une centaine d'infection

[papibraco]

Bonjour à toutes et tous,

voilà plouf,j'me balance à l'eau..

sujet commencé sur autre forum conseil de venir ici: pour faire court:

-depuis x mois pb mises a jour kb 973688 et 954430 en échec par système et manuel et par téléchargements etc..

-nbrx dysfonctionnements depuis dus ou non:refus instal diverses W live.Quictime.fichier audio impsiible à lire.assistant dépannage non opérationnel à chaque fois incident....7zip HS;;drivers genius non abouti car bloqué sur instal...message erreur tel:0x80070002-0x8002802f-800a0046-etc etc

erreur de script au démarrage,en gros.......

-après de nombreuses manips proposées par le support aide microsoft,dont un exam Malwarebytes disons...très positif...qui suit.l'assis microsoft m'a suggéré une réparation de W7.J'ai une disquette et la marche à suivre mais je flippe grave...ca a l'air simple mais le commercial du magasin d'informatique m'a mis le doute....faut être calé! les drvers et pilotes seront peut être à recharger...etc Bref je sais plus............................!!!!!!!!!!!!!!!!!!!!!!?????????????????

 

Je suis partant quand même(c'est comme ca qu'on apprend),mais si je plante!!!!

J'aimerais d'une ou plusieurs bonnes ames des avis;;et des conseils

Voici le rapport de l'examMalwarebytes' Anti-Malware 1.46

www.malwarebytes.org

 

Version de la base de données: 5214

RESOLU

 

Windows 6.1.7600 (Safe Mode)

Internet Explorer 8.0.7600.16385

 

29/11/2010 19:31:18

mbam-log-2010-11-29 (19-31-18).txt

 

Type d'examen: Examen complet (C:\|D:\|)

Elément(s) analysé(s): 417895

Temps écoulé: 1 heure(s), 9 minute(s), 7 seconde(s)

 

Processus mémoire infecté(s): 0

Module(s) mémoire infecté(s): 0

Clé(s) du Registre infectée(s): 49

Valeur(s) du Registre infectée(s): 2

Elément(s) de données du Registre infecté(s): 1

Dossier(s) infecté(s): 6

Fichier(s) infecté(s): 40

 

Processus mémoire infecté(s):

(Aucun élément nuisible détecté)

 

Module(s) mémoire infecté(s):

(Aucun élément nuisible détecté)

 

Clé(s) du Registre infectée(s):

HKEY_CLASSES_ROOT\AppID\{0d82acd6-a652-4496-a298-2bde705f4227} (Adware.ClickPotato) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\AppID\{7025e484-d4b0-441a-9f0b-69063bd679ce} (Adware.ClickPotato) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\AppID\{8258b35c-05b8-4c0e-9525-9bccc70f8f2d} (Adware.ClickPotato) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\AppID\{a89256ad-ec17-4a83-bef5-4b8bc4f39306} (Adware.ClickPotato) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{2f9ad413-2e0b-4a85-bb2a-cf961238262a} (Adware.Hotbar) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{8c788aa2-7530-43be-97b7-4d491f13bea3} (Adware.Softomate) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{100eb1fd-d03e-47fd-81f3-ee91287f9465} (Adware.ShopperReports) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{a7cddcdc-beeb-4685-a062-978f5e07ceee} (Adware.ShopperReports) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{c5428486-50a0-4a02-9d20-520b59a9f9b2} (Adware.ShopperReports) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{c5428486-50a0-4a02-9d20-520b59a9f9b3} (Adware.ShopperReports) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{bdea95cf-f0e6-41e0-bd3d-b00f39a4e939} (Adware.ShoppingReport2) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{a7cddcdc-beeb-4685-a062-978f5e07ceee} (Adware.ShopperReports) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{bdea95cf-f0e6-41e0-bd3d-b00f39a4e939} (Adware.ShoppingReport2) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{69725738-cd68-4f36-8d02-8c43722ee5da} (Adware.Hotbar) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\cntntcntr.cntntdic (Adware.Zango) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\cntntcntr.cntntdic.1 (Adware.Zango) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\cntntcntr.cntntdisp (Adware.Zango) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\cntntcntr.cntntdisp.1 (Adware.Zango) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\coresrv.coreservices (Adware.Zango) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\coresrv.coreservices.1 (Adware.Zango) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\coresrv.lfgax (Adware.Zango) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\coresrv.lfgax.1 (Adware.Zango) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\hbmain.commband (Adware.Zango) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\hbmain.commband.1 (Adware.Zango) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\hbr.hbmain (Adware.Zango) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\hbr.hbmain.1 (Adware.Zango) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\hostie.bho (Adware.Zango) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\hostie.bho.1 (Adware.Zango) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\hostol.mailanim (Adware.Zango) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\hostol.mailanim.1 (Adware.Zango) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\hostol.webmailsend (Adware.Zango) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\hostol.webmailsend.1 (Adware.Zango) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\hotbarax.info (Adware.Hotbar) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\hotbarax.info.1 (Adware.Hotbar) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\hotbarax.userprofiles (Adware.Hotbar) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\hotbarax.userprofiles.1 (Adware.Hotbar) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\hotbarweather.weathercontroller (Adware.Hotbar) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\hotbarweather.weathercontroller.1 (Adware.Hotbar) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\shopperreports.reporter (Adware.ShopperReports) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\shopperreports.reporter.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\srv.coreservices (Adware.Zango) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\srv.coreservices.1 (Adware.Zango) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\toolbar.htmlmenuui (Adware.Zango) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\toolbar.htmlmenuui.1 (Adware.Zango) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\toolbar.toolbarctl (Adware.Zango) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\toolbar.toolbarctl.1 (Adware.Zango) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\Software\hotbarsa (Adware.Hotbar) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\Outlook\Addins\HostOL.MailAnim (Adware.Hotbar) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\Word\Addins\HostOL.MailAnim (Adware.Hotbar) -> Quarantined and deleted successfully.

 

Valeur(s) du Registre infectée(s):

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Post Platform\srs_it_e879027ebd76595a36a899 (Malware.Trace) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Firefox\extensions\hotbar@hotbar.com (Adware.Hotbar) -> Quarantined and deleted successfully.

 

Elément(s) de données du Registre infecté(s):

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\Start Page (Hijack.Homepage) -> Bad: (http://www.missim.org/) Good: (http://www.Google.com/) -> Quarantined and deleted successfully.

 

Dossier(s) infecté(s):

C:\ProgramData\2ACA5CC3-0F83-453D-A079-1076FE1A8B65 (Adware.Seekmo) -> Quarantined and deleted successfully.

C:\ProgramData\HotbarSA (Adware.Hotbar) -> Quarantined and deleted successfully.

C:\Users\papibraco\AppData\Roaming\WeatherDPA (Adware.Hotbar) -> Quarantined and deleted successfully.

C:\Program Files (x86)\RegistryDoktor 4.1 (Rogue.RegistryDoktor) -> Quarantined and deleted successfully.

C:\Program Files (x86)\RegistryDoktor 4.1\definitions (Rogue.RegistryDoktor) -> Quarantined and deleted successfully.

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hotbar (Adware.Hotbar) -> Quarantined and deleted successfully.

 

Fichier(s) infecté(s):

C:\ProgramData\HotbarSA\HotbarSA.dat (Adware.Hotbar) -> Quarantined and deleted successfully.

C:\ProgramData\HotbarSA\HotbarSAAbout.mht (Adware.Hotbar) -> Quarantined and deleted successfully.

C:\ProgramData\HotbarSA\HotbarSAau.dat (Adware.Hotbar) -> Quarantined and deleted successfully.

C:\ProgramData\HotbarSA\HotbarSAEULA.mht (Adware.Hotbar) -> Quarantined and deleted successfully.

C:\ProgramData\HotbarSA\HotbarSA_hpk.dat (Adware.Hotbar) -> Quarantined and deleted successfully.

C:\ProgramData\HotbarSA\HotbarSA_kyf_update.dat (Adware.Hotbar) -> Quarantined and deleted successfully.

C:\Program Files (x86)\RegistryDoktor 4.1\definitions\200901.cab (Rogue.RegistryDoktor) -> Quarantined and deleted successfully.

C:\Program Files (x86)\RegistryDoktor 4.1\definitions\200902.cab (Rogue.RegistryDoktor) -> Quarantined and deleted successfully.

C:\Program Files (x86)\RegistryDoktor 4.1\definitions\200903.cab (Rogue.RegistryDoktor) -> Quarantined and deleted successfully.

C:\Program Files (x86)\RegistryDoktor 4.1\definitions\200904.cab (Rogue.RegistryDoktor) -> Quarantined and deleted successfully.

C:\Program Files (x86)\RegistryDoktor 4.1\definitions\200905.cab (Rogue.RegistryDoktor) -> Quarantined and deleted successfully.

C:\Program Files (x86)\RegistryDoktor 4.1\definitions\20090601.cab (Rogue.RegistryDoktor) -> Quarantined and deleted successfully.

C:\Program Files (x86)\RegistryDoktor 4.1\definitions\20090602.cab (Rogue.RegistryDoktor) -> Quarantined and deleted successfully.

C:\Program Files (x86)\RegistryDoktor 4.1\definitions\20090603.cab (Rogue.RegistryDoktor) -> Quarantined and deleted successfully.

C:\Program Files (x86)\RegistryDoktor 4.1\definitions\20090706.cab (Rogue.RegistryDoktor) -> Quarantined and deleted successfully.

C:\Program Files (x86)\RegistryDoktor 4.1\definitions\20090714.cab (Rogue.RegistryDoktor) -> Quarantined and deleted successfully.

C:\Program Files (x86)\RegistryDoktor 4.1\definitions\20090721.cab (Rogue.RegistryDoktor) -> Quarantined and deleted successfully.

C:\Program Files (x86)\RegistryDoktor 4.1\definitions\20090729.cab (Rogue.RegistryDoktor) -> Quarantined and deleted successfully.

C:\Program Files (x86)\RegistryDoktor 4.1\definitions\20090805.cab (Rogue.RegistryDoktor) -> Quarantined and deleted successfully.

C:\Program Files (x86)\RegistryDoktor 4.1\definitions\20090819.cab (Rogue.RegistryDoktor) -> Quarantined and deleted successfully.

C:\Program Files (x86)\RegistryDoktor 4.1\definitions\20090901.cab (Rogue.RegistryDoktor) -> Quarantined and deleted successfully.

C:\Program Files (x86)\RegistryDoktor 4.1\definitions\20090921.cab (Rogue.RegistryDoktor) -> Quarantined and deleted successfully.

C:\Program Files (x86)\RegistryDoktor 4.1\definitions\20091006.cab (Rogue.RegistryDoktor) -> Quarantined and deleted successfully.

C:\Program Files (x86)\RegistryDoktor 4.1\definitions\20091023.cab (Rogue.RegistryDoktor) -> Quarantined and deleted successfully.

C:\Program Files (x86)\RegistryDoktor 4.1\definitions\20091104.cab (Rogue.RegistryDoktor) -> Quarantined and deleted successfully.

C:\Program Files (x86)\RegistryDoktor 4.1\definitions\20091114.cab (Rogue.RegistryDoktor) -> Quarantined and deleted successfully.

C:\Program Files (x86)\RegistryDoktor 4.1\definitions\20091130.cab (Rogue.RegistryDoktor) -> Quarantined and deleted successfully.

C:\Program Files (x86)\RegistryDoktor 4.1\definitions\20091218.cab (Rogue.RegistryDoktor) -> Quarantined and deleted successfully.

C:\Program Files (x86)\RegistryDoktor 4.1\definitions\20091231.cab (Rogue.RegistryDoktor) -> Quarantined and deleted successfully.

C:\Program Files (x86)\RegistryDoktor 4.1\definitions\20100118.cab (Rogue.RegistryDoktor) -> Quarantined and deleted successfully.

C:\Program Files (x86)\RegistryDoktor 4.1\definitions\20100130.cab (Rogue.RegistryDoktor) -> Quarantined and deleted successfully.

C:\Program Files (x86)\RegistryDoktor 4.1\definitions\20100212.cab (Rogue.RegistryDoktor) -> Quarantined and deleted successfully.

C:\Program Files (x86)\RegistryDoktor 4.1\definitions\20100302.cab (Rogue.RegistryDoktor) -> Quarantined and deleted successfully.

C:\Program Files (x86)\RegistryDoktor 4.1\definitions\20100323.cab (Rogue.RegistryDoktor) -> Quarantined and deleted successfully.

C:\Program Files (x86)\RegistryDoktor 4.1\definitions\20100416.cab (Rogue.RegistryDoktor) -> Quarantined and deleted successfully.

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hotbar\About Hotbar.lnk (Adware.Hotbar) -> Quarantined and deleted successfully.

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hotbar\Hotbar Customer Support Center.lnk (Adware.Hotbar) -> Quarantined and deleted successfully.

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hotbar\Hotbar Games!.lnk (Adware.Hotbar) -> Quarantined and deleted successfully.

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hotbar\Hotbar Videos!.lnk (Adware.Hotbar) -> Quarantined and deleted successfully.

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hotbar\Reset Cursor.lnk (Adware.Hotbar) -> Quarantined and deleted successfully.

Modifié le 10 décembre 2010 par papibraco

[lance_yien]

Bonjour papibraco,

 

---

Très Important!

 

>>> A faire immédiatement:

En haut de ce message cliquer sur le bouton "Suivre ce sujet", en choisissant "Notification immédiate" => "Soumettre" tu seras avisé en temps réel pour les réponses apportées à ton sujet et de ce fait, ta machine sera nettoyée dans les meilleurs délais.

 

>>> Que faire durant ce nettoyage, merci de NE PAS utiliser, installer et/ou désinstaller aucun programme à part ceux qui sont proposés à chaque étape ce qui a pour but d'éviter tout problème d'incompatibilité entre les outils.

 

>>> Que faire à la réception de nouvelles instructions,

• Lire la totalité du message.
  
• Télécharger et enregistrer les utilitaires DIRECTEMENT sur le Bureau ou les déplacer (tout de suite après par un clic-droit dessus => "Couper" puis clic-droit sur le Bureau => "Coller".
  Certains programmes peuvent créer des problèmes s'ils ne sont pas lancés depuis le Bureau.
  
• Prendre l'habitude de désactiver tous les programmes de protection au début de chaque nouvelle étape et de les réactiver à la fin.
  
• Procéder toujours dans l'ordre donné et demander des clarifications si nécessaire AVANT de commencer.
  
• NE PAS hésiter à commenter et signaler tout changement (en bien ou en mal) dans le comportement de la machine ou par rapport au problème initial.
  

>>> Comment répondre:

- Cliquer sur le bouton (et non sur car je n'ai pas besoin de relire mes messages précédents).

- Coller le contenu des rapports SANS y ajouter AUCUN formatage de texte (en citation, code, couleur etc...).

---

 

Avant de se lancer dans les grandes manipulations:

Tu veux réinstaller Windows?

Tu as Windows7 (64bits)?

As-tu une partition de recouvrement (c'est le cas de la majorité des PC récents)?

 

a++

[papibraco]

Bonjour lance_yien,

désolé de fiche un peu le souk sur ce forum,mais bon...j'essaie de progresser...

-j'ai pris bonne note des consignes donc si j'ai bien compris à chaque manip je désactive le pare feu widows,et je remets ensuite

et pour les téléchargements d'utilitaires sur le 'bureau' j'ai jamais fait...je pense que c'est juste pour lancer l'application?...

-sinon j'ai un pc asusk72j,ma messagerie c'est incredimail, le système c' est windows 7 en 64 bits.

-j ai un cd récupére au service commercial de mon revendeur-de "recouvrement" je sais pas...Cd ASUS/Driver et Utility Ver 1.0 K72JR/X72JR/A72JR this disc supports Windows 7 32/64-bit

dans la partie inférieure de l'étiquette,on dit eb anglais que ca doit démarrer auto..sinon run setup.exe et j'ai 3 références(sans explication):

N3556 ensuite

15G356407000 et enfin

1535-03V7000

voila pour le cd

-sinon mon pc est récent -février 2010-et m'a été vendu avec le sys et autre déjà pré-installé- et je n'ai pas fait de grosses manip justifiant toutes ces merdouilles....en fait j'ai juste fait confiance..sécurité etc...(il faut quand même que je signale que j'ai 3 gosses -des grands- qui ont utilisé la "b^te avant moi!)

-à la question"tu veux ré-installer windows" c'est juste "réparer"d'àprès le message ass micros....maintenant moins c'est hard mieux c'est!!!

a plus:

[lance_yien]

-j'ai pris bonne note des consignes donc si j'ai bien compris à chaque manip je désactive le pare feu widows,et je remets ensuite

OUI, visiblement tu n'as pas d'antivirus. On verra après!

 

et pour les téléchargements d'utilitaires sur le 'bureau' j'ai jamais fait...je pense que c'est juste pour lancer l'application?...

Il y un côté pratique et un autre obligé selon les programmes. Comme je l'ai dit certains refuseront carrément.

Si tu ne veux pas changer, tu as juste à les déplacer comme indiqué.

Donc on désinfecte en 1er lieu et on voit après s'il y a des dysfonctionnements qui persistent.

--

 

Imprimer ces instructions ou les enregistrer dans un fichier texte sur le Bureau pour les consulter facilement à tout moment et télécharger, sur le Bureau:

• OTL (par OldTimer) depuis ici ou ici.
• Security Check (par screen317) depuis ici ou ici.

 

>>> ESET Online Scanner: Désactiver antivirus/ parefeu et antispyware et utiliser Internet Explorer pour faire une analyse en ligne ICI.

• Cliquer sur le bouton vert ESET Online Scanner button, cocher la case YES, I accept the Terms of Use et cliquer sur Start.
  
• Accepter l'installation de l'ActiveX.
  
• Cocher Scan archives et cliquer Start.
  
• Eset téléchargera la base de données et commencera le scan. Le laisser finir son scan.
  
• Ensuite, cliquer sur "List of found threats"
  
• Cliquer sur "Export to text file..." et sauvegarder les résultats sur le Bureau en le nommant "scan-eset" pour les copier/coller ici.
  
• Cliquer sur le bouton "<< Back" et cocher la case Uninstall application on close pour supprimer ESET Online Scanner de la machine.
  
• Cliquer sur Finish et poster le rapport.

