Antimalware Doctor

Manuch78 · le 20 Mai 2010 02:21

Bonsoir,

Comme beaucoup de personnes ces temps-ci, mon ordinateur est infecté par ce fameux Antimalware Doctor... Ayant parcouru différents forums depuis maintenant 4h et ayant essayé toutes les solutions possibles, je commence à désesperer...
Quelqu'un pourrait-il m'expliquer la démarche, étape par étape, à effectuer pour ne plus avoir affaire à cette m**** svp?
N'étant vraiment pas du tout un crack en informatique, ça serait sympa de m'expliquer d'une manière simpliste

Merci d'avance!

Manuch78

jeanmimigab · le 20 Mai 2010 07:36

bonjour et bienvenue sur PC-Infopratique :wink:

fais cela stp...

* Télécharge >> OTL <<sur ton bureau.

* Fait un double-clic sur l'icône d'OTL pour le lancer

* Assure toi d'avoir fermé toutes les applications en court de fonctionnement.

* Quand la fenêtre d'OTL apparaît, assure toi que dans la section "Rapport" (en haut à droite) la case "rapport minimal " soit cochée.

* Coches les case situées devant "Tous les utilisateurs", " Recherche LOP" et "Recherche Purity".

* Copier et colle le contenue de cette citation dans la partie inférieure d'OTL "personnalisation"

netsvcs
%SYSTEMDRIVE%\*.exe
/md5start
Sfloppy.sys
Changer.sys
cdrom.sys
disk.sys
ndis.sys
usbscan.sys
usbprint.sys
tdtcp.sys
tdpipe.sys
swmidi.sys
splitter.sys
rdpwd.sys
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
sceclt.dll
ntelogon.dll
logevent.dll
RASACD.SYS
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
nvrd32.sys
/md5stop
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles

* Cliques sur l'icône "Analyse" (en haut à gauche) .
* Laisse le scan aller à son terme sans te servir du PC
* A la fin du scan un ou deux rapports vont s'ouvrir "OTL.Txt" et ( ou ) "Extras.Txt"( dans certains cas).
* Copie et colle le ou les rapports dans ta réponse stp...
* Au cas où, tu peux les retrouver dans le dossier C:\OTL ou sur ton bureau en fonction des cas rencontrés

@++

Manuch78 · le 20 Mai 2010 10:35

Merci de l'aide! Voilà mes rapports:

