virus gomeo , ebay?

[lance_yien]

C'était presque la fin.

Relance-le encore une seule fois.

Si le problème persiste on fera autrement.

[MehDiZz]

re ,

 

J'ai refais et toujours pareil , a la 50eme etape il y a l'ecran bleu comme quoi windows a rencontré un probleme , redemarage du pc ...

 

Merci de prendre de ton temps pour moi

[lance_yien]

OK, on laisse tomber CombFix.

 

Imprimer ces instructions ou les enregistrer dans un fichier texte sur le Bureau pour les consulter facilement à tout moment.

 

>>> Utiliser Defogger: Cliquer sur Defogger.exe puis sur Re-enable. Suivre les indications.

 

 

>>> Utiliser OTL: Télécharger, sur le Bureau OTL (par OldTimer) depuis ici ou ici.

Brancher et allumer tous les médias amovibles disponibles (Disques externes, clés USB etc...).

Fermer toutes les applications et fenêtres ouvertes et double-cliquer sur OTL.exe (Vista/ Windows7, cliquer-droit dessus => Exécuter en tant qu'Admin).

Copiez/ Collez ces lignes (commençant par netsvcs) dans l'espace sous "Personnalisation":

netsvcs

drivers32

%SYSTEMDRIVE%\*.*

%systemroot%\*. /mp /s

%systemroot%\system32\*.dll /lockedfiles

%systemroot%\Tasks\*.job /lockedfiles

%systemroot%\System32\config\*.sav

%systemroot%\system32\drivers\*.sys /90

CREATERESTOREPOINT

HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs

SAVEMBR:0

Sans rien changer, cliquer sur le bouton bleu Analyse et laisser faire.

A la fin du scan, 2 rapports seront créés: OTL.txt (qui s'ouvre dans le bloc-note) et Extras.txt (qui sera minimisé dans la Barre des tâches).

 

Copier/ Coller le contenu de chaque rapport, un seul par message parce qu'ils sont souvent très longs et dépassent la limite autorisée par le forum.

[MehDiZz]

Voici le rapport OTL

 

OTL logfile created on: 19/04/2011 13:07:42 - Run 1

OTL by OldTimer - Version 3.2.22.3 Folder = C:\Documents and Settings\mehdi B\Bureau

Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 6.0.2900.2180)

Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

 

1 022,00 Mb Total Physical Memory | 738,00 Mb Available Physical Memory | 72,00% Memory free

2,00 Gb Paging File | 2,00 Gb Available in Paging File | 87,00% Paging File free

Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files

Drive C: | 84,90 Gb Total Space | 44,51 Gb Free Space | 52,43% Space Free | Partition Type: NTFS

Drive D: | 7,24 Gb Total Space | 1,34 Gb Free Space | 18,46% Space Free | Partition Type: FAT32

 

Computer Name: MEHDI | User Name: mehdi B | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

 

========== Processes (SafeList) ==========

 

PRC - [2011/04/19 13:02:29 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\mehdi B\Bureau\OTL.exe

PRC - [2010/05/26 19:28:14 | 002,913,576 | ---- | M] (Guillemot Corporation S.A.) -- C:\Program Files\Hercules\Deluxe Optical Glass\XtrCtrl.exe

PRC - [2010/05/21 00:58:48 | 011,312,128 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\soffice.bin

PRC - [2010/05/21 00:58:46 | 011,318,784 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\soffice.exe

PRC - [2009/09/15 12:56:48 | 000,081,000 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashDisp.exe

PRC - [2009/04/07 09:39:44 | 000,233,472 | ---- | M] (Teruten) -- C:\WINDOWS\system32\FsUsbExService.Exe

PRC - [2006/02/17 15:26:32 | 000,073,728 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe

PRC - [2005/09/24 08:42:32 | 000,475,136 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files\Hp\Digital Imaging\bin\hpqimzone.exe

PRC - [2004/08/05 23:00:00 | 001,036,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe

 

 

========== Modules (SafeList) ==========

 

MOD - [2011/04/19 13:02:29 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\mehdi B\Bureau\OTL.exe

MOD - [2006/05/03 22:53:54 | 000,174,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\framedyn.dll

MOD - [2004/08/05 23:00:00 | 001,050,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll

 

 

========== Win32 Services (SafeList) ==========

 

SRV - File not found [Disabled | Stopped] -- -- (HidServ)

SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt)

SRV - [2009/04/07 09:39:44 | 000,233,472 | ---- | M] (Teruten) [Auto | Running] -- C:\WINDOWS\system32\FsUsbExService.Exe -- (FsUsbExService)

SRV - [2008/11/04 01:06:28 | 000,441,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv)

SRV - [2008/04/07 09:17:30 | 000,430,592 | ---- | M] (Nokia.) [On_Demand | Stopped] -- c:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)

SRV - [2006/10/26 14:03:08 | 000,145,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE -- (ose)

SRV - [2006/02/17 15:26:32 | 000,073,728 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe -- (LightScribeService)

SRV - [2004/10/22 03:24:18 | 000,073,728 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- c:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe -- (IDriverT)

 

 

========== Driver Services (SafeList) ==========

 

DRV - [2010/08/25 11:36:34 | 000,013,824 | ---- | M] (LoteSoft Co.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\splitcam.sys -- (SPLITCAM)

DRV - [2009/04/22 15:46:42 | 003,482,112 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\snp2uvc.sys -- (SNP2UVC)

DRV - [2009/04/07 09:39:44 | 000,036,608 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\FsUsbExDisk.Sys -- (FsUsbExDisk)

DRV - [2009/02/09 00:42:42 | 000,099,968 | ---- | M] (Guillemot Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\hxctlflt.sys -- (hxctlflt)

DRV - [2007/09/17 15:53:26 | 000,021,632 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)

DRV - [2007/07/03 16:58:20 | 000,106,792 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sscdmdm.sys -- (sscdmdm)

DRV - [2007/07/03 16:57:24 | 000,011,944 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sscdmdfl.sys -- (sscdmdfl)

DRV - [2007/07/03 16:54:24 | 000,080,552 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sscdbus.sys -- (sscdbus) SAMSUNG USB Composite Device driver (WDM)

DRV - [2006/07/24 16:05:00 | 000,005,632 | ---- | M] () [File_System | System | Running] -- C:\WINDOWS\System32\drivers\StarOpen.sys -- (StarOpen)

DRV - [2006/04/18 13:29:06 | 000,569,856 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\CHDAud.sys -- (HdAudAddService)

DRV - [2006/03/14 20:02:54 | 001,428,480 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\w39n51.sys -- (w39n51) Intel®

DRV - [2006/03/02 13:03:32 | 000,057,096 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btwusb.sys -- (BTWUSB)

DRV - [2005/09/20 12:30:56 | 000,162,432 | ---- | M] (Texas Instruments) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tifm21.sys -- (tifm21)

DRV - [2005/09/19 13:24:20 | 000,005,760 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\EabUsb.sys -- (eabusb)

DRV - [2005/09/19 13:24:10 | 000,009,344 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\CPQBttn.sys -- (HBtnKey)

DRV - [2005/09/19 13:23:52 | 000,007,808 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\eabfiltr.sys -- (eabfiltr)

DRV - [2005/08/22 17:07:00 | 001,035,008 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DPV.sys -- (HSF_DPV)

DRV - [2005/08/22 17:06:16 | 000,201,600 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWAZL.sys -- (HSFHWAZL)

DRV - [2005/08/22 17:06:10 | 000,718,464 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)

DRV - [2004/08/04 08:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139) Pilote NT de carte Realtek PCI Fast Ethernet à base RTL8139(A/B/C)

 

 

========== Standard Registry (SafeList) ==========

 

 

========== Internet Explorer ==========

 

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Homepage

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =

 

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Ask.com France - L'autre moteur de recherche

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

========== FireFox ==========

 

FF - prefs.js..browser.search.defaultengine: "Ask.com"

FF - prefs.js..browser.search.defaultenginename: "Ask.com"

FF - prefs.js..browser.search.order.1: "Ask.com"

FF - prefs.js..browser.search.selectedEngine: "Google"

FF - prefs.js..browser.search.useDBForOrder: true

FF - prefs.js..browser.startup.homepage: "http://fr.ask.com?o=14200&l=dis"

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20

FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0

FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:5.0.0.6906

 

