Sujet Précédent Sujet Suivant

Probleme avec mon pc: outbound et bk-coretag.js

Fermé
micka2712 Messages postés 3 Date d'inscription samedi 29 novembre 2014 Statut Membre Dernière intervention 29 novembre 2014 - 29 nov. 2014 à 16:37
Malekal_morte- Messages postés 180304 Date d'inscription mercredi 17 mai 2006 Statut Modérateur, Contributeur sécurité Dernière intervention 15 décembre 2020 - 29 nov. 2014 à 16:43
bonjour
j'ai un énorme souci j'ai des fenêtre qui s'ouvre constamment outbound avec malware et fichier bk-coretag.js quelqu'un pour m'aider svp
apres examun avec OTL j'ai:

OTL logfile created on: 29/11/2014 10:56:05 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\micka1208\Downloads
Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17420)
Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy

1,50 Gb Total Physical Memory | 0,37 Gb Available Physical Memory | 24,74% Memory free
3,00 Gb Paging File | 1,12 Gb Available in Paging File | 37,43% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 29,99 Gb Total Space | 1,86 Gb Free Space | 6,19% Space Free | Partition Type: NTFS
Drive D: | 111,24 Gb Total Space | 63,51 Gb Free Space | 57,09% Space Free | Partition Type: NTFS

Computer Name: MICKA1208-PC | User Name: micka1208 | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Processes (SafeList) ==========/color

PRC - [2014/11/29 10:54:53 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\micka1208\Downloads\OTL.exe
PRC - [2014/10/31 21:14:15 | 000,230,792 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Update\1.3.25.5\GoogleCrashHandler.exe
PRC - [2014/10/22 05:05:02 | 000,854,344 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
PRC - [2014/10/01 11:09:30 | 000,968,504 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
PRC - [2014/10/01 11:09:28 | 001,871,160 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
PRC - [2014/10/01 11:09:20 | 007,229,752 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes Anti-Malware\mbam.exe
PRC - [2014/09/12 10:43:06 | 000,064,704 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2014/08/22 11:44:44 | 000,022,192 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\MsMpEng.exe
PRC - [2014/08/22 11:44:40 | 000,288,120 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\NisSrv.exe
PRC - [2014/08/22 11:41:00 | 000,974,432 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\msseces.exe
PRC - [2014/06/05 03:19:38 | 000,093,040 | ---- | M] (TomTom) -- C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
PRC - [2013/09/01 07:18:14 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2013/03/29 02:34:42 | 000,492,544 | ---- | M] (AMD) -- C:\Windows\System32\atieclxx.exe
PRC - [2013/03/29 02:34:06 | 000,219,136 | ---- | M] (AMD) -- C:\Windows\System32\atiesrxx.exe
PRC - [2011/02/25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe


[color=#E56717]========== Modules (No Company Name) ==========/color

MOD - [2014/11/13 10:28:01 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\42d9ea42c23d5a66c06135774359d019\System.Runtime.Remoting.ni.dll
MOD - [2014/10/22 05:05:00 | 014,902,600 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\38.0.2125.111\PepperFlash\pepflashplayer.dll
MOD - [2014/10/22 05:04:57 | 008,910,664 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\38.0.2125.111\pdf.dll
MOD - [2014/10/22 05:04:51 | 001,042,760 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\38.0.2125.111\libglesv2.dll
MOD - [2014/10/22 05:04:49 | 000,211,272 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\38.0.2125.111\libegl.dll
MOD - [2014/10/22 05:04:48 | 001,681,224 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\38.0.2125.111\ffmpegsumo.dll
MOD - [2014/10/17 10:35:03 | 000,253,952 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsFormsIntegra#\c4c26f1f33a5e1db0ca84721a1a0974e\WindowsFormsIntegration.ni.dll
MOD - [2014/10/17 10:34:06 | 000,221,696 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceProce#\b35194c98055b5c429f5f95a358dac19\System.ServiceProcess.ni.dll
MOD - [2014/10/17 10:27:14 | 001,801,728 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\87ec0a137819cae5fb587cbf59618f8e\System.Xaml.ni.dll
MOD - [2014/10/17 09:06:00 | 018,003,456 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\95c38a70e469751e7b002c8527afbfe2\PresentationFramework.ni.dll
MOD - [2014/10/17 09:05:00 | 011,451,904 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\6c50b16cc3600ebf737e3b106b87fef9\PresentationCore.ni.dll
MOD - [2014/10/17 09:04:51 | 013,199,872 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\046fc34e33c8a8bd43caf93791514566\System.Windows.Forms.ni.dll
MOD - [2014/10/17 08:55:24 | 005,632,512 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\d6d58d8a2343199405d3bfc4853983a5\System.Xml.ni.dll
MOD - [2014/10/17 08:54:53 | 001,014,272 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\f96568c9ba7ab7d0569bdfd8320e49c6\System.Configuration.ni.dll
MOD - [2014/10/17 08:54:10 | 007,070,720 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\bab3e2e2d66f31fa228a06c191b6bb7d\System.Core.ni.dll
MOD - [2014/10/17 08:53:42 | 001,667,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\cc082640510b78e6a0f699bbbaf8eab5\System.Drawing.ni.dll
MOD - [2014/10/17 08:53:35 | 000,595,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\53187eb0a4eb555b2ddc0e922bd7eea7\PresentationFramework.Aero.ni.dll
MOD - [2014/10/17 08:53:30 | 003,858,944 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\3f4372f5c227cffbfc9a0d3926d6281d\WindowsBase.ni.dll
MOD - [2014/10/17 08:53:14 | 009,101,824 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\6783353a6277418227e5b0e5a043049e\System.ni.dll
MOD - [2014/09/24 02:33:50 | 000,096,768 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\UIAutomationProvider\343c764ad107f134ae66afe1b45b5088\UIAutomationProvider.ni.dll
MOD - [2014/09/24 02:05:09 | 014,416,384 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\f014b1f34734c93956924e68c67ecb55\mscorlib.ni.dll


