Votre question

[résolu] Pubs intempestives, besoin d'analyse d'un rapport Hijack.

Tags :
  • Sécurité
Dernière réponse : dans Sécurité et virus
19 Février 2011 14:30:51

Bonjour,

J'ai étais malveillant, un téléchargement a installé un adware a mon insus. :non: 
Je reçoit maintenant des pubs web intempestives qui ouvrent des pages Internet Explorer.

J'ai utilisé le logiciel Hijack, j'aimerais qu'un membre du forum l'analyse,

merci. :) 


Citation :
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:11:37, on 19/02/2011
Platform: Unknown Windows (WinNT 6.01.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16722)
Boot mode: Normal

Running processes:
C:\Users\Kaito\AppData\Local\Temp\Jse.exe
C:\Users\Kaito\AppData\Roaming\cacaoweb\cacaoweb.exe
C:\Program Files (x86)\RocketDock\RocketDock.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0357.1\mswinext.exe
C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
C:\Program Files (x86)\DivX\DivX Plus Web Player\DDMService.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Users\Kaito\AppData\Local\Temp\Jsd.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Users\Kaito\AppData\Local\Temp\Jsc.exe
C:\Users\Kaito\AppData\Local\Temp\Jse.exe
C:\Users\Kaito\Downloads\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
O2 - BHO: Use the DivX Plus Web Player to watch web videos with less interruptions and smoother playback on supported sites - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: MSN Toolbar BHO - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0357.1\npwinext.dll (file missing)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: MSN Toolbar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0357.1\npwinext.dll (file missing)
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [MSN Toolbar] "C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0357.1\mswinext.exe"
O4 - HKLM\..\Run: [Microsoft Default Manager] "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKLM\..\Run: [DivX Download Manager] "C:\Program Files (x86)\DivX\DivX Plus Web Player\DDmService.exe" start
O4 - HKLM\..\Run: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [cacaoweb] "C:\Users\Kaito\AppData\Roaming\cacaoweb\cacaoweb.exe" -noplayer
O4 - HKCU\..\Run: [RocketDock] "C:\Program Files (x86)\RocketDock\RocketDock.exe"
O4 - HKCU\..\Run: [Google Update] "C:\Users\Kaito\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Xftjqx] rundll32 "C:\Users\Kaito\AppData\Roaming\odbcinty.dll",Shwj
O4 - HKCU\..\Run: [CE8SIIFGSU] C:\Users\Kaito\AppData\Local\Temp\Jsc.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVICE RÉSEAU')
O4 - Startup: OneNote 2007 - Capture d'écran et lancement.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Kaito\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: Afficher ou masquer l'HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O13 - Gopher Prefix:
O15 - Trusted Zone: http://languages.supinfo.com
O15 - Trusted Zone: http://languages.supinfo.com (HKLM)
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: wampapache - Apache Software Foundation - c:\wamp\bin\apache\apache2.2.17\bin\httpd.exe
O23 - Service: wampmysqld - Unknown owner - c:\wamp\bin\mysql\mysql5.1.53\bin\mysqld.exe
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 11671 bytes

Autres pages sur : resolu pubs intempestives besoin analyse rapport hijack

19 Février 2011 15:31:42

Bonjour
Citation :
O4 - HKCU\..\Run: [Xftjqx] rundll32 "C:\Users\Kaito\AppData\Roaming\odbcinty.dll",Shwj
O4 - HKCU\..\Run: [CE8SIIFGSU] C:\Users\Kaito\AppData\Local\Temp\Jsc.exe


Télécharge MalwareByte's Anti-Malware sur ton Bureau.

  • Installe-le en double-cliquant sur le fichier Download_mbam-setup.exe.
    Une fois l'installation et la mise à jour effectuées :
  • Exécute maintenant MalwareByte's Anti-Malware. Si cela n'est pas déjà fait, sélectionne "Exécuter un examen complet".
  • Afin de lancer la recherche, clic sur"Rechercher".
  • Une fois le scan terminé, une fenêtre s'ouvre, clic sur OK. Deux possibilités s'offrent à toi :
    ~ Si le programme n'a rien trouvé, appuie sur OK. Un rapport va apparaître, ferme-le.
    ~~ Si des infections sont présentes, clic sur "Afficher les résultats" puis sur "Supprimer la sélection". Enregistre le rapport sur ton Bureau.
  • Poste ce rapport.

    REMARQUE : Si MalwareByte's Anti-Malware a besoin de redémarrer pour terminer la suppression, accepte en cliquant sur Ok.[/#f]

    Note : Si tu ne parviens à télécharger MBAM à partir de MajorGeeks, tu peux le télécharger ici!

    [#FF0000]Aide
    :
  • Comment utiliser MBAM.
    19 Février 2011 16:51:00

    Merci de la réponse,

    Voila le rapport

    Citation :

    Malwarebytes' Anti-Malware 1.50.1.1100
    www.malwarebytes.org

    Version de la base de données: 5809

    Windows 6.1.7600
    Internet Explorer 8.0.7600.16385

    19/02/2011 16:45:46
    mbam-log-2011-02-19 (16-45-46).txt

    Type d'examen: Examen complet (C:\|D:\|)
    Elément(s) analysé(s): 341874
    Temps écoulé: 50 minute(s), 37 seconde(s)

    Processus mémoire infecté(s): 4
    Module(s) mémoire infecté(s): 0
    Clé(s) du Registre infectée(s): 4
    Valeur(s) du Registre infectée(s): 1
    Elément(s) de données du Registre infecté(s): 0
    Dossier(s) infecté(s): 0
    Fichier(s) infecté(s): 12

    Processus mémoire infecté(s):
    c:\Users\Kaito\AppData\Local\Temp\Jse.exe (Trojan.Agent) -> 4916 -> Unloaded process successfully.
    c:\Users\Kaito\AppData\Local\Temp\Jse.exe (Trojan.Agent) -> 1328 -> Unloaded process successfully.
    c:\Users\Kaito\AppData\Local\Temp\Jsc.exe (Trojan.Agent) -> 2672 -> Unloaded process successfully.
    c:\Users\Kaito\AppData\Local\Temp\Jsd.exe (Trojan.Agent) -> 2660 -> Unloaded process successfully.

    Module(s) mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Clé(s) du Registre infectée(s):
    HKEY_CURRENT_USER\SOFTWARE\CE8SIIFGSU (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\NtWqIVLZEWZU (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\XML (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\ (Hijack.Zones) -> Quarantined and deleted successfully.

    Valeur(s) du Registre infectée(s):
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\CE8SIIFGSU (Trojan.Agent) -> Value: CE8SIIFGSU -> Quarantined and deleted successfully.

    Elément(s) de données du Registre infecté(s):
    (Aucun élément nuisible détecté)

    Dossier(s) infecté(s):
    (Aucun élément nuisible détecté)

    Fichier(s) infecté(s):
    c:\Users\Kaito\AppData\Local\Temp\Jse.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    c:\Users\Kaito\AppData\Local\Temp\Jsc.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    c:\Users\Kaito\AppData\Local\Temp\Jsd.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    c:\program files\Adobe\adobe photoshop cs5 (64 bit)\Keygen\keygen ps cs5 extended.exe (Malware.Packer.Gen) -> Quarantined and deleted successfully.
    c:\program files (x86)\mass effect 2\mass effect 2 keygen, crack, et infos\keygen.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
    c:\program files (x86)\Sony\keygen vegas.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
    c:\Users\Kaito\AppData\Local\Temp\Jsb.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    c:\Users\Kaito\AppData\Local\Temp\Jsf.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    c:\Users\Kaito\AppData\Local\Temp\Jsg.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    c:\Windows\Tasks\{22116563-108c-42c0-a7ce-60161b75e508}.job (Trojan.Downloader) -> Quarantined and deleted successfully.
    c:\Windows\Tasks\{62c40aa6-4406-467a-a5a5-dfdf1b559b7a}.job (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    c:\Windows\Tasks\{bbaeaeaf-1275-40e2-bd6c-bc8f88bd114a}.job (Trojan.Downloader) -> Quarantined and deleted successfully.