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.16\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/03/24 09:36:52 | 000,000,000 | ---D | M]

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.16\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/03/24 09:36:52 | 000,000,000 | ---D | M]

 

[2010/09/11 12:41:56 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\mehdi B\Application Data\Mozilla\Extensions

[2010/09/11 12:41:56 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\mehdi B\Application Data\Mozilla\Extensions\mozswing@mozswing.org

[2011/04/19 10:26:16 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\mehdi B\Application Data\Mozilla\Firefox\Profiles\3a0i905a.default\extensions

[2011/01/17 19:34:43 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\mehdi B\Application Data\Mozilla\Firefox\Profiles\3a0i905a.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}

[2010/11/18 13:36:00 | 000,002,394 | ---- | M] () -- C:\Documents and Settings\mehdi B\Application Data\Mozilla\Firefox\Profiles\3a0i905a.default\searchplugins\askcom.xml

[2010/08/25 11:37:02 | 000,002,340 | ---- | M] () -- C:\Documents and Settings\mehdi B\Application Data\Mozilla\Firefox\Profiles\3a0i905a.default\searchplugins\bigseekpro.xml

[2011/04/19 10:26:16 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions

[2011/01/08 15:05:15 | 000,000,000 | ---D | M] (Skype extension) -- C:\Program Files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}

[2010/08/23 13:56:26 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}

[2010/08/23 13:56:13 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF

[2010/08/23 13:56:12 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll

[2010/09/14 23:32:19 | 000,001,516 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazon-france.xml

[2010/09/14 23:32:19 | 000,001,822 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\cnrtl-tlfi-fr.xml

[2010/09/14 23:32:19 | 000,000,757 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-france.xml

[2010/09/14 23:32:19 | 000,001,426 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-fr.xml

[2010/09/14 23:32:19 | 000,000,956 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-france.xml

 

Hosts file not found

O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)

O2 - BHO: (AC-Pro) - {0FB6A909-6086-458F-BD92-1F8EE10042A0} - C:\Program Files\AutocompletePro\AutocompletePro.dll (SimplyGen)

O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.

O2 - BHO: (Programme d'aide de l'Assistant de connexion Windows Live) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)

O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)

O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

O3 - HKLM\..\Toolbar: (&Google) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)

O3 - HKCU\..\Toolbar\WebBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)

O4 - HKLM..\Run: [avast!] C:\Program Files\Alwil Software\Avast4\ashDisp.exe (ALWIL Software)

O4 - HKLM..\Run: [CamserviceOG] C:\Program Files\Hercules\Deluxe Optical Glass\XtrCtrl.exe (Guillemot Corporation S.A.)

O4 - HKLM..\Run: [High Definition Audio Property Page Shortcut] C:\WINDOWS\System32\CHDAudPropShortcut.exe (Windows ® Server 2003 DDK provider)

O4 - HKLM..\Run: [KernelFaultCheck] File not found

O4 - HKLM..\Run: [Lexmark X1100 Series] C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe (Lexmark International, Inc.)

O4 - HKLM..\Run: [NPSStartup] File not found

O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)

O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation)

O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()

O4 - HKLM..\Run: [RecGuard] C:\WINDOWS\SMINST\Recguard.exe ()

O4 - HKLM..\Run: [userFaultCheck] File not found

O4 - HKCU..\Run: [AutoStartNPSAgent] C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe (Samsung Electronics Co., Ltd.)

O4 - HKCU..\Run: [badoo Desktop] C:\Documents and Settings\All Users\Application Data\Badoo\Badoo Desktop\1.3.12.904\Badoo.Desktop.exe (Badoo)

O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Démarrage rapide de HP Photosmart Premier.lnk = C:\Program Files\Hp\Digital Imaging\bin\hpqthb08.exe (Hewlett-Packard Development Company, L.P.)

O4 - Startup: C:\Documents and Settings\mehdi B\Menu Démarrer\Programmes\Démarrage\OpenOffice.org 3.2.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863

O8 - Extra context menu item: &Traduire à partir de l'anglais - C:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)

O8 - Extra context menu item: Pages liées - C:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)

O8 - Extra context menu item: Pages similaires - C:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)

O8 - Extra context menu item: Recherche &Google - C:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)

O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - C:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)

O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)

O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} http://messenger.zone.msn.com/MessengerGamesContent/GameContent/fr/uno1/GAME_UNO1.cab (UnoCtrl Class)

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)

O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab (MessengerStatsClient Class)

O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab (Java Plug-in 1.5.0_06)

O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1

O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)

O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Fichiers communs\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)

O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Fichiers communs\Skype\Skype4COM.dll (Skype Technologies)

O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)

O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)

O24 - Desktop Components:0 (Ma page d'accueil) - About:Home

O24 - Desktop WallPaper: C:\WINDOWS\Wave.bmp

O24 - Desktop BackupWallPaper: C:\WINDOWS\Wave.bmp

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2001/07/27 11:07:38 | 000,000,000 | -HS- | M] () - D:\AUTOEXEC.BAT -- [ FAT32 ]

O32 - AutoRun File - [2004/04/30 03:01:14 | 000,000,053 | -HS- | M] () - D:\Autorun.inf -- [ FAT32 ]

O34 - HKLM BootExecute: (autocheck autochk *) - File not found

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

 

NetSvcs: 6to4 - File not found

NetSvcs: AppMgmt - File not found

NetSvcs: HidServ - File not found

NetSvcs: Ias - File not found

NetSvcs: Iprip - File not found

NetSvcs: Irmon - File not found

NetSvcs: NWCWorkstation - File not found

NetSvcs: Nwsapagent - File not found

NetSvcs: WmdmPmSp - File not found

 

Drivers32: msacm.ac3acm - C:\WINDOWS\System32\ac3acm.acm (fccHandler)

Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)

Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)

Drivers32: msacm.lameacm - C:\WINDOWS\System32\lameACM.acm (http://www.mp3dev.org/)

Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)

Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)

Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)

Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)

Drivers32: VIDC.FFDS - C:\WINDOWS\System32\ff_vfw.dll ()

Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()

Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()

Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)

Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)

Drivers32: VIDC.XVID - C:\WINDOWS\System32\xvidvfw.dll ()

 

CREATERESTOREPOINT

Restore point Set: OTL Restore Point (54619756233228288)

PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

 

========== Files/Folders - Created Within 30 Days ==========

 

[2011/04/19 13:02:28 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\mehdi B\Bureau\OTL.exe

[2011/04/19 12:33:21 | 000,000,000 | --SD | C] -- C:\ComboFix

[2011/04/19 11:15:14 | 000,000,000 | RHSD | C] -- C:\cmdcons

[2011/04/19 11:12:49 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe

[2011/04/19 11:12:49 | 000,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe

[2011/04/19 11:12:49 | 000,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe

[2011/04/19 11:12:49 | 000,031,232 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe

[2011/04/19 11:12:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT

[2011/04/19 11:12:15 | 000,000,000 | ---D | C] -- C:\Qoobox

[2011/04/19 09:37:40 | 001,377,112 | ---- | C] (Kaspersky Lab ZAO) -- C:\Documents and Settings\mehdi B\Bureau\TDSSKiller.exe

[2011/04/19 09:34:53 | 007,734,240 | ---- | C] (Malwarebytes Corporation ) -- C:\Documents and Settings\mehdi B\Bureau\mbam-setup.exe

[2011/04/17 12:56:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\mehdi B\Application Data\Malwarebytes

[2011/04/17 12:56:12 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys

[2011/04/17 12:56:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Malwarebytes' Anti-Malware

[2011/04/17 12:56:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes

[2011/04/17 12:56:08 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys

[2011/04/17 12:56:08 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware

[2011/04/17 11:31:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\Minidump

[2011/04/17 11:29:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\avast! Antivirus

[2011/04/17 11:29:35 | 000,097,480 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\AvastSS.scr

[2011/04/11 14:34:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Macromedia

[2011/04/11 14:34:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Adobe

[2011/04/11 13:54:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Macromedia

[2011/04/11 13:54:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Adobe

[2011/04/09 19:47:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Badoo

[2011/04/05 19:52:37 | 000,000,000 | ---D | C] -- C:\Program Files\Winamax Poker

[2010/08/24 22:58:46 | 000,184,320 | ---- | C] ( ) -- C:\WINDOWS\System32\rsnp2uvc.dll

