Cheval de troie impossible à trouver et supprimer

vany · le 02 Sep 2010 06:35

Bonjour,

J'ai un petit soucis de cheval de troie.

Depuis quelques jours, mon anivirus (avira antivir personnal free) m'ouvre des pages d'alerte plusieurs fois dans la journée pour m'avertir que je suis infectée par des chevaux de troie, et me donne le chemin d'accès à ces virus.
A chaque fois, je coche "supprimer" mais ils reviennent.
J'ai donc voulu supprimer carrément le fichier où ils se trouvent sauf que je n'arrive pas à y accèder!
Quand je tape l'adresse : C:\Users\rémi\AppData\Local\Temp\~temp\...., rien ne s'affiche, on me dit que le dossier est vide.

J'ai un pc de bureau acer aspire M3802 avec windows 7 dessus

Pouvez vous me dire comment me débarrasser de ces virus une fois pour toutes?

Merci

Ask to Old Man · le 02 Sep 2010 08:37

Bonjour & bienvenue,

Pour pouvoir avancer avec nos helpers, un peu de lecture...

viewtopic.php?f=19&t=51456

Il ne te reste ensuite qu'à attendre leurs instructions.

vany · le 02 Sep 2010 11:21

Merci.

Mon antivirus me dit que je suis infectée pas le cheval de troie TR/Horst.39424.C qui se trouverais ici ;
C:\Users\rémi\AppData\local\~temp\mlp317\mdm.exe

Alors, j'ai suivi le post, voici le rapport UsbFix :

Code: Tout sélectionner: ############################## | UsbFix 7.022 | [Listing] Utilisateur: rémi (Administrateur) # RÉMI-PC [Acer Aspire M3802] Mis à jour le 29/08/10 par El Desaparecido / C_XX Lancé à 12:14:24 | 02/09/2010 Site Web: http://pagesperso-orange.fr/NosTools/index.html Contact: FindyKill.Contact@gmail.com CPU: Pentium(R) Dual-Core CPU E5400 @ 2.70GHz CPU 2: Pentium(R) Dual-Core CPU E5400 @ 2.70GHz Microsoft Windows 7 Édition Familiale Premium (6.1.7600 64-Bit) # Internet Explorer 8.0.7600.16385 Pare-feu Windows: Désactivé /!\ RAM -> 6143 Mo C:\ (%systemdrive%) -> Disque fixe # 459 Go (288 Go libre(s) - 63%) [Acer] # NTFS D:\ -> Disque fixe # 459 Go (297 Go libre(s) - 65%) [DATA] # NTFS E:\ -> CD-ROM L:\ -> Disque fixe # 149 Go (37 Go libre(s) - 25%) [] # NTFS ################## | Listing | [08/04/2010 - 23:01:06 | SHD ] C:\$Recycle.Bin [02/09/2010 - 12:14:18 | RASHD ] C:\Autorun.inf [01/02/2010 - 20:10:55 | AD ] C:\book [13/10/2009 - 04:18:07 | RASH | 8192] C:\BOOTSECT.BAK [14/07/2009 - 07:08:56 | SHD ] C:\Documents and Settings [07/11/2007 - 08:00:40 | A | 17734] C:\eula.1028.txt [07/11/2007 - 08:00:40 | A | 17734] C:\eula.1031.txt [07/11/2007 - 08:00:40 | A | 10134] C:\eula.1033.txt [07/11/2007 - 08:00:40 | A | 17734] C:\eula.1036.txt [07/11/2007 - 08:00:40 | A | 17734] C:\eula.1040.txt [07/11/2007 - 08:00:40 | A | 118] C:\eula.1041.txt [07/11/2007 - 08:00:40 | A | 17734] C:\eula.1042.txt [07/11/2007 - 08:00:40 | A | 17734] C:\eula.2052.txt [07/11/2007 - 08:00:40 | A | 17734] C:\eula.3082.txt [07/11/2007 - 08:00:40 | A | 1110] C:\globdata.ini [02/09/2010 - 07:09:50 | ASH | 4831162368] C:\hiberfil.sys [14/06/2010 - 20:53:11 | D ] C:\HSF [07/11/2007 - 08:03:18 | A | 562688] C:\install.exe [07/11/2007 - 08:00:40 | A | 843] C:\install.ini [07/11/2007 - 08:03:18 | A | 76304] C:\install.res.1028.dll [07/11/2007 - 08:03:18 | A | 96272] C:\install.res.1031.dll [07/11/2007 - 08:03:18 | A | 91152] C:\install.res.1033.dll [07/11/2007 - 08:03:18 | A | 97296] C:\install.res.1036.dll [07/11/2007 - 08:03:18 | A | 95248] C:\install.res.1040.dll [07/11/2007 - 08:03:18 | A | 81424] C:\install.res.1041.dll [07/11/2007 - 08:03:18 | A | 79888] C:\install.res.1042.dll [07/11/2007 - 08:03:18 | A | 75792] C:\install.res.2052.dll [07/11/2007 - 08:03:18 | A | 96272] C:\install.res.3082.dll [13/10/2009 - 03:26:03 | D ] C:\Intel [02/12/2006 - 08:37:14 | AH | 904704] C:\msdia80.dll [13/10/2009 - 03:52:18 | RHD ] C:\MSOCache [25/08/2010 - 14:29:23 | D ] C:\MyHeritage [08/04/2010 - 23:00:59 | HD ] C:\OEM [02/09/2010 - 07:09:58 | ASH | 6441549824] C:\pagefile.sys [14/07/2009 - 05:20:08 | D ] C:\PerfLogs [10/06/2010 - 13:03:03 | RD ] C:\Program Files [01/09/2010 - 17:43:16 | RD ] C:\Program Files (x86) [29/08/2010 - 08:17:30 | HD ] C:\ProgramData [08/04/2010 - 22:59:46 | SHD ] C:\Recovery [01/02/2010 - 20:05:48 | A | 2035] C:\RHDSetup.log [01/09/2010 - 18:17:25 | SHD ] C:\System Volume Information [07/06/2010 - 18:21:41 | D ] C:\temp [02/09/2010 - 12:03:47 | D ] C:\UsbFix [02/09/2010 - 12:14:24 | A | 3103] C:\UsbFix.txt [08/04/2010 - 22:59:49 | RD ] C:\Users [07/11/2007 - 08:00:40 | A | 5686] C:\vcredist.bmp [07/11/2007 - 08:09:22 | A | 1442522] C:\VC_RED.cab [07/11/2007 - 08:12:28 | A | 232960] C:\VC_RED.MSI [31/08/2010 - 21:50:05 | D ] C:\Windows [08/04/2010 - 23:01:06 | SHD ] D:\$RECYCLE.BIN [02/09/2010 - 12:14:19 | RASHD ] D:\Autorun.inf [07/11/2007 - 08:00:40 | A | 17734] D:\eula.1028.txt [07/11/2007 - 08:00:40 | A | 17734] D:\eula.1031.txt [07/11/2007 - 08:00:40 | A | 10134] D:\eula.1033.txt [07/11/2007 - 08:00:40 | A | 17734] D:\eula.1036.txt [07/11/2007 - 08:00:40 | A | 17734] D:\eula.1040.txt [07/11/2007 - 08:00:40 | A | 118] D:\eula.1041.txt [07/11/2007 - 08:00:40 | A | 17734] D:\eula.1042.txt [07/11/2007 - 08:00:40 | A | 17734] D:\eula.2052.txt [07/11/2007 - 08:00:40 | A | 17734] D:\eula.3082.txt [09/04/2010 - 00:32:27 | D ] D:\Films Etienne L...Z [09/04/2010 - 07:11:31 | D ] D:\Fims Arno [07/11/2007 - 08:00:40 | A | 1110] D:\globdata.ini [07/11/2007 - 08:44:20 | A | 855040] D:\install.exe [07/11/2007 - 08:00:40 | A | 843] D:\install.ini [07/11/2007 - 08:44:20 | A | 75280] D:\install.res.1028.dll [07/11/2007 - 08:44:20 | A | 95248] D:\install.res.1031.dll [07/11/2007 - 08:44:20 | A | 90128] D:\install.res.1033.dll [07/11/2007 - 08:44:20 | A | 96272] D:\install.res.1036.dll [07/11/2007 - 08:44:20 | A | 94224] D:\install.res.1040.dll [07/11/2007 - 08:44:20 | A | 80400] D:\install.res.1041.dll [07/11/2007 - 08:44:20 | A | 78864] D:\install.res.1042.dll [07/11/2007 - 08:44:20 | A | 74768] D:\install.res.2052.dll [07/11/2007 - 08:44:20 | A | 95248] D:\install.res.3082.dll [01/09/2010 - 17:44:48 | HD ] D:\msdownld.tmp [01/02/2010 - 20:02:08 | SHD ] D:\System Volume Information [07/11/2007 - 08:00:40 | A | 5686] D:\vcredist.bmp [07/11/2007 - 08:50:40 | A | 1927956] D:\VC_RED.cab [07/11/2007 - 08:53:12 | A | 242176] D:\VC_RED.MSI [16/09/2009 - 02:02:54 | SHD ] L:\#GDATA.Trash.Store# [06/06/2010 - 09:07:18 | SHD ] L:\$RECYCLE.BIN [16/10/2009 - 08:28:03 | A | 213162294] L:\album_de_bébé.bck [02/09/2010 - 12:14:20 | RASHD ] L:\Autorun.inf [06/09/2009 - 19:48:23 | A | 24064] L:\Comptabilité.xls [06/04/2010 - 00:00:43 | D ] L:\Etienne [31/03/2010 - 20:01:26 | D ] L:\Films Manu [28/03/2010 - 02:13:03 | A | 67072] L:\films.xls [15/09/2009 - 20:44:06 | D ] L:\Généalogie [28/07/2010 - 18:16:33 | D ] L:\Musiques [13/07/2010 - 15:44:31 | D ] L:\photos [11/09/2009 - 21:23:57 | SHD ] L:\RECYCLER [13/07/2010 - 14:57:32 | D ] L:\rémi [27/03/2010 - 17:50:01 | D ] L:\Rémi collection [27/03/2010 - 11:03:13 | D ] L:\Suivi-Secu [05/09/2009 - 09:10:25 | SHD ] L:\System Volume Information [27/03/2010 - 11:03:22 | ASH | 69632] L:\Thumbs.db [13/07/2010 - 14:30:15 | D ] L:\Vanessa [16/10/2009 - 08:21:21 | D ] L:\wordpress ################## | E.O.F |

