Aller au contenu

Prasev

Membres
 Afficher le profil  Afficher son activité

  • Compteur de contenus

    10

  • Inscription

  • Dernière visite

Autres informations

  • Mes langues
    français

Prasev's Achievements

Junior Member

Junior Member (3/12)

0

Réputation sur la communauté

  1. Prasev
    Merci à toi, mon problème d'hotmail est résolu. Par rapport à ce que tu m'as demandé de faire sur ton dernier message, je n'ai pas pu réinitialiser les points de restauration, ça m'a marqué : windows n'a pas pu supprimer toutes les captures instantanées. Reesayer et consulter le journal des evenements pour + d'infos. Et PCPitstop marque qu'il ne peut pas fonctionner avec mon ordinateur et donne diverses raisons possibles. Merci Prasev
  2. Prasev
    Voici le rapport : All processes killed ========== OTL ========== No active process named Updater.exe was found! Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{00000000-6E41-4FD3-8538-502F5495E5FC} not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}\ not found. File C:\Program Files\Ask.com\GenericAskToolbar.dll not found. Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@microsoft.com/GENUINE\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found. File C:\Program Files\Ask.com\GenericAskToolbar.dll not found. Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found. File C:\Program Files\Ask.com\GenericAskToolbar.dll not found. Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440} not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found. File C:\Program Files\Ask.com\GenericAskToolbar.dll not found. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ not found. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ApnUpdater not found. File C:\Program Files\Ask.com\Updater\Updater.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6add57b9-125d-11e0-803b-90e6bacc5af9}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6add57b9-125d-11e0-803b-90e6bacc5af9}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6add57b9-125d-11e0-803b-90e6bacc5af9}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6add57b9-125d-11e0-803b-90e6bacc5af9}\ not found. File F:\MI.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b6aa6e3c-1569-11df-a12d-806e6f6e6963}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{b6aa6e3c-1569-11df-a12d-806e6f6e6963}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b6aa6e3c-1569-11df-a12d-806e6f6e6963}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{b6aa6e3c-1569-11df-a12d-806e6f6e6963}\ not found. File move failed. D:\autorun.exe scheduled to be moved on reboot. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b6aa6e3c-1569-11df-a12d-806e6f6e6963}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{b6aa6e3c-1569-11df-a12d-806e6f6e6963}\ not found. File move failed. D:\directx9\DXSETUP.exe scheduled to be moved on reboot. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b6aa6e3c-1569-11df-a12d-806e6f6e6963}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{b6aa6e3c-1569-11df-a12d-806e6f6e6963}\ not found. File move failed. D:\install.exe scheduled to be moved on reboot. C:\Program Files\Ask.com\Updater folder moved successfully. C:\Program Files\Ask.com\assets\oobe folder moved successfully. C:\Program Files\Ask.com\assets folder moved successfully. C:\Program Files\Ask.com folder moved successfully. C:\ProgramData\Ask\APN-Stub folder moved successfully. C:\ProgramData\Ask folder moved successfully. ADS E:\Documents\Documents\RE IJ.eml:OECustomProperty deleted successfully. ========== SERVICES/DRIVERS ========== ========== REGISTRY ========== Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\\{86D4B82A-ABED-442A-BE86-96357B70F4FE} not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{86D4B82A-ABED-442A-BE86-96357B70F4FE}\ not found. ========== FILES ========== < ipconfig /flushdns /c > Configuration IP de Windows Cache de r‚solution DNS vid‚. C:\Users\Info-H@k\Desktop\cmd.bat deleted successfully. C:\Users\Info-H@k\Desktop\cmd.txt deleted successfully. C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job moved successfully. C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job moved successfully. File\Folder C:\*.sqm not found. C:\WINDOWS\System32\SETD308.tmp moved successfully. File\Folder C:\WINDOWS\*.tmp not found. C:\Users\Info-H@k\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\30\54ed279e-51d443bd moved successfully. ========== COMMANDS ========== [EMPTYTEMP] User: All Users User: Default ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes ->Flash cache emptied: 41620 bytes User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes ->Flash cache emptied: 0 bytes User: Info-H@k ->Temp folder emptied: 575062986 bytes ->Temporary Internet Files folder emptied: 595193985 bytes ->Java cache emptied: 1062421 bytes ->Flash cache emptied: 43363 bytes User: notre ordi ->Temp folder emptied: 51996 bytes ->Temporary Internet Files folder emptied: 524526 bytes ->Flash cache emptied: 42054 bytes User: Public %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 9853248 bytes Windows Temp folder emptied: 37401577 bytes RecycleBin emptied: 678347252 bytes Total Files Cleaned = 1 810,00 mb [EMPTYFLASH] User: All Users User: Default ->Flash cache emptied: 0 bytes User: Default User ->Flash cache emptied: 0 bytes User: Info-H@k ->Flash cache emptied: 0 bytes User: notre ordi ->Flash cache emptied: 0 bytes User: Public Total Flash Files Cleaned = 0,00 mb C:\Windows\System32\drivers\etc\Hosts moved successfully. HOSTS file reset successfully OTL by OldTimer - Version 3.2.26.1 log created on 08032011_112511 Files\Folders moved on Reboot... File move failed. D:\autorun.exe scheduled to be moved on reboot. File move failed. D:\directx9\DXSETUP.exe scheduled to be moved on reboot. File move failed. D:\install.exe scheduled to be moved on reboot. C:\Users\Info-H@k\AppData\Local\Temp\Low\VGX6F57.tmp moved successfully. C:\Users\Info-H@k\AppData\Local\Temp\Low\VGX6F67.tmp moved successfully. File\Folder C:\Users\Info-H@k\AppData\Local\Temp\~DF39DE32E5C274E145.TMP not found! File\Folder C:\Users\Info-H@k\AppData\Local\Temp\~DF3C22C73695D5AF6C.TMP not found! File\Folder C:\Users\Info-H@k\AppData\Local\Temp\~DF884E6762EB0326DA.TMP not found! File\Folder C:\Users\Info-H@k\AppData\Local\Temp\~DF90D51EC985422544.TMP not found! File\Folder C:\Users\Info-H@k\AppData\Local\Temp\~DFDF3699A588473807.TMP not found! File\Folder C:\Users\Info-H@k\AppData\Local\Temp\~DFF54DDAFC693C6FD1.TMP not found! C:\Users\Info-H@k\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\X36F7ZUH\infection-hotmail-t186198[2].html moved successfully. C:\Users\Info-H@k\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\X36F7ZUH\like[6].htm moved successfully. C:\Users\Info-H@k\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\X36F7ZUH\PIE[1].htc moved