Code: Tout sélectionner: - OTL: OTL logfile created on: 20/05/2010 11:12:58 - Run 1 OTL by OldTimer - Version 3.2.5.0 Folder = C:\Users\corri83977\Desktop Windows Vista Business Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18904) Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy 2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 47,00% Memory free 4,00 Gb Paging File | 2,00 Gb Available in Paging File | 59,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 74,22 Gb Total Space | 36,63 Gb Free Space | 49,35% Space Free | Partition Type: NTFS Drive D: | 74,83 Gb Total Space | 17,79 Gb Free Space | 23,77% Space Free | Partition Type: NTFS Unable to calculate disk information. F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: ESC-090870 Current User Name: corri83977 Logged in as Administrator. Current Boot Mode: Normal Scan Mode: All users Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days Output = Minimal [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - C:\Users\corri83977\Desktop\OTL.exe (OldTimer Tools) PRC - C:\Users\corri83977\AppData\Roaming\019EAFC61E3E101EECC29BFB70B2AB7C\gotnewupdate000.exe (MS) PRC - C:\Program Files\Alwil Software\Avast5\AvastUI.exe (ALWIL Software) PRC - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (ALWIL Software) PRC - C:\Program Files\LimeWire\LimeWire.exe (Lime Wire, LLC) PRC - C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd) PRC - C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.) PRC - C:\Program Files\Java\jre6\bin\jucheck.exe (Sun Microsystems, Inc.) PRC - C:\Program Files\Microsoft Forefront\Client Security\Client\Antimalware\MSASCui.exe (Microsoft Corporation) PRC - C:\Program Files\Microsoft Forefront\Client Security\Client\Antimalware\MsMpEng.exe (Microsoft Corporation) PRC - C:\Program Files\Analog Devices\Core\smax4pnp.exe (Analog Devices, Inc.) PRC - C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe (Broadcom Corporation.) PRC - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.) PRC - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe (Broadcom Corporation.) PRC - C:\Windows\explorer.exe (Microsoft Corporation) PRC - C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE (Microsoft Corporation) PRC - C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE (Microsoft Corporation) PRC - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\VolCtrl.exe ( Hewlett-Packard Development Company, L.P.) PRC - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation) PRC - C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation) PRC - C:\Program Files\RotateImage\RCIMGDIR.exe (Ricoh co.,Ltd.) PRC - C:\Program Files\LSI SoftModem\agrsmsvc.exe (Agere Systems) PRC - C:\Windows\System32\AEADISRV.EXE (Andrea Electronics Corporation) PRC - C:\Program Files\Common Files\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe (France Telecom SA) PRC - c:\Program Files\Fingerprint Sensor\AtService.exe (AuthenTec, Inc.) PRC - C:\Program Files\Common Files\microsoft shared\ink\InputPersonalization.exe (Microsoft Corporation) PRC - C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation) PRC - C:\Program Files\Activ Software\Activdriver\ActivControl2.exe (Promethean Technologies Group Ltd) PRC - C:\Program Files\Archimed\Watchdoc\AWDTSGate.exe (Archimed) PRC - C:\Program Files\Microsoft Forefront\Client Security\Client\SSA\FcsSas.exe (Microsoft Corporation) PRC - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe (InterVideo) [color=#E56717]========== Modules (SafeList) ==========[/color] MOD - C:\Users\corri83977\Desktop\OTL.exe (OldTimer Tools) MOD - C:\ProgramData\Activ Software\ActivApplications\ActivFocusHook.dll () MOD - C:\Program Files\Microsoft Script Control\msscript.ocx (Microsoft Corporation) MOD - C:\Program Files\WIDCOMM\Bluetooth Software\BtMmHook.dll (Broadcom Corporation.) MOD - C:\Program Files\WIDCOMM\Bluetooth Software\BTKeyInd.dll () MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0\comctl32.dll (Microsoft Corporation) [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - (avast! Web Scanner) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (ALWIL Software) SRV - (avast! Mail Scanner) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (ALWIL Software) SRV - (avast! Antivirus) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (ALWIL Software) SRV - (FontCache) -- C:\Windows\System32\FntCache.dll (Microsoft Corporation) SRV - (yksvc) -- C:\Windows\System32\yk60x86.dll (Marvell) SRV - (FCSAM) -- C:\Program Files\Microsoft Forefront\Client Security\Client\Antimalware\MsMpEng.exe (Microsoft Corporation) SRV - (btwdins) -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe (Broadcom Corporation.) SRV - (wlidsvc) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corporation) SRV - (Steam Client Service) -- C:\Program Files\Common Files\Steam\SteamService.exe (Valve Corporation) SRV - (IAANTMON) Intel(R) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation) SRV - (AgereModemAudio) -- C:\Program Files\LSI SoftModem\agrsmsvc.exe (Agere Systems) SRV - (AEADIFilters) -- C:\Windows\System32\AEADISRV.EXE (Andrea Electronics Corporation) SRV - (FTRTSVC) -- C:\Program Files\Common Files\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe (France Telecom SA) SRV - (ATService) -- c:\Program Files\Fingerprint Sensor\AtService.exe (AuthenTec, Inc.) SRV - (RoxMediaDB10) -- C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe (Sonic Solutions) SRV - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation) SRV - (FcsSas) -- C:\Program Files\Microsoft Forefront\Client Security\Client\SSA\FcsSas.exe (Microsoft Corporation) SRV - (IviRegMgr) -- C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe (InterVideo) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - (aswTdi) -- C:\Windows\System32\drivers\aswTdi.sys (ALWIL Software) DRV - (aswSP) -- C:\Windows\System32\drivers\aswSP.sys (ALWIL Software) DRV - (aswRdr) -- C:\Windows\System32\drivers\aswRdr.sys (ALWIL Software) DRV - (aswMonFlt) -- C:\Windows\System32\drivers\aswMonFlt.sys (ALWIL Software) DRV - (aswFsBlk) -- C:\Windows\System32\drivers\aswFsBlk.sys (ALWIL Software) DRV - (MBAMSwissArmy) -- C:\Windows\System32\drivers\mbamswissarmy.sys (Malwarebytes Corporation) DRV - (sptd) -- C:\Windows\System32\Drivers\sptd.sys () DRV - (BCM43XX) -- C:\Windows\System32\drivers\BCMWL6.SYS (Broadcom Corporation) DRV - (yukonwlh) -- C:\Windows\System32\drivers\yk60x86.sys (Marvell) DRV - (MpFilter) -- C:\Windows\System32\drivers\MpFilter.sys (Microsoft Corporation) DRV - (5U876UVC) -- C:\Windows\System32\drivers\5U876.sys (Ricoh co.,Ltd.) DRV - (SynTP) -- C:\Windows\System32\drivers\SynTP.sys (Synaptics Incorporated) DRV - (ADIHdAudAddService) -- C:\Windows\System32\drivers\ADIHdAud.sys (Analog Devices, Inc.) DRV - (HpCISSs) -- C:\Windows\system32\drivers\hpcisss.sys (Hewlett-Packard Company) DRV - (btwaudio) -- C:\Windows\System32\drivers\btwaudio.sys (Broadcom Corporation.) DRV - (btwl2cap) -- C:\Windows\System32\drivers\btwl2cap.sys (Broadcom Corporation.) DRV - (NETw5v32) Intel(R) -- C:\Windows\System32\drivers\NETw5v32.sys (Intel Corporation) DRV - (SNP2UVC) USB2.0 PC Camera (SNP2UVC) -- C:\Windows\System32\drivers\snp2uvc.sys () DRV - (igfx) -- C:\Windows\System32\drivers\igdkmd32.sys (Intel Corporation) DRV - (btwavdt) -- C:\Windows\System32\drivers\btwavdt.sys (Broadcom Corporation.) DRV - (btwrchid) -- C:\Windows\System32\drivers\btwrchid.sys (Broadcom Corporation.) DRV - (IntcHdmiAddService) Intel(R) -- C:\Windows\System32\drivers\IntcHdmi.sys (Intel(R) Corporation) DRV - (iaStor) -- C:\Windows\system32\DRIVERS\iaStor.sys (Intel Corporation) DRV - (Accelerometer) -- C:\Windows\System32\drivers\Accelerometer.sys (Hewlett-Packard Corporation) DRV - (hpdskflt) -- C:\Windows\system32\DRIVERS\hpdskflt.sys (Hewlett-Packard Corporation) DRV - (ATSwpWDF) -- C:\Windows\System32\drivers\ATSwpWDF.sys (AuthenTec, Inc.) DRV - (MegaSR) -- C:\Windows\system32\drivers\megasr.sys (LSI Corporation, Inc.) DRV - (adpu320) -- C:\Windows\system32\drivers\adpu320.sys (Adaptec, Inc.) DRV - (SiSRaid4) -- C:\Windows\system32\drivers\sisraid4.sys (Silicon Integrated Systems) DRV - (megasas) -- C:\Windows\system32\drivers\megasas.sys (LSI Corporation) DRV - (adpahci) -- C:\Windows\system32\drivers\adpahci.sys (Adaptec, Inc.) DRV - (adpu160m) -- C:\Windows\system32\drivers\adpu160m.sys (Adaptec, Inc.) DRV - (LSI_SAS) -- C:\Windows\system32\drivers\lsi_sas.sys (LSI Logic) DRV - (ql2300) -- C:\Windows\system32\drivers\ql2300.sys (QLogic Corporation) DRV - (E1G60) Intel(R) -- C:\Windows\System32\drivers\E1G60I32.sys (Intel Corporation) DRV - (arcsas) -- C:\Windows\system32\drivers\arcsas.sys (Adaptec, Inc.) DRV - (vsmraid) -- C:\Windows\system32\drivers\vsmraid.sys (VIA Technologies Inc.,Ltd) DRV - (LSI_FC) -- C:\Windows\system32\drivers\lsi_fc.sys (LSI Logic) DRV - (arc) -- C:\Windows\system32\drivers\arc.sys (Adaptec, Inc.) DRV - (iaStorV) -- C:\Windows\system32\drivers\iastorv.sys (Intel Corporation) DRV - (ulsata2) -- C:\Windows\system32\drivers\ulsata2.sys (Promise Technology, Inc.) DRV - (LSI_SCSI) -- C:\Windows\system32\drivers\lsi_scsi.sys (LSI Logic) DRV - (elxstor) -- C:\Windows\system32\drivers\elxstor.sys (Emulex) DRV - (adp94xx) -- C:\Windows\system32\drivers\adp94xx.sys (Adaptec, Inc.) DRV - (uliahci) -- C:\Windows\system32\drivers\uliahci.sys (ULi Electronics Inc.) DRV - (nvraid) -- C:\Windows\system32\drivers\nvraid.sys (NVIDIA Corporation) DRV - (nvstor) -- C:\Windows\system32\drivers\nvstor.sys (NVIDIA Corporation) DRV - (viaide) -- C:\Windows\system32\drivers\viaide.sys (VIA Technologies, Inc.) DRV - (cmdide) -- C:\Windows\system32\drivers\cmdide.sys (CMD Technology, Inc.) DRV - (aliide) -- C:\Windows\system32\drivers\aliide.sys (Acer Laboratories Inc.) DRV - (ActivHidSerMini) -- C:\Windows\System32\drivers\activhidsermini.sys (Promethean Technologies Ltd) DRV - (prmvmouse) -- C:\Windows\System32\drivers\activmouse.sys (Promethean Technologies Ltd) DRV - (HpqKbFiltr) -- C:\Windows\System32\drivers\HpqKbFiltr.sys (Hewlett-Packard Development Company, L.P.) DRV - (PCAMp50) -- C:\Windows\System32\drivers\PCAMp50.sys (Printing Communications Assoc., Inc. (PCAUSA)) DRV - (PCASp50) -- C:\Windows\System32\drivers\PCASp50.sys (Printing Communications Assoc., Inc. (PCAUSA)) DRV - (ql40xx) -- C:\Windows\system32\drivers\ql40xx.sys (QLogic Corporation) DRV - (UlSata) -- C:\Windows\system32\drivers\ulsata.sys (Promise Technology, Inc.) DRV - (nfrd960) -- C:\Windows\system32\drivers\nfrd960.sys (IBM Corporation) DRV - (iirsp) -- C:\Windows\system32\drivers\iirsp.sys (Intel Corp./ICP vortex GmbH) DRV - (aic78xx) -- C:\Windows\system32\drivers\djsvs.sys (Adaptec, Inc.) DRV - (iteraid) -- C:\Windows\system32\drivers\iteraid.sys (Integrated Technology Express, Inc.) DRV - (iteatapi) -- C:\Windows\system32\drivers\iteatapi.sys (Integrated Technology Express, Inc.) DRV - (Symc8xx) -- C:\Windows\system32\drivers\symc8xx.sys (LSI Logic) DRV - (Sym_u3) -- C:\Windows\system32\drivers\sym_u3.sys (LSI Logic) DRV - (Mraid35x) -- C:\Windows\system32\drivers\mraid35x.sys (LSI Logic Corporation) DRV - (Sym_hi) -- C:\Windows\system32\drivers\sym_hi.sys (LSI Logic) DRV - (Brserid) Brother MFC Serial Port Interface Driver (WDM) -- C:\Windows\system32\drivers\brserid.sys (Brother Industries Ltd.) DRV - (BrUsbSer) -- C:\Windows\system32\drivers\brusbser.sys (Brother Industries Ltd.) DRV - (BrFiltUp) -- C:\Windows\system32\drivers\brfiltup.sys (Brother Industries, Ltd.) DRV - (BrFiltLo) -- C:\Windows\system32\drivers\brfiltlo.sys (Brother Industries, Ltd.) DRV - (BrSerWdm) -- C:\Windows\system32\drivers\brserwdm.sys (Brother Industries Ltd.) DRV - (BrUsbMdm) -- C:\Windows\system32\drivers\brusbmdm.sys (Brother Industries Ltd.) DRV - (AgereSoftModem) -- C:\Windows\System32\drivers\AGRSM.sys (Agere Systems) DRV - (ntrigdigi) -- C:\Windows\system32\drivers\ntrigdigi.sys (N-trig Innovative Technologies) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-1834913581-721874356-3486338912-9079\..