -------- d-----w- c:\program files\LimeWire
2009-04-18 21:07 . 2008-12-07 13:41 -------- d-----w- c:\program files\Vuze
2009-04-18 19:29 . 2009-04-18 19:29 -------- d-----w- c:\program files\Common Files\MAGIX Shared
2009-04-18 18:11 . 2008-01-10 18:20 -------- d-----w- c:\program files\Nvu
2009-04-18 16:10 . 2009-04-18 16:07 -------- d-----w- c:\program files\MathType
2009-04-18 16:07 . 2009-04-18 16:07 -------- d-----w- c:\users\michel\AppData\Roaming\Design Science
2009-04-16 18:04 . 2009-04-16 18:04 -------- d-----w- c:\programdata\TomTom
2009-04-16 18:04 . 2009-04-16 18:04 -------- d-----w- c:\program files\TomTom International B.V
2009-04-16 18:04 . 2009-04-16 18:04 -------- d-----w- c:\program files\TomTom HOME 2
2009-04-16 17:29 . 2009-04-16 17:29 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdRapi_01_00_00.Wdf
2009-04-15 18:46 . 2009-04-15 18:46 815 ----a-w- C:\rtsr_eml_sr.dat
2009-04-15 18:46 . 2009-04-15 18:46 141 ----a-w- C:\dwl.dat
2009-04-15 18:18 . 2009-04-15 18:18 16 ----a-w- C:\asdict.dat
2009-04-15 16:19 . 2008-04-19 08:25 -------- d-----w- c:\program files\Common Files\Adobe
2009-04-13 12:43 . 2009-04-13 12:18 -------- d-----w- c:\program files\LMSOFT Web Creator Pro 4
2009-04-12 20:10 . 2008-12-13 20:08 -------- d-----w- c:\program files\Common Files\DVDVideoSoft
2009-04-12 20:09 . 2007-12-22 17:59 -------- d-----w- c:\programdata\Skyline
2009-04-12 19:47 . 2009-04-12 19:47 -------- d-----w- c:\program files\Intuisphere
2009-04-12 18:51 . 2008-11-14 20:04 -------- d-----w- c:\program files\OpenOffice.org 3
2009-04-12 16:46 . 2009-04-12 16:46 -------- d-----w- c:\program files\Maïdo Production
2009-04-10 18:19 . 2009-04-10 18:19 94 ----a-w- c:\users\Essaie\AppData\Local\fusioncache.dat
2009-04-06 17:53 . 2008-08-14 17:54 104328 ----a-w- c:\windows\system32\drivers\bdfndisf.sys
2009-03-24 16:07 . 2009-03-24 16:04 43520 ----a-w- c:\windows\system32\CmdLineExt03.dll
2009-03-19 13:09 . 2008-11-14 20:14 1 ----a-w- c:\users\michel\AppData\Roaming\OpenOffice.org\3\user\uno_packages\cache\stamp.sys
2009-03-18 19:11 . 2008-12-13 10:58 2594 ----a-w- c:\users\michel\AppData\Roaming\SAS7_000.DAT
2009-03-17 03:38 . 2009-04-15 11:55 13824 ----a-w- c:\windows\system32\apilogen.dll
2009-03-17 03:38 . 2009-04-15 11:55 24064 ----a-w- c:\windows\system32\amxread.dll
2009-03-15 07:38 . 2009-04-08 18:09 2435008 ----a-w- c:\users\michel\AppData\Roaming\Mozilla\Firefox\Profiles\7tdwmh0r.default\extensions\{bb628310-0ab7-11db-9cd8-0800200c9a66}\maconfsetup.exe
2009-03-15 07:37 . 2009-04-08 18:09 429224 ----a-w- c:\users\michel\AppData\Roaming\Mozilla\Firefox\Profiles\7tdwmh0r.default\extensions\{bb628310-0ab7-11db-9cd8-0800200c9a66}\plugins\nphardwaredetection.dll
2009-04-06 17:53 . 2009-04-17 21:01 49664 ----a-w- c:\program files\mozilla firefox\components\FFComm.dll
1973-03-18 10:51 . 1973-03-18 10:51 4263 --sh--w- c:\windows\windllreg1c.sys
2006-05-03 09:06 . 2009-05-21 14:35 163328 --sh--r- c:\windows\System32\flvDX.dll
2007-02-21 10:47 . 2009-05-21 14:35 31232 --sh--r- c:\windows\System32\msfDX.dll
2008-03-16 12:30 . 2009-05-21 14:35 216064 --sh--r- c:\windows\System32\nbDX.dll
.

