Aller au contenu

  • Pas encore inscrit ?

    Pourquoi ne pas vous inscrire ? C'est simple, rapide et gratuit.
    Pour en savoir plus, lisez Les avantages de l'inscription... et la Charte de Zébulon.
    De plus, les messages que vous postez en tant qu'invité restent invisibles tant qu'un modérateur ne les a pas validés. Inscrivez-vous, ce sera un gain de temps pour tout le monde, vous, les helpeurs et les modérateurs ! :wink:

[RESOLU] Fenêtre pop apparaissant sans raison

Blappa

Par Blappa
dans Analyses et éradication malwares

 Partager

Messages recommandés

Blappa Junior Member

Blappa

Posté(e)
Posté(e) (modifié)

Bonsoir, je vous explique mon problème, mes jeux online sont sans cesse perturbés par des pubs qui apparaissent même si internet est fermé. C'est assez frustrant. Mes connaissances en informatiques étant lamentables, c'est pourquoi je sollicite votre aide. Merci d'avance.

 

 

Voici mon log :

 

 

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 23:10:40, on 17/01/2011

Platform: Windows Vista SP2 (WinNT 6.00.1906)

MSIE: Internet Explorer v8.00 (8.00.6001.18999)

Boot mode: Normal

 

Running processes:

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Program Files\Windows Defender\MSASCui.exe

C:\Windows\RtHDVCpl.exe

C:\Windows\System32\rundll32.exe

C:\Program Files\Packard Bell\Carbonite\CarboniteSetupLitePBPreInstaller.exe

C:\Program Files\Common Files\Java\Java Update\jusched.exe

C:\Program Files\InstallPedia\lnetworker.exe

C:\Program Files\Alwil Software\Avast5\AvastUI.exe

C:\Windows\system32\taskeng.exe

C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe

C:\Windows\ehome\ehtray.exe

C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe

C:\Windows\ehome\ehmsas.exe

C:\Windows\System32\mobsync.exe

C:\Program Files\EA SPORTS\FIFA 11\Game\fifa.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Program Files\OfferBox\OfferBox.exe

C:\Users\Donik\Downloads\HiJackThis.exe

 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.packardbell.com/rdr.aspx?b=ACPW&l=040c&s=1&o=vp32&d=0710&m=imedia_x4510_fr

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Ask.com France - L'autre moteur de recherche

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.packardbell.com/rdr.aspx?b=ACPW&l=040c&s=1&o=vp32&d=0710&m=imedia_x4510_fr

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Your Home Page Has Been Changed

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

R3 - URLSearchHook: UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll

F2 - REG:system.ini: UserInit=C:\Windows\system32\ezShellStart.exe

O1 - Hosts: ::1 localhost

O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: Shareaza Web Download Hook - {0EEDB912-C5FA-486F-8334-57288578C627} - C:\Program Files\Shareaza\RazaWebHook32.dll

O2 - BHO: ShopperReports - {100EB1FD-D03E-47fd-81F3-EE91287F9465} - C:\Program Files\ShopperReports3\bin\3.0.517.0\ShopperReports.dll

O2 - BHO: Interest recogniser for Widestream6 (powered by Spointer) - {2BEFBCCE-46A6-4950-BCB5-7062EAC6C9C9} - C:\Program Files\Widestream6\spointer\extensions\widestream6_air_ie.dll

O2 - BHO: facemoods Helper - {64182481-4F71-486b-A045-B233BD0DA8FC} - C:\Program Files\facemoods.com\facemoods\1.3.62.1\facemoods.dll

O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll

O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll

O2 - BHO: Bing Bar BHO - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll

O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O2 - BHO: OfferBox - {FC0D62C2-9640-4AEB-A5D5-CF25DF11FA8C} - C:\Program Files\OfferBox\OfferBoxBHO.dll

O3 - Toolbar: @C:\Program Files\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll,-100 - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll

O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll

O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide

O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [CarboniteSetupLite] "C:\Program Files\Packard Bell\Carbonite\CarboniteSetupLitePBPreInstaller.exe" /preinstalled

O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup

O4 - HKLM\..\Run: [skytel] Skytel.exe

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"

O4 - HKLM\..\Run: [iP Network] C:\Program Files\InstallPedia\lnetworker.exe

O4 - HKLM\..\Run: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui

O4 - HKCU\..\Run: [smpcSys] C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe

O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background

O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe

O4 - HKCU\..\Run: [indxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020

O4 - HKCU\..\Run: [shareaza] "C:\Program Files\Shareaza\Shareaza.exe" -tray

O4 - HKCU\..\Run: [spyware Doctor with AntiVirus] C:\Users\Donik\Desktop\sdasetup.exe -min

O4 - Startup: OpenOffice.org 3.2.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe

O8 - Extra context menu item: Download with &Shareaza - res://C:\Program Files\Shareaza\RazaWebHook32.dll/3000

O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000

O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html

O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL

O9 - Extra button: ShopperReports - Compare product prices - {C5428486-50A0-4a02-9D20-520B59A9F9B2} - C:\Program Files\ShopperReports3\bin\3.0.517.0\ShopperReports.dll

O9 - Extra button: ShopperReports - Compare travel rates - {C5428486-50A0-4a02-9D20-520B59A9F9B3} - C:\Program Files\ShopperReports3\bin\3.0.517.0\ShopperReports.dll

O13 - Gopher Prefix:

O16 - DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} (WRC Class) - http://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework/microsoft/wrc32.ocx

O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL

O23 - Service: Adobe Active File Monitor V6 (AdobeActiveFileMonitor6.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe

O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe

O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

O23 - Service: Google Desktop Manager 5.9.1005.12335 (GoogleDesktopManager-051210-111108) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe

O23 - Service: Service Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: service de mise a jour pour IP networker (IP netservices) - Unknown owner - C:\Program Files\InstallPedia\service.exe

O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe

O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe

O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe

O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\system32\IoctlSvc.exe

 

--

End of file - 9873 bytes

Modifié par Blappa

bernard53 Godlike Member

bernard53

Posté(e)
Posté(e)

Bonsoir

 

fait ceci s.t.p

 

 

Télécharger AD-Remover (créé par C_XX) :

 

Ad-Remover : Telechargement

 

Cliquez sur "DOWNLOAD " et enregistrez-le "sur votre bureau"

 

Une fois téléchargé sur votre bureau, double-cliquez sur son icone pour lancer l'installation.

 

Sous vista et Windows7 : clic droit sur son icone et sélectionnez "Exécuter en tant qu'administrateur".

L'installation se fera automatiquement.

 

A l'écran principal, cliquez sur Nettoyer pour exécuter le nettoyage.

 

Une fois l'ordinateur redémarré, il ne vous reste plus qu'à copier/coller le rapport sur le forum comme le précédent.

Le rapport se trouve à cet endroit : C:\Ad-Report-CLEAN[1].txt

 

 

Ensuite ceci comme rapport.

 

 

* Télécharge >> OTL <<sur ton bureau.

 

* Fait un double-clic sur l'icône d'OTL pour le lancer

/!\ pour Vista/Seven fais un clic-droit sur l'icône d'OTL et choisis "Exécuter en tant qu'administrateur"

 

* Assure-toi d'avoir fermé toutes les applications en court de fonctionnement.

 

* Quand la fenêtre d'OTL apparaît, assure toi que dans la section "Rapport" (en haut à droite) la case "Rapport minimal " soit cochée.

 

* Copies et colles le contenue de cette citation dans la partie inférieure d'OTL " Personnalisation"

netsvcs

%SYSTEMDRIVE%\*.exe

/md5start

eventlog.dll

scecli.dll

netlogon.dll

cngaudit.dll

sceclt.dll

ntelogon.dll

logevent.dll

iaStor.sys

nvstor.sys

atapi.sys

IdeChnDr.sys

viasraid.sys

AGP440.sys

vaxscsi.sys

nvatabus.sys

viamraid.sys

nvata.sys

nvgts.sys

iastorv.sys

ViPrt.sys

eNetHook.dll

ahcix86.sys

KR10N.sys

vstor32.sys

ahcix86s.sys

nvrd32.sys

/md5stop

%systemroot%\*. /mp /s

%systemroot%\system32\*.dll /lockedfiles

%systemroot%\Tasks\*.job /lockedfiles

* Cliques sur l'icône "Analyse" (en haut à gauche) .