[color=#E56717]========== Services (SafeList) ==========/color

SRV - [2014/11/26 12:14:36 | 000,267,440 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014/11/06 03:59:34 | 000,102,912 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV - [2014/10/01 11:09:30 | 000,968,504 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2014/10/01 11:09:28 | 001,871,160 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2014/09/12 10:43:06 | 000,064,704 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2014/08/22 11:44:44 | 000,022,192 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV - [2014/08/22 11:44:40 | 000,288,120 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV - [2014/06/05 03:19:38 | 000,093,040 | ---- | M] (TomTom) [Auto | Running] -- C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe -- (TomTomHOMEService)
SRV - [2013/08/28 22:47:18 | 000,563,624 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2013/08/26 02:04:37 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2013/05/27 05:57:27 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)
SRV - [2013/03/29 02:34:06 | 000,219,136 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility)
SRV - [2009/07/14 02:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)


[color=#E56717]========== Driver Services (SafeList) ==========/color

DRV - File not found [Kernel | System | Stopped] -- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{B25E51AA-FA24-40F6-8A0C-FB8DA9047385}\MpKslbc7219ff.sys -- (MpKslbc7219ff)
DRV - [2014/11/29 10:46:57 | 000,114,904 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\MBAMSwissArmy.sys -- (MBAMSwissArmy)
DRV - [2014/10/01 11:11:24 | 000,051,928 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mwac.sys -- (MBAMWebAccessControl)
DRV - [2014/10/01 11:11:10 | 000,023,256 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2014/07/17 17:05:08 | 000,095,920 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\NisDrvWFP.sys -- (NisDrv)
DRV - [2014/03/17 07:07:40 | 000,016,064 | ---- | M] (Glarysoft Ltd) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\BootDefragDriver.sys -- (BootDefragDriver)
DRV - [2013/03/29 03:33:52 | 009,986,048 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (amdkmdag)
DRV - [2013/03/29 02:08:56 | 000,463,872 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmpag.sys -- (amdkmdap)
DRV - [2013/02/14 12:41:04 | 000,079,872 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AtihdW73.sys -- (AtiHDAudioService)
DRV - [2010/11/20 11:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010/11/20 10:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2009/07/14 00:45:33 | 000,083,456 | ---- | M] (Brother Industries Ltd.) [Kernel | System | Running] -- C:\Windows\System32\drivers\serial.sys -- (Serial)
DRV - [2009/07/13 23:02:52 | 000,043,008 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtnicxp.sys -- (RTL8023xp)
DRV - [2007/05/09 20:51:34 | 000,041,888 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LVUSBSta.sys -- (LVUSBSta)
DRV - [2007/05/09 20:47:00 | 001,276,832 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LV302V32.SYS -- (PID_PEPI)
DRV - [2007/05/09 20:46:48 | 000,014,112 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\lv302af.sys -- (pepifilter)


[color=#E56717]========== Standard Registry (SafeList) ==========/color


[color=#E56717]========== Internet Explorer ==========/color

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = www.google.com
IE - HKLM\..\SearchScopes,DefaultScope = {006ee092-9658-4fd6-bd8e-a21a348e59f5}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = https://www.bing.com/?scope=web&mkt=fr-FR{searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{A25AC313-DD19-4238-ACA2-401D6BEE4321}: "URL" = https://search.safefinder.com/?st=ds&q={searchTerms}


IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-841116981-2260734120-475313986-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Preserve
IE - HKU\S-1-5-21-841116981-2260734120-475313986-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = www.google.com
IE - HKU\S-1-5-21-841116981-2260734120-475313986-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = https://www.msn.com/fr-fr?ocid=iehp
IE - HKU\S-1-5-21-841116981-2260734120-475313986-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = fr
IE - HKU\S-1-5-21-841116981-2260734120-475313986-1001\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = www.google.com
IE - HKU\S-1-5-21-841116981-2260734120-475313986-1001\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = www.google.com
IE - HKU\S-1-5-21-841116981-2260734120-475313986-1001\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-841116981-2260734120-475313986-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = https://www.bing.com/?scope=web&mkt=fr-FR{searchTerms}&src=IE-SearchBox&FORM=IESR02
IE - HKU\S-1-5-21-841116981-2260734120-475313986-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


[color=#E56717]========== FireFox ==========/color

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_15_0_0_239.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.71.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.71.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.8: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.1: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)


[2014/11/26 15:26:48 | 000,000,000 | ---D | M] (No name found) -- C:\Users\micka1208\AppData\Roaming\mozilla\Extensions
[2014/08/11 12:07:21 | 000,000,000 | ---D | M] (No name found) -- C:\Users\micka1208\AppData\Roaming\mozilla\Extensions\home2@tomtom.com
[2013/08/24 16:23:40 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\mozilla firefox\extensions

[color=#E56717]========== Chrome ==========/color

CHR - default_search_provider: ()
CHR - default_search_provider: search_url =
CHR - default_search_provider: suggest_url =
CHR - plugin: Error reading preferences file
CHR - Extension: No name found = C:\Users\micka1208\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: No name found = C:\Users\micka1208\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn\0.1.1.5023_1\
CHR - Extension: No name found = C:\Users\micka1208\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: No name found = C:\Users\micka1208\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: No name found = C:\Users\micka1208\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: No name found = C:\Users\micka1208\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\

O1 HOSTS File: ([2009/06/10 22:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (no name) - {883A604D-0BB9-04D2-508C-E4DE94EA18A7} - No CLSID value found.
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O4 - HKLM..\Run: [EPSON Stylus DX3800 Series] C:\Windows\System32\spool\DRIVERS\W32X86\3\E_FATIACE.EXE (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKU\S-1-5-21-841116981-2260734120-475313986-1001..\Run: [TomTomHOME.exe] C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe (TomTom)
O4 - HKU\S-1-5-21-841116981-2260734120-475313986-1001..\Run: [uTorrent] C:\Users\micka1208\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc.)
O4 - HKU\.DEFAULT..\RunOnce: [SPReview] C:\Windows\System32\SPReview\SPReview.exe (Microsoft Corporation)
O4 - HKU\S-1-5-18..\RunOnce: [SPReview] C:\Windows\System32\SPReview\SPReview.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O13 - gopher Prefix: missing
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C5366B27-0CA8-477E-AE09-79D49F017DE7}: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C5366B27-0CA8-477E-AE09-79D49F017DE7}: NameServer = 31.168.224.106,5.135.12.52
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{56d0a334-43c2-11e4-a31d-0014856b789c}\Shell - "" = AutoRun
O33 - MountPoints2\{56d0a334-43c2-11e4-a31d-0014856b789c}\Shell\AutoRun\command - "" = J:\Startme.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (BootDefrag.exe)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========/color

