Aller au contenu

manu78

Membres
 Afficher le profil  Afficher son activité

  • Compteur de contenus

    104

  • Inscription

  • Dernière visite

 Type de contenu 

Tout ce qui a été posté par manu78

  1. manu78
    Merci Mes réponses ci-dessous. Manu
  2. manu78
    Bonsoir, Merci d'avance pour ton aide. Voici ci dessous les fichiers. Bonne soirée Manu
  3. manu78
    Bonjour à tous, Je rencontre depuis quelque temps pas mal de petits soucis qui s'accumulent et me laissent à penser que mon PC commence à dériver.... Exemple : - associer un programme par défaut, déja traité ici http://forum.zebulon.fr/resolu-associer-un-programme-excel-par-defaut-t212231.html mais qui re-apparait..... - Pack Office, officiel, introuvable dans le gestionnaire de programmes (ex, l'élément EXCEL.EXE auquel ce raccourci a été modifié ou supprimé...), id pour W et PP, - connexion requise en administrateur pour tout nouveau chargement alors que ce n'était pas le cas avant, (impossible par exemple de lancer la maj de Thunderbird qui me signifiait Couldn't launch XPCOM), résolu en passant directement par PSI Secunia -.... et donc tout un tas de petits trucs de la sorte qui deviennent gênant. J'ai individuellement essayé de résoudre ces petits soucis avec plus ou moins de succès mais je sens qu'il y a une dégradation progressive. Y aurait un check complet à faire avec vos outils magiques ? J'utilise régulièrement PSI Secunia, CCleaner, Malwarebytes, AVira est à jour (dernier scan OK)... Un grand merci par avance. Manu Windows 7
  4. manu78
    Bonjour, J'avais bien essayé mais je n'ai pas l'icone [Mofifier] en bas de mon premier message, juste [signaler],[multi-citation] et [CIter] ! Apparement un pb lors de la connexion car j'apparais en invité sur le premier message. Que faire ? Merci et bon WE à tous. Manu
  5. manu78
    Bonjour, A priori, mon PC va bien. Voici le nouveau rapport ZHP © CJoint.com, 2012 Quand à PSI, je l'utilise en tache de fond depuis mon dernier passage sur Zebulon, y'a juste que j'ai beaucoup de "update scheduled" mais souvent, il ne se produit rien, même plusieurs jours après alors parfois je le fais manuellement. @+ Manu.
  6. manu78
    Ok pour les balises. Voila le lien SFT: © CJoint.com, 2012 et le rapport MBAM : Malwarebyte s Anti-Malware 1.65.1.1000 www.malwarebyte s .org Ver s ion de la ba s e de donn é e s : v2012.12.11.11 Window s 7 S ervice Pac k 1 x64 NTF S Internet Explorer 9.0.8112.16421 Papa :: PAPA-PC [admini s trateur] 11/12/2012 20:28:37 mbam-log-2012-12-11 (20-28-37).txt Type d'examen: Examen complet (C:\|D:\|) Option s d'examen activ é e s : M é moire | D é marrage | Regi s tre | S y s t è me de fichier s | Heuri s tique/Extra | Heuri s tique/ S huri k en | PUP | PUM Option s d'examen d é s activ é e s : P2P El é ment( s ) analy s é ( s ): 626903 Temp s é coul é : 1 heure( s ), 47 minute( s ), 40 s econde( s ) Proce s s u s m é moire d é tect é ( s ): 0 (Aucun é l é ment nui s ible d é tect é ) Module( s ) m é moire d é tect é ( s ): 0 (Aucun é l é ment nui s ible d é tect é ) Cl é ( s ) du Regi s tre d é tect é e( s ): 0 (Aucun é l é ment nui s ible d é tect é ) Valeur( s ) du Regi s tre d é tect é e( s ): 0 (Aucun é l é ment nui s ible d é tect é ) El é ment( s ) de donn é e s du Regi s tre d é tect é ( s ): 0 (Aucun é l é ment nui s ible d é tect é ) Do s s ier( s ) d é tect é ( s ): 0 (Aucun é l é ment nui s ible d é tect é ) Fichier( s ) d é tect é ( s ): 0 (Aucun é l é ment nui s ible d é tect é ) (fin) @+ Manu
  7. manu78
    Voila le rapport. Merci. Manu # AdwCleaner v2.100 - Rapport créé le 11/12/2012 à 18:33:41 # Mis à jour le 09/12/2012 par Xplode # Système d'exploitation : Windows 7 Home Premium Service Pack 1 (64 bits) # Nom d'utilisateur : Papa - PAPA-PC # Mode de démarrage : Normal # Exécuté depuis : C:\Users\Papa\Desktop\AdwCleaner.exe # Option [suppression] ***** [services] ***** ***** [Fichiers / Dossiers] ***** Dossier Supprimé : C:\Windows\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE} Fichier Supprimé : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eBay.lnk Fichier Supprimé : C:\Users\Papa\AppData\Local\Temp\Uninstall.exe ***** [Registre] ***** Clé Supprimée : HKCU\Software\AppDataLow\AskToolbarInfo Clé Supprimée : HKCU\Software\AppDataLow\Software\AskToolbar Clé Supprimée : HKCU\Software\Ask.com Clé Supprimée : HKCU\Software\Ask.com.tmp Clé Supprimée : HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A} Clé Supprimée : HKCU\Software\Softonic Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874} Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL Clé Supprimée : HKLM\SOFTWARE\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF Clé Supprimée : HKLM\SOFTWARE\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF Clé Supprimée : HKLM\SOFTWARE\Classes\Installer\UpgradeCodes\F928123A039649549966D4C29D35B1C9 Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56} Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456} Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92} Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E} Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{FFB96CC1-7EB3-449D-B827-DB661701C6BB} Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A} Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE} Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\conduitEngine Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{FFB96CC1-7EB3-449D-B827-DB661701C6BB} Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF ***** [Navigateurs] ***** -\\ Internet Explorer v9.0.8112.16455 [OK] Le registre ne contient aucune entrée illégitime. -\\ Mozilla Firefox v14.0.1 (fr) Nom du profil : default Fichier : C:\Users\Papa\AppData\Roaming\Mozilla\Firefox\Profiles\si6lffwm.default\prefs.js [OK] Le fichier ne contient aucune entrée illégitime. ************************* AdwCleaner[s1].txt - [3161 octets] - [11/12/2012 18:33:41] ########## EOF - C:\AdwCleaner[s1].txt - [3221 octets] ##########
  8. manu78
    Bonjour, Merci de l'aide et du conseil pour les multiposts. Voici le lien : Download ZHPDiag.txt from Sendspace.com - send big files the easy way Bonne journée. Manu
  9. manu78
    --- 9 déc à 11h00 --- Bonjour, Au démarrage, j'ai accès au bureau de 7even, les icones sont là mais en cliquant, rien ne se passe (y compris au bout d'une demi heure). Le DD (ou le ventilo du processeur, je distingue pas bien) semble en fonctionnement plus actif qu'habituellement. La dernière chose que j'ai faite est d'accepter une maj de Java et le PC s'est figé à ce moment là ! et malgré plusieurs redémarrages, rien à faire. Ctrl-Alt-Supp ne fonctionne pas non plus, obligé de couper la sessions avec le bouton d'arret ! J'ai accès en mode sans échec et vous écris à partir de cette interface. Voici mon log. Un grand merci d'avance. Manu Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 10:58:39, on 09/12/2012 Platform: Unknown Windows (WinNT 6.01.3505 SP1) MSIE: Internet Explorer v9.00 (9.00.8112.16455) Boot mode: Safe mode with network support Running processes: C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Utilitaires PC\Hijackthis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN Hotmail.fr, Messenger, Skype, Actualité, Sport, People, Femmes - MSN France R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = MSN Hotmail.fr, Messenger, Skype, Actualité, Sport, People, Femmes - MSN France R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN Hotmail.fr, Messenger, Skype, Actualité, Sport, People, Femmes - MSN France R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN Hotmail.fr, Messenger, Skype, Actualité, Sport, People, Femmes - MSN France R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer, optimized for Bing and MSN R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll O2 - BHO: ZoneAlarm Security Engine Registrar - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll O3 - Toolbar: ZoneAlarm Security Engine - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [ControlCenter3] C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe /autorun O4 - HKLM\..\Run: [ZoneAlarm] "C:\Utilitaires PC\ZA\CheckPoint\ZoneAlarm\zatray.exe" O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [iTunesHelper] "C:\Utilitaires multimedia\itunes\iTunesHelper.exe" O4 - HKCU\..\Run: [Facebook Update] "C:\Users\Papa\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVICE RÉSEAU') O4 - Global Startup: Logitech SetPoint.lnk = ? O4 - Global Startup: Secunia PSI Tray.lnk = ? O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O13 - Gopher Prefix: O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/MessengerGamesContent/GameContent/fr/uno1/GAME_UNO1.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - (no file) O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: BrYNSvc - Brother Industries, Ltd. - C:\Program Files (x86)\Browny02\BrYNSvc.exe O23 - Service: CanalPlus.VOD - Canal+ Active - C:\Program Files (x86)\Canal+\CANAL+ CANALSAT A LA DEMANDE\VOD\CanalPlus.VOD.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: ZoneAlarm Toolbar IswSvc (IswSvc) - Check Point Software Technologies - C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe O23 - Service: Process Monitor (LVPrcS64) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Utilitaires PC\Malwarebytes' Anti-Malware\mbamscheduler.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Utilitaires PC\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Secunia PSI Agent - Secunia - C:\Utilitaires PC\PSI\PSIA.exe O23 - Service: Secunia Update Agent - Secunia - C:\Utilitaires PC\PSI\sua.exe O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\Utilitaires PC\ZA\CheckPoint\ZoneAlarm\vsmon.exe O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 11980 bytes --- 10 déc à 07h01 --- Bonjour, Après de multiples tentatives de restauration du système, la plupart bloquées, je crois avoir réussi à retrouver mon bureau. Pensez vous qu'il y ait quelque chose à vérifier "en profondeur" ? Merci Manu -édit- Dans cette section, il ne faut pas multiplier les messages dans ton sujet avant d'avoir été pris en charge : au vu de la présence d'une « réponse », les helpers ne s'y intéresseront pas, croyant le problème pris en mains par l'un des leurs. Utilise plutôt la touche « Modifier » située en bas à droite de ton premier message…
