Aller au contenu

ben ali

Membres
 Afficher le profil  Afficher son activité

  • Compteur de contenus

    59

  • Inscription

  • Dernière visite

 Type de contenu 

Tout ce qui a été posté par ben ali

  1. ben ali
    All processes killed ========== OTL ========== Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run not found. Starting removal of ActiveX control {8AD9C840-044E-11D1-B3E9-00805F499D93} Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully. Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found. Starting removal of ActiveX control {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}\ deleted successfully. Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}\ not found. Starting removal of ActiveX control {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found. Starting removal of ActiveX control {8AD9C840-044E-11D1-B3E9-00805F499D93} Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found. Starting removal of ActiveX control {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\ deleted successfully. Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\ not found. Starting removal of ActiveX control {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found. 64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\cdo\ deleted successfully. 64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CD00020A-8B95-11D1-82DB-00C04FB1625D}\ not found. File {CD00020A-8B95-11D1-82DB-00C04FB1625D} - Reg Error: Key error. File not found not found. 64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\http\0x00000001\ deleted successfully. 64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E1D2BF42-A96B-11d1-9C6B-0000F875AC61}\ not found. File {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found not found. 64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\http\oledb\ deleted successfully. 64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E1D2BF40-A96B-11d1-9C6B-0000F875AC61}\ not found. File {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found not found. 64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\https\0x00000001\ deleted successfully. 64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E1D2BF42-A96B-11d1-9C6B-0000F875AC61}\ not found. File {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found not found. 64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\https\oledb\ deleted successfully. 64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E1D2BF40-A96B-11d1-9C6B-0000F875AC61}\ not found. File {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found not found. 64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\livecall\ deleted successfully. 64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{828030A1-22C1-4009-854F-8E305202313F}\ not found. File {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found not found. 64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\msdaipp\ deleted successfully. File Protocol\Handler\msdaipp - No CLSID value found not found. 64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\msdaipp\0x00000001\ not found. 64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E1D2BF42-A96B-11d1-9C6B-0000F875AC61}\ not found. File {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found not found. 64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\msdaipp\oledb\ not found. 64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E1D2BF40-A96B-11d1-9C6B-0000F875AC61}\ not found. File {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found not found. 64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\msnim\ deleted successfully. 64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{828030A1-22C1-4009-854F-8E305202313F}\ not found. File {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found not found. 64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\mso-offdap\ deleted successfully. 64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3D9F03FA-7A94-11D3-BE81-0050048385D1}\ not found. File {3D9F03FA-7A94-11D3-BE81-0050048385D1} - Reg Error: Key error. File not found not found. 64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\skyline\ deleted successfully. 64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3a4f9195-65a8-11d5-85c1-0001023952c1}\ not found. File {3a4f9195-65a8-11d5-85c1-0001023952c1} - Reg Error: Key error. File not found not found. 64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\wlmailhtml\ deleted successfully. 64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{03C514A3-1EFB-4856-9F99-10D7BE1653C0}\ not found. File {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found not found. 64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully. 64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found. Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found. ADS C:\ProgramData\Temp:8FF81EB0 deleted successfully. ========== FILES ========== C:\Windows\tasks\GoogleUpdateTaskMachineCore.job moved successfully. C:\Windows\tasks\GoogleUpdateTaskMachineUA.job moved successfully. C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1344131542-878008096-2528777160-1000Core.job moved successfully. C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1344131542-878008096-2528777160-1000UA.job moved successfully. ========== SERVICES/DRIVERS ========== ========== REGISTRY ========== ========== COMMANDS ========== [EMPTYTEMP] User: All Users User: Default ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: Default User User: Public User: Utilisateur ->Temp folder emptied: 4489385 bytes ->Temporary Internet Files folder emptied: 36904310 bytes ->Java cache emptied: 30192508 bytes ->Google Chrome cache emptied: 8426819 bytes ->Flash cache emptied: 9971 bytes %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32 (64bit) .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 7513 bytes %systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 50406 bytes RecycleBin emptied: 1068 bytes Total Files Cleaned = 76,00 mb [EMPTYFLASH] User: All Users User: Default User: Default User User: Public User: Utilisateur ->Flash cache emptied: 0 bytes Total Flash Files Cleaned = 0,00 mb C:\Windows\System32\drivers\etc\Hosts moved successfully. HOSTS file reset successfully OTL by OldTimer - Version 3.2.20.2 log created on 01252011_113127 Files\Folders moved on Reboot... File\Folder C:\Users\Utilisateur\AppData\Local\Temp\Low\Fichiers Internet temporaires\Content.IE5\WFI8DN9Y\07=6;kvad08=17,ad08=34;kvad09=1;kvad10=-1;kvad11=1;kvad12=4;kvad13=2;kvad14=-1;kvhib=-1;kvhios=undefined;kvhires=-1;kvhif=10;kvbnex=0;;grp=145631191;misc=145631191[1] not found! File\Folder C:\Users\Utilisateur\AppData\Local\Temp\Low\Fichiers Internet temporaires\Content.IE5\WFI8DN9Y\07=6;kvad08=17,ad08=34;kvad09=1;kvad10=-1;kvad11=1;kvad12=4;kvad13=2;kvad14=-1;kvhib=-1;kvhios=undefined;kvhires=-1;kvhif=10;kvbnex=0;;grp=241301431;misc=241301431[1] not found! File\Folder C:\Users\Utilisateur\AppData\Local\Temp\Low\Fichiers Internet temporaires\Content.IE5\WFI8DN9Y\07=6;kvad08=17,ad08=34;kvad09=1;kvad10=-1;kvad11=1;kvad12=4;kvad13=2;kvad14=-1;kvhib=-1;kvhios=undefined;kvhires=-1;kvhif=10;kvbnex=0;;grp=355322817;misc=355322817[1] not found! File\Folder C:\Users\Utilisateur\AppData\Local\Temp\Low\Fichiers Internet temporaires\Content.IE5\WFI8DN9Y\07=6;kvad08=17,ad08=34;kvad09=1;kvad10=-1;kvad11=1;kvad12=4;kvad13=2;kvad14=-1;kvhib=-1;kvhios=undefined;kvhires=-1;kvhif=10;kvbnex=0;;grp=423939413;misc=423939413[1] not found! File\Folder C:\Users\Utilisateur\AppData\Local\Temp\Low\Fichiers Internet temporaires\Content.IE5\WFI8DN9Y\07=6;kvad08=17,ad08=34;kvad09=1;kvad10=-1;kvad11=1;kvad12=4;kvad13=2;kvad14=-1;kvhib=-1;kvhios=undefined;kvhires=-1;kvhif=10;kvbnex=0;;grp=440277142;misc=440277142[1] not found! File\Folder C:\Users\Utilisateur\AppData\Local\Temp\Low\Fichiers