* Laisse le scan aller à son terme sans te servir du PC

* A la fin du scan un ou deux rapports vont s'ouvrir "OTL.Txt" et ( ou ) "Extras.Txt"( dans certains cas).

* Copie et colle le ou les rapports dans ta réponse stp...

* Au cas où, tu peux les retrouver dans le dossier C:\OTL ou sur ton bureau en fonction des cas rencontrés

Mets le rapport ici car il prend bien de la place.

Cijoint.fr - Service gratuit de dépôt de fichiers

Blappa Junior Member

Blappa

Posté(e)
  • Auteur
Posté(e)

Bonsoir, tout d'abord, merci d'avoir répondu à mon message, c'est vraiment sympa. J'ai fait tout ce que tu m'as indiqué sans problème, mais j'ai rencontré une difficulté pour mettre les rappports dans "Cijoint.fr", désolé.

Du coup,je vais les poster dans ce topic.

Encore merci pour ton aide et bravo à ce site qui est une aubaine pour les gens nuls en informatique comme moi.

 

 

rapport Extras.txt :

 

 

OTL Extras logfile created on: 19/01/2011 22:50:17 - Run 1

OTL by OldTimer - Version 3.2.20.2 Folder = C:\Users\Donik\Downloads

Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation

Internet Explorer (Version = 8.0.6001.18999)

Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

 

3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 66,00% Memory free

6,00 Gb Paging File | 5,00 Gb Available in Paging File | 85,00% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files

Drive C: | 582,17 Gb Total Space | 440,06 Gb Free Space | 75,59% Space Free | Partition Type: NTFS

Drive D: | 6,31 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF

 

Computer Name: PC-DE-DONIK | User Name: Donik | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

 

========== Extra Registry (SafeList) ==========

 

 

========== File Associations ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)

.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

 

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]

.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

 

========== Shell Spawning ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)

exefile [open] -- "%1" %*

helpfile [open] -- Reg Error: Key error.

hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)

inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()

Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~3\Office12\ONENOTE.EXE "%L"

Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()

Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)

Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

 

========== Security Center Settings ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"cval" = 1

"UacDisableNotify" = 0

"InternetSettingsDisableNotify" = 0

"AutoUpdateDisableNotify" = 0

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

"DisableMonitoring" = 1

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

"DisableMonitoring" = 1

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

"DisableMonitoring" = 1

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

"AntiVirusOverride" = 0

"AntiSpywareOverride" = 0

"FirewallOverride" = 0

"VistaSp1" = Reg Error: Unknown registry data type -- File not found

"VistaSp2" = Reg Error: Unknown registry data type -- File not found

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

 

========== Firewall Settings ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

"EnableFirewall" = 1

"DisableNotifications" = 0

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

"EnableFirewall" = 1

"DisableNotifications" = 0

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]

"EnableFirewall" = 1

"DisableNotifications" = 0

 

========== Authorized Applications List ==========

 

 

========== Vista Active Open Ports Exception List ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

"{6A713B6F-B08E-47CB-9C8E-1927D1A37527}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |

"{7D10FF8A-B840-401F-A759-2FB6B29DB946}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |

"{7F6DAE05-A87A-46C4-BB4E-2C36E23DD18D}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |

"{E4B1DD31-8D44-49B7-B7CB-B70A81BF5E0A}" = lport=2869 | protocol=6 | dir=in | app=system |

 

========== Vista Active Application Exception List ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

"{102EEB74-78AF-43A4-ADF9-6B064E3A7694}" = dir=in | app=c:\program files\pando networks\media booster\pmb.exe |

"{26B5566F-4282-4F61-945D-27421DF740DA}" = protocol=6 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |

"{2E35F99A-0E3F-436C-A59E-50F48838B2B0}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |

"{3786B2F0-7CE1-4542-9E58-CB7A7F1F78A5}" = protocol=17 | dir=in | app=c:\program files\steam\steam.exe |

"{3B6A0496-E4A6-46B4-9785-5AE395F62162}" = protocol=6 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |

"{3D385472-CCDF-4DD5-B8FF-6A9190CC4687}" = protocol=17 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |

"{4354C540-41F0-4D71-A414-8BAAE923E58E}" = protocol=6 | dir=in | app=c:\program files\steam\steam.exe |

"{50E18FDF-2B0A-4402-9769-8D6A69D35A52}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe |

"{5548F311-ADC3-4A91-812B-775D8AE0BC42}" = dir=in | app=c:\program files\windows live\contacts\wlcomm.exe |

"{605B35C6-3C00-4C6D-AD57-0B8EE420E0DC}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |

"{686899C9-B485-4AD3-B80B-544C0C3CBD69}" = protocol=17 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |

"{85EF4314-11C3-4A83-8F35-7CB09C7817E7}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |

"TCP Query User{4161CD2B-89DE-4BBC-89DB-9A73EE546EAF}C:\program files\shareaza\shareaza.exe" = protocol=6 | dir=in | app=c:\program files\shareaza\shareaza.exe |

"TCP Query User{41E33E78-1BF7-4B33-B081-9701DF7FB2B6}C:\program files\emule\emule.exe" = protocol=6 | dir=in | app=c:\program files\emule\emule.exe |

"TCP Query User{C04D4546-E132-478F-AE8E-E3B99FB6D1D5}C:\program files\ea sports\fifa 11\game\fifa.exe" = protocol=6 | dir=in | app=c:\program files\ea sports\fifa 11\game\fifa.exe |

"UDP Query User{336A876E-7817-4B2A-9839-91A434FED0E4}C:\program files\shareaza\shareaza.exe" = protocol=17 | dir=in | app=c:\program files\shareaza\shareaza.exe |

"UDP Query User{9040D8A4-F01B-41D6-A5BE-6A3C22BBA9DA}C:\program files\emule\emule.exe" = protocol=17 | dir=in | app=c:\program files\emule\emule.exe |

"UDP Query User{EC29A228-2069-4534-9BD1-0158D75094BD}C:\program files\ea sports\fifa 11\game\fifa.exe" = protocol=17 | dir=in | app=c:\program files\ea sports\fifa 11\game\fifa.exe |

 

========== HKEY_LOCAL_MACHINE Uninstall List ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{0214A441-A4AB-43A8-8DEF-2F73C5364673}" = Microsoft Works

"{07E38F03-215B-44E5-BCA5-8D2E8D0E9896}" = MP Manager

"{08234a0d-cf39-4dca-99f0-0c5cb496da81}" = Barre d'outils Bing

"{09F56A49-A7B1-4AAB-95B9-D13094254AD1}" = Windows Live UX Platform Language Pack

"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer

"{0ED40D2A-7131-4FE7-941E-5C329336F712}" = HDReg France

"{0F5B4A82-9DAF-3D13-8CB8-AEB25E4A614E}" = Microsoft .NET Framework 4 Client Profile FRA Language Pack

"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer

"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update

"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions

"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer

"{266517E6-D866-439D-919C-B8B1A52E6080}" = OpenOffice.org 3.2

"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java 6 Update 23

"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery

"{34319F1F-7CF2-4CC9-B357-1AE7D2FF3AC5}" = Windows Live

"{3559CDE0-11FC-4D7B-A65C-D646035B1036}" = Nero 8 Essentials

"{3921A67A-5AB1-4E48-9444-C71814CF3027}" = VCRedistSetup

"{3B9A92DA-6374-4872-B646-253F18624D5F}" = Windows Live Writer

"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile

"{3E31821C-7917-367E-938E-E65FC413EA31}" = Microsoft .NET Framework 3.5 Language Pack SP1 - fra