  10. manu78
    euh, ............... le fichier a disparu... Antivir aurait-il réussi à le shoooter après plusieurs tentatives ? Je vous tiendrai au courant si il ré-apparaît et j'essaierai la manip de renommage en -old. Merci en tout cas. Manu
  11. manu78
    Bonjour et merci de cette réponse rapide. Petit soucis, je vais sur la page et lorsque je selectionne le .dll a scanner, M. Windows me dit que j'ai pas les droits pour l'ouvrir et que je dois consulter le propriétaire ou un admin. Or je suis en compte admin sur mon PC..... Effet du cheval de troie ? Manu
  12. manu78
    Bonsoir, Antivir me détecte un cheval de troie pratiquement toujours au même endroit. 'C:\Users\Papa\AppData\Roaming\bsebcu.dll' [RESULTAT] Contient le cheval de Troie TR/Crypt.EPACK.Gen8 Début de la désinfection : C:\Users\Papa\AppData\Roaming\bsebcu.dll [RESULTAT] Contient le cheval de Troie TR/Crypt.EPACK.Gen8 [AVERTISSEMENT] Impossible de déplacer le fichier dans le répertoire de quarantaine ! [AVERTISSEMENT] Impossible de supprimer le fichier ! [REMARQUE] Le fichier a été repéré pour une suppression après un redémarrage. [REMARQUE] Un redémarrage de l'ordinateur est initié pour la réparation finale. -------------------------------------------------------------------------------- le même C:\Users\Papa\AppData\Roaming\bsebcu.dll [RESULTAT] Contient le cheval de Troie TR/Crypt.EPACK.Gen8 Début de la désinfection : C:\Users\Papa\AppData\Roaming\bsebcu.dll [RESULTAT] Contient le cheval de Troie TR/Crypt.EPACK.Gen8 [AVERTISSEMENT] Impossible de déplacer le fichier dans le répertoire de quarantaine ! [AVERTISSEMENT] Impossible de supprimer le fichier ! ---------------------------------------------------------------------- C:\Users\Papa\AppData\Local\Temp\BIT668F.tmp [RESULTAT] Contient le cheval de Troie TR/Crypt.XPACK.Gen2 Début de la désinfection : HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA C:\Users\Papa\AppData\Local\Temp\BIT668F.tmp [RESULTAT] Contient le cheval de Troie TR/Crypt.XPACK.Gen2 [REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '55c3aa82.qua' ! ----------------------------------------------------------------------------------------------------------- que faire ? Voici mon hijack. http://hijackthis.de/#anl me donne rien de suspect. Merci d'avance. Manu Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 18:09:35, on 26/08/2012 Platform: Unknown Windows (WinNT 6.01.3505 SP1) MSIE: Internet Explorer v9.00 (9.00.8112.16448) Boot mode: Normal Running processes: C:\Utilitaires PC\PSI\psi_tray.exe C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe C:\Program Files\Logitech\SetPoint\x86\SetPoint32.exe C:\Utilitaires PC\Malwarebytes' Anti-Malware\mbamgui.exe c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe C:\Program Files (x86)\Brother\ControlCenter3\brccMCtl.exe C:\Utilitaires PC\ZA\CheckPoint\ZoneAlarm\zatray.exe C:\Utilitaires multimedia\itunes\iTunesHelper.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\Avira\AntiVir Desktop\avnotify.exe C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\SyncServer.exe C:\Program Files (x86)\Avira\AntiVir Desktop\avnotify.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\Skype\Phone\Skype.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Program Files (x86)\Avira\AntiVir Desktop\avcenter.exe C:\Windows\SysWOW64\notepad.exe C:\Windows\SysWOW64\notepad.exe C:\Windows\SysWOW64\notepad.exe C:\Utilitaires PC\Hijackthis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN Hotmail.fr, Messenger, Skype, Actualité, Sport, People, Femmes - MSN France R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = MSN Hotmail.fr, Messenger, Skype, Actualité, Sport, People, Femmes - MSN France R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN Hotmail.fr, Messenger, Skype, Actualité, Sport, People, Femmes - MSN France R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN Hotmail.fr, Messenger, Skype, Actualité, Sport, People, Femmes - MSN France R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer, optimized for Bing and MSN R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll O2 - BHO: ZoneAlarm Security Engine Registrar - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll O3 - Toolbar: ZoneAlarm Security Engine - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Utilitaires PC\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [ControlCenter3] C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe /autorun O4 - HKLM\..\Run: [brStsMon00] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe /AUTORUN O4 - HKLM\..\Run: [ZoneAlarm] "C:\Utilitaires PC\ZA\CheckPoint\ZoneAlarm\zatray.exe" O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [iTunesHelper] "C:\Utilitaires multimedia\itunes\iTunesHelper.exe" O4 - HKCU\..\Run: [Facebook Update] "C:\Users\Papa\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] C:\Windows\SysWOW64\Macromed\Flash\FlashUtil11g_Plugin.exe -update plugin O4 - Global Startup: Logitech SetPoint.lnk = ? O4 - Global Startup: Secunia PSI Tray.lnk = ? O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O13 - Gopher Prefix: O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/MessengerGamesContent/GameContent/fr/uno1/GAME_UNO1.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - (no file) O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: BrYNSvc - Brother Industries, Ltd. - C:\Program Files (x86)\Browny02\BrYNSvc.exe O23 - Service: CanalPlus.VOD - Canal+ Active - C:\Program Files (x86)\Canal+\CANAL+ CANALSAT A LA DEMANDE\VOD\CanalPlus.VOD.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe O23 - Service: HP Quick Synchronization Service (HPDrvMntSvc.exe) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: ZoneAlarm Toolbar IswSvc (IswSvc) - Check Point Software Technologies - C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe O23 - Service: Process Monitor (LVPrcS64) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Utilitaires PC\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Secunia PSI Agent - Secunia - C:\Utilitaires PC\PSI\PSIA.exe O23 - Service: Secunia Update Agent - Secunia - C:\Utilitaires PC\PSI\sua.exe O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\Utilitaires PC\ZA\CheckPoint\ZoneAlarm\vsmon.exe O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 12335 bytes OS : 7even
  13. manu78
    SUPER, c'est OK ! Encore merci de ton aide et pour le super boulot que vous faites ! Manu
  14. manu78
    Je suis épaté par vos outils ! Rapport PS : avant de lancer OTL et pendant que je consultais la page Zeb, cette page là s'est ouverte sur un onglet séparé ! ImageShack® - Online Photo and Video Hosting zut je croyais avoir copié tout l'écran , y'en a qu'une partie, peut être que ça te parle ! Merci d'avance Manu
  15. manu78