Internet temporaires\Content.IE5\WFI8DN9Y\ad07=6;kvad08=17,ad08=34;kvad09=1;kvad10=-1;kvad11=1;kvad12=4;kvad13=2;kvad14=-1;kvhib=-1;kvhios=undefined;kvhires=-1;kvhif=10;kvbnex=0;;grp=29557241;misc=29557241[1] not found! File\Folder C:\Users\Utilisateur\AppData\Local\Temp\Low\Fichiers Internet temporaires\Content.IE5\H5WZCI3Q\07=6;kvad08=17,ad08=34;kvad09=1;kvad10=-1;kvad11=1;kvad12=4;kvad13=2;kvad14=-1;kvhib=-1;kvhios=undefined;kvhires=-1;kvhif=10;kvbnex=0;;grp=250765136;misc=250765136[1] not found! C:\Users\Utilisateur\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully. File\Folder C:\Users\Utilisateur\AppData\Local\Temp\~DF2449146C42728EF6.TMP not found! File\Folder C:\Users\Utilisateur\AppData\Local\Temp\~DF5E929318A9177382.TMP not found! File\Folder C:\Users\Utilisateur\AppData\Local\Temp\~DF772D2B8FC8851013.TMP not found! File\Folder C:\Users\Utilisateur\AppData\Local\Temp\~DFBB2ECE6577B2D9E2.TMP not found! File\Folder C:\Users\Utilisateur\AppData\Local\Temp\~DFD1994F9C5C67C083.TMP not found! File\Folder C:\Users\Utilisateur\AppData\Local\Temp\~DFDEED668808C2D7C9.TMP not found! C:\Users\Utilisateur\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\Y3D9E1RD\3827947-young-beautiful-fitness-model-liste-son-muscles-abdominaux[1].jpg moved successfully. C:\Users\Utilisateur\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\K265YM9K\1vzMDa4j5hmvhGtY5AoSYqJ4IGtE497[1].jpg moved successfully. C:\Users\Utilisateur\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\K265YM9K\abdos-3361[1].jpg moved successfully. C:\Users\Utilisateur\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\K265YM9K\ads[5].htm moved successfully. C:\Users\Utilisateur\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\K265YM9K\ban_home_728x90[1].htm moved successfully. C:\Users\Utilisateur\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\K265YM9K\index[2].htm moved successfully. C:\Users\Utilisateur\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\IM4XXXEW\ads[2].htm moved successfully. C:\Users\Utilisateur\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\IM4XXXEW\victime-du-trojan-bho-t182409[1].html moved successfully. C:\Users\Utilisateur\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\5OLA632X\ads[1].htm moved successfully. C:\Users\Utilisateur\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\5OLA632X\afr[1].htm moved successfully. C:\Users\Utilisateur\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\5OLA632X\google_fr[1].htm moved successfully. C:\Users\Utilisateur\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\AntiPhishing\2CEDBFBC-DBA8-43AA-B1FD-CC8E6316E3E2.dat moved successfully. C:\Users\Utilisateur\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\MSIMGSIZ.DAT moved successfully. Registry entries deleted on Reboot... Bonjour Lance. Au niveau des symptomes, ils sont toujours les mêmes que depuis le début. Quant je démarre mon PC, le clavier est toujours inutilisable (là je complète le présent message en tapant depuis un autre pc) et par ailleurs, si je clique sur une page archivée dans mon historique de navigation, j'ai droit à un "Cette page ne peut être affichée". Je suis donc obligé de naviguer en utilisant "mes favoris". Cela dit, la souris est désormais normale. Merci encore mille fois pour ton aide et le temps précieux que tu prends pour m'aider !
  2. ben ali
    OTL Extras logfile created on: 19/01/2011 20:05:10 - Run 1 OTL by OldTimer - Version 3.2.20.2 Folder = C:\Users\Utilisateur\Pictures 64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy 4,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 53,00% Memory free 8,00 Gb Paging File | 6,00 Gb Available in Paging File | 76,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 235,23 Gb Total Space | 167,71 Gb Free Space | 71,30% Space Free | Partition Type: NTFS Drive D: | 217,63 Gb Total Space | 216,86 Gb Free Space | 99,65% Space Free | Partition Type: NTFS Drive E: | 12,71 Gb Total Space | 2,11 Gb Free Space | 16,58% Space Free | Partition Type: NTFS Drive Z: | 3,47 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF Computer Name: UTILISATEUR-PC | User Name: Utilisateur | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .url[@ = InternetShortcut] -- C:\Windows\System32\ieframe.DLL (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation) .url [@ = InternetShortcut] -- C:\Windows\System32\ieframe.DLL (Microsoft Corporation) [HKEY_USERS\S-1-5-21-1344131542-878008096-2528777160-1000\SOFTWARE\Classes\<extension>] .html [@ = ChromeHTML] -- C:\Users\Utilisateur\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) ========== Shell Spawning ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* File not found cmdfile [open] -- "%1" %* File not found comfile [open] -- "%1" %* File not found exefile [open] -- "%1" %* File not found helpfile [open] -- Reg Error: Key error. inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation) InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) piffile [open] -- "%1" %* File not found regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" File not found scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation) scrfile [open] -- "%1" /S File not found txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation) InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation) scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] ========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 ========== Authorized Applications List ========== ========== HKEY_LOCAL_MACHINE Uninstall List ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP140_series" = Canon MP140 series "{26A24AE4-039D-4CA4-87B4-2F86416015FF}" = Java 6 Update 15 (64-bit) "{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 "{64A3A4F4-B792-11D6-A78A-00B0D0160150}" = Java SE Development Kit 6 Update 15 (64-bit) "{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting "{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile "HDMI" = Intel® Graphics Media Accelerator Driver "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "SynTPDeinstKey" = Synaptics Pointing Device Driver [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam "{07FA4960-B038-49EB-891B-9F95930AA544}" = HP Customer Experience Enhancements "{0A2A5039-B37F-489D-B1DC-A5258DF9E697}" = FIFA 08 "{171E6C1E-B5FC-11DF-B115-005056C00008}" = Google Earth Plug-in "{17B4760F-334B-475D-829F-1A3E94A6A4E6}" = HP Setup "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite "{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Outil de téléchargement Windows Live "{2075CB0A-D26F-4DAA-B424-5079296B43BA}" = Windows Live FolderShare "{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT "{24D753CA-6AE9-4E30-8F5F-EFC93E08BF3D}" = Skype™ 4.0 "{254C37AA-6B72-4300-84F6-98A82419187E}" = ActiveCheck component for HP Active Support Library "{26A24AE4-039D-4CA4-87B4-2F83216015FF}" = Java 6 Update 20 "{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com "{2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}" = CyberLink PowerDVD 8 "{34D2AB40-150D-475D-AE32-BD23FB5EE355}" = HP Quick Launch Buttons "{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform "{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go "{40FB8D7C-6FF8-4AF2-BC8B-0B1DB32AF04B}" = HP Advisor "{4286E640-B5FB-11DF-AC4B-005056C00008}" = Google Earth "{43BA31BA-04BD-2EA3-0A60-A9C54E06D3F2}" = muvee Reveal "{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}" = Recovery Manager "{4634B21A-CC07-4396-890C-2B8168661FEA}" = Windows Live Writer "{46ABBC54-1872-4AA3-95E2-F2C063A63F31}" = Installation Windows Live "{53B20C18-D8D4-4588-8737-9BBFE303C354}" = Windows Live Movie Maker "{54CC7901-804D-4155-B353-21F0CC9112AB}" = HP Wireless Assistant "{5DD76286-9BE7-4894-A990-E905E91AC818}" = Windows Live Mail "{669D4A35-146B-4314-89F1-1AC3D7B88367}" = HPAsset component for HP Active Support Library "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{741CFE3A-1C0B-4A7D-8E08-5D78C911C09D}" = HP Support Assistant "{770F1BEC-2871-4E70-B837-FB8525FFA3B1}" = Windows Live Messenger "{80E158EA-7181-40FE-A701-301CE6BE64AB}" = CyberLink MediaShow "{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}" = Windows Live Call "{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8136 8168 8169 Ethernet Driver "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86) "{90120000-0020-040C-0000-0000000FF1CE}" = Module de compatibilité pour Microsoft Office System 2007 "{9012040C-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Standard "{95120000-00AF-040C-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (French) "{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader "{9C9CEB9D-53FD-49A7-85D2-FE674F72F24E}" = Microsoft Search Enhancement Pack "{9D3318E1-5A9F-4A95-A7A1-7E045403AE34}" = HP User Guides 0148 "{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR "{A8DB611A-D80E-450D-85F6-3ACDD164BE31}" = Pro Evolution Soccer 2009 "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{AC76BA86-7AD7-FFFF-7B44-A91000000001}" = Adobe Reader 9.1 MUI "{AD72CFB4-C2BF-424E-9DF0-C7BAD1F30A11}" = Adobe Shockwave Player "{B131E59D-202C-43C6-84C9-68F0C37541F1}" = Galerie de photos Windows Live "{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy "{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86) "{C3A32068-8AB1-4327-BB16-BED9C6219DC7}" = Atheros Driver Installation Program "{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint "{CA5DD6E1-B508-4922-815D-479E3228B17A}" = Europa Universalis 2 "{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector "{CC8E94A2-55C7-4460-953C-2A790180578C}" = LightScribe System Software "{CD95F661-A5C4-44F5-A6AA-ECDD91C240BB}" = WinZip 14.0 "{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}" = GTA San Andreas "{D46D081B-F60E-467E-A7C4-117B70D76731}" = HP Update "{DCE8CD14-FBF5-4464-B9A4-E18E473546C7}" = Assistant de connexion Windows Live "{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update "{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}" = IDT Audio "{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant "{EBB794ED-D282-4334-92FB-254481EFF514}" = Pro Evolution Soccer 6 "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU] "{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard "{F1D7AC58-554A-4A58-B784-B61558B1449A}" = QLBCASL "{F7D27C70-90F5-49B9-B188-0A133C0CE353}" = Windows Live Toolbar "82A44D22-9452-49FB-00FB-CEC7DCAF7E23" = EA SPORTS online 2008 "Adobe AIR" = Adobe AIR "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "Adobe Shockwave Player" = Adobe Shockwave Player "AGCEEP" = AGCEEP "avast5" = avast! Free Antivirus "EasyBits Magic Desktop" = Magic Desktop "InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam "InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite "InstallShield_{2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}" = CyberLink PowerDVD 8 "InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go "InstallShield_{80E158EA-7181-40FE-A701-301CE6BE64AB}" = CyberLink MediaShow "InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint "InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector "InstallShield_{EBB794ED-D282-4334-92FB-254481EFF514}" = Pro Evolution Soccer 6 "Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware "MP Navigator 3.1" = Canon MP Navigator 3.1 "Quick Zip_is1" = Quick Zip 4.60.019 "SAMSUNG CDMA Modem" = SAMSUNG CDMA Modem Driver Set "SAMSUNG Mobile USB Modem" = SAMSUNG Mobile USB Modem Software "SAMSUNG Mobile USB Modem 1.0" = SAMSUNG Mobile USB Modem 1.0 Software "ST6UNST #1" = SMSList "TerraExplorer" = TerraExplorer "WildTangent hp Master Uninstall" = HP Games "WinLiveSuite_Wave3" = Installation Windows Live ========== HKEY_USERS Uninstall List ========== [HKEY_USERS\S-1-5-21-1344131542-878008096-2528777160-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "Google Chrome" = Google Chrome "PhotoFiltre" = PhotoFiltre ========== Last 10 Event Log Errors ========== [ Application Events ] Error - 02/01/2011 07:37:40 | Computer Name = Utilisateur-PC | Source = SideBySide | ID = 16842815 Description = La création du contexte d’activation a échoué pour « c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll ». Erreur dans le fichier de manifeste ou de stratégie « c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll » à la ligne 3. La valeur « MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR » de l’attribut « version » de l’élément « assemblyIdentity » n’est pas valide. Error - 02/01/2011 07:38:29 | Computer Name = Utilisateur-PC | Source = SideBySide | ID = 16842787 Description = La création du contexte d’activation a échoué pour « c:\program files (x86)\windows live\photo gallery\MovieMaker.Exe ». Erreur dans le fichier de manifeste ou de stratégie « c:\program files (x86)\windows live\photo gallery\WLMFDS.DLL » à la ligne 8. L’identité de composant trouvé dans le manifeste ne correspond pas à celle du composant demandé. La référence est WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1". La définition est WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1". Utilisez sxstrace.exe pour un diagnostic détaillé. Error - 02/01/2011 08:09:35 | Computer Name = Utilisateur-PC | Source = SideBySide | ID = 16842815 Description = La création du contexte d’activation a échoué pour « c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll ». Erreur dans le fichier de manifeste ou de stratégie « c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll » à la ligne 3. La valeur « MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR » de l’attribut « version » de l’élément « assemblyIdentity » n’est pas valide. Error - 02/01/2011 08:09:50 | Computer Name = Utilisateur-PC | Source = SideBySide | ID = 16842787 Description = La création du contexte d’activation a échoué pour « c:\program files (x86)\windows live\photo gallery\MovieMaker.Exe ». Erreur dans le fichier de manifeste ou de stratégie « c:\program files (x86)\windows live\photo gallery\WLMFDS.DLL » à la ligne 8. L’identité de composant trouvé dans le manifeste ne correspond pas à celle du composant demandé. La référence est WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1". La définition est WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1". Utilisez sxstrace.exe pour un diagnostic détaillé. Error - 02/01/2011 08:10:06 | Computer Name = Utilisateur-PC | Source = SideBySide | ID = 16842815 Description = La création du contexte d’activation a échoué pour « c:\program files (x86)\spybot - search & destroy\DelZip179.dll ». Erreur dans le fichier de manifeste ou de stratégie « c:\program files (x86)\spybot - search & destroy\DelZip179.dll » à la ligne 8. La valeur « * » de l’attribut « language » de l’élément « assemblyIdentity » n’est pas valide. Error - 02/01/2011 08:10:11 | Computer Name = Utilisateur-PC | Source = SideBySide | ID = 16842811 Description = La création du contexte d’activation a échoué pour « c:\program files (x86)\microsoft\search enhancement pack\search helper\searchhelper.dll ». Erreur dans le fichier de manifeste ou de stratégie « c:\program files (x86)\microsoft\search enhancement pack\search helper\searchhelper.dll » à la ligne 2. Syntaxe XML non valide. Error - 02/01/2011 15:17:57 | Computer Name = Utilisateur-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107 Description = Échec de l’extraction de la liste racine tierce depuis le fichier CAB de mise à jour automatique à : <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>'>http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>'>http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>'>http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> avec