Et voici le rapport OTL :

EDIT Skynet : il y a un bug pour l'affichage (rapport trop long et impossible à corriger).

Puis le rapport Extra

Code: Tout sélectionner: OTL Extras logfile created on: 02/09/2010 12:05:01 - Run 3 OTL by OldTimer - Version 3.2.11.0 Folder = C:\Users\rémi\Downloads 64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy 6,00 Gb Total Physical Memory | 4,00 Gb Available Physical Memory | 72,00% Memory free 12,00 Gb Paging File | 10,00 Gb Available in Paging File | 85,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 458,95 Gb Total Space | 287,71 Gb Free Space | 62,69% Space Free | Partition Type: NTFS Drive D: | 459,46 Gb Total Space | 296,56 Gb Free Space | 64,55% Space Free | Partition Type: NTFS E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Drive L: | 149,05 Gb Total Space | 37,22 Gb Free Space | 24,97% Space Free | Partition Type: NTFS Computer Name: RÉMI-PC Current User Name: rémi Logged in as Administrator. Current Boot Mode: Normal Scan Mode: All users Include 64bit Scans Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days Output = Standard [color=#E56717]========== Extra Registry (All) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .chm[@ = chm.file] -- C:\Windows\hh.exe (Microsoft Corporation) .cpl[@ = cplfile] -- C:\Windows\SysNative\control.exe (Microsoft Corporation) .hlp[@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation) .hta[@ = htafile] -- C:\Windows\SysWOW64\mshta.exe (Microsoft Corporation) .html[@ = htmlfile] -- C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) .inf[@ = inffile] -- C:\Windows\SysNative\NOTEPAD.EXE (Microsoft Corporation) .ini[@ = inifile] -- C:\Windows\SysNative\NOTEPAD.EXE (Microsoft Corporation) .url[@ = InternetShortcut] -- C:\Windows\System32\ieframe.DLL (Microsoft Corporation) .js[@ = JSFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation) .jse[@ = JSEFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation) .reg[@ = regfile] -- C:\Windows\regedit.exe (Microsoft Corporation) .txt[@ = txtfile] -- C:\Windows\SysNative\NOTEPAD.EXE (Microsoft Corporation) .vbe[@ = VBEFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation) .vbs[@ = VBSFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation) .wsf[@ = WSFFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation) .wsh[@ = WSHFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .chm [@ = chm.file] -- C:\Windows\hh.exe (Microsoft Corporation) .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation) .hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation) .hta [@ = htafile] -- C:\Windows\SysWOW64\mshta.exe (Microsoft Corporation) .html [@ = htmlfile] -- C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) .inf [@ = inffile] -- C:\Windows\SysWow64\NOTEPAD.EXE (Microsoft Corporation) .ini [@ = inifile] -- C:\Windows\SysWow64\NOTEPAD.EXE (Microsoft Corporation) .url [@ = InternetShortcut] -- C:\Windows\System32\ieframe.DLL (Microsoft Corporation) .js [@ = JSFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation) .jse [@ = JSEFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation) .reg [@ = regfile] -- C:\Windows\SysWow64\regedit.exe (Microsoft Corporation) .txt [@ = txtfile] -- C:\Windows\SysWow64\NOTEPAD.EXE (Microsoft Corporation) .vbe [@ = VBEFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation) .vbs [@ = VBSFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation) .wsf [@ = WSFFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation) .wsh [@ = WSHFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation) [HKEY_USERS\S-1-5-21-3981119972-1861882404-2235439435-1000\SOFTWARE\Classes\<extension>] .html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) [color=#E56717]========== Shell Spawning ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation) batfile [open] -- "%1" %* File not found batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation) chm.file [open] -- "%SystemRoot%\hh.exe" %1 (Microsoft Corporation) cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation) cmdfile [open] -- "%1" %* File not found cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation) comfile [open] -- "%1" %* File not found cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* File not found helpfile [open] -- Reg Error: Key error. hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation) htafile [open] -- C:\Windows\SysWOW64\mshta.exe "%1" %* (Microsoft Corporation) htmlfile [edit] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation) htmlfile [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation) htmlfile [opennew] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) htmlfile [print] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation) http [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation) https [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) inffile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation) inffile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation) inifile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation) inifile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation) InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation) InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) jsfile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation) jsfile [open] -- C:\Windows\System32\WScript.exe "%1" %* (Microsoft Corporation) jsfile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation) jsefile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation) jsefile [open] -- C:\Windows\System32\WScript.exe "%1" %* (Microsoft Corporation) jsefile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation) piffile [open] -- "%1" %* File not found regfile [edit] -- %SystemRoot%\system32\notepad.exe "%1" (Microsoft Corporation) regfile [open] -- regedit.exe "%1" (Microsoft Corporation) regfile [merge] -- Reg Error: Key error. regfile [print] -- %SystemRoot%\system32\notepad.exe /p "%1" (Microsoft Corporation) scrfile [config] -- "%1" File not found scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation) scrfile [open] -- "%1" /S File not found txtfile [edit] -- Reg Error: Key error. txtfile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation) txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation) txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4" (Microsoft Corporation) vbefile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation) vbefile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation) vbefile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation) vbsfile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation) vbsfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation) vbsfile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation) wsffile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation) wsffile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation) wsffile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation) wshfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation) Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" () Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L" (Microsoft Corporation) Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" () Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Applications\iexplore.exe [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation) batfile [open] -- "%1" %* batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation) chm.file [open] -- "%SystemRoot%\hh.exe" %1 (Microsoft Corporation) cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation) cmdfile [open] -- "%1" %* cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation) comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation) htafile [open] -- C:\Windows\SysWOW64\mshta.exe "%1" %* (Microsoft Corporation) htmlfile [edit] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation) htmlfile [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation) htmlfile [opennew] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) htmlfile [print] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation) http [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation) https [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) inffile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation) inffile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation) inifile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation) inifile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation) InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation) InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) jsfile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation) jsfile [open] -- C:\Windows\System32\WScript.exe "%1" %* (Microsoft Corporation) jsfile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation) jsefile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation) jsefile [open] -- C:\Windows\System32\WScript.exe "%1" %* (Microsoft Corporation) jsefile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation) piffile [open] -- "%1" %* regfile [edit] -- %SystemRoot%\system32\notepad.exe "%1" (Microsoft Corporation) regfile [open] -- regedit.exe "%1" (Microsoft Corporation) regfile [merge] -- Reg Error: Key error. regfile [print] -- %SystemRoot%\system32\notepad.exe /p "%1" (Microsoft Corporation) scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation) scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. txtfile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation) txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation) txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4" (Microsoft Corporation) vbefile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation) vbefile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation) vbefile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation) vbsfile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation) vbsfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation) vbsfile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation) wsffile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation) wsffile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation) wsffile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation) wshfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation) Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" () Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L" (Microsoft Corporation) Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" () Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Applications\iexplore.exe [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 0 "EnableFirewall" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "DisableNotifications" = 0 "EnableFirewall" = 0 [color=#E56717]========== Authorized Applications List ==========[/color] [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64) "{138A4072-9E64-46BD-B5F9-DB2BB395391F}" = LWS VideoEffects "{350AA351-21FA-3270-8B7A-835434E766AD}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 "{3D3E663D-4E7E-4577-A560-7ECDDD45548A}" = PVSonyDll "{55D55008-E5F6-47D6-B16F-B2A40D4D145F}" = 64 Bit HP CIO Components Installer "{8181C5B7-2FF5-4677-BA6A-8E2C3F5A7601}" = HP Photosmart C4400 All-In-One Driver Software 13.0 Rel. 3 "{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007 "{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007 "{90120000-002A-040C-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (French) 2007 "{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 "{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager "{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting "{9B48B0AC-C813-4174-9042-476A887592C7}" = Assistant de connexion Windows Live ID "{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 "{EE936C7A-EA40-31D5-9B65-8E3E089C3828}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 "HP Imaging Device Functions" = HP Imaging Device Functions 13.0 "HP Photosmart Essential" = HP Photosmart Essential 3.5 "HP Smart Web Printing" = HP Smart Web Printing 4.60 "HP Solution Center & Imaging Support Tools" = HP Solution Center 13.0 "HPExtendedCapabilities" = HP Customer Participation Program 13.0 "HPOCR" = OCR Software by I.R.I.S. 13.0 "lvdrivers_12.10" = Coffret de pilotes Logitech Webcam Software "NVIDIA Display Control Panel" = NVIDIA Display Control Panel "NVIDIA Drivers" = NVIDIA Drivers "Shop for HP Supplies" = Shop for HP Supplies [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 "{0214A441-A4AB-43A8-8DEF-2F73C5364673}" = Microsoft Works "{02DFF6B1-1654-411C-8D7B-FD6052EF016F}" = Apple Software Update "{06A1D88C-E102-4527-AF70-29FFD7AF215A}" = Scan "{08610298-29AE-445B-B37D-EFBE05802967}" = LWS Pictures And Video "{08CA9554-B5FE-4313-938F-D4A417B81175}" = QuickTime "{0EF5BEA9-B9D3-46d7-8958-FB69A0BAEACC}" = Status "{15634701-BACE-4449-8B25-1567DA8C9FD3}" = CameraHelperMsi "{15D967B5-A4BE-42AE-9E84-64CD062B25AA}" = eSobi v2 "{1651216E-E7AD-4250-92A1-FB8ED61391C9}" = LWS Help_main "{175F0111-2968-4935-8F70-33108C6A4DE3}" = MarketResearch "{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer "{1EC71BFB-01A3-4239-B6AF-B1AE656B15C0}" = TrayApp "{20400dbd-e6db-45b8-9b6b-1dd7033818ec}" = Nero InfoTool Help "{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Outil de téléchargement Windows Live "{2075CB0A-D26F-4DAA-B424-5079296B43BA}" = Windows Live FolderShare "{21DF0294-6B9D-4741-AB6F-B2ABFBD2387E}" = LWS YouTube Plugin "{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT "{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer "{2348b586-c9ae-46ce-936c-a68e9426e214}" = Nero StartSmart Help "{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = Acer Arcade Deluxe "{266517E6-D866-439D-919C-B8B1A52E6080}" = OpenOffice.org 3.2 "{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 21 "{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com "{2C8574B5-6935-4FCE-860E-F4E8602378FF}" = OfferBox "{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}" = BufferChm "{2FF8C687-DB7D-4adc-A5DC-57983EC25046}" = DeviceDiscovery "{30075A70-B5D2-440B-AFA3-FB2021740121}" = Backup Manager Advance "{33cf58f5-48d8-4575-83d6-96f574e4d83a}" = Nero DriveSpeed "{38470B46-9BF1-40AE-A588-F6AD6D1C2D42}" = Free TV Radio "{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform "{3C92B2E6-380D-4fef-B4DF-4A3B4B669771}" = Copy "{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = erLT "{43CDF946-F5D9-4292-B006-BA0D92013021}" = WebReg "{4634B21A-CC07-4396-890C-2B8168661FEA}" = Windows Live Writer "{46ABBC54-1872-4AA3-95E2-F2C063A63F31}" = Installation Windows Live "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}" = SolutionCenter "{4D43D635-6FDA-4fa5-AA9B-23CF73D058EA}" = Nero StartSmart OEM "{4E7C28C7-D5DA-4E9F-A1CA-60490B54AE35}" = UnloadSupport "{4FBCEA31-5D18-4212-9231-DE7CF1BE7DBB}" = Logitech Vid "{53B20C18-D8D4-4588-8737-9BBFE303C354}" = Windows Live Movie Maker "{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml "{595a3116-40bb-4e0f-a2e8-d7951da56270}" = NeroExpress "{5DD76286-9BE7-4894-A990-E905E91AC818}" = Windows Live Mail "{63FF21C9-A810-464F-B60A-3111747B1A6D}" = GPBaseService2 "{681B698F-C997-42C3-B184-B489C6CA24C9}" = HPPhotoSmartDiscLabelContent1 "{68301905-2DEA-41CE-A4D4-E8B443B099BA}" = MyWinLocker "{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin "{6B2FFB21-AC88-45C3-9A7D-4BB3E744EC91}" = HPSSupply "{6BBA26E9-AB03-4FE7-831A-3535584CA002}" = Toolbox "{6F76EC3C-34B1-436E-97FB-48C58D7BEDCD}" = LWS Gallery "{71E66D3F-A009-44AB-8784-75E2819BA4BA}" = LWS Motion Detection "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{770F1BEC-2871-4E70-B837-FB8525FFA3B1}" = Windows Live Messenger "{7748ac8c-18e3-43bb-959b-088faea16fb2}" = Nero StartSmart "{7E5A8023-0E90-4503-A1EA-C9FC25680AF9}" = PS_AIO_03_C4400_Software_Min "{7F811A54-5A09-4579-90E1-C93498E230D9}" = Acer eRecovery Management "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110209593}" = Chicken Invaders 2 "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110551697}" = Granny In Paradise "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112662477}" = Merriam