    ET l'autre OTL Extras logfile created on: 03/05/2011 19:34:13 - Run 1 OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\Papa\Desktop 64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy 8,00 Gb Total Physical Memory | 6,00 Gb Available Physical Memory | 75,00% Memory free 16,00 Gb Paging File | 13,00 Gb Available in Paging File | 83,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 917,52 Gb Total Space | 701,19 Gb Free Space | 76,42% Space Free | Partition Type: NTFS Drive D: | 13,90 Gb Total Space | 2,44 Gb Free Space | 17,56% Space Free | Partition Type: NTFS Computer Name: PAPA-PC | User Name: Papa | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation) [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>] .html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) ========== Shell Spawning ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* File not found cmdfile [open] -- "%1" %* File not found comfile [open] -- "%1" %* File not found exefile [open] -- "%1" %* File not found helpfile [open] -- Reg Error: Key error. htmlfile [edit] -- Reg Error: Key error. htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" File not found inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation) InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) piffile [open] -- "%1" %* File not found regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" File not found scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l File not found scrfile [open] -- "%1" /S File not found txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" () Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" () Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [edit] -- Reg Error: Key error. htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" () Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" () Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] ========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 ========== Authorized Applications List ========== ========== HKEY_LOCAL_MACHINE Uninstall List ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64) "{0C826C5B-B131-423A-A229-C71B3CACCD6A}" = CDDRV_Installer "{0E543634-7E25-4B8F-8D5B-97880E5E5088}" = Bonjour "{16DDB3D1-5C27-4599-9C63-E583287191CC}" = iTunes "{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant "{24BEFDE1-A699-4139-B61B-B1102FDE7279}" = AVG 2011 "{26280024-DFB7-4967-90DB-7F9C6660D01E}" = HP MediaSmart SmartMenu "{350AA351-21FA-3270-8B7A-835434E766AD}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 "{4B5F58F7-C7D1-3CE3-9B37-B657F0852643}" = Microsoft .NET Framework 4 Client Profile FRA Language Pack "{5EB6F3CB-46F4-451F-A028-7F6D8D35D7D0}" = Windows Live Language Selector "{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 "{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 "{8F473675-D702-45F9-8EBC-342B40C17BF5}" = Apple Mobile Device Support "{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting "{987FE247-4E69-4A2E-A961-D14F901FDBF6}" = Logitech Webcam Software "{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}" = Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 "{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 "{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter "{EE936C7A-EA40-31D5-9B65-8E3E089C3828}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 "{EF5948BA-589D-4BE7-B993-C45DC1A77E24}" = MobileMe Control Panel "{F3F18612-7B5D-4C05-86C9-AB50F6F71727}" = KhalInstallWrapper "{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile "CCleaner" = CCleaner "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Client Profile FRA Language Pack" = Module linguistique Microsoft .NET Framework 4 Client Profile FRA "NVIDIA Display Control Panel" = NVIDIA Display Control Panel "NVIDIA Drivers" = NVIDIA Drivers "OfficeTrial" = Version de démonstration de Microsoft Office Home and Student 2007 "PC-Doctor for Windows" = Outils de diagnostic du matériel "PhotomatixPro3x32_is1" = Photomatix Pro version 3.2.9 "Recuva" = Recuva [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 "{04DA096D-6236-4A5D-8FB6-3081E67009BA}" = CANAL+ CANALSAT A LA DEMANDE "{05653DE1-6567-40C6-B930-39D399B64369}" = OpenOffice.org 3.3 "{07FA4960-B038-49EB-891B-9F95930AA544}" = HP Customer Experience Enhancements "{08DB3902-2CE0-474D-BCE3-0177766CE9F1}" = HP Support Assistant "{09F56A49-A7B1-4AAB-95B9-D13094254AD1}" = Windows Live UX Platform Language Pack "{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update "{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite Deluxe "{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions "{254C37AA-6B72-4300-84F6-98A82419187E}" = ActiveCheck component for HP Active Support Library "{26A24AE4-039D-4CA4-87B4-2F83216022FF}" = Java 6 Update 24 "{2FDBBCEA-62DB-45F4-B6E5-0E1FB2A1F29D}" = Visual C++ 8.0 Runtime Setup Package (x64) "{3023EBDA-BF1B-4831-B347-E5018555F26E}" = HP MediaSmart Movie Themes "{34319F1F-7CF2-4CC9-B357-1AE7D2FF3AC5}" = Windows Live "{3B160861-7250-451E-B5EE-8B92BF30A710}" = Microsoft Works "{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go "{40FB8D7C-6FF8-4AF2-BC8B-0B1DB32AF04B}" = HP Advisor "{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}" = PowerRecover "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}" = Windows Live PIMT Platform "{4FEC0D0D-1279-4C46-B6F8-B73C5247A6A9}" = Foxit Reader "{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime "{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053 "{6057E21C-ABE9-4059-AE3E-3BEB9925E660}" = Windows Live Messenger "{62687B11-58B5-4A18-9BC3-9DF4CE03F194}" = Windows Live Writer Resources "{669D4A35-146B-4314-89F1-1AC3D7B88367}" = HPAsset component for HP Active Support Library "{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE "{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update "{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin "{6C1E7AA1-44E9-446D-AAB2-0DE6D9EFEAB1}" = Safari "{6E7DD182-9FC6-4651-0095-2E666CC6AF35}" = Les Sims 2 "{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = Analyseur et SDK MSXML 4.0 SP2 "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{853A4763-6643-4604-8D64-28BDD8925F4C}" = Apple Application Support "{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 "{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT "{90120000-0020-040C-0000-0000000FF1CE}" = Module de compatibilité pour Microsoft Office System 2007 "{95120000-00AF-040C-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (French) "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail "{9FAE6E8D-E686-49F5-A574-0A58DFD9580C}" = Windows Live Mail "{a0fe116e-9a8a-466f-aee0-625cb7c207e3}" = Microsoft Visual C++ 2005 Redistributable - KB2467175 "{A498D9EB-927B-459B-85D6-DD6EF8C2C564}" = erLT "{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common "{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer "{AFF7E080-1974-45BF-9310-10DE1A1F5ED0}" = Adobe AIR "{B2EE25B9-5B00-4ACF-94F0-92433C28C39E}" = HP MediaSmart Music/Photo/Video "{B3DAF54F-DB25-4586-9EF1-96D24BB14088}" = Windows Movie Maker 2.6 "{B8AC1A89-FFD1-4F97-8051-E505A160F562}" = HP Odometer "{B9A03B7B-E0FF-4FB3-BA83-762E58A1B0AA}" = HP Support Information "{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint "{C611CF88-969D-43E6-A877-D6D6439DD081}" = HP Remote Solution "{C893D8C0-1BA0-4517-B11C-E89B65E72F70}" = Windows Live Photo Common "{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector "{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform "{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64 "{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform "{D46D081B-F60E-467E-A7C4-117B70D76731}" = HP Update "{DCCAD079-F92C-44DA-B258-624FC6517A5A}" = HP MediaSmart DVD "{DD6C316A-FE75-4FBB-9D22-4C1920232B72}" = LightScribe System Software "{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10 "{E10DB5DA-E576-40EA-A7FC-1CB2A7B283A6}" = NVIDIA PhysX "{E9E34215-82EF-4909-BE2F-F581F0DC9062}" = DirectX for Managed Code Update (Summer 2004) "{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{F29B21BD-CAA6-445F-8EF7-A7E2B9D8B14E}" = Logitech SetPoint "{F3B912F5-EB57-45AA-B3D1-EB532BCF6EF8}" = HP Setup "{F535B2CF-C9BB-4162-B03A-02D6971F32CC}" = Microsoft Flight Simulator X "{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}" = Visual Studio 2008 x64 Redistributables "Adobe AIR" = Adobe AIR "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "Allway Sync_is1" = Allway Sync version 10.5.1 "aMSN" = aMSN 0.98.4 "Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus "BboxUpdate" = "Bouygues Telecom - désinstallation Bbox" = "DivX Setup.divx.com" = Configuration DivX "EasyBits Magic Desktop" = Magic Desktop "Foxit Reader" = Foxit Reader "HijackThis" = HijackThis 2.0.2 "HP Remote Solution" = HP Remote Solution "InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite Deluxe "InstallShield_{3023EBDA-BF1B-4831-B347-E5018555F26E}" = HP MediaSmart Movie Themes "InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go "InstallShield_{B2EE25B9-5B00-4ACF-94F0-92433C28C39E}" = HP MediaSmart Music/Photo/Video "InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint "InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector "InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}" = HP MediaSmart DVD "InstallShield_{F535B2CF-C9BB-4162-B03A-02D6971F32CC}" = Microsoft Flight Simulator X "Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware "Movies2iPhone" = Movies2iPhone 1.24 for Windows "Mozilla Firefox 4.0.1 (x86 fr)" = Mozilla Firefox 4.0.1 (x86 fr) "Mozilla Thunderbird (3.1.10)" = Mozilla Thunderbird (3.1.10) "MWSnap 3" = MWSnap 3 "Office8.0" = Microsoft Office 97 Professional "PhotoFiltre" = PhotoFiltre "Picasa 3" = Picasa 3 "Secunia PSI" = Secunia PSI (2.0.0.3003) "SpywareBlaster_is1" = SpywareBlaster 4.4 "SUPER ©" = SUPER © Version 2010.bld.38 (May 2, 2010) "VLC media player" = VLC media player 1.0.3 "WildTangent hp Master Uninstall" = HP Games "WinLiveSuite" = Windows Live "WinRAR archiver" = Logiciel d'archivage WinRAR ========== HKEY_CURRENT_USER Uninstall List ========== [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "Facebook Plug-In" = Facebook Plug-In ========== Last 10 Event Log Errors ========== [ Application Events ] Error - 13/04/2011 17:30:22 | Computer Name = Papa-PC | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: Continuously busy for more than a second Error - 13/04/2011 17:30:22 | Computer Name = Papa-PC | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: m->NextScheduledEvent 3993 Error - 13/04/2011 17:30:22 | Computer Name = Papa-PC | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: m->NextScheduledSPRetry 3993 Error - 13/04/2011 17:30:23 | Computer Name = Papa-PC | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: Continuously busy for more than a second Error - 13/04/2011 17:30:23 | Computer Name = Papa-PC | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: m->NextScheduledEvent 4992 Error - 13/04/2011 17:30:23 | Computer Name = Papa-PC | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: m->NextScheduledSPRetry 4992 Error - 13/04/2011 17:30:24 | Computer Name = Papa-PC | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: Continuously busy for more than a second Error - 13/04/2011 17:30:24 | Computer Name = Papa-PC | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: m->NextScheduledEvent 5990 Error - 13/04/2011 17:30:24 | Computer Name = Papa-PC | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: m->NextScheduledSPRetry 5990 Error - 13/04/2011 17:30:25 | Computer Name = Papa-PC | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: Continuously busy for more than a second [ Canal+ Events ] Error - 04/09/2010 06:18:34 | Computer Name = Papa-PC | Source = VideoOnDemand | ID = 0 Description = HttpJob.OnGetResponseCompleted : La demande a été abandonnée : La demande a été annulée. Error - 28/02/2011 13:25:02 | Computer Name = Papa-PC | Source = VideoOnDemand | ID = 0 Description = Application.UpdateCore : Balisage DTD attendu introuvable. Ligne 1, position 3. Error - 28/02/2011 13:25:02 | Computer Name = Papa-PC | Source = VideoOnDemand | ID = 0 Description = Application.UpdateWidget : Balisage DTD attendu introuvable. Ligne 1, position 3. Error - 28/02/2011 13:30:21 | Computer Name = Papa-PC | Source = VideoOnDemand | ID = 0 Description = Application.UpdateCore : Balisage DTD attendu introuvable. Ligne 1, position 3. Error - 28/02/2011 13:30:21 | Computer Name = Papa-PC | Source = VideoOnDemand | ID = 0 Description = Application.UpdateWidget : Balisage DTD attendu introuvable. Ligne 1, position 3. [ Hewlett-Packard Events ] Error - 11/07/2010 14:38:01 | Computer Name = Papa-PC | Source = Hewlett-Packard | ID = 0 Description = fr-FR Impossible de trouver le fichier 'C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Logs\SystemInfoAA.xml'. mscorlib à System.IO.__Error.WinIOError(Int32 errorCode, String maybeFullPath) à System.IO.FileStream.Init(String path, FileMode mode, FileAccess access, Int32 rights, Boolean useRights, FileShare share, Int32 bufferSize, FileOptions options, SECURITY_ATTRIBUTES secAttrs, String msgPath, Boolean bFromProxy) à System.IO.FileStream..ctor(String path, FileMode mode, FileAccess access, FileShare share, Int32 bufferSize, FileOptions options, String msgPath, Boolean bFromProxy) à System.IO.FileStream..ctor(String path, FileMode mode, FileAccess access, FileShare share, Int32 bufferSize, FileOptions options) à System.IO.StreamReader..ctor(String path, Encoding encoding, Boolean detectEncodingFromByteOrderMarks, Int32 bufferSize) à System.IO.StreamReader..ctor(String path, Encoding encoding) à System.IO.File.ReadAllText(String path, Encoding encoding) à n.a() Error - 09/08/2010 12:49:08 | Computer Name = Papa-PC | Source = Hewlett-Packard | ID = 0 Description = fr-FR Impossible de trouver le fichier 'C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Logs\SystemInfoAA.xml'. mscorlib à System.IO.__Error.WinIOError(Int32 errorCode, String maybeFullPath) à System.IO.FileStream.Init(String path, FileMode mode, FileAccess access, Int32 rights, Boolean useRights, FileShare share, Int32 bufferSize, FileOptions options, SECURITY_ATTRIBUTES secAttrs, String msgPath, Boolean bFromProxy) à System.IO.FileStream..ctor(String path, FileMode mode, FileAccess access, FileShare share, Int32 bufferSize, FileOptions options, String msgPath, Boolean bFromProxy) à System.IO.FileStream..ctor(String path, FileMode mode, FileAccess access, FileShare share, Int32 bufferSize, FileOptions options) à System.IO.StreamReader..ctor(String path, Encoding encoding, Boolean detectEncodingFromByteOrderMarks, Int32 bufferSize) à System.IO.StreamReader..ctor(String path, Encoding encoding) à System.IO.File.ReadAllText(String path, Encoding encoding) à n.a() Error - 06/09/2010 12:02:00 | Computer Name = Papa-PC | Source = Hewlett-Packard | ID = 0 Description = fr-FR Impossible de trouver le fichier 'C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Logs\SystemInfoAA.xml'. mscorlib à System.IO.__Error.WinIOError(Int32 errorCode, String maybeFullPath) à System.IO.FileStream.Init(String path, FileMode mode, FileAccess access, Int32 rights, Boolean useRights, FileShare share, Int32 bufferSize, FileOptions options, SECURITY_ATTRIBUTES secAttrs, String msgPath, Boolean bFromProxy) à System.IO.FileStream..ctor(String path, FileMode mode, FileAccess access, FileShare share, Int32 bufferSize, FileOptions options, String msgPath, Boolean bFromProxy) à System.IO.FileStream..ctor(String path, FileMode mode, FileAccess access, FileShare share, Int32 bufferSize, FileOptions options) à System.IO.StreamReader..ctor(String path, Encoding encoding, Boolean detectEncodingFromByteOrderMarks, Int32 bufferSize) à System.IO.StreamReader..ctor(String path, Encoding encoding) à System.IO.File.ReadAllText(String path, Encoding encoding) à n.a() Error - 22/03/2011 11:34:06 | Computer Name = Papa-PC | Source = Hewlett-Packard | ID = 0 Description = AAProcessExited() C:\ProgramData\Hewlett-Packard\HP Support Framework\Telemetry\031122043354.xml File not created by asset agent [ System Events ] Error - 30/11/2010 03:22:42 | Computer Name = Papa-PC | Source = Service Control Manager | ID = 7001 Description = Le service AVG Free E-mail Scanner dépend du service AVG Free WatchDog qui n’a pas pu démarrer en raison de l’erreur : %%1066 Error - 30/11/2010 03:25:56 | Computer Name = Papa-PC | Source = Disk | ID = 262155 Description = Le pilote a détecté une erreur du contrôleur sur \Device\Harddisk1\DR9. Error - 30/11/2010 03:26:00 | Computer Name = Papa-PC | Source = Disk | ID = 262155 Description = Le pilote a détecté une erreur du contrôleur sur \Device\Harddisk2\DR10. Error - 30/11/2010 03:26:04 | Computer Name = Papa-PC | Source = Disk | ID = 262155 Description = Le pilote a détecté une erreur du contrôleur sur \Device\Harddisk3\DR11. Error - 30/11/2010 07:16:15 | Computer Name = Papa-PC | Source = Service Control Manager | ID = 7024 Description = Le service AVG Free WatchDog s’est arrêté avec l’erreur service particulière %%-536805315. Error - 30/11/2010 07:16:27 | Computer Name = Papa-PC | Source = Service Control Manager | ID = 7001 Description = Le service AVG Free E-mail Scanner dépend du service AVG Free WatchDog qui n’a pas pu démarrer en raison de l’erreur : %%1066 Error - 03/12/2010 06:46:16 | Computer Name = Papa-PC | Source = Service Control Manager | ID = 7031 Description = Le service Apple Mobile Device s’est terminé de manière inattendue. Ceci s’est produit 1 fois. L’action corrective suivante va être effectuée dans 60000 millisecondes : Redémarrer le service. Error - 03/12/2010 06:46:28 | Computer Name = Papa-PC | Source = Service Control Manager | ID = 7031 Description = Le service Apple Mobile Device s’est terminé de manière inattendue. Ceci s’est produit 2 fois. L’action corrective suivante va être effectuée dans 60000 millisecondes : Redémarrer le service. Error - 03/12/2010 06:47:20 | Computer Name = Papa-PC | Source = DCOM | ID = 10010 Description = Error - 03/12/2010 06:47:28 | Computer Name = Papa-PC | Source = Service Control Manager | ID = 7032 Description = Le Gestionnaire de services de contrôle a essayé d’entreprendre une action corrective (Redémarrer le service) après la fin inattendue du service Apple Mobile Device, mais cette action a échoué en raison de l’erreur suivante : %%1056 < End of report >
  16. manu78
