Pop up récalcitrant analyse du test

acfred · le 06 Juin 2010 18:10

Bonjour,

J'ai un problème de pop up récalcitrant toujours la même celle avec un logo multicolore plein de carré j'ai donc été voir sur ce forum le sujet "pop up récalcitrant résolu" et j'ai lancer sur malwarebytes l'analyse complète. Seulement je ne sais pas quoi faire ensuite, si quelqu'un peut m'aider ce serait super.

PS : Pour info je navigue sur chrome et j'ai installer récemment adblock+

Merci de votre aide.

Voici le rapport:

Code: Tout sélectionner: Malwarebytes' Anti-Malware 1.46 http://www.malwarebytes.org Version de la base de données: 4172 Windows 5.1.2600 Service Pack 3 Internet Explorer 8.0.6001.18702 06/06/2010 19:08:27 mbam-log-2010-06-06 (19-08-27).txt Type d'examen: Examen complet (C:\|D:\|) Elément(s) analysé(s): 268161 Temps écoulé: 1 heure(s), 2 minute(s), 17 seconde(s) Processus mémoire infecté(s): 1 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 9 Valeur(s) du Registre infectée(s): 2 Elément(s) de données du Registre infecté(s): 2 Dossier(s) infecté(s): 4 Fichier(s) infecté(s): 12 Processus mémoire infecté(s): C:\documents and settings\Fred\local settings\application data\mrhnlrh.exe (Adware.Navipromo.H) -> No action taken. Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1d4db7d2-6ec9-47a3-bd87-1e41684e07bb} (Adware.MyWebSearch) -> No action taken. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{2d2bee6e-3c9a-4d58-b9ec-458edb28d0f6} (Rogue.DriveCleaner) -> No action taken. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{09f1adac-76d8-4d0f-99a5-5c907dadb988} (Rogue.Multiple) -> No action taken. HKEY_CURRENT_USER\Software\epk_extr (Trojan.Skintrim) -> No action taken. HKEY_CURRENT_USER\SOFTWARE\fcn (Rogue.Residue) -> No action taken. HKEY_CURRENT_USER\SOFTWARE\OOO (Malware.Trace) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\EoRezo (Rogue.Eorezo) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\OOO (Rogue.LivePlayer) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\WebMediaPlayer (Rogue.WebMedia) -> No action taken. Valeur(s) du Registre infectée(s): HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\mrhnlrh (Adware.Navipromo.H) -> No action taken. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\iyqqqmy (Trojan.Agent.H) -> No action taken. Elément(s) de données du Registre infecté(s): HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken. Dossier(s) infecté(s): C:\Program Files\WebMediaPlayer (Adware.EGDAccess) -> No action taken. C:\Program Files\WebMediaPlayer\resources (Adware.EGDAccess) -> No action taken. C:\Program Files\WebMediaPlayer\skins (Adware.EGDAccess) -> No action taken. C:\Program Files\WebMediaPlayer\updates (Adware.EGDAccess) -> No action taken. Fichier(s) infecté(s): C:\Documents and Settings\Fred\Local Settings\Application Data\mrhnlrh_navps.dat (Adware.Navipromo.H) -> No action taken. C:\Documents and Settings\Fred\Local Settings\Application Data\mrhnlrh_nav.dat (Adware.Navipromo.H) -> No action taken. C:\Documents and Settings\Fred\Local Settings\Application Data\mrhnlrh.dat (Adware.Navipromo.H) -> No action taken. C:\Documents and Settings\Fred\Local Settings\Application Data\mrhnlrh.exe (Adware.Navipromo.H) -> No action taken. C:\Program Files\WebMediaPlayer\sqlite3.dll (Adware.EGDAccess) -> No action taken. C:\Program Files\WebMediaPlayer\Website.url (Adware.EGDAccess) -> No action taken. C:\Program Files\WebMediaPlayer\Confidentialité.url (Adware.EGDAccess) -> No action taken. C:\Program Files\WebMediaPlayer\Conditions générales.url (Adware.EGDAccess) -> No action taken. C:\Program Files\WebMediaPlayer\resources\languages_v2.xml (Adware.EGDAccess) -> No action taken. C:\Program Files\WebMediaPlayer\resources\webmedias (Adware.EGDAccess) -> No action taken. C:\Program Files\WebMediaPlayer\skins\classic.skn (Adware.EGDAccess) -> No action taken. C:\WINDOWS\system32\nvs2.inf (Adware.EGDAccess) -> No action taken.

EDIT Skynet : balises [code] ajoutées.

jeanmimigab · le 06 Juin 2010 18:32

hello,

Bienvenue sur PC-Infopratique :wink:

tu as bien supprimés les éléments trouvés par Malwarebytes ?
si oui, c'est OK, sinon fais le et redémarres ton pc comme demandé par Malwarebytes

Fais cela stp...

* Télécharge >> OTL <<sur ton bureau.

* Fait un double-clic sur l'icône d'OTL pour le lancer

* Assure toi d'avoir fermé toutes les applications en court de fonctionnement.

* Quand la fenêtre d'OTL apparaît, assure toi que dans la section "Rapport" (en haut à droite) la case "rapport minimal " soit cochée.

* Coches les case situées devant "Tous les utilisateurs", " Recherche LOP" et "Recherche Purity".

* Copier et colle le contenue de cette citation dans la partie inférieure d'OTL "personnalisation"

%systemroot%\system32\drivers\*.sys /lockedfiles
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%SYSTEMDRIVE%\*.exe
netsvcs
%SYSTEMDRIVE%\*.exe
/md5start
tcpip.sys
Sfloppy.sys
Changer.sys
cdrom.sys
disk.sys
ndis.sys
usbscan.sys
usbprint.sys
tdtcp.sys
tdpipe.sys
swmidi.sys
splitter.sys
rdpwd.sys
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
sceclt.dll
ntelogon.dll
logevent.dll
RASACD.SYS
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
nvrd32.sys
/md5stop
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles

* Cliques sur l'icône "Analyse" (en haut à gauche) .
* Laisse le scan aller à son terme sans te servir du PC
* A la fin du scan deux rapports vont s'ouvrir "OTL.Txt" et ( ou ) "Extras.Txt"( réduit dans la barre des taches).
* Copie et colle les rapports dans ta réponse stp...
* Au cas où, tu peux les retrouver dans le dossier C:\OTL ou sur ton bureau en fonction des cas rencontrés

acfred · le 06 Juin 2010 19:29

Merci de ton coup de main voila le rapport OTL :