Websters Spell Jam "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11273477}" = Amazonia "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112920767}" = Alice Greenfingers "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113786380}" = Heroes of Hellas "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113832110}" = Dream Day First Home "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115053100}" = Dairy Dash "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115208410}" = First Class Flurry "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11531173}" = Farm Frenzy 2 "{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}" = Windows Live Call "{83202942-84b3-4c50-8622-b8c0aa2d2885}" = Nero Express Help "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{83C8FA3C-F4EA-46C4-8392-D3CE353738D6}" = LWS Launcher "{869200db-287a-4dc0-b02b-2b6787fbcd4c}" = Nero DiscSpeed "{8937D274-C281-42E4-8CDB-A0B2DF979189}" = LWS Webcam Software "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8ed9688e-4f79-4308-91ca-f1c37ca142b4}_is1" = Acer GameZone Console "{8FF6F5CA-4E30-4E3B-B951-204CAAA2716A}" = SmartWebPrinting "{90120000-0015-040C-0000-0000000FF1CE}" = Microsoft Office Access MUI (French) 2007 "{90120000-0015-040C-0000-0000000FF1CE}_OMUI.fr-fr_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007 "{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2) "{90120000-0016-040C-0000-0000000FF1CE}" = Microsoft Office Excel MUI (French) 2007 "{90120000-0016-040C-0000-0000000FF1CE}_OMUI.fr-fr_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0017-040C-0000-0000000FF1CE}" = Microsoft Office SharePoint Designer MUI (French) 2007 "{90120000-0017-040C-0000-0000000FF1CE}_OMUI.fr-fr_{CCDA3DD6-E33D-4D75-B7C9-FF585580CE83}" = Microsoft Office SharePoint Designer 2007 Service Pack 2 (SP2) "{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007 "{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2) "{90120000-0018-040C-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (French) 2007 "{90120000-0018-040C-0000-0000000FF1CE}_OMUI.fr-fr_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0019-040C-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (French) 2007 "{90120000-0019-040C-0000-0000000FF1CE}_OMUI.fr-fr_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001A-040C-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (French) 2007 "{90120000-001A-040C-0000-0000000FF1CE}_OMUI.fr-fr_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007 "{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2) "{90120000-001B-040C-0000-0000000FF1CE}" = Microsoft Office Word MUI (French) 2007 "{90120000-001B-040C-0000-0000000FF1CE}_OMUI.fr-fr_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001F-0401-0000-0000000FF1CE}" = Microsoft Office Proof (Arabic) 2007 "{90120000-001F-0401-0000-0000000FF1CE}_OMUI.fr-fr_{14809F99-C601-4D4A-9391-F1E8FAA964C5}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007 "{90120000-001F-0407-0000-0000000FF1CE}_OMUI.fr-fr_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007 "{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = 2007 Microsoft Office Suite Service Pack 2 (SP2) "{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007 "{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = 2007 Microsoft Office Suite Service Pack 2 (SP2) "{90120000-001F-0413-0000-0000000FF1CE}" = Microsoft Office Proof (Dutch) 2007 "{90120000-001F-0413-0000-0000000FF1CE}_OMUI.fr-fr_{D66D5A44-E480-4BA4-B4F2-C554F6B30EBB}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007 "{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = 2007 Microsoft Office Suite Service Pack 2 (SP2) "{90120000-0020-040C-0000-0000000FF1CE}" = Module de compatibilité pour Microsoft Office System 2007 "{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{E64BA721-2310-4B55-BE5A-2925F9706192}" = 2007 Microsoft Office Suite Service Pack 2 (SP2) "{90120000-002A-0409-1000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2) "{90120000-002A-040C-1000-0000000FF1CE}_OMUI.fr-fr_{B165D3C2-40AE-4D39-86F7-E5C87C4264C0}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007 "{90120000-002C-040C-0000-0000000FF1CE}" = Microsoft Office Proofing (French) 2007 "{90120000-0044-040C-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (French) 2007 "{90120000-0044-040C-0000-0000000FF1CE}_OMUI.fr-fr_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007 "{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2) "{90120000-006E-040C-0000-0000000FF1CE}" = Microsoft Office Shared MUI (French) 2007 "{90120000-006E-040C-0000-0000000FF1CE}_OMUI.fr-fr_{B165D3C2-40AE-4D39-86F7-E5C87C4264C0}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007 "{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2) "{90120000-00A1-040C-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (French) 2007 "{90120000-00A1-040C-0000-0000000FF1CE}_OMUI.fr-fr_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-00BA-040C-0000-0000000FF1CE}" = Microsoft Office Groove MUI (French) 2007 "{90120000-00BA-040C-0000-0000000FF1CE}_OMUI.fr-fr_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0100-040C-0000-0000000FF1CE}" = Microsoft Office O MUI (French) 2007 "{90120000-0100-040C-0000-0000000FF1CE}_OMUI.fr-fr_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0101-040C-0000-0000000FF1CE}" = Microsoft Office X MUI (French) 2007 "{90120000-0101-040C-0000-0000000FF1CE}_OMUI.fr-fr_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007 "{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2) "{90120000-0116-0409-1000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2) "{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007 "{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2) "{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581) "{95120000-00AF-040C-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (French) "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9B362566-EC1B-4700-BB9C-EC661BDE2175}" = DocProc "{9DAEA76B-E50F-4272-A595-0124E826553D}" = LWS WLM Plugin "{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{A94AAFAF-9FBA-43F9-A79C-70AC38761811}" = Samsung Camcorder USB-D04 Capture Driver "{AC76BA86-7AD7-1036-7B44-A93000000001}" = Adobe Reader 9.3.4 - Français "{B0069CFA-5BB9-4C03-B1C6-89CE290E5AFE}" = HP Update "{B131E59D-202C-43C6-84C9-68F0C37541F1}" = Galerie de photos Windows Live "{B1E33614-25CC-4C2A-8CBA-88B51ABF67E0}" = C4400 "{b2ec4a38-b545-4a00-8214-13fe0e915e6d}" = Advertising Center "{b4cc2c9c-467c-4a34-82f6-52d2418ca239}" = Nero 9 Essentials "{bd5ca0da-71ad-43da-b19e-6eee0c9adc9a}" = Nero ControlCenter "{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations "{C43326F5-F135-4551-8270-7F7ABA0462E1}" = HPProductAssistant "{C5C1C0F0-D62F-4DBF-81D4-D7EF397C228B}" = NVIDIA PhysX "{CAE4213F-F797-439D-BD9E-79B71D115BE3}" = HPPhotoGadget "{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = CyberLink PowerDirector "{cc019e3f-59d2-4486-8d4b-878105b62a71}" = Nero DiscSpeed Help "{D36DD326-7280-11D8-97C8-000129760CBE}" = CyberLink PhotoNow "{D40EB009-0499-459c-A8AF-C9C110766215}" = Logitech Webcam Software "{D79113E7-274C-470B-BD46-01B10219DF6A}" = HPPhotosmartEssential "{dba84796-8503-4ff0-af57-1747dd9a166d}" = Nero Online Upgrade "{E0B19DF7-B1C7-4937-82C4-0E4B1E346965}" = eBay Worldwide "{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update "{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant "{e5c7d048-f9b4-4219-b323-8bdb01a2563d}" = Nero DriveSpeed Help "{e8a80433-302b-4ff1-815d-fcc8eac482ff}" = Nero Installer "{EE171732-BEB4-4576-887D-CB62727F01CA}" = Acer Updater "{EED027B7-0DB6-404B-8F45-6DFEE34A0441}" = LWS Video Mask Maker "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU] "{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{f4041dce-3fe1-4e18-8a9e-9de65231ee36}" = Nero ControlCenter "{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5 "{F4F4F84E-804F-4E9A-84D7-C34283F0088F}" = RealUpgrade 1.0 "{fbcdfd61-7dcf-4e71-9226-873ba0053139}" = Nero InfoTool "{FF167195-9EE4-46C0-8CD7-FBA3457E88AB}" = LWS Facebook "{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 "Acer Registration" = Acer Registration "Acer Screensaver" = Acer ScreenSaver "Acer Welcome Center" = Welcome Center "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus "Chambres_enfants_3D_3_demo_is1" = Chambres d'enfants 3D (Démonstration) "FileZilla Client" = FileZilla Client 3.3.2.1 "Fissa" = Fissa "HOMESTUDENTR" = Microsoft Office Home and Student 2007 "Hotkey Utility" = Hotkey Utility "Identity Card" = Identity Card "InstallShield_{15D967B5-A4BE-42AE-9E84-64CD062B25AA}" = eSobi v2 "InstallShield_{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = Acer Arcade Deluxe "InstallShield_{30075A70-B5D2-440B-AFA3-FB2021740121}" = Acer Backup Manager "InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = CyberLink PowerDirector "InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}" = CyberLink PhotoNow "McAfee Security Scan" = McAfee Security Scan Plus "Mozilla Firefox (3.6.8)" = Mozilla Firefox (3.6.8) "Mozilla Thunderbird (3.1.2)" = Mozilla Thunderbird (3.1.2) "OMUI.fr-fr" = Microsoft Office Language Pack 2007 - French/Français "Picasa 3" = Picasa 3 "PrintPratic" = PrintPratic "RealPlayer 12.0" = RealPlayer "Usbfix" = Usbfix By C_XX & El Desaparecido "VLC media player" = VLC media player 1.1.3 "WinLiveSuite_Wave3" = Installation Windows Live [color=#E56717]========== HKEY_USERS Uninstall List ==========[/color] [HKEY_USERS\S-1-5-21-3981119972-1861882404-2235439435-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "Facebook Plug-In" = Facebook Plug-In "Playviz" = Playviz "SUIVI-SECU" = Suivi-Secu [color=#E56717]========== Last 10 Event Log Errors ==========[/color] [ Application Events ] Error - 25/08/2010 07:37:24 | Computer Name = rémi-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107 Description = Échec de l’extraction de la liste racine tierce depuis le fichier CAB de mise à jour automatique à : <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> avec l’erreur : Un certificat requis n’est pas dans sa période de validité selon la vérification par rapport à l’horloge système en cours ou le tampon daté dans le fichier signé. . Error - 25/08/2010 07:37:24 | Computer Name = rémi-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107 Description = Échec de l’extraction de la liste racine tierce depuis le fichier CAB de mise à jour automatique à : <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> avec l’erreur : Un certificat requis n’est pas dans sa période de validité selon la vérification par rapport à l’horloge système en cours ou le tampon daté dans le fichier signé. . Error - 25/08/2010 07:37:24 | Computer Name = rémi-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107 Description = Échec de l’extraction de la liste racine tierce depuis le fichier CAB de mise à jour automatique à : <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> avec l’erreur : Un certificat requis n’est pas dans sa période de validité selon la vérification par rapport à l’horloge système en cours ou le tampon daté dans le fichier signé. . Error - 25/08/2010 08:46:07 | Computer Name = rémi-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107 Description = Échec de l’extraction de la liste racine tierce depuis le fichier CAB de mise à jour automatique à : <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> avec l’erreur : Un certificat requis n’est pas dans sa période de validité selon la vérification par rapport à l’horloge système en cours ou le tampon daté dans le fichier signé. . Error - 25/08/2010 08:46:07 | Computer Name = rémi-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107 Description = Échec de l’extraction de la liste racine tierce depuis le fichier CAB de mise à jour automatique à : <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> avec l’erreur : Un certificat requis n’est pas dans sa période de validité selon la vérification par rapport à l’horloge système en cours ou le tampon daté dans le fichier signé. . Error - 25/08/2010 08:46:07 | Computer Name = rémi-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107 Description = Échec de l’extraction de la liste racine tierce depuis le fichier CAB de mise à jour automatique à : <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> avec l’erreur : Un certificat requis n’est pas dans sa période de validité selon la vérification par rapport à l’horloge système en cours ou le tampon daté dans le fichier signé. . Error - 25/08/2010 08:46:07 | Computer Name = rémi-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107 Description = Échec de l’extraction de la liste racine tierce depuis le fichier CAB de mise à jour automatique à : <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> avec l’erreur : Un certificat requis n’est pas dans sa période de validité selon la vérification par rapport à l’horloge système en cours ou le tampon daté dans le fichier signé. . Error - 25/08/2010 08:46:07 | Computer Name = rémi-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107 Description = Échec de l’extraction de la liste racine tierce depuis le fichier CAB de mise à jour automatique à : <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> avec l’erreur : Un certificat requis n’est pas dans sa période de validité selon la vérification par rapport à l’horloge système en cours ou le tampon daté dans le fichier signé. . Error - 25/08/2010 08:46:07 | Computer Name = rémi-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107 Description = Échec de l’extraction de la liste racine tierce depuis le fichier CAB de mise à jour automatique à : <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> avec l’erreur : Un certificat requis n’est pas dans sa période de validité selon la vérification par rapport à l’horloge système en cours ou le tampon daté dans le fichier signé. . Error - 25/08/2010 08:46:07 | Computer Name = rémi-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107 Description = Échec de l’extraction de la liste racine tierce depuis le fichier CAB de mise à jour automatique à : <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> avec l’erreur : Un certificat requis n’est pas dans sa période de validité selon la vérification par rapport à l’horloge système en cours ou le tampon daté dans le fichier signé. . [ System Events ] Error - 20/08/2010 07:10:34 | Computer Name = rémi-PC | Source = cdrom | ID = 262151 Description = Le périphérique \Device\CdRom0 comporte un bloc défectueux. Error - 20/08/2010 07:10:43 | Computer Name = rémi-PC | Source = cdrom | ID = 262151 Description = Le périphérique \Device\CdRom0 comporte un bloc défectueux. Error - 20/08/2010 07:10:52 | Computer Name = rémi-PC | Source = cdrom | ID = 262151 Description = Le périphérique \Device\CdRom0 comporte un bloc défectueux. Error - 20/08/2010 07:11:01 | Computer Name = rémi-PC | Source = cdrom | ID = 262151 Description = Le périphérique \Device\CdRom0 comporte un bloc défectueux. Error - 20/08/2010 07:11:10 | Computer Name = rémi-PC | Source = cdrom | ID = 262151 Description = Le périphérique \Device\CdRom0 comporte un bloc défectueux. Error - 20/08/2010 07:11:19 | Computer Name = rémi-PC | Source = cdrom | ID = 262151 Description = Le périphérique \Device\CdRom0 comporte un bloc défectueux. Error - 20/08/2010 07:11:27 | Computer Name = rémi-PC | Source = cdrom | ID = 262151 Description = Le périphérique \Device\CdRom0 comporte un bloc défectueux. Error - 20/08/2010 07:11:32 | Computer Name = rémi-PC | Source = cdrom | ID = 262151 Description = Le périphérique \Device\CdRom0 comporte un bloc défectueux. Error - 26/08/2010 01:40:50 | Computer Name = rémi-PC | Source = Service Control Manager | ID = 7009 Description = Le dépassement de délai (30000 millisecondes) a été atteint lors de l’attente de la connexion du service NTI IScheduleSvc. Error - 26/08/2010 01:40:50 | Computer Name = rémi-PC | Source = Service Control Manager | ID = 7000 Description = Le service NTI IScheduleSvc n’a pas pu démarrer en raison de l’erreur : %%1053 < End of report >

