VIRUS : GENERIC DROPPER qui peut m'aider ?!

Amelie mélie mélo · le 13 Jan 2011 18:01

J'ai besoin d'aide! avg m'annonce des menaces!! je sais pas trop quoi faire!

Gordon · le 13 Jan 2011 18:05

BONJOUR!

(Non, dieu ne tue pas un petit chaton à chaque bonjour, donc autant en profiter)

1) Rester calme
2) Préparer sa demande d'aide de désinfection
3) Attendre patiemment qu'un helper passe s'occuper de ton cas.

++

Amelie mélie mélo · le 13 Jan 2011 18:10

hi hi hi!!! bonjour!!
ça me fout tellemnet les boules que j'en oublie la politesse!
désolé.
Merci

Amelie mélie mélo · le 13 Jan 2011 18:22

je dois lancer "otl"?

jeanmimigab · le 13 Jan 2011 18:22

hello vous deux,

Bienvenue sur PC Infopratique Amelie mélie mélo

je dois lancer "otl"?

OUI, suis bien les instruction de la procédure indiquée par Gordon

@Gordon

Amelie mélie mélo · le 13 Jan 2011 18:28

Salut!!

Merci pr ton msg! je viens de le lancer.
on verra la suite!!!
merci

psychocat · le 13 Jan 2011 18:37

'lu

suis cette procédure au pied de la lettre :

- ouvre le gestionnaire de tache avec CTRL ALT et suppr , tu clic sur l'onglet processus et dans la liste tu localise et arrête "generic.dropper.in" et tu ferme le gestionnaire de tache

- sous XP tu fait démarrer et exécuter ou sous vista /seven tu fait démarrer , tout les programmes , accessoires et exécuter

- tu tape la commande REGEDIT et OK l'éditeur de registre s'ouvre , maintenant tu développe l'arborescence suivante :
HKEY_LOCAL_MACHINE\Software et tu localise puis supprime "generic.dropper.in" . ferme l'éditeur de registre .

- depuis ton poste de travail tu va sur ton disque dur puis dans : program files / generic dropper.in qui contient le fichier generic dropper.in.exe. ! tu supprime l'ensemble ( mais surtout pas program files , hein déconne pas )!

- télécharge et installe ccleaner , tu fait analyser et nettoyer ensuite tu redémarre le PC !

Amelie mélie mélo · le 13 Jan 2011 18:42

Yeah!!! merci!!!!
mais là je suis la procédure de gordon en faite!! j'ai lancé otl.
Je fais quoi je l'arréte? car ça à pas du tout l'air d'étre pareil les 2 cas?!!