[2010/08/24 22:58:46 | 000,176,128 | ---- | C] ( ) -- C:\WINDOWS\System32\csnp2uvc.dll

[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

 

========== Files - Modified Within 30 Days ==========

 

[2011/04/19 13:08:58 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin

[2011/04/19 13:02:29 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\mehdi B\Bureau\OTL.exe

[2011/04/19 12:40:16 | 000,050,868 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml

[2011/04/19 12:40:13 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat

[2011/04/19 12:40:09 | 1071,763,456 | -HS- | M] () -- C:\hiberfil.sys

[2011/04/19 11:15:20 | 000,000,332 | RHS- | M] () -- C:\boot.ini

[2011/04/19 11:08:30 | 000,050,477 | ---- | M] () -- C:\Documents and Settings\mehdi B\Bureau\Defogger.exe

[2011/04/19 11:08:27 | 004,324,342 | R--- | M] () -- C:\Documents and Settings\mehdi B\Bureau\ComboFix.exe

[2011/04/19 11:07:41 | 000,024,271 | ---- | M] () -- C:\Documents and Settings\mehdi B\Bureau\Sans nom 2.odt

[2011/04/19 11:07:40 | 000,000,122 | -H-- | M] () -- C:\Documents and Settings\mehdi B\Bureau\.~lock.Sans nom 2.odt#

[2011/04/19 09:54:47 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Malwarebytes' Anti-Malware.lnk

[2011/04/19 09:36:05 | 000,879,081 | ---- | M] () -- C:\Documents and Settings\mehdi B\Bureau\SecurityCheck.exe

[2011/04/19 09:35:12 | 007,734,240 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\mehdi B\Bureau\mbam-setup.exe

[2011/04/19 09:33:27 | 000,027,176 | ---- | M] () -- C:\Documents and Settings\mehdi B\Bureau\Sans nom 1.odt

[2011/04/18 22:30:08 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job

[2011/04/17 11:35:20 | 000,003,072 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT

[2011/04/17 11:29:19 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\mehdi B\Application Data\chrtmp

[2011/04/17 09:47:32 | 000,037,213 | ---- | M] () -- C:\Documents and Settings\mehdi B\Bureau\3.jpg

[2011/04/17 09:47:25 | 000,069,937 | ---- | M] () -- C:\Documents and Settings\mehdi B\Bureau\2.jpg

[2011/04/17 09:47:17 | 000,051,268 | ---- | M] () -- C:\Documents and Settings\mehdi B\Bureau\1.jpg

[2011/04/16 21:09:46 | 000,176,640 | ---- | M] () -- C:\Documents and Settings\mehdi B\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2011/04/13 17:29:05 | 000,000,271 | ---- | M] () -- C:\WINDOWS\lexstat.ini

[2011/04/11 19:53:55 | 002,334,460 | ---- | M] () -- C:\Documents and Settings\mehdi B\Bureau\DSC02927.JPG

[2011/04/11 16:42:50 | 000,015,312 | ---- | M] () -- C:\Documents and Settings\mehdi B\Bureau\lm ambulance.odt

[2011/04/06 17:31:45 | 000,010,637 | ---- | M] () -- C:\Documents and Settings\mehdi B\Bureau\croque.jpg

[2011/04/05 19:52:38 | 000,000,680 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Winamax Poker.lnk

[2011/04/05 17:28:22 | 000,179,986 | ---- | M] () -- C:\Documents and Settings\mehdi B\Mes documents\Unidialog_3770069B_1302017246748.pdf

[2011/03/31 09:47:39 | 000,179,673 | ---- | M] () -- C:\Documents and Settings\mehdi B\Mes documents\Unidialog_2520101R_1301557626105.pdf

[2011/03/30 10:35:52 | 000,000,580 | ---- | M] () -- C:\Documents and Settings\mehdi B\Application Data\wklnhst.dat

[2011/03/27 09:47:16 | 000,510,980 | ---- | M] () -- C:\WINDOWS\System32\perfh00C.dat

[2011/03/27 09:47:16 | 000,441,458 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat

[2011/03/27 09:47:16 | 000,084,964 | ---- | M] () -- C:\WINDOWS\System32\perfc00C.dat

[2011/03/27 09:47:16 | 000,071,394 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat

[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

 

========== Files Created - No Company Name ==========

 

[2011/04/19 13:08:58 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin

[2011/04/19 11:15:20 | 000,000,216 | ---- | C] () -- C:\Boot.bak

[2011/04/19 11:15:16 | 000,263,488 | RHS- | C] () -- C:\cmldr

[2011/04/19 11:12:49 | 000,256,512 | ---- | C] () -- C:\WINDOWS\PEV.exe

[2011/04/19 11:12:49 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe

[2011/04/19 11:12:49 | 000,089,088 | ---- | C] () -- C:\WINDOWS\MBR.exe

[2011/04/19 11:12:49 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe

[2011/04/19 11:12:49 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe

[2011/04/19 11:09:02 | 004,324,342 | R--- | C] () -- C:\Documents and Settings\mehdi B\Bureau\ComboFix.exe

[2011/04/19 11:09:02 | 000,050,477 | ---- | C] () -- C:\Documents and Settings\mehdi B\Bureau\Defogger.exe

[2011/04/19 11:07:40 | 000,024,271 | ---- | C] () -- C:\Documents and Settings\mehdi B\Bureau\Sans nom 2.odt

[2011/04/19 11:07:40 | 000,000,122 | -H-- | C] () -- C:\Documents and Settings\mehdi B\Bureau\.~lock.Sans nom 2.odt#

[2011/04/19 09:36:05 | 000,879,081 | ---- | C] () -- C:\Documents and Settings\mehdi B\Bureau\SecurityCheck.exe

[2011/04/19 09:33:25 | 000,027,176 | ---- | C] () -- C:\Documents and Settings\mehdi B\Bureau\Sans nom 1.odt

[2011/04/17 12:56:13 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Malwarebytes' Anti-Malware.lnk

[2011/04/17 11:29:19 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\mehdi B\Application Data\chrtmp

[2011/04/17 11:29:03 | 000,380,928 | ---- | C] () -- C:\WINDOWS\System32\actskin4.ocx

[2011/04/17 09:47:31 | 000,037,213 | ---- | C] () -- C:\Documents and Settings\mehdi B\Bureau\3.jpg

[2011/04/17 09:47:25 | 000,069,937 | ---- | C] () -- C:\Documents and Settings\mehdi B\Bureau\2.jpg

[2011/04/17 09:47:15 | 000,051,268 | ---- | C] () -- C:\Documents and Settings\mehdi B\Bureau\1.jpg

[2011/04/11 19:51:17 | 002,334,460 | ---- | C] () -- C:\Documents and Settings\mehdi B\Bureau\DSC02927.JPG

[2011/04/11 16:42:49 | 000,015,312 | ---- | C] () -- C:\Documents and Settings\mehdi B\Bureau\lm ambulance.odt

[2011/04/06 17:31:42 | 000,010,637 | ---- | C] () -- C:\Documents and Settings\mehdi B\Bureau\croque.jpg

[2011/04/05 17:28:22 | 000,179,986 | ---- | C] () -- C:\Documents and Settings\mehdi B\Mes documents\Unidialog_3770069B_1302017246748.pdf

[2011/03/31 09:47:39 | 000,179,673 | ---- | C] () -- C:\Documents and Settings\mehdi B\Mes documents\Unidialog_2520101R_1301557626105.pdf

[2010/11/04 16:01:49 | 000,000,580 | ---- | C] () -- C:\Documents and Settings\mehdi B\Application Data\wklnhst.dat

[2010/10/10 17:09:37 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat

[2010/10/07 16:47:25 | 000,000,271 | ---- | C] () -- C:\WINDOWS\lexstat.ini

[2010/10/07 16:46:56 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\LXBKIH.EXE

[2010/10/07 16:46:56 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\LXBKLCNP.DLL

[2010/10/07 16:46:56 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\lxbkvs.dll

[2010/10/07 16:46:56 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\INSTMON.EXE

[2010/10/07 16:46:09 | 000,000,266 | ---- | C] () -- C:\WINDOWS\System32\lxbkcoin.ini

[2010/08/28 12:01:16 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\FsUsbExDevice.Dll

[2010/08/28 12:01:16 | 000,036,608 | ---- | C] () -- C:\WINDOWS\System32\FsUsbExDisk.Sys