    Contenus similaires
    20 Février 2011 21:22:50

    Bonsoir
    Comment se comporte ton pc?

    Télécharge OTL(de OldTimer) sur ton Bureau.
  • Double-clique sur OTL pour le lancer.
  • (Sous Vista/Win7, il faut cliquer droit sur OTL et choisir Exécuter en tant qu'administrateur)
  • Une fenêtre apparaît. Dans la section Rapport en haut de cette fenêtre, coche Rapport minimal.
  • Coche également les cases à côté de Recherche Lop et Recherche Purity.
  • Enfin, clique sur le bouton Analyse. Le scan ne prendra pas beaucoup de temps.
  • Une fois l'analyse terminée, deux fenêtres vont s'ouvrir dans le Bloc-notes : OTL.txt et Extras.txt. Ils se trouvent au même endroit que OTL (donc par défaut sur le Bureau).
  • Héberge les rapports, puis donne leurs liens.
    http://www.sendspace.com/
    21 Février 2011 17:21:51

    Bonjour,

    Merci pour ton aide, je n'ai plus de problème de publicité intempestive.
    Voila quand même l'analyse OTL:

    OTL.txt
    Citation :
    OTL logfile created on: 21/02/2011 17:12:57 - Run 1
    OTL by OldTimer - Version 3.2.20.6 Folder = C:\Users\Kaito\Downloads
    64bit- An unknown product (Version = 6.1.7600) - Type = NTWorkstation
    Internet Explorer (Version = 8.0.7600.16385)
    Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy

    4,00 Gb Total Physical Memory | 3,00 Gb Available Physical Memory | 69,00% Memory free
    8,00 Gb Paging File | 7,00 Gb Available in Paging File | 83,00% Paging File free
    Paging file location(s): ?:\pagefile.sys [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
    Drive C: | 232,88 Gb Total Space | 68,23 Gb Free Space | 29,30% Space Free | Partition Type: NTFS
    Drive D: | 232,88 Gb Total Space | 152,38 Gb Free Space | 65,43% Space Free | Partition Type: NTFS

    Computer Name: KAITO-PC | User Name: Kaito | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
    Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

    ========== Processes (SafeList) ==========

    PRC - C:\Users\Kaito\Downloads\OTL.exe (OldTimer Tools)
    PRC - C:\Users\Kaito\AppData\Roaming\cacaoweb\cacaoweb.exe ()
    PRC - C:\Program Files\Alwil Software\Avast5\AvastUI.exe (AVAST Software)
    PRC - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)
    PRC - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)
    PRC - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
    PRC - C:\Program Files (x86)\DivX\DivX Plus Web Player\DDMService.exe (DivX, LLC)
    PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
    PRC - D:\Document\Autre\Mini-Prog\Txt-Helper\Txt-Helper.exe ()
    PRC - C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0357.1\mswinext.exe (Microsoft Corp.)
    PRC - C:\Program Files (x86)\RocketDock\RocketDock.exe ()


    ========== Modules (SafeList) ==========

    MOD - C:\Users\Kaito\Downloads\OTL.exe (OldTimer Tools)
    MOD - C:\Program Files\Alwil Software\Avast5\snxhk.dll (AVAST Software)
    MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll (Microsoft Corporation)


    ========== Win32 Services (SafeList) ==========

    SRV:64bit: - (avast! Antivirus) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)
    SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
    SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
    SRV - (Apple Mobile Device) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)
    SRV - (wampmysqld) -- c:\wamp\bin\mysql\mysql5.1.53\bin\mysqld.exe ()
    SRV - (wampapache) -- c:\wamp\bin\apache\apache2.2.17\bin\httpd.exe (Apache Software Foundation)
    SRV - (HPSLPSVC) -- C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL (Hewlett-Packard Co.)
    SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
    SRV - (SwitchBoard) -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
    SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)


    ========== Driver Services (SafeList) ==========

    DRV:64bit: - (aswMonFlt) -- C:\Windows\SysNative\drivers\aswMonFlt.sys (AVAST Software)
    DRV:64bit: - (sptd) -- C:\Windows\SysNative\drivers\sptd.sys ()
    DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.)
    DRV:64bit: - (NVHDA) -- C:\Windows\SysNative\drivers\nvhda64v.sys (NVIDIA Corporation)
    DRV:64bit: - (NETwNs64) ___ Pilote de carte de la série Intel(R) -- C:\Windows\SysNative\drivers\NETwNs64.sys (Intel Corporation)
    DRV:64bit: - (SynTP) -- C:\Windows\SysNative\drivers\SynTP.sys (Synaptics Incorporated)
    DRV:64bit: - (NETw5s64) Pilote de carte Intel(R) -- C:\Windows\SysNative\drivers\NETw5s64.sys (Intel Corporation)
    DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
    DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
    DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
    DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
    DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
    DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
    DRV:64bit: - (StillCam) -- C:\Windows\SysNative\drivers\serscan.sys (Microsoft Corporation)
    DRV:64bit: - (sdbus) -- C:\Windows\SysNative\drivers\sdbus.sys (Microsoft Corporation)
    DRV:64bit: - (Ntfs) -- C:\Windows\SysNative\wbem\ntfs.mof ()
    DRV:64bit: - (netw5v64) Pilote de carte de liaison WiFi sans fil Intel(R) -- C:\Windows\SysNative\drivers\netw5v64.sys (Intel Corporation)
    DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
    DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
    DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
    DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
    DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
    DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek Corporation )
    DRV:64bit: - (JMCR) -- C:\Windows\SysNative\drivers\jmcr.sys (JMicron Technology Corporation)
    DRV:64bit: - (enecir) -- C:\Windows\SysNative\drivers\enecir.sys (ENE TECHNOLOGY INC.)

    ========== Standard Registry (SafeList) ==========


    ========== Internet Explorer ==========

    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://fr.msn.com/?ocid=iehp
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = fr
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 24 1C E9 7A F6 AF CB 01 [binary data]
    IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
    IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

    ========== FireFox ==========

    FF - prefs.js..browser.startup.homepage: "http://google.fr"
    FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:4.2.0.5198
    FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
    FF - prefs.js..network.proxy.type: 0

    FF - HKLM\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011/01/09 16:24:36 | 000,000,000 | ---D | M]
    FF - HKLM\software\mozilla\Firefox\Extensions\\msntoolbar@msn.com: C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0357.1\Firefox
    FF - HKLM\software\mozilla\Firefox\Extensions\\{27182e60-b5f3-411c-b545-b44205977502}: C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension\ [2011/01/10 13:07:21 | 000,000,000 | ---D | M]
    FF - HKLM\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\html5video [2011/01/13 16:23:03 | 000,000,000 | ---D | M]
    FF - HKLM\software\mozilla\Firefox\Extensions\\{6904342A-8307-11DF-A508-4AE2DFD72085}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\wpa [2011/01/13 16:23:03 | 000,000,000 | ---D | M]
    FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011/01/09 15:38:52 | 000,000,000 | ---D | M]
    FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011/02/12 10:47:11 | 000,000,000 | ---D | M]

