Infection détectée

lance_yien · le 25 mai 2011

Bonjour ROUROU,

A la demande de Dylav je reviens pour t'aider à en finir avec ton problème. Fais ces mises à jour et dis-moi ce qui te reste comme soucis à voir.

>>> Mises à jour: Toute ancienne version d'un programme quel qu'il soit peut comporter des vulnérabilités susceptibles d'être exploitées pour infecter un PC et notre meilleur moyen pour limiter les dégâts c'est la mise à jour régulièrement[/b]:

Java: Utiliser, IMPÉRATIVEMENT, Internet Explorer pour téléchargez (sur le Bureau) la dernière version qui correspond à votre Système d'exploitation (32 ou 64 bits): Téléchargements Java pour tous les systèmes d'exploitation.

Avant l'installation il est important de commencer par supprimer TOUTES les anciennes versions dans votre machine parce qu'elles peuvent contenir des vulnérabilités de sécurité:
Cliquer sur "Démarrer" => "Panneau de Configuration" => "Ajout/ Suppr des Programmes".
Chercher, dans la liste les lignes concernant Java (J2SE Runtime Environment.... ) et repérables avec cette icône .
Sélectionner une ligne à la fois et cliquer sur Modifier/ Supprimer.
Quand il n'y en a plus fermez tout et installez la nouvelle version en cliquant sur le fichier que vous avez téléchargé.
Ta version de Adobe Acrobat Reader n'est pas à jour. La désinstaller et télécharger la dernière version ici (Décocher la case Inclure dans votre téléchargement).

a++

ROUROU · le 25 mai 2011

Bonsoir et merci pour la réponse

après avoir fait ce que tu dis toujours le même souci :

à savoir =

après le lancement de l'ordi et le "bip" du BIOS, je dois choisir entre " lancer réparation windows " ( qui ne trouve pas de solution et donc unique choiw que d'éteindre l'ordi ) ou "lancer windows normalement " ( ce que je fais ) et windows se lance en 10 - 15 min comme décrit précedemment ...

je précise qu'on ne me propose pas "lancer windows sans échec"

donc les MAJ n'ont rien changé

lance_yien · le 26 mai 2011

Bonjour,

Quelque chose n'est pas bien clair pour moi: As-tu, oui ou non, accès à ton Bureau Windows et peux-tu te servir de ta machine? Si oui,

Imprimer ces instructions ou les enregistrer dans un fichier texte sur le Bureau pour les consulter facilement à tout moment et télécharger, sur le Bureau OTL (par OldTimer) depuis ici ou ici.

Brancher et allumer tous les médias amovibles (Disques externes, clés USB etc...).

Fermer toutes les applications et fenêtres ouvertes et double-cliquer sur OTL.exe (Vista/ Windows7, cliquer-droit dessus => Exécuter en tant qu'Admin).

Copiez/ Collez ces lignes (commençant par netsvcs) dans l'espace sous "Personnalisation":

netsvcs
drivers32

%SYSTEMDRIVE%\*.*

%systemroot%\*. /mp /s

%systemroot%\system32\*.dll /lockedfiles

%systemroot%\Tasks\*.job /lockedfiles

%systemroot%\System32\config\*.sav

%systemroot%\system32\drivers\*.sys /90

CREATERESTOREPOINT

HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs

SAVEMBR:0

Sans rien changer, cliquer sur le bouton bleu Analyse et laisser faire.

A la fin du scan, 2 rapports seront créés: OTL.txt (qui s'ouvre dans le bloc-note) et Extras.txt (qui sera minimisé dans la Barre des tâches).

Copier/ Coller le contenu de chaque rapport, un seul par message parce qu'ils sont souvent très longs et dépassent la limite autorisée par le forum.

a++

ROUROU · le 26 mai 2011

OTL Extras logfile created on: 26/05/2011 19:45:25 - Run 1

OTL by OldTimer - Version 3.2.23.0 Folder = C:\Users\Juju\Desktop

Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation

Internet Explorer (Version = 9.0.8112.16421)

Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

3,50 Gb Total Physical Memory | 2,58 Gb Available Physical Memory | 73,84% Memory free

7,24 Gb Paging File | 6,22 Gb Available in Paging File | 86,01% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files

Drive C: | 145,80 Gb Total Space | 44,78 Gb Free Space | 30,71% Space Free | Partition Type: NTFS

Drive D: | 145,46 Gb Total Space | 141,96 Gb Free Space | 97,59% Space Free | Partition Type: NTFS

Computer Name: PC-DE-JUJU | User Name: Juju | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user | Quick Scan

Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)

.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)

exefile [open] -- "%1" %*

helpfile [open] -- Reg Error: Key error.

hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)

htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office\msohtmed.exe" %1 (Microsoft Corporation)

htmlfile [print] -- "C:\Program Files\Microsoft Office\Office\msohtmed.exe" /p %1 (Microsoft Corporation)

inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()

Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()

Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)

Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"cval" = 0

"UacDisableNotify" = 1

"InternetSettingsDisableNotify" = 1

"AutoUpdateDisableNotify" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

"AntiVirusOverride" = 0

"AntiSpywareOverride" = 0

"FirewallOverride" = 0

"VistaSp1" = Reg Error: Unknown registry data type -- File not found

"VistaSp2" = Reg Error: Unknown registry data type -- File not found

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

"EnableFirewall" = 1

"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

"EnableFirewall" = 1

"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]

"EnableFirewall" = 1

"DisableNotifications" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

"C:\Program Files\FlashGet Network\FlashGet 3\FlashGet3.exe" = C:\Program Files\FlashGet Network\FlashGet 3\FlashGet3.exe:*:Enabled:Flashget3 -- (Trend Media Corporation Limited)

========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

"{1E34C1C6-DC77-4F18-BB71-B3D0525E2248}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |

"{3F4F093A-77DC-4729-8847-9FB651FB7655}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |

"{42013885-B8F4-4953-9755-38CDA898CC95}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |

"{42994C63-B115-4DAC-8C27-5B326BC6A637}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |

"{4E2824C0-3AC8-463D-B80A-D893DB934188}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |

"{88F898E1-56D8-4EBC-A4EC-B57091FD612F}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |

"{9ECA5557-BDF6-4657-AE8D-E78E8A711DB5}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |

"{B5511DA1-AA5E-4F53-8681-0826D8662D17}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |

"{B57BA7FA-5C8C-4116-9686-8FC05DDE21CA}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |

"{CB7E6976-B8C4-469A-953B-EFF4969BC997}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |

"{EEFF0A39-D0AD-4D0C-92A0-903202EA97B1}" = lport=2869 | protocol=6 | dir=in | app=system |

"{F0D59EB0-B0BE-4613-B559-0FB3AF80FD5D}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

"{14E72BF6-17F4-4294-8391-59502BED066C}" = protocol=17 | dir=in | app=c:\program files\starcraft ii\versions\base15405\sc2.exe |

"{1F206A93-49F9-434E-B2EB-14299DB74B76}" = protocol=6 | dir=in | app=c:\program files\mass effect 2\binaries\masseffect2.exe |

"{2193E97A-6BDF-4DBC-9084-71E674E97DFC}" = dir=in | app=c:\program files\windows live\contacts\wlcomm.exe |

"{24FA74B6-1054-4F40-9849-F7DE6DF7792A}" = protocol=17 | dir=in | app=c:\program files\microsoft lifecam\lifeexp.exe |

"{28CDBC50-1F4D-4CF9-A42B-5DF8C0D0A2EA}" = protocol=17 | dir=in | app=c:\program files\starcraft ii\starcraft ii.exe |

"{34A566EE-F3AB-4EE4-B33C-8970DED06548}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |

"{356A52B0-8E6C-44A9-9E38-BF081DF4A7B3}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |

"{43B2A072-8A66-43F4-9510-4364207F61AF}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe |

"{47D9C77A-C1FB-480D-8E3D-464B257D62CC}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |

"{5549C33F-2CBC-468B-8024-BF6959CD02E3}" = protocol=17 | dir=in | app=c:\program files\starcraft ii\versions\base15405\sc2.exe |

"{5EED2876-1014-4F6D-8F0E-AD47DACDDDEF}" = protocol=17 | dir=in | app=c:\program files\microsoft lifecam\lifecam.exe |

"{769B28CC-57AE-402C-B5F1-B89951439EE0}" = protocol=6 | dir=in | app=c:\program files\starcraft ii\versions\base15405\sc2.exe |

"{789FADD8-7521-4641-903E-01B7B163C24F}" = protocol=6 | dir=in | app=c:\program files\warcraft iii\frozen throne.exe |

"{791B1296-9161-491D-852E-71371236EA71}" = dir=in | app=c:\program files\windows live\mesh\moe.exe |

"{7A71E6B8-4AC2-44E4-A01C-2584AE2668EF}" = protocol=6 | dir=in | app=c:\program files\microsoft lifecam\lifeexp.exe |

"{A5E32FCE-6CCB-40E5-831E-B48E34D2DF2D}" = protocol=6 | dir=in | app=c:\program files\starcraft ii\starcraft ii.exe |

"{B485BC0F-7D66-438A-A0DE-BC1F3E2B7697}" = dir=in | app=c:\program files\itunes\itunes.exe |

"{B8E5EEB3-0E1D-4640-8101-E01BEE1EC2F5}" = protocol=6 | dir=in | app=c:\program files\warcraft iii\warcraft iii.exe |

"{C18E8AFA-8501-4302-BB9A-F07723AA88BF}" = protocol=6 | dir=in | app=c:\program files\starcraft ii\versions\base17326\sc2.exe |

"{C3B49119-0043-4C26-83BF-5E013C0540EB}" = protocol=17 | dir=in | app=c:\program files\mass effect 2\masseffect2launcher.exe |

"{C5A4B8C0-3F81-443B-850D-AA17ABDD3D70}" = protocol=17 | dir=in | app=c:\program files\warcraft iii\frozen throne.exe |

"{C65512D2-7CA9-45A3-8F24-35BC53330437}" = protocol=6 | dir=in | app=c:\program files\starcraft ii\versions\base15405\sc2.exe |

"{CB8AA875-EA29-42D9-B8C5-87DAD5B4CE97}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |

"{D527FBEE-BAE9-42A8-8640-62BCC56DB554}" = protocol=17 | dir=in | app=c:\program files\mass effect 2\binaries\masseffect2.exe |

"{DEF82F9D-5486-4A6F-9410-1961D5FE1532}" = protocol=17 | dir=in | app=c:\program files\starcraft ii\starcraft ii.exe |

"{E70E9319-2EBE-4D47-B07A-3F462166CC5D}" = protocol=17 | dir=in | app=c:\program files\warcraft iii\warcraft iii.exe |

"{EDCBEF3A-8730-4DE1-A977-E356B859D80F}" = protocol=6 | dir=in | app=c:\program files\mass effect 2\masseffect2launcher.exe |

"{EFC04C1C-0C33-4B7C-A554-9079BF0DB5F7}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |

"{F2D92247-6769-4B57-AEAC-A801315E3024}" = protocol=6 | dir=in | app=c:\program files\microsoft lifecam\lifecam.exe |

