Aller au contenu

  • Pas encore inscrit ?

    Pourquoi ne pas vous inscrire ? C'est simple, rapide et gratuit.
    Pour en savoir plus, lisez Les avantages de l'inscription... et la Charte de Zébulon.
    De plus, les messages que vous postez en tant qu'invité restent invisibles tant qu'un modérateur ne les a pas validés. Inscrivez-vous, ce sera un gain de temps pour tout le monde, vous, les helpeurs et les modérateurs ! :wink:

Curseur qui saute et clique tout seul

darksidius

Par darksidius
dans Analyses et éradication malwares

 Partager

Messages recommandés

lance_yien Full Patch Member

lance_yien

Posté(e)
Posté(e)

Bonjour,

 

C'est normal pour RKill et c'est une bonne nouvelle qu'apparemment il n'y a pas d'infection détectée.

On va quand même vérifier avec OTL.

--

 

Imprimer ces instructions ou les enregistrer dans un fichier texte sur le Bureau pour les consulter facilement à tout moment et télécharger, sur le Bureau OTL (par OldTimer) depuis ici ou ici.

Brancher et allumer tous les médias amovibles ayant servi à un quelconque transfert de données (clés USB...).

Fermer tout et cliquer-droit sur OTL.exe => "Exécuter en tant qu'Admin".

Copiez/ Collez ces lignes (commençant par netsvcs) dans l'espace sous "Personnalisation":

netsvcs

drivers32

%SYSTEMDRIVE%\*.*

%systemroot%\*. /mp /s

CREATERESTOREPOINT

HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs

Sans rien changer, cliquer sur le bouton bleu Analyse et laisser faire.

A la fin du scan, 2 rapports seront créés: OTL.txt (qui s'ouvre dans le bloc-note) et Extras.txt (qui sera minimisé dans la Barre des tâches).

Copier/ Coller le contenu de chaque rapport, un seul par message parce qu'ils sont souvent très longs et dépassent la limite autorisée par le forum.

 

Rapports demandés:

  • OTL.txt
  • Extras.txt

Ta "tablet PC Bamboo Pen and Touch" a un rapport avec "Wacom Technology"? Je suppose que tu as vérifié si le matériel était compatible avec ta version de Windows avant l'installation?

darksidius Junior Member

darksidius

Posté(e)
  • Auteur
Posté(e)

Bonjour,

Whaou !! vous bossez même le dimanche sur Zébulon... et en bénévole en plus, chapeau bas !! :super:

 

Pour en revenir à ta question, Wacom est bien le distributeur de la tablet bamboo, et c'est effectivement depuis son installation que je rencontre le problème de curseur. Mais malgré plusieurs désinstallations, réinstallations, mises à jour des pilotes et touti quanti, rien n'y fait...

 

Bref... voici le rapport OTL :

OTL logfile created on: 28/11/2010 11:32:50 - Run 1

OTL by OldTimer - Version 3.2.17.3 Folder = C:\Users\Fred\Desktop

64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation

Internet Explorer (Version = 8.0.7600.16385)

Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

 

7,00 Gb Total Physical Memory | 6,00 Gb Available Physical Memory | 81,00% Memory free

13,00 Gb Paging File | 12,00 Gb Available in Paging File | 89,00% Paging File free

Paging file location(s): C:\pagefile.sys 6142 6142 [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)

Drive C: | 239,05 Gb Total Space | 172,46 Gb Free Space | 72,14% Space Free | Partition Type: NTFS

Drive D: | 122,17 Gb Total Space | 47,68 Gb Free Space | 39,03% Space Free | Partition Type: NTFS

Drive G: | 1,86 Gb Total Space | 1,82 Gb Free Space | 98,04% Space Free | Partition Type: NTFS

Drive I: | 446,77 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: UDF

Drive J: | 95,37 Gb Total Space | 13,05 Gb Free Space | 13,68% Space Free | Partition Type: NTFS

Drive L: | 97,66 Gb Total Space | 36,79 Gb Free Space | 37,67% Space Free | Partition Type: NTFS

Drive M: | 146,48 Gb Total Space | 74,24 Gb Free Space | 50,68% Space Free | Partition Type: NTFS

Drive Z: | 217,01 Gb Total Space | 18,94 Gb Free Space | 8,73% Space Free | Partition Type: NTFS

 

Computer Name: DOUDOU-PC | User Name: Fred | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

 

========== Processes (SafeList) ==========

 

PRC - [2010/11/28 11:28:13 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Fred\Desktop\OTL.exe

PRC - [2010/10/15 11:39:30 | 001,106,944 | ---- | M] () -- C:\SystemFiles\Audio32.exe

PRC - [2010/10/08 01:03:46 | 000,369,256 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

PRC - [2010/09/13 18:32:32 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

PRC - [2010/04/29 15:39:34 | 000,304,464 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

PRC - [2010/01/15 01:27:51 | 000,289,584 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files (x86)\uTorrent\uTorrent.exe

 

 

========== Modules (SafeList) ==========

 

MOD - [2010/11/28 11:28:13 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Fred\Desktop\OTL.exe

MOD - [2010/08/21 06:21:32 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll

 

 

========== Win32 Services (SafeList) ==========

 

SRV:64bit: - [2010/09/21 13:33:10 | 005,788,016 | ---- | M] (Wacom Technology, Corp.) [Auto | Running] -- C:\Program Files\Tablet\Pen\Pen_Tablet.exe -- (TabletServicePen)

SRV:64bit: - [2010/09/21 13:33:10 | 000,484,720 | ---- | M] (Wacom Technology, Corp.) [Auto | Running] -- C:\Program Files\Tablet\Pen\Pen_TouchService.exe -- (TouchServicePen)

SRV:64bit: - [2010/09/12 14:34:12 | 000,325,120 | ---- | M] (CybelSoft) [On_Demand | Stopped] -- C:\Program Files\ma-config.com\x64\maconfservice.exe -- (maconfservice)

SRV:64bit: - [2010/06/14 15:11:56 | 000,036,168 | ---- | M] (TuneUp Software) [Disabled | Stopped] -- C:\Windows\SysNative\uxtuneup.dll -- (UxTuneUp)

SRV:64bit: - [2010/03/25 22:48:42 | 000,017,424 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Essentials\MsMpEng.exe -- (MsMpSvc)

SRV:64bit: - [2010/01/14 21:37:03 | 001,038,088 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe -- (FLEXnet Licensing Service 64)

SRV:64bit: - [2009/07/14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)

SRV - [2010/10/08 01:03:46 | 000,369,256 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)

SRV - [2010/09/13 18:32:32 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc) Intel®

SRV - [2010/06/25 22:22:48 | 000,607,048 | ---- | M] (TuneUp Software) [On_Demand | Stopped] -- C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpDefragService.exe -- (TuneUp.Defrag)

SRV - [2010/06/14 15:16:38 | 001,403,208 | ---- | M] (TuneUp Software) [Disabled | Stopped] -- C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesService64.exe -- (TuneUp.UtilitiesSvc)

SRV - [2010/06/14 15:11:48 | 000,030,024 | ---- | M] (TuneUp Software) [Disabled | Stopped] -- C:\Windows\SysWOW64\uxtuneup.dll -- (UxTuneUp)

SRV - [2010/04/29 15:39:34 | 000,304,464 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)

SRV - [2010/03/22 08:17:24 | 000,276,584 | ---- | M] (NVIDIA) [Disabled | Stopped] -- C:\Program Files (x86)\NVIDIA Corporation\nTune\nTuneService.exe -- (nTuneService)

SRV - [2010/03/18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)

SRV - [2010/02/19 12:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)

SRV - [2010/01/14 21:37:01 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)

SRV - [2009/12/01 12:57:46 | 000,020,480 | ---- | M] (AG Interactive) [Disabled | Stopped] -- C:\Program Files (x86)\AGI\core\4.2\AGCoreService.exe -- (AGCoreService)

SRV - [2009/11/06 12:24:54 | 000,282,728 | ---- | M] (NVIDIA) [On_Demand | Stopped] -- C:\Program Files (x86)\NVIDIA Corporation\System Update\UpdateCenterService.exe -- (UpdateCenterService)

SRV - [2009/06/10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)

SRV - [2009/01/26 14:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) [On_Demand | Stopped] -- C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe -- (SBSDWSCService)

 

 

========== Driver Services (SafeList) ==========

 

DRV:64bit: - [2010/10/08 15:52:38 | 000,144,784 | ---- | M] (Oracle Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VBoxNetAdp.sys -- (VBoxNetAdp)

DRV:64bit: - [2010/09/15 10:13:46 | 000,018,288 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\wacmoumonitor.sys -- (wacmoumonitor)

DRV:64bit: - [2010/09/15 10:02:58 | 000,016,168 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\wacomvhid.sys -- (wacomvhid)

DRV:64bit: - [2010/09/13 18:24:26 | 000,437,272 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)

DRV:64bit: - [2010/09/07 21:08:55 | 000,155,752 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)

DRV:64bit: - [2010/08/30 11:19:54 | 000,015,872 | ---- | M] (CybelSoft) [Kernel | On_Demand | Stopped] -- C:\Program Files\ma-config.com\Drivers\driverhardwarev2x64.sys -- (driverhardwarev2x64)

DRV:64bit: - [2010/06/17 17:18:28 | 000,246,376 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)

DRV:64bit: - [2010/05/17 05:43:12 | 000,930,656 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\netr28x.sys -- (netr28x)

DRV:64bit: - [2010/04/29 15:39:28 | 000,024,664 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)

DRV:64bit: - [2010/04/08 00:03:58 | 000,290,008 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\e1y62x64.sys -- (e1yexpress) Intel®

DRV:64bit: - [2010/03/10 16:16:36 | 000,029,720 | ---- | M] (Initio Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ivusb.sys -- (ivusb)

DRV:64bit: - [2010/01/21 18:15:34 | 000,082,816 | ---- | M] (VSO Software) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pcouffin.sys -- (pcouffin)

DRV:64bit: - [2010/01/14 13:45:10 | 000,834,544 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)

DRV:64bit: - [2009/09/15 13:59:30 | 000,042,088 | ---- | M] (NVIDIA Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvoclk64.sys -- (nvoclk64)

DRV:64bit: - [2009/08/13 07:38:24 | 000,029,184 | ---- | M] (CSR, plc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthAvrcp.sys -- (BthAvrcp)

DRV:64bit: - [2009/07/21 08:32:50 | 007,345,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)

DRV:64bit: - [2009/07/14 02:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)

DRV:64bit: - [2009/07/14 02:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)

DRV:64bit: - [2009/07/14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)

DRV:64bit: - [2009/07/14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)

DRV:64bit: - [2009/07/14 02:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)

DRV:64bit: - [2009/07/14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)

DRV:64bit: - [2009/07/14 01:06:43 | 000,060,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\61883.sys -- (61883)

DRV:64bit: - [2009/07/14 01:06:43 | 000,048,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\avc.sys -- (Avc)

