Il y a actuellement 288 visiteurs
Jeudi 28 Mars 2024
accueilactualitésdossierscomparer les prixtélécharger gratuitement vos logicielsoffres d'emploiforum informatique
Connexion
Créer un compte

antimalware doctor

Un ordinateur qui ralentit, des écrans publicitaires qui apparaissent, des applications qui refusent de démarrer ou encore votre navigateur qui s'obstine à ouvrir une page douteuse sont autant d'éléments qui indiquent que l'intégrité de votre ordinateur est menacée par un virus. Vous trouverez dans ce forum quelques conseils et logiciels pour surfer tranquillement.
Règles du forum
Pour afficher un rapport d'analyse ou un rapport d'infection (HijackThis, OTL, AdwCleaner etc...)‎, veuillez utiliser le système de fichiers joints interne au forum. Seuls les formats les .txt et .log de moins de 1Mo sont acceptés. Pour obtenir de l'aide pour insérer vos fichiers joints, veuillez consulter ce tutoriel

antimalware doctor

Message le 08 Juin 2010 17:02

bonjour je suis sur vista et je viens d attrapper antimalware doctor. je sais qu il faut effectuer une desinfection et j aurais besoin d aide pour realiser cette derniere .
J ai deja fais un scan avec RSTI j ai le rapport ,antimalware doctor est toujours la et je ne sais que faire...
d avance merci

édit Pac : bienvenue Bob, sujet déplacé ;)
bob35
Sous Expert(e)
Sous Expert(e)
 
Messages: 59
Inscription: 08 Juin 2010 00:48
 


Re: antimalware doctor

Message le 08 Juin 2010 17:36

sujet déplacé?? :oops: je ne comprends pas..... dsl
Je suis complètement novice dans ce genre de forums. Mais j'ai un vrai problème avec ce antimalware doctor.
Merci encore. De l'aide
bob35
Sous Expert(e)
Sous Expert(e)
 
Messages: 59
Inscription: 08 Juin 2010 00:48
 

Re: antimalware doctor

Message le 08 Juin 2010 18:04

J'ai fait les scans OTL et USBfix dont voici les rapports:

extras


Code: Tout sélectionner
OTL Extras logfile created on: 08/06/2010 18:25:56 - Run 1
OTL by OldTimer - Version 3.2.5.3     Folder = C:\Users\Loulou\Desktop
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy
 
3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 55,00% Memory free
6,00 Gb Paging File | 5,00 Gb Available in Paging File | 77,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 149,04 Gb Total Space | 13,95 Gb Free Space | 9,36% Space Free | Partition Type: NTFS
Drive D: | 139,28 Gb Total Space | 68,72 Gb Free Space | 49,34% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
Drive G: | 3,84 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive H: | 973,17 Mb Total Space | 510,89 Mb Free Space | 52,50% Space Free | Partition Type: FAT
I: Drive not present or media not loaded
 
Computer Name: PC-DE-LOULOU
Current User Name: Loulou
Logged in as Administrator.
 
Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
 
[color=#E56717]========== Extra Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== File Associations ==========[/color]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
 
[HKEY_USERS\S-1-5-21-756219789-2391649786-1416619542-1000\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
 
[color=#E56717]========== Shell Spawning ==========[/color]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[color=#E56717]========== Security Center Settings ==========[/color]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"UacDisableNotify" = 0
"InternetSettingsDisableNotify" = 0
"AutoUpdateDisableNotify" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[color=#E56717]========== Authorized Applications List ==========[/color]
 
 
[color=#E56717]========== Vista Active Open Ports Exception List ==========[/color]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{AFC55A21-56D7-41B4-BEA7-32DF687B2685}" = lport=5353 | protocol=6 | dir=in | name=adobe csi cs4 |
"{F9399065-9115-44F0-AD1C-E283A0D7D3DF}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |
 
[color=#E56717]========== Vista Active Application Exception List ==========[/color]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{17081B91-861E-4C63-A445-FD0D075F084C}" = protocol=17 | dir=in | app=c:\program files\ubisoft\related designs\anno 1404\anno4.exe |
"{200C6B6A-1A7B-49D7-9966-591528FE2DEA}" = dir=in | app=c:\program files\skype\plugin manager\skypepm.exe |
"{24B3B272-7A01-4282-A4D0-85D7EF972DA6}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{36FE67DF-99EF-41DD-BE34-F6FFA21950A2}" = protocol=17 | dir=in | app=c:\program files\bearshare applications\bearshare\bearshare.exe |
"{3F9E75E3-B07D-4DA7-AA07-E19F83592F6C}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{42555447-A750-4B41-8D7B-42C428390807}" = protocol=17 | dir=in | app=c:\program files\itunes\itunes.exe |
"{4C25778C-C94E-495B-8FCA-9D31186D6521}" = protocol=6 | dir=in | app=c:\program files\bearshare applications\bearshare\bearshare.exe |
"{4DCFA75E-9FC4-41A0-91B0-86783A503908}" = protocol=17 | dir=in | app=c:\program files\ubisoft\related designs\anno 1404\tools\anno4web.exe |
"{627EF4CF-A60C-4489-8214-CC3D44A7CB47}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{8872BCA6-DC09-4B2A-A9E5-886DF27AAA66}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{8B2DCE5F-550C-41F2-9F6C-8CA18788DDC6}" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe |
"{930728E9-4931-4A19-B0C5-4512FDBD3824}" = protocol=6 | dir=in | app=c:\program files\common files\adobe\cs4servicemanager\cs4servicemanager.exe |
"{A07458A5-E28F-4596-BC4A-E6ECA097E239}" = protocol=17 | dir=in | app=c:\program files\limewire\limewire.exe |
"{A2444F68-CEE5-4EE7-B7A3-B6243B9ED545}" = protocol=6 | dir=in | app=c:\program files\ubisoft\related designs\anno 1404\anno4.exe |
"{A6248E6B-BF7F-4BC3-830E-E7EC89D4B229}" = protocol=17 | dir=in | app=c:\program files\common files\adobe\cs4servicemanager\cs4servicemanager.exe |
"{ACF9A276-0F98-45F0-8254-C787B65D927A}" = protocol=6 | dir=in | app=c:\program files\limewire\limewire.exe |
"{EDB3AEBA-16E6-4CD1-AE9B-64FFC7795D6E}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{FD38EE83-D7E6-44EB-B1AF-DA2BAA19FA4F}" = protocol=6 | dir=in | app=c:\program files\ubisoft\related designs\anno 1404\tools\anno4web.exe |
"TCP Query User{745B6BE7-E377-42AF-AD1B-7CF7A9ACB7D7}C:\users\loulou\appdata\local\temp\rar$ex01.811\freezer v1.4 fr\freezer.exe" = protocol=6 | dir=in | app=c:\users\loulou\appdata\local\temp\rar$ex01.811\freezer v1.4 fr\freezer.exe |
"TCP Query User{771E6239-D17D-4D46-82A8-7B6B333E5E51}C:\program files\vuze\azureus.exe" = protocol=6 | dir=in | app=c:\program files\vuze\azureus.exe |
"TCP Query User{89B012F4-C260-4921-A922-7C0571A1F6F3}C:\users\loulou\desktop\freezer.exe" = protocol=6 | dir=in | app=c:\users\loulou\desktop\freezer.exe |
"TCP Query User{9979B888-46B2-48FA-AEAF-A68082B99E50}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"TCP Query User{9ACF1C07-419D-4120-A360-6C822BF01CA9}C:\users\loulou\appdata\local\temp\rar$ex01.449\freezer v1.4 fr\freezer.exe" = protocol=6 | dir=in | app=c:\users\loulou\appdata\local\temp\rar$ex01.449\freezer v1.4 fr\freezer.exe |
"TCP Query User{9D87484A-6D22-42AD-B978-488AC974AAAF}C:\program files\graphisoft\archicad 13\archicad.exe" = protocol=6 | dir=in | app=c:\program files\graphisoft\archicad 13\archicad.exe |
"TCP Query User{BE1837D0-43A3-4569-BD9E-DFCAF407BF5D}C:\program files\participatory culture foundation\miro\miro_downloader.exe" = protocol=6 | dir=in | app=c:\program files\participatory culture foundation\miro\miro_downloader.exe |
"TCP Query User{E71A91EC-C99E-40EE-9649-7A154392364E}C:\program files\google\chrome\application\chrome.exe" = protocol=6 | dir=in | app=c:\program files\google\chrome\application\chrome.exe |
"UDP Query User{0942F15E-A31E-4A17-B295-AFAEAAC14D62}C:\users\loulou\appdata\local\temp\rar$ex01.811\freezer v1.4 fr\freezer.exe" = protocol=17 | dir=in | app=c:\users\loulou\appdata\local\temp\rar$ex01.811\freezer v1.4 fr\freezer.exe |
"UDP Query User{29EB5C3D-FD6C-41FF-AAB5-7A9460936D50}C:\program files\participatory culture foundation\miro\miro_downloader.exe" = protocol=17 | dir=in | app=c:\program files\participatory culture foundation\miro\miro_downloader.exe |
"UDP Query User{5B8BA539-87CB-4A90-A325-5DE66C4B63E6}C:\program files\vuze\azureus.exe" = protocol=17 | dir=in | app=c:\program files\vuze\azureus.exe |
"UDP Query User{8BDE2BD2-C24F-41FF-A9E9-B58E84727225}C:\program files\google\chrome\application\chrome.exe" = protocol=17 | dir=in | app=c:\program files\google\chrome\application\chrome.exe |
"UDP Query User{A7D0C4D3-2C20-4DA1-A9C1-E3B9E0AD3387}C:\program files\graphisoft\archicad 13\archicad.exe" = protocol=17 | dir=in | app=c:\program files\graphisoft\archicad 13\archicad.exe |
"UDP Query User{A834F4C6-70B6-43A4-9352-DF39FBFA0F46}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{A8BBA752-BB73-4328-92A7-A26BDEA0CE66}C:\users\loulou\appdata\local\temp\rar$ex01.449\freezer v1.4 fr\freezer.exe" = protocol=17 | dir=in | app=c:\users\loulou\appdata\local\temp\rar$ex01.449\freezer v1.4 fr\freezer.exe |
"UDP Query User{E2356C11-66F6-4228-B5BB-C08F64EECEF4}C:\users\loulou\desktop\freezer.exe" = protocol=17 | dir=in | app=c:\users\loulou\desktop\freezer.exe |
 
[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{00ADFB20-AE75-46F4-AD2C-F48B15AC3100}" = Adobe Color NA Recommended Settings CS4
"{03D1988F-469F-4843-8E6E-E5FE9D17889D}" = WIDCOMM Bluetooth Software
"{04AF207D-9A77-465A-8B76-991F6AB66245}" = Adobe Help Viewer CS3
"{05308C4E-7285-4066-BAE3-6B50DA6ED755}" = Adobe Update Manager CS4
"{054EFA56-2AC1-48F4-A883-0AB89874B972}" = Adobe Extension Manager CS4
"{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour
"{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting
"{0969AF05-4FF6-4C00-9406-43599238DE0D}" = ASUS Splendid Video Enhancement Technology
"{098727E1-775A-4450-B573-3F441F1CA243}" = kuler
"{09CF6AF5-9206-4FD7-9B08-BA6819FB47E3}" = Anno 1404
"{0D6013AB-A0C7-41DC-973C-E93129C9A29F}" = Adobe Color JA Extra Settings CS4
"{0E7DBD52-B097-4F2B-A7C7-F105B0D20FDB}" = LightScribe System Software  1.14.17.1
"{0F723FC1-7606-4867-866C-CE80AD292DAF}" = Adobe CSI CS4
"{15BF7AAF-846C-4A6D-80E1-5D1FC7FB461B}" = Adobe SGM CS4
"{1618734A-3957-4ADD-8199-F973763109A8}" = Adobe Anchor Service CS4
"{16E16F01-2E2D-4248-A42F-76261C147B6C}" = Adobe Drive CS4
"{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}" = AdobeColorCommonSetRGB
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}" = Adobe WinSoft Linguistics Plugin
"{197A3012-8C85-4FD3-AB66-9EC7E13DB92E}" = Adobe AIR
"{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}" = ASUS LifeFrame3
"{1DCA3EAA-6EB5-4563-A970-EA14D75037BA}" = Adobe InDesign CS4
"{1E04CB54-AF4E-4AC3-B4B7-C0A160BE57F1}" = Adobe InDesign CS4 Icon Handler
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{23B14BE4-5277-40B2-B602-3FCD456C27BC}" = Protector Suite QL 5.8
"{26A24AE4-039D-4CA4-87B4-2F83216011FF}" = Java(TM) 6 Update 15
"{28006915-2739-4EBE-B5E8-49B25D32EB33}" = Atheros Client Installation Program
"{2862A3C1-0CD9-4D8B-A28C-8C337D4DD5EB}" = Express Gate
"{29E5EA97-5F74-4A57-B8B2-D4F169117183}" = Adobe Stock Photos CS3
"{2BAF2B96-7560-48B4-87D4-10178DDBE217}" = Adobe InDesign CS4 Application Feature Set Files (Roman)
"{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}" = PDF Settings CS4
"{39F6E2B4-CFE8-C30A-66E8-489651F0F34C}" = Adobe Media Player
"{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}" = Adobe XMP Panels CS4
"{3AC54383-31D1-4907-961B-B12CBB1D0AE8}" = MobileMe Control Panel
"{3B05F2FB-745B-4012-ADF2-439F36B2E70B}" = ATKOSD2
"{3D9CF3CA-3AB0-4A82-9853-D7C43FD1D775}" = ANNO 1404
"{3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF}" = Adobe WinSoft Linguistics Plugin
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"{415B2719-AD3A-4944-B404-C472DB6085B3}" = Cisco EAP-FAST Module
"{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}" = Adobe Service Manager Extension
"{4A52555C-032A-4083-BDD9-6A85ABFB39A8}" = Adobe SING CS4
"{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3
"{5545EEE1-FA36-4F76-B6BE-5696E7F4E2D6}" = VBA (2627.01)
"{5545EEE3-FA36-4F76-B6BE-5696E7F4E2D6}" = VBA (2627.5)
"{5570C7F0-43D0-4916-8A9E-AEDD52FA86F4}" = Adobe Color EU Extra Settings CS4
"{5783F2D7-6001-040C-0002-0060B0CE6BBA}" = AutoCAD 2008 - Français
"{5783F2D7-6004-040C-0002-0060B0CE6BBA}" = AutoCAD Architecture 2008 - Français
"{59F6A514-9813-47A3-948C-8A155460CC2A}" = RICOH R5C83x/84x Flash Media Controller Driver Ver.3.55.01
"{6324A1EF-CEF4-43E3-8BCD-9EF3F67317FD}" = NB Probe
"{63415CB1-3C97-4D9C-980D-336710EB0526}" = Age of Empires III - The Asian Dynasties Trial
"{64452561-169F-4A36-A2FF-B5E118EC65F5}" = ASUS SmartLogon
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{669C7BD8-DAA2-49B6-966C-F1E2AAE6B17E}" = Cisco PEAP Module
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69B6B4A5-1C4D-4F16-BB11-A4EB9A439116}" = Adobe Creative Suite 3 Web Premium
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6B708481-748A-4EB4-97C1-CD386244FF77}" = Adobe MotionPicture Color Files
"{6B77A7F6-DD63-4F13-A6FF-83137A5AC354}" = ASUS CopyProtect
"{6BBAA81D-6A7E-43AD-8889-2F002DCAAFDD}" = AHV content for Acrobat and Flash
"{6E08CE13-C2AB-4749-9335-5900B958929E}" = Adobe Illustrator CS3
"{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}" = Adobe Asset Services CS3
"{73B5D990-04EA-4751-B10F-5534770B91F2}" = Adobe Color EU Recommended Settings
"{75708411-3DC4-4E88-8100-7FBB1978E84B}" = Commandos 3 - Destination Berlin Demo v2
"{7C05592D-424B-46CB-B505-E0013E8E75C9}" = ATK Hotkey
"{7CC7BDD5-6F10-4724-96A1-EAC7D9F2831C}" = Adobe InDesign CS4 Common Base Files
"{802771A9-A856-4A41-ACF7-1450E523C923}" = Adobe XMP Panels CS3
"{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}" = Adobe Type Support CS4
"{83770D14-21B9-44B3-8689-F7B523F94560}" = Cisco LEAP Module
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83877DB1-8B77-45BC-AB43-2BAC22E093E0}" = Adobe Bridge CS4
"{83F73CB1-7705-49D1-9852-84D839CA2A45}" = Wireless Console 2
"{842B4B72-9E8F-4962-B3C1-1C422A5C4434}" = Suite Shared Configuration CS4
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8169 8168 8101E 8102E Ethernet Driver
"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3
"{8D7BD6EE-C597-4375-B07F-A91FC78991C7}" = V-Ray for SketchUp 6
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-040C-0000-0000000FF1CE}" = Microsoft Office Access MUI (French) 2007
"{90120000-0015-0410-0000-0000000FF1CE}" = Microsoft Office Access MUI (Italian) 2007
"{90120000-0015-0413-0000-0000000FF1CE}" = Microsoft Office Access MUI (Dutch) 2007
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-040C-0000-0000000FF1CE}" = Microsoft Office Excel MUI (French) 2007
"{90120000-0016-0410-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Italian) 2007
"{90120000-0016-0413-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Dutch) 2007
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-040C-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (French) 2007
"{90120000-0018-0410-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Italian) 2007
"{90120000-0018-0413-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Dutch) 2007
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-040C-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (French) 2007
"{90120000-0019-0410-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Italian) 2007
"{90120000-0019-0413-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Dutch) 2007
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-040C-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (French) 2007
"{90120000-001A-0410-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Italian) 2007
"{90120000-001A-0413-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Dutch) 2007
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-040C-0000-0000000FF1CE}" = Microsoft Office Word MUI (French) 2007
"{90120000-001B-0410-0000-0000000FF1CE}" = Microsoft Office Word MUI (Italian) 2007
"{90120000-001B-0413-0000-0000000FF1CE}" = Microsoft Office Word MUI (Dutch) 2007
"{90120000-001F-0401-0000-0000000FF1CE}" = Microsoft Office Proof (Arabic) 2007
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0413-0000-0000000FF1CE}" = Microsoft Office Proof (Dutch) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-002C-040C-0000-0000000FF1CE}" = Microsoft Office Proofing (French) 2007
"{90120000-002C-0410-0000-0000000FF1CE}" = Microsoft Office Proofing (Italian) 2007
"{90120000-002C-0413-0000-0000000FF1CE}" = Microsoft Office Proofing (Dutch) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-040C-0000-0000000FF1CE}" = Microsoft Office Shared MUI (French) 2007
"{90120000-006E-0410-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Italian) 2007
"{90120000-006E-0413-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Dutch) 2007
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3
"{91120000-0031-0000-0000-0000000FF1CE}" = Microsoft Office Professional Hybrid 2007
"{931AB7EA-3656-4BB7-864D-022B09E3DD67}" = Adobe Linguistics CS4
"{94D398EB-D2FD-4FD1-B8C4-592635E8A191}" = Adobe CMaps CS4
"{98736A65-3C79-49EC-B7E9-A3C77774B0E6}" = Google SketchUp 6
"{9A346205-EA92-4406-B1AB-50379DA3F057}" = Autodesk DWF Viewer 7
"{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}" = ASUS Power4Gear Hybrid
"{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3
"{A2D81E70-2A98-4A08-A628-94388B063C5E}" = Adobe Color - Photoshop Specific
"{A429C2AE-EBF1-4F81-A221-1C115CAADDAD}" = QuickTime
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AADEA55D-C834-4BCB-98A3-4B8D1C18F4EE}" = Apple Mobile Device Support
"{AC76BA86-7AD7-1036-7B44-A81200000003}" = Adobe Reader 8.1.2 - Français
"{B29AD377-CC12-490A-A480-1452337C618D}" = Connect
"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0
"{B3D8B2F8-3C2C-45BC-933E-8B60E78F6684}" = Google SketchUp 6
"{B607C354-CD79-4D22-86D1-92DC94153F42}" = Apple Application Support
"{B73CFB12-C814-4638-AFFD-7E3AAFAF0B4E}" = Adobe BridgeTalk Plugin CS3
"{BB4E33EC-8181-4685-96F7-8554293DEC6A}" = Adobe Output Module
"{BE136F60-5D0F-4663-8B32-938A3EFD3FCB}" = Adobe Setup
"{BE5F3842-8309-4754-92D5-83E02E6077A3}" = Adobe Extension Manager CS3
"{C1FA4B3B-1625-4922-9C9D-780E8FCE161A}" = Adobe Photoshop CS3
"{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}" = Adobe ExtendScript Toolkit 2
"{C52E3EC1-048C-45E1-8D53-10B0C6509683}" = Adobe Default Language CS4
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"{C5BD220A-EFE8-48A5-B70E-9503D535FACE}" = Adobe WAS CS3
"{CA1CA5F8-7500-45C5-9D4C-47D13FBC92D2}" = Adobe Setup
"{CC75AB5C-2110-4A7F-AF52-708680D22FE8}" = Photoshop Camera Raw
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D1A74FBB-CA8D-4CCA-9B89-BAAA436DB178}" = iTunes
"{D1E5870E-E3E5-4475-98A6-ADD614524ADF}" = ATK Media
"{D3D54F3E-C5C3-443D-978F-87A72E5616E8}" = ATK Generic Function Service
"{DE10AB76-4756-4913-BE25-55D1C1051F9A}" = WinFlash
"{E5FCED12-3E77-4C0E-A305-5AEB38A52A70}" = AdobeColorCommonSetCMYK
"{E657B243-9AD4-4ECC-BE81-4CCF8D667FD0}" = ASUS Live Update
"{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3
"{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}" = ASUS Virtual Camera
"{F0E64E2E-3A60-40D8-A55D-92F6831875DA}" = Adobe Search for Help
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F7B0939E-58DF-11DF-B3A6-005056806466}" = Google Earth
"{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}" = Adobe ExtendScript Toolkit CS4
"{F93C84A6-0DC6-42AF-89FA-776F7C377353}" = Adobe PDF Library Files CS4
"{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}" = Adobe Fonts All
"{FF29A7E2-FF40-4D07-B7E4-2093DE59E10A}" = Adobe Color NA Extra Settings
"8461-7759-5462-8226" = Vuze
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe_1710d324011afc3e7658e969025f4ba" = Adobe InDesign CS4
"Adobe_e7f691c6f2bf7b70c25ea19f3d73b6e" = Ajouter ou supprimer Adobe Creative Suite 3 Web Premium
"Ask Toolbar_is1" = Vuze Toolbar
"ASUS_Notebook_N50" = ASUS_Notebook_N50 Screen Saver
"AutoCAD 2008 - Français" = AutoCAD 2008 - Français
"AutoCAD Architecture 2008 - Français" = AutoCAD Architecture 2008 - Français
"avast5" = avast! Free Antivirus
"BearShare MediaBar" = MediaBar 2.0
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"DAEMON Tools Toolbar" = DAEMON Tools Toolbar
"Google Chrome" = Google Chrome
"Google Desktop" = Google Desktop
"Google Updater" = Outil de mise à jour Google
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"InstallShield_{63415CB1-3C97-4D9C-980D-336710EB0526}" = Age of Empires III - The Asian Dynasties Trial
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"NVIDIA Drivers" = NVIDIA Drivers
"PDFCreator Toolbar" = PDFCreator Toolbar
"Picasa 3" = Picasa 3
"PROHYBRIDR" = 2007 Microsoft Office system
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"USB 2.0 2.0M UVC WebCam" = USB 2.0 2.0M UVC WebCam
"vdkzhx" = Favorit
"VLC media player" = VLC media player 1.0.5
"WinRAR archiver" = Archiveur WinRAR
 