"{F63E76E7-A8F2-48A5-AE8A-26F0E8D89B18}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |

"{FBBC5314-FCCC-4966-8B4B-58B2802279F1}" = protocol=6 | dir=in | app=c:\program files\starcraft ii\starcraft ii.exe |

"{FFCCCC9B-A6A7-403A-AAD9-6F7093F55583}" = protocol=17 | dir=in | app=c:\program files\starcraft ii\versions\base17326\sc2.exe |

"TCP Query User{187BC0BA-3767-4A3E-8867-C817D1C82607}C:\program files\flashget network\flashget 3\flashget3.exe" = protocol=6 | dir=in | app=c:\program files\flashget network\flashget 3\flashget3.exe |

"TCP Query User{3357A873-1A95-420D-8280-2B541035D23B}C:\program files\starcraft ii\support\blizzarddownloader.exe" = protocol=6 | dir=in | app=c:\program files\starcraft ii\support\blizzarddownloader.exe |

"TCP Query User{3AF5B039-55E2-4BCB-B5D6-A2D422BD1C53}C:\program files\starcraft ii\versions\base18574\sc2.exe" = protocol=6 | dir=in | app=c:\program files\starcraft ii\versions\base18574\sc2.exe |

"TCP Query User{5533A848-3284-4E90-B855-E88BD98B5BCE}C:\program files\flashget network\flashget 3\flashget3.exe" = protocol=6 | dir=in | app=c:\program files\flashget network\flashget 3\flashget3.exe |

"TCP Query User{A5CDFAF9-AC9F-4FF3-BF64-28F9C83978C2}C:\program files\warcraft iii\war3.exe" = protocol=6 | dir=in | app=c:\program files\warcraft iii\war3.exe |

"TCP Query User{DB432CE8-ECCC-41A9-8E31-4FE22F6B8196}C:\program files\warcraft iii\war3.exe" = protocol=6 | dir=in | app=c:\program files\warcraft iii\war3.exe |

"UDP Query User{2C2ABF85-ED45-40A2-B0F0-280B12CC9494}C:\program files\starcraft ii\support\blizzarddownloader.exe" = protocol=17 | dir=in | app=c:\program files\starcraft ii\support\blizzarddownloader.exe |

"UDP Query User{5CCE37AE-D4AA-4631-B073-857C88A559A1}C:\program files\warcraft iii\war3.exe" = protocol=17 | dir=in | app=c:\program files\warcraft iii\war3.exe |

"UDP Query User{6FDC2AD1-F8D5-4DB3-869D-DB7EBDD58524}C:\program files\flashget network\flashget 3\flashget3.exe" = protocol=17 | dir=in | app=c:\program files\flashget network\flashget 3\flashget3.exe |

"UDP Query User{79FA4E5F-9EA5-40F6-B331-4BE60402C636}C:\program files\flashget network\flashget 3\flashget3.exe" = protocol=17 | dir=in | app=c:\program files\flashget network\flashget 3\flashget3.exe |

"UDP Query User{8C58243A-CE0F-4BED-B201-7BA73DF96A63}C:\program files\starcraft ii\versions\base18574\sc2.exe" = protocol=17 | dir=in | app=c:\program files\starcraft ii\versions\base18574\sc2.exe |

"UDP Query User{95DCDE00-4953-4FC8-B7C9-645A4C9C7E76}C:\program files\warcraft iii\war3.exe" = protocol=17 | dir=in | app=c:\program files\warcraft iii\war3.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{0001040C-78E1-11D2-B60F-006097C998E7}" = Microsoft Office 2000 Professional

"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148

"{00C0C196-54AC-8BC5-5F16-87C4A38D13B8}" = Catalyst Control Center Localization All

"{05E379CC-F626-4E7D-8354-463865B303BF}" = Windows Live UX Platform Language Pack

"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer

"{0C826C5B-B131-423A-A229-C71B3CACCD6A}" = CDDRV_Installer

"{0F5B4A82-9DAF-3D13-8CB8-AEB25E4A614E}" = Microsoft .NET Framework 4 Client Profile FRA Language Pack

"{1063B812-E31C-833F-F5F0-46D9D06B5336}" = Catalyst Control Center Graphics Light

"{13DFC4CE-9089-4907-E042-71DCD6727DBA}" = ccc-utility

"{1577A05B-EE62-4BBC-9DB7-FE748FA44EC2}" = NTI CD & DVD-Maker

"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer

"{19A4A990-5343-4FF7-B3B5-6F046C091EDF}" = Windows Live Remote Client

"{1EE8648A-1141-BF6F-B002-1F279859606B}" = CCC Help Portuguese

"{1EFE2B13-7C03-E454-00F5-5FF8CFC86343}" = CCC Help Hungarian

"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update

"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions

"{2075CB0A-D26F-4DAA-B424-5079296B43BA}" = Windows Live FolderShare

"{227E8782-B2F4-4E97-B0EE-49DE9CC1C0C0}" = Windows Live Remote Service

"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer

"{25C55EBA-401C-F7B8-E932-F7A5D53EADEE}" = Catalyst Control Center Graphics Previews Vista

"{26442B73-03B2-44E5-ACBC-8C6625B89481}" = CCC Help French

"{26A24AE4-039D-4CA4-87B4-2F83216025FF}" = Java 6 Update 25

"{2E2660AC-6195-C603-A6BD-5FC039891FFF}" = ccc-core-static

"{30E0C424-E68A-FB77-6E45-42EC039264F4}" = CCC Help Greek

"{3101CB58-3482-4D21-AF1A-7057FC935355}" = KhalInstallWrapper

"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery

"{34319F1F-7CF2-4CC9-B357-1AE7D2FF3AC5}" = Windows Live

"{353FE16B-30FE-469A-BF55-B978F4218003}" = iTunes

"{3884575F-4920-4917-8A7D-7D6C7F2A11D1}" = M-Audio MobilePre Driver 6.0.1 (x86)

"{3B9A92DA-6374-4872-B646-253F18624D5F}" = Windows Live Writer

"{3B9DF14F-DA9E-52AE-71ED-BBE2CAC7CC34}" = CCC Help Chinese Standard

"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile

"{3DA169A5-3DBC-BBCA-4366-0B8678D5B765}" = Catalyst Control Center Graphics Previews Common

"{3E31821C-7917-367E-938E-E65FC413EA31}" = Microsoft .NET Framework 3.5 Language Pack SP1 - fra

"{41581EF5-45A7-11DA-9D78-000129760D75}" = Acer Picture Slide DVD

"{42C9C702-67B3-4308-9747-9E29B1D596E9}" = Agama

"{488F0347-C4A7-4374-91A7-30818BEDA710}" = Galerie de photos Windows Live

"{49E56237-4F46-5E38-FA6E-5A6651C355C7}" = CCC Help English

"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater

"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace

"{535B21E4-EE17-4970-459F-9AA67EA23261}" = CCC Help Turkish

"{55D003F4-9599-44BF-BA9E-95D060730DD3}" = Contrôle ActiveX Windows Live Mesh pour connexions à distance

"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime

"{5AA617AF-A4A4-AA20-E81D-EA14F585FB6A}" = CCC Help Swedish

"{5D629C4C-1EB4-5436-FA1C-15878067257F}" = CCC Help Danish

"{5DC2889B-AF01-3494-38CA-37BBDB1D9F39}" = Catalyst Control Center InstallProxy

"{5DD4FCBD-A3C1-4155-9E17-4161C70AAABA}" = Segoe UI

"{6057E21C-ABE9-4059-AE3E-3BEB9925E660}" = Windows Live Messenger

"{61AD15B2-50DB-4686-A739-14FE180D4429}" = Windows Live ID Sign-in Assistant

"{62687B11-58B5-4A18-9BC3-9DF4CE03F194}" = Windows Live Writer Resources

"{6544BC7B-158C-88EB-9D63-2C37347A4902}" = CCC Help Finnish

"{66491E5A-7899-4863-A2E9-057E10BCB578}" = Samsung SecretZone

"{675D173B-F754-9B62-A847-A78117B3FCEA}" = CCC Help Italian

"{67ADE9AF-5CD9-4089-8825-55DE4B366799}" = NTI Backup NOW! 4.7

"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE

"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update

"{6D24E9E9-AA3E-4A8C-F62A-6D09717FB8B0}" = CCC Help Japanese

"{6DEC8BD5-7574-47FA-B080-492BBBE2FEA3}" = Windows Live Movie Maker

"{6E5324C1-84FC-4F76-9A3A-C65E07F80EE6}" = Complément Messenger

"{718263DE-E612-4653-BB7D-7154BA9E31AB}" = Microsoft LifeCam

"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable

"{75D84EF7-0D8C-4e70-B3FA-7B42A5D4E0EB}" = Mass Effect 2

"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

"{77791725-5D50-C0DE-059A-5C4B5EE8A212}" = Catalyst Control Center Graphics Full Existing

"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core

"{7980631D-6A17-EF85-2D95-6F77E0B586AD}" = CCC Help Dutch

"{79DD56FC-DB8B-47F5-9C80-78B62E05F9BC}" = Acer ScreenSaver

"{7DEDD94B-32EB-D72C-CDAE-6BBA3E31276D}" = Catalyst Control Center Graphics Full New

"{821D6F49-1B20-4809-8C73-286CFC52B1B1}" = Samsung Auto Backup

"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform

"{841F1FB4-FDF8-461C-A496-3E1CFD84C0B5}" = Windows Live Mesh

"{853A4763-6643-4604-8D64-28BDD8925F4C}" = Apple Application Support

"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570

"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight

"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime

"{8D7133DE-27D2-47E5-B248-4180278D32AA}" = Catalyst Control Center - Branding

"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT

"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker

"{94389919-B0AA-4882-9BE8-9F0B004ECA35}" = Acer Tour

"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting

"{964F54B7-4A02-5450-912F-E2A3A66B1418}" = CCC Help Thai

"{97C82B44-D408-4F14-9252-47FC1636D23E}_is1" = IZArc 3.81

"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail

"{9FAE6E8D-E686-49F5-A574-0A58DFD9580C}" = Windows Live Mail

"{A01AC54A-5BB8-FE08-1854-5427457FCBCB}" = CCC Help Spanish

"{a0fe116e-9a8a-466f-aee0-625cb7c207e3}" = Microsoft Visual C++ 2005 Redistributable - KB2467175

"{A53E699B-AEAA-65FB-90ED-A45D1DC86D37}" = HydraVision

"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer

"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper

"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common

"{AA4BF92B-2AAF-11DA-9D78-000129760D75}" = Acer Zone SoftDMA

"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer

"{AADD9821-3290-1B1F-D164-1F6D20601FAF}" = Catalyst Control Center HydraVision Full