DRV:64bit: - [2009/07/14 01:06:42 | 000,061,440 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msdv.sys -- (MSDV)

DRV:64bit: - [2009/07/09 02:00:00 | 000,055,280 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)

DRV:64bit: - [2009/06/10 21:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs)

DRV:64bit: - [2009/06/10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)

DRV:64bit: - [2009/06/10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)

DRV:64bit: - [2009/06/10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)

DRV:64bit: - [2009/06/10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)

DRV:64bit: - [2009/05/25 21:13:10 | 000,138,752 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\IntcHdmi.sys -- (IntcHdmiAddService) Intel®

DRV:64bit: - [2009/02/13 20:02:52 | 000,014,464 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wdcsam64.sys -- (WDC_SAM)

DRV:64bit: - [2009/02/03 16:37:50 | 000,075,384 | ---- | M] (Protection Technology (StarForce)) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sfdrv01.sys -- (sfdrv01) StarForce Protection Environment Driver (version 1.x)

DRV:64bit: - [2007/02/16 20:12:36 | 000,012,848 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\wacommousefilter.sys -- (wacommousefilter)

DRV:64bit: - [2007/02/08 18:47:24 | 000,107,384 | ---- | M] (Protection Technology (StarForce)) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sfvfs02.sys -- (sfvfs02) StarForce Protection VFS Driver (version 2.x)

DRV:64bit: - [2006/06/14 15:58:10 | 000,014,192 | ---- | M] (Protection Technology (StarForce)) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sfhlp02.sys -- (sfhlp02) StarForce Protection Helper Driver (version 2.x)

DRV:64bit: - [2005/09/23 22:18:34 | 000,261,120 | ---- | M] (Pinnacle Systems GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\MarvinBus64.sys -- (MarvinBus)

DRV - [2009/10/14 07:24:44 | 000,011,856 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesDriver64.sys -- (TuneUpUtilitiesDrv)

 

 

========== Standard Registry (SafeList) ==========

 

 

========== Internet Explorer ==========

 

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =

 

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL =

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = BD en ligne gratuites - bd, manga, humour, adulte - manolosanctis

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>

 

========== FireFox ==========

 

FF - prefs.js..browser.startup.homepage: "http://www.google.fr/"

FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.1

FF - prefs.js..extensions.enabledItems: {DDC359D1-844A-42a7-9AA1-88A850A938A8}:1.1.10

FF - prefs.js..extensions.enabledItems: {eeeeeeee-aaaa-0000-aaaa-000000000000}:3.1.2

FF - prefs.js..extensions.enabledItems: {a7c6cf7f-112c-4500-a7ea-39801a327e5f}:1.0.9

FF - prefs.js..extensions.enabledItems: firegestures@xuldev.org:1.5.7

FF - prefs.js..extensions.enabledItems: {582195F5-92E7-40a0-A127-DB71295901D7}:0.6

FF - prefs.js..extensions.enabledItems: {1A2D0EC4-75F5-4c91-89C4-3656F6E44B68}:0.4.4

FF - prefs.js..extensions.enabledItems: webmaster@keep-tube.com:1.2

FF - prefs.js..extensions.enabledItems: {de1b245c-de57-11da-ba2d-0050c2490048}:1.0.8

FF - prefs.js..extensions.enabledItems: silvermelxt@pardal.de:1.3.5

FF - prefs.js..extensions.enabledItems: {e0204bd5-9d31-402b-a99d-a6aa8ffebdca}:1.2.5

FF - prefs.js..extensions.enabledItems: SkipScreen@SkipScreen:0.4.7a

FF - prefs.js..extensions.enabledItems: CompactMenuCE@Merci.chao:4.3.2

FF - prefs.js..extensions.enabledItems: {ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}:1.4.1

FF - prefs.js..extensions.enabledItems: {0545b830-f0aa-4d7e-8820-50a4629a56fe}:4.6.4

FF - prefs.js..extensions.enabledItems: {84b24861-62f6-364b-eba5-2e5e2061d7e6}:0.9.3

FF - prefs.js..extensions.enabledItems: silvermel@pardal.de:1.3.5

FF - prefs.js..network.proxy.http: "127.0.0.1"

FF - prefs.js..network.proxy.http_port: 8118

FF - prefs.js..network.proxy.no_proxies_on: "127.0.0.1"

FF - prefs.js..network.proxy.socks: "127.0.0.1"

FF - prefs.js..network.proxy.socks_port: 9050

FF - prefs.js..network.proxy.socks_remote_dns: true

FF - prefs.js..network.proxy.ssl: "127.0.0.1"

FF - prefs.js..network.proxy.ssl_port: 8118

FF - prefs.js..network.proxy.type: 0

 

 

FF - HKLM\software\mozilla\Firefox\Extensions\\{3252b9ae-c69a-4eaf-9502-dc9c1f6c009e}: C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DMExtension\ [2010/07/26 13:30:00 | 000,000,000 | ---D | M]

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010/10/29 12:23:05 | 000,000,000 | ---D | M]

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2010/10/29 12:23:05 | 000,000,000 | ---D | M]

 

[2010/11/15 22:41:58 | 000,000,000 | ---D | M] -- C:\Users\Fred\AppData\Roaming\mozilla\Extensions

[2010/11/15 16:12:01 | 000,000,000 | ---D | M] -- C:\Users\Fred\AppData\Roaming\mozilla\Extensions\MediaCoder

[2010/11/15 16:08:01 | 000,000,000 | ---D | M] -- C:\Users\Fred\AppData\Roaming\mozilla\Extensions\MediaCoder-MCEX

[2010/11/15 22:41:58 | 000,000,000 | ---D | M] -- C:\Users\Fred\AppData\Roaming\mozilla\Extensions\MediaCoder-Setup-Wizard

[2010/11/28 00:25:01 | 000,000,000 | ---D | M] -- C:\Users\Fred\AppData\Roaming\mozilla\Firefox\Profiles\jybyzh2n.default\extensions

[2010/10/21 08:06:48 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Fred\AppData\Roaming\mozilla\Firefox\Profiles\jybyzh2n.default\extensions\{0545b830-f0aa-4d7e-8820-50a4629a56fe}

[2010/02/11 14:21:02 | 000,000,000 | ---D | M] (Image Zoom) -- C:\Users\Fred\AppData\Roaming\mozilla\Firefox\Profiles\jybyzh2n.default\extensions\{1A2D0EC4-75F5-4c91-89C4-3656F6E44B68}

[2010/02/10 00:45:46 | 000,000,000 | ---D | M] (Gmail Manager) -- C:\Users\Fred\AppData\Roaming\mozilla\Firefox\Profiles\jybyzh2n.default\extensions\{582195F5-92E7-40a0-A127-DB71295901D7}

[2010/10/11 13:05:33 | 000,000,000 | ---D | M] (mediaplayerconnectivity) -- C:\Users\Fred\AppData\Roaming\mozilla\Firefox\Profiles\jybyzh2n.default\extensions\{84b24861-62f6-364b-eba5-2e5e2061d7e6}

[2010/06/02 18:55:04 | 000,000,000 | ---D | M] (FireFTP) -- C:\Users\Fred\AppData\Roaming\mozilla\Firefox\Profiles\jybyzh2n.default\extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f}

[2010/10/10 12:12:17 | 000,000,000 | ---D | M] (Password Exporter) -- C:\Users\Fred\AppData\Roaming\mozilla\Firefox\Profiles\jybyzh2n.default\extensions\{B17C1C5A-04B1-11DB-9804-B622A1EF5492}

[2010/11/04 08:26:07 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\Fred\AppData\Roaming\mozilla\Firefox\Profiles\jybyzh2n.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}

[2010/02/11 17:47:02 | 000,000,000 | ---D | M] (Tweak Network) -- C:\Users\Fred\AppData\Roaming\mozilla\Firefox\Profiles\jybyzh2n.default\extensions\{DAD0F81A-CF67-4eed-98D6-26F6E47274CA}

[2010/05/29 01:15:04 | 000,000,000 | ---D | M] (DownThemAll!) -- C:\Users\Fred\AppData\Roaming\mozilla\Firefox\Profiles\jybyzh2n.default\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}

[2010/02/10 00:34:28 | 000,000,000 | ---D | M] (MinimizeToTray Plus) -- C:\Users\Fred\AppData\Roaming\mozilla\Firefox\Profiles\jybyzh2n.default\extensions\{de1b245c-de57-11da-ba2d-0050c2490048}

[2010/09/22 23:54:45 | 000,000,000 | ---D | M] (Torbutton) -- C:\Users\Fred\AppData\Roaming\mozilla\Firefox\Profiles\jybyzh2n.default\extensions\{e0204bd5-9d31-402b-a99d-a6aa8ffebdca}

[2010/02/11 18:17:07 | 000,000,000 | ---D | M] (Fasterfox (EladKarako Mod)) -- C:\Users\Fred\AppData\Roaming\mozilla\Firefox\Profiles\jybyzh2n.default\extensions\{eeeeeeee-aaaa-0000-aaaa-000000000000}

[2010/11/17 01:36:15 | 000,000,000 | ---D | M] (FoxTab) -- C:\Users\Fred\AppData\Roaming\mozilla\Firefox\Profiles\jybyzh2n.default\extensions\{ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}

[2010/10/11 08:50:15 | 000,000,000 | ---D | M] -- C:\Users\Fred\AppData\Roaming\mozilla\Firefox\Profiles\jybyzh2n.default\extensions\CompactMenuCE@Merci.chao

[2010/04/17 16:46:50 | 000,000,000 | ---D | M] -- C:\Users\Fred\AppData\Roaming\mozilla\Firefox\Profiles\jybyzh2n.default\extensions\firegestures@xuldev.org

[2010/04/15 00:06:36 | 000,000,000 | ---D | M] -- C:\Users\Fred\AppData\Roaming\mozilla\Firefox\Profiles\jybyzh2n.default\extensions\silvermel@pardal.de

[2010/04/15 00:06:39 | 000,000,000 | ---D | M] -- C:\Users\Fred\AppData\Roaming\mozilla\Firefox\Profiles\jybyzh2n.default\extensions\silvermelxt@pardal.de

[2010/10/11 08:50:15 | 000,000,000 | ---D | M] -- C:\Users\Fred\AppData\Roaming\mozilla\Firefox\Profiles\jybyzh2n.default\extensions\SkipScreen@SkipScreen

[2010/05/15 17:40:37 | 000,000,000 | ---D | M] -- C:\Users\Fred\AppData\Roaming\mozilla\Firefox\Profiles\jybyzh2n.default\extensions\webmaster@keep-tube.com

[2010/02/23 22:41:56 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Firefox\extensions

[2010/01/14 00:19:42 | 000,075,208 | ---- | M] (Foxit Software Company) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npFoxitReaderPlugin.dll

[2010/01/16 02:10:07 | 000,001,516 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\amazon-france.xml