l’erreur : Un certificat requis n’est pas dans sa période de validité selon la vérification par rapport à l’horloge système en cours ou le tampon daté dans le fichier signé. . Error - 03/01/2011 04:20:22 | Computer Name = Utilisateur-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107 Description = Échec de l’extraction de la liste racine tierce depuis le fichier CAB de mise à jour automatique à : <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> avec l’erreur : Un certificat requis n’est pas dans sa période de validité selon la vérification par rapport à l’horloge système en cours ou le tampon daté dans le fichier signé. . Error - 04/01/2011 05:06:01 | Computer Name = Utilisateur-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107 Description = Échec de l’extraction de la liste racine tierce depuis le fichier CAB de mise à jour automatique à : <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> avec l’erreur : Un certificat requis n’est pas dans sa période de validité selon la vérification par rapport à l’horloge système en cours ou le tampon daté dans le fichier signé. . Error - 04/01/2011 13:19:23 | Computer Name = Utilisateur-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107 Description = Échec de l’extraction de la liste racine tierce depuis le fichier CAB de mise à jour automatique à : <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> avec l’erreur : Un certificat requis n’est pas dans sa période de validité selon la vérification par rapport à l’horloge système en cours ou le tampon daté dans le fichier signé. . [ Hewlett-Packard Events ] Error - 07/07/2010 04:53:13 | Computer Name = Utilisateur-PC | Source = Hewlett-Packard | ID = 0 Description = fr-FR Impossible de trouver le fichier 'C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Logs\SystemInfoAA.xml'. mscorlib à System.IO.__Error.WinIOError(Int32 errorCode, String maybeFullPath) à System.IO.FileStream.Init(String path, FileMode mode, FileAccess access, Int32 rights, Boolean useRights, FileShare share, Int32 bufferSize, FileOptions options, SECURITY_ATTRIBUTES secAttrs, String msgPath, Boolean bFromProxy) à System.IO.FileStream..ctor(String path, FileMode mode, FileAccess access, FileShare share, Int32 bufferSize, FileOptions options, String msgPath, Boolean bFromProxy) à System.IO.FileStream..ctor(String path, FileMode mode, FileAccess access, FileShare share, Int32 bufferSize, FileOptions options) à System.IO.StreamReader..ctor(String path, Encoding encoding, Boolean detectEncodingFromByteOrderMarks, Int32 bufferSize) à System.IO.StreamReader..ctor(String path, Encoding encoding) à System.IO.File.ReadAllText(String path, Encoding encoding) à n.a(Object A_0, EventArgs A_1) Error - 07/07/2010 04:53:13 | Computer Name = Utilisateur-PC | Source = Hewlett-Packard | ID = 0 Description = fr-FR Impossible de trouver le fichier 'C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Logs\SystemInfoAA.xml'. mscorlib à System.IO.__Error.WinIOError(Int32 errorCode, String maybeFullPath) à System.IO.FileStream.Init(String path, FileMode mode, FileAccess access, Int32 rights, Boolean useRights, FileShare share, Int32 bufferSize, FileOptions options, SECURITY_ATTRIBUTES secAttrs, String msgPath, Boolean bFromProxy) à System.IO.FileStream..ctor(String path, FileMode mode, FileAccess access, FileShare share, Int32 bufferSize, FileOptions options, String msgPath, Boolean bFromProxy) à System.IO.FileStream..ctor(String path, FileMode mode, FileAccess access, FileShare share, Int32 bufferSize, FileOptions options) à System.IO.StreamReader..ctor(String path, Encoding encoding, Boolean detectEncodingFromByteOrderMarks, Int32 bufferSize) à System.IO.StreamReader..ctor(String path, Encoding encoding) à System.IO.File.ReadAllText(String path, Encoding encoding) à n.a(Object A_0, EventArgs A_1) Error - 21/07/2010 05:59:38 | Computer Name = Utilisateur-PC | Source = Hewlett-Packard | ID = 0 Description = fr-FR Erreur non spécifiée rencontrée sur le thread de restitution. PresentationCore à System.Windows.Media.MediaContext.NotifyPartitionIsZombie(Int32 failureCode) à System.Windows.Media.MediaContext.NotifyChannelMessage() à System.Windows.Interop.HwndTarget.HandleMessage(Int32 msg, IntPtr wparam, IntPtr lparam) à System.Windows.Interop.HwndSource.HwndTargetFilterMessage(IntPtr hwnd, Int32 msg, IntPtr wParam, IntPtr lParam, Boolean& handled) à MS.Win32.HwndWrapper.WndProc(IntPtr hwnd, Int32 msg, IntPtr wParam, IntPtr lParam, Boolean& handled) à MS.Win32.HwndSubclass.DispatcherCallbackOperation(Object o) à System.Windows.Threading.ExceptionWrapper.InternalRealCall(Delegate callback, Object args, Boolean isSingleParameter) à System.Windows.Threading.ExceptionWrapper.TryCatchWhen(Object source, Delegate callback, Object args, Boolean isSingleParameter, Delegate catchHandler) Error - 21/07/2010 05:59:40 | Computer Name = Utilisateur-PC | Source = Hewlett-Packard | ID = 0 Description = fr-FR Exception de HRESULT : 0x88980406 PresentationCore à System.Windows.Media.Composition.DUCE.Channel.SyncFlush() à System.Windows.Media.Composition.DUCE.CompositionTarget.UpdateWindowSettings(ResourceHandle hCompositionTarget, RECT windowRect, Color colorKey, Single constantAlpha, MILWindowLayerType windowLayerType, MILTransparencyFlags transparencyMode, Boolean isChild, Boolean isRTL, Boolean renderingEnabled, Int32 disableCookie, Channel channel) à System.Windows.Interop.HwndTarget.UpdateWindowSettings(Boolean enableRenderTarget, Nullable`1 channelSet) à System.Windows.Interop.HwndTarget.UpdateWindowSettings(Boolean enableRenderTarget) à System.Windows.Interop.HwndTarget.UpdateWindowPos(IntPtr lParam) à System.Windows.Interop.HwndTarget.HandleMessage(Int32 msg, IntPtr wparam, IntPtr lparam) à System.Windows.Interop.HwndSource.HwndTargetFilterMessage(IntPtr hwnd, Int32 msg, IntPtr wParam, IntPtr lParam, Boolean& handled) à MS.Win32.HwndWrapper.WndProc(IntPtr hwnd, Int32 msg, IntPtr wParam, IntPtr lParam, Boolean& handled) à MS.Win32.HwndSubclass.DispatcherCallbackOperation(Object o) à System.Windows.Threading.ExceptionWrapper.InternalRealCall(Delegate callback, Object args, Boolean isSingleParameter) à System.Windows.Threading.ExceptionWrapper.TryCatchWhen(Object source, Delegate callback, Object args, Boolean isSingleParameter, Delegate catchHandler) Error - 21/07/2010 05:59:53 | Computer Name = Utilisateur-PC | Source = Hewlett-Packard | ID = 0 Description = fr-FR Erreur non spécifiée rencontrée sur le thread de restitution. PresentationCore à System.Windows.Media.MediaContext.NotifyPartitionIsZombie(Int32 failureCode) à System.Windows.Media.MediaContext.NotifyChannelMessage() à System.Windows.Media.MediaContext.CompleteRender() à System.Windows.Media.MediaContext.LeaveInterlockedPresentation() à System.Windows.Media.MediaContext.DisconnectHandler(Object obj) à System.Windows.Threading.ExceptionWrapper.InternalRealCall(Delegate callback, Object args, Boolean isSingleParameter) à System.Windows.Threading.ExceptionWrapper.TryCatchWhen(Object source, Delegate callback, Object args, Boolean isSingleParameter, Delegate catchHandler) Error - 28/07/2010 14:12:16 | Computer Name = Utilisateur-PC | Source = Hewlett-Packard | ID = 0 Description = fr-FR Impossible de trouver le fichier 'C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Logs\SystemInfoAA.xml'. mscorlib à System.IO.