"{3FEA6CD1-EA13-4CE7-A74E-A74A4A0A7B5C}" = FIFA 11

"{4640FDE1-B83A-4376-84ED-86F86BEE2D41}" = Driver Detective

"{485775E8-AEB8-46BD-922B-242879E03DD5}" = Age of Empires III

"{488F0347-C4A7-4374-91A7-30818BEDA710}" = Galerie de photos Windows Live

"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater

"{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}" = Windows Live PIMT Platform

"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml

"{5DD4FCBD-A3C1-4155-9E17-4161C70AAABA}" = Segoe UI

"{6057E21C-ABE9-4059-AE3E-3BEB9925E660}" = Windows Live Messenger

"{61AD15B2-50DB-4686-A739-14FE180D4429}" = Windows Live ID Sign-in Assistant

"{62687B11-58B5-4A18-9BC3-9DF4CE03F194}" = Windows Live Writer Resources

"{65C0025A-2CDE-43C5-82D0-C7A56EF0DB39}" = Bing Bar Platform

"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE

"{6DEC8BD5-7574-47FA-B080-492BBBE2FEA3}" = Windows Live Movie Maker

"{6E5BC38E-F22B-4197-00A2-CD8E58EF139D}" = LFP MANAGER 2005

"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable

"{76810709-A7D3-468D-9167-A1780C1E766C}" = Windows Live FolderShare

"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

"{792BF55D-113E-43DD-B686-F13DAFDEE1A4}}_is1" = New Star Soccer 2010 v4.13d

"{820B6609-4C97-3A2B-B644-573B06A0F0CC}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729

"{835525BE-63BD-4EC4-9425-00CEAD4849C2}" = Widestream6

"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight

"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT

"{90120000-0016-040C-0000-0000000FF1CE}" = Microsoft Office Excel MUI (French) 2007

"{90120000-0016-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0018-040C-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (French) 2007

"{90120000-0018-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-001B-040C-0000-0000000FF1CE}" = Microsoft Office Word MUI (French) 2007

"{90120000-001B-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-001F-0401-0000-0000000FF1CE}" = Microsoft Office Proof (Arabic) 2007

"{90120000-001F-0401-0000-0000000FF1CE}_HOMESTUDENTR_{14809F99-C601-4D4A-9391-F1E8FAA964C5}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007

"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007

"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007

"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

"{90120000-001F-0413-0000-0000000FF1CE}" = Microsoft Office Proof (Dutch) 2007

"{90120000-001F-0413-0000-0000000FF1CE}_HOMESTUDENTR_{D66D5A44-E480-4BA4-B4F2-C554F6B30EBB}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007

"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

"{90120000-0020-040C-0000-0000000FF1CE}" = Module de compatibilité pour Microsoft Office System 2007

"{90120000-002C-040C-0000-0000000FF1CE}" = Microsoft Office Proofing (French) 2007

"{90120000-006E-040C-0000-0000000FF1CE}" = Microsoft Office Shared MUI (French) 2007

"{90120000-006E-040C-0000-0000000FF1CE}_HOMESTUDENTR_{B165D3C2-40AE-4D39-86F7-E5C87C4264C0}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-00A1-040C-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (French) 2007

"{90120000-00A1-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007

"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)

"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker

"{95120000-00AF-040C-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (French)

"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting

"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster

"{98613C99-1399-416C-A07C-1EE1C585D872}" = SeaTools for Windows

"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail

"{9FAE6E8D-E686-49F5-A574-0A58DFD9580C}" = Windows Live Mail

"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer

"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper

"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common

"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer

"{AC76BA86-7AD7-1036-7B44-A81200000003}" = Adobe Reader 8.1.2 - Français

"{AF844339-2F8A-4593-81B3-9F4C54038C4E}" = Windows Live MIME IFilter

"{C3C9EB3D-24FA-4462-B784-0EC6AAFCD2DD}" = Fable - The Lost Chapters

"{C893D8C0-1BA0-4517-B11C-E89B65E72F70}" = Windows Live Photo Common

"{CC1DB186-550F-3CFE-A2A9-EBA5E5A34BC1}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022

"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1

"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform

"{CFF8B8E8-E086-4DE0-935F-FE22CAB54F80}" = Microsoft Search Enhancement Pack

"{D0198889-7766-424B-AB81-F16F8EDDFEF4}" = Facemoods

"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform

"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10

"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant

"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger

"{EBA29752-DDD2-4B62-B2E3-9841F92A3E3A}" = Samsung PC Studio 3 USB Driver Installer

"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]

"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver

"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5

"{F53D678E-238F-4A71-9742-08BB6774E9DC}" = Windows Live Family Safety

"{F54AC413-D2C6-4A24-B324-370C223C6250}" = Adobe Photoshop Elements 6.0

"{FCFBA290-CB48-4AF1-A241-2685AEDEDD66}" = Windows Live Family Safety

"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX

"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin

"Adobe Photoshop Elements 6" = Adobe Photoshop Elements 6.0

"Adobe Shockwave Player" = Adobe Shockwave Player

"AdobePE6" = Adobe Photoshop Elements 6

"AdobeReader" = Adobe Reader 8

"Ad-Remover" = Ad-Remover By C_XX

"AUDIO_REALTEK" = Realtek HD Audio V6.0.1.5610

"avast5" = avast! Free Antivirus

"BitTorrent" = BitTorrent

"Carbonite" = Carbonite

"Carbonite Setup Lite" = Protégez vos données

"CDisplay_is1" = CDisplay 1.8

"EADM" = EA Download Manager

"Easybits Magic Desktop" = EasyBits Magic Desktop

"facemoods" = facemoods

"Football Superstars_is1" = Football Superstars

"GAMEFORGE Nostale(FR)_is1" = Nostale Online FR (Remove)

"Google Desktop" = Google Desktop

"GoogleDesktop" = GoogleDesktop

"GoogleToolbar" = Google Toolbar

"HOMESTUDENTR" = Microsoft Office Home and Student 2007

"ImageWriter" = Packard Bell ImageWriter

"Infocentre" = Infocentre Rev. 2.0

"InstallShield_{485775E8-AEB8-46BD-922B-242879E03DD5}" = Age of Empires III

"InstallShield_{C3C9EB3D-24FA-4462-B784-0EC6AAFCD2DD}" = Fable - The Lost Chapters

"LCDTest" = Packard Bell LCD Test

"magicdesktop" = Easybits Magic Desktop

"METABOLI" = Metaboli

"Microsoft .NET Framework 3.5 Language Pack SP1 - fra" = Module linguistique Microsoft .NET Framework 3.5 SP1- fra

"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1

"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile

"Microsoft .NET Framework 4 Client Profile FRA Language Pack" = Module linguistique Microsoft .NET Framework 4 Client Profile FRA

"Mozilla Firefox (3.5.16)" = Mozilla Firefox (3.5.16)

"Mumble" = Mumble and Murmur

"Nero8" = Nero 8 Essentials

"NVIDIA Drivers" = NVIDIA Drivers

"OFF2k7_FR" = Microsoft® Office Trial 2007

"SAMSUNG Mobile Modem" = SAMSUNG Mobile Modem Driver Set

"Samsung Mobile phone USB driver" = Samsung Mobile phone USB driver Software

"SAMSUNG Mobile USB Modem" = SAMSUNG Mobile USB Modem Software

"SAMSUNG Mobile USB Modem 1.0" = SAMSUNG Mobile USB Modem 1.0 Software

"SETUPMYPC_FR" = SetUp My PC

"SFR" = neufbox de SFR

"Shareaza_is1" = Shareaza 2.5.3.0

"The Goalkeeper" = The Goalkeeper

"Updator" = Packard Bell Updator

"VIDEO_NVIDIA" = Video NVIDIA v174.74

"VLC media player" = VLC media player 1.0.1

"WinLiveSuite" = Windows Live

"WinRAR archiver" = Archiveur WinRAR

"works9se" = Microsoft Works 9 SE

 

========== HKEY_CURRENT_USER Uninstall List ==========

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

 

========== Last 10 Event Log Errors ==========

 

[ Application Events ]

Error - 17/01/2011 15:45:43 | Computer Name = PC-de-Donik | Source = Redownloader | ID = 0

Description = Le service ne peut pas être démarré. System.NullReferenceException:

La référence d'objet n'est pas définie à une instance d'un objet. à pref_updater.Program.modif_home_page(String

start_page) à pref_updater.Program.Main(String[] args) à System.AppDomain._nExecuteAssembly(Assembly

assembly, String[] args) à System.AppDomain.ExecuteAssembly(String assemblyFile,

Evidence assemblySecurity, String[] args) à System.AppDomain.ExecuteAssembly(String

assemblyFile, Evidence assemblySecurity) à System.AppDomain.ExecuteAssembly(String

assemblyFile, Evidence assemblySecurity) à service.service.launch_update()

à service.service.OnStart(String[] args) à System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object

state)

 

Error - 17/01/2011 15:45:46 | Computer Name = PC-de-Donik | Source = SideBySide | ID = 16842785

Description = La création du contexte d’activation a échoué pour « C:\Windows\Installer\{0214A441-A4AB-43A8-8DEF-2F73C5364673}\wksss.exe ».