[2010/01/16 02:10:07 | 000,001,822 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\cnrtl-tlfi-fr.xml

[2010/01/16 02:10:07 | 000,000,757 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\eBay-france.xml

[2010/01/16 02:10:07 | 000,001,426 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\wikipedia-fr.xml

[2010/03/24 23:17:11 | 000,000,956 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\yahoo-france.xml

 

O1 HOSTS File: ([2010/09/03 19:46:49 | 000,417,921 | R--- | M]) - C:\Windows\SysNative\drivers\etc\hosts

O1 - Hosts: 127.0.0.1 activate.adobe.com

O1 - Hosts: 127.0.0.1 www.007guard.com

O1 - Hosts: 127.0.0.1 007guard.com

O1 - Hosts: 127.0.0.1 008i.com

O1 - Hosts: 127.0.0.1 www.008k.com

O1 - Hosts: 127.0.0.1 008k.com

O1 - Hosts: 127.0.0.1 www.00hq.com

O1 - Hosts: 127.0.0.1 00hq.com

O1 - Hosts: 127.0.0.1 010402.com

O1 - Hosts: 127.0.0.1 www.032439.com

O1 - Hosts: 127.0.0.1 032439.com

O1 - Hosts: 127.0.0.1 www.0scan.com

O1 - Hosts: 127.0.0.1 0scan.com

O1 - Hosts: 127.0.0.1 1000gratisproben.com

O1 - Hosts: 127.0.0.1 www.1000gratisproben.com

O1 - Hosts: 127.0.0.1 1001namen.com

O1 - Hosts: 127.0.0.1 www.1001namen.com

O1 - Hosts: 127.0.0.1 100888290cs.com

O1 - Hosts: 127.0.0.1 www.100888290cs.com

O1 - Hosts: 127.0.0.1 www.100sexlinks.com

O1 - Hosts: 127.0.0.1 100sexlinks.com

O1 - Hosts: 127.0.0.1 10sek.com

O1 - Hosts: 127.0.0.1 www.10sek.com

O1 - Hosts: 127.0.0.1 www.1-2005-search.com

O1 - Hosts: 127.0.0.1 1-2005-search.com

O1 - Hosts: 14418 more lines...

O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.

O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.

O4:64bit: - HKLM..\Run: [MSSE] c:\Program Files\Microsoft Security Essentials\msseces.exe (Microsoft Corporation)

O4 - HKCU..\Run: [Audio Manager 32] C:\SystemFiles\Audio32.exe ()

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SynchronousMachineGroupPolicy = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SynchronousUserGroupPolicy = 0

O9 - Extra Button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - Reg Error: Value error. File not found

O9 - Extra 'Tools' menuitem : &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - Reg Error: Value error. File not found

O13 - gopher Prefix: missing

O13 - gopher Prefix: missing

O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} (Reg Error: Key error.)

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Plug-in 1.6.0_18)

O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} (Java Plug-in 1.6.0_18)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} (Java Plug-in 1.6.0_18)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 212.27.40.240 212.27.40.241

O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found

O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found

O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found

O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found

O18:64bit: - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - Reg Error: Key error. File not found

O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found

O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found

O20:64bit: - Winlogon\Notify\igfxcui: DllName - Reg Error: Value error. - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)

O20 - Winlogon\Notify\igfxcui: DllName - Reg Error: Value error. - Reg Error: Value error. File not found

O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2009/06/18 22:12:18 | 000,000,088 | ---- | M] () - I:\autorun.inf -- [ UDF ]

O33 - MountPoints2\{9f172490-0440-11df-8694-00262d1354cf}\Shell - "" = AutoRun

O33 - MountPoints2\{9f172490-0440-11df-8694-00262d1354cf}\Shell\AutoRun\command - "" = K:\WD SmartWare.exe -- File not found

O33 - MountPoints2\{c603d03f-f400-11df-802b-00262d1354cf}\Shell - "" = AutoRun

O33 - MountPoints2\{c603d03f-f400-11df-802b-00262d1354cf}\Shell\AutoRun\command - "" = I:\WD SmartWare.exe -- [2009/08/17 18:53:00 | 002,770,432 | ---- | M] (Western Digital)

O34 - HKLM BootExecute: (autocheck autochk *) - File not found

O35:64bit: - HKLM\..comfile [open] -- "%1" %*

O35:64bit: - HKLM\..exefile [open] -- "%1" %*

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*

O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

 

NetSvcs:64bit: UxTuneUp - C:\Windows\SysNative\uxtuneup.dll (TuneUp Software)

 

Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)

Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)

Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)

 

CREATERESTOREPOINT

Restore point Set: OTL Restore Point

 

========== Files/Folders - Created Within 30 Days ==========

 

[2010/11/28 11:27:54 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Users\Fred\Desktop\OTL.exe

[2010/11/28 00:27:27 | 000,000,000 | ---D | C] -- C:\Users\Fred\Desktop\Nouveau dossier

[2010/11/27 15:44:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ESET

[2010/11/26 10:46:12 | 000,000,000 | ---D | C] -- C:\Program Files\Defraggler

[2010/11/26 10:18:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Quicksys

[2010/11/25 22:56:36 | 000,000,000 | -HSD | C] -- C:\Config.Msi

[2010/11/25 00:57:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\7room

[2010/11/24 16:13:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PhotoFiltre

[2010/11/22 18:09:26 | 000,000,000 | ---D | C] -- C:\Users\Fred\AppData\Roaming\TuxPaint

[2010/11/22 18:08:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TuxPaint

[2010/11/19 19:07:55 | 000,000,000 | ---D | C] -- C:\Program Files\Western Digital

[2010/11/19 01:12:44 | 000,000,000 | ---D | C] -- C:\Users\Fred\.VirtualBox

[2010/11/19 01:11:30 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\DRVSTORE

[2010/11/19 01:11:28 | 000,000,000 | ---D | C] -- C:\Program Files\Oracle

[2010/11/17 21:05:26 | 000,000,000 | ---D | C] -- C:\Leopard Icons

[2010/11/17 00:54:19 | 000,000,000 | ---D | C] -- D:\Documents\EVEREST Reports

[2010/11/16 01:35:02 | 000,749,936 | ---- | C] (Wacom Technology, Corp.) -- C:\Windows\SysNative\Pen_Touch_Tablet.dll

[2010/11/16 01:35:02 | 000,642,928 | ---- | C] (Wacom Technology, Corp.) -- C:\Windows\SysWow64\Pen_Touch_Tablet.dll

[2010/11/16 01:34:56 | 000,018,288 | ---- | C] (Wacom Technology) -- C:\Windows\SysNative\drivers\wacmoumonitor.sys

[2010/11/16 01:34:22 | 000,000,000 | ---D | C] -- C:\Program Files\Tablet

[2010/11/15 16:08:00 | 000,000,000 | ---D | C] -- C:\Users\Fred\AppData\Local\Broad Intelligence

[2010/11/15 16:05:41 | 000,000,000 | ---D | C] -- C:\Users\Fred\AppData\Roaming\Broad Intelligence

[2010/11/15 16:01:48 | 000,000,000 | ---D | C] -- C:\Program Files\MediaCoder

[2010/11/13 21:35:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VS Revo Group

[2010/11/13 18:32:46 | 000,000,000 | ---D | C] -- C:\Users\Fred\AppData\Roaming\Malwarebytes

[2010/11/13 18:32:38 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys

[2010/11/13 18:32:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes

[2010/11/13 18:32:36 | 000,024,664 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys

[2010/11/13 18:32:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware

[2010/11/10 18:56:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\jv16 PowerTools

[2010/11/09 21:10:47 | 000,000,000 | ---D | C] -- C:\Windows\fr

[2010/11/09 21:05:17 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Live

[2010/11/09 21:04:40 | 000,515,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_5.dll

[2010/11/09 21:04:40 | 000,069,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_3.dll

[2010/11/09 21:04:39 | 000,523,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_42.dll

[2010/11/09 21:03:33 | 003,860,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\UIRibbon.dll

[2010/11/09 21:03:33 | 002,983,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\UIRibbon.dll

[2010/11/09 21:03:33 | 001,164,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\UIRibbonRes.dll

[2010/11/09 21:03:33 | 001,164,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\UIRibbonRes.dll

[2010/11/09 17:46:54 | 001,308,776 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvgenco64.dll

[2010/11/09 17:46:54 | 000,155,752 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvhda64v.sys

[2010/11/09 17:46:54 | 000,029,288 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvhdap64.dll

[2010/11/09 17:46:53 | 020,280,936 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll

[2010/11/09 17:46:53 | 014,899,816 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll

[2010/11/09 17:46:53 | 012,787,816 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvd3dumx.dll

[2010/11/09 17:46:53 | 010,021,992 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvd3dum.dll

[2010/11/09 17:46:53 | 006,470,760 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll

[2010/11/09 17:46:53 | 005,399,656 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvwgf2um.dll

[2010/11/09 17:46:53 | 004,836,456 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll

[2010/11/09 17:46:53 | 003,112,552 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll

[2010/11/09 17:46:53 | 002,934,376 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvenc.dll

[2010/11/09 17:46:53 | 002,911,848 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll

[2010/11/09 17:46:53 | 002,666,088 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvenc.dll

[2010/11/09 17:46:53 | 001,500,264 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco642050.dll

[2010/11/09 17:46:53 | 001,308,776 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvgenco642030.dll

[2010/11/09 17:46:53 | 000,067,176 | ---- | C] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll

[2010/11/09 17:46:53 | 000,057,960 | ---- | C] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll

[2010/11/09 17:46:52 | 018,597,480 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcompiler.dll

[2010/11/09 17:46:52 | 013,019,752 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcompiler.dll

[2010/11/09 17:46:52 | 002,159,720 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvapi64.dll

[2010/11/09 17:46:52 | 001,718,376 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvapi.dll

[2010/11/09 17:46:52 | 000,386,152 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdecodemft.dll

[2010/11/09 17:46:52 | 000,318,568 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvdecodemft.dll

[2010/11/09 17:46:52 | 000,011,240 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvBridge.kmd

[2010/11/09 17:42:54 | 000,437,272 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\drivers\iaStor.sys

[2010/11/09 17:40:50 | 000,133,800 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\IPROSetMonitor.exe

[2010/11/09 17:40:39 | 000,000,000 | ---D | C] -- C:\Program Files\Intel

[2010/11/09 16:54:09 | 009,112,168 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysWow64\RtsUStoricon.dll

[2010/11/09 16:54:09 | 000,422,504 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtsUStor.dll

[2010/11/09 16:52:19 | 000,930,656 | ---- | C] (Ralink Technology, Corp.) -- C:\Windows\SysNative\drivers\netr28x.sys

[2010/11/09 16:52:19 | 000,326,432 | ---- | C] (Ralink Technology, Inc.) -- C:\Windows\SysNative\RaCoInstx.dll

[2010/11/09 16:52:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Ralink Driver