    Fait mais sans changement. Voici les 2 rapports OTL logfile created on: 03/05/2011 19:34:13 - Run 1 OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\Papa\Desktop 64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy 8,00 Gb Total Physical Memory | 6,00 Gb Available Physical Memory | 75,00% Memory free 16,00 Gb Paging File | 13,00 Gb Available in Paging File | 83,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 917,52 Gb Total Space | 701,19 Gb Free Space | 76,42% Space Free | Partition Type: NTFS Drive D: | 13,90 Gb Total Space | 2,44 Gb Free Space | 17,56% Space Free | Partition Type: NTFS Computer Name: PAPA-PC | User Name: Papa | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2011/05/03 19:33:39 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Papa\Desktop\OTL.exe PRC - [2011/04/27 10:15:24 | 000,136,360 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe PRC - [2011/04/19 08:44:40 | 000,993,848 | ---- | M] (Secunia) -- C:\Utilitaires PC\PSI\psia.exe PRC - [2011/04/19 08:44:40 | 000,399,416 | ---- | M] (Secunia) -- C:\Utilitaires PC\PSI\sua.exe PRC - [2011/04/19 08:44:40 | 000,291,896 | ---- | M] (Secunia) -- C:\Utilitaires PC\PSI\psi_tray.exe PRC - [2011/04/14 18:47:17 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe PRC - [2011/03/31 15:49:52 | 000,269,480 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe PRC - [2011/01/17 20:09:00 | 011,322,880 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe PRC - [2011/01/17 20:09:00 | 011,314,688 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin PRC - [2010/10/14 18:27:38 | 000,092,216 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe PRC - [2010/08/17 14:38:55 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe PRC - [2010/05/03 12:17:44 | 000,188,416 | R--- | M] (Canal+ Active) -- C:\Program Files (x86)\Canal+\CANAL+ CANALSAT A LA DEMANDE\VOD\CanalPlus.VOD.exe PRC - [2009/12/01 21:49:52 | 000,210,216 | ---- | M] (CyberLink) -- c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe PRC - [2009/10/20 15:50:34 | 000,128,296 | ---- | M] (CyberLink Corp.) -- c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe PRC - [2009/10/07 02:47:22 | 000,125,464 | ---- | M] (Logitech Inc.) -- C:\Program Files (x86)\Common Files\LogiShrd\LVMVFM\LVPrS64H.exe PRC - [2009/07/20 05:00:00 | 000,077,824 | ---- | M] () -- C:\Program Files\Logitech\SetPoint\x86\SetPoint32.exe ========== Modules (SafeList) ========== MOD - [2011/05/03 19:33:39 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Papa\Desktop\OTL.exe MOD - [2010/08/21 07:21:32 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll ========== Win32 Services (SafeList) ========== SRV:64bit: - [2009/10/07 02:47:10 | 000,191,000 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe -- (LVPrcS64) SRV:64bit: - [2009/07/20 13:36:14 | 000,160,784 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe -- (LBTServ) SRV:64bit: - [2009/07/14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend) SRV - [2011/04/27 10:15:24 | 000,136,360 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService) SRV - [2011/04/19 08:44:40 | 000,993,848 | ---- | M] (Secunia) [Auto | Running] -- C:\Utilitaires PC\PSI\PSIA.exe -- (Secunia PSI Agent) SRV - [2011/04/19 08:44:40 | 000,399,416 | ---- | M] (Secunia) [Auto | Running] -- C:\Utilitaires PC\PSI\sua.exe -- (Secunia Update Agent) SRV - [2011/03/31 15:49:52 | 000,269,480 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService) SRV - [2010/10/14 18:27:38 | 000,092,216 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe -- (HPDrvMntSvc.exe) SRV - [2010/05/03 12:17:44 | 000,188,416 | R--- | M] (Canal+ Active) [Auto | Running] -- C:\Program Files (x86)\Canal+\CANAL+ CANALSAT A LA DEMANDE\VOD\CanalPlus.VOD.exe -- (CanalPlus.VOD) SRV - [2010/03/18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2010/01/04 20:03:42 | 000,238,328 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe -- (GameConsoleService) SRV - [2009/06/10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) SRV - [2009/02/22 12:00:00 | 000,129,584 | ---- | M] (EasyBits Sofware AS) [Auto | Running] -- C:\Windows\SysWOW64\ezsvc7.dll -- (ezSharedSvc) ========== Driver Services (SafeList) ========== DRV:64bit: - [2011/03/11 08:22:41 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:64bit: - [2011/03/11 08:22:40 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:64bit: - [2011/02/18 17:36:58 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64) DRV:64bit: - [2011/02/01 17:32:36 | 000,083,120 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt) DRV:64bit: - [2010/09/01 10:30:58 | 000,017,976 | ---- | M] (Secunia) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\psi_mf.sys -- (PSI) DRV:64bit: - [2010/08/17 14:39:11 | 000,116,568 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb) DRV:64bit: - [2010/01/28 07:25:04 | 000,086,120 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA) DRV:64bit: - [2009/10/07 09:49:28 | 006,379,288 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\lvuvc64.sys -- (LVUVC64) Logitech Webcam 120(UVC) DRV:64bit: - [2009/10/07 02:45:50 | 000,030,232 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LVPr2M64.sys -- (LVPr2Mon) DRV:64bit: - [2009/10/07 02:45:50 | 000,030,232 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LVPr2M64.sys -- (LVPr2M64) DRV:64bit: - [2009/07/14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:64bit: - [2009/07/14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:64bit: - [2009/07/14 03:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:64bit: - [2009/07/14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:64bit: - [2009/07/13 16:31:42 | 000,233,472 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167) DRV:64bit: - [2009/06/17 18:54:46 | 000,040,976 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LUsbFilt.sys -- (LUsbFilt) DRV:64bit: - [2009/06/17 18:54:30 | 000,057,872 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LMouFilt.Sys -- (LMouFilt) DRV:64bit: - [2009/06/17 18:54:22 | 000,055,312 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LHidFilt.Sys -- (LHidFilt) DRV:64bit: - [2009/06/11 01:12:38 | 000,023,536 | ---- | M] (PC-Doctor, Inc.) [Kernel | On_Demand | Stopped] -- c:\program files\pc-doctor for windows\pcdsrvc_x64.pkms -- (PCDSRVC{F36B3A4C-F95654BD-06000000}_0) DRV:64bit: - [2009/06/10 22:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs) DRV:64bit: - [2009/06/10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:64bit: - [2009/06/10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:64bit: - [2009/06/10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:64bit: - [2009/06/10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:64bit: - [2009/05/18 15:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = HP | MSN IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = HP | MSN IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = HP | MSN IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = HP | MSN IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = HP | MSN IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = Google IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = HP | MSN IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "www.20minutes.fr" FF - prefs.js..extensions.enabledItems: {8b86149f-01fb-4842-9dd8-4d7eb02fd055}:0.21.1 FF - prefs.js..extensions.enabledItems: {d5eeb813-935a-435d-b01e-b3a02f2cb408}:0.9.2 FF - prefs.js..extensions.enabledItems: fr-classique-reforme1990@dictionaries.addons.mozilla.org:4.0.3 FF - prefs.js..extensions.enabledItems: exif_viewer@mozilla.doslash.org:1.60 FF - prefs.js..extensions.enabledItems: {81BF1D23-5F17-408D-AC6B-BD6DF7CAF670}:7.2.0.8 FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.6 FF - prefs.js..extensions.enabledItems: tineye@ideeinc.com:1.1 FF - prefs.js..extensions.enabledItems: youtubemp3podcaster@jeremy.d.gregorio.com:2.3.1 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24 FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011/05/03 19:33:10 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011/05/02 19:35:21 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.10\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2011/05/03 08:24:48 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.10\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins [2011/05/02 19:35:21 | 000,000,000 | ---D | M] [2010/05/04 13:57:50 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Papa\AppData\Roaming\mozilla\Extensions [2010/01/13 21:26:09 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Papa\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6} [2010/05/04 13:57:50 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Papa\AppData\Roaming\mozilla\Extensions\mozswing@mozswing.org [2011/05/02 19:35:26 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Papa\AppData\Roaming\mozilla\Firefox\Profiles\si6lffwm.default\extensions [2011/04/08 05:50:32 | 000,000,000 | ---D | M] (iMacros for Firefox) -- C:\Users\Papa\AppData\Roaming\mozilla\Firefox\Profiles\si6lffwm.default\extensions\{81BF1D23-5F17-408D-AC6B-BD6DF7CAF670} [2011/04/30 19:57:06 | 000,000,000 | ---D | M] (All-in-One Gestures) -- C:\Users\Papa\AppData\Roaming\mozilla\Firefox\Profiles\si6lffwm.default\extensions\{8b86149f-01fb-4842-9dd8-4d7eb02fd055} [2011/04/08 05:50:32 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Papa\AppData\Roaming\mozilla\Firefox\Profiles\si6lffwm.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2011/04/08 05:50:30 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\Papa\AppData\Roaming\mozilla\Firefox\Profiles\si6lffwm.