    [2011/01/09 15:10:27 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Kaito\AppData\Roaming\mozilla\Extensions
    [2011/01/13 16:11:19 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Kaito\AppData\Roaming\mozilla\Firefox\Profiles\or5uyr0h.default\extensions
    [2011/01/09 15:10:27 | 000,000,000 | ---D | M] ("DVDVideoSoft Menu") -- C:\Users\Kaito\AppData\Roaming\mozilla\Firefox\Profiles\or5uyr0h.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
    [2011/01/13 16:11:19 | 000,000,000 | ---D | M] (cacaoweb) -- C:\Users\Kaito\AppData\Roaming\mozilla\Firefox\Profiles\or5uyr0h.default\extensions\cacaoweb@cacaoweb.org
    [2011/02/21 16:36:14 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Kaito\AppData\Roaming\mozilla\Firefox\Profiles\yrj3i3bj.default\extensions
    [2011/02/07 09:38:16 | 000,000,000 | ---D | M] (FlashGot) -- C:\Users\Kaito\AppData\Roaming\mozilla\Firefox\Profiles\yrj3i3bj.default\extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}
    [2011/01/25 20:18:40 | 000,000,000 | ---D | M] (Speed Dial) -- C:\Users\Kaito\AppData\Roaming\mozilla\Firefox\Profiles\yrj3i3bj.default\extensions\{64161300-e22b-11db-8314-0800200c9a66}
    [2011/01/09 15:10:28 | 000,000,000 | ---D | M] ("DVDVideoSoft Menu") -- C:\Users\Kaito\AppData\Roaming\mozilla\Firefox\Profiles\yrj3i3bj.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
    [2011/01/09 15:10:28 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\Kaito\AppData\Roaming\mozilla\Firefox\Profiles\yrj3i3bj.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
    [2011/01/13 16:09:25 | 000,000,000 | ---D | M] (cacaoweb) -- C:\Users\Kaito\AppData\Roaming\mozilla\Firefox\Profiles\yrj3i3bj.default\extensions\cacaoweb@cacaoweb.org
    [2011/02/07 09:38:10 | 000,000,000 | ---D | M] (Firebug) -- C:\Users\Kaito\AppData\Roaming\mozilla\Firefox\Profiles\yrj3i3bj.default\extensions\firebug@software.joehewitt.com
    [2011/01/09 15:10:28 | 000,000,000 | ---D | M] (Personas) -- C:\Users\Kaito\AppData\Roaming\mozilla\Firefox\Profiles\yrj3i3bj.default\extensions\personas@christopher.beard
    [2011/02/19 21:31:29 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
    [2011/01/24 16:39:40 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
    [2011/02/19 21:31:29 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
    File not found (No name found) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{AB2CE124-6272-4B12-94A9-7303C7397BD1}
    File not found (No name found) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
    [2011/02/02 21:40:24 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
    [2010/12/03 19:04:57 | 000,001,516 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\amazon-france.xml
    [2010/12/03 19:04:57 | 000,001,822 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\cnrtl-tlfi-fr.xml
    [2010/12/03 19:04:57 | 000,000,757 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\eBay-france.xml
    [2010/12/03 19:04:57 | 000,001,426 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\wikipedia-fr.xml
    [2010/12/03 19:04:57 | 000,000,956 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\yahoo-france.xml

    O1 HOSTS File: ([2011/01/25 16:14:37 | 000,000,879 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
    O1 - Hosts: 127.0.0.1 localhost
    O1 - Hosts: 127.0.0.1 activate.adobe.com
    O2 - BHO: (HP Print Enhancer) - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\smart web printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
    O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
    O2 - BHO: (DivX HiQ) - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
    O2 - BHO: (MSN Toolbar BHO) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - File not found
    O2 - BHO: (HP Smart BHO Class) - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\smart web printing\hpswp_BHO.dll (Hewlett-Packard Co.)
    O3 - HKLM\..\Toolbar: (MSN Toolbar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - File not found
    O4:64bit: - HKLM..\Run: [AccelerometerSysTrayApplet] C:\Windows\SysNative\accelerometerST.exe (Hewlett-Packard Corporation)
    O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
    O4 - HKLM..\Run: [] File not found
    O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
    O4 - HKLM..\Run: [AdobeCS5ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated)
    O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software)
    O4 - HKLM..\Run: [DivX Download Manager] C:\Program Files (x86)\DivX\DivX Plus Web Player\DDmService.exe (DivX, LLC)
    O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
    O4 - HKLM..\Run: [MSN Toolbar] C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0357.1\mswinext.exe (Microsoft Corp.)
    O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
    O4 - HKCU..\Run: [cacaoweb] C:\Users\Kaito\AppData\Roaming\cacaoweb\cacaoweb.exe ()
    O4 - HKCU..\Run: [RocketDock] C:\Program Files (x86)\RocketDock\RocketDock.exe ()
    O4 - HKCU..\Run: [Xftjqx] C:\Users\Kaito\AppData\Roaming\odbcinty.dll (Microsoft Corporation)
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
    O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Kaito\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
    O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Kaito\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
    O9 - Extra Button: Afficher ou masquer l'HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\smart web printing\hpswp_BHO.dll (Hewlett-Packard Co.)
    O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
    O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
    O13 - gopher Prefix: missing
    O13 - gopher Prefix: missing
    O15 - HKLM\..Trusted Domains: supinfo.com ([languages] http in Trusted sites)
    O15 - HKCU\..Trusted Domains: supinfo.com ([languages] http in Sites de confiance)
    O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-wind... (Java Plug-in 1.6.0_24)
    O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-wind... (Java Plug-in 1.6.0_24)
    O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-wind... (Java Plug-in 1.6.0_24)
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
    O18:64bit: - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - Reg Error: Key error. File not found
    O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
    O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
    O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
    O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
    O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
    O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
    O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
    O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
    O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
    O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
    O32 - HKLM CDRom: AutoRun - 1
    O33 - MountPoints2\{6a51542c-1be8-11e0-869f-001eecacaa7c}\Shell - "" = AutoRun
    O33 - MountPoints2\{6a51542c-1be8-11e0-869f-001eecacaa7c}\Shell\AutoRun\command - "" = "G:\WD SmartWare.exe" autoplay=true
    O33 - MountPoints2\{9b0f9c3d-1c22-11e0-8f4e-001eecacaa7c}\Shell - "" = AutoRun
    O33 - MountPoints2\{9b0f9c3d-1c22-11e0-8f4e-001eecacaa7c}\Shell\AutoRun\command - "" = F:\autorun.exe -auto
    O34 - HKLM BootExecute: (autocheck autochk *) - File not found
    O35:64bit: - HKLM\..comfile [open] -- "%1" %*
    O35:64bit: - HKLM\..exefile [open] -- "%1" %*
    O35 - HKLM\..comfile [open] -- "%1" %*
    O35 - HKLM\..exefile [open] -- "%1" %*
    O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
    O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
    O37 - HKLM\...com [@ = comfile] -- "%1" %*
    O37 - HKLM\...exe [@ = exefile] -- "%1" %*