((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-18 202240]
"ISUSPM Startup"="c:\program files\Common Files\InstallShield\UpdateService\ISUSPM.exe" [2005-08-11 249856]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CAPON"="c:\windows\system32\Spool\Drivers\w32x86\3\CAPONN.EXE" [2007-03-12 28288]
"BDAgent"="c:\program files\BitDefender\BitDefender 2009\bdagent.exe" [2009-04-16 778240]
"BitDefender Antiphishing Helper"="c:\program files\BitDefender\BitDefender 2009\IEShow.exe" [2009-04-06 69632]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-06-19 13535776]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2008-12-06 185872]
"PDFHook"="c:\program files\Nuance\PDF Professional 5\pdfpro5hook.exe" [2008-03-15 1626112]
"PDF5 Registry Controller"="c:\program files\Nuance\PDF Professional 5\RegistryController.exe" [2008-02-02 58656]
"SSBkgdUpdate"="c:\program files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2007-03-26 210472]
"Nuance PDF Professional 5-reminder"="c:\program files\Nuance\PDF Professional 5\Ereg\Ereg.exe" [2007-08-31 328992]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-01-05 413696]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2007-3-11 210520]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk /p \??\l:\[u]0/uautocheck autochk *\[u]0/uaswBoot.exe /A:* /L:French /KBD:2

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"UacDisableNotify"=dword:00000001
"InternetSettingsDisableNotify"=dword:00000001
"AutoUpdateDisableNotify"=dword:00000001
"SerialNumber"="A109A-K13-3ZXD-BAP5-TE"

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-509820457-581268201-2954497472-1000]
"EnableNotificationsRef"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\DomainProfile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\DomainProfile\AuthorizedApplications\List]
"c:\\Program Files\\FlashFXP\\FlashFXP.exe"= c:\program files\FlashFXP\FlashFXP.exe:*:Enabled:FlashFXP v3

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{CBA664D7-7845-4748-A78F-A801EA076BBF}"= UDP:c:\program files\Acer Zone\Acer Zone Main Page\MCE Deluxe Suite.exe:CyberLink MCE Deluxe Suite
"{88ECF735-BA95-4C4C-B1DD-F8A0505D0210}"= TCP:c:\program files\Acer Zone\Acer Zone Main Page\MCE Deluxe Suite.exe:CyberLink MCE Deluxe Suite
"{BDE6C266-D4E0-412E-8BDC-137FDAFD962D}"= UDP:c:\program files\Acer Zone\Acer Picture Slide DVD\Component\CLSLDVD.exe:Cyberlink Picture Slide DVD workprocess
"{95A589C8-AC04-4F93-BBA6-CFE965C0573A}"= TCP:c:\program files\Acer Zone\Acer Picture Slide DVD\Component\CLSLDVD.exe:Cyberlink Picture Slide DVD workprocess
"{9357837E-EEB8-4804-AEE7-FBB2A61280F4}"= UDP:c:\program files\Acer Zone\Acer Plug and Record\Component\ARAWP.exe:Cyberlink Plug and Record ARA workprocess
"{6539D799-7174-4EA6-AFEC-7E368AF33207}"= TCP:c:\program files\Acer Zone\Acer Plug and Record\Component\ARAWP.exe:Cyberlink Plug and Record ARA workprocess
"{3644AAC3-5A91-49CD-AFF0-3574437F4077}"= UDP:c:\program files\Acer Zone\Acer Plug and Record\Component\DVAX2Process.exe:Cyberlink Plug and Record AVAX workprocess
"{BDD9BF01-7BE7-4893-B26C-DBF76962231A}"= TCP:c:\program files\Acer Zone\Acer Plug and Record\Component\DVAX2Process.exe:Cyberlink Plug and Record AVAX workprocess
"{D107C740-DFB4-4E00-9C4E-0465AC8388A5}"= UDP:c:\program files\Acer Zone\Acer Zone SoftDMA\SoftDMA.exe:CyberLink SoftDMA
"{E2EC3638-EB6F-463F-AD0E-8C6100D6E4DD}"= TCP:c:\program files\Acer Zone\Acer Zone SoftDMA\SoftDMA.exe:CyberLink SoftDMA
"{4969DCCB-B744-4BE3-A56A-8069DA91D2F1}"= UDP:c:\program files\Thomson\ST330\service\st330service.exe:ST330 service
"{188E67B1-A18F-48F4-98CB-EFAFED47E944}"= TCP:c:\program files\Thomson\ST330\service\st330service.exe:ST330 service
"{2BADA940-AF1C-464B-B492-D0995199806C}"= TCP:6004|c:\program files\Microsoft Office\Office12\outlook.exe:Microsoft Office Outlook
"{B2D8C084-B705-4AA5-9E39-0BF950350C7D}"= UDP:48113:LocalSubnet:LocalSubnet:maconfig_tcp
"{FDF1E68E-73A1-43A5-8A83-49F225642EF9}"= TCP:48113:LocalSubnet:LocalSubnet:maconfig_udp
"{231389E0-290B-4F08-9390-9044C37FD438}"= UDP:22619:BitComet 22619 TCP
"{990E45DA-726F-473A-B57C-4E1661396F03}"= TCP:22619:BitComet 22619 UDP
"{3D4B2F05-57AF-42D7-97B8-778AFC100DF7}"= UDP:c:\program files\BitTorrent\bittorrent.exe:BitTorrent (TCP-In)
"{A9143751-101A-43EF-8BBA-DDD9ADCCE3B1}"= TCP:c:\program files\BitTorrent\bittorrent.exe:BitTorrent (UDP-In)
"{D673A4C5-84A3-44A6-A77F-30980DF0400C}"= UDP:990:LocalSubnet:LocalSubnet|IF={446DD85A-4022-4C22-84A5-1ECB24109528}|%SystemRoot%\system32\svchost.exe|Svc=rapimgr:@%systemroot%\WindowsMobile\wmdSync.exe,-4001
"{56AE514B-ECB9-46FE-B008-22465C8F303C}"= UDP:c:\program files\KONAMI\Pro Evolution Soccer 2009\pes2009.exe:Pro Evolution Soccer 2009
"{1453997E-BCA0-410D-8E5C-DE65B4E9F0C9}"= TCP:c:\program files\KONAMI\Pro Evolution Soccer 2009\pes2009.exe:Pro Evolution Soccer 2009
"{E4B7C574-A1A4-4895-AF13-F3C7C35EA0C2}"= UDP:c:\program files\BitComet\BitComet.exe:BitComet.exe
"{93A159D2-1BB6-4561-BEA7-4FEAE63AA203}"= TCP:c:\program files\BitComet\BitComet.exe:BitComet.exe