[2010/11/09 16:39:47 | 000,000,000 | ---D | C] -- D:\Documents\DriverGenius

[2010/11/09 16:38:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Driver-Soft

[2010/11/09 16:07:21 | 000,000,000 | ---D | C] -- C:\ProgramData\PC Drivers HeadQuarters

[2010/11/07 14:27:51 | 000,000,000 | ---D | C] -- C:\Users\Fred\AppData\Roaming\WTablet

[2010/11/07 14:27:46 | 000,290,088 | ---- | C] (Wacom Technology, Corp.) -- C:\Windows\SysNative\Touch_Tablet.dll

[2010/11/07 14:27:46 | 000,000,000 | ---D | C] -- C:\Users\Fred\AppData\Roaming\WTouch

[2010/11/07 14:27:41 | 000,000,000 | ---D | C] -- C:\Program Files\WTouch

[2010/11/07 14:27:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TabletPlugins

[2010/11/07 14:27:05 | 000,012,848 | ---- | C] (Wacom Technology) -- C:\Windows\SysNative\drivers\wacommousefilter.sys

[2010/11/07 14:26:54 | 000,016,168 | ---- | C] (Wacom Technology) -- C:\Windows\SysNative\drivers\wacomvhid.sys

[2010/11/07 14:26:50 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\WTablet

[2010/11/07 14:26:47 | 000,506,736 | ---- | C] (Wacom Technology, Corp.) -- C:\Windows\SysWow64\Wintab32.dll

[2010/11/07 14:26:46 | 000,756,592 | ---- | C] (Wacom Technology, Corp.) -- C:\Windows\SysNative\Pen_Tablet.dll

[2010/11/07 14:26:46 | 000,650,096 | ---- | C] (Wacom Technology, Corp.) -- C:\Windows\SysWow64\Pen_Tablet.dll

[2010/11/07 14:26:45 | 005,556,520 | ---- | C] (Wacom Technology, Corp.) -- C:\Windows\SysNative\Pen_Tablet.exe

[2010/11/07 14:26:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Tablet

[2010/11/05 14:14:16 | 000,245,032 | ---- | C] (Wacom Technology, Corp.) -- C:\Windows\SysWow64\Touch_Tablet.dll

[2010/11/03 17:36:09 | 000,000,000 | ---D | C] -- C:\Program Files\WBFS

[2010/11/03 14:02:37 | 000,000,000 | ---D | C] -- C:\Users\Fred\AppData\Roaming\Canneverbe Limited

[2010/11/03 14:02:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Canneverbe Limited

[2010/11/02 18:57:31 | 000,000,000 | ---D | C] -- C:\Program Files\CDBurnerXP

[2010/11/02 18:42:07 | 000,000,000 | ---D | C] -- C:\Users\Fred\AppData\Local\Google

[2010/10/31 22:14:13 | 000,306,688 | ---- | C] (InstallShield Software Corporation) -- C:\Windows\IsUninst.exe

[2010/10/31 17:52:08 | 000,000,000 | ---D | C] -- C:\Users\Fred\AppData\Roaming\Ambient Design

[2010/10/31 17:49:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ambient Design

[2010/01/21 18:15:34 | 000,082,816 | ---- | C] (VSO Software) -- C:\Users\Fred\AppData\Roaming\pcouffin.sys

[2009/08/14 19:40:45 | 000,036,136 | ---- | C] (Oberon Media) -- C:\ProgramData\FullRemove.exe

[1 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]

 

========== Files - Modified Within 30 Days ==========

 

[2010/11/28 11:35:16 | 001,549,700 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI

[2010/11/28 11:35:16 | 000,704,242 | ---- | M] () -- C:\Windows\SysNative\perfh00C.dat

[2010/11/28 11:35:16 | 000,615,810 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat

[2010/11/28 11:35:16 | 000,130,548 | ---- | M] () -- C:\Windows\SysNative\perfc00C.dat

[2010/11/28 11:35:16 | 000,106,190 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat

[2010/11/28 11:28:13 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Fred\Desktop\OTL.exe

[2010/11/28 10:55:00 | 000,001,072 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1830566367-2053682417-3877278202-1000UA.job

[2010/11/28 10:42:00 | 000,001,062 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

[2010/11/28 00:18:28 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

[2010/11/28 00:18:28 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

[2010/11/28 00:11:17 | 000,001,058 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job

[2010/11/28 00:11:12 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat

[2010/11/27 18:55:04 | 000,001,020 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1830566367-2053682417-3877278202-1000Core.job

[2010/11/26 10:38:40 | 002,236,768 | ---- | M] () -- D:\Documents\AutoRuns.arn

[2010/11/23 23:25:11 | 005,052,808 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT

[2010/11/19 01:11:44 | 000,001,099 | ---- | M] () -- C:\Users\Fred\Application Data\Microsoft\Internet Explorer\Quick Launch\Oracle VM VirtualBox.lnk

[2010/11/19 00:52:15 | 000,001,908 | ---- | M] () -- C:\Windows\diagwrn.xml

[2010/11/19 00:52:15 | 000,001,908 | ---- | M] () -- C:\Windows\diagerr.xml

[2010/11/02 18:57:33 | 000,001,811 | ---- | M] () -- C:\Users\Fred\Application Data\Microsoft\Internet Explorer\Quick Launch\CDBurnerXP.lnk

[1 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]

 

========== Files Created - No Company Name ==========

 

[2010/11/26 10:38:40 | 002,236,768 | ---- | C] () -- D:\Documents\AutoRuns.arn

[2010/11/19 01:11:44 | 000,001,099 | ---- | C] () -- C:\Users\Fred\Application Data\Microsoft\Internet Explorer\Quick Launch\Oracle VM VirtualBox.lnk

[2010/11/09 16:52:19 | 000,014,051 | ---- | C] () -- C:\Windows\SysWow64\RaCoInst.dat

[2010/11/09 16:52:19 | 000,014,051 | ---- | C] () -- C:\Windows\SysNative\RaCoInst.dat

[2010/11/07 14:26:34 | 000,000,488 | ---- | C] () -- C:\Windows\SysNative\TouchTabletUserDefaults.xml

[2010/11/07 14:26:34 | 000,000,488 | ---- | C] () -- C:\Windows\SysNative\PenTabletUserDefaults.xml

[2010/11/02 18:57:33 | 000,001,811 | ---- | C] () -- C:\Users\Fred\Application Data\Microsoft\Internet Explorer\Quick Launch\CDBurnerXP.lnk

[2010/11/02 18:50:19 | 000,001,072 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1830566367-2053682417-3877278202-1000UA.job

[2010/11/02 18:50:19 | 000,001,020 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1830566367-2053682417-3877278202-1000Core.job

[2010/10/31 22:14:15 | 000,002,799 | ---- | C] () -- C:\Windows\SKLANG.INI

[2010/10/14 01:36:44 | 000,179,263 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat

[2010/05/27 00:35:26 | 000,007,633 | ---- | C] () -- C:\Users\Fred\AppData\Local\Resmon.ResmonCfg

[2010/03/24 19:28:42 | 000,010,240 | ---- | C] () -- C:\Windows\SysWow64\vidx16.dll

[2010/01/21 18:15:50 | 000,000,033 | ---- | C] () -- C:\Users\Fred\AppData\Roaming\pcouffin.log

[2010/01/21 18:15:34 | 000,099,384 | ---- | C] () -- C:\Users\Fred\AppData\Roaming\inst.exe

[2010/01/21 18:15:34 | 000,007,859 | ---- | C] () -- C:\Users\Fred\AppData\Roaming\pcouffin.cat

[2010/01/21 18:15:34 | 000,001,167 | ---- | C] () -- C:\Users\Fred\AppData\Roaming\pcouffin.inf

[2010/01/13 13:24:38 | 000,006,279 | ---- | C] () -- C:\Users\Fred\AppData\Local\MyWinLockerInstaller.txt-20100113.log

[2010/01/13 13:06:16 | 000,000,091 | ---- | C] () -- C:\ProgramData\PS.log

[2009/08/14 19:40:25 | 000,192,484 | ---- | C] () -- C:\Program Files (x86)\Common Files\Acer GameZone online.ico

[2009/07/14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll

[2009/07/13 22:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll

[2008/02/05 13:28:20 | 000,000,051 | ---- | C] () -- C:\Users\Fred\AppData\Local\setup.txt

[2007/10/10 12:18:23 | 000,008,031 | ---- | C] () -- C:\ProgramData\ArcadeDeluxe3.log

 

========== Custom Scans ==========

 

 

< %SYSTEMDRIVE%\*.* >

[2009/08/14 20:22:55 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK

[2009/08/10 08:20:50 | 000,003,682 | -H-- | M] () \F0Z1LP03.MD5 -- C:\F0Z1LP03.MD5

[2007/11/07 08:00:40 | 000,001,110 | -H-- | M] () -- C:\globdata.ini

[2007/11/07 08:03:18 | 000,562,688 | -H-- | M] (Microsoft Corporation) -- C:\install.exe

[2007/11/07 08:00:40 | 000,000,843 | -H-- | M] () -- C:\install.ini

[2007/11/07 08:03:18 | 000,076,304 | -H-- | M] (Microsoft Corporation) -- C:\install.res.1028.dll

[2007/11/07 08:03:18 | 000,096,272 | -H-- | M] (Microsoft Corporation) -- C:\install.res.1031.dll

[2007/11/07 08:03:18 | 000,091,152 | -H-- | M] (Microsoft Corporation) -- C:\install.res.1033.dll

[2007/11/07 08:03:18 | 000,097,296 | -H-- | M] (Microsoft Corporation) -- C:\install.res.1036.dll

[2007/11/07 08:03:18 | 000,095,248 | -H-- | M] (Microsoft Corporation) -- C:\install.res.1040.dll

[2007/11/07 08:03:18 | 000,081,424 | -H-- | M] (Microsoft Corporation) -- C:\install.res.1041.dll

[2007/11/07 08:03:18 | 000,079,888 | -H-- | M] (Microsoft Corporation) -- C:\install.res.1042.dll

[2007/11/07 08:03:18 | 000,075,792 | -H-- | M] (Microsoft Corporation) -- C:\install.res.2052.dll

[2007/11/07 08:03:18 | 000,096,272 | -H-- | M] (Microsoft Corporation) -- C:\install.res.3082.dll

[2009/08/10 08:14:18 | 000,000,292 | -H-- | M] () -- C:\LPCD.DAT

[2010/11/28 00:11:11 | 2145,386,495 | -HS- | M] () -- C:\pagefile.sys

[2009/08/14 19:35:58 | 000,002,035 | -H-- | M] () -- C:\RHDSetup.log

[2007/11/07 08:00:40 | 000,005,686 | -H-- | M] () -- C:\vcredist.bmp

[2007/11/07 08:09:22 | 001,442,522 | -H-- | M] () -- C:\VC_RED.cab

[2007/11/07 08:12:28 | 000,232,960 | -H-- | M] () -- C:\VC_RED.MSI

 