[2010/08/28 12:00:57 | 000,002,528 | ---- | C] () -- C:\Documents and Settings\mehdi B\Application Data\$_hpcst$.hpc

[2010/08/24 22:58:46 | 003,482,112 | ---- | C] () -- C:\WINDOWS\System32\drivers\snp2uvc.sys

[2010/08/24 22:58:46 | 000,027,264 | ---- | C] () -- C:\WINDOWS\System32\drivers\sncduvc.sys

[2010/08/24 22:58:46 | 000,015,497 | ---- | C] () -- C:\WINDOWS\snp2uvc.ini

[2010/08/24 22:58:10 | 000,015,144 | ---- | C] () -- C:\WINDOWS\System32\HWLMSET2PS.dll

[2010/08/24 22:29:46 | 003,600,384 | ---- | C] () -- C:\WINDOWS\ffmpeg.exe

[2010/08/24 10:55:26 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\LauncherAccess.dt

[2010/08/24 10:54:24 | 000,005,632 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys

[2010/08/23 13:16:10 | 000,165,376 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll

[2010/08/23 13:16:09 | 000,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini

[2010/08/23 13:16:02 | 000,790,528 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll

[2010/08/23 13:16:02 | 000,134,144 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll

[2010/08/23 13:16:01 | 000,108,032 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll

[2010/08/23 13:00:57 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat

[2010/08/22 20:43:42 | 000,176,640 | ---- | C] () -- C:\Documents and Settings\mehdi B\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2010/08/22 19:52:08 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat

[2010/08/22 19:45:22 | 000,000,130 | ---- | C] () -- C:\Documents and Settings\mehdi B\Local Settings\Application Data\fusioncache.dat

[2006/05/11 10:36:05 | 001,662,976 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll

[2006/05/11 10:36:05 | 001,519,616 | ---- | C] () -- C:\WINDOWS\System32\nwiz.exe

[2006/05/11 10:36:05 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll

[2006/05/11 10:36:04 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll

[2006/05/11 10:36:03 | 001,466,368 | ---- | C] () -- C:\WINDOWS\System32\nview.dll

[2006/05/11 10:36:03 | 001,339,392 | ---- | C] () -- C:\WINDOWS\System32\nvdspsch.exe

[2006/05/11 10:36:02 | 000,442,368 | ---- | C] () -- C:\WINDOWS\System32\nvappbar.exe

[2006/05/11 10:36:02 | 000,425,984 | ---- | C] () -- C:\WINDOWS\System32\keystone.exe

[2006/05/11 10:36:02 | 000,098,304 | ---- | C] () -- C:\WINDOWS\System32\nvapi.dll

[2006/05/11 02:54:24 | 000,030,194 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini

[2006/03/27 08:57:04 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat

[2006/03/27 08:56:54 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini

[2006/03/27 08:23:20 | 000,088,020 | ---- | C] () -- C:\WINDOWS\hpqins69.dat

[2006/03/27 08:18:54 | 000,000,059 | ---- | C] () -- C:\WINDOWS\WININIT.INI

[2006/03/27 08:15:36 | 000,000,829 | ---- | C] () -- C:\WINDOWS\orun32.ini

[2006/03/27 08:06:04 | 000,510,980 | ---- | C] () -- C:\WINDOWS\System32\perfh00C.dat

[2006/03/27 08:06:04 | 000,441,458 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat

[2006/03/27 08:06:04 | 000,084,964 | ---- | C] () -- C:\WINDOWS\System32\perfc00C.dat

[2006/03/27 08:06:04 | 000,071,394 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat

[2006/03/27 08:01:58 | 000,239,144 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT

[2006/03/27 07:57:58 | 000,004,205 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI

[2006/03/27 07:55:28 | 000,021,892 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat

[2005/12/02 20:09:10 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini

[2004/08/05 23:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat

[2004/08/05 23:00:00 | 000,322,810 | ---- | C] () -- C:\WINDOWS\System32\perfi00C.dat

[2004/08/05 23:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat

[2004/08/05 23:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat

[2004/08/05 23:00:00 | 000,056,880 | ---- | C] () -- C:\WINDOWS\System32\scvideo.dll

[2004/08/05 23:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin

[2004/08/05 23:00:00 | 000,034,108 | ---- | C] () -- C:\WINDOWS\System32\perfd00C.dat

[2004/08/05 23:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat

[2004/08/05 23:00:00 | 000,027,440 | ---- | C] () -- C:\WINDOWS\System32\drivers\secdrv.sys

[2004/08/05 23:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat

[2004/08/05 23:00:00 | 000,001,788 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin

[2004/08/05 23:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat

[2002/05/28 23:55:42 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin

[2002/05/28 23:54:40 | 000,004,605 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat

 

========== Custom Scans ==========

 

 

< %SYSTEMDRIVE%\*.* >

[2010/08/23 14:11:03 | 000,000,216 | ---- | M] () -- C:\Boot.bak

[2011/04/19 11:15:20 | 000,000,332 | RHS- | M] () -- C:\boot.ini

[2004/08/05 23:00:00 | 000,004,952 | RHS- | M] () -- C:\Bootfont.bin

[2004/08/03 23:00:08 | 000,263,488 | RHS- | M] () -- C:\cmldr

[2011/04/19 12:40:09 | 1071,763,456 | -HS- | M] () -- C:\hiberfil.sys

[2010/08/22 20:28:44 | 000,000,849 | ---- | M] () -- C:\hpqp.ini

[2010/10/07 16:42:34 | 000,000,000 | RHS- | M] () -- C:\IO.SYS

[2010/10/07 16:42:34 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS

[2004/08/05 23:00:00 | 000,047,564 | RHS- | M] () -- C:\ntdetect.com

[2004/08/05 23:00:00 | 000,251,712 | RHS- | M] () -- C:\ntldr

[2011/04/19 12:40:08 | 1610,612,736 | -HS- | M] () -- C:\pagefile.sys

[2011/04/19 13:08:58 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin

[2011/04/19 09:43:22 | 000,052,084 | ---- | M] () -- C:\TDSSKiller.2.4.21.0_19.04.2011_09.39.09_log.txt

[2010/08/22 20:28:30 | 000,000,044 | ---- | M] () -- C:\XP_TV.ini

 

< %systemroot%\*. /mp /s >

 

< %systemroot%\system32\*.dll /lockedfiles >

[2 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

 

< %systemroot%\Tasks\*.job /lockedfiles >

 

< %systemroot%\System32\config\*.sav >

[2006/03/27 09:47:42 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav

[2006/03/27 09:47:42 | 000,638,976 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav

 

< %systemroot%\system32\drivers\*.sys /90 >

 

< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >

 

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2011-03-18 05:54:43

 

< End of report >

[MehDiZz]

Voici le rapport Extrats

 

OTL Extras logfile created on: 19/04/2011 13:07:42 - Run 1

OTL by OldTimer - Version 3.2.22.3 Folder = C:\Documents and Settings\mehdi B\Bureau

Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 6.0.2900.2180)

Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

 

1 022,00 Mb Total Physical Memory | 738,00 Mb Available Physical Memory | 72,00% Memory free

2,00 Gb Paging File | 2,00 Gb Available in Paging File | 87,00% Paging File free

Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files

Drive C: | 84,90 Gb Total Space | 44,51 Gb Free Space | 52,43% Space Free | Partition Type: NTFS

Drive D: | 7,24 Gb Total Space | 1,34 Gb Free Space | 18,46% Space Free | Partition Type: FAT32

 

Computer Name: MEHDI | User Name: mehdi B | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

 

========== Extra Registry (SafeList) ==========

 

 

========== File Associations ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*

.url [@ = InternetShortcut] -- rundll32.exe shdocvw.dll,OpenURL %l

 

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]

.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

 

========== Shell Spawning ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*

exefile [open] -- "%1" %*

InternetShortcut [open] -- rundll32.exe shdocvw.dll,OpenURL %l

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()

Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)

Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

 

========== Security Center Settings ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"FirstRunDisabled" = 1

"AntiVirusDisableNotify" = 0

"FirewallDisableNotify" = 0

"UpdatesDisableNotify" = 0

"AntiVirusOverride" = 0

"FirewallOverride" = 0

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

 

========== System Restore Settings ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]

"DisableSR" = 0

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]

"Start" = 0

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]

"Start" = 2

 

========== Firewall Settings ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

 

========== Authorized Applications List ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

"C:\Program Files\AOL 9.0\waol.exe" = C:\Program Files\AOL 9.0\waol.exe:*:Enabled:AOL France

"C:\Program Files\Hercules\Deluxe Optical Glass\XtrCtrl.exe" = C:\Program Files\Hercules\Deluxe Optical Glass\XtrCtrl.exe:*:Enabled:Hercules Xtra Controller Main Application -- (Guillemot Corporation S.A.)