"{AB6097D9-D722-4987-BD9E-A076E2848EE2}" = Acer Empowering Technology

"{AB93C51F-71F9-4A28-8134-FE1B5B9373E9}" = Windows Live Remote Service Resources

"{AC76BA86-7AD7-1036-7B44-AA0000000001}" = Adobe Reader X (10.0.1) - Français

"{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9

"{AD646716-2554-666F-6F72-A5D5B96CF046}" = CCC Help German

"{AEEAE013-92F1-4515-B278-139F1A692A35}" = Acer eDataSecurity Management

"{AEEAE013-92F1-4515-B278-139F1A692A36}" = Acer eDataSecurity Management

"{AF844339-2F8A-4593-81B3-9F4C54038C4E}" = Windows Live MIME IFilter

"{B145EC69-66F5-11D8-9D75-000129760D75}" = Acer Zone MakeDisk

"{B624D324-D3FD-01FF-1587-18A650E3EBB6}" = CCC Help Korean

"{B67AE61E-640C-358A-CF8A-4883C03F1E80}" = CCC Help Russian

"{BE1B109A-F0D0-2406-AFDB-FEBF9C4E0D9A}" = CCC Help Polish

"{C2E4B5BD-32DB-4817-A060-341AB17C3F90}" = Bonjour

"{C5C1C0F0-D62F-4DBF-81D4-D7EF397C228B}" = NVIDIA PhysX

"{C748519A-9E3F-6FA2-5A7A-3CABECEC2CE1}" = ATI Catalyst Install Manager

"{C893D8C0-1BA0-4517-B11C-E89B65E72F70}" = Windows Live Photo Common

"{CACAEB5F-174D-4C7C-AC56-A33289A807CA}" = Apple Mobile Device Support

"{CB8E27C7-F3E2-ABB0-36DF-D96B3D77B0AD}" = CCC Help Chinese Traditional

"{CBA454E9-DA4C-3CE7-4BDC-522B6F0F057A}" = ATI AVIVO Codecs

"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1

"{CE898A54-E9BB-4F4E-26A6-DBCF9F8DE5A2}" = CCC Help Czech

"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform

"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform

"{D462BF9E-0C35-4705-BF9B-3DF9F3816643}" = Acer ePerformance Management

"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh

"{DFDBE1F9-04CE-4645-BB6C-4590EABC7A9C}" = Windows Live Remote Client Resources

"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10

"{E1180142-3B31-4DCC-9D27-7AC2D37662BF}" = LightScribe 1.4.124.1

"{E31B2CB2-1CE3-EEC9-4FC7-48145D6AD674}" = Catalyst Control Center Core Implementation

"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger

"{EBB794ED-D282-4334-92FB-254481EFF514}" = Pro Evolution Soccer 6

"{EFBDC2B0-FAA8-4B78-8DE1-AEBE7958FA37}" = Acer Zone Main Page

"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]

"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver

"{F2508213-9989-4E85-A078-72BE483917EF}" = Microsoft Games for Windows - LIVE Redistributable

"{F29B21BD-CAA6-445F-8EF7-A7E2B9D8B14E}" = Logitech SetPoint

"{F53D678E-238F-4A71-9742-08BB6774E9DC}" = Windows Live Family Safety

"{F681E38A-E0EF-21F8-B787-B62332B45555}" = CCC Help Norwegian

"{F6EFFB76-4A07-11DA-9D78-000129760D75}" = Acer Plug and Record

"{F79A208D-D929-11D9-9D77-000129760D75}" = Acer Zone MagicDirector

"{FCFBA290-CB48-4AF1-A241-2685AEDEDD66}" = Windows Live Family Safety

"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX

"Adobe Shockwave Player" = Adobe Shockwave Player

"Advanced Video FX Engine" = Advanced Video FX Engine

"avast" = avast! Free Antivirus

"Battle.net" = Battle.net

"CameraWindowDC" = Canon Utilities CameraWindow DC

"CameraWindowDVC6" = Canon Utilities CameraWindow DC_DV 6 for ZoomBrowser EX

"CameraWindowLauncher" = Canon Utilities CameraWindow

"CANON iMAGE GATEWAY Task" = CANON iMAGE GATEWAY Task for ZoomBrowser EX

"Canon Internet Library for ZoomBrowser EX" = Canon Internet Library for ZoomBrowser EX

"CCleaner" = CCleaner

"FlashGet 3.3" = FlashGet 3.3

"Get Yahoo! Messenger" = Installer Yahoo! Messenger

"HijackThis" = HijackThis 2.0.2

"InstallShield_{1577A05B-EE62-4BBC-9DB7-FE748FA44EC2}" = NTI CD & DVD-Maker

"Lame MP3 Codec (for the ACM)" = Lame ACM MP3 Codec

"Live Lite 4 for M-Audio 4.0.4" = Live Lite 4 for M-Audio 4.0.4

"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware

"Microsoft .NET Framework 3.5 Language Pack SP1 - fra" = Module linguistique Microsoft .NET Framework 3.5 SP1- fra

"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1

"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile

"Microsoft .NET Framework 4 Client Profile FRA Language Pack" = Module linguistique Microsoft .NET Framework 4 Client Profile FRA

"MovieEditTask" = Canon MovieEdit Task for ZoomBrowser EX

"MSNIACC" = MSN Connection Center

"MyCamera" = Canon Utilities MyCamera

"MyCameraDC" = Canon Utilities MyCamera DC

"PhotoStitch" = Canon Utilities PhotoStitch

"RemoteCaptureTask" = Canon Utilities RemoteCapture Task for ZoomBrowser EX

"StarCraft II" = StarCraft II

"Switch" = Switch Sound File Converter

"SystemRequirementsLab" = System Requirements Lab

"VLC media player" = VLC media player 1.1.4

"Warcraft III" = Warcraft III

"WinLiveSuite" = Windows Live

"WinPcapInst" = WinPcap 4.0

"XviD_is1" = XviD MPEG-4 Video Codec

"ZHPDiag_is1" = ZHPDiag 1.27

"ZoomBrowser EX" = Canon Utilities ZoomBrowser EX

"ZoomBrowser EX Memory Card Utility" = Canon ZoomBrowser EX Memory Card Utility

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"Warcraft III" = Warcraft III: All Products

========== Last 10 Event Log Errors ==========

[ Antivirus Events ]

Error - 12/04/2010 08:02:36 | Computer Name = PC-de-Juju | Source = avast! | ID = 33554522

Description =

Error - 12/04/2010 08:02:36 | Computer Name = PC-de-Juju | Source = avast! | ID = 33554522

Description =

Error - 12/04/2010 08:07:20 | Computer Name = PC-de-Juju | Source = avast! | ID = 33554522

Description =

Error - 12/04/2010 08:07:20 | Computer Name = PC-de-Juju | Source = avast! | ID = 33554522

Description =

Error - 12/04/2010 08:07:20 | Computer Name = PC-de-Juju | Source = avast! | ID = 33554522

Description =

Error - 12/04/2010 08:07:20 | Computer Name = PC-de-Juju | Source = avast! | ID = 33554522

Description =

Error - 12/04/2010 08:07:24 | Computer Name = PC-de-Juju | Source = avast! | ID = 33554522

Description =

Error - 12/04/2010 08:07:24 | Computer Name = PC-de-Juju | Source = avast! | ID = 33554522

Description =

Error - 12/04/2010 08:07:24 | Computer Name = PC-de-Juju | Source = avast! | ID = 33554522

Description =

Error - 12/04/2010 08:07:24 | Computer Name = PC-de-Juju | Source = avast! | ID = 33554522

Description =

[ Application Events ]

Error - 16/05/2011 12:23:36 | Computer Name = PC-de-Juju | Source = VSS | ID = 8194

Description =

Error - 16/05/2011 12:34:33 | Computer Name = PC-de-Juju | Source = VSS | ID = 8194

Description =

Error - 16/05/2011 12:35:31 | Computer Name = PC-de-Juju | Source = VSS | ID = 8194

Description =

Error - 16/05/2011 12:37:08 | Computer Name = PC-de-Juju | Source = VSS | ID = 8194

Description =

Error - 19/05/2011 15:47:56 | Computer Name = PC-de-Juju | Source = Windows Search Service | ID = 3013

Description =

Error - 22/05/2011 04:55:47 | Computer Name = PC-de-Juju | Source = Microsoft-Windows-CAPI2 | ID = 131585

Description =

Error - 22/05/2011 13:09:51 | Computer Name = PC-de-Juju | Source = Application Hang | ID = 1002

Description = Le programme ZHPDiag.exe version 1.2.7.21 a cessé d’interagir avec

Windows et a été fermé. Pour déterminer si des informations supplémentaires sont

disponibles, consultez l’historique du problème dans l’application Rapports et

solutions aux problèmes du Panneau de configuration. ID de processus : 14ec Heure

de début : 01cc18a2767ddb70 Heure de fin : 15

Error - 22/05/2011 13:13:00 | Computer Name = PC-de-Juju | Source = Application Hang | ID = 1002

Description = Le programme ZHPDiag.exe version 1.2.7.21 a cessé d’interagir avec

Windows et a été fermé. Pour déterminer si des informations supplémentaires sont

disponibles, consultez l’historique du problème dans l’application Rapports et

solutions aux problèmes du Panneau de configuration. ID de processus : 1110 Heure

de début : 01cc18a3156d8a50 Heure de fin : 0

Error - 22/05/2011 13:18:45 | Computer Name = PC-de-Juju | Source = Application Hang | ID = 1002

Description = Le programme ZHPDiag.exe version 1.2.7.21 a cessé d’interagir avec

Windows et a été fermé. Pour déterminer si des informations supplémentaires sont

disponibles, consultez l’historique du problème dans l’application Rapports et

solutions aux problèmes du Panneau de configuration. ID de processus : 1458 Heure

de début : 01cc18a3bc6e9790 Heure de fin : 12231

Error - 23/05/2011 11:27:41 | Computer Name = PC-de-Juju | Source = Application Hang | ID = 1002

Description = Le programme Explorer.EXE version 6.0.6002.18005 a cessé d’interagir

avec Windows et a été fermé. Pour déterminer si des informations supplémentaires

sont disponibles, consultez l’historique du problème dans l’application Rapports

et solutions aux problèmes du Panneau de configuration. ID de processus : 550 Heure

de début : 01cc1920ed1c1162 Heure de fin : 47

[ Media Center Events ]

Error - 20/04/2007 18:23:03 | Computer Name = PC-de-Juju | Source = Media Center Guide | ID = 0

Description = Info sur l’événement : ERROR: SqmApiWrapper.TimerAccumulate failed;

Win32 GetLastError returned 10000105 Processus : DefaultDomain Nom de l’objet :

Media Center Guide

Error - 20/04/2007 18:27:16 | Computer Name = PC-de-Juju | Source = Media Center Guide | ID = 0

Description = Info sur l’événement : ERROR: SqmApiWrapper.TimerAccumulate failed;

Win32 GetLastError returned 10000105 Processus : DefaultDomain Nom de l’objet :

Media Center Guide

Error - 20/04/2007 19:28:27 | Computer Name = PC-de-Juju | Source = Media Center Guide | ID = 0

Description = Info sur l’événement : ERROR: SqmApiWrapper.TimerAccumulate failed;

Win32 GetLastError returned 10000105 Processus : DefaultDomain Nom de l’objet :

Media Center Guide

Error - 12/08/2007 08:10:30 | Computer Name = PC-de-Juju | Source = Media Center Guide | ID = 0

Description = Info sur l’événement : ERROR: SqmApiWrapper.TimerRecord failed; Win32