Skynet · le 13 Jan 2011 18:50

Code: Tout sélectionner: OTL Extras logfile created on: 13/01/2011 18:25:53 - Run 1 OTL by OldTimer - Version 3.2.20.2 Folder = C:\Users\amélie\Desktop Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18999) Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy 2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 29,00% Memory free 4,00 Gb Paging File | 2,00 Gb Available in Paging File | 60,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 232,88 Gb Total Space | 61,72 Gb Free Space | 26,50% Space Free | Partition Type: NTFS Computer Name: PC-DE-AMÉLIE | User Name: amélie | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation) .hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation) .html [@ = ChromeHTML] -- Reg Error: Key error. File not found [HKEY_USERS\S-1-5-21-4185687916-3612499721-706189786-1000\SOFTWARE\Classes\<extension>] .exe [@ = exefile] -- Reg Error: Key error. File not found .html [@ = ChromeHTML] -- Reg Error: Key error. File not found [color=#E56717]========== Shell Spawning ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation) http [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" https [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation) scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~3\Office12\ONENOTE.EXE "%L" Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] "DisableMonitoring" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] "DisableMonitoring" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] "DisableMonitoring" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 "VistaSp1" = Reg Error: Unknown registry data type -- File not found "VistaSp2" = Reg Error: Unknown registry data type -- File not found [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [color=#E56717]========== Firewall Settings ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DisableNotifications" = 0 "EnableFirewall" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 "DoNotAllowExceptions" = 1 [color=#E56717]========== Authorized Applications List ==========[/color] [color=#E56717]========== Vista Active Open Ports Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{7C512D1D-DBDB-4511-BBE2-18AFC326A9E5}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe | "{B0521BF7-D647-41CD-8751-6474164B2E90}" = lport=2869 | protocol=6 | dir=in | app=system | "{D62076F9-6FA9-43DC-A7BE-DED91F6366C0}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe | [color=#E56717]========== Vista Active Application Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{19DA5937-37D5-4A27-B560-0EA6A7EBEF42}" = dir=in | app=c:\program files\avg\avg8\avgnsx.exe | "{2BF1B30A-E70B-40C0-A49B-E32E0357E594}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | "{5DE2C203-A710-4888-A4A0-B03BC6F9F7EE}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | "{6DF6AEE7-DD6C-4E48-B6C6-5F7E89B7F96C}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe | "{914174F0-7119-493A-93B2-9605698F0671}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe | "{E8F03D01-B9D0-465F-B698-68FF4BFAA86D}" = dir=in | app=c:\program files\avg\avg8\avgupd.exe | "TCP Query User{17D6489A-DFA8-4656-99E2-F1B997D47959}C:\program files\shareaza\shareaza.exe" = protocol=6 | dir=in | app=c:\program files\shareaza\shareaza.exe | "TCP Query User{2D93F5D6-E31E-4EB6-A594-2DB46C0DF52B}C:\program files\emule\emule.exe" = protocol=6 | dir=in | app=c:\program files\emule\emule.exe | "TCP Query User{2E308D33-0970-41E1-82BD-74CB73B1B213}C:\program files\imesh applications\imesh\imesh.exe" = protocol=6 | dir=in | app=c:\program files\imesh applications\imesh\imesh.exe | "TCP Query User{38F9AB96-8A05-4AB8-B5CA-916641B1DDA4}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe | "TCP Query User{67200002-4891-48F1-87F8-8BB434D81B42}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe | "UDP Query User{47E44B82-B4C6-4DB4-ABBD-BA76A28E1BEF}C:\program files\emule\emule.exe" = protocol=17 | dir=in | app=c:\program files\emule\emule.exe | "UDP Query User{5D0183A6-CFDC-4515-B8C5-DC41C631CC6E}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe | "UDP Query User{7E728CC7-63FD-4A4C-9B93-5593966A3812}C:\program files\shareaza\shareaza.exe" = protocol=17 | dir=in | app=c:\program files\shareaza\shareaza.exe | "UDP Query User{8B147FA3-9BD0-4D62-9F24-E9FC96B25B0E}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe | "UDP Query User{BA0B46EA-4F48-44AB-8C39-B05694E9B644}C:\program files\imesh applications\imesh\imesh.exe" = protocol=17 | dir=in | app=c:\program files\imesh applications\imesh\imesh.exe | [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{0394CDC8-FABD-4ed8-B104-03393876DFDF}" = Roxio Creator Tools "{06E6E30D-B498-442F-A943-07DE41D7F785}" = Microsoft Search Enhancement Pack "{0D2E9DCB-9938-475E-B4DD-8851738852FF}" = AIO_Scan "{0D397393-9B50-4c52-84D5-77E344289F87}" = Roxio Creator Data "{0F5B4A82-9DAF-3D13-8CB8-AEB25E4A614E}" = Microsoft .NET Framework 4 Client Profile FRA Language Pack "{11F93B4B-48F0-4A4E-AE77-DFA96A99664B}" = Roxio Creator EasyArchive "{133742BA-6F46-4D3E-85AF-78631D9AD8B8}" = Installation Windows Live "{1746EA69-DCB6-4408-B5A5-E75F55439CDF}" = Scan "{179C56A4-F57F-4561-8BBF-F911D26EB435}" = WebReg "{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate "{1ABBDA67-0F1B-4DEB-910A-177F13D866DD}" = USB Video Camera Driver v1.40 "{1AE3E621-E0C0-4aa1-B10B-B3E353A8D110}" = c3100_Help "{1EE04769-91C4-4A06-92B7-FCAFE6BABDD9}" = Galerie de photos Windows Live "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Outil de téléchargement Windows Live "{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT "{230B83A5-7D88-4B95-B71E-F44C0C78B002}" = Windows Live Movie Maker "{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer "{26A24AE4-039D-4CA4-87B4-2F83216012FF}" = Java(TM) 6 Update 12 "{282E5AB2-8E47-4571-B6FA-6B512555B557}" = HP Photosmart.All-In-One Driver Software 8.0 .A "{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform "{35E1EC43-D4FC-4E4A-AAB3-20DDA27E8BB0}" = Roxio Activation Module "{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile "{3E31821C-7917-367E-938E-E65FC413EA31}" = Microsoft .NET Framework 3.5 Language Pack SP1 - fra "{40F7AED3-0C7D-4582-99F6-484A515C73F2}" = HP Easy Setup - Frontend "{445B183D-F4F1-45C8-B9DB-F11355CA657B}" = Windows Live Messenger "{44F5A980-8A6B-4aca-8D85-EFCE5D67D379}" = AIO_CDA_ProductContext "{4634B21A-CC07-4396-890C-2B8168661FEA}" = Windows Live Writer "{49F2B650-2D7B-4F59-B33D-346F63776BD3}" = DocProc "{55979C41-7D6A-49CC-B591-64AC1BBE2C8B}" = HP Picasso Media Center Add-In "{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml "{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}" = Microsoft Office Live Add-in 1.3 "{5DD76286-9BE7-4894-A990-E905E91AC818}" = Windows Live Mail "{619CDD8A-14B6-43a1-AB6C-0F4EE48CE048}" = Roxio Creator Copy "{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites "{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler 3 "{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder "{67D3F1A0-A1F2-49b7-B9EE-011277B170CD}" = HPProductAssistant "{6AF49698-949A-4C89-9B31-041D2CCB5FBD}" = muvee autoProducer 6.0 "{6B1CB38D-E2E4-4a30-933D-EFDEBA76AD9C}" = Microsoft Works "{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{75E71ADD-042C-4F30-BFAC-A9EC42351313}" = Python 2.4.3 "{76810709-A7D3-468D-9167-A1780C1E766C}" = Windows Live FolderShare "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 "{7A7DC702-DEDE-42A8-8722-B3BA724D546F}" = Fax "{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec "{83FFCFC7-88C6-41c6-8752-958A45325C82}" = Roxio Creator Audio "{87E2B986-07E8-477a-93DC-AF0B6758B192}" = DocProcQFolder "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86) "{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player "{8C6027FD-53DC-446D-BB75-CACD7028A134}" = HP Update "{8E5233E1-7495-44FB-8DEB-4BE906D59619}" = Junk Mail filter update "{90120000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2007 "{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581) "{90120000-0015-040C-0000-0000000FF1CE}" = Microsoft Office Access MUI (French) 2007 "{90120000-0015-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0016-040C-0000-0000000FF1CE}" = Microsoft Office Excel MUI (French) 2007 "{90120000-0016-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0016-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0018-040C-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (French) 2007 "{90120000-0018-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0018-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0019-040C-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (French) 2007 "{90120000-0019-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001A-040C-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (French) 2007 "{90120000-001A-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001B-040C-0000-0000000FF1CE}" = Microsoft Office Word MUI (French) 2007 "{90120000-001B-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001B-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001F-0401-0000-0000000FF1CE}" = Microsoft Office Proof (Arabic) 2007 "{90120000-001F-0401-0000-0000000FF1CE}_HOMESTUDENTR_{14809F99-C601-4D4A-9391-F1E8FAA964C5}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-0401-0000-0000000FF1CE}_PROPLUS_{14809F99-C601-4D4A-9391-F1E8FAA964C5}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007 "{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-0407-0000-0000000FF1CE}_PROPLUS_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007 "{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-0409-0000-0000000FF1CE}_PROPLUS_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007 "{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-040C-0000-0000000FF1CE}_PROPLUS_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-0413-0000-0000000FF1CE}" = Microsoft Office Proof (Dutch) 2007 "{90120000-001F-0413-0000-0000000FF1CE}_HOMESTUDENTR_{D66D5A44-E480-4BA4-B4F2-C554F6B30EBB}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-0413-0000-0000000FF1CE}_PROPLUS_{D66D5A44-E480-4BA4-B4F2-C554F6B30EBB}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007 "{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-0C0A-0000-0000000FF1CE}_PROPLUS_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-002C-040C-0000-0000000FF1CE}" = Microsoft Office Proofing (French) 2007 "{90120000-0044-040C-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (French) 2007 "{90120000-0044-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-006E-040C-0000-0000000FF1CE}" = Microsoft Office Shared MUI (French) 2007 "{90120000-006E-040C-0000-0000000FF1CE}_HOMESTUDENTR_{B165D3C2-40AE-4D39-86F7-E5C87C4264C0}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-006E-040C-0000-0000000FF1CE}_PROPLUS_{B165D3C2-40AE-4D39-86F7-E5C87C4264C0}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-00A1-040C-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (French) 2007 "{90120000-00A1-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2) "{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007 "{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2) "{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581) "{938B1CD7-7C60-491E-AA90-1F1888168240}" = Roxio MyDVD Basic v9 "{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting "{95120000-0122-040C-0000-0000000FF1CE}" = Microsoft Office Outlook Connector "{95D08F4E-DFC2-4ce3-ACB7-8C8E206217E9}" = MarketResearch "{978C25EE-5777-46e4-8988-732C297CBDBD}" = Status "{9B1FD9CE-0776-4f0b-A6F5-C6AB7B650CDF}" = Destinations "{9D6524E6-15CF-4852-BF70-04FE973A3DE1}" = Windows Live Toolbar "{9DBA770F-BF73-4D39-B1DF-6035D95268FC}" = HP Customer Feedback "{9FF9FDF7-F84A-4F99-B4BB-066B6F95F33D}" = Windows Live Contrôle parental "{A36CD345-625C-4d6c-B3E2-76E1248CB451}" = SolutionCenter "{A3B7C670-4A1E-4EE2-950E-C875BC1965D0}" = Copy "{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder "{AB5E289E-76BF-4251-9F3F-9B763F681AE0}" = HP Customer Experience Enhancements "{AB61E316-F10B-43eb-B47F-42095835F9CC}" = C3100 "{AC76BA86-7AD7-1036-7B44-A80000000002}" = Adobe Reader 8 - Français "{AF1C9345-B53D-4110-BFBF-A0DD83AEAB83}" = AIO_CDA_Software "{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter "{B1BDEA80-95CE-4DFB-B9D3-DC800E7F87B4}" = TRENDnet TEW-424UB Wireless USB 2.0 Adapter Vista Driver and Utility "{B3B487E7-6171-4376-9074-B28082CEB504}" = Windows Live Call "{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player "{B7C61755-DB48-4003-948F-3D34DB8EAF69}" = MSRedist "{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86) "{BE77A81F-B315-4666-9BF3-AE70C0ADB057}" = BufferChm "{C716522C-3731-4667-8579-40B098294500}" = Toolbox "{C8B0680B-CDAE-4809-9F91-387B6DE00F7C}" = Roxio Creator Basic v9 "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{CE386A4E-D0DA-4208-8235-BCE43275C694}" = LightScribe 1.4.142.1 "{D533C9D4-ED96-4191-B9C3-279C0DD6BABA}" = Sony Noise Reduction Plug-In 2.0e "{D6D5CB84-0E6E-4E69-B300-C690B6911036}" = Nero 8 "{DBEA1034-5882-4A88-8033-81C4EF0CFA29}" = Google Toolbar for Internet Explorer "{DCE8CD14-FBF5-4464-B9A4-E18E473546C7}" = Assistant de connexion Windows Live "{DF8195AF-8E6F-4487-A0EE-196F7E3F4B8A}" = jetAudio Basic "{E06F04B9-45E6-4AC0-8083-85F7515F40F7}" = UnloadSupport "{EB21A812-671B-4D08-B974-2A347F0D8F70}" = HP Photosmart Essential "{EB75DE50-5754-4F6F-875D-126EDF8E4CB3}" = HPSSupply "{EBA29752-DDD2-4B62-B2E3-9841F92A3E3A}" = Samsung PC Studio 3 USB Driver Installer "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU] "{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{F1E63043-54FC-429B-AB2C-31AF9FBA4BC7}" = 32 Bit HP CIO Components Installer "{FF075778-6E50-47ed-991D-3B07FD4E3250}" = TrayApp "Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites "Adobe Acrobat 5.0" = Adobe Acrobat 5.0 "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Audacity_is1" = Audacity 1.2.6 "avast5" = avast! Free Antivirus "AVG8Uninstall" = AVG 8.5 "CCleaner" = CCleaner "Cole2k Media - Codec Pack" = Cole2k Media - Codec Pack (Advanced) "DVD Shrink_is1" = DVD Shrink 3.1.7 "HOMESTUDENTR" = Microsoft Office Home and Student 2007 "HP Imaging Device Functions" = HP Imaging Device Functions 8.0 "HP Solution Center & Imaging Support Tools" = HP Solution Center 8.0 "HPExtendedCapabilities" = HP Customer Participation Program 8.0 "HPOCR" = HP OCR Software 8.0 "imeshmediabartb" = MediaBar "InstallShield_{B1BDEA80-95CE-4DFB-B9D3-DC800E7F87B4}" = TRENDnet TEW-424UB Wireless USB 2.0 Adapter Vista Driver and Utility "Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware "Microsoft .NET Framework 3.5 Language Pack SP1 - fra" = Module linguistique Microsoft .NET Framework 3.5 SP1- fra "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Client Profile FRA Language Pack" = Module linguistique Microsoft .NET Framework 4 Client Profile FRA "Neuf_Kit" = Akeo - Kit de connexion "ngnfmfmf" = Favorit "NVIDIA Drivers" = NVIDIA Drivers "OsdMaestro" = HP On-Screen Cap/Num/Scroll Lock Indicator "PC-Doctor 5 for Windows" = Outils de diagnostic du matériel "PROPLUS" = Microsoft Office Professional Plus 2007 "SAMSUNG CDMA Modem" = SAMSUNG CDMA Modem Driver Set "SAMSUNG Mobile USB Modem" = SAMSUNG Mobile USB Modem Software "SAMSUNG Mobile USB Modem 1.0" = SAMSUNG Mobile USB Modem 1.0 Software "The KMPlayer" = The KMPlayer (remove only) "Traduction française jetAudio 7.1x_is1" = jetAudio 7 - Traduction française "Visual Généalogie_is1" = Visual Généalogie "VLC media player" = VideoLAN VLC media player 0.8.5 "WinLiveSuite_Wave3" = Installation Windows Live "WinRAR archiver" = Archiveur WinRAR "ZHPDiag_is1" = ZHPDiag 1.25 [color=#E56717]========== Last 10 Event Log Errors ==========[/color] [ Application Events ] Error - 21/04/2010 00:57:54 | Computer Name = PC-de-amélie | Source = Windows Search Service | ID = 3026 Description = Error - 27/04/2010 07:36:56 | Computer Name = PC-de-amélie | Source = Application Hang | ID = 1002 Description = Le programme WINWORD.EXE version 12.0.6514.5000 a cessé d’interagir avec Windows et a été fermé. Pour déterminer si des informations supplémentaires sont disponibles, consultez l’historique du problème dans l’application Rapports et solutions aux problèmes du Panneau de configuration. ID de processus : 17f8 Heure de début : 01cae5fc069d6ca0 Heure de fin : 0 Error - 01/05/2010 02:57:40 | Computer Name = PC-de-amélie | Source = Application Error | ID = 1000 Description = Application défaillante NMIndexStoreSvr.exe, version 3.3.3.0, horodatage 0x47c6bd1b, module défaillant NMIndexStoreSvr.exe, version 3.3.3.0, horodatage 0x47c6bd1b, code d’exception 0xc0000005, décalage d’erreur 0x000c463c, ID du processus 0x984, heure de début de l’application 0x01cae8fb88d7cbe3. Error - 01/05/2010 12:47:38 | Computer Name = PC-de-amélie | Source = Application Error | ID = 1000 Description = Application défaillante iexplore.exe, version 8.0.6001.18904, horodatage 0x4b835fec, module défaillant mshtml.dll, version 8.0.6001.18904, horodatage 0x4b837769, code d’exception 0xc0000005, décalage d’erreur 0x001f0ec8, ID du processus 0x155c, heure de début de l’application 0x01cae94dc61e2c86. Error - 04/05/2010 02:44:36 | Computer Name = PC-de-amélie | Source = Application Error | ID = 1000 Description = Application défaillante msnmsgr.exe, version 14.0.8089.726, horodatage 0x4a6ce533, module défaillant UXCore.dll, version 14.0.8064.206, horodatage 0x498cdee0, code d’exception 0xc0000005, décalage d’erreur 0x000736cc, ID du processus 0xfec, heure de début de l’application 0x01caeb51d5baadf6. Error - 06/05/2010 06:42:53 | Computer Name = PC-de-amélie | Source = Application Error | ID = 1000 Description = Application défaillante msnmsgr.exe, version 14.0.8089.726, horodatage 0x4a6ce533, module défaillant PresenceIM.dll, version 14.0.8089.726, horodatage 0x4a6ce51e, code d’exception 0xc0000005, décalage d’erreur 0x0003627f, ID du processus 0x888, heure de début de l’application 0x01caecda9c354a69. Error - 07/05/2010 09:47:05 | Computer Name = PC-de-amélie | Source = Application Error | ID = 1000 Description = Application défaillante NMIndexStoreSvr.exe, version 3.3.3.0, horodatage 0x47c6bd1b, module défaillant NMIndexStoreSvr.exe, version 3.3.3.0, horodatage 0x47c6bd1b, code d’exception 0xc0000005, décalage d’erreur 0x000c463c, ID du processus 0xd7c, heure de début de l’application 0x01caedebabd8ad50. Error - 15/05/2010 12:37:01 | Computer Name = PC-de-amélie | Source = Application Error | ID = 1000 Description = Application défaillante NMIndexStoreSvr.exe, version 3.3.3.0, horodatage 0x47c6bd1b, module défaillant NMIndexStoreSvr.exe, version 3.3.3.0, horodatage 0x47c6bd1b, code d’exception 0xc0000005, décalage d’erreur 0x000c463c, ID du processus 0x7b8, heure de début de l’application 0x01caf44cc45551fa. Error - 20/05/2010 09:37:11 | Computer Name = PC-de-amélie | Source = Application Error | ID = 1000 Description = Application défaillante hpqscnvw.exe, version 8.1.0.52, horodatage 0x458016e1, module défaillant hpqscnvw.exe, version 8.1.0.52, horodatage 0x458016e1, code d’exception 0xc0000005, décalage d’erreur 0x00009b0e, ID du processus 0x15a4, heure de début de l’application 0x01caf82189daf5b0. Error - 20/05/2010 14:46:39 | Computer Name = PC-de-amélie | Source = WindowsLiveMessenger | ID = 15728647 Description = [ Media Center Events ] Error - 11/11/2007 06:42:03 | Computer Name = PC-de-amélie | Source = Media Center Guide | ID = 0 Description = Info sur l’événement : ERROR: SqmApiWrapper.TimerRecord failed; Win32 GetLastError returned 10000105 Processus : DefaultDomain Nom de l’objet : Media Center Guide Error - 03/02/2008 15:55:07 | Computer Name = PC-de-amélie | Source = Media Center Guide | ID = 0 Description = Info sur l’événement : ERROR: SqmApiWrapper.TimerRecord failed; Win32 GetLastError returned 10000105 Processus : DefaultDomain Nom de l’objet : Media Center Guide Error - 26/07/2008 08:06:42 | Computer Name = PC-de-amélie | Source = Media Center Guide | ID = 0 Description = Info sur l’événement : ERROR: SqmApiWrapper.TimerRecord failed; Win32 GetLastError returned 10000105 Processus : DefaultDomain Nom de l’objet : Media Center Guide Error - 31/12/2008 07:51:10 | Computer Name = PC-de-amélie | Source = Media Center Guide | ID = 0 Description = Info sur l’événement : ERROR: SqmApiWrapper.TimerRecord failed; Win32 GetLastError returned 10000105 Processus : DefaultDomain Nom de l’objet : Media Center Guide Error - 31/12/2008 08:22:02 | Computer Name = PC-de-amélie | Source = Media Center Guide | ID = 0 Description = Info sur l’événement : ERROR: SqmApiWrapper.TimerRecord failed; Win32 GetLastError returned 10000105 Processus : DefaultDomain Nom de l’objet : Media Center Guide Error - 13/02/2009 07:50:46 | Computer Name = PC-de-amélie | Source = Media Center Guide | ID = 0 Description = Info sur l’événement : ERROR: SqmApiWrapper.TimerRecord failed; Win32 GetLastError returned 10000105 Processus : DefaultDomain Nom de l’objet : Media Center Guide [ OSession Events ] Error - 22/06/2008 03:44:11 | Computer Name = PC-de-amélie | Source = Microsoft Office 12 Sessions | ID = 7001 Description = ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 636 seconds with 540 seconds of active time. This session ended with a crash. Error - 25/08/2008 11:14:51 | Computer Name = PC-de-amélie | Source = Microsoft Office 12 Sessions | ID = 7001 Description = ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 1879 seconds with 1680 seconds of active time. This session ended with a crash. Error - 26/03/2009 15:13:15 | Computer Name = PC-de-amélie | Source = Microsoft Office 12 Sessions | ID = 7001 Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application Version: 12.0.6300.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 2 seconds with 0 seconds of active time. This session ended with a crash. Error - 27/04/2009 05:38:02 | Computer Name = PC-de-amélie | Source = Microsoft Office 12 Sessions | ID = 7001 Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application Version: 12.0.6300.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 81 seconds with 60 seconds of active time. This session ended with a crash. Error - 27/04/2009 05:38:46 | Computer Name = PC-de-amélie | Source = Microsoft Office 12 Sessions | ID = 7001 Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application Version: 12.0.6300.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 35 seconds with 0 seconds of active time. This session ended with a crash. Error - 18/06/2009 04:42:43 | Computer Name = PC-de-amélie | Source = Microsoft Office 12 Sessions | ID = 7001 Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6504.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 5 seconds with 0 seconds of active time. This session ended with a crash. Error - 29/09/2009 05:10:38 | Computer Name = PC-de-amélie | Source = Microsoft Office 12 Sessions | ID = 7001 Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6504.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 4 seconds with 0 seconds of active time. This session ended with a crash. Error - 25/12/2010 04:43:04 | Computer Name = PC-de-amélie | Source = Microsoft Office 12 Sessions | ID = 7001 Description = ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 807 seconds with 780 seconds of active time. This session ended with a crash. Error - 25/12/2010 04:43:25 | Computer Name = PC-de-amélie | Source = Microsoft Office 12 Sessions | ID = 7001 Description = ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 3 seconds with 0 seconds of active time. This session ended with a crash. Error - 25/12/2010 04:44:43 | Computer Name = PC-de-amélie | Source = Microsoft Office 12 Sessions | ID = 7001 Description = ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 12 seconds with 0 seconds of active time. This session ended with a crash. [ System Events ] Error - 11/01/2011 11:00:52 | Computer Name = PC-de-amélie | Source = Service Control Manager | ID = 7026 Description = Error - 12/01/2011 01:21:34 | Computer Name = PC-de-amélie | Source = Service Control Manager | ID = 7026 Description = Error - 12/01/2011 05:48:18 | Computer Name = PC-de-amélie | Source = Service Control Manager | ID = 7026 Description = Error - 12/01/2011 15:00:00 | Computer Name = PC-de-amélie | Source = Service Control Manager | ID = 7026 Description = Error - 12/01/2011 15:10:31 | Computer Name = PC-de-amélie | Source = EventLog | ID = 6008 Description = L'arrêt système précédant à 20:08:19 le 12/01/2011 n'était pas prévu. Error - 12/01/2011 15:10:54 | Computer Name = PC-de-amélie | Source = RasMan | ID = 20033 Description = Le Gestionnaire de connexion d'accès à distance n'a pas réussi à démarrer, car il n'a pas pu s'inscrire auprès de l'autorité de sécurité locale. Essayez de redémarrer le service du Gestionnaire de connexion d'accès à distance. Si le problème persiste, contactez l'administrateur système. Fonction incorrecte. Error - 13/01/2011 04:05:56 | Computer Name = PC-de-amélie | Source = Service Control Manager | ID = 7026 Description = Error - 13/01/2011 04:35:07 | Computer Name = PC-de-amélie | Source = Service Control Manager | ID = 7026 Description = Error - 13/01/2011 12:31:27 | Computer Name = PC-de-amélie | Source = Service Control Manager | ID = 7011 Description = Error - 13/01/2011 12:41:16 | Computer Name = PC-de-amélie | Source = Service Control Manager | ID = 7026 Description = < End of report >