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\PublicProfile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile\AuthorizedApplications\List]
"c:\\Program Files\\WINSOS\\winsos.exe"= c:\program files\WINSOS\winsos.exe:*:Enabled:Winsos
"c:\\Program Files\\WINSOS\\anti-spy.exe"= c:\program files\WINSOS\anti-spy.exe:*:Enabled:anti-spy Winsos
"c:\\Program Files\\WINSOS\\help.exe"= c:\program files\WINSOS\help.exe:*:Enabled:Winsos Help
"c:\\Program Files\\FlashFXP\\FlashFXP.exe"= c:\program files\FlashFXP\FlashFXP.exe:*:Enabled:FlashFXP v3
"c:\\Program Files\\Orange HSS\\Connectivity\\ConnectivityManager.exe"= c:\program files\Orange HSS\Connectivity\ConnectivityManager.exe:*:enabled:CSS
"c:\\Program Files\\BitTorrent\\bittorrent.exe"= c:\program files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent
"c:\\Program Files\\Orbitdownloader\\orbitdm.exe"= c:\program files\Orbitdownloader\orbitdm.exe:*:Enabled:Orbit
"c:\\Program Files\\Orbitdownloader\\orbitnet.exe"= c:\program files\Orbitdownloader\orbitnet.exe:*:Enabled:Orbit