__Error.WinIOError(Int32 errorCode, String maybeFullPath) à System.IO.FileStream.Init(String path, FileMode mode, FileAccess access, Int32 rights, Boolean useRights, FileShare share, Int32 bufferSize, FileOptions options, SECURITY_ATTRIBUTES secAttrs, String msgPath, Boolean bFromProxy) à System.IO.FileStream..ctor(String path, FileMode mode, FileAccess access, FileShare share, Int32 bufferSize, FileOptions options, String msgPath, Boolean bFromProxy) à System.IO.FileStream..ctor(String path, FileMode mode, FileAccess access, FileShare share, Int32 bufferSize, FileOptions options) à System.IO.StreamReader..ctor(String path, Encoding encoding, Boolean detectEncodingFromByteOrderMarks, Int32 bufferSize) à System.IO.StreamReader..ctor(String path, Encoding encoding) à System.IO.File.ReadAllText(String path, Encoding encoding) à n.a(Object A_0, EventArgs A_1) Error - 28/07/2010 14:12:17 | Computer Name = Utilisateur-PC | Source = Hewlett-Packard | ID = 0 Description = fr-FR Impossible de trouver le fichier 'C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Logs\SystemInfoAA.xml'. mscorlib à System.IO.__Error.WinIOError(Int32 errorCode, String maybeFullPath) à System.IO.FileStream.Init(String path, FileMode mode, FileAccess access, Int32 rights, Boolean useRights, FileShare share, Int32 bufferSize, FileOptions options, SECURITY_ATTRIBUTES secAttrs, String msgPath, Boolean bFromProxy) à System.IO.FileStream..ctor(String path, FileMode mode, FileAccess access, FileShare share, Int32 bufferSize, FileOptions options, String msgPath, Boolean bFromProxy) à System.IO.FileStream..ctor(String path, FileMode mode, FileAccess access, FileShare share, Int32 bufferSize, FileOptions options) à System.IO.StreamReader..ctor(String path, Encoding encoding, Boolean detectEncodingFromByteOrderMarks, Int32 bufferSize) à System.IO.StreamReader..ctor(String path, Encoding encoding) à System.IO.File.ReadAllText(String path, Encoding encoding) à n.a(Object A_0, EventArgs A_1) Error - 04/08/2010 05:51:53 | Computer Name = Utilisateur-PC | Source = Hewlett-Packard | ID = 0 Description = fr-FR Impossible de trouver le fichier 'C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Logs\SystemInfoAA.xml'. mscorlib à System.IO.__Error.WinIOError(Int32 errorCode, String maybeFullPath) à System.IO.FileStream.Init(String path, FileMode mode, FileAccess access, Int32 rights, Boolean useRights, FileShare share, Int32 bufferSize, FileOptions options, SECURITY_ATTRIBUTES secAttrs, String msgPath, Boolean bFromProxy) à System.IO.FileStream..ctor(String path, FileMode mode, FileAccess access, FileShare share, Int32 bufferSize, FileOptions options, String msgPath, Boolean bFromProxy) à System.IO.FileStream..ctor(String path, FileMode mode, FileAccess access, FileShare share, Int32 bufferSize, FileOptions options) à System.IO.StreamReader..ctor(String path, Encoding encoding, Boolean detectEncodingFromByteOrderMarks, Int32 bufferSize) à System.IO.StreamReader..ctor(String path, Encoding encoding) à System.IO.File.ReadAllText(String path, Encoding encoding) à n.a(Object A_0, EventArgs A_1) Error - 04/08/2010 05:51:53 | Computer Name = Utilisateur-PC | Source = Hewlett-Packard | ID = 0 Description = fr-FR Impossible de trouver le fichier 'C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Logs\SystemInfoAA.xml'. mscorlib à System.IO.__Error.WinIOError(Int32 errorCode, String maybeFullPath) à System.IO.FileStream.Init(String path, FileMode mode, FileAccess access, Int32 rights, Boolean useRights, FileShare share, Int32 bufferSize, FileOptions options, SECURITY_ATTRIBUTES secAttrs, String msgPath, Boolean bFromProxy) à System.IO.FileStream..ctor(String path, FileMode mode, FileAccess access, FileShare share, Int32 bufferSize, FileOptions options, String msgPath, Boolean bFromProxy) à System.IO.FileStream..ctor(String path, FileMode mode, FileAccess access, FileShare share, Int32 bufferSize, FileOptions options) à System.IO.StreamReader..ctor(String path, Encoding encoding, Boolean detectEncodingFromByteOrderMarks, Int32 bufferSize) à System.IO.StreamReader..ctor(String path, Encoding encoding) à System.IO.File.ReadAllText(String path, Encoding encoding) à n.a(Object A_0, EventArgs A_1) Error - 10/11/2010 04:36:42 | Computer Name = Utilisateur-PC | Source = Hewlett-Packard | ID = 0 Description = fr-FR Impossible de trouver le fichier 'C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Logs\SystemInfoAA.xml'. mscorlib à System.IO.__Error.WinIOError(Int32 errorCode, String maybeFullPath) à System.IO.FileStream.Init(String path, FileMode mode, FileAccess access, Int32 rights, Boolean useRights, FileShare share, Int32 bufferSize, FileOptions options, SECURITY_ATTRIBUTES secAttrs, String msgPath, Boolean bFromProxy) à System.IO.FileStream..ctor(String path, FileMode mode, FileAccess access, FileShare share, Int32 bufferSize, FileOptions options, String msgPath, Boolean bFromProxy) à System.IO.FileStream..ctor(String path, FileMode mode, FileAccess access, FileShare share, Int32 bufferSize, FileOptions options) à System.IO.StreamReader..ctor(String path, Encoding encoding, Boolean detectEncodingFromByteOrderMarks, Int32 bufferSize) à System.IO.StreamReader..ctor(String path, Encoding encoding) à System.IO.File.ReadAllText(String path, Encoding encoding) à n.a(Object A_0, EventArgs A_1) [ System Events ] Error - 06/09/2010 19:27:08 | Computer Name = Utilisateur-PC | Source = DCOM | ID = 10005 Description = Error - 06/09/2010 19:27:08 | Computer Name = Utilisateur-PC | Source = Service Control Manager | ID = 7038 Description = Le service upnphost n’a pas pu ouvrir de session en tant que NT AUTHORITY\LocalService avec le mot de passe actuellement configuré en raison de l’erreur suivante : %%50 Pour vous assurer que le service est configuré correctement, utilisez le composant logiciel enfichable Services dans Microsoft Management Console (MMC). Error - 06/09/2010 19:27:08 | Computer Name = Utilisateur-PC | Source = Service Control Manager | ID = 7000 Description = Le service Hôte de périphérique UPnP n’a pas pu démarrer en raison de l’erreur : %%1069 Error - 13/09/2010 11:25:12 | Computer Name = Utilisateur-PC | Source = DCOM | ID = 10010 Description = Error - 22/09/2010 08:56:13 | Computer Name = Utilisateur-PC | Source = DCOM | ID = 10016 Description = Error - 03/10/2010 19:19:07 | Computer Name = Utilisateur-PC | Source = DCOM | ID = 10005 Description = Error - 03/10/2010 19:19:07 | Computer Name = Utilisateur-PC | Source = Service Control Manager | ID = 7038 Description = Le service upnphost n’a pas pu ouvrir de session en tant que NT AUTHORITY\LocalService avec le mot de passe actuellement configuré en raison de l’erreur suivante : %%1352 Pour vous assurer que le service est configuré correctement, utilisez le composant logiciel enfichable Services dans Microsoft Management Console (MMC). Error - 03/10/2010 19:19:07 | Computer Name = Utilisateur-PC | Source = Service Control Manager | ID = 7000 Description = Le service Hôte de périphérique UPnP n’a pas pu démarrer en raison de l’erreur : %%1069 Error - 03/10/2010 19:19:07 | Computer Name = Utilisateur-PC | Source = Service Control Manager | ID = 7038 Description = Le service upnphost n’a pas pu ouvrir de session en tant que NT AUTHORITY\LocalService avec le mot de passe actuellement configuré en raison de l’erreur suivante : %%50 Pour vous assurer que le service est configuré correctement, utilisez le composant logiciel enfichable Services dans Microsoft Management Console (MMC). Error - 03/10/2010 19:19:07 | Computer Name = Utilisateur-PC | Source = Service Control Manager | ID = 7000 Description = Le service Hôte de périphérique UPnP n’a pas pu démarrer en raison de l’erreur : %%1069 < End of report >
  3. ben ali