GetLastError returned 10000105 Processus : DefaultDomain Nom de l’objet : Media

Center Guide

Error - 06/11/2009 15:45:31 | Computer Name = PC-de-Juju | Source = Media Center Guide | ID = 0

Description = Info sur l’événement : ERROR: SqmApiWrapper.WaitForUploadComplete

failed. Please try to ping www.msn.com prior to filing a bug.; Win32 GetLastError

returned 10000109 Processus : DefaultDomain Nom de l’objet : Media Center Guide

Error - 10/11/2009 10:20:28 | Computer Name = PC-de-Juju | Source = Media Center Guide | ID = 0

Description = Info sur l’événement : ERROR: SqmApiWrapper.TimerRecord failed; Win32

GetLastError returned 10000105 Processus : DefaultDomain Nom de l’objet : Media

Center Guide

Error - 19/01/2010 17:31:26 | Computer Name = PC-de-Juju | Source = Media Center Guide | ID = 0

Description = Info sur l’événement : ERROR: SqmApiWrapper.TimerRecord failed; Win32

GetLastError returned 10000105 Processus : DefaultDomain Nom de l’objet : Media

Center Guide

Error - 31/05/2010 05:11:09 | Computer Name = PC-de-Juju | Source = Media Center Guide | ID = 0

Description = Info sur l’événement : ERROR: SqmApiWrapper.TimerRecord failed; Win32

GetLastError returned 10000105 Processus : DefaultDomain Nom de l’objet : Media

Center Guide

Error - 21/06/2010 11:41:30 | Computer Name = PC-de-Juju | Source = Media Center Guide | ID = 0

Description = Info sur l’événement : ERROR: SqmApiWrapper.TimerRecord failed; Win32

GetLastError returned 10000105 Processus : DefaultDomain Nom de l’objet : Media

Center Guide

Error - 10/07/2010 16:51:37 | Computer Name = PC-de-Juju | Source = Media Center Guide | ID = 0

Description = Info sur l’événement : ERROR: SqmApiWrapper.TimerRecord failed; Win32

GetLastError returned 10000105 Processus : DefaultDomain Nom de l’objet : Media

Center Guide

========== Last 10 Event Log Errors ==========

Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!

< End of report >

ROUROU · le 26 mai 2011

Post supprimé ( doublon )

Modifié le 27 mai 2011 par ROUROU

lance_yien · le 27 mai 2011

Bonjour,

tu as collé le contenu du même rapport (OTL Extras logfile) dans les 2 messages.

Ouvre OTL.txt (sur ton Bureau) et colle son contenu.

ROUROU · le 27 mai 2011

OTL logfile created on: 26/05/2011 19:45:25 - Run 1

OTL by OldTimer - Version 3.2.23.0 Folder = C:\Users\Juju\Desktop

Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation

Internet Explorer (Version = 9.0.8112.16421)

Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

3,50 Gb Total Physical Memory | 2,58 Gb Available Physical Memory | 73,84% Memory free

7,24 Gb Paging File | 6,22 Gb Available in Paging File | 86,01% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files

Drive C: | 145,80 Gb Total Space | 44,78 Gb Free Space | 30,71% Space Free | Partition Type: NTFS

Drive D: | 145,46 Gb Total Space | 141,96 Gb Free Space | 97,59% Space Free | Partition Type: NTFS

Computer Name: PC-DE-JUJU | User Name: Juju | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user | Quick Scan

Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/05/26 19:43:18 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Users\Juju\Desktop\OTL.exe

PRC - [2011/05/17 18:21:25 | 000,240,288 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\System32\Macromed\Flash\FlashUtil10q_ActiveX.exe

PRC - [2011/05/10 14:10:58 | 003,459,712 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe

PRC - [2011/05/10 14:10:57 | 000,042,184 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe

PRC - [2010/08/30 11:17:50 | 000,090,112 | ---- | M] (Clarus, Inc.) -- C:\Program Files\Clarus\Samsung SecretZone\SZAssistSVC.exe

PRC - [2009/11/24 21:24:54 | 000,569,344 | ---- | M] (AMD) -- C:\Program Files\ATI Technologies\HydraVision\HydraMD.exe

PRC - [2009/11/24 21:24:24 | 000,385,024 | ---- | M] (AMD) -- C:\Program Files\ATI Technologies\HydraVision\HydraDM.exe

PRC - [2009/09/02 14:29:22 | 000,643,592 | ---- | M] (Avid Technology, Inc.) -- C:\Windows\System32\M-AudioTaskBarIcon.exe

PRC - [2009/04/11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe

PRC - [2008/01/19 09:38:38 | 001,008,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe

PRC - [2007/02/07 00:04:26 | 000,457,512 | ---- | M] (HiTRSUT) -- C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe

PRC - [2007/02/07 00:04:16 | 000,464,168 | ---- | M] (HiTRUST) -- C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe

PRC - [2007/01/05 00:13:54 | 000,240,408 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft LifeCam\MSCamS32.exe

PRC - [2006/12/08 15:45:32 | 000,045,056 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe

PRC - [2006/11/23 16:24:54 | 000,319,488 | ---- | M] () -- C:\Windows\System32\SysMonitor.exe

PRC - [2006/11/12 21:35:08 | 000,024,576 | ---- | M] () -- C:\Acer\Empowering Technology\ePerformance\MemCheck.exe

PRC - [2006/11/09 04:57:52 | 003,784,704 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe

========== Modules (SafeList) ==========

MOD - [2011/05/26 19:43:18 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Users\Juju\Desktop\OTL.exe

MOD - [2011/05/10 14:10:55 | 000,199,792 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\snxhk.dll

MOD - [2010/08/31 17:43:52 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll

========== Win32 Services (SafeList) ==========

SRV - [2011/05/10 14:10:57 | 000,042,184 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)

SRV - [2010/08/30 11:17:50 | 000,090,112 | ---- | M] (Clarus, Inc.) [Auto | Running] -- C:\Program Files\Clarus\Samsung SecretZone\SZAssistSVC.exe -- (SZASSIST)

SRV - [2009/11/25 05:17:04 | 000,172,032 | ---- | M] (AMD) [Auto | Stopped] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility)

SRV - [2008/05/02 02:42:06 | 000,121,360 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Logitech\Bluetooth\LBTServ.exe -- (LBTServ)

SRV - [2008/01/19 09:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)

SRV - [2007/02/07 00:04:26 | 000,457,512 | ---- | M] (HiTRSUT) [Auto | Running] -- C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe -- (eDataSecurity Service)

SRV - [2007/01/25 19:31:34 | 000,093,048 | ---- | M] (CACE Technologies) [On_Demand | Stopped] -- C:\Program Files\WinPcap\rpcapd.exe -- (rpcapd) Remote Packet Capture Protocol v.0 (experimental)

SRV - [2007/01/05 00:13:54 | 000,240,408 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft LifeCam\MSCamS32.exe -- (MSCamSvc)

SRV - [2006/12/08 15:45:32 | 000,045,056 | ---- | M] (Acer Inc.) [Auto | Running] -- C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe -- (eRecoveryService)

SRV - [2006/11/12 21:35:08 | 000,024,576 | ---- | M] () [Auto | Running] -- C:\Acer\Empowering Technology\ePerformance\MemCheck.exe -- (AcerMemUsageCheckService)

========== Driver Services (SafeList) ==========

DRV - [2011/05/10 14:03:54 | 000,441,176 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSnx.sys -- (aswSnx)

DRV - [2011/05/10 14:03:44 | 000,307,928 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)

DRV - [2011/05/10 14:02:37 | 000,049,240 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)

DRV - [2011/05/10 13:59:56 | 000,025,432 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr.sys -- (aswRdr)

DRV - [2011/05/10 13:59:44 | 000,053,592 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)

DRV - [2011/05/10 13:59:35 | 000,019,544 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)

DRV - [2010/08/11 17:18:08 | 000,070,512 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Program Files\Clarus\Samsung SecretZone\mvd22.sys -- (mvd22)

DRV - [2010/08/11 17:15:48 | 000,018,288 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Program Files\Clarus\Samsung SecretZone\mdf16.sys -- (mdf16)

DRV - [2010/01/20 20:39:18 | 000,025,400 | ---- | M] () [File_System | System | Running] -- C:\Windows\System32\drivers\UnHooker.sys -- (UnHooker)

DRV - [2009/11/25 05:51:32 | 005,143,552 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)

DRV - [2009/11/25 05:18:16 | 000,096,768 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\AtiHdmi.sys -- (AtiHdmiService)

DRV - [2007/08/09 18:12:30 | 000,110,624 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\nvstor32.sys -- (nvstor32)

DRV - [2007/01/25 19:31:34 | 000,042,000 | ---- | M] (CACE Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\npf.sys -- (NPF)

DRV - [2007/01/23 15:45:00 | 000,034,576 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\LHidFilt.Sys -- (LHidFilt)

DRV - [2007/01/23 15:45:00 | 000,033,296 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\LMouFilt.Sys -- (LMouFilt)

DRV - [2007/01/23 15:44:00 | 000,020,496 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\L8042Kbd.sys -- (L8042Kbd)

DRV - [2006/12/07 18:12:02 | 000,076,584 | ---- | M] () [Kernel | Auto | Running] -- C:\Acer\Empowering Technology\eRecovery\int15.sys -- (int15)

DRV - [2006/12/06 01:39:13 | 001,964,064 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VX3000.sys -- (VX3000)

DRV - [2006/07/24 16:05:00 | 000,005,632 | ---- | M] () [File_System | System | Running] -- C:\Windows\System32\drivers\StarOpen.sys -- (StarOpen)

DRV - [2004/08/09 13:33:26 | 000,114,016 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\prohlp02.sys -- (prohlp02)

DRV - [2004/08/09 13:29:28 | 000,053,920 | ---- | M] (Protection Technology) [Kernel | System | Running] -- C:\Windows\System32\drivers\prodrv06.sys -- (prodrv06)

DRV - [2004/07/19 16:49:54 | 000,007,040 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\prosync1.sys -- (prosync1)

DRV - [2004/04/14 11:08:00 | 000,044,064 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\WmXlCore.sys -- (WmXlCore)

DRV - [2004/04/14 11:08:00 | 000,021,280 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WmFilter.sys -- (WmFilter)

DRV - [2004/04/14 11:08:00 | 000,010,144 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\WmBEnum.sys -- (WmBEnum)

DRV - [2004/04/14 11:08:00 | 000,005,600 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WmVirHid.sys -- (WmVirHid)

DRV - [2003/12/01 17:20:52 | 000,004,832 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\sfhlp01.sys -- (sfhlp01)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Yahoo! Search

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = {searchTerms} - Yahoo! Search Results

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Yahoo! France

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

O1 HOSTS File: ([2006/09/18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts

O1 - Hosts: 127.0.0.1 localhost

O1 - Hosts: ::1 localhost

O2 - BHO: (no name) - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - No CLSID value found.