[color=#E56717]========== HKEY_USERS Uninstall List ==========[/color]
 
[HKEY_USERS\S-1-5-21-756219789-2391649786-1416619542-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Antimalware Doctor" = Antimalware Doctor
 
[color=#E56717]========== Last 10 Event Log Errors ==========[/color]
 
[ Application Events ]
Error - 26/05/2010 00:26:05 | Computer Name = PC-de-Loulou | Source = Google Update | ID = 20
Description =
 
Error - 26/05/2010 00:33:00 | Computer Name = PC-de-Loulou | Source = WinMgmt | ID = 10
Description =
 
Error - 26/05/2010 11:31:30 | Computer Name = PC-de-Loulou | Source = Windows Search Service | ID = 3013
Description =
 
Error - 26/05/2010 22:26:05 | Computer Name = PC-de-Loulou | Source = Google Update | ID = 20
Description =
 
Error - 26/05/2010 23:26:05 | Computer Name = PC-de-Loulou | Source = Google Update | ID = 20
Description =
 
Error - 26/05/2010 23:35:53 | Computer Name = PC-de-Loulou | Source = WinMgmt | ID = 10
Description =
 
Error - 27/05/2010 12:27:37 | Computer Name = PC-de-Loulou | Source = Google Update | ID = 20
Description =
 
Error - 28/05/2010 01:22:30 | Computer Name = PC-de-Loulou | Source = Application Error | ID = 1000
Description = Application défaillante Illustrator.exe, version 13.0.128.0, horodatage
 0x45fa64db, module défaillant Illustrator.exe, version 13.0.128.0, horodatage 0x45fa64db,
 code d’exception 0xc0000005, décalage d’erreur 0x0049d323,  ID du processus 0x950,
 heure de début de l’application 0x01cafe2428f6d800.
 
Error - 28/05/2010 01:34:08 | Computer Name = PC-de-Loulou | Source = Application Error | ID = 1000
Description = Application défaillante Illustrator.exe, version 13.0.128.0, horodatage
 0x45fa64db, module défaillant Illustrator.exe, version 13.0.128.0, horodatage 0x45fa64db,
 code d’exception 0xc0000005, décalage d’erreur 0x0057af5b,  ID du processus 0x16b8,
 heure de début de l’application 0x01cafe260f6593c0.
 
Error - 29/05/2010 11:58:49 | Computer Name = PC-de-Loulou | Source = WinMgmt | ID = 10
Description =
 
 
[color=#E56717]========== Last 10 Event Log Errors ==========[/color]
 
Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!
 
< End of report >
bob35
Sous Expert(e)
Sous Expert(e)
 
Messages: 59
Inscription: 08 Juin 2010 00:48
 

Re: antimalware doctor

Message le 08 Juin 2010 18:05

Rapport OTL



Code: Tout sélectionner
OTL logfile created on: 08/06/2010 18:25:56 - Run 1
OTL by OldTimer - Version 3.2.5.3     Folder = C:\Users\Loulou\Desktop
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy
 
3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 55,00% Memory free
6,00 Gb Paging File | 5,00 Gb Available in Paging File | 77,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 149,04 Gb Total Space | 13,95 Gb Free Space | 9,36% Space Free | Partition Type: NTFS
Drive D: | 139,28 Gb Total Space | 68,72 Gb Free Space | 49,34% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
Drive G: | 3,84 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive H: | 973,17 Mb Total Space | 510,89 Mb Free Space | 52,50% Space Free | Partition Type: FAT
I: Drive not present or media not loaded
 
Computer Name: PC-DE-LOULOU
Current User Name: Loulou
Logged in as Administrator.
 
Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
 
[color=#E56717]========== Processes (SafeList) ==========[/color]
 
PRC - C:\Users\Loulou\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Users\Loulou\gckcomka.exe ()
PRC - C:\Users\Loulou\AppData\Roaming\CBE3FBC7AC5FADF7B4C95F3071F95353\setupupdater0000.exe (MS)
PRC - C:\Users\Loulou\AppData\Local\vdkzhx.exe (listé)
PRC - C:\Program Files\Alwil Software\Avast5\AvastUI.exe (ALWIL Software)
PRC - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (ALWIL Software)
PRC - C:\Program Files\AskBarDis\bar\bin\ASKUpgrade.exe ()
PRC - C:\Program Files\AskBarDis\bar\bin\AskService.exe ()
PRC - C:\Windows\AsScrPro.exe (ASUS)
PRC - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\P4G\BatteryLife.exe (ATK)
PRC - C:\Program Files\Protector Suite QL\upeksvr.exe (UPEK Inc.)
PRC - C:\Program Files\Protector Suite QL\psqltray.exe (UPEK Inc.)
PRC - C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe (Broadcom Corporation.)
PRC - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
PRC - C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
PRC - C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe (CyberLink)
PRC - C:\Program Files\ASUS\ATKOSD2\ATKOSD2.exe (ASUS)
PRC - C:\Program Files\ASUS\ATK Hotkey\HControl.exe (ASUS)
PRC - C:\Program Files\ASUS\ATK Media\DMedia.exe (ASUS)
PRC - C:\Program Files\ASUS\ATK Hotkey\ATKOSD.exe (ASUS)
PRC - C:\Program Files\ASUS\ASUS CopyProtect\aspg.exe (ASUS)
PRC - C:\Program Files\ASUS\SmartLogon\sensorsrv.exe (ASUS)
PRC - C:\Program Files\ASUS\Splendid\ACMON.exe (ATK)
PRC - C:\Program Files\ASUS\ATK Hotkey\WDC.exe ()
PRC - C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
PRC - C:\Program Files\ASUS\ATK Hotkey\HControlUser.exe ()
PRC - C:\Program Files\ASUS\ASUS Live Update\ALU.exe ()
PRC - C:\Program Files\ASUS\ATK Hotkey\MsgTranAgt.exe ()
PRC - C:\Program Files\ASUS\ATK Hotkey\ASLDRSrv.exe ()
PRC - C:\Program Files\ASUS\ATK Hotkey\KBFiltr.exe ()
PRC - C:\Program Files\ATKGFNEX\GFNEXSrv.exe ()
PRC - C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe ()
PRC - C:\Program Files\Wireless Console 2\wcourier.exe ()
PRC - C:\Program Files\Adobe\Reader 8.0\Reader\AcroRd32.exe (Adobe Systems Incorporated)
PRC - C:\Windows\System32\ACEngSvr.exe (ASUSTeK)
 
 
[color=#E56717]========== Modules (SafeList) ==========[/color]
 
MOD - C:\Users\Loulou\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\Windows\System32\msscript.ocx (Microsoft Corporation)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll (Microsoft Corporation)
 
 
[color=#E56717]========== Win32 Services (SafeList) ==========[/color]
 
SRV - (avast! Web Scanner) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (ALWIL Software)
SRV - (avast! Mail Scanner) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (ALWIL Software)
SRV - (avast! Antivirus) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (ALWIL Software)
SRV - (GoogleDesktopManager-093009-130223) -- C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (Google)
SRV - (FLEXnet Licensing Service) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Acresso Software Inc.)
SRV - (ASKUpgrade) -- C:\Program Files\AskBarDis\bar\bin\ASKUpgrade.exe ()
SRV - (ASKService) -- C:\Program Files\AskBarDis\bar\bin\AskService.exe ()
SRV - (Autodesk Licensing Service) -- C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe (Autodesk)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SRV - (ASLDRService) -- C:\Program Files\ASUS\ATK Hotkey\ASLDRSrv.exe ()
SRV - (ATKGFNEXSrv) -- C:\Program Files\ATKGFNEX\GFNEXSrv.exe ()
SRV - (spmgr) -- C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe ()
 