successfully. C:\Users\Info-H@k\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\X36F7ZUH\recette-courgette[1].htm moved successfully. File\Folder C:\Users\Info-H@k\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\X36F7ZUH\sessionKeeper[3].htm not found! File move failed. C:\Users\Info-H@k\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\T3N7WDNA\1312361392421;u=i_1796191556429897471_m_157730;dcopt=ist;tile=1;um=5;us=12;eb_trk=157730;pr=26;xp=26;np=26;uz=80700;cg=8718e00b1310a47a44906070ffdfe0ba[1].htm scheduled to be moved on reboot. C:\Users\Info-H@k\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\T3N7WDNA\afr[2].htm moved successfully. C:\Users\Info-H@k\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\T3N7WDNA\eBayISAPI[1].txt moved successfully. C:\Users\Info-H@k\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\D7UTJRTF\01[1].htm moved successfully. File move failed. C:\Users\Info-H@k\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\D7UTJRTF\0x600;ord=1312361392421;u=i_1796191556429897217_m_157725;tile=2;um=5;us=12;eb_trk=157725;pr=26;xp=26;np=26;uz=80700;cg=8718e00b1310a47a44906070ffdfe0ba[1].htm scheduled to be moved on reboot. C:\Users\Info-H@k\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\D7UTJRTF\framePub_welcomeRight[1].htm moved successfully. C:\Users\Info-H@k\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\C2RX3HU9\actualites-onglets[1].html moved successfully. C:\Users\Info-H@k\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\C2RX3HU9\ads[2].htm moved successfully. C:\Users\Info-H@k\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\C2RX3HU9\catalystN9T2[1].htm moved successfully. C:\Users\Info-H@k\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\7OEZM9CN\AP_CPL_728x90[1].htm moved successfully. C:\Users\Info-H@k\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\7OEZM9CN\eccf9be1[1].htm moved successfully. C:\Users\Info-H@k\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\7OEZM9CN\framePub[1].htm moved successfully. C:\Users\Info-H@k\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\7OEZM9CN\framePub_left[1].htm moved successfully. C:\Users\Info-H@k\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\4HVO8U91\ads[10].htm moved successfully. C:\Users\Info-H@k\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\1VNZE8WS\AP_ADV_728x90[1].htm moved successfully. C:\Users\Info-H@k\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\1VNZE8WS\AP_VIA_728x90[1].htm moved successfully. C:\Users\Info-H@k\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\1VNZE8WS\likebox[1].htm moved successfully. C:\Users\Info-H@k\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\1VNZE8WS\mailbox[2].html moved successfully. C:\Users\Info-H@k\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\MSIMGSIZ.DAT moved successfully. Registry entries deleted on Reboot... Pour la restauration ça est apparu au démarrage de l'ordinateur, ça a bien indiqué qu'il fallait restaurer et ce n'était pas une mise à jour. Pour le mot de passe je vais le refaire et te tiens au courant si les mails se produisent à nouveau.
  3. Prasev
    Bonjour, Vous allez dire que je suis nulle mais il n'y est pas dans ajout/suppression de programmes.... On a toujours le même soucis d'envoi de mails par la boite hotmail de mon conjoint. En tout cas merci de votre aide ! J'ai oublié de vous dire aussi que ce matin en allumant l'ordi, il a du faire une restauration.
  4. Prasev
    Re bonjour, J'ai un soucis pour utiliser le fichier pour enlever ask, quand il se met en route, Internet exploreur cesse de fonctionner....Je ne peux donc pas aller au bout de la démarche mais est ce que je fais OTL quand même ?
  5. Prasev
    Rapport Extras.txt OTL Extras logfile created on: 02/08/2011 09:49:31 - Run 1 OTL by OldTimer - Version 3.2.26.1 Folder = C:\Users\Info-H@k\Desktop Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 8.0.7601.17514) Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy 2,00 Gb Total Physical Memory | 0,97 Gb Available Physical Memory | 48,52% Memory free 4,00 Gb Paging File | 2,94 Gb Available in Paging File | 73,59% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 99,90 Gb Total Space | 69,93 Gb Free Space | 70,00% Space Free | Partition Type: NTFS Drive D: | 538,12 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS Drive E: | 198,09 Gb Total Space | 185,56 Gb Free Space | 93,67% Space Free | Partition Type: NTFS Computer Name: ORDINATEUR | User Name: Info-H@k | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation) .hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation) ========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation) htmlfile [edit] -- Reg Error: Key error. htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [Galerie photo] -- "C:\Program Files\Pixum\Livre photo Pixum\Galerie photo.exe" -d "%1" () Directory [Livre photo Pixum] -- "C:\Program Files\Pixum\Livre photo Pixum\Livre photo Pixum.exe" "%1" () Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = Reg Error: Unknown registry data type -- File not found "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] ========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "DisableNotifications" = 0 "EnableFirewall" = 0 ========== Authorized Applications List ========== ========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{068276C8-4618-4E63-BCEA-EAB99CED1036}" = Nero 8 Essentials "{09F56A49-A7B1-4AAB-95B9-D13094254AD1}" = Windows Live UX Platform Language Pack "{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer "{0F5B4A82-9DAF-3D13-8CB8-AEB25E4A614E}" = Microsoft .NET Framework 4 Client Profile FRA Language Pack "{0FA44E79-CD7D-4E8D-A2EE-26FE05F509B6}" = OpenOffice.org 3.1 "{15382D89-6EF6-4D21-9484-B500F2B10E46}" = PhotoMail Maker "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions "{26A24AE4-039D-4CA4-87B4-2F83216018FF}" = Java 6 Update 26 "{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.