O2 - BHO: (FlashGetBHO) - {b070d3e3-fec0-47d9-8e8a-99d4eeb3d3b0} - C:\Users\Juju\AppData\Roaming\FlashGetBHO\FlashGetBHO3.dll (Trend Media Group)

O3 - HKLM\..\Toolbar: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\System32\eDStoolbar.dll (HiTRUST)

O3 - HKCU\..\Toolbar\ShellBrowser: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477E-A7DD-396DB0476E29} - C:\Windows\System32\eDStoolbar.dll (HiTRUST)

O4 - HKLM..\Run: [Acer Empowering Technology Monitor] C:\Windows\System32\SysMonitor.exe ()

O4 - HKLM..\Run: [Acer Tour] File not found

O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)

O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software)

O4 - HKLM..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe (HiTRUST)

O4 - HKLM..\Run: [eRecoveryService] File not found

O4 - HKLM..\Run: [Kernel and Hardware Abstraction Layer] C:\Windows\KHALMNPR.Exe (Logitech Inc.)

O4 - HKLM..\Run: [M-Audio Taskbar Icon] C:\Windows\System32\M-AudioTaskBarIcon.exe (Avid Technology, Inc.)

O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)

O4 - HKLM..\Run: [startCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)

O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)

O4 - HKCU..\Run: [HydraVisionDesktopManager] C:\Program Files\ATI Technologies\HydraVision\HydraDM.exe (AMD)

O4 - HKCU..\Run: [HydraVisionMDEngine] C:\Program Files\ATI Technologies\HydraVision\HydraMD.exe (AMD)

O4 - HKCU..\Run: [捁牥吠畯r] File not found

O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Low Rights present

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O8 - Extra context menu item: Download all by FlashGet3 - C:\Users\Juju\AppData\Roaming\FlashGetBHO\GetAllUrl.htm ()

O8 - Extra context menu item: Download by FlashGet3 - C:\Users\Juju\AppData\Roaming\FlashGetBHO\GetUrl.htm ()

O9 - Extra Button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - Reg Error: Key error. File not found

O9 - Extra Button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - File not found

O9 - Extra 'Tools' menuitem : PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - File not found

O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)

O13 - gopher Prefix: missing

O15 - HKCU\..Trusted Domains: kuaiche.com ([software] http in Trusted sites)

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.s un.com/update/1.6.0/jin s tall-1_6_0_25-window s -i586.cab (Java Plug-in 1.6.0_25)

O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/fla s hplayer/current/polarbear/ultra s him.cab (Reg Error: Key error.)

O16 - DPF: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA} http://java.s un.com/update/1.6.0/jin s tall-1_6_0_25-window s -i586.cab (Java Plug-in 1.6.0_25)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.s un.com/update/1.6.0/jin s tall-1_6_0_25-window s -i586.cab (Java Plug-in 1.6.0_25)

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s hoc k wave/cab s /fla s h/s wfla s h.cab (Shockwave Flash Object)

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NO S /getPlu s Plu s /1.6/gp.cab (Reg Error: Key error.)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 89.2.0.1 89.2.0.2

O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~1\COMMON~1\System\OLEDB~1\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~1\COMMON~1\System\OLEDB~1\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~1\COMMON~1\System\OLEDB~1\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~1\COMMON~1\System\OLEDB~1\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~1\COMMON~1\System\OLEDB~1\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~1\COMMON~1\System\OLEDB~1\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~1\COMMON~1\System\OLEDB~1\MSDAIPP.DLL (Microsoft Corporation)

O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)

O24 - Desktop WallPaper: C:\Users\Juju\AppData\Roaming\Microsoft\Windows Photo Gallery\Papier peint de la Galerie de photos Windows.jpg

O24 - Desktop BackupWallPaper: C:\Users\Juju\AppData\Roaming\Microsoft\Windows Photo Gallery\Papier peint de la Galerie de photos Windows.jpg

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2006/09/18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]

O34 - HKLM BootExecute: (autocheck autochk *) - File not found

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: FastUserSwitchingCompatibility - File not found

NetSvcs: Ias - File not found

NetSvcs: Nla - File not found

NetSvcs: Ntmssvc - File not found

NetSvcs: NWCWorkstation - File not found

NetSvcs: Nwsapagent - File not found

NetSvcs: SRService - File not found

NetSvcs: WmdmPmSp - File not found

NetSvcs: LogonHours - File not found

NetSvcs: PCAudit - File not found

NetSvcs: helpsvc - File not found

NetSvcs: uploadmgr - File not found

Drivers32: msacm.lameacm - C:\Windows\System32\lameACM.acm (http://www.mp3dev.org/)

Drivers32: msacm.lhacm - C:\Windows\System32\lhacm.acm (Microsoft Corporation)

Drivers32: msacm.mkdmp3enc - C:\PROGRA~1\ACERZO~1\ACERZO~2\Kernel\Burner\MKDMP3Enc.ACM File not found

Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)

Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)

Drivers32: VIDC.I420 - msh263.drv File not found

Drivers32: vidc.XVID - C:\Windows\System32\xvidvfw.dll ()

CREATERESTOREPOINT

Restore point Set: OTL Restore Point

PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 30 Days ==========

[2011/05/26 19:43:17 | 000,580,096 | ---- | C] (OldTimer Tools) -- C:\Users\Juju\Desktop\OTL.exe

[2011/05/26 19:08:32 | 000,000,000 | ---D | C] -- C:\Users\Juju\AppData\Local\{C6CDFC80-760E-4D5E-BFA3-F26E8F76EAAE}

[2011/05/25 21:19:33 | 000,000,000 | ---D | C] -- C:\Users\Juju\AppData\Local\{B4EFD8E4-967C-478F-B61D-FCA5CD4AD11B}

[2011/05/25 18:45:30 | 000,000,000 | -HSD | C] -- C:\Config.Msi

[2011/05/25 18:43:15 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java

[2011/05/24 18:42:20 | 000,000,000 | ---D | C] -- C:\Users\Juju\AppData\Local\{7289ACE9-6E5D-42E8-A85A-FD1D4B3B2DFF}

[2011/05/23 20:48:48 | 000,000,000 | ---D | C] -- C:\Users\Juju\AppData\Roaming\Malwarebytes

[2011/05/23 20:48:44 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys

[2011/05/23 20:48:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware

[2011/05/23 20:48:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes

[2011/05/23 20:48:41 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys

[2011/05/23 20:48:40 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware

[2011/05/23 20:28:07 | 007,734,208 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\Juju\Desktop\mbam-setup-1.50.1.1100.exe

[2011/05/23 16:57:18 | 000,000,000 | ---D | C] -- C:\Users\Juju\AppData\Local\{14482EDE-6BDB-416C-87B4-F921B01D21AD}

[2011/05/23 02:11:36 | 000,000,000 | ---D | C] -- C:\Users\Juju\AppData\Local\{BF6D3ACE-F33E-4BE7-A0A1-5B3D9AE07ADB}

[2011/05/22 19:05:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP

[2011/05/22 19:05:12 | 000,000,000 | ---D | C] -- C:\Program Files\ZHPDiag

[2011/05/22 19:04:25 | 002,486,272 | ---- | C] (Nicolas Coolman ) -- C:\Users\Juju\Desktop\ZHPDiag2.exe

[2011/05/22 19:01:35 | 000,000,000 | ---D | C] -- C:\Program Files\backups

[2011/05/22 13:05:07 | 000,000,000 | ---D | C] -- C:\Users\Juju\Documents\Films à acheter

[2011/05/22 12:08:32 | 000,000,000 | ---D | C] -- C:\Users\Juju\AppData\Local\{DF6ACB61-3497-4399-8943-AEBAF0C73C36}

[2011/05/22 10:42:22 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner

[2011/05/21 18:44:24 | 000,401,720 | ---- | C] (Trend Micro Inc.) -- C:\Program Files\HiJackThis.exe

[2011/05/21 18:30:59 | 000,000,000 | ---D | C] -- C:\Users\Juju\AppData\Local\{9279F2EA-2F2B-4386-80ED-EFBFDD87E92B}

[2011/05/21 18:21:52 | 000,441,176 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswSnx.sys

[2011/05/20 18:35:50 | 000,000,000 | ---D | C] -- C:\Users\Juju\AppData\Local\{75991771-1FFD-46F7-B53A-4AA7174F2DEC}

[2011/05/19 23:36:04 | 000,000,000 | ---D | C] -- C:\Users\Juju\AppData\Local\{7C44A680-5A47-4C33-909B-09B454651195}

[2011/05/18 19:03:02 | 000,000,000 | ---D | C] -- C:\Users\Juju\AppData\Local\{A38258C2-6D3D-4BB7-A979-30C117F9A28D}

[2011/05/17 23:36:03 | 000,000,000 | ---D | C] -- C:\Users\Juju\AppData\Local\{EA618ADF-F0A8-41C3-99B8-9806F4893147}

[2011/05/17 22:45:07 | 000,000,000 | ---D | C] -- C:\Users\Juju\AppData\Local\{FB92A6EC-3624-408A-9E3F-286CF6D187F1}

[2011/05/16 18:24:15 | 000,000,000 | ---D | C] -- C:\Windows\Application Data

[2011/05/16 18:22:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung

[2011/05/16 18:22:39 | 000,000,000 | ---D | C] -- C:\Program Files\Clarus

[2011/05/16 18:08:52 | 000,000,000 | ---D | C] -- C:\Users\Juju\AppData\Local\{15413796-C272-494A-83D9-2C6DC36E47F7}

[2011/05/15 17:19:53 | 000,000,000 | ---D | C] -- C:\Users\Juju\AppData\Local\{D36FCAE4-6220-4BC8-A651-C22FA3BB4782}

[2011/05/14 16:57:03 | 000,000,000 | ---D | C] -- C:\Users\Juju\AppData\Local\{E923B3FE-CED8-4C49-9ACB-999334546A51}

[2011/05/13 20:26:06 | 000,000,000 | ---D | C] -- C:\Users\Juju\AppData\Local\{E006730F-0E4D-4A21-AAC2-70A428AF3CA6}

[2011/05/11 18:27:33 | 000,000,000 | ---D | C] -- C:\Users\Juju\AppData\Local\{DD455598-4AB6-482E-AA1F-304766906E94}

[2011/05/09 18:44:50 | 000,000,000 | ---D | C] -- C:\Users\Juju\AppData\Local\{10B1EBAE-1656-41A3-B645-C8ED1924983B}

[2011/05/08 23:41:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games for Windows Marketplace

[2011/05/08 22:01:52 | 000,000,000 | ---D | C] -- C:\Users\Juju\AppData\Local\{8A6E0543-984F-48BF-8EB7-12A6BA4F55F3}

[2011/05/05 10:53:57 | 000,000,000 | ---D | C] -- C:\Users\Juju\AppData\Local\{D17B0764-E4FC-4902-BEA1-C287A0FD284F}

[2011/05/04 11:27:50 | 000,000,000 | ---D | C] -- C:\Users\Juju\AppData\Local\{40A453CE-2121-4645-83A5-2EA080A3D5B2}

[2011/05/03 08:56:25 | 000,000,000 | ---D | C] -- C:\Users\Juju\AppData\Local\{8EC052D5-6C20-411D-B7E0-42B5612F4DA1}