    ========== Files/Folders - Created Within 30 Days ==========

    [2011/02/19 21:31:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
    [2011/02/19 21:31:27 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe
    [2011/02/19 21:31:27 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe
    [2011/02/19 21:31:27 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe
    [2011/02/19 15:52:04 | 000,000,000 | ---D | C] -- C:\Users\Kaito\AppData\Roaming\Malwarebytes
    [2011/02/19 15:51:59 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
    [2011/02/19 15:51:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
    [2011/02/19 15:51:55 | 000,024,152 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
    [2011/02/19 15:51:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
    [2011/02/19 14:28:06 | 000,000,000 | ---D | C] -- C:\Users\Kaito\AppData\Local\{F4DF91C5-7E9F-494C-ABFF-8A99BEF27441}
    [2011/02/19 14:28:05 | 000,000,000 | ---D | C] -- C:\Users\Kaito\AppData\Local\{C0D91A22-F448-4FC7-9ACD-006F496976B0}
    [2011/02/19 12:43:07 | 000,088,576 | RHS- | C] (Microsoft Corporation) -- C:\Users\Kaito\AppData\Roaming\odbcinty.dll
    [2011/02/14 15:51:46 | 000,000,000 | ---D | C] -- C:\Users\Kaito\Documents\BioWare
    [2011/02/14 15:46:54 | 000,000,000 | ---D | C] -- C:\Windows\C5C1C0F0D62F4DBF81D4D7EF397C228B.TMP
    [2011/02/14 15:46:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Wise Installation Wizard
    [2011/02/14 15:23:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\BioWare
    [2011/02/10 09:17:54 | 000,703,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
    [2011/02/10 09:17:54 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeeds.dll
    [2011/02/10 09:17:53 | 000,482,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
    [2011/02/10 09:17:53 | 000,386,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
    [2011/02/10 09:17:53 | 000,256,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
    [2011/02/10 09:17:53 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
    [2011/02/10 09:17:53 | 000,097,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
    [2011/02/10 09:17:53 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
    [2011/02/10 09:17:53 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
    [2011/02/10 09:17:53 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
    [2011/02/10 09:17:53 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
    [2011/02/10 09:17:53 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
    [2011/02/10 09:17:38 | 000,264,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\upnp.dll
    [2011/02/10 09:17:38 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\upnp.dll
    [2011/02/10 09:17:36 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\davclnt.dll
    [2011/02/10 09:17:36 | 000,080,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\davclnt.dll
    [2011/02/10 09:17:36 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wscapi.dll
    [2011/02/10 09:17:36 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wscapi.dll
    [2011/02/10 09:17:36 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\slwga.dll
    [2011/02/10 09:17:36 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\slwga.dll
    [2011/02/10 09:17:33 | 000,852,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
    [2011/02/10 09:17:33 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
    [2011/02/10 09:17:33 | 000,612,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
    [2011/02/10 09:17:27 | 005,510,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
    [2011/02/10 09:17:26 | 003,957,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
    [2011/02/10 09:17:26 | 003,901,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
    [2011/02/10 09:17:26 | 001,739,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll
    [2011/02/10 09:17:22 | 000,214,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll
    [2011/02/10 09:17:17 | 000,265,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dxgmms1.sys
    [2011/02/10 09:17:17 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdd.dll
    [2011/02/10 09:17:14 | 000,366,080 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll
    [2011/02/10 09:17:13 | 000,294,400 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll
    [2011/02/10 09:17:13 | 000,046,080 | ---- | C] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll
    [2011/02/10 09:17:13 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll
    [2011/02/08 17:17:39 | 000,000,000 | ---D | C] -- C:\Users\Kaito\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
    [2011/02/08 17:17:39 | 000,000,000 | ---D | C] -- C:\Users\Kaito\AppData\Roaming\Adobe Mini Bridge CS5
    [2011/02/08 12:22:06 | 000,000,000 | ---D | C] -- C:\Windows\System64
    [2011/02/07 11:32:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\emu8086
    [2011/02/07 11:32:29 | 000,389,120 | ---- | C] (WinMain Software (http://www.winmain.com)) -- C:\Windows\SysWow64\cmax20.ocx
    [2011/02/07 11:32:28 | 000,000,000 | ---D | C] -- C:\emu8086
    [2011/02/03 12:04:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\InstallShield
    [2011/02/01 21:22:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
    [2011/02/01 21:22:03 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
    [2011/02/01 21:22:02 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
    [2011/02/01 20:57:25 | 000,000,000 | ---D | C] -- C:\Users\Kaito\Documents\DVDVideoSoft
    [2011/02/01 20:57:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
    [2011/02/01 20:57:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DVDVideoSoft
    [2011/01/31 15:52:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\XtremSplit
    [2011/01/27 12:05:43 | 000,000,000 | ---D | C] -- C:\Users\Kaito\Cisco Packet Tracer 5.3.1
    [2011/01/27 12:05:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cisco Packet Tracer
    [2011/01/27 12:04:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Cisco Packet Tracer 5.3.1
    [2011/01/25 16:41:36 | 000,000,000 | ---D | C] -- C:\Users\Kaito\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
    [2011/01/25 16:35:54 | 000,000,000 | ---D | C] -- C:\Users\Kaito\AppData\Local\Google
    [2011/01/25 15:39:58 | 000,000,000 | ---D | C] -- C:\Program Files\Crysis Wars
    [2011/01/24 16:40:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
    [2011/01/24 16:39:38 | 000,472,808 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\deployJava1.dll
    [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

    ========== Files - Modified Within 30 Days ==========

    [2011/02/21 16:46:42 | 000,001,024 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4103977613-2280012855-1968020031-1000Core.job
    [2011/02/21 16:40:00 | 000,001,076 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4103977613-2280012855-1968020031-1000UA.job
    [2011/02/21 10:47:26 | 000,014,976 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    [2011/02/21 10:47:26 | 000,014,976 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    [2011/02/21 10:39:45 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
    [2011/02/21 10:39:38 | 3218,837,504 | -HS- | M] () -- C:\hiberfil.sys
    [2011/02/19 12:43:07 | 000,088,576 | RHS- | M] (Microsoft Corporation) -- C:\Users\Kaito\AppData\Roaming\odbcinty.dll
    [2011/02/10 13:22:52 | 005,234,496 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
    [2011/02/06 21:21:14 | 001,549,700 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
    [2011/02/06 21:21:14 | 000,704,480 | ---- | M] () -- C:\Windows\SysNative\perfh00C.dat
    [2011/02/06 21:21:14 | 000,616,008 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
    [2011/02/06 21:21:14 | 000,130,754 | ---- | M] () -- C:\Windows\SysNative\perfc00C.dat
    [2011/02/06 21:21:14 | 000,106,388 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
    [2011/02/02 21:40:39 | 000,157,472 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe
    [2011/02/02 21:40:38 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe
    [2011/02/02 21:40:36 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe
    [2011/02/02 21:40:23 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\deployJava1.dll
    [2011/02/01 21:22:31 | 000,001,783 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
    [2011/01/27 12:05:43 | 000,000,340 | ---- | M] () -- C:\Users\Kaito\.packettracer
    [2011/01/26 07:53:10 | 000,265,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dxgmms1.sys
    [2011/01/26 07:31:20 | 000,144,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\cdd.dll
    [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

    ========== Files Created - No Company Name ==========

    [2011/02/01 21:22:31 | 000,001,783 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
    [2011/01/25 16:35:56 | 000,001,076 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4103977613-2280012855-1968020031-1000UA.job
    [2011/01/25 16:35:55 | 000,001,024 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4103977613-2280012855-1968020031-1000Core.job
    [2011/01/09 16:18:44 | 000,001,301 | ---- | C] () -- C:\ProgramData\hpzinstall.log
    [2009/07/14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
    [2009/07/13 22:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll

    ========== LOP Check ==========

    [2011/02/06 10:15:55 | 000,000,000 | ---D | M] -- C:\Users\Kaito\AppData\Roaming\cacaoweb
    [2011/01/09 15:10:19 | 000,000,000 | ---D | M] -- C:\Users\Kaito\AppData\Roaming\DAEMON Tools Lite
    [2011/02/01 20:57:29 | 000,000,000 | ---D | M] -- C:\Users\Kaito\AppData\Roaming\DVDVideoSoftIEHelpers
    [2010/06/25 19:28:48 | 000,000,000 | ---D | M] -- C:\Users\Kaito\AppData\Roaming\GetRightToGo
    [2011/01/13 16:23:05 | 000,000,000 | ---D | M] -- C:\Users\Kaito\AppData\Roaming\Local
    [2011/01/10 14:45:03 | 000,000,000 | ---D | M] -- C:\Users\Kaito\AppData\Roaming\Notepad++
    [2011/01/09 15:10:28 | 000,000,000 | ---D | M] -- C:\Users\Kaito\AppData\Roaming\PhotoFiltre Studio X
    [2011/01/09 15:10:28 | 000,000,000 | ---D | M] -- C:\Users\Kaito\AppData\Roaming\Publish Providers
    [2011/01/20 10:05:24 | 000,000,000 | ---D | M] -- C:\Users\Kaito\AppData\Roaming\Rovio
    [2011/01/09 15:10:28 | 000,000,000 | ---D | M] -- C:\Users\Kaito\AppData\Roaming\SFR
    [2011/01/09 15:10:32 | 000,000,000 | ---D | M] -- C:\Users\Kaito\AppData\Roaming\Sony
    [2011/02/08 17:17:39 | 000,000,000 | ---D | M] -- C:\Users\Kaito\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
    [2011/01/09 15:10:32 | 000,000,000 | ---D | M] -- C:\Users\Kaito\AppData\Roaming\Thunderbird
    [2011/01/11 21:22:44 | 000,000,000 | ---D | M] -- C:\Users\Kaito\AppData\Roaming\uTorrent
    [2009/07/14 06:08:49 | 000,030,958 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

    ========== Purity Check ==========

    < End of report >



    Citation :
    OTL Extras logfile created on: 21/02/2011 17:12:57 - Run 1
    OTL by OldTimer - Version 3.2.20.6 Folder = C:\Users\Kaito\Downloads
    64bit- An unknown product (Version = 6.1.7600) - Type = NTWorkstation
    Internet Explorer (Version = 8.0.7600.16385)
    Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy

    4,00 Gb Total Physical Memory | 3,00 Gb Available Physical Memory | 69,00% Memory free
    8,00 Gb Paging File | 7,00 Gb Available in Paging File | 83,00% Paging File free
    Paging file location(s): ?:\pagefile.sys [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
    Drive C: | 232,88 Gb Total Space | 68,23 Gb Free Space | 29,30% Space Free | Partition Type: NTFS
    Drive D: | 232,88 Gb Total Space | 152,38 Gb Free Space | 65,43% Space Free | Partition Type: NTFS

    Computer Name: KAITO-PC | User Name: Kaito | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
    Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

    ========== Extra Registry (SafeList) ==========


    ========== File Associations ==========

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
    .url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
    .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

    [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
    .html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

    ========== Shell Spawning ==========

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
    batfile [open] -- "%1" %* File not found
    cmdfile [open] -- "%1" %* File not found
    comfile [open] -- "%1" %* File not found
    exefile [open] -- "%1" %* File not found
    helpfile [open] -- Reg Error: Key error.
    inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
    InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
    InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
    piffile [open] -- "%1" %* File not found
    regfile [merge] -- Reg Error: Key error.
    scrfile [config] -- "%1" File not found
    scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l File not found
    scrfile [open] -- "%1" /S File not found
    txtfile [edit] -- Reg Error: Key error.
    Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
    Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
    Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe "%L" File not found
    Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
    Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
    Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Folder [explore] -- Reg Error: Value error.
    Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
    batfile [open] -- "%1" %*
    cmdfile [open] -- "%1" %*
    comfile [open] -- "%1" %*
    cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
    exefile [open] -- "%1" %*
    helpfile [open] -- Reg Error: Key error.
    inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
    piffile [open] -- "%1" %*
    regfile [merge] -- Reg Error: Key error.
    scrfile [config] -- "%1"
    scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
    scrfile [open] -- "%1" /S
    txtfile [edit] -- Reg Error: Key error.
    Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
    Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
    Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe "%L"
    Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
    Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
    Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Folder [explore] -- Reg Error: Value error.
    Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

    ========== Security Center Settings ==========

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
    "cval" = 1

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
    "VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
    "AntiVirusOverride" = 0
    "AntiSpywareOverride" = 0
    "FirewallOverride" = 0

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

    ========== Firewall Settings ==========

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
    "DisableNotifications" = 0
    "EnableFirewall" = 1

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
    "DisableNotifications" = 0
    "EnableFirewall" = 1

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
    "DisableNotifications" = 0
    "EnableFirewall" = 1

    ========== Authorized Applications List ==========


    ========== HKEY_LOCAL_MACHINE Uninstall List ==========

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
    "{1E9FC118-651D-4934-97BE-E53CAE5C7D45}" = Microsoft_VC80_MFCLOC_x86_x64
    "{3D3E663D-4E7E-4577-A560-7ECDDD45548A}" = PVSonyDll
    "{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}" = Microsoft_VC80_CRT_x86_x64
    "{48C0866E-57EB-444C-8371-8E4321066BC3}" = Network64
    "{4B5F58F7-C7D1-3CE3-9B37-B657F0852643}" = Microsoft .NET Framework 4 Client Profile FRA Language Pack
    "{69807F90-AB87-400B-B02E-E96CB80A1B49}" = HP 3D DriveGuard
    "{6BFAB6C1-6D46-46DB-A538-A269907C9F2F}" = Network64
    "{77B8B4A5-EE79-4907-A318-2DA86325B8D7}" = iTunes
    "{8557397C-A42D-486F-97B3-A2CBC2372593}" = Microsoft_VC90_ATL_x86_x64
    "{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
    "{90120000-002A-040C-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (French) 2007
    "{925D058B-564A-443A-B4B2-7E90C6432E55}" = Microsoft_VC80_ATL_x86_x64
    "{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}" = Microsoft_VC90_CRT_x86_x64
    "{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
    "{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}" = Microsoft_VC90_MFC_x86_x64
    "{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Panneau de configuration NVIDIA 260.99
    "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Pilote graphique 260.99
    "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Logiciel système PhysX 260.99
    "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA Pilote audio HD : 1.1.9.0
    "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
    "{C1164ED0-EF08-4B0B-8084-3BDAEAAEFD8D}" = HP Photosmart Prem C410 All-In-One Driver Software 14.0 Rel. 7
    "{C788B026-20BD-4E96-B698-533F1D6C5013}" = 64 Bit HP CIO Components Installer
    "{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}" = Microsoft_VC80_MFC_x86_x64
    "{D07A61E5-A59C-433C-BCBD-22025FA2287B}" = Windows Live Language Selector
    "{E4F5E48E-7155-4CF9-88CD-7F377EC9AC54}" = Bonjour
    "{E5C95CA5-4565-4B9D-97ED-05088D775614}" = Apple Mobile Device Support
    "{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
    "HP Imaging Device Functions" = HP Imaging Device Functions 14.0
    "HP Smart Web Printing" = HP Smart Web Printing 4.60
    "HP Solution Center & Imaging Support Tools" = HP Solution Center 14.0
    "HPExtendedCapabilities" = HP Customer Participation Program 14.0
    "HPOCR" = OCR Software by I.R.I.S. 14.0
    "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
    "Microsoft .NET Framework 4 Client Profile FRA Language Pack" = Module linguistique Microsoft .NET Framework 4 Client Profile FRA
    "Shop for HP Supplies" = Shop for HP Supplies
    "SynTPDeinstKey" = Synaptics Pointing Device Driver