[2014/11/26 14:24:16 | 000,000,000 | ---D | C] -- C:\Users\micka1208\AppData\Roaming\Store
[2014/11/26 14:21:13 | 000,000,000 | ---D | C] -- C:\Users\micka1208\Documents\Optimizer Pro
[2014/11/26 14:20:50 | 000,000,000 | ---D | C] -- C:\Program Files\ba054354-ab31-42f1-bd2a-288936d734c6
[2014/11/26 14:20:14 | 000,000,000 | ---D | C] -- C:\Users\micka1208\AppData\Local\globalUpdate
[2014/11/26 14:20:14 | 000,000,000 | ---D | C] -- C:\Program Files\globalUpdate
[2014/11/26 14:19:35 | 000,000,000 | ---D | C] -- C:\Program Files\predm
[2014/11/26 14:19:00 | 000,000,000 | ---D | C] -- C:\Users\micka1208\AppData\Local\Boxore
[2014/11/26 14:16:41 | 000,000,000 | ---D | C] -- C:\Users\micka1208\AppData\Local\TVWizard
[2014/11/26 14:11:48 | 000,000,000 | ---D | C] -- C:\ProgramData\cUmqFpOQ
[2014/11/26 14:11:28 | 000,000,000 | -HSD | C] -- C:\Users\micka1208\AppData\Local\EmieBrowserModeList
[2014/11/26 14:08:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PepperZip
[2014/11/26 14:03:04 | 000,000,000 | ---D | C] -- C:\Users\micka1208\AppData\Local\Software
[2014/11/26 14:03:04 | 000,000,000 | ---D | C] -- C:\Program Files\Software
[2014/11/13 11:42:21 | 000,000,000 | ---D | C] -- C:\Windows\rescache
[2014/11/12 08:11:05 | 000,701,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IMJP10K.DLL
[2014/11/12 08:11:03 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msxml3r.dll
[2014/11/12 08:11:01 | 000,442,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AUDIOKSE.dll
[2014/11/12 08:11:01 | 000,374,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AudioEng.dll
[2014/11/12 08:11:01 | 000,275,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EncDump.dll
[2014/11/12 08:11:01 | 000,195,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AudioSes.dll
[2014/11/12 08:10:58 | 002,379,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2014/11/12 08:10:54 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncrypt.dll
[2014/11/12 08:10:43 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\packager.dll
[2014/11/12 08:10:39 | 000,681,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\adtschema.dll
[2014/11/12 08:10:39 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msaudite.dll
[2014/11/12 08:10:24 | 000,102,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieetwcollector.exe
[2014/11/12 08:10:24 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\JavaScriptCollectionAgent.dll
[2014/11/12 08:10:24 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieetwproxystub.dll
[2014/11/12 08:10:23 | 000,683,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2014/11/12 08:10:23 | 000,667,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MsSpellCheckingFacility.exe
[2014/11/12 08:10:22 | 000,341,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2014/11/12 08:10:22 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2014/11/12 08:10:21 | 000,620,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9diag.dll
[2014/11/12 08:10:21 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2014/11/12 08:10:21 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2014/11/12 08:10:20 | 002,724,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2014/11/12 08:10:20 | 000,708,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2014/11/12 08:10:20 | 000,688,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2014/11/12 08:10:20 | 000,418,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
[2014/11/12 08:10:18 | 002,051,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2014/11/12 08:10:18 | 000,168,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll
[2014/11/12 08:10:17 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2014/11/12 08:10:16 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieetwcollectorres.dll
[2014/11/12 08:10:15 | 000,285,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
[2014/11/12 08:10:14 | 000,478,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2014/11/12 08:10:10 | 001,155,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtmlmedia.dll
[2014/11/12 08:10:09 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MshtmlDac.dll
[2014/11/12 08:09:59 | 004,298,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2014/10/31 10:44:06 | 000,000,000 | ---D | C] -- C:\Users\micka1208\Desktop\photo nokia
[2014/01/09 17:23:07 | 000,630,272 | ---- | C] (Apache Software Foundation) -- C:\Users\micka1208\bf_sch.dll
[2 C:\Program Files\*.tmp files -> C:\Program Files\*.tmp -> ]

[color=#E56717]========== Files - Modified Within 30 Days ==========/color

[2014/11/29 11:19:17 | 000,001,062 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/11/29 11:14:00 | 000,001,002 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014/11/29 11:08:06 | 000,000,912 | ---- | M] () -- C:\Windows\tasks\SoftwareUpdateTaskMachineUA.job
[2014/11/29 10:46:57 | 000,114,904 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\MBAMSwissArmy.sys
[2014/11/29 10:44:11 | 000,000,328 | ---- | M] () -- C:\Windows\tasks\GlaryInitialize 4.job
[2014/11/29 10:42:54 | 000,001,058 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/11/29 10:42:53 | 000,001,702 | ---- | M] () -- C:\Windows\tasks\CFUXXUTI.job
[2014/11/29 10:42:53 | 000,001,346 | ---- | M] () -- C:\Windows\tasks\TJ.job
[2014/11/29 10:42:02 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/11/29 10:41:52 | 1207,607,296 | -HS- | M] () -- C:\hiberfil.sys
[2014/11/29 10:41:02 | 000,010,128 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014/11/29 10:41:02 | 000,010,128 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014/11/26 15:09:18 | 000,002,287 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2014/11/26 14:34:15 | 000,001,624 | ---- | M] () -- C:\Windows\System32\${LOGFILE}
[2014/11/26 14:26:28 | 000,704,242 | ---- | M] () -- C:\Windows\System32\perfh00C.dat
[2014/11/26 14:26:28 | 000,615,810 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2014/11/26 14:26:28 | 000,130,548 | ---- | M] () -- C:\Windows\System32\perfc00C.dat
[2014/11/26 14:26:28 | 000,106,190 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2014/11/26 14:07:45 | 000,001,361 | ---- | M] () -- C:\Users\micka1208\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2014/11/26 14:07:44 | 000,002,426 | ---- | M] () -- C:\Users\micka1208\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2014/11/26 12:14:35 | 000,701,104 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2014/11/26 12:14:34 | 000,071,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2014/11/13 09:58:09 | 000,286,072 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2014/11/11 17:27:03 | 000,440,174 | ---- | M] () -- C:\Users\micka1208\Documents\doc quebec.xps
[2014/11/07 20:23:39 | 000,341,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2014/11/06 04:28:20 | 002,724,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2014/11/06 04:28:06 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieetwcollectorres.dll
[2014/11/06 04:13:36 | 000,062,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2014/11/06 04:12:44 | 000,047,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieetwproxystub.dll
[2014/11/06 04:10:58 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MshtmlDac.dll
[2014/11/06 04:04:45 | 000,047,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2014/11/06 04:03:56 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2014/11/06 04:00:56 | 000,478,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2014/11/06 03:59:36 | 000,115,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2014/11/06 03:59:34 | 000,102,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieetwcollector.exe
[2014/11/06 03:58:38 | 000,620,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jscript9diag.dll
[2014/11/06 03:51:33 | 000,667,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MsSpellCheckingFacility.exe
[2014/11/06 03:48:12 | 000,418,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
[2014/11/06 03:42:36 | 000,060,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\JavaScriptCollectionAgent.dll
[2014/11/06 03:37:58 | 000,168,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll
[2014/11/06 03:34:21 | 000,285,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
[2014/11/06 03:22:26 | 000,683,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2014/11/06 03:22:12 | 000,688,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2014/11/06 03:21:49 | 004,298,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2014/11/06 03:21:25 | 002,051,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2014/11/06 03:20:37 | 001,155,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtmlmedia.dll
[2014/11/06 02:47:17 | 000,708,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2014/10/30 12:24:45 | 000,229,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe
[2 C:\Program Files\*.tmp files -> C:\Program Files\*.tmp -> ]