\URLSearchHook: {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\OrangeHSS\SearchURLHook\SearchPageURL.dll () IE - HKU\S-1-5-21-1834913581-721874356-3486338912-9079\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-1834913581-721874356-3486338912-9079\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = local FF - HKLM\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Program Files\Real\RealPlayer\browserrecord [2009/08/11 10:49:03 | 000,000,000 | ---D | M] O1 HOSTS File: ([2010/05/20 02:17:31 | 000,321,396 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O1 - Hosts: 127.0.0.1 http://www.007guard.com O1 - Hosts: 127.0.0.1 007guard.com O1 - Hosts: 127.0.0.1 008i.com O1 - Hosts: 127.0.0.1 http://www.008k.com O1 - Hosts: 127.0.0.1 008k.com O1 - Hosts: 127.0.0.1 http://www.00hq.com O1 - Hosts: 127.0.0.1 00hq.com O1 - Hosts: 127.0.0.1 010402.com O1 - Hosts: 127.0.0.1 http://www.032439.com O1 - Hosts: 127.0.0.1 032439.com O1 - Hosts: 127.0.0.1 http://www.0scan.com O1 - Hosts: 127.0.0.1 0scan.com O1 - Hosts: 127.0.0.1 http://www.1000gratisproben.com O1 - Hosts: 127.0.0.1 1000gratisproben.com O1 - Hosts: 127.0.0.1 http://www.1001namen.com O1 - Hosts: 127.0.0.1 1001namen.com O1 - Hosts: 127.0.0.1 100888290cs.com O1 - Hosts: 127.0.0.1 http://www.100888290cs.com O1 - Hosts: 127.0.0.1 100sexlinks.com O1 - Hosts: 127.0.0.1 http://www.100sexlinks.com O1 - Hosts: 127.0.0.1 10sek.com O1 - Hosts: 127.0.0.1 http://www.10sek.com O1 - Hosts: 127.0.0.1 http://www.1-2005-search.com O1 - Hosts: 11013 more lines... O2 - BHO: (Skype add-on (mastermind)) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.) O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll (RealPlayer) O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found. O3 - HKLM\..\Toolbar: (no name) - - No CLSID value found. O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O4 - HKLM..\Run: [ActivControl] C:\Program Files\Activ Software\Activdriver\ActivControl2.exe (Promethean Technologies Group Ltd) O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\AvastUI.exe (ALWIL Software) O4 - HKLM..\Run: [AWDPopupInit] File not found O4 - HKLM..\Run: [AWDTSGate] File not found O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation) O4 - HKLM..\Run: [Microsoft Forefront Client Security Antimalware Service] C:\Program Files\Microsoft Forefront\Client Security\Client\Antimalware\MSASCui.exe (Microsoft Corporation) O4 - HKLM..\Run: [ORAHSSSessionManager] C:\Program Files\OrangeHSS\SessionManager\SessionManager.exe (France Telecom SA) O4 - HKLM..\Run: [RotateImage] C:\Program Files\RotateImage\RCIMGDIR.exe (Ricoh co.,Ltd.) O4 - HKLM..\Run: [SoundMAX] C:\Program Files\Analog Devices\SoundMAX\soundmax.exe (Analog Devices, Inc.) O4 - HKLM..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe (Analog Devices, Inc.) O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.) O4 - HKLM..\Run: [WatchDog] C:\Program Files\InterVideo\DVD Check\DVDCheck.exe (InterVideo Inc.) O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation) O4 - HKU\.DEFAULT..\Run: [Popup] C:\Program Files\Archimed\Watchdoc\AWDTSGate.exe (Archimed) O4 - HKU\S-1-5-18..\Run: [Popup] C:\Program Files\Archimed\Watchdoc\AWDTSGate.exe (Archimed) O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation) O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation) O4 - HKU\S-1-5-21-1834913581-721874356-3486338912-9079..\Run: [corri83977] C:\Users\corri83977\corri83977.exe File not found O4 - HKU\S-1-5-21-1834913581-721874356-3486338912-9079..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd) O4 - HKU\S-1-5-21-1834913581-721874356-3486338912-9079..\Run: [gotnewupdate000.exe] C:\Users\corri83977\AppData\Roaming\019EAFC61E3E101EECC29BFB70B2AB7C\gotnewupdate000.exe (MS) O4 - HKU\S-1-5-21-1834913581-721874356-3486338912-9079..\Run: [M5T8QL3YW3] C:\Users\CORRI8~1\AppData\Local\Temp\Qdd.exe File not found O4 - HKU\S-1-5-21-1834913581-721874356-3486338912-9079..\Run: [Popup] C:\Program Files\Archimed\Watchdoc\AWDTSGate.exe (Archimed) O4 - HKU\S-1-5-21-1834913581-721874356-3486338912-9079..\Run: [Steam] C:\Program Files\Steam\Steam.exe (Valve Corporation) O4 - Startup: C:\Users\corri83977\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Free Music Zilla.lnk = C:\Program Files\Free Music Zilla\FMZilla.exe () O4 - Startup: C:\Users\corri83977\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LimeWire On Startup.lnk = C:\Program Files\LimeWire\LimeWire.exe (Lime Wire, LLC) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O8 - Extra context menu item: E&xporter vers Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation) O8 - Extra context menu item: Envoyer au périphérique &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O8 - Extra context menu item: Envoyer l'&image au périphérique Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm () O9 - Extra Button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.) O9 - Extra Button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation) O9 - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9 - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O13 - gopher Prefix: missing O15 - HKU\S-1-5-21-1834913581-721874356-3486338912-9079\..Trusted Domains: esc-grenoble.fr ([]* in Intranet local) O15 - HKU\S-1-5-21-1834913581-721874356-3486338912-9079\..Trusted Domains: grenoble-em.com ([]* in Intranet local) O15 - HKU\S-1-5-21-1834913581-721874356-3486338912-9079\..Trusted Domains: grenoble-em.com ([mediaplus] http in Sites de confiance) O15 - HKU\S-1-5-21-1834913581-721874356-3486338912-9079\..Trusted Domains: mappy.com ([]http in Sites de confiance) O15 - HKU\S-1-5-21-1834913581-721874356-3486338912-9079\..Trusted Domains: mti-brothers.com ([]* in Intranet local) O15 - HKU\S-1-5-21-1834913581-721874356-3486338912-9079\..Trusted Domains: orange.fr ([]http in Sites de confiance) O15 - HKU\S-1-5-21-1834913581-721874356-3486338912-9079\..Trusted Domains: voila.fr ([rw.search.ke] http in Sites de confiance) O15 - HKU\S-1-5-21-1834913581-721874356-3486338912-9079\..Trusted Domains: weborama.fr ([orange] http in Sites de confiance) O15 - HKU\S-1-5-21-1834913581-721874356-3486338912-9079\..Trusted Ranges: Range10001 ([http] in Intranet local) O15 - HKU\S-1-5-21-1834913581-721874356-3486338912-9079\..Trusted Ranges: Range10002 ([http] in Intranet local) O15 - HKU\S-1-5-21-1834913581-721874356-3486338912-9079\..Trusted Ranges: Range10003 ([http] in Intranet local) O15 - HKU\S-1-5-21-1834913581-721874356-3486338912-9079\..Trusted Ranges: Range10004 ([http] in Intranet local) O15 - HKU\S-1-5-21-1834913581-721874356-3486338912-9079\..Trusted Ranges: Range10005 ([http] in Intranet local) O15 - HKU\S-1-5-21-1834913581-721874356-3486338912-9079\..Trusted Ranges: Range10006 ([http] in Intranet local) O15 - HKU\S-1-5-21-1834913581-721874356-3486338912-9079\..Trusted Ranges: Range10007 ([http] in Intranet local) O15 - HKU\S-1-5-21-1834913581-721874356-3486338912-9079\..Trusted Ranges: Range10008 ([http] in Intranet local) O15 - HKU\S-1-5-21-1834913581-721874356-3486338912-9079\..Trusted Ranges: Range10009 ([http] in Intranet local) O16 - DPF: {A8F2B9BD-A6A0-486A-9744-18920D898429} http://www.sibelius.com/download/software/win/ActiveXPlugin.cab (ScorchPlugin Class) O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = student.grenoble-em.com O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll (Microsoft Corporation) O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation) O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\Windows\System32\igfxdev.dll (Intel Corporation) O24 - Desktop WallPaper: C:\Users\corri83977\AppData\Roaming\Microsoft\Windows Photo Gallery\Papier peint de la Galerie de photos Windows.jpg O24 - Desktop BackupWallPaper: C:\Users\corri83977\AppData\Roaming\Microsoft\Windows Photo Gallery\Papier peint de la Galerie de photos Windows.jpg O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006/09/18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O33 - MountPoints2\{5ada477e-238c-11df-96d6-00247e91681d}\Shell - "" = AutoRun O33 - MountPoints2\{5ada477e-238c-11df-96d6-00247e91681d}\Shell\AutoRun\command - "" = G:\LaunchU3.exe -- File not found O33 - MountPoints2\{64a91371-e965-11de-9b75-00247e91681d}\Shell\AutoRun\command - "" = F:\svchost.exe -- File not found O33 - MountPoints2\{7a542e6d-e3dd-11de-baef-00247e91681d}\Shell\AutoRun\command - "" = F:\svchost.exe -- File not found O33 - MountPoints2\{9bd9c023-c5b6-11de-b17f-00247e91681d}\Shell\AutoRun\command - "" = F:\svchost.exe -- File not found O33 - MountPoints2\{ae589f21-dd9e-11de-a808-00247e91681d}\Shell\AutoRun\command - "" = G:\svchost.exe -- File not found O33 - MountPoints2\{d70870c4-283b-11df-a8e9-00247e91681d}\Shell - "" = AutoRun O33 - MountPoints2\{d70870c4-283b-11df-a8e9-00247e91681d}\Shell\AutoRun\command - "" = F:\autorun.exe -- File not found O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* NetSvcs: FastUserSwitchingCompatibility - File not found NetSvcs: Ias - C:\Windows\System32\ias [2008/01/21 04:35:08 | 000,000,000 | ---D | M] NetSvcs: Nla - File not found NetSvcs: Ntmssvc - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: SRService - File not found NetSvcs: Wmi - C:\Windows\System32\wmi.dll (Microsoft Corporation) NetSvcs: WmdmPmSp - File not found NetSvcs: LogonHours - File not found NetSvcs: PCAudit - File not found NetSvcs: helpsvc - File not found NetSvcs: uploadmgr - File not found [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2010/05/20 02:07:21 | 000,289,144 | ---- | C] (S!Ri) -- C:\Windows\System32\VCCLSID.exe [2010/05/20 02:07:21 | 000,288,417 | ---- | C] (S!Ri) -- C:\Windows\System32\SrchSTS.exe [2010/05/20 02:07:21 | 000,135,168 | ---- | C] (SteelWerX) -- C:\Windows\System32\swreg.exe [2010/05/20 02:07:21 | 000,087,552 | ---- | C] (S!Ri.URZ) -- C:\Windows\System32\VACFix.exe [2010/05/20 02:07:21 | 000,082,944 | ---- | C] (S!Ri.URZ) -- C:\Windows\System32\IEDFix.exe [2010/05/20 02:07:21 | 000,082,944 | ---- | C] (S!Ri.URZ) -- C:\Windows\System32\IEDFix.C.exe [2010/05/20 02:07:21 | 000,082,432 | ---- | C] (S!Ri.URZ) -- C:\Windows\System32\404Fix.exe [2010/05/20 02:07:21 | 000,080,384 | ---- | C] (S!Ri.URZ) -- C:\Windows\System32\o4Patch.exe [2010/05/20 02:07:21 | 000,079,360 | ---- | C] (SteelWerX) -- C:\Windows\System32\swxcacls.exe [2010/05/20 02:07:21 | 000,078,336 | ---- | C] (S!Ri.URZ) -- C:\Windows\System32\Agent.OMZ.Fix.exe [2010/05/20 02:07:21 | 000,053,248 | ---- | C] (http://www.beyondlogic.org) -- C:\Windows\System32\Process.exe [2010/05/14 20:31:36 | 000,000,000 | ---D | C] -- C:\Program Files\Sibelius Software [2010/04/26 17:45:08 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\outlook security manager [2010/04/21 12:29:02 | 000,000,000 | ---D | C] -- D:\Mes Documents\Documents\Fiche second trimestre [2010/04/21 01:08:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Musicnotes [2009/03/26 06:37:38 | 000,256,560 | ---- | C] ( ) -- C:\Windows\System32\rsnp2uvc.dll [1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ] [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2010/05/20 11:17:18 | 007,077,888 | -HS- | M] () -- C:\Users\corri83977\ntuser.dat [2010/05/20 11:15:59 | 000,000,438 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{33CD9555-346A-4025-952C-AED3F1651FAF}.job [2010/05/20 11:12:00 | 001,506,976 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI [2010/05/20 11:12:00 | 000,682,146 | ---- | M] () -- C:\Windows\System32\perfh00C.dat [2010/05/20 11:12:00 | 000,598,850 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2010/05/20 11:12:00 | 000,129,296 | ---- | M] () -- C:\Windows\System32\perfc00C.dat [2010/05/20 11:12:00 | 000,106,120 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2010/05/20 11:08:16 | 000,000,302 | -H-- | M] () -- C:\Windows\tasks\{8C3FDD81-7AE0-4605-A46A-2488B179F2A3}.job [2010/05/20 11:08:04 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2010/05/20 05:30:39 | 000,005,760 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2010/05/20 05:30:39 | 000,005,760 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2010/05/20 03:30:43 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT [2010/05/20 03:30:33 | 2072,264,704 | -HS- | M] () -- C:\hiberfil.sys [2010/05/20 03:29:38 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat [2010/05/20 03:29:29 | 000,524,288 | -HS- | M] () -- C:\Users\corri83977\ntuser.dat{3d4e88f1-6a70-11db-b1ba-d64300c9c793}.TMContainer00000000000000000001.regtrans-ms [2010/05/20 03:29:29 | 000,065,536 | -HS- | M] () -- C:\Users\corri83977\ntuser.dat{3d4e88f1-6a70-11db-b1ba-d64300c9c793}.TM.blf [2010/05/20 02:36:28 | 000,001,380 | ---- | M] () -- C:\Windows\lsrslt.ini [2010/05/20 02:34:45 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt [2010/05/20 02:28:21 | 000,000,785 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2010/05/20 02:17:36 | 000,004,748 | ---- | M] () -- C:\Windows\System32\tmp.reg [2010/05/20 02:06:11 | 000,442,040 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2010/05/20 01:16:58 | 000,001,154 | ---- | M] () -- C:\Users\Etudiant\Desktop\Antimalware Doctor.lnk [2010/05/20 01:16:34 | 000,224,256 | ---- | M] () -- C:\Windows\System32\sshnas21.dll [2010/05/16 22:28:15 | 000,131,960 | ---- | M] () -- C:\Users\Etudiant\AppData\Local\GDIPFONTCACHEV1.DAT [2010/05/13 19:59:16 | 000,245,271 | ---- | M] () -- C:\codes_dott.zip [2010/05/06 22:59:57 | 000,038,848 | ---- | M] (ALWIL Software) -- C:\Windows\System32\avastSS.scr [2010/05/06 22:59:36 | 000,165,032 | ---- | M] (ALWIL Software) -- C:\Windows\System32\aswBoot.exe [2010/05/06 22:39:23 | 000,046,672 | ---- | M] (ALWIL Software) -- C:\Windows\System32\drivers\aswTdi.sys [2010/05/06 22:39:00 | 000,164,048 | ---- | M] (ALWIL Software) -- C:\Windows\System32\drivers\aswSP.sys [2010/05/06 22:34:27 | 000,023,376 | ---- | M] (ALWIL Software) -- C:\Windows\System32\drivers\aswRdr.sys [2010/05/06 22:34:10 | 000,051,792 | ---- | M] (ALWIL Software) -- C:\Windows\System32\drivers\aswMonFlt.sys [2010/05/06 22:33:47 | 000,019,024 | ---- | M] (ALWIL Software) -- C:\Windows\System32\drivers\aswFsBlk.sys [2010/05/06 10:36:38 | 000,221,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe [2010/04/29 15:39:38 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys [2010/04/29 15:39:26 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys [2010/04/28 10:05:08 | 000,010,900 | ---- | M] () -- D:\Mes Documents\Documents\Historique Caterpilla.docx [2010/04/26 17:43:15 | 000,001,613 | ---- | M] () -- C:\Users\Public\Desktop\Certiprep.lnk [2010/04/26 17:43:15 | 000,000,724 | ---- | M] () -- C:\Users\Public\Desktop\iQsystem Tools.lnk [2010/04/26 17:43:15 | 000,000,719 | ---- | M] () -- C:\Users\Public\Desktop\iQsystem Exams.lnk [2010/04/22 14:14:18 | 001,048,576 | -HS- | M] () -- C:\Users\corri83977\ntuser.dat{3d4e88f0-6a70-11db-b1ba-d64300c9c793}.TxR.2.regtrans-ms [2010/04/22 14:14:18 | 001,048,576 | -HS- | M] () -- C:\Users\corri83977\ntuser.dat{3d4e88f0-6a70-11db-b1ba-d64300c9c793}.TxR.1.regtrans-ms [2010/04/22 14:14:18 | 001,048,576 | -HS- | M] () -- C:\Users\corri83977\ntuser.dat{3d4e88f0-6a70-11db-b1ba-d64300c9c793}.TxR.0.regtrans-ms [2010/04/22 14:14:18 | 000,065,536 | -HS- | M] () -- C:\Users\corri83977\ntuser.dat{3d4e88f0-6a70-11db-b1ba-d64300c9c793}.TxR.blf [2010/04/21 10:22:43 | 000,293,039 | ---- | M] () -- D:\Mes Documents\Documents\Facture_Pro_Forma_ORAL_E52_Anglais[1].rtf [2010/04/20 21:28:44 | 000,028,942 | ---- | M] () -- D:\Mes Documents\Documents\Economie de la firme (2).docx [2010/04/20 13:57:43 | 000,075,582 | ---- | M] () -- D:\Mes Documents\Documents\Soutenance Adayg Fatou et Gaelle.pptx [2010/04/20 13:57:30 | 000,088,752 | ---- | M] () -- D:\Mes Documents\Documents\Soutenance Adayg Manu et Lucie.pptx [1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2010/05/20 02:23:30 | 000,001,380 | ---- | C] () -- C:\Windows\lsrslt.ini [2010/05/20 02:12:29 | 2072,264,704 | -HS- | C] () -- C:\hiberfil.sys [2010/05/20 02:08:16 | 000,004,748 | ---- | C] () -- C:\Windows\System32\tmp.reg [2010/05/20 02:07:21 | 000,075,776 | ---- | C] () -- C:\Windows\System32\WS2Fix.exe [2010/05/20 02:07:21 | 000,051,200 | ---- | C] () -- C:\Windows\System32\dumphive.exe [2010/05/20 02:07:21 | 000,040,960 | ---- | C] () -- C:\Windows\System32\swsc.exe [2010/05/20 01:16:58 | 000,001,154 | ---- | C] () -- C:\Users\Etudiant\Desktop\Antimalware Doctor.lnk [2010/05/20 01:16:37 | 000,000,302 | -H-- | C] () -- C:\Windows\tasks\{8C3FDD81-7AE0-4605-A46A-2488B179F2A3}.job [2010/05/20 01:16:34 | 000,224,256 | ---- | C] () -- C:\Windows\System32\sshnas21.dll [2010/05/13 20:05:43 | 000,245,271 | ---- | C] () -- C:\codes_dott.zip [2010/05/13 20:05:43 | 000,148,069 | R--- | C] () -- C:\TENTACLE.EXE [2010/05/13 20:05:43 | 000,040,293 | R--- | C] () -- C:\DOTT.EXE [2010/05/13 12:17:56 | 000,077,436 | ---- | C] () -- D:\Mes Documents\Documents\Corriette Emmanuel CV.doc [2010/04/28 10:05:05 | 000,010,900 | ---- | C] () -- D:\Mes Documents\Documents\Historique Caterpilla.docx [2010/04/26 17:43:15 | 000,001,613 | ---- | C] () -- C:\Users\Public\Desktop\Certiprep.lnk [2010/04/26 17:43:15 | 000,000,724 | ---- | C] () -- C:\Users\Public\Desktop\iQsystem Tools.lnk [2010/04/26 17:43:15 | 000,000,719 | ---- | C] () -- C:\Users\Public\Desktop\iQsystem Exams.lnk [2010/04/22 14:14:18 | 001,048,576 | -HS- | C] () -- C:\Users\corri83977\ntuser.dat{3d4e88f0-6a70-11db-b1ba-d64300c9c793}.TxR.2.regtrans-ms [2010/04/22 14:14:18 | 001,048,576 | -HS- | C] () -- C:\Users\corri83977\ntuser.dat{3d4e88f0-6a70-11db-b1ba-d64300c9c793}.TxR.1.regtrans-ms [2010/04/22 14:14:18 | 001,048,576 | -HS- | C] () -- C:\Users\corri83977\ntuser.dat{3d4e88f0-6a70-11db-b1ba-d64300c9c793}.TxR.0.regtrans-ms [2010/04/22 14:14:18 | 000,065,536 | -HS- | C] () -- C:\Users\corri83977\ntuser.dat{3d4e88f0-6a70-11db-b1ba-d64300c9c793}.TxR.blf [2010/04/20 21:28:39 | 000,028,942 | ---- | C] () -- D:\Mes Documents\Documents\Economie de la firme (2).docx [2010/04/20 13:57:43 | 000,075,582 | ---- | C] () -- D:\Mes Documents\Documents\Soutenance Adayg Fatou et Gaelle.pptx [2010/04/20 13:57:29 | 000,088,752 | ---- | C] () -- D:\Mes Documents\Documents\Soutenance Adayg Manu et Lucie.pptx [2010/03/03 13:16:11 | 000,691,696 | ---- | C] () -- C:\Windows\System32\drivers\sptd.sys [2009/12/06 15:44:56 | 000,819,200 | ---- | C] () -- C:\Windows\System32\xvidcore.dll [2009/12/06 15:44:50 | 000,180,224 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll [2009/09/30 13:38:16 | 000,000,000 | ---- | C] () -- C:\Windows\PertPlus[1].INI [2009/09/30 00:57:31 | 000,000,143 | ---- | C] () -- C:\Windows\PERTPL~1.INI [2009/08/13 10:02:51 | 000,204,800 | ---- | C] () -- C:\Windows\System32\IVIresizeW7.dll [2009/08/13 10:02:51 | 000,200,704 | ---- | C] () -- C:\Windows\System32\IVIresizeA6.dll [2009/08/13 10:02:51 | 000,192,512 | ---- | C] () -- C:\Windows\System32\IVIresizeP6.dll [2009/08/13 10:02:51 | 000,192,512 | ---- | C] () -- C:\Windows\System32\IVIresizeM6.dll [2009/08/13 10:02:51 | 000,188,416 | ---- | C] () -- C:\Windows\System32\IVIresizePX.dll [2009/08/13 10:02:51 | 000,020,480 | ---- | C] () -- C:\Windows\System32\IVIresize.dll [2009/08/11 10:53:00 | 000,000,050 | ---- | C] () -- C:\Windows\cdplayer.ini [2009/08/11 10:02:55 | 000,116,224 | ---- | C] () -- C:\Windows\System32\pdfcmnnt.dll [2009/08/11 09:45:18 | 000,028,160 | ---- | C] () -- C:\Windows\System32\ITSLauncher.dll [2009/08/11 09:45:03 | 000,049,152 | ---- | C] () -- C:\Windows\System32\ITSUtils.dll [2009/08/11 09:45:03 | 000,028,672 | ---- | C] () -- C:\Windows\System32\ITSMAPI.dll [2009/08/11 09:45:03 | 000,017,920 | ---- | C] () -- C:\Windows\System32\IMPLODE.DLL [2009/08/10 09:40:24 | 000,006,656 | ---- | C] () -- C:\Windows\System32\bcmwlrc.dll [2009/04/11 15:19:37 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll [2009/03/26 06:39:14 | 001,765,168 | ---- | C] () -- C:\Windows\System32\drivers\snp2uvc.sys [2009/03/26 06:39:04 | 000,034,480 | ---- | C] () -- C:\Windows\System32\drivers\sncduvc.sys [2008/12/05 02:25:00 | 000,004,608 | ---- | C] () -- C:\Windows\System32\HdmiCoin.dll [2007/09/18 15:01:08 | 000,167,936 | ---- | C] () -- C:\Windows\libactivboardex.dll [2007/09/13 09:31:50 | 000,196,608 | ---- | C] () -- C:\Windows\ActivDRV.dll [2006/11/02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini [2006/09/12 11:08:38 | 006,172,672 | ---- | C] () -- C:\Windows\System32\HwRecogK.dll [2006/08/14 09:56:52 | 007,946,240 | ---- | C] () -- C:\Windows\System32\HWRecogT.dll [2006/08/13 17:48:58 | 015,147,008 | ---- | C] () -- C:\Windows\System32\HWRecog.dll [2006/05/19 18:39:58 | 000,015,497 | ---- | C] () -- C:\Windows\snp2uvc.ini [2003/08/07 16:01:50 | 000,237,568 | ---- | C] () -- C:\Windows\System32\lame_enc.dll [2003/03/24 06:03:00 | 000,279,552 | ---- | C] () -- C:\Windows\System32\FGWVB32.DLL [1998/03/26 01:12:00 | 000,053,248 | ---- | C] () -- C:\Windows\System32\zlib.dll [color=#E56717]========== LOP Check ==========[/color] [2010/05/20 02:01:51 | 000,000,000 | ---D | M] -- C:\Users\corri83977\AppData\Roaming\019EAFC61E3E101EECC29BFB70B2AB7C [2010/03/05 11:52:22 | 000,000,000 | ---D | M] -- C:\Users\corri83977\AppData\Roaming\DAEMON Tools Lite [2010/01/21 00:53:31 | 000,000,000 | ---D | M] -- C:\Users\corri83977\AppData\Roaming\FMZilla [2009/08/13 10:08:46 | 000,000,000 | ---D | M] -- C:\Users\corri83977\AppData\Roaming\InterVideo [2010/05/20 11:17:04 | 000,000,000 | ---D | M] -- C:\Users\corri83977\AppData\Roaming\LimeWire [2010/01/19 01:37:18 | 000,000,000 | ---D | M] -- C:\Users\corri83977\AppData\Roaming\MaxTV Technologies [2009/08/11 10:10:19 | 000,000,000 | ---D | M] -- C:\Users\corri83977\AppData\Roaming\Nvu [2010/01/02 23:33:00 | 000,000,000 | ---D | M] -- C:\Users\corri83977\AppData\Roaming\ScummVM [2009/09/23 21:39:22 | 000,000,000 | ---D | M] -- C:\Users\corri83977\AppData\Roaming\SecondLife [2009/08/11 10:09:03 | 000,000,000 | ---D | M] -- C:\Users\corri83977\AppData\Roaming\Sphinx [2010/03/05 12:16:12 | 000,000,000 | ---D | M] -- C:\Users\corri83977\AppData\Roaming\Sports Interactive [2009/08/18 09:22:19 | 000,000,000 | ---D | M] -- C:\Users\corri83977\AppData\Roaming\Xerox [2009/12/16 14:38:53 | 000,000,000 | ---D | M] -- C:\Users\corri83977\AppData\Roaming\XnView [2009/08/13 10:08:46 | 000,000,000 | ---D | M] -- C:\Users\Default\AppData\Roaming\InterVideo [2009/08/11 10:10:19 | 000,000,000 | ---D | M] -- C:\Users\Default\AppData\Roaming\Nvu [2009/08/11 10:00:17 | 000,000,000 | ---D | M] -- C:\Users\Default\AppData\Roaming\SecondLife [2009/08/11 10:09:03 | 000,000,000 | ---D | M] -- C:\Users\Default\AppData\Roaming\Sphinx [2009/08/18 09:22:19 | 000,000,000 | ---D | M] -- C:\Users\Default\AppData\Roaming\Xerox [2009/08/11 10:17:56 | 000,000,000 | ---D | M] -- C:\Users\Default\AppData\Roaming\XnView [2009/08/13 10:08:46 | 000,000,000 | ---D | M] -- C:\Users\Default User\AppData\Roaming\InterVideo [2009/08/11 10:10:19 | 000,000,000 | ---D | M] -- C:\Users\Default User\AppData\Roaming\Nvu [2009/08/11 10:00:17 | 000,000,000 | ---D | M] -- C:\Users\Default User\AppData\Roaming\SecondLife [2009/08/11 10:09:03 | 000,000,000 | ---D | M] -- C:\Users\Default User\AppData\Roaming\Sphinx [2009/08/18 09:22:19 | 000,000,000 | ---D | M] -- C:\Users\Default User\AppData\Roaming\Xerox [2009/08/11 10:17:56 | 000,000,000 | ---D | M] -- C:\Users\Default User\AppData\Roaming\XnView [2009/08/13 10:08:46 | 000,000,000 | ---D | M] -- C:\Users\e-center\AppData\Roaming\InterVideo [2009/08/11 10:10:19 | 000,000,000 | ---D | M] -- C:\Users\e-center\AppData\Roaming\Nvu [2009/08/11 10:00:17 | 000,000,000 | ---D | M] -- C:\Users\e-center\AppData\Roaming\SecondLife [2009/08/11 10:09:03 | 000,000,000 | ---D | M] -- C:\Users\e-center\AppData\Roaming\Sphinx [2009/08/18 09:22:19 | 000,000,000 | ---D | M] -- C:\Users\e-center\AppData\Roaming\Xerox [2009/08/11 10:17:56 | 000,000,000 | ---D | M] -- C:\Users\e-center\AppData\Roaming\XnView [2009/08/13 10:08:46 | 000,000,000 | ---D | M] -- C:\Users\Etudiant\AppData\Roaming\InterVideo [2009/08/11 10:10:19 | 000,000,000 | ---D | M] -- C:\Users\Etudiant\AppData\Roaming\Nvu [2009/08/11 10:00:17 | 000,000,000 | ---D | M] -- C:\Users\Etudiant\AppData\Roaming\SecondLife [2009/08/11 10:09:03 | 000,000,000 | ---D | M] -- C:\Users\Etudiant\AppData\Roaming\Sphinx [2009/08/18 09:22:19 | 000,000,000 | ---D | M] -- C:\Users\Etudiant\AppData\Roaming\Xerox [2009/08/11 10:17:56 | 000,000,000 | ---D | M] -- C:\Users\Etudiant\AppData\Roaming\XnView [2010/05/20 03:29:37 | 000,032,508 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT [2010/05/20 11:15:59 | 000,000,438 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{33CD9555-346A-4025-952C-AED3F1651FAF}.job [2010/05/20 11:08:16 | 000,000,302 | -H-- | M] () -- C:\Windows\Tasks\{8C3FDD81-7AE0-4605-A46A-2488B179F2A3}.job [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Custom Scans ==========[/color] [color=#A23BEC]< %SYSTEMDRIVE%\*.exe >[/color] [1993/06/25 12:49:32 | 000,040,293 | R--- | M] () -- C:\DOTT.EXE [1993/06/25 12:49:32 | 000,148,069 | R--- | M] () -- C:\TENTACLE.EXE [color=#A23BEC]< MD5 for: AGP440.SYS >[/color] [2008/01/21 04:23:26 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\drivers\AGP440.sys [2008/01/21 04:23:26 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_51b95d75\AGP440.sys [2008/01/21 04:23:26 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\AGP440.sys [2008/01/21 04:23:26 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys [2008/01/21 04:23:26 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\AGP440.sys [2006/11/02 11:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys [color=#A23BEC]< MD5 for: ATAPI.SYS >[/color] [2009/04/11 15:19:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\drivers\atapi.sys [2009/04/11 15:19:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_b12d8e84\atapi.sys [2009/04/11 15:19:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys [2008/01/21 04:23:26 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys [2008/01/21 04:23:26 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys [2006/11/02 11:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys [color=#A23BEC]< MD5 for: CDROM.SYS >[/color] [2008/01/21 04:23:28 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=1EC25CEA0DE6AC4718BF89F9E1778B57 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_a29e71c6\cdrom.sys [2008/01/21 04:23:28 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=1EC25CEA0DE6AC4718BF89F9E1778B57 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.0.6001.18000_none_5fa95be2a3c76a4a\cdrom.sys [2009/04/11 15:19:26 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\Windows\System32\drivers\cdrom.sys [2009/04/11 15:19:26 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_c949a5b6\cdrom.sys [2009/04/11 15:19:26 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.0.6002.18005_none_6194d4eea0e93596\cdrom.sys [2006/11/02 10:51:44 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=8D1866E61AF096AE8B582454F5E4D303 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_e487f727\cdrom.sys [color=#A23BEC]< MD5 for: CNGAUDIT.DLL >[/color] [2006/11/02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\System32\cngaudit.dll [2006/11/02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll [color=#A23BEC]< MD5 for: DISK.SYS >[/color] [2009/04/11 15:19:27 | 000,053,736 | ---- | M] (Microsoft Corporation) MD5=5D4AEFC3386920236A548271F8F1AF6A -- C:\Windows\System32\drivers\disk.sys [2009/04/11 15:19:27 | 000,053,736 | ---- | M] (Microsoft Corporation) MD5=5D4AEFC3386920236A548271F8F1AF6A -- C:\Windows\System32\DriverStore\FileRepository\disk.inf_5c850fad\disk.sys [2009/04/11 15:19:27 | 000,053,736 | ---- | M] (Microsoft Corporation) MD5=5D4AEFC3386920236A548271F8F1AF6A -- C:\Windows\winsxs\x86_disk.inf_31bf3856ad364e35_6.0.6002.18005_none_fbb1faf0714e4ea6\disk.sys [2008/01/21 04:23:45 | 000,055,352 | ---- | M] (Microsoft Corporation) MD5=64109E623ABD6955C8FB110B592E68B7 -- C:\Windows\System32\DriverStore\FileRepository\disk.inf_90722180\disk.sys [2008/01/21 04:23:45 | 000,055,352 | ---- | M] (Microsoft Corporation) MD5=64109E623ABD6955C8FB110B592E68B7 -- C:\Windows\winsxs\x86_disk.inf_31bf3856ad364e35_6.0.6001.18000_none_f9c681e4742c835a\disk.sys [2006/11/02 11:49:51 | 000,052,840 | ---- | M] (Microsoft Corporation) MD5=841AF4C4D41D3E3B2F244E976B0F7963 -- C:\Windows\System32\DriverStore\FileRepository\disk.inf_e0b0b355\disk.sys [color=#A23BEC]< MD5 for: IASTOR.SYS >[/color] [2008/12/04 12:48:52 | 000,407,064 | ---- | M] (Intel Corporation) MD5=8EACF469269FB1509561961A3188F670 -- C:\Program Files\Intel\Intel Matrix Storage Manager\driver64\IaStor.sys [2008/12/04 12:48:52 | 000,407,064 | ---- | M] (Intel Corporation) MD5=8EACF469269FB1509561961A3188F670 -- C:\SWSetup\SP42162\Winall\Driver64\IaStor.sys [2008/12/04 12:34:52 | 000,328,728 | ---- | M] (Intel Corporation) MD5=BAABB0301949774A66B955C65319635A -- C:\Program Files\Intel\Intel Matrix Storage Manager\driver\IaStor.sys [2008/12/04 12:34:52 | 000,328,728 | ---- | M] (Intel Corporation) MD5=BAABB0301949774A66B955C65319635A -- C:\SWSetup\SP42162\Winall\Driver\IaStor.sys [2008/12/04 12:34:52 | 000,328,728 | ---- | M] (Intel Corporation) MD5=BAABB0301949774A66B955C65319635A -- C:\Windows\System32\drivers\iaStor.sys [2008/12/04 12:34:52 | 000,328,728 | ---- | M] (Intel Corporation) MD5=BAABB0301949774A66B955C65319635A -- C:\Windows\System32\DriverStore\FileRepository\iaahci.inf_3f3bdbbf\iaStor.sys [color=#A23BEC]< MD5 for: IASTORV.SYS >[/color] [2008/01/21 04:23:47 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\drivers\iaStorV.sys [2008/01/21 04:23:47 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_c9df7691\iaStorV.sys [2008/01/21 04:23:47 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_af11527887c7fa8f\iaStorV.sys [2006/11/02 11:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_37cdafa4\iaStorV.sys [color=#A23BEC]< MD5 for: NDIS.SYS >[/color] [2009/04/11 15:19:42 | 000,527,848 | ---- | M] (Microsoft Corporation) MD5=1357274D1883F68300AEADD15D7BBB42 -- C:\Windows\System32\drivers\ndis.sys [2009/04/11 15:19:42 | 000,527,848 | ---- | M] (Microsoft Corporation) MD5=1357274D1883F68300AEADD15D7BBB42 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6002.18005_none_a9b2a4d31930d864\ndis.sys [color=#A23BEC]< MD5 for: NETLOGON.DLL >[/color] [2009/04/11 15:19:47 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\System32\netlogon.dll [2009/04/11 15:19:47 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_ffa3304f351bb3a3\netlogon.dll [color=#A23BEC]< MD5 for: NVSTOR.SYS >[/color] [2006/11/02 11:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys [2008/01/21 04:23:45 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\drivers\nvstor.sys [2008/01/21 04:23:45 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvstor.sys [2008/01/21 04:23:45 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvstor.sys [color=#A23BEC]< MD5 for: RASACD.SYS >[/color] [2008/01/21 04:24:45 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=147D7F9C556D259924351FEB0DE606C3 -- C:\Windows\System32\drivers\rasacd.sys [2008/01/21 04:24:45 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=147D7F9C556D259924351FEB0DE606C3 -- C:\Windows\winsxs\x86_microsoft-windows-rasautodial_31bf3856ad364e35_6.0.6001.18000_none_0fd9feb665531f63\rasacd.sys [color=#A23BEC]< MD5 for: RDPWD.SYS >[/color] [2009/04/11 15:20:12 | 000,180,736 | ---- | M] (Microsoft Corporation) MD5=30BFBDFB7F95559EDE971F9DDB9A00BA -- C:\Windows\System32\drivers\rdpwd.sys [2009/04/11 15:20:12 | 000,180,736 | ---- | M] (Microsoft Corporation) MD5=30BFBDFB7F95559EDE971F9DDB9A00BA -- C:\Windows\winsxs\x86_microsoft-windows-t..dp-winstationdriver_31bf3856ad364e35_6.0.6002.18005_none_4d610153d22453a6\rdpwd.sys [color=#A23BEC]< MD5 for: SCECLI.DLL >[/color] [2009/04/11 15:20:12 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\System32\scecli.dll [2009/04/11 15:20:12 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_39f95b67d63d3a5e\scecli.dll [color=#A23BEC]< MD5 for: SFLOPPY.SYS >[/color] [2006/11/02 10:51:40 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=46ED8E91793B2E6F848015445A0AC188 -- C:\Windows\System32\DriverStore\FileRepository\flpydisk.inf_7a4ca8e4\sfloppy.sys [2008/01/21 04:23:44 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=C33BFBD6E9E41FCD9FFEF9729E9FAED6 -- C:\Windows\System32\drivers\sfloppy.sys [2008/01/21 04:23:44 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=C33BFBD6E9E41FCD9FFEF9729E9FAED6 -- C:\Windows\System32\DriverStore\FileRepository\flpydisk.inf_36da1340\sfloppy.sys [2008/01/21 04:23:44 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=C33BFBD6E9E41FCD9FFEF9729E9FAED6 -- C:\Windows\winsxs\x86_flpydisk.inf_31bf3856ad364e35_6.0.6001.18000_none_e70a102d7a7bbf43\sfloppy.sys [color=#A23BEC]< MD5 for: TDPIPE.SYS >[/color] [2008/01/21 04:24:34 | 000,017,920 | ---- | M] (Microsoft Corporation) MD5=5DCF5E267BE67A1AE926F2DF77FBCC56 -- C:\Windows\System32\drivers\tdpipe.sys [2008/01/21 04:24:34 | 000,017,920 | ---- | M] (Microsoft Corporation) MD5=5DCF5E267BE67A1AE926F2DF77FBCC56 -- C:\Windows\winsxs\x86_microsoft-windows-t..es-transportdrivers_31bf3856ad364e35_6.0.6001.18000_none_dbac376c44b742d7\tdpipe.sys [color=#A23BEC]< MD5 for: TDTCP.SYS >[/color] [2008/01/21 04:24:34 | 000,029,184 | ---- | M] (Microsoft Corporation) MD5=389C63E32B3CEFED425B61ED92D3F021 -- C:\Windows\System32\drivers\tdtcp.sys [2008/01/21 04:24:34 | 000,029,184 | ---- | M] (Microsoft Corporation) MD5=389C63E32B3CEFED425B61ED92D3F021 -- C:\Windows\winsxs\x86_microsoft-windows-t..es-transportdrivers_31bf3856ad364e35_6.0.6001.18000_none_dbac376c44b742d7\tdtcp.sys [color=#A23BEC]< MD5 for: USBPRINT.SYS >[/color] [2006/11/02 11:14:58 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=B51E52ACF758BE00EF3A58EA452FE360 -- C:\Windows\System32\DriverStore\FileRepository\usbprint.inf_35521f61\usbprint.sys [2008/01/21 04:23:47 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=E75C4B5269091D15A2E7DC0B6D35F2F5 -- C:\Windows\System32\drivers\usbprint.sys [2008/01/21 04:23:47 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=E75C4B5269091D15A2E7DC0B6D35F2F5 -- C:\Windows\System32\DriverStore\FileRepository\usbprint.inf_29f90369\usbprint.sys [2008/01/21 04:23:47 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=E75C4B5269091D15A2E7DC0B6D35F2F5 -- C:\Windows\winsxs\x86_usbprint.inf_31bf3856ad364e35_6.0.6001.18000_none_32f9c26ac169fb1e\usbprint.sys [color=#A23BEC]< MD5 for: USBSCAN.SYS >[/color] [2008/01/21 04:23:52 | 000,035,328 | ---- | M] (Microsoft Corporation) MD5=A508C9BD8724980512136B039BBA65E9 -- C:\Windows\System32\DriverStore\FileRepository\sti.inf_0bb72b9f\usbscan.sys [2008/01/21 04:23:52 | 000,035,328 | ---- | M] (Microsoft Corporation) MD5=A508C9BD8724980512136B039BBA65E9 -- C:\Windows\System32\DriverStore\FileRepository\sti.inf_67b3f94c\usbscan.sys [2008/01/21 04:23:52 | 000,035,328 | ---- | M] (Microsoft Corporation) MD5=A508C9BD8724980512136B039BBA65E9 -- C:\Windows\winsxs\x86_sti.inf_31bf3856ad364e35_6.0.6001.18000_none_59ded168e0c6a0d3\usbscan.sys [2008/01/21 04:23:52 | 000,035,328 | ---- | M] (Microsoft Corporation) MD5=A508C9BD8724980512136B039BBA65E9 -- C:\Windows\winsxs\x86_sti.inf_31bf3856ad364e35_6.0.6002.18005_none_5bca4a74dde86c1f\usbscan.sys [2006/11/02 11:14:17 | 000,035,328 | ---- | M] (Microsoft Corporation) MD5=B1F95285C08DDFE00C0B955462637EC7 -- C:\Windows\System32\DriverStore\FileRepository\sti.inf_727905e0\usbscan.sys [color=#A23BEC]< %systemroot%\*. /mp /s >[/color] [color=#A23BEC]< %systemroot%\system32\*.dll /lockedfiles >[/color] [2009/03/08 13:31:42 | 000,348,160 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\Windows\System32\dxtmsft.dll [2009/03/08 13:31:37 | 000,216,064 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\Windows\System32\dxtrans.dll [2009/04/11 15:20:07 | 000,241,128 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\Windows\System32\rsaenh.dll [2009/04/11 15:20:02 | 000,228,352 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\Windows\System32\SLC.dll [2008/01/21 04:24:29 | 000,009,216 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\Windows\System32\wship6.dll [2008/01/21 04:24:29 | 000,009,216 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\Windows\System32\WSHTCPIP.DLL [1 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ] [color=#A23BEC]< %systemroot%\Tasks\*.job /lockedfiles >[/color] < End of report >