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
    "{05E379CC-F626-4E7D-8354-463865B303BF}" = Windows Live UX Platform Language Pack
    "{06A1D88C-E102-4527-AF70-29FFD7AF215A}" = Scan
    "{06E6E30D-B498-442F-A943-07DE41D7F785}" = Microsoft Search Enhancement Pack
    "{08234a0d-cf39-4dca-99f0-0c5cb496da81}" = MSN Toolbar
    "{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
    "{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
    "{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}" = Adobe Community Help
    "{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
    "{1458BB78-1DC5-4BC0-B9A3-2B644F5A8105}" = DeviceDiscovery
    "{150B6201-E9E6-4DFB-960E-CCBD53FBDDED}" = HPProductAssistant
    "{1BBD8D70-721A-41AD-AC8F-7308A0C8FA92}" = Adobe Creative Suite 5 Master Collection
    "{1DDDFDF2-4A92-4E77-959F-59D196B99C0C}" = C410
    "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
    "{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
    "{26604C7E-A313-4D12-867F-7C6E7820BE4C}" = JMicron JMB38X Flash Media Controller Driver
    "{26A24AE4-039D-4CA4-87B4-2F83216023FF}" = Java(TM) 6 Update 24
    "{292F0F52-B62D-4E71-921B-89A682402201}" = Toolbox
    "{34319F1F-7CF2-4CC9-B357-1AE7D2FF3AC5}" = Windows Live
    "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
    "{52B65911-1559-4ED5-9461-46957FDD48CD}" = Borderlands
    "{565E7B0E-B76B-4EAD-9753-F1E72A5CF12E}" = HPAppStudio
    "{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
    "{58E65E96-6649-4CBE-9382-35326D694E6F}" = MSN Toolbar Platform
    "{5B025634-7D5B-4B8D-BE2A-7943C1CF2D5D}" = Status
    "{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
    "{6057E21C-ABE9-4059-AE3E-3BEB9925E660}" = Windows Live Messenger
    "{61BEA823-ECAF-49F1-8378-A59B3B8AD247}" = Microsoft Default Manager
    "{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
    "{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
    "{74DC0593-6BC6-4001-AD5F-D810AFB68D86}" = HP Update
    "{75D84EF7-0D8C-4e70-B3FA-7B42A5D4E0EB}" = Mass Effect 2
    "{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
    "{846B5DED-DC8C-4E1A-B5B4-9F5B39A0CACE}" = HPDiagnosticAlert
    "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
    "{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
    "{8EE94FD8-5F52-4463-A340-185D16328158}" = WebReg
    "{8FF6F5CA-4E30-4E3B-B951-204CAAA2716A}" = SmartWebPrinting
    "{90120000-0015-040C-0000-0000000FF1CE}" = Microsoft Office Access MUI (French) 2007
    "{90120000-0015-040C-0000-0000000FF1CE}_ENTERPRISE_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
    "{90120000-0016-040C-0000-0000000FF1CE}" = Microsoft Office Excel MUI (French) 2007
    "{90120000-0016-040C-0000-0000000FF1CE}_ENTERPRISE_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
    "{90120000-0018-040C-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (French) 2007
    "{90120000-0018-040C-0000-0000000FF1CE}_ENTERPRISE_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
    "{90120000-0019-040C-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (French) 2007
    "{90120000-0019-040C-0000-0000000FF1CE}_ENTERPRISE_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
    "{90120000-001A-040C-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (French) 2007
    "{90120000-001A-040C-0000-0000000FF1CE}_ENTERPRISE_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
    "{90120000-001B-040C-0000-0000000FF1CE}" = Microsoft Office Word MUI (French) 2007
    "{90120000-001B-040C-0000-0000000FF1CE}_ENTERPRISE_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
    "{90120000-001F-0401-0000-0000000FF1CE}" = Microsoft Office Proof (Arabic) 2007
    "{90120000-001F-0401-0000-0000000FF1CE}_ENTERPRISE_{14809F99-C601-4D4A-9391-F1E8FAA964C5}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
    "{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
    "{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
    "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
    "{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
    "{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
    "{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
    "{90120000-001F-0413-0000-0000000FF1CE}" = Microsoft Office Proof (Dutch) 2007
    "{90120000-001F-0413-0000-0000000FF1CE}_ENTERPRISE_{D66D5A44-E480-4BA4-B4F2-C554F6B30EBB}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
    "{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
    "{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISE_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
    "{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{E64BA721-2310-4B55-BE5A-2925F9706192}" = Microsoft Office 2007 Service Pack 2 (SP2)
    "{90120000-002A-040C-1000-0000000FF1CE}_ENTERPRISE_{B165D3C2-40AE-4D39-86F7-E5C87C4264C0}" = Microsoft Office 2007 Service Pack 2 (SP2)
    "{90120000-002C-040C-0000-0000000FF1CE}" = Microsoft Office Proofing (French) 2007
    "{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
    "{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
    "{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
    "{90120000-0044-040C-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (French) 2007
    "{90120000-0044-040C-0000-0000000FF1CE}_ENTERPRISE_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
    "{90120000-006E-040C-0000-0000000FF1CE}" = Microsoft Office Shared MUI (French) 2007
    "{90120000-006E-040C-0000-0000000FF1CE}_ENTERPRISE_{B165D3C2-40AE-4D39-86F7-E5C87C4264C0}" = Microsoft Office 2007 Service Pack 2 (SP2)
    "{90120000-00A1-040C-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (French) 2007
    "{90120000-00A1-040C-0000-0000000FF1CE}_ENTERPRISE_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
    "{90120000-00BA-040C-0000-0000000FF1CE}" = Microsoft Office Groove MUI (French) 2007
    "{90120000-00BA-040C-0000-0000000FF1CE}_ENTERPRISE_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
    "{9294F169-72EE-4D74-AE92-CA25F64B4FF8}" = Fax
    "{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
    "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
    "{9B362566-EC1B-4700-BB9C-EC661BDE2175}" = DocProc
    "{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
    "{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
    "{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
    "{AC35A885-0F8F-4857-B7DA-6E8DFB43E6B3}" = HPSSupply
    "{AC76BA86-7AD7-1036-7B44-AA0000000001}" = Adobe Reader X (10.0.1) - Français
    "{B7B3E9B3-FB14-4927-894B-E9124509AF5A}" = Adobe Flash Player 10 ActiveX
    "{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}" = NVIDIA PhysX
    "{BB3447F6-9553-4AA9-960E-0DB5310C5779}" = GPBaseService2
    "{BC5DD87B-0143-4D14-AAE6-97109614DC6B}" = SolutionCenter
    "{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations
    "{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
    "{C893D8C0-1BA0-4517-B11C-E89B65E72F70}" = Windows Live Photo Common
    "{CAE4213F-F797-439D-BD9E-79B71D115BE3}" = HPPhotoGadget
    "{CD31E63D-47FD-491C-8117-CF201D0AFAB5}" = TrayApp
    "{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
    "{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
    "{D360FA88-17C8-4F14-B67F-13AAF9607B12}" = MarketResearch
    "{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
    "{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
    "{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
    "{E517094C-06B6-419F-8FFD-EF4F57972130}" = QuickTransfer
    "{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
    "{EE6097DD-05F4-4178-9719-D3170BF098E8}" = Apple Application Support
    "{F217D8AF-965B-4D3E-8F14-AC47B9CA535B}" = PS_AIO_07_C410_SW_Min
    "{FA0FF682-CC70-4C57-93CD-E276F3E7537E}" = BufferChm
    "Adobe AIR" = Adobe AIR
    "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
    "AuralogComponentsUninstall9.exe" = AuralogComponentsUninstall9
    "avast5" = avast! Free Antivirus
    "chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
    "Cisco Packet Tracer 5.3.1_is1" = Cisco Packet Tracer 5.3.1
    "DivX Setup.divx.com" = Configuration DivX
    "emu8086 microprocessor emulator_is1" = emu8086 microprocessor emulator
    "ENTERPRISE" = Microsoft Office Enterprise 2007
    "Free Audio CD Burner_is1" = Free Audio CD Burner version 1.4.7
    "Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.9.32
    "HijackThis" = HijackThis 2.0.2
    "Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
    "Mozilla Firefox (3.6.13)" = Mozilla Firefox (3.6.13)
    "Notepad++" = Notepad++
    "RocketDock_is1" = RocketDock 1.3.5
    "Uninstall_is1" = Uninstall 1.0.0.1
    "VLC media player" = VLC media player 1.1.6
    "WampServer 2_is1" = WampServer 2.1
    "WinLiveSuite" = Windows Live
    "WinRAR archiver" = Logiciel d'archivage WinRAR