 
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
 
DRV - (atksgt) -- C:\Windows\System32\drivers\atksgt.sys ()
DRV - (lirsgt) -- C:\Windows\System32\drivers\lirsgt.sys ()
DRV - (aswTdi) -- C:\Windows\System32\drivers\aswTdi.sys (ALWIL Software)
DRV - (aswSP) -- C:\Windows\System32\drivers\aswSP.sys (ALWIL Software)
DRV - (aswRdr) -- C:\Windows\System32\drivers\aswRdr.sys (ALWIL Software)
DRV - (aswMonFlt) -- C:\Windows\System32\drivers\aswMonFlt.sys (ALWIL Software)
DRV - (aswFsBlk) -- C:\Windows\System32\drivers\aswFsBlk.sys (ALWIL Software)
DRV - (sptd) -- C:\Windows\System32\drivers\sptd.sys (Duplex Secure Ltd.)
DRV - (adfs) -- C:\Windows\System32\drivers\adfs.sys (Adobe Systems, Inc.)
DRV - (RTL8169) -- C:\Windows\System32\drivers\Rtlh86.sys (Realtek Corporation                                            )
DRV - (TcUsb) -- C:\Windows\System32\drivers\tcusb.sys (UPEK Inc.)
DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\Windows\System32\drivers\RTKVHDA.sys (Realtek Semiconductor Corp.)
DRV - (btwaudio) -- C:\Windows\System32\drivers\btwaudio.sys (Broadcom Corporation.)
DRV - (NVHDA) -- C:\Windows\System32\drivers\nvhda32v.sys (NVIDIA Corporation)
DRV - (kbfiltr) -- C:\Windows\System32\drivers\kbfiltr.sys ( )
DRV - (lullaby) -- C:\Windows\system32\DRIVERS\lullaby.sys (Windows (R) Codename Longhorn DDK provider)
DRV - (btwrchid) -- C:\Windows\System32\drivers\btwrchid.sys (Broadcom Corporation.)
DRV - (btwavdt) -- C:\Windows\System32\drivers\btwavdt.sys (Broadcom Corporation.)
DRV - (iaStor) -- C:\Windows\system32\DRIVERS\iaStor.sys (Intel Corporation)
DRV - (athr) -- C:\Windows\System32\drivers\athr.sys (Atheros Communications, Inc.)
DRV - (SNP2UVC) USB2.0 PC Camera (SNP2UVC) -- C:\Windows\System32\drivers\snp2uvc.sys ()
DRV - (rimmptsk) -- C:\Windows\System32\drivers\rimmptsk.sys (REDC)
DRV - (btwl2cap) -- C:\Windows\System32\drivers\btwl2cap.sys (Broadcom Corporation.)
DRV - (MegaSR) -- C:\Windows\system32\drivers\megasr.sys (LSI Corporation, Inc.)
DRV - (adpu320) -- C:\Windows\system32\drivers\adpu320.sys (Adaptec, Inc.)
DRV - (megasas) -- C:\Windows\system32\drivers\megasas.sys (LSI Corporation)
DRV - (adpu160m) -- C:\Windows\system32\drivers\adpu160m.sys (Adaptec, Inc.)
DRV - (SiSRaid4) -- C:\Windows\system32\drivers\sisraid4.sys (Silicon Integrated Systems)
DRV - (HpCISSs) -- C:\Windows\system32\drivers\hpcisss.sys (Hewlett-Packard Company)
DRV - (adpahci) -- C:\Windows\system32\drivers\adpahci.sys (Adaptec, Inc.)
DRV - (LSI_SAS) -- C:\Windows\system32\drivers\lsi_sas.sys (LSI Logic)
DRV - (ql2300) -- C:\Windows\system32\drivers\ql2300.sys (QLogic Corporation)
DRV - (E1G60) Intel(R) -- C:\Windows\System32\drivers\E1G60I32.sys (Intel Corporation)
DRV - (arcsas) -- C:\Windows\system32\drivers\arcsas.sys (Adaptec, Inc.)
DRV - (iaStorV) -- C:\Windows\system32\drivers\iastorv.sys (Intel Corporation)
DRV - (vsmraid) -- C:\Windows\system32\drivers\vsmraid.sys (VIA Technologies Inc.,Ltd)
DRV - (ulsata2) -- C:\Windows\system32\drivers\ulsata2.sys (Promise Technology, Inc.)
DRV - (LSI_SCSI) -- C:\Windows\system32\drivers\lsi_scsi.sys (LSI Logic)
DRV - (LSI_FC) -- C:\Windows\system32\drivers\lsi_fc.sys (LSI Logic)
DRV - (arc) -- C:\Windows\system32\drivers\arc.sys (Adaptec, Inc.)
DRV - (elxstor) -- C:\Windows\system32\drivers\elxstor.sys (Emulex)
DRV - (adp94xx) -- C:\Windows\system32\drivers\adp94xx.sys (Adaptec, Inc.)
DRV - (nvraid) -- C:\Windows\system32\drivers\nvraid.sys (NVIDIA Corporation)
DRV - (nvstor) -- C:\Windows\system32\drivers\nvstor.sys (NVIDIA Corporation)
DRV - (uliahci) -- C:\Windows\system32\drivers\uliahci.sys (ULi Electronics Inc.)
DRV - (viaide) -- C:\Windows\system32\drivers\viaide.sys (VIA Technologies, Inc.)
DRV - (cmdide) -- C:\Windows\system32\drivers\cmdide.sys (CMD Technology, Inc.)
DRV - (aliide) -- C:\Windows\system32\drivers\aliide.sys (Acer Laboratories Inc.)
DRV - (SynTP) -- C:\Windows\System32\drivers\SynTP.sys (Synaptics, Inc.)
DRV - (ghaio) -- C:\Program Files\ASUS\NB Probe\SPM\ghaio.sys ()
DRV - (rismxdp) -- C:\Windows\System32\drivers\rixdptsk.sys (REDC)
DRV - (rimsptsk) -- C:\Windows\System32\drivers\rimsptsk.sys (REDC)
DRV - (ASMMAP) -- C:\Program Files\ATKGFNEX\ASMMAP.sys ()
DRV - (MTsensor) -- C:\Windows\System32\drivers\ATKACPI.sys (ATK0100)
DRV - (ql40xx) -- C:\Windows\system32\drivers\ql40xx.sys (QLogic Corporation)
DRV - (UlSata) -- C:\Windows\system32\drivers\ulsata.sys (Promise Technology, Inc.)
DRV - (nfrd960) -- C:\Windows\system32\drivers\nfrd960.sys (IBM Corporation)
DRV - (iirsp) -- C:\Windows\system32\drivers\iirsp.sys (Intel Corp./ICP vortex GmbH)
DRV - (aic78xx) -- C:\Windows\system32\drivers\djsvs.sys (Adaptec, Inc.)
DRV - (iteraid) -- C:\Windows\system32\drivers\iteraid.sys (Integrated Technology Express, Inc.)
DRV - (iteatapi) -- C:\Windows\system32\drivers\iteatapi.sys (Integrated Technology Express, Inc.)
DRV - (Symc8xx) -- C:\Windows\system32\drivers\symc8xx.sys (LSI Logic)
DRV - (Sym_u3) -- C:\Windows\system32\drivers\sym_u3.sys (LSI Logic)
DRV - (Mraid35x) -- C:\Windows\system32\drivers\mraid35x.sys (LSI Logic Corporation)
DRV - (Sym_hi) -- C:\Windows\system32\drivers\sym_hi.sys (LSI Logic)
DRV - (Brserid) Brother MFC Serial Port Interface Driver (WDM) -- C:\Windows\system32\drivers\brserid.sys (Brother Industries Ltd.)
DRV - (BrUsbSer) -- C:\Windows\system32\drivers\brusbser.sys (Brother Industries Ltd.)
DRV - (BrFiltUp) -- C:\Windows\system32\drivers\brfiltup.sys (Brother Industries, Ltd.)
DRV - (BrFiltLo) -- C:\Windows\system32\drivers\brfiltlo.sys (Brother Industries, Ltd.)
DRV - (BrSerWdm) -- C:\Windows\system32\drivers\brserwdm.sys (Brother Industries Ltd.)
DRV - (BrUsbMdm) -- C:\Windows\system32\drivers\brusbmdm.sys (Brother Industries Ltd.)
DRV - (smserial) -- C:\Windows\System32\drivers\smserial.sys (Motorola Inc.)
DRV - (ntrigdigi) -- C:\Windows\system32\drivers\ntrigdigi.sys (N-trig Innovative Technologies)
DRV - (yukonwlh) -- C:\Windows\System32\drivers\yk60x86.sys (Marvell)
 
 
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== Internet Explorer ==========[/color]
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/redirectdomain?brand=ASUS&bmod=ASUS
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ig/redirectdomain?brand=ASUS&bmod=ASUS
 
 
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/redirectdomain?brand=ASUS&bmod=ASUS
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ig/redirectdomain?brand=ASUS&bmod=ASUS
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/redirectdomain?brand=ASUS&bmod=ASUS
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ig/redirectdomain?brand=ASUS&bmod=ASUS
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\S-1-5-21-756219789-2391649786-1416619542-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/redirectdomain?brand=ASUS&bmod=ASUS
IE - HKU\S-1-5-21-756219789-2391649786-1416619542-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\S-1-5-21-756219789-2391649786-1416619542-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
IE - HKU\S-1-5-21-756219789-2391649786-1416619542-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-756219789-2391649786-1416619542-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKU\S-1-5-21-756219789-2391649786-1416619542-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
IE - HKU\S-1-5-21-756219789-2391649786-1416619542-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:64921
 
 
[2009/02/21 14:43:11 | 000,000,000 | ---D | M] -- C:\Users\Loulou\AppData\Roaming\mozilla\Extensions
[2009/02/21 14:43:11 | 000,000,000 | ---D | M] -- C:\Users\Loulou\AppData\Roaming\mozilla\Extensions\mozswing@mozswing.org
[2009/10/06 17:04:14 | 000,000,000 | ---D | M] -- C:\Users\Loulou\AppData\Roaming\mozilla\Firefox\extensions
[2009/10/06 17:04:14 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Loulou\AppData\Roaming\mozilla\Firefox\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}
 
O1 HOSTS File: ([2006/09/18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1             localhost
O2 - BHO: (Aide pour le lien d'Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (AskBar BHO) - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll File not found
O2 - BHO: (UrlHelper Class) - {74322BF9-DF26-493f-B0DA-6D2FC5E6429E} - C:\Program Files\BearShare Applications\BearShare MediaBar\BearShareIEHelper.dll File not found
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll (Google Inc.)
O2 - BHO: (PDFCreator Toolbar Helper) - {C451C08A-EC37-45DF-AAAD-18B51AB5E837} - C:\Program Files\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll File not found
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll File not found
O3 - HKLM\..\Toolbar: (PDFCreator Toolbar) - {31CF9EBE-5755-4A1D-AC25-2834D952D9B4} - C:\Program Files\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll File not found
O3 - HKLM\..\Toolbar: (BearShare MediaBar) - {D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A} - C:\Program Files\BearShare Applications\BearShare MediaBar\BearShareMediaBar.dll File not found
O3 - HKU\S-1-5-21-756219789-2391649786-1416619542-1000\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKU\S-1-5-21-756219789-2391649786-1416619542-1000\..\Toolbar\WebBrowser: (PDFCreator Toolbar) - {31CF9EBE-5755-4A1D-AC25-2834D952D9B4} - C:\Program Files\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll File not found
O3 - HKU\S-1-5-21-756219789-2391649786-1416619542-1000\..\Toolbar\WebBrowser: (BearShare MediaBar) - {D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A} - C:\Program Files\BearShare Applications\BearShare MediaBar\BearShareMediaBar.dll File not found
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeCS4ServiceManager] C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe (Apple Inc.)
O4 - HKLM..\Run: [ASUS Screen Saver Protector] C:\Windows\AsScrPro.exe (ASUS)
O4 - HKLM..\Run: [ATKMEDIA] C:\Program Files\ASUS\ATK Media\DMedia.exe (ASUS)
O4 - HKLM..\Run: [ATKOSD2] C:\Program Files\ASUS\ATKOSD2\ATKOSD2.exe (ASUS)
O4 - HKLM..\Run: [avast5] C:\Programmes\Alwil Software\Avast5\AvastUI.exe File not found
O4 - HKLM..\Run: [CLMLServer] C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe (CyberLink)
O4 - HKLM..\Run: [Google Desktop Search] C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (Google)
O4 - HKLM..\Run: [HControlUser] C:\Program Files\ASUS\ATK Hotkey\HControlUser.exe ()
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [P2Go_Menu] C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [PSQLLauncher] C:\Program Files\Protector Suite QL\launcher.exe (UPEK Inc.)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-756219789-2391649786-1416619542-1000..\Run: [AdobeUpdater] C:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater.exe (Adobe Systems Incorporated)
O4 - HKU\S-1-5-21-756219789-2391649786-1416619542-1000..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\daemon.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-756219789-2391649786-1416619542-1000..\Run: [gckcomka] C:\Users\Loulou\gckcomka.exe ()
O4 - HKU\S-1-5-21-756219789-2391649786-1416619542-1000..\Run: [Halo2] C:\Users\Loulou\AppData\Local\Temp\sshnas21.DLL ()
O4 - HKU\S-1-5-21-756219789-2391649786-1416619542-1000..\Run: [M5T8QL3YW3] C:\Users\Loulou\AppData\Local\Temp\Ck1.exe File not found
O4 - HKU\S-1-5-21-756219789-2391649786-1416619542-1000..\Run: [setupupdater0000.exe] C:\Users\Loulou\AppData\Roaming\CBE3FBC7AC5FADF7B4C95F3071F95353\setupupdater0000.exe (MS)
O4 - HKU\S-1-5-21-756219789-2391649786-1416619542-1000..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - HKU\S-1-5-21-756219789-2391649786-1416619542-1000..\Run: [vdkzhx] c:\users\loulou\appdata\local\vdkzhx.exe (listé)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableCAD = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll (Google Inc.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-756219789-2391649786-1416619542-1000\..Trusted Domains: localhost ([]http in Local intranet)
O15 - HKU\S-1-5-21-756219789-2391649786-1416619542-1000\..Trusted Ranges: GD ([http] in Local intranet)
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} http://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.4.8.cab (DLM Control)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL) - C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL (Google)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: GinaDLL - (vrlogon.dll) - C:\Windows\System32\vrlogon.dll (UPEK Inc.)
O20 - Winlogon\Notify\psfus: DllName - C:\Windows\system32\psqlpwd.dll - C:\Windows\System32\psqlpwd.dll (UPEK Inc.)
O24 - Desktop WallPaper: C:\Users\Loulou\AppData\Roaming\Microsoft\Windows Photo Gallery\Papier peint de la Galerie de photos Windows.jpg
O24 - Desktop BackupWallPaper: C:\Users\Loulou\AppData\Roaming\Microsoft\Windows Photo Gallery\Papier peint de la Galerie de photos Windows.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2005/06/27 15:16:56 | 000,000,145 | R--- | M] () - G:\autorun.inf -- [ CDFS ]
O33 - MountPoints2\{0cf685bc-657f-11de-a555-002243c1836f}\Shell\AutoRun\command - "" = F:\w.com -- File not found
O33 - MountPoints2\{0cf685bc-657f-11de-a555-002243c1836f}\Shell\open\Command - "" = F:\w.com -- File not found
O33 - MountPoints2\{1b1018e4-21fa-11df-94f9-002243c1836f}\Shell - "" = AutoRun
O33 - MountPoints2\{1b1018e4-21fa-11df-94f9-002243c1836f}\Shell\AutoRun\command - "" = G:\LaunchU3.exe -- [2005/10/11 13:58:51 | 000,921,600 | R--- | M] ()
O33 - MountPoints2\{45f6338b-e663-11dd-b181-002243c1836f}\Shell\AutoRun\command - "" = F:\r8wb.bat -- File not found
O33 - MountPoints2\{45f6338b-e663-11dd-b181-002243c1836f}\Shell\explore\Command - "" = F:\r8wb.bat -- File not found
O33 - MountPoints2\{45f6338b-e663-11dd-b181-002243c1836f}\Shell\open\Command - "" = F:\r8wb.bat -- File not found
O33 - MountPoints2\{506920c3-b67c-11de-9603-002243c1836f}\Shell - "" = AutoRun
O33 - MountPoints2\{506920c3-b67c-11de-9603-002243c1836f}\Shell\AutoRun\command - "" = F:\Autorun.exe -- File not found
O33 - MountPoints2\{5d8aec2f-eedc-11dd-b419-002243c1836f}\Shell\AutoRun\command - "" = H:\PMB_P.exe -- File not found
O33 - MountPoints2\{5fb244c8-b737-11de-8d04-002243c1836f}\Shell\AutoRun\command - "" = G:\3.cmd -- File not found
O33 - MountPoints2\{5fb244c8-b737-11de-8d04-002243c1836f}\Shell\open\Command - "" = G:\3.cmd -- File not found
O33 - MountPoints2\{67ad6947-b1cc-11de-98bc-002243c1836f}\Shell - "" = AutoRun
O33 - MountPoints2\{67ad6947-b1cc-11de-98bc-002243c1836f}\Shell\AutoRun\command - "" = G:\LaunchU3.exe -- [2005/10/11 13:58:51 | 000,921,600 | R--- | M] ()
O33 - MountPoints2\{825ebf27-5757-11de-aa6e-002243c1836f}\Shell - "" = AutoRun
O33 - MountPoints2\{825ebf27-5757-11de-aa6e-002243c1836f}\Shell\AutoRun\command - "" = H:\LaunchU3.exe -- [2005/10/11 12:58:52 | 000,921,600 | R--- | M] ()
O33 - MountPoints2\{8c0eb082-50de-11de-9f52-002243c1836f}\Shell\AutoRun\command - "" = q9.cmd
O33 - MountPoints2\{8c0eb082-50de-11de-9f52-002243c1836f}\Shell\open\Command - "" = q9.cmd
O33 - MountPoints2\{915f997f-e1e0-11dd-8416-002243c1836f}\Shell\AutoRun\command - "" = G:\ -- File not found
O33 - MountPoints2\{915f997f-e1e0-11dd-8416-002243c1836f}\Shell\open\command - "" = JOVANA/pojatar.exe
O33 - MountPoints2\{f4d184c0-ae91-11de-b062-002243c1836f}\Shell - "" = AutoRun
O33 - MountPoints2\{f4d184c0-ae91-11de-b062-002243c1836f}\Shell\AutoRun\command - "" = G:\laucher.exe -- File not found
O33 - MountPoints2\{f5ac4de2-bf2e-11de-ab2e-002243c1836f}\Shell\AutoRun\command - "" = G:\ZRNO\\soli.exe -- File not found
O33 - MountPoints2\{f5ac4de2-bf2e-11de-ab2e-002243c1836f}\Shell\open\command - "" = G:\ZRNO\\soli.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
NetSvcs: FastUserSwitchingCompatibility -  File not found
NetSvcs: Ias - C:\Windows\System32\ias [2008/01/21 04:34:27 | 000,000,000 | ---D | M]
NetSvcs: Nla -  File not found
NetSvcs: Ntmssvc -  File not found
NetSvcs: NWCWorkstation -  File not found
NetSvcs: Nwsapagent -  File not found
NetSvcs: SRService -  File not found
NetSvcs: Wmi - C:\Windows\System32\wmi.dll (Microsoft Corporation)
NetSvcs: WmdmPmSp -  File not found
NetSvcs: LogonHours -  File not found
NetSvcs: PCAudit -  File not found
NetSvcs: helpsvc -  File not found
NetSvcs: uploadmgr -  File not found
 