Skynet · le 02 Sep 2010 14:50

Bonjour & bienvenue Vany,

comme tu l'as sûrement vu, ton message était invisible pour tous. Ton rapport OTL était trop long et bloquait l'affichage.

J'ai corrigé l'erreur pour le reste mais peux-tu envoyer le rapport OTL ici : http://www.cijoint.fr

Et ensuite de nous communiquer le lien obtenu.

Merci.

vany · le 02 Sep 2010 15:00

Merci beaucoup, effectivement, je me demandais pourquoi mon message était invisible

Donc, voici maintenant le lien pour accéder au rapport OTL : http://www.cijoint.fr/cjlink.php?file=c ... Cbf0zM.txt

Merci d'avance

bernard53 · le 03 Sep 2010 12:06

Bonjour à tous
vany fait ceci .
Relance USBFIX
Branche tes lecteurs externes
Valide Suppression
Une fois l'analyse terminée, un rapport de scan vous est proposé...

CTRL+A pour tout sélectionner
CTRL+C pour copier
CTRL+V pour coller dans la réponse

Ensuite::

* Fait un double-clic sur l'icône d'OTL pour le lancer
/!\ pour Vista/Seven fais un clic-droit sur l'icône d'OTL et choisis "Exécuter en tant qu'administrateur"

* Assure-toi d'avoir fermé toutes les applications en court de fonctionnement.

* Quand la fenêtre d'OTL apparaît, assure toi que dans la section "Rapport" (en haut à droite) la case " Rapport minimal" soit cochée.

* Copies et colles le contenue de cette citation dans la partie inférieure d'OTL "Personnalisation"

:OTL
PRC - [2010/08/28 16:32:41 | 000,090,112 | ---- | M] () -- C:\Users\RMI~1\LOCALS~1\APPLIC~1\MICROS~1\spoolsv.exe
[2010/07/20 21:35:02 | 000,000,000 | ---D | M] (Zynga Toolbar) -- C:\Users\rémi\AppData\Roaming\mozilla\Firefox\Profiles\5k5noc8s.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}
O2 - BHO: (Interest recogniser for Freetvradio (powered by Spointer)) - {4C4AD71D-52E1-4402-9E5B-CBFC295EC9BA} - C:\Program Files (x86)\freeTVRadio\spointer\extensions\freetvradio_air_ie.dll (Freetvradio)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (OfferBox) - {FC0D62C2-9640-4AEB-A5D5-CF25DF11FA8C} - C:\Program Files (x86)\OfferBox\OfferBoxBHO.dll (Secure Digital Services Limited)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4 - HKLM\..\RunOnce: [] File not found
F3:64bit: - HKU\S-1-5-21-3981119972-1861882404-2235439435-1000 WinNT: Load - (C:\Users\RMI~1\LOCALS~1\APPLIC~1\MICROS~1\spoolsv.exe) -C:\Users\RMI~1\LOCALS~1\APPLIC~1\MICROS~1\spoolsv.exe ()
F3 - HKU\S-1-5-21-3981119972-1861882404-2235439435-1000 WinNT: Load - (C:\Users\RMI~1\LOCALS~1\APPLIC~1\MICROS~1\spoolsv.exe) - C:\Users\RMI~1\LOCALS~1\APPLIC~1\MICROS~1\spoolsv.exe ()
[2010/08/28 16:32:41 | 000,090,112 | ---- | M] () -- C:\Users\rémi\AppData\Roaming\mstsc.exe

:Files
C:\Users\rémi\AppData\Roaming\mstsc.exe

:Commands
[emptytemp]

* Cliques sur l'icône Correction (en haut à gauche) .
* Laisse le scan aller à son terme sans te servir du PC
* A la fin du scan un ou deux rapports vont s'ouvrir "OTL.Txt" et ( ou ) "Extras.Txt"( dans certains cas).
* Copie et colle le ou les rapports dans ta réponse stp...
* Au cas où, tu peux les retrouver dans le dossier C:\OTL ou sur ton bureau en fonction des cas rencontrés

Ensuite tu as trop de chose au démarrage que tu peux résoudre comme cela.
Démarrer >> Exécuter >> tapes msconfig puis rends toi a l'onglet démarrage et décoches tout cela.

O4:64bit: - HKLM\..\Run: [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4:64bit: - HKLM\..\Run: [mwlDaemon] C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe (Egis Technology Inc.)
O4:64bit: - HKLM\..\Run: [OOTag] C:\Windows\OOBEOffer\OOBEOffer\OOTag.exe (Microsoft)
O4:64bit: - HKLM\..\Run: [PLD_FrameworkRun] C:\Windows\SysNative\oem\setEvent.exe File not found
O4:64bit: - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM\..\Run: [Adobe ARM] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM\..\Run: [ArcadeDeluxeAgent] C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe (CyberLink Corp.)
O4 - HKLM\..\Run: [EdenFlirt] C:\Program Files (x86)\Eden Flirt\EdenFlirt.exe File not found
O4 - HKLM\..\Run: [EgisTecLiveUpdate] C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe (Egis Technology Inc.)
O4 - HKLM\..\Run: [Hotkey Utility] C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe ()
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe (Hewlett-Packard)
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\HpqSRmon.exe (Hewlett-Packard)
O4 - HKLM\..\Run: [LWS] C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe (Logitech Inc.)
O4 - HKLM\..\Run: [PlayMovie] C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe (Acer Corp.)
O4 - HKLM\..\Run: [QuickTime Task] C:\Program Files (x86)\QuickTime\QTTask.exe (Apple Inc.)
O4 - HKLM\..\Run: [TkBellExe] C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.) O4 - HKU\S-1-5-21-3981119972-1861882404-2235439435-1000\..\Run: [Logitech Vid] C:\Program Files (x86)\Logitech\Vid\Vid.exe (Logitech Inc.)
O4 - HKU\S-1-5-21-3981119972-1861882404-2235439435-1000\..\Run: [Logitech Vid HD] C:\Program Files (x86)\Logitech\Vid\vid.exe (Logitech Inc.)
O4 - HKU\S-1-5-21-3981119972-1861882404-2235439435-1000\..\Run: [msnmsgr] C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation)
O4 - HKLM\..\RunOnce: [] File not found
O4 - HKU\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\SysWow64\mctadmin.exe File not found
O4 - HKU\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\SysWow64\mctadmin.exe File not found
O4 - Startup: C:\Users\rémi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.2.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
O4 - Startup: C:\Users\rémi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ZooskMessenger.lnk = C:\Program Files (x86)\ZooskMessenger\ZooskMessenger.exe File not found