    ========== HKEY_CURRENT_USER Uninstall List ==========

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "Google Chrome" = Google Chrome

    ========== Last 10 Event Log Errors ==========

    [ Application Events ]
    Error - 17/02/2011 12:56:57 | Computer Name = Kaito-PC | Source = Application Hang | ID = 1002
    Description = Le programme firefox.exe version 1.9.2.3989 a cessé d’interagir avec
    Windows et a été fermé. Pour déterminer si des informations supplémentaires sont
    disponibles, consultez l’historique du problème dans le Centre de maintenance. ID
    de processus : 11f8 Heure de début : 01cbcec3984b2c52 Heure de fin : 9 Chemin d’accès
    de l’application : C:\Program Files (x86)\Mozilla Firefox\firefox.exe ID de rapport
    : ebab3594-3ab6-11e0-845d-001eecacaa7c

    Error - 17/02/2011 12:57:21 | Computer Name = Kaito-PC | Source = Application Hang | ID = 1002
    Description = Le programme firefox.exe version 1.9.2.3989 a cessé d’interagir avec
    Windows et a été fermé. Pour déterminer si des informations supplémentaires sont
    disponibles, consultez l’historique du problème dans le Centre de maintenance. ID
    de processus : d04 Heure de début : 01cbcec3b0d39798 Heure de fin : 12 Chemin d’accès
    de l’application : C:\Program Files (x86)\Mozilla Firefox\firefox.exe ID de rapport
    : fa66a27d-3ab6-11e0-845d-001eecacaa7c

    Error - 17/02/2011 12:57:58 | Computer Name = Kaito-PC | Source = Application Hang | ID = 1002
    Description = Le programme firefox.exe version 1.9.2.3989 a cessé d’interagir avec
    Windows et a été fermé. Pour déterminer si des informations supplémentaires sont
    disponibles, consultez l’historique du problème dans le Centre de maintenance. ID
    de processus : 4d0 Heure de début : 01cbcec3bf10f908 Heure de fin : 15 Chemin d’accès
    de l’application : C:\Program Files (x86)\Mozilla Firefox\firefox.exe ID de rapport
    : 103b0731-3ab7-11e0-845d-001eecacaa7c

    Error - 17/02/2011 13:02:49 | Computer Name = Kaito-PC | Source = Application Hang | ID = 1002
    Description = Le programme firefox.exe version 1.9.2.3989 a cessé d’interagir avec
    Windows et a été fermé. Pour déterminer si des informations supplémentaires sont
    disponibles, consultez l’historique du problème dans le Centre de maintenance. ID
    de processus : ab0 Heure de début : 01cbcec3d4d2bfd6 Heure de fin : 13 Chemin d’accès
    de l’application : C:\Program Files (x86)\Mozilla Firefox\firefox.exe ID de rapport
    : bde30042-3ab7-11e0-845d-001eecacaa7c

    Error - 17/02/2011 13:03:25 | Computer Name = Kaito-PC | Source = Application Hang | ID = 1002
    Description = Le programme firefox.exe version 1.9.2.3989 a cessé d’interagir avec
    Windows et a été fermé. Pour déterminer si des informations supplémentaires sont
    disponibles, consultez l’historique du problème dans le Centre de maintenance. ID
    de processus : 128c Heure de début : 01cbcec48337ca1c Heure de fin : 9 Chemin d’accès
    de l’application : C:\Program Files (x86)\Mozilla Firefox\firefox.exe ID de rapport
    : d3580580-3ab7-11e0-845d-001eecacaa7c

    Error - 17/02/2011 13:03:41 | Computer Name = Kaito-PC | Source = Application Hang | ID = 1002
    Description = Le programme firefox.exe version 1.9.2.3989 a cessé d’interagir avec
    Windows et a été fermé. Pour déterminer si des informations supplémentaires sont
    disponibles, consultez l’historique du problème dans le Centre de maintenance. ID
    de processus : 105c Heure de début : 01cbcec498e7b657 Heure de fin : 10 Chemin d’accès
    de l’application : C:\Program Files (x86)\Mozilla Firefox\firefox.exe ID de rapport
    : dc6de62f-3ab7-11e0-845d-001eecacaa7c

    Error - 17/02/2011 16:12:11 | Computer Name = Kaito-PC | Source = SideBySide | ID = 16842815
    Description = La création du contexte d’activation a échoué pour « C:\Program Files
    (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll ». Erreur dans le fichier
    de manifeste ou de stratégie « C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe
    AIR.dll » à la ligne 3. La valeur « MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR »
    de l’attribut « version » de l’élément « assemblyIdentity » n’est pas valide.

    Error - 18/02/2011 16:35:04 | Computer Name = Kaito-PC | Source = SideBySide | ID = 16842815
    Description = La création du contexte d’activation a échoué pour « C:\Program Files
    (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll ». Erreur dans le fichier
    de manifeste ou de stratégie « C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe
    AIR.dll » à la ligne 3. La valeur « MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR »
    de l’attribut « version » de l’élément « assemblyIdentity » n’est pas valide.

    Error - 19/02/2011 12:06:16 | Computer Name = Kaito-PC | Source = Application Error | ID = 1000
    Description = Nom de l’application défaillante MassEffect2.exe, version : 1.0.1593.2,
    horodatage : 0x4b2845cd Nom du module défaillant : kernel32.dll, version : 6.1.7600.16385,
    horodatage : 0x4a5bdbde Code d’exception : 0xc0000005 Décalage d’erreur : 0x0001135d
    ID
    du processus défaillant : 0xea0 Heure de début de l’application défaillante : 0x01cbd04ebe09d5e1
    Chemin
    d’accès de l’application défaillante : C:\Program Files (x86)\Mass Effect 2\Binaries\MassEffect2.exe
    Chemin
    d’accès du module défaillant: C:\Windows\syswow64\kernel32.dll ID de rapport : 2db246a7-3c42-11e0-b23d-001eecacaa7c

    Error - 20/02/2011 09:32:01 | Computer Name = Kaito-PC | Source = SideBySide | ID = 16842815
    Description = La création du contexte d’activation a échoué pour « C:\Program Files
    (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll ». Erreur dans le fichier
    de manifeste ou de stratégie « C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe
    AIR.dll » à la ligne 3. La valeur « MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR »
    de l’attribut « version » de l’élément « assemblyIdentity » n’est pas valide.