Code: Tout sélectionner: OTL logfile created on: 06/06/2010 20:16:57 - Run 1 OTL by OldTimer - Version 3.2.5.3 Folder = C:\Documents and Settings\Fred\Mes documents\Downloads Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy 1 014,00 Mb Total Physical Memory | 411,00 Mb Available Physical Memory | 41,00% Memory free 2,00 Gb Paging File | 2,00 Gb Available in Paging File | 79,00% Paging File free Paging file location(s): C:\pagefile.sys 1524 3048 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 35,60 Gb Total Space | 3,36 Gb Free Space | 9,44% Space Free | Partition Type: FAT32 Drive D: | 35,98 Gb Total Space | 2,52 Gb Free Space | 7,01% Space Free | Partition Type: FAT32 E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: FREDERIC1 Current User Name: Fred Logged in as Administrator. Current Boot Mode: Normal Scan Mode: All users Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days Output = Minimal [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - C:\Documents and Settings\Fred\Mes documents\Downloads\OTL.exe (OldTimer Tools) PRC - C:\Documents and Settings\Fred\Local Settings\Application Data\Google\Chrome\Application\chrome.exe (Google Inc.) PRC - C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe (RealNetworks, Inc.) PRC - C:\Program Files\Fichiers communs\Java\Java Update\jucheck.exe (Sun Microsystems, Inc.) PRC - C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe (Sun Microsystems, Inc.) PRC - C:\Program Files\Alwil Software\Avast4\ashDisp.exe (ALWIL Software) PRC - C:\Program Files\Alwil Software\Avast4\ashServ.exe (ALWIL Software) PRC - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe (ALWIL Software) PRC - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe (ALWIL Software) PRC - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe (ALWIL Software) PRC - C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corporation) PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation) PRC - C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe (SlySoft, Inc.) PRC - C:\WINDOWS\system32\drivers\CDAC11BA.EXE (Macrovision) PRC - C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe (Nero AG) PRC - C:\Program Files\Launch Manager\QtZgAcer.EXE (Dritek System Inc.) PRC - C:\Program Files\Acer\eRecovery\Monitor.exe (acer Inc.) PRC - C:\Acer\ePM\epm-dm.exe (Acer Inc) PRC - C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLSched.exe () PRC - C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLCapSvc.exe () PRC - C:\Program Files\Acer\Acer Arcade\PCMService.exe (CyberLink Corp.) PRC - C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLService.exe (Cyberlink) PRC - C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLServer.exe (Cyberlink) PRC - C:\Acer\eManager\anbmServ.exe (OSA Technologies Inc.) PRC - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe (Intel Corporation ) PRC - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe (Intel Corporation) PRC - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe (Intel Corporation) PRC - C:\Program Files\Synaptics\SynTP\SynTPLpr.exe (Synaptics, Inc.) PRC - C:\Program Files\NGS Mouse Driver\MouseDrv.exe () PRC - C:\Program Files\SuperCopier\SuperCopier.exe (SFX TEAM) PRC - C:\Program Files\PikaOne Software\FlyCASE\PikaBackup.exe (PikaOne) [color=#E56717]========== Modules (SafeList) ==========[/color] MOD - C:\Documents and Settings\Fred\Mes documents\Downloads\OTL.exe (OldTimer Tools) MOD - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Chrome\Hook\rpchromebrowserrecordhelper.dll (RealPlayer) MOD - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6001.22319_x-ww_f0b4c2df\GdiPlus.dll (Microsoft Corporation) MOD - C:\WINDOWS\system32\msacm32.dll (Microsoft Corporation) MOD - C:\WINDOWS\AppPatch\AcGenral.dll (Microsoft Corporation) MOD - C:\WINDOWS\system32\msscript.ocx (Microsoft Corporation) MOD - C:\WINDOWS\system32\SynTPFcs.dll (Synaptics, Inc.) MOD - C:\WINDOWS\system32\serwvdrv.dll (Microsoft Corporation) MOD - C:\WINDOWS\system32\umdmxfrm.dll (Microsoft Corporation) MOD - C:\WINDOWS\system32\msvcp71.dll (Microsoft Corporation) MOD - C:\WINDOWS\system32\msvcr71.dll (Microsoft Corporation) [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - (avast! Antivirus) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe (ALWIL Software) SRV - (avast! Mail Scanner) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe (ALWIL Software) SRV - (avast! Web Scanner) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe (ALWIL Software) SRV - (aswUpdSv) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe (ALWIL Software) SRV - (SeaPort) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corporation) SRV - (getPlus(R) Helper) getPlus(R) -- C:\Program Files\NOS\bin\getPlus_HelperSvc.exe (NOS Microsystems Ltd.) SRV - (SerialKeys) -- C:\WINDOWS\system32\skeys.exe (Microsoft Corporation) SRV - (Pml Driver HPZ12) -- C:\WINDOWS\system32\HPZipm12.exe (HP) SRV - (ServiceLayer) -- C:\Program Files\Fichiers communs\PCSuite\Services\ServiceLayer.exe (Nokia.) SRV - (C-DillaCdaC11BA) -- C:\WINDOWS\system32\drivers\CDAC11BA.EXE (Macrovision) SRV - (CLSched) CyberLink Task Scheduler (CTS) -- C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLSched.exe () SRV - (CLCapSvc) CyberLink Background Capture Service (CBCS) -- C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLCapSvc.exe () SRV - (CyberLink Media Library Service) -- C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLServer.exe (Cyberlink) SRV - (anbmService) -- C:\Acer\eManager\anbmServ.exe (OSA Technologies Inc.) SRV - (S24EventMonitor) -- C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe (Intel Corporation ) SRV - (EvtEng) -- C:\Program Files\Intel\Wireless\Bin\EvtEng.exe (Intel Corporation) SRV - (RegSrvc) -- C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe (Intel Corporation) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - (aswMon2) -- C:\WINDOWS\system32\drivers\aswmon2.sys (ALWIL Software) DRV - (aswSP) -- C:\WINDOWS\system32\drivers\aswSP.sys (ALWIL Software) DRV - (aswFsBlk) -- C:\WINDOWS\system32\drivers\aswFsBlk.sys (ALWIL Software) DRV - (aswTdi) -- C:\WINDOWS\system32\drivers\aswTdi.sys (ALWIL Software) DRV - (aswRdr) -- C:\WINDOWS\system32\drivers\aswRdr.sys (ALWIL Software) DRV - (Aavmker4) -- C:\WINDOWS\system32\drivers\aavmker4.sys (ALWIL Software) DRV - (sptd) -- C:\WINDOWS\System32\Drivers\sptd.sys () DRV - (amdagp) -- C:\WINDOWS\system32\DRIVERS\amdagp.sys (Advanced Micro Devices, Inc.) DRV - (sisagp) -- C:\WINDOWS\system32\DRIVERS\sisagp.sys (Silicon Integrated Systems Corporation) DRV - (HDAudBus) -- C:\WINDOWS\system32\drivers\Hdaudbus.sys (Windows (R) Server 2003 DDK provider) DRV - (Nokia USB Phone Parent) -- C:\WINDOWS\system32\drivers\nmwcd.sys (Nokia) DRV - (Nokia USB Modem) -- C:\WINDOWS\system32\drivers\nmwcdcm.sys (Nokia) DRV - (Nokia USB Generic) -- C:\WINDOWS\system32\drivers\nmwcdc.sys (Nokia) DRV - (CdaC15BA) -- C:\WINDOWS\system32\drivers\CDAC15BA.SYS (Macrovision Europe Ltd) DRV - (RT61) -- C:\WINDOWS\system32\drivers\rt61.sys (Ralink Technology Inc.) DRV - (NTIDrvr) -- C:\WINDOWS\system32\drivers\NTIDrvr.sys (NewTech Infosystems, Inc.) DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\WINDOWS\system32\drivers\RtkHDAud.sys (Realtek Semiconductor Corp.) DRV - (AnyDVD) -- C:\WINDOWS\system32\drivers\AnyDVD.sys (SlySoft, Inc.) DRV - (osaio) -- C:\WINDOWS\system32\drivers\osaio.sys (OSA Technologies, An Avocent Company) DRV - (HSF_DPV) -- C:\WINDOWS\system32\drivers\HSF_DPV.sys (Conexant Systems, Inc.) DRV - (HSFHWAZL) -- C:\WINDOWS\system32\drivers\HSFHWAZL.sys (Conexant Systems, Inc.) DRV - (winachsf) -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys (Conexant Systems, Inc.) DRV - (ElbyCDIO) -- C:\WINDOWS\system32\drivers\ElbyCDIO.sys (Elaborate Bytes AG) DRV - (EpmShd) -- C:\WINDOWS\system32\drivers\epm-shd.sys (Acer Value Labs, USA) DRV - (ovt530) -- C:\WINDOWS\system32\drivers\ov530vid.sys (OmniVision Technologies, Inc.) DRV - (RTL8023xp) -- C:\WINDOWS\system32\drivers\Rtlnicxp.sys (Realtek Semiconductor Corporation ) DRV - (Afc) -- C:\WINDOWS\system32\drivers\afc.sys (Arcsoft, Inc.) DRV - (osanbm) -- C:\WINDOWS\system32\drivers\osanbm.sys (Windows (R) 2000 DDK provider) DRV - (int15.sys) -- C:\Program Files\Acer\eRecovery\int15.sys () DRV - (HdAudAddService) -- C:\WINDOWS\system32\drivers\Hdaudio.sys (Windows (R) Server 2003 DDK provider) DRV - (UBHelper) -- C:\WINDOWS\system32\drivers\UBHelper.sys () DRV - (DKbFltr) -- C:\WINDOWS\system32\drivers\DKbFltr.SYS (Dritek System Inc.) DRV - (w29n51) Pilote de carte de connexion réseau Intel(R) -- C:\WINDOWS\system32\drivers\w29n51.sys (Intel® Corporation) DRV - (s24trans) -- C:\WINDOWS\system32\drivers\s24trans.sys (Intel Corporation) DRV - (SynTP) -- C:\WINDOWS\system32\drivers\SynTP.sys (Synaptics, Inc.) DRV - (dac2w2k) -- C:\WINDOWS\system32\DRIVERS\dac2w2k.sys (Mylex Corporation) DRV - (ql1280) -- C:\WINDOWS\system32\DRIVERS\ql1280.sys (QLogic Corporation) DRV - (ql12160) -- C:\WINDOWS\system32\DRIVERS\ql12160.sys (QLogic Corporation) DRV - (ql1080) -- C:\WINDOWS\system32\DRIVERS\ql1080.sys (QLogic Corporation) DRV - (ultra) -- C:\WINDOWS\system32\DRIVERS\ultra.sys (Promise Technology, Inc.) DRV - (symc8xx) -- C:\WINDOWS\system32\DRIVERS\symc8xx.sys (LSI Logic) DRV - (sym_u3) -- C:\WINDOWS\system32\DRIVERS\sym_u3.sys (LSI Logic) DRV - (sym_hi) -- C:\WINDOWS\system32\DRIVERS\sym_hi.sys (LSI Logic) DRV - (asc) -- C:\WINDOWS\system32\DRIVERS\asc.sys (Advanced System Products, Inc.) DRV - (Sparrow) -- C:\WINDOWS\system32\DRIVERS\sparrow.sys (Adaptec, Inc.) DRV - (mraid35x) -- C:\WINDOWS\system32\DRIVERS\mraid35x.sys (American Megatrends Inc.) DRV - (symc810) -- C:\WINDOWS\system32\DRIVERS\symc810.sys (Symbios Logic Inc.) DRV - (asc3550) -- C:\WINDOWS\system32\DRIVERS\asc3550.sys (Advanced System Products, Inc.) DRV - (CmdIde) -- C:\WINDOWS\system32\DRIVERS\cmdide.sys (CMD Technology, Inc.) DRV - (AliIde) -- C:\WINDOWS\system32\DRIVERS\aliide.sys (Acer Laboratories Inc.) DRV - (EpmPsd) -- C:\WINDOWS\system32\drivers\epm-psd.sys (Acer Value Labs, USA) DRV - (ElbyDelay) -- C:\WINDOWS\system32\drivers\ElbyDelay.sys (Elaborate Bytes AG) DRV - (TaurusUsb) -- C:\WINDOWS\system32\drivers\torususb.sys () DRV - (Stmatm) -- C:\WINDOWS\system32\drivers\stmatm.sys (STMicroelectronics ) DRV - (NPF) -- C:\WINDOWS\system32\drivers\npf.sys (Politecnico di Torino) DRV - (MODEMCSA) -- C:\WINDOWS\system32\drivers\MODEMCSA.sys (Microsoft Corporation) DRV - (Aspi32) -- C:\WINDOWS\system32\drivers\Aspi32.sys (Adaptec) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yoower.com/ IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-1377555683-3664876793-2747138006-1005\SOFTWARE\Microsoft\Internet Explorer\Main,AlwaysUseDefaultPrinter = IE - HKU\S-1-5-21-1377555683-3664876793-2747138006-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR IE - HKU\S-1-5-21-1377555683-3664876793-2747138006-1005\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1 IE - HKU\S-1-5-21-1377555683-3664876793-2747138006-1005\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google IE - HKU\S-1-5-21-1377555683-3664876793-2747138006-1005\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8 IE - HKU\S-1-5-21-1377555683-3664876793-2747138006-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ IE - HKU\S-1-5-21-1377555683-3664876793-2747138006-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://fr.msn.com/?ocid=iehp IE - HKU\S-1-5-21-1377555683-3664876793-2747138006-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = fr IE - HKU\S-1-5-21-1377555683-3664876793-2747138006-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 9B 66 BC 61 6C DD C9 01 [binary data] IE - HKU\S-1-5-21-1377555683-3664876793-2747138006-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore = http://www.yoower.com/ IE - HKU\S-1-5-21-1377555683-3664876793-2747138006-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-1377555683-3664876793-2747138006-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local FF - HKLM\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2010/03/13 10:20:42 | 000,000,000 | ---D | M] [2008/04/24 22:44:20 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions [2008/04/24 22:44:24 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\realplayer@partners.mozilla.com O1 HOSTS File: ([2004/08/05 05:00:00 | 000,000,790 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer) O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found. O2 - BHO: (EoBho Class) - {64F56FC1-1272-44CD-BA6E-39723696E350} - C:\PROGRA~1\eoRezo\EoAdv\EOREZO~1.DLL File not found O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation) O2 - BHO: (Programme d'aide de l'Assistant de connexion Windows Live) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll (Google Inc.) O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation) O3 - HKLM\..