 

>>> OTL Fermer tout et cliquer-droit sur OTL.exe => "Exécuter en tant qu'Admin".

Copiez/ Collez ces lignes (commençant par netsvcs) dans l'espace sous "Personnalisation":

netsvcs

drivers32

%SYSTEMDRIVE%\*.*

%systemroot%\*. /mp /s

CREATERESTOREPOINT

HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs

Sans rien changer, cliquer sur le bouton bleu Analyse et laisser faire.

A la fin du scan, 2 rapports seront créés: OTL.txt (qui s'ouvre dans le bloc-note) et Extras.txt (qui sera minimisé dans la Barre des tâches).

Copier/ Coller le contenu de chaque rapport, un seul par message parce qu'ils sont souvent très longs et dépassent la limite autorisée par le forum.

 

>>> SecurityCheck: Fermer tout et cliquer-droit sur SecurityCheck.exe => "Exécuter en tant qu'Admin".

Appuyer sur une touche comme demandé et suivre les indications.

Note: Si un des programmes de sécurité demande la permission d'accéder à Internet depuis dig.exe, acceptez.

Le Rapport checkup.txt s'ouvre à la fin. Poster son contenu.

Ce rapport ne sera pas enregistré automatiquement. Si vous voulez en garder une copie, cliquez sur "Fichier" => "Enregistrer sous", choisissez un endroit (Bureau par exemple) et cliquez sur "Enregistrer" en bas à droite.

Poster son contenu.

 

 

Rapports demandés (un seul par message):

• scan-results
• OTL.txt
• Extras.txt
• checkup.txt

[papibraco]

post du scan-eset/results

 

 

C:\Program Files\ReviverSoft\Registry Reviver\SetUp_x64.exe a variant of Win32/SlowPCfighter application cleaned by deleting - quarantined

C:\Program Files (x86)\Common Files\Wise Installation Wizard\WIS5158974E2D28401893357694C2974746_10_4_10_2.MSI multiple threats deleted - quarantined

C:\Program Files (x86)\Uniblue\RegistryBooster\Launcher.exe Win32/RegistryBooster application cleaned by deleting - quarantined

C:\Program Files (x86)\Uniblue\RegistryBooster\rbmonitor.exe Win32/RegistryBooster application cleaned by deleting - quarantined

C:\Program Files (x86)\Uniblue\RegistryBooster\rbnotifier.exe Win32/RegistryBooster application cleaned by deleting - quarantined

C:\Program Files (x86)\Uniblue\RegistryBooster\rb_move_serial.exe Win32/RegistryBooster application cleaned by deleting - quarantined

C:\Program Files (x86)\Uniblue\RegistryBooster\rb_track_install.exe Win32/RegistryBooster application cleaned by deleting - quarantined

C:\Program Files (x86)\Uniblue\RegistryBooster\registrybooster.exe Win32/RegistryBooster application cleaned by deleting - quarantined

C:\Program Files (x86)\Uniblue\SpeedUpMyPC\Launcher.exe Win32/SpeedUpMyPC application cleaned by deleting - quarantined

C:\Users\papibraco\AppData\Roaming\OpenCandy\OpenCandy_46139B36F1924B2E80B554A361CE9599\p1v1_PPIRegistryReviver_w.exe a variant of Win32/SlowPCfighter application deleted - quarantined

C:\Users\papibraco\AppData\Roaming\OpenCandy\OpenCandy_46139B36F1924B2E80B554A361CE9599\PPIRegistryReviverSetup.exe a variant of Win32/SlowPCfighter application cleaned by deleting - quarantined

C:\Users\papibraco\AppData\Roaming\Uniblue\RegistryBooster\_temp\ub.exe a variant of Win32/RegistryBooster application deleted - quarantined

D:\PAPIBRACO-PC\Backup Set 2010-11-22 080756\Backup Files 2010-11-22 080756\Backup files 13.zip a variant of Win32/SlowPCfighter application deleted - quarantined

D:\PAPIBRACO-PC\Backup Set 2010-11-22 080756\Backup Files 2010-11-22 080756\Backup files 14.zip a variant of Win32/RegistryBooster application deleted - quarantined

D:\PAPIBRACO-PC\Backup Set 2010-11-22 080756\Backup Files 2010-11-22 080756\Backup files 2.zip a variant of Win32/SlowPCfighter application deleted - quarantined

D:\PAPIBRACO-PC\Backup Set 2010-11-22 080756\Backup Files 2010-11-22 080756\Backup files 9.zip Win32/SpeedUpMyPC application deleted - quarantined

[papibraco]

esnetsvcs

drivers32

% SYSTEMDRIVE% \ *.*

% Systemroot% \ *. / Mp / s

CREATERESTOREPOINT

HKEY_LOCAL_MACHINE \ SOFTWARE \ Policies \ Microsoft \ Windows \ WindowsUpdate \ UA

HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ CurrentVersion \ WindowsUpdate \ Auto Update \ Résultats \ Install | LastSuccessTime / rssai envoi du rapport extras txtnetsvcs

drivers32

% SYSTEMDRIVE% \ *.*

% Systemroot% \ *. / Mp / s

CREATERESTOREPOINT

HKEY_LOCAL_MACHINE \ SOFTWARE \ Policies \ Microsoft \ Windows \ WindowsUpdate \ UA

HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ CurrentVersion \ WindowsUpdate \ Auto Update \ Résultats \ Install | LastSuccessTime / rsOTL Extras logfile created on: 03/12/2010 23:06:02 - Run 1

OTL by OldTimer - Version 3.2.17.3 Folder = C:\Users\papibraco\Downloads

64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation

Internet Explorer (Version = 8.0.7600.16385)

Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy

 

4,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 51,00% Memory free

10,00 Gb Paging File | 8,00 Gb Available in Paging File | 80,00% Paging File free

Paging file location(s): C:\pagefile.sys 5922 5922 [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)

Drive C: | 116,44 Gb Total Space | 76,10 Gb Free Space | 65,36% Space Free | Partition Type: NTFS

Drive D: | 334,67 Gb Total Space | 301,54 Gb Free Space | 90,10% Space Free | Partition Type: NTFS

 

Computer Name: PAPIBRACO-PC | User Name: papibraco | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

 

========== Extra Registry (SafeList) ==========

 

 

========== File Associations ==========

 

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.url[@ = InternetShortcut] -- C:\Windows\System32\ieframe.DLL (Microsoft Corporation)

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

.url [@ = InternetShortcut] -- C:\Windows\System32\ieframe.DLL (Microsoft Corporation)

 

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]

.html [@ = ChromeHTML] -- C:\Users\papibraco\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.)

 

========== Shell Spawning ==========

 

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %* File not found

cmdfile [open] -- "%1" %* File not found

comfile [open] -- "%1" %* File not found

exefile [open] -- "%1" %* File not found

helpfile [open] -- Reg Error: Key error.

htmlfile [edit] -- Reg Error: Key error.

htmlfile [print] -- "C:\Windows\system32\rundll32.exe" "C:\Windows\system32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)

inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)

InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)

InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)

piffile [open] -- "%1" %* File not found

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1" File not found

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)

scrfile [open] -- "%1" /S File not found

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found

Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [explore] -- Reg Error: Value error.

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)

exefile [open] -- "%1" %*

helpfile [open] -- Reg Error: Key error.

htmlfile [edit] -- Reg Error: Key error.

htmlfile [print] -- "C:\Windows\system32\rundll32.exe" "C:\Windows\system32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)

inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)

InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)

InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [explore] -- Reg Error: Value error.

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

 

========== Security Center Settings ==========

 

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"cval" = 1

"AutoUpdateDisableNotify" = 1

 

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

 

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]

"AntiVirusOverride" = 0

"AntiSpywareOverride" = 0

"FirewallOverride" = 0

 

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

 

========== Firewall Settings ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

"DisableNotifications" = 0

"EnableFirewall" = 1

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

"DisableNotifications" = 0

"EnableFirewall" = 1

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]

"DisableNotifications" = 0

"EnableFirewall" = 1

 

========== Authorized Applications List ==========

 

 

========== HKEY_LOCAL_MACHINE Uninstall List ==========

 

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{393ABB00-B641-4B28-9050-1FC9B717D3ED}" = GreenPrint

"0E74EB10C05C955C24243E6D3120CDC972FC5B1D" = Windows Driver Package - Broadcom HIDClass (06/11/2009 6.2.0.9500)

"2AA10AB519DC7432D599A0E860206A7DDCC27764" = Windows Driver Package - Broadcom Bluetooth (07/29/2009 6.1.7100.0)

"ASUS WebStorage" = ASUS WebStorage

"CCleaner" = CCleaner

"Elantech" = ETDWare PS/2-x64 7.0.5.9_WHQL

"F9FD5BBF579A4BFD40D38BE291F731666B27DC28" = Windows Driver Package - Broadcom Bluetooth (07/17/2009 6.2.0.9403)

"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile

"Microsoft .NET Framework 4 Client Profile FRA Language Pack" = Module linguistique Microsoft .NET Framework 4 Client Profile FRA

"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended

"Microsoft .NET Framework 4 Extended FRA Language Pack" = Module linguistique Microsoft .NET Framework 4 Extended FRA

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148

"{0498D807-1B6C-4C47-3403-AB78C5205539}" = CCC Help Thai

"{06585B02-F20D-4AB2-9A64-86EF2AE0F8F0}" = ASUS AI Recovery

"{075E4ABC-928E-9B1B-D4F1-EAB25E565A33}" = Catalyst Control Center Graphics Full Existing

"{0969AF05-4FF6-4C00-9406-43599238DE0D}" = ASUS Splendid Video Enhancement Technology

"{09BBD84F-CC00-D8E1-5A4F-D37BA1A76A35}" = CCC Help Russian

"{09FF4DB8-7DE9-4D47-B7DB-915DB7D9A8CA}" = Uniblue RegistryBooster

"{10CDCAD1-6F37-5938-89A0-FAFC58B007D3}" = CCC Help Danish

"{121634B0-2F4B-11D3-ADA3-00C04F52DD52}" = Windows Installer Clean Up

"{1485BCD3-1E59-2120-EE0C-3390C5C53B5A}" = CCC Help Chinese Standard

"{159499C8-68C1-C6CB-2682-9D7AD450FDC7}" = CCC Help Japanese

"{17F6FF31-E155-DE44-3745-305A89FE8B80}" = Catalyst Control Center Graphics Previews Vista

"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer

"{189F8DEC-2B05-02AC-C4B9-38411A3825B1}" = CCC Help Portuguese

"{1D03F9DF-FCCE-5114-2787-3FA3568CFC8B}" = CCC Help Polish

"{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}" = ASUS LifeFrame3

"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

"{2075CB0A-D26F-4DAA-B424-5079296B43BA}" = Windows Live FolderShare

"{20FDF948-C8ED-4543-A539-F7F4AEF5AFA2}" = Wireless Console 3

"{2147B890-E62E-5DA7-D15B-C637ED4D2CC3}" = CCC Help Chinese Traditional

"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT

"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer

"{23F9F197-B8CD-BB88-2509-267F083F7062}" = ccc-core-static

"{266517E6-D866-439D-919C-B8B1A52E6080}" = OpenOffice.org 3.2

"{26A24AE4-039D-4CA4-87B4-2F83216020F0}" = Java 6 Update 20

"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java 6 Update 22

"{2C8574B5-6935-4FCE-860E-F4E8602378FF}" = OfferBox

"{32343DB6-9A52-40C9-87E4-5E7C79791C87}" = MSXML 4.0 SP2 and SOAP Toolkit 3.0

"{34562452-1967-951F-28A9-970C86DFA1D7}" = Catalyst Control Center Core Implementation

"{3729070B-F19C-4652-B67D-8D92A7BEF99C}" = PeerTV-2-1-007

"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform

"{3E96F8D0-1414-26C6-AEDB-4447C3109D90}" = CCC Help Spanish

"{400EEB8E-513A-47E6-8170-BFCF6C8A7DCF}_is1" = EasyFlirt Messenger 2.0

"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go

"{4286E640-B5FB-11DF-AC4B-005056C00008}" = Google Earth

"{4634B21A-CC07-4396-890C-2B8168661FEA}" = Windows Live Writer

"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater

"{531C00B3-1F6E-64B8-2DA3-D75AA840CA2E}" = Catalyst Control Center Graphics Light

"{53B20C18-D8D4-4588-8737-9BBFE303C354}" = Windows Live Movie Maker

"{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}" = Microsoft Office Live Add-in 1.3

"{58A6AA51-DA03-4C75-ADE9-7C0D67D77066}" = Internet Explorer

"{5B65EF64-1DFA-414A-8C94-7BB726158E21}" = ControlDeck

"{5BF68530-76F5-429A-B8FB-CDD2B8D13289}" = IMBooster4Web

"{5DD76286-9BE7-4894-A990-E905E91AC818}" = Windows Live Mail

"{5E97F3BD-CDDC-4188-9D98-532E14FABB5D}" = IncrediMail

"{6084C211-01A1-464E-97A0-09772E122B50}" = Moovida

"{6324A1EF-CEF4-43E3-8BCD-9EF3F67317FD}" = NB Probe

"{64452561-169F-4A36-A2FF-B5E118EC65F5}" = ASUS SmartLogon

"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel® Management Engine Components

"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update

"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin

"{705C1482-BB28-B8DD-D1FB-F76774664308}" = Catalyst Control Center Graphics Previews Common

"{7145C946-B9BA-8101-90EE-08CB1B6F2AB1}" = CCC Help Dutch

"{75AE8014-1184-4BC0-B279-C879540719EE}" = PhotoMail Maker

"{770F1BEC-2871-4E70-B837-FB8525FFA3B1}" = Windows Live Messenger

"{77DCDCE3-2DED-62F3-8154-05E745472D07}" = Acrobat.com

"{793A260C-CDBF-499C-ABBA-B51E8E076867}_is1" = Uniblue PowerSuite

"{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}" = Windows Live Call

"{835525BE-63BD-4EC4-9425-00CEAD4849C2}" = Widestream6

"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar

"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight

"{8A5EB4E7-7371-519A-735D-AAA9AC9C2792}" = CCC Help Finnish

"{8F21291E-0444-4B1D-B9F9-4370A73E346D}" = WinFlash

"{90024193-9F13-4877-89D5-A1CDF0CBBF28}" = Feedback Tool

"{95120000-0122-040C-0000-0000000FF1CE}" = Microsoft Office Outlook Connector

"{9D48531D-2135-49FC-BC29-ACCDA5396A76}" = ASUS MultiFrame

"{9D6D7811-43B3-463C-BC79-5D1755269989}" = Net4Switch

"{A025CFB8-64E7-4432-824F-11E7C5ED2ECE}_is1" = Artweaver 1.0

"{A4646CC8-905B-4E6D-A094-4C9FB1621042}" = ArcSoft MediaImpression

"{A53DAEB6-72F4-70CF-3C97-33255284B8E8}" = CCC Help Norwegian

"{A8B80045-6EB4-F93A-828F-7038007AA2EA}" = CCC Help Czech

"{A912DA90-FAD5-F4F2-869C-E50BFA584B0B}" = CCC Help Italian

"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper

"{AB3C268A-E54B-4F6D-BF97-2DFCEEFA94F5}" = Catalyst Control Center - Branding

"{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}" = ATK Package

"{AC76BA86-7AD7-1033-7B44-A94000000001}" = Adobe Reader 9.4.1

"{AEBA98E2-FDFB-6669-6994-9C42751675B4}" = Catalyst Control Center Localization All

"{AFB23B2D-21D6-2840-82BB-3C312C85897D}" = CCC Help Korean

"{B131E59D-202C-43C6-84C9-68F0C37541F1}" = Galerie de photos Windows Live

"{B194272D-1F92-46DF-99EB-8D5CE91CB4EC}" = Adobe AIR

"{B61AF6D1-49F9-7776-6BAB-2F3F3CF6BAA9}" = CCC Help Turkish

"{C20AD945-FCB5-D88A-6479-4E90CE196F1E}" = CCC Help German

"{C2F8CA82-2BD9-4513-B2D1-08A47914C1DA}_is1" = Uniblue DriverScanner

"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint

"{C78EAC6F-7A73-452E-8134-DBB2165C5A68}" = QuickTime

"{CFF8B8E8-E086-4DE0-935F-FE22CAB54F80}" = Microsoft Search Enhancement Pack

"{DA5A2B93-2A3B-DFCB-FB68-082A3B505758}" = CCC Help Hungarian

"{DC485813-86F2-B1EA-0B57-F199906DCE57}" = CCC Help Greek

"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update

"{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}" = IDT Audio

"{E55B3271-7CA8-4D0C-AE06-69A24856E996}_is1" = Uniblue SpeedUpMyPC

"{E657B243-9AD4-4ECC-BE81-4CCF8D667FD0}" = ASUS Live Update

"{E7EE9A81-AE31-463D-E416-4D6B10A10E4B}" = CCC Help English

"{EBBBF21F-7E48-9766-5DC6-7D1C29B3B431}" = CCC Help French

"{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}" = ASUS Virtual Camera

"{EF445145-5ADF-CF94-40AD-0F2E770BC54D}" = CCC Help Swedish

"{F0DF4513-3C4C-4EB8-8012-2C5F70AF3988}" = ASUS FancyStart

"{F2739D43-F30E-4294-87C1-0F814CCEB9E9}" = Catalyst Control Center InstallProxy

"{F4BF5F6B-F695-4762-AEB2-D095A4C34D89}" = Alcor Micro USB Card Reader

"{F5691B9D-513B-4B07-2A3C-DC65566DE2C1}" = Catalyst Control Center Graphics Full New

"{FA2092C5-7979-412D-A962-6485274AE1EE}" = ASUS Data Security Manager

"7-Zip" = 7-Zip 4.65

"AbiWord2" = AbiWord 2.8.6

"AceMoney Lite_is1" = AceMoney Lite

"Adobe AIR" = Adobe AIR

"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX

"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin

"Advanced SystemCare 3_is1" = Advanced SystemCare 3

"aignesamdeadlink_is1" = AM-DeadLink 4.3

"ASUS AP Bank_is1" = ASUS AP Bank

"ASUSUSBDEVIC" = ASUS USB2.0 UVC VGA WebCam

"Audacity 1.3 Beta (Unicode)_is1" = Audacity 1.3.12 (Unicode)

"Avanquest_FR Toolbar" = Avanquest FR Toolbar

"avast5" = avast! Free Antivirus

"Calendrier 2000_is1" = Calendrier Xtra v12.000

"Celtx (2.7)" = Celtx (2.7)

"conduitEngine" = Conduit Engine

"Driver Genius Professional Edition_is1" = Driver Genius Professional Edition

"DVDVideoSoftTB Toolbar" = DVDVideoSoftTB Toolbar

"FotoMorph" = Digital Photo Software FotoMorph 12.4

"Foxit Reader" = Foxit Reader

"Google Desktop" = Google Desktop

"Google Updater" = Outil de mise à jour Google

"IncrediMail" = IncrediMail 2.0

"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go

"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint

"InstallShield_{F4BF5F6B-F695-4762-AEB2-D095A4C34D89}" = Alcor Micro USB Card Reader

"K_Series_ScreenSaver_EN" = K_Series_ScreenSaver_EN

"M6VOD" = Désinstallation du M6 VOD Video Manager

"MeilleurSofts_is1" = MeilleurSofts 1.3

"Moovida" = Moovida

"Mozilla Firefox (3.6.12)" = Mozilla Firefox (3.6.12)

"MyPaint" = MyPaint 0.9.0

"PC Fix 2010_is1" = PCFix

"PC Speed Maximizer_is1" = PC Speed Maximizer v2.0

"Philips Songbird" = Philips Songbird

"PhotoMail" = PhotoMail Maker

"Picasa 3" = Picasa 3

"Radio_Fr" = Radio Fr Solo 2.1

"Radio_France Toolbar" = Radio France Toolbar

"Revo Uninstaller" = Revo Uninstaller 1.89

"Scribus 1.3.3.14" = Scribus 1.3.3.14

"Simple Sudoku_is1" = Simple Sudoku 4.2

"Softonic_France Toolbar" = Softonic_France Toolbar

"Software Informer_is1" = Software Informer 1.0 BETA

"Storybook" = Storybook

"TreeDBNotes Pro 3" = TreeDBNotes Pro 3

"Trojan Remover_is1" = Trojan Remover 6.8.1

"Uniblue RegistryBooster" = Uniblue RegistryBooster

"Uninstall_is1" = Uninstall 1.0.0.1

"UpdateMeilleurSofts_is1" = UpdateMeilleurSofts 1.3

"yWriter5_is1" = yWriter5

 

========== HKEY_CURRENT_USER Uninstall List ========== :::::::::::::::::::::::::::::::::::::::::::EUH C EST BON ??