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
 
[2010/06/08 18:14:24 | 000,571,904 | ---- | C] (OldTimer Tools) -- C:\Users\Loulou\Desktop\OTL.exe
[2010/06/08 03:47:57 | 000,000,000 | --SD | C] -- C:\ComboFix
[2010/06/08 03:47:41 | 000,212,480 | ---- | C] (SteelWerX) -- C:\Windows\SWXCACLS.exe
[2010/06/08 01:28:51 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2010/06/08 01:28:51 | 000,000,000 | ---D | C] -- C:\rsit
[2010/06/08 00:45:36 | 000,161,792 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2010/06/08 00:45:36 | 000,136,704 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2010/06/08 00:45:36 | 000,031,232 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2010/06/08 00:45:22 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2010/06/08 00:43:14 | 000,000,000 | ---D | C] -- C:\Qoobox
[2010/06/08 00:32:31 | 036,597,872 | ---- | C] (PC Tools                                                    ) -- C:\Users\Loulou\Desktop\sdsetup_aff.exe
[2010/06/08 00:00:00 | 000,164,048 | ---- | C] (ALWIL Software) -- C:\Windows\System32\drivers\aswSP.sys
[2010/06/08 00:00:00 | 000,019,024 | ---- | C] (ALWIL Software) -- C:\Windows\System32\drivers\aswFsBlk.sys
[2010/06/07 23:59:59 | 000,051,792 | ---- | C] (ALWIL Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
[2010/06/07 23:59:59 | 000,046,672 | ---- | C] (ALWIL Software) -- C:\Windows\System32\drivers\aswTdi.sys
[2010/06/07 23:59:59 | 000,023,376 | ---- | C] (ALWIL Software) -- C:\Windows\System32\drivers\aswRdr.sys
[2010/06/07 23:59:36 | 000,165,032 | ---- | C] (ALWIL Software) -- C:\Windows\System32\aswBoot.exe
[2010/06/07 23:59:36 | 000,038,848 | ---- | C] (ALWIL Software) -- C:\Windows\System32\avastSS.scr
[2010/06/07 22:43:29 | 000,000,000 | ---D | C] -- C:\Users\Loulou\AppData\Roaming\CBE3FBC7AC5FADF7B4C95F3071F95353
[2010/06/07 19:01:18 | 000,507,904 | ---- | C] (listé) -- C:\Users\Loulou\AppData\Local\vdkzhx.exe
[2010/06/06 16:56:36 | 000,000,000 | ---D | C] -- C:\Users\Loulou\Desktop\Bxl - Mecanique des Sols
[2010/06/03 00:32:07 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2010/06/03 00:32:06 | 000,000,000 | R--D | C] -- C:\Program Files\Skype
[2010/06/01 16:22:36 | 000,000,000 | ---D | C] -- C:\ProgramData\WindowsSearch
[2010/05/31 04:40:20 | 000,000,000 | ---D | C] -- C:\Users\Loulou\Documents\Anno 1404
[2010/05/31 04:01:01 | 000,000,000 | ---D | C] -- C:\Users\Loulou\AppData\Roaming\Ubisoft
[2010/05/31 03:46:30 | 004,178,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_41.dll
[2010/05/31 03:46:30 | 001,846,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_41.dll
[2010/05/31 03:46:30 | 000,517,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_4.dll
[2010/05/31 03:46:30 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_41.dll
[2010/05/31 03:46:30 | 000,069,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_3.dll
[2010/05/31 03:46:29 | 000,235,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_4.dll
[2010/05/31 03:46:28 | 002,036,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_40.dll
[2010/05/31 03:46:28 | 000,452,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_40.dll
[2010/05/31 03:46:28 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_6.dll
[2010/05/31 03:46:27 | 004,379,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_40.dll
[2010/05/31 03:46:27 | 000,514,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_3.dll
[2010/05/31 03:46:27 | 000,070,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_2.dll
[2010/05/31 03:46:26 | 000,509,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_2.dll
[2010/05/31 03:46:26 | 000,235,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_3.dll
[2010/05/31 03:46:26 | 000,068,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_1.dll
[2010/05/31 03:46:26 | 000,023,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_5.dll
[2010/05/31 03:46:25 | 003,851,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_39.dll
[2010/05/31 03:46:25 | 001,493,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_39.dll
[2010/05/31 03:46:25 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_39.dll
[2010/05/31 03:46:25 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_2.dll
[2010/05/31 03:46:24 | 001,491,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_38.dll
[2010/05/31 03:46:24 | 000,507,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_1.dll
[2010/05/31 03:46:24 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_38.dll
[2010/05/31 03:46:24 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_1.dll
[2010/05/31 03:46:24 | 000,065,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_0.dll
[2010/05/31 03:46:24 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_4.dll
[2010/05/31 03:46:23 | 003,850,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_38.dll
[2010/05/31 03:46:23 | 000,479,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_0.dll
[2010/05/31 03:46:23 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_0.dll
[2010/05/31 03:46:22 | 001,420,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_37.dll
[2010/05/31 03:46:22 | 000,462,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_37.dll
[2010/05/31 03:46:22 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_3.dll
[2010/05/31 03:46:21 | 003,786,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_37.dll
[2010/05/31 03:46:20 | 000,267,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_10.dll
[2010/05/31 03:46:19 | 003,734,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_36.dll
[2010/05/31 03:46:19 | 001,374,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_36.dll
[2010/05/31 03:46:19 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_36.dll
[2010/05/31 03:46:17 | 000,267,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_9.dll
[2010/05/31 03:46:16 | 003,727,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_35.dll
[2010/05/31 03:46:16 | 001,358,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_35.dll
[2010/05/31 03:46:16 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_35.dll
[2010/05/31 03:46:16 | 000,266,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_8.dll
[2010/05/31 03:46:16 | 000,017,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_2.dll
[2010/05/31 03:46:15 | 003,497,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_34.dll
[2010/05/31 03:46:15 | 001,124,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_34.dll
[2010/05/31 03:46:15 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_34.dll
[2010/05/31 03:46:14 | 000,081,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xinput1_3.dll
[2010/05/31 03:46:13 | 003,495,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_33.dll
[2010/05/31 03:46:13 | 001,123,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_33.dll
[2010/05/31 03:46:13 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_33.dll
[2010/05/31 03:46:13 | 000,261,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_7.dll
[2010/05/31 03:46:12 | 000,255,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_6.dll
[2010/05/31 03:46:11 | 000,251,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_5.dll
[2010/05/31 03:46:10 | 003,426,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_32.dll
[2010/05/31 03:46:10 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_31.dll
[2010/05/31 03:46:10 | 000,440,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10.dll
[2010/05/31 03:46:10 | 000,237,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_4.dll
[2010/05/31 03:46:10 | 000,015,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\x3daudio1_1.dll
[2010/05/31 03:46:09 | 000,236,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_3.dll
[2010/05/31 03:46:09 | 000,230,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_2.dll
[2010/05/31 03:46:09 | 000,062,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xinput1_2.dll
[2010/05/31 03:46:09 | 000,062,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xinput1_1.dll
[2010/05/31 03:46:08 | 000,229,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_1.dll
[2010/05/31 03:45:53 | 002,332,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_29.dll
[2010/05/31 03:45:53 | 000,230,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_0.dll
[2010/05/31 03:45:53 | 000,014,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\x3daudio1_0.dll
[2010/05/31 03:36:15 | 000,000,000 | ---D | C] -- C:\Program Files\Ubisoft
[2010/05/31 03:35:06 | 000,000,000 | ---D | C] -- C:\Program Files\DAEMON Tools Toolbar
[2010/05/31 03:35:04 | 000,000,000 | ---D | C] -- C:\Program Files\DAEMON Tools Lite
[2010/05/31 01:56:19 | 000,000,000 | ---D | C] -- C:\Users\Loulou\AppData\Roaming\vlc
[2010/05/31 01:52:57 | 000,000,000 | ---D | C] -- C:\Users\Loulou\Documents\Nouveau dossier
[2010/05/30 19:49:05 | 002,323,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_28.dll
[2010/05/30 19:49:05 | 002,319,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_27.dll
[2010/05/30 19:49:02 | 002,222,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_24.dll
[2010/05/30 15:07:46 | 000,000,000 | ---D | C] -- C:\Users\Loulou\AppData\Roaming\PCF-VLC
[2010/05/30 15:06:17 | 000,000,000 | ---D | C] -- C:\Users\Loulou\Documents\Azureus Downloads
[2010/05/30 14:10:02 | 000,000,000 | ---D | C] -- C:\Users\Loulou\AppData\Roaming\Participatory Culture Foundation
[2010/05/25 20:22:54 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2010/05/25 14:41:13 | 000,000,000 | ---D | C] -- C:\Users\Loulou\Desktop\DPP Feria
[2010/05/13 21:58:07 | 000,000,000 | ---D | C] -- C:\Program Files\Eidos
[2010/05/13 16:49:33 | 000,000,000 | ---D | C] -- C:\Program Files\WIBUKEY
[2010/05/12 00:37:02 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\SWF Studio
[2010/05/11 15:42:12 | 000,000,000 | ---D | C] -- C:\Users\Loulou\Desktop\Stage S6
[2008/06/03 08:41:51 | 000,015,928 | ---- | C] ( ) -- C:\Windows\System32\drivers\kbfiltr.sys
 
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
 
[2010/06/08 18:27:51 | 000,003,222 | ---- | M] () -- C:\Users\Loulou\AppData\Local\vdkzhx.dat
[2010/06/08 18:27:40 | 000,002,139 | ---- | M] () -- C:\Users\Loulou\AppData\Local\vdkzhx_navps.dat
[2010/06/08 18:26:07 | 000,001,054 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010/06/08 18:25:20 | 003,407,872 | -HS- | M] () -- C:\Users\Loulou\NTUSER.DAT
[2010/06/08 18:24:25 | 001,470,810 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2010/06/08 18:24:25 | 000,669,566 | ---- | M] () -- C:\Windows\System32\perfh00C.dat
[2010/06/08 18:24:25 | 000,587,178 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010/06/08 18:24:25 | 000,123,556 | ---- | M] () -- C:\Windows\System32\perfc00C.dat
[2010/06/08 18:24:25 | 000,101,250 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010/06/08 18:22:36 | 000,021,692 | ---- | M] () -- C:\Users\Loulou\Desktop\otl luis.pdf
[2010/06/08 18:13:04 | 000,571,904 | ---- | M] (OldTimer Tools) -- C:\Users\Loulou\Desktop\OTL.exe
[2010/06/08 17:56:08 | 000,001,000 | ---- | M] () -- C:\Windows\tasks\Google Software Updater.job
[2010/06/08 17:53:56 | 000,000,090 | ---- | M] () -- C:\Users\Loulou\AppData\Local\jtpsoac.bat
[2010/06/08 17:53:53 | 000,055,302 | ---- | M] () -- C:\ProgramData\nvModes.001
[2010/06/08 17:53:37 | 000,001,050 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010/06/08 17:53:35 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010/06/08 17:53:34 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010/06/08 17:53:34 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010/06/08 17:53:30 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010/06/08 17:53:23 | 3220,295,680 | -HS- | M] () -- C:\hiberfil.sys
[2010/06/08 03:49:40 | 000,524,288 | -HS- | M] () -- C:\Users\Loulou\NTUSER.DAT{29150e2c-4962-11df-a88e-002243c1836f}.TMContainer00000000000000000001.regtrans-ms
[2010/06/08 03:49:40 | 000,065,536 | -HS- | M] () -- C:\Users\Loulou\NTUSER.DAT{29150e2c-4962-11df-a88e-002243c1836f}.TM.blf
[2010/06/08 03:49:36 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2010/06/08 03:49:29 | 001,887,476 | -H-- | M] () -- C:\Users\Loulou\AppData\Local\IconCache.db
[2010/06/08 02:09:14 | 002,555,264 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2010/06/08 02:08:55 | 000,045,056 | ---- | M] () -- C:\Windows\System32\acovcnt.exe
[2010/06/08 01:24:43 | 000,000,056 | -H-- | M] () -- C:\Windows\System32\ezsidmv.dat
[2010/06/08 00:45:57 | 000,055,302 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2010/06/08 00:28:28 | 000,244,860 | ---- | M] () -- C:\Users\Loulou\Desktop\Désactiver l'UAC dans Vista - Zebulon.fr.pdf
[2010/06/08 00:27:08 | 003,704,271 | R--- | M] () -- C:\Users\Loulou\Desktop\ComboFix.exe
[2010/06/08 00:26:02 | 000,824,681 | ---- | M] () -- C:\Users\Loulou\Desktop\RSIT.exe
[2010/06/08 00:25:56 | 000,222,395 | ---- | M] () -- C:\Users\Loulou\Desktop\Extermination de antimalware doctor.pdf
[2010/06/08 00:20:56 | 036,597,872 | ---- | M] (PC Tools                                                    ) -- C:\Users\Loulou\Desktop\sdsetup_aff.exe
[2010/06/08 00:12:04 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
[2010/06/08 00:00:01 | 000,001,847 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2010/06/07 22:46:01 | 000,052,736 | ---- | M] () -- C:\Users\Loulou\AppData\Local\syssvc.exe
[2010/06/07 22:43:49 | 000,038,912 | ---- | M] () -- C:\Users\Loulou\gckcomka.exe
[2010/06/07 19:01:18 | 000,507,904 | ---- | M] (listé) -- C:\Users\Loulou\AppData\Local\vdkzhx.exe
[2010/06/06 22:44:32 | 000,059,904 | ---- | M] () -- C:\Users\Loulou\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/06/06 03:06:17 | 736,733,184 | ---- | M] () -- C:\Users\Loulou\Desktop\2012.FRENCH.BDRiP.REPACK.1CD.XviD-LECHTI.avi
[2010/06/02 23:11:48 | 000,180,845 | ---- | M] () -- C:\Users\Loulou\AppData\Local\vdkzhx_nav.dat
[2010/06/01 02:00:02 | 000,146,248 | ---- | M] () -- C:\Users\Loulou\Desktop\exa-adm-brochure2.pdf
[2010/06/01 01:59:51 | 000,087,214 | ---- | M] () -- C:\Users\Loulou\Desktop\exa-adm-brochure1.pdf
[2010/05/31 20:13:59 | 000,030,743 | ---- | M] () -- C:\Users\Loulou\Desktop\exa-adm-info.pdf
[2010/05/31 03:46:32 | 000,281,760 | ---- | M] () -- C:\Windows\System32\drivers\atksgt.sys
[2010/05/31 03:46:32 | 000,025,888 | ---- | M] () -- C:\Windows\System32\drivers\lirsgt.sys
[2010/05/25 22:52:37 | 000,000,198 | -H-- | M] () -- C:\Users\Loulou\Desktop\niv.dwl2
[2010/05/25 22:52:37 | 000,000,048 | -H-- | M] () -- C:\Users\Loulou\Desktop\niv.dwl
[2010/05/25 22:52:10 | 000,000,198 | -H-- | M] () -- C:\Users\Loulou\Documents\Musee Rendu Final.dwl2
[2010/05/25 22:52:10 | 000,000,048 | -H-- | M] () -- C:\Users\Loulou\Documents\Musee Rendu Final.dwl
[2010/05/17 11:46:51 | 000,000,000 | ---- | M] () -- C:\Windows\vpd.properties
[2010/05/13 21:58:25 | 000,002,148 | ---- | M] () -- C:\Users\Public\Desktop\Commandos 3 Demo v2.lnk
[2010/05/13 21:56:44 | 237,527,505 | ---- | M] () -- C:\Users\Loulou\Desktop\Commandos_3_-_Destination_Berlin_Demo_jouable.exe
[2010/05/12 11:21:16 | 000,221,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe
[2010/05/11 23:21:28 | 000,025,411 | ---- | M] () -- C:\Users\Loulou\Desktop\f.jpg
[2010/05/11 23:20:05 | 000,014,446 | ---- | M] () -- C:\Users\Loulou\Desktop\d.jpg
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
[2010/06/08 18:23:20 | 000,021,692 | ---- | C] () -- C:\Users\Loulou\Desktop\otl luis.pdf
[2010/06/08 01:24:43 | 000,000,056 | -H-- | C] () -- C:\Windows\System32\ezsidmv.dat
[2010/06/08 00:45:36 | 000,256,512 | ---- | C] () -- C:\Windows\PEV.exe
[2010/06/08 00:45:36 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2010/06/08 00:45:36 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2010/06/08 00:45:36 | 000,077,312 | ---- | C] () -- C:\Windows\MBR.exe
[2010/06/08 00:45:36 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2010/06/08 00:32:27 | 000,824,681 | ---- | C] () -- C:\Users\Loulou\Desktop\RSIT.exe
[2010/06/08 00:32:23 | 000,222,395 | ---- | C] () -- C:\Users\Loulou\Desktop\Extermination de antimalware doctor.pdf
[2010/06/08 00:32:21 | 000,244,860 | ---- | C] () -- C:\Users\Loulou\Desktop\Désactiver l'UAC dans Vista - Zebulon.fr.pdf
[2010/06/08 00:32:17 | 003,704,271 | R--- | C] () -- C:\Users\Loulou\Desktop\ComboFix.exe
[2010/06/08 00:00:01 | 000,001,847 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2010/06/07 22:46:01 | 000,052,736 | ---- | C] () -- C:\Users\Loulou\AppData\Local\syssvc.exe
[2010/06/07 22:43:49 | 000,038,912 | ---- | C] () -- C:\Users\Loulou\gckcomka.exe
[2010/06/07 19:01:19 | 000,180,845 | ---- | C] () -- C:\Users\Loulou\AppData\Local\vdkzhx_nav.dat
[2010/06/07 19:01:19 | 000,003,344 | ---- | C] () -- C:\Users\Loulou\AppData\Local\vdkzhx.dat
[2010/06/07 19:01:19 | 000,002,009 | ---- | C] () -- C:\Users\Loulou\AppData\Local\vdkzhx_navps.dat
[2010/06/06 04:16:39 | 736,733,184 | ---- | C] () -- C:\Users\Loulou\Desktop\2012.FRENCH.BDRiP.REPACK.1CD.XviD-LECHTI.avi
[2010/06/01 02:00:02 | 000,146,248 | ---- | C] () -- C:\Users\Loulou\Desktop\exa-adm-brochure2.pdf
[2010/06/01 01:59:51 | 000,087,214 | ---- | C] () -- C:\Users\Loulou\Desktop\exa-adm-brochure1.pdf
[2010/05/31 20:13:59 | 000,030,743 | ---- | C] () -- C:\Users\Loulou\Desktop\exa-adm-info.pdf
[2010/05/30 19:49:21 | 000,281,760 | ---- | C] () -- C:\Windows\System32\drivers\atksgt.sys
[2010/05/30 19:49:20 | 000,025,888 | ---- | C] () -- C:\Windows\System32\drivers\lirsgt.sys
[2010/05/25 22:52:37 | 000,000,198 | -H-- | C] () -- C:\Users\Loulou\Desktop\niv.dwl2
[2010/05/25 22:52:37 | 000,000,048 | -H-- | C] () -- C:\Users\Loulou\Desktop\niv.dwl
[2010/05/25 22:52:10 | 000,000,198 | -H-- | C] () -- C:\Users\Loulou\Documents\Musee Rendu Final.dwl2
[2010/05/25 22:52:10 | 000,000,048 | -H-- | C] () -- C:\Users\Loulou\Documents\Musee Rendu Final.dwl
[2010/05/13 21:58:25 | 000,002,148 | ---- | C] () -- C:\Users\Public\Desktop\Commandos 3 Demo v2.lnk
[2010/05/13 21:57:10 | 237,527,505 | ---- | C] () -- C:\Users\Loulou\Desktop\Commandos_3_-_Destination_Berlin_Demo_jouable.exe
[2010/05/11 23:21:04 | 000,025,411 | ---- | C] () -- C:\Users\Loulou\Desktop\f.jpg
[2010/05/11 23:20:03 | 000,014,446 | ---- | C] () -- C:\Users\Loulou\Desktop\d.jpg
[2009/11/10 22:05:36 | 000,029,696 | ---- | C] () -- C:\Windows\System32\pthread.dll
[2009/01/24 21:12:16 | 002,463,976 | ---- | C] () -- C:\Windows\System32\NPSWF32.dll
[2009/01/20 02:04:39 | 000,116,224 | ---- | C] () -- C:\Windows\System32\pdfcmnnt.dll
[2008/07/30 02:33:22 | 000,057,344 | ---- | C] () -- C:\Windows\System32\BtwNamespaceExt2.dll
[2008/04/16 12:43:39 | 000,000,010 | ---- | C] () -- C:\Windows\System32\ABLKSR.ini
[2008/04/01 09:13:57 | 001,807,744 | ---- | C] () -- C:\Windows\System32\drivers\snp2uvc.sys
[2007/05/09 09:16:39 | 000,028,160 | ---- | C] () -- C:\Windows\System32\drivers\sncduvc.sys
[2006/11/02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/03/09 03:57:59 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[2001/11/14 22:56:00 | 001,802,240 | ---- | C] () -- C:\Windows\System32\lcppn21.dll
 