® AR8121/AR8113/AR8114 Gigabit/Fast Ethernet Driver "{34319F1F-7CF2-4CC9-B357-1AE7D2FF3AC5}" = Windows Live "{3921A67A-5AB1-4E48-9444-C71814CF3027}" = VCRedistSetup "{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile "{456F125D-482B-4574-B420-360566BE0A3F}" = ESET NOD32 Antivirus "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4AE3A0CB-87B0-4F51-BECD-3D1F8DFDD62F}" = SAGEM F@st 800-840 "{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}" = Windows Live PIMT Platform "{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml "{6057E21C-ABE9-4059-AE3E-3BEB9925E660}" = Windows Live Messenger "{61AD15B2-50DB-4686-A739-14FE180D4429}" = Windows Live ID Sign-in Assistant "{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE "{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 "{7B0A8F0E-3672-4DA5-9540-A8D0171C38D8}" = TuneUp Utilities Language Pack (fr-FR) "{7F10292C-A190-4176-A665-A1ED3478DF86}" = LightScribe System Software "{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 "{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT "{95120000-00AF-040C-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (French) "{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting "{97C82B44-D408-4F14-9252-47FC1636D23E}_is1" = IZArc 3.81 "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 "{9EDE7573-F2B0-4FAC-8928-A7E9381BCB91}" = ArcSoft MediaImpression for Kodak "{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common "{A9F6CFB0-806D-11E0-8EA1-B8AC6F97B88E}" = Google Earth Plug-in "{AC76BA86-7AD7-1036-7B44-A94000000001}" = Adobe Reader 9.4.0 - Français "{C893D8C0-1BA0-4517-B11C-E89B65E72F70}" = Windows Live Photo Common "{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform "{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}" = TuneUp Utilities "{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform "{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10 "{E5343B27-55DF-40BD-9FCF-A643C1331E8A}" = Acronis True Image Home "{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "Adobe AIR" = Adobe AIR "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Blue Coat K9 Web Protection" = Blue Coat® K9 Web Protection 4.0.296 "Guild Wars" = GUILD WARS "HDMI" = Intel® Graphics Media Accelerator Driver "KLiteCodecPack_is1" = K-Lite Mega Codec Pack 5.1.0 "Lexmark 3500-4500 Series" = Lexmark 3500-4500 Series "Livre photo Pixum" = Livre photo Pixum "Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware version 1.51.0.1200 "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Client Profile FRA Language Pack" = Module linguistique Microsoft .NET Framework 4 Client Profile FRA "NVIDIA Drivers" = NVIDIA Drivers "NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver "PhotoMail" = PhotoMail Maker "SFR_Kit" = SFR - Kit de connexion "TuneUp Utilities" = TuneUp Utilities "TVWiz" = Intel® TV Wizard "WinLiveSuite" = Windows Live "WinZip" = WinZip ========== Last 10 Event Log Errors ========== [ Application Events ] Error - 02/08/2011 02:30:27 | Computer Name = Ordinateur | Source = Microsoft-Windows-CAPI2 | ID = 4107 Description = Échec de l’extraction de la liste racine tierce depuis le fichier CAB de mise à jour automatique à : <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>'>http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>'>http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>'>http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>'>http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>'>http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>'>http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>'>http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>'>http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> avec l’erreur : Un certificat requis n’est pas dans sa période de validité selon la vérification par rapport à l’horloge système en cours ou le tampon daté dans le fichier signé. . Error - 02/08/2011 02:30:27 | Computer Name = Ordinateur | Source = Microsoft-Windows-CAPI2 | ID = 4107 Description = Échec de l’extraction de la liste racine tierce depuis le fichier CAB de mise à jour automatique à : <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> avec l’erreur : Un certificat requis n’est pas dans sa période de validité selon la vérification par rapport à l’horloge système en cours ou le tampon daté dans le fichier signé. . Error - 02/08/2011 02:30:28 | Computer Name = Ordinateur | Source = Microsoft-Windows-CAPI2 | ID = 4107 Description = Échec de l’extraction de la liste racine tierce depuis le fichier CAB de mise à jour automatique à : <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> avec l’erreur : Un certificat requis n’est pas dans sa période de validité selon la vérification par rapport à l’horloge système en cours ou le tampon daté dans le fichier signé. . Error - 02/08/2011 02:30:28 | Computer Name = Ordinateur | Source = Microsoft-Windows-CAPI2 | ID = 4107 Description = Échec de l’extraction de la liste racine tierce depuis le fichier CAB de mise à jour automatique à : <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> avec l’erreur : Un certificat requis n’est pas dans sa période de validité selon la vérification par rapport à l’horloge système en cours ou le tampon daté dans le fichier signé. . Error - 02/08/2011 02:30:28 | Computer Name = Ordinateur | Source = Microsoft-Windows-CAPI2 | ID = 4107 Description = Échec de l’extraction de la liste racine tierce depuis le fichier CAB de mise à jour automatique à : <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> avec l’erreur : Un certificat requis n’est pas dans sa période de validité selon la vérification par rapport à l’horloge système en cours ou le tampon daté dans le fichier signé. . Error - 02/08/2011 02:30:28 | Computer Name = Ordinateur | Source = Microsoft-Windows-CAPI2 | ID = 4107 Description = Échec de l’extraction de la liste racine tierce depuis le fichier CAB de mise à jour automatique à : <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> avec l’erreur : Un certificat requis n’est pas dans sa période de validité selon la vérification par rapport à l’horloge système en cours ou le tampon daté dans le fichier signé. . Error - 02/08/2011 02:51:19 | Computer Name = Ordinateur | Source = Microsoft-Windows-CAPI2 | ID = 4107 Description = Échec de l’extraction de la liste racine tierce depuis le fichier CAB de mise à jour automatique à : <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> avec l’erreur : Un certificat requis n’est pas dans sa période de validité selon la vérification par rapport à l’horloge système en cours ou le tampon daté dans le fichier signé. . Error - 02/08/2011 02:51:19 | Computer Name = Ordinateur | Source = Microsoft-Windows-CAPI2 | ID = 4107 Description = Échec de l’extraction de la liste racine tierce depuis le fichier CAB de mise à jour automatique à : <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> avec l’erreur : Un certificat requis n’est pas dans sa période de validité selon la vérification par rapport à l’horloge système en cours ou le tampon daté dans le fichier signé. . Error - 02/08/2011 02:51:19 | Computer Name = Ordinateur | Source = Microsoft-Windows-CAPI2 | ID = 4107 Description = Échec de l’extraction de la liste racine tierce depuis le fichier CAB de mise à jour automatique à : <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> avec l’erreur : Un certificat requis n’est pas dans sa période de validité selon la vérification par rapport à l’horloge système en cours ou le tampon daté dans le fichier signé. . Error - 02/08/2011 03:07:17 | Computer Name = Ordinateur | Source = SideBySide | ID = 16842815 Description = La création du contexte d’activation a échoué pour « c:\Program Files\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll ». Erreur dans le fichier de manifeste ou de stratégie « c:\Program Files\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll » à la ligne 3. La valeur « MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR » de l’attribut « version » de l’élément « assemblyIdentity » n’est pas valide. [ System Events ] Error - 31/07/2011 07:02:17 | Computer Name = Ordinateur | Source = Service Control Manager | ID = 7000 Description = Le service lxdiCATSCustConnectService n’a pas pu démarrer en raison de l’erreur : %%1053 Error - 01/08/2011 03:24:22 | Computer Name = Ordinateur | Source = Service Control Manager | ID = 7000 Description = Le service General Purpose USB Driver (adildr.sys) n’a pas pu démarrer en raison de l’erreur : %%1058 Error - 01/08/2011 03:24:32 | Computer Name = Ordinateur | Source = Service Control Manager | ID = 7009 Description = Le dépassement de délai (30000 millisecondes) a été atteint lors de l’attente de la connexion du service lxdiCATSCustConnectService. Error - 01/08/2011 03:24:32 | Computer Name = Ordinateur | Source = Service Control Manager | ID = 7000 Description = Le service lxdiCATSCustConnectService n’a pas pu démarrer en raison de l’erreur : %%1053 Error - 01/08/2011 09:55:30 | Computer Name = Ordinateur | Source = Service Control Manager | ID = 7000 Description = Le service General Purpose USB Driver (adildr.sys) n’a pas pu démarrer en raison de l’erreur : %%1058 Error - 01/08/2011 09:55:41 | Computer Name = Ordinateur | Source = Service Control Manager | ID = 7009 Description = Le dépassement de délai (30000 millisecondes) a été atteint lors de l’attente de la connexion du service lxdiCATSCustConnectService. Error - 01/08/2011 09:55:41 | Computer Name = Ordinateur | Source = Service Control Manager | ID = 7000 Description = Le service lxdiCATSCustConnectService n’a pas pu démarrer en raison de l’erreur : %%1053 Error - 02/08/2011 02:28:27 | Computer Name = Ordinateur | Source = Service Control Manager | ID = 7000 Description = Le service General Purpose USB Driver (adildr.sys) n’a pas pu démarrer en raison de l’erreur : %%1058 Error - 02/08/2011 02:28:37 | Computer Name = Ordinateur | Source = Service Control Manager | ID = 7009 Description = Le dépassement de délai (30000 millisecondes) a été atteint lors de l’attente de la connexion du service lxdiCATSCustConnectService. Error - 02/08/2011 02:28:37 | Computer Name = Ordinateur | Source = Service Control Manager | ID = 7000 Description = Le service lxdiCATSCustConnectService n’a pas pu démarrer en raison de l’erreur : %%1053 < End of report >
  6. Prasev
    Bonjour, Voici donc le premier rapport OTL.txt OTL logfile created on: 02/08/2011 09:49:31 - Run 1 OTL by OldTimer - Version 3.2.26.1 Folder = C:\Users\Info-H@k\Desktop Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 8.0.7601.17514) Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy 2,00 Gb Total Physical Memory | 0,97 Gb Available Physical Memory | 48,52% Memory free 4,00 Gb Paging File | 2,94 Gb Available in Paging File | 73,59% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 99,90 Gb Total Space | 69,93 Gb Free Space | 70,00% Space Free | Partition Type: NTFS Drive D: | 538,12 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS Drive E: | 198,09 Gb Total Space | 185,56 Gb Free Space | 93,67% Space Free | Partition Type: NTFS Computer Name: ORDINATEUR | User Name: Info-H@k | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2011/08/02 09:48:08 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Users\Info-H@k\Desktop\OTL.exe PRC - [2011/07/07 17:54:00 | 000,399,312 | ---- | M] (Ask) -- C:\Program Files\Ask.com\Updater\Updater.exe PRC - [2011/05/29 09:11:28 | 000,449,584 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe PRC - [2011/05/29 09:11:28 | 000,366,640 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe PRC - [2011/02/25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2010/11/30 08:18:18 | 000,233,936 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\System32\Macromed\Flash\FlashUtil10l_ActiveX.exe PRC - [2010/11/20 14:17:47 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe PRC - [2010/11/04 18:15:50 | 000,810,144 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe PRC - [2010/11/04 18:15:32 | 002,219,184 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe PRC - [2010/03/18 12:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe PRC - [2009/12/12 00:52:52 | 001,078,632 | ---- | M] (Blue Coat Systems, Inc.) -- C:\Program Files\Blue Coat K9 Web Protection\k9filter.exe PRC - [2009/11/13 12:59:54 | 000,486,216 | ---- | M] (TuneUp Software) -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe PRC - [2009/11/13 12:57:42 | 001,021,256 | ---- | M] (TuneUp Software) -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe PRC - [2009/06/10 07:33:00 | 000,232,960 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvSCPAPISvr.exe PRC - [2009/04/27 14:30:54 | 000,025,256 | ---- | M] () -- C:\Program Files\Lexmark 3500-4500 Series\lxdiamon.exe PRC - [2009/04/27 14:30:52 | 000,434,856 | ---- | M] () -- C:\Program Files\Lexmark 3500-4500 Series\lxdimon.exe PRC - [2007/10/08 12:19:10 | 000,493,200 | ---- | M] () -- C:\Program Files\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe PRC - [2007/10/07 18:36:58 | 000,904,880 | ---- | M] (Acronis) -- C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe PRC - [2007/10/07 18:08:54 | 000,140,568 | ---- | M] (Acronis) -- C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe PRC - [2007/10/07 18:08:40 | 000,427,288 | ---- | M] (Acronis) -- C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe PRC - [2007/10/07 18:01:08 | 002,620,336 | ---- | M] (Acronis) -- C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe PRC - [2007/06/11 11:14:52 | 000,517,040 | ---- | M] ( ) -- C:\Windows\System32\lxdicoms.exe PRC - [2005/10/28 11:00:00 | 000,122,880 | ---- | M] (WinZip Computing LP) -- C:\Program Files\WinZip\WZQKPICK.EXE ========== Modules (SafeList) ========== MOD - [2011/08/02 09:48:08 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Users\Info-H@k\Desktop\OTL.exe MOD - [2010/11/20 13:55:09 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll ========== Win32 Services (SafeList) ========== SRV - [2011/05/29 09:11:28 | 000,366,640 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService) SRV - [2010/11/04 18:18:10 | 000,033,584 | ---- | M] (ESET) [On_Demand | Stopped] -- C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe -- (EhttpSrv) SRV - [2010/11/04 18:15:50 | 000,810,144 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe -- (ekrn) SRV - [2010/07/08 22:25:21 | 001,343,400 | ---- | M] (Microsoft Corporation) [unknown | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc) SRV - [2010/03/18 12:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [Auto | Running] -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon) SRV - [2010/02/09 16:01:00 | 000,435,016 | ---- | M] (TuneUp Software) [On_Demand | Stopped] -- C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe -- (TuneUp.Defrag) SRV - [2009/12/12 00:52:52 | 001,078,632 | ---- | M] (Blue Coat Systems, Inc.) [Auto | Running] -- C:\Program Files\Blue Coat K9 Web Protection\k9filter.exe -- (bckwfs) SRV - [2009/11/13 12:57:42 | 001,021,256 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe -- (TuneUp.UtilitiesSvc) SRV - [2009/11/13 12:53:42 | 000,030,024 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\System32\uxtuneup.dll -- (UxTuneUp) SRV - [2009/07/14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc) SRV - [2009/07/14 03:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend) SRV - [2009/06/10 07:33:00 | 000,232,960 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Windows\System32\nvSCPAPISvr.exe -- (Stereo Service) SRV - [2007/10/08 12:19:10 | 000,493,200 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe -- (TryAndDecideService) SRV - [2007/10/07 18:08:40 | 000,427,288 | ---- | M] (Acronis) [Auto | Running] -- C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe -- (AcrSch2Svc) SRV - [2007/06/11 11:14:52 | 000,517,040 | ---- | M] ( ) [Auto | Running] -- C:\Windows\System32\lxdicoms.exe -- (lxdi_device) SRV - [2007/06/11 11:14:42 | 000,099,248 | ---- | M] () [Auto | Stopped] -- C:\Windows\System32\spool\DRIVERS\W32X86\3\\lxdiserv.exe -- (lxdiCATSCustConnectService) ========== Driver Services (SafeList) ========== DRV - [2011/05/29 09:11:30 | 000,039,984 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy) DRV - [2011/05/29 09:11:20 | 000,022,712 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector) DRV - [2010/11/20 12:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV - [2010/11/20 11:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb) DRV - [2010/09/03 07:13:46 | 000,137,144 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\Windows\System32\drivers\eamonm.sys -- (eamonm) DRV - [2010/07/29 13:31:26 | 000,115,008 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\System32\drivers\ehdrv.sys -- (ehdrv) DRV - [2010/07/29 13:31:26 | 000,096,920 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\epfwwfpr.sys -- (epfwwfpr) DRV - [2010/02/09 18:33:20 | 000,441,760 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\timntr.sys -- (timounter) DRV - [2010/02/09 18:33:20 | 000,044,384 | ---- | M] (Acronis) [File_System | Auto | Running] -- C:\Windows\System32\drivers\tifsfilt.sys -- (tifsfilter) DRV - [2010/02/09 18:33:18 | 000,129,248 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\snapman.sys -- (snapman) DRV - [2010/02/09 18:33:16 | 000,368,736 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\tdrpman.sys -- (tdrpman) DRV - [2009/12/12 00:52:52 | 000,074,088 | ---- | M] (Blue Coat Systems, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\bckd.sys -- (bckd) DRV - [2009/10/14 08:24:44 | 000,010,064 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys -- (TuneUpUtilitiesDrv) DRV - [2009/08/23 06:06:38 | 000,048,640 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\L1E62x86.sys -- (L1E) DRV - [2009/07/14 01:45:33 | 000,083,456 | ---- | M] (Brother Industries Ltd.) [Kernel | System | Running] -- C:\Windows\System32\drivers\serial.sys -- (Serial) DRV - [2009/06/10 12:33:00 | 009,899,296 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm) DRV - [2009/05/13 13:11:34 | 000,006,504 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ASACPI.sys -- (MTsensor) DRV - [2007/02/07 17:50:32 | 000,118,552 | ---- | M] (Analog Devices Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\adiusbaw.sys -- (adiusbaw) DRV - [2007/02/07 17:50:14 | 000,056,088 | ---- | M] (Analog Deivces) [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\adildr.sys -- (ELOADER) General Purpose USB Driver (adildr.sys) DRV - [2006/11/10 16:05:00 | 000,018,688 | ---- | M] (Arcsoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\afc.sys -- (Afc) DRV - [2004/04/27 00:31:04 | 000,474,304 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lvcd.sys -- (QCDonner) Logitech QuickCam Express(PID_0840) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Bing IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = MSN : Hotmail, Messenger, Bing, Actualité et Sport IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Portail SFR: Actualités, Sport, Info, TV, Jeux et musique IE - HKCU\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask) IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.69: C:\Program Files\Codec\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.69: C:\Program Files\Codec\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=8: C:\Program Files\Google\Update\1.2.183.39\npGoogleOneClick8.dll (Google Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2010/12/02 17:47:39 | 000,000,000 | ---D | M] O1 HOSTS File: ([2009/06/10 23:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O2 - BHO: (Objet d'aide à la navigation SFR) - {0F6E720A-1A6B-40E1-A294-1D4D19F156C8} - C:\Program Files\SFR\Kit\SFRNavErrorHelper.dll (SFR) O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask) O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask) O3 - HKCU\..\Toolbar\WebBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask) O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [Acronis Scheduler2 Service] C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe (Acronis) O4 - HKLM..\Run: [AcronisTimounterMonitor] C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe (Acronis) O4 - HKLM..\Run: [adiras] C:\Windows\adiras.exe () O4 - HKLM..\Run: [ApnUpdater] C:\Program Files\Ask.com\Updater\Updater.exe (Ask) O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET) O4 - HKLM..\Run: [lxdiamon] C:\Program Files\Lexmark 3500-4500 Series\lxdiamon.exe () O4 - HKLM..\Run: [lxdimon.exe] C:\Program Files\Lexmark 3500-4500 Series\lxdimon.exe () O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) O4 - HKLM..\Run: [Malwarebytes' Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation) O4 - HKLM..\Run: [skytel] C:\Program Files\Realtek\Audio\HDA\Skytel.exe (Realtek Semiconductor Corp.) O4 - HKLM..\Run: [TrueImageMonitor.exe] C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe (Acronis) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1 O13 - gopher Prefix: missing O16 - DPF: {1C11B948-582A-433F-A98D-A8C4D5CC64F2} http://but.2020.net/planner/Core/Player/2020PlayerAX_Win32.cab (20-20 3D Viewer) O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (Reg Error: Key error.) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26) O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26) O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.) O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} http://gfx2.hotmail.com/mail/w4/pr01/photouploadcontrol/VistaMSNPUpldfr-fr.cab (Windows Live Hotmail Photo Upload Tool) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. O30 - LSA: Authentication Packages - (relog_ap) - C:\Windows\System32\relog_ap.dll (Acronis) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009/06/10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O32 - AutoRun File - [2005/09/15 22:08:52 | 000,000,231 | R--- | M] () - D:\Autorun.inf -- [ CDFS ] O32 - AutoRun File - [2007/09/27 14:35:05 | 001,049,616 | R--- | M] (Microsoft Corporation) - D:\autorun.exe -- [ CDFS ] O33 - MountPoints2\{6add57b9-125d-11e0-803b-90e6bacc5af9}\Shell - "" = AutoRun O33 - MountPoints2\{6add57b9-125d-11e0-803b-90e6bacc5af9}\Shell\AutoRun\command - "" = F:\MI.exe O33 - MountPoints2\{b6aa6e3c-1569-11df-a12d-806e6f6e6963}\Shell - "" = AutoRun O33 - MountPoints2\{b6aa6e3c-1569-11df-a12d-806e6f6e6963}\Shell\AutoRun\command - "" = D:\autorun.exe -- [2007/09/27 14:35:05 | 001,049,616 | R--- | M] (Microsoft Corporation) O33 - MountPoints2\{b6aa6e3c-1569-11df-a12d-806e6f6e6963}\Shell\directx\command - "" = D:\directx9\DXSETUP.exe -- [2005/05/27 00:34:41 | 000,482,000 | R--- | M] (Microsoft Corporation) O33 - MountPoints2\{b6aa6e3c-1569-11df-a12d-806e6f6e6963}\Shell\setup\command - "" = D:\install.exe -- [2007/10/02 15:58:26 | 000,304,136 | R--- | M] () O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* NetSvcs: FastUserSwitchingCompatibility - File not found NetSvcs: Ias - File not found NetSvcs: Nla - File not found NetSvcs: Ntmssvc - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: SRService - File not found NetSvcs: UxTuneUp - C:\Windows\System32\uxtuneup.dll (TuneUp Software) NetSvcs: WmdmPmSp - File not found NetSvcs: LogonHours - File not found NetSvcs: PCAudit - File not found NetSvcs: helpsvc - File not found NetSvcs: uploadmgr - File not found Drivers32: msacm.ac3acm - C:\Windows\System32\ac3acm.acm (fccHandler) Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS) Drivers32: msacm.lameacm - C:\Windows\System32\lameACM.acm (http://www.mp3dev.org/) Drivers32: MSVideo - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation) Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation) Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.) Drivers32: VIDC.DIVX - C:\Windows\System32\divx.dll (DivX, Inc.) Drivers32: VIDC.FFDS - C:\Windows\System32\ff_vfw.dll () Drivers32: VIDC.I420 - C:\Windows\System32\lvcodec2.dll (Logitech Inc.) Drivers32: VIDC.XVID - C:\Windows\System32\xvidvfw.dll () Drivers32: VIDC.YV12 - C:\Windows\System32\yv12vfw.dll (www.helixcommunity.org) CREATERESTOREPOINT Restore point Set: OTL Restore Point PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin ========== Files/Folders - Created Within 30 Days ========== [2011/08/02 09:48:03 | 000,579,584 | ---- | C] (OldTimer Tools) -- C:\Users\Info-H@k\Desktop\OTL.exe [2011/08/02 09:44:19 | 000,404,640 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl [2011/08/02 09:41:41 | 000,243,360 | ---- | C] (Adobe Systems, Inc.) -- C:\Users\Info-H@k\Desktop\uninstall_flash_player.exe [2011/08/02 09:21:30 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java [2011/08/02 08:49:31 | 000,000,000 | ---D | C] -- C:\Program Files\Ask.com [2011/08/02 08:49:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Ask [2011/08/02 08:49:06 | 000,472,808 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\deployJava1.dll [2011/08/02 08:49:06 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe [2011/08/02 08:49:06 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe [2011/08/02 08:49:06 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe [2011/07/22 22:48:24 | 000,000,000 | ---D | C] -- C:\Users\Info-H@k\AppData\Local\{9FAFD4EB-1908-4BB7-A196-EF0F2F85DCCD} [2011/07/14 18:18:08 | 000,271,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe [2011/07/14 18:18:08 | 000,169,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winsrv.dll [2011/07/14 18:18:04 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-file-l1-1-0.dll [2011/07/14 18:18:04 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll [2011/07/14 18:18:04 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-interlocked-l1-1-0.dll [2011/07/14 18:18:03 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-security-base-l1-1-0.dll [2011/07/14 18:18:03 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-threadpool-l1-1-0.dll [2011/07/14 18:18:03 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-processthreads-l1-1-0.dll [2011/07/14 18:18:03 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-sysinfo-l1-1-0.dll [2011/07/14 18:18:03 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-synch-l1-1-0.dll [2011/07/14 18:18:03 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-misc-l1-1-0.dll [2011/07/14 18:18:03 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-localregistry-l1-1-0.dll [2011/07/14 18:18:03 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-localization-l1-1-0.dll [2011/07/14 18:18:03 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-xstate-l1-1-0.dll [2011/07/14 18:18:03 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-processenvironment-l1-1-0.dll [2011/07/14 18:18:03 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-namedpipe-l1-1-0.dll [2011/07/14 18:18:03 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-memory-l1-1-0.dll [2011/07/14 18:18:03 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-heap-l1-1-0.dll [2011/07/14 18:18:03 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-util-l1-1-0.dll [2011/07/14 18:18:03 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-string-l1-1-0.dll [2011/07/14 18:18:03 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-rtlsupport-l1-1-0.dll [2011/07/14 18:18:03 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-profile-l1-1-0.dll [2011/07/14 18:18:03 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-io-l1-1-0.dll [2011/07/14 18:18:03 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-handle-l1-1-0.dll [2011/07/14 18:18:03 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-fibers-l1-1-0.dll [2011/07/14 18:18:03 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-errorhandling-l1-1-0.dll [2011/07/14 18:18:03 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-delayload-l1-1-0.dll [2011/07/14 18:18:03 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-debug-l1-1-0.dll [2011/07/14 18:18:03 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-datetime-l1-1-0.dll [2011/07/14 18:18:03 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-console-l1-1-0.dll [2011/07/14 18:18:00 | 002,334,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys [2011/07/06 21:02:47 | 000,000,000 | ---D | C] -- C:\Windows\System32\20-20 Technologies [2011/07/03 10:44:19 | 000,000,000 | ---D | C] -- C:\Users\Info-H@k\AppData\Local\{016798E8-A8F7-4D00-A914-B76DC7BE4A3B} [2010/02/16 12:27:53 | 001,187,840 | ---- | C] ( ) -- C:\Windows\System32\lxdiserv.dll [2010/02/16 12:27:53 | 000,942,080 | ---- | C] ( ) -- C:\Windows\System32\lxdiusb1.dll [2010/02/16 12:27:53 | 000,765,952 | ---- | C] ( ) -- C:\Windows\System32\lxdicomc.dll [2010/02/16 12:27:53 | 000,671,744 | ---- | C] ( ) -- C:\Windows\System32\lxdihbn3.dll [2010/02/16 12:27:53 | 000,614,400 | ---- | C] ( ) -- C:\Windows\System32\lxdipmui.dll [2010/02/16 12:27:53 | 000,532,480 | ---- | C] ( ) -- C:\Windows\System32\lxdilmpm.dll [2010/02/16 12:27:53 | 000,517,040 | ---- | C] ( ) -- C:\Windows\System32\lxdicoms.exe [2010/02/16 12:27:53 | 000,360,448 | ---- | C] ( ) -- C:\Windows\System32\lxdicomm.dll [2010/02/16 12:27:53 | 000,356,352 | ---- | C] ( ) -- C:\Windows\System32\lxdiinpa.dll [2010/02/16 12:27:53 | 000,340,912 | ---- | C] ( ) -- C:\Windows\System32\lxdicfg.exe [2010/02/16 12:27:53 | 000,339,968 | ---- | C] ( ) -- C:\Windows\System32\lxdiiesc.dll [2010/02/16 12:27:53 | 000,320,432 | ---- | C] ( ) -- C:\Windows\System32\lxdiih.exe [2010/02/16 12:27:53 | 000,311,296 | ---- | C] ( ) -- C:\Windows\System32\lxdihcp.dll [2010/02/16 12:27:53 | 000,053,248 | ---- | C] ( ) -- C:\Windows\System32\lxdiprox.dll [2010/02/16 12:27:53 | 000,053,248 | ---- | C] ( ) -- C:\Windows\System32\lxdipplc.dll [4 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ] [4 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ] [1 C:\Windows\System32\drivers\*.tmp files -> C:\Windows\System32\drivers\*.tmp -> ] [1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2011/08/02 09:50:18 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin [2011/08/02 09:48:08 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Users\Info-H@k\Desktop\OTL.exe [2011/08/02 09:44:19 | 000,404,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl [2011/08/02 09:41:43 | 000,243,360 | ---- | M] (Adobe Systems, Inc.) -- C:\Users\Info-H@k\Desktop\uninstall_flash_player.exe [2011/08/02 08:54:00 | 000,001,058 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2011/08/02 08:37:09 | 000,004,062 | ---- | M] () -- C:\ProgramData\lxdi [2011/08/02 08:36:18 | 000,015,008 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2011/08/02 08:36:18 | 000,015,008 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2011/08/02 08:29:42 | 000,001,054 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2011/08/02 08:28:26 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2011/08/02 08:28:10 | 1609,916,416 | -HS- | M] () -- C:\hiberfil.sys [2011/08/01 15:34:05 | 000,009,889 | ---- | M] () -- E:\Documents\Documents\PRESENCE ENTRAINEMENT.odt [2011/08/01 11:14:42 | 001,024,663 | ---- | M] () -- C:\Users\Info-H@k\Desktop\P8010306.JPG [2011/07/27 10:45:34 | 000,925,726 | ---- | M] () -- C:\Users\Info-H@k\Desktop\P7270305.JPG [2011/07/22 19:50:19 | 000,704,242 | ---- | M] () -- C:\Windows\System32\perfh00C.dat [2011/07/22 19:50:19 | 000,615,810 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2011/07/22 19:50:19 | 000,130,548 | ---- | M] () -- C:\Windows\System32\perfc00C.dat [2011/07/22 19:50:19 | 000,106,190 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2011/07/15 17:40:50 | 000,067,677 | ---- | M] () -- C:\Users\Info-H@k\Desktop\photoboudt.png [2011/07/15 17:38:21 | 000,749,084 | ---- | M] () -- C:\Users\Info-H@k\Desktop\licboudt.jpg [2011/07/15 17:35:31 | 000,399,491 | ---- | M] () -- C:\Users\Info-H@k\Desktop\ciboudt.jpg [2011/07/15 03:17:58 | 000,283,832 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [4 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ] [4 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ] [1 C:\Windows\System32\drivers\*.tmp files -> C:\Windows\System32\drivers\*.tmp -> ] [1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ] ========== Files Created - No Company Name ========== [2011/08/02 09:50:18 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin [2011/08/01 15:34:05 | 000,009,889 | ---- | C] () -- E:\Documents\Documents\PRESENCE ENTRAINEMENT.odt [2011/08/01 11:11:16 | 000,925,726 | ---- | C] () -- C:\Users\Info-H@k\Desktop\P7270305.JPG [2011/08/01 11:11:15 | 001,024,663 | ---- | C] () -- C:\Users\Info-H@k\Desktop\P8010306.JPG [2011/07/15 17:40:50 | 000,067,677 | ---- | C] () -- C:\Users\Info-H@k\Desktop\photoboudt.png [2011/07/15 17:38:40 | 000,749,084 | ---- | C] () -- C:\Users\Info-H@k\Desktop\licboudt.jpg [2011/07/15 17:35:59 | 000,399,491 | ---- | C] () -- C:\Users\Info-H@k\Desktop\ciboudt.jpg [2010/03/02 15:32:03 | 000,004,062 | ---- | C] () -- C:\ProgramData\lxdi [2010/02/19 19:04:08 | 000,007,168 | ---- | C] () -- C:\Users\Info-H@k\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010/02/16 12:27:53 | 000,294,912 | ---- | C] () -- C:\Windows\System32\lxdiinst.dll [2010/02/16 12:27:53 | 000,208,896 | ---- | C] () -- C:\Windows\System32\lxdigrd.dll [2010/02/10 14:39:37 | 000,000,169 | ---- | C] () -- C:\Windows\adidsl.ini [2010/02/10 14:39:37 | 000,000,021 | ---- | C] () -- C:\Windows\Fast800.ini [2010/02/10 14:39:31 | 000,253,008 | ---- | C] () -- C:\Windows\adirasx64.exe [2010/02/10 14:39:31 | 000,194,128 | ---- | C] () -- C:\Windows\adiras.exe [2010/02/10 14:39:30 | 000,127,456 | ---- | C] () -- C:\Windows\System32\IPDETECT.EXE [2010/02/10 14:39:29 | 000,152,126 | ---- | C] () -- C:\Windows\System32\drivers\L1E9P2.BIN [2010/02/10 14:39:28 | 000,152,126 | ---- | C] () -- C:\Windows\System32\drivers\L1E9P1.BIN [2010/02/10 14:39:28 | 000,152,126 | ---- | C] () -- C:\Windows\System32\drivers\L1E9P0.BIN [2010/02/10 14:39:28 | 000,152,126 | ---- | C] () -- C:\Windows\System32\drivers\L1E9I2.BIN [2010/02/10 14:39:28 | 000,152,126 | ---- | C] () -- C:\Windows\System32\drivers\L1E9I1.BIN [2010/02/10 14:39:28 | 000,152,126 | ---- | C] () -- C:\Windows\System32\drivers\L1E9I0.BIN [2010/02/10 14:39:28 | 000,046,892 | ---- | C] () -- C:\Windows\System32\ADADIX16.DLL [2010/02/10 14:39:28 | 000,024,576 | ---- | C] () -- C:\Windows\enddisk32.exe [2010/02/10 14:39:27 | 000,152,308 | ---- | C] () -- C:\Windows\System32\drivers\L1E4I2.BIN [2010/02/10 14:39:27 | 000,152,306 | ---- | C] () -- C:\Windows\System32\drivers\L1E4I1.BIN [2010/02/10 14:39:27 | 000,152,306 | ---- | C] () -- C:\Windows\System32\drivers\L1E4I0.BIN [2010/02/10 14:39:27 | 000,152,146 | ---- | C] () -- C:\Windows\System32\drivers\L1E4P2.BIN [2010/02/10 14:39:27 | 000,152,145 | ---- | C] () -- C:\Windows\System32\drivers\L1E4P1.BIN [2010/02/10 14:39:27 | 000,152,145 | ---- | C] () -- C:\Windows\System32\drivers\L1E4P0.BIN [2010/02/10 14:39:27 | 000,152,036 | ---- | C] () -- C:\Windows\System32\drivers\L1E4D2.BIN [2010/02/10 14:39:27 | 000,152,034 | ---- | C] () -- C:\Windows\System32\drivers\L1E4D1.BIN [2010/02/10 14:39:27 | 000,152,034 | ---- | C] () -- C:\Windows\System32\drivers\L1E4D0.BIN [2010/02/10 14:39:27 | 000,022,395 | ---- | C] () -- C:\Windows\System32\drivers\fpga.bin [2010/02/10 14:08:19 | 000,000,989 | ---- | C] () -- C:\Windows\adiras.ini [2010/02/09 20:58:47 | 000,000,034 | ---- | C] () -- C:\Windows\wininit.ini [2010/02/09 20:44:32 | 000,000,102 | ---- | C] () -- C:\Windows\Kit.ini [2010/02/09 14:29:38 | 000,178,176 | ---- | C] () -- C:\Windows\System32\unrar.dll [2010/02/09 14:29:38 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini [2010/02/09 14:29:37 | 003,596,288 | ---- | C] () -- C:\Windows\System32\qt-dx331.dll [2010/02/09 14:29:37 | 000,881,664 | ---- | C] () -- C:\Windows\System32\xvidcore.dll [2010/02/09 14:29:37 | 000,205,824 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll [2010/02/09 14:29:36 | 000,085,504 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll [2010/02/09 13:47:43 | 000,140,288 | ---- | C] () -- C:\Windows\System32\igfxtvcx.dll [2010/02/09 13:22:26 | 000,982,220 | ---- | C] () -- C:\Windows\System32\igkrng500.bin [2010/02/09 13:22:26 | 000,092,216 | ---- | C] () -- C:\Windows\System32\igfcg500m.bin [2010/02/09 13:22:17 | 000,134,592 | ---- | C] () -- C:\Windows\System32\igfcg500.bin [2010/02/09 13:12:21 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini [2010/02/09 13:12:19 | 000,015,682 | ---- | C] () -- C:\Windows\Ascd_tmp.ini [2009/08/13 22:45:40 | 000,439,300 | ---- | C] () -- C:\Windows\System32\igcompkrng500.bin [2009/07/14 10:39:49 | 000,704,242 | ---- | C] () -- C:\Windows\System32\perfh00C.dat [2009/07/14 10:39:49 | 000,344,522 | ---- | C] () -- C:\Windows\System32\perfi00C.dat [2009/07/14 10:39:49 | 000,130,548 | ---- | C] () -- C:\Windows\System32\perfc00C.dat [2009/07/14 10:39:49 | 000,038,160 | ---- | C] () -- C:\Windows\System32\perfd00C.dat [2009/07/14 06:57:37 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat [2009/07/14 06:33:53 | 000,283,832 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT [2009/07/14 04:05:48 | 000,615,810 | ---- | C] () -- C:\Windows\System32\perfh009.dat [2009/07/14 04:05:48 | 000,291,294 | ---- | C] () -- C:\Windows\System32\perfi009.dat [2009/07/14 04:05:48 | 000,106,190 | ---- | C] () -- C:\Windows\System32\perfc009.dat [2009/07/14 04:05:48 | 000,031,548 | ---- | C] () -- C:\Windows\System32\perfd009.dat [2009/07/14 04:05:05 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT [2009/07/14 04:04:11 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat [2009/07/14 01:55:01 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin [2009/07/14 01:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll [2009/07/14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll [2009/06/10 23:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat [2009/06/10 07:31:04 | 000,089,088 | ---- | C] () -- C:\Windows\System32\nvimage.dll [2009/05/13 13:11:34 | 000,006,504 | ---- | C] () -- C:\Windows\System32\drivers\ASACPI.sys [2009/04/02 14:30:14 | 000,010,296 | ---- | C] () -- C:\Windows\System32\drivers\ASUSHWIO.SYS [2007/03/30 11:13:24 | 000,344,064 | ---- | C] () -- C:\Windows\System32\lxdicoin.dll [2007/03/23 16:44:46 | 000,692,224 | ---- | C] () -- C:\Windows\System32\lxdidrs.dll [2007/02/09 15:07:06 | 000,069,632 | ---- | C] () -- C:\Windows\System32\lxdicnv4.dll [2007/01/23 20:40:16 | 000,065,536 | ---- | C] () -- C:\Windows\System32\lxdicaps.dll [2006/08/01 02:53:18 | 000,040,960 | ---- | C] () -- C:\Windows\System32\lxdivs.dll [2004/03/26 10:56:40 | 000,017,191 | ---- | C] () -- C:\Windows\System32\lvcoinst.ini ========== Custom Scans ========== < %SYSTEMDRIVE%\*.* > [2009/06/10 23:42:20 | 000,000,024 | ---- | M] () -- C:\autoexec.bat [2009/06/10 23:42:20 | 000,000,010 | ---- | M] () -- C:\config.sys [2010/03/26 09:56:38 | 000,002,323 | ---- | M] () -- C:\error.log [2011/08/02 08:28:10 | 1609,916,416 | -HS- | M] () -- C:\hiberfil.sys [2010/09/23 22:24:48 | 000,001,092 | ---- | M] () -- C:\lxdiPpx.log [2011/08/02 08:28:20 | 2146,557,952 | -HS- | M] () -- C:\pagefile.sys [2011/08/02 09:50:18 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin < %systemroot%\*. /mp /s > < %systemroot%\system32\*.dll /lockedfiles > [1 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ] < %systemroot%\Tasks\*.job /lockedfiles > < %systemroot%\System32\config\*.sav > < %systemroot%\system32\drivers\*.sys /90 > [2011/05/29 09:11:20 | 000,022,712 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\system32\drivers\mbam.sys [2011/05/29 09:11:30 | 000,039,984 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\system32\drivers\mbamswissarmy.sys [1 C:\Windows\system32\drivers\*.tmp files -> C:\Windows\system32\drivers\*.tmp -> ] < HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU > < HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs > HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2011-08-02 06:32:23 < > ========== Alternate Data Streams ========== @Alternate Data Stream - 761 bytes -> E:\Documents\Documents\RE IJ.eml:OECustomProperty < End of report >
  7. Prasev
    3éme étape : Results of screen317's Security Check version 0.99.15 Windows 7 Service Pack 1 (UAC is enabled) Internet Explorer 8 `````````````````````````````` Antivirus/Firewall Check: ESET NOD32 Antivirus WMI entry may not exist for antivirus; attempting automatic update. ``````````````````````````````` Anti-malware/Other Utilities Check: Malwarebytes' Anti-Malware TuneUp Utilities TuneUp Utilities Language Pack (fr-FR) TuneUp Utilities Java 6 Update 16 Java 6 Update 18 Out of date Java installed! Flash Player Out of Date! Adobe Flash Player 10.0.42.34 ```````````````````````````````` Process Check: objlist.exe by Laurent Malwarebytes' Anti-Malware mbamservice.exe Malwarebytes' Anti-Malware mbamgui.exe ``````````End of Log```````````` Voilà...
  8. Prasev
    Bonsoir, Je prend un peu de temps mais je travaille beaucoup donc.... 2éme étape : C:\Users\Info-H@k\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\30\54ed279e-51d443bd menaces multiples
  9. Prasev
    Bonsoir, Première partie : Malwarebytes' Anti-Malware 1.51.0.1200 www.malwarebytes.org Version de la base de données: 6949 Windows 6.1.7600 Internet Explorer 8.0.7600.16385 25/06/2011 22:22:45 mbam-log-2011-06-25 (22-22-45).txt Type d'examen: Examen rapide Elément(s) analysé(s): 163839 Temps écoulé: 3 minute(s), 19 seconde(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 0 Valeur(s) du Registre infectée(s): 0 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 1 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): (Aucun élément nuisible détecté) Valeur(s) du Registre infectée(s): (Aucun élément nuisible détecté) Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): c:\Users\Info-H@k\AppData\Local\Temp\google.exe (Rootkit.TDSS) -> Quarantined and deleted successfully.
  10. Prasev
    Bonjour, J'ai windows 7. La boite hotmail de mon conjoint envoie ce genre de spam à tout ses contacts: Nice to see you again. Do you need a mobile in high quality but low price? Do you need a PC, a GPS,or a camera? Don’t miss the website :www.gooo555.com . Good luck to you PT how are you ? Just received my iphone 3gs 32gb from this website www.eleovi.com . much cheaper than others and genuine . if you would like to get one,you can check it out, all the best for 2011 Regards, Charles Nous avons Nod 32 comme antivirus mais à priori il ne trouve rien. Que puis je faire ? Merci d'avance ! Prasev
×
×
  • Créer...