< %systemroot%\*. /mp /s >

 

< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >

 

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >

 

========== Alternate Data Streams ==========

 

@Alternate Data Stream - 1302 bytes -> C:\Users\Fred\AppData\Local\Temp:A4kP8TkblAgBlzHMGIRvZuvDjT

@Alternate Data Stream - 124 bytes -> C:\ProgramData\Temp:4CF61E54

@Alternate Data Stream - 1169 bytes -> C:\Users\Fred\AppData\Local\Temp:1w1e7sB6dhAL5jeTb3fZzuHY

 

< End of report >

darksidius Junior Member

darksidius

Posté(e)
  • Auteur
Posté(e)

Et le rapport Extras:

OTL Extras logfile created on: 28/11/2010 11:32:50 - Run 1

OTL by OldTimer - Version 3.2.17.3 Folder = C:\Users\Fred\Desktop

64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation

Internet Explorer (Version = 8.0.7600.16385)

Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

 

7,00 Gb Total Physical Memory | 6,00 Gb Available Physical Memory | 81,00% Memory free

13,00 Gb Paging File | 12,00 Gb Available in Paging File | 89,00% Paging File free

Paging file location(s): C:\pagefile.sys 6142 6142 [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)

Drive C: | 239,05 Gb Total Space | 172,46 Gb Free Space | 72,14% Space Free | Partition Type: NTFS

Drive D: | 122,17 Gb Total Space | 47,68 Gb Free Space | 39,03% Space Free | Partition Type: NTFS

Drive G: | 1,86 Gb Total Space | 1,82 Gb Free Space | 98,04% Space Free | Partition Type: NTFS

Drive I: | 446,77 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: UDF

Drive J: | 95,37 Gb Total Space | 13,05 Gb Free Space | 13,68% Space Free | Partition Type: NTFS

Drive L: | 97,66 Gb Total Space | 36,79 Gb Free Space | 37,67% Space Free | Partition Type: NTFS

Drive M: | 146,48 Gb Total Space | 74,24 Gb Free Space | 50,68% Space Free | Partition Type: NTFS

Drive Z: | 217,01 Gb Total Space | 18,94 Gb Free Space | 8,73% Space Free | Partition Type: NTFS

 

Computer Name: DOUDOU-PC | User Name: Fred | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

 

========== Extra Registry (SafeList) ==========

 

 

========== File Associations ==========

 

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.url[@ = InternetShortcut] -- C:\Windows\System32\ieframe.DLL (Microsoft Corporation)

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

.url [@ = InternetShortcut] -- C:\Windows\System32\ieframe.DLL (Microsoft Corporation)

 

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]

.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

 

========== Shell Spawning ==========

 

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %* File not found

cmdfile [open] -- "%1" %* File not found

comfile [open] -- "%1" %* File not found

exefile [open] -- "%1" %* File not found

helpfile [open] -- Reg Error: Key error.

inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)

InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)

InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)

piffile [open] -- "%1" %* File not found

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1" File not found

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)

scrfile [open] -- "%1" /S File not found

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found

Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()

Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()

Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [explore] -- Reg Error: Value error.

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)

exefile [open] -- "%1" %*

helpfile [open] -- Reg Error: Key error.

inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)

InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)

InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()

Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()

Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [explore] -- Reg Error: Value error.

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

 

========== Security Center Settings ==========

 

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"cval" = 1

 

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

 

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]

"AntiVirusOverride" = 0

"AntiSpywareOverride" = 0

"FirewallOverride" = 0

 

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

 

========== System Restore Settings ==========

 

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore]

 

========== Firewall Settings ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

"EnableFirewall" = 1

"DisableNotifications" = 0

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

"EnableFirewall" = 1

"DisableNotifications" = 0

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]

"EnableFirewall" = 1

"DisableNotifications" = 0

 

========== Authorized Applications List ==========

 

 

========== HKEY_LOCAL_MACHINE Uninstall List ==========

 

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant

"{1E9FC118-651D-4934-97BE-E53CAE5C7D45}" = Microsoft_VC80_MFCLOC_x86_x64

"{23170F69-40C1-2702-0465-000001000000}" = 7-Zip 4.65 (x64 edition)

"{295CFB7C-A57E-4313-93E7-68E7CE1D0332}" = Adobe WinSoft Linguistics Plugin x64

"{2D74E972-5A85-44DC-9193-8A302BA8C181}" = Photoshop Camera Raw_x64

"{3D3E663D-4E7E-4577-A560-7ECDDD45548A}" = PVSonyDll

"{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}" = Microsoft_VC80_CRT_x86_x64

"{4B5F58F7-C7D1-3CE3-9B37-B657F0852643}" = Microsoft .NET Framework 4 Client Profile FRA Language Pack

"{5EB6F3CB-46F4-451F-A028-7F6D8D35D7D0}" = Windows Live Language Selector

"{6631325A-9B1B-4EE7-8E64-8CC4A6F10643}" = Adobe Fonts All x64

"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP

"{8557397C-A42D-486F-97B3-A2CBC2372593}" = Microsoft_VC90_ATL_x86_x64

"{8875A1C0-6308-4790-8CF6-D34E89880052}" = Adobe Linguistics CS4 x64

"{887797BF-37A5-4199-B0C9-0D38D6196E9A}" = Adobe Anchor Service x64 CS4

"{8C8D673B-20FB-43E6-BCB7-9B3F78F2E762}" = Adobe Type Support x64 CS4

"{8DAA31EB-6830-4006-A99F-4DF8AB24714F}" = Adobe CSI CS4 x64

"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007

"{90120000-002A-040C-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (French) 2007

"{90BA8112-80B3-4617-A3C1-BD2771B60F74}" = Adobe CMaps x64 CS4

"{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}" = Microsoft_VC90_CRT_x86_x64

"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting

"{95C9C76F-ECF3-40FA-94F8-5DDFB6BAF40D}" = Microsoft Security Essentials

"{9EA21438-935A-48F9-88D4-A0341406E12A}" = Ma-Config.com (64 bits)

"{A3454894-144A-4D80-B605-C128FE0D7329}" = Adobe Drive CS4 x64

"{A4526B5A-89C0-4F4B-9E6E-4F883374D5F9}" = Microsoft Antimalware Service FR-FR Language Pack

"{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}" = Microsoft_VC90_MFC_x86_x64

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA Pilote 3D Vision 260.89

"{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Panneau de configuration NVIDIA 260.89

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Pilote graphique 260.89

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Logiciel système PhysX 9.10.0514

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA Pilote audio HD : 1.1.9.0

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application

"{BCCC97EE-E162-448C-8847-59718FF29B04}" = Intel® Network Connections 15.6.25.0

"{BD475B03-FA15-4F3D-90EB-78EA3C2CFDFB}_is1" = GIGATweaker

"{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}" = Microsoft_VC80_MFC_x86_x64

"{D40172D6-CE2D-4B72-BF5F-26A04A900B7B}" = Adobe Photoshop CS4 (64 Bit)

"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter

"{DFFABE78-8173-4E97-9C5C-22FB26192FC5}" = Adobe PDF Library Files x64 CS4

"{E62A1F01-07B7-4541-A835-EE5B0BF064C2}" = Microsoft Antimalware

"{EAFC065C-0576-4DE9-8FDB-4D943367506E}" = Oracle VM VirtualBox 3.2.10

"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile

"CCleaner" = CCleaner

"Defraggler" = Defraggler

"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile

"Microsoft .NET Framework 4 Client Profile FRA Language Pack" = Module linguistique Microsoft .NET Framework 4 Client Profile FRA

"Microsoft Security Essentials" = Microsoft Security Essentials

"NVIDIA Drivers" = NVIDIA Drivers

"Pen Tablet Driver" = Bamboo

"PROSetDX" = Intel® Network Connections 15.6.25.0

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{00ADFB20-AE75-46F4-AD2C-F48B15AC3100}" = Adobe Color NA Recommended Settings CS4

"{024521CF-C07E-4F8E-8481-0D75695E03AF}" = PxMergeModule

"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86

"{05308C4E-7285-4066-BAE3-6B50DA6ED755}" = Adobe Update Manager CS4

"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86

"{098727E1-775A-4450-B573-3F441F1CA243}" = kuler

"{09F56A49-A7B1-4AAB-95B9-D13094254AD1}" = Windows Live UX Platform Language Pack

"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer

"{0D6013AB-A0C7-41DC-973C-E93129C9A29F}" = Adobe Color JA Extra Settings CS4

"{0D67A4E4-5BE0-4C9A-8AD8-AB552B433F23}" = Adobe Setup

"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86

"{0F723FC1-7606-4867-866C-CE80AD292DAF}" = Adobe CSI CS4

"{1618734A-3957-4ADD-8199-F973763109A8}" = Adobe Anchor Service CS4

"{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}" = AdobeColorCommonSetRGB

"{1CAC7A41-583B-4483-9FA5-3E5465AFF8C2}" = Microsoft Default Manager

"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update

"{1FDA5A37-B22D-43FF-B582-B8964050DC13}" = Microsoft Games for Windows - LIVE Redistributable

"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions

"{2075CB0A-D26F-4DAA-B424-5079296B43BA}" = Windows Live FolderShare

"{26A24AE4-039D-4CA4-87B4-2F83216018FF}" = Java 6 Update 18

"{2857dbef-0b50-361c-8690-7d505747009f}" = Webshots Desktop

"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery

"{34319F1F-7CF2-4CC9-B357-1AE7D2FF3AC5}" = Windows Live

"{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}" = PDF Settings CS4

"{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}" = Adobe XMP Panels CS4

"{3B9A92DA-6374-4872-B646-253F18624D5F}" = Windows Live Writer

"{3D2C9DE6-9ADE-4252-A241-E43723B0CE02}" = Adobe Color - Photoshop Specific CS4

"{3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF}" = Adobe WinSoft Linguistics Plugin

"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel® Rapid Storage Technology

"{488F0347-C4A7-4374-91A7-30818BEDA710}" = Galerie de photos Windows Live

"{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}" = Adobe Service Manager Extension

"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater

"{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}" = Windows Live PIMT Platform

"{5570C7F0-43D0-4916-8A9E-AEDD52FA86F4}" = Adobe Color EU Extra Settings CS4

"{5D26BF7B-BEF6-477D-8FC1-0C1C159B6364}_is1" = Quicksys RegDefrag 2.9

"{6057E21C-ABE9-4059-AE3E-3BEB9925E660}" = Windows Live Messenger

"{62687B11-58B5-4A18-9BC3-9DF4CE03F194}" = Windows Live Writer Resources

"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86

"{63C24A08-70F3-4C8E-B9FB-9F21A903801D}" = Adobe Color Video Profiles CS CS4

"{63E5CDBF-8214-4F03-84F8-CD3CE48639AD}" = Adobe Photoshop CS4 Support

"{65A92AAA-3D05-4C94-9F70-731C05E60C16}" = NVIDIA System Update

"{68243FF8-83CA-466B-B2B8-9F99DA5479C4}" = AdobeColorCommonSetCMYK

"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE

"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin

"{6DEC8BD5-7574-47FA-B080-492BBBE2FEA3}" = Windows Live Movie Maker

"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable

"{75ADEFA2-D4FF-4B37-9E93-4306E6AC176B}_is1" = ImgBurn 2.3.2.0 Fr

"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

"{7B0A8F0E-3672-4DA5-9540-A8D0171C38D8}" = TuneUp Utilities Language Pack (fr-FR)