R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;c:\windows\System32\drivers\klim6.sys [16/10/2007 12:05 20496]
R2 BDVEDISK;BDVEDISK;c:\program files\BitDefender\BitDefender 2009\BDVEDISK.sys [02/07/2008 14:07 82696]
R2 EPGService;EPGService;c:\progra~1\WinTV\EPG Services\System\EPGService.exe [28/09/2007 19:52 361984]
R2 PDFProFiltSrv;PDFProFiltSrv;c:\program files\Nuance\PDF Professional 5\PDFProFiltSrv.exe [02/02/2008 02:20 144672]
R2 RapidPort;RapidPort;c:\windows\System32\drivers\CAPLPTN.SYS [26/01/2008 16:39 22912]
R2 TomTomHOMEService;TomTomHOMEService;c:\program files\TomTom HOME 2\TomTomHOMEService.exe [08/04/2009 12:38 92008]
R2 TuneUp.ProgramStatisticsSvc;TuneUp Program Statistics Service;c:\windows\System32\TUProgSt.exe [23/12/2008 16:46 603904]
R3 bdfm;BDFM;c:\windows\System32\drivers\bdfm.sys [12/08/2008 19:40 111112]
R3 Bdfndisf;BitDefender Firewall NDIS Filter Service;c:\windows\System32\drivers\bdfndisf.sys [14/08/2008 19:54 104328]
R3 ST330;ST330;c:\windows\System32\drivers\st330.sys [13/12/2007 20:37 30464]
R3 STBUS;STBUS;c:\windows\System32\drivers\stbus.sys [13/12/2007 20:37 12672]
R3 STETH;SpeedTouch Ethernet Adapter NT Driver;c:\windows\System32\drivers\steth.sys [13/12/2007 20:37 40320]
S2 gupdate1c98afb1b1243c0;Google Update Service (gupdate1c98afb1b1243c0);c:\program files\Google\Update\GoogleUpdate.exe [09/02/2009 23:12 133104]
S3 Arrakis3;BitDefender Arrakis Server;c:\program files\Common Files\BitDefender\BitDefender Arrakis Server\bin\Arrakis3.exe [17/07/2008 14:06 118784]
S3 k600mdfl;Sony Ericsson 600i USB WMC Modem Filter;c:\windows\System32\drivers\k600mdfl.sys [11/05/2005 13:12 6096]
S3 k600mdm;Sony Ericsson 600i USB WMC Modem Drivers;c:\windows\System32\drivers\k600mdm.sys [11/05/2005 13:12 87456]
S3 PCAMp50;PCAMp50 NDIS Protocol Driver;c:\windows\System32\drivers\PCAMp50.sys [13/12/2007 20:46 28224]
S3 Ph6xIB32;Philips 716x PCIe TV Card;c:\windows\System32\drivers\Ph6xIB32.sys [02/11/2006 12:32 1031296]
S3 s115bus;Sony Ericsson Device 115 driver (WDM);c:\windows\System32\drivers\s115bus.sys [09/09/2007 15:14 83208]
S3 s115mdfl;Sony Ericsson Device 115 USB WMC Modem Filter;c:\windows\System32\drivers\s115mdfl.sys [09/09/2007 15:14 15112]
S3 s115mdm;Sony Ericsson Device 115 USB WMC Modem Driver;c:\windows\System32\drivers\s115mdm.sys [09/09/2007 15:14 108680]
S3 s115mgmt;Sony Ericsson Device 115 USB WMC Device Management Drivers (WDM);c:\windows\System32\drivers\s115mgmt.sys [09/09/2007 15:15 100488]
S3 s115obex;Sony Ericsson Device 115 USB WMC OBEX Interface;c:\windows\System32\drivers\s115obex.sys [09/09/2007 15:15 98568]
S4 Pervasive.SQL Workgroup;EBP - Pervasive.SQL Workgroup;c:\pvsw\Bin\WGE_SRV.EXE [07/12/2006 17:08 32768]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
bdx REG_MULTI_SZ scan
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
WindowsMobile REG_MULTI_SZ wcescomm rapimgr
LocalServiceRestricted REG_MULTI_SZ WcesComm RapiMgr

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
"c:\windows\System32\rundll32.exe" "c:\windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{B2C3BB6B-E005-4246-B8E5-DF0A4D073CDC}]
c:\program files\PixiePack Codec Pack\InstallerHelper.exe
.
Contenu du dossier 'Tâches planifiées'

2009-06-11 c:\windows\Tasks\GoogleUpdateTaskMachine.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-02-09 21:12]

2009-06-10 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-509820457-581268201-2954497472-1000.job
- c:\users\michel\AppData\Local\Google\Update\GoogleUpdate.exe [2009-04-25 10:19]

2009-06-11 c:\windows\Tasks\Maintenance en 1 clic.job
- c:\program files\TuneUp Utilities 2009\OneClickStarter.exe [2008-12-12 14:04]
.
- - - - ORPHELINS SUPPRIMES - - - -

HKLM-Run-hcwemMON - hcwemMON.exe

.
------- Examen supplémentaire -------
.
uStart Page = hxxp://www.google.fr/
uSearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
uDefault_Search_URL = hxxp://www.google.com/ie
mStart Page = hxxp://fr.fr.acer.yahoo.com
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: &Download by Orbit - c:\program files\Orbitdownloader\orbitmxt.dll/201
IE: &Grab video by Orbit - c:\program files\Orbitdownloader\orbitmxt.dll/204
IE: Ajouter au fichier PDF existant - c:\program files\Nuance\PDF Professional 5\bin\ZeonIEFavClient.dll/ZeonIEAppend.HTML
IE: Ajouter le contenu des liens sélectionnés à un fichier PDF existant - c:\program files\Nuance\PDF Professional 5\bin\ZeonIEFavClient.dll/ZeonIEAppendSelLinks.HTML
IE: Ajouter le contenu du lien à un fichier PDF existant - c:\program files\Nuance\PDF Professional 5\bin\ZeonIEFavClient.dll/ZeonIEAppend.HTML
IE: Créer des fichiers PDF à partir des liens sélectionnés - c:\program files\Nuance\PDF Professional 5\bin\ZeonIEFavClient.dll/ZeonIECaptureSelLinks.HTML
IE: Créer fichier PDF - c:\program files\Nuance\PDF Professional 5\bin\ZeonIEFavClient.dll/ZeonIECapture.HTML
IE: Créer un fichier PDF depuis le contenu du lien - c:\program files\Nuance\PDF Professional 5\bin\ZeonIEFavClient.dll/ZeonIECapture.HTML
IE: Do&wnload selected by Orbit - c:\program files\Orbitdownloader\orbitmxt.dll/203
IE: Down&load all by Orbit - c:\program files\Orbitdownloader\orbitmxt.dll/202
IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Ouvrir avec Nuance PDF Converter 5.0 - c:\program files\Nuance\PDF Professional 5\cnvres_fre.dll /100
Trusted Zone: localhost
TCP: {13A319F0-6451-4A06-95EA-9F7D9B2530C1} = 80.10.246.130 81.253.149.10
DPF: Microsoft XML Parser for Java - file:///C:/Windows/Java/classes/xmldso.cab
DPF: {04CB5B64-5915-4629-B869-8945CEBADD21} - hxxps://static.impots.gouv.fr/abos/static/securite/certdgi1.cab
DPF: {0972B098-DEE9-4279-AC7E-4BAAA029102D} - hxxp://assets.photobox.com/assets/aurigma/ImageUploader5.cab?20090519143751
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-06-11 15:14
Windows 6.0.6001 Service Pack 1 NTFS