psychocat · le 13 Jan 2011 18:52

c'est normalement la procédure ou il se loge , donc de la mienne tu peux l'éradiquer directement mais au cas ou garde le reste sous le coude et gordon reprendra ensuite si nécessaire ( on sais jamais ) :wink:

PS : merci d'utiliser les balises pour coller t'es rapports

Amelie mélie mélo · le 13 Jan 2011 18:53

j'en ai 2?? je le pose l'autre

Code: Tout sélectionner: OTL Extras logfile created on: 13/01/2011 18:25:53 - Run 1 OTL by OldTimer - Version 3.2.20.2 Folder = C:\Users\amélie\Desktop Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18999) Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy 2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 29,00% Memory free 4,00 Gb Paging File | 2,00 Gb Available in Paging File | 60,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 232,88 Gb Total Space | 61,72 Gb Free Space | 26,50% Space Free | Partition Type: NTFS Computer Name: PC-DE-AMÉLIE | User Name: amélie | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation) .hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation) .html [@ = ChromeHTML] -- Reg Error: Key error. File not found [HKEY_USERS\S-1-5-21-4185687916-3612499721-706189786-1000\SOFTWARE\Classes\<extension>] .exe [@ = exefile] -- Reg Error: Key error. File not found .html [@ = ChromeHTML] -- Reg Error: Key error. File not found [color=#E56717]========== Shell Spawning ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation) http [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" https [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation) scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~3\Office12\ONENOTE.EXE "%L" Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] "DisableMonitoring" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] "DisableMonitoring" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] "DisableMonitoring" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 "VistaSp1" = Reg Error: Unknown registry data type -- File not found "VistaSp2" = Reg Error: Unknown registry data type -- File not found [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [color=#E56717]========== Firewall Settings ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DisableNotifications" = 0 "EnableFirewall" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 "DoNotAllowExceptions" = 1 [color=#E56717]========== Authorized Applications List ==========[/color] [color=#E56717]========== Vista Active Open Ports Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{7C512D1D-DBDB-4511-BBE2-18AFC326A9E5}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe | "{B0521BF7-D647-41CD-8751-6474164B2E90}" = lport=2869 | protocol=6 | dir=in | app=system | "{D62076F9-6FA9-43DC-A7BE-DED91F6366C0}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe | [color=#E56717]========== Vista Active Application Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{19DA5937-37D5-4A27-B560-0EA6A7EBEF42}" = dir=in | app=c:\program files\avg\avg8\avgnsx.exe | "{2BF1B30A-E70B-40C0-A49B-E32E0357E594}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | "{5DE2C203-A710-4888-A4A0-B03BC6F9F7EE}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | "{6DF6AEE7-DD6C-4E48-B6C6-5F7E89B7F96C}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe | "{914174F0-7119-493A-93B2-9605698F0671}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe | "{E8F03D01-B9D0-465F-B698-68FF4BFAA86D}" = dir=in | app=c:\program files\avg\avg8\avgupd.exe | "TCP Query User{17D6489A-DFA8-4656-99E2-F1B997D47959}C:\program files\shareaza\shareaza.exe" = protocol=6 | dir=in | app=c:\program files\shareaza\shareaza.exe | "TCP Query User{2D93F5D6-E31E-4EB6-A594-2DB46C0DF52B}C:\program files\emule\emule.exe" = protocol=6 | dir=in | app=c:\program files\emule\emule.exe | "TCP Query User{2E308D33-0970-41E1-82BD-74CB73B1B213}C:\program files\imesh applications\imesh\imesh.exe" = protocol=6 | dir=in | app=c:\program files\imesh applications\imesh\imesh.exe | "TCP Query User{38F9AB96-8A05-4AB8-B5CA-916641B1DDA4}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe | "TCP Query User{67200002-4891-48F1-87F8-8BB434D81B42}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe | "UDP Query User{47E44B82-B4C6-4DB4-ABBD-BA76A28E1BEF}C:\program files\emule\emule.exe" = protocol=17 | dir=in | app=c:\program files\emule\emule.exe | "UDP Query User{5D0183A6-CFDC-4515-B8C5-DC41C631CC6E}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe | "UDP Query User{7E728CC7-63FD-4A4C-9B93-5593966A3812}C:\program files\shareaza\shareaza.exe" = protocol=17 | dir=in | app=c:\program files\shareaza\shareaza.exe | "UDP Query User{8B147FA3-9BD0-4D62-9F24-E9FC96B25B0E}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe | "UDP Query User{BA0B46EA-4F48-44AB-8C39-B05694E9B644}C:\program files\imesh applications\imesh\imesh.exe" = protocol=17 | dir=in | app=c:\program files\imesh applications\imesh\imesh.exe | [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{0394CDC8-FABD-4ed8-B104-03393876DFDF}" = Roxio Creator Tools "{06E6E30D-B498-442F-A943-07DE41D7F785}" = Microsoft Search Enhancement Pack "{0D2E9DCB-9938-475E-B4DD-8851738852FF}" = AIO_Scan "{0D397393-9B50-4c52-84D5-77E344289F87}" = Roxio Creator Data "{0F5B4A82-9DAF-3D13-8CB8-AEB25E4A614E}" = Microsoft .NET Framework 4 Client Profile FRA Language Pack "{11F93B4B-48F0-4A4E-AE77-DFA96A99664B}" = Roxio Creator EasyArchive "{133742BA-6F46-4D3E-85AF-78631D9AD8B8}" = Installation Windows Live "{1746EA69-DCB6-4408-B5A5-E75F55439CDF}" = Scan "{179C56A4-F57F-4561-8BBF-F911D26EB435}" = WebReg "{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate "{1ABBDA67-0F1B-4DEB-910A-177F13D866DD}" = USB Video Camera Driver v1.40 "{1AE3E621-E0C0-4aa1-B10B-B3E353A8D110}" = c3100_Help "{1EE04769-91C4-4A06-92B7-FCAFE6BABDD9}" = Galerie de photos Windows Live "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Outil de téléchargement Windows Live "{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT "{230B83A5-7D88-4B95-B71E-F44C0C78B002}" = Windows Live Movie Maker "{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer "{26A24AE4-039D-4CA4-87B4-2F83216012FF}" = Java(TM) 6 Update 12 "{282E5AB2-8E47-4571-B6FA-6B512555B557}" = HP Photosmart.All-In-One Driver Software 8.0 .A "{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform "{35E1EC43-D4FC-4E4A-AAB3-20DDA27E8BB0}" = Roxio Activation Module "{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile "{3E31821C-7917-367E-938E-E65FC413EA31}" = Microsoft .NET Framework 3.5 Language Pack SP1 - fra "{40F7AED3-0C7D-4582-99F6-484A515C73F2}" = HP Easy Setup - Frontend "{445B183D-F4F1-45C8-B9DB-F11355CA657B}" = Windows Live Messenger "{44F5A980-8A6B-4aca-8D85-EFCE5D67D379}" = AIO_CDA_ProductContext "{4634B21A-CC07-4396-890C-2B8168661FEA}" = Windows Live Writer "{49F2B650-2D7B-4F59-B33D-346F63776BD3}" = DocProc "{55979C41-7D6A-49CC-B591-64AC1BBE2C8B}" = HP Picasso Media Center Add-In "{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml "{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}" = Microsoft Office Live Add-in 1.3 "{5DD76286-9BE7-4894-A990-E905E91AC818}" = Windows Live Mail "{619CDD8A-14B6-43a1-AB6C-0F4EE48CE048}" = Roxio Creator Copy "{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites "{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler 3 "{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder "{67D3F1A0-A1F2-49b7-B9EE-011277B170CD}" = HPProductAssistant "{6AF49698-949A-4C89-9B31-041D2CCB5FBD}" = muvee autoProducer 6.0 "{6B1CB38D-E2E4-4a30-933D-EFDEBA76AD9C}" = Microsoft Works "{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{75E71ADD-042C-4F30-BFAC-A9EC42351313}" = Python 2.4.3 "{76810709-A7D3-468D-9167-A1780C1E766C}" = Windows Live FolderShare "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 "{7A7DC702-DEDE-42A8-8722-B3BA724D546F}" = Fax "{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec "{83FFCFC7-88C6-41c6-8752-958A45325C82}" = Roxio Creator Audio "{87E2B986-07E8-477a-93DC-AF0B6758B192}" = DocProcQFolder "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86) "{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player "{8C6027FD-53DC-446D-BB75-CACD7028A134}" = HP Update "{8E5233E1-7495-44FB-8DEB-4BE906D59619}" = Junk Mail filter update "{90120000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2007 "{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581) "{90120000-0015-040C-0000-0000000FF1CE}" = Microsoft Office Access MUI (French) 2007 "{90120000-0015-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0016-040C-0000-0000000FF1CE}" = Microsoft Office Excel MUI (French) 2007 "{90120000-0016-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0016-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0018-040C-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (French) 2007 "{90120000-0018-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0018-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0019-040C-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (French) 2007 "{90120000-0019-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001A-040C-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (French) 2007 "{90120000-001A-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001B-040C-0000-0000000FF1CE}" = Microsoft Office Word MUI (French) 2007 "{90120000-001B-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001B-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001F-0401-0000-0000000FF1CE}" = Microsoft Office Proof (Arabic) 2007 "{90120000-001F-0401-0000-0000000FF1CE}_HOMESTUDENTR_{14809F99-C601-4D4A-9391-F1E8FAA964C5}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-0401-0000-0000000FF1CE}_PROPLUS_{14809F99-C601-4D4A-9391-F1E8FAA964C5}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007 "{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-0407-0000-0000000FF1CE}_PROPLUS_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007 "{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-0409-0000-0000000FF1CE}_PROPLUS_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007 "{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-040C-0000-0000000FF1CE}_PROPLUS_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-0413-0000-0000000FF1CE}" = Microsoft Office Proof (Dutch) 2007 "{90120000-001F-0413-0000-0000000FF1CE}_HOMESTUDENTR_{D66D5A44-E480-4BA4-B4F2-C554F6B30EBB}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-0413-0000-0000000FF1CE}_PROPLUS_{D66D5A44-E480-4BA4-B4F2-C554F6B30EBB}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007 "{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-0C0A-0000-0000000FF1CE}_PROPLUS_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-002C-040C-0000-0000000FF1CE}" = Microsoft Office Proofing (French) 2007 "{90120000-0044-040C-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (French) 2007 "{90120000-0044-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-006E-040C-0000-0000000FF1CE}" = Microsoft Office Shared MUI (French) 2007 "{90120000-006E-040C-0000-0000000FF1CE}_HOMESTUDENTR_{B165D3C2-40AE-4D39-86F7-E5C87C4264C0}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-006E-040C-0000-0000000FF1CE}_PROPLUS_{B165D3C2-40AE-4D39-86F7-E5C87C4264C0}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-00A1-040C-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (French) 2007 "{90120000-00A1-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2) "{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007 "{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2) "{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581) "{938B1CD7-7C60-491E-AA90-1F1888168240}" = Roxio MyDVD Basic v9 "{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting "{95120000-0122-040C-0000-0000000FF1CE}" = Microsoft Office Outlook Connector "{95D08F4E-DFC2-4ce3-ACB7-8C8E206217E9}" = MarketResearch "{978C25EE-5777-46e4-8988-732C297CBDBD}" = Status "{9B1FD9CE-0776-4f0b-A6F5-C6AB7B650CDF}" = Destinations "{9D6524E6-15CF-4852-BF70-04FE973A3DE1}" = Windows Live Toolbar "{9DBA770F-BF73-4D39-B1DF-6035D95268FC}" = HP Customer Feedback "{9FF9FDF7-F84A-4F99-B4BB-066B6F95F33D}" = Windows Live Contrôle parental "{A36CD345-625C-4d6c-B3E2-76E1248CB451}" = SolutionCenter "{A3B7C670-4A1E-4EE2-950E-C875BC1965D0}" = Copy "{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder "{AB5E289E-76BF-4251-9F3F-9B763F681AE0}" = HP Customer Experience Enhancements "{AB61E316-F10B-43eb-B47F-42095835F9CC}" = C3100 "{AC76BA86-7AD7-1036-7B44-A80000000002}" = Adobe Reader 8 - Français "{AF1C9345-B53D-4110-BFBF-A0DD83AEAB83}" = AIO_CDA_Software "{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter "{B1BDEA80-95CE-4DFB-B9D3-DC800E7F87B4}" = TRENDnet TEW-424UB Wireless USB 2.0 Adapter Vista Driver and Utility "{B3B487E7-6171-4376-9074-B28082CEB504}" = Windows Live Call "{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player "{B7C61755-DB48-4003-948F-3D34DB8EAF69}" = MSRedist "{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86) "{BE77A81F-B315-4666-9BF3-AE70C0ADB057}" = BufferChm "{C716522C-3731-4667-8579-40B098294500}" = Toolbox "{C8B0680B-CDAE-4809-9F91-387B6DE00F7C}" = Roxio Creator Basic v9 "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{CE386A4E-D0DA-4208-8235-BCE43275C694}" = LightScribe 1.4.142.1 "{D533C9D4-ED96-4191-B9C3-279C0DD6BABA}" = Sony Noise Reduction Plug-In 2.0e "{D6D5CB84-0E6E-4E69-B300-C690B6911036}" = Nero 8 "{DBEA1034-5882-4A88-8033-81C4EF0CFA29}" = Google Toolbar for Internet Explorer "{DCE8CD14-FBF5-4464-B9A4-E18E473546C7}" = Assistant de connexion Windows Live "{DF8195AF-8E6F-4487-A0EE-196F7E3F4B8A}" = jetAudio Basic "{E06F04B9-45E6-4AC0-8083-85F7515F40F7}" = UnloadSupport "{EB21A812-671B-4D08-B974-2A347F0D8F70}" = HP Photosmart Essential "{EB75DE50-5754-4F6F-875D-126EDF8E4CB3}" = HPSSupply "{EBA29752-DDD2-4B62-B2E3-9841F92A3E3A}" = Samsung PC Studio 3 USB Driver Installer "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU] "{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{F1E63043-54FC-429B-AB2C-31AF9FBA4BC7}" = 32 Bit HP CIO Components Installer "{FF075778-6E50-47ed-991D-3B07FD4E3250}" = TrayApp "Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites "Adobe Acrobat 5.0" = Adobe Acrobat 5.0 "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Audacity_is1" = Audacity 1.2.6 "avast5" = avast! Free Antivirus "AVG8Uninstall" = AVG 8.5 "CCleaner" = CCleaner "Cole2k Media - Codec Pack" = Cole2k Media - Codec Pack (Advanced) "DVD Shrink_is1" = DVD Shrink 3.1.7 "HOMESTUDENTR" = Microsoft Office Home and Student 2007 "HP Imaging Device Functions" = HP Imaging Device Functions 8.0 "HP Solution Center & Imaging Support Tools" = HP Solution Center 8.0 "HPExtendedCapabilities" = HP Customer Participation Program 8.0 "HPOCR" = HP OCR Software 8.0 "imeshmediabartb" = MediaBar "InstallShield_{B1BDEA80-95CE-4DFB-B9D3-DC800E7F87B4}" = TRENDnet TEW-424UB Wireless USB 2.0 Adapter Vista Driver and Utility "Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware "Microsoft .NET Framework 3.5 Language Pack SP1 - fra" = Module linguistique Microsoft .NET Framework 3.5 SP1- fra "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Client Profile FRA Language Pack" = Module linguistique Microsoft .NET Framework 4 Client Profile FRA "Neuf_Kit" = Akeo - Kit de connexion "ngnfmfmf" = Favorit "NVIDIA Drivers" = NVIDIA Drivers "OsdMaestro" = HP On-Screen Cap/Num/Scroll Lock Indicator "PC-Doctor 5 for Windows" = Outils de diagnostic du matériel "PROPLUS" = Microsoft Office Professional Plus 2007 "SAMSUNG CDMA Modem" = SAMSUNG CDMA Modem Driver Set "SAMSUNG Mobile USB Modem" = SAMSUNG Mobile USB Modem Software "SAMSUNG Mobile USB Modem 1.0" = SAMSUNG Mobile USB Modem 1.0 Software "The KMPlayer" = The KMPlayer (remove only) "Traduction française jetAudio 7.1x_is1" = jetAudio 7 - Traduction française "Visual Généalogie_is1" = Visual Généalogie "VLC media player" = VideoLAN VLC media player 0.8.5 "WinLiveSuite_Wave3" = Installation Windows Live "WinRAR archiver" = Archiveur WinRAR "ZHPDiag_is1" = ZHPDiag 1.25 [color=#E56717]========== Last 10 Event Log Errors ==========[/color] [ Application Events ] Error - 21/04/2010 00:57:54 | Computer Name = PC-de-amélie | Source = Windows Search Service | ID = 3026 Description = Error - 27/04/2010 07:36:56 | Computer Name = PC-de-amélie | Source = Application Hang | ID = 1002 Description = Le programme WINWORD.EXE version 12.0.6514.5000 a cessé d’interagir avec Windows et a été fermé. Pour déterminer si des informations supplémentaires sont disponibles, consultez l’historique du problème dans l’application Rapports et solutions aux problèmes du Panneau de configuration. ID de processus : 17f8 Heure de début : 01cae5fc069d6ca0 Heure de fin : 0 Error - 01/05/2010 02:57:40 | Computer Name = PC-de-amélie | Source = Application Error | ID = 1000 Description = Application défaillante NMIndexStoreSvr.exe, version 3.3.3.0, horodatage 0x47c6bd1b, module défaillant NMIndexStoreSvr.exe, version 3.3.3.0, horodatage 0x47c6bd1b, code d’exception 0xc0000005, décalage d’erreur 0x000c463c, ID du processus 0x984, heure de début de l’application 0x01cae8fb88d7cbe3. Error - 01/05/2010 12:47:38 | Computer Name = PC-de-amélie | Source = Application Error | ID = 1000 Description = Application défaillante iexplore.exe, version 8.0.6001.18904, horodatage 0x4b835fec, module défaillant mshtml.dll, version 8.0.6001.18904, horodatage 0x4b837769, code d’exception 0xc0000005, décalage d’erreur 0x001f0ec8, ID du processus 0x155c, heure de début de l’application 0x01cae94dc61e2c86. Error - 04/05/2010 02:44:36 | Computer Name = PC-de-amélie | Source = Application Error | ID = 1000 Description = Application défaillante msnmsgr.exe, version 14.0.8089.726, horodatage 0x4a6ce533, module défaillant UXCore.dll, version 14.0.8064.206, horodatage 0x498cdee0, code d’exception 0xc0000005, décalage d’erreur 0x000736cc, ID du processus 0xfec, heure de début de l’application 0x01caeb51d5baadf6. Error - 06/05/2010 06:42:53 | Computer Name = PC-de-amélie | Source = Application Error | ID = 1000 Description = Application défaillante msnmsgr.exe, version 14.0.8089.726, horodatage 0x4a6ce533, module défaillant PresenceIM.dll, version 14.0.8089.726, horodatage 0x4a6ce51e, code d’exception 0xc0000005, décalage d’erreur 0x0003627f, ID du processus 0x888, heure de début de l’application 0x01caecda9c354a69. Error - 07/05/2010 09:47:05 | Computer Name = PC-de-amélie | Source = Application Error | ID = 1000 Description = Application défaillante NMIndexStoreSvr.exe, version 3.3.3.0, horodatage 0x47c6bd1b, module défaillant NMIndexStoreSvr.exe, version 3.3.3.0, horodatage 0x47c6bd1b, code d’exception 0xc0000005, décalage d’erreur 0x000c463c, ID du processus 0xd7c, heure de début de l’application 0x01caedebabd8ad50. Error - 15/05/2010 12:37:01 | Computer Name = PC-de-amélie | Source = Application Error | ID = 1000 Description = Application défaillante NMIndexStoreSvr.exe, version 3.3.3.0, horodatage 0x47c6bd1b, module défaillant NMIndexStoreSvr.exe, version 3.3.3.0, horodatage 0x47c6bd1b, code d’exception 0xc0000005, décalage d’erreur 0x000c463c, ID du processus 0x7b8, heure de début de l’application 0x01caf44cc45551fa. Error - 20/05/2010 09:37:11 | Computer Name = PC-de-amélie | Source = Application Error | ID = 1000 Description = Application défaillante hpqscnvw.exe, version 8.1.0.52, horodatage 0x458016e1, module défaillant hpqscnvw.exe, version 8.1.0.52, horodatage 0x458016e1, code d’exception 0xc0000005, décalage d’erreur 0x00009b0e, ID du processus 0x15a4, heure de début de l’application 0x01caf82189daf5b0. Error - 20/05/2010 14:46:39 | Computer Name = PC-de-amélie | Source = WindowsLiveMessenger | ID = 15728647 Description = [ Media Center Events ] Error - 11/11/2007 06:42:03 | Computer Name = PC-de-amélie | Source = Media Center Guide | ID = 0 Description = Info sur l’événement : ERROR: SqmApiWrapper.TimerRecord failed; Win32 GetLastError returned 10000105 Processus : DefaultDomain Nom de l’objet : Media Center Guide Error - 03/02/2008 15:55:07 | Computer Name = PC-de-amélie | Source = Media Center Guide | ID = 0 Description = Info sur l’événement : ERROR: SqmApiWrapper.TimerRecord failed; Win32 GetLastError returned 10000105 Processus : DefaultDomain Nom de l’objet : Media Center Guide Error - 26/07/2008 08:06:42 | Computer Name = PC-de-amélie | Source = Media Center Guide | ID = 0 Description = Info sur l’événement : ERROR: SqmApiWrapper.TimerRecord failed; Win32 GetLastError returned 10000105 Processus : DefaultDomain Nom de l’objet : Media Center Guide Error - 31/12/2008 07:51:10 | Computer Name = PC-de-amélie | Source = Media Center Guide | ID = 0 Description = Info sur l’événement : ERROR: SqmApiWrapper.TimerRecord failed; Win32 GetLastError returned 10000105 Processus : DefaultDomain Nom de l’objet : Media Center Guide Error - 31/12/2008 08:22:02 | Computer Name = PC-de-amélie | Source = Media Center Guide | ID = 0 Description = Info sur l’événement : ERROR: SqmApiWrapper.TimerRecord failed; Win32 GetLastError returned 10000105 Processus : DefaultDomain Nom de l’objet : Media Center Guide Error - 13/02/2009 07:50:46 | Computer Name = PC-de-amélie | Source = Media Center Guide | ID = 0 Description = Info sur l’événement : ERROR: SqmApiWrapper.TimerRecord failed; Win32 GetLastError returned 10000105 Processus : DefaultDomain Nom de l’objet : Media Center Guide [ OSession Events ] Error - 22/06/2008 03:44:11 | Computer Name = PC-de-amélie | Source = Microsoft Office 12 Sessions | ID = 7001 Description = ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 636 seconds with 540 seconds of active time. This session ended with a crash. Error - 25/08/2008 11:14:51 | Computer Name = PC-de-amélie | Source = Microsoft Office 12 Sessions | ID = 7001 Description = ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 1879 seconds with 1680 seconds of active time. This session ended with a crash. Error - 26/03/2009 15:13:15 | Computer Name = PC-de-amélie | Source = Microsoft Office 12 Sessions | ID = 7001 Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application Version: 12.0.6300.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 2 seconds with 0 seconds of active time. This session ended with a crash. Error - 27/04/2009 05:38:02 | Computer Name = PC-de-amélie | Source = Microsoft Office 12 Sessions | ID = 7001 Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application Version: 12.0.6300.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 81 seconds with 60 seconds of active time. This session ended with a crash. Error - 27/04/2009 05:38:46 | Computer Name = PC-de-amélie | Source = Microsoft Office 12 Sessions | ID = 7001 Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application Version: 12.0.6300.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 35 seconds with 0 seconds of active time. This session ended with a crash. Error - 18/06/2009 04:42:43 | Computer Name = PC-de-amélie | Source = Microsoft Office 12 Sessions | ID = 7001 Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6504.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 5 seconds with 0 seconds of active time. This session ended with a crash. Error - 29/09/2009 05:10:38 | Computer Name = PC-de-amélie | Source = Microsoft Office 12 Sessions | ID = 7001 Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6504.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 4 seconds with 0 seconds of active time. This session ended with a crash. Error - 25/12/2010 04:43:04 | Computer Name = PC-de-amélie | Source = Microsoft Office 12 Sessions | ID = 7001 Description = ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 807 seconds with 780 seconds of active time. This session ended with a crash. Error - 25/12/2010 04:43:25 | Computer Name = PC-de-amélie | Source = Microsoft Office 12 Sessions | ID = 7001 Description = ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 3 seconds with 0 seconds of active time. This session ended with a crash. Error - 25/12/2010 04:44:43 | Computer Name = PC-de-amélie | Source = Microsoft Office 12 Sessions | ID = 7001 Description = ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 12 seconds with 0 seconds of active time. This session ended with a crash. [ System Events ] Error - 11/01/2011 11:00:52 | Computer Name = PC-de-amélie | Source = Service Control Manager | ID = 7026 Description = Error - 12/01/2011 01:21:34 | Computer Name = PC-de-amélie | Source = Service Control Manager | ID = 7026 Description = Error - 12/01/2011 05:48:18 | Computer Name = PC-de-amélie | Source = Service Control Manager | ID = 7026 Description = Error - 12/01/2011 15:00:00 | Computer Name = PC-de-amélie | Source = Service Control Manager | ID = 7026 Description = Error - 12/01/2011 15:10:31 | Computer Name = PC-de-amélie | Source = EventLog | ID = 6008 Description = L'arrêt système précédant à 20:08:19 le 12/01/2011 n'était pas prévu. Error - 12/01/2011 15:10:54 | Computer Name = PC-de-amélie | Source = RasMan | ID = 20033 Description = Le Gestionnaire de connexion d'accès à distance n'a pas réussi à démarrer, car il n'a pas pu s'inscrire auprès de l'autorité de sécurité locale. Essayez de redémarrer le service du Gestionnaire de connexion d'accès à distance. Si le problème persiste, contactez l'administrateur système. Fonction incorrecte. Error - 13/01/2011 04:05:56 | Computer Name = PC-de-amélie | Source = Service Control Manager | ID = 7026 Description = Error - 13/01/2011 04:35:07 | Computer Name = PC-de-amélie | Source = Service Control Manager | ID = 7026 Description = Error - 13/01/2011 12:31:27 | Computer Name = PC-de-amélie | Source = Service Control Manager | ID = 7011 Description = Error - 13/01/2011 12:41:16 | Computer Name = PC-de-amélie | Source = Service Control Manager | ID = 7026 Description = < End of report >