[color=#E56717]========== LOP Check ==========[/color]
 
[2009/04/29 21:01:15 | 000,000,000 | ---D | M] -- C:\Users\Loulou\AppData\Roaming\Autodesk
[2010/06/04 14:04:35 | 000,000,000 | ---D | M] -- C:\Users\Loulou\AppData\Roaming\Azureus
[2010/06/08 00:06:32 | 000,000,000 | ---D | M] -- C:\Users\Loulou\AppData\Roaming\CBE3FBC7AC5FADF7B4C95F3071F95353
[2009/10/11 17:52:20 | 000,000,000 | ---D | M] -- C:\Users\Loulou\AppData\Roaming\DAEMON Tools Lite
[2010/05/17 11:46:59 | 000,000,000 | ---D | M] -- C:\Users\Loulou\AppData\Roaming\Graphisoft
[2009/04/28 10:22:43 | 000,000,000 | ---D | M] -- C:\Users\Loulou\AppData\Roaming\LimeWire
[2010/05/30 14:10:02 | 000,000,000 | ---D | M] -- C:\Users\Loulou\AppData\Roaming\Participatory Culture Foundation
[2010/05/30 15:13:35 | 000,000,000 | ---D | M] -- C:\Users\Loulou\AppData\Roaming\PCF-VLC
[2008/12/25 05:10:14 | 000,000,000 | ---D | M] -- C:\Users\Loulou\AppData\Roaming\Protector Suite
[2010/05/31 04:01:01 | 000,000,000 | ---D | M] -- C:\Users\Loulou\AppData\Roaming\Ubisoft
[2010/06/08 03:49:36 | 000,032,580 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
[color=#E56717]========== Purity Check ==========[/color]
 
 
 
[color=#E56717]========== Custom Scans ==========[/color]
 
 
[color=#A23BEC]< %SYSTEMDRIVE%\*.exe >[/color]
 
 
[color=#A23BEC]< MD5 for: AGP440.SYS  >[/color]
[2008/01/21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\drivers\AGP440.sys
[2008/01/21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\AGP440.sys
[2008/01/21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys
[2008/01/21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\AGP440.sys
[2006/11/02 11:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys
 
[color=#A23BEC]< MD5 for: ATAPI.SYS  >[/color]
[2009/04/11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\SoftwareDistribution\Download\cd2b15b1a90e884578188440a1660b12\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys
[2008/01/21 04:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\drivers\atapi.sys
[2008/01/21 04:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys
[2008/01/21 04:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys
[2006/11/02 11:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys
 
[color=#A23BEC]< MD5 for: CDROM.SYS  >[/color]
[2008/01/21 04:23:02 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=1EC25CEA0DE6AC4718BF89F9E1778B57 -- C:\Windows\System32\drivers\cdrom.sys
[2008/01/21 04:23:02 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=1EC25CEA0DE6AC4718BF89F9E1778B57 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_a29e71c6\cdrom.sys
[2008/01/21 04:23:02 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=1EC25CEA0DE6AC4718BF89F9E1778B57 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.0.6001.18000_none_5fa95be2a3c76a4a\cdrom.sys
[2009/04/11 06:39:17 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\Windows\SoftwareDistribution\Download\cd2b15b1a90e884578188440a1660b12\x86_cdrom.inf_31bf3856ad364e35_6.0.6002.18005_none_6194d4eea0e93596\cdrom.sys
[2006/11/02 10:51:44 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=8D1866E61AF096AE8B582454F5E4D303 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_e487f727\cdrom.sys
 
[color=#A23BEC]< MD5 for: CNGAUDIT.DLL  >[/color]
[2006/11/02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\System32\cngaudit.dll
[2006/11/02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll
 
[color=#A23BEC]< MD5 for: DISK.SYS  >[/color]
[2009/04/11 08:32:31 | 000,053,736 | ---- | M] (Microsoft Corporation) MD5=5D4AEFC3386920236A548271F8F1AF6A -- C:\Windows\SoftwareDistribution\Download\cd2b15b1a90e884578188440a1660b12\x86_disk.inf_31bf3856ad364e35_6.0.6002.18005_none_fbb1faf0714e4ea6\disk.sys
[2008/01/21 04:23:20 | 000,055,352 | ---- | M] (Microsoft Corporation) MD5=64109E623ABD6955C8FB110B592E68B7 -- C:\Windows\System32\drivers\disk.sys
[2008/01/21 04:23:20 | 000,055,352 | ---- | M] (Microsoft Corporation) MD5=64109E623ABD6955C8FB110B592E68B7 -- C:\Windows\System32\DriverStore\FileRepository\disk.inf_90722180\disk.sys
[2008/01/21 04:23:20 | 000,055,352 | ---- | M] (Microsoft Corporation) MD5=64109E623ABD6955C8FB110B592E68B7 -- C:\Windows\winsxs\x86_disk.inf_31bf3856ad364e35_6.0.6001.18000_none_f9c681e4742c835a\disk.sys
[2006/11/02 11:49:51 | 000,052,840 | ---- | M] (Microsoft Corporation) MD5=841AF4C4D41D3E3B2F244E976B0F7963 -- C:\Windows\System32\DriverStore\FileRepository\disk.inf_e0b0b355\disk.sys
 
[color=#A23BEC]< MD5 for: IASTOR.SYS  >[/color]
[2008/05/07 11:40:01 | 000,317,976 | ---- | M] (Intel Corporation) MD5=80C633722DA72E97F3F5B3B11325696D -- C:\Windows\System32\drivers\iaStor.sys
[2008/05/07 11:40:01 | 000,317,976 | ---- | M] (Intel Corporation) MD5=80C633722DA72E97F3F5B3B11325696D -- C:\Windows\System32\DriverStore\FileRepository\iaahci.inf_1ab0331f\iaStor.sys
 
[color=#A23BEC]< MD5 for: IASTORV.SYS  >[/color]
[2008/01/21 04:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\drivers\iaStorV.sys
[2008/01/21 04:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_c9df7691\iaStorV.sys
[2008/01/21 04:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_af11527887c7fa8f\iaStorV.sys
[2006/11/02 11:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_37cdafa4\iaStorV.sys
 
[color=#A23BEC]< MD5 for: NDIS.SYS  >[/color]
[2009/04/11 08:32:49 | 000,527,848 | ---- | M] (Microsoft Corporation) MD5=1357274D1883F68300AEADD15D7BBB42 -- C:\Windows\SoftwareDistribution\Download\cd2b15b1a90e884578188440a1660b12\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6002.18005_none_a9b2a4d31930d864\ndis.sys
[2008/01/21 04:23:50 | 000,529,464 | ---- | M] (Microsoft Corporation) MD5=9BDC71790FA08F0A0B5F10462B1BD0B1 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6001.18000_none_a7c72bc71c0f0d18\ndis.sys
[2008/02/08 06:25:28 | 000,529,464 | ---- | M] (Microsoft Corporation) MD5=C8560010A542B5DCA94C62468DC20784 -- C:\Windows\System32\drivers\ndis.sys
[2008/02/08 06:25:28 | 000,529,464 | ---- | M] (Microsoft Corporation) MD5=C8560010A542B5DCA94C62468DC20784 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6001.22110_none_a845f8a63534c8d3\ndis.sys
[2008/02/08 06:22:00 | 000,503,352 | ---- | M] (Microsoft Corporation) MD5=E50187F20ED749F57C97836FEDE14BD6 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6000.20768_none_a631acb4382f8e4f\ndis.sys
 
[color=#A23BEC]< MD5 for: NETLOGON.DLL  >[/color]
[2009/04/11 08:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\SoftwareDistribution\Download\cd2b15b1a90e884578188440a1660b12\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_ffa3304f351bb3a3\netlogon.dll
[2008/01/21 04:24:05 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\System32\netlogon.dll
[2008/01/21 04:24:05 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7b74337f9e857\netlogon.dll
 
[color=#A23BEC]< MD5 for: NVSTOR.SYS  >[/color]
[2006/11/02 11:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys
[2008/01/21 04:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\drivers\nvstor.sys
[2008/01/21 04:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvstor.sys
[2008/01/21 04:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvstor.sys
 
[color=#A23BEC]< MD5 for: RASACD.SYS  >[/color]
[2008/01/21 04:24:19 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=147D7F9C556D259924351FEB0DE606C3 -- C:\Windows\System32\drivers\rasacd.sys
[2008/01/21 04:24:19 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=147D7F9C556D259924351FEB0DE606C3 -- C:\Windows\winsxs\x86_microsoft-windows-rasautodial_31bf3856ad364e35_6.0.6001.18000_none_0fd9feb665531f63\rasacd.sys
 
[color=#A23BEC]< MD5 for: RDPWD.SYS  >[/color]
[2009/04/11 06:51:27 | 000,180,736 | ---- | M] (Microsoft Corporation) MD5=30BFBDFB7F95559EDE971F9DDB9A00BA -- C:\Windows\SoftwareDistribution\Download\cd2b15b1a90e884578188440a1660b12\x86_microsoft-windows-t..dp-winstationdriver_31bf3856ad364e35_6.0.6002.18005_none_4d610153d22453a6\rdpwd.sys
[2008/01/21 04:24:49 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=E1C18F4097A5ABCEC941DC4B2F99DB7E -- C:\Windows\System32\drivers\rdpwd.sys
[2008/01/21 04:24:49 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=E1C18F4097A5ABCEC941DC4B2F99DB7E -- C:\Windows\winsxs\x86_microsoft-windows-t..dp-winstationdriver_31bf3856ad364e35_6.0.6001.18000_none_4b758847d502885a\rdpwd.sys
 
[color=#A23BEC]< MD5 for: SCECLI.DLL  >[/color]
[2008/01/21 04:24:50 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\System32\scecli.dll
[2008/01/21 04:24:50 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll
[2009/04/11 08:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\SoftwareDistribution\Download\cd2b15b1a90e884578188440a1660b12\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_39f95b67d63d3a5e\scecli.dll
 
[color=#A23BEC]< MD5 for: SFLOPPY.SYS  >[/color]
[2006/11/02 10:51:40 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=46ED8E91793B2E6F848015445A0AC188 -- C:\Windows\System32\DriverStore\FileRepository\flpydisk.inf_7a4ca8e4\sfloppy.sys
[2008/01/21 04:23:20 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=C33BFBD6E9E41FCD9FFEF9729E9FAED6 -- C:\Windows\System32\drivers\sfloppy.sys
[2008/01/21 04:23:20 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=C33BFBD6E9E41FCD9FFEF9729E9FAED6 -- C:\Windows\System32\DriverStore\FileRepository\flpydisk.inf_36da1340\sfloppy.sys
[2008/01/21 04:23:20 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=C33BFBD6E9E41FCD9FFEF9729E9FAED6 -- C:\Windows\winsxs\x86_flpydisk.inf_31bf3856ad364e35_6.0.6001.18000_none_e70a102d7a7bbf43\sfloppy.sys
 
[color=#A23BEC]< MD5 for: TDPIPE.SYS  >[/color]
[2008/01/21 04:24:08 | 000,017,920 | ---- | M] (Microsoft Corporation) MD5=5DCF5E267BE67A1AE926F2DF77FBCC56 -- C:\Windows\System32\drivers\tdpipe.sys
[2008/01/21 04:24:08 | 000,017,920 | ---- | M] (Microsoft Corporation) MD5=5DCF5E267BE67A1AE926F2DF77FBCC56 -- C:\Windows\winsxs\x86_microsoft-windows-t..es-transportdrivers_31bf3856ad364e35_6.0.6001.18000_none_dbac376c44b742d7\tdpipe.sys
 
[color=#A23BEC]< MD5 for: TDTCP.SYS  >[/color]
[2008/01/21 04:24:08 | 000,029,184 | ---- | M] (Microsoft Corporation) MD5=389C63E32B3CEFED425B61ED92D3F021 -- C:\Windows\System32\drivers\tdtcp.sys
[2008/01/21 04:24:08 | 000,029,184 | ---- | M] (Microsoft Corporation) MD5=389C63E32B3CEFED425B61ED92D3F021 -- C:\Windows\winsxs\x86_microsoft-windows-t..es-transportdrivers_31bf3856ad364e35_6.0.6001.18000_none_dbac376c44b742d7\tdtcp.sys
 
[color=#A23BEC]< MD5 for: USBPRINT.SYS  >[/color]
[2006/11/02 11:14:58 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=B51E52ACF758BE00EF3A58EA452FE360 -- C:\Windows\System32\drivers\usbprint.sys
[2006/11/02 11:14:58 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=B51E52ACF758BE00EF3A58EA452FE360 -- C:\Windows\System32\DriverStore\FileRepository\usbprint.inf_35521f61\usbprint.sys
[2008/01/21 04:23:22 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=E75C4B5269091D15A2E7DC0B6D35F2F5 -- C:\Windows\System32\DriverStore\FileRepository\usbprint.inf_29f90369\usbprint.sys
[2008/01/21 04:23:22 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=E75C4B5269091D15A2E7DC0B6D35F2F5 -- C:\Windows\winsxs\x86_usbprint.inf_31bf3856ad364e35_6.0.6001.18000_none_32f9c26ac169fb1e\usbprint.sys
 
[color=#A23BEC]< MD5 for: USBSCAN.SYS  >[/color]
[2008/01/21 04:23:27 | 000,035,328 | ---- | M] (Microsoft Corporation) MD5=A508C9BD8724980512136B039BBA65E9 -- C:\Windows\System32\DriverStore\FileRepository\sti.inf_67b3f94c\usbscan.sys
[2008/01/21 04:23:27 | 000,035,328 | ---- | M] (Microsoft Corporation) MD5=A508C9BD8724980512136B039BBA65E9 -- C:\Windows\winsxs\x86_sti.inf_31bf3856ad364e35_6.0.6001.18000_none_59ded168e0c6a0d3\usbscan.sys
[2008/01/21 04:23:27 | 000,035,328 | ---- | M] (Microsoft Corporation) MD5=A508C9BD8724980512136B039BBA65E9 -- C:\Windows\winsxs\x86_sti.inf_31bf3856ad364e35_6.0.6002.18005_none_5bca4a74dde86c1f\usbscan.sys
[2006/11/02 11:14:17 | 000,035,328 | ---- | M] (Microsoft Corporation) MD5=B1F95285C08DDFE00C0B955462637EC7 -- C:\Windows\System32\DriverStore\FileRepository\sti.inf_727905e0\usbscan.sys
 