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"Gnumeric" = Gnumeric Spreadsheet 1.9.1-win32-20080625

"Google Chrome" = Google Chrome

"Screenpresso" = Screenpresso

 

========== Last 10 Event Log Errors ==========

 

Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!

 

< End of report >

[papibraco]

nouveau message avec 3eme rapport

 

OTL logfile created on: 03/12/2010 23:06:02 - Run 1

OTL by OldTimer - Version 3.2.17.3 Folder = C:\Users\papibraco\Downloads

64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation

Internet Explorer (Version = 8.0.7600.16385)

Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy

 

4,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 51,00% Memory free

10,00 Gb Paging File | 8,00 Gb Available in Paging File | 80,00% Paging File free

Paging file location(s): C:\pagefile.sys 5922 5922 [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)

Drive C: | 116,44 Gb Total Space | 76,10 Gb Free Space | 65,36% Space Free | Partition Type: NTFS

Drive D: | 334,67 Gb Total Space | 301,54 Gb Free Space | 90,10% Space Free | Partition Type: NTFS

 

Computer Name: PAPIBRACO-PC | User Name: papibraco | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

 

========== Processes (SafeList) ==========

 

PRC - [2010/12/03 18:59:33 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\papibraco\Downloads\OTL.exe

PRC - [2010/12/01 00:02:35 | 000,991,800 | ---- | M] (Google Inc.) -- C:\Users\papibraco\AppData\Local\Google\Chrome\Application\chrome.exe

PRC - [2010/10/27 19:17:52 | 000,207,424 | ---- | M] (ArcSoft Inc.) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe

PRC - [2010/10/27 07:15:43 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe

PRC - [2010/10/27 07:15:43 | 000,016,856 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe

PRC - [2010/09/28 20:33:02 | 002,407,632 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\Advanced SystemCare 3\AWC.exe

PRC - [2010/09/15 20:39:19 | 000,030,192 | ---- | M] (Google) -- C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktop.exe

PRC - [2010/09/07 16:12:02 | 002,838,912 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe

PRC - [2010/09/07 16:11:59 | 000,040,384 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe

PRC - [2010/08/25 11:27:44 | 000,309,824 | ---- | M] (ArcSoft Inc.) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac

PRC - [2010/08/19 13:24:04 | 001,281,696 | ---- | M] (Moovida) -- C:\Program Files (x86)\Fluendo\Moovida\spointer\moovida_air.exe

PRC - [2010/07/29 22:32:58 | 000,284,016 | ---- | M] (Driver-Soft Inc.) -- C:\Program Files (x86)\Driver-Soft\DriverGenius\TaskTray.exe

PRC - [2010/06/28 21:37:24 | 002,322,501 | ---- | M] (Informer Technologies, Inc.) -- C:\Program Files (x86)\Software Informer\softinfo.exe

PRC - [2010/03/18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe

PRC - [2010/02/17 22:47:21 | 000,039,408 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

PRC - [2010/01/25 07:19:41 | 003,054,136 | ---- | M] (ASUS) -- C:\Windows\AsScrPro.exe

PRC - [2009/11/12 19:10:06 | 001,597,440 | ---- | M] () -- C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe

PRC - [2009/11/10 04:20:36 | 000,096,896 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe

PRC - [2009/11/02 23:21:26 | 000,103,720 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe

PRC - [2009/10/26 19:10:42 | 000,174,720 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe

PRC - [2009/10/01 04:34:22 | 002,314,240 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

PRC - [2009/10/01 04:33:08 | 000,262,144 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

PRC - [2009/09/24 22:50:02 | 000,053,888 | ---- | M] () -- C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe

PRC - [2009/08/19 16:08:04 | 000,879,616 | ---- | M] (2L Multimédia) -- C:\Program Files (x86)\EasyFlirt Messenger\EasyFlirt Messenger.exe

PRC - [2009/06/24 12:30:18 | 000,272,952 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe

PRC - [2009/06/19 19:29:26 | 002,488,888 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe

PRC - [2009/06/16 02:30:42 | 000,084,536 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe

PRC - [2009/05/19 00:58:38 | 000,305,720 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe

PRC - [2008/12/23 02:15:34 | 000,174,648 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe

PRC - [2008/03/31 02:55:48 | 000,225,280 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe

PRC - [2007/11/30 20:20:44 | 000,051,768 | ---- | M] () -- C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe

PRC - [2007/11/20 13:50:36 | 001,145,400 | ---- | M] (ASUS) -- C:\Program Files\ASUS\Net4Switch\Net4Switch.exe

PRC - [2007/08/03 12:24:54 | 000,125,496 | ---- | M] () -- C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe

 

 

========== Modules (SafeList) ==========

 

MOD - [2010/12/03 18:59:33 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\papibraco\Downloads\OTL.exe

MOD - [2009/07/14 02:09:00 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\normaliz.dll

MOD - [2009/07/14 02:03:50 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll

 

 

========== Win32 Services (SafeList) ==========

 

SRV:64bit: - [2010/10/13 22:09:36 | 000,540,200 | ---- | M] (GreenPrint Technologies LLC.) [Auto | Running] -- C:\Program Files\GreenPrint\GPSRHT01.exe -- (GreenPrint)

SRV:64bit: - [2010/09/07 16:11:59 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Web Scanner)

SRV:64bit: - [2010/09/07 16:11:59 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Mail Scanner)

SRV:64bit: - [2010/09/07 16:11:59 | 000,040,384 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)

SRV:64bit: - [2009/11/27 04:39:45 | 000,243,712 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_38986e29a8b510a2\stacsv64.exe -- (STacSV)

SRV:64bit: - [2009/11/11 09:29:13 | 000,202,752 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)

SRV:64bit: - [2009/09/17 20:36:34 | 000,359,552 | ---- | M] (ASUSTeK Computer Inc.) [Auto | Running] -- C:\Windows\SysNative\FBAgent.exe -- (AFBAgent)

SRV:64bit: - [2009/08/03 01:54:14 | 000,864,032 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins)

SRV:64bit: - [2009/07/14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)

SRV:64bit: - [2007/08/03 12:24:54 | 000,125,496 | ---- | M] () [On_Demand | Running] -- C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe -- (spmgr)

SRV - [2010/09/23 15:45:06 | 000,373,640 | ---- | M] (LogMeIn, Inc.) [Auto | Stopped] -- C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe -- (LMIGuardianSvc)

SRV - [2010/09/15 20:39:19 | 000,030,192 | ---- | M] (Google) [On_Demand | Stopped] -- C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktop.exe -- (GoogleDesktopManager-051210-111108)

SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)

SRV - [2010/03/18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)

SRV - [2009/11/10 04:20:36 | 000,096,896 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe -- (ATKGFNEXSrv)

SRV - [2009/10/01 04:34:22 | 002,314,240 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS) Intel®

SRV - [2009/10/01 04:33:08 | 000,262,144 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS) Intel®

SRV - [2009/06/16 02:30:42 | 000,084,536 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe -- (ASLDRService)

SRV - [2009/06/10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)

SRV - [2008/03/31 02:55:48 | 000,225,280 | ---- | M] (ASUSTek Computer Inc.) [On_Demand | Running] -- C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe -- (ADSMService)

 

 

========== Driver Services (SafeList) ==========

 

DRV:64bit: - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\lmimirr.sys -- (lmimirr)

DRV:64bit: - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\ipswuio.sys -- (ipswuio)

DRV:64bit: - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\GEARAspiWDM.sys -- (GEARAspiWDM)

DRV:64bit: - [2010/11/30 11:33:36 | 000,116,752 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)

DRV:64bit: - [2010/10/30 10:48:56 | 000,070,768 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\l1c51x64.sys -- (L1C)

DRV:64bit: - [2010/09/23 00:36:48 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)

DRV:64bit: - [2010/09/07 15:47:33 | 000,061,008 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)

DRV:64bit: - [2010/09/01 15:34:43 | 000,125,456 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService)

DRV:64bit: - [2010/09/01 15:32:36 | 001,584,640 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)

DRV:64bit: - [2009/11/27 04:39:45 | 000,505,344 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA)

DRV:64bit: - [2009/11/11 10:02:11 | 006,104,576 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)

DRV:64bit: - [2009/10/29 07:54:29 | 000,692,736 | ---- | M] (PixArt Imaging Incorporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GUCI_AVS.sys -- (GUCI_AVS)

DRV:64bit: - [2009/10/15 10:23:19 | 000,117,760 | ---- | M] (ELAN Microelectronic Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ETD.sys -- (ETD)

DRV:64bit: - [2009/09/17 21:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64) Intel®

DRV:64bit: - [2009/08/06 22:24:13 | 000,408,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)

DRV:64bit: - [2009/07/20 10:29:39 | 000,015,416 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kbfiltr.sys -- (kbfiltr)

DRV:64bit: - [2009/07/14 02:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)

DRV:64bit: - [2009/07/14 02:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)

DRV:64bit: - [2009/07/14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)

DRV:64bit: - [2009/07/14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)

DRV:64bit: - [2009/07/14 02:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)

DRV:64bit: - [2009/07/14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)

DRV:64bit: - [2009/07/01 05:46:57 | 000,052,264 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btusbflt.sys -- (btusbflt)

DRV:64bit: - [2009/07/01 05:46:51 | 000,098,344 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio)

DRV:64bit: - [2009/07/01 05:46:47 | 000,132,648 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt)

DRV:64bit: - [2009/07/01 05:46:39 | 000,021,160 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid)

DRV:64bit: - [2009/06/10 21:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs)

DRV:64bit: - [2009/06/10 21:35:57 | 000,056,832 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SiSG664.sys -- (SiSGbeLH)

DRV:64bit: - [2009/06/10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)

DRV:64bit: - [2009/06/10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)

DRV:64bit: - [2009/06/10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)

DRV:64bit: - [2009/06/10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)

DRV:64bit: - [2009/05/13 18:07:20 | 000,015,928 | ---- | M] (ASUS) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ATK64AMD.sys -- (MTsensor)

DRV:64bit: - [2009/04/07 08:33:07 | 000,035,104 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwl2cap.sys -- (btwl2cap)

DRV:64bit: - [2008/05/24 02:27:28 | 000,154,168 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr)

DRV:64bit: - [2007/08/03 05:26:48 | 000,017,464 | ---- | M] () [Kernel | Auto | Running] -- C:\Program Files\ASUS\NB Probe\SPM\ghaio.sys -- (ghaio)

DRV - [2010/02/12 22:44:56 | 000,015,664 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)

DRV - [2009/07/03 02:36:14 | 000,015,416 | ---- | M] (ASUS) [Kernel | Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys -- (ASMMAP64)

 

 

========== Standard Registry (SafeList) ==========

 

 

========== Internet Explorer ==========

 

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL =     

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL =     

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =     

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Google

IE - HKLM\..\URLSearchHook: {1a2cd84f-2175-4ae8-bd60-ce0d04442b4f} - C:\Program Files (x86)\Radio_France\tbRad0.dll (Conduit Ltd.)

IE - HKLM\..\URLSearchHook: {4daac69c-cba7-45e2-9bc8-1044483d3352} - C:\Program Files (x86)\Softonic_France\tbSof0.dll (Conduit Ltd.)

IE - HKLM\..\URLSearchHook: {6ec85fcf-87ad-41d7-ae1f-f116f8ad4848} - C:\Program Files (x86)\Avanquest_FR\tbAva1.dll (Conduit Ltd.)

IE - HKLM\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files (x86)\DVDVideoSoftTB\tbDVD0.dll (Conduit Ltd.)

 

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =     

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Nos coups de coeur : fonds d'écran, photos, dessins préférés ! - Hebus.com

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = MSN : Hotmail, Messenger, Bing, Actualité et Sport

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = fr-FR

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = Google Toolbar

IE - HKCU\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)

IE - HKCU\..\URLSearchHook: {1a2cd84f-2175-4ae8-bd60-ce0d04442b4f} - C:\Program Files (x86)\Radio_France\tbRad0.dll (Conduit Ltd.)

IE - HKCU\..\URLSearchHook: {7e271d5d-8e55-44be-ba10-514e2533c42e} - Reg Error: Key error. File not found

IE - HKCU\..\URLSearchHook: {9bb815eb-3f9f-4e11-9150-cb70e29b40fc} - Reg Error: Key error. File not found

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

========== FireFox ==========

 

FF - prefs.js..browser.search.defaultenginename: "Google"

FF - prefs.js..browser.search.defaultthis.engineName: "Softonic_France Customized Web Search"

FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2542115&SearchSource=3&q={searchTerms}"

FF - prefs.js..browser.search.selectedEngine: "Softonic_France Customized Web Search"

FF - prefs.js..browser.search.suggest.enabled: false

FF - prefs.js..browser.search.useDBForOrder: true

FF - prefs.js..browser.startup.homepage: "http://www.wideo.fr/"

FF - prefs.js..extensions.enabledItems: smarterwiki@wikiatic.com:4.1.8

FF - prefs.js..extensions.enabledItems: {4daac69c-cba7-45e2-9bc8-1044483d3352}:3.2.4.0

FF - prefs.js..extensions.enabledItems: anttoolbar@ant.com:2.0.1

FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.8.1

FF - prefs.js..extensions.enabledItems: moovida@spointer.com:3.4.1545.153

FF - prefs.js..extensions.enabledItems: engine@conduit.com:3.2.4.0

FF - prefs.js..extensions.enabledItems: {ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}:1.3

FF - prefs.js..extensions.enabledItems: {6e84150a-d526-41f1-a480-a67d3fed910d}:1.4.5.1

FF - prefs.js..extensions.enabledItems: {6ec85fcf-87ad-41d7-ae1f-f116f8ad4848}:2.7.2.0

FF - prefs.js..keyword.URL: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2542115&q="

FF - prefs.js..network.proxy.type: 0

FF - prefs.js..sweetim.toolbar.previous.keyword.URL: "http://www.google.com/search?ie=UTF-8&oe=UTF-8&sourceid=navclient&gfns=1&q="

 

FF - HKLM\software\mozilla\Firefox\Extensions\\moovida@spointer.com: C:\Program Files (x86)\Fluendo\Moovida\spointer\extensions\moovida@spointer.com [2010/10/18 08:55:43 | 000,000,000 | ---D | M]

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010/11/30 17:04:15 | 000,000,000 | ---D | M]

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2010/11/30 17:04:15 | 000,000,000 | ---D | M]

 

[2010/10/23 19:39:16 | 000,000,000 | ---D | M] -- C:\Users\papibraco\AppData\Roaming\mozilla\Extensions

[2010/05/23 08:10:54 | 000,000,000 | ---D | M] (No name found) -- C:\Users\papibraco\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}

[2010/08/24 13:22:24 | 000,000,000 | ---D | M] -- C:\Users\papibraco\AppData\Roaming\mozilla\Extensions\celtx@celtx.com

[2010/05/15 18:25:44 | 000,000,000 | ---D | M] -- C:\Users\papibraco\AppData\Roaming\mozilla\Extensions\mozswing@mozswing.org

[2010/10/23 19:39:16 | 000,000,000 | ---D | M] -- C:\Users\papibraco\AppData\Roaming\mozilla\Extensions\songbird@songbirdnest.com

[2010/12/03 20:26:31 | 000,000,000 | ---D | M] -- C:\Users\papibraco\AppData\Roaming\mozilla\Firefox\Profiles\pp9dk57y.default\extensions

[2010/09/15 19:55:07 | 000,000,000 | ---D | M] (Radio Bar 1 Community Toolbar) -- C:\Users\papibraco\AppData\Roaming\mozilla\Firefox\Profiles\pp9dk57y.default\extensions\{0fc85f5d-6207-4515-a490-45a549d285c0}

[2010/09/07 16:44:55 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Users\papibraco\AppData\Roaming\mozilla\Firefox\Profiles\pp9dk57y.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}