Recherche de processus cachés ...

Recherche d'éléments en démarrage automatique cachés ...

Recherche de fichiers cachés ...

c:\windows\system32\drivers\MSIVXpqmkenvwjpoewyoipvbylrfqxnvuoiqf.sys 80384 bytes executable
c:\windows\system32\MSIVXcount 4 bytes
c:\windows\system32\MSIVXjwrgbsycoqhqipcrxbvqtxcysdtwfppm.dll 26624 bytes executable
c:\windows\system32\MSIVXurktjnnpyegkmpkijvwbyvfrpkwljcbo.dll 52224 bytes executable

Scan terminé avec succès
Fichiers cachés: 4

**************************************************************************

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\MSIVXserv.sys]
"imagepath"="\systemroot\system32\drivers\MSIVXpqmkenvwjpoewyoipvbylrfqxnvuoiqf.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\mysql]
"ImagePath"="\"c:\program files\OCS Inventory NG\xampp\mysql\bin\mysqld-nt\" \"--defaults-file=c:\program files\OCS Inventory NG\xampp\mysql\bin\my.cnf\" mysql"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\st330service]
"ImagePath"="C:\Program Files/Thomson/ST330/service/st330service.exe -service"
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------

[HKEY_USERS\S-1-5-21-509820457-581268201-2954497472-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.032\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.032"

[HKEY_USERS\S-1-5-21-509820457-581268201-2954497472-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.abr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.abr"

[HKEY_USERS\S-1-5-21-509820457-581268201-2954497472-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ani\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.ani"

[HKEY_USERS\S-1-5-21-509820457-581268201-2954497472-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.arw\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-509820457-581268201-2954497472-1000)
"Progid"="ACDSee Photo Manager 2009.arw"

[HKEY_USERS\S-1-5-21-509820457-581268201-2954497472-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bay\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.bay"

[HKEY_USERS\S-1-5-21-509820457-581268201-2954497472-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bmp\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-509820457-581268201-2954497472-1000)
"Progid"="ACDSee Photo Manager 2009.bmp"

[HKEY_USERS\S-1-5-21-509820457-581268201-2954497472-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.bw"

[HKEY_USERS\S-1-5-21-509820457-581268201-2954497472-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cr2\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-509820457-581268201-2954497472-1000)
"Progid"="ACDSee Photo Manager 2009.cr2"

[HKEY_USERS\S-1-5-21-509820457-581268201-2954497472-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.crw\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-509820457-581268201-2954497472-1000)
"Progid"="ACDSee Photo Manager 2009.crw"

[HKEY_USERS\S-1-5-21-509820457-581268201-2954497472-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cs1\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.cs1"

[HKEY_USERS\S-1-5-21-509820457-581268201-2954497472-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cur\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.cur"

[HKEY_USERS\S-1-5-21-509820457-581268201-2954497472-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dcr\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-509820457-581268201-2954497472-1000)
"Progid"="ACDSee Photo Manager 2009.dcr"

[HKEY_USERS\S-1-5-21-509820457-581268201-2954497472-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dcx\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.dcx"

[HKEY_USERS\S-1-5-21-509820457-581268201-2954497472-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dib\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.dib"

[HKEY_USERS\S-1-5-21-509820457-581268201-2954497472-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.djv\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.djv"

[HKEY_USERS\S-1-5-21-509820457-581268201-2954497472-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.djvu\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.djvu"

[HKEY_USERS\S-1-5-21-509820457-581268201-2954497472-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dng\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-509820457-581268201-2954497472-1000)
"Progid"="ACDSee Photo Manager 2009.dng"