Assembly

dépendant msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"

introuvable. Utilisez sxstrace.exe pour un diagnostic détaillé.

 

Error - 17/01/2011 15:47:09 | Computer Name = PC-de-Donik | Source = WinMgmt | ID = 10

Description =

 

Error - 17/01/2011 15:56:20 | Computer Name = PC-de-Donik | Source = Application Error | ID = 1000

Description = Application défaillante fifa.exe, version 1.0.0.0, horodatage 0x4cc0a941,

module défaillant fifa.exe, version 1.0.0.0, horodatage 0x4cc0a941, code d’exception

0x80000003, décalage d’erreur 0x00006536, ID du processus 0x15c0, heure de début

de l’application 0x01cbb680948aa0f3.

 

Error - 17/01/2011 15:58:21 | Computer Name = PC-de-Donik | Source = Application Error | ID = 1000

Description = Application défaillante fifa.exe, version 1.0.0.0, horodatage 0x4cc0a941,

module défaillant fifa.exe, version 1.0.0.0, horodatage 0x4cc0a941, code d’exception

0xc0000005, décalage d’erreur 0x00058576, ID du processus 0xa8c, heure de début

de l’application 0x01cbb6809a352113.

 

Error - 17/01/2011 16:29:14 | Computer Name = PC-de-Donik | Source = System Restore | ID = 8193

Description =

 

Error - 17/01/2011 16:50:00 | Computer Name = PC-de-Donik | Source = Application Error | ID = 1000

Description = Application défaillante fifa.exe, version 1.0.0.0, horodatage 0x4c8a90dc,

module défaillant ntdll.dll, version 6.0.6002.18005, horodatage 0x49e03821, code

d’exception 0xc0000005, décalage d’erreur 0x00065dd2, ID du processus 0x1584, heure

de début de l’application 0x01cbb68812dc4243.

 

Error - 17/01/2011 17:04:57 | Computer Name = PC-de-Donik | Source = SideBySide | ID = 16842785

Description = La création du contexte d’activation a échoué pour « C:\Windows\Installer\{0214A441-A4AB-43A8-8DEF-2F73C5364673}\wksss.exe ».

Assembly

dépendant msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"

introuvable. Utilisez sxstrace.exe pour un diagnostic détaillé.

 

Error - 17/01/2011 17:04:58 | Computer Name = PC-de-Donik | Source = SideBySide | ID = 16842785

Description = La création du contexte d’activation a échoué pour « C:\Windows\Installer\{0214A441-A4AB-43A8-8DEF-2F73C5364673}\wksss.exe ».

Assembly

dépendant msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"

introuvable. Utilisez sxstrace.exe pour un diagnostic détaillé.

 

Error - 17/01/2011 17:04:58 | Computer Name = PC-de-Donik | Source = Redownloader | ID = 0

Description = Le service ne peut pas être démarré. System.NullReferenceException:

La référence d'objet n'est pas définie à une instance d'un objet. à pref_updater.Program.modif_home_page(String

start_page) à pref_updater.Program.Main(String[] args) à System.AppDomain._nExecuteAssembly(Assembly

assembly, String[] args) à System.AppDomain.ExecuteAssembly(String assemblyFile,

Evidence assemblySecurity, String[] args) à System.AppDomain.ExecuteAssembly(String

assemblyFile, Evidence assemblySecurity) à System.AppDomain.ExecuteAssembly(String

assemblyFile, Evidence assemblySecurity) à service.service.launch_update()

à service.service.OnStart(String[] args) à System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object

state)

 

[ System Events ]

Error - 19/01/2011 17:01:32 | Computer Name = PC-de-Donik | Source = Service Control Manager | ID = 7034

Description =

 

Error - 19/01/2011 17:01:32 | Computer Name = PC-de-Donik | Source = Service Control Manager | ID = 7034

Description =

 

Error - 19/01/2011 17:01:32 | Computer Name = PC-de-Donik | Source = Service Control Manager | ID = 7034

Description =

 

Error - 19/01/2011 17:01:32 | Computer Name = PC-de-Donik | Source = Service Control Manager | ID = 7034

Description =

 

Error - 19/01/2011 17:01:32 | Computer Name = PC-de-Donik | Source = Service Control Manager | ID = 7031

Description =

 

Error - 19/01/2011 17:01:32 | Computer Name = PC-de-Donik | Source = Service Control Manager | ID = 7034

Description =

 

Error - 19/01/2011 17:01:32 | Computer Name = PC-de-Donik | Source = Service Control Manager | ID = 7031

Description =

 

Error - 19/01/2011 17:01:32 | Computer Name = PC-de-Donik | Source = Service Control Manager | ID = 7031

Description =

 

Error - 19/01/2011 17:01:32 | Computer Name = PC-de-Donik | Source = Service Control Manager | ID = 7031

Description =

 

Error - 19/01/2011 17:02:02 | Computer Name = PC-de-Donik | Source = Service Control Manager | ID = 7032

Description =

 

 

< End of report >

Blappa Junior Member

Blappa

Posté(e)
  • Auteur
Posté(e)

Désolé pour le double post, mais je l'ai fait dans le but d'envoyer la suite du rapport et pour que ce soit plus lisible. Bonne soirée et merci d'avance.

 

 

OTL logfile created on: 19/01/2011 22:50:17 - Run 1

OTL by OldTimer - Version 3.2.20.2 Folder = C:\Users\Donik\Downloads

Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation

Internet Explorer (Version = 8.0.6001.18999)

Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

 

3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 66,00% Memory free

6,00 Gb Paging File | 5,00 Gb Available in Paging File | 85,00% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files

Drive C: | 582,17 Gb Total Space | 440,06 Gb Free Space | 75,59% Space Free | Partition Type: NTFS

Drive D: | 6,31 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF

 

Computer Name: PC-DE-DONIK | User Name: Donik | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

 

========== Processes (SafeList) ==========

 

PRC - C:\Users\Donik\Downloads\OTL.exe (OldTimer Tools)

PRC - C:\Program Files\Alwil Software\Avast5\AvastUI.exe (AVAST Software)

PRC - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)

PRC - C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corporation)

PRC - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (Google)

PRC - C:\Program Files\Shareaza\WindowsThumbnail.exe (Shareaza Development Team)

PRC - C:\Program Files\Shareaza\Shareaza.exe (Shareaza Development Team)

PRC - C:\Program Files\OpenOffice.org 3\program\soffice.bin (OpenOffice.org)

PRC - C:\Program Files\OpenOffice.org 3\program\soffice.exe (OpenOffice.org)

PRC - C:\Windows\explorer.exe (Microsoft Corporation)

PRC - C:\Program Files\Packard Bell\Carbonite\CarboniteSetupLitePBPreInstaller.exe (Carbonite, Inc.)