"C:\Program Files\Samsung\Samsung New PC Studio\npsasvr.exe" = C:\Program Files\Samsung\Samsung New PC Studio\npsasvr.exe:*:Enabled:KTF MUSIC AoD Server -- (PeeringPortal)

"C:\Program Files\Samsung\Samsung New PC Studio\npsvsvr.exe" = C:\Program Files\Samsung\Samsung New PC Studio\npsvsvr.exe:*:Enabled:KTF MUSIC VoD Server -- (PeeringPortal)

"C:\Program Files\Hercules\Webcam Station Evolution SE\StationEvSE.exe" = C:\Program Files\Hercules\Webcam Station Evolution SE\StationEvSE.exe:*:Enabled:Hercules Webcam Station Evolution SE -- (Guillemot Corporation S.A.)

"C:\Program Files\LimeWire\LimeWire.exe" = C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire -- (Lime Wire, LLC)

"C:\Program Files\FrostWire\FrostWire.exe" = C:\Program Files\FrostWire\FrostWire.exe:*:Enabled:FrostWire -- (FrostWire Group)

 

 

========== HKEY_LOCAL_MACHINE Uninstall List ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{075473F5-846A-448B-BCB3-104AA1760205}" = Sonic Data Module

"{0C0670E5-2D51-42C6-ACFF-CBCB65B7DCDB}" = SplitCam

"{133742BA-6F46-4D3E-85AF-78631D9AD8B8}" = Installation Windows Live

"{1CB34CE9-0E6B-493F-BB66-3425E5DF76E5}" = CP_CalendarTemplates1

"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Outil de téléchargement Windows Live

"{21657574-BD54-48A2-9450-EB03B2C7FC29}" = Sonic MyDVD Plus

"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT

"{23012310-3E05-46A5-88A9-C6CBCABCAC79}" = Amélioration de nos services

"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer

"{23B35809-5E4A-4F14-8332-1CDEDDFAC089}" = CP_Package_Variety2

"{24BEBF2E-73F3-4599-840B-EDC612CCDD0D}" = Destinations

"{266517E6-D866-439D-919C-B8B1A52E6080}" = OpenOffice.org 3.2

"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java 6 Update 20

"{2A548002-9042-4083-A270-B67473DE1073}" = SkinsHP1

"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Sonic Update Manager

"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform

"{3248F0A8-6813-11D6-A77B-00B0D0150060}" = J2SE Runtime Environment 5.0 Update 6

"{34D2AB40-150D-475D-AE32-BD23FB5EE355}" = HP Quick Launch Buttons 6.00 E2

"{34F3FCF1-817B-4D61-B6AF-19D9486AFEA0}" = Unload

"{350C940c-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP

"{36D620AD-EEBA-4973-BA86-0C9AE6396620}" = OptionalContentQFolder

"{3F92ABBB-6BBF-11D5-B229-002078017FBF}" = NetWaiting

"{3FE0CFAB-584A-4AA5-B8CD-C32284CFA308}" = RandMap

"{4041C245-7099-4C96-9738-5EBC23827B3C}" = BufferChm

"{4302B2DD-D958-40E3-BAF3-B07FFE1978CE}" = HP Wireless Assistant 2.00 E1

"{445B183D-F4F1-45C8-B9DB-F11355CA657B}" = Windows Live Messenger

"{45D707E9-F3C4-11D9-A373-0050BAE317E1}" = HP QuickPlay 2.1

"{46C045BF-2B3F-4BC4-8E4C-00E0CF8BD9DB}" = Adobe AIR

"{494D17B5-3369-4905-8C4B-80C972C5E0FF}" = CP_Panorama1Config

"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater

"{4DA4012B-39AF-48c2-B23B-A4D570D233A6}" = cp_LightScribeConfig

"{522D1D79-9C0A-4361-91F8-2AFF8EC6C2E1}" = CP_Package_Variety1

"{53EE9E42-CECB-4C92-BF76-9CA65DAF8F1C}" = FullDPAppQFolder

"{54F0998F-73C8-4b51-8286-FE903C231BED}" = cp_PosterPrintConfig

"{60BA9B0D-FEF3-1A41-08AB-8083E5905C81}" = Winamax Poker

"{645D6B69-6456-442D-94D6-85F0636ED258}" = Badoo Desktop

"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Sonic Express Labeler

"{6815FCDD-401D-481E-BA88-31B4754C2B46}" = Macromedia Flash Player 8

"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update

"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin

"{766633B3-1AFA-44B6-A3FC-1DE991CD9C52}" = CP_Package_Basic1

"{79F8E1D4-36C1-439C-95FA-F695050B5B07}" = Sonic_PrimoSDK

"{7B6CF9EB-CB2B-4A1A-81A9-BE1A9044690A}" = TIPCI

"{7E84FAC8-C518-40F9-9807-7455301D6D25}" = SamsungConnectivityCableDriver

"{80AE27BA-B0ED-4288-A8B9-D8194BCF4115}" = cp_UpdateProjectsConfig

"{8105684D-8CA6-440D-8F58-7E5FD67A499D}" = Connexion Facile à Internet

"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable

"{869C3062-4745-4949-B6C9-98AF24D89030}" = PhotoGallery

"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight

"{90120000-0010-040C-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (French) 12

"{90120000-0016-040C-0000-0000000FF1CE}" = Microsoft Office Excel MUI (French) 2007

"{90120000-0016-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0018-040C-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (French) 2007

"{90120000-0018-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-001B-040C-0000-0000000FF1CE}" = Microsoft Office Word MUI (French) 2007

"{90120000-001B-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-001F-0401-0000-0000000FF1CE}" = Microsoft Office Proof (Arabic) 2007

"{90120000-001F-0401-0000-0000000FF1CE}_HOMESTUDENTR_{14809F99-C601-4D4A-9391-F1E8FAA964C5}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007

"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007

"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007

"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

"{90120000-001F-0413-0000-0000000FF1CE}" = Microsoft Office Proof (Dutch) 2007

"{90120000-001F-0413-0000-0000000FF1CE}_HOMESTUDENTR_{D66D5A44-E480-4BA4-B4F2-C554F6B30EBB}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007

"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

"{90120000-002C-040C-0000-0000000FF1CE}" = Microsoft Office Proofing (French) 2007

"{90120000-006E-040C-0000-0000000FF1CE}" = Microsoft Office Shared MUI (French) 2007

"{90120000-006E-040C-0000-0000000FF1CE}_HOMESTUDENTR_{B165D3C2-40AE-4D39-86F7-E5C87C4264C0}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-00A1-040C-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (French) 2007

"{90120000-00A1-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007

"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)

"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting

"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

"{9A394342-4A68-4EBA-85A6-55B559F4E700}" = Microsoft .NET Framework 1.1 French Language Pack