    OTL logfile created on: 24/01/2011 20:35:54 - Run 2 OTL by OldTimer - Version 3.2.20.2 Folder = C:\Users\Utilisateur\Pictures 64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy 4,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 55,00% Memory free 8,00 Gb Paging File | 6,00 Gb Available in Paging File | 74,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 235,23 Gb Total Space | 171,46 Gb Free Space | 72,89% Space Free | Partition Type: NTFS Drive D: | 217,63 Gb Total Space | 216,86 Gb Free Space | 99,65% Space Free | Partition Type: NTFS Drive E: | 12,71 Gb Total Space | 2,11 Gb Free Space | 16,58% Space Free | Partition Type: NTFS Drive Z: | 3,47 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF Computer Name: UTILISATEUR-PC | User Name: Utilisateur | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe (Google Inc.) PRC - C:\Users\Utilisateur\Pictures\OTL.exe (OldTimer Tools) PRC - C:\Program Files\Alwil Software\Avast5\AvastUI.exe (ALWIL Software) PRC - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (ALWIL Software) PRC - C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10c.exe (Adobe Systems, Inc.) PRC - C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.) PRC - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.) ========== Modules (SafeList) ========== MOD - C:\Users\Utilisateur\Pictures\OTL.exe (OldTimer Tools) MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll (Microsoft Corporation) MOD - C:\Windows\SysWOW64\normaliz.dll (Microsoft Corporation) ========== Win32 Services (SafeList) ========== SRV:64bit: - (avast! Web Scanner) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (ALWIL Software) SRV:64bit: - (avast! Mail Scanner) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (ALWIL Software) SRV:64bit: - (avast! Antivirus) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (ALWIL Software) SRV:64bit: - (STacSV) -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_b87ff64c8b56b7db\stacsv64.exe (IDT, Inc.) SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation) SRV:64bit: - (AESTFilters) -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_b87ff64c8b56b7db\AESTSr64.exe (Andrea Electronics Corporation) SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation) SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation) SRV - (GameConsoleService) -- C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe (WildTangent, Inc.) SRV - (ezSharedSvc) -- C:\Windows\SysWOW64\ezsvc7.dll (EasyBits Sofware AS) SRV - (SBSDWSCService) -- C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.) ========== Driver Services (SafeList) ========== DRV:64bit: - (aswMonFlt) -- C:\Windows\SysNative\drivers\aswMonFlt.sys (ALWIL Software) DRV:64bit: - (athr) -- C:\Windows\SysNative\drivers\athrx.sys (Atheros Communications, Inc.) DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation) DRV:64bit: - (STHDA) -- C:\Windows\SysNative\drivers\stwrt64.sys (IDT, Inc.) DRV:64bit: - (SynTP) -- C:\Windows\SysNative\drivers\SynTP.sys (Synaptics Incorporated) DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices) DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices) DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.) DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation) DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company) DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology) DRV:64bit: - (sdbus) -- C:\Windows\SysNative\drivers\sdbus.sys (Microsoft Corporation) DRV:64bit: - (IntcHdmiAddService) Intel® -- C:\Windows\SysNative\drivers\IntcHdmi.sys (Intel® Corporation) DRV:64bit: - (SrvHsfV92) -- C:\Windows\SysNative\drivers\VSTDPV6.SYS (Conexant Systems, Inc.) DRV:64bit: - (SrvHsfWinac) -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS (Conexant Systems, Inc.) DRV:64bit: - (SrvHsfHDA) -- C:\Windows\SysNative\drivers\VSTAZL6.SYS (Conexant Systems, Inc.) DRV:64bit: - (AgereSoftModem) -- C:\Windows\SysNative\drivers\agrsm64.sys (LSI Corp) DRV:64bit: - (Ntfs) -- C:\Windows\SysNative\wbem\ntfs.mof () DRV:64bit: - (yukonw7) -- C:\Windows\SysNative\drivers\yk62x64.sys (Marvell) DRV:64bit: - (netw5v64) Intel® -- C:\Windows\SysNative\drivers\netw5v64.sys (Intel Corporation) DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation) DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation) DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation) DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.) DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek ) DRV:64bit: - (HpqKbFiltr) -- C:\Windows\SysNative\drivers\HpqKbFiltr.sys (Hewlett-Packard Development Company, L.P.) DRV - (RSUSBSTOR) -- C:\Windows\SysWOW64\drivers\RtsUStor.sys (Realtek Semiconductor Corp.) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = Compaq Notebook | MSN.fr IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Compaq Notebook | MSN.fr IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = Compaq Notebook | MSN.fr IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Compaq Notebook | MSN.fr IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = Compaq Notebook | MSN.fr IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Google IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 O1 HOSTS File: ([2010/08/28 11:39:06 | 000,416,980 | R--- | M]) - C:\Windows\SysNative\drivers\etc\hosts O1 - Hosts: 127.0.0.1 www.007guard.com O1 - Hosts: 127.0.0.1 007guard.com O1 - Hosts: 127.0.0.1 008i.com O1 - Hosts: 127.0.0.1 www.008k.com O1 - Hosts: 127.0.0.1 008k.com O1 - Hosts: 127.0.0.1 www.00hq.com O1 - Hosts: 127.0.0.1 00hq.com O1 - Hosts: 127.0.0.1 010402.com O1 - Hosts: 127.0.0.1 www.032439.com O1 - Hosts: 127.0.0.1 032439.com O1 - Hosts: 127.0.0.1 www.0scan.com O1 - Hosts: 127.0.0.1 0scan.com O1 - Hosts: 127.0.0.1 1000gratisproben.com O1 - Hosts: 127.0.0.1 www.1000gratisproben.com O1 - Hosts: 127.0.0.1 1001namen.com O1 - Hosts: 127.0.0.1 www.1001namen.com O1 - Hosts: 127.0.0.1 100888290cs.com O1 - Hosts: 127.0.0.1 www.100888290cs.com O1 - Hosts: 127.0.0.1 www.100sexlinks.com O1 - Hosts: 127.0.0.1 100sexlinks.com O1 - Hosts: 127.0.0.1 10sek.com O1 - Hosts: 127.0.0.1 www.10sek.com O1 - Hosts: 127.0.0.1 www.1-2005-search.com O1 - Hosts: 127.0.0.1 1-2005-search.com O1 - Hosts: 127.0.0.1 123fporn.info O1 - Hosts: 14389 more lines... O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) O2:64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg64.dll (Google Inc.) O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll (Google Inc.) O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [igfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [sysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.) O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe (ALWIL Software) O4 - HKLM..\Run: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe (EasyBits Software AS) O4 - HKLM..\Run: [sunJavaUpdateSched] File not found O4 - HKCU..\Run: [spybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.) O4 - HKCU..\Run: [swg] C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideFastUserSwitching = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableLockWorkstation = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableChangePassword = 0 O8:64bit: - Extra context menu item: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll (Google Inc.) O8 - Extra context menu item: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll (Google Inc.) O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O13 - gopher Prefix: missing O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15) O16 - DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O18:64bit: - Protocol\Handler\cdo {CD00020A-8B95-11D1-82DB-00C04FB1625D} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found O18:64bit: - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\skyline {3a4f9195-65a8-11d5-85c1-0001023952c1} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\skyline {3a4f9195-65a8-11d5-85c1-0001023952c1} - C:\Program Files (x86)\Skyline\TerraExplorer\TerraExplorerX.dll (Skyline software systems Inc.) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20:64bit: - Winlogon\Notify\igfxcui: DllName - Reg Error: Key error. - C:\Windows\SysNative\igfxdev.dll (Intel Corporation) O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. O28 - HKLM ShellExecuteHooks: {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll (EasyBits Software Corp.) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006/09/09 12:50:55 | 000,000,000 | R--D | M] - Z:\autorun -- [ UDF ] O32 - AutoRun File - [2006/07/21 10:29:01 | 000,000,051 | R--- | M] () - Z:\autorun.inf -- [ UDF ] O32 - AutoRun File - [2006/08/31 13:11:38 | 000,002,648 | R--- | M] () - Z:\autorun.xml -- [ UDF ] O32 - AutoRun File - [2006/08/11 03:30:10 | 000,126,976 | R--- | M] () - Z:\autorun6e.exe -- [ UDF ] O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2011/01/23 19:18:03 | 000,000,000 | ---D | C] -- C:\Users\Utilisateur\AppData\Roaming\Google [2011/01/23 19:17:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner [2011/01/23 19:17:39 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner [2011/01/23 19:16:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Google [2011/01/19 22:29:37 | 000,000,000 | ---D | C] -- C:\VundoFix Backups [2011/01/19 19:24:52 | 000,000,000 | ---D | C] -- C:\Users\Utilisateur\AppData\Roaming\Malwarebytes [2011/01/19 19:24:47 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys [2011/01/19 19:24:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2011/01/19 19:24:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2011/01/19 19:24:43 | 000,024,152 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [2011/01/19 19:24:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware [2011/01/12 20:09:00 | 001,888,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMVDECOD.DLL [2011/01/12 20:09:00 | 001,837,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10warp.dll [2011/01/12 20:09:00 | 001,540,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll [2011/01/12 20:09:00 | 001,170,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d10warp.dll [2011/01/12 20:09:00 | 000,902,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d2d1.dll [2011/01/12 20:09:00 | 000,739,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d2d1.dll [2011/01/12 20:08:59 | 004,068,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mf.dll [2011/01/12 20:08:59 | 003,181,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mf.dll [2011/01/12 20:08:59 | 001,074,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\DWrite.dll [2011/01/12 20:08:59 | 000,662,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsPrint.dll [2011/01/12 20:08:58 | 001,863,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ExplorerFrame.dll [2011/01/12 20:08:58 | 001,619,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMVDECOD.DLL [2011/01/12 20:08:58 | 000,470,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsGdiConverter.dll [2011/01/12 20:08:58 | 000,442,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsPrint.dll [2011/01/12 20:08:58 | 000,320,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1core.dll [2011/01/12 20:08:58 | 000,283,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsGdiConverter.dll [2011/01/12 20:08:58 | 000,257,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfreadwrite.dll [2011/01/12 20:08:58 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d10_1core.dll [2011/01/12 20:08:57 | 001,495,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ExplorerFrame.dll [2011/01/12 20:08:57 | 000,258,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dxgmms1.sys [2011/01/12 20:08:57 | 000,229,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsRasterService.dll [2011/01/12 20:08:57 | 000,206,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfps.dll [2011/01/12 20:08:57 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1.dll [2011/01/12 20:08:57 | 000,196,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfreadwrite.dll [2011/01/12 20:08:57 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d10_1.dll [2011/01/12 20:08:57 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdd.dll [2011/01/12 20:08:57 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsRasterService.dll [2011/01/12 20:08:54 | 000,720,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbc32.dll [2011/01/12 20:08:54 | 000,573,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbc32.dll [2011/01/08 13:33:55 | 000,000,000 | ---D | C] -- C:\Users\Utilisateur\AppData\Roaming\PhotoFiltre [2011/01/08 13:33:54 | 000,000,000 | ---D | C] -- C:\Users\Utilisateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PhotoFiltre [2011/01/08 13:33:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PhotoFiltre [2011/01/08 13:33:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PhotoFiltre ========== Files - Modified Within 30 Days ========== [2011/01/24 20:26:08 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2011/01/24 20:22:00 | 000,001,100 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1344131542-878008096-2528777160-1000UA.job [2011/01/24 20:08:07 | 000,001,076 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2011/01/24 19:16:47 | 000,023,248 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2011/01/24 19:16:47 | 000,023,248 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2011/01/24 19:16:05 | 001,549,700 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2011/01/24 19:16:05 | 000,704,480 | ---- | M] () -- C:\Windows\SysNative\perfh00C.dat [2011/01/24 19:16:05 | 000,616,008 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2011/01/24 19:16:05 | 000,130,754 | ---- | M] () -- C:\Windows\SysNative\perfc00C.dat [2011/01/24 19:16:05 | 000,106,388 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2011/01/24 19:08:55 | 000,001,072 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2011/01/24 19:08:31 | 3144,880,128 | -HS- | M] () -- C:\hiberfil.sys [2011/01/23 21:22:00 | 000,001,048 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1344131542-878008096-2528777160-1000Core.job [2011/01/23 19:17:39 | 000,000,822 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk [2011/01/19 19:24:47 | 000,001,109 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2011/01/14 09:22:37 | 000,002,433 | ---- | M] () -- C:\Users\Utilisateur\Desktop\Google Chrome.lnk [2011/01/08 13:33:54 | 000,001,043 | ---- | M] () -- C:\Users\Utilisateur\Desktop\PhotoFiltre.lnk ========== Files Created - No Company Name ========== [2011/01/23 19:17:39 | 000,000,822 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk [2011/01/19 19:24:47 | 000,001,109 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2011/01/08 13:33:54 | 000,001,043 | ---- | C] () -- C:\Users\Utilisateur\Desktop\PhotoFiltre.lnk [2010/07/08 00:52:44 | 000,001,161 | ---- | C] () -- C:\Users\Utilisateur\AppData\Roaming\QuickZip45.ini [2010/04/22 11:19:05 | 000,000,382 | ---- | C] () -- C:\Windows\ODBC.INI [2010/03/29 14:33:02 | 000,000,000 | ---- | C] () -- C:\Users\Utilisateur\AppData\Local\QSwitch.txt [2010/03/29 14:33:02 | 000,000,000 | ---- | C] () -- C:\Users\Utilisateur\AppData\Local\DSwitch.txt [2010/03/29 14:33:02 | 000,000,000 | ---- | C] () -- C:\Users\Utilisateur\AppData\Local\AtStart.txt [2010/03/29 14:33:01 | 000,000,183 | ---- | C] () -- C:\ProgramData\HPWALog.txt [2009/11/08 00:43:57 | 000,000,109 | ---- | C] () -- C:\ProgramData\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}.log [2009/11/08 00:38:37 | 000,000,110 | ---- | C] () -- C:\ProgramData\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}.log [2009/11/08 00:37:07 | 000,000,105 | ---- | C] () -- C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log [2009/11/08 00:36:23 | 000,000,107 | ---- | C] () -- C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log [2009/10/15 01:39:28 | 000,000,105 | ---- | C] () -- C:\ProgramData\{d36dd326-7280-11d8-97c8-000129760cbe}.log [2009/10/15 01:39:23 | 000,000,032 | ---- | C] () -- C:\ProgramData\{051B9612-4D82-42AC-8C63-CD2DCEDC1CB3}.log [2009/10/15 01:39:10 | 000,000,032 | ---- | C] () -- C:\ProgramData\{9867824A-C86D-4A83-8F3C-E7A86BE0AFD3}.log [2009/10/15 01:38:52 | 000,000,032 | ---- | C] () -- C:\ProgramData\{23F3DA62-2D9E-4A69-B8D5-BE8E9E148092}.log [2009/10/15 01:38:15 | 000,000,032 | ---- | C] () -- C:\ProgramData\{4FC670EB-5F02-4B07-90DB-022B86BFEFD0}.log [2009/10/15 01:26:42 | 000,000,289 | ---- | C] () -- C:\Windows\SysWow64\RStoneLog2.ini [2009/10/15 01:26:42 | 000,000,230 | ---- | C] () -- C:\Windows\SysWow64\RStoneLog.ini [2009/09/29 15:25:16 | 000,013,312 | ---- | C] () -- C:\Windows\LPRES.DLL [2009/07/14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll [2009/07/13 22:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll ========== Custom Scans ========== < %SYSTEMDRIVE%\*.