EDIT Skynet : balises [code] ajoutées.

Manuch78 · le 20 Mai 2010 10:36

Et voilà le rapport de Extras:

Code: Tout sélectionner: OTL Extras logfile created on: 20/05/2010 11:12:58 - Run 1 OTL by OldTimer - Version 3.2.5.0 Folder = C:\Users\corri83977\Desktop Windows Vista Business Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18904) Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy 2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 47,00% Memory free 4,00 Gb Paging File | 2,00 Gb Available in Paging File | 59,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 74,22 Gb Total Space | 36,63 Gb Free Space | 49,35% Space Free | Partition Type: NTFS Drive D: | 74,83 Gb Total Space | 17,79 Gb Free Space | 23,77% Space Free | Partition Type: NTFS Unable to calculate disk information. F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: ESC-090870 Current User Name: corri83977 Logged in as Administrator. Current Boot Mode: Normal Scan Mode: All users Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days Output = Minimal [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation) .hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation) [color=#E56717]========== Shell Spawning ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation) htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation) htmlfile [print] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation) scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" () Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [Parcourir avec XnView] -- "C:\Program Files\XnView\xnview.exe" "%1" (XnView, http://www.xnview.com) Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" () Directory [Xinorbis4] -- "C:\Program Files\freshney.org\Xinorbis4\x4.exe" "%1" () Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 "AntiVirusDisableNotify" = 0x00000000 "FirewallDisableNotify" = 0x00000000 "UpdatesDisableNotify" = 0x00000000 "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 "VistaSp1" = Reg Error: Unknown registry data type -- File not found "VistaSp2" = Reg Error: Unknown registry data type -- File not found [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\S-1-5-21-815019230-3665974807-84351104-1000] "EnableNotifications" = 0 "EnableNotificationsRef" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [color=#E56717]========== Authorized Applications List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "C:\Program Files\OrangeHSS\Connectivity\ConnectivityManager.exe" = C:\Program Files\OrangeHSS\Connectivity\ConnectivityManager.exe:*:enabled:CSS -- (France Telecom SA) "C:\Program Files\Free Music Zilla\FMZilla.exe" = C:\Program Files\Free Music Zilla\FMZilla.exe:*:Enabled:FMZilla -- () [color=#E56717]========== Vista Active Open Ports Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{5F7EB1F5-0E2B-432B-B1F4-DA76AF06CAD5}" = lport=2869 | protocol=6 | dir=in | app=system | "{7E56615A-9FCD-43D0-9A5B-3FB74196BF3D}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe | [color=#E56717]========== Vista Active Application Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{115EB637-39EF-4F1C-BA3C-08C41AC93F95}" = protocol=17 | dir=in | app=c:\program files\dmv\maxtv4\maxtv.exe | "{23770829-F7B3-42C7-8E12-2E39B91B31FF}" = protocol=17 | dir=in | app=c:\program files\limewire\limewire.exe | "{3DA6DA48-39FB-4611-9C48-3953B52C4B25}" = protocol=6 | dir=in | app=c:\program files\sports interactive\football manager 2010\fm.exe | "{44D20F4D-5556-40D3-AB5C-84E54F1E09DF}" = protocol=6 | dir=in | app=c:\program files\dmv\maxtv4\core\maxtv_xul.exe | "{4FAFD00B-E59A-4099-A882-51E01A5DFBD1}" = protocol=6 | dir=in | app=c:\program files\dmv\maxtv4\maxtv.exe | "{5CED006D-23BA-4783-A37C-F25FFAF7B958}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{5D88B61B-D436-4C67-B588-6B9057179EE0}" = protocol=17 | dir=in | app=c:\program files\dmv\maxtv4\recorder.exe | "{77294975-5B7F-4544-A4F7-5190021B639C}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{8AA3E372-CAE1-4DB6-AC97-61BCFA08616E}" = protocol=17 | dir=in | app=c:\program files\sports interactive\football manager 2010\fm.exe | "{92DB7319-746C-40F1-8E6F-E9C57A562B32}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe | "{95F8B704-5669-44DB-9E14-465C753B29FA}" = protocol=6 | dir=in | app=c:\program files\dmv\maxtv4\recorder.exe | "{A8FA9AC1-1CF1-4ADC-8B52-B45D117993EC}" = protocol=17 | dir=in | app=c:\program files\limewire\limewire.exe | "{AABDB6B1-5CC3-4BE3-8DF1-80046F12FB01}" = dir=in | app=c:\program files\windows live\messenger\wlcsdk.exe | "{BDC2315C-5469-4FA2-AB34-2158DBF238D6}" = protocol=6 | dir=in | app=c:\program files\limewire\limewire.exe | "{C4960A73-CEA4-4B5F-B01D-140DC6276EF2}" = protocol=6 | dir=in | app=c:\program files\limewire\limewire.exe | "{EC35E2FD-6A5C-4CAE-A04B-6F609020C025}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe | "{EC840B6E-D30B-45FB-BE44-442047F18348}" = protocol=17 | dir=in | app=c:\program files\dmv\maxtv4\core\maxtv_xul.exe | "{EDA48932-7EE2-40CF-B79D-A6C49E5007A5}" = dir=in | app=c:\program files\skype\phone\skype.exe | "TCP Query User{1291D6CF-411C-4FCD-9085-67ECCC14D121}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe | "TCP Query User{6E691009-A0A2-430D-B3F0-E9318F19F83D}C:\program files\free music zilla\fmzilla.exe" = protocol=6 | dir=in | app=c:\program files\free music zilla\fmzilla.exe | "TCP Query User{A5D780C2-EEFF-47D5-842F-9DA337867A6B}C:\program files\real\realplayer\recordingmanager.exe" = protocol=6 | dir=in | app=c:\program files\real\realplayer\recordingmanager.exe | "TCP Query User{E4B96BC6-B50C-40ED-9C4F-8BDC22CE21F9}C:\program files\real\realplayer\realplay.exe" = protocol=6 | dir=in | app=c:\program files\real\realplayer\realplay.exe | "TCP Query User{E9A81B61-D1D5-4C20-B412-0CE82423F8AD}C:\program files\secondlife\slvoice.exe" = protocol=6 | dir=in | app=c:\program files\secondlife\slvoice.exe | "TCP Query User{FE0FA1E4-E17E-4E4B-A279-D2065092F912}C:\program files\free music zilla\fmzilla.exe" = protocol=6 | dir=in | app=c:\program files\free music zilla\fmzilla.exe | "UDP Query User{18A754BC-B588-4C18-98DA-F1A8E6CD0B7F}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe | "UDP Query User{217CA344-7E8B-4D21-9CD4-8D58F2CCBBA6}C:\program files\real\realplayer\realplay.exe" = protocol=17 | dir=in | app=c:\program files\real\realplayer\realplay.exe | "UDP Query User{56141618-DFB7-4266-B9D3-48F90F6D3BEE}C:\program files\free music zilla\fmzilla.exe" = protocol=17 | dir=in | app=c:\program files\free music zilla\fmzilla.exe | "UDP Query User{8B94A0A8-B35F-4457-91FD-E121A04EC587}C:\program files\secondlife\slvoice.exe" = protocol=17 | dir=in | app=c:\program files\secondlife\slvoice.exe | "UDP Query User{C908A544-386A-4CC5-B299-87103C6E0E1D}C:\program files\real\realplayer\recordingmanager.exe" = protocol=17 | dir=in | app=c:\program files\real\realplayer\recordingmanager.exe | "UDP Query User{E7F7ADF0-CDDC-4527-9B1C-5CE0C704C7C3}C:\program files\free music zilla\fmzilla.exe" = protocol=17 | dir=in | app=c:\program files\free music zilla\fmzilla.exe | [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator "{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam "{059C042E-796A-4ACC-A81A-ECC2010BB78C}" = Windows Live Messenger "{08E81ABD-79F7-49C2-881F-FD6CB0975693}" = Roxio Creator Data "{095CCABA-A465-40E8-A518-30103EBD7170}" = Aide d'Activstudio (FRA) v3.5.1 "{09A3BCF1-CB0C-4D24-A2B9-EE4918B60E62}" = HP Wallpaper "{0DFB3DE8-65B9-44FF-AA0A-3BECC5A2BFD1}" = Adobe Flash Player 10 Plugin "{0F31081B-2E83-4E38-B847-A74E9979DA64}" = MEDIAplus Plugin "{10A44844-4465-456E-8C97-80BDD4F68845}" = Assistant de connexion Windows Live ID "{13F3917B56CD4C25848BDC69916971BB}" = DivX Converter "{1451DE6B-ABE1-4F62-BE9A-B363A17588A2}" = QuickTime "{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{1F54DAFA-9261-4A62-B59D-6C9F26B48FE4}" = Roxio Creator Tools "{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Outil de téléchargement Windows Live "{2231CE39-B963-4B9D-823A-F412ECA637B1}" = Windows Live Writer "{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT "{26A24AE4-039D-4CA4-87B4-2F83216015FF}" = Java(TM) 6 Update 15 "{2C8B4F5E-1698-45E4-924C-F235B0BBB5C1}" = Certiport iQsystem 6.2 "{30A2A953-DEB1-466A-B660-F4399C7C6B9D}" = Roxio MyDVD "{34D2AB40-150D-475D-AE32-BD23FB5EE355}" = HP Quick Launch Buttons "{399C37FB-08AF-493B-BFED-20FBD85EDF7F}" = HP Webcam Driver "{3AF7602F-5BCC-4C6D-944F-86BD7B723E6B}" = Certiport iQsystem 6.2 "{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform "{3BA904CF-8B75-41AF-A5D2-F18A511536CA}" = LightScribe System Software "{3E31821C-7917-367E-938E-E65FC413EA31}" = Microsoft .NET Framework 3.5 Language Pack SP1 - fra "{3FA365DF-2D68-45ED-8F83-8C8A33E65143}" = Apple Application Support "{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker "{44E54A81-9D91-4AA1-9417-80AFF134F5FF}" = Galerie de photos Windows Live "{46422285-1723-43AB-AEA0-47DE12016A1C}" = Certiport iQsystem - French "{4DE3E3D9-AE81-45DE-9195-3015F7B1DBF3}" = Junk Mail filter update "{50391F9C-82FF-458F-A77B-DEF724E6140D}" = Service anti-programme malveillant Microsoft Forefront Client Security "{52F3D4F5-A928-40CE-B2C1-E827AAA5975B}" = HP 3D DriveGuard "{537BF16E-7412-448C-95D8-846E85A1D817}" = Roxio Creator Business "{541DEAC0-5F3D-45E6-B7CB-94ECF3B96748}" = Skype web features "{5D97A4A7-C274-4B63-86D9-07A33435F505}" = InterVideo DVD Check "{63DC2DA0-2A6C-4C38-9249-B75395458657}" = Windows Live Mail "{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler 3 "{69333A04-5134-40A5-A055-9166A7AA1EC8}" = "{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update "{6B102825-6DEC-4808-BFE7-E4A596E7D8E6}" = Activdriver v4.1.12 "{732A3F80-008B-4350-BD58-EC5AE98707B8}" = HP Common Access Service Library "{7370DF47-B4F9-4279-BFC3-3F09919F720D}" = Installation Windows Live "{73A4F29F-31AC-4EBD-AA1B-0CC5F18C8F83}" = Roxio Creator Audio "{767CC44C-9BBC-438D-BAD3-FD4595DD148B}" = VC80CRTRedist - 8.0.50727.762 "{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec "{82BB647B-C09E-423D-8395-BFFBA0B8644B}" = TOL 7.0.27.6 Components "{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}" = Windows Live Call "{868291A4-229E-4795-B0B0-E60E87AF53CD}" = Sibelius Scorch (ActiveX Only) "{88657318-544E-445B-A806-B8099C617BFF}" = Ressources Activstudio (FRA) v3.5.1 "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player "{8D337F77-BE7F-41A2-A7CB-D5A63FD7049B}" = Sonic CinePlayer Decoder Pack "{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}" = Choice Guard "{90120000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2007 "{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0015-040C-0000-0000000FF1CE}" = Microsoft Office Access MUI (French) 2007 "{90120000-0015-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0016-040C-0000-0000000FF1CE}" = Microsoft Office Excel MUI (French) 2007 "{90120000-0016-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0016-040C-0000-0000000FF1CE}_STANDARD_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0018-040C-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (French) 2007 "{90120000-0018-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0018-040C-0000-0000000FF1CE}_STANDARD_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0019-040C-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (French) 2007 "{90120000-0019-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001A-040C-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (French) 2007 "{90120000-001A-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001A-040C-0000-0000000FF1CE}_STANDARD_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001B-040C-0000-0000000FF1CE}" = Microsoft Office Word MUI (French) 2007 "{90120000-001B-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001B-040C-0000-0000000FF1CE}_STANDARD_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001F-0401-0000-0000000FF1CE}" = Microsoft Office Proof (Arabic) 2007 "{90120000-001F-0401-0000-0000000FF1CE}_PROPLUS_{14809F99-C601-4D4A-9391-F1E8FAA964C5}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-0401-0000-0000000FF1CE}_STANDARD_{14809F99-C601-4D4A-9391-F1E8FAA964C5}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007 "{90120000-001F-0407-0000-0000000FF1CE}_PROPLUS_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-0407-0000-0000000FF1CE}_STANDARD_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007 "{90120000-001F-0409-0000-0000000FF1CE}_PROPLUS_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-0409-0000-0000000FF1CE}_STANDARD_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007 "{90120000-001F-040C-0000-0000000FF1CE}_PROPLUS_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-040C-0000-0000000FF1CE}_STANDARD_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-0413-0000-0000000FF1CE}" = Microsoft Office Proof (Dutch) 2007 "{90120000-001F-0413-0000-0000000FF1CE}_PROPLUS_{D66D5A44-E480-4BA4-B4F2-C554F6B30EBB}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-0413-0000-0000000FF1CE}_STANDARD_{D66D5A44-E480-4BA4-B4F2-C554F6B30EBB}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007 "{90120000-001F-0C0A-0000-0000000FF1CE}_PROPLUS_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-0C0A-0000-0000000FF1CE}_STANDARD_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-002C-040C-0000-0000000FF1CE}" = Microsoft Office Proofing (French) 2007 "{90120000-0044-040C-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (French) 2007 "{90120000-0044-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-006E-040C-0000-0000000FF1CE}" = Microsoft Office Shared MUI (French) 2007 "{90120000-006E-040C-0000-0000000FF1CE}_PROPLUS_{B165D3C2-40AE-4D39-86F7-E5C87C4264C0}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-006E-040C-0000-0000000FF1CE}_STANDARD_{B165D3C2-40AE-4D39-86F7-E5C87C4264C0}" = Microsoft Office 2007 Service Pack 2 (SP2) "{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager "{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}" = InterVideo WinDVD "{929B1254-D7F9-403A-8234-EE348E448820}" = Activstudio Professional Edition v3.5 "{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting "{99A4344A-C723-4661-A507-D9D939480358}" = Cisco LEAP Module "{9A394342-4A68-4EBA-85A6-55B559F4E700}" = Microsoft .NET Framework 1.1 French Language Pack "{9BFD5911-93E3-42BB-BFCD-50E4BA5B8D67}" = Cisco EAP-FAST Module "{9C5EB781-0D37-44B8-9A58-77B3E4BF5F5E}" = Windows Live Sync "{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}" = HP Integrated Module with Bluetooth wireless technology "{A96E97134CA649888820BCDE5E300BBD}" = H.264 Decoder "{AAC389499AEF40428987B3D30CFC76C9}" = MKV Splitter "{AC76BA86-7AD7-1036-7B44-A91000000001}" = Adobe Reader 9.1 - Français "{AE3CF174-872C-46C6-B9F6-C0593F3BC7B8}" = Microsoft Office Live Add-in 1.4 "{AEF9DC35ADDF4825B049ACBFD1C6EB37}" = AAC Decoder "{B0344B38-378B-47E0-BDCC-977785D24768}" = Integrated Camera Driver Installer Package Ver.1.15.110.0 "{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter "{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy "{B6A26DE5-F2B5-4D58-9570-4FC760E00FCD}" = Roxio Creator Copy "{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player "{BC1FD114-0FD0-4C86-85E4-1FD10765D961}" = Documents Activstudio (FRA) v3.5.1 "{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1 "{CD344FA5-6657-47CD-940F-8727EED35595}" = Cisco PEAP Module "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.1 "{E8B56B38-A826-11DB-8C83-0011430C73A4}" = Microsoft Forefront Client Security State Assessment Service "{EC877639-07AB-495C-BFD1-D63AF9140810}" = Roxio Activation Module "{ED439A64-F018-4DD4-8BA5-328D85AB09AB}" = Roxio Creator Business v10 "{F0A37341-D692-11D4-A984-009027EC0A9C}" = SoundMAX "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU] "{F18DB86D-BC16-4E01-BCCE-63F62B931D82}" = InterVideo Register Manager "{F495E7CB-625F-4331-BFD4-0FA7CF8CF7A7}" = MEDIAplus Office 2007 FF "{FC759117-A409-4939-8A50-243A867C9F35}" = MEDIAplus Plugin "{FECEF9D2-9D3D-449B-9EA4-CFA775C99464}" = AuthenTec Fingerprint System "{FF05D3BC-A231-4E7E-86AE-7C7349421F9F}" = iQsystem 6.2 Patch "{ORAHSS}.UninstallSuite" = Orange - Logiciels Internet "7-Zip" = 7-Zip 4.65 "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Adobe Shockwave Player" = Adobe Shockwave Player 11.5 "Agere Systems Soft Modem" = Agere Systems HDA Modem "avast5" = avast! Free Antivirus "Broadcom 802.11b Network Adapter" = Broadcom 802.11 Wireless LAN Adapter "CCleaner" = CCleaner (remove only) "DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters "Football Manager 2010" = Football Manager 2010 "Free Music Zilla_is1" = Free Music Zilla "Guitar Pro 5_is1" = Guitar Pro 5.2 "HDMI" = Intel(R) Graphics Media Accelerator Driver "Le Sphinx" = Le Sphinx "LimeWire" = LimeWire 5.4.6 "Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware "Marvell Miniport Driver" = Marvell Miniport Driver "MaxTV" = MaxTV "Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1 "Microsoft .NET Framework 3.5 Language Pack SP1 - fra" = Module linguistique Microsoft .NET Framework 3.5 SP1- fra "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "Nvu_is1" = Nvu 1.0 "PROPLUS" = Microsoft Office Professional Plus 2007 "RealPlayer 6.0" = RealPlayer "ScummVM_is1" = ScummVM 1.0.0 "SecondLife" = SecondLife (remove only) "ShockwaveFlash" = Adobe Flash Player 9 ActiveX "SynTPDeinstKey" = Synaptics Pointing Device Driver "VLC media player" = VLC media player 1.0.1 "WinLiveSuite_Wave3" = Installation Windows Live "XnView_is1" = XnView 1.96.2 "Xvid_is1" = Xvid 1.2.2 final uninstall [color=#E56717]========== HKEY_USERS Uninstall List ==========[/color] [HKEY_USERS\S-1-5-21-1834913581-721874356-3486338912-9079\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "Antimalware Doctor" = Antimalware Doctor "GanttProject 2.0.10" = GanttProject 2.0.10 [color=#E56717]========== Last 10 Event Log Errors ==========[/color] [ Application Events ] Error - 22/03/2010 15:07:11 | Computer Name = esc-090870.student.grenoble-em.com | Source = Application Error | ID = 1000 Description = Application défaillante FMZilla.exe, version 2.0.0.3, horodatage 0x4af269ee, module défaillant FMZilla.exe, version 2.0.0.3, horodatage 0x4af269ee, code d’exception 0xc0000005, décalage d’erreur 0x000341a0, ID du processus 0xd60, heure de début de l’application 0x01cac9d1605f923f. Error - 23/03/2010 12:40:38 | Computer Name = esc-090870.student.grenoble-em.com | Source = Application Error | ID = 1000 Description = Application défaillante iexplore.exe, version 8.0.6001.18882, horodatage 0x4b3ed243, module défaillant mshtml.dll, version 8.0.6001.18882, horodatage 0x4b3ee91c, code d’exception 0xc0000005, décalage d’erreur 0x0042d43d, ID du processus 0x59c, heure de début de l’application 0x01cac9d1d57f0faf. Error - 23/03/2010 14:43:59 | Computer Name = esc-090870.student.grenoble-em.com | Source = Application Error | ID = 1000 Description = Application défaillante iexplore.exe, version 8.0.6001.18882, horodatage 0x4b3ed243, module défaillant mshtml.dll, version 8.0.6001.18882, horodatage 0x4b3ee91c, code d’exception 0xc0000005, décalage d’erreur 0x0042d43d, ID du processus 0x1f34, heure de début de l’application 0x01cacab86fcf72e0. Error - 23/03/2010 16:11:44 | Computer Name = esc-090870.student.grenoble-em.com | Source = Application Error | ID = 1000 Description = Application défaillante iexplore.exe, version 8.0.6001.18882, horodatage 0x4b3ed243, module défaillant mshtml.dll, version 8.0.6001.18882, horodatage 0x4b3ee91c, code d’exception 0xc0000005, décalage d’erreur 0x0042d43d, ID du processus 0xa28, heure de début de l’application 0x01cacac2c2391ef0. Error - 23/03/2010 19:35:41 | Computer Name = esc-090870.student.grenoble-em.com | Source = Application Error | ID = 1000 Description = Application défaillante iexplore.exe, version 8.0.6001.18882, horodatage 0x4b3ed243, module défaillant mshtml.dll, version 8.0.6001.18882, horodatage 0x4b3ee91c, code d’exception 0xc0000005, décalage d’erreur 0x0042d43d, ID du processus 0xf10, heure de début de l’application 0x01cacaa8be451f70. Error - 24/03/2010 07:37:12 | Computer Name = esc-090870.student.grenoble-em.com | Source = Application Error | ID = 1000 Description = Application défaillante iexplore.exe, version 8.0.6001.18882, horodatage 0x4b3ed243, module défaillant mshtml.dll, version 8.0.6001.18882, horodatage 0x4b3ee91c, code d’exception 0xc0000005, décalage d’erreur 0x0042d43d, ID du processus 0x253c, heure de début de l’application 0x01cacb2bc81370f0. Error - 25/03/2010 02:44:22 | Computer Name = esc-090870.student.grenoble-em.com | Source = System Restore | ID = 8193 Description = Error - 25/03/2010 02:45:44 | Computer Name = esc-090870.student.grenoble-em.com | Source = Application Error | ID = 1000 Description = Application défaillante iexplore.exe, version 8.0.6001.18882, horodatage 0x4b3ed243, module défaillant mshtml.dll, version 8.0.6001.18882, horodatage 0x4b3ee91c, code d’exception 0xc0000005, décalage d’erreur 0x0042d43d, ID du processus 0x237c, heure de début de l’application 0x01cacb576adef3b0. Error - 25/03/2010 05:57:18 | Computer Name = esc-090870.student.grenoble-em.com | Source = Application Error | ID = 1000 Description = Application défaillante iexplore.exe, version 8.0.6001.18882, horodatage 0x4b3ed243, module défaillant mshtml.dll, version 8.0.6001.18882, horodatage 0x4b3ee91c, code d’exception 0xc0000005, décalage d’erreur 0x0042d43d, ID du processus 0x19c0, heure de début de l’application 0x01cacbe9ab8a8180. Error - 25/03/2010 05:57:39 | Computer Name = esc-090870.student.grenoble-em.com | Source = Application Error | ID = 1000 Description = Application défaillante iexplore.exe, version 8.0.6001.18882, horodatage 0x4b3ed243, module défaillant mshtml.dll, version 8.0.6001.18882, horodatage 0x4b3ee91c, code d’exception 0xc0000005, décalage d’erreur 0x00109189, ID du processus 0x2710, heure de début de l’application 0x01cacc0147ad4db0. [ OSession Events ] Error - 22/09/2009 10:35:35 | Computer Name = esc-090870.student.grenoble-em.com | Source = Microsoft Office 12 Sessions | ID = 7001 Description = ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6504.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 2852 seconds with 1260 seconds of active time. This session ended with a crash. Error - 28/09/2009 18:18:19 | Computer Name = esc-090870.student.grenoble-em.com | Source = Microsoft Office 12 Sessions | ID = 7001 Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application Version: 12.0.6500.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 15636 seconds with 960 seconds of active time. This session ended with a crash. Error - 30/10/2009 12:35:17 | Computer Name = esc-090870.student.grenoble-em.com | Source = Microsoft Office 12 Sessions | ID = 7001 Description = ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6504.5001, Microsoft Office Version: 12.0.6425.1000. This session lasted 674 seconds with 180 seconds of active time. This session ended with a crash. [ System Events ] Error - 19/05/2010 20:40:27 | Computer Name = esc-090870.student.grenoble-em.com | Source = Service Control Manager | ID = 7000 Description = Error - 19/05/2010 20:40:45 | Computer Name = esc-090870.student.grenoble-em.com | Source = Microsoft-Windows-GroupPolicy | ID = 1129 Description = Échec du traitement de la stratégie de groupe en raison d’une absence de connectivité réseau vers un contrôleur de domaine. Il peut s’agir d’un problème temporaire. Un message de réussite est généré une fois que l’ordinateur est connecté au contrôleur de domaine et que la stratégie de groupe est correctement traitée. Si aucun message de réussite ne s’affiche pendant plusieurs heures, contactez votre administrateur. Error - 19/05/2010 20:40:46 | Computer Name = esc-090870.student.grenoble-em.com | Source = Microsoft-Windows-GroupPolicy | ID = 1129 Description = Échec du traitement de la stratégie de groupe en raison d’une absence de connectivité réseau vers un contrôleur de domaine. Il peut s’agir d’un problème temporaire. Un message de réussite est généré une fois que l’ordinateur est connecté au contrôleur de domaine et que la stratégie de groupe est correctement traitée. Si aucun message de réussite ne s’affiche pendant plusieurs heures, contactez votre administrateur. Error - 19/05/2010 20:44:55 | Computer Name = esc-090870.student.grenoble-em.com | Source = FcsSas | ID = 141078 Description = Stratégie du service Forefront Client Security State Assessment Service appliquée avec des erreurs. Paramètres suivants restaurés : Type de planification : Intervalle Heure : 12 Paramètre Error - 19/05/2010 21:30:44 | Computer Name = esc-090870.student.grenoble-em.com | Source = NETLOGON | ID = 5719 Description = Cet ordinateur n'a pas pu configurer une session sécurisée avec un contrôleur de domaine dans le domaine STUDENT pour la raison suivante : %%1311 Cela peut entraîner des problèmes d'authentification. Vérifiez que cet ordinateur est connecté au réseau. Si le problème persiste, contactez votre administrateur de domaine. INFORMATIONS SUPPLÉMENTAIRES Si cet ordinateur est un contrôleur de domaine pour le domaine spécifié, il installe la session sécurisée sur l'émulateur de contrôleur de domaine principal dans le domaine spécifié. Sinon, cet ordinateur installe la session sécurisée sur n'importe quel contrôleur de domaine du domaine spécifié. Error - 19/05/2010 21:31:36 | Computer Name = esc-090870.student.grenoble-em.com | Source = Microsoft-Windows-GroupPolicy | ID = 1129 Description = Échec du traitement de la stratégie de groupe en raison d’une absence de connectivité réseau vers un contrôleur de domaine. Il peut s’agir d’un problème temporaire. Un message de réussite est généré une fois que l’ordinateur est connecté au contrôleur de domaine et que la stratégie de groupe est correctement traitée. Si aucun message de réussite ne s’affiche pendant plusieurs heures, contactez votre administrateur. Error - 19/05/2010 21:31:38 | Computer Name = esc-090870.student.grenoble-em.com | Source = Microsoft-Windows-GroupPolicy | ID = 1129 Description = Échec du traitement de la stratégie de groupe en raison d’une absence de connectivité réseau vers un contrôleur de domaine. Il peut s’agir d’un problème temporaire. Un message de réussite est généré une fois que l’ordinateur est connecté au contrôleur de domaine et que la stratégie de groupe est correctement traitée. Si aucun message de réussite ne s’affiche pendant plusieurs heures, contactez votre administrateur. Error - 19/05/2010 21:32:09 | Computer Name = esc-090870.student.grenoble-em.com | Source = Service Control Manager | ID = 7000 Description = Error - 19/05/2010 21:35:45 | Computer Name = esc-090870.student.grenoble-em.com | Source = FcsSas | ID = 141078 Description = Stratégie du service Forefront Client Security State Assessment Service appliquée avec des erreurs. Paramètres suivants restaurés : Type de planification : Intervalle Heure : 12 Paramètre Error - 20/05/2010 05:10:53 | Computer Name = esc-090870.student.grenoble-em.com | Source = NETLOGON | ID = 5719 Description = Cet ordinateur n'a pas pu configurer une session sécurisée avec un contrôleur de domaine dans le domaine STUDENT pour la raison suivante : %%1311 Cela peut entraîner des problèmes d'authentification. Vérifiez que cet ordinateur est connecté au réseau. Si le problème persiste, contactez votre administrateur de domaine. INFORMATIONS SUPPLÉMENTAIRES Si cet ordinateur est un contrôleur de domaine pour le domaine spécifié, il installe la session sécurisée sur l'émulateur de contrôleur de domaine principal dans le domaine spécifié. Sinon, cet ordinateur installe la session sécurisée sur n'importe quel contrôleur de domaine du domaine spécifié. < End of report >