Redémarre le pc.

vany · le 03 Sep 2010 12:16

Bonjour, et merci

Alors, voici déjà pour usbfix :

Code: Tout sélectionner: ############################## | UsbFix 7.022 | [Suppression] Utilisateur: rémi (Administrateur) # RÉMI-PC [Acer Aspire M3802] Mis à jour le 29/08/10 par El Desaparecido / C_XX Lancé à 13:12:42 | 03/09/2010 Site Web: http://pagesperso-orange.fr/NosTools/index.html Contact: FindyKill.Contact@gmail.com CPU: Pentium(R) Dual-Core CPU E5400 @ 2.70GHz CPU 2: Pentium(R) Dual-Core CPU E5400 @ 2.70GHz Microsoft Windows 7 Édition Familiale Premium (6.1.7600 64-Bit) # Internet Explorer 8.0.7600.16385 Pare-feu Windows: Désactivé /!\ RAM -> 6143 Mo C:\ (%systemdrive%) -> Disque fixe # 459 Go (286 Go libre(s) - 62%) [Acer] # NTFS D:\ -> Disque fixe # 459 Go (297 Go libre(s) - 65%) [DATA] # NTFS E:\ -> CD-ROM L:\ -> Disque fixe # 149 Go (37 Go libre(s) - 25%) [] # NTFS ################## | Éléments infectieux | ################## | Registre | ################## | Mountpoints2 | ################## | Listing | [03/09/2010 - 13:14:25 | SHD ] C:\$Recycle.Bin [02/09/2010 - 12:14:18 | RASHD ] C:\Autorun.inf [01/02/2010 - 20:10:55 | AD ] C:\book [13/10/2009 - 04:18:07 | RASH | 8192] C:\BOOTSECT.BAK [14/07/2009 - 07:08:56 | SHD ] C:\Documents and Settings [07/11/2007 - 08:00:40 | A | 17734] C:\eula.1028.txt [07/11/2007 - 08:00:40 | A | 17734] C:\eula.1031.txt [07/11/2007 - 08:00:40 | A | 10134] C:\eula.1033.txt [07/11/2007 - 08:00:40 | A | 17734] C:\eula.1036.txt [07/11/2007 - 08:00:40 | A | 17734] C:\eula.1040.txt [07/11/2007 - 08:00:40 | A | 118] C:\eula.1041.txt [07/11/2007 - 08:00:40 | A | 17734] C:\eula.1042.txt [07/11/2007 - 08:00:40 | A | 17734] C:\eula.2052.txt [07/11/2007 - 08:00:40 | A | 17734] C:\eula.3082.txt [07/11/2007 - 08:00:40 | A | 1110] C:\globdata.ini [03/09/2010 - 11:04:33 | ASH | 4831162368] C:\hiberfil.sys [14/06/2010 - 20:53:11 | D ] C:\HSF [07/11/2007 - 08:03:18 | A | 562688] C:\install.exe [07/11/2007 - 08:00:40 | A | 843] C:\install.ini [07/11/2007 - 08:03:18 | A | 76304] C:\install.res.1028.dll [07/11/2007 - 08:03:18 | A | 96272] C:\install.res.1031.dll [07/11/2007 - 08:03:18 | A | 91152] C:\install.res.1033.dll [07/11/2007 - 08:03:18 | A | 97296] C:\install.res.1036.dll [07/11/2007 - 08:03:18 | A | 95248] C:\install.res.1040.dll [07/11/2007 - 08:03:18 | A | 81424] C:\install.res.1041.dll [07/11/2007 - 08:03:18 | A | 79888] C:\install.res.1042.dll [07/11/2007 - 08:03:18 | A | 75792] C:\install.res.2052.dll [07/11/2007 - 08:03:18 | A | 96272] C:\install.res.3082.dll [13/10/2009 - 03:26:03 | D ] C:\Intel [02/12/2006 - 08:37:14 | AH | 904704] C:\msdia80.dll [13/10/2009 - 03:52:18 | RHD ] C:\MSOCache [25/08/2010 - 14:29:23 | D ] C:\MyHeritage [08/04/2010 - 23:00:59 | HD ] C:\OEM [03/09/2010 - 11:04:41 | ASH | 6441549824] C:\pagefile.sys [14/07/2009 - 05:20:08 | D ] C:\PerfLogs [10/06/2010 - 13:03:03 | RD ] C:\Program Files [02/09/2010 - 15:04:05 | RD ] C:\Program Files (x86) [29/08/2010 - 08:17:30 | HD ] C:\ProgramData [08/04/2010 - 22:59:46 | SHD ] C:\Recovery [01/02/2010 - 20:05:48 | A | 2035] C:\RHDSetup.log [01/09/2010 - 18:17:25 | SHD ] C:\System Volume Information [07/06/2010 - 18:21:41 | D ] C:\temp [03/09/2010 - 13:14:25 | D ] C:\UsbFix [03/09/2010 - 13:12:42 | A | 3233] C:\UsbFix.txt [08/04/2010 - 22:59:49 | RD ] C:\Users [07/11/2007 - 08:00:40 | A | 5686] C:\vcredist.bmp [07/11/2007 - 08:09:22 | A | 1442522] C:\VC_RED.cab [07/11/2007 - 08:12:28 | A | 232960] C:\VC_RED.MSI [02/09/2010 - 15:07:17 | D ] C:\Windows [03/09/2010 - 13:14:25 | SHD ] D:\$RECYCLE.BIN [02/09/2010 - 12:14:19 | RASHD ] D:\Autorun.inf [07/11/2007 - 08:00:40 | A | 17734] D:\eula.1028.txt [07/11/2007 - 08:00:40 | A | 17734] D:\eula.1031.txt [07/11/2007 - 08:00:40 | A | 10134] D:\eula.1033.txt [07/11/2007 - 08:00:40 | A | 17734] D:\eula.1036.txt [07/11/2007 - 08:00:40 | A | 17734] D:\eula.1040.txt [07/11/2007 - 08:00:40 | A | 118] D:\eula.1041.txt [07/11/2007 - 08:00:40 | A | 17734] D:\eula.1042.txt [07/11/2007 - 08:00:40 | A | 17734] D:\eula.2052.txt [07/11/2007 - 08:00:40 | A | 17734] D:\eula.3082.txt [09/04/2010 - 00:32:27 | D ] D:\Films Etienne L...Z [09/04/2010 - 07:11:31 | D ] D:\Fims Arno [07/11/2007 - 08:00:40 | A | 1110] D:\globdata.ini [07/11/2007 - 08:44:20 | A | 855040] D:\install.exe [07/11/2007 - 08:00:40 | A | 843] D:\install.ini [07/11/2007 - 08:44:20 | A | 75280] D:\install.res.1028.dll [07/11/2007 - 08:44:20 | A | 95248] D:\install.res.1031.dll [07/11/2007 - 08:44:20 | A | 90128] D:\install.res.1033.dll [07/11/2007 - 08:44:20 | A | 96272] D:\install.res.1036.dll [07/11/2007 - 08:44:20 | A | 94224] D:\install.res.1040.dll [07/11/2007 - 08:44:20 | A | 80400] D:\install.res.1041.dll [07/11/2007 - 08:44:20 | A | 78864] D:\install.res.1042.dll [07/11/2007 - 08:44:20 | A | 74768] D:\install.res.2052.dll [07/11/2007 - 08:44:20 | A | 95248] D:\install.res.3082.dll [01/09/2010 - 17:44:49 | HD ] D:\msdownld.tmp [01/02/2010 - 20:02:08 | SHD ] D:\System Volume Information [07/11/2007 - 08:00:40 | A | 5686] D:\vcredist.bmp [07/11/2007 - 08:50:40 | A | 1927956] D:\VC_RED.cab [07/11/2007 - 08:53:12 | A | 242176] D:\VC_RED.MSI [16/09/2009 - 02:02:54 | SHD ] L:\#GDATA.Trash.Store# [03/09/2010 - 13:14:25 | SHD ] L:\$RECYCLE.BIN [16/10/2009 - 08:28:03 | A | 213162294] L:\album_de_bébé.bck [02/09/2010 - 12:14:20 | RASHD ] L:\Autorun.inf [06/09/2009 - 19:48:23 | A | 24064] L:\Comptabilité.xls [06/04/2010 - 00:00:43 | D ] L:\Etienne [31/03/2010 - 20:01:26 | D ] L:\Films Manu [28/03/2010 - 02:13:03 | A | 67072] L:\films.xls [15/09/2009 - 20:44:06 | D ] L:\Généalogie [28/07/2010 - 18:16:33 | D ] L:\Musiques [13/07/2010 - 15:44:31 | D ] L:\photos [03/09/2010 - 13:13:06 | SHD ] L:\RECYCLER [13/07/2010 - 14:57:32 | D ] L:\rémi [27/03/2010 - 17:50:01 | D ] L:\Rémi collection [27/03/2010 - 11:03:13 | D ] L:\Suivi-Secu [05/09/2009 - 09:10:25 | SHD ] L:\System Volume Information [27/03/2010 - 11:03:22 | ASH | 69632] L:\Thumbs.db [13/07/2010 - 14:30:15 | D ] L:\Vanessa [16/10/2009 - 08:21:21 | D ] L:\wordpress ################## | Vaccin | C:\Autorun.inf -> Dossier créé par UsbFix (El Desaparecido & C_XX) D:\Autorun.inf -> Dossier créé par UsbFix (El Desaparecido & C_XX) L:\Autorun.inf -> Dossier créé par UsbFix (El Desaparecido & C_XX) ################## | E.O.F |