PRC - C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe (Nero AG)

PRC - C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)

PRC - C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe (Packard Bell BV)

PRC - C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)

PRC - C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe ()

 

 

========== Modules (SafeList) ==========

 

MOD - C:\Users\Donik\Downloads\OTL.exe (OldTimer Tools)

MOD - C:\Program Files\Alwil Software\Avast5\snxhk.dll (AVAST Software)

MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll (Microsoft Corporation)

 

 

========== Win32 Services (SafeList) ==========

 

SRV - (avast! Antivirus) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)

SRV - (fsssvc) -- C:\Program Files\Windows Live\Family Safety\fsssvc.exe (Microsoft Corporation)

SRV - (SeaPort) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corporation)

SRV - (GoogleDesktopManager-051210-111108) -- C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (Google)

SRV - (WPFFontCache_v0400) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe (Microsoft Corporation)

SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)

SRV - (FontCache) -- C:\Windows\System32\FntCache.dll (Microsoft Corporation)

SRV - (FLEXnet Licensing Service) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Macrovision Europe Ltd.)

SRV - (ezSharedSvc) -- C:\Windows\System32\ezsvc7.dll (EasyBits Sofware AS)

SRV - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)

SRV - (AdobeActiveFileMonitor6.0) -- C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe ()

 

 

========== Driver Services (SafeList) ==========

 

DRV - (aswSP) -- C:\Windows\System32\drivers\aswSP.sys (AVAST Software)

DRV - (aswTdi) -- C:\Windows\System32\drivers\aswTdi.sys (AVAST Software)

DRV - (aswRdr) -- C:\Windows\System32\drivers\aswRdr.sys (AVAST Software)

DRV - (aswMonFlt) -- C:\Windows\System32\drivers\aswMonFlt.sys (AVAST Software)

DRV - (aswFsBlk) -- C:\Windows\System32\drivers\aswFsBlk.sys (AVAST Software)

DRV - (fssfltr) -- C:\Windows\System32\drivers\fssfltr.sys (Microsoft Corporation)

DRV - (nvstor32) -- C:\Windows\system32\drivers\nvstor32.sys (NVIDIA Corporation)

DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\Windows\System32\drivers\RTKVHDA.sys (Realtek Semiconductor Corp.)

DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)

DRV - (MegaSR) -- C:\Windows\system32\drivers\megasr.sys (LSI Corporation, Inc.)

DRV - (adpu320) -- C:\Windows\system32\drivers\adpu320.sys (Adaptec, Inc.)

DRV - (megasas) -- C:\Windows\system32\drivers\megasas.sys (LSI Corporation)

DRV - (adpu160m) -- C:\Windows\system32\drivers\adpu160m.sys (Adaptec, Inc.)

DRV - (SiSRaid4) -- C:\Windows\system32\drivers\sisraid4.sys (Silicon Integrated Systems)

DRV - (HpCISSs) -- C:\Windows\system32\drivers\hpcisss.sys (Hewlett-Packard Company)

DRV - (adpahci) -- C:\Windows\system32\drivers\adpahci.sys (Adaptec, Inc.)

DRV - (LSI_SAS) -- C:\Windows\system32\drivers\lsi_sas.sys (LSI Logic)

DRV - (ql2300) -- C:\Windows\system32\drivers\ql2300.sys (QLogic Corporation)

DRV - (E1G60) Intel® -- C:\Windows\System32\drivers\E1G60I32.sys (Intel Corporation)

DRV - (arcsas) -- C:\Windows\system32\drivers\arcsas.sys (Adaptec, Inc.)

DRV - (iaStorV) -- C:\Windows\system32\drivers\iastorv.sys (Intel Corporation)

DRV - (vsmraid) -- C:\Windows\system32\drivers\vsmraid.sys (VIA Technologies Inc.,Ltd)

DRV - (ulsata2) -- C:\Windows\system32\drivers\ulsata2.sys (Promise Technology, Inc.)

DRV - (LSI_SCSI) -- C:\Windows\system32\drivers\lsi_scsi.sys (LSI Logic)

DRV - (LSI_FC) -- C:\Windows\system32\drivers\lsi_fc.sys (LSI Logic)

DRV - (arc) -- C:\Windows\system32\drivers\arc.sys (Adaptec, Inc.)

DRV - (elxstor) -- C:\Windows\system32\drivers\elxstor.sys (Emulex)

DRV - (adp94xx) -- C:\Windows\system32\drivers\adp94xx.sys (Adaptec, Inc.)

DRV - (nvraid) -- C:\Windows\system32\drivers\nvraid.sys (NVIDIA Corporation)

DRV - (nvstor) -- C:\Windows\system32\drivers\nvstor.sys (NVIDIA Corporation)

DRV - (uliahci) -- C:\Windows\system32\drivers\uliahci.sys (ULi Electronics Inc.)

DRV - (viaide) -- C:\Windows\system32\drivers\viaide.sys (VIA Technologies, Inc.)

DRV - (cmdide) -- C:\Windows\system32\drivers\cmdide.sys (CMD Technology, Inc.)

DRV - (aliide) -- C:\Windows\system32\drivers\aliide.sys (Acer Laboratories Inc.)

DRV - (nvrd32) -- C:\Windows\system32\drivers\nvrd32.sys (NVIDIA Corporation)

DRV - (NVENETFD) -- C:\Windows\System32\drivers\nvmfdx32.sys (NVIDIA Corporation)

DRV - (nvsmu) -- C:\Windows\system32\drivers\nvsmu.sys (NVIDIA Corporation)

DRV - (ss_mdm) -- C:\Windows\System32\drivers\ss_mdm.sys (MCCI Corporation)

DRV - (ss_mdfl) -- C:\Windows\System32\drivers\ss_mdfl.sys (MCCI Corporation)

DRV - (ss_bus) SAMSUNG Mobile USB Device 1.0 driver (WDM) -- C:\Windows\System32\drivers\ss_bus.sys (MCCI Corporation)

DRV - (ql40xx) -- C:\Windows\system32\drivers\ql40xx.sys (QLogic Corporation)

DRV - (UlSata) -- C:\Windows\system32\drivers\ulsata.sys (Promise Technology, Inc.)

DRV - (nfrd960) -- C:\Windows\system32\drivers\nfrd960.sys (IBM Corporation)

DRV - (iirsp) -- C:\Windows\system32\drivers\iirsp.sys (Intel Corp./ICP vortex GmbH)

DRV - (aic78xx) -- C:\Windows\system32\drivers\djsvs.sys (Adaptec, Inc.)

DRV - (iteraid) -- C:\Windows\system32\drivers\iteraid.sys (Integrated Technology Express, Inc.)

DRV - (iteatapi) -- C:\Windows\system32\drivers\iteatapi.sys (Integrated Technology Express, Inc.)

DRV - (Symc8xx) -- C:\Windows\system32\drivers\symc8xx.sys (LSI Logic)

DRV - (Sym_u3) -- C:\Windows\system32\drivers\sym_u3.sys (LSI Logic)

DRV - (Mraid35x) -- C:\Windows\system32\drivers\mraid35x.sys (LSI Logic Corporation)

DRV - (Sym_hi) -- C:\Windows\system32\drivers\sym_hi.sys (LSI Logic)

DRV - (Brserid) Brother MFC Serial Port Interface Driver (WDM) -- C:\Windows\system32\drivers\brserid.sys (Brother Industries Ltd.)

DRV - (BrUsbSer) -- C:\Windows\system32\drivers\brusbser.sys (Brother Industries Ltd.)

DRV - (BrFiltUp) -- C:\Windows\system32\drivers\brfiltup.sys (Brother Industries, Ltd.)

DRV - (BrFiltLo) -- C:\Windows\system32\drivers\brfiltlo.sys (Brother Industries, Ltd.)

DRV - (BrSerWdm) -- C:\Windows\system32\drivers\brserwdm.sys (Brother Industries Ltd.)

DRV - (BrUsbMdm) -- C:\Windows\system32\drivers\brusbmdm.sys (Brother Industries Ltd.)