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} [2011/04/08 05:50:31 | 000,000,000 | ---D | M] (Aviary) -- C:\Users\Papa\AppData\Roaming\mozilla\Firefox\Profiles\si6lffwm.default\extensions\{d5eeb813-935a-435d-b01e-b3a02f2cb408} [2011/03/10 07:17:54 | 000,000,000 | ---D | M] ("Exif Viewer") -- C:\Users\Papa\AppData\Roaming\mozilla\Firefox\Profiles\si6lffwm.default\extensions\exif_viewer@mozilla.doslash.org [2011/05/01 13:36:52 | 000,000,000 | ---D | M] (Dictionnaire français «Classique &amp; Réforme 1990») -- C:\Users\Papa\AppData\Roaming\mozilla\Firefox\Profiles\si6lffwm.default\extensions\fr-classique-reforme1990@dictionaries.addons.mozilla.org [2011/02/20 13:37:19 | 000,000,000 | ---D | M] (TinEye Reverse Image Search) -- C:\Users\Papa\AppData\Roaming\mozilla\Firefox\Profiles\si6lffwm.default\extensions\tineye@ideeinc.com [2011/05/02 19:35:27 | 000,000,000 | ---D | M] (Foxit PDF Creator Toolbar) -- C:\Users\Papa\AppData\Roaming\mozilla\Firefox\Profiles\si6lffwm.default\extensions\toolbar@ask.com [2011/04/08 05:50:29 | 000,000,000 | ---D | M] (Youtube MP3 Podcaster) -- C:\Users\Papa\AppData\Roaming\mozilla\Firefox\Profiles\si6lffwm.default\extensions\youtubemp3podcaster@jeremy.d.gregorio.com [2010/09/01 17:57:27 | 000,002,391 | ---- | M] () -- C:\Users\Papa\AppData\Roaming\Mozilla\Firefox\Profiles\si6lffwm.default\searchplugins\aviary.xml [2011/05/03 19:33:09 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions [2011/03/05 14:59:10 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} [2011/03/14 07:26:40 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} File not found (No name found) -- [2011/04/14 18:47:17 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\components\browsercomps.dll [2011/02/02 22:40:24 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll [2011/05/02 19:34:44 | 000,075,208 | ---- | M] (Foxit Software Company) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npFoxitReaderPlugin.dll [2010/01/01 10:00:00 | 000,001,516 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\amazon-france.xml [2010/01/01 10:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\bing.xml [2010/01/01 10:00:00 | 000,001,822 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\cnrtl-tlfi-fr.xml [2010/01/01 10:00:00 | 000,001,154 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\eBay-france.xml [2010/01/01 10:00:00 | 000,001,426 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\wikipedia-fr.xml [2010/01/01 10:00:00 | 000,000,956 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\yahoo-france.xml O1 HOSTS File: ([2009/06/10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2:64bit: - BHO: (no name) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No CLSID value found. O2 - BHO: (no name) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No CLSID value found. O2 - BHO: (Foxit PDF Creator Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - File not found O3 - HKLM\..\Toolbar: (Foxit PDF Creator Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - File not found O4:64bit: - HKLM..\Run: [Kernel and Hardware Abstraction Layer] C:\Windows\KHALMNPR.Exe (Logitech, Inc.) O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) O4 - Startup: C:\Users\Papa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe () O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideFastUserSwitching = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableLockWorkstation = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableChangePassword = 0 O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.) O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.) O13 - gopher Prefix: missing O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24) O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254 O18:64bit: - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - Reg Error: Key error. File not found O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20:64bit: - Winlogon\Notify\LBTWlgn: DllName - Reg Error: Key error. - c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.) O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. O28 - HKLM ShellExecuteHooks: {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll (EasyBits Software Corp.) O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2011/05/03 19:33:37 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Users\Papa\Desktop\OTL.exe [2011/05/03 16:35:31 | 000,000,000 | ---D | C] -- C:\Users\Papa\AppData\Local\{140496A3-4189-4056-A616-E08CF78F906C} [2011/05/02 20:32:09 | 000,000,000 | ---D | C] -- C:\Users\Papa\AppData\Local\{2FB72F65-1900-4373-8A82-677FF8CCF77A} [2011/05/02 19:37:26 | 001,071,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSCOMCTL.OCX [2011/05/02 19:37:26 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSSTDFMT.DLL [2011/05/02 19:37:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpywareBlaster [2011/05/02 19:35:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Foxit Software [2011/05/02 19:29:51 | 000,000,000 | ---D | C] -- C:\Users\Papa\AppData\Local\Secunia PSI [2011/05/02 19:22:25 | 000,204,496 | ---- | C] (Malwarebytes) -- C:\Users\Papa\Desktop\StartUpLite.exe [2011/05/01 18:20:39 | 000,000,000 | ---D | C] -- C:\Users\Papa\AppData\Local\{EA84F37E-0187-4EB0-A581-CA1B03669F5F} [2011/04/30 15:11:20 | 000,000,000 | ---D | C] -- C:\Users\Papa\AppData\Roaming\meilleurcoupon [2011/04/30 15:11:09 | 000,000,000 | ---D | C] -- C:\Users\Papa\AppData\Roaming\meilleurcoupon-setup_519646 [2011/04/29 17:11:59 | 000,000,000 | ---D | C] -- C:\Users\Papa\AppData\Local\{5AE7FE09-91C3-48BA-B5A0-670F73FD297C} [2011/04/28 17:34:11 | 000,000,000 | ---D | C] -- C:\Users\Papa\AppData\Local\{4BE31455-D824-40B9-9755-193092E56218} [2011/04/27 23:36:14 | 002,870,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe [2011/04/27 23:36:14 | 002,614,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\explorer.exe [2011/04/27 23:36:12 | 000,442,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsPrint.dll [2011/04/27 23:36:11 | 000,662,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsPrint.dll [2011/04/27 23:35:36 | 002,566,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\esent.dll [2011/04/27 23:35:36 | 001,686,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\esent.dll [2011/04/27 23:35:36 | 000,107,904 | ---- | C] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amdsata.sys [2011/04/27 23:35:35 | 000,187,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\storport.sys [2011/04/27 23:35:35 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fsutil.exe [2011/04/27 23:35:35 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fsutil.exe [2011/04/27 23:35:35 | 000,027,008 | ---- | C] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amdxata.sys [2011/04/27 23:35:29 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\prevhost.exe [2011/04/27 23:35:29 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\prevhost.exe [2011/04/27 14:43:33 | 000,000,000 | ---D | C] -- C:\Users\Papa\AppData\Local\{149B4CBC-32AF-4A17-AD8D-CF645A505DD8} [2011/04/26 21:54:10 | 000,000,000 | ---D | C] -- C:\Users\Papa\AppData\Local\{62BCB950-C90E-4694-B70B-AE976C0A31D9} [2011/04/25 18:32:02 | 000,000,000 | ---D | C] -- C:\Users\Papa\AppData\Local\{AA29A203-B993-40C4-8DB9-C9496ACA4A17} [2011/04/25 11:26:24 | 000,000,000 | ---D | C] -- C:\Users\Papa\AppData\Local\{2B0AE1CF-9BFE-43D2-8DCC-0986FBA72FDC} [2011/04/24 21:02:44 | 000,000,000 | ---D | C] -- C:\Users\Papa\AppData\Local\{3BD16219-4D87-40C4-8214-209F1B563C66} [2011/04/23 13:56:05 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\EA Games [2011/04/23 13:55:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA GAMES [2011/04/23 13:54:58 | 000,000,000 | ---D | C] -- C:\Users\Papa\Documents\EA Games [2011/04/23 13:48:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\EA GAMES [2011/04/23 13:48:58 | 000,442,368 | R--- | C] (On2.com) -- C:\Windows\SysWow64\vp6vfw.dll [2011/04/23 09:39:56 | 000,000,000 | ---D | C] -- C:\Users\Papa\AppData\Local\{F3BF5BA0-6CA3-4630-9D43-D8A696B564A1} [2011/04/22 18:03:01 | 000,000,000 | ---D | C] -- C:\Users\Papa\Desktop\consolidated [2011/04/22 14:28:00 | 000,000,000 | ---D | C] -- C:\Users\Papa\AppData\Local\{C5E6CCAA-5F8B-4116-B27A-EF9D7B964FCE} [2011/04/21 13:10:46 | 000,000,000 | ---D | C] -- C:\Users\Papa\AppData\Local\{FF88235F-5616-47FB-8248-3853C92C632D} [2011/04/20 10:25:07 | 000,000,000 | ---D | C] -- C:\Users\Papa\AppData\Local\{59F10E92-2CA7-4B0B-895D-64CDBBC13BA1} [2011/04/20 09:33:22 | 000,000,000 | ---D | C] -- C:\Users\Papa\AppData\Local\{BF071FD9-B59E-42B0-918A-E41AD9FBC314} [2011/04/20 05:52:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes [2011/04/20 05:51:46 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes [2011/04/20 05:51:46 | 000,000,000 | ---D | C] -- C:\Program Files\iPod [2011/04/20 05:50:18 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour [2011/04/20 05:50:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bonjour [2011/04/19 11:06:10 | 000,000,000 | ---D | C] -- C:\Users\Papa\AppData\Local\{9F24D233-A44D-4DB8-B99C-90031F54CC8C} [2011/04/18 21:33:53 | 000,000,000 | ---D | C] -- C:\Users\Papa\AppData\Local\{6AE07484-B798-48BE-B17A-F90CC4829967} [2011/04/17 12:46:35 | 000,000,000 | ---D | C] -- C:\Users\Papa\AppData\Local\{308BC36D-CC9E-418D-B16A-1E213092AAA0} [2011/04/14 07:48:09 | 000,476,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsGdiConverter.dll [2011/04/14 07:48:09 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsGdiConverter.dll [2011/04/14 07:48:06 | 000,852,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll [2011/04/14 07:48:06 