"{7C7F30F4-94E7-4AA8-8941-90C4A80C68BF}" = NVIDIA Performance

"{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}" = Adobe Type Support CS4

"{83877DB1-8B77-45BC-AB43-2BAC22E093E0}" = Adobe Bridge CS4

"{842B4B72-9E8F-4962-B3C1-1C422A5C4434}" = Suite Shared Configuration CS4

"{86A4C6D9-29EE-4719-AFA1-BA3341862B83}" = Microsoft Games for Windows - LIVE

"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight

"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT

"{8FC4F1DD-F7FD-4766-804D-3C8FF1D309B0}" = Ralink RT2860 Wireless LAN Card

"{90120000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2007

"{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)

"{90120000-0015-040C-0000-0000000FF1CE}" = Microsoft Office Access MUI (French) 2007

"{90120000-0015-040C-0000-0000000FF1CE}_OMUI.fr-fr_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0015-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0016-040C-0000-0000000FF1CE}" = Microsoft Office Excel MUI (French) 2007

"{90120000-0016-040C-0000-0000000FF1CE}_OMUI.fr-fr_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0016-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0017-040C-0000-0000000FF1CE}" = Microsoft Office SharePoint Designer MUI (French) 2007

"{90120000-0017-040C-0000-0000000FF1CE}_OMUI.fr-fr_{CCDA3DD6-E33D-4D75-B7C9-FF585580CE83}" = Microsoft Office SharePoint Designer 2007 Service Pack 2 (SP2)

"{90120000-0018-040C-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (French) 2007

"{90120000-0018-040C-0000-0000000FF1CE}_OMUI.fr-fr_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0018-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0019-040C-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (French) 2007

"{90120000-0019-040C-0000-0000000FF1CE}_OMUI.fr-fr_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0019-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-001A-040C-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (French) 2007

"{90120000-001A-040C-0000-0000000FF1CE}_OMUI.fr-fr_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-001A-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-001B-040C-0000-0000000FF1CE}" = Microsoft Office Word MUI (French) 2007

"{90120000-001B-040C-0000-0000000FF1CE}_OMUI.fr-fr_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-001B-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-001F-0401-0000-0000000FF1CE}" = Microsoft Office Proof (Arabic) 2007

"{90120000-001F-0401-0000-0000000FF1CE}_OMUI.fr-fr_{14809F99-C601-4D4A-9391-F1E8FAA964C5}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

"{90120000-001F-0401-0000-0000000FF1CE}_PROPLUS_{14809F99-C601-4D4A-9391-F1E8FAA964C5}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007

"{90120000-001F-0407-0000-0000000FF1CE}_OMUI.fr-fr_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

"{90120000-001F-0407-0000-0000000FF1CE}_PROPLUS_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007

"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)

"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007

"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)

"{90120000-001F-0413-0000-0000000FF1CE}" = Microsoft Office Proof (Dutch) 2007

"{90120000-001F-0413-0000-0000000FF1CE}_OMUI.fr-fr_{D66D5A44-E480-4BA4-B4F2-C554F6B30EBB}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

"{90120000-001F-0413-0000-0000000FF1CE}_PROPLUS_{D66D5A44-E480-4BA4-B4F2-C554F6B30EBB}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007

"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)

"{90120000-0020-040C-0000-0000000FF1CE}" = Module de compatibilité pour Microsoft Office System 2007

"{90120000-002A-0000-1000-0000000FF1CE}_PROPLUS_{E64BA721-2310-4B55-BE5A-2925F9706192}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-002A-040C-1000-0000000FF1CE}_OMUI.fr-fr_{B165D3C2-40AE-4D39-86F7-E5C87C4264C0}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-002A-040C-1000-0000000FF1CE}_PROPLUS_{B165D3C2-40AE-4D39-86F7-E5C87C4264C0}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-002C-040C-0000-0000000FF1CE}" = Microsoft Office Proofing (French) 2007

"{90120000-0044-040C-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (French) 2007

"{90120000-0044-040C-0000-0000000FF1CE}_OMUI.fr-fr_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0044-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-006E-040C-0000-0000000FF1CE}" = Microsoft Office Shared MUI (French) 2007

"{90120000-006E-040C-0000-0000000FF1CE}_OMUI.fr-fr_{B165D3C2-40AE-4D39-86F7-E5C87C4264C0}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-006E-040C-0000-0000000FF1CE}_PROPLUS_{B165D3C2-40AE-4D39-86F7-E5C87C4264C0}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-00A1-040C-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (French) 2007

"{90120000-00A1-040C-0000-0000000FF1CE}_OMUI.fr-fr_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-00BA-040C-0000-0000000FF1CE}" = Microsoft Office Groove MUI (French) 2007

"{90120000-00BA-040C-0000-0000000FF1CE}_OMUI.fr-fr_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0100-040C-0000-0000000FF1CE}" = Microsoft Office O MUI (French) 2007

"{90120000-0100-040C-0000-0000000FF1CE}_OMUI.fr-fr_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0101-040C-0000-0000000FF1CE}" = Microsoft Office X MUI (French) 2007

"{90120000-0101-040C-0000-0000000FF1CE}_OMUI.fr-fr_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86

"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker

"{931AB7EA-3656-4BB7-864D-022B09E3DD67}" = Adobe Linguistics CS4

"{94D398EB-D2FD-4FD1-B8C4-592635E8A191}" = Adobe CMaps CS4

"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader

"{96F9B265-1367-4E1A-B8B9-F8530EF3AA62}" = Add or Remove Adobe Premiere Pro CS5

"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail

"{9FAE6E8D-E686-49F5-A574-0A58DFD9580C}" = Windows Live Mail

"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable

"{A68F4E2D-3488-47B9-B517-A07F602A9E53}" = ArtRage 2

"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer

"{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress

"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper

"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common

"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer

"{B29AD377-CC12-490A-A480-1452337C618D}" = Connect

"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy

"{B65BA85C-0A27-4BC0-A22D-A66F0E5B9494}" = Adobe Photoshop CS4

"{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}" = NVIDIA PhysX

"{BB4E33EC-8181-4685-96F7-8554293DEC6A}" = Adobe Output Module

"{C2F8CA82-2BD9-4513-B2D1-08A47914C1DA}_is1" = Uniblue DriverScanner

"{C52E3EC1-048C-45E1-8D53-10B0C6509683}" = Adobe Default Language CS4

"{C893D8C0-1BA0-4517-B11C-E89B65E72F70}" = Windows Live Photo Common

"{CC75AB5C-2110-4A7F-AF52-708680D22FE8}" = Photoshop Camera Raw

"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform

"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64

"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86

"{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}" = TuneUp Utilities

"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform

"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86

"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10

"{E4848436-0345-47E2-B648-8B522FCDA623}" = Adobe Photoshop CS4

"{E9CFBE78-ED91-4FCF-9E6F-210E477E527D}" = NVIDIA System Monitor

"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger

"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]

"{F0E64E2E-3A60-40D8-A55D-92F6831875DA}" = Adobe Search for Help

"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5

"{F51FF206-2273-4B3E-A90A-4752AE288C12}" = FUEL

"{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}" = Adobe ExtendScript Toolkit CS4

"{F93C84A6-0DC6-42AF-89FA-776F7C377353}" = Adobe PDF Library Files CS4

"{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}" = Adobe Fonts All

"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022

"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX

"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin

"Adobe Shockwave Player" = Adobe Shockwave Player 11.5

"Adobe_faf656ef605427ee2f42989c3ad31b8" = Adobe Photoshop CS4

"Audacity_is1" = Audacity 1.2.6

"AVS Audio Converter 6.1_is1" = AVS Audio Converter version 6.1

"AVS4YOU Video Converter 6_is1" = AVS Video Converter 6

"Bus Driver" = Bus Driver 1.0

"De_Blob_EN" = De Blob (alleen verwijderen)

"Driver Genius Professional Edition_is1" = Driver Genius Professional Edition

"DVD Shrink_is1" = DVD Shrink 3.2

"EVEREST Ultimate Edition_is1" = EVEREST Ultimate Edition v5.50

"Foxit Reader" = Foxit Reader

"InstallShield_{65A92AAA-3D05-4C94-9F70-731C05E60C16}" = NVIDIA System Update

"InstallShield_{7C7F30F4-94E7-4AA8-8941-90C4A80C68BF}" = NVIDIA Performance

"InstallShield_{E9CFBE78-ED91-4FCF-9E6F-210E477E527D}" = NVIDIA System Monitor

"jv16 PowerTools_is1" = jv16 PowerTools 1.3

"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware

"MediaCoder x64" = MediaCoder x64 0.7.5.4740

"Mozilla Firefox (3.6.12)" = Mozilla Firefox (3.6.12)

"Mp3tag" = Mp3tag v2.46a

"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver

"OMUI.fr-fr" = Microsoft Office Language Pack 2007 - French/Français

"PROPLUS" = Microsoft Office Professional Plus 2007

"Revo Uninstaller" = Revo Uninstaller 1.90

"TellmeMoreV50" = TeLL me More CJ

"TuneUp Utilities" = TuneUp Utilities

"Tux Paint Stamps_is1" = Tux Paint Stamps 2009-06-28

"Tux Paint_is1" = Tux Paint 0.9.21

"VLC media player" = VLC media player 1.1.4

"Wacom WebTabletPlugin for IE" = WebTablet IE Plugin

"Wacom WebTabletPlugin for Netscape" = WebTablet Netscape Plugin

"WinLiveSuite" = Windows Live

 

========== HKEY_CURRENT_USER Uninstall List ==========

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"Google Chrome" = Google Chrome

"PhotoFiltre" = PhotoFiltre

"uTorrent" = µTorrent

 

========== Last 10 Event Log Errors ==========

 

Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!

 

< End of report >

 

Du chinois pour moi...

Merci.

lance_yien Full Patch Member

lance_yien

Posté(e)
Posté(e)

Bonjour,

 

- Il en faut des gens qui bossent pour la retraite :)

- Certaines couleurs et autres formats de texte (italique, etc...) sont difficiles à lire. Merci de coller les rapports et les laisser comme ils sont.

--

 

>>> Analyse de fichier(s):

  • Copier la ligne suivante et aller sur le site Jotti.
     