[HKEY_USERS\S-1-5-21-509820457-581268201-2954497472-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.emf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.emf"

[HKEY_USERS\S-1-5-21-509820457-581268201-2954497472-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eps\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.eps"

[HKEY_USERS\S-1-5-21-509820457-581268201-2954497472-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.erf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.erf"

[HKEY_USERS\S-1-5-21-509820457-581268201-2954497472-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.fff\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.fff"

[HKEY_USERS\S-1-5-21-509820457-581268201-2954497472-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.fpx\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.fpx"

[HKEY_USERS\S-1-5-21-509820457-581268201-2954497472-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.gif\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-509820457-581268201-2954497472-1000)
"Progid"="ACDSee Photo Manager 2009.gif"

[HKEY_USERS\S-1-5-21-509820457-581268201-2954497472-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.hdr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.hdr"

[HKEY_USERS\S-1-5-21-509820457-581268201-2954497472-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.icl\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.icl"

[HKEY_USERS\S-1-5-21-509820457-581268201-2954497472-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.icn\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.icn"

[HKEY_USERS\S-1-5-21-509820457-581268201-2954497472-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.iff\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.iff"

[HKEY_USERS\S-1-5-21-509820457-581268201-2954497472-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ilbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.ilbm"

[HKEY_USERS\S-1-5-21-509820457-581268201-2954497472-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.int\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.int"

[HKEY_USERS\S-1-5-21-509820457-581268201-2954497472-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.inta\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.inta"

[HKEY_USERS\S-1-5-21-509820457-581268201-2954497472-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.iw4\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.iw4"

[HKEY_USERS\S-1-5-21-509820457-581268201-2954497472-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.j2c\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.j2c"

[HKEY_USERS\S-1-5-21-509820457-581268201-2954497472-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.j2k\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.j2k"

[HKEY_USERS\S-1-5-21-509820457-581268201-2954497472-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jbr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.jbr"

[HKEY_USERS\S-1-5-21-509820457-581268201-2954497472-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jfif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.jfif"

[HKEY_USERS\S-1-5-21-509820457-581268201-2954497472-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.jif"

[HKEY_USERS\S-1-5-21-509820457-581268201-2954497472-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jp2\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.jp2"

[HKEY_USERS\S-1-5-21-509820457-581268201-2954497472-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpc\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.jpc"

[HKEY_USERS\S-1-5-21-509820457-581268201-2954497472-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpe\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-509820457-581268201-2954497472-1000)
"Progid"="ACDSee Photo Manager 2009.jpe"

[HKEY_USERS\S-1-5-21-509820457-581268201-2954497472-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpeg\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-509820457-581268201-2954497472-1000)
"Progid"="ACDSee Photo Manager 2009.jpeg"

[HKEY_USERS\S-1-5-21-509820457-581268201-2954497472-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpg\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-509820457-581268201-2954497472-1000)
"Progid"="ACDSee Photo Manager 2009.jpg"

[HKEY_USERS\S-1-5-21-509820457-581268201-2954497472-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpk\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.jpk"

[HKEY_USERS\S-1-5-21-509820457-581268201-2954497472-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpx\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.jpx"

[HKEY_USERS\S-1-5-21-509820457-581268201-2954497472-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.kdc\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-509820457-581268201-2954497472-1000)
"Progid"="ACDSee Photo Manager 2009.kdc"

[HKEY_USERS\S-1-5-21-509820457-581268201-2954497472-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.lbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.lbm"

[HKEY_USERS\S-1-5-21-509820457-581268201-2954497472-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mef\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.mef"

[HKEY_USERS\S-1-5-21-509820457-581268201-2954497472-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mos\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.mos"

[HKEY_USERS\S-1-5-21-509820457-581268201-2954497472-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mrw\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-509820457-581268201-2954497472-1000)
"Progid"="ACDSee Photo Manager 2009.mrw"

[HKEY_USERS\S-1-5-21-509820457-581268201-2954497472-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.nef\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-509820457-581268201-2954497472-1000)
"Progid"="ACDSee Photo Manager 2009.nef"

[HKEY_USERS\S-1-5-21-509820457-581268201-2954497472-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.orf\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-509820457-581268201-2954497472-1000)
"Progid"="ACDSee Photo Manager 2009.orf"

[HKEY_USERS\S-1-5-21-509820457-581268201-2954497472-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.pbm"

[HKEY_USERS\S-1-5-21-509820457-581268201-2954497472-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pbr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.pbr"

[HKEY_USERS\S-1-5-21-509820457-581268201-2954497472-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pcd\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.pcd"

[HKEY_USERS\S-1-5-21-509820457-581268201-2954497472-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pct\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.pct"

[HKEY_USERS\S-1-5-21-509820457-581268201-2954497472-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pcx\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.pcx"