[2010/11/22 08:58:37 | 000,000,000 | ---D | M] (Softonic_France Community Toolbar) -- C:\Users\papibraco\AppData\Roaming\mozilla\Firefox\Profiles\pp9dk57y.default\extensions\{4daac69c-cba7-45e2-9bc8-1044483d3352}

[2010/11/20 20:04:29 | 000,000,000 | ---D | M] (IE View) -- C:\Users\papibraco\AppData\Roaming\mozilla\Firefox\Profiles\pp9dk57y.default\extensions\{6e84150a-d526-41f1-a480-a67d3fed910d}

[2010/11/22 08:29:50 | 000,000,000 | ---D | M] (Avanquest FR Toolbar) -- C:\Users\papibraco\AppData\Roaming\mozilla\Firefox\Profiles\pp9dk57y.default\extensions\{6ec85fcf-87ad-41d7-ae1f-f116f8ad4848}

[2010/10/16 13:52:29 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\papibraco\AppData\Roaming\mozilla\Firefox\Profiles\pp9dk57y.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}

[2010/09/23 07:53:18 | 000,000,000 | ---D | M] (FoxTab) -- C:\Users\papibraco\AppData\Roaming\mozilla\Firefox\Profiles\pp9dk57y.default\extensions\{ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}

[2010/11/18 13:17:03 | 000,000,000 | ---D | M] -- C:\Users\papibraco\AppData\Roaming\mozilla\Firefox\Profiles\pp9dk57y.default\extensions\anttoolbar@ant.com

[2010/11/22 08:58:38 | 000,000,000 | ---D | M] -- C:\Users\papibraco\AppData\Roaming\mozilla\Firefox\Profiles\pp9dk57y.default\extensions\engine@conduit.com

[2010/11/10 16:53:45 | 000,000,000 | ---D | M] -- C:\Users\papibraco\AppData\Roaming\mozilla\Firefox\Profiles\pp9dk57y.default\extensions\smarterwiki@wikiatic.com

[2010/05/23 07:03:40 | 000,000,000 | ---D | M] -- C:\Users\papibraco\AppData\Roaming\mozilla\Firefox\Profiles\pp9dk57y.default\extensions\Squiggle@SR

[2010/11/17 20:18:15 | 000,001,820 | ---- | M] () -- C:\Users\papibraco\AppData\Roaming\Mozilla\FireFox\Profiles\pp9dk57y.default\searchplugins\bing.xml

[2010/11/17 18:05:58 | 000,000,933 | ---- | M] () -- C:\Users\papibraco\AppData\Roaming\Mozilla\FireFox\Profiles\pp9dk57y.default\searchplugins\conduit.xml

[2010/11/20 19:08:01 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Firefox\extensions

[2010/10/27 06:39:58 | 000,001,516 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\amazon-france.xml

[2010/10/27 06:39:58 | 000,001,822 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\cnrtl-tlfi-fr.xml

[2010/10/27 06:39:58 | 000,000,757 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\eBay-france.xml

[2010/10/27 06:39:58 | 000,001,426 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\wikipedia-fr.xml

[2010/10/27 06:39:58 | 000,000,956 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\yahoo-france.xml

 

O1 HOSTS File: ([2010/09/01 15:02:41 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts

O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)

O2:64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg64.dll (Google Inc.)

O2 - BHO: (Radio France Toolbar) - {1a2cd84f-2175-4ae8-bd60-ce0d04442b4f} - C:\Program Files (x86)\Radio_France\tbRad0.dll (Conduit Ltd.)

O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngin0.dll (Conduit Ltd.)

O2 - BHO: (Softonic_France Toolbar) - {4daac69c-cba7-45e2-9bc8-1044483d3352} - C:\Program Files (x86)\Softonic_France\tbSof0.dll (Conduit Ltd.)

O2 - BHO: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files (x86)\DVDVideoSoftTB\tbDVD0.dll (Conduit Ltd.)

O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)

O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll (Google Inc.)

O2 - BHO: (Foxit Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)

O2 - BHO: (Interest recogniser for Moovida (powered by Spointer)) - {E2A7BD67-0EAF-497f-B05B-748D7BF3C421} - C:\Program Files (x86)\Fluendo\Moovida\spointer\extensions\moovida_air_ie.dll (Moovida)

O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)

O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.

O3 - HKLM\..\Toolbar: (Radio France Toolbar) - {1a2cd84f-2175-4ae8-bd60-ce0d04442b4f} - C:\Program Files (x86)\Radio_France\tbRad0.dll (Conduit Ltd.)

O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)

O3 - HKLM\..\Toolbar: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngin0.dll (Conduit Ltd.)

O3 - HKLM\..\Toolbar: (Softonic_France Toolbar) - {4daac69c-cba7-45e2-9bc8-1044483d3352} - C:\Program Files (x86)\Softonic_France\tbSof0.dll (Conduit Ltd.)

O3 - HKLM\..\Toolbar: (Avanquest FR Toolbar) - {6ec85fcf-87ad-41d7-ae1f-f116f8ad4848} - C:\Program Files (x86)\Avanquest_FR\tbAva1.dll (Conduit Ltd.)

O3 - HKLM\..\Toolbar: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files (x86)\DVDVideoSoftTB\tbDVD0.dll (Conduit Ltd.)

O3 - HKLM\..\Toolbar: (Foxit Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)

O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.

O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {00000000-0000-0000-0000-000000000000} - No CLSID value found.

O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {0FC85F5D-6207-4515-A490-45A549D285C0} - No CLSID value found.

O3 - HKCU\..\Toolbar\WebBrowser: (Radio France Toolbar) - {1A2CD84F-2175-4AE8-BD60-CE0D04442B4F} - C:\Program Files (x86)\Radio_France\tbRad0.dll (Conduit Ltd.)

O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)

O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)

O3 - HKCU\..\Toolbar\WebBrowser: (Softonic_France Toolbar) - {4DAAC69C-CBA7-45E2-9BC8-1044483D3352} - C:\Program Files (x86)\Softonic_France\tbSof0.dll (Conduit Ltd.)

O3 - HKCU\..\Toolbar\WebBrowser: (Avanquest FR Toolbar) - {6EC85FCF-87AD-41D7-AE1F-F116F8AD4848} - C:\Program Files (x86)\Avanquest_FR\tbAva1.dll (Conduit Ltd.)

O3 - HKCU\..\Toolbar\WebBrowser: (DVDVideoSoftTB Toolbar) - {872B5B88-9DB5-4310-BDD0-AC189557E5F5} - C:\Program Files (x86)\DVDVideoSoftTB\tbDVD0.dll (Conduit Ltd.)

O3 - HKCU\..\Toolbar\WebBrowser: (Foxit Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)

O4 - HKLM..\Run: [ArcSoft Connection Service] C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.)

O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software)

O4 - HKLM..\Run: [Google Desktop Search] C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktop.exe (Google)

O4 - HKLM..\Run: [Net4Switch] C:\Program Files\ASUS\Net4Switch\Net4Switch.exe (ASUS)

O4 - HKLM..\Run: [TaskTray] C:\Program Files (x86)\Driver-Soft\DriverGenius\TaskTray.exe (Driver-Soft Inc.)

O4 - HKCU..\Run: [EasyFlirt Messenger] C:\Program Files (x86)\EasyFlirt Messenger\EasyFlirt Messenger.exe (2L Multimédia)

O4 - HKCU..\Run: [fsm] File not found

O4 - HKCU..\Run: [PCFix] C:\Program Files (x86)\PCFix\PCFix.exe (Dubai Click LLC)

O4 - HKCU..\Run: [PhilipsSongbirdLauncher] C:\Program Files (x86)\Philips\Philips Songbird\extensions\philips-autoplay@philips.com\application\PhilipsSongbirdLauncher.exe ()

O4 - HKCU..\Run: [PowerSuite] C:\Program Files (x86)\Uniblue\PowerSuite\launcher.exe (Uniblue Systems Limited)

O4 - HKCU..\Run: [software Informer] C:\Program Files (x86)\Software Informer\softinfo.exe (Informer Technologies, Inc.)

O4 - HKCU..\Run: [swg] C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3

O8:64bit: - Extra context menu item: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll (Google Inc.)

O8 - Extra context menu item: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll (Google Inc.)

O9 - Extra Button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - Reg Error: Key error. File not found

O9 - Extra 'Tools' menuitem : &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - Reg Error: Key error. File not found

O13 - gopher Prefix: missing

O13 - gopher Prefix: missing

O15 - HKCU\..Trusted Domains: audacity1.3 ([]* in Sites de confiance)

O15 - HKCU\..Trusted Domains: localhost ([]http in Intranet local)

O15 - HKCU\..Trusted Domains: m6vod.fr ([]http in Intranet local)

O15 - HKCU\..Trusted Domains: microsoft.com ([social.answers] http in Sites de confiance)

O15 - HKCU\..Trusted Domains: microsoft.com ([update] http in Sites de confiance)

O15 - HKCU\..Trusted Domains: microsoft.com ([windowsupdate] http in Sites de confiance)

O15 - HKCU\..Trusted Domains: pcastuces.com ([www] http in Sites de confiance)

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)

O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)

O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Value error.)

O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} https://secure.logmein.com/activex/ractrl.cab?lmi=100 (Performance Viewer Activex Control)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 192.168.1.1

O20 - AppInit_DLLs: (c:\progra~2\google\google~3\go36f4~1.dll) - c:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)

O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found

O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found

O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.

O22:64bit: - SharedTaskScheduler: {1984DD45-52CF-49cd-AB77-18F378FEA264} - FencesShellExt - Reg Error: Value error. File not found

O30:64bit: - LSA: Authentication Packages - (ows\w) - File not found

O30 - LSA: Authentication Packages - (ows\w) - File not found

O32 - HKLM CDRom: AutoRun - 1

O34 - HKLM BootExecute: (autocheck autochk *) - File not found

O35:64bit: - HKLM\..comfile [open] -- "%1" %*

O35:64bit: - HKLM\..exefile [open] -- "%1" %*

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*

O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

 

 

Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)

Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)

Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)

 

CREATERESTOREPOINT

Restore point Set: OTL Restore Point

 

========== Files/Folders - Created Within 30 Days ==========

 

[2010/12/03 19:14:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ESET

[2010/12/01 15:10:32 | 000,000,000 | ---D | C] -- C:\Users\papibraco\AppData\Local\Apple Computer

[2010/12/01 11:33:46 | 000,000,000 | ---D | C] -- C:\Users\papibraco\AppData\Local\ArcSoft

[2010/12/01 11:33:46 | 000,000,000 | ---D | C] -- C:\ProgramData\ArcSoft

[2010/12/01 11:33:17 | 000,022,784 | ---- | C] (Arcsoft, Inc.) -- C:\Windows\SysWow64\drivers\afc.sys

[2010/12/01 11:33:16 | 000,245,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\unicows.dll

[2010/12/01 11:32:05 | 000,348,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msvcr71.dll

[2010/12/01 11:32:04 | 000,499,712 | R--- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msvcp71.dll

[2010/12/01 11:31:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\ArcSoft

[2010/12/01 11:31:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ArcSoft

[2010/12/01 11:31:11 | 000,000,000 | ---D | C] -- C:\Users\papibraco\AppData\Roaming\ArcSoft

[2010/11/30 17:03:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\QuickTime

[2010/11/30 17:03:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer

[2010/11/30 11:33:36 | 000,116,752 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\SysNative\drivers\AtihdW76.sys

[2010/11/29 18:08:55 | 000,000,000 | ---D | C] -- C:\Users\papibraco\AppData\Roaming\Malwarebytes

[2010/11/29 18:08:46 | 000,024,152 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys

[2010/11/29 18:08:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware

[2010/11/29 18:08:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes

[2010/11/28 14:14:06 | 000,000,000 | ---D | C] -- C:\Users\papibraco\AppData\Roaming\PCFix

[2010/11/28 14:14:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PCFix

[2010/11/27 15:15:28 | 000,000,000 | ---D | C] -- C:\Users\papibraco\AppData\Local\PeerTV

[2010/11/27 15:14:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PeerTV2

[2010/11/27 11:13:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Pinnacle

[2010/11/27 11:13:00 | 000,000,000 | ---D | C] -- C:\Users\papibraco\AppData\Local\Downloaded Installations

[2010/11/26 18:36:40 | 000,000,000 | ---D | C] -- C:\Program Files\GreenPrint

[2010/11/26 11:52:45 | 000,000,000 | ---D | C] -- C:\Users\papibraco\AppData\Roaming\Simple Sudoku

[2010/11/26 11:52:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Simple Sudoku

[2010/11/25 11:37:48 | 000,000,000 | ---D | C] -- C:\Users\papibraco\AppData\Roaming\ Preferences Gifour

[2010/11/23 18:05:36 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\catroot2

[2010/11/23 17:55:46 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution

[2010/11/23 16:49:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Installer Clean Up

[2010/11/23 16:48:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSECACHE

[2010/11/22 19:28:25 | 000,000,000 | ---D | C] -- C:\Users\papibraco\AppData\Roaming\Stardock

[2010/11/22 19:28:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Stardock

[2010/11/22 09:49:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Wise Installation Wizard

[2010/11/22 08:32:05 | 000,000,000 | ---D | C] -- C:\Users\papibraco\Documents\DriverGenius

[2010/11/22 08:30:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Driver-Soft

[2010/11/20 19:07:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox

[2010/11/20 18:49:11 | 000,000,000 | ---D | C] -- C:\Program Files\7-Zip

[2010/11/16 10:13:13 | 000,000,000 | -H-D | C] -- C:\ProgramData\{6DAA3B20-D487-4FA2-81D5-50404CCB868D}

[2010/11/15 19:58:22 | 000,000,000 | R--D | C] -- C:\Users\papibraco\Downloads

[2010/11/15 19:49:27 | 001,289,576 | ---- | C] (Microsoft Corporation) -- C:\Users\papibraco\Desktop\wlsetup-web.exe

[2010/11/14 19:06:02 | 000,000,000 | R--D | C] -- C:\Users\papibraco\Videos

[2010/11/14 18:27:48 | 000,000,000 | ---D | C] -- C:\Users\papibraco\Documents\TELECHARGEMENTS

[2010/11/14 11:54:19 | 000,000,000 | ---D | C] -- C:\Users\papibraco\Documents\MODELES COURRIER

[2010/11/14 11:52:44 | 000,000,000 | ---D | C] -- C:\Users\papibraco\Documents\LIVRE 1

[2010/11/13 14:26:31 | 000,000,000 | ---D | C] -- C:\Users\papibraco\AppData\Roaming\aignes

[2010/11/13 14:21:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AM-DeadLink

[2010/11/11 20:11:00 | 000,000,000 | ---D | C] -- C:\Users\papibraco\AppData\Roaming\VSRevoGroup

[2010/11/11 19:30:11 | 000,000,000 | ---D | C] -- C:\Users\papibraco\AppData\Roaming\Artweaver

[2010/11/11 19:30:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Artweaver 1.0

[2010/11/11 19:30:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Artweaver

[2010/11/11 16:20:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\GIMP 2

[2010/11/08 19:18:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MyPaint

[2010/11/07 19:38:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\EasyFlirt Messenger

[2010/11/07 17:16:28 | 000,048,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fssfltr.sys

[2010/11/07 17:16:17 | 000,000,000 | -HSD | C] -- C:\Config.Msi

[2010/06/21 13:35:21 | 002,734,688 | ---- | C] (Conduit Ltd.) -- C:\Program Files (x86)\tbRadi.dll

[8 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]

[8 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]

[1 C:\*.tmp files -> C:\*.tmp -> ]

 

========== Files - Modified Within 30 Days ==========

 

[2010/12/03 23:05:00 | 000,001,072 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

[2010/12/03 22:48:00 | 000,001,092 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-618206465-3547882854-4284674349-1000UA.job

[2010/12/03 22:15:21 | 000,002,375 | ---- | M] () -- C:\Users\papibraco\Documents\scan-eset

[2010/12/03 22:13:38 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat

[2010/12/03 19:58:21 | 000,001,014 | ---- | M] () -- C:\Windows\tasks\Google Software Updater.job

[2010/12/03 19:13:36 | 000,010,240 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

[2010/12/03 19:13:36 | 000,010,240 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

[2010/12/03 19:05:46 | 000,000,352 | ---- | M] () -- C:\Windows\tasks\RegistryBooster.job

[2010/12/03 19:05:44 | 000,001,068 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job

[2010/12/03 19:05:44 | 000,000,402 | ---- | M] () -- C:\Windows\tasks\AWC Startup.job

[2010/12/03 19:05:44 | 000,000,390 | ---- | M] () -- C:\Windows\tasks\Registry Reviver64-papibraco-Startup.job

[2010/12/03 19:05:44 | 000,000,352 | ---- | M] () -- C:\Windows\tasks\Registry_Doktor.job

[2010/12/03 19:05:04 | 3105,263,616 | -HS- | M] () -- C:\hiberfil.sys

[2010/12/03 14:48:00 | 000,001,040 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-618206465-3547882854-4284674349-1000Core.job

[2010/12/01 17:54:44 | 000,001,019 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk

[2010/12/01 11:36:29 | 000,001,727 | ---- | M] () -- C:\Windows\SysNative\ServiceFilter.ini

[2010/12/01 11:36:23 | 000,002,680 | ---- | M] () -- C:\Windows\SysNative\AutoRunFilter.ini

[2010/12/01 11:33:09 | 000,002,137 | ---- | M] () -- C:\Users\Public\Desktop\Media Impression.lnk

[2010/11/30 17:04:07 | 000,001,847 | ---- | M] () -- C:\Users\Public\Desktop\QuickTime Player.lnk

[2010/11/30 12:05:30 | 000,000,824 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\tmvsthfud.bin

[2010/11/30 12:05:00 | 000,000,824 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\tmvsthfss.bin

[2010/11/30 11:33:36 | 000,116,752 | ---- | M] (ATI Technologies, Inc.) -- C:\Windows\SysNative\drivers\AtihdW76.sys

[2010/11/29 19:57:37 | 000,000,134 | ---- | M] () -- C:\Users\papibraco\Desktop\Internet Explorer Troubleshooting.url

[2010/11/29 19:34:28 | 000,004,624 | ---- | M] () -- C:\Users\papibraco\Documents\mbam-log-2010-11-29 (19-31-18).docx