Amelie mélie mélo · le 13 Jan 2011 18:55

Code: Tout sélectionner: OTL logfile created on: 13/01/2011 18:25:53 - Run 1 OTL by OldTimer - Version 3.2.20.2 Folder = C:\Users\amélie\Desktop Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18999) Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy 2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 29,00% Memory free 4,00 Gb Paging File | 2,00 Gb Available in Paging File | 60,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 232,88 Gb Total Space | 61,72 Gb Free Space | 26,50% Space Free | Partition Type: NTFS Computer Name: PC-DE-AMÉLIE | User Name: amélie | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2011/01/13 18:14:00 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\amélie\Desktop\OTL.exe PRC - [2010/09/07 16:12:02 | 002,838,912 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe PRC - [2010/09/07 16:11:59 | 000,040,384 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe PRC - [2010/07/08 18:23:05 | 002,048,352 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgtray.exe PRC - [2010/05/14 10:00:26 | 000,316,208 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft\Search Enhancement Pack\SCServer\SCServer.exe PRC - [2010/05/14 10:00:26 | 000,249,136 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe PRC - [2010/04/16 18:36:42 | 000,026,480 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Contacts\wlcomm.exe PRC - [2010/01/27 01:58:38 | 000,256,280 | R--- | M] (Adobe Systems, Inc.) -- C:\Windows\System32\Macromed\Flash\FlashUtil10e.exe PRC - [2010/01/07 16:07:10 | 001,394,000 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe PRC - [2009/08/19 07:11:46 | 000,486,680 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\PROGRA~1\AVG\AVG8\avgrsx.exe PRC - [2009/08/19 07:11:45 | 000,693,016 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgcsrvx.exe PRC - [2009/08/19 07:11:40 | 000,595,736 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\PROGRA~1\AVG\AVG8\avgnsx.exe PRC - [2009/08/19 07:11:26 | 000,297,752 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe PRC - [2009/04/11 07:28:11 | 001,143,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wercon.exe PRC - [2009/04/11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2009/02/13 18:57:44 | 000,386,480 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jucheck.exe PRC - [2008/02/28 17:07:58 | 001,828,136 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe PRC - [2007/04/29 17:05:08 | 000,434,176 | ---- | M] () -- C:\Program Files\TRENDnet\TEW-424UB\WlanCU.exe PRC - [2007/03/01 16:38:48 | 004,390,912 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe PRC - [2007/02/15 11:59:00 | 000,118,784 | ---- | M] (OsdMaestro) -- C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe PRC - [2006/09/28 14:42:24 | 000,065,536 | ---- | M] (Hewlett-Packard Company) -- C:\hp\support\hpsysdrv.exe [color=#E56717]========== Modules (SafeList) ==========[/color] MOD - [2011/01/13 18:14:00 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\amélie\Desktop\OTL.exe MOD - [2010/08/31 16:43:52 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll MOD - [2009/08/19 07:11:46 | 000,011,952 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\avgrsstx.dll [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - [2010/09/07 16:11:59 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Web Scanner) SRV - [2010/09/07 16:11:59 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Mail Scanner) SRV - [2010/09/07 16:11:59 | 000,040,384 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus) SRV - [2010/05/14 10:00:26 | 000,249,136 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe -- (SeaPort) SRV - [2010/04/28 07:44:02 | 000,704,872 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Live\Family Safety\fsssvc.exe -- (fsssvc) SRV - [2010/03/18 12:16:28 | 000,753,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe -- (WPFFontCache_v0400) SRV - [2010/03/18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2009/09/25 02:27:04 | 000,793,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\FntCache.dll -- (FontCache) SRV - [2009/08/19 07:11:26 | 000,297,752 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe -- (avg8wd) SRV - [2008/01/19 08:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - [2010/09/07 15:52:25 | 000,046,672 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi) DRV - [2010/09/07 15:52:03 | 000,165,584 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP) DRV - [2010/09/07 15:47:46 | 000,023,376 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr.sys -- (aswRdr) DRV - [2010/09/07 15:47:30 | 000,050,768 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt) DRV - [2010/09/07 15:47:07 | 000,017,744 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk) DRV - [2010/01/07 16:07:14 | 000,038,224 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy) DRV - [2009/08/19 07:11:46 | 000,335,240 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\Drivers\avgldx86.sys -- (AvgLdx86) DRV - [2009/08/19 07:11:46 | 000,027,784 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\System32\Drivers\avgmfx86.sys -- (AvgMfx86) DRV - [2009/08/05 21:48:42 | 000,054,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\fssfltr.sys -- (fssfltr) DRV - [2009/05/05 07:32:28 | 000,108,552 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\Drivers\avgtdix.sys -- (AvgTdiX) DRV - [2007/07/19 00:40:00 | 000,281,088 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RTL8187B.sys -- (RTL8187B) DRV - [2007/04/11 17:53:10 | 000,078,616 | ---- | M] (Softwin SRL) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\bdfndisf.sys -- (Bdfndisf) DRV - [2007/03/19 14:58:50 | 000,101,672 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\nvstor32.sys -- (nvstor32) DRV - [2007/03/01 17:21:10 | 001,744,928 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RTKVHDA.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM) DRV - [2007/02/11 01:18:00 | 007,409,024 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm) DRV - [2007/01/12 17:33:32 | 000,141,608 | ---- | M] (SOFTWIN S.R.L.) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\bdfsfltr.sys -- (bdfsfltr) DRV - [2007/01/09 10:35:44 | 000,091,776 | ---- | M] (USB Generic Camera) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\cam1210.sys -- (CAM1210) DRV - [2006/11/02 10:51:45 | 000,900,712 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300) DRV - [2006/11/02 10:51:38 | 000,420,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx) DRV - [2006/11/02 10:51:34 | 000,316,520 | ---- | M] (Emulex) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor) DRV - [2006/11/02 10:51:32 | 000,297,576 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci) DRV - [2006/11/02 10:51:25 | 000,235,112 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci) DRV - [2006/11/02 10:51:25 | 000,232,040 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV) DRV - [2006/11/02 10:51:00 | 000,147,048 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320) DRV - [2006/11/02 10:50:45 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2) DRV - [2006/11/02 10:50:41 | 000,112,232 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid) DRV - [2006/11/02 10:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx) DRV - [2006/11/02 10:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata) DRV - [2006/11/02 10:50:35 | 000,098,408 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m) DRV - [2006/11/02 10:50:24 | 000,088,680 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid) DRV - [2006/11/02 10:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960) DRV - [2006/11/02 10:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp) DRV - [2006/11/02 10:50:16 | 000,071,784 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4) DRV - [2006/11/02 10:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor) DRV - [2006/11/02 10:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx) DRV - [2006/11/02 10:50:10 | 000,067,688 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas) DRV - [2006/11/02 10:50:10 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI) DRV - [2006/11/02 10:50:10 | 000,038,504 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid2.sys -- (SiSRaid2) DRV - [2006/11/02 10:50:10 | 000,037,480 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs) DRV - [2006/11/02 10:50:09 | 000,067,688 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arc.sys -- (arc) DRV - [2006/11/02 10:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid) DRV - [2006/11/02 10:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi) DRV - [2006/11/02 10:50:05 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS) DRV - [2006/11/02 10:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx) DRV - [2006/11/02 10:50:04 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC) DRV - [2006/11/02 10:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3) DRV - [2006/11/02 10:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x) DRV - [2006/11/02 10:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi) DRV - [2006/11/02 10:49:53 | 000,028,776 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasas.sys -- (megasas) DRV - [2006/11/02 10:49:30 | 000,017,512 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\viaide.sys -- (viaide) DRV - [2006/11/02 10:49:28 | 000,016,488 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide) DRV - [2006/11/02 10:49:20 | 000,014,952 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\aliide.sys -- (aliide) DRV - [2006/11/02 09:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM) DRV - [2006/11/02 09:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer) DRV - [2006/11/02 09:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp) DRV - [2006/11/02 09:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo) DRV - [2006/11/02 09:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm) DRV - [2006/11/02 09:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm) DRV - [2006/11/02 08:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi) DRV - [2006/11/02 08:30:56 | 000,429,056 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvm60x32.sys -- (NVENETFD) DRV - [2006/11/02 08:30:54 | 000,117,760 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel(R) DRV - [2005/12/12 18:27:00 | 000,019,072 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\PS2.sys -- (Ps2) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=FR_FR&c=73&bd=Pavilion&pf=desktop IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.duxot.com/ IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.facebook.com/?ref=hp [binary data] IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.gllod.com/ IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKCU\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll () IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 O1 HOSTS File: ([2006/09/18 22:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2 - BHO: (Aide pour le lien d'Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O2 - BHO: (Windows Live Family Safety Browser Helper Class) - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll (Microsoft Corporation) O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found. O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation) O2 - BHO: (AVG Security Toolbar BHO) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll () O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll (Google Inc.) O2 - BHO: (MediaBar) - {ABB49B3B-AB7D-4ED0-9135-93FD5AA4F69F} - C:\Program Files\iMeshMediabarTb\iMeshMediaBarDx.dll () O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation) O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation) O3 - HKLM\..\Toolbar: (&Google) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll (Google Inc.) O3 - HKLM\..\Toolbar: (MediaBar) - {ABB49B3B-AB7D-4ED0-9135-93FD5AA4F69F} - C:\Program Files\iMeshMediabarTb\iMeshMediaBarDx.dll () O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll () O3 - HKCU\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation) O3 - HKCU\..\Toolbar\WebBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll (Google Inc.) O3 - HKCU\..\Toolbar\WebBrowser: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll () O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [avast5] File not found O4 - HKLM..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe (AVG Technologies CZ, s.r.o.) O4 - HKLM..\Run: [fssui] C:\Program Files\Windows Live\Family Safety\fsui.exe (Microsoft Corporation) O4 - HKLM..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe (Hewlett-Packard Company) O4 - HKLM..\Run: [KBD] C:\hp\KBD\KbdStub.exe () O4 - HKLM..\Run: [NBKeyScan] C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe (Nero AG) O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.DLL (NVIDIA Corporation) O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.DLL (NVIDIA Corporation) O4 - HKLM..\Run: [NvSvc] C:\Windows\System32\nvsvc.DLL (NVIDIA Corporation) O4 - HKLM..\Run: [OsdMaestro] C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe (OsdMaestro) O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor) O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation) O4 - HKCU..\Run: [Firewall Administrating] File not found O4 - HKCU..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe (Nero AG) O4 - HKLM..