* > [2010/03/30 09:12:55 | 001,048,576 | ---- | M] () -- C:\306B.bin [2009/11/25 16:31:18 | 001,048,576 | ---- | M] () -- C:\306B_new.bin [2009/07/14 02:38:58 | 000,383,562 | RHS- | M] () -- C:\bootmgr [2011/01/24 19:08:31 | 3144,880,128 | -HS- | M] () -- C:\hiberfil.sys [2011/01/24 19:08:38 | 4193,177,600 | -HS- | M] () -- C:\pagefile.sys < %systemroot%\*. /mp /s > < %systemroot%\system32\*.dll /lockedfiles > [2009/07/14 02:15:13 | 000,346,112 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\SysWOW64\dxtmsft.dll [2009/07/14 02:15:13 | 000,215,552 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\SysWOW64\dxtrans.dll [2010/11/04 06:48:18 | 000,185,856 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\SysWOW64\iepeers.dll < %systemroot%\Tasks\*.job /lockedfiles > < %systemroot%\System32\config\*.sav > < %systemroot%\system32\drivers\*.sys /90 > [2010/12/20 18:09:00 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysWOW64\drivers\mbamswissarmy.sys < HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU > < HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs > < > ========== Alternate Data Streams ========== @Alternate Data Stream - 231 bytes -> C:\ProgramData\Temp:8FF81EB0 < End of report >
  4. ben ali
    Déja merci beaucoup à toi Lance_Yien pour la marche à suivre que tu viens de me donner. Comme convenu, je joins déja un copié-collé du log issu du scan de MBAM qui est le suivant: Malwarebytes' Anti-Malware 1.50.1.1100 www.malwarebytes.org Version de la base de données: 5577 Windows 6.1.7600 Internet Explorer 8.0.7600.16385 23/01/2011 19:24:00 mbam-log-2011-01-23 (19-24-00).txt Type d'examen: Examen rapide Elément(s) analysé(s): 155550 Temps écoulé: 1 minute(s), 39 seconde(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 0 Valeur(s) du Registre infectée(s): 0 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 0 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): (Aucun élément nuisible détecté) Valeur(s) du Registre infectée(s): (Aucun élément nuisible détecté) Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): (Aucun élément nuisible détecté) Voila ensuite le rapport de Securitycheck: Results of screen317's Security Check version 0.99.8 Windows 7 (UAC is enabled) Internet Explorer 8 `````````````````````````````` Antivirus/Firewall Check: avast! Free Antivirus WMI entry may not exist for antivirus; attempting automatic update. ``````````````````````````````` Anti-malware/Other Utilities Check: Malwarebytes' Anti-Malware HijackThis 2.0.2 Java 6 Update 20 Out of date Java installed! Adobe Flash Player 10.1.102.64 Adobe Reader 9.1 MUI Out of date Adobe Reader installed! ```````````````````````````````` Process Check: objlist.exe by Laurent Malwarebytes' Anti-Malware mbam.exe Alwil Software Avast5 AvastSvc.exe Alwil Software Avast5 AvastUI.exe ``````````End of Log````````````
  5. ben ali
    Salut les gars, Je me permets de remonter mon sujet en sachant pertinemment que je ne suis pas le seul et que les contributeurs ont une vie en dehors du forum ! Merci encore mille fois par avance pour vos lumières !
  6. ben ali
    Une idée ? Mille mercis par avance pour votre aide précieuse !
  7. ben ali
    Salut Cricri, Déja je te remercie pour ta réponse et ton aide. Comme tu me l'as conseillé, je viens de faire un scan (précisément "Scan and save log") avec Hijack et voila la copie conforme de ce dernier : Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 11:21:40, on 20/01/2011 Platform: Unknown Windows (WinNT 6.01.3504) MSIE: Internet Explorer v8.00 (8.00.7600.16700) Boot mode: Normal Running processes: C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe C:\Program Files (x86)\Skype\Phone\Skype.exe C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCtrl.exe C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe C:\Program Files\Alwil Software\Avast5\AvastUI.exe C:\Program Files (x86)\Hewlett-Packard\Shared\hpqToaster.exe C:\Users\Utilisateur\Pictures\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Compaq Notebook | MSN.fr R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Compaq Notebook | MSN.fr R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Compaq Notebook | MSN.fr R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=userinit.exe O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start O4 - HKLM\..\Run: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [WirelessAssistant] C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden O4 - HKCU\..\Run: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /nosplash /minimized O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [Google Update] "C:\Users\Utilisateur\AppData\Local\Google\Update\GoogleUpdate.exe" /c O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVICE RÉSEAU') O4 - Global Startup: Microsoft Office.lnk = C:\Program Files (x86)\Microsoft Office\Office10\OSA.EXE O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~2\MICROS~4\Office10\EXCEL.EXE/3000 O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll O13 - Gopher Prefix: O18 - Protocol: skyline - {3A4F9195-65A8-11D5-85C1-0001023952C1} - C:\Program Files (x86)\Skyline\TerraExplorer\TerraExplorerX.dll O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_b87ff64c8b56b7db\AESTSr64.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe O23 - Service: Service Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: HP Health Check Service - Hewlett-Packard - C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_b87ff64c8b56b7db\STacSV64.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 9993 bytes
  8. ben ali
    Personne n'a une idée ? De mon côté, j'ai effectué des scans avec Asquare (Emergency Kit Scanner), spybot, malwarebyte et vundofix mais ils ne détectent et ne corrigent rien de mes soucis. Bref j'ai toujours la souris qui a tendance à tremblotter, mon clavier qui est par moment totalement inactif (au moment où je tape ce message il est revenu à la normale temporairement) ainsi que de gros soucis pour ouvrir des pages internet (ça rame, j'arrive plus à faire de recherches, etc....). Merci par avance pour vos aides et vos lumières !
  9. ben ali
    Déja je vous souhaite à tous et à toutes une excellente année 2011 avec plein de bonnes choses et la santé avant tout ! En fait, depuis ce matin, mon PC est atteint par les symptomes suivants : - Des mouvements parasites de souris - Les touches de mon clavier qui "partent en couilles) (certaines deviennent inactives, d'autres touches donnent plusieurs lettres, etc.) D'après quelques recherches, j'ai cru comprendre qu'il s'agirait du trojan BHO. J'ai vu qu'il existait déja des topics traitant de sa supression, mais étant donné qu'ils ont l'air assez techniques et personnalisés (dans le sens où il faut souvent recopier les logs des antivirus/malwares après leurs recherches), je voudrais savoir si une âme charitable accepterait de me guider pas à pas dans l'éradication de ce vilain trojan (je suis pas super calé en informatique et j'ai trop peur de virer des éléments non infectés et nécessaires au fonctionnement de mon pc). Dix mille merci par avance pour votre aide et assistance ! Cordialement
×
×
  • Créer...