EDIT Skynet : balises [code] ajoutées.

Skynet · le 20 Mai 2010 14:20

Bonjour,

vous avez une consigne en haut du forum pour les rapports, de même lorsque vous postez c'est encore indiqué bien évidence.

Merci de la respecter.

Bonne continuation.

jeanmimigab · le 20 Mai 2010 19:37

bonsoir,

il est bien infecté dit donc ton pc, je regarde les rapports :wink:

jeanmimigab · le 20 Mai 2010 19:47

re moi,

tu as une infection qui se propage par support amovible (Clef USB, DD externe, carte photo SD,etc;;;

pendant que j'analyse en détaille le rapport fait cela...

Branche tes clefs USB, DD externe (en position "marche) etc...

Télécharge USBFix ( par Chiquitine29, C_XX & Chimay8 ) sur ton bureau,

Fais un double-clic sur l'icône d'USBFix afin de le lancer.
Fais le choix F (Français) et valide avec la touche Entrée
Fais le choix N°1 (recherche) et valide avec la touche Entrée
Laisse travailler USBFix et poste le rapport qui sera générer en fin de scan en utilisant les balises [code ] [/code].
Ne choisis pas d'autres options sans mon accord

@SkYnet: je ne met pas mes script de commandes en balise code, car en copié/collé cela rajoute une marge que les tools de scan/suppression ne peuvent pas gérer

Manuch78 · le 20 Mai 2010 20:24

Je suis en train de faire le scan, mais le problème est que j'ai deux clé USB que j'utilise souvent qui sont à 900 Km de chez moi donc impossible à récupérer...Le problème peut-il provenir de ces clés?

Manuch78 · le 20 Mai 2010 20:30

Voilà le rapport

Code: Tout sélectionner: ############################## | UsbFix V6.114 | User : corri83977 () # ESC-090870 Update on 17/05/2010 by El Desaparecido , C_XX & Chimay8 Start at: 21:21:34 | 20/05/2010 Website : http://pagesperso-orange.fr/NosTools/index.html Contact : FindyKill.Contact@gmail.com Intel(R) Core(TM)2 Duo CPU P7570 @ 2.26GHz Microsoft® Windows Vista™ Professionnel (6.0.6002 32-bit) # Service Pack 2 Internet Explorer 8.0.6001.18904 Windows Firewall Status : Enabled C:\ -> Disque fixe local # 74,22 Go (36,33 Go free) [SYSTEME] # NTFS D:\ -> Disque fixe local # 74,83 Go (17,79 Go free) [DONNEES] # NTFS E:\ -> Disque CD-ROM # 0 Mo (0 Mo free) [Audio CD] # CDFS F:\ -> Disque CD-ROM # 2,32 Go (0 Mo free) [FM2010] # UDF G:\ -> Disque amovible # 1,87 Go (311,28 Mo free) [UDISK] # FAT ################## | Elements infectieux | C:\Windows\Tasks\{8C3FDD81-7AE0-4605-A46A-2488B179F2A3}.job C:\Windows\System32\autorun.inf C:\Windows\System32\sshnas21.dll F:\autorun.inf F:\autorun.exe G:\autorun.inf ################## | Registre | [HKCU\SOFTWARE\M5T8QL3YW3] [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "M5T8QL3YW3" [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "corri83977" ################## | Mountpoints2 | HKCU\..\..\Explorer\MountPoints2\{04f5be64-1a1c-11df-a3fa-0025b375d22d} shell\AutoRun\command =C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL CORRI83977.EXe HKCU\..\..\Explorer\MountPoints2\{0e4d9d9f-fca5-11de-a8c8-0025b375d22d} shell\AutoRun\command =C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL F:\nobLe84759.EXE HKCU\..\..\Explorer\MountPoints2\{2a35a372-35c4-11df-a5e0-00247e91681d} shell\AutoRun\command =C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL G:\RABeA84793.exe HKCU\..\..\Explorer\MountPoints2\{5a63ca30-dac9-11de-9593-00247e91681d} shell\AutoRun\command =C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL CorRI83977.EXE HKCU\..\..\Explorer\MountPoints2\{5ada477e-238c-11df-96d6-00247e91681d} shell\AutoRun\command =G:\LaunchU3.exe -a HKCU\..\..\Explorer\MountPoints2\{636838d1-9c40-11de-bdf5-00247e91681d} shell\AutoRun\command =C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL F:\activation_kms.bat HKCU\..\..\Explorer\MountPoints2\{64a91371-e965-11de-9b75-00247e91681d} shell\AutoRun\command =F:\svchost.exe HKCU\..\..\Explorer\MountPoints2\{7a542e6d-e3dd-11de-baef-00247e91681d} shell\AutoRun\command =F:\svchost.exe HKCU\..\..\Explorer\MountPoints2\{7bc4ae70-ae08-11de-8eb3-00247e91681d} shell\AutoRun\command =svchost.exe HKCU\..\..\Explorer\MountPoints2\{9bd9c023-c5b6-11de-b17f-00247e91681d} shell\AutoRun\command =F:\svchost.exe HKCU\..\..\Explorer\MountPoints2\{ae589f21-dd9e-11de-a808-00247e91681d} shell\AutoRun\command =G:\svchost.exe HKCU\..\..\Explorer\MountPoints2\{bdb9a7de-0433-11df-b808-00247e91681d} shell\AutoRun\command =C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL cOrri83977.EXe HKCU\..\..\Explorer\MountPoints2\{d70870c4-283b-11df-a8e9-00247e91681d} shell\AutoRun\command =F:\autorun.exe ################## | Vaccin | ################## | ! Fin du rapport # UsbFix V6.114 ! |

jeanmimigab · le 20 Mai 2010 20:47

OK,

Relance USBFix et choisie l'option N°2(Suppression)

ensuite

* Fait un double-clic sur l'icône d'OTL pour le lancer
/!\ pour Vista/Seven fais un clic-droit sur l'icône d'OTL et choisis "Exécuter en tant qu'administrateur"

* Assure toi d'avoir fermé toutes les applications en court de fonctionnement.

* Quand la fenêtre d'OTL apparaît, assure toi que dans la section "Rapport" (en haut à droite) la case "Rapport minimal" soit cochée.

* Copies et colles le contenue de cette citation dans la partie inférieure d'OTL "Personnalisation"

:Files
C:\Program Files\LimeWire
C:\ProgramData\Activ Software
C:\Windows\tasks\{8C3FDD81-7AE0-4605-A46A-2488B179F2A3}.job
C:\Windows\lsrslt.ini
C:\Windows\System32\tmp.reg
C:\Users\Etudiant\Desktop\Antimalware Doctor.lnk
C:\Windows\System32\sshnas21.dll
C:\Users\corri83977\AppData\Roaming\019EAFC61E3E101EECC29BFB70B2AB7C
C:\Users\corri83977\AppData\Roaming\LimeWire
C:\DOTT.EXE
C:\TENTACLE.EXE
C:\Users\corri83977\AppData\Roaming\019EAFC61E3E101EECC29BFB70B2AB7C\gotnewupdate000.exe

:OTL
PRC - C:\Program Files\LimeWire\LimeWire.exe (Lime Wire, LLC)
MOD - C:\ProgramData\Activ Software\ActivApplications\ActivFocusHook.dll ()
O3 - HKLM\..\Toolbar: (no name) - - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4 - HKLM\..\Run: [AWDPopupInit] File not found
O4 - HKLM\..\Run: [AWDTSGate] File not found
O4 - HKU\S-1-5-21-1834913581-721874356-3486338912-9079\..\Run: [corri83977] C:\Users\corri83977\corri83977.exe File not found
O4 - HKU\S-1-5-21-1834913581-721874356-3486338912-9079\..\Run: [M5T8QL3YW3] C:\Users\CORRI8~1\AppData\Local\Temp\Qdd.exe File not found
O4 - Startup: C:\Users\corri83977\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LimeWire On Startup.lnk = C:\Program Files\LimeWire\LimeWire.exe (Lime Wire, LLC)
O4 - HKU\S-1-5-21-1834913581-721874356-3486338912-9079..\Run: [gotnewupdate000.exe] C:\Users\corri83977\AppData\Roaming\019EAFC61E3E101EECC29BFB70B2AB7C\gotnewupdate000.exe (MS)
:Commands
[emptytemp]

* Cliques sur l'icône "Correction" (en haut à gauche) .
* Laisse le scan aller à son terme sans te servir du PC
* A la fin du scan un rapports va s'ouvrir "OTL.Txt".
* Copie et colle le rapport dans ta réponse stp...
* Au cas où, tu peux les retrouver dans le dossier C:\OTL ou sur ton bureau en fonction des cas rencontrés

Donc pour résumer, il me faut:
Le rapport USBFix optionN°2
Le rapport généré par OTL

@++

Skynet · le 20 Mai 2010 20:52

jeanmimigab a écrit:@SkYnet: je ne met pas mes script de commandes en balise code, car en copié/collé cela rajoute une marge que les tools de scan/suppression ne peuvent pas gérer

Viiii, mais quand je disais "Vous" c'était pas vous "deux".