[2010/11/29 17:42:26 | 000,001,735 | ---- | M] () -- C:\Users\papibraco\Desktop\7-Zip - Raccourci.lnk

[2010/11/29 17:42:06 | 000,024,152 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys

[2010/11/29 17:37:39 | 000,001,239 | ---- | M] () -- C:\Users\papibraco\Desktop\Care for your computer.lnk

[2010/11/29 17:37:19 | 000,001,056 | ---- | M] () -- C:\Users\papibraco\Desktop\Audacity 1.3 Beta (Unicode) (2).lnk

[2010/11/29 17:35:50 | 000,001,876 | ---- | M] () -- C:\Users\papibraco\Desktop\DriverGenius - Raccourci.lnk

[2010/11/29 17:31:21 | 000,483,432 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT

[2010/11/28 14:14:02 | 000,000,931 | ---- | M] () -- C:\Users\papibraco\Application Data\Microsoft\Internet Explorer\Quick Launch\PC Fix 2010.lnk

[2010/11/28 14:14:02 | 000,000,907 | ---- | M] () -- C:\Users\Public\Desktop\PC Fix 2010.lnk

[2010/11/27 15:14:55 | 000,002,535 | ---- | M] () -- C:\Users\Public\Desktop\PeerTV2.lnk

[2010/11/27 14:51:01 | 001,056,658 | ---- | M] () -- C:\Users\papibraco\Documents\PAPIBRACO-PC_right.html

[2010/11/27 14:51:01 | 000,216,459 | ---- | M] () -- C:\Users\papibraco\Documents\PAPIBRACO-PC_left.html

[2010/11/27 14:51:01 | 000,000,833 | ---- | M] () -- C:\Users\papibraco\Documents\PAPIBRACO-PC.html

[2010/11/23 18:10:23 | 007,707,690 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI

[2010/11/23 18:10:23 | 000,745,518 | ---- | M] () -- C:\Windows\SysNative\perfh00C.dat

[2010/11/23 18:10:23 | 000,735,312 | ---- | M] () -- C:\Windows\SysNative\perfh00A.dat

[2010/11/23 18:10:23 | 000,733,182 | ---- | M] () -- C:\Windows\SysNative\perfh013.dat

[2010/11/23 18:10:23 | 000,730,004 | ---- | M] () -- C:\Windows\SysNative\perfh010.dat

[2010/11/23 18:10:23 | 000,719,004 | ---- | M] () -- C:\Windows\SysNative\prfh0816.dat

[2010/11/23 18:10:23 | 000,686,752 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat

[2010/11/23 18:10:23 | 000,652,360 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat

[2010/11/23 18:10:23 | 000,596,688 | ---- | M] () -- C:\Windows\SysNative\perfh008.dat

[2010/11/23 18:10:23 | 000,399,670 | ---- | M] () -- C:\Windows\SysNative\prfh0404.dat

[2010/11/23 18:10:23 | 000,382,796 | ---- | M] () -- C:\Windows\SysNative\perfh00D.dat

[2010/11/23 18:10:23 | 000,157,422 | ---- | M] () -- C:\Windows\SysNative\perfc00A.dat

[2010/11/23 18:10:23 | 000,152,014 | ---- | M] () -- C:\Windows\SysNative\perfc013.dat

[2010/11/23 18:10:23 | 000,151,986 | ---- | M] () -- C:\Windows\SysNative\prfc0816.dat

[2010/11/23 18:10:23 | 000,149,004 | ---- | M] () -- C:\Windows\SysNative\perfc00C.dat

[2010/11/23 18:10:23 | 000,147,880 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat

[2010/11/23 18:10:23 | 000,145,886 | ---- | M] () -- C:\Windows\SysNative\perfc010.dat

[2010/11/23 18:10:23 | 000,121,292 | ---- | M] () -- C:\Windows\SysNative\prfc0404.dat

[2010/11/23 18:10:23 | 000,121,292 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat

[2010/11/23 18:10:23 | 000,110,090 | ---- | M] () -- C:\Windows\SysNative\perfc008.dat

[2010/11/23 18:10:23 | 000,083,998 | ---- | M] () -- C:\Windows\SysNative\perfc00D.dat

[2010/11/22 09:48:44 | 000,001,113 | ---- | M] () -- C:\Users\papibraco\Desktop\Driver Genius Professional Edition.lnk

[2010/11/21 20:31:53 | 000,000,204 | ---- | M] () -- C:\Users\papibraco\Application Data\Microsoft\Internet Explorer\Quick Launch\eBay.url

[2010/11/21 20:31:45 | 000,001,256 | ---- | M] () -- C:\Users\papibraco\Application Data\Microsoft\Internet Explorer\Quick Launch\Foxit Reader.lnk

[2010/11/21 20:31:45 | 000,001,232 | ---- | M] () -- C:\Users\Public\Desktop\Foxit Reader.lnk

[2010/11/20 19:08:03 | 000,001,965 | ---- | M] () -- C:\Users\papibraco\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk

[2010/11/20 19:08:03 | 000,001,941 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk

[2010/11/17 20:09:12 | 000,002,115 | ---- | M] () -- C:\Users\papibraco\Application Data\Microsoft\Internet Explorer\Quick Launch\EasyFlirt Messenger.lnk

[2010/11/17 09:55:43 | 000,002,016 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk

[2010/11/16 14:34:42 | 007,559,902 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI

[2010/11/16 10:13:18 | 000,001,038 | ---- | M] () -- C:\Users\papibraco\Application Data\Microsoft\Internet Explorer\Quick Launch\Uniblue RegistryBooster.lnk

[2010/11/16 10:13:18 | 000,001,014 | ---- | M] () -- C:\Users\Public\Desktop\Uniblue RegistryBooster.lnk

[2010/11/15 19:49:33 | 001,289,576 | ---- | M] (Microsoft Corporation) -- C:\Users\papibraco\Desktop\wlsetup-web.exe

[2010/11/15 19:48:57 | 000,293,208 | ---- | M] () -- C:\Users\papibraco\Documents\SoftonicDownloader_pour_windows-live-messenger.exe

[2010/11/14 18:49:51 | 000,002,192 | ---- | M] () -- C:\Users\papibraco\Desktop\Screenpresso.lnk

[2010/11/14 18:49:17 | 000,001,322 | ---- | M] () -- C:\Users\papibraco\Desktop\Wordpad.lnk

[2010/11/14 18:48:59 | 000,001,230 | ---- | M] () -- C:\Users\papibraco\Desktop\Calculator.lnk

[2010/11/14 18:42:04 | 000,002,246 | ---- | M] () -- C:\Users\papibraco\Desktop\OpenOffice.org 3.2 - Raccourci.lnk

[2010/11/14 18:40:23 | 000,001,766 | ---- | M] () -- C:\Users\papibraco\Desktop\Picasa 3 - Raccourci.lnk

[2010/11/14 18:36:59 | 000,001,056 | ---- | M] () -- C:\Users\papibraco\Desktop\Audacity 1.3 Beta (Unicode).lnk

[2010/11/11 19:30:04 | 000,001,001 | ---- | M] () -- C:\Users\papibraco\Application Data\Microsoft\Internet Explorer\Quick Launch\Artweaver 1.0.lnk

[2010/11/11 19:30:04 | 000,000,977 | ---- | M] () -- C:\Users\Public\Desktop\Artweaver 1.0.lnk

[2010/11/08 09:50:34 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf

[2010/11/06 10:38:17 | 000,002,286 | ---- | M] () -- C:\Users\Public\Desktop\Google Earth.lnk

[8 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]

[8 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]

[1 C:\*.tmp files -> C:\*.tmp -> ]

 

========== Files Created - No Company Name ==========

 

[2010/12/03 22:15:21 | 000,002,375 | ---- | C] () -- C:\Users\papibraco\Documents\scan-eset

[2010/12/01 17:54:44 | 000,001,019 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk

[2010/12/01 11:33:09 | 000,002,137 | ---- | C] () -- C:\Users\Public\Desktop\Media Impression.lnk

[2010/11/30 17:04:07 | 000,001,847 | ---- | C] () -- C:\Users\Public\Desktop\QuickTime Player.lnk

[2010/11/29 19:57:37 | 000,000,134 | ---- | C] () -- C:\Users\papibraco\Desktop\Internet Explorer Troubleshooting.url

[2010/11/29 19:34:28 | 000,004,624 | ---- | C] () -- C:\Users\papibraco\Documents\mbam-log-2010-11-29 (19-31-18).docx

[2010/11/29 17:42:26 | 000,001,735 | ---- | C] () -- C:\Users\papibraco\Desktop\7-Zip - Raccourci.lnk

[2010/11/29 17:37:39 | 000,001,239 | ---- | C] () -- C:\Users\papibraco\Desktop\Care for your computer.lnk

[2010/11/29 17:37:19 | 000,001,056 | ---- | C] () -- C:\Users\papibraco\Desktop\Audacity 1.3 Beta (Unicode) (2).lnk

[2010/11/29 17:35:50 | 000,001,876 | ---- | C] () -- C:\Users\papibraco\Desktop\DriverGenius - Raccourci.lnk

[2010/11/28 14:14:02 | 000,000,931 | ---- | C] () -- C:\Users\papibraco\Application Data\Microsoft\Internet Explorer\Quick Launch\PC Fix 2010.lnk

[2010/11/28 14:14:02 | 000,000,907 | ---- | C] () -- C:\Users\Public\Desktop\PC Fix 2010.lnk

[2010/11/27 15:14:55 | 000,002,535 | ---- | C] () -- C:\Users\Public\Desktop\PeerTV2.lnk

[2010/11/27 14:51:01 | 001,056,658 | ---- | C] () -- C:\Users\papibraco\Documents\PAPIBRACO-PC_right.html

[2010/11/27 14:51:01 | 000,216,459 | ---- | C] () -- C:\Users\papibraco\Documents\PAPIBRACO-PC_left.html

[2010/11/27 14:51:01 | 000,000,833 | ---- | C] () -- C:\Users\papibraco\Documents\PAPIBRACO-PC.html

[2010/11/22 08:30:09 | 000,001,113 | ---- | C] () -- C:\Users\papibraco\Desktop\Driver Genius Professional Edition.lnk

[2010/11/20 19:08:03 | 000,001,965 | ---- | C] () -- C:\Users\papibraco\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk

[2010/11/20 19:08:03 | 000,001,941 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk

[2010/11/16 10:13:20 | 000,000,352 | ---- | C] () -- C:\Windows\tasks\RegistryBooster.job

[2010/11/16 10:13:12 | 000,001,038 | ---- | C] () -- C:\Users\papibraco\Application Data\Microsoft\Internet Explorer\Quick Launch\Uniblue RegistryBooster.lnk

[2010/11/16 10:13:12 | 000,001,014 | ---- | C] () -- C:\Users\Public\Desktop\Uniblue RegistryBooster.lnk

[2010/11/15 19:49:01 | 000,293,208 | ---- | C] () -- C:\Users\papibraco\Documents\SoftonicDownloader_pour_windows-live-messenger.exe

[2010/11/14 18:49:51 | 000,002,192 | ---- | C] () -- C:\Users\papibraco\Desktop\Screenpresso.lnk

[2010/11/14 18:49:17 | 000,001,322 | ---- | C] () -- C:\Users\papibraco\Desktop\Wordpad.lnk

[2010/11/14 18:48:59 | 000,001,230 | ---- | C] () -- C:\Users\papibraco\Desktop\Calculator.lnk

[2010/11/14 18:42:04 | 000,002,246 | ---- | C] () -- C:\Users\papibraco\Desktop\OpenOffice.org 3.2 - Raccourci.lnk

[2010/11/14 18:40:23 | 000,001,766 | ---- | C] () -- C:\Users\papibraco\Desktop\Picasa 3 - Raccourci.lnk

[2010/11/14 18:36:59 | 000,001,056 | ---- | C] () -- C:\Users\papibraco\Desktop\Audacity 1.3 Beta (Unicode).lnk

[2010/11/11 19:30:04 | 000,001,001 | ---- | C] () -- C:\Users\papibraco\Application Data\Microsoft\Internet Explorer\Quick Launch\Artweaver 1.0.lnk

[2010/11/11 19:30:04 | 000,000,977 | ---- | C] () -- C:\Users\Public\Desktop\Artweaver 1.0.lnk

[2010/11/08 09:50:34 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf

[2010/11/07 19:38:08 | 000,002,115 | ---- | C] () -- C:\Users\papibraco\Application Data\Microsoft\Internet Explorer\Quick Launch\EasyFlirt Messenger.lnk

[2010/11/06 10:38:17 | 000,002,286 | ---- | C] () -- C:\Users\Public\Desktop\Google Earth.lnk

[2010/08/22 11:58:35 | 007,559,902 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI

[2010/06/21 14:22:59 | 000,162,304 | ---- | C] () -- C:\Windows\SysWow64\ztvunrar36.dll

[2010/06/21 14:22:59 | 000,153,088 | ---- | C] () -- C:\Windows\SysWow64\UNRAR3.dll

[2010/06/21 14:22:59 | 000,077,312 | ---- | C] () -- C:\Windows\SysWow64\ztvunace26.dll

[2010/06/21 14:22:59 | 000,075,264 | ---- | C] () -- C:\Windows\SysWow64\unacev2.dll

[2010/06/21 13:35:21 | 000,153,088 | ---- | C] () -- C:\Program Files (x86)\UNWISE.EXE

[2010/06/21 13:35:21 | 000,008,338 | ---- | C] () -- C:\Program Files (x86)\INSTALL.LOG

[2010/05/02 18:40:04 | 000,001,208 | ---- | C] () -- C:\Windows\Radio_Fr.ini

[2010/03/14 14:49:24 | 000,003,584 | ---- | C] () -- C:\Users\papibraco\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2010/02/16 22:28:34 | 000,000,024 | ---- | C] () -- C:\Windows\ATKPF.ini

[2010/01/25 11:58:06 | 000,462,848 | ---- | C] () -- C:\Windows\SysWow64\ractrlkeyhook.dll

[2010/01/25 07:19:58 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\LogonStart.dll

[2010/01/25 06:57:55 | 000,131,368 | ---- | C] () -- C:\ProgramData\FullRemove.exe

[2010/01/25 06:48:47 | 000,000,105 | ---- | C] () -- C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log

[2010/01/25 06:48:22 | 000,000,107 | ---- | C] () -- C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log

[2009/12/08 08:39:40 | 000,005,430 | ---- | C] () -- C:\Users\papibraco\AppData\Roaming\Untitled-32.ico

[2009/10/28 04:08:55 | 000,002,107 | ---- | C] () -- C:\Windows\SysWow64\GUCI_AVS.ini

[2009/09/27 14:02:18 | 000,104,018 | ---- | C] () -- C:\Users\papibraco\AppData\Roaming\PremeSplashScreen.jpg

[2009/08/19 09:33:09 | 000,000,035 | ---- | C] () -- C:\Windows\OOBEPlayer.ini

[2009/07/29 06:20:40 | 000,000,010 | ---- | C] () -- C:\Windows\SysWow64\ABLKSR.ini

[2009/07/14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll

[2009/07/13 22:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll

[2009/01/10 09:17:25 | 000,000,641 | ---- | C] () -- C:\Windows\Remover.ini

 

========== Custom Scans ==========

 

 

Invalid Environment Variable: SYSTEMDRIVE

 

< % Systemroot% \ *. / Mp / s >

Invalid Switch: s

 

 

< HKEY_LOCAL_MACHINE \ SOFTWARE \ Policies \ Microsoft \ Windows \ WindowsUpdate \ UA >

 

< HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ CurrentVersion \ WindowsUpdate \ Auto Update \ Résultats \ Install | LastSuccessTime / rs >

Invalid Switch: rs

 

 

< End of report >

[papibraco]

et voici le 4éme rapport checkup-txtOTL logfile created on: 03/12/2010 23:06:02 - Run 1

OTL by OldTimer - Version 3.2.17.3 Folder = C:\Users\papibraco\Downloads

64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation

Internet Explorer (Version = 8.0.7600.16385)

Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy

 

4,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 51,00% Memory free

10,00 Gb Paging File | 8,00 Gb Available in Paging File | 80,00% Paging File free

Paging file location(s): C:\pagefile.sys 5922 5922 [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)

Drive C: | 116,44 Gb Total Space | 76,10 Gb Free Space | 65,36% Space Free | Partition Type: NTFS

Drive D: | 334,67 Gb Total Space | 301,54 Gb Free Space | 90,10% Space Free | Partition Type: NTFS

 

Computer Name: PAPIBRACO-PC | User Name: papibraco | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

 

========== Processes (SafeList) ==========

 

PRC - [2010/12/03 18:59:33 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\papibraco\Downloads\OTL.exe

PRC - [2010/12/01 00:02:35 | 000,991,800 | ---- | M] (Google Inc.) -- C:\Users\papibraco\AppData\Local\Google\Chrome\Application\chrome.exe

PRC - [2010/10/27 19:17:52 | 000,207,424 | ---- | M] (ArcSoft Inc.) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe

PRC - [2010/10/27 07:15:43 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe

PRC - [2010/10/27 07:15:43 | 000,016,856 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe

PRC - [2010/09/28 20:33:02 | 002,407,632 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\Advanced SystemCare 3\AWC.exe

PRC - [2010/09/15 20:39:19 | 000,030,192 | ---- | M] (Google) -- C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktop.exe

PRC - [2010/09/07 16:12:02 | 002,838,912 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe

PRC - [2010/09/07 16:11:59 | 000,040,384 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe

PRC - [2010/08/25 11:27:44 | 000,309,824 | ---- | M] (ArcSoft Inc.) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac

PRC - [2010/08/19 13:24:04 | 001,281,696 | ---- | M] (Moovida) -- C:\Program Files (x86)\Fluendo\Moovida\spointer\moovida_air.exe

PRC - [2010/07/29 22:32:58 | 000,284,016 | ---- | M] (Driver-Soft Inc.) -- C:\Program Files (x86)\Driver-Soft\DriverGenius\TaskTray.exe

PRC - [2010/06/28 21:37:24 | 002,322,501 | ---- | M] (Informer Technologies, Inc.) -- C:\Program Files (x86)\Software Informer\softinfo.exe