\RunOnce: [Launcher] C:\Windows\SMINST\Launcher.exe (soft thinks) O9 - Extra Button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation) O9 - Extra Button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL (Microsoft Corporation) O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_12-windows-i586.cab (Java Plug-in 1.6.0_12) O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_12-windows-i586.cab (Java Plug-in 1.6.0_12) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_12-windows-i586.cab (Java Plug-in 1.6.0_12) O16 - DPF: CabBuilder http://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation) O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation) O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20 - AppInit_DLLs: (avgrsstx.dll) - C:\Windows\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O24 - Desktop WallPaper: C:\Users\amélie\AppData\Roaming\Microsoft\Windows Photo Gallery\Papier peint de la Galerie de photos Windows.jpg O24 - Desktop BackupWallPaper: C:\Users\amélie\AppData\Roaming\Microsoft\Windows Photo Gallery\Papier peint de la Galerie de photos Windows.jpg O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2007/06/12 00:03:11 | 000,000,074 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O33 - MountPoints2\{5c56bdf8-9e8c-11de-802f-001bb97e24c0}\Shell\AutoRun\command - "" = D:\ClickMe.exe O33 - MountPoints2\{c0cf8107-1eef-11e0-97cf-001bb97e24c0}\Shell - "" = AutoRun O33 - MountPoints2\{c0cf8107-1eef-11e0-97cf-001bb97e24c0}\Shell\AutoRun\command - "" = D:\LaunchU3.exe O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKCU\...exe [@ = exefile] -- Reg Error: Key error. File not found [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2011/01/13 18:13:32 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\amélie\Desktop\OTL.exe [2011/01/13 17:32:15 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG Security Toolbar [2011/01/13 15:59:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner [2011/01/13 15:59:39 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner [2011/01/12 20:07:41 | 000,413,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbc32.dll [2011/01/12 20:07:35 | 001,169,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sdclt.exe [2010/12/24 07:36:03 | 000,000,000 | ---D | C] -- C:\Users\amélie\Desktop\Nouveau dossier [2010/12/16 08:32:04 | 000,611,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll [2010/12/16 08:31:59 | 000,173,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe [2010/12/16 08:31:58 | 001,469,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl [2010/12/16 08:31:58 | 000,602,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll [2010/12/16 08:31:58 | 000,387,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll [2010/12/16 08:31:58 | 000,385,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec [2010/12/16 08:31:58 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe [2010/12/16 08:31:57 | 001,638,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb [2010/12/16 08:31:57 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll [2010/12/16 08:31:57 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll [2010/12/16 08:31:57 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe [2010/12/16 08:31:57 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll [2010/12/16 08:31:57 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll [2010/12/16 08:31:57 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll [2010/12/16 08:31:57 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll [2010/12/16 08:31:57 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll [2010/12/16 08:31:57 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll [2010/12/16 08:00:35 | 002,038,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys [2010/12/16 08:00:27 | 000,352,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskschd.dll [2010/12/16 08:00:27 | 000,345,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmicmiplugin.dll [2010/12/16 08:00:26 | 000,270,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskcomp.dll [2010/12/16 08:00:10 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\consent.exe [2010/12/16 08:00:05 | 000,292,352 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll [2010/12/16 08:00:05 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fontsub.dll [2010/12/16 08:00:05 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll [2010/12/16 07:58:14 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll [2010/12/15 18:12:57 | 000,231,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msshsq.dll [2010/01/28 09:53:52 | 000,342,016 | ---- | C] (challengerai) -- C:\Users\amélie\AppData\Local\nekrra.exe [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2011/01/13 18:14:00 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\amélie\Desktop\OTL.exe [2011/01/13 18:03:08 | 070,093,797 | ---- | M] () -- C:\Windows\System32\drivers\Avg\incavi.avm [2011/01/13 17:47:00 | 000,001,108 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4185687916-3612499721-706189786-1001UA.job [2011/01/13 17:40:39 | 000,003,568 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2011/01/13 17:40:38 | 000,003,568 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2011/01/13 17:40:28 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2011/01/13 17:39:34 | 2009,591,808 | -HS- | M] () -- C:\hiberfil.sys [2011/01/13 15:59:50 | 000,000,806 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk [2011/01/13 12:11:14 | 000,000,434 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{4D64624F-7E6B-483D-B0B5-5F0543C5AC1E}.job [2011/01/13 10:52:12 | 000,681,560 | ---- | M] () -- C:\Windows\System32\perfh00C.dat [2011/01/13 10:52:11 | 000,598,702 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2011/01/13 10:52:11 | 000,127,298 | ---- | M] () -- C:\Windows\System32\perfc00C.dat [2011/01/13 10:52:11 | 000,104,716 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2011/01/12 20:02:09 | 000,000,420 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{5EE8F42E-7F0D-4056-8068-85079236B58A}.job [2011/01/11 17:17:31 | 000,250,880 | ---- | M] () -- C:\Users\amélie\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011/01/11 08:47:00 | 000,001,056 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4185687916-3612499721-706189786-1001Core.job [2010/12/28 16:55:03 | 000,413,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\odbc32.dll [2010/12/25 09:51:56 | 001,428,450 | ---- | M] () -- C:\Users\amélie\Documents\Doc2.docx [2010/12/25 09:45:57 | 000,002,687 | ---- | M] () -- C:\Users\amélie\Desktop\Word.lnk [2010/12/24 08:09:35 | 000,000,000 | ---- | M] () -- C:\Users\amélie\Desktop\cadeau de noel.docx [2010/12/17 07:28:16 | 000,433,032 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [color=#E56717]========== Files Created - No Company Name ==========[/color] [2011/01/13 15:59:50 | 000,000,806 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk [2010/12/25 09:51:55 | 001,428,450 | ---- | C] () -- C:\Users\amélie\Documents\Doc2.docx [2010/12/24 08:09:35 | 000,000,000 | ---- | C] () -- C:\Users\amélie\Desktop\cadeau de noel.docx [2010/02/15 13:14:40 | 000,007,998 | -HS- | C] () -- C:\Users\amélie\AppData\Local\Cj1181 [2010/02/07 10:10:12 | 000,309,760 | ---- | C] () -- C:\Users\amélie\AppData\Local\kfdaez.exe [2010/02/01 12:13:28 | 000,393,216 | ---- | C] () -- C:\Users\amélie\AppData\Local\tsrqwvt.exe [2010/01/24 16:21:54 | 000,405,504 | ---- | C] () -- C:\Users\amélie\AppData\Local\jethcr.exe [2010/01/17 21:41:15 | 000,003,364 | ---- | C] () -- C:\Users\amélie\AppData\Local\ngnfmfmf.dat [2010/01/17 21:41:15 | 000,000,092 | ---- | C] () -- C:\Users\amélie\AppData\Local\ngnfmfmf.bat [2009/11/06 18:24:50 | 000,076,407 | ---- | C] () -- C:\Users\amélie\AppData\Roaming\Smiley.ico [2009/09/11 07:43:32 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll [2009/04/03 15:12:29 | 000,000,680 | ---- | C] () -- C:\Users\amélie\AppData\Local\d3d9caps.dat [2009/02/23 19:35:55 | 000,004,096 | -H-- | C] () -- C:\Users\amélie\AppData\Local\keyfile3.drm [2009/02/06 08:31:46 | 000,000,290 | RHS- | C] () -- C:\ProgramData\ntuser.pol [2009/01/04 16:06:52 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini [2007/08/22 12:35:40 | 000,250,880 | ---- | C] () -- C:\Users\amélie\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2007/06/11 23:53:07 | 000,018,786 | ---- | C] () -- C:\ProgramData\hpzinstall.log [2007/06/11 23:33:38 | 000,327,680 | ---- | C] () -- C:\Windows\System32\pythoncom24.dll [2007/06/11 23:33:38 | 000,102,400 | ---- | C] () -- C:\Windows\System32\pywintypes24.dll [2007/04/23 01:01:47 | 000,012,288 | ---- | C] () -- C:\Windows\System32\DivXWMPExtType.dll [2007/03/06 09:47:24 | 000,000,000 | ---- | C] () -- C:\Windows\System32\px.ini [2007/01/12 06:07:48 | 000,520,192 | ---- | C] () -- C:\Windows\System32\CddbPlaylist2Roxio.dll [2007/01/12 06:07:48 | 000,204,800 | ---- | C] () -- C:\Windows\System32\CddbFileTaggerRoxio.dll [2006/11/20 14:53:22 | 000,021,166 | ---- | C] () -- C:\Windows\cam1210.ini [2006/11/08 12:27:04 | 000,030,208 | ---- | C] () -- C:\Windows\System32\cam1210.dll [2006/11/02 13:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll [2006/11/02 08:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini [2005/07/03 16:41:37 | 000,041,984 | ---- | C] () -- C:\Windows\System32\avi.dll [2005/07/03 16:41:24 | 000,095,744 | ---- | C] () -- C:\Windows\System32\mkx.dll [2005/07/03 16:41:08 | 000,055,808 | ---- | C] () -- C:\Windows\System32\mp4.dll [2005/07/03 02:08:01 | 002,515,968 | ---- | C] () -- C:\Windows\System32\libavcodec.dll [2005/07/01 18:10:26 | 000,334,848 | ---- | C] () -- C:\Windows\System32\x264vfw.dll [2005/07/01 11:52:07 | 000,005,632 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll [2005/06/29 17:36:41 | 000,188,416 | ---- | C] () -- C:\Windows\System32\TomsMoComp_ff.dll [2005/06/29 17:28:53 | 000,037,888 | ---- | C] () -- C:\Windows\System32\ff_wmv9.dll [2005/06/29 17:28:39 | 000,081,408 | ---- | C] () -- C:\Windows\System32\ff_unrar.dll [2005/06/29 17:28:00 | 000,074,240 | ---- | C] () -- C:\Windows\System32\ff_tremor.dll [2005/06/29 17:27:48 | 000,192,512 | ---- | C] () -- C:\Windows\System32\ff_theora.dll [2005/06/29 17:27:21 | 000,131,072 | ---- | C] () -- C:\Windows\System32\ff_samplerate.dll [2005/06/29 17:27:17 | 000,162,816 | ---- | C] () -- C:\Windows\System32\ff_realaac.dll [2005/06/29 17:26:55 | 000,159,744 | ---- | C] () -- C:\Windows\System32\ff_libmad.dll [2005/06/29 17:25:36 | 000,212,992 | ---- | C] () -- C:\Windows\System32\ff_libdts.dll [2005/06/29 17:25:22 | 000,079,360 | ---- | C] () -- C:\Windows\System32\ff_liba52.dll [2005/06/29 17:19:58 | 000,394,240 | ---- | C] () -- C:\Windows\System32\ff_x264.dll [2005/06/29 17:19:32 | 000,159,744 | ---- | C] () -- C:\Windows\System32\libmpeg2_ff.dll [2005/06/29 17:17:40 | 000,370,688 | ---- | C] () -- C:\Windows\System32\libmplayer.dll [2005/04/28 05:22:38 | 003,596,288 | ---- | C] () -- C:\Windows\System32\qt-dx331.dll [2004/12/20 12:08:28 | 000,155,648 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll [2004/12/20 12:03:26 | 000,679,936 | ---- | C] () -- C:\Windows\System32\xvidcore.dll [2004/09/24 10:10:48 | 000,061,440 | ---- | C] () -- C:\Windows\System32\ogg.dll [2004/09/24 10:09:58 | 001,040,384 | ---- | C] () -- C:\Windows\System32\vorbisenc.dll [2004/09/24 10:09:56 | 001,163,264 | ---- | C] () -- C:\Windows\System32\vorbis.dll [2004/09/24 10:09:42 | 000,077,824 | ---- | C] () -- C:\Windows\System32\vorbisfile.dll [2004/07/26 12:12:52 | 000,166,912 | ---- | C] () -- C:\Windows\System32\lame_enc.dll [2002/10/06 20:42:58 | 000,237,568 | ---- | C] () -- C:\Windows\System32\OggDS.dll [2002/05/17 23:18:30 | 000,124,928 | ---- | C] () -- C:\Windows\System32\mp4fil32.dll [color=#E56717]========== LOP Check ==========[/color] [2009/06/04 11:26:29 | 000,000,000 | ---D | M] -- C:\Users\amélie\AppData\Roaming\aAvgApi [2009/03/25 12:04:39 | 000,000,000 | ---D | M] -- C:\Users\amélie\AppData\Roaming\Bitdefender [2009/01/04 15:34:50 | 000,000,000 | ---D | M] -- C:\Users\amélie\AppData\Roaming\COWON [2010/12/25 09:17:14 | 000,000,000 | ---D | M] -- C:\Users\amélie\AppData\Roaming\Image Zone Express [2009/03/11 13:13:29 | 000,000,000 | ---D | M] -- C:\Users\amélie\AppData\Roaming\InterTrust [2008/09/03 09:39:22 | 000,000,000 | ---D | M] -- C:\Users\amélie\AppData\Roaming\Printer Info Cache [2009/02/02 17:26:12 | 000,000,000 | ---D | M] -- C:\Users\amélie\AppData\Roaming\Scatlaws [2008/05/18 11:09:37 | 000,000,000 | ---D | M] -- C:\Users\amélie\AppData\Roaming\Sony [2009/02/27 16:23:14 | 000,000,000 | ---D | M] -- C:\Users\amélie\AppData\Roaming\Zylom [2009/01/08 16:25:11 | 000,000,000 | ---D | M] -- C:\Users\francky chèri\AppData\Roaming\COWON [2009/11/02 19:27:08 | 000,000,000 | ---D | M] -- C:\Users\francky chèri\AppData\Roaming\Image Zone Express [2009/11/02 19:27:08 | 000,000,000 | ---D | M] -- C:\Users\francky chèri\AppData\Roaming\Printer Info Cache [2009/02/16 12:12:44 | 000,000,000 | ---D | M] -- C:\Users\francky chèri\AppData\Roaming\Shareaza [2010/02/26 18:09:31 | 000,000,000 | ---D | M] -- C:\Users\Invité\AppData\Roaming\Scatlaws [2011/01/13 17:38:27 | 000,032,588 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT [2011/01/13 12:11:14 | 000,000,434 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{4D64624F-7E6B-483D-B0B5-5F0543C5AC1E}.job [2011/01/12 20:02:09 | 000,000,420 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{5EE8F42E-7F0D-4056-8068-85079236B58A}.job [color=#E56717]========== Purity Check ==========[/color] < End of report >