\Toolbar: (Veoh Web Player Video Finder) - {0FBB9689-D3D7-4f7a-A2E2-585B10099BFC} - C:\Program Files\Veoh Networks\VeohWebPlayer\VeohIEToolbar.dll (Veoh Networks Inc) O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation) O3 - HKLM\..\Toolbar: (Veoh Browser Plug-in) - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll (Veoh Networks Inc) O3 - HKU\S-1-5-21-1377555683-3664876793-2747138006-1005\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found. O3 - HKU\S-1-5-21-1377555683-3664876793-2747138006-1005\..\Toolbar\WebBrowser: (no name) - {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - No CLSID value found. O3 - HKU\S-1-5-21-1377555683-3664876793-2747138006-1005\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation) O3 - HKU\S-1-5-21-1377555683-3664876793-2747138006-1005\..\Toolbar\WebBrowser: (PDFCreator Toolbar) - {31CF9EBE-5755-4A1D-AC25-2834D952D9B4} - C:\Program Files\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll File not found O4 - HKLM..\Run: [AdslTaskBar] C:\WINDOWS\System32\stmctrl.dll (BeWAN systems ) O4 - HKLM..\Run: [Agendatronic Alarm] C:\PROGRA~1\RIBMON~1\AGENDA~1\AlarmClock\AlarmClock.exe File not found O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.) O4 - HKLM..\Run: [AnyDVD] C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe (SlySoft, Inc.) O4 - HKLM..\Run: [avast!] C:\Program Files\Alwil Software\Avast4\ashDisp.exe (ALWIL Software) O4 - HKLM..\Run: [AzMixerSel] C:\Program Files\Realtek\InstallShield\AzMixerSel.exe (Realtek Semiconductor Corp.) O4 - HKLM..\Run: [CreativeMouse ] C:\Program Files\NGS Mouse Driver\MouseDrv.exe () O4 - HKLM..\Run: [EPM-DM] c:\Acer\ePM\epm-dm.exe (Acer Inc) O4 - HKLM..\Run: [ePowerManagement] C:\Acer\ePM\ePM.exe (Acer Value Labs, Taiwan) O4 - HKLM..\Run: [eRecoveryService] C:\Program Files\Acer\eRecovery\Monitor.exe (acer Inc.) O4 - HKLM..\Run: [High Definition Audio Property Page Shortcut] C:\WINDOWS\System32\HdAShCut.exe (Windows (R) Server 2003 DDK provider) O4 - HKLM..\Run: [IMJPMIG8.1] C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE (Microsoft Corporation) O4 - HKLM..\Run: [LaunchApp] C:\WINDOWS\Alaunch.exe (Acer Inc.) O4 - HKLM..\Run: [LManager] C:\Program Files\Launch Manager\QtZgAcer.EXE (Dritek System Inc.) O4 - HKLM..\Run: [MSPY2002] C:\WINDOWS\System32\IME\PINTLGNT\ImScInst.exe () O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh) O4 - HKLM..\Run: [NWEReboot] File not found O4 - HKLM..\Run: [PCMService] C:\Program Files\Acer\Acer Arcade\PCMService.exe (CyberLink Corp.) O4 - HKLM..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation) O4 - HKLM..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation) O4 - HKLM..\Run: [PROMT Integrator] C:\Program Files\PROMT5\INTEGRAL\PinStart.exe (PROject MT, Ltd.) O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe (Sun Microsystems, Inc.) O4 - HKLM..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe (Synaptics, Inc.) O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe (RealNetworks, Inc.) O4 - HKU\S-1-5-21-1377555683-3664876793-2747138006-1005..\Run: [] File not found O4 - HKU\S-1-5-21-1377555683-3664876793-2747138006-1005..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe (Nero AG) O4 - HKU\S-1-5-21-1377555683-3664876793-2747138006-1005..\Run: [SuperCopier.exe] C:\Program Files\SuperCopier\SuperCopier.exe (SFX TEAM) O4 - HKU\S-1-5-21-1377555683-3664876793-2747138006-1005..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.) O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe (Adobe Systems Incorporated) O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Google Updater.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe (Google) O4 - Startup: C:\Documents and Settings\Fred\Menu Démarrer\Programmes\Démarrage\Pika Backup.lnk = C:\Program Files\PikaOne Software\FlyCASE\PikaBackup.exe (PikaOne) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-1377555683-3664876793-2747138006-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O9 - Extra Button: Traduction - {7A2EFD41-E6B3-11D2-89E3-00E0292EE574} - C:\Program Files\PROMT5\PROMTIE4\promtie5.htm () O9 - Extra 'Tools' menuitem : Traduire - {7A2EFD41-E6B3-11D2-89E3-00E0292EE574} - C:\Program Files\PROMT5\PROMTIE4\promtie5.htm () O9 - Extra 'Tools' menuitem : Personnaliser les options de traduction - {7A2EFD41-E6B3-11D2-89E3-00E0292EE575} - C:\Program Files\PROMT5\PROMTIE4\OPTIONS.HTM () O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O16 - DPF: {09CC593B-E8A9-4491-927D-A3E33534DDD4} http://www.m6video.fr/1click/install/files/installer2.cab (InstallerObj Class) O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} http://lesportesdepolux.spaces.live.com//PhotoUpload/MsnPUpld.cab (MSN Photo Upload Tool) O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab (Symantec RuFSI Utility Class) O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} http://download.divx.com/player/DivXBrowserPlugin.cab (DivXBrowserPlugin Object) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18) O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O16 - DPF: {E1AF091A-9F23-4059-89D7-C05EE073285D} https://www.canalplay.com/cabs/msway44.cab (Canal+ Active MSWAY) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 212.27.40.240 212.27.40.241 O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Fichiers communs\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation) O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS\System32\igfxdev.dll (Intel Corporation) O24 - Desktop Components:0 (Ma page d'accueil) - About:Home O24 - Desktop WallPaper: C:\Documents and Settings\Fred\Local Settings\Application Data\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: C:\Documents and Settings\Fred\Local Settings\Application Data\Microsoft\Wallpaper1.bmp O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2005/08/24 03:52:00 | 000,000,050 | ---- | M] () - C:\AUTOEXEC.BAT -- [ FAT32 ] O33 - MountPoints2\{5d896f00-d76c-11dc-8290-0013ce90b6fb}\Shell - "" = AutoRun O33 - MountPoints2\{667de94e-d765-11dc-828f-0013ce90b6fb}\Shell - "" = AutoRun O33 - MountPoints2\{cad81a80-271c-11dc-81a5-0013ce90b6fb}\Shell\Auto\command - "" = H:\bittorrent.exe -- File not found O33 - MountPoints2\{fa2b09d8-ef85-11db-8118-0013ce90b6fb}\Shell\Auto\command - "" = G:\bittorrent.exe -- File not found O34 - HKLM BootExecute: (autocheck autochk /p \??\F:) - File not found O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* MsConfig - StartUpReg: [b]BitTorrent[/b] - hkey= - key= - C:\Program Files\BitTorrent\bittorrent.exe File not found MsConfig - StartUpReg: [b]DAEMON Tools Lite[/b] - hkey= - key= - C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd) MsConfig - StartUpReg: [b]PCSuiteTrayApplication[/b] - hkey= - key= - C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe (Nokia) MsConfig - StartUpReg: [b]PcSync[/b] - hkey= - key= - C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe (Time Information Services Ltd.) MsConfig - StartUpReg: [b]Veoh[/b] - hkey= - key= - C:\Program Files\Veoh Networks\Veoh\VeohClient.exe (Veoh Networks) MsConfig - StartUpReg: [b]VeohPlugin[/b] - hkey= - key= - C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe (Veoh Networks) SafeBootMin: Base - Driver Group SafeBootMin: Boot Bus Extender - Driver Group SafeBootMin: Boot file system - Driver Group SafeBootMin: File system - Driver Group SafeBootMin: Filter - Driver Group SafeBootMin: PCI Configuration - Driver Group SafeBootMin: PNP Filter - Driver Group SafeBootMin: Primary disk - Driver Group SafeBootMin: SCSI Class - Driver Group SafeBootMin: sermouse.sys - Driver SafeBootMin: System Bus Extender - Driver Group SafeBootMin: vds - Service SafeBootMin: vga.sys - Driver SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet: Base - Driver Group SafeBootNet: Boot Bus Extender - Driver Group SafeBootNet: Boot file system - Driver Group SafeBootNet: File system - Driver Group SafeBootNet: Filter - Driver Group SafeBootNet: NDIS Wrapper - Driver Group SafeBootNet: NetBIOSGroup - Driver Group SafeBootNet: NetDDEGroup - Driver Group SafeBootNet: Network - Driver Group SafeBootNet: NetworkProvider - Driver Group SafeBootNet: PCI Configuration - Driver Group SafeBootNet: PNP Filter - Driver Group SafeBootNet: PNP_TDI - Driver Group SafeBootNet: Primary disk - Driver Group SafeBootNet: SCSI Class - Driver Group SafeBootNet: sermouse.sys - Driver SafeBootNet: Streams Drivers - Driver Group SafeBootNet: System Bus Extender - Driver Group SafeBootNet: TDI - Driver Group SafeBootNet: vga.sys - Driver SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun) ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Rendu VML (Vector Graphics Rendering) ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4 ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Liaison de données Dynamic HTML pour Java ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Création avancée ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - Classes Java DirectAnimation ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6 ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access ActiveX: {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - Dossiers Web ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe -BaseSettings ActiveX: {8b15971b-5355-4c82-8c07-7e181ea07608} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\fxsocm.inf,Fax.Install.PerUser ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding ActiveX: {94de52c8-2d59-4f1b-883e-79663d2d9a8c} - Fax Provider ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Planificateur de tâches ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1 ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Adobe Flash Player ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface ActiveX: <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exe ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\WINDOWS\system32\ie4uinit.exe -UserIconConfig ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE ActiveX: >{DFB17AA8-042A-429D-987C-26CE244A4189} - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation) Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS) Drivers32: msacm.l3codecp - File not found Drivers32: msacm.mkdmp3enc - C:\PROGRA~1\Acer\ACERAR~1\Kernel\Burner\MKDMP3Enc.ACM File not found Drivers32: msacm.siren - C:\WINDOWS\System32\sirenacm.dll (Microsoft Corporation) Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.) Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.) Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation) Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.) Drivers32: vidc.dvsd - C:\WINDOWS\System32\pdvcodec.dll (Matsushita Electric Industrial Co., Ltd.) Drivers32: vidc.ffds - C:\WINDOWS\System32\ff_vfw.dll () Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll () Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll () Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation) Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation) Drivers32: vidc.XVID - C:\WINDOWS\System32\xvidvfw.dll () Drivers32: wave1 - C:\WINDOWS\System32\serwvdrv.dll (Microsoft Corporation) NetSvcs: 6to4 - File not found NetSvcs: Ias - C:\WINDOWS\system32\ias [2005/08/24 03:23:34 | 000,000,000 | ---D | M] NetSvcs: Iprip - File not found NetSvcs: Irmon - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: Wmi - C:\WINDOWS\system32\wmi.dll (Microsoft Corporation) NetSvcs: WmdmPmSp - File not found [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2010/06/06 11:15:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Fred\Application Data\Malwarebytes [2010/06/06 11:14:55 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys [2010/06/06 11:14:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes [2010/06/06 11:14:52 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys [2010/06/06 11:14:52 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware [2010/05/30 12:09:38 | 000,000,000 | -HSD | C] -- C:\FOUND.017 [2010/05/25 07:28:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Fred\Application Data\vlc [2010/05/14 10:22:35 | 000,000,000 | ---D | C] -- C:\Program Files\JRE [2010/05/14 10:13:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Fred\Bureau\OpenOffice.org 3.2 (fr) Installation Files [2010/05/14 10:13:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Documents\sun [4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2010/06/06 20:12:18 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2010/06/06 20:11:34 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\eRLog.ini [2010/06/06 20:11:10 | 000,001,000 | ---- | M] () -- C:\WINDOWS\tasks\Google Software Updater.job [2010/06/06 20:10:56 | 000,000,276 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1377555683-3664876793-2747138006-1005.job [2010/06/06 20:10:54 | 000,001,050 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job [2010/06/06 20:10:44 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT [2010/06/06 20:10:40 | 000,000,062 | ---- | M] () -- C:\WINDOWS\PikaBackup.INI [2010/06/06 20:10:06 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2010/06/06 20:10:04 | 1063,374,848 | -HS- | M] () -- C:\hiberfil.sys [2010/06/06 20:09:10 | 013,631,488 | -H-- | M] () -- C:\Documents and Settings\Fred\NTUSER.DAT [2010/06/06 20:08:42 | 000,000,184 | -HS- | M] () -- C:\Documents and Settings\Fred\ntuser.ini [2010/06/06 20:07:16 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-1377555683-3664876793-2747138006-1005.job [2010/06/06 19:30:14 | 000,001,054 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job [2010/06/06 11:55:04 | 000,011,158 | ---- | M] () -- C:\Documents and Settings\Fred\Mes documents\Sans nom 1fd.odt [2010/06/06 11:15:00 | 000,000,609 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Malwarebytes' Anti-Malware.lnk [2010/06/06 09:47:52 | 000,000,430 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{A91DE4A0-A2FF-4DAA-933F-04AD026E704C}.job [2010/06/05 20:53:56 | 000,225,280 | ---- | M] () -- C:\Documents and Settings\Fred\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010/06/05 18:42:02 | 000,001,090 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1377555683-3664876793-2747138006-1005Core1cac6c1a970742c.job [2010/05/28 18:46:54 | 000,002,190 | ---- | M] () -- C:\Documents and Settings\Fred\Bureau\Google Chrome.lnk [2010/05/25 07:27:34 | 000,000,632 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\VLC media player.lnk [2010/05/21 18:32:40 | 000,001,828 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Google Earth.lnk [2010/05/15 10:59:46 | 000,813,064 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2010/05/14 10:23:48 | 000,000,897 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\OpenOffice.org 3.2.lnk [2010/05/14 09:31:36 | 150,968,072 | ---- | M] () -- C:\Documents and Settings\Fred\Bureau\OOo_3.2.0_Win32Intel_install_wJRE_fr.exe [2010/05/14 07:01:26 | 018,499,623 | ---- | M] () -- C:\Documents and Settings\Fred\Mes documents\vlc-1.0.5-win32.exe [2010/05/12 07:57:00 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK [4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2010/06/06 11:54:59 | 000,011,158 | ---- | C] () -- C:\Documents and Settings\Fred\Mes documents\Sans nom 1fd.odt [2010/06/06 11:14:58 | 000,000,609 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Malwarebytes' Anti-Malware.lnk [2010/05/25 07:27:32 | 000,000,632 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\VLC media player.lnk [2010/05/21 18:32:38 | 000,001,828 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Google Earth.lnk [2010/05/14 10:23:47 | 000,000,897 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\OpenOffice.org 3.2.lnk [2010/05/14 09:26:35 | 150,968,072 | ---- | C] () -- C:\Documents and Settings\Fred\Bureau\OOo_3.2.0_Win32Intel_install_wJRE_fr.exe [2008/08/25 19:00:20 | 000,000,420 | ---- | C] () -- C:\WINDOWS\cdplayer.ini [2008/02/01 10:51:06 | 000,000,024 | ---- | C] () -- C:\WINDOWS\memo.ini [2007/11/10 10:58:51 | 000,691,696 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys [2007/11/09 18:26:26 | 000,001,078 | ---- | C] () -- C:\WINDOWS\VPlayer.INI [2007/08/12 22:03:26 | 000,000,072 | ---- | C] () -- C:\WINDOWS\EurekaLog.ini [2007/01/28 18:10:53 | 000,000,036 | ---- | C] () -- C:\WINDOWS\PikaFormat.INI [2007/01/28 18:10:14 | 000,000,062 | ---- | C] () -- C:\WINDOWS\PikaBackup.INI [2006/08/27 19:08:57 | 000,000,083 | ---- | C] () -- C:\WINDOWS\wwp.INI [2006/06/28 00:09:25 | 000,000,227 | ---- | C] () -- C:\WINDOWS\HP_CounterReport_Update_HPSU.ini [2006/06/28 00:09:11 | 000,000,214 | ---- | C] () -- C:\WINDOWS\HP_48BitScanUpdatePatch.ini [2006/06/28 00:00:32 | 000,000,206 | ---- | C] () -- C:\WINDOWS\HPGdiPlus.ini [2006/06/27 23:59:17 | 000,000,221 | ---- | C] () -- C:\WINDOWS\HP_RedboxHprblog_HPSU.ini [2006/06/27 23:29:20 | 000,000,037 | ---- | C] () -- C:\WINDOWS\emcee.ini [2006/06/22 18:06:33 | 000,000,035 | ---- | C] () -- C:\WINDOWS\C_it.ini [2006/06/21 19:46:02 | 000,000,072 | ---- | C] () -- C:\WINDOWS\boxworld.ini [2006/06/01 00:19:47 | 000,000,038 | ---- | C] () -- C:\WINDOWS\SOL.INI [2006/05/28 02:13:52 | 000,541,090 | R--- | C] () -- C:\WINDOWS\System32\drivers\torususb.sys [2006/05/28 00:26:45 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini [2006/05/27 19:07:10 | 000,639,052 | ---- | C] () -- C:\WINDOWS\System32\BBPDFPortMon.dll [2006/05/27 18:51:14 | 000,000,385 | ---- | C] () -- C:\WINDOWS\ODBC.INI [2006/05/27 17:34:00 | 000,000,638 | ---- | C] () -- C:\WINDOWS\System32\Autorun.ini [2006/05/27 17:29:59 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\eRLog.ini [2006/05/27 17:23:31 | 000,000,000 | ---- | C] () -- C:\WINDOWS\NT.INI [2006/05/27 17:21:23 | 000,053,299 | ---- | C] () -- C:\WINDOWS\System32\pthreadVC.dll [2005/12/07 12:31:00 | 000,202,752 | R--- | C] () -- C:\WINDOWS\System32\CddbCdda.dll [2005/08/25 08:53:52 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini [2005/08/25 08:34:26 | 000,000,033 | ---- | C] () -- C:\WINDOWS\Acer.ini [2005/08/25 08:34:25 | 000,000,319 | ---- | C] () -- C:\WINDOWS\uninstall.ini [2005/08/24 03:52:22 | 000,001,024 | RH-- | C] () -- C:\WINDOWS\System32\NTIBUN4.dll [2005/08/24 03:52:10 | 000,013,952 | ---- | C] () -- C:\WINDOWS\System32\drivers\UBHelper.sys [2005/08/24 03:51:28 | 000,001,024 | RH-- | C] () -- C:\WINDOWS\System32\NTIMPEG2.dll [2005/08/24 03:51:28 | 000,001,024 | RH-- | C] () -- C:\WINDOWS\System32\NTIMP3.dll [2005/08/24 03:51:28 | 000,001,024 | RH-- | C] () -- C:\WINDOWS\System32\NTIFCD3.dll [2005/08/24 03:51:28 | 000,001,024 | RH-- | C] () -- C:\WINDOWS\System32\NTICDMK7.dll [2005/08/24 03:39:42 | 000,000,750 | ---- | C] () -- C:\WINDOWS\PowerOption.ini [2005/08/24 03:39:18 | 000,037,776 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini [2005/08/24 03:32:09 | 000,003,712 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini [2005/04/04 11:52:42 | 000,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll [2005/04/04 11:35:24 | 000,745,472 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll [2005/03/03 20:24:16 | 000,005,632 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll [2005/02/24 16:51:52 | 000,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest [2003/01/30 06:04:00 | 000,618,496 | ---- | C] () -- C:\WINDOWS\System32\stlpmt45.dll [2002/10/15 22:54:04 | 000,153,088 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll [2002/03/13 16:46:46 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\zlib.dll [2001/12/26 16:12:30 | 000,065,536 | R--- | C] () -- C:\WINDOWS\System32\multiplex_vcd.dll [2001/09/03 23:46:38 | 000,110,592 | R--- | C] () -- C:\WINDOWS\System32\Hmpg12.dll [2001/07/30 16:33:56 | 000,118,784 | R--- | C] () -- C:\WINDOWS\System32\HMPV2_ENC.dll [2001/07/23 22:04:36 | 000,118,784 | R--- | C] () -- C:\WINDOWS\System32\HMPV2_ENC_MMX.dll [2001/07/06 15:30:00 | 000,003,279 | ---- | C] () -- C:\WINDOWS\System32\HPTCPMON.INI [1997/09/30 18:30:00 | 000,014,336 | ---- | C] () -- C:\WINDOWS\System32\Delphimm.dll [1980/01/01 00:00:00 | 000,002,772 | ---- | C] () -- C:\WINDOWS\ANTIV.INI [1980/01/01 00:00:00 | 000,000,082 | ---- | C] () -- C:\WINDOWS\ALaunch.ini [color=#E56717]========== LOP Check ==========[/color] [2006/05/27 19:00:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Bluebeam Software [2006/05/27 19:22:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Autodesk [2006/05/28 12:19:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\BVRP Software [2007/06/20 19:44:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Downloaded Installations [2007/06/20 19:44:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Suite [2009/08/15 12:35:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906} [2009/10/30 22:24:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Lite [2010/01/18 21:22:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\2DBoy [2006/05/27 19:22:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Fred\Application