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll [2011/04/14 07:48:06 | 000,612,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll [2011/04/14 07:48:02 | 001,359,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfc42u.dll [2011/04/14 07:48:01 | 001,395,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfc42.dll [2011/04/14 07:48:01 | 001,164,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc42u.dll [2011/04/14 07:48:01 | 001,137,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc42.dll [2011/04/14 07:47:59 | 000,367,104 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll [2011/04/14 07:47:59 | 000,294,912 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll [2011/04/14 07:47:59 | 000,046,080 | ---- | C] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll [2011/04/14 07:47:59 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll [2011/04/14 07:47:50 | 000,703,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll [2011/04/14 07:47:50 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeeds.dll [2011/04/14 07:47:50 | 000,256,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll [2011/04/14 07:47:50 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll [2011/04/14 07:47:50 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll [2011/04/14 07:47:50 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll [2011/04/14 07:47:50 | 000,097,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll [2011/04/14 07:47:50 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll [2011/04/14 07:47:49 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll [2011/04/14 07:47:49 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll [2011/04/14 07:47:49 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe [2011/04/14 07:47:49 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe [2011/04/14 07:47:48 | 000,482,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec [2011/04/14 07:47:48 | 000,386,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec [2011/04/14 07:46:49 | 000,356,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dnsapi.dll [2011/04/14 07:46:48 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dnscacheugc.exe [2011/04/14 07:46:48 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dnscacheugc.exe [2011/04/14 07:46:43 | 000,640,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winload.efi [2011/04/14 07:46:43 | 000,603,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winload.exe [2011/04/14 07:46:43 | 000,556,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.efi [2011/04/14 07:46:43 | 000,518,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.exe [2011/04/14 07:46:43 | 000,020,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kdusb.dll [2011/04/14 07:46:43 | 000,019,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kd1394.dll [2011/04/14 07:46:43 | 000,017,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kdcom.dll [2011/04/14 07:46:40 | 000,267,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\FXSCOVER.exe [2011/04/13 16:29:54 | 000,000,000 | ---D | C] -- C:\Users\Papa\AppData\Local\{B088E223-22EA-439D-BC8D-B7A245F63AA4} [2011/04/12 13:07:02 | 000,000,000 | ---D | C] -- C:\Users\Papa\AppData\Local\{34C50263-DE4C-4655-9A69-6F6D9FA773E5} [2011/04/11 13:13:05 | 000,000,000 | ---D | C] -- C:\Users\Papa\AppData\Local\{E8665BF2-1950-45E3-B37E-F10D007B30EE} [2011/04/11 10:57:23 | 000,000,000 | ---D | C] -- C:\Users\Papa\AppData\Local\{6233339C-09CE-489F-A75F-EBDEF2F6A7BF} [2011/04/10 22:41:19 | 000,000,000 | ---D | C] -- C:\Users\Papa\AppData\Local\{94C89538-CC8E-46B7-93BB-A9172799F08D} [2011/04/10 10:32:15 | 000,000,000 | ---D | C] -- C:\Users\Papa\AppData\Local\{E2898C48-568E-43F4-AA2F-73F38E807CE1} [2011/04/09 12:54:27 | 000,000,000 | ---D | C] -- C:\Users\Papa\AppData\Local\{A2080295-01CF-43F5-8BF9-1BD2B12CF856} [2011/04/08 18:24:45 | 000,000,000 | ---D | C] -- C:\Users\Papa\AppData\Local\{FD87179E-BAA6-4FBE-B8C8-27E098BC392A} [2011/04/07 14:09:41 | 000,000,000 | ---D | C] -- C:\Users\Papa\AppData\Local\{4B11A924-51A2-4674-BB95-E0CE2CE5CA48} [2011/04/06 16:26:58 | 000,237,856 | ---- | C] (Apple Inc.) -- C:\Windows\SysNative\dnssdX.dll [2011/04/06 16:26:58 | 000,119,584 | ---- | C] (Apple Inc.) -- C:\Windows\SysNative\dns-sd.exe [2011/04/06 16:26:58 | 000,096,544 | ---- | C] (Apple Inc.) -- C:\Windows\SysNative\dnssd.dll [2011/04/06 16:20:16 | 000,197,920 | ---- | C] (Apple Inc.) -- C:\Windows\SysWow64\dnssdX.dll [2011/04/06 16:20:16 | 000,107,808 | ---- | C] (Apple Inc.) -- C:\Windows\SysWow64\dns-sd.exe [2011/04/06 16:20:16 | 000,091,424 | ---- | C] (Apple Inc.) -- C:\Windows\SysWow64\dnssd.dll [2011/04/06 12:38:05 | 000,000,000 | ---D | C] -- C:\Users\Papa\AppData\Local\{42ACF8EC-FF78-47AE-8C0F-E5E96B23EB9D} [2011/04/05 18:21:06 | 000,000,000 | ---D | C] -- C:\Users\Papa\AppData\Local\{A28810A2-B2BD-453F-9A5C-BE197F7A25CB} [2011/04/04 21:14:42 | 000,000,000 | R--D | C] -- C:\Users\Papa\Documents\Scanned Documents [2011/04/04 17:25:37 | 000,000,000 | ---D | C] -- C:\Users\Papa\AppData\Local\{895E5192-57A3-4F04-B1EA-CB8801D1E588} [2011/04/04 16:34:54 | 000,000,000 | ---D | C] -- C:\Users\Papa\AppData\Local\{8EE0A6C8-479B-4611-880B-31BC85C74190} ========== Files - Modified Within 30 Days ========== [2011/05/03 19:33:39 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Papa\Desktop\OTL.exe [2011/05/03 19:33:11 | 000,002,054 | ---- | M] () -- C:\Users\Papa\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk [2011/05/03 19:33:11 | 000,001,140 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk [2011/05/03 16:35:15 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2011/05/03 16:35:02 | 000,000,000 | ---- | M] () -- C:\Windows\SysNative\drivers\lvuvc.hs [2011/05/03 08:24:49 | 000,002,031 | ---- | M] () -- C:\Users\Papa\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Thunderbird.lnk [2011/05/02 19:37:26 | 000,000,787 | ---- | M] () -- C:\Users\Papa\Desktop\SpywareBlaster.lnk [2011/05/02 19:35:33 | 000,001,256 | ---- | M] () -- C:\Users\Papa\Application Data\Microsoft\Internet Explorer\Quick Launch\Foxit Reader.lnk [2011/05/02 19:29:47 | 000,000,758 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk [2011/05/02 19:29:47 | 000,000,721 | ---- | M] () -- C:\Users\Papa\Desktop\Secunia PSI.lnk [2011/05/02 19:24:51 | 000,015,792 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2011/05/02 19:24:51 | 000,015,792 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2011/05/02 19:22:25 | 000,204,496 | ---- | M] (Malwarebytes) -- C:\Users\Papa\Desktop\StartUpLite.exe [2011/05/01 19:29:13 | 001,549,700 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2011/05/01 19:29:13 | 000,704,242 | ---- | M] () -- C:\Windows\SysNative\perfh00C.dat [2011/05/01 19:29:13 | 000,615,810 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2011/05/01 19:29:13 | 000,130,548 | ---- | M] () -- C:\Windows\SysNative\perfc00C.dat [2011/05/01 19:29:13 | 000,106,190 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2011/05/01 19:26:22 | 000,879,081 | ---- | M] () -- C:\Users\Papa\Desktop\SecurityCheck.exe [2011/05/01 19:24:35 | 2146,836,479 | -HS- | M] () -- C:\hiberfil.sys [2011/04/30 10:21:26 | 000,000,552 | ---- | M] () -- C:\Windows\tasks\PCDRScheduledMaintenance.job [2011/04/23 13:55:09 | 000,002,123 | ---- | M] () -- C:\Users\Public\Desktop\Les Sims 2.lnk [2011/04/20 05:53:26 | 000,002,515 | ---- | M] () -- C:\Users\Papa\Application Data\Microsoft\Internet Explorer\Quick Launch\Apple Safari.lnk [2011/04/20 05:53:26 | 000,002,491 | ---- | M] () -- C:\Users\Public\Desktop\Safari.lnk [2011/04/20 05:52:21 | 000,001,679 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk [2011/04/15 03:25:28 | 000,358,920 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2011/04/12 07:42:57 | 000,014,010 | ---- | M] () -- C:\Users\Papa\Desktop\B737-200A.jpg [2011/04/11 08:32:00 | 000,018,157 | ---- | M] () -- C:\Users\Papa\Desktop\classement 2.png [2011/04/10 13:56:37 | 000,016,719 | ---- | M] () -- C:\Users\Papa\Desktop\noel Michelle.ods [2011/04/06 16:26:58 | 000,237,856 | ---- | M] (Apple Inc.) -- C:\Windows\SysNative\dnssdX.dll [2011/04/06 16:26:58 | 000,119,584 | ---- | M] (Apple Inc.) -- C:\Windows\SysNative\dns-sd.exe [2011/04/06 16:26:58 | 000,096,544 | ---- | M] (Apple Inc.) -- C:\Windows\SysNative\dnssd.dll [2011/04/06 16:20:16 | 000,197,920 | ---- | M] (Apple Inc.) -- C:\Windows\SysWow64\dnssdX.dll [2011/04/06 16:20:16 | 000,107,808 | ---- | M] (Apple Inc.) -- C:\Windows\SysWow64\dns-sd.exe [2011/04/06 16:20:16 | 000,091,424 | ---- | M] (Apple Inc.) -- C:\Windows\SysWow64\dnssd.dll ========== Files Created - No Company Name ========== [2011/05/03 19:33:11 | 000,001,140 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk [2011/05/02 19:37:26 | 000,000,787 | ---- | C] () -- C:\Users\Papa\Desktop\SpywareBlaster.lnk [2011/05/02 19:35:33 | 000,001,256 | ---- | C] () -- C:\Users\Papa\Application Data\Microsoft\Internet Explorer\Quick Launch\Foxit Reader.lnk [2011/05/02 19:29:47 | 000,000,758 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk [2011/05/02 19:29:47 | 000,000,721 | ---- | C] () -- C:\Users\Papa\Desktop\Secunia PSI.lnk [2011/05/01 