    [ System Events ]
    Error - 20/02/2011 15:44:52 | Computer Name = Kaito-PC | Source = Service Control Manager | ID = 7000
    Description = Le service Process creation detector for NT. n’a pas pu démarrer en
    raison de l’erreur : %%2

    Error - 20/02/2011 15:45:02 | Computer Name = Kaito-PC | Source = Service Control Manager | ID = 7000
    Description = Le service Process creation detector for NT. n’a pas pu démarrer en
    raison de l’erreur : %%2

    Error - 20/02/2011 15:47:15 | Computer Name = Kaito-PC | Source = Service Control Manager | ID = 7000
    Description = Le service Process creation detector for NT. n’a pas pu démarrer en
    raison de l’erreur : %%2

    Error - 20/02/2011 15:48:04 | Computer Name = Kaito-PC | Source = Service Control Manager | ID = 7000
    Description = Le service Process creation detector for NT. n’a pas pu démarrer en
    raison de l’erreur : %%2

    Error - 20/02/2011 15:48:55 | Computer Name = Kaito-PC | Source = Service Control Manager | ID = 7000
    Description = Le service Process creation detector for NT. n’a pas pu démarrer en
    raison de l’erreur : %%2

    Error - 20/02/2011 18:56:02 | Computer Name = Kaito-PC | Source = DCOM | ID = 10005
    Description =

    Error - 20/02/2011 18:56:02 | Computer Name = Kaito-PC | Source = Service Control Manager | ID = 7038
    Description = Le service upnphost n’a pas pu ouvrir de session en tant que NT AUTHORITY\LocalService
    avec le mot de passe actuellement configuré en raison de l’erreur suivante : %%50

    Pour
    vous assurer que le service est configuré correctement, utilisez le composant logiciel
    enfichable Services dans Microsoft Management Console (MMC).

    Error - 20/02/2011 18:56:02 | Computer Name = Kaito-PC | Source = Service Control Manager | ID = 7000
    Description = Le service Hôte de périphérique UPnP n’a pas pu démarrer en raison
    de l’erreur : %%1069

    Error - 21/02/2011 05:47:46 | Computer Name = Kaito-PC | Source = Service Control Manager | ID = 7000
    Description = Le service Process creation detector for NT. n’a pas pu démarrer en
    raison de l’erreur : %%2

    Error - 21/02/2011 05:48:01 | Computer Name = Kaito-PC | Source = Service Control Manager | ID = 7000
    Description = Le service Process creation detector for NT. n’a pas pu démarrer en
    raison de l’erreur : %%2


    < End of report >



    Edit: Oups désolé du pavé, si j'ai plus de temps je les hébergerais.
    24 Février 2011 21:04:17

    Bonsoir
    encore une bricole...


  • Double-clique sur OTL pour le lancer.
    (Sous Vista/Win7, il faut cliquer droit sur OTL et choisir Exécuter en tant qu'administrateur)
  • Sous l'onglet Personnalisation (dans le cadre blanc) en bas de la fenêtre, copie-colle le texte suivant (entre les deux espaces) :

    :OTL
    O4 - HKCU..\Run: [Xftjqx] C:\Users\Kaito\AppData\Roaming\odbcinty.dll (Microsoft Corporation)
    :files
    C:\Users\Kaito\AppData\Roaming\odbcinty.dll
    :commands
    [emptytemp]
    [reboot]

  • Puis clique sur le bouton Correction en haut de la fenêtre.
  • Laisse le programme travailler, redémarre une fois le fix terminé.
  • Poste le rapport qui s'affichera après redémarrage.


    +++++++++++++++++++

    25 Février 2011 01:30:09

    Merci Sham_Rock !
    25 Février 2011 12:00:15

    Bonjour
    tu as changé de pseudo?

    j'attends ton rapport. :D 
    25 Février 2011 15:17:10

    Bonjour

    Non, mais j'ai eu exactement le même souci que _Yoyo_ ... :ange: 
    26 Février 2011 14:33:37

    Bonjour, ^^

    Voila le rapport :

    Citation :
    All processes killed
    ========== OTL ==========
    Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Xftjqx deleted successfully.
    File C:\Users\Kaito\AppData\Roaming\odbcinty.dll not found.
    ========== FILES ==========
    File\Folder C:\Users\Kaito\AppData\Roaming\odbcinty.dll not found.
    ========== COMMANDS ==========

    [EMPTYTEMP]

    User: All Users

    User: Default
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 33170 bytes
    ->Flash cache emptied: 41620 bytes

    User: Default User
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 0 bytes
    ->Flash cache emptied: 0 bytes

    User: Kaito
    ->Temp folder emptied: 2290426710 bytes
    ->Temporary Internet Files folder emptied: 216937942 bytes
    ->Java cache emptied: 0 bytes
    ->FireFox cache emptied: 116528303 bytes
    ->Google Chrome cache emptied: 6660848 bytes
    ->Flash cache emptied: 3001872 bytes

    User: Public

    %systemdrive% .tmp files removed: 0 bytes
    %systemroot% .tmp files removed: 200704 bytes
    %systemroot%\System32 .tmp files removed: 0 bytes
    %systemroot%\System32 (64bit) .tmp files removed: 0 bytes
    %systemroot%\System32\drivers .tmp files removed: 0 bytes
    Windows Temp folder emptied: 25610235 bytes
    %systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 68044 bytes
    RecycleBin emptied: 0 bytes

    Total Files Cleaned = 2 536,00 mb


    OTL by OldTimer - Version 3.2.22.0 log created on 02262011_142715

    Files\Folders moved on Reboot...
    C:\Users\Kaito\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
    File move failed. C:\Windows\temp\_avast5_\Webshlock.txt scheduled to be moved on reboot.

    Registry entries deleted on Reboot...
    27 Février 2011 11:11:46

    Bonjour


    Supprime/Désinstalle tous les programmes utilisés pour la désinfection.
    (mais garde Malwarebytes' Anti-Malware pour faire des scan réguliers (en n'omettant pas de le mettre à jour)

    Merci de consulter ce dossier (en pdf) pour en connaître davantage sur les risques du Net.



    Si tu trouves ce document intéressant, n'hésite pas à le transmettre à tes contacts.

    Si tu en as assez d'être assailli de publicités durant ta navigation, installe Firefox sécurisé avec les extensions noscript et AdBlock Plus.

    Lire aussi:
  • Antispyware gratuit : ça sert à rien!


    ~Clique, sur ton premier message, sur le bouton "Editer" et marque [résolu] dans le titre.

    Clique ensuite sur "Valider votre message"

    Si ton nom de session correspond à ton véritable nom, tu as la possibilité de le changer en éditant tes posts.

    :hello: 

    +++
    27 Février 2011 12:23:19

    Salut,

    Je te remerci vraiment pour ton aide gratuite et efficace.
    C'est sympa de voir qu'il y a des gens qui prennent du temps pour aider les autres. ^^

    J'avais déjà fais un petit tour sur votre site, sur "les risques du Net", c'est assez instructif. :) 


    Byebye, je vais encore parcourir un peu le forum. ^^


    28 Février 2011 15:26:54

    Bon surf
    :hello: 
    Tom's guide dans le monde
    • Allemagne
    • Italie
    • Irlande
    • Royaume Uni
    • Etats Unis
    Suivre Tom's Guide
    Inscrivez-vous à la Newsletter
    • ajouter à twitter
    • ajouter à facebook
    • ajouter un flux RSS