[HKEY_USERS\S-1-5-21-509820457-581268201-2954497472-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pef\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-509820457-581268201-2954497472-1000)
"Progid"="ACDSee Photo Manager 2009.pef"

[HKEY_USERS\S-1-5-21-509820457-581268201-2954497472-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pgm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.pgm"

[HKEY_USERS\S-1-5-21-509820457-581268201-2954497472-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pic\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.pic"

[HKEY_USERS\S-1-5-21-509820457-581268201-2954497472-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pict\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.pict"

[HKEY_USERS\S-1-5-21-509820457-581268201-2954497472-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pix\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.pix"

[HKEY_USERS\S-1-5-21-509820457-581268201-2954497472-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.png\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-509820457-581268201-2954497472-1000)
"Progid"="ACDSee Photo Manager 2009.png"

[HKEY_USERS\S-1-5-21-509820457-581268201-2954497472-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ppm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.ppm"

[HKEY_USERS\S-1-5-21-509820457-581268201-2954497472-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.psd\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.psd"

[HKEY_USERS\S-1-5-21-509820457-581268201-2954497472-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.psp\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.psp"

[HKEY_USERS\S-1-5-21-509820457-581268201-2954497472-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pspbrush\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.pspbrush"

[HKEY_USERS\S-1-5-21-509820457-581268201-2954497472-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pspimage\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.pspimage"

[HKEY_USERS\S-1-5-21-509820457-581268201-2954497472-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.raf\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-509820457-581268201-2954497472-1000)
"Progid"="ACDSee Photo Manager 2009.raf"

[HKEY_USERS\S-1-5-21-509820457-581268201-2954497472-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ras\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.ras"

[HKEY_USERS\S-1-5-21-509820457-581268201-2954497472-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.raw\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-509820457-581268201-2954497472-1000)
"Progid"="ACDSee Photo Manager 2009.raw"

[HKEY_USERS\S-1-5-21-509820457-581268201-2954497472-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rgb\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.rgb"

[HKEY_USERS\S-1-5-21-509820457-581268201-2954497472-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rgba\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.rgba"

[HKEY_USERS\S-1-5-21-509820457-581268201-2954497472-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rle\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.rle"

[HKEY_USERS\S-1-5-21-509820457-581268201-2954497472-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rsb\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.rsb"

[HKEY_USERS\S-1-5-21-509820457-581268201-2954497472-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sgi\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.sgi"

[HKEY_USERS\S-1-5-21-509820457-581268201-2954497472-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sr2\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-509820457-581268201-2954497472-1000)
"Progid"="ACDSee Photo Manager 2009.sr2"

[HKEY_USERS\S-1-5-21-509820457-581268201-2954497472-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.srf\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-509820457-581268201-2954497472-1000)
"Progid"="ACDSee Photo Manager 2009.srf"

[HKEY_USERS\S-1-5-21-509820457-581268201-2954497472-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tga\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-509820457-581268201-2954497472-1000)
"Progid"="ACDSee Photo Manager 2009.tga"

[HKEY_USERS\S-1-5-21-509820457-581268201-2954497472-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.thm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.thm"

[HKEY_USERS\S-1-5-21-509820457-581268201-2954497472-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tif\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-509820457-581268201-2954497472-1000)
"Progid"="ACDSee Photo Manager 2009.tif"

[HKEY_USERS\S-1-5-21-509820457-581268201-2954497472-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tiff\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-509820457-581268201-2954497472-1000)
"Progid"="ACDSee Photo Manager 2009.tiff"

[HKEY_USERS\S-1-5-21-509820457-581268201-2954497472-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ttc\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.ttc"

[HKEY_USERS\S-1-5-21-509820457-581268201-2954497472-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ttf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.ttf"

[HKEY_USERS\S-1-5-21-509820457-581268201-2954497472-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.v11o\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.v11o"

[HKEY_USERS\S-1-5-21-509820457-581268201-2954497472-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.v11p\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.v11p"

[HKEY_USERS\S-1-5-21-509820457-581268201-2954497472-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.v11pf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.v11pf"

[HKEY_USERS\S-1-5-21-509820457-581268201-2954497472-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.wbm"

[HKEY_USERS\S-1-5-21-509820457-581268201-2954497472-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wbmp\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.wbmp"

[HKEY_USERS\S-1-5-21-509820457-581268201-2954497472-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wmf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.wmf"

[HKEY_USERS\S-1-5-21-509820457-581268201-2954497472-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.xbm"

[HKEY_USERS\S-1-5-21-509820457-581268201-2954497472-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.xif"

[HKEY_USERS\S-1-5-21-509820457-581268201-2954497472-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xmp\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.xmp"