    C:\SystemFiles\Audio32.exe
     
  • Cliquer sur Parcourir.... jotti.jpg
  • Dans la nouvelle fenêtre, cliquer-droit dans "Nom du fichier" => "Coller" puis cliquer sur "Ouvrir". parcourir.jpg
  • Cliquer sur Envoyer et laisser faire l'analyse.
  • A la fin cliquer-droit sur le bouton Votre lien permanent... => "Copier l'adresse du lien".
    jotti2.png


    Ouvrir le bloc-note et cliquer-droit => "Coller".

Si Jotti est surchargé, aller sur Virustotal.

 

 

>>> Lancer OTL et copier la liste suivante (commençant par :OTL) et la coller dans l'espace sous "Personnalisation".

 

:OTL

SRV:64bit: - [2010/09/21 13:33:10 | 005,788,016 | ---- | M] (Wacom Technology, Corp.) [Auto | Running] -- C:\Program Files\Tablet\Pen\Pen_Tablet.exe -- (TabletServicePen)

SRV:64bit: - [2010/09/21 13:33:10 | 000,484,720 | ---- | M] (Wacom Technology, Corp.) [Auto | Running] -- C:\Program Files\Tablet\Pen\Pen_TouchService.exe -- (TouchServicePen)

DRV:64bit: - [2010/09/15 10:13:46 | 000,018,288 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\wacmoumonitor.sys -- (wacmoumonitor)

DRV:64bit: - [2010/09/15 10:02:58 | 000,016,168 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\wacomvhid.sys -- (wacomvhid)

O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.

O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1

O9 - Extra Button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - Reg Error: Value error. File not found

O9 - Extra 'Tools' menuitem : &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - Reg Error: Value error. File not found

O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset...lineScanner.cab (Reg Error: Key error.)

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_18)

O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_18)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_18)

O33 - MountPoints2\{9f172490-0440-11df-8694-00262d1354cf}\Shell - "" = AutoRun

O33 - MountPoints2\{9f172490-0440-11df-8694-00262d1354cf}\Shell\AutoRun\command - "" = K:\WD SmartWare.exe -- File not found

O33 - MountPoints2\{c603d03f-f400-11df-802b-00262d1354cf}\Shell - "" = AutoRun

O33 - MountPoints2\{c603d03f-f400-11df-802b-00262d1354cf}\Shell\AutoRun\command - "" = I:\WD SmartWare.exe -- [2009/08/17 18:53:00 | 002,770,432 | ---- | M] (Western Digital)

[2010/11/16 01:35:02 | 000,749,936 | ---- | C] (Wacom Technology, Corp.) -- C:\Windows\SysNative\Pen_Touch_Tablet.dll

[2010/11/16 01:35:02 | 000,642,928 | ---- | C] (Wacom Technology, Corp.) -- C:\Windows\SysWow64\Pen_Touch_Tablet.dll

[2010/11/16 01:34:56 | 000,018,288 | ---- | C] (Wacom Technology) -- C:\Windows\SysNative\drivers\wacmoumonitor.sys

[2010/11/16 01:34:22 | 000,000,000 | ---D | C] -- C:\Program Files\Tablet

[2010/11/07 14:27:46 | 000,290,088 | ---- | C] (Wacom Technology, Corp.) -- C:\Windows\SysNative\Touch_Tablet.dll

[2010/11/07 14:27:46 | 000,000,000 | ---D | C] -- C:\Users\Fred\AppData\Roaming\WTouch

[2010/11/07 14:27:41 | 000,000,000 | ---D | C] -- C:\Program Files\WTouch

[2010/11/07 14:27:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TabletPlugins

[2010/11/07 14:27:05 | 000,012,848 | ---- | C] (Wacom Technology) -- C:\Windows\SysNative\drivers\wacommousefilter.sys

[2010/11/07 14:26:54 | 000,016,168 | ---- | C] (Wacom Technology) -- C:\Windows\SysNative\drivers\wacomvhid.sys

[2010/11/07 14:26:50 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\WTablet

[2010/11/07 14:26:47 | 000,506,736 | ---- | C] (Wacom Technology, Corp.) -- C:\Windows\SysWow64\Wintab32.dll

[2010/11/07 14:26:46 | 000,756,592 | ---- | C] (Wacom Technology, Corp.) -- C:\Windows\SysNative\Pen_Tablet.dll

[2010/11/07 14:26:46 | 000,650,096 | ---- | C] (Wacom Technology, Corp.) -- C:\Windows\SysWow64\Pen_Tablet.dll

[2010/11/07 14:26:45 | 005,556,520 | ---- | C] (Wacom Technology, Corp.) -- C:\Windows\SysNative\Pen_Tablet.exe

[2010/11/07 14:26:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Tablet

[2010/11/05 14:14:16 | 000,245,032 | ---- | C] (Wacom Technology, Corp.) -- C:\Windows\SysWow64\Touch_Tablet.dll

[2010/11/07 14:26:34 | 000,000,488 | ---- | C] () -- C:\Windows\SysNative\TouchTabletUserDefaults.xml

[2010/11/07 14:26:34 | 000,000,488 | ---- | C] () -- C:\Windows\SysNative\PenTabletUserDefaults.xml

@Alternate Data Stream - 1302 bytes -> C:\Users\Fred\AppData\Local\Temp:A4kP8TkblAgBlzHMGIRvZuvDjT

@Alternate Data Stream - 124 bytes -> C:\ProgramData\Temp:4CF61E54

@Alternate Data Stream - 1169 bytes -> C:\Users\Fred\AppData\Local\Temp:1w1e7sB6dhAL5jeTb3fZzuHY

 

:Files

C:\Windows\tasks\*.job

 

:Services

 

:Reg

 

:Commands

[EMPTYTEMP]

[RESETHOSTS]

[REBOOT]

Cliquer sur le bouton rouge Correction et laisser faire.

Si un ou plusieurs fichiers ne peuvent pas être supprimés normalement, le programme vous demandera de redémarrer la machine pour finir le processus, cliquer sur Oui.

A la fin un rapport s'ouvre dans le bloc-note. Copier tout son contenu et le coller dans une nouvelle réponse du forum. Fermer le rapport et OTL.

 

Rapports demandés:

  • Le lien permanent
  • OTL

Ton verdict? :)

darksidius Junior Member

darksidius

Posté(e)
  • Auteur
Posté(e)

Oups... désolé pour la police et les couleurs, je pensais rendre le tout plus visible... raté :outch:

 

Voici le lien permanent:

 

Audio32.exe - Le scanner antivirus de Jotti

 

et le rapport OTL:

 

All processes killed

========== OTL ==========

Service TabletServicePen stopped successfully!

Service TabletServicePen deleted successfully!

C:\Program Files\Tablet\Pen\Pen_Tablet.exe moved successfully.

Service TouchServicePen stopped successfully!

Service TouchServicePen deleted successfully!

C:\Program Files\Tablet\Pen\Pen_TouchService.exe moved successfully.

Error: Unable to stop service wacmoumonitor!

Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wacmoumonitor deleted successfully.

C:\Windows\SysNative\drivers\wacmoumonitor.sys moved successfully.

Error: Unable to stop service wacomvhid!

Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wacomvhid deleted successfully.

C:\Windows\SysNative\drivers\wacomvhid.sys moved successfully.

64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.

Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.

Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktop deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{2670000A-7350-4f3c-8081-5663EE0C6C49}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2670000A-7350-4f3c-8081-5663EE0C6C49}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{2670000A-7350-4f3c-8081-5663EE0C6C49}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2670000A-7350-4f3c-8081-5663EE0C6C49}\ not found.

Starting removal of ActiveX control {7530BFB8-7293-4D34-9923-61A11451AFC5}

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{7530BFB8-7293-4D34-9923-61A11451AFC5}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7530BFB8-7293-4D34-9923-61A11451AFC5}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7530BFB8-7293-4D34-9923-61A11451AFC5}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7530BFB8-7293-4D34-9923-61A11451AFC5}\ not found.

Starting removal of ActiveX control {8AD9C840-044E-11D1-B3E9-00805F499D93}

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.

Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.

Starting removal of ActiveX control {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}\ deleted successfully.

Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}\ not found.

Starting removal of ActiveX control {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9f172490-0440-11df-8694-00262d1354cf}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9f172490-0440-11df-8694-00262d1354cf}\ not found.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9f172490-0440-11df-8694-00262d1354cf}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9f172490-0440-11df-8694-00262d1354cf}\ not found.

File K:\WD SmartWare.exe not found.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c603d03f-f400-11df-802b-00262d1354cf}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{c603d03f-f400-11df-802b-00262d1354cf}\ not found.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c603d03f-f400-11df-802b-00262d1354cf}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{c603d03f-f400-11df-802b-00262d1354cf}\ not found.

File I:\WD SmartWare.exe not found.

C:\Windows\SysNative\Pen_Touch_Tablet.dll moved successfully.

C:\Windows\SysWOW64\Pen_Touch_Tablet.dll moved successfully.

File C:\Windows\SysNative\drivers\wacmoumonitor.sys not found.

C:\Program Files\Tablet\Pen\Video folder moved successfully.

C:\Program Files\Tablet\Pen\32 folder moved successfully.

C:\Program Files\Tablet\Pen folder moved successfully.

C:\Program Files\Tablet folder moved successfully.

C:\Windows\SysNative\Touch_Tablet.dll moved successfully.

C:\Users\Fred\AppData\Roaming\WTouch folder moved successfully.

C:\Program Files\WTouch folder moved successfully.

C:\Program Files (x86)\TabletPlugins folder moved successfully.

C:\Windows\SysNative\drivers\wacommousefilter.sys moved successfully.

File C:\Windows\SysNative\drivers\wacomvhid.sys not found.

C:\Windows\SysNative\WTablet folder moved successfully.

C:\Windows\SysWOW64\Wintab32.dll moved successfully.

C:\Windows\SysNative\Pen_Tablet.dll moved successfully.

C:\Windows\SysWOW64\Pen_Tablet.dll moved successfully.

C:\Windows\SysNative\Pen_Tablet.exe moved successfully.

C:\Program Files (x86)\Tablet\Pen\Video folder moved successfully.

C:\Program Files (x86)\Tablet\Pen\Tutorial\Xtras folder moved successfully.

C:\Program Files (x86)\Tablet\Pen\Tutorial\Resources\French folder moved successfully.

C:\Program Files (x86)\Tablet\Pen\Tutorial\Resources folder moved successfully.

C:\Program Files (x86)\Tablet\Pen\Tutorial folder moved successfully.

C:\Program Files (x86)\Tablet\Pen folder moved successfully.

C:\Program Files (x86)\Tablet folder moved successfully.

C:\Windows\SysWOW64\Touch_Tablet.dll moved successfully.

C:\Windows\SysNative\TouchTabletUserDefaults.xml moved successfully.

C:\Windows\SysNative\PenTabletUserDefaults.xml moved successfully.