Du coup, même réponse que pour Bernard53 :

Skynet a écrit:@bernard53 : oh tu sais c'est pas bien méchant si tu oublies les balises [code], les helpers ont rarement des posts à rallonge. C'est surtout les demandeurs qui doivent passer par là . J'ai revu une quinzaine de topics (les derniers) et c'est fou comme le scroll devient plus agréable.

++

Manuch78 · le 20 Mai 2010 21:36

Le rapport USBFIX 2:

Code: Tout sélectionner: ############################## | UsbFix V6.114 | User : corri83977 () # ESC-090870 Update on 17/05/2010 by El Desaparecido , C_XX & Chimay8 Start at: 22:26:42 | 20/05/2010 Website : http://pagesperso-orange.fr/NosTools/index.html Contact : FindyKill.Contact@gmail.com Intel(R) Core(TM)2 Duo CPU P7570 @ 2.26GHz Microsoft® Windows Vista™ Professionnel (6.0.6002 32-bit) # Service Pack 2 Internet Explorer 8.0.6001.18904 Windows Firewall Status : Enabled C:\ -> Disque fixe local # 74,22 Go (36,32 Go free) [SYSTEME] # NTFS D:\ -> Disque fixe local # 74,83 Go (18,07 Go free) [DONNEES] # NTFS E:\ -> Disque CD-ROM # 0 Mo (0 Mo free) [Audio CD] # CDFS F:\ -> Disque CD-ROM G:\ -> Disque amovible # 1,87 Go (311,25 Mo free) [UDISK] # FAT ################## | Elements infectieux | Supprimé ! C:\$Recycle.Bin\S-1-5-21-1834913581-721874356-3486338912-9079 Supprimé ! D:\$Recycle.Bin\S-1-5-21-1834913581-721874356-3486338912-9079 ################## | Registre | ################## | Mountpoints2 | ################## | Listing des fichiers présent | [18/09/2006 23:43|--a------|24] C:\autoexec.bat [11/04/2009 15:20|-rahs----|333257] C:\bootmgr [10/08/2009 08:13|-ra-s----|8192] C:\BOOTSECT.BAK [13/05/2010 19:59|--a------|245271] C:\codes_dott.zip [18/09/2006 23:43|--a------|10] C:\config.sys [28/11/2009 17:28|--a------|770] C:\deltaStartup.log [?|?|?] C:\hiberfil.sys [24/12/2009 11:52|-rahs----|0] C:\IO.SYS [24/12/2009 11:52|-rahs----|0] C:\MSDOS.SYS [?|?|?] C:\pagefile.sys [20/05/2010 02:21|--a------|2555] C:\rapport.txt [13/08/2009 10:03|--a------|163] C:\Setup.log [20/05/2010 22:32|--a------|1640] C:\UsbFix.txt [20/05/2010 22:06|--a------|176123] C:\UsbFix_Upload_Me_STUDENT.zip [13/08/2009 10:00|--a------|86] C:\webcam.log [01/01/1995 02:00|-r-------|44] E:\Track01.cda [01/01/1995 02:00|-r-------|44] E:\Track02.cda [01/01/1995 02:00|-r-------|44] E:\Track03.cda [01/01/1995 02:00|-r-------|44] E:\Track04.cda [01/01/1995 02:00|-r-------|44] E:\Track05.cda [01/01/1995 02:00|-r-------|44] E:\Track06.cda [01/01/1995 02:00|-r-------|44] E:\Track07.cda [01/01/1995 02:00|-r-------|44] E:\Track08.cda [01/01/1995 02:00|-r-------|44] E:\Track09.cda [01/01/1995 02:00|-r-------|44] E:\Track10.cda [01/01/1995 02:00|-r-------|44] E:\Track11.cda [13/04/2010 18:15|--a------|1713152] G:\Doc2.doc [08/01/2009 03:35|--a------|134886] G:\Veco.docx [20/05/2010 21:59|--a------|1620] G:\BOOTEX.LOG [14/04/2010 15:56|--a------|109633] G:\Veja.docx [15/04/2010 15:37|--a------|12683] G:\Dossier de vente.docx ################## | Vaccination | # C:\autorun.inf -> Dossier créé par UsbFix (El Desaparecido). # D:\autorun.inf -> Dossier créé par UsbFix (El Desaparecido). # G:\autorun.inf -> Dossier créé par UsbFix (El Desaparecido). ################## | Upload | Veuillez envoyer le fichier : C:\UsbFix_Upload_Me_STUDENT.zip : http://chiquitine.changelog.fr/Sample/Upload.php Merci pour votre contribution . ################## | ! Fin du rapport # UsbFix V6.114 ! |

Manuch78 · le 20 Mai 2010 21:37

Le rapport OTL:

Code: Tout sélectionner: All processes killed ========== FILES ========== C:\Program Files\LimeWire\root\magnet10 folder moved successfully. C:\Program Files\LimeWire\root folder moved successfully. C:\Program Files\LimeWire\lib folder moved successfully. C:\Program Files\LimeWire\.NetworkShare folder moved successfully. C:\Program Files\LimeWire folder moved successfully. C:\ProgramData\Activ Software\Activstudio3 folder moved successfully. C:\ProgramData\Activ Software\ActivApplications folder moved successfully. C:\ProgramData\Activ Software folder moved successfully. File\Folder C:\Windows\tasks\{8C3FDD81-7AE0-4605-A46A-2488B179F2A3}.job not found. C:\Windows\lsrslt.ini moved successfully. C:\Windows\System32\tmp.reg moved successfully. C:\Users\Etudiant\Desktop\Antimalware Doctor.lnk moved successfully. File\Folder C:\Windows\System32\sshnas21.dll not found. C:\Users\corri83977\AppData\Roaming\019EAFC61E3E101EECC29BFB70B2AB7C folder moved successfully. C:\Users\corri83977\AppData\Roaming\LimeWire\xml\data folder moved successfully. C:\Users\corri83977\AppData\Roaming\LimeWire\xml folder moved successfully. C:\Users\corri83977\AppData\Roaming\LimeWire\promotion folder moved successfully. C:\Users\corri83977\AppData\Roaming\LimeWire\mozilla-profile\updates\0 folder moved successfully. C:\Users\corri83977\AppData\Roaming\LimeWire\mozilla-profile\updates folder moved successfully. C:\Users\corri83977\AppData\Roaming\LimeWire\mozilla-profile\extensions folder moved successfully. C:\Users\corri83977\AppData\Roaming\LimeWire\mozilla-profile\Cache folder moved successfully. C:\Users\corri83977\AppData\Roaming\LimeWire\mozilla-profile folder moved successfully. C:\Users\corri83977\AppData\Roaming\LimeWire\certificate folder moved successfully. C:\Users\corri83977\AppData\Roaming\LimeWire\browser\xulrunner\res\html folder moved successfully. C:\Users\corri83977\AppData\Roaming\LimeWire\browser\xulrunner\res\fonts folder moved successfully. C:\Users\corri83977\AppData\Roaming\LimeWire\browser\xulrunner\res\entityTables folder moved successfully. C:\Users\corri83977\AppData\Roaming\LimeWire\browser\xulrunner\res\dtd folder moved successfully. C:\Users\corri83977\AppData\Roaming\LimeWire\browser\xulrunner\res folder moved successfully. C:\Users\corri83977\AppData\Roaming\LimeWire\browser\xulrunner\plugins folder moved successfully. C:\Users\corri83977\AppData\Roaming\LimeWire\browser\xulrunner\modules folder moved successfully. C:\Users\corri83977\AppData\Roaming\LimeWire\browser\xulrunner\greprefs folder moved successfully. C:\Users\corri83977\AppData\Roaming\LimeWire\browser\xulrunner\dictionaries folder moved successfully. C:\Users\corri83977\AppData\Roaming\LimeWire\browser\xulrunner\defaults\profile\US\chrome folder moved successfully. C:\Users\corri83977\AppData\Roaming\LimeWire\browser\xulrunner\defaults\profile\US folder moved successfully. C:\Users\corri83977\AppData\Roaming\LimeWire\browser\xulrunner\defaults\profile\chrome folder moved successfully. C:\Users\corri83977\AppData\Roaming\LimeWire\browser\xulrunner\defaults\profile folder moved successfully. C:\Users\corri83977\AppData\Roaming\LimeWire\browser\xulrunner\defaults\pref folder moved successfully. C:\Users\corri83977\AppData\Roaming\LimeWire\browser\xulrunner\defaults\autoconfig folder moved successfully. C:\Users\corri83977\AppData\Roaming\LimeWire\browser\xulrunner\defaults folder moved successfully. C:\Users\corri83977\AppData\Roaming\LimeWire\browser\xulrunner\components folder moved successfully. C:\Users\corri83977\AppData\Roaming\LimeWire\browser\xulrunner\chrome folder moved successfully. C:\Users\corri83977\AppData\Roaming\LimeWire\browser\xulrunner folder moved successfully. C:\Users\corri83977\AppData\Roaming\LimeWire\browser folder moved successfully. C:\Users\corri83977\AppData\Roaming\LimeWire\.AppSpecialShare folder moved successfully. C:\Users\corri83977\AppData\Roaming\LimeWire folder moved successfully. C:\DOTT.EXE moved successfully. C:\TENTACLE.EXE moved successfully. File\Folder C:\Users\corri83977\AppData\Roaming\019EAFC61E3E101EECC29BFB70B2AB7C\gotnewupdate000.exe not found. ========== OTL ========== No active process named LimeWire.exe was found! Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\ deleted successfully. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully. Registry key HKEY_LOCAL_MACHINE\\Software\Microsoft\Windows\CurrentVersion\Run not found. Registry key HKEY_LOCAL_MACHINE\\Software\Microsoft\Windows\CurrentVersion\Run not found. Registry value HKEY_USERS\S-1-5-21-1834913581-721874356-3486338912-9079\\Software\Microsoft\Windows\CurrentVersion\Run\\corri83977 not found. Registry value HKEY_USERS\S-1-5-21-1834913581-721874356-3486338912-9079\\Software\Microsoft\Windows\CurrentVersion\Run\\M5T8QL3YW3 not found. C:\Users\corri83977\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LimeWire On Startup.lnk moved successfully. File C:\Program Files\LimeWire\LimeWire.exe not found. Registry value HKEY_USERS\S-1-5-21-1834913581-721874356-3486338912-9079\Software\Microsoft\Windows\CurrentVersion\Run\\gotnewupdate000.exe deleted successfully. File C:\Users\corri83977\AppData\Roaming\019EAFC61E3E101EECC29BFB70B2AB7C\gotnewupdate000.exe not found. ========== COMMANDS ========== [EMPTYTEMP] User: All Users User: choux84542 User: corri83977 User: Default User: Default - Copie User: Default User User: e-center User: Etudiant User: Public %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 16232 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 191096 bytes RecycleBin emptied: 0 bytes Total Files Cleaned = 0,00 mb OTL by OldTimer - Version 3.2.5.0 log created on 05202010_221923 Files\Folders moved on Reboot... File move failed. C:\Windows\temp\_avast5_\Webshlock.txt scheduled to be moved on reboot. Registry entries deleted on Reboot...

jeanmimigab · le 20 Mai 2010 21:52

re, c'est pas mal...

Tyu auras remarqué que j'ai virer limewire, ce porg de P2P contient un Spyware >> donc à ne pas réinstaller.

fais cela stp...

télécharge Malwarebytes >>ici
Pour t'aiderun super tuto de Danakil à lire avant le scan.
Choisie "exécuter un examen rapide" et à la fin du scan , coche tous les éléments trouvés,et clique sur supprimer la sélection.
Poste moi le rapport stp.

Manuch78 · le 20 Mai 2010 22:02

Voilà le rapport de Malwarebytes:

Code: Tout sélectionner: Malwarebytes' Anti-Malware 1.46 www.malwarebytes.org Version de la base de données: 4052 Windows 6.0.6002 Service Pack 2 Internet Explorer 8.0.6001.18904 20/05/2010 23:01:40 mbam-log-2010-05-20 (23-01-40).txt Type d'examen: Examen rapide Elément(s) analysé(s): 148953 Temps écoulé: 7 minute(s), 20 seconde(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 2 Valeur(s) du Registre infectée(s): 0 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 1 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\Antimalware Doctor (Rogue.AntimalwareDoctor) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\Software\Antimalware Doctor Inc (Rogue.AntimalwareDoctor) -> Quarantined and deleted successfully. Valeur(s) du Registre infectée(s): (Aucun élément nuisible détecté) Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): C:\Users\Etudiant\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Antimalware Doctor.lnk (Rogue.AntimalwareDoctor) -> Quarantined and deleted successfully.

Antimalware Doctor

Antimalware Doctor

Re: Antimalware Doctor

Re: Antimalware Doctor

Re: Antimalware Doctor

Re: Antimalware Doctor

Re: Antimalware Doctor

Re: Antimalware Doctor

Re: Antimalware Doctor

Re: Antimalware Doctor

Re: Antimalware Doctor

Re: Antimalware Doctor

Re: Antimalware Doctor

Re: Antimalware Doctor

Sujets similaires

Qui est en ligne