[color=#E56717]========== Files Created - No Company Name ==========/color

[2014/11/26 14:33:41 | 000,001,624 | ---- | C] () -- C:\Windows\System32\${LOGFILE}
[2014/11/26 14:22:06 | 000,001,346 | ---- | C] () -- C:\Windows\tasks\TJ.job
[2014/11/26 14:20:26 | 000,001,702 | ---- | C] () -- C:\Windows\tasks\CFUXXUTI.job
[2014/11/26 14:03:29 | 000,000,912 | ---- | C] () -- C:\Windows\tasks\SoftwareUpdateTaskMachineUA.job
[2014/11/11 17:27:00 | 000,440,174 | ---- | C] () -- C:\Users\micka1208\Documents\doc quebec.xps
[2014/09/23 09:08:23 | 000,018,248 | ---- | C] () -- C:\Windows\System32\roboot.exe
[2014/09/01 09:18:44 | 000,002,086 | ---- | C] () -- C:\Users\micka1208\AppData\Roaming\TJ
[2014/09/01 09:18:44 | 000,001,248 | ---- | C] () -- C:\Users\micka1208\AppData\Roaming\CFUXXUTI
[2014/06/24 20:51:10 | 000,000,290 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2014/01/09 17:22:21 | 000,004,901 | ---- | C] () -- C:\Users\micka1208\bdist_dumb.py
[2013/08/06 17:17:03 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2013/08/06 17:11:12 | 000,204,952 | ---- | C] () -- C:\Windows\System32\ativvsvl.dat
[2013/08/06 17:11:12 | 000,157,144 | ---- | C] () -- C:\Windows\System32\ativvsva.dat
[2013/08/06 17:11:11 | 000,003,917 | ---- | C] () -- C:\Windows\System32\atipblag.dat
[2013/03/29 03:13:20 | 000,180,224 | ---- | C] () -- C:\Windows\System32\clinfo.exe
[2013/03/29 03:13:14 | 000,798,734 | ---- | C] () -- C:\Windows\System32\amdocl_ld32.exe
[2013/03/29 03:13:12 | 000,995,342 | ---- | C] () -- C:\Windows\System32\amdocl_as32.exe
[2013/03/12 06:38:22 | 000,695,006 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2013/03/04 19:52:52 | 000,230,836 | ---- | C] () -- C:\Windows\System32\ativvaxy_cik.dat
[2013/02/01 01:14:10 | 000,075,600 | ---- | C] () -- C:\Windows\System32\ativce02.dat

[color=#E56717]========== ZeroAccess Check ==========/color

[2009/07/14 05:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014/03/25 03:09:54 | 012,874,240 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/07/14 02:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

< End of report >


A voir également:

3 réponses

Réponse 1 / 3
Malekal_morte- Messages postés 180304 Date d'inscription mercredi 17 mai 2006 Statut Modérateur, Contributeur sécurité Dernière intervention 15 décembre 2020 24 651
29 nov. 2014 à 16:38
Salut,

Tu as installé des adwares et programmes parasites sur ton PC.
Voici la procédure à suivre pour les supprimer :

Commence par ceci :

Télécharge https://www.malekal.com/adwcleaner-supprimer-virus-adwares-pup/?t=33839&start= AdwCleaner ( d'Xplode ) sur ton bureau.
Sur la page d'AdwCleaner, à droite, clic sur la disquette grise avec la flèche verte pour lancer le téléchargement.
Lance AdwCleaner, clique sur [Scanner].
Le scan peux durer plusieurs minutes, patienter.
Une fois le scan terminé, clique sur [Nettoyer]

Une fois le nettoyage terminé, un rapport s'ouvrira. Copie/colle le contenu du rapport dans ta prochaine réponse par un copier/coller.
Si cela ne fonctionne pas, utilise le site http://pjjoint.malekal.com pour héberger le rapport, donne le lien du rapport dans un nouveau message.
Note : Le rapport est également sauvegardé sous C:\AdwCleaner[S1].txt


0
Réponse 2 / 3
micka2712 Messages postés 3 Date d'inscription samedi 29 novembre 2014 Statut Membre Dernière intervention 29 novembre 2014
29 nov. 2014 à 16:41
et un autre rapport avec ca:

OTL Extras logfile created on: 29/11/2014 10:56:05 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\micka1208\Downloads
Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17420)
Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy

1,50 Gb Total Physical Memory | 0,37 Gb Available Physical Memory | 24,74% Memory free
3,00 Gb Paging File | 1,12 Gb Available in Paging File | 37,43% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 29,99 Gb Total Space | 1,86 Gb Free Space | 6,19% Space Free | Partition Type: NTFS
Drive D: | 111,24 Gb Total Space | 63,51 Gb Free Space | 57,09% Space Free | Partition Type: NTFS