PRC - [2010/03/18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe

PRC - [2010/02/17 22:47:21 | 000,039,408 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

PRC - [2010/01/25 07:19:41 | 003,054,136 | ---- | M] (ASUS) -- C:\Windows\AsScrPro.exe

PRC - [2009/11/12 19:10:06 | 001,597,440 | ---- | M] () -- C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe

PRC - [2009/11/10 04:20:36 | 000,096,896 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe

PRC - [2009/11/02 23:21:26 | 000,103,720 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe

PRC - [2009/10/26 19:10:42 | 000,174,720 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe

PRC - [2009/10/01 04:34:22 | 002,314,240 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

PRC - [2009/10/01 04:33:08 | 000,262,144 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

PRC - [2009/09/24 22:50:02 | 000,053,888 | ---- | M] () -- C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe

PRC - [2009/08/19 16:08:04 | 000,879,616 | ---- | M] (2L Multimédia) -- C:\Program Files (x86)\EasyFlirt Messenger\EasyFlirt Messenger.exe

PRC - [2009/06/24 12:30:18 | 000,272,952 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe

PRC - [2009/06/19 19:29:26 | 002,488,888 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe

PRC - [2009/06/16 02:30:42 | 000,084,536 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe

PRC - [2009/05/19 00:58:38 | 000,305,720 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe

PRC - [2008/12/23 02:15:34 | 000,174,648 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe

PRC - [2008/03/31 02:55:48 | 000,225,280 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe

PRC - [2007/11/30 20:20:44 | 000,051,768 | ---- | M] () -- C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe

PRC - [2007/11/20 13:50:36 | 001,145,400 | ---- | M] (ASUS) -- C:\Program Files\ASUS\Net4Switch\Net4Switch.exe

PRC - [2007/08/03 12:24:54 | 000,125,496 | ---- | M] () -- C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe

 

 

========== Modules (SafeList) ==========

 

MOD - [2010/12/03 18:59:33 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\papibraco\Downloads\OTL.exe

MOD - [2009/07/14 02:09:00 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\normaliz.dll

MOD - [2009/07/14 02:03:50 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll

 

 

========== Win32 Services (SafeList) ==========

 

SRV:64bit: - [2010/10/13 22:09:36 | 000,540,200 | ---- | M] (GreenPrint Technologies LLC.) [Auto | Running] -- C:\Program Files\GreenPrint\GPSRHT01.exe -- (GreenPrint)

SRV:64bit: - [2010/09/07 16:11:59 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Web Scanner)

SRV:64bit: - [2010/09/07 16:11:59 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Mail Scanner)

SRV:64bit: - [2010/09/07 16:11:59 | 000,040,384 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)

SRV:64bit: - [2009/11/27 04:39:45 | 000,243,712 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_38986e29a8b510a2\stacsv64.exe -- (STacSV)

SRV:64bit: - [2009/11/11 09:29:13 | 000,202,752 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)

SRV:64bit: - [2009/09/17 20:36:34 | 000,359,552 | ---- | M] (ASUSTeK Computer Inc.) [Auto | Running] -- C:\Windows\SysNative\FBAgent.exe -- (AFBAgent)

SRV:64bit: - [2009/08/03 01:54:14 | 000,864,032 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins)

SRV:64bit: - [2009/07/14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)

SRV:64bit: - [2007/08/03 12:24:54 | 000,125,496 | ---- | M] () [On_Demand | Running] -- C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe -- (spmgr)

SRV - [2010/09/23 15:45:06 | 000,373,640 | ---- | M] (LogMeIn, Inc.) [Auto | Stopped] -- C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe -- (LMIGuardianSvc)

SRV - [2010/09/15 20:39:19 | 000,030,192 | ---- | M] (Google) [On_Demand | Stopped] -- C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktop.exe -- (GoogleDesktopManager-051210-111108)

SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)

SRV - [2010/03/18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)

SRV - [2009/11/10 04:20:36 | 000,096,896 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe -- (ATKGFNEXSrv)

SRV - [2009/10/01 04:34:22 | 002,314,240 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS) Intel®

SRV - [2009/10/01 04:33:08 | 000,262,144 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS) Intel®

SRV - [2009/06/16 02:30:42 | 000,084,536 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe -- (ASLDRService)

SRV - [2009/06/10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)

SRV - [2008/03/31 02:55:48 | 000,225,280 | ---- | M] (ASUSTek Computer Inc.) [On_Demand | Running] -- C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe -- (ADSMService)

 

 

========== Driver Services (SafeList) ==========

 

DRV:64bit: - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\lmimirr.sys -- (lmimirr)

DRV:64bit: - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\ipswuio.sys -- (ipswuio)

DRV:64bit: - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\GEARAspiWDM.sys -- (GEARAspiWDM)

DRV:64bit: - [2010/11/30 11:33:36 | 000,116,752 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)

DRV:64bit: - [2010/10/30 10:48:56 | 000,070,768 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\l1c51x64.sys -- (L1C)

DRV:64bit: - [2010/09/23 00:36:48 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)

DRV:64bit: - [2010/09/07 15:47:33 | 000,061,008 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)

DRV:64bit: - [2010/09/01 15:34:43 | 000,125,456 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService)

DRV:64bit: - [2010/09/01 15:32:36 | 001,584,640 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)

DRV:64bit: - [2009/11/27 04:39:45 | 000,505,344 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA)

DRV:64bit: - [2009/11/11 10:02:11 | 006,104,576 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)

DRV:64bit: - [2009/10/29 07:54:29 | 000,692,736 | ---- | M] (PixArt Imaging Incorporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GUCI_AVS.sys -- (GUCI_AVS)

DRV:64bit: - [2009/10/15 10:23:19 | 000,117,760 | ---- | M] (ELAN Microelectronic Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ETD.sys -- (ETD)

DRV:64bit: - [2009/09/17 21:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64) Intel®

DRV:64bit: - [2009/08/06 22:24:13 | 000,408,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)

DRV:64bit: - [2009/07/20 10:29:39 | 000,015,416 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kbfiltr.sys -- (kbfiltr)

DRV:64bit: - [2009/07/14 02:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)

DRV:64bit: - [2009/07/14 02:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)

DRV:64bit: - [2009/07/14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)

DRV:64bit: - [2009/07/14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)

DRV:64bit: - [2009/07/14 02:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)

DRV:64bit: - [2009/07/14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)

DRV:64bit: - [2009/07/01 05:46:57 | 000,052,264 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btusbflt.sys -- (btusbflt)

DRV:64bit: - [2009/07/01 05:46:51 | 000,098,344 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio)

DRV:64bit: - [2009/07/01 05:46:47 | 000,132,648 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt)

DRV:64bit: - [2009/07/01 05:46:39 | 000,021,160 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid)

DRV:64bit: - [2009/06/10 21:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs)

DRV:64bit: - [2009/06/10 21:35:57 | 000,056,832 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SiSG664.sys -- (SiSGbeLH)

DRV:64bit: - [2009/06/10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)

DRV:64bit: - [2009/06/10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)

DRV:64bit: - [2009/06/10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)

DRV:64bit: - [2009/06/10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)

DRV:64bit: - [2009/05/13 18:07:20 | 000,015,928 | ---- | M] (ASUS) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ATK64AMD.sys -- (MTsensor)

DRV:64bit: - [2009/04/07 08:33:07 | 000,035,104 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwl2cap.sys -- (btwl2cap)

DRV:64bit: - [2008/05/24 02:27:28 | 000,154,168 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr)

DRV:64bit: - [2007/08/03 05:26:48 | 000,017,464 | ---- | M] () [Kernel | Auto | Running] -- C:\Program Files\ASUS\NB Probe\SPM\ghaio.sys -- (ghaio)

DRV - [2010/02/12 22:44:56 | 000,015,664 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)

DRV - [2009/07/03 02:36:14 | 000,015,416 | ---- | M] (ASUS) [Kernel | Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys -- (ASMMAP64)

 

 

========== Standard Registry (SafeList) ==========

 

 

========== Internet Explorer ==========

 

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL =     

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL =     

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =     

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Google

IE - HKLM\..\URLSearchHook: {1a2cd84f-2175-4ae8-bd60-ce0d04442b4f} - C:\Program Files (x86)\Radio_France\tbRad0.dll (Conduit Ltd.)

IE - HKLM\..\URLSearchHook: {4daac69c-cba7-45e2-9bc8-1044483d3352} - C:\Program Files (x86)\Softonic_France\tbSof0.dll (Conduit Ltd.)

IE - HKLM\..\URLSearchHook: {6ec85fcf-87ad-41d7-ae1f-f116f8ad4848} - C:\Program Files (x86)\Avanquest_FR\tbAva1.dll (Conduit Ltd.)

IE - HKLM\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files (x86)\DVDVideoSoftTB\tbDVD0.dll (Conduit Ltd.)

 

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =     

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Nos coups de coeur : fonds d'écran, photos, dessins préférés ! - Hebus.com

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = MSN : Hotmail, Messenger, Bing, Actualité et Sport

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = fr-FR

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = Google Toolbar

IE - HKCU\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)

IE - HKCU\..\URLSearchHook: {1a2cd84f-2175-4ae8-bd60-ce0d04442b4f} - C:\Program Files (x86)\Radio_France\tbRad0.dll (Conduit Ltd.)

IE - HKCU\..\URLSearchHook: {7e271d5d-8e55-44be-ba10-514e2533c42e} - Reg Error: Key error. File not found

IE - HKCU\..\URLSearchHook: {9bb815eb-3f9f-4e11-9150-cb70e29b40fc} - Reg Error: Key error. File not found

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

========== FireFox ==========

 

FF - prefs.js..browser.search.defaultenginename: "Google"

FF - prefs.js..browser.search.defaultthis.engineName: "Softonic_France Customized Web Search"

FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2542115&SearchSource=3&q={searchTerms}"

FF - prefs.js..browser.search.selectedEngine: "Softonic_France Customized Web Search"

FF - prefs.js..browser.search.suggest.enabled: false

FF - prefs.js..browser.search.useDBForOrder: true

FF - prefs.js..browser.startup.homepage: "http://www.wideo.fr/"

FF - prefs.js..extensions.enabledItems: smarterwiki@wikiatic.com:4.1.8

FF - prefs.js..extensions.enabledItems: {4daac69c-cba7-45e2-9bc8-1044483d3352}:3.2.4.0

FF - prefs.js..extensions.enabledItems: anttoolbar@ant.com:2.0.1

FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.8.1

FF - prefs.js..extensions.enabledItems: moovida@spointer.com:3.4.1545.153

FF - prefs.js..extensions.enabledItems: engine@conduit.com:3.2.4.0

FF - prefs.js..extensions.enabledItems: {ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}:1.3

FF - prefs.js..extensions.enabledItems: {6e84150a-d526-41f1-a480-a67d3fed910d}:1.4.5.1

FF - prefs.js..extensions.enabledItems: {6ec85fcf-87ad-41d7-ae1f-f116f8ad4848}:2.7.2.0

FF - prefs.js..keyword.URL: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2542115&q="

FF - prefs.js..network.proxy.type: 0

FF - prefs.js..sweetim.toolbar.previous.keyword.URL: "http://www.google.com/search?ie=UTF-8&oe=UTF-8&sourceid=navclient&gfns=1&q="

 

FF - HKLM\software\mozilla\Firefox\Extensions\\moovida@spointer.com: C:\Program Files (x86)\Fluendo\Moovida\spointer\extensions\moovida@spointer.com [2010/10/18 08:55:43 | 000,000,000 | ---D | M]

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010/11/30 17:04:15 | 000,000,000 | ---D | M]

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2010/11/30 17:04:15 | 000,000,000 | ---D | M]

 

[2010/10/23 19:39:16 | 000,000,000 | ---D | M] -- C:\Users\papibraco\AppData\Roaming\mozilla\Extensions

[2010/05/23 08:10:54 | 000,000,000 | ---D | M] (No name found) -- C:\Users\papibraco\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}

[2010/08/24 13:22:24 | 000,000,000 | ---D | M] -- C:\Users\papibraco\AppData\Roaming\mozilla\Extensions\celtx@celtx.com

[2010/05/15 18:25:44 | 000,000,000 | ---D | M] -- C:\Users\papibraco\AppData\Roaming\mozilla\Extensions\mozswing@mozswing.org

[2010/10/23 19:39:16 | 000,000,000 | ---D | M] -- C:\Users\papibraco\AppData\Roaming\mozilla\Extensions\songbird@songbirdnest.com

[2010/12/03 20:26:31 | 000,000,000 | ---D | M] -- C:\Users\papibraco\AppData\Roaming\mozilla\Firefox\Profiles\pp9dk57y.default\extensions

[2010/09/15 19:55:07 | 000,000,000 | ---D | M] (Radio Bar 1 Community Toolbar) -- C:\Users\papibraco\AppData\Roaming\mozilla\Firefox\Profiles\pp9dk57y.default\extensions\{0fc85f5d-6207-4515-a490-45a549d285c0}

[2010/09/07 16:44:55 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Users\papibraco\AppData\Roaming\mozilla\Firefox\Profiles\pp9dk57y.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}

[2010/11/22 08:58:37 | 000,000,000 | ---D | M] (Softonic_France Community Toolbar) -- C:\Users\papibraco\AppData\Roaming\mozilla\Firefox\Profiles\pp9dk57y.default\extensions\{4daac69c-cba7-45e2-9bc8-1044483d3352}

[2010/11/20 20:04:29 | 000,000,000 | ---D | M] (IE View) -- C:\Users\papibraco\AppData\Roaming\mozilla\Firefox\Profiles\pp9dk57y.default\extensions\{6e84150a-d526-41f1-a480-a67d3fed910d}

[2010/11/22 08:29:50 | 000,000,000 | ---D | M] (Avanquest FR Toolbar) -- C:\Users\papibraco\AppData\Roaming\mozilla\Firefox\Profiles\pp9dk57y.default\extensions\{6ec85fcf-87ad-41d7-ae1f-f116f8ad4848}

[2010/10/16 13:52:29 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\papibraco\AppData\Roaming\mozilla\Firefox\Profiles\pp9dk57y.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}

[2010/09/23 07:53:18 | 000,000,000 | ---D | M] (FoxTab) -- C:\Users\papibraco\AppData\Roaming\mozilla\Firefox\Profiles\pp9dk57y.default\extensions\{ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}

[2010/11/18 13:17:03 | 000,000,000 | ---D | M] -- C:\Users\papibraco\AppData\Roaming\mozilla\Firefox\Profiles\pp9dk57y.default\extensions\anttoolbar@ant.com

[2010/11/22 08:58:38 | 000,000,000 | ---D | M] -- C:\Users\papibraco\AppData\Roaming\mozilla\Firefox\Profiles\pp9dk57y.default\extensions\engine@conduit.com

[2010/11/10 16:53:45 | 000,000,000 | ---D | M] -- C:\Users\papibraco\AppData\Roaming\mozilla\Firefox\Profiles\pp9dk57y.default\extensions\smarterwiki@wikiatic.com

[2010/05/23 07:03:40 | 000,000,000 | ---D | M] -- C:\Users\papibraco\AppData\Roaming\mozilla\Firefox\Profiles\pp9dk57y.default\extensions\Squiggle@SR

[2010/11/17 20:18:15 | 000,001,820 | ---- | M] () -- C:\Users\papibraco\AppData\Roaming\Mozilla\FireFox\Profiles\pp9dk57y.default\searchplugins\bing.xml

[2010/11/17 18:05:58 | 000,000,933 | ---- | M] () -- C:\Users\papibraco\AppData\Roaming\Mozilla\FireFox\Profiles\pp9dk57y.default\searchplugins\conduit.xml

[2010/11/20 19:08:01 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Firefox\extensions

[2010/10/27 06:39:58 | 000,001,516 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\amazon-france.xml

[2010/10/27 06:39:58 | 000,001,822 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\cnrtl-tlfi-fr.xml

[2010/10/27 06:39:58 | 000,000,757 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\eBay-france.xml

[2010/10/27 06:39:58 | 000,001,426 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\wikipedia-fr.xml

[2010/10/27 06:39:58 | 000,000,956 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\yahoo-france.xml

 

O1 HOSTS File: ([2010/09/01 15:02:41 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts

O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)

O2:64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg64.dll (Google Inc.)

O2 - BHO: (Radio France Toolbar) - {1a2cd84f-2175-4ae8-bd60-ce0d04442b4f} - C:\Program Files (x86)\Radio_France\tbRad0.dll (Conduit Ltd.)

O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngin0.dll (Conduit Ltd.)

O2 - BHO: (Softonic_France Toolbar) - {4daac69c-cba7-45e2-9bc8-1044483d3352} - C:\Program Files (x86)\Softonic_France\tbSof0.dll (Conduit Ltd.)

O2 - BHO: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files (x86)\DVDVideoSoftTB\tbDVD0.dll (Conduit Ltd.)

O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)

O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll (Google Inc.)

O2 - BHO: (Foxit Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)

O2 - BHO: (Interest recogniser for Moovida (powered by Spointer)) - {E2A7BD67-0EAF-497f-B05B-748D7BF3C421} - C:\Program Files (x86)\Fluendo\Moovida\spointer\extensions\moovida_air_ie.dll (Moovida)

O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)

O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.

O3 - HKLM\..\Toolbar: (Radio France Toolbar) - {1a2cd84f-2175-4ae8-bd60-ce0d04442b4f} - C:\Program Files (x86)\Radio_France\tbRad0.dll (Conduit Ltd.)

O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)

O3 - HKLM\..\Toolbar: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngin0.dll (Conduit Ltd.)

O3 - HKLM\..\Toolbar: (Softonic_France Toolbar) - {4daac69c-cba7-45e2-9bc8-1044483d3352} - C:\Program Files (x86)\Softonic_France\tbSof0.dll (Conduit Ltd.)

O3 - HKLM\..\Toolbar: (Avanquest FR Toolbar) - {6ec85fcf-87ad-41d7-ae1f-f116f8ad4848} - C:\Program Files (x86)\Avanquest_FR\tbAva1.dll (Conduit Ltd.)

O3 - HKLM\..\Toolbar: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files (x86)\DVDVideoSoftTB\tbDVD0.dll (Conduit Ltd.)

O3 - HKLM\..\Toolbar: (Foxit Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)

O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.