"{9D4ABB0C-F60B-44A6-956C-A4A63D5495C9}" = CueTour

"{A059DE09-1B49-4450-B340-7AE097EC3F04}" = Microsoft Works

"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI

"{A250D351-A07F-4D5D-AB6C-693C69B9BFAF}" = Hercules Webcam

"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2

"{A93C4E94-1005-489D-BEAA-B873C1AA6CFC}" = HP Help and Support

"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder

"{AB708C9B-97C8-4AC9-899B-DBF226AC9382}" = Sonic Audio Module

"{AC599724-5755-48C1-ABE7-ABB857652930}" = PC Connectivity Solution

"{AC76BA86-7AD7-1036-7B44-A00000000001}" = Adobe Reader 6.0.1 - Français

"{AEF7A12C-CD9B-4773-8AD1-6916138CA7EA}" = SmartAudio

"{B11E71BA-498C-42D4-9F1A-9D7A89D9DA61}" = CP_AtenaShokunin1Config

"{B12665F4-4E93-4AB4-B7FC-37053B524629}" = Sonic Copy Module

"{B3B487E7-6171-4376-9074-B28082CEB504}" = Windows Live Call

"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy

"{B57F2FF0-5A25-4332-B503-4592B370C02F}" = CP_Package_Variety3

"{BB85ED9C-AFC9-43BD-B8DC-258C3C7DF72E}" = HP Software Update

"{BBD3BF67-5B89-4CBB-BA58-5818ED5F3290}" = cp_OnlineProjectsConfig

"{BC96BBA7-C634-460E-AD18-A0A994213F80}" = HP User Guides--System Recovery

"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2

"{C3C44248-B8F7-4B20-A5C7-994870B60F55}" = Hercules Webcam Station Evolution SE

"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1

"{CD95D125-2992-4858-B3EF-5F6FB52FBAD6}" = Skype Toolbars

"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1

"{D755C7A3-C03E-4460-8C00-AC6E55505FB5}" = LightScribe 1.4.74.1

"{D8CE69B0-9274-4b8c-BA49-0FF6A20A3C65}" = SAMSUNG SYMBIAN USB Download Driver

"{DAEAFD68-BB4A-4507-A241-C8804D2EA66D}" = Apple Application Support

"{DB518BA6-CB74-4EB6-9ABD-880B6D6E1F38}" = HpSdpAppCoreApp

"{DCE8CD14-FBF5-4464-B9A4-E18E473546C7}" = Assistant de connexion Windows Live

"{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.1

"{E6F043EB-FEF5-4C34-95AF-99B3EB68F7D9}" = Hercules Deluxe Optical Glass

"{E7004147-2CCA-431C-AA05-2AB166B9785D}" = QuickTime

"{E74E3D81-773B-4DCF-B706-50236F80BD81}" = HP User Guides 0019

"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard

"{F193FC0E-9E18-40FC-A974-509A1BDD240A}" = Samsung New PC Studio

"{FC8D25A7-FF1B-41BB-BB3B-9A06C0A60AE0}" = InstantShareDevices

"{FD4FE0F7-91FC-43A2-9C3A-187553991FFF}" = Hercules Classic Link Webcam

"3A5DEFA413DDE699DBA6EBE0A63534ACA524D30F" = Package de pilotes Windows - Nokia pccsmcfd (10/12/2007 6.85.4.0)

"6194C28A8F62DD817EA1B918E6E46E806A21B452" = Package de pilotes Windows - MobileTop (sshpmdm) Modem (02/23/2007 2.5.0.0)

"65B6FE5418CE28F4D72543FB2D964C3CEC83F161" = Package de pilotes Windows - MobileTop (sshpusb) USB (02/23/2007 2.5.0.0)

"Adobe AIR" = Adobe AIR

"Adobe Flash Player ActiveX" = Adobe Flash Player ActiveX

"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin

"AutocompletePro3_is1" = AutocompletePro

"avast!" = avast! Antivirus

"CNXT_HDAUDIO" = Conexant HD Audio

"CNXT_MODEM_HDAUDIO_CPL30A5m" = HDAUDIO Soft Data Fax Modem with SmartCP

"ExpressBurn" = Express Burn Disc Burning Software

"FrostWire" = FrostWire 4.20.9

"HOMESTUDENTR" = Microsoft Office Home and Student 2007

"HP Imaging Device Functions" = HP Imaging Device Functions 6.0

"HP Photo & Imaging" = HP Photosmart Premier Software 6.0

"InstallShield_{23012310-3E05-46A5-88A9-C6CBCABCAC79}" = Amélioration de nos services

"InstallShield_{7B6CF9EB-CB2B-4A1A-81A9-BE1A9044690A}" = Texas Instruments PCIxx21/x515/xx12 drivers.

"InstallShield_{8105684D-8CA6-440D-8F58-7E5FD67A499D}" = Connexion Facile à Internet

"InstallShield_{F193FC0E-9E18-40FC-A974-509A1BDD240A}" = Samsung New PC Studio

"KLiteCodecPack_is1" = K-Lite Codec Pack 6.3.0 (Full)

"Lexmark X1100 Series" = Lexmark X1100 Series

"LimeWire" = LimeWire 5.5.16

"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware

"Messenger Plus! Live" = Messenger Plus! Live

"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1

"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1

"Mozilla Firefox (3.6.16)" = Mozilla Firefox (3.6.16)

"NVIDIA Drivers" = NVIDIA Drivers

"PROSet" = Intel® PRO Network Connections Drivers

"SAMSUNG Mobile Composite Device" = SAMSUNG Mobile Composite Device Software

"SAMSUNG Mobile Modem" = SAMSUNG Mobile Modem Driver Set

"Samsung Mobile Modem Device" = Samsung Mobile Modem Device Software

"Samsung Mobile phone USB driver" = Samsung Mobile phone USB driver Software

"SAMSUNG Mobile USB Modem" = SAMSUNG Mobile USB Modem Software

"SAMSUNG Mobile USB Modem 1.0" = SAMSUNG Mobile USB Modem 1.0 Software

"SAMSUNG USB Mobile Device" = SAMSUNG USB Mobile Device Software

"SynTPDeinstKey" = Synaptics Pointing Device Driver

"VLC media player" = VLC media player 1.1.5

"wam.04351C371E530C3762CBA45FA283ED972DCDEFB6.1" = Winamax Poker

"WIC" = Windows Imaging Component

"Windows Media Format Runtime" = Windows Media Format Runtime

"Windows Media Player" = Lecteur Windows Media 10

"WinLiveSuite_Wave3" = Installation Windows Live

"WinRAR archiver" = Logiciel d'archivage WinRAR

 

========== Last 10 Event Log Errors ==========

 

[ Antivirus Events ]

Error - 18/04/2011 05:02:41 | Computer Name = MEHDI | Source = avast! | ID = 33554522

Description = Error in aswChestC: chestOpenList Error 1753.

 

Error - 18/04/2011 05:02:41 | Computer Name = MEHDI | Source = avast! | ID = 33554522

Description = aswChestInterface - Program error description: CChestListView::LoadFiles()

chestOpenList() failed: 2147422219.

 

Error - 18/04/2011 14:36:48 | Computer Name = MEHDI | Source = avast! | ID = 33554522

Description = aswChestInterface - Program error description: CChestListView::OnCreate()

!m_strErrorWnd.IsEmpty().

 

Error - 19/04/2011 04:17:49 | Computer Name = MEHDI | Source = avast! | ID = 33554522

Description = Error in aswChestC: chestOpenList Error 1753.

 

Error - 19/04/2011 04:17:49 | Computer Name = MEHDI | Source = avast! | ID = 33554522

Description = aswChestInterface - Program error description: CChestListView::LoadFiles()

chestOpenList() failed: 2147422219.

 

[ Application Events ]

Error - 17/04/2011 09:07:06 | Computer Name = MEHDI | Source = crypt32 | ID = 131080

Description = Échec de la récupération de la mise à jour automatique du numéro de

séquence de la liste racine tierce partie à partir de : <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>'>http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>'>http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>'>http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>'>http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>'>http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>'>http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>'>http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>'>http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>

avec l'erreur : Cette connexion réseau n'existe pas.

 

Error - 17/04/2011 12:30:38 | Computer Name = MEHDI | Source = crypt32 | ID = 131080

Description = Échec de la récupération de la mise à jour automatique du numéro de

séquence de la liste racine tierce partie à partir de : <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>

avec l'erreur : La connexion avec le serveur a été interrompue anormalement

 

Error - 17/04/2011 12:30:38 | Computer Name = MEHDI | Source = crypt32 | ID = 131080

Description = Échec de la récupération de la mise à jour automatique du numéro de

séquence de la liste racine tierce partie à partir de : <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>

avec l'erreur : Cette connexion réseau n'existe pas.

 

Error - 18/04/2011 04:58:19 | Computer Name = MEHDI | Source = PerfNet | ID = 2004

Description = Impossible d'ouvrir le Service serveur. Les données de performance

du serveur ne seront pas renvoyées. Le code d'erreur renvoyé est la donnée DWORD

0.