Computer Name: MICKA1208-PC | User Name: micka1208 | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Extra Registry (SafeList) ==========[/color]


[color=#E56717]========== File Associations ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)

[HKEY_USERS\S-1-5-21-841116981-2260734120-475313986-1001\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

[color=#E56717]========== Shell Spawning ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
http [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[color=#E56717]========== Security Center Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[color=#E56717]========== Firewall Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[color=#E56717]========== Authorized Applications List ==========[/color]


[color=#E56717]========== Vista Active Open Ports Exception List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{026E894F-5EE6-4E43-9C0E-2CBB4486EE71}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{0A086046-F7AC-4F09-9DAA-CDF86DE94E4A}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{1BFF61AA-DFA3-4B38-AA58-6524E11021E8}" = rport=10243 | protocol=6 | dir=out | app=system |
"{43335DCE-329F-4100-B8B4-0081067C0024}" = rport=137 | protocol=17 | dir=out | app=system |
"{447AEDCC-01E7-4437-9A2F-D11990FD0D76}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{4F34A0E6-D687-4C11-9F79-1D4247CC214E}" = lport=445 | protocol=6 | dir=in | app=system |
"{5A74C1A1-1459-49E9-923C-CE37DB65BDF8}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{77A07747-7E11-40B9-BD7A-83B03862D0B8}" = lport=138 | protocol=17 | dir=in | app=system |
"{80EFFFF8-C619-4373-B419-0A91E10B57AB}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{927970C1-8BF5-4301-B338-3833C1E70077}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{A258DCDA-04C5-4558-821F-2E2359791658}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{A933527B-9CD5-4F0C-869A-8427B02BE4EC}" = lport=139 | protocol=6 | dir=in | app=system |
"{C67FDDB0-B701-4DE7-B0B9-BAE89EB7AAAE}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{C92C90BC-12C7-47C9-8658-937F3484C71C}" = lport=2869 | protocol=6 | dir=in | app=system |
"{D105783D-D6AB-4A4A-905A-B52CB445F712}" = rport=445 | protocol=6 | dir=out | app=system |
"{D60D2970-0142-4448-B4E5-3250C5835AC8}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\google\chrome\application\chrome.exe |
"{D6CDDAE9-F458-4F22-849E-14AF61EACB8B}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{D7D006E9-FC4B-44A1-8B8E-3B9FF5D3D61A}" = lport=10243 | protocol=6 | dir=in | app=system |
"{D909EDCB-12DC-4533-AD69-83318AC21354}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{DA6BA44B-28C1-441E-BFD6-7886931DD91E}" = rport=138 | protocol=17 | dir=out | app=system |
"{DDD4F5AE-EB8F-4218-B982-DE5BA2F36E64}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{E573AFC8-7CCD-4C20-A4C4-D5E5958A8AFC}" = lport=137 | protocol=17 | dir=in | app=system |
"{E89777C4-7C31-46A2-8485-DBE6B443D40A}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{FFD55E6D-FC5A-4EB6-B527-B08F3CD1663A}" = rport=139 | protocol=6 | dir=out | app=system |

[color=#E56717]========== Vista Active Application Exception List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0EAF4011-9814-44A0-8485-5158DC4B13F8}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{119A085B-8EAF-44A6-8A94-E189D6FDD4F8}" = protocol=17 | dir=in | app=c:\program files\vuze\azureus.exe |
"{400BB2C1-34F7-4B6E-A6F9-131EA3AEF891}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{479995A8-ADB8-4582-8C87-D5661E309F4E}" = protocol=6 | dir=in | app=c:\users\micka1208\appdata\roaming\utorrent\utorrent.exe |
"{4A296A4E-0079-4EBC-AF97-D9D0CA7CB788}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{5060C050-6933-4B47-959F-E1797501E3F9}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{58959052-8135-41E1-9BB3-4AFB0DC7FA75}" = protocol=6 | dir=in | app=j:\steam\steam.exe |
"{59F950AF-B555-416E-B57B-68D14215A2E6}" = protocol=6 | dir=in | app=j:\steam\steamapps\common\call of duty black ops ii\t6zm.exe |
"{72B98107-0F4A-4DCB-AAA8-6344CFA870C7}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{7A377BD5-AFBC-4A56-AFC7-01CD838D49C7}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{80D17C64-B648-4636-94C3-63D6BAD82FE3}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{8170382E-A523-4C5D-BC0C-BB89A4C60728}" = protocol=17 | dir=in | app=j:\steam\steamapps\common\call of duty black ops ii\t6mp.exe |
"{86C48FFD-AFDC-4F4B-B174-F66F1F052747}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{913479A7-B619-44C3-A87C-3B35632FC975}" = protocol=6 | dir=in | app=j:\steam\steamapps\common\call of duty black ops ii\t6mp.exe |
"{A592306F-FD13-4BC7-981F-A76A32BBE19D}" = protocol=6 | dir=in | app=c:\program files\vuze\azureus.exe |
"{A701D924-BD46-4680-8866-AEF498671E11}" = protocol=17 | dir=in | app=j:\steam\steam.exe |
"{AD1351CF-38AC-4804-A9BA-72846FC597C9}" = protocol=6 | dir=out | app=system |
"{B29CC2B5-F0F0-433D-9645-3924C456BDD1}" = protocol=6 | dir=in | app=c:\programdata\esafe\egdpsvc.exe |
"{B87D514C-EEE5-4269-B280-98127600A3FE}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{BC01DB67-A34B-4406-B7FE-36811EE6D91C}" = protocol=17 | dir=in | app=c:\users\micka1208\appdata\roaming\utorrent\utorrent.exe |
"{C4BFF66C-324F-4A91-94D6-5D0F6621D34E}" = protocol=6 | dir=in | app=c:\users\micka1208\appdata\roaming\utorrent\utorrent.exe |
"{C830B547-939D-4FAF-A768-077D424F98B6}" = protocol=17 | dir=in | app=j:\steam\steamapps\common\call of duty black ops ii\t6zm.exe |
"{D61C754B-6859-431D-A21C-559D4619F17C}" = protocol=17 | dir=in | app=c:\users\micka1208\appdata\roaming\utorrent\utorrent.exe |
"{DC66C092-D55B-4962-8AB8-EEC49B848608}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{EE1EA40D-B592-4675-8CE7-26104BA78667}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{F3BFD504-C0E6-4F1A-8870-EF61B14476D9}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{F680E24C-ADB7-4BB8-B58E-6D6DB0646E65}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{F9B8F0B9-5E49-438C-AB58-F245A5A6F725}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{FF7F6A29-17D8-4314-BF94-B912D5C98718}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"TCP Query User{01ABF8AD-2A68-4A49-BA06-B70DC80724ED}C:\users\micka1208\desktop\utorrent.exe" = protocol=6 | dir=in | app=c:\users\micka1208\desktop\utorrent.exe |
"TCP Query User{5237FBF4-3126-4309-B268-C2781DEE2875}C:\users\micka1208\desktop\utorrent.exe" = protocol=6 | dir=in | app=c:\users\micka1208\desktop\utorrent.exe |
"TCP Query User{6BEE3A33-1C63-4B19-9817-11749C8913A1}C:\program files\emule\emule.exe" = protocol=6 | dir=in | app=c:\program files\emule\emule.exe |
"TCP Query User{CF76DCF8-01FC-4ECB-94F7-15ECE0EDF90E}C:\program files\emule\emule.exe" = protocol=6 | dir=in | app=c:\program files\emule\emule.exe |
"TCP Query User{D45B42BA-AB81-43EE-9129-244617D28060}J:\steam\steamapps\common\call of duty black ops ii\t6sp.exe" = protocol=6 | dir=in | app=j:\steam\steamapps\common\call of duty black ops ii\t6sp.exe |
"UDP Query User{17A2198D-CC57-485B-BFB6-D2E112269340}C:\users\micka1208\desktop\utorrent.exe" = protocol=17 | dir=in | app=c:\users\micka1208\desktop\utorrent.exe |
"UDP Query User{2840FF16-F8C4-4FE0-A903-28FE588AFD15}C:\program files\emule\emule.exe" = protocol=17 | dir=in | app=c:\program files\emule\emule.exe |
"UDP Query User{6550BE2A-13AA-4A71-A1CD-68FD12411B0A}C:\program files\emule\emule.exe" = protocol=17 | dir=in | app=c:\program files\emule\emule.exe |
"UDP Query User{E1AA98E0-9483-424C-BA9C-8F79C4D62159}C:\users\micka1208\desktop\utorrent.exe" = protocol=17 | dir=in | app=c:\users\micka1208\desktop\utorrent.exe |
"UDP Query User{F8890007-D80B-497C-8F1F-4B05B5B73C4A}J:\steam\steamapps\common\call of duty black ops ii\t6sp.exe" = protocol=17 | dir=in | app=j:\steam\steamapps\common\call of duty black ops ii\t6sp.exe |