O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {00000000-0000-0000-0000-000000000000} - No CLSID value found.

O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {0FC85F5D-6207-4515-A490-45A549D285C0} - No CLSID value found.

O3 - HKCU\..\Toolbar\WebBrowser: (Radio France Toolbar) - {1A2CD84F-2175-4AE8-BD60-CE0D04442B4F} - C:\Program Files (x86)\Radio_France\tbRad0.dll (Conduit Ltd.)

O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)

O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)

O3 - HKCU\..\Toolbar\WebBrowser: (Softonic_France Toolbar) - {4DAAC69C-CBA7-45E2-9BC8-1044483D3352} - C:\Program Files (x86)\Softonic_France\tbSof0.dll (Conduit Ltd.)

O3 - HKCU\..\Toolbar\WebBrowser: (Avanquest FR Toolbar) - {6EC85FCF-87AD-41D7-AE1F-F116F8AD4848} - C:\Program Files (x86)\Avanquest_FR\tbAva1.dll (Conduit Ltd.)

O3 - HKCU\..\Toolbar\WebBrowser: (DVDVideoSoftTB Toolbar) - {872B5B88-9DB5-4310-BDD0-AC189557E5F5} - C:\Program Files (x86)\DVDVideoSoftTB\tbDVD0.dll (Conduit Ltd.)

O3 - HKCU\..\Toolbar\WebBrowser: (Foxit Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)

O4 - HKLM..\Run: [ArcSoft Connection Service] C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.)

O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software)

O4 - HKLM..\Run: [Google Desktop Search] C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktop.exe (Google)

O4 - HKLM..\Run: [Net4Switch] C:\Program Files\ASUS\Net4Switch\Net4Switch.exe (ASUS)

O4 - HKLM..\Run: [TaskTray] C:\Program Files (x86)\Driver-Soft\DriverGenius\TaskTray.exe (Driver-Soft Inc.)

O4 - HKCU..\Run: [EasyFlirt Messenger] C:\Program Files (x86)\EasyFlirt Messenger\EasyFlirt Messenger.exe (2L Multimédia)

O4 - HKCU..\Run: [fsm] File not found

O4 - HKCU..\Run: [PCFix] C:\Program Files (x86)\PCFix\PCFix.exe (Dubai Click LLC)

O4 - HKCU..\Run: [PhilipsSongbirdLauncher] C:\Program Files (x86)\Philips\Philips Songbird\extensions\philips-autoplay@philips.com\application\PhilipsSongbirdLauncher.exe ()

O4 - HKCU..\Run: [PowerSuite] C:\Program Files (x86)\Uniblue\PowerSuite\launcher.exe (Uniblue Systems Limited)

O4 - HKCU..\Run: [software Informer] C:\Program Files (x86)\Software Informer\softinfo.exe (Informer Technologies, Inc.)

O4 - HKCU..\Run: [swg] C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3

O8:64bit: - Extra context menu item: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll (Google Inc.)

O8 - Extra context menu item: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll (Google Inc.)

O9 - Extra Button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - Reg Error: Key error. File not found

O9 - Extra 'Tools' menuitem : &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - Reg Error: Key error. File not found

O13 - gopher Prefix: missing

O13 - gopher Prefix: missing

O15 - HKCU\..Trusted Domains: audacity1.3 ([]* in Sites de confiance)

O15 - HKCU\..Trusted Domains: localhost ([]http in Intranet local)

O15 - HKCU\..Trusted Domains: m6vod.fr ([]http in Intranet local)

O15 - HKCU\..Trusted Domains: microsoft.com ([social.answers] http in Sites de confiance)

O15 - HKCU\..Trusted Domains: microsoft.com ([update] http in Sites de confiance)

O15 - HKCU\..Trusted Domains: microsoft.com ([windowsupdate] http in Sites de confiance)

O15 - HKCU\..Trusted Domains: pcastuces.com ([www] http in Sites de confiance)

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)

O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)

O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Value error.)

O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} https://secure.logmein.com/activex/ractrl.cab?lmi=100 (Performance Viewer Activex Control)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 192.168.1.1

O20 - AppInit_DLLs: (c:\progra~2\google\google~3\go36f4~1.dll) - c:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)

O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found

O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found

O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.

O22:64bit: - SharedTaskScheduler: {1984DD45-52CF-49cd-AB77-18F378FEA264} - FencesShellExt - Reg Error: Value error. File not found

O30:64bit: - LSA: Authentication Packages - (ows\w) - File not found

O30 - LSA: Authentication Packages - (ows\w) - File not found

O32 - HKLM CDRom: AutoRun - 1

O34 - HKLM BootExecute: (autocheck autochk *) - File not found

O35:64bit: - HKLM\..comfile [open] -- "%1" %*

O35:64bit: - HKLM\..exefile [open] -- "%1" %*

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*

O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

 

 

Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)

Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)

Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)

 

CREATERESTOREPOINT

Restore point Set: OTL Restore Point

 

========== Files/Folders - Created Within 30 Days ==========

 

[2010/12/03 19:14:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ESET

[2010/12/01 15:10:32 | 000,000,000 | ---D | C] -- C:\Users\papibraco\AppData\Local\Apple Computer

[2010/12/01 11:33:46 | 000,000,000 | ---D | C] -- C:\Users\papibraco\AppData\Local\ArcSoft

[2010/12/01 11:33:46 | 000,000,000 | ---D | C] -- C:\ProgramData\ArcSoft

[2010/12/01 11:33:17 | 000,022,784 | ---- | C] (Arcsoft, Inc.) -- C:\Windows\SysWow64\drivers\afc.sys

[2010/12/01 11:33:16 | 000,245,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\unicows.dll

[2010/12/01 11:32:05 | 000,348,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msvcr71.dll

[2010/12/01 11:32:04 | 000,499,712 | R--- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msvcp71.dll

[2010/12/01 11:31:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\ArcSoft

[2010/12/01 11:31:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ArcSoft

[2010/12/01 11:31:11 | 000,000,000 | ---D | C] -- C:\Users\papibraco\AppData\Roaming\ArcSoft

[2010/11/30 17:03:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\QuickTime

[2010/11/30 17:03:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer

[2010/11/30 11:33:36 | 000,116,752 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\SysNative\drivers\AtihdW76.sys

[2010/11/29 18:08:55 | 000,000,000 | ---D | C] -- C:\Users\papibraco\AppData\Roaming\Malwarebytes

[2010/11/29 18:08:46 | 000,024,152 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys

[2010/11/29 18:08:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware

[2010/11/29 18:08:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes

[2010/11/28 14:14:06 | 000,000,000 | ---D | C] -- C:\Users\papibraco\AppData\Roaming\PCFix

[2010/11/28 14:14:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PCFix

[2010/11/27 15:15:28 | 000,000,000 | ---D | C] -- C:\Users\papibraco\AppData\Local\PeerTV

[2010/11/27 15:14:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PeerTV2

[2010/11/27 11:13:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Pinnacle

[2010/11/27 11:13:00 | 000,000,000 | ---D | C] -- C:\Users\papibraco\AppData\Local\Downloaded Installations

[2010/11/26 18:36:40 | 000,000,000 | ---D | C] -- C:\Program Files\GreenPrint

[2010/11/26 11:52:45 | 000,000,000 | ---D | C] -- C:\Users\papibraco\AppData\Roaming\Simple Sudoku

[2010/11/26 11:52:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Simple Sudoku

[2010/11/25 11:37:48 | 000,000,000 | ---D | C] -- C:\Users\papibraco\AppData\Roaming\ Preferences Gifour

[2010/11/23 18:05:36 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\catroot2

[2010/11/23 17:55:46 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution

[2010/11/23 16:49:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Installer Clean Up

[2010/11/23 16:48:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSECACHE

[2010/11/22 19:28:25 | 000,000,000 | ---D | C] -- C:\Users\papibraco\AppData\Roaming\Stardock

[2010/11/22 19:28:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Stardock

[2010/11/22 09:49:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Wise Installation Wizard

[2010/11/22 08:32:05 | 000,000,000 | ---D | C] -- C:\Users\papibraco\Documents\DriverGenius

[2010/11/22 08:30:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Driver-Soft

[2010/11/20 19:07:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox

[2010/11/20 18:49:11 | 000,000,000 | ---D | C] -- C:\Program Files\7-Zip

[2010/11/16 10:13:13 | 000,000,000 | -H-D | C] -- C:\ProgramData\{6DAA3B20-D487-4FA2-81D5-50404CCB868D}

[2010/11/15 19:58:22 | 000,000,000 | R--D | C] -- C:\Users\papibraco\Downloads

[2010/11/15 19:49:27 | 001,289,576 | ---- | C] (Microsoft Corporation) -- C:\Users\papibraco\Desktop\wlsetup-web.exe

[2010/11/14 19:06:02 | 000,000,000 | R--D | C] -- C:\Users\papibraco\Videos

[2010/11/14 18:27:48 | 000,000,000 | ---D | C] -- C:\Users\papibraco\Documents\TELECHARGEMENTS

[2010/11/14 11:54:19 | 000,000,000 | ---D | C] -- C:\Users\papibraco\Documents\MODELES COURRIER

[2010/11/14 11:52:44 | 000,000,000 | ---D | C] -- C:\Users\papibraco\Documents\LIVRE 1

[2010/11/13 14:26:31 | 000,000,000 | ---D | C] -- C:\Users\papibraco\AppData\Roaming\aignes

[2010/11/13 14:21:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AM-DeadLink

[2010/11/11 20:11:00 | 000,000,000 | ---D | C] -- C:\Users\papibraco\AppData\Roaming\VSRevoGroup

[2010/11/11 19:30:11 | 000,000,000 | ---D | C] -- C:\Users\papibraco\AppData\Roaming\Artweaver

[2010/11/11 19:30:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Artweaver 1.0

[2010/11/11 19:30:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Artweaver

[2010/11/11 16:20:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\GIMP 2

[2010/11/08 19:18:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MyPaint

[2010/11/07 19:38:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\EasyFlirt Messenger

[2010/11/07 17:16:28 | 000,048,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fssfltr.sys

[2010/11/07 17:16:17 | 000,000,000 | -HSD | C] -- C:\Config.Msi

[2010/06/21 13:35:21 | 002,734,688 | ---- | C] (Conduit Ltd.) -- C:\Program Files (x86)\tbRadi.dll

[8 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]

[8 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]

[1 C:\*.tmp files -> C:\*.tmp -> ]

 

========== Files - Modified Within 30 Days ==========

 

[2010/12/03 23:05:00 | 000,001,072 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

[2010/12/03 22:48:00 | 000,001,092 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-618206465-3547882854-4284674349-1000UA.job

[2010/12/03 22:15:21 | 000,002,375 | ---- | M] () -- C:\Users\papibraco\Documents\scan-eset

[2010/12/03 22:13:38 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat

[2010/12/03 19:58:21 | 000,001,014 | ---- | M] () -- C:\Windows\tasks\Google Software Updater.job

[2010/12/03 19:13:36 | 000,010,240 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

[2010/12/03 19:13:36 | 000,010,240 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

[2010/12/03 19:05:46 | 000,000,352 | ---- | M] () -- C:\Windows\tasks\RegistryBooster.job

[2010/12/03 19:05:44 | 000,001,068 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job

[2010/12/03 19:05:44 | 000,000,402 | ---- | M] () -- C:\Windows\tasks\AWC Startup.job

[2010/12/03 19:05:44 | 000,000,390 | ---- | M] () -- C:\Windows\tasks\Registry Reviver64-papibraco-Startup.job

[2010/12/03 19:05:44 | 000,000,352 | ---- | M] () -- C:\Windows\tasks\Registry_Doktor.job

[2010/12/03 19:05:04 | 3105,263,616 | -HS- | M] () -- C:\hiberfil.sys

[2010/12/03 14:48:00 | 000,001,040 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-618206465-3547882854-4284674349-1000Core.job

[2010/12/01 17:54:44 | 000,001,019 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk

[2010/12/01 11:36:29 | 000,001,727 | ---- | M] () -- C:\Windows\SysNative\ServiceFilter.ini

[2010/12/01 11:36:23 | 000,002,680 | ---- | M] () -- C:\Windows\SysNative\AutoRunFilter.ini

[2010/12/01 11:33:09 | 000,002,137 | ---- | M] () -- C:\Users\Public\Desktop\Media Impression.lnk

[2010/11/30 17:04:07 | 000,001,847 | ---- | M] () -- C:\Users\Public\Desktop\QuickTime Player.lnk

[2010/11/30 12:05:30 | 000,000,824 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\tmvsthfud.bin

[2010/11/30 12:05:00 | 000,000,824 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\tmvsthfss.bin

[2010/11/30 11:33:36 | 000,116,752 | ---- | M] (ATI Technologies, Inc.) -- C:\Windows\SysNative\drivers\AtihdW76.sys

[2010/11/29 19:57:37 | 000,000,134 | ---- | M] () -- C:\Users\papibraco\Desktop\Internet Explorer Troubleshooting.url

[2010/11/29 19:34:28 | 000,004,624 | ---- | M] () -- C:\Users\papibraco\Documents\mbam-log-2010-11-29 (19-31-18).docx

[2010/11/29 17:42:26 | 000,001,735 | ---- | M] () -- C:\Users\papibraco\Desktop\7-Zip - Raccourci.lnk

[2010/11/29 17:42:06 | 000,024,152 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys

[2010/11/29 17:37:39 | 000,001,239 | ---- | M] () -- C:\Users\papibraco\Desktop\Care for your computer.lnk

[2010/11/29 17:37:19 | 000,001,056 | ---- | M] () -- C:\Users\papibraco\Desktop\Audacity 1.3 Beta (Unicode) (2).lnk

[2010/11/29 17:35:50 | 000,001,876 | ---- | M] () -- C:\Users\papibraco\Desktop\DriverGenius - Raccourci.lnk

[2010/11/29 17:31:21 | 000,483,432 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT

[2010/11/28 14:14:02 | 000,000,931 | ---- | M] () -- C:\Users\papibraco\Application Data\Microsoft\Internet Explorer\Quick Launch\PC Fix 2010.lnk

[2010/11/28 14:14:02 | 000,000,907 | ---- | M] () -- C:\Users\Public\Desktop\PC Fix 2010.lnk

[2010/11/27 15:14:55 | 000,002,535 | ---- | M] () -- C:\Users\Public\Desktop\PeerTV2.lnk

[2010/11/27 14:51:01 | 001,056,658 | ---- | M] () -- C:\Users\papibraco\Documents\PAPIBRACO-PC_right.html

[2010/11/27 14:51:01 | 000,216,459 | ---- | M] () -- C:\Users\papibraco\Documents\PAPIBRACO-PC_left.html

[2010/11/27 14:51:01 | 000,000,833 | ---- | M] () -- C:\Users\papibraco\Documents\PAPIBRACO-PC.html

[2010/11/23 18:10:23 | 007,707,690 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI

[2010/11/23 18:10:23 | 000,745,518 | ---- | M] () -- C:\Windows\SysNative\perfh00C.dat

[2010/11/23 18:10:23 | 000,735,312 | ---- | M] () -- C:\Windows\SysNative\perfh00A.dat

[2010/11/23 18:10:23 | 000,733,182 | ---- | M] () -- C:\Windows\SysNative\perfh013.dat

[2010/11/23 18:10:23 | 000,730,004 | ---- | M] () -- C:\Windows\SysNative\perfh010.dat

[2010/11/23 18:10:23 | 000,719,004 | ---- | M] () -- C:\Windows\SysNative\prfh0816.dat

[2010/11/23 18:10:23 | 000,686,752 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat

[2010/11/23 18:10:23 | 000,652,360 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat

[2010/11/23 18:10:23 | 000,596,688 | ---- | M] () -- C:\Windows\SysNative\perfh008.dat

[2010/11/23 18:10:23 | 000,399,670 | ---- | M] () -- C:\Windows\SysNative\prfh0404.dat

[2010/11/23 18:10:23 | 000,382,796 | ---- | M] () -- C:\Windows\SysNative\perfh00D.dat

[2010/11/23 18:10:23 | 000,157,422 | ---- | M] () -- C:\Windows\SysNative\perfc00A.dat

[2010/11/23 18:10:23 | 000,152,014 | ---- | M] () -- C:\Windows\SysNative\perfc013.dat

[2010/11/23 18:10:23 | 000,151,986 | ---- | M] () -- C:\Windows\SysNative\prfc0816.dat

[2010/11/23 18:10:23 | 000,149,004 | ---- | M] () -- C:\Windows\SysNative\perfc00C.dat

[2010/11/23 18:10:23 | 000,147,880 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat

[2010/11/23 18:10:23 | 000,145,886 | ---- | M] () -- C:\Windows\SysNative\perfc010.dat

[2010/11/23 18:10:23 | 000,121,292 | ---- | M] () -- C:\Windows\SysNative\prfc0404.dat

[2010/11/23 18:10:23 | 000,121,292 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat

[2010/11/23 18:10:23 | 000,110,090 | ---- | M] () -- C:\Windows\SysNative\perfc008.dat

[2010/11/23 18:10:23 | 000,083,998 | ---- | M] () -- C:\Windows\SysNative\perfc00D.dat

[2010/11/22 09:48:44 | 000,001,113 | ---- | M] () -- C:\Users\papibraco\Desktop\Driver Genius Professional Edition.lnk

[2010/11/21 20:31:53 | 000,000,204 | ---- | M] () -- C:\Users\papibraco\Application Data\Microsoft\Internet Explorer\Quick Launch\eBay.url

[2010/11/21 20:31:45 | 000,001,256 | ---- | M] () -- C:\Users\papibraco\Application Data\Microsoft\Internet Explorer\Quick Launch\Foxit Reader.lnk

[2010/11/21 20:31:45 | 000,001,232 | ---- | M] () -- C:\Users\Public\Desktop\Foxit Reader.lnk

[2010/11/20 19:08:03 | 000,001,965 | ---- | M] () -- C:\Users\papibraco\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk

[2010/11/20 19:08:03 | 000,001,941 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk

[2010/11/17 20:09:12 | 000,002,115 | ---- | M] () -- C:\Users\papibraco\Application Data\Microsoft\Internet Explorer\Quick Launch\EasyFlirt Messenger.lnk

[2010/11/17 09:55:43 | 000,002,016 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk

[2010/11/16 14:34:42 | 007,559,902 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI

[2010/11/16 10:13:18 | 000,001,038 | ---- | M] () -- C:\Users\papibraco\Application Data\Microsoft\Internet Explorer\Quick Launch\Uniblue RegistryBooster.lnk

[2010/11/16 10:13:18 | 000,001,014 | ---- | M] () -- C:\Users\Public\Desktop\Uniblue RegistryBooster.lnk

[2010/11/15 19:49:33 | 001,289,576 | ---- | M] (Microsoft Corporation) -- C:\Users\papibraco\Desktop\wlsetup-web.exe

[2010/11/15 19:48:57 | 000,293,208 | ---- | M] () -- C:\Users\papibraco\Documents\SoftonicDownloader_pour_windows-live-messenger.exe

[2010/11/14 18:49:51 | 000,002,192 | ---- | M] () -- C:\Users\papibraco\Desktop\Screenpresso.lnk

[2010/11/14 18:49:17 | 000,001,322 | ---- | M] () -- C:\Users\papibraco\Desktop\Wordpad.lnk

[2010/11/14 18:48:59 | 000,001,230 | ---- | M] () -- C:\Users\papibraco\Desktop\Calculator.lnk

[2010/11/14 18:42:04 | 000,002,246 | ---- | M] () -- C:\Users\papibraco\Desktop\OpenOffice.org 3.2 - Raccourci.lnk

[2010/11/14 18:40:23 | 000,001,766 | ---- | M] () -- C:\Users\papibraco\Desktop\Picasa 3 - Raccourci.lnk

[2010/11/14 18:36:59 | 000,001,056 | ---- | M] () -- C:\Users\papibraco\Desktop\Audacity 1.3 Beta (Unicode).lnk

[2010/11/11 19:30:04 | 000,001,001 | ---- | M] () -- C:\Users\papibraco\Application Data\Microsoft\Internet Explorer\Quick Launch\Artweaver 1.0.lnk

[2010/11/11 19:30:04 | 000,000,977 | ---- | M] () -- C:\Users\Public\Desktop\Artweaver 1.0.lnk

[2010/11/08 09:50:34 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf

[2010/11/06 10:38:17 | 000,002,286 | ---- | M] () -- C:\Users\Public\Desktop\Google Earth.lnk

[8 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]

[8 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]

[1 C:\*.tmp files -> C:\*.tmp -> ]

 

========== Files Created - No Company Name ==========

 

[2010/12/03 22:15:21 | 000,002,375 | ---- | C] () -- C:\Users\papibraco\Documents\scan-eset

[2010/12/01 17:54:44 | 000,001,019 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk

[2010/12/01 11:33:09 | 000,002,137 | ---- | C] () -- C:\Users\Public\Desktop\Media Impression.lnk

[2010/11/30 17:04:07 | 000,001,847 | ---- | C] () -- C:\Users\Public\Desktop\QuickTime Player.lnk

[2010/11/29 19:57:37 | 000,000,134 | ---- | C] () -- C:\Users\papibraco\Desktop\Internet Explorer Troubleshooting.url

[2010/11/29 19:34:28 | 000,004,624 | ---- | C] () -- C:\Users\papibraco\Documents\mbam-log-2010-11-29 (19-31-18).docx

[2010/11/29 17:42:26 | 000,001,735 | ---- | C] () -- C:\Users\papibraco\Desktop\7-Zip - Raccourci.lnk

[2010/11/29 17:37:39 | 000,001,239 | ---- | C] () -- C:\Users\papibraco\Desktop\Care for your computer.lnk

[2010/11/29 17:37:19 | 000,001,056 | ---- | C] () -- C:\Users\papibraco\Desktop\Audacity 1.3 Beta (Unicode) (2).lnk

[2010/11/29 17:35:50 | 000,001,876 | ---- | C] () -- C:\Users\papibraco\Desktop\DriverGenius - Raccourci.lnk

[2010/11/28 14:14:02 | 000,000,931 | ---- | C] () -- C:\Users\papibraco\Application Data\Microsoft\Internet Explorer\Quick Launch\PC Fix 2010.lnk

[2010/11/28 14:14:02 | 000,000,907 | ---- | C] () -- C:\Users\Public\Desktop\PC Fix 2010.lnk

[2010/11/27 15:14:55 | 000,002,535 | ---- | C] () -- C:\Users\Public\Desktop\PeerTV2.lnk

[2010/11/27 14:51:01 | 001,056,658 | ---- | C] () -- C:\Users\papibraco\Documents\PAPIBRACO-PC_right.html

[2010/11/27 14:51:01 | 000,216,459 | ---- | C] () -- C:\Users\papibraco\Documents\PAPIBRACO-PC_left.html

[2010/11/27 14:51:01 | 000,000,833 | ---- | C] () -- C:\Users\papibraco\Documents\PAPIBRACO-PC.html

[2010/11/22 08:30:09 | 000,001,113 | ---- | C] () -- C:\Users\papibraco\Desktop\Driver Genius Professional Edition.lnk

[2010/11/20 19:08:03 | 000,001,965 | ---- | C] () -- C:\Users\papibraco\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk

[2010/11/20 19:08:03 | 000,001,941 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk

[2010/11/16 10:13:20 | 000,000,352 | ---- | C] () -- C:\Windows\tasks\RegistryBooster.job

[2010/11/16 10:13:12 | 000,001,038 | ---- | C] () -- C:\Users\papibraco\Application Data\Microsoft\Internet Explorer\Quick Launch\Uniblue RegistryBooster.lnk

[2010/11/16 10:13:12 | 000,001,014 | ---- | C] () -- C:\Users\Public\Desktop\Uniblue RegistryBooster.lnk

[2010/11/15 19:49:01 | 000,293,208 | ---- | C] () -- C:\Users\papibraco\Documents\SoftonicDownloader_pour_windows-live-messenger.exe

[2010/11/14 18:49:51 | 000,002,192 | ---- | C] () -- C:\Users\papibraco\Desktop\Screenpresso.lnk

[2010/11/14 18:49:17 | 000,001,322 | ---- | C] () -- C:\Users\papibraco\Desktop\Wordpad.lnk

[2010/11/14 18:48:59 | 000,001,230 | ---- | C] () -- C:\Users\papibraco\Desktop\Calculator.lnk

[2010/11/14 18:42:04 | 000,002,246 | ---- | C] () -- C:\Users\papibraco\Desktop\OpenOffice.org 3.2 - Raccourci.lnk

[2010/11/14 18:40:23 | 000,001,766 | ---- | C] () -- C:\Users\papibraco\Desktop\Picasa 3 - Raccourci.lnk

[2010/11/14 18:36:59 | 000,001,056 | ---- | C] () -- C:\Users\papibraco\Desktop\Audacity 1.3 Beta (Unicode).lnk

[2010/11/11 19:30:04 | 000,001,001 | ---- | C] () -- C:\Users\papibraco\Application Data\Microsoft\Internet Explorer\Quick Launch\Artweaver 1.0.lnk

[2010/11/11 19:30:04 | 000,000,977 | ---- | C] () -- C:\Users\Public\Desktop\Artweaver 1.0.lnk

[2010/11/08 09:50:34 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf

[2010/11/07 19:38:08 | 000,002,115 | ---- | C] () -- C:\Users\papibraco\Application Data\Microsoft\Internet Explorer\Quick Launch\EasyFlirt Messenger.lnk

[2010/11/06 10:38:17 | 000,002,286 | ---- | C] () -- C:\Users\Public\Desktop\Google Earth.lnk

[2010/08/22 11:58:35 | 007,559,902 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI

[2010/06/21 14:22:59 | 000,162,304 | ---- | C] () -- C:\Windows\SysWow64\ztvunrar36.dll

[2010/06/21 14:22:59 | 000,153,088 | ---- | C] () -- C:\Windows\SysWow64\UNRAR3.dll

[2010/06/21 14:22:59 | 000,077,312 | ---- | C] () -- C:\Windows\SysWow64\ztvunace26.dll

[2010/06/21 14:22:59 | 000,075,264 | ---- | C] () -- C:\Windows\SysWow64\unacev2.dll

[2010/06/21 13:35:21 | 000,153,088 | ---- | C] () -- C:\Program Files (x86)\UNWISE.EXE

[2010/06/21 13:35:21 | 000,008,338 | ---- | C] () -- C:\Program Files (x86)\INSTALL.LOG

[2010/05/02 18:40:04 | 000,001,208 | ---- | C] () -- C:\Windows\Radio_Fr.ini

[2010/03/14 14:49:24 | 000,003,584 | ---- | C] () -- C:\Users\papibraco\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2010/02/16 22:28:34 | 000,000,024 | ---- | C] () -- C:\Windows\ATKPF.ini

[2010/01/25 11:58:06 | 000,462,848 | ---- | C] () -- C:\Windows\SysWow64\ractrlkeyhook.dll

[2010/01/25 07:19:58 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\LogonStart.dll

[2010/01/25 06:57:55 | 000,131,368 | ---- | C] () -- C:\ProgramData\FullRemove.exe

[2010/01/25 06:48:47 | 000,000,105 | ---- | C] () -- C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log

[2010/01/25 06:48:22 | 000,000,107 | ---- | C] () -- C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log

[2009/12/08 08:39:40 | 000,005,430 | ---- | C] () -- C:\Users\papibraco\AppData\Roaming\Untitled-32.ico

[2009/10/28 04:08:55 | 000,002,107 | ---- | C] () -- C:\Windows\SysWow64\GUCI_AVS.ini

[2009/09/27 14:02:18 | 000,104,018 | ---- | C] () -- C:\Users\papibraco\AppData\Roaming\PremeSplashScreen.jpg

[2009/08/19 09:33:09 | 000,000,035 | ---- | C] () -- C:\Windows\OOBEPlayer.ini

[2009/07/29 06:20:40 | 000,000,010 | ---- | C] () -- C:\Windows\SysWow64\ABLKSR.ini

[2009/07/14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll

[2009/07/13 22:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll

[2009/01/10 09:17:25 | 000,000,641 | ---- | C] () -- C:\Windows\Remover.ini

 

========== Custom Scans ==========

 

 

Invalid Environment Variable: SYSTEMDRIVE

 

< % Systemroot% \ *. / Mp / s >

Invalid Switch: s

 

 

< HKEY_LOCAL_MACHINE \ SOFTWARE \ Policies \ Microsoft \ Windows \ WindowsUpdate \ UA >

 

< HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ CurrentVersion \ WindowsUpdate \ Auto Update \ Résultats \ Install | LastSuccessTime / rs >

Invalid Switch: rs

 

 

< End of report >

[lance_yien]

Bonjour papibraco

 

et voici le 4éme rapport checkup-txt...

Raté! tu as reposté le rapport OTL à la place

Ce n'est pas grave, relance Security check et copie/colle son rapport avant de passer à la suite des instructions.

 

>>> Programmes à désinstaller:

• Ask.com: Utiliser cet utilitaire pour désinstaller tout programme et application appartenant à Ask.com parce qu'ils font de la pub de leur barre d'outils sur des sites réservés aux enfants (plus susceptibles de tomber dans leurs pièges) ou utilisant des pop-ups faisant croire que c'est de la pub pour d'autres applications.
  Pire encore, ils utilisent des spywares venant d'autre sociétés.
  Cette barre d'outils s'installe sans rien demander aux utilisateurs et opère à des modifications dans les paramètres des navigateurs pour se faire de l'argent par redirection vers d'autres sites.
   
  
• IObit- Advanced SystemCare 3 est reconnu comme étant un rogue et certains programmes de IObit.com sont des connus pour causer des problèmes dans les machines où ils sont installés.
  Désinstaller tout programme de IObit.com et utiliser cet utilitaire pour effacer toute trace laissée par ces programmes.
   
  
• ConduitEngine installe des Barres d'outils et d'autres applications incluant des spywares et autres sortes de malware.
  

 

>>> Désinstallations facultatives:

• Ceux-la parce que souvent installés par des applications tierces et/ ou par ConduitEngine. Ils installent à leur tour des Barres d'outils et bien d'autres applications. A toi de faire le tri:
  - Radio_France
  - Softonic_France
  - Avanquest_FR
  - DVDVideoSoftTB
  - Fluendo - Moovida
  - OfferBox
   
  
• Ceux-ci (de chez Uniblue pour la majorité) sont souvent plus dangereux que bénéfiques particulièrement pour le Registre. Et à force d'en installer on finit par ralentir le système sans oublier le risque d'incompatibilité entre programmes.
  RegistryBooster
  Registry Reviver
  Registry_Doktor
  SpeedUpMyPC
  Uniblue PowerSuite
  PCFix (Dubai Click LLC)

 

>>> Tes rapports montrent que tu as "Revo Uninstaller", n'hésite pas à l'utiliser comme indiqué ICI et ton registre restera toujours propre.

--

 

>>> Après ce grand ménage:

Lancer OTL et copier la liste suivante (commençant par :OTL) et la coller dans l'espace sous "Personnalisation".

 

:OTL

PRC - [2010/09/28 20:33:02 | 002,407,632 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\Advanced SystemCare 3\AWC.exe

O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.

O3 - HKLM\..\Toolbar: (Radio France Toolbar) - {1a2cd84f-2175-4ae8-bd60-ce0d04442b4f} - C:\Program Files (x86)\Radio_France\tbRad0.dll (Conduit Ltd.)

O3 - HKLM\..\Toolbar: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngin0.dll (Conduit Ltd.)

O3 - HKLM\..\Toolbar: (Softonic_France Toolbar) - {4daac69c-cba7-45e2-9bc8-1044483d3352} - C:\Program Files (x86)\Softonic_France\tbSof0.dll (Conduit Ltd.)

O3 - HKLM\..\Toolbar: (Avanquest FR Toolbar) - {6ec85fcf-87ad-41d7-ae1f-f116f8ad4848} - C:\Program Files (x86)\Avanquest_FR\tbAva1.dll (Conduit Ltd.)

O3 - HKLM\..\Toolbar: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files (x86)\DVDVideoSoftTB\tbDVD0.dll (Conduit Ltd.)

O3 - HKLM\..\Toolbar: (Foxit Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)

O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.

O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {00000000-0000-0000-0000-000000000000} - No CLSID value found.

O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {0FC85F5D-6207-4515-A490-45A549D285C0} - No CLSID value found.

O3 - HKCU\..\Toolbar\WebBrowser: (Radio France Toolbar) - {1A2CD84F-2175-4AE8-BD60-CE0D04442B4F} - C:\Program Files (x86)\Radio_France\tbRad0.dll (Conduit Ltd.)

O3 - HKCU\..\Toolbar\WebBrowser: (Softonic_France Toolbar) - {4DAAC69C-CBA7-45E2-9BC8-1044483D3352} - C:\Program Files (x86)\Softonic_France\tbSof0.dll (Conduit Ltd.)

O3 - HKCU\..\Toolbar\WebBrowser: (Avanquest FR Toolbar) - {6EC85FCF-87AD-41D7-AE1F-F116F8AD4848} - C:\Program Files (x86)\Avanquest_FR\tbAva1.dll (Conduit Ltd.)

O3 - HKCU\..\Toolbar\WebBrowser: (DVDVideoSoftTB Toolbar) - {872B5B88-9DB5-4310-BDD0-AC189557E5F5} - C:\Program Files (x86)\DVDVideoSoftTB\tbDVD0.dll (Conduit Ltd.)

O3 - HKCU\..\Toolbar\WebBrowser: (Foxit Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)

O15 - HKCU\..Trusted Domains: audacity1.3 ([]* in Sites de confiance)

O15 - HKCU\..Trusted Domains: localhost ([]http in Intranet local)

O15 - HKCU\..Trusted Domains: m6vod.fr ([]http in Intranet local)

O15 - HKCU\..Trusted Domains: microsoft.com ([social.answers] http in Sites de confiance)

O15 - HKCU\..Trusted Domains: microsoft.com ([update] http in Sites de confiance)

O15 - HKCU\..Trusted Domains: microsoft.com ([windowsupdate] http in Sites de confiance)

O15 - HKCU\..Trusted Domains: pcastuces.com ([www] http in Sites de confiance)

 

:Files

C:\Windows\tasks\*.job

C:\Windows\SysNative\drivers\etc\tmvsthfud.bin

C:\Windows\SysNative\drivers\etc\tmvsthfss.bin

 

:Services

 

:Reg

 

:Files

 

:Commands

[EMPTYTEMP]

[REBOOT]

 

ATTENTION: Les lignes en bleu concernent des sites dans la zone de confiance. Dans cette zone les sites ont des privilèges spécifique par rapport aux autres. On peut introduire, soi-même, ces sites MAIS des âmes mal intentionnées peuvent s'y inviter. Tu peux supprimer de liste ceux que tu veux garder dans ta zone de confiance.

Cliquer sur le bouton rouge Correction et laisser faire.

Si un ou plusieurs fichiers ne peuvent pas être supprimés normalement, le programme vous demandera de redémarrer la machine pour finir le processus, cliquer sur Oui.

A la fin un rapport s'ouvre dans le bloc-note. Copier tout son contenu et le coller dans une nouvelle réponse du forum. Fermer le rapport et OTL.

 

As-tu encore un souci quelconque avec ta machine?

[papibraco]

je vais essayer cette fois...bonjour quand même,mon erreur devait être due à una grosse fatigue;;;cà fait pas mal d'un coup!mais....c'est bien passionnant Results of screen317's Security Check version 0.99.6

Windows 7 (UAC is enabled)

``````````````````````````````

Antivirus/Firewall Check:

avast! Free Antivirus

WMI entry may not exist for antivirus; attempting automatic update.

```````````````````````````````

Anti-malware/Other Utilities Check:

Trojan Remover 6.8.1

Java 6 Update 20

Java 6 Update 22

Out of date Java installed!

Adobe Flash Player 10.1.102.64

Adobe Reader 9.4.1

````````````````````````````````

Process Check:

objlist.exe by Laurent euh c'est pas un peu court;;;je ne trouve rien d'autre

windows defender MpCmdRun.exe

Alwil Software Avast5 AvastSvc.exe

Alwil Software Avast5 AvastUI.exe

````````````````````````````````

DNS Vulnerability Check:

Request Timed Out (Wireless Internet connection/Disconnected Internet/Proxy?)

 

``````````End of Log````````````