[HKEY_USERS\S-1-5-21-509820457-581268201-2954497472-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xpm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.xpm"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\[u]0/u000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\[u]0/u001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\[u]0/u002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\[u]0/u003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
------------------------ Autres processus actifs ------------------------
.
c:\windows\System32\nvvsvc.exe
c:\program files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe
c:\program files\BitDefender\BitDefender 2009\vsserv.exe
c:\windows\System32\audiodg.exe
c:\program files\Thomson\ST330\service\st330service.exe
c:\windows\System32\rundll32.exe
c:\acer\Empowering Technology\ePerformance\MemCheck.exe
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\program files\CyberLink\Shared Files\RichVideo.exe
c:\windows\System32\CAPRPCSK.EXE
c:\acer\Empowering Technology\eRecovery\eRecoveryService.exe
c:\windows\System32\spool\drivers\w32x86\3\CAPPSWK.EXE
c:\windows\System32\WUDFHost.exe
c:\windows\System32\CF10004.exe
c:\windows\System32\conime.exe
c:\windows\System32\msiexec.exe
c:\windows\servicing\TrustedInstaller.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\program files\BitDefender\BitDefender 2009\seccenter.exe
c:\program files\HP\Digital Imaging\bin\hpqste08.exe
c:\program files\HP\Digital Imaging\{B09BCBF6-87EE-4403-A336-3A9510856535}\hpzstub.exe
c:\program files\HP\Digital Imaging\{B09BCBF6-87EE-4403-A336-3A9510856535}\hpzsetup.exe
c:\program files\HP\Digital Imaging\{B09BCBF6-87EE-4403-A336-3A9510856535}\setup\hpzpsl01.exe
c:\program files\HP\Digital Imaging\{B09BCBF6-87EE-4403-A336-3A9510856535}\setup\hpzcdl01.exe
c:\windows\System32\taskmgr.exe
.
**************************************************************************
.
Heure de fin: 2009-06-11 15:23 - La machine a redémarré
ComboFix-quarantined-files.txt 2009-06-11 13:22

Avant-CF: 28 292 800 512 octets libres
Après-CF: 28 473 405 440 octets libres

658 --- E O F --- 2009-05-27 14:54
0
Réponse 9 / 14
anto2b
 
dérouler la fleche du message pour voir tout le rapport
Que dois je faiure ensuite
0
Réponse 10 / 14
Destrio5 Messages postés 99820 Statut Modérateur 10 305
 
---> Télécharge Malwarebytes' Anti-Malware (MBAM) sur ton Bureau.
---> Double-clique sur le fichier téléchargé pour lancer le processus d'installation.
---> Dans l'onglet Mise à jour, clique sur le bouton Recherche de mise à jour : si le pare-feu demande l'autorisation à MBAM de se connecter à Internet, accepte.
---> Une fois la mise à jour terminée, rends-toi dans l'onglet Recherche.
---> Sélectionne Exécuter un examen rapide.
---> Clique sur Rechercher. L'analyse démarre.

A la fin de l'analyse, un message s'affiche :

L'examen s'est terminé normalement. Cliquez sur 'Afficher les résultats' pour afficher tous les objets trouvés.

---> Clique sur OK pour poursuivre. Si MBAM n'a rien trouvé, il te le dira aussi.
---> Ferme tes navigateurs.
Si des malwares ont été détectés, clique sur Afficher les résultats.
---> Sélectionne tout (ou laisse coché) et clique sur Supprimer la sélection, MBAM va détruire les fichiers et clés de registre infectés et en mettre une copie dans la quarantaine.
---> MBAM va ouvrir le Bloc-notes et y copier le rapport d'analyse. Copie-colle ce rapport dans ta prochaine réponse.
0
Réponse 11 / 14
anto2b
 
Le logiciel ne marche pas
En auriez vous un autre à me proposer
0
Réponse 12 / 14
Destrio5 Messages postés 99820 Statut Modérateur 10 305
 
Merci d'être plus précis.
0
Réponse 13 / 14
anto2b
 
MAintenant, j'ai également la connection internet qui se deconnecte toutes les 5 minutes . Pourtant avec BitDefender aucun virus détecté.

Que puis je faire ?
0
Réponse 14 / 14
Destrio5 Messages postés 99820 Statut Modérateur 10 305
 
"Le logiciel ne marche pas"
---> C'est-à-dire ?
0

Discussions similaires

Comment désactiver le mode sécurisé de la Freebox POP.
Cycy -
bazfile -

18 réponses
Comment lire un DVD avec un pop-up mobile external DVD-RW
Anna -
Anna -

2 réponses
Freebox pop
Kuza -
CCMBot -

1 réponse
Notifications pop UP sous Android 14
Mich -
Panth33ra -

5 réponses
Freebox Pop Démarrer télé avec une seule télécommande
JOHN6733 -
JOHN6733 -

2 réponses