jeanmimigab · le 13 Jan 2011 20:38

hello,

tu as Avast et AVG d'installés sur ton PC, commence par désinstaller un de ces deux Antivirus, tu ne doit en avoir qu'un seul d'installé.

je te prépare un script de suppression pour les éléments infectieux :wink:

jeanmimigab · le 13 Jan 2011 20:50

re,

Après avoir désinstaller un des deux anti virus fais cela stp...

* Fais un double-clic sur l'icône d'OTL pour le lancer
/!\ pour Vista/Seven fais un clic-droit sur l'icône d'OTL et choisis "Exécuter en tant qu'administrateur"

* Assure toi d'avoir fermé toutes les applications en court de fonctionnement.

* Quand la fenêtre d'OTL apparaît, assure toi que dans la section "Rapport" (en haut à droite) la case "Rapport minimal" soit cochée.

* Copies et colles le contenue de cette citation dans la partie inférieure d'OTL "Personnalisation"

:OTL
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.gllod.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
O2 - BHO: (MediaBar) - {ABB49B3B-AB7D-4ED0-9135-93FD5AA4F69F} - C:\Program Files\iMeshMediabarTb\iMeshMediaBarDx.dll ()
O3 - HKLM\..\Toolbar: (MediaBar) - {ABB49B3B-AB7D-4ED0-9135-93FD5AA4F69F} - C:\Program Files\iMeshMediabarTb\iMeshMediaBarDx.dll ()
O4 - HKLM..\Run: [] File not found
O4 - HKCU..\Run: [Firewall Administrating] File not found
O16 - DPF: CabBuilder http://kiw.imgag.com/imgag/kiw/toolbar/ ... ontrol.cab (Reg Error: Key error.)
O33 - MountPoints2\{5c56bdf8-9e8c-11de-802f-001bb97e24c0}\Shell\AutoRun\command - "" = D:\ClickMe.exe

:Files
C:\Program Files\iMeshMediabarTb
D:\ClickMe.exe
C:\Users\amélie\AppData\Local\nekrra.exe
C:\Users\amélie\AppData\Local\Cj1181
C:\Users\amélie\AppData\Local\kfdaez.exe
C:\Users\amélie\AppData\Local\tsrqwvt.exe
C:\Users\amélie\AppData\Local\jethcr.exe
C:\Users\amélie\AppData\Local\ngnfmfmf.dat
C:\Users\amélie\AppData\Local\ngnfmfmf.bat

:Commands
[emptytemp]
[EMPTYFLASH]

* Cliques sur l'icône "Correction" (en haut à gauche) .
* Laisse le scan aller à son terme sans te servir du PC
* A la fin du scan un rapport va s'ouvrir "OTL.Txt"
* Copie et colle le rapports dans ta réponse stp...
* Au cas où, tu peux les retrouver dans le dossier C:\OTL

ensuite...

télécharge Malwarebytes.
Téléchargement et tuto de Danakil à lire avant le scan.
Choisie "exécuter un examen rapide" et à la fin du scan , coche tous les éléments trouvés,et clique sur supprimer la sélection.
Poste moi le rapport stp.

@++

Amelie mélie mélo · le 14 Jan 2011 11:48

Code: Tout sélectionner: All processes killed ========== OTL ========== HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully! HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\StartPageCache| /E : value set successfully! Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ABB49B3B-AB7D-4ED0-9135-93FD5AA4F69F}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ABB49B3B-AB7D-4ED0-9135-93FD5AA4F69F}\ not found. File C:\Program Files\iMeshMediabarTb\iMeshMediaBarDx.dll not found. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{ABB49B3B-AB7D-4ED0-9135-93FD5AA4F69F} not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ABB49B3B-AB7D-4ED0-9135-93FD5AA4F69F}\ not found. File C:\Program Files\iMeshMediabarTb\iMeshMediaBarDx.dll not found. Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\ not found. Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Firewall Administrating not found. Starting removal of ActiveX control CabBuilder Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\CabBuilder\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\CabBuilder\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{5c56bdf8-9e8c-11de-802f-001bb97e24c0}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5c56bdf8-9e8c-11de-802f-001bb97e24c0}\ not found. Coucou!!!! merci de ton aide jeanmimi!!! j'ai fais comme tu m'as dis! voici le rapport!!! qu'es ce qu'il faut que je fasse maintenant (j'ai supprimé avg, j'ai gardé AVAST) File D:\ClickMe.exe not found. ========== FILES ========== File\Folder C:\Program Files\iMeshMediabarTb not found. File\Folder D:\ClickMe.exe not found. File\Folder C:\Users\amélie\AppData\Local\nekrra.exe not found. File\Folder C:\Users\amélie\AppData\Local\Cj1181 not found. File\Folder C:\Users\amélie\AppData\Local\kfdaez.exe not found. File\Folder C:\Users\amélie\AppData\Local\tsrqwvt.exe not found. File\Folder C:\Users\amélie\AppData\Local\jethcr.exe not found. File\Folder C:\Users\amélie\AppData\Local\ngnfmfmf.dat not found. File\Folder C:\Users\amélie\AppData\Local\ngnfmfmf.bat not found. ========== COMMANDS ========== [EMPTYTEMP]

VIRUS : GENERIC DROPPER qui peut m'aider ?!

VIRUS : GENERIC DROPPER qui peut m'aider ?!

Re: VIRUS : GENERIC DROPPER qui peut m'aider ?!

Re: VIRUS : GENERIC DROPPER qui peut m'aider ?!

Re: VIRUS : GENERIC DROPPER qui peut m'aider ?!

Re: VIRUS : GENERIC DROPPER qui peut m'aider ?!

Re: VIRUS : GENERIC DROPPER qui peut m'aider ?!

Re: VIRUS : GENERIC DROPPER qui peut m'aider ?!

Re: VIRUS : GENERIC DROPPER qui peut m'aider ?!

Re: VIRUS : GENERIC DROPPER qui peut m'aider ?!

Re: VIRUS : GENERIC DROPPER qui peut m'aider ?!

Re: VIRUS : GENERIC DROPPER qui peut m'aider ?!

Re: VIRUS : GENERIC DROPPER qui peut m'aider ?!

Re: VIRUS : GENERIC DROPPER qui peut m'aider ?!

Re: VIRUS : GENERIC DROPPER qui peut m'aider ?!

Sujets similaires

Qui est en ligne