Je vais lancer otl

EDIT :

Et voici le rapport OTL :

Code: Tout sélectionner: All processes killed ========== OTL ========== No active process named spoolsv.exe was found! C:\Users\rémi\AppData\Roaming\mozilla\Firefox\Profiles\5k5noc8s.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}\searchplugin folder moved successfully. C:\Users\rémi\AppData\Roaming\mozilla\Firefox\Profiles\5k5noc8s.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}\META-INF folder moved successfully. C:\Users\rémi\AppData\Roaming\mozilla\Firefox\Profiles\5k5noc8s.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}\lib folder moved successfully. C:\Users\rémi\AppData\Roaming\mozilla\Firefox\Profiles\5k5noc8s.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}\defaults folder moved successfully. C:\Users\rémi\AppData\Roaming\mozilla\Firefox\Profiles\5k5noc8s.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}\components folder moved successfully. C:\Users\rémi\AppData\Roaming\mozilla\Firefox\Profiles\5k5noc8s.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}\chrome folder moved successfully. C:\Users\rémi\AppData\Roaming\mozilla\Firefox\Profiles\5k5noc8s.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822} folder moved successfully. Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4C4AD71D-52E1-4402-9E5B-CBFC295EC9BA}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4C4AD71D-52E1-4402-9E5B-CBFC295EC9BA}\ deleted successfully. C:\Program Files (x86)\freeTVRadio\spointer\extensions\freetvradio_air_ie.dll moved successfully. Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB}\ not found. Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FC0D62C2-9640-4AEB-A5D5-CF25DF11FA8C}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FC0D62C2-9640-4AEB-A5D5-CF25DF11FA8C}\ deleted successfully. C:\Program Files (x86)\OfferBox\OfferBoxBHO.dll moved successfully. 64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully. Registry key HKEY_LOCAL_MACHINE\\Software\Microsoft\Windows\CurrentVersion\RunOnce not found. File \Users\RMI~1\LOCALS~1\APPLIC~1\MICROS~1\spoolsv.exe) -C:\Users\RMI~1\LOCALS~1\APPLIC~1\MICROS~1\spoolsv.exe not found. 64bit-Registry value HKEY_USERS\S-1-5-21-3981119972-1861882404-2235439435-1000\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\Load:C:\Users\RMI~1\LOCALS~1\APPLIC~1\MICROS~1\spoolsv.exe deleted successfully. C:\Users\RMI~1\LOCALS~1\APPLIC~1\MICROS~1\spoolsv.exe moved successfully. Registry value HKEY_USERS\S-1-5-21-3981119972-1861882404-2235439435-1000\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\Load:C:\Users\RMI~1\LOCALS~1\APPLIC~1\MICROS~1\spoolsv.exe deleted successfully. C:\Users\rémi\AppData\Roaming\mstsc.exe moved successfully. ========== FILES ========== File\Folder C:\Users\rémi\AppData\Roaming\mstsc.exe not found. ========== COMMANDS ========== [EMPTYTEMP] User: All Users User: Default ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: Public User: rémi ->Temp folder emptied: 1474129461 bytes ->Temporary Internet Files folder emptied: 63732197 bytes ->Java cache emptied: 4625347 bytes ->FireFox cache emptied: 42399662 bytes ->Flash cache emptied: 97101 bytes %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32 (64bit) .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 18065629 bytes %systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 50406 bytes RecycleBin emptied: 95092887 bytes Total Files Cleaned = 1 620,00 mb OTL by OldTimer - Version 3.2.11.0 log created on 09032010_131835 Files\Folders moved on Reboot... Registry entries deleted on Reboot...

EDIT Skynet : Merci d'utiliser le bouton EDITER lorsque c'est nécessaire

.

EDIT Bis :

J'ai donc fait tout ce qui était demandé et pour le moment, plus de fenêtre d'alerte...
Je vais lancer une analyse antivirus et voir ce qu'il en est
Je vous remercie en tous cas, et je vous tiens au courant

EDIT bis Skynet : :evil:

bernard53 · le 03 Sep 2010 13:56

en complément de ton analyse antivirus fait ceci.

Installe Malewarebytes' Antimalware,
tutoriel-malwarebytes-anti-malware-vt-46564.html

*** Met-le à jour puis choisi, Exécuter un examen complet

*** Si une infection est trouvée, coche la case a coté et valides avec l’Onglet Supprimer la sélection

Poste le rapport final.
*** il est conseillé de désactivé Tea-Timer si tu as Spybot-S&D juste le temps du scan.

Voici comment faire: Lancez Spybot-S&D, passez en Mode avancé via le Menu Mode (en haut) → cliquez sur Oui--> choisissez Outils dans la barre de navigation sur la gauche -->Résident et là vous pouvez décocher les cases situées devant les deux outils.

Rom395 · le 04 Sep 2010 20:50

Attention, il est noté que ton par-feu Windows est désactivé. C'est une chose très indispensable. Ne jamais désactiver son par-feu. Tu là désactivé intentionnellement ou alors tu ne sais pas comment il s'est désactivé ? si il c'est désactivé derrière votre dos, un des chevaux de 3 on sertenement due le désactiver.

Cheval de troie impossible à trouver et supprimer

Cheval de troie impossible à trouver et supprimer

Re: Cheval de troie impossible à trouver et supprimer

Re: Cheval de troie impossible à trouver et supprimer

Re: Cheval de troie impossible à trouver et supprimer

Re: Cheval de troie impossible à trouver et supprimer

Re: Cheval de troie impossible à trouver et supprimer

Re: Cheval de troie impossible à trouver et supprimer

Re: Cheval de troie impossible à trouver et supprimer

Sujets similaires

Qui est en ligne