[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{036A2AC2-5514-1499-8F0E-48009132658F}" = CCC Help Portuguese
"{0685213E-9FF3-1368-37E3-5CECB5A0708C}" = CCC Help Russian
"{06D616BB-D397-6BCF-DEAD-DBEAD9AA69C1}" = CCC Help Russian
"{0F747F46-57A0-6CD3-A234-BD4E46F2BFEB}" = CCC Help Polish
"{107F27B7-8EE4-4B3A-9CE5-497B120369DC}" = Microsoft Security Client
"{17DC6852-9048-393B-1A89-203B36675653}" = CCC Help German
"{1EB8D6DC-DA9E-837D-C31A-0FCE20E1EF76}" = Catalyst Control Center Localization All
"{1EC58056-481C-B7C8-A105-5C77BF3EAA16}" = CCC Help Swedish
"{26A24AE4-039D-4CA4-87B4-2F03217071FF}" = Java 7 Update 71
"{28D30BC0-EE51-8C94-80B3-04BE1A26B088}" = CCC Help Turkish
"{2F90A789-DD1E-41CE-BFCA-BD78213BABC7}" = OpenOffice.org 3.4
"{384E9F9A-4E8C-562C-E6D1-E494F9CADF7C}" = CCC Help Korean
"{3C249872-D97C-62F9-A3E2-F7AAAC07BEF8}" = CCC Help Chinese Traditional
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{44E46185-638A-4F84-C902-74ACF30932A7}" = CCC Help Spanish
"{45B2C1A3-2050-0BC1-0A90-50EB4A7E77A8}" = CCC Help Turkish
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4AB43DE0-CF91-C9D5-3F6C-A869CC44D742}" = CCC Help Czech
"{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}" = Google Earth
"{528E82EA-A194-4A9D-371E-59BACC7D7DE4}" = CCC Help Dutch
"{538FB3F5-22D6-A671-4396-1426582E332A}" = Catalyst Control Center Localization All
"{53920718-25F0-CBA8-D694-BDC793C2B219}" = CCC Help Chinese Traditional
"{540C5568-983A-B7BC-3005-C42736DA00AB}" = CCC Help English
"{56206A74-F8C4-7705-DE77-315A0ADCB41F}" = CCC Help Japanese
"{57E0E3A9-F4EF-1540-CADA-EB5E33B3B922}" = CCC Help Korean
"{58ECCB6B-73FB-CBBA-42FC-91659DFA342C}" = CCC Help Chinese Standard
"{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411
"{6547BC5F-1FC4-CD5D-3783-45370C980043}" = Catalyst Control Center
"{662DFDBB-A2D6-6B20-1349-BBDA83F7DF79}" = AMD Accelerated Video Transcoding
"{77091BC5-B357-166C-CFDF-2AC2C72ED29E}" = CCC Help Italian
"{7A2BB1C8-903D-4585-9F3B-CADD67D07D37}" = TomTom HOME
"{8D962C94-3D7C-2163-B37E-9CB48B7D1DCD}" = CCC Help Dutch
"{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}" = TomTom HOME Visual Studio Merge Modules
"{902DBBC3-CCF2-E030-CDBA-55F4024C7813}" = CCC Help Finnish
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D104AC8-D050-9D64-8E8E-04CF56C98A43}" = CCC Help Portuguese
"{A25FF1C0-80B6-4B8B-A551-DC525697A408}" = AMD APP SDK Runtime
"{A5F6F320-2542-333D-AC13-4B66078257C5}" = CCC Help French
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AA5AD5C2-2C06-F079-493F-5497B6070A31}" = CCC Help Polish
"{AC76BA86-7AD7-1036-7B44-AB0000000001}" = Adobe Reader XI (11.0.09) - Français
"{B2EFA484-64DB-C1D8-DFD0-FF936FBC3CD9}" = AMD Wireless Display v3.0
"{B8230940-0DCC-E180-5744-4442F6C0CA28}" = CCC Help Thai
"{B92C2C6C-F70E-497B-88A7-1FEF9888272B}" = Adobe AIR
"{C123749C-23EC-62DB-A5FD-1ED5BC359AAF}" = CCC Help Japanese
"{C533DBF1-3A98-5D7D-B6CA-59CC1816F38C}" = CCC Help Italian
"{CC0B8E79-8968-80D2-86BD-7373ADCB3EE8}" = ccc-utility
"{CE4FAE68-434C-BA43-8B9A-DA215B220479}" = CCC Help Thai
"{D4737341-1524-6784-8AC1-F79DC79B96CB}" = CCC Help Chinese Standard
"{D910F446-B7A0-F472-1B89-A9085F4AFFBD}" = CCC Help Norwegian
"{DF5EFC78-D97F-5E0B-55E3-62659E9CBEE0}" = AMD Drag and Drop Transcoding
"{E288EA43-3A9B-BEAB-8147-11BE15709D42}" = CCC Help Hungarian
"{E2A067AA-D675-5AB0-E1B5-3E701ED8DE5C}" = CCC Help Danish
"{EA6470CD-6865-8238-9232-B82BB30F2BEF}" = AMD Media Foundation Decoders
"{EA92CB68-9667-343A-1F53-B039583F2A3A}" = Catalyst Control Center InstallProxy
"{EC6004A3-B6E7-9728-55E8-508ABE51798F}" = CCC Help Norwegian
"{EDAA1085-C196-29B1-48B0-B82B72114001}" = CCC Help Swedish
"{F08A6ECB-A8F2-D822-24CE-307AF4AFE64F}" = CCC Help Greek
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{FF6A8312-0A62-3AC0-A49F-9CB7390AE5EC}" = AMD Catalyst Install Manager
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 15 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 15 Plugin
"CCleaner" = CCleaner
"eMule" = eMule
"EPSON Printer and Utilities" = EPSON Logiciel imprimante
"EPSON Scanner" = EPSON Scan
"Glary Utilities 4" = Glary Utilities 4.8
"Google Chrome" = Google Chrome
"Malwarebytes Anti-Malware_is1" = Malwarebytes Anti-Malware version 2.0.3.1025
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft Security Client" = Microsoft Security Essentials
"PDF Reader" = PDF Reader
"VLC media player" = VLC media player 2.1.1