Data\Autodesk [2006/05/28 11:57:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Fred\Application Data\Image Zone Express [2006/09/29 13:13:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Fred\Application Data\BitTorrent [2006/11/05 17:31:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Fred\Application Data\EoRezo [2007/06/03 22:00:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Fred\Application Data\uTorrent [2007/06/20 19:44:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Fred\Application Data\PC Suite [2007/06/20 19:49:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Fred\Application Data\Nokia [2007/06/20 19:49:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Fred\Application Data\Datalayer [2007/06/20 21:16:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Fred\Application Data\Nokia Multimedia Player [2008/06/21 12:10:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Fred\Application Data\Printer Info Cache [2009/03/17 21:16:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Fred\Application Data\gtk-2.0 [2009/06/10 19:21:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Fred\Application Data\Amazon [2009/10/10 12:43:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Fred\Application Data\Blender Foundation [2009/10/30 22:25:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Fred\Application Data\DAEMON Tools Lite [2009/11/16 15:10:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Fred\Application Data\OpenOffice.org [2010/06/06 09:47:52 | 000,000,430 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{A91DE4A0-A2FF-4DAA-933F-04AD026E704C}.job [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Custom Scans ==========[/color] [color=#A23BEC]< %systemroot%\system32\drivers\*.sys /lockedfiles >[/color] [2009/10/30 22:25:50 | 000,691,696 | ---- | M] ()[b] Unable to obtain MD5[/b] -- C:\WINDOWS\system32\drivers\sptd.sys [color=#A23BEC]< %ALLUSERSPROFILE%\Application Data\*. >[/color] [2005/08/24 03:27:34 | 000,000,000 | --SD | M] -- C:\Documents and Settings\All Users\Application Data\Microsoft [2005/08/24 03:49:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Adobe [2005/08/25 08:30:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\CyberLink [2006/05/27 17:21:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Intel [2006/05/27 18:06:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Symantec [2006/05/27 19:00:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Bluebeam Software [2006/05/27 19:22:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Autodesk [2006/05/27 19:26:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Macrovision [2006/05/27 20:45:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\HP [2006/05/27 22:00:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage [2006/05/28 12:19:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\BVRP Software [2006/10/19 19:10:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Apple Computer [2006/11/29 18:40:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Windows Live Toolbar [2007/06/20 19:44:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Downloaded Installations [2007/06/20 19:44:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Suite [2007/09/07 19:48:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Google Updater [2007/09/07 19:48:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Google [2008/09/20 10:50:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NOS [2008/12/21 21:35:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\HP Product Assistant [2009/08/15 11:21:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Apple [2009/08/15 12:35:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906} [2009/10/04 10:51:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Real [2009/10/30 22:24:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Lite [2010/01/18 21:22:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\2DBoy [2010/02/17 19:15:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sun [2010/06/06 11:14:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes [color=#A23BEC]< %ALLUSERSPROFILE%\Application Data\*.exe /s >[/color] [color=#A23BEC]< %APPDATA%\*. >[/color] [2005/08/24 03:39:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Fred\Application Data\Identities [2005/08/24 03:27:34 | 000,000,000 | --SD | M] -- C:\Documents and Settings\Fred\Application Data\Microsoft [2006/05/27 18:03:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Fred\Application Data\Adobe [2006/05/27 18:04:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Fred\Application Data\AdobeUM [2006/05/27 18:06:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Fred\Application Data\Symantec [2006/05/27 19:09:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Fred\Application Data\SolidWorks [2006/05/27 19:22:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Fred\Application Data\Autodesk [2006/05/27 19:32:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Fred\Application Data\CyberLink [2006/05/27 19:41:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Fred\Application Data\ArcSoft [2006/05/27 20:55:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Fred\Application Data\Ahead [2006/05/27 20:16:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Fred\Application Data\Macromedia [2006/05/27 20:29:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Fred\Application Data\HP [2006/05/28 11:57:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Fred\Application Data\Image Zone Express [2006/05/28 12:30:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Fred\Application Data\dvdcss [2006/09/29 13:13:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Fred\Application Data\BitTorrent [2006/10/01 15:24:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Fred\Application Data\Google [2006/10/21 18:17:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Fred\Application Data\Apple Computer [2006/11/05 17:31:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Fred\Application Data\EoRezo [2006/11/13 18:47:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Fred\Application Data\Skype [2006/12/14 11:46:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Fred\Application Data\Real [2007/01/30 18:23:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Fred\Application Data\Help [2007/06/03 22:00:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Fred\Application Data\uTorrent [2007/06/20 19:44:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Fred\Application Data\PC Suite [2007/06/20 19:49:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Fred\Application Data\Nokia [2007/06/20 19:49:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Fred\Application Data\Datalayer [2007/06/20 21:16:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Fred\Application Data\Nokia Multimedia Player [2008/06/21 12:10:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Fred\Application Data\Printer Info Cache [2008/09/05 16:15:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Fred\Application Data\Sun [2008/12/06 10:46:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Fred\Application Data\AccurateRip [2009/03/17 21:16:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Fred\Application Data\gtk-2.0 [2009/06/09 21:00:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Fred\Application Data\Media Player Classic [2009/06/10 19:21:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Fred\Application Data\Amazon [2009/10/10 12:43:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Fred\Application Data\Blender Foundation [2009/10/30 22:25:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Fred\Application Data\DAEMON Tools Lite [2009/11/16 15:10:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Fred\Application Data\OpenOffice.org [2010/05/25 07:28:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Fred\Application Data\vlc [2010/06/06 11:15:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Fred\Application Data\Malwarebytes [color=#A23BEC]< %APPDATA%\*.exe /s >[/color] [color=#A23BEC]< %SYSTEMDRIVE%\*.exe >[/color] [color=#A23BEC]< %SYSTEMDRIVE%\*.exe >[/color] [color=#A23BEC]< MD5 for: AGP440.SYS >[/color] [2004/08/05 05:00:00 | 018,779,217 | ---- | M] () .cab file -- C:\i386\sp2.cab:AGP440.sys [2009/02/22 15:43:12 | 023,892,017 | ---- | M] () .cab file -- C:\i386\sp3.cab:AGP440.sys [2004/08/05 05:00:00 | 018,779,217 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys [2009/02/22 15:43:12 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys [2008/04/13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys [2008/04/13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys [2004/08/03 23:07:42 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\WINDOWS\$NtServicePackUninstall$\agp440.sys [color=#A23BEC]< MD5 for: ATAPI.SYS >[/color] [2004/08/05 05:00:00 | 018,779,217 | ---- | M] () .cab file -- C:\i386\sp2.cab:atapi.sys [2009/02/22 15:43:12 | 023,892,017 | ---- | M] () .cab file -- C:\i386\sp3.cab:atapi.sys [2004/08/05 05:00:00 | 018,779,217 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys [2009/02/22 15:43:12 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys [2008/04/13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys [2008/04/13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys [2004/08/05 05:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys [2004/08/05 05:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0013\DriverFiles\i386\atapi.sys [color=#A23BEC]< MD5 for: CDROM.SYS >[/color] [2004/08/05 05:00:00 | 018,779,217 | ---- | M] () .cab file -- C:\i386\sp2.cab:cdrom.sys [2009/02/22 15:43:12 | 023,892,017 | ---- | M] () .cab file -- C:\i386\sp3.cab:cdrom.sys [2004/08/05 05:00:00 | 018,779,217 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys [2009/02/22 15:43:12 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:cdrom.sys [2008/04/13 20:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\ServicePackFiles\i386\cdrom.sys [2008/04/13 20:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys [2004/08/05 05:00:00 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\$NtServicePackUninstall$\cdrom.sys [color=#A23BEC]< MD5 for: CHANGER.SYS >[/color] [2004/08/05 05:00:00 | 018,779,217 | ---- | M] () .cab file -- C:\i386\sp2.cab:Changer.sys [2009/02/22 15:43:12 | 023,892,017 | ---- | M] () .cab file -- C:\i386\sp3.cab:Changer.sys [2004/08/05 05:00:00 | 018,779,217 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:Changer.sys [2009/02/22 15:43:12 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:Changer.sys [2008/04/13 20:40:58 | 000,008,192 | ---- | M] (Microsoft Corporation) MD5=2A5815CA6FFF24B688C01F828B96819C -- C:\WINDOWS\ServicePackFiles\i386\changer.sys [color=#A23BEC]< MD5 for: DISK.SYS >[/color] [2004/08/05 05:00:00 | 018,779,217 | ---- | M] () .cab file -- C:\i386\sp2.cab:disk.sys [2009/02/22 15:43:12 | 023,892,017 | ---- | M] () .cab file -- C:\i386\sp3.cab:disk.sys [2004/08/05 05:00:00 | 018,779,217 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:disk.sys [2009/02/22 15:43:12 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:disk.sys [2004/08/05 05:00:00 | 000,036,352 | ---- | M] (Microsoft