ADS C:\Users\Fred\AppData\Local\Temp:A4kP8TkblAgBlzHMGIRvZuvDjT deleted successfully.

ADS C:\ProgramData\Temp:4CF61E54 deleted successfully.

ADS C:\Users\Fred\AppData\Local\Temp:1w1e7sB6dhAL5jeTb3fZzuHY deleted successfully.

========== FILES ==========

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job moved successfully.

C:\Windows\tasks\GoogleUpdateTaskMachineUA.job moved successfully.

C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1830566367-2053682417-3877278202-1000Core.job moved successfully.

C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1830566367-2053682417-3877278202-1000UA.job moved successfully.

========== SERVICES/DRIVERS ==========

========== REGISTRY ==========

========== COMMANDS ==========

 

[EMPTYTEMP]

 

User: All Users

 

User: Default

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 33184 bytes

->Flash cache emptied: 0 bytes

 

User: Default User

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 0 bytes

->Flash cache emptied: 0 bytes

 

User: Fred

->Temp folder emptied: 592273006 bytes

->Temporary Internet Files folder emptied: 6521425 bytes

->Java cache emptied: 0 bytes

->FireFox cache emptied: 135934193 bytes

->Flash cache emptied: 1986 bytes

 

User: Public

 

%systemdrive% .tmp files removed: 0 bytes

%systemroot% .tmp files removed: 0 bytes

%systemroot%\System32 .tmp files removed: 0 bytes

%systemroot%\System32 (64bit) .tmp files removed: 7002216 bytes

%systemroot%\System32\drivers .tmp files removed: 0 bytes

Windows Temp folder emptied: 92194 bytes

%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 50339 bytes

RecycleBin emptied: 0 bytes

 

Total Files Cleaned = 708,00 mb

 

C:\Windows\System32\drivers\etc\Hosts moved successfully.

HOSTS file reset successfully

 

OTL by OldTimer - Version 3.2.17.3 log created on 11282010_170016

 

Files\Folders moved on Reboot...

C:\Users\Fred\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.

 

Registry entries deleted on Reboot...

 

 

 

Mais malheureusement, mon curseur continue à valser tout seul... :cry:

 

Désolé...

lance_yien Full Patch Member

lance_yien

Posté(e)
Posté(e)

Bonjour,

 

Salut.

Je ne crois pas avoir de drivers spécifiques à cette souris (Acer).

Les drivers utilisés sont i8042prt.sys et mouclass.sys.

 

Impossible de les mettre à jour via windows ( ceux sont les plus récents pour eux).

Je crains un peu de les télécharger sur internet (si je les trouve...) et de les remplacer dans system32... Je voudrais pas que tout se mette à bugger... :outch:

 

Ils n'apparaissent pas dans tes rapports, tu es sûr de les avoir encore dans ta machine?

Regarde aussi dans le gestionnaire de périphériques si tu n'as pas un ! dans un cercle jaune.

darksidius Junior Member

darksidius

Posté(e)
  • Auteur
Posté(e) (modifié)

Bonjour,

En effet, j'avais le triangle jaune et le "!" pour un périphérique nommé "Wacom Tablet Manager"(ou un truc comme ça)...Ce n'était pourtant pas le cas auparavant... J'y comprends rien...

 

Enfin bref, ça me racontait que le périphérique ne pouvait pas démarrer suite à une clé registre manquante ou corrompue... :mhh:

J'ai remis le CD wacom, tenté une réinstallation des drivers et comme ça n'a rien changé, j'ai tout désinstallé avec "Revo uninstaller" en choississant bien l'option de désinstallation approfondie, puis j'ai redémarré le PC, le curseur n'a plus bougé pendant un bon quart d'heure avant de se remettre à danser la Java... :cry:

 

Au moins, j'ai mon périphérique souris bien installé avec mouclass.sys et mouhid.sys... (par contre plus de i8042prt.sys :-? même s'il est toujours présent dans C:\Windows\System32\drivers). Et logiquement, il ne devrait plus rien rester de "Wacom"...

 

Mais bon, ça change pas grand chose... :cry:

Modifié par darksidius
lance_yien Full Patch Member

lance_yien

Posté(e)
Posté(e)

Vu qu'il n'y a pas/plus de problème côté infection, je te propose de voir dans le forum Hardware. Ils sauront te guider au mieux pour le reste.

--

 

Pour en finir ici:

 

>>> Supprimer les utilitaires:

- Lancer OTL et cliquer sur Purge outils. Laisser faire et redémarrer le PC.

- Pour supprimer les autres utilitaires et leur rapports, cliquer-droit dessus => "Supprimer".

 

 

>>> Très important. Toute ancienne version d'un programme quel qu'il soit peut comporter des vulnérabilités susceptibles d'être exploitées pour infecter un PC et notre meilleur moyen pour limiter les dégâts c'est la mise à jour régulièrement:

Ta version de Java n'est pas à jour: Utiliser, IMPÉRATIVEMENT, Internet Explorer pour téléchargez (sur le Bureau) la dernière version qui correspond à votre Système d'exploitation (32 ou 64 bits): Téléchargements Java pour tous les systèmes d'exploitation.

 

java.png

 

Avant l'installation il est important de commencer par supprimer TOUTES les anciennes versions dans votre machine parce qu'elles peuvent contenir des vulnérabilités de sécurité:

Cliquer sur "Démarrer" => "Panneau de Configuration" => "Ajout/ Suppr des Programmes".

Chercher, dans la liste les lignes concernant Java (J2SE Runtime Environment.... ) et repérables avec cette icône java01.jpg.

Sélectionner une ligne à la fois et cliquer sur Modifier/ Supprimer.

Quand il n'y en a plus fermez tout et installez la nouvelle version en cliquant sur le fichier que vous avez téléchargé.

 

 

>>> Ré-initialiser les Points de Restauration:

Clic-droit sur "Ordinateur" => "Propriétés" => "Protection Système". Cliquer sur le nom de la partition système (généralement C:) puis sur "Configurer" => "Supprimer" => "Continuer" (pour confirmer).

Cliquer sur "Fermer" puis "OK" => "OK" et attendre un moment.

 

Retourner dans "Protection système" et cliquer sur la partition => "Configurer" et sélectionner "Restaurer les paramètres système et les versions précédentes des fichiers"

Cliquer sur "OK" => "OK" et fermer la fenêtre.

Un nouveau point de restauration sera créé.

 

 

>>> Protéger/ Sécuriser:

  • Vérifier les mises à jour Windows:
    - Cliquer ICI et installer toutes les Mises à jour critiques après avoir accepté l'installation de l'activex (si proposé).
    - OU, cliquer sur "Démarrer" => "Tous les programmes" => "Windows update".
    - ET, optez (si ce n'est pas encore fait) pour une MAJ Automatique à une heure où vous êtes sûr que votre PC n'est pas éteint.
     

    majwin7.png


     

  • Installer PSI de Secunia pour des MAJ logiciels
  • Installer Update Checker pour des MAJ pilotes
  • Utiliser PC Pitstop pour Optimiser votre PC (en anglais)
  • Sauvegarder:
    - Le MBR avec MBR Backup
    - Le Registre avec Erunt
    Pour des raisons évidentes, garder les copies de sauvegarde sur un support autre que le disque système.
  • Nettoyer et dé-fragmenter, régulièrement, les Partitions/ Disques.

 

>>> Ce qu'il faut ÉVITER ABSOLUMENT: Parce qu'il existe toujours un programme/logiciel gratuit et légal pour pratiquement tout ce qu'on veut, supprimer de votre machine et rester à l'écart de tout ce qui est,

  • Warez , Crack , keygen etc: Arrêter de croire que ces programmes sont là juste pour faire plaisir ou rendre service. Il n'y a qu'à parcourir les Forums pour voir le nombre de PC victimes de ces programmes.
  • P2P , *.Torrent etc: Lire attentivement Le danger des P2P.

 

Bonne chance!

DJeff Junior Member

DJeff

Posté(e)
Posté(e)

Bonjour,

 

Suite à l'installation de la tablet PC Bamboo Pen and Touch, le curseur de ma souris saute d'un endroit à l'autre de temps en temps et clique (gauche évidemment :evil: ...)tout seul.

Suite à ce problème, j'ai décidé de désinstaller le programme en question sans aucune amélioration de ce problème.

Je me suis demandé si ce n'était pas la souris optique qui était défectueuse, je l'ai donc débranchée et à ma grande surprise, le curseur bouge et clique quand même.

 

Je n'ai malheureusement pas de point de restauration antérieur à l'apparition du problème, et j'avoue que je ne sais plus quoi faire...

 

Si quelqu'un a une idée, je suis preneur...

 

Merci d'avance.

 

J'ai eu un problème identique, mais c'était un double click gauche... J'ai vu aussi que dans tes process tu avais audio32.exe. Moi aussi et quend je l'ai arrêté, tout est rentré dans l'ordre. Quand je l'ai relancé, le problème est réapparu. Donc je l'ai viré pour qu'il ne redémarre pas. Je ne sais pas à quoi sert audio32.exe, mais ce problème semble être à peu près tout ce qu'il produit comme résultat.J'ajoute que j'ai essayé avant tous les "antichoses" disponibles sans aucun succès.

 

Essaie, ça ne coûte pas cher.

darksidius Junior Member

darksidius

Posté(e)
  • Auteur
Posté(e)

Bonjour,

 

Je voudrais adresser un grand merci à Lance_yien pour tout ce qu'il m'a appris sur la sécurité et aussi pour s'être donné tant de mal à m'aider. Pout tout, merci encore !!! :super:

 

Enfin, un grand merci à Djeff pour son tuyau, ça marche !!!! plus de curseur qui saute et qui danse la polka tout seul... C'est fantastique !! :love:

 

Tout venait bien de ce processus audio32.exe.

Pourquoi? Mystère...(Lance_yien pourrait surement nous en dire plus...) mais j'ai désactivé son démarrage et depuis plus de problème...

 

Donc, encore merci à vous 2, et je vous souhaite de bonnes fêtes.

Cordialement.

Rejoindre la conversation

Vous pouvez publier maintenant et vous inscrire plus tard. Si vous avez un compte, connectez-vous maintenant pour publier avec votre compte.
Remarque : votre message nécessitera l’approbation d’un modérateur avant de pouvoir être visible.

Invité
Répondre à ce sujet…

×   Collé en tant que texte enrichi.   Coller en tant que texte brut à la place

  Seulement 75 émoticônes maximum sont autorisées.

×   Votre lien a été automatiquement intégré.   Afficher plutôt comme un lien

×   Votre contenu précédent a été rétabli.   Vider l’éditeur

×   Vous ne pouvez pas directement coller des images. Envoyez-les depuis votre ordinateur ou insérez-les depuis une URL.

×
 Partager
Aller sur la liste des sujets

  • En ligne récemment   0 membre est en ligne

    • Aucun utilisateur enregistré regarde cette page.
×
×
  • Créer...