[color=#E56717]========== HKEY_USERS Uninstall List ==========[/color]

[HKEY_USERS\S-1-5-21-841116981-2260734120-475313986-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"uTorrent" = µTorrent

[color=#E56717]========== Last 20 Event Log Errors ==========[/color]

[ Application Events ]
Error - 26/11/2014 09:04:00 | Computer Name = micka1208-PC | Source = MsiInstaller | ID = 11316
Description =

Error - 26/11/2014 09:18:01 | Computer Name = micka1208-PC | Source = Application Hang | ID = 1002
Description = Le programme chrome.exe version 38.0.2125.111 a cessé d'interagir
avec Windows et a été fermé. Pour déterminer si des informations supplémentaires
sont disponibles, consultez l'historique du problème dans le Centre de maintenance.

ID
de processus : 534 Heure de début : 01d0097b4ec662fe Heure de fin : 250 Chemin d'accès
de l'application : C:\Program Files\Google\Chrome\Application\chrome.exe ID de rapport
: 9b9ec58b-756e-11e4-bbf6-0014856b789c

Error - 26/11/2014 09:20:29 | Computer Name = micka1208-PC | Source = MsiInstaller | ID = 11309
Description =

Error - 26/11/2014 09:22:36 | Computer Name = micka1208-PC | Source = Application Error | ID = 1000
Description = Nom de l'application défaillante chrome.exe, version : 38.0.2125.111,
horodatage : 0x5447163b Nom du module défaillant : chrome.dll, version : 38.0.2125.111,
horodatage : 0x54471342 Code d'exception : 0xc0000005 Décalage d'erreur : 0x002e5235
ID
du processus défaillant : 0x14e4 Heure de début de l'application défaillante : 0x01d0097bfb83d155
Chemin
d'accès de l'application défaillante : C:\Program Files\Google\Chrome\Application\chrome.exe
Chemin
d'accès du module défaillant: C:\Program Files\Google\Chrome\Application\38.0.2125.111\chrome.dll
ID
de rapport : 48c567a4-756f-11e4-bbf6-0014856b789c

Error - 26/11/2014 19:50:14 | Computer Name = micka1208-PC | Source = SideBySide | ID = 16842785
Description = La création du contexte d'activation a échoué pour « c:\program files\glary
utilities 4\DPInst64.exe ». Assembly dépendant Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"
introuvable. Utilisez sxstrace.exe pour un diagnostic détaillé.

Error - 28/11/2014 06:20:23 | Computer Name = micka1208-PC | Source = SideBySide | ID = 16842785
Description = La création du contexte d'activation a échoué pour « c:\program files\glary
utilities 4\DPInst64.exe ». Assembly dépendant Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"
introuvable. Utilisez sxstrace.exe pour un diagnostic détaillé.

Error - 28/11/2014 11:54:04 | Computer Name = micka1208-PC | Source = Windows Activation Technologies | ID = 3
Description = Échec de la vérification d'intégrité : hr = 0x8004FE22, ÉtatIntégrité
: 0x0000000000002000

Error - 28/11/2014 15:16:30 | Computer Name = micka1208-PC | Source = Application Error | ID = 1000
Description = Nom de l'application défaillante wmplayer.exe, version : 12.0.7601.17514,
horodatage : 0x4ce7a485 Nom du module défaillant : unknown, version : 0.0.0.0, horodatage
: 0x00000000 Code d'exception : 0xc0000005 Décalage d'erreur : 0x00000000 ID du processus
défaillant : 0x16d4 Heure de début de l'application défaillante : 0x01d00b3183dd8f1d
Chemin
d'accès de l'application défaillante : C:\Program Files\Windows Media Player\wmplayer.exe
Chemin
d'accès du module défaillant: unknown ID de rapport : 0e1a0850-7733-11e4-8601-0014856b789c