[color=#A23BEC]< %systemroot%\*. /mp /s >[/color]
 
[color=#A23BEC]< %systemroot%\system32\*.dll /lockedfiles >[/color]
[2008/01/21 04:24:42 | 000,242,744 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\Windows\System32\rsaenh.dll
[2008/01/21 04:24:38 | 000,225,792 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\Windows\System32\SLC.dll
 
[color=#A23BEC]< %systemroot%\Tasks\*.job /lockedfiles >[/color]
< End of report >
bob35
Sous Expert(e)
Sous Expert(e)
 
Messages: 59
Inscription: 08 Juin 2010 00:48
 

Re: antimalware doctor

Message le 08 Juin 2010 18:08

rapport USBfix


Code: Tout sélectionner
############################## | UsbFix 7.006 | [Recherche]

Utilisateur: Loulou (Administrateur) # PC-DE-LOULOU [ASUSTeK Computer Inc. N50Vn]
Mis ‡ jour le 07/06/10 par El Desaparecido / C_XX
LancÈ ‡ 18:51:21 | 08/06/2010
Site Web: http://pagesperso-orange.fr/NosTools/index.html
Contact: FindyKill.Contact@gmail.com

CPU: Intel(R) Core(TM)2 Duo CPU T9400 @ 2.53GHz
CPU 2: Intel(R) Core(TM)2 Duo CPU T9400 @ 2.53GHz
MicrosoftÆ Windows Vistaô …dition Familiale Premium  (6.0.6001 32-Bit) # Service Pack 1
Internet Explorer 7.0.6001.18000

Pare-feu Windows: ActivÈ

RAM -> 3070 Mo
C:\ (%systemdrive%) -> Disque fixe # 149 Go (14 Go libre(s) - 9%) [VistaOS] # NTFS
D:\ -> Disque fixe # 139 Go (69 Go libre(s) - 49%) [DATA] # NTFS
E:\ -> CD-ROM
G:\ -> CD-ROM
H:\ -> Disque amovible # 973 Mo (509 Mo libre(s) - 52%) [LOIUTA 2] # FAT

################## | …lÈments infectieux |

PrÈsent! C:\Users\Loulou\iTunesSetup.exe
PrÈsent! C:\Users\Loulou\AppData\Local\Temp\a.dat
PrÈsent! C:\Users\Loulou\AppData\Local\Temp\Ckz.exe
PrÈsent! C:\Users\Loulou\AppData\Local\Temp\1.tmp
PrÈsent! C:\Users\Loulou\AppData\Local\Temp\11E.tmp
PrÈsent! C:\Users\Loulou\AppData\Local\Temp\11F.tmp
PrÈsent! C:\Users\Loulou\AppData\Local\Temp\120.tmp
PrÈsent! C:\Users\Loulou\AppData\Local\Temp\121.tmp
PrÈsent! C:\Users\Loulou\AppData\Local\Temp\122.tmp
PrÈsent! C:\Users\Loulou\AppData\Local\Temp\123.tmp
PrÈsent! C:\Users\Loulou\AppData\Local\Temp\124.tmp
PrÈsent! C:\Users\Loulou\AppData\Local\Temp\125.tmp
PrÈsent! C:\Users\Loulou\AppData\Local\Temp\126.tmp
PrÈsent! C:\Users\Loulou\AppData\Local\Temp\127.tmp
PrÈsent! C:\Users\Loulou\AppData\Local\Temp\128.tmp
PrÈsent! C:\Users\Loulou\AppData\Local\Temp\129.tmp
PrÈsent! C:\Users\Loulou\AppData\Local\Temp\12F.tmp
PrÈsent! C:\Users\Loulou\AppData\Local\Temp\139.tmp
PrÈsent! C:\Users\Loulou\AppData\Local\Temp\13A.tmp
PrÈsent! C:\Users\Loulou\AppData\Local\Temp\13B.tmp
PrÈsent! C:\Users\Loulou\AppData\Local\Temp\13C.tmp
PrÈsent! C:\Users\Loulou\AppData\Local\Temp\15.tmp
PrÈsent! C:\Users\Loulou\AppData\Local\Temp\16.tmp
PrÈsent! C:\Users\Loulou\AppData\Local\Temp\17.tmp
PrÈsent! C:\Users\Loulou\AppData\Local\Temp\178.tmp
PrÈsent! C:\Users\Loulou\AppData\Local\Temp\18.tmp
PrÈsent! C:\Users\Loulou\AppData\Local\Temp\19.tmp
PrÈsent! C:\Users\Loulou\AppData\Local\Temp\1A.tmp
PrÈsent! C:\Users\Loulou\AppData\Local\Temp\1B.tmp
PrÈsent! C:\Users\Loulou\AppData\Local\Temp\1C.tmp
PrÈsent! C:\Users\Loulou\AppData\Local\Temp\1D.tmp
PrÈsent! C:\Users\Loulou\AppData\Local\Temp\1EB.tmp
PrÈsent! C:\Users\Loulou\AppData\Local\Temp\2.tmp
PrÈsent! C:\Users\Loulou\AppData\Local\Temp\223.tmp
PrÈsent! C:\Users\Loulou\AppData\Local\Temp\266.tmp
PrÈsent! C:\Users\Loulou\AppData\Local\Temp\2C3.tmp
PrÈsent! C:\Users\Loulou\AppData\Local\Temp\2E.tmp
PrÈsent! C:\Users\Loulou\AppData\Local\Temp\3.tmp
PrÈsent! C:\Users\Loulou\AppData\Local\Temp\4.tmp
PrÈsent! C:\Users\Loulou\AppData\Local\Temp\434.tmp
PrÈsent! C:\Users\Loulou\AppData\Local\Temp\45E.tmp
PrÈsent! C:\Users\Loulou\AppData\Local\Temp\5.tmp
PrÈsent! C:\Users\Loulou\AppData\Local\Temp\56.tmp
PrÈsent! C:\Users\Loulou\AppData\Local\Temp\56E.tmp
PrÈsent! C:\Users\Loulou\AppData\Local\Temp\57.tmp
PrÈsent! C:\Users\Loulou\AppData\Local\Temp\582.tmp
PrÈsent! C:\Users\Loulou\AppData\Local\Temp\583.tmp
PrÈsent! C:\Users\Loulou\AppData\Local\Temp\584.tmp
PrÈsent! C:\Users\Loulou\AppData\Local\Temp\5A4.tmp
PrÈsent! C:\Users\Loulou\AppData\Local\Temp\5A5.tmp
PrÈsent! C:\Users\Loulou\AppData\Local\Temp\5A6.tmp
PrÈsent! C:\Users\Loulou\AppData\Local\Temp\5A7.tmp
PrÈsent! C:\Users\Loulou\AppData\Local\Temp\5A8.tmp
PrÈsent! C:\Users\Loulou\AppData\Local\Temp\5A9.tmp
PrÈsent! C:\Users\Loulou\AppData\Local\Temp\5AA.tmp
PrÈsent! C:\Users\Loulou\AppData\Local\Temp\5AB.tmp
PrÈsent! C:\Users\Loulou\AppData\Local\Temp\5AC.tmp
PrÈsent! C:\Users\Loulou\AppData\Local\Temp\5AD.tmp
PrÈsent! C:\Users\Loulou\AppData\Local\Temp\5AE.tmp
PrÈsent! C:\Users\Loulou\AppData\Local\Temp\5AF.tmp
PrÈsent! C:\Users\Loulou\AppData\Local\Temp\5B0.tmp
PrÈsent! C:\Users\Loulou\AppData\Local\Temp\5F7.tmp
PrÈsent! C:\Users\Loulou\AppData\Local\Temp\5F8.tmp
PrÈsent! C:\Users\Loulou\AppData\Local\Temp\63.tmp
PrÈsent! C:\Users\Loulou\AppData\Local\Temp\6C0.tmp
PrÈsent! C:\Users\Loulou\AppData\Local\Temp\6D9.tmp
PrÈsent! C:\Users\Loulou\AppData\Local\Temp\73C.tmp
PrÈsent! C:\Users\Loulou\AppData\Local\Temp\73D.tmp
PrÈsent! C:\Users\Loulou\AppData\Local\Temp\73E.tmp
PrÈsent! C:\Users\Loulou\AppData\Local\Temp\73F.tmp
PrÈsent! C:\Users\Loulou\AppData\Local\Temp\74.tmp
PrÈsent! C:\Users\Loulou\AppData\Local\Temp\740.tmp
PrÈsent! C:\Users\Loulou\AppData\Local\Temp\741.tmp
PrÈsent! C:\Users\Loulou\AppData\Local\Temp\742.tmp
PrÈsent! C:\Users\Loulou\AppData\Local\Temp\743.tmp
PrÈsent! C:\Users\Loulou\AppData\Local\Temp\744.tmp
PrÈsent! C:\Users\Loulou\AppData\Local\Temp\74A.tmp
PrÈsent! C:\Users\Loulou\AppData\Local\Temp\74B.tmp
PrÈsent! C:\Users\Loulou\AppData\Local\Temp\74C.tmp
PrÈsent! C:\Users\Loulou\AppData\Local\Temp\74D.tmp
PrÈsent! C:\Users\Loulou\AppData\Local\Temp\74E.tmp
PrÈsent! C:\Users\Loulou\AppData\Local\Temp\74F.tmp
PrÈsent! C:\Users\Loulou\AppData\Local\Temp\75.tmp
PrÈsent! C:\Users\Loulou\AppData\Local\Temp\750.tmp
PrÈsent! C:\Users\Loulou\AppData\Local\Temp\754.tmp
PrÈsent! C:\Users\Loulou\AppData\Local\Temp\755.tmp
PrÈsent! C:\Users\Loulou\AppData\Local\Temp\756.tmp
PrÈsent! C:\Users\Loulou\AppData\Local\Temp\757.tmp
PrÈsent! C:\Users\Loulou\AppData\Local\Temp\758.tmp
PrÈsent! C:\Users\Loulou\AppData\Local\Temp\759.tmp
PrÈsent! C:\Users\Loulou\AppData\Local\Temp\75A.tmp
PrÈsent! C:\Users\Loulou\AppData\Local\Temp\75B.tmp
PrÈsent! C:\Users\Loulou\AppData\Local\Temp\75C.tmp
PrÈsent! C:\Users\Loulou\AppData\Local\Temp\760.tmp
PrÈsent! C:\Users\Loulou\AppData\Local\Temp\78F.tmp
PrÈsent! C:\Users\Loulou\AppData\Local\Temp\7CF.tmp
PrÈsent! C:\Users\Loulou\AppData\Local\Temp\86.tmp
PrÈsent! C:\Users\Loulou\AppData\Local\Temp\861.tmp
PrÈsent! C:\Users\Loulou\AppData\Local\Temp\862.tmp
PrÈsent! C:\Users\Loulou\AppData\Local\Temp\863.tmp
PrÈsent! C:\Users\Loulou\AppData\Local\Temp\864.tmp
PrÈsent! C:\Users\Loulou\AppData\Local\Temp\865.tmp
PrÈsent! C:\Users\Loulou\AppData\Local\Temp\866.tmp
PrÈsent! C:\Users\Loulou\AppData\Local\Temp\867.tmp
PrÈsent! C:\Users\Loulou\AppData\Local\Temp\87.tmp
PrÈsent! C:\Users\Loulou\AppData\Local\Temp\877.tmp
PrÈsent! C:\Users\Loulou\AppData\Local\Temp\8E0.tmp
PrÈsent! C:\Users\Loulou\AppData\Local\Temp\8E1.tmp
PrÈsent! C:\Users\Loulou\AppData\Local\Temp\9B2.tmp
PrÈsent! C:\Users\Loulou\AppData\Local\Temp\9B3.tmp
PrÈsent! C:\Users\Loulou\AppData\Local\Temp\9C1.tmp
PrÈsent! C:\Users\Loulou\AppData\Local\Temp\9C2.tmp
PrÈsent! C:\Users\Loulou\AppData\Local\Temp\A38.tmp
PrÈsent! C:\Users\Loulou\AppData\Local\Temp\A48.tmp
PrÈsent! C:\Users\Loulou\AppData\Local\Temp\A49.tmp
PrÈsent! C:\Users\Loulou\AppData\Local\Temp\A4A.tmp
PrÈsent! C:\Users\Loulou\AppData\Local\Temp\A4B.tmp
PrÈsent! C:\Users\Loulou\AppData\Local\Temp\A60.tmp
PrÈsent! C:\Users\Loulou\AppData\Local\Temp\A61.tmp
PrÈsent! C:\Users\Loulou\AppData\Local\Temp\A62.tmp
PrÈsent! C:\Users\Loulou\AppData\Local\Temp\A63.tmp
PrÈsent! C:\Users\Loulou\AppData\Local\Temp\A64.tmp
PrÈsent! C:\Users\Loulou\AppData\Local\Temp\A65.tmp
PrÈsent! C:\Users\Loulou\AppData\Local\Temp\A66.tmp
PrÈsent! C:\Users\Loulou\AppData\Local\Temp\A67.tmp
PrÈsent! C:\Users\Loulou\AppData\Local\Temp\A68.tmp
PrÈsent! C:\Users\Loulou\AppData\Local\Temp\A69.tmp
PrÈsent! C:\Users\Loulou\AppData\Local\Temp\A6A.tmp
PrÈsent! C:\Users\Loulou\AppData\Local\Temp\A6B.tmp
PrÈsent! C:\Users\Loulou\AppData\Local\Temp\A6C.tmp
PrÈsent! C:\Users\Loulou\AppData\Local\Temp\A6D.tmp
PrÈsent! C:\Users\Loulou\AppData\Local\Temp\A6E.tmp
PrÈsent! C:\Users\Loulou\AppData\Local\Temp\A6F.tmp
PrÈsent! C:\Users\Loulou\AppData\Local\Temp\A7.tmp
PrÈsent! C:\Users\Loulou\AppData\Local\Temp\A70.tmp
PrÈsent! C:\Users\Loulou\AppData\Local\Temp\A71.tmp
PrÈsent! C:\Users\Loulou\AppData\Local\Temp\A72.tmp
PrÈsent! C:\Users\Loulou\AppData\Local\Temp\A73.tmp
PrÈsent! C:\Users\Loulou\AppData\Local\Temp\A74.tmp
PrÈsent! C:\Users\Loulou\AppData\Local\Temp\A75.tmp
PrÈsent! C:\Users\Loulou\AppData\Local\Temp\A7B.tmp
PrÈsent! C:\Users\Loulou\AppData\Local\Temp\A7C.tmp
PrÈsent! C:\Users\Loulou\AppData\Local\Temp\A7D.tmp
PrÈsent! C:\Users\Loulou\AppData\Local\Temp\A8.tmp
PrÈsent! C:\Users\Loulou\AppData\Local\Temp\A85.tmp
PrÈsent! C:\Users\Loulou\AppData\Local\Temp\A86.tmp
PrÈsent! C:\Users\Loulou\AppData\Local\Temp\A87.tmp
PrÈsent! C:\Users\Loulou\AppData\Local\Temp\A88.tmp
PrÈsent! C:\Users\Loulou\AppData\Local\Temp\A89.tmp
PrÈsent! C:\Users\Loulou\AppData\Local\Temp\A8A.tmp
PrÈsent! C:\Users\Loulou\AppData\Local\Temp\A9.tmp
PrÈsent! C:\Users\Loulou\AppData\Local\Temp\AA.tmp
PrÈsent! C:\Users\Loulou\AppData\Local\Temp\AA7.tmp
PrÈsent! C:\Users\Loulou\AppData\Local\Temp\ACA.tmp
PrÈsent! C:\Users\Loulou\AppData\Local\Temp\B96.tmp
PrÈsent! C:\Users\Loulou\AppData\Local\Temp\BB.tmp
PrÈsent! C:\Users\Loulou\AppData\Local\Temp\BBE.tmp
PrÈsent! C:\Users\Loulou\AppData\Local\Temp\BC.tmp
PrÈsent! C:\Users\Loulou\AppData\Local\Temp\BC5.tmp
PrÈsent! C:\Users\Loulou\AppData\Local\Temp\BCD.tmp
PrÈsent! C:\Users\Loulou\AppData\Local\Temp\BD.tmp
PrÈsent! C:\Users\Loulou\AppData\Local\Temp\BE.tmp
PrÈsent! C:\Users\Loulou\AppData\Local\Temp\BF.tmp
PrÈsent! C:\Users\Loulou\AppData\Local\Temp\BF2.tmp
PrÈsent! C:\Users\Loulou\AppData\Local\Temp\BF3.tmp
PrÈsent! C:\Users\Loulou\AppData\Local\Temp\BF4.tmp
PrÈsent! C:\Users\Loulou\AppData\Local\Temp\BF5.tmp
PrÈsent! C:\Users\Loulou\AppData\Local\Temp\BF6.tmp
PrÈsent! C:\Users\Loulou\AppData\Local\Temp\BF7.tmp
PrÈsent! C:\Users\Loulou\AppData\Local\Temp\BF8.tmp
PrÈsent! C:\Users\Loulou\AppData\Local\Temp\BF9.tmp
PrÈsent! C:\Users\Loulou\AppData\Local\Temp\BFA.tmp
PrÈsent! C:\Users\Loulou\AppData\Local\Temp\BFB.tmp
PrÈsent! C:\Users\Loulou\AppData\Local\Temp\BFC.tmp
PrÈsent! C:\Users\Loulou\AppData\Local\Temp\C0.tmp
PrÈsent! C:\Users\Loulou\AppData\Local\Temp\C0D.tmp
PrÈsent! C:\Users\Loulou\AppData\Local\Temp\C0E.tmp
PrÈsent! C:\Users\Loulou\AppData\Local\Temp\C1.tmp
PrÈsent! C:\Users\Loulou\AppData\Local\Temp\C2.tmp
PrÈsent! C:\Users\Loulou\AppData\Local\Temp\C2E.tmp
PrÈsent! C:\Users\Loulou\AppData\Local\Temp\C3.tmp
PrÈsent! C:\Users\Loulou\AppData\Local\Temp\C7C.tmp
PrÈsent! C:\Users\Loulou\AppData\Local\Temp\D1A.tmp
PrÈsent! C:\Users\Loulou\AppData\Local\Temp\D3D.tmp
PrÈsent! C:\Users\Loulou\AppData\Local\Temp\D3E.tmp
PrÈsent! C:\Users\Loulou\AppData\Local\Temp\D3F.tmp
PrÈsent! C:\Users\Loulou\AppData\Local\Temp\D40.tmp
PrÈsent! C:\Users\Loulou\AppData\Local\Temp\D41.tmp
PrÈsent! C:\Users\Loulou\AppData\Local\Temp\D42.tmp
PrÈsent! C:\Users\Loulou\AppData\Local\Temp\D43.tmp
PrÈsent! C:\Users\Loulou\AppData\Local\Temp\D44.tmp
PrÈsent! C:\Users\Loulou\AppData\Local\Temp\D54.tmp
PrÈsent! C:\Users\Loulou\AppData\Local\Temp\D55.tmp
PrÈsent! C:\Users\Loulou\AppData\Local\Temp\D56.tmp
PrÈsent! C:\Users\Loulou\AppData\Local\Temp\D57.tmp
PrÈsent! C:\Users\Loulou\AppData\Local\Temp\D58.tmp
PrÈsent! C:\Users\Loulou\AppData\Local\Temp\D59.tmp
PrÈsent! C:\Users\Loulou\AppData\Local\Temp\D8F.tmp
PrÈsent! C:\Users\Loulou\AppData\Local\Temp\DEB.tmp
PrÈsent! C:\Users\Loulou\AppData\Local\Temp\DEC.tmp
PrÈsent! C:\Users\Loulou\AppData\Local\Temp\DF.tmp
PrÈsent! C:\Users\Loulou\AppData\Local\Temp\DFC.tmp
PrÈsent! C:\Users\Loulou\AppData\Local\Temp\DFD.tmp
PrÈsent! C:\Users\Loulou\AppData\Local\Temp\DFE.tmp
PrÈsent! C:\Users\Loulou\AppData\Local\Temp\DFF.tmp
PrÈsent! C:\Users\Loulou\AppData\Local\Temp\E00.tmp
PrÈsent! C:\Users\Loulou\AppData\Local\Temp\E01.tmp
PrÈsent! C:\Users\Loulou\AppData\Local\Temp\E83.tmp
PrÈsent! C:\Users\Loulou\AppData\Local\Temp\EB6.tmp
PrÈsent! C:\Users\Loulou\AppData\Local\Temp\EC7.tmp
PrÈsent! C:\Users\Loulou\AppData\Local\Temp\EDE.tmp
PrÈsent! C:\Users\Loulou\AppData\Local\Temp\EEE.tmp
PrÈsent! C:\Users\Loulou\AppData\Local\Temp\EFF.tmp
PrÈsent! C:\Users\Loulou\AppData\Local\Temp\F00.tmp
PrÈsent! C:\Users\Loulou\AppData\Local\Temp\F01.tmp
PrÈsent! C:\Users\Loulou\AppData\Local\Temp\F02.tmp
PrÈsent! C:\Users\Loulou\AppData\Local\Temp\F03.tmp
PrÈsent! C:\Users\Loulou\AppData\Local\Temp\F04.tmp
PrÈsent! C:\Users\Loulou\AppData\Local\Temp\F05.tmp
PrÈsent! C:\Users\Loulou\AppData\Local\Temp\F06.tmp
PrÈsent! C:\Users\Loulou\AppData\Local\Temp\F07.tmp
PrÈsent! C:\Users\Loulou\AppData\Local\Temp\F08.tmp
PrÈsent! C:\Users\Loulou\AppData\Local\Temp\F09.tmp
PrÈsent! C:\Users\Loulou\AppData\Local\Temp\sshnas21.dll
PrÈsent! G:\Autorun.inf
PrÈsent! C:\$Recycle.Bin\S-1-5-18
PrÈsent! C:\$Recycle.Bin\S-1-5-21-756219789-2391649786-1416619542-1000
PrÈsent! D:\$Recycle.Bin\S-1-5-18
PrÈsent! D:\$Recycle.Bin\S-1-5-21-756219789-2391649786-1416619542-1000
PrÈsent! D:\$Recycle.Bin\S-1-5-21-756219789-2391649786-1416619542-500
PrÈsent! H:\ravmon.exe