 

Error - 18/04/2011 07:04:39 | Computer Name = MEHDI | Source = crypt32 | ID = 131080

Description = Échec de la récupération de la mise à jour automatique du numéro de

séquence de la liste racine tierce partie à partir de : <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>

avec l'erreur : La connexion avec le serveur a été interrompue anormalement

 

Error - 18/04/2011 07:04:40 | Computer Name = MEHDI | Source = crypt32 | ID = 131080

Description = Échec de la récupération de la mise à jour automatique du numéro de

séquence de la liste racine tierce partie à partir de : <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>

avec l'erreur : Cette connexion réseau n'existe pas.

 

Error - 18/04/2011 14:45:18 | Computer Name = MEHDI | Source = crypt32 | ID = 131080

Description = Échec de la récupération de la mise à jour automatique du numéro de

séquence de la liste racine tierce partie à partir de : <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>

avec l'erreur : La connexion avec le serveur a été interrompue anormalement

 

Error - 18/04/2011 14:45:19 | Computer Name = MEHDI | Source = crypt32 | ID = 131080

Description = Échec de la récupération de la mise à jour automatique du numéro de

séquence de la liste racine tierce partie à partir de : <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>

avec l'erreur : Cette connexion réseau n'existe pas.

 

Error - 18/04/2011 15:54:47 | Computer Name = MEHDI | Source = crypt32 | ID = 131080

Description = Échec de la récupération de la mise à jour automatique du numéro de

séquence de la liste racine tierce partie à partir de : <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>

avec l'erreur : La connexion avec le serveur a été interrompue anormalement

 

Error - 18/04/2011 15:54:48 | Computer Name = MEHDI | Source = crypt32 | ID = 131080

Description = Échec de la récupération de la mise à jour automatique du numéro de

séquence de la liste racine tierce partie à partir de : <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>

avec l'erreur : Cette connexion réseau n'existe pas.

 

[ System Events ]

Error - 15/04/2011 07:25:22 | Computer Name = MEHDI | Source = Dhcp | ID = 1002

Description = Le bail de l'adresse IP 192.168.1.3 pour la carte réseau dont l'adresse

réseau est 00130265B02A a été refusé par le serveur DHCP 78.251.127.254 (celui-ci

a envoyé un message DHCPNACK).

 

Error - 15/04/2011 07:25:26 | Computer Name = MEHDI | Source = Dhcp | ID = 1001

Description = Le réseau n'a attribué aucune adresse à votre ordinateur (par le serveur

DHCP)

pour la carte réseau avec l'adresse réseau 00130265B02A. Il s'est produit l'erreur

suivante : %%1223. Votre ordinateur va continuer à essayer d'obtenir sa propre adresse

auprès du serveur d'adresse réseau (DHCP).

 

Error - 15/04/2011 15:53:44 | Computer Name = MEHDI | Source = Dhcp | ID = 1002

Description = Le bail de l'adresse IP 192.168.1.3 pour la carte réseau dont l'adresse

réseau est 00130265B02A a été refusé par le serveur DHCP 78.251.127.254 (celui-ci

a envoyé un message DHCPNACK).

 

Error - 15/04/2011 15:56:05 | Computer Name = MEHDI | Source = Service Control Manager | ID = 7022

Description = Le service Mises à jour automatiques est en attente de démarrage.

 

Error - 16/04/2011 11:49:25 | Computer Name = MEHDI | Source = Windows Update Agent | ID = 16

Description = Connexion impossible : Windows ne parvient pas à se connecter au service

Mises à jour automatiques et ne peut donc pas procéder au téléchargement et à l'installation

des mises à jour définies par la planification. Windows continuera d'essayer d'établir

la connexion.

 

Error - 17/04/2011 05:29:45 | Computer Name = MEHDI | Source = Service Control Manager | ID = 7006

Description = L'appel ScRegSetValueExW a échoué pour Type avec l'erreur : %%5

 

Error - 17/04/2011 05:29:45 | Computer Name = MEHDI | Source = Service Control Manager | ID = 7006

Description = L'appel ScRegSetValueExW a échoué pour Type avec l'erreur : %%5

 

Error - 17/04/2011 05:29:45 | Computer Name = MEHDI | Source = Service Control Manager | ID = 7006

Description = L'appel ScRegSetValueExW a échoué pour Type avec l'erreur : %%5

 

Error - 17/04/2011 07:52:04 | Computer Name = MEHDI | Source = Service Control Manager | ID = 7026

Description = Le pilote de démarrage système ou d'amorçage suivant n'a pas pu se

charger : AliIde PCIIde ViaIde

 

Error - 18/04/2011 14:41:22 | Computer Name = MEHDI | Source = Windows Update Agent | ID = 16

Description = Connexion impossible : Windows ne parvient pas à se connecter au service

Mises à jour automatiques et ne peut donc pas procéder au téléchargement et à l'installation

des mises à jour définies par la planification. Windows continuera d'essayer d'établir

la connexion.

 

 

< End of report >

 

 

 

 

 

 

 

 

 

Je dois aller travailler je vous répondrais se soir .Merci encore

[lance_yien]

>>> Ask.com: Utiliser cet utilitaire pour désinstaller tout programme et application appartenant à Ask.com parce qu'ils font de la pub de leur barre d'outils sur des sites réservés aux enfants (plus susceptibles de tomber dans leurs pièges) ou utilisant des pop-ups faisant croire que c'est de la pub pour d'autres applications.

Pire encore, ils utilisent des spywares venant d'autre sociétés.

Cette barre d'outils s'installe sans rien demander aux utilisateurs et opère à des modifications dans les paramètres des navigateurs pour se faire de l'argent par redirection vers d'autres sites.

 

>>> FrostWire et LimeWire: Lire attentivement Le danger des P2P et prendre la sage résolution de désinstaller tout programme de ce type.

--

 

Lancer OTL et copier la liste suivante (commençant par :OTL) et la coller dans l'espace sous "Personnalisation" (les : au début et le ] à la fin sont très important, merci de vérifier).

 

:OTL

SRV - File not found [Disabled | Stopped] -- -- (HidServ)

SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt)

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Ask.com France - L'autre moteur de recherche

FF - prefs.js..browser.search.defaultengine: "Ask.com"

FF - prefs.js..browser.search.defaultenginename: "Ask.com"

FF - prefs.js..browser.search.order.1: "Ask.com"

FF - prefs.js..browser.startup.homepage: "http://fr.ask.com?o=14200&l=dis"

[2010/11/18 13:36:00 | 000,002,394 | ---- | M] () -- C:\Documents and Settings\mehdi B\Application Data\Mozilla\Firefox\Profiles\3a0i905a.default\searchplugins\askcom.xml

[2010/08/25 11:37:02 | 000,002,340 | ---- | M] () -- C:\Documents and Settings\mehdi B\Application Data\Mozilla\Firefox\Profiles\3a0i905a.default\searchplugins\bigseekpro.xml

O2 - BHO: (AC-Pro) - {0FB6A909-6086-458F-BD92-1F8EE10042A0} - C:\Program Files\AutocompletePro\AutocompletePro.dll (SimplyGen)

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.

O4 - HKLM..\Run: [KernelFaultCheck] File not found

O4 - HKLM..\Run: [NPSStartup] File not found

O4 - HKLM..\Run: [userFaultCheck] File not found

O4 - HKCU\..\Run: [badoo Desktop] C:\Documents and Settings\All Users\Application Data\Badoo\Badoo Desktop\1.3.12.904\Badoo.Desktop.exe (Badoo)

 

:Services

 

:Reg

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"AutocompletePro3_is1" = -

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

"C:\Program Files\LimeWire\LimeWire.exe" = -

"C:\Program Files\FrostWire\FrostWire.exe" = -

"FrostWire" = -

"LimeWire" = -

 

:Files

C:\WINDOWS\tasks\*.job

C:\*.sqm

C:\Program Files\AutocompletePro

C:\Documents and Settings\All Users\Application Data\Badoo

C:\Program Files\LimeWire

C:\Program Files\FrostWire

 

:Commands

[EMPTYTEMP]

[EMPTYFLASH]

[RESETHOSTS]

Cliquer sur le bouton rouge Correction et laisser faire.

Si un ou plusieurs fichiers ne peuvent pas être supprimés normalement, le programme demandera de redémarrer la machine pour finir le processus, cliquer sur Oui.

A la fin un rapport s'ouvre dans le bloc-note. Copier son contenu et le coller dans une nouvelle réponse. Fermer le rapport et OTL.

 

 

As-tu d'autres symptômes à vérifier avant de passer aux mises à jour de certains programmes?

 

Tu n'habites pas du côté d'Aix-les-Bains par hasard?