DRV - (ntrigdigi) -- C:\Windows\system32\drivers\ntrigdigi.sys (N-trig Innovative Technologies)

 

 

========== Standard Registry (SafeList) ==========

 

 

========== Internet Explorer ==========

 

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = MSN : Hotmail, Messenger, Bing, Actualité et Sport

 

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = MSN : Hotmail, Messenger, Bing, Actualité et Sport

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = MSN : Hotmail, Messenger, Bing, Actualité et Sport

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = fr

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = F0 E5 14 36 4A 3A CB 01 [binary data]

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

========== FireFox ==========

 

FF - prefs.js..browser.search.useDBForOrder: true

FF - prefs.js..browser.startup.homepage: "http://www.fissa.com/fr/?s=h&c=1010097739&suid=Ekic2B2TK&d=6&pid="

FF - prefs.js..extensions.enabledItems: ffxtlbr@Facemoods.com:1.0.4

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22

FF - prefs.js..extensions.enabledItems: offerboxffx@offerbox.com:2.2.3132.70

FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:2.1.3.20100310105313

 

 

FF - HKLM\software\mozilla\Firefox\Extensions\\widestream6@spointer.com: C:\Program Files\Widestream6\spointer\extensions\widestream6@spointer.com [2010/11/28 01:05:39 | 000,000,000 | ---D | M]

FF - HKLM\software\mozilla\Mozilla Firefox 3.5.16\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/12/10 18:28:57 | 000,000,000 | ---D | M]

FF - HKLM\software\mozilla\Mozilla Firefox 3.5.16\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/12/10 18:28:57 | 000,000,000 | ---D | M]

 

[2010/08/25 19:18:06 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Donik\AppData\Roaming\mozilla\Extensions

[2011/01/19 22:02:01 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Donik\AppData\Roaming\mozilla\Firefox\Profiles\5in1io2j.default\extensions

[2011/01/17 21:21:35 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Donik\AppData\Roaming\mozilla\Firefox\Profiles\9swp9vro.default\extensions

[2010/10/09 05:04:51 | 000,000,000 | ---D | M] (Fissa) -- C:\Users\Donik\AppData\Roaming\mozilla\Firefox\Profiles\9swp9vro.default\extensions\@FissaPlugin

[2010/09/15 20:34:19 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Donik\AppData\Roaming\mozilla\Firefox\Profiles\9swp9vro.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}

[2010/09/15 20:34:19 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Users\Donik\AppData\Roaming\mozilla\Firefox\Profiles\9swp9vro.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}

[2010/10/09 16:48:55 | 000,002,564 | ---- | M] () -- C:\Users\Donik\AppData\Roaming\Mozilla\Firefox\Profiles\9swp9vro.default\searchplugins\fissa.xml

[2011/01/19 22:01:52 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\mozilla firefox\extensions

[2010/07/07 22:03:38 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}

[2010/09/14 15:01:56 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}

[2010/11/11 07:51:02 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}

[2011/01/05 15:46:40 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}

[2010/10/09 05:04:17 | 000,000,000 | ---D | M] (Facemoods) -- C:\Program Files\mozilla firefox\extensions\ffxtlbr@Facemoods.com

[2010/11/12 18:53:06 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll

[2010/10/29 13:28:57 | 000,001,516 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-france.xml

[2010/10/29 13:28:57 | 000,001,822 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\cnrtl-tlfi-fr.xml

[2010/10/29 13:28:57 | 000,000,757 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-france.xml

[2010/10/29 13:28:57 | 000,001,426 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-fr.xml

[2010/10/29 13:28:57 | 000,000,652 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-france.xml

 

O1 HOSTS File: ([2006/09/18 22:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts

O1 - Hosts: 127.0.0.1 localhost

O1 - Hosts: ::1 localhost

O2 - BHO: (Aide pour le lien d'Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)

O2 - BHO: (Shareaza Web Download Hook) - {0EEDB912-C5FA-486F-8334-57288578C627} - C:\Program Files\Shareaza\RazaWebHook32.dll (Shareaza Development Team)

O2 - BHO: (CescrtHlpr Object) - {64182481-4F71-486b-A045-B233BD0DA8FC} - C:\Program Files\facemoods.com\facemoods\1.3.62.1\facemoods.dll (facemoods.com)

O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)

O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)

O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll (Google Inc.)

O2 - BHO: (Bing Bar BHO) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll (Microsoft Corporation)

O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)

O3 - HKLM\..\Toolbar: (@C:\Program Files\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll,-100) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll (Microsoft Corporation)

O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.

O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)

O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)

O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software)

O4 - HKLM..\Run: [CarboniteSetupLite] C:\Program Files\Packard Bell\Carbonite\CarboniteSetupLitePBPreInstaller.exe (Carbonite, Inc.)

O4 - HKLM..\Run: [Google Desktop Search] C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (Google)

O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.DLL (NVIDIA Corporation)

O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.DLL (NVIDIA Corporation)

O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)

O4 - HKLM..\Run: [skytel] C:\Windows\SkyTel.exe (Realtek Semiconductor Corp.)

O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)

O4 - HKCU..\Run: [indxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe (Nero AG)

O4 - HKCU..\Run: [shareaza] C:\Program Files\Shareaza\Shareaza.exe (Shareaza Development Team)

O4 - HKCU..\Run: [smpcSys] C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe (Packard Bell BV)

O4 - HKCU..\Run: [spyware Doctor with AntiVirus] C:\Users\Donik\Desktop\sdasetup.exe ()

O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)

O4 - Startup: C:\Users\Donik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.2.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()

O8 - Extra context menu item: Download with &Shareaza - C:\Program Files\Shareaza\RazaWebHook32.dll (Shareaza Development Team)

O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll (Google Inc.)

O9 - Extra Button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)

O9 - Extra 'Tools' menuitem : @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)

O9 - Extra Button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll (Microsoft Corporation)

O9 - Extra 'Tools' menuitem : &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll (Microsoft Corporation)

O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL (Microsoft Corporation)

O13 - gopher Prefix: missing

O15 - HKCU\..Trusted Domains: localhost ([]http in Local intranet)

O15 - HKCU\..Trusted Ranges: GD ([http] in Local intranet)

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)

O16 - DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} http://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework/microsoft/wrc32.ocx (WRC Class)

O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1

O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)

O18 - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll (Microsoft Corporation)

O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)

O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\ezShellStart.exe) - C:\Windows\System32\ezShellStart.exe (EasyBits Software AS)

O24 - Desktop WallPaper: C:\Users\Donik\AppData\Roaming\Microsoft\Windows Photo Gallery\Papier peint de la Galerie de photos Windows.jpg

O24 - Desktop BackupWallPaper: C:\Users\Donik\AppData\Roaming\Microsoft\Windows Photo Gallery\Papier peint de la Galerie de photos Windows.jpg

O28 - HKLM ShellExecuteHooks: {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\System32\ezUPBHook.dll (EasyBits Software Corp.)