################## | Registre |

PrÈsent! HKCU\Software\M5T8QL3YW3
PrÈsent! HKCU\Software\Microsoft\Handle
PrÈsent! HKCU\Software\XML
PrÈsent! HKCU\Software\Microsoft\Windows\CurrentVersion\Run|M5T8QL3YW3

################## | Mountpoints2 |

HKCU\.\.\.\.\Explorer\MountPoints2\{0cf685bc-657f-11de-a555-002243c1836f}
Shell\AutoRun\Command = F:\w.com
Shell\open\Command = F:\w.com

HKCU\.\.\.\.\Explorer\MountPoints2\{1b1018e4-21fa-11df-94f9-002243c1836f}
Shell\AutoRun\Command = G:\LaunchU3.exe

HKCU\.\.\.\.\Explorer\MountPoints2\{45f6338b-e663-11dd-b181-002243c1836f}
Shell\AutoRun\Command = F:\r8wb.bat
Shell\explore\Command = F:\r8wb.bat
Shell\open\Command = F:\r8wb.bat

HKCU\.\.\.\.\Explorer\MountPoints2\{506920c3-b67c-11de-9603-002243c1836f}
Shell\AutoRun\Command = F:\Autorun.exe

HKCU\.\.\.\.\Explorer\MountPoints2\{5d8aec2f-eedc-11dd-b419-002243c1836f}
Shell\AutoRun\Command = H:\PMB_P.exe

HKCU\.\.\.\.\Explorer\MountPoints2\{5fb244c8-b737-11de-8d04-002243c1836f}
Shell\AutoRun\Command = G:\3.cmd
Shell\open\Command = G:\3.cmd

HKCU\.\.\.\.\Explorer\MountPoints2\{67ad6947-b1cc-11de-98bc-002243c1836f}
Shell\AutoRun\Command = G:\LaunchU3.exe -a

HKCU\.\.\.\.\Explorer\MountPoints2\{825ebf27-5757-11de-aa6e-002243c1836f}
Shell\AutoRun\Command = H:\LaunchU3.exe -a

HKCU\.\.\.\.\Explorer\MountPoints2\{8c0eb082-50de-11de-9f52-002243c1836f}
Shell\AutoRun\Command = q9.cmd
Shell\open\Command = q9.cmd

HKCU\.\.\.\.\Explorer\MountPoints2\{915f997f-e1e0-11dd-8416-002243c1836f}
Shell\AutoRun\Command = G:\
Shell\open\Command = JOVANA/pojatar.exe

HKCU\.\.\.\.\Explorer\MountPoints2\{cac7102a-f9f2-11dd-ab5f-002243c1836f}
Shell\AutoRun\Command = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL F:\NoLimit.exe

HKCU\.\.\.\.\Explorer\MountPoints2\{f4d184c0-ae91-11de-b062-002243c1836f}
Shell\AutoRun\Command = G:\laucher.exe

HKCU\.\.\.\.\Explorer\MountPoints2\{f5ac4de2-bf2e-11de-ab2e-002243c1836f}
Shell\AutoRun\Command = G:\ZRNO///soli.exe
Shell\open\Command = G:\ZRNO///soli.exe


################## | Vaccin |

(!) Cet ordinateur n'est pas vaccinÈ!

################## | E.O.F |


Voilà, en espérant que quelqu'un pourra m'aider.

Merci
bob35
Sous Expert(e)
Sous Expert(e)
 
Messages: 59
Inscription: 08 Juin 2010 00:48
 

Re: antimalware doctor

Message le 08 Juin 2010 18:29

Pas de souci, Bob :D j'ai juste déplacé ton sujet dans la bonne rubrique

pour que nos Helpers le voient plus rapidement et viennent te donner un coup de main.

Patiente un peu et ++ ;)
Avatar de l'utilisateur
Pac428
PC-Infopraticien
PC-Infopraticien
 
Messages: 29256
Inscription: 23 Mai 2006 13:25
Localisation: Le Goulag du Maine.
 

Re: antimalware doctor

Message le 08 Juin 2010 18:41

Merci beaucoup Pac. J'attendrai :D
bob35
Sous Expert(e)
Sous Expert(e)
 
Messages: 59
Inscription: 08 Juin 2010 00:48
 

Re: antimalware doctor

Message le 08 Juin 2010 18:42

[hs on]

tu es breton ou je me trompe?
si oui moi aussi^^ :wink:
[hs off]
Avatar de l'utilisateur
reg35
PC-Infopraticien
PC-Infopraticien
 
Messages: 5815
Inscription: 21 Juin 2009 22:30
Localisation: recherche en cours, veuillez patienter...
 

Re: antimalware doctor

Message le 08 Juin 2010 18:51

Désolé Reg, 35 c'est juste mon age :P
bob35
Sous Expert(e)
Sous Expert(e)
 
Messages: 59
Inscription: 08 Juin 2010 00:48
 

Re: antimalware doctor

Message le 08 Juin 2010 18:53

autant pour moi bob
bonne continuation :wink:
Avatar de l'utilisateur
reg35
PC-Infopraticien
PC-Infopraticien
 
Messages: 5815
Inscription: 21 Juin 2009 22:30
Localisation: recherche en cours, veuillez patienter...
 

Re: antimalware doctor

Message le 08 Juin 2010 19:02

Bonsoir à tous

En premier fait ceci bob35

Relance USBFIX puis cette fois choisi l'option 2 puis mets le nouveau rapport.

Je regarde pendant ce temps ton rapport OTL
Avatar de l'utilisateur
bernard53
PC-Infopraticien
PC-Infopraticien
 
Messages: 12778
Inscription: 08 Déc 2009 19:51
 

Re: antimalware doctor

Message le 08 Juin 2010 19:06

Bonjour Bernard,

La deuxième option "suppression" ou bien "listing"?

.... et merci pour la prise en charge :wink:
bob35
Sous Expert(e)
Sous Expert(e)
 
Messages: 59
Inscription: 08 Juin 2010 00:48
 

Re: antimalware doctor

Message le 08 Juin 2010 19:12

Image

option 2 = suppression ;)
Avatar de l'utilisateur
Pac428
PC-Infopraticien
PC-Infopraticien
 
Messages: 29256
Inscription: 23 Mai 2006 13:25
Localisation: Le Goulag du Maine.
 

Re: antimalware doctor

Message le 08 Juin 2010 19:23

OK, voici le nouveau rapport USB fix option "suppression"


Code: Tout sélectionner
############################## | UsbFix 7.006 | [Suppression]

Utilisateur: Loulou (Administrateur) # PC-DE-LOULOU [ASUSTeK Computer Inc. N50Vn]
Mis ‡ jour le 07/06/10 par El Desaparecido / C_XX
LancÈ ‡ 20:10:19 | 08/06/2010
Site Web: http://pagesperso-orange.fr/NosTools/index.html
Contact: FindyKill.Contact@gmail.com

CPU: Intel(R) Core(TM)2 Duo CPU T9400 @ 2.53GHz
CPU 2: Intel(R) Core(TM)2 Duo CPU T9400 @ 2.53GHz
MicrosoftÆ Windows Vistaô …dition Familiale Premium  (6.0.6001 32-Bit) # Service Pack 1
Internet Explorer 7.0.6001.18000

Pare-feu Windows: ActivÈ

RAM -> 3070 Mo
C:\ (%systemdrive%) -> Disque fixe # 149 Go (14 Go libre(s) - 9%) [VistaOS] # NTFS
D:\ -> Disque fixe # 139 Go (69 Go libre(s) - 49%) [DATA] # NTFS
E:\ -> CD-ROM
G:\ -> CD-ROM
H:\ -> Disque amovible # 973 Mo (509 Mo libre(s) - 52%) [LOIUTA 2] # FAT

################## | …lÈments infectieux |

SupprimÈ! C:\Users\Loulou\iTunesSetup.exe
SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\a.dat
SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\Ckz.exe
SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\1.tmp
SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\11E.tmp
SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\11F.tmp
SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\120.tmp
SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\121.tmp
SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\122.tmp
SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\123.tmp
SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\124.tmp
SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\125.tmp
SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\126.tmp
SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\127.tmp
SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\128.tmp
SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\129.tmp
SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\12F.tmp
SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\139.tmp
SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\13A.tmp
SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\13B.tmp
SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\13C.tmp
SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\15.tmp
SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\16.tmp
SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\17.tmp
SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\178.tmp
SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\18.tmp
SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\19.tmp
SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\1A.tmp
SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\1B.tmp
SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\1C.tmp
SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\1D.tmp
SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\1EB.tmp
SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\2.tmp
SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\223.tmp
SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\266.tmp
SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\2C3.tmp
SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\2E.tmp
SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\3.tmp
SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\4.tmp
SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\434.tmp
SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\45E.tmp
SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\5.tmp
SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\56.tmp
SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\56E.tmp
SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\57.tmp
SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\582.tmp
SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\583.tmp
SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\584.tmp
SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\5A4.tmp
SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\5A5.tmp
SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\5A6.tmp
SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\5A7.tmp
SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\5A8.tmp
SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\5A9.tmp
SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\5AA.tmp
SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\5AB.tmp
SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\5AC.tmp
SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\5AD.tmp
SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\5AE.tmp
SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\5AF.tmp
SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\5B0.tmp
SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\5F7.tmp
SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\5F8.tmp
SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\63.tmp
SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\6C0.tmp
SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\6D9.tmp
SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\73C.tmp
SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\73D.tmp
SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\73E.tmp
SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\73F.tmp
SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\74.tmp
SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\740.tmp
SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\741.tmp
SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\742.tmp
SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\743.tmp
SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\744.tmp
SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\74A.tmp
SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\74B.tmp
SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\74C.tmp
SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\74D.tmp
SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\74E.tmp
SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\74F.tmp
SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\75.tmp
SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\750.tmp
SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\754.tmp
SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\755.tmp
SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\756.tmp
SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\757.tmp
SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\758.tmp
SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\759.tmp
SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\75A.tmp
SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\75B.tmp
SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\75C.tmp
SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\760.tmp
SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\78F.tmp
SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\7CF.tmp
SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\86.tmp
SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\861.tmp
SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\862.tmp
SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\863.tmp
SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\864.tmp
SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\865.tmp
SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\866.tmp
SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\867.tmp
SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\87.tmp
SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\877.tmp
SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\8E0.tmp
SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\8E1.tmp
SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\9B2.tmp
SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\9B3.tmp
SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\9C1.tmp
SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\9C2.tmp
SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\A38.tmp
SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\A48.tmp
SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\A49.tmp
SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\A4A.tmp
SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\A4B.tmp
SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\A60.tmp
SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\A61.tmp
SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\A62.tmp
SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\A63.tmp
SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\A64.tmp
SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\A65.tmp
SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\A66.tmp
SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\A67.tmp
SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\A68.tmp
SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\A69.tmp
SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\A6A.tmp
SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\A6B.tmp
SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\A6C.tmp
SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\A6D.tmp
SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\A6E.tmp
SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\A6F.tmp
SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\A7.tmp
SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\A70.tmp
SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\A71.tmp
SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\A72.tmp
SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\A73.tmp
SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\A74.tmp
SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\A75.tmp
SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\A7B.tmp
SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\A7C.tmp
SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\A7D.tmp
SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\A8.tmp
SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\A85.tmp
SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\A86.tmp
SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\A87.tmp
SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\A88.tmp
SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\A89.tmp
SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\A8A.tmp
SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\A9.tmp
SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\AA.tmp
SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\AA7.tmp
SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\ACA.tmp
SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\B96.tmp
SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\BB.tmp
SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\BBE.tmp
SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\BC.tmp
SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\BC5.tmp
SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\BCD.tmp
SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\BD.tmp
SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\BE.tmp
SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\BF.tmp
SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\BF2.tmp
SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\BF3.tmp
SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\BF4.tmp
SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\BF5.tmp
SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\BF6.tmp
SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\BF7.tmp
SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\BF8.tmp
SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\BF9.tmp
SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\BFA.tmp
SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\BFB.tmp
SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\BFC.tmp
SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\C0.tmp
SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\C0D.tmp
SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\C0E.tmp
SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\C1.tmp
SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\C2.tmp
SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\C2E.tmp
SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\C3.tmp
SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\C7C.tmp
SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\D1A.tmp
SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\D3D.tmp
SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\D3E.tmp
SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\D3F.tmp
SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\D40.tmp
SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\D41.tmp
SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\D42.tmp
SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\D43.tmp
SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\D44.tmp
SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\D54.tmp
SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\D55.tmp
SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\D56.tmp
SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\D57.tmp
SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\D58.tmp
SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\D59.tmp
SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\D8F.tmp
SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\DEB.tmp
SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\DEC.tmp
SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\DF.tmp
SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\DFC.tmp
SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\DFD.tmp
SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\DFE.tmp
SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\DFF.tmp
SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\E00.tmp
SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\E01.tmp
SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\E83.tmp
SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\EB6.tmp
SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\EC7.tmp
SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\EDE.tmp
SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\EEE.tmp
SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\EFF.tmp
SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\F00.tmp
SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\F01.tmp
SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\F02.tmp
SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\F03.tmp
SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\F04.tmp
SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\F05.tmp
SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\F06.tmp
SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\F07.tmp
SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\F08.tmp
SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\F09.tmp
SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\sshnas21.dll
SupprimÈ! C:\$Recycle.Bin\S-1-5-18
SupprimÈ! C:\$Recycle.Bin\S-1-5-21-756219789-2391649786-1416619542-1000
SupprimÈ! D:\$Recycle.Bin\S-1-5-18
SupprimÈ! D:\$Recycle.Bin\S-1-5-21-756219789-2391649786-1416619542-1000
SupprimÈ! D:\$Recycle.Bin\S-1-5-21-756219789-2391649786-1416619542-500