[2011/05/02 14:35:29 | 000,000,000 | ---D | C] -- C:\Users\Juju\AppData\Local\{3B94A6D7-EC3D-4FAB-925B-DB8A499ADC62}

[2011/04/29 20:45:54 | 000,000,000 | ---D | C] -- C:\Users\Juju\AppData\Local\{C6E71F73-748F-4678-BEF1-610750DB50B2}

[2011/04/28 22:22:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes

[2011/04/28 22:22:16 | 000,000,000 | ---D | C] -- C:\Program Files\iPod

[2011/04/28 22:19:54 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour

[2011/04/28 20:53:18 | 000,000,000 | ---D | C] -- C:\Users\Juju\AppData\Local\{F80D6603-D2FA-4B03-8AB1-24B8E2D3006C}

[2011/04/27 20:30:44 | 000,000,000 | ---D | C] -- C:\Users\Juju\AppData\Local\{D7EBACD6-0C15-499A-A0E2-EC07804F6973}

[2007/04/03 20:24:07 | 000,016,384 | ---- | C] ( ) -- C:\Windows\System32\ClearEvent.exe

[2006/12/14 15:18:54 | 000,053,248 | ---- | C] ( ) -- C:\Windows\System32\Interop.Shell32.dll

[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/05/26 19:46:49 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin

[2011/05/26 19:43:18 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Users\Juju\Desktop\OTL.exe

[2011/05/26 19:02:00 | 000,001,054 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

[2011/05/26 18:33:04 | 000,003,296 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0

[2011/05/26 18:33:04 | 000,003,296 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0

[2011/05/26 18:31:06 | 3757,629,440 | -HS- | M] () -- C:\hiberfil.sys

[2011/05/23 21:24:09 | 000,678,804 | ---- | M] () -- C:\Windows\System32\perfh00C.dat

[2011/05/23 21:24:09 | 000,595,798 | ---- | M] () -- C:\Windows\System32\perfh009.dat

[2011/05/23 21:24:09 | 000,126,420 | ---- | M] () -- C:\Windows\System32\perfc00C.dat

[2011/05/23 21:24:09 | 000,103,872 | ---- | M] () -- C:\Windows\System32\perfc009.dat

[2011/05/23 20:48:44 | 000,000,910 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk

[2011/05/23 20:37:25 | 000,879,035 | ---- | M] () -- C:\Users\Juju\Desktop\SecurityCheck.exe

[2011/05/23 20:28:11 | 007,734,208 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\Juju\Desktop\mbam-setup-1.50.1.1100.exe

[2011/05/22 21:58:33 | 000,000,512 | ---- | M] () -- C:\PhysicalDisk0_MBR.bin

[2011/05/22 19:05:18 | 000,000,799 | ---- | M] () -- C:\Users\Public\Desktop\MBRCheck.lnk

[2011/05/22 19:05:18 | 000,000,792 | ---- | M] () -- C:\Users\Public\Desktop\ZHPDiag.lnk

[2011/05/22 19:05:18 | 000,000,787 | ---- | M] () -- C:\Users\Public\Desktop\ZHPFix.lnk

[2011/05/22 19:04:26 | 002,486,272 | ---- | M] (Nicolas Coolman ) -- C:\Users\Juju\Desktop\ZHPDiag2.exe

[2011/05/22 11:07:09 | 000,000,290 | RHS- | M] () -- C:\ProgramData\ntuser.pol

[2011/05/22 11:05:55 | 002,714,416 | ---- | M] () -- C:\Users\Juju\Documents\Rapport perf Vista.html

[2011/05/22 10:48:43 | 000,463,540 | ---- | M] () -- C:\Users\Juju\Documents\cc_20110522_104814.reg

[2011/05/21 18:49:29 | 000,000,292 | ---- | M] () -- C:\Windows\System32\secustat.dat

[2011/05/21 18:44:24 | 000,401,720 | ---- | M] (Trend Micro Inc.) -- C:\Program Files\HiJackThis.exe

[2011/05/21 18:21:52 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt

[2011/05/10 14:10:59 | 000,040,112 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr

[2011/05/10 14:10:55 | 000,199,304 | ---- | M] (AVAST Software) -- C:\Windows\System32\aswBoot.exe

[2011/05/10 14:03:54 | 000,441,176 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswSnx.sys

[2011/05/10 14:03:44 | 000,307,928 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswSP.sys

[2011/05/10 14:02:37 | 000,049,240 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswTdi.sys

[2011/05/10 13:59:56 | 000,025,432 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswRdr.sys

[2011/05/10 13:59:44 | 000,053,592 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswMonFlt.sys

[2011/05/10 13:59:35 | 000,019,544 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswFsBlk.sys

[2011/05/02 15:32:37 | 000,001,686 | ---- | M] () -- C:\Users\Juju\Application Data\Microsoft\Internet Explorer\Quick Launch\iTunes.lnk

[2011/04/30 17:31:27 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat

[2011/04/28 22:31:05 | 000,001,050 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job

[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/05/26 19:46:49 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin

[2011/05/25 18:55:21 | 000,001,804 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk

[2011/05/23 20:48:44 | 000,000,910 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk

[2011/05/23 20:37:25 | 000,879,035 | ---- | C] () -- C:\Users\Juju\Desktop\SecurityCheck.exe

[2011/05/22 21:58:32 | 000,000,512 | ---- | C] () -- C:\PhysicalDisk0_MBR.bin

[2011/05/22 19:05:18 | 000,000,799 | ---- | C] () -- C:\Users\Public\Desktop\MBRCheck.lnk

[2011/05/22 19:05:18 | 000,000,792 | ---- | C] () -- C:\Users\Public\Desktop\ZHPDiag.lnk

[2011/05/22 19:05:18 | 000,000,787 | ---- | C] () -- C:\Users\Public\Desktop\ZHPFix.lnk

[2011/05/22 11:06:19 | 002,714,416 | ---- | C] () -- C:\Users\Juju\Documents\Rapport perf Vista.html

[2011/05/22 10:48:19 | 000,463,540 | ---- | C] () -- C:\Users\Juju\Documents\cc_20110522_104814.reg

[2011/05/02 15:32:37 | 000,001,686 | ---- | C] () -- C:\Users\Juju\Application Data\Microsoft\Internet Explorer\Quick Launch\iTunes.lnk

[2011/04/09 18:55:28 | 000,179,261 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat

[2010/08/04 20:32:55 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin

[2010/07/04 16:58:34 | 000,076,328 | -H-- | C] () -- C:\Windows\System32\mlfcache.dat

[2010/04/14 18:53:32 | 000,000,292 | ---- | C] () -- C:\Windows\System32\secustat.dat

[2010/04/14 18:46:56 | 000,000,891 | ---- | C] () -- C:\Windows\System32\secushr.dat

[2010/04/14 18:46:44 | 000,000,025 | ---- | C] () -- C:\Windows\libem.INI

[2010/02/07 20:22:52 | 000,027,587 | ---- | C] () -- C:\Users\Juju\AppData\Roaming\UserTile.png

[2010/01/20 20:39:18 | 000,025,400 | ---- | C] () -- C:\Windows\System32\drivers\UnHooker.sys

[2009/10/22 17:59:00 | 000,196,565 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat

[2009/09/25 20:46:16 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll

[2009/09/25 20:46:16 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin

[2009/09/05 20:06:12 | 000,066,872 | ---- | C] () -- C:\Windows\System32\PnkBstrA.exe

[2009/09/05 20:06:11 | 000,138,184 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys

[2009/09/05 20:06:07 | 000,183,112 | ---- | C] () -- C:\Windows\System32\PnkBstrB.exe

[2009/08/03 00:21:54 | 000,197,912 | ---- | C] () -- C:\Windows\System32\physxcudart_20.dll

[2009/08/03 00:21:54 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelTraditionalChinese.dll

[2009/08/03 00:21:54 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSwedish.dll

[2009/08/03 00:21:54 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSpanish.dll

[2009/08/03 00:21:54 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSimplifiedChinese.dll

[2009/08/03 00:21:54 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelPortugese.dll

[2009/08/03 00:21:54 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelKorean.dll

[2009/08/03 00:21:54 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelJapanese.dll

[2009/08/03 00:21:52 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelGerman.dll

[2009/08/03 00:21:52 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelFrench.dll

[2009/02/18 20:55:20 | 000,294,912 | ---- | C] () -- C:\Windows\System32\ATIODE.exe

[2009/02/03 23:52:02 | 000,045,056 | ---- | C] () -- C:\Windows\System32\ATIODCLI.exe

[2008/07/29 23:24:02 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin

[2008/07/17 15:49:42 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat

[2008/07/03 21:35:44 | 000,000,065 | ---- | C] () -- C:\Windows\FISHUI.INI

[2008/07/03 21:09:35 | 000,299,008 | ---- | C] () -- C:\Windows\System32\LAME_MP3.dll

[2008/07/03 21:09:25 | 000,065,024 | ---- | C] () -- C:\Windows\IFinst26.exe

[2008/06/22 11:59:41 | 000,000,000 | ---- | C] () -- C:\ProgramData\LauncherAccess.dt

[2008/06/22 11:44:57 | 000,005,632 | ---- | C] () -- C:\Windows\System32\drivers\StarOpen.sys

[2008/06/14 20:11:26 | 000,000,376 | ---- | C] () -- C:\Windows\ODBC.INI

[2007/09/15 13:57:26 | 000,000,290 | RHS- | C] () -- C:\ProgramData\ntuser.pol

[2007/08/28 20:24:27 | 000,000,680 | ---- | C] () -- C:\Users\Juju\AppData\Local\d3d9caps.dat

[2007/08/27 21:23:36 | 000,000,023 | ---- | C] () -- C:\Windows\BlendSettings.ini

[2007/08/27 18:13:01 | 000,069,632 | R--- | C] () -- C:\Windows\System32\xmltok.dll

[2007/08/27 18:13:00 | 000,036,864 | R--- | C] () -- C:\Windows\System32\xmlparse.dll

[2007/08/15 19:19:37 | 000,086,528 | ---- | C] () -- C:\Windows\bnetunin.exe

[2007/04/08 11:21:20 | 000,199,168 | ---- | C] () -- C:\Users\Juju\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2007/04/03 21:27:56 | 000,133,404 | ---- | C] () -- C:\Windows\War3Unin.dat

[2007/04/03 20:25:20 | 000,000,042 | ---- | C] () -- C:\Windows\Acer(Wide).ini

[2007/04/03 20:25:19 | 000,000,044 | ---- | C] () -- C:\Windows\Acer(Normal).ini

[2007/04/03 20:24:07 | 000,016,384 | ---- | C] () -- C:\Windows\System32\LauncheRyAgentUser.exe

[2007/02/06 23:58:10 | 000,204,800 | ---- | C] () -- C:\Windows\System32\NotesActnMenu.dll

[2007/02/06 23:57:58 | 000,266,240 | ---- | C] () -- C:\Windows\System32\NotesExtmngr.dll

[2007/02/06 23:57:20 | 000,086,016 | ---- | C] () -- C:\Windows\System32\MSNSpook.dll

[2007/02/06 23:56:30 | 000,028,672 | ---- | C] () -- C:\Windows\System32\BatchCrypto.dll