19:26:20 | 000,879,081 | ---- | C] () -- C:\Users\Papa\Desktop\SecurityCheck.exe [2011/04/30 19:56:43 | 000,001,152 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk [2011/04/23 13:55:09 | 000,002,123 | ---- | C] () -- C:\Users\Public\Desktop\Les Sims 2.lnk [2011/04/20 05:53:26 | 000,002,491 | ---- | C] () -- C:\Users\Public\Desktop\Safari.lnk [2011/04/20 05:52:21 | 000,001,679 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk [2011/04/12 07:42:57 | 000,014,010 | ---- | C] () -- C:\Users\Papa\Desktop\B737-200A.jpg [2011/04/11 08:32:00 | 000,018,157 | ---- | C] () -- C:\Users\Papa\Desktop\classement 2.png [2011/04/10 13:53:53 | 000,016,719 | ---- | C] () -- C:\Users\Papa\Desktop\noel Michelle.ods [2010/12/03 12:54:13 | 000,000,100 | ---- | C] () -- C:\Users\Papa\AppData\Roaming\Movies2iPhone.ini [2010/10/27 08:21:47 | 000,027,648 | ---- | C] () -- C:\Windows\SysWow64\AVSredirect.dll [2010/06/30 00:12:16 | 000,013,312 | ---- | C] () -- C:\Windows\LPRES.DLL [2010/06/20 08:36:04 | 000,019,456 | ---- | C] () -- C:\Users\Papa\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010/01/14 08:27:21 | 000,000,022 | ---- | C] () -- C:\Windows\exchng.ini [2010/01/14 08:27:20 | 000,000,611 | ---- | C] () -- C:\Windows\ODBC.INI [2010/01/14 08:27:19 | 000,000,957 | ---- | C] () -- C:\Windows\ODBCINST.INI [2010/01/13 22:00:39 | 000,000,056 | -H-- | C] () -- C:\Windows\SysWow64\ezsidmv.dat [2010/01/13 20:53:54 | 000,000,578 | ---- | C] () -- C:\Users\Papa\AppData\Roaming\wklnhst.dat [2009/10/24 06:24:01 | 000,009,868 | ---- | C] () -- C:\Windows\SysWow64\ezdigsgn.dat [2009/07/14 07:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat [2009/07/14 04:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT [2009/07/14 04:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat [2009/07/14 02:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin [2009/07/14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll [2009/07/13 23:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll [2009/06/10 23:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat [1997/08/29 01:00:00 | 000,094,208 | ---- | C] () -- C:\Windows\SysWow64\MSENCODE.DLL [1997/08/29 01:00:00 | 000,031,232 | ---- | C] () -- C:\Windows\SysWow64\XLREC.DLL [1997/08/29 01:00:00 | 000,025,600 | ---- | C] () -- C:\Windows\SysWow64\RECNCL.DLL [1997/08/29 01:00:00 | 000,022,016 | ---- | C] () -- C:\Windows\SysWow64\ODBCSTF.DLL [1997/08/29 01:00:00 | 000,022,016 | ---- | C] () -- C:\Windows\SysWow64\DOCOBJ.DLL [1997/08/29 01:00:00 | 000,012,288 | ---- | C] () -- C:\Windows\SysWow64\HLINKPRX.DLL ========== Alternate Data Streams ========== @Alternate Data Stream - 95 bytes -> C:\ProgramData\Temp:5C321E34 < End of report >
  17. manu78
    J'ai essayé d'activer ou pas le Js dans les options mais rien n'y fait, même avec les paramètres avancés, pas de changement non plus. Est-ce par hasard PSI qui aurait fait une maj sur Js ? Je vois une ligne "Java console 6x (extension for Firefox) .....Patched"
  18. manu78
    Dernier petit détail, je sais pas si c'est à cause de MBAM' StartUpLite dont je crois qu'il m'a fait supprimer quelque chose de Java mais au démarrage de Firefox, j'ai cette fenêtre qui apparaît ! Je fais OK et j'ai quand même accès au navigateur ! Une idée ?
  19. manu78
    Merci pour toutes ces petites infos que je vais m'empresser d'appliquer. Manu
  20. manu78
    Désinstalle depuis "Ajout/suppression de programmes: "Meilleur coupon" et/ou tout ce qui fait référence à "Coupon". Supprime ce dossier (en gras) si toujours présent C:\Program Files (x86)\Meilleur coupon Il n'apparaissait pas dans l'utilitaire (comme dans Ccleaner), je n'ai pu que le supprimer de la racine directement. Hijackthis Ok fait, 3 lignes supprimées Rapport Security Check Results of screen317's Security Check version 0.99.10 Windows 7 (UAC is enabled) Internet Explorer 8 `````````````````````````````` Antivirus/Firewall Check: Avira AntiVir Personal - Free Antivirus WMI entry may not exist for antivirus; attempting automatic update. Avira successfully updated! ``````````````````````````````` Anti-malware/Other Utilities Check: Malwarebytes' Anti-Malware HijackThis 2.0.2 Java 6 Update 24 Adobe Flash Player 10.2.159.1 Mozilla Thunderbird (3.1.9) ```````````````````````````````` Process Check: objlist.exe by Laurent Avira Antivir avgnt.exe Avira Antivir avguard.exe ``````````End of Log```````````` As-tu encore des soucis? Apparemment c'est bon pour le moment, je n'ai plus le widget ! Ca avait l'air simple mais j'osais pas toucher directement ! Merci
  21. manu78
    Bonjour, Un widget a été installé sur le bureau lors de l'inscription à un site en ligne et je n'arrive pas à m'en débarrasser avec l'outil de 7even. J'ai lancé Malwarebytes mais il n'a rien trouvé non plus. Avec Ccleaner, le Widget n'apparait pas ! Je vois bien un répertoire "c:\\programmes files\Meilleur coupon\meilleurcoupon.exe" mais je n'ose pas l'effacer directement. En plus, de temps en temps, des fenêtres Mozilla s'ouvrent seules avec des sites de pub ! J'ai fait une recherche sur le web et il renvoient sur des outils de zébulon donc je poste ici. Ci joint comme demandé les log de Hijackthis et MB. Merci de l'aide que vous pourrez m'apporter. Manu Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 17:22:50, on 30/04/2011 Platform: Unknown Windows (WinNT 6.01.3504) MSIE: Internet Explorer v8.00 (8.00.7600.16766) Boot mode: Normal Running processes: C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Utilitaires multimedia\itunes\iTunesHelper.exe C:\Program Files (x86)\Meilleur coupon\meilleurcoupon.exe C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin C:\Program Files\Logitech\SetPoint\x86\SetPoint32.exe c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe C:\Utilitaires PC\Hijackthis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = HP | MSN R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = HP | MSN R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = HP | MSN R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = HP | MSN R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file) O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [iTunesHelper] "C:\Utilitaires multimedia\itunes\iTunesHelper.exe" O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware (reboot)] "C:\Utilitaires PC\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - Startup: meilleurcoupon169144459.lnk = C:\Program Files (x86)\Meilleur coupon\meilleurcoupon.exe O4 - Startup: OpenOffice.org 3.3.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe O4 - Global Startup: Logitech SetPoint.lnk = ? O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O13 - Gopher Prefix: O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - (no file) O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe O23 - Service: CanalPlus.VOD - Canal+ Active - C:\Program Files (x86)\Canal+\CANAL+ CANALSAT A LA DEMANDE\VOD\CanalPlus.VOD.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: HP Health Check Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe O23 - Service: HP Quick Synchronization Service (HPDrvMntSvc.exe) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe O23 - Service: Process Monitor (LVPrcS64) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 8668 bytes et MaleWaresbytes Malwarebytes' Anti-Malware 1.50.1.1100 www.malwarebytes.org Version de la base de données: 6478 Windows 6.1.7600 Internet Explorer 8.0.7600.16385 30/04/2011 17:33:00 mbam-log-2011-04-30 (17-33-00).txt Type d'examen: Examen rapide Elément(s) analysé(s): 163611 Temps écoulé: 3 minute(s), 35 seconde(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 0 Valeur(s) du Registre infectée(s): 0 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 0 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): (Aucun élément nuisible détecté) Valeur(s) du Registre infectée(s): (Aucun élément nuisible détecté) Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): (Aucun élément nuisible détecté)
  22. manu78
    A priori non ! Bizarre hier ça l'a plus fait, ce matin ça recommence, je vais defragmenter avant de partir au boulot ! Merci
  23. manu78
    Non mon PC n'a que quelques mois et le DD peu rempli, tu penses que c'est quand même nécessaire ?
  24. manu78
    Bonjour, Je repasse vous voir pour un petit pb en espérant être dans la bonne rubrique. Mon DD est sollicité en permanence bien que rien ne semble ouvert (y compris sans navigateur, Firefox) - J'ai cherché dans le gestionnaire de taches, tout est à 0% - j'ai lance malwarebytes, rien trouvé, - j'ai lance Ccleaner, réparer les qques erreurs du registre, relancé un deuxième fois, - essayé un Hijackthis, rien de suspect apparemment, - la dernière analyse AVG ne signale rien, - j'ai trouvé un sujet similaire sur le forum où ils demande de faire une vérification du disque, pb c'est que seven ne veut pas car il me dit qu'il ne peut vérifier mon disque pendant qu'il est utilisé ! donc il semble bien tourner en permanence Voila, si quelqu'un à une piste. Merci d'avance. OS : seven Ram : 8Go DD : 1To
  25. manu78
    Encore merci pour ton aide. Bonne continuation. Manu
×
×
  • Créer...