Corporation) MD5=00CA44E4534865F8A3B64F7C0984BFF0 -- C:\WINDOWS\$NtServicePackUninstall$\disk.sys [2008/04/13 20:40:48 | 000,036,352 | ---- | M] (Microsoft Corporation) MD5=044452051F3E02E7963599FC8F4F3E25 -- C:\WINDOWS\ServicePackFiles\i386\disk.sys [2008/04/13 20:40:48 | 000,036,352 | ---- | M] (Microsoft Corporation) MD5=044452051F3E02E7963599FC8F4F3E25 -- C:\WINDOWS\system32\drivers\disk.sys [color=#A23BEC]< MD5 for: EVENTLOG.DLL >[/color] [2004/08/05 05:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=21E83876A6287F15538EF187D286FE11 -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll [2008/04/14 04:33:24 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=4EC800BDF80521B0207BD2301DFC7D14 -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll [2008/04/14 04:33:24 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=4EC800BDF80521B0207BD2301DFC7D14 -- C:\WINDOWS\system32\eventlog.dll [color=#A23BEC]< MD5 for: NDIS.SYS >[/color] [2008/04/13 21:20:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\ServicePackFiles\i386\ndis.sys [2008/04/13 21:20:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys [2004/08/05 05:00:00 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\$NtServicePackUninstall$\ndis.sys [color=#A23BEC]< MD5 for: NETLOGON.DLL >[/color] [2008/04/14 04:33:34 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=04821179C3171554C1BD1F9888A113E2 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll [2008/04/14 04:33:34 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=04821179C3171554C1BD1F9888A113E2 -- C:\WINDOWS\system32\netlogon.dll [2004/08/05 05:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=FAF07FDCDE76000621A28D19F8E2E8EB -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll [color=#A23BEC]< MD5 for: RASACD.SYS >[/color] [2004/08/05 05:00:00 | 000,008,832 | ---- | M] (Microsoft Corporation) MD5=FE0D99D6F31E4FAD8159F690D68DED9C -- C:\WINDOWS\system32\dllcache\rasacd.sys [2004/08/05 05:00:00 | 000,008,832 | ---- | M] (Microsoft Corporation) MD5=FE0D99D6F31E4FAD8159F690D68DED9C -- C:\WINDOWS\system32\drivers\rasacd.sys [color=#A23BEC]< MD5 for: RDPWD.SYS >[/color] [2005/06/10 06:06:02 | 000,139,528 | ---- | M] (Microsoft Corporation) MD5=047BEA21274C8A4A233674A76C958C2C -- C:\WINDOWS\$hf_mig$\KB899591\SP2QFE\rdpwd.sys [2008/04/14 04:34:54 | 000,139,656 | ---- | M] (Microsoft Corporation) MD5=6728E45B66F93C08F11DE2E316FC70DD -- C:\WINDOWS\ServicePackFiles\i386\rdpwd.sys [2008/04/14 04:34:54 | 000,139,656 | ---- | M] (Microsoft Corporation) MD5=6728E45B66F93C08F11DE2E316FC70DD -- C:\WINDOWS\system32\drivers\rdpwd.sys [2005/06/10 06:11:22 | 000,139,528 | ---- | M] (Microsoft Corporation) MD5=B54CD38A9EBFBF2B3561426E3FE26F62 -- C:\WINDOWS\$NtServicePackUninstall$\rdpwd.sys [2004/08/05 05:00:00 | 000,139,400 | ---- | M] (Microsoft Corporation) MD5=D4F5643D7714EF499AE9527FDCD50894 -- C:\WINDOWS\$NtUninstallKB899591$\rdpwd.sys [color=#A23BEC]< MD5 for: SCECLI.DLL >[/color] [2008/04/14 04:33:40 | 000,187,392 | ---- | M] (Microsoft Corporation) MD5=973B36634C544948C663E8269AA1B3A3 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll [2008/04/14 04:33:40 | 000,187,392 | ---- | M] (Microsoft Corporation) MD5=973B36634C544948C663E8269AA1B3A3 -- C:\WINDOWS\system32\scecli.dll [2004/08/05 05:00:00 | 000,186,368 | ---- | M] (Microsoft Corporation) MD5=DEC0397F35D027874804EC72979D03CC -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll [color=#A23BEC]< MD5 for: SFLOPPY.SYS >[/color] [2004/08/05 05:00:00 | 018,779,217 | ---- | M] () .cab file -- C:\i386\sp2.cab:Sfloppy.sys [2009/02/22 15:43:12 | 023,892,017 | ---- | M] () .cab file -- C:\i386\sp3.cab:Sfloppy.sys [2004/08/05 05:00:00 | 018,779,217 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:Sfloppy.sys [2009/02/22 15:43:12 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:Sfloppy.sys [2004/08/05 05:00:00 | 000,011,392 | ---- | M] (Microsoft Corporation) MD5=0D13B6DF6E9E101013A7AFB0CE629FE0 -- C:\WINDOWS\$NtServicePackUninstall$\sfloppy.sys [2008/04/13 20:40:48 | 000,011,392 | ---- | M] (Microsoft Corporation) MD5=8E6B8C671615D126FDC553D1E2DE5562 -- C:\WINDOWS\ServicePackFiles\i386\sfloppy.sys [2008/04/13 20:40:48 | 000,011,392 | ---- | M] (Microsoft Corporation) MD5=8E6B8C671615D126FDC553D1E2DE5562 -- C:\WINDOWS\system32\drivers\sfloppy.sys [color=#A23BEC]< MD5 for: SPLITTER.SYS >[/color] [2004/08/05 05:00:00 | 018,779,217 | ---- | M] () .cab file -- C:\i386\sp2.cab:splitter.sys [2009/02/22 15:43:12 | 023,892,017 | ---- | M] () .cab file -- C:\i386\sp3.cab:splitter.sys [2004/08/05 05:00:00 | 018,779,217 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:splitter.sys [2009/02/22 15:43:12 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:splitter.sys [2006/06/14 09:47:46 | 000,006,400 | ---- | M] (Microsoft Corporation) MD5=0CE218578FFF5F4F7E4201539C45C78F -- C:\WINDOWS\$NtServicePackUninstall$\splitter.sys [2004/08/03 23:07:48 | 000,006,400 | ---- | M] (Microsoft Corporation) MD5=8E186B8F23295D1E42C573B82B80D548 -- C:\WINDOWS\$NtUninstallKB920872$\splitter.sys [2006/06/14 09:50:20 | 000,006,272 | ---- | M] (Microsoft Corporation) MD5=9BB1DD670CB7505A90FC4E61D4AA8227 -- C:\WINDOWS\$hf_mig$\KB920872\SP2QFE\splitter.sys [2008/04/13 20:45:08 | 000,006,272 | ---- | M] (Microsoft Corporation) MD5=AB8B92451ECB048A4D1DE7C3FFCB4A9F -- C:\WINDOWS\ServicePackFiles\i386\splitter.sys [2008/04/13 20:45:08 | 000,006,272 | ---- | M] (Microsoft Corporation) MD5=AB8B92451ECB048A4D1DE7C3FFCB4A9F -- C:\WINDOWS\system32\drivers\splitter.sys [color=#A23BEC]< MD5 for: SWMIDI.SYS >[/color] [2009/02/22 15:43:12 | 023,892,017 | ---- | M] () .cab file -- C:\i386\sp3.cab:swmidi.sys [2009/02/22 15:43:12 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:swmidi.sys [2008/04/13 20:45:10 | 000,056,576 | ---- | M] (Microsoft Corporation) MD5=8CE882BCC6CF8A62F2B2323D95CB3D01 -- C:\WINDOWS\ServicePackFiles\i386\swmidi.sys [2008/04/13 20:45:10 | 000,056,576 | ---- | M] (Microsoft Corporation) MD5=8CE882BCC6CF8A62F2B2323D95CB3D01 -- C:\WINDOWS\system32\drivers\swmidi.sys [2001/08/17 22:00:52 | 000,054,272 | ---- | M] (Microsoft Corporation) MD5=94ABC808FC4B6D7D2BBF42B85E25BB4D -- C:\WINDOWS\$NtServicePackUninstall$\swmidi.sys [color=#A23BEC]< MD5 for: TCPIP.SYS >[/color] [2008/08/12 21:01:50 | 000,360,320 | ---- | M] (Microsoft Corporation) MD5=073941D59AE065910064B728DEE981EE -- C:\WINDOWS\$NtServicePackUninstall$\tcpip.sys [2006/04/20 13:51:50 | 000,359,808 | ---- | M] (Microsoft Corporation) MD5=1DBF125862891817F374F407626967F4 -- C:\WINDOWS\$NtUninstallKB941644$\tcpip.sys [2006/01/13 19:07:08 | 000,360,448 | ---- | M] (Microsoft Corporation) MD5=5562CC0A47B2AEF06D3417B733F3C195 -- C:\WINDOWS\$hf_mig$\KB913446\SP2QFE\tcpip.sys [2006/01/13 04:28:14 | 000,359,808 | ---- | M] (Microsoft Corporation) MD5=583E063FDC888CA30D05C2724B0D7EF4 -- C:\WINDOWS\$NtUninstallKB917953$\tcpip.sys [2007/10/30 17:53:32 | 000,360,832 | ---- | M] (Microsoft Corporation) MD5=64798ECFA43D78C7178375FCDD16D8C8 -- C:\WINDOWS\$hf_mig$\KB941644\SP2QFE\tcpip.sys [2008/06/20 12:44:42 | 000,360,960 | ---- | M] (Microsoft Corporation) MD5=744E57C99232201AE98C49168B918F48 -- C:\WINDOWS\$hf_mig$\KB951748\SP2QFE\tcpip.sys [2007/10/30 18:20:56 | 000,360,064 | ---- | M] (Microsoft Corporation) MD5=90CAFF4B094573449A0872A0F919B178 -- C:\WINDOWS\$NtUninstallKB951748_0$\tcpip.sys [2008/04/13 21:20:16 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\$NtUninstallKB951748$\tcpip.sys [2008/04/13 21:20:16 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\ServicePackFiles\i386\tcpip.sys [2008/06/20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\$hf_mig$\KB951748\SP3GDR\tcpip.sys [2008/06/20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\dllcache\tcpip.sys [2008/06/20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\drivers\tcpip.sys [2004/08/05 05:00:00 | 000,359,040 | ---- | M] (Microsoft Corporation) MD5=9F4B36614A0FC234525BA224957DE55C -- C:\WINDOWS\$NtUninstallKB913446$\tcpip.sys [2008/06/20 13:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip.sys [2006/04/20 14:18:36 | 000,360,576 | ---- | M] (Microsoft Corporation) MD5=B2220C618B42A2212A59D91EBD6FC4B4 -- C:\WINDOWS\$hf_mig$\KB917953\SP2QFE\tcpip.sys [color=#A23BEC]< MD5 for: TDPIPE.SYS >[/color] [2004/08/05 05:00:00 | 000,012,040 | ---- | M] (Microsoft Corporation) MD5=38D437CF2D98965F239B0ABCD66DCB0F -- C:\WINDOWS\$NtServicePackUninstall$\tdpipe.sys [2008/04/14 04:34:52 | 000,012,040 | ---- | M] (Microsoft Corporation) MD5=6471A66807F5E104E4885F5B67349397 -- C:\WINDOWS\ServicePackFiles\i386\tdpipe.sys [2008/04/14 04:34:52 | 000,012,040 | ---- | M] (Microsoft Corporation) MD5=6471A66807F5E104E4885F5B67349397 -- C:\WINDOWS\system32\drivers\tdpipe.sys [color=#A23BEC]< MD5 for: TDTCP.SYS >[/color] [2008/04/14 04:34:54 | 000,021,896 | ---- | M] (Microsoft Corporation) MD5=C56B6D0402371CF3700EB322EF3AAF61 -- C:\WINDOWS\ServicePackFiles\i386\tdtcp.sys [2008/04/14 04:34:54 | 000,021,896 | ---- | M] (Microsoft Corporation) MD5=C56B6D0402371CF3700EB322EF3AAF61 -- C:\WINDOWS\system32\drivers\tdtcp.sys [2004/08/05 05:00:00 | 000,021,896 | ---- | M] (Microsoft Corporation) MD5=ED0580AF02502D00AD8C4C066B156BE9 -- C:\WINDOWS\$NtServicePackUninstall$\tdtcp.sys [color=#A23BEC]< MD5 for: USBPRINT.SYS >[/color] [2004/08/05 05:00:00 | 018,779,217 | ---- | M] () .cab file -- C:\i386\sp2.cab:usbprint.sys [2009/02/22 15:43:12 | 023,892,017 | ---- | M] () .cab file -- C:\i386\sp3.cab:usbprint.sys [2004/08/05 05:00:00 | 018,779,217 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:usbprint.sys [2009/02/22 15:43:12 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:usbprint.sys [2004/08/03 23:01:26 | 000,025,856 | ---- | M] (Microsoft Corporation) MD5=A42369B7CD8886CD7C70F33DA6FCBCF5 -- C:\WINDOWS\$NtServicePackUninstall$\usbprint.sys [2008/04/13 20:47:38 | 000,025,856 | ---- | M] (Microsoft Corporation) MD5=A717C8721046828520C9EDF31288FC00 -- C:\WINDOWS\ServicePackFiles\i386\usbprint.sys [2008/04/13 20:47:38 | 000,025,856 | ---- | M] (Microsoft Corporation) MD5=A717C8721046828520C9EDF31288FC00 -- C:\WINDOWS\system32\drivers\usbprint.sys [color=#A23BEC]< MD5 for: USBSCAN.SYS >[/color] [2004/08/05 05:00:00 | 018,779,217 | ---- | M] () .cab file -- C:\i386\sp2.cab:usbscan.sys [2009/02/22 15:43:12 | 023,892,017 | ---- | M] () .cab file -- C:\i386\sp3.cab:usbscan.sys [2004/08/05 05:00:00 | 018,779,217 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:usbscan.sys [2009/02/22 15:43:12 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:usbscan.sys [2008/04/13 20:45:34 | 000,015,104 | ---- | M] (Microsoft Corporation) MD5=A0B8CF9DEB1184FBDD20784A58FA75D4 -- C:\WINDOWS\ServicePackFiles\i386\usbscan.sys [2008/04/13 20:45:34 | 000,015,104 | ---- | M] (Microsoft Corporation) MD5=A0B8CF9DEB1184FBDD20784A58FA75D4 -- C:\WINDOWS\system32\drivers\usbscan.sys [2004/08/03 22:58:46 | 000,015,104 | ---- | M] (Microsoft Corporation) MD5=A6BC71402F4F7DD5B77FD7F4A8DDBA85 -- C:\WINDOWS\$NtServicePackUninstall$\usbscan.sys [color=#A23BEC]< %systemroot%\*. /mp /s >[/color] [color=#A23BEC]< %systemroot%\system32\*.dll /lockedfiles >[/color] [4 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ] [color=#A23BEC]< %systemroot%\Tasks\*.job /lockedfiles >[/color] < End of report >