[2007/02/06 23:56:28 | 000,073,728 | ---- | C] () -- C:\Windows\System32\APISlice.dll

[2007/02/06 23:52:08 | 000,063,488 | ---- | C] () -- C:\Windows\System32\ShowErrMsg.dll

[2007/01/25 19:31:36 | 000,053,299 | ---- | C] () -- C:\Windows\System32\pthreadVC.dll

[2006/12/25 15:44:48 | 000,022,016 | ---- | C] () -- C:\Windows\System32\MailFormat_U.dll

[2006/12/14 23:41:56 | 000,001,024 | RH-- | C] () -- C:\Windows\System32\NTIBUN4.dll

[2006/12/14 22:41:46 | 000,000,985 | ---- | C] () -- C:\Windows\generic.ini

[2006/12/14 22:41:46 | 000,000,095 | ---- | C] () -- C:\Windows\Alaunch.ini

[2006/12/14 15:18:58 | 000,319,488 | ---- | C] () -- C:\Windows\System32\SysMonitor.exe

[2006/12/14 15:18:57 | 000,331,776 | ---- | C] () -- C:\Windows\System32\ScrollBarLib.dll

[2006/12/14 15:09:35 | 000,013,952 | ---- | C] () -- C:\Windows\System32\drivers\UBHelper.sys

[2006/12/14 14:55:19 | 000,049,152 | ---- | C] () -- C:\Windows\System32\ChCfg.exe

[2006/11/13 05:50:06 | 000,071,680 | ---- | C] () -- C:\Windows\System32\HTCA_SelfExtract.bin

[2006/11/02 17:48:33 | 000,678,804 | ---- | C] () -- C:\Windows\System32\perfh00C.dat

[2006/11/02 17:48:33 | 000,340,236 | ---- | C] () -- C:\Windows\System32\perfi00C.dat

[2006/11/02 17:48:33 | 000,126,420 | ---- | C] () -- C:\Windows\System32\perfc00C.dat

[2006/11/02 17:48:33 | 000,037,390 | ---- | C] () -- C:\Windows\System32\perfd00C.dat

[2006/11/02 14:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat

[2006/11/02 14:47:37 | 000,249,376 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT

[2006/11/02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll

[2006/11/02 12:33:01 | 000,595,798 | ---- | C] () -- C:\Windows\System32\perfh009.dat

[2006/11/02 12:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat

[2006/11/02 12:33:01 | 000,103,872 | ---- | C] () -- C:\Windows\System32\perfc009.dat

[2006/11/02 12:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat

[2006/11/02 12:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat

[2006/11/02 10:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin

[2006/11/02 10:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT

[2006/11/02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini

[2006/11/02 09:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat

[2005/12/22 21:05:46 | 000,015,498 | ---- | C] () -- C:\Windows\VX3000.ini

[2004/12/20 11:08:28 | 000,155,648 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll

[2004/12/20 11:03:26 | 000,679,936 | ---- | C] () -- C:\Windows\System32\xvidcore.dll

[2001/12/26 16:12:30 | 000,065,536 | ---- | C] () -- C:\Windows\System32\multiplex_vcd.dll

[2001/09/03 23:46:38 | 000,110,592 | ---- | C] () -- C:\Windows\System32\Hmpg12.dll

[2001/07/30 16:33:56 | 000,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC.dll

[2001/07/23 22:04:36 | 000,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC_MMX.dll

[1999/01/22 21:46:58 | 000,065,536 | ---- | C] () -- C:\Windows\System32\MSRTEDIT.DLL

========== LOP Check ==========

[2010/04/08 22:11:49 | 000,000,000 | ---D | M] -- C:\Users\Juju\AppData\Roaming\Ableton

[2007/04/06 20:23:31 | 000,000,000 | ---D | M] -- C:\Users\Juju\AppData\Roaming\BitDownload

[2011/05/25 18:47:22 | 000,000,000 | ---D | M] -- C:\Users\Juju\AppData\Roaming\BITS

[2009/10/24 18:20:13 | 000,000,000 | ---D | M] -- C:\Users\Juju\AppData\Roaming\BSplayer

[2009/10/18 13:57:16 | 000,000,000 | ---D | M] -- C:\Users\Juju\AppData\Roaming\BSplayer Pro

[2010/03/25 20:26:51 | 000,000,000 | ---D | M] -- C:\Users\Juju\AppData\Roaming\Canon

[2007/06/11 18:34:24 | 000,000,000 | ---D | M] -- C:\Users\Juju\AppData\Roaming\Command & Conquer 3 Les guerres du Tiberium

[2009/03/29 17:39:58 | 000,000,000 | ---D | M] -- C:\Users\Juju\AppData\Roaming\DataCast

[2010/04/14 18:46:34 | 000,000,000 | ---D | M] -- C:\Users\Juju\AppData\Roaming\FlashGet

[2010/04/14 18:46:30 | 000,000,000 | ---D | M] -- C:\Users\Juju\AppData\Roaming\FlashGetBHO

[2009/09/05 19:45:56 | 000,000,000 | ---D | M] -- C:\Users\Juju\AppData\Roaming\Leadertech

[2009/04/05 14:29:07 | 000,000,000 | ---D | M] -- C:\Users\Juju\AppData\Roaming\NCH Swift Sound

[2010/02/07 20:22:51 | 000,000,000 | ---D | M] -- C:\Users\Juju\AppData\Roaming\PeerNetworking

[2008/09/07 11:43:09 | 000,000,000 | ---D | M] -- C:\Users\Juju\AppData\Roaming\Samsung

[2010/10/27 22:44:20 | 000,000,000 | ---D | M] -- C:\Users\Juju\AppData\Roaming\Windows Live Writer

[2011/05/25 23:53:45 | 000,032,564 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========

========== Custom Scans ==========

< %SYSTEMDRIVE%\*.* >

[2007/04/05 20:27:33 | 000,004,088 | ---- | M] () -- C:\-20070405.log

[2006/09/18 23:43:36 | 000,000,024 | ---- | M] () -- C:\autoexec.bat

[2009/04/11 08:36:36 | 000,333,257 | RHS- | M] () -- C:\bootmgr

[2006/12/14 22:42:18 | 000,008,192 | R-S- | M] () -- C:\BOOTSECT.BAK

[2006/09/18 23:43:37 | 000,000,010 | ---- | M] () -- C:\config.sys

[2011/05/26 18:31:06 | 3757,629,440 | -HS- | M] () -- C:\hiberfil.sys

[2010/07/03 23:02:46 | 000,921,624 | ---- | M] () -- C:\img2-001.raw

[2007/09/02 00:00:28 | 000,000,000 | RHS- | M] () -- C:\IO.SYS

[2009/11/22 19:33:22 | 000,003,760 | ---- | M] () -- C:\LGSInst.Log

[2007/09/02 00:00:28 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS

[2011/05/26 18:31:04 | 4071,235,584 | -HS- | M] () -- C:\pagefile.sys

[2011/05/22 21:58:33 | 000,000,512 | ---- | M] () -- C:\PhysicalDisk0_MBR.bin

[2011/05/26 19:46:49 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin

[2006/12/14 14:55:21 | 000,000,351 | ---- | M] () -- C:\RHDSetup.log

[2006/12/14 15:09:58 | 000,000,178 | ---- | M] () -- C:\setup.log

[2007/04/05 20:30:49 | 000,000,268 | -H-- | M] () -- C:\sqmdata00.sqm

[2007/04/05 20:41:33 | 000,000,232 | -H-- | M] () -- C:\sqmdata01.sqm

[2007/04/21 19:03:29 | 000,000,268 | -H-- | M] () -- C:\sqmdata02.sqm

[2007/05/05 21:42:36 | 000,000,268 | -H-- | M] () -- C:\sqmdata03.sqm

[2007/05/05 21:53:08 | 000,000,268 | -H-- | M] () -- C:\sqmdata04.sqm

[2007/05/21 01:53:48 | 000,000,268 | -H-- | M] () -- C:\sqmdata05.sqm

[2007/06/05 00:54:37 | 000,000,268 | -H-- | M] () -- C:\sqmdata06.sqm

[2007/06/20 23:02:03 | 000,000,232 | -H-- | M] () -- C:\sqmdata07.sqm

[2007/07/06 18:45:25 | 000,000,268 | -H-- | M] () -- C:\sqmdata08.sqm

[2007/07/20 23:49:13 | 000,000,268 | -H-- | M] () -- C:\sqmdata09.sqm

[2007/07/21 16:00:43 | 000,000,268 | -H-- | M] () -- C:\sqmdata10.sqm

[2007/08/05 12:28:49 | 000,000,268 | -H-- | M] () -- C:\sqmdata11.sqm

[2007/08/06 06:47:20 | 000,000,268 | -H-- | M] () -- C:\sqmdata12.sqm

[2007/08/07 00:42:25 | 000,000,268 | -H-- | M] () -- C:\sqmdata13.sqm

[2007/08/07 22:10:56 | 000,000,268 | -H-- | M] () -- C:\sqmdata14.sqm

[2007/04/05 20:30:49 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt00.sqm

[2007/04/05 20:41:33 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt01.sqm

[2007/04/21 19:03:29 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt02.sqm

[2007/05/05 21:42:36 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt03.sqm

[2007/05/05 21:53:08 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt04.sqm

[2007/05/21 01:53:48 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt05.sqm

[2007/06/05 00:54:37 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt06.sqm

[2007/06/20 23:02:03 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt07.sqm

[2007/07/06 18:45:25 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt08.sqm

[2007/07/20 23:49:13 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt09.sqm

[2007/07/21 16:00:43 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt10.sqm

[2007/08/05 12:28:49 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt11.sqm

[2007/08/06 06:47:20 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt12.sqm

[2007/08/07 00:42:25 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt13.sqm

[2007/08/07 22:10:56 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt14.sqm

[2006/12/14 15:13:40 | 000,000,000 | ---- | M] () -- C:\Trace.log

[2008/04/08 20:53:16 | 000,044,551 | ---- | M] () -- C:\Untitled_080408_205236.NBF

[2008/01/13 22:34:54 | 000,000,162 | ---- | M] () -- C:\YServer.txt

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

[2009/11/25 05:18:02 | 000,446,464 | ---- | M] (Advanced Micro Devices, Inc.) Unable to obtain MD5 -- C:\Windows\System32\ATIDEMGX.dll

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\System32\config\*.sav >

[2006/11/02 12:34:05 | 000,008,192 | ---- | M] () -- C:\Windows\System32\config\COMPONENTS.SAV

[2006/11/02 12:34:05 | 000,020,480 | ---- | M] () -- C:\Windows\System32\config\DEFAULT.SAV

[2006/11/02 12:34:05 | 000,008,192 | ---- | M] () -- C:\Windows\System32\config\SECURITY.SAV

[2006/11/02 12:34:08 | 010,133,504 | ---- | M] () -- C:\Windows\System32\config\SOFTWARE.SAV

[2006/11/02 12:34:08 | 001,826,816 | ---- | M] () -- C:\Windows\System32\config\SYSTEM.SAV

< %systemroot%\system32\drivers\*.sys /90 >

[2011/05/10 13:59:35 | 000,019,544 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswFsBlk.sys

[2011/05/10 13:59:44 | 000,053,592 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswMonFlt.sys

[2011/05/10 13:59:56 | 000,025,432 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswRdr.sys

[2011/05/10 14:03:54 | 000,441,176 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswSnx.sys

[2011/05/10 14:03:44 | 000,307,928 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswSP.sys

[2011/05/10 14:02:37 | 000,049,240 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswTdi.sys

< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2011-05-11 21:42:48

< >

< End of report >

et voilà le rapport manquant !