Error - 28/11/2014 16:55:49 | Computer Name = micka1208-PC | Source = Application Error | ID = 1000
Description = Nom de l'application défaillante DllHost.exe, version : 6.1.7600.16385,
horodatage : 0x4a5bc6b7 Nom du module défaillant : wmp.dll, version : 12.0.7601.17514,
horodatage : 0x4ce7ba7f Code d'exception : 0xc0000005 Décalage d'erreur : 0x0015b96e
ID
du processus défaillant : 0x494 Heure de début de l'application défaillante : 0x01d00b31806441fb
Chemin
d'accès de l'application défaillante : C:\Windows\system32\DllHost.exe Chemin d'accès
du module défaillant: C:\Windows\system32\wmp.dll ID de rapport : ee70ad79-7740-11e4-8601-0014856b789c

Error - 28/11/2014 19:37:42 | Computer Name = micka1208-PC | Source = SideBySide | ID = 16842785
Description = La création du contexte d'activation a échoué pour « c:\program files\glary
utilities 4\DPInst64.exe ». Assembly dépendant Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"
introuvable. Utilisez sxstrace.exe pour un diagnostic détaillé.

Error - 29/11/2014 04:42:45 | Computer Name = micka1208-PC | Source = ESENT | ID = 455
Description = taskhost (2324) WebCacheLocal: L'Erreur -1811 (0xfffff8ed) s'est produite
lors de l'ouverture du fichier journal C:\Users\micka1208\AppData\Local\Microsoft\Windows\WebCache\V01.log.

[ Media Center Events ]
Error - 27/12/2013 05:10:06 | Computer Name = micka1208-PC | Source = MCUpdate | ID = 0
Description = 10:10:06 - Erreur de connexion à Internet. 10:10:06 - Impossible
de contacter le service..

Error - 27/12/2013 05:10:19 | Computer Name = micka1208-PC | Source = MCUpdate | ID = 0
Description = 10:10:11 - Erreur de connexion à Internet. 10:10:11 - Impossible
de contacter le service..

Error - 27/12/2013 06:10:23 | Computer Name = micka1208-PC | Source = MCUpdate | ID = 0
Description = 11:10:23 - Erreur de connexion à Internet. 11:10:23 - Impossible
de contacter le service..

Error - 27/12/2013 06:10:30 | Computer Name = micka1208-PC | Source = MCUpdate | ID = 0
Description = 11:10:28 - Erreur de connexion à Internet. 11:10:28 - Impossible
de contacter le service..

Error - 27/12/2013 07:10:34 | Computer Name = micka1208-PC | Source = MCUpdate | ID = 0
Description = 12:10:34 - Erreur de connexion à Internet. 12:10:34 - Impossible
de contacter le service..

Error - 27/12/2013 07:10:41 | Computer Name = micka1208-PC | Source = MCUpdate | ID = 0
Description = 12:10:39 - Erreur de connexion à Internet. 12:10:39 - Impossible
de contacter le service..

Error - 27/12/2013 08:10:45 | Computer Name = micka1208-PC | Source = MCUpdate | ID = 0
Description = 13:10:45 - Erreur de connexion à Internet. 13:10:45 - Impossible
de contacter le service..

Error - 27/12/2013 08:10:52 | Computer Name = micka1208-PC | Source = MCUpdate | ID = 0
Description = 13:10:50 - Erreur de connexion à Internet. 13:10:50 - Impossible
de contacter le service..

[ System Events ]
Error - 29/11/2014 04:46:53 | Computer Name = micka1208-PC | Source = Service Control Manager | ID = 7009
Description = Le dépassement de délai (30000 millisecondes) a été atteint lors de
l'attente de la connexion du service Microsoft .NET Framework NGEN v4.0.30319_X86.

Error - 29/11/2014 05:30:37 | Computer Name = micka1208-PC | Source = EventLog | ID = 6008
Description = L'arrêt système précédant à 10:29:07 le ?29/?11/?2014 n'était pas
prévu.

Error - 29/11/2014 05:31:25 | Computer Name = micka1208-PC | Source = volsnap | ID = 393252
Description = Les clichés instantanés du volume C: ont été annulés car le stockage
du cliché instantané n'a pas pu s'agrandir en raison d'une limite utilisateur.

Error - 29/11/2014 05:32:51 | Computer Name = micka1208-PC | Source = Service Control Manager | ID = 7024
Description = Le service Windows Search s'est arrêté avec l'erreur service particulière
%%-1073473535.

Error - 29/11/2014 05:32:51 | Computer Name = micka1208-PC | Source = Service Control Manager | ID = 7031
Description = Le service Windows Search s'est terminé de manière inattendue. Ceci
s'est produit 1 fois. L'action corrective suivante va être effectuée dans 30000
millisecondes : Redémarrer le service.

Error - 29/11/2014 05:33:13 | Computer Name = micka1208-PC | Source = Service Control Manager | ID = 7009
Description = Le dépassement de délai (30000 millisecondes) a été atteint lors de
l'attente de la connexion du service Windows Search.

Error - 29/11/2014 05:33:13 | Computer Name = micka1208-PC | Source = Service Control Manager | ID = 7000
Description = Le service Windows Search n'a pas pu démarrer en raison de l'erreur :
%%1053

Error - 29/11/2014 05:45:34 | Computer Name = micka1208-PC | Source = Service Control Manager | ID = 7009
Description = Le dépassement de délai (30000 millisecondes) a été atteint lors de
l'attente de la connexion du service Microsoft .NET Framework NGEN v4.0.30319_X86.

Error - 29/11/2014 05:46:16 | Computer Name = micka1208-PC | Source = Service Control Manager | ID = 7009
Description = Le dépassement de délai (30000 millisecondes) a été atteint lors de
l'attente de la connexion du service Service Partage réseau du Lecteur Windows
Media.

Error - 29/11/2014 05:46:16 | Computer Name = micka1208-PC | Source = Service Control Manager | ID = 7000
Description = Le service Service Partage réseau du Lecteur Windows Media n'a pas
pu démarrer en raison de l'erreur : %%1053


< End of report >
0
Réponse 3 / 3
Malekal_morte- Messages postés 180304 Date d'inscription mercredi 17 mai 2006 Statut Modérateur, Contributeur sécurité Dernière intervention 15 décembre 2020 24 651
29 nov. 2014 à 16:43
Commence par un nettoyage AdwCleaner : https://forums.commentcamarche.net/forum/affich-31129006-probleme-avec-mon-pc-outbound-et-bk-coretag-js#1
0