################## | Registre |

SupprimÈ! HKCU\Software\M5T8QL3YW3
SupprimÈ! HKCU\Software\Microsoft\Handle
SupprimÈ! HKCU\Software\XML
SupprimÈ! HKCU\Software\Microsoft\Windows\CurrentVersion\Run|M5T8QL3YW3

################## | Mountpoints2 |

SupprimÈ! HKCU\.\.\.\.\Explorer\MountPoints2\{0cf685bc-657f-11de-a555-002243c1836f}
SupprimÈ! HKCU\.\.\.\.\Explorer\MountPoints2\{45f6338b-e663-11dd-b181-002243c1836f}
SupprimÈ! HKCU\.\.\.\.\Explorer\MountPoints2\{506920c3-b67c-11de-9603-002243c1836f}
SupprimÈ! HKCU\.\.\.\.\Explorer\MountPoints2\{5d8aec2f-eedc-11dd-b419-002243c1836f}
SupprimÈ! HKCU\.\.\.\.\Explorer\MountPoints2\{5fb244c8-b737-11de-8d04-002243c1836f}
SupprimÈ! HKCU\.\.\.\.\Explorer\MountPoints2\{67ad6947-b1cc-11de-98bc-002243c1836f}
SupprimÈ! HKCU\.\.\.\.\Explorer\MountPoints2\{825ebf27-5757-11de-aa6e-002243c1836f}
SupprimÈ! HKCU\.\.\.\.\Explorer\MountPoints2\{8c0eb082-50de-11de-9f52-002243c1836f}
SupprimÈ! HKCU\.\.\.\.\Explorer\MountPoints2\{915f997f-e1e0-11dd-8416-002243c1836f}
SupprimÈ! HKCU\.\.\.\.\Explorer\MountPoints2\{cac7102a-f9f2-11dd-ab5f-002243c1836f}
SupprimÈ! HKCU\.\.\.\.\Explorer\MountPoints2\{f4d184c0-ae91-11de-b062-002243c1836f}

################## | Listing |

[08/06/2010 - 20:15:48 | SHD ]    C:\$RECYCLE.BIN
[31/10/2008 - 15:42:17 | HD ]    C:\ASUS.SYS
[18/09/2006 - 23:43:36 | A | 24]    C:\autoexec.bat
[16/04/2008 - 13:27:15 | SHD ]    C:\Boot
[21/01/2008 - 04:24:42 | RASH | 333203]    C:\bootmgr
[16/04/2008 - 13:27:17 | RAS | 8192]    C:\BOOTSECT.BAK
[04/04/2007 - 21:01:54 | A | 19]    C:\CA21.txt
[08/06/2010 - 03:48:11 | SD ]    C:\ComboFix
[18/09/2006 - 23:43:37 | A | 10]    C:\config.sys
[10/11/2009 - 22:13:55 | A | 0]    C:\data.txt
[03/11/2009 - 20:50:43 | A | 216]    C:\DebugTrace-RockallDLL.log
[31/10/2008 - 15:44:53 | A | 22832]    C:\devlist.txt
[02/11/2006 - 15:02:03 | SHD ]    C:\Documents and Settings
[31/10/2008 - 15:44:49 | A | 9]    C:\Finish.log
[04/05/2010 - 02:43:36 | SHD ]    C:\found.000
[08/06/2010 - 17:53:23 | ASH | 3220295680]    C:\hiberfil.sys
[31/10/2008 - 14:34:42 | A | 481]    C:\igoogle_log.txt
[31/10/2008 - 14:42:32 | D ]    C:\Intel
[18/01/2010 - 20:47:45 | RASH | 0]    C:\IO.SYS
[06/10/2008 - 05:46:41 | A | 21]    C:\msapp2.LOG
[18/01/2010 - 20:47:45 | RASH | 0]    C:\MSDOS.SYS
[31/10/2008 - 13:33:10 | RHD ]    C:\MSOCache
[21/08/2008 - 04:00:11 | RAH | 1048576]    C:\N50V.BIN
[17/09/2008 - 04:31:35 | A | 14]    C:\N50VN_N50VC_VISTA.20
[08/08/2008 - 09:22:19 | A | 30]    C:\NERO.LOG
[04/07/2008 - 06:35:34 | A | 21]    C:\NIS2008.TXT
[16/03/2007 - 01:18:45 | A | 25]    C:\OFFICE2007_A.TXT
[08/06/2010 - 17:53:22 | ASH | 3533873152]    C:\pagefile.sys
[31/10/2008 - 02:34:05 | A | 105]    C:\Pass.txt
[18/08/2008 - 12:58:09 | A | 2561]    C:\Patch.LOG
[21/01/2008 - 04:32:31 | D ]    C:\PerfLogs
[08/06/2010 - 01:28:51 | RD ]    C:\Program Files
[08/06/2010 - 01:24:43 | HD ]    C:\ProgramData
[08/06/2010 - 00:45:22 | D ]    C:\Qoobox
[29/04/2008 - 16:30:15 | A | 20]    C:\READER_A.TXT
[17/09/2008 - 04:31:35 | A | 14]    C:\RECOVERY.DAT
[31/10/2008 - 15:16:12 | A | 426]    C:\RHDSetup.log
[08/06/2010 - 01:28:53 | D ]    C:\rsit
[31/10/2008 - 15:38:09 | A | 163]    C:\setup.log
[16/05/2006 - 02:22:24 | A | 5]    C:\store.log
[31/10/2008 - 14:10:34 | A | 166]    C:\SumHidd.txt
[31/10/2008 - 14:09:39 | A | 98]    C:\SumOS.txt
[08/06/2010 - 00:04:49 | SHD ]    C:\System Volume Information
[08/06/2010 - 20:15:41 | D ]    C:\UsbFix
[08/06/2010 - 20:16:50 | A | 16659]    C:\UsbFix.txt
[25/12/2008 - 05:04:10 | RD ]    C:\Users
[01/08/2008 - 00:40:18 | A | 21]    C:\V552.txt
[08/06/2010 - 00:45:36 | D ]    C:\Windows
[08/06/2010 - 20:15:48 | SHD ]    D:\$RECYCLE.BIN
[25/09/2009 - 17:39:17 | D ]    D:\Architecture
[10/01/2010 - 18:11:08 | D ]    D:\ConfÈrences - Pavillon de l' arsenal
[06/06/2010 - 16:57:39 | D ]    D:\Films
[31/05/2010 - 02:15:48 | D ]    D:\Musique
[02/10/2008 - 19:18:22 | A | 229921202]    D:\Neufert.pdf
[24/05/2010 - 00:40:56 | RD ]    D:\Pictures
[17/06/2009 - 20:06:50 | A | 7979088]    D:\plan masse 2 500.pdf
[30/05/2010 - 15:32:56 | D ]    D:\Program Files
[13/05/2009 - 23:50:12 | A | 598493]    D:\prÈ rendu 2.pdf
[17/06/2009 - 22:31:16 | A | 17907983]    D:\rendu a0 3.pdf
[25/09/2009 - 18:25:35 | D ]    D:\Stage Juillet 2009
[31/10/2008 - 13:26:32 | SHD ]    D:\System Volume Information

################## | Vaccin |

C:\Autorun.inf -> Dossier crÈÈ par UsbFix (El Desaparecido & C_XX)
D:\Autorun.inf -> Dossier crÈÈ par UsbFix (El Desaparecido & C_XX)

################## | Upload |

Veuillez envoyer le fichier: C:\UsbFix_Upload_Me_PC-DE-LOULOU.zip
http://chiquitine.changelog.fr/Sample/Upload.php
Merci de votre contribution.

################## | E.O.F |
bob35
Sous Expert(e)
Sous Expert(e)
 
Messages: 59
Inscription: 08 Juin 2010 00:48
 

Re: antimalware doctor

Message le 08 Juin 2010 19:41

Très bien ceci à suivre s.t.p


* Fait un double-clic sur l'icône d'OTL pour le lancer
/!\ pour Vista/Seven fais un clic-droit sur l'icône d'OTL et choisis "Exécuter en tant qu'administrateur"

* Assure-toi d'avoir fermé toutes les applications en court de fonctionnement.

* Quand la fenêtre d'OTL apparaît, assure toi que dans la section "Rapport" (en haut à droite) la case " Rapport minimal" soit cochée.

* Copies et colles le contenue de cette citation dans la partie inférieure d'OTL "Personnalisation"

:OTL
PRC - C:\Users\Loulou\gckcomka.exe ()
PRC - C:\Users\Loulou\AppData\Local\vdkzhx.exe (listé)
PRC - C:\Users\Loulou\AppData\Roaming\CBE3FBC7AC5FADF7B4C95F3071F95353\setupupdater0000.exe (MS)
PRC - C:\Program Files\AskBarDis\bar\bin\ASKUpgrade.exe ()
PRC - C:\Program Files\AskBarDis\bar\bin\AskService.exe ()
SRV - (ASKUpgrade) -- C:\Program Files\AskBarDis\bar\bin\ASKUpgrade.exe ()
SRV - (ASKService) -- C:\Program Files\AskBarDis\bar\bin\AskService.exe ()
O2 - BHO: (AskBar BHO) - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll File not found
O2 - BHO: (UrlHelper Class) - {74322BF9-DF26-493f-B0DA-6D2FC5E6429E} - C:\Program Files\BearShare Applications\BearShare MediaBar\BearShareIEHelper.dll File not found
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll File not found
O3 - HKLM\..\Toolbar: (PDFCreator Toolbar) - {31CF9EBE-5755-4A1D-AC25-2834D952D9B4} - C:\Program Files\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll File not found
O3 - HKLM\..\Toolbar: (BearShare MediaBar) - {D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A} - C:\Program Files\BearShare Applications\BearShare MediaBar\BearShareMediaBar.dll File not found
O3 - HKU\S-1-5-21-756219789-2391649786-1416619542-1000\..\Toolbar\WebBrowser: (BearShare MediaBar) - {D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A} - C:\Program Files\BearShare Applications\BearShare MediaBar\BearShareMediaBar.dll File not found
O4 - HKU\S-1-5-21-756219789-2391649786-1416619542-1000\..\Run: [gckcomka] C:\Users\Loulou\gckcomka.exe ()
O4 - HKU\S-1-5-21-756219789-2391649786-1416619542-1000\..\Run: [Halo2] C:\Users\Loulou\AppData\Local\Temp\sshnas21.DLL ()
O4 - HKU\S-1-5-21-756219789-2391649786-1416619542-1000\..\Run: [M5T8QL3YW3] C:\Users\Loulou\AppData\Local\Temp\Ck1.exe File not found
O4 - HKU\S-1-5-21-756219789-2391649786-1416619542-1000\..\Run: [setupupdater0000.exe] C:\Users\Loulou\AppData\Roaming\CBE3FBC7AC5FADF7B4C95F3071F95353\setupupdater0000.exe (MS)
O4 - HKU\S-1-5-21-756219789-2391649786-1416619542-1000\..\Run: [vdkzhx] c:\users\loulou\appdata\local\vdkzhx.exe

:Files
C:\Users\Loulou\AppData\Local\vdkzhx.exe
C:\Users\Loulou\AppData\Local\vdkzhx.dat
C:\Users\Loulou\AppData\Local\vdkzhx_navps.dat
C:\Users\Loulou\AppData\Local\syssvc.exe
C:\Users\Loulou\gckcomka.exe
C:\Users\Loulou\AppData\Local\vdkzhx.exe
C:\Users\Loulou\AppData\Local\vdkzhx_nav.dat

:Commands
[emptytemp]






* Cliques sur l'icône Correction (en haut à gauche) .
* Laisse le scan aller à son terme sans te servir du PC
* A la fin du scan un ou deux rapports vont s'ouvrir "OTL.Txt" et ( ou ) "Extras.Txt"( dans certains cas).
* Copie et colle le ou les rapports dans ta réponse stp...
* Au cas où, tu peux les retrouver dans le dossier C:\OTL ou sur ton bureau en fonction des cas rencontrés



PUIS.


Télécharge Navilog1 :
http://perso.orange.fr/il.mafioso/Navifix/Navilog1.exe
Enregistrer la cible (du lien) sous... et enregistre-le sur ton bureau.

Fais un clic-droit sur le Navilog1.exe présent sur ton bureau et choisis :
"Exécuter en tant qu'administrateur". C'est impératif : "Pour Vista et Seven seulement"

Au menu principal, Fais le choix "1"
Laisse toi guider et patiente.
De nouveau choisis 1
Patiente jusqu'au message :
*** Analyse Termine le ..... ***
Appuie sur une touche le blocnote va s'ouvrir.

Copie-colle l'intégralité du rapport dans ta réponse.
Referme le blocnote.
Note : Il sera enregistré sous C:\cleannavi.txt
Avatar de l'utilisateur
bernard53
PC-Infopraticien
PC-Infopraticien
 
Messages: 12778
Inscription: 08 Déc 2009 19:51
 

Suivante


Sujets similaires

Message antimalware
Bonjour, je voudrais me débarasser de mystart4dealwifi, j'ai utiliser plusieurs antimalware pour ca mais rien ne marche, est ce que vous avez déjà eu ce problème? autre chose, pkoi est ce que certains antispyware sont payants et d'autres pas? Cyril
Réponses: 3

Message Antimalware Service Executable
BonjourFait ceci pour voir un peu plus s.t.p.Télécharges ZHPDIAG (de Nicolas Coolman) sur ton bureau.Doubles-clique sur l'icône ZHPDiag .exe pour l?installation.Double-clique ensuite sur l?icône ZHPDiag puis : Valide Scanner puis Valide Rapport à la fin du scan : Ce dernier est aussi sauveg ...
Réponses: 1

Message problème de suppression (microsoft antimalware)
Bonsoir, voici mon problème,j'ai voulu désinstaller microsoft essential security pour en mettre un autre à la place(avira).je désinstalle donc l'antivirus de microsoft, tout se déroule bien et j'installe avira, tout est ok.Je redémarre pon pc(bureau, window 7 x64), et quand je regarde dans les proc ...
Réponses: 3

Message malwarebytes antimalware se bloque après 4 minutes
BonjourJe pense plus a un bug de MalwaresBytes car tout fonctionne en mode normal.Le dossier Wbem est créé par Windows.MalwaresBytes est bien à jour je pense?
Réponses: 1

Message incertitude concernant antimalware doctor
bonjour je suis sur pc (vista) et j ai pc tools spyware doctor. Dans son dernier rapport d'analyse il m' informe de la présence d'une menace (degrés: moyenne) s'appelant "RogueAntiSpyware.CoreGuardAntivirus2009!rem" et dans le détail du fichier apparaît le nom d' "antimalware doctor&q ...
Réponses: 24

Message pb suite désinfection malware doctor
Bonjour & bienvenue,j'ai fusionné vos sujets et supprimé votre premier rapport qui était trop long pour être hébergé ici.A lire : jeanmimigab a écrit:* NOTE: Si ceux ci sont trop long déposez-les sur CiJoint.fr et communiquer au helper le lien correspondant à vos rapports afin qu'il puisse les t ...
Réponses: 7

Message antimalware doctor : au secours
Bonjour, quand j'allume mon ordi, j'ai tout de suite une fenêtre qui s'ouvre avec écrit : """"" WARNING !!! antimalware doctor has detected 18 infected oblects on your computer during the last system scann """"" or je n'ai jamais fait de scan, n ...
Réponses: 1


Qui est en ligne

Utilisateurs parcourant ce forum: Aucun utilisateur enregistré et 5 invités


.: Nous contacter :: Flux RSS :: Données personnelles :.