Modifié le 27 mai 2011 par ROUROU

lance_yien · le 27 mai 2011

Imprimer ces instructions ou les enregistrer dans un fichier texte sur le Bureau pour les consulter facilement à tout moment.

>>> Lancer OTL et copier la liste suivante (commençant par :OTL) et la coller dans l'espace sous "Personnalisation" (les : au début et le ] à la fin sont très important, merci de vérifier).

:OTL

O2 - BHO: (no name) - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - No CLSID value found.

O4 - HKLM..\Run: [Acer Tour] File not found

O4 - HKLM..\Run: [eRecoveryService] File not found

O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)

O4 - HKCU..\Run: [捁牥吠畯r] File not found

O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Low Rights present

O9 - Extra Button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - File not found

O9 - Extra 'Tools' menuitem : PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - File not found

O15 - HKCU\..Trusted Domains: kuaiche.com ([software] http in Trusted sites)

[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

:Services

:Reg

:Files

ipconfig /flushdns /c

C:\WINDOWS\tasks\*.job

C:\*.sqm

:Commands

[EMPTYTEMP]

[EMPTYFLASH]

[RESETHOSTS]

Cliquer sur le bouton rouge Correction et laisser faire.

Si un ou plusieurs fichiers ne peuvent pas être supprimés normalement, le programme demandera de redémarrer la machine pour finir le processus, cliquer sur Oui.

A la fin un rapport s'ouvre dans le bloc-note. Copier son contenu et le coller dans une nouvelle réponse. Fermer le rapport et OTL.

Je te laisse le soin de voir ce qu'il y a dans tous ces dossiers et les supprimer si nécessaire. Tu auras sûrement besoin d'"Afficher les dossiers et fichiers cachés" dans les "Options" des dossiers".

-- C:\Users\Juju\AppData\Local\{14482EDE-6BDB-416C-87B4-F921B01D21AD}

-- C:\Users\Juju\AppData\Local\{BF6D3ACE-F33E-4BE7-A0A1-5B3D9AE07ADB}

-- C:\Users\Juju\AppData\Local\{DF6ACB61-3497-4399-8943-AEBAF0C73C36}

-- C:\Users\Juju\AppData\Local\{75991771-1FFD-46F7-B53A-4AA7174F2DEC}

-- C:\Users\Juju\AppData\Local\{7C44A680-5A47-4C33-909B-09B454651195}

-- C:\Users\Juju\AppData\Local\{A38258C2-6D3D-4BB7-A979-30C117F9A28D}

-- C:\Users\Juju\AppData\Local\{EA618ADF-F0A8-41C3-99B8-9806F4893147}

-- C:\Users\Juju\AppData\Local\{FB92A6EC-3624-408A-9E3F-286CF6D187F1}

-- C:\Users\Juju\AppData\Local\{15413796-C272-494A-83D9-2C6DC36E47F7}

-- C:\Users\Juju\AppData\Local\{D36FCAE4-6220-4BC8-A651-C22FA3BB4782}

-- C:\Users\Juju\AppData\Local\{E923B3FE-CED8-4C49-9ACB-999334546A51}

-- C:\Users\Juju\AppData\Local\{E006730F-0E4D-4A21-AAC2-70A428AF3CA6}

-- C:\Users\Juju\AppData\Local\{DD455598-4AB6-482E-AA1F-304766906E94}

-- C:\Users\Juju\AppData\Local\{10B1EBAE-1656-41A3-B645-C8ED1924983B}

-- C:\Users\Juju\AppData\Local\{8A6E0543-984F-48BF-8EB7-12A6BA4F55F3}

-- C:\Users\Juju\AppData\Local\{D17B0764-E4FC-4902-BEA1-C287A0FD284F}

-- C:\Users\Juju\AppData\Local\{40A453CE-2121-4645-83A5-2EA080A3D5B2}

-- C:\Users\Juju\AppData\Local\{8EC052D5-6C20-411D-B7E0-42B5612F4DA1}

-- C:\Users\Juju\AppData\Local\{3B94A6D7-EC3D-4FAB-925B-DB8A499ADC62}

-- C:\Users\Juju\AppData\Local\{C6E71F73-748F-4678-BEF1-610750DB50B2}

-- C:\Users\Juju\AppData\Local\{F80D6603-D2FA-4B03-8AB1-24B8E2D3006C}

-- C:\Users\Juju\AppData\Local\{D7EBACD6-0C15-499A-A0E2-EC07804F6973}

>>> Mises à jour: Toute ancienne version d'un programme quel qu'il soit peut comporter des vulnérabilités susceptibles d'être exploitées pour infecter un PC et notre meilleur moyen pour limiter les dégâts c'est la mise à jour régulièrement[/b]:

Java: Utiliser, IMPÉRATIVEMENT, Internet Explorer pour téléchargez (sur le Bureau) la dernière version qui correspond à votre Système d'exploitation (pour toi c'est 32bits): Téléchargements Java pour tous les systèmes d'exploitation.

Avant l'installation il est important de commencer par supprimer TOUTES les anciennes versions dans votre machine parce qu'elles peuvent contenir des vulnérabilités de sécurité:
Cliquer sur "Démarrer" => "Panneau de Configuration" => "Ajout/ Suppr des Programmes".
Chercher, dans la liste les lignes concernant Java (J2SE Runtime Environment.... ) et repérables avec cette icône .
Sélectionner une ligne à la fois et cliquer sur Modifier/ Supprimer.
Quand il n'y en a plus fermez tout et installez la nouvelle version en cliquant sur le fichier que vous avez téléchargé.
Ta version de Adobe Acrobat Reader n'est pas à jour. La désinstaller et télécharger la dernière version ici (Décocher la case Inclure dans votre téléchargement).

>>> StartUpLite Il y a toujours des programmes qui se lancent INUTILEMENT en même temps que Windows.

Télécharger, sur le Bureau MBAM' StartUpLite depuis ici.

Cliquer-droit sur StartUpLite.exe => "Exécuter en tant qu'administrateur" pour lancer le programme.

Il affichera toutes les entrées inutiles en démarrage automatique. Sélectionner TOUTES les entrées affichées et cliquer sur Continue.

S'il affiche "No unnecessary startups found!", c'est qu'il n'y a rien à faire.

>>> Nettoyer avec CCleaner et défragmenter.

Rapports demandés: OTL.txt. Est-ce mieux?

ROUROU · le 28 mai 2011

Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897}\ not found.

Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Acer Tour not found.

Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\eRecoveryService not found.

Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Windows Defender not found.

File move failed. C:\Program Files\Windows Defender\MSASCui.exe scheduled to be moved on reboot.

Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\捁牥吠畯r not found.

Registry key HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Low Rights\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{B7FE5D70-9AA2-40F1-9C6B-12A255F085E1}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B7FE5D70-9AA2-40F1-9C6B-12A255F085E1}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{B7FE5D70-9AA2-40F1-9C6B-12A255F085E1}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B7FE5D70-9AA2-40F1-9C6B-12A255F085E1}\ not found.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\kuaiche.com\software\ not found.

File/Folder C:\Windows\*.tmp not found.

========== SERVICES/DRIVERS ==========

========== REGISTRY ==========

========== FILES ==========

< ipconfig /flushdns /c >

Configuration IP de Windows

Cache de r‚solution DNS vid‚.

C:\Users\Juju\Desktop\cmd.bat deleted successfully.

C:\Users\Juju\Desktop\cmd.txt deleted successfully.

File\Folder C:\WINDOWS\tasks\*.job not found.

File\Folder C:\*.sqm not found.

========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 0 bytes

User: Default User

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 0 bytes

User: Juju

->Temp folder emptied: 74249 bytes

->Temporary Internet Files folder emptied: 800578 bytes

->Java cache emptied: 64101129 bytes

->Flash cache emptied: 7613 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes

%systemroot% .tmp files removed: 0 bytes

%systemroot%\System32 .tmp files removed: 0 bytes

%systemroot%\System32\drivers .tmp files removed: 0 bytes

Windows Temp folder emptied: 3270 bytes

%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes

RecycleBin emptied: 0 bytes

Total Files Cleaned = 62,00 mb

[EMPTYFLASH]

User: All Users

User: Default

User: Default User

User: Juju

->Flash cache emptied: 0 bytes

User: Public

Total Flash Files Cleaned = 0,00 mb

C:\Windows\System32\drivers\etc\Hosts moved successfully.

HOSTS file reset successfully

OTL by OldTimer - Version 3.2.23.0 log created on 05282011_180830

Files\Folders moved on Reboot...

File move failed. C:\Program Files\Windows Defender\MSASCui.exe scheduled to be moved on reboot.

C:\Users\Juju\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\NCWR5XTQ\afr[1].htm moved successfully.

C:\Users\Juju\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\ICMVSM2V\addyn_3[1].js moved successfully.

C:\Users\Juju\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\ICMVSM2V\test_domain[1].js moved successfully.

C:\Users\Juju\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\7CFIB8ZR\like[1].htm moved successfully.

C:\Users\Juju\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\0HEP4290\ban_home_728x90[1].htm moved successfully.

C:\Users\Juju\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\0HEP4290\infection-detectee-t185498[1].htm moved successfully.

C:\Users\Juju\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\AntiPhishing\ED8654D5-B9F0-4DD9-B3E8-F8F560086FDF.dat moved successfully.

C:\Users\Juju\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\MSIMGSIZ.DAT moved successfully.

File move failed. C:\Windows\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.

Registry entries deleted on Reboot...

Voila le rapport

la défrag a été faite très récemment ainsi que le cc cleaner

pour les maj je les ai déjà faites suite à ton avant dernier post

Rien de changé malheureusement ..

lance_yien · le 28 mai 2011

Désolé pour les MAJ

Essaie de redémarrer ton PC après avoir débranché toutes les machine qui y sont branchées (imprimantes, disques durs externes etc...) et vois ce que cela donne.

Sile problème semble être résolu, branche tes machines une seule à la fois et vérifier le démarrage.

Quelque soit le résultat,

Fermer toutes les applications et fenêtres ouvertes et lancer OTL.

Sans rien changer ni rien ajouter, cliquer sur le bouton bleu Analyse et laisser faire.

Copier/ Coller le contenu du rapport généré.

Rapports demandés:

OTL.txt

Alors?

Connexion

Pas encore inscrit ?

Infection détectée

Messages recommandés

lance_yien

ROUROU

lance_yien

ROUROU

ROUROU

lance_yien

ROUROU

lance_yien

ROUROU

lance_yien

Rejoindre la conversation

En ligne récemment 0 membre est en ligne

Zebulon

Outils en ligne

Naviguer