Modifié le 19 avril 2011 par lance_yien

[MehDiZz]

All processes killed

========== OTL ==========

Service HidServ stopped successfully!

Service HidServ deleted successfully!

Service AppMgmt stopped successfully!

Service AppMgmt deleted successfully!

HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!

Prefs.js: "Ask.com" removed from browser.search.defaultengine

Prefs.js: "Ask.com" removed from browser.search.defaultenginename

Prefs.js: "Ask.com" removed from browser.search.order.1

Prefs.js: "http://fr.ask.com?o=14200&l=dis" removed from browser.startup.homepage

C:\Documents and Settings\mehdi B\Application Data\Mozilla\Firefox\Profiles\3a0i905a.default\searchplugins\askcom.xml moved successfully.

C:\Documents and Settings\mehdi B\Application Data\Mozilla\Firefox\Profiles\3a0i905a.default\searchplugins\bigseekpro.xml moved successfully.

Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0FB6A909-6086-458F-BD92-1F8EE10042A0}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0FB6A909-6086-458F-BD92-1F8EE10042A0}\ deleted successfully.

C:\Program Files\AutocompletePro\AutocompletePro.dll moved successfully.

Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB}\ not found.

Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\KernelFaultCheck deleted successfully.

Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\NPSStartup deleted successfully.

Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\UserFaultCheck deleted successfully.

Registry key HKEY_CURRENT_USER\\Software\Microsoft\Windows\CurrentVersion\Run not found.

C:\Documents and Settings\All Users\Application Data\Badoo\Badoo Desktop\1.3.12.904\Badoo.Desktop.exe moved successfully.

========== SERVICES/DRIVERS ==========

========== REGISTRY ==========

Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\\AutocompletePro3_is1 not found.

Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\LimeWire\LimeWire.exe deleted successfully.

Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\FrostWire\FrostWire.exe deleted successfully.

Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\FrostWire not found.

Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\LimeWire not found.

========== FILES ==========

C:\WINDOWS\tasks\AppleSoftwareUpdate.job moved successfully.

C:\WINDOWS\tasks\expressburnShakeIcon.job moved successfully.

File\Folder C:\*.sqm not found.

C:\Program Files\AutocompletePro\support@predictad.com\defaults\preferences folder moved successfully.

C:\Program Files\AutocompletePro\support@predictad.com\defaults folder moved successfully.

C:\Program Files\AutocompletePro\support@predictad.com\chrome\content folder moved successfully.

C:\Program Files\AutocompletePro\support@predictad.com\chrome folder moved successfully.

C:\Program Files\AutocompletePro\support@predictad.com folder moved successfully.

C:\Program Files\AutocompletePro\chrome folder moved successfully.

C:\Program Files\AutocompletePro folder moved successfully.

C:\Documents and Settings\All Users\Application Data\Badoo\Badoo Desktop\1.3.12.904 folder moved successfully.

C:\Documents and Settings\All Users\Application Data\Badoo\Badoo Desktop folder moved successfully.

C:\Documents and Settings\All Users\Application Data\Badoo folder moved successfully.

C:\Program Files\LimeWire\root\magnet10 folder moved successfully.

C:\Program Files\LimeWire\root folder moved successfully.

C:\Program Files\LimeWire\lib\avg folder moved successfully.

C:\Program Files\LimeWire\lib folder moved successfully.

C:\Program Files\LimeWire\.NetworkShare folder moved successfully.

C:\Program Files\LimeWire folder moved successfully.

C:\Program Files\FrostWire\plugins folder moved successfully.

C:\Program Files\FrostWire folder moved successfully.

========== COMMANDS ==========

 

[EMPTYTEMP]

 

User: All Users

 

User: Default User

->Temp folder emptied: 0 bytes

->Flash cache emptied: 56502 bytes

 

User: LocalService

->Temp folder emptied: 65984 bytes

->Flash cache emptied: 1359 bytes

 

User: mehdi B

->Temp folder emptied: 101173 bytes

->Temporary Internet Files folder emptied: 122512751 bytes

->Java cache emptied: 10526811 bytes

->FireFox cache emptied: 94019785 bytes

->Flash cache emptied: 213267 bytes

 

User: NetworkService

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 1577007 bytes

->Flash cache emptied: 3692 bytes

 

%systemdrive% .tmp files removed: 0 bytes

%systemroot% .tmp files removed: 0 bytes

%systemroot%\System32 .tmp files removed: 1283040 bytes

%systemroot%\System32\dllcache .tmp files removed: 0 bytes

%systemroot%\System32\drivers .tmp files removed: 0 bytes

Windows Temp folder emptied: 0 bytes

%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 65428300 bytes

%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes

RecycleBin emptied: 0 bytes

 

Total Files Cleaned = 282,00 mb

 

 

[EMPTYFLASH]

 

User: All Users

 

User: Default User

->Flash cache emptied: 0 bytes

 

User: LocalService

->Flash cache emptied: 0 bytes

 

User: mehdi B

->Flash cache emptied: 0 bytes

 

User: NetworkService

->Flash cache emptied: 0 bytes

 

Total Flash Files Cleaned = 0,00 mb

 

HOSTS file reset successfully

 

OTL by OldTimer - Version 3.2.22.3 log created on 04192011_212525

 

Files\Folders moved on Reboot...

 

Registry entries deleted on Reboot...

 

 

euh non j'ai pas d'autres symptome enfin pas visible lol , non je suis de lyon pk?

[lance_yien]

Bonjour,

 

>>> Mises à jour: Toute ancienne version d'un programme quel qu'il soit peut comporter des vulnérabilités susceptibles d'être exploitées pour infecter un PC:

 

• Ta version SP2 de Windows XP est largement dépassée et Microsoft n'assure plus les mises à jour pour cette version, d'où l'accumulation de vulnérabilités et des failles de sécurité.
  Je te recommande de suivre les étapes suivantes pour mettre à jour ton Windows:
  1- Cliquer ICI pour télécharger le Pack SP3 sur le Bureau (bien choisir la Langue avant de télécharger).
  Fermer tout et double cliquer sur le fichier "WindowsXP-KB936929-SP3-x86-ENU.exe". Suivre les indications.
  2- Ta version d'Internet Explorer n'est pas à jour. Cliquer ICI, choisir la langue et le système d'exploitation pour télécharger et installer la dernière version d'Internet Explorer. Suivre simplement les indications.
  3- Faire les mises à jour depuis "Démarrer" => "Tous les programmes" => "Windows updates".
   
  
• Java: Utiliser, IMPÉRATIVEMENT Internet Explorer pour téléchargez (sur le Bureau) la dernière version qui correspond à votre Système d'exploitation (32 ou 64 bits): Téléchargements Java pour tous les systèmes d'exploitation.
   
  
  

  
   
  Avant l'installation il est important de commencer par supprimer TOUTES les anciennes versions dans votre machine parce qu'elles peuvent contenir des vulnérabilités de sécurité:
  Cliquer sur "Démarrer" => "Panneau de Configuration" => "Ajout/ Suppr des Programmes".
  Chercher, dans la liste les lignes concernant Java (J2SE Runtime Environment.... ) et repérables avec cette icône .
  Sélectionner une ligne à la fois et cliquer sur Modifier/ Supprimer.
  Quand il n'y en a plus fermez tout et installez la nouvelle version en cliquant sur le fichier que vous avez téléchargé.
   
  

• Ta version de Adobe Acrobat Reader n'est pas à jour. La désinstaller et télécharger la dernière version ici (Décocher la case Inclure dans votre téléchargement).

 

As-tu rencontré des problèmes avec ces mises à jour? On passera à la dernière étape la prochaine fois.

[MehDiZz]

Bonjour ,

 

Pour la version Java je prend la 32 ou 64 ?? pour Internet exporer je l'utilise jamais je suis sur mozilla mais je vais quand meme le mettre a jour

[lance_yien]

La version de ton Windows est dans les "Propriétés" de ton "Poste de travail" après un clic-droit. C'est 32bits pour toi.

 

Pour Internet Explorer c'est une bonne idée de le mettre à jour parce que:

- "Toute ancienne version d'un programme quel qu'il soit peut comporter des vulnérabilités susceptibles d'être exploitées pour infecter un PC". En plus je l'ai dit

- Tu es obligé de l'utiliser pour certaines mises à jour et/ou analyse en ligne.