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2006/09/18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]

O32 - AutoRun File - [2010/09/10 22:33:59 | 000,000,000 | R--D | M] - D:\AutoRun -- [ UDF ]

O32 - AutoRun File - [2010/09/10 22:34:03 | 000,439,056 | R--- | M] (Electronic Arts) - D:\AutoRun.exe -- [ UDF ]

O32 - AutoRun File - [2010/09/10 22:34:02 | 007,864,832 | R--- | M] () - D:\autorun.dat -- [ UDF ]

O32 - AutoRun File - [2010/09/10 22:33:38 | 000,000,141 | R--- | M] () - D:\autorun.inf -- [ UDF ]

O33 - MountPoints2\{00fc376d-8a09-11df-a0ed-0022683b853e}\Shell\Auto\command - "" = E:\launcher.exe

O33 - MountPoints2\{44a63169-0937-11e0-8c16-0022683b853e}\Shell\Auto\command - "" = E:\launcher.exe

O33 - MountPoints2\{49389752-85f4-11df-8c44-806e6f6e6963}\Shell - "" = AutoRun

O33 - MountPoints2\{49389752-85f4-11df-8c44-806e6f6e6963}\Shell\AutoRun\command - "" = D:\AutoRun.exe -- [2010/09/10 22:34:03 | 000,439,056 | R--- | M] (Electronic Arts)

O33 - MountPoints2\{4ea02f43-862a-11df-ba87-0022683b853e}\Shell\Auto\command - "" = E:\launcher.exe

O34 - HKLM BootExecute: (autocheck autochk *) - File not found

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

 

NetSvcs: FastUserSwitchingCompatibility - File not found

NetSvcs: Ias - File not found

NetSvcs: Nla - File not found

NetSvcs: Ntmssvc - File not found

NetSvcs: NWCWorkstation - File not found

NetSvcs: Nwsapagent - File not found

NetSvcs: SRService - File not found

NetSvcs: WmdmPmSp - File not found

NetSvcs: LogonHours - File not found

NetSvcs: PCAudit - File not found

NetSvcs: helpsvc - File not found

NetSvcs: uploadmgr - File not found

NetSvcs: ezSharedSvc - C:\Windows\System32\ezsvc7.dll (EasyBits Sofware AS)

 

========== Files/Folders - Created Within 30 Days ==========

 

[2011/01/19 22:00:14 | 000,000,000 | ---D | C] -- C:\Program Files\Ad-Remover

[2011/01/17 21:45:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Electronic Arts

[2011/01/16 18:55:18 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP

[2011/01/16 18:53:11 | 000,000,000 | ---D | C] -- C:\ProgramData\PC Tools

[2011/01/12 18:29:54 | 000,413,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbc32.dll

[2011/01/12 18:29:49 | 001,169,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sdclt.exe

[2011/01/05 15:46:37 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe

[2011/01/05 15:46:37 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe

[2011/01/05 15:46:37 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe

[2011/01/05 00:03:39 | 000,000,000 | ---D | C] -- C:\Users\Donik\AppData\Roaming\Mumble

[2011/01/05 00:03:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mumble

[2011/01/05 00:03:00 | 000,000,000 | ---D | C] -- C:\Program Files\Mumble

[2011/01/02 12:12:12 | 000,294,608 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswSP.sys

[2011/01/02 12:12:12 | 000,051,280 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswMonFlt.sys

[2011/01/02 12:12:12 | 000,047,440 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswTdi.sys

[2011/01/02 12:12:12 | 000,023,632 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswRdr.sys

[2011/01/02 12:12:12 | 000,017,744 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswFsBlk.sys

[2011/01/02 12:12:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Free Antivirus

[2011/01/02 12:11:59 | 000,188,216 | ---- | C] (AVAST Software) -- C:\Windows\System32\aswBoot.exe

[2011/01/02 12:11:59 | 000,038,848 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr

 

========== Files - Modified Within 30 Days ==========

 

[2011/01/19 22:49:40 | 000,678,804 | ---- | M] () -- C:\Windows\System32\perfh00C.dat

[2011/01/19 22:49:40 | 000,595,798 | ---- | M] () -- C:\Windows\System32\perfh009.dat

[2011/01/19 22:49:40 | 000,126,420 | ---- | M] () -- C:\Windows\System32\perfc00C.dat

[2011/01/19 22:49:40 | 000,103,872 | ---- | M] () -- C:\Windows\System32\perfc009.dat

[2011/01/19 22:48:28 | 000,000,432 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{FEB9CB07-17A8-42AA-BCE1-A64181AF0483}.job

[2011/01/19 22:45:11 | 000,001,050 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job

[2011/01/19 22:45:09 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0

[2011/01/19 22:45:09 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0

[2011/01/19 22:45:05 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat

[2011/01/19 22:45:00 | 3219,320,832 | -HS- | M] () -- C:\hiberfil.sys

[2011/01/19 22:03:00 | 000,001,054 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

[2011/01/19 22:00:14 | 000,001,679 | ---- | M] () -- C:\Users\Donik\Desktop\AD-R.lnk

[2011/01/19 22:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\Recovery DVD Creator-Donik.job

[2011/01/19 22:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\Extension de garantie-Donik.job

[2011/01/17 21:45:54 | 000,001,050 | ---- | M] () -- C:\Users\Public\Desktop\EA Download Manager.lnk

[2011/01/16 23:11:17 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt

[2011/01/16 18:53:00 | 000,513,032 | ---- | M] () -- C:\Users\Donik\Desktop\sdasetup.exe

[2011/01/13 09:47:32 | 000,188,216 | ---- | M] (AVAST Software) -- C:\Windows\System32\aswBoot.exe

[2011/01/13 09:41:16 | 000,294,608 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswSP.sys

[2011/01/13 09:40:16 | 000,047,440 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswTdi.sys

[2011/01/13 09:37:30 | 000,023,632 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswRdr.sys

[2011/01/13 09:37:19 | 000,051,280 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswMonFlt.sys

[2011/01/13 09:37:09 | 000,017,744 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswFsBlk.sys

[2011/01/05 00:04:55 | 000,002,392 | ---- | M] () -- C:\Users\Donik\Documents\MumbleAutomaticCertificateBackup.p12

[2011/01/05 00:03:38 | 000,000,796 | ---- | M] () -- C:\Users\Public\Desktop\Mumble (Backwards Compatible).lnk

[2011/01/05 00:03:38 | 000,000,779 | ---- | M] () -- C:\Users\Public\Desktop\Mumble.lnk

[2011/01/02 12:45:27 | 000,001,941 | ---- | M] () -- C:\Users\Public\Desktop\Age of Empires III.lnk

[2011/01/02 12:12:12 | 000,001,843 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk

[2010/12/31 21:06:36 | 000,038,848 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr

[2010/12/29 19:49:20 | 000,018,454 | ---- | M] () -- C:\Users\Donik\Documents\Sans nom 2.odt

[2010/12/29 19:18:42 | 000,032,273 | ---- | M] () -- C:\Users\Donik\Documents\Rencontre des trois mousquetaires..odt

[2010/12/28 16:55:03 | 000,413,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\odbc32.dll

[2010/12/21 18:46:26 | 000,014,304 | ---- | M] () -- C:\Users\Donik\Documents\rencontre avec les trois mousquetaires, interview exclusive.rtf

 

========== Files Created - No Company Name ==========

 

[2011/01/19 22:00:14 | 000,001,679 | ---- | C] () -- C:\Users\Donik\Desktop\AD-R.lnk

[2011/01/17 21:44:46 | 000,001,050 | ---- | C] () -- C:\Users\Public\Desktop\EA Download Manager.lnk

[2011/01/16 18:53:11 | 000,513,032 | ---- | C] () -- C:\Users\Donik\Desktop\sdasetup.exe

[2011/01/05 00:04:55 | 000,002,392 | ---- | C] () -- C:\Users\Donik\Documents\MumbleAutomaticCertificateBackup.p12

[2011/01/05 00:03:38 | 000,000,796 | ---- | C] () -- C:\Users\Public\Desktop\Mumble (Backwards Compatible).lnk

[2011/01/05 00:03:38 | 000,000,779 | ---- | C] () -- C:\Users\Public\Desktop\Mumble.lnk

[2011/01/02 12:45:27 | 000,001,941 | ---- | C] () -- C:\Users\Public\Desktop\Age of Empires III.lnk

[2011/01/02 12:12:12 | 000,001,843 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk

[2010/12/29 19:49:18 | 000,018,454 | ---- | C] () -- C:\Users\Donik\Documents\Sans nom 2.odt

[2010/12/21 18:46:25 | 000,014,304 | ---- | C] () -- C:\Users\Donik\Documents\rencontre avec les trois mousquetaires, interview exclusive.rtf

[2010/12/21 05:39:38 | 000,032,273 | ---- | C] () -- C:\Users\Donik\Documents\Rencontre des trois mousquetaires..odt

[2010/08/20 10:12:39 | 000,000,000 | ---- | C] () -- C:\Users\Donik\AppData\Roaming\wklnhst.dat

[2010/08/08 00:27:39 | 000,031,744 | ---- | C] () -- C:\Users\Donik\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2010/07/06 03:13:36 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll

[2010/07/02 19:51:32 | 000,007,592 | ---- | C] () -- C:\Users\Donik\AppData\Local\d3d9caps.dat

[2008/11/21 08:38:27 | 000,000,209 | ---- | C] () -- C:\Windows\ODBCINST.INI

[2006/11/02 13:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll

[2006/11/02 08:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini

 

========== Custom Scans ==========

 

 

< %SYSTEMDRIVE%\*.exe >

[2008/01/16 12:48:06 | 000,562,688 | ---- | M] (Microsoft Corporation) -- C:\install.exe

 

 

< MD5 for: AGP440.SYS >

[2008/01/21 03:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\drivers\AGP440.sys

[2008/01/21 03:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_51b95d75\AGP440.sys

[2008/01/21 03:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\AGP440.sys

[2008/01/21 03:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys

[2008/01/21 03:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\AGP440.sys

[2006/11/02 10:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys

 

< MD5 for: ATAPI.SYS >

[2009/04/11 07:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\drivers\atapi.sys

[2009/04/11 07:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_b12d8e84\atapi.sys

[2009/04/11 07:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys

[2008/01/21 03:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys

[2008/01/21 03:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys

[2006/11/02 10:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys

 

< MD5 for: CNGAUDIT.DLL >

[2006/11/02 10:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\System32\cngaudit.dll

[2006/11/02 10:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll

 

< MD5 for: IASTORV.SYS >

[2008/01/21 03:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\drivers\iaStorV.sys

[2008/01/21 03:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_c9df7691\iaStorV.sys

[2008/01/21 03:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_af11527887c7fa8f\iaStorV.sys

[2006/11/02 10:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_37cdafa4\iaStorV.sys

 

< MD5 for: NETLOGON.DLL >

[2009/04/11 07:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\System32\netlogon.dll

[2009/04/11 07:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_ffa3304f351bb3a3\netlogon.dll

[2008/01/21 03:24:05 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7b74337f9e857\netlogon.dll

 

< MD5 for: NVRD32.SYS >

[2007/09/11 14:19:20 | 000,123,424 | ---- | M] (NVIDIA Corporation) MD5=F2ABAB0C99237CE4E97478AF2E0438A0 -- C:\drivers\MOBO\CHIPSET\IDE\WinVista\sataraid\nvrd32.sys

[2007/09/11 14:19:20 | 000,123,424 | ---- | M] (NVIDIA Corporation) MD5=F2ABAB0C99237CE4E97478AF2E0438A0 -- C:\Windows\Oem\mp\drivers\SOURCES\MOBO\CHIPSET\IDE\WinVista\sataraid\nvrd32.sys

[2007/09/11 14:19:20 | 000,123,424 | ---- | M] (NVIDIA Corporation) MD5=F2ABAB0C99237CE4E97478AF2E0438A0 -- C:\Windows\System32\drivers\nvrd32.sys

[2007/09/11 14:19:20 | 000,123,424 | ---- | M] (NVIDIA Corporation) MD5=F2ABAB0C99237CE4E97478AF2E0438A0 -- C:\Windows\System32\DriverStore\FileRepository\nvrd32.inf_8225a48e\nvrd32.sys

 

< MD5 for: NVSTOR.SYS >

[2006/11/02 10:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys

[2008/01/21 03:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\drivers\nvstor.sys

[2008/01/21 03:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvstor.sys

[2008/01/21 03:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvstor.sys

 

< MD5 for: SCECLI.DLL >

[2008/01/21 03:24:50 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll

[2009/04/11 07:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\System32\scecli.dll

[2009/04/11 07:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_39f95b67d63d3a5e\scecli.dll

 

< %systemroot%\*. /mp /s >

 

< %systemroot%\system32\*.dll /lockedfiles >

[2009/04/11 07:27:47 | 000,241,128 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\rsaenh.dll

[2009/04/11 07:28:23 | 000,228,352 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\SLC.dll

 

< %systemroot%\Tasks\*.job /lockedfiles >

 

========== Hard Links - Junction Points - Mount Points - Symbolic Links ==========

[C:\Windows\Oem\mp] -> Volume{4938974b-85f4-11df-8c44-806e6f6e6963}\ -> Mount Point

 

========== Alternate Data Streams ==========

 

@Alternate Data Stream - 16 bytes -> C:\Users\Donik\Downloads:Shareaza.GUID

 

< End of report >

bernard53 Godlike Member

bernard53

Posté(e)
Posté(e) (modifié)

OK pour les rapports et à priori pas de soucis majeur.

 

* Fait un double-clic sur l'icône d'OTL pour le lancer

/!\ pour Vista/Seven fais un clic-droit sur l'icône d'OTL et choisis "Exécuter en tant qu'administrateur"

 

* Assure-toi d'avoir fermé toutes les applications en court de fonctionnement.

 

* Quand la fenêtre d'OTL apparaît, assure toi que dans la section "Rapport" (en haut à droite) la case " Rapport minimal" soit cochée.

 

* Copies et colles le contenue de cette citation dans la partie inférieure d'OTL "Personnalisation"

:OTL

FF - prefs.js..browser.startup.homepage: Fissa search

FF - prefs.js..extensions.enabledItems: offerboxffx@offerbox.com:2.2.3132.70

FF - prefs.js..extensions.enabledItems: ffxtlbr@Facemoods.com:1.0.4

O2 - BHO: (Shareaza Web Download Hook) - {0EEDB912-C5FA-486F-8334-57288578C627} - C:\Program Files\Shareaza\RazaWebHook32.dll (Shareaza Development Team)

O2 - BHO: (CescrtHlpr Object) - {64182481-4F71-486b-A045-B233BD0DA8FC} - C:\Program Files\facemoods.com\facemoods\1.3.62.1\facemoods.dll (facemoods.com)

 

:Files

C:\Program Files\mozilla firefox\extensions\ffxtlbr@Facemoods.com

:Commands

[emptytemp]

* Cliques sur l'icône Correction (en haut à gauche) .

* Laisse le scan aller à son terme sans te servir du PC

* A la fin du scan un rapport s'ouvrir "OTL.Txt"

* Copie et colle le ou les rapports dans ta réponse stp...

* Au cas où, tu peux les retrouver dans le dossier C:\OTL ou sur ton bureau en fonction des cas rencontrés

Mets le rapport ici car il prend bien de la place.

Cijoint.fr - Service gratuit de dépôt de fichiers

 

Ensuite par précaution::

 

Installe Malewarebytes' Antimalware,

Téléchargement

 

 

 

*** Met-le à jour puis choisi, Exécuter un examen complet

 

*** Si une infection est trouvée, coche la case a coté et valides avec l’Onglet Supprimer la sélection

 

Poste le rapport final.

 

 

 

ensuite comme tu as firefox installe "Adblock ' ici.

 

Adblock Plus :: Modules pour Firefox

 

il te sera une fois l'installation faite de ce module demander de choisir une liste pour "Adblock " acceptes donc et choisi le France dans la liste.

 

si tu as le moindre soucis avec ce module n'hésite pas et demande. :super:

Modifié par bernard53

Rejoindre la conversation

Vous pouvez publier maintenant et vous inscrire plus tard. Si vous avez un compte, connectez-vous maintenant pour publier avec votre compte.
Remarque : votre message nécessitera l’approbation d’un modérateur avant de pouvoir être visible.

Invité
Répondre à ce sujet…

×   Collé en tant que texte enrichi.   Coller en tant que texte brut à la place

  Seulement 75 émoticônes maximum sont autorisées.

×   Votre lien a été automatiquement intégré.   Afficher plutôt comme un lien

×   Votre contenu précédent a été rétabli.   Vider l’éditeur

×   Vous ne pouvez pas directement coller des images. Envoyez-les depuis votre ordinateur ou insérez-les depuis une URL.

×
 Partager
Aller sur la liste des sujets

  • En ligne récemment   0 membre est en ligne

    • Aucun utilisateur enregistré regarde cette page.
×
×
  • Créer...