EDIT Skynet : balises [code] ajoutées.

acfred · le 06 Juin 2010 19:31

Et voici le rapport Extras :

Code: Tout sélectionner: OTL Extras logfile created on: 06/06/2010 20:16:57 - Run 1 OTL by OldTimer - Version 3.2.5.3 Folder = C:\Documents and Settings\Fred\Mes documents\Downloads Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy 1 014,00 Mb Total Physical Memory | 411,00 Mb Available Physical Memory | 41,00% Memory free 2,00 Gb Paging File | 2,00 Gb Available in Paging File | 79,00% Paging File free Paging file location(s): C:\pagefile.sys 1524 3048 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 35,60 Gb Total Space | 3,36 Gb Free Space | 9,44% Space Free | Partition Type: FAT32 Drive D: | 35,98 Gb Total Space | 2,52 Gb Free Space | 7,01% Space Free | Partition Type: FAT32 E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: FREDERIC1 Current User Name: Fred Logged in as Administrator. Current Boot Mode: Normal Scan Mode: All users Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days Output = Minimal [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] [HKEY_USERS\S-1-5-21-1377555683-3664876793-2747138006-1005\SOFTWARE\Classes\<extension>] .html [@ = ChromeHTML] -- C:\Documents and Settings\Fred\Local Settings\Application Data\Google\Chrome\Application\chrome.exe (Google Inc.) [color=#E56717]========== Shell Spawning ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* htmlfile [edit] -- Reg Error: Key error. piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation) scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" () Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" () Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "FirstRunDisabled" = 1 "UpdatesDisableNotify" = 0 "AntiVirusOverride" = 0 "FirewallOverride" = 0 "AntiVirusDisableNotify" = 0 "FirewallDisableNotify" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 "DoNotAllowExceptions" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] "1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007 "2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008 "139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004 "445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005 "137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001 "138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002 "3389:TCP" = 3389:TCP:*:Enabled:@xpsp2res.dll,-22009 "4662:TCP" = 4662:TCP:*:Enabled:TPC [color=#E56717]========== Authorized Applications List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] "C:\Program Files\MSN Messenger\msncall.exe" = C:\Program Files\MSN Messenger\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone) -- File not found "C:\Program Files\MSN Messenger\livecall.exe" = C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone) -- File not found "C:\Program Files\Windows Live\Messenger\wlcsdk.exe" = C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "C:\Program Files\Acer\Acer Arcade\PCMService.exe" = C:\Program Files\Acer\Acer Arcade\PCMService.exe:*:Enabled:CyberLink PowerCinema Resident Program -- (CyberLink Corp.) "C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe:*:Enabled:hpofxm08.exe -- (Hewlett-Packard Co.) "C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe" = C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe:*:Enabled:hposfx08.exe -- (Hewlett-Packard Co.) "C:\Program Files\HP\Digital Imaging\bin\hposid01.exe" = C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe -- (Hewlett-Packard Co.) "C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe:*:Enabled:hpqcopy.exe -- (Hewlett-Packard Co.) "C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe" = C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe:*:Enabled:hpfccopy.exe -- (Hewlett-Packard) "C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe" = C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe:*:Enabled:hpzwiz01.exe -- (Hewlett-Packard Co.) "C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe" = C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe:*:Enabled:hpqphunl.exe -- () "C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe" = C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe -- (Hewlett-Packard Co.) "C:\Program Files\SuperCopier\SuperCopier.exe" = C:\Program Files\SuperCopier\SuperCopier.exe:*:Enabled:SuperCopier -- (SFX TEAM) "C:\Program Files\MSN Messenger\msncall.exe" = C:\Program Files\MSN Messenger\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone) -- File not found "C:\Program Files\BitTorrent\bittorrent.exe" = C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent -- File not found "C:\Program Files\uTorrent\utorrent.exe" = C:\Program Files\uTorrent\utorrent.exe:*:Enabled:µTorrent -- File not found "C:\Documents and Settings\Fred\Mes documents\Memo.exe" = C:\Documents and Settings\Fred\Mes documents\Memo.exe:*:Enabled:Desktop tool -- File not found "C:\Program Files\Real\RealPlayer\realplay.exe" = C:\Program Files\Real\RealPlayer\realplay.exe:*:Enabled:RealPlayer -- (RealNetworks, Inc.) "C:\Program Files\Veoh Networks\Veoh\VeohClient.exe" = C:\Program Files\Veoh Networks\Veoh\VeohClient.exe:*:Enabled:Veoh Client -- (Veoh Networks) "H:\eMule\emule.exe" = H:\eMule\emule.exe:*:Enabled:eMule -- File not found "C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe" = C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe:*:Enabled:Veoh Web Player -- (Veoh Networks) "C:\Program Files\MSN Messenger\livecall.exe" = C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone) -- File not found "C:\Program Files\Windows Live\Messenger\wlcsdk.exe" = C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation) [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator "{0405E51E-9582-4207-8F38-AC44201D3808}" = VeohTV BETA "{0611BD4E-4FE4-4a62-B0C0-18A4CC463428}" = CP_Package_Variety1 "{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour "{09984AEC-6B9F-4ca7-B78D-CB44D4771DA3}" = Destinations "{0B33B738-AD79-4E32-90C5-E67BFB10BBFF}" = AiO_Scan "{0D80391C-0A72-43BB-9BC2-143F63CC111D}" = Nokia PC Connectivity Solution "{10798AE3-DCBB-43C3-9C93-C23512427E25}" = Les Sims Deluxe "{1577A05B-EE62-4BBC-9DB7-FE748FA44EC2}" = NTI CD & DVD-Maker "{175B7C4A-CAF8-437A-B597-73E0D2D970FE}" = Détecteur de flux Windows Live Toolbar (Windows Live Toolbar) "{1C139D7D-9FEA-468d-A9C8-2A6E3BDE564A}" = CP_Package_Variety3 "{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Outil de téléchargement Windows Live "{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT "{23FB368F-1399-4EAC-817C-4B83ECBE3D83}" = mProSafe "{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = Acer Arcade "{26A24AE4-039D-4CA4-87B4-2F83216015FF}" = Java(TM) 6 Update 18 "{26A24AE4-039D-4CA4-87B4-2F83216016F0}" = Java(TM) 6 Update 16 "{2CADCEAB-D5DA-44D6-B5FC-7DEE87AB3C0C}" = Unload "{2CC982C0-7EAE-11D4-ACC3-0050568AD318}" = Avery DesignPro "{2EBA5473-558B-462C-AEE4-FE50FA799F2A}" = NGS Mouse Driver "{30C19FF2-7FBA-4d09-B9DE-1659977F64F6}" = TrayApp "{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java(TM) 6 Update 7 "{350C940c-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP "{3585ED1C-74C5-43B0-A232-831B96A12A2B}" = Menus intelligents (Windows Live Toolbar) "{36FDBE6E-6684-462B-AE98-9A39A1B200CC}" = HP Product Assistant "{385979FE-DC4F-4140-8EAD-A59625000D72}" = NTI Backup NOW! 4 "{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform "{3d9ac095-e115-4e94-bdef-7f7edf17697d}" = Python 2.6.3 "{4002F73D-EBB3-4EA1-A2FF-DBCB4529759E}" = Barre d'outils Outlook de Windows Live (Windows Live Toolbar) "{46ABBC54-1872-4AA3-95E2-F2C063A63F31}" = Installation Windows Live "{4781569D-5404-1F26-4B2B-6DF444441031}" = Nero 7 Premium "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4CBA3D4C-8F51-4D60-B27E-F6B641C571E7}" = Microsoft Search Enhancement Pack "{4EE2EF4B-25D3-4D44-8384-A2B96F811F55}" = OpenOffice.org 3.2 "{51F366F4-C2E4-429A-866A-59C885ED42FD}" = Bloqueur de fenêtres pop-up (Windows Live Toolbar) "{531317A5-586A-4E36-87C1-CA823447B375}" = Nokia PC Suite "{5421155F-B033-49DB-9B33-8F80F233D4D5}" = GdiplusUpgrade "{54E3707F-808E-4fd4-95C9-15D1AB077E5D}" = NewCopy "{56F8AFC3-FA98-4ff1-9673-8A026CBF85BE}" = WebReg "{5783F2D7-0201-040C-0002-0060B0CE6BBA}" = AutoCAD 2004 "{58E5844B-7CE2-413D-83D1-99294BF6C74F}" = Acer ePowerManagement "{5B622B7A-60FB-4630-B11D-F121D20BCCD6}" = MarketResearch "{5B79CFD1-6845-4158-9D7D-6BE89DF2C135}" = HP PSC & OfficeJet 5.3.B "{5DD76286-9BE7-4894-A990-E905E91AC818}" = Windows Live Mail "{65248369-7CB9-43A9-82C8-C438AE04DED4}" = 1500 "{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder "{6882DD11-33B8-4DEA-8305-7E765BF74BD3}" = Nokia Connectivity Cable Driver "{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update "{6BB6627C-694F-4FDC-A3E5-C7F4BED4C724}" = DocProc "{6D316D67-DA52-4659-9C98-F479963534D6}" = Audiosurf "{6DE14BE4-6F04-4935-8ABD-A0A19FE2E55A}" = mCore "{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder "{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{733AF353-1952-11D5-87A4-00E0294855E2}" = Reverso Pro 5 EFFE "{76E41F43-59D2-4F30-BA42-9A762EE1E8DE}" = LiveUpdate BVRP Software "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 "{770F1BEC-2871-4E70-B837-FB8525FFA3B1}" = Windows Live Messenger "{7850A6D2-CBEA-4728-9877-F1BEDEA9F619}" = AiOSoftware "{7C9B95B7-B598-4398-B30F-7F6827192E6C}" = ProductContext "{7CCFADC3-60C4-4DD2-A843-171FAFB9467A}" = Digital Video Duplicator "{81E06318-EEB9-4D55-8CD5-7AC9148D5E66}" = 1500_Help "{827289F5-B44F-4E49-9993-840741585A62}" = Acer eManager for Notebook "{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}" = Windows Live Call "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8A708DD8-A5E6-11D4-A706-000629E95E20}" = Intel(R) Graphics Media Accelerator Driver for Mobile "{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86) "{8B928BA1-EDEC-4227-A2DA-DD83026C36F5}" = mPfMgr "{923A7F5A-1E8C-4FBE-8DF6-85940A60A79F}" = Readme "{94FB906A-CF42-4128-A509-D353026A607E}" = REALTEK Gigabit and Fast Ethernet NIC Driver "{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting "{A059DE09-1B49-4450-B340-7AE097EC3F04}" = Microsoft Works "{A195B13E-A5E3-4BAF-A995-7F70F445CD06}" = ScannerCopy "{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI "{A250D351-A07F-4D5D-AB6C-693C69B9BFAF}" = Hercules Webcam "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder "{AC76BA86-7AD7-1033-7B44-A70000000000}" = Adobe Reader 7.0 "{AC76BA86-7AD7-5676-5A64-7E8A45000001}" = Adobe Reader Korean Fonts "{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player "{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = PowerProducer "{B824B5C9-849F-4b9e-9EA7-6FD8CD8116DA}" = CP_Package_Variety2 "{B996AE66-10DB-4ac5-B151-E8B4BFBC42FC}" = BufferChm "{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86) "{C06554A1-2C1E-4D20-B613-EE62C79927CC}" = Acer eNetManagement "{C506A18C-1469-4678-B094-F4EC9DAE6DB7}" = Scan "{C78EAC6F-7A73-452E-8134-DBB2165C5A68}" = QuickTime "{CBA30674-A242-4531-82B5-586B31F90E04}" = 1500Trb "{CE24344F-DFD8-40C8-8FD8-C9740B5F25AC}" = Fax "{D050D7362D214723AD585B541FFB6C11}" = DivX Content Uploader "{D208F4A7-6B73-4C2A-8B1E-8756FCBA831E}" = Hercules WebCam Station "{D518AD32-C710-4616-BA0D-D4B1FA5F82E8}" = Extension de Windows Live Toolbar (Windows Live Toolbar) "{DCE65B11-710D-4C54-9DE5-1A6A0BD2186B}" = Windows Live Favorites pour Windows Live Toolbar "{DCE8CD14-FBF5-4464-B9A4-E18E473546C7}" = Assistant de connexion Windows Live "{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update "{E3F90083-80D4-4b5a-87C7-E97E12F5516D}" = HPProductAssistant "{EA103B64-C0E4-4C0E-A506-751590E1653D}" = SolutionCenter "{EB21A812-671B-4D08-B974-2A347F0D8F70}" = HP Photosmart Essential "{F0BFC7EF-9CF8-44EE-91B0-158884CD87C5}" = mMHouse "{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{F242B06B-517F-4D62-B654-16B11564A912}" = OneCare Advisor (Windows Live Toolbar) "{F4C2E5F5-2970-45f4-ABD3-C180C4D961C4}" = Status "{F4F4F84E-804F-4E9A-84D7-C34283F0088F}" = RealUpgrade 1.0 "{F7B0939E-58DF-11DF-B3A6-005056806466}" = Google Earth "{F7D27C70-90F5-49B9-B188-0A133C0CE353}" = Windows Live Toolbar "{FCA651F3-5BDA-4DDA-9E4A-5D87D6914CC4}" = mWlsSafe "{FE57DE70-95DE-4B64-9266-84DA811053DB}" = HP Update "3271E907F27C989F2C244ACB3D32020E3DD3CA6F" = Windows Driver Package - Nokia Modem (06/12/2006 6.81.0.21) "AC3Filter" = AC3Filter (remove only) "Adobe Flash Player ActiveX" = Adobe Flash Player ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "Amazon MP3 Downloader" = Amazon MP3 Downloader 1.0.5 "AnyDVD" = AnyDVD "Autodesk Express Viewer" = Autodesk Express Viewer "avast!" = avast! Antivirus "Blender" = Blender (remove only) "Catalencodec Pack" = Catalencodec Pack "CCleaner" = CCleaner (remove only) "CdaC13Ba" = SafeCast Shared Components "CloneDVD2" = CloneDVD2 "CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_1025008F" = HDAUDIO Soft Voice Modem with SmartCP "Compel install Adaptec WinASPI-4.6.0(1021)_is1" = Compel Adaptec WinASPI "dBpoweramp Midi Decoder" = dBpoweramp Midi Decoder "dBpoweramp Musepack Codec" = dBpoweramp Musepack Codec "dBpoweramp Music Converter" = dBpoweramp Music Converter "dBpowerAMP Ogg Vorbis Codec" = dBpowerAMP Ogg Vorbis Codec "dBpowerAMP WMA V8 Codec" = dBpowerAMP WMA V8 Codec "DivXG400" = DivXG400 "dMC File Selector" = dMC File Selector "ecobutton_is1" = ecobutton "eMule" = eMule "ES-Vidéo V1.40" = ES-Vidéo V1.40 "FLVplayer" = FLV Player "FurySync_is1" = FurySync 3.0 "Google Updater" = Outil de mise à jour Google "GridVista" = Acer GridVista "HP Imaging Device Functions" = HP Imaging Device Functions 5.3 "HP Solution Center & Imaging Support Tools" = HP Solution Center & Imaging Support Tools 5.3 "HPExtendedCapabilities" = HP Extended Capabilities 5.3 "IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs "ie7" = Windows Internet Explorer 7 "ie8" = Windows Internet Explorer 8 "InstallShield_{0405E51E-9582-4207-8F38-AC44201D3808}" = VeohTV BETA "InstallShield_{1577A05B-EE62-4BBC-9DB7-FE748FA44EC2}" = NTI CD & DVD-Maker "InstallShield_{385979FE-DC4F-4140-8EAD-A59625000D72}" = NTI Backup NOW! 4 "InstallShield_{827289F5-B44F-4E49-9993-840741585A62}" = Acer eManager for Notebook "Les départements français" = Les départements français "Les états allemands" = Les états allemands "Les états d'Amérique du Nord" = Les états d'Amérique du Nord "Les pays d'Afrique" = Les pays d'Afrique "Les pays d'Amérique du Sud" = Les pays d'Amérique du Sud "Les pays d'Asie" = Les pays d'Asie "Les pays d'Europe" = Les pays d'Europe "Les pays d'Océanie" = Les pays d'Océanie "LManager" = Launch Manager "Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware "MaxTV Online2007" = MaxTV Online "mmswitch" = Morgan Stream Switcher "mrhnlrh" = Favorit "MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP "NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs "PikaFlyCASE" = PikaOne FlyCASE "ProInst" = Intel(R) PROSet/Wireless Software "RealPlayer 12.0" = RealPlayer "StmAdsl" = BeWAN ADSL modem "SuperCopier" = SuperCopier "SynTPDeinstKey" = Synaptics Pointing Device Driver "Tomb Raider II" = Tomb Raider II "Veoh Web Player Beta" = Veoh Web Player Beta "VLC media player" = VLC media player 1.0.5 "VobSub" = VobSub v2.23 (Remove Only) "WebMediaPlayer" = WebMediaPlayer "Windows Media Format Runtime" = Windows Media Format 11 runtime "Windows Media Player" = Lecteur Windows Media 11 "Windows XP Service" = Windows XP Service Pack 3 "WinGimp-2.0_is1" = GIMP 2.6.5 "WinLiveSuite_Wave3" = Installation Windows Live "WinRAR archiver" = Archiveur WinRAR "WMFDist11" = Windows Media Format 11 runtime "wmp11" = Windows Media Player 11 "Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0 "XviD_is1" = XviD MPEG-4 Video Codec [color=#E56717]========== HKEY_USERS Uninstall List ==========[/color] [HKEY_USERS\S-1-5-21-1377555683-3664876793-2747138006-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "Google Chrome" = Google Chrome [color=#E56717]========== Last 10 Event Log Errors ==========[/color] Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt! < End of report >

EDIT Skynet : balises [code] ajoutées. Merci de faire attention ! C'est pourtant signalé dans l'en-tête...

jeanmimigab · le 06 Juin 2010 20:20

hello,

Pense à utiliser les balise codes pour poster tes rapports stp..
pour cela...
cliques sur la balise "CODE" (dans la barre d'outil d'édition) et colle le contenu des rapports entre lla balise d'entrée et de sortie

cela sera plus lisible :wink:

ensuite...

Télécharge >>> AD-Remover <<< ( de C_XX ) sur ton bureau.

- Double-clique sur le raccourcie

pour lancer le tool.

- Pour Vista /Seven faire un cliques droit sur l'icône et choisir "Exécuter en tant qu'administrateur"

- Cliques sur "Nettoyer".

- Ensuite laisse le scan s'effectuer tranquillement sans te servir du PC

- Poste le rapport.txt qui s'ouvre.

au cas ou,le rapport est sauvegarder ici
C:\AD-Report-scan+"date"

puis...

Tu as une infection qui se propage par support amovible (Clef USB, DD externe, carte photo SD,etc...)
Branche tes clefs USB, DD externe (en position "marche) etc...

Télécharge USBFix ( par Chiquitine29, C_XX & Chimay8 ) sur ton bureau,

Fais un double-clic sur l'icône d'USBFix afin de le lancer.
Fais le choix"recherche" .
Laisse travailler USBFix et poste le rapport qui sera générer en fin de scan en utilisant les balises [code ] [/code].
Ne choisis pas d'autres options sans mon accord

Pop up récalcitrant analyse du test

Pop up récalcitrant analyse du test

Re: Pop up récalcitrant analyse du test

Re: Pop up récalcitrant analyse du test

Re: Pop up récalcitrant analyse du test

Re: Pop up récalcitrant analyse du test

Sujets similaires

Qui est en ligne