antimalware doctor

bob35 · le 08 Juin 2010 17:02

bonjour je suis sur vista et je viens d attrapper antimalware doctor. je sais qu il faut effectuer une desinfection et j aurais besoin d aide pour realiser cette derniere .
J ai deja fais un scan avec RSTI j ai le rapport ,antimalware doctor est toujours la et je ne sais que faire...
d avance merci

édit Pac : bienvenue Bob, sujet déplacé

bob35 · le 08 Juin 2010 17:36

sujet déplacé?? :oops:

je ne comprends pas..... dsl
Je suis complètement novice dans ce genre de forums. Mais j'ai un vrai problème avec ce antimalware doctor.
Merci encore. De l'aide

bob35 · le 08 Juin 2010 18:04

J'ai fait les scans OTL et USBfix dont voici les rapports:

extras

Code: Tout sélectionner: OTL Extras logfile created on: 08/06/2010 18:25:56 - Run 1 OTL by OldTimer - Version 3.2.5.3 Folder = C:\Users\Loulou\Desktop Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation Internet Explorer (Version = 7.0.6001.18000) Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy 3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 55,00% Memory free 6,00 Gb Paging File | 5,00 Gb Available in Paging File | 77,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 149,04 Gb Total Space | 13,95 Gb Free Space | 9,36% Space Free | Partition Type: NTFS Drive D: | 139,28 Gb Total Space | 68,72 Gb Free Space | 49,34% Space Free | Partition Type: NTFS E: Drive not present or media not loaded F: Drive not present or media not loaded Drive G: | 3,84 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS Drive H: | 973,17 Mb Total Space | 510,89 Mb Free Space | 52,50% Space Free | Partition Type: FAT I: Drive not present or media not loaded Computer Name: PC-DE-LOULOU Current User Name: Loulou Logged in as Administrator. Current Boot Mode: Normal Scan Mode: All users Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days Output = Minimal [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation) [HKEY_USERS\S-1-5-21-756219789-2391649786-1416619542-1000\SOFTWARE\Classes\<extension>] .html [@ = ChromeHTML] -- Reg Error: Key error. File not found [color=#E56717]========== Shell Spawning ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation) htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation) htmlfile [print] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation) scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" () Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" () Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 "UacDisableNotify" = 0 "InternetSettingsDisableNotify" = 0 "AutoUpdateDisableNotify" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] "DisableMonitoring" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] "DisableMonitoring" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] "DisableMonitoring" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 "VistaSp1" = Reg Error: Unknown registry data type -- File not found [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [color=#E56717]========== Authorized Applications List ==========[/color] [color=#E56717]========== Vista Active Open Ports Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{AFC55A21-56D7-41B4-BEA7-32DF687B2685}" = lport=5353 | protocol=6 | dir=in | name=adobe csi cs4 | "{F9399065-9115-44F0-AD1C-E283A0D7D3DF}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe | [color=#E56717]========== Vista Active Application Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{17081B91-861E-4C63-A445-FD0D075F084C}" = protocol=17 | dir=in | app=c:\program files\ubisoft\related designs\anno 1404\anno4.exe | "{200C6B6A-1A7B-49D7-9966-591528FE2DEA}" = dir=in | app=c:\program files\skype\plugin manager\skypepm.exe | "{24B3B272-7A01-4282-A4D0-85D7EF972DA6}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{36FE67DF-99EF-41DD-BE34-F6FFA21950A2}" = protocol=17 | dir=in | app=c:\program files\bearshare applications\bearshare\bearshare.exe | "{3F9E75E3-B07D-4DA7-AA07-E19F83592F6C}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{42555447-A750-4B41-8D7B-42C428390807}" = protocol=17 | dir=in | app=c:\program files\itunes\itunes.exe | "{4C25778C-C94E-495B-8FCA-9D31186D6521}" = protocol=6 | dir=in | app=c:\program files\bearshare applications\bearshare\bearshare.exe | "{4DCFA75E-9FC4-41A0-91B0-86783A503908}" = protocol=17 | dir=in | app=c:\program files\ubisoft\related designs\anno 1404\tools\anno4web.exe | "{627EF4CF-A60C-4489-8214-CC3D44A7CB47}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | "{8872BCA6-DC09-4B2A-A9E5-886DF27AAA66}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{8B2DCE5F-550C-41F2-9F6C-8CA18788DDC6}" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe | "{930728E9-4931-4A19-B0C5-4512FDBD3824}" = protocol=6 | dir=in | app=c:\program files\common files\adobe\cs4servicemanager\cs4servicemanager.exe | "{A07458A5-E28F-4596-BC4A-E6ECA097E239}" = protocol=17 | dir=in | app=c:\program files\limewire\limewire.exe | "{A2444F68-CEE5-4EE7-B7A3-B6243B9ED545}" = protocol=6 | dir=in | app=c:\program files\ubisoft\related designs\anno 1404\anno4.exe | "{A6248E6B-BF7F-4BC3-830E-E7EC89D4B229}" = protocol=17 | dir=in | app=c:\program files\common files\adobe\cs4servicemanager\cs4servicemanager.exe | "{ACF9A276-0F98-45F0-8254-C787B65D927A}" = protocol=6 | dir=in | app=c:\program files\limewire\limewire.exe | "{EDB3AEBA-16E6-4CD1-AE9B-64FFC7795D6E}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | "{FD38EE83-D7E6-44EB-B1AF-DA2BAA19FA4F}" = protocol=6 | dir=in | app=c:\program files\ubisoft\related designs\anno 1404\tools\anno4web.exe | "TCP Query User{745B6BE7-E377-42AF-AD1B-7CF7A9ACB7D7}C:\users\loulou\appdata\local\temp\rar$ex01.811\freezer v1.4 fr\freezer.exe" = protocol=6 | dir=in | app=c:\users\loulou\appdata\local\temp\rar$ex01.811\freezer v1.4 fr\freezer.exe | "TCP Query User{771E6239-D17D-4D46-82A8-7B6B333E5E51}C:\program files\vuze\azureus.exe" = protocol=6 | dir=in | app=c:\program files\vuze\azureus.exe | "TCP Query User{89B012F4-C260-4921-A922-7C0571A1F6F3}C:\users\loulou\desktop\freezer.exe" = protocol=6 | dir=in | app=c:\users\loulou\desktop\freezer.exe | "TCP Query User{9979B888-46B2-48FA-AEAF-A68082B99E50}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe | "TCP Query User{9ACF1C07-419D-4120-A360-6C822BF01CA9}C:\users\loulou\appdata\local\temp\rar$ex01.449\freezer v1.4 fr\freezer.exe" = protocol=6 | dir=in | app=c:\users\loulou\appdata\local\temp\rar$ex01.449\freezer v1.4 fr\freezer.exe | "TCP Query User{9D87484A-6D22-42AD-B978-488AC974AAAF}C:\program files\graphisoft\archicad 13\archicad.exe" = protocol=6 | dir=in | app=c:\program files\graphisoft\archicad 13\archicad.exe | "TCP Query User{BE1837D0-43A3-4569-BD9E-DFCAF407BF5D}C:\program files\participatory culture foundation\miro\miro_downloader.exe" = protocol=6 | dir=in | app=c:\program files\participatory culture foundation\miro\miro_downloader.exe | "TCP Query User{E71A91EC-C99E-40EE-9649-7A154392364E}C:\program files\google\chrome\application\chrome.exe" = protocol=6 | dir=in | app=c:\program files\google\chrome\application\chrome.exe | "UDP Query User{0942F15E-A31E-4A17-B295-AFAEAAC14D62}C:\users\loulou\appdata\local\temp\rar$ex01.811\freezer v1.4 fr\freezer.exe" = protocol=17 | dir=in | app=c:\users\loulou\appdata\local\temp\rar$ex01.811\freezer v1.4 fr\freezer.exe | "UDP Query User{29EB5C3D-FD6C-41FF-AAB5-7A9460936D50}C:\program files\participatory culture foundation\miro\miro_downloader.exe" = protocol=17 | dir=in | app=c:\program files\participatory culture foundation\miro\miro_downloader.exe | "UDP Query User{5B8BA539-87CB-4A90-A325-5DE66C4B63E6}C:\program files\vuze\azureus.exe" = protocol=17 | dir=in | app=c:\program files\vuze\azureus.exe | "UDP Query User{8BDE2BD2-C24F-41FF-A9E9-B58E84727225}C:\program files\google\chrome\application\chrome.exe" = protocol=17 | dir=in | app=c:\program files\google\chrome\application\chrome.exe | "UDP Query User{A7D0C4D3-2C20-4DA1-A9C1-E3B9E0AD3387}C:\program files\graphisoft\archicad 13\archicad.exe" = protocol=17 | dir=in | app=c:\program files\graphisoft\archicad 13\archicad.exe | "UDP Query User{A834F4C6-70B6-43A4-9352-DF39FBFA0F46}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe | "UDP Query User{A8BBA752-BB73-4328-92A7-A26BDEA0CE66}C:\users\loulou\appdata\local\temp\rar$ex01.449\freezer v1.4 fr\freezer.exe" = protocol=17 | dir=in | app=c:\users\loulou\appdata\local\temp\rar$ex01.449\freezer v1.4 fr\freezer.exe | "UDP Query User{E2356C11-66F6-4228-B5BB-C08F64EECEF4}C:\users\loulou\desktop\freezer.exe" = protocol=17 | dir=in | app=c:\users\loulou\desktop\freezer.exe | [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator "{00ADFB20-AE75-46F4-AD2C-F48B15AC3100}" = Adobe Color NA Recommended Settings CS4 "{03D1988F-469F-4843-8E6E-E5FE9D17889D}" = WIDCOMM Bluetooth Software "{04AF207D-9A77-465A-8B76-991F6AB66245}" = Adobe Help Viewer CS3 "{05308C4E-7285-4066-BAE3-6B50DA6ED755}" = Adobe Update Manager CS4 "{054EFA56-2AC1-48F4-A883-0AB89874B972}" = Adobe Extension Manager CS4 "{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour "{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting "{0969AF05-4FF6-4C00-9406-43599238DE0D}" = ASUS Splendid Video Enhancement Technology "{098727E1-775A-4450-B573-3F441F1CA243}" = kuler "{09CF6AF5-9206-4FD7-9B08-BA6819FB47E3}" = Anno 1404 "{0D6013AB-A0C7-41DC-973C-E93129C9A29F}" = Adobe Color JA Extra Settings CS4 "{0E7DBD52-B097-4F2B-A7C7-F105B0D20FDB}" = LightScribe System Software 1.14.17.1 "{0F723FC1-7606-4867-866C-CE80AD292DAF}" = Adobe CSI CS4 "{15BF7AAF-846C-4A6D-80E1-5D1FC7FB461B}" = Adobe SGM CS4 "{1618734A-3957-4ADD-8199-F973763109A8}" = Adobe Anchor Service CS4 "{16E16F01-2E2D-4248-A42F-76261C147B6C}" = Adobe Drive CS4 "{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}" = AdobeColorCommonSetRGB "{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer "{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}" = Adobe WinSoft Linguistics Plugin "{197A3012-8C85-4FD3-AB66-9EC7E13DB92E}" = Adobe AIR "{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}" = ASUS LifeFrame3 "{1DCA3EAA-6EB5-4563-A970-EA14D75037BA}" = Adobe InDesign CS4 "{1E04CB54-AF4E-4AC3-B4B7-C0A160BE57F1}" = Adobe InDesign CS4 Icon Handler "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer "{23B14BE4-5277-40B2-B602-3FCD456C27BC}" = Protector Suite QL 5.8 "{26A24AE4-039D-4CA4-87B4-2F83216011FF}" = Java(TM) 6 Update 15 "{28006915-2739-4EBE-B5E8-49B25D32EB33}" = Atheros Client Installation Program "{2862A3C1-0CD9-4D8B-A28C-8C337D4DD5EB}" = Express Gate "{29E5EA97-5F74-4A57-B8B2-D4F169117183}" = Adobe Stock Photos CS3 "{2BAF2B96-7560-48B4-87D4-10178DDBE217}" = Adobe InDesign CS4 Application Feature Set Files (Roman) "{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}" = PDF Settings CS4 "{39F6E2B4-CFE8-C30A-66E8-489651F0F34C}" = Adobe Media Player "{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}" = Adobe XMP Panels CS4 "{3AC54383-31D1-4907-961B-B12CBB1D0AE8}" = MobileMe Control Panel "{3B05F2FB-745B-4012-ADF2-439F36B2E70B}" = ATKOSD2 "{3D9CF3CA-3AB0-4A82-9853-D7C43FD1D775}" = ANNO 1404 "{3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF}" = Adobe WinSoft Linguistics Plugin "{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go "{415B2719-AD3A-4944-B404-C472DB6085B3}" = Cisco EAP-FAST Module "{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}" = Adobe Service Manager Extension "{4A52555C-032A-4083-BDD9-6A85ABFB39A8}" = Adobe SING CS4 "{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3 "{5545EEE1-FA36-4F76-B6BE-5696E7F4E2D6}" = VBA (2627.01) "{5545EEE3-FA36-4F76-B6BE-5696E7F4E2D6}" = VBA (2627.5) "{5570C7F0-43D0-4916-8A9E-AEDD52FA86F4}" = Adobe Color EU Extra Settings CS4 "{5783F2D7-6001-040C-0002-0060B0CE6BBA}" = AutoCAD 2008 - Français "{5783F2D7-6004-040C-0002-0060B0CE6BBA}" = AutoCAD Architecture 2008 - Français "{59F6A514-9813-47A3-948C-8A155460CC2A}" = RICOH R5C83x/84x Flash Media Controller Driver Ver.3.55.01 "{6324A1EF-CEF4-43E3-8BCD-9EF3F67317FD}" = NB Probe "{63415CB1-3C97-4D9C-980D-336710EB0526}" = Age of Empires III - The Asian Dynasties Trial "{64452561-169F-4A36-A2FF-B5E118EC65F5}" = ASUS SmartLogon "{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites "{669C7BD8-DAA2-49B6-966C-F1E2AAE6B17E}" = Cisco PEAP Module "{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update "{69B6B4A5-1C4D-4F16-BB11-A4EB9A439116}" = Adobe Creative Suite 3 Web Premium "{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin "{6B708481-748A-4EB4-97C1-CD386244FF77}" = Adobe MotionPicture Color Files "{6B77A7F6-DD63-4F13-A6FF-83137A5AC354}" = ASUS CopyProtect "{6BBAA81D-6A7E-43AD-8889-2F002DCAAFDD}" = AHV content for Acrobat and Flash "{6E08CE13-C2AB-4749-9335-5900B958929E}" = Adobe Illustrator CS3 "{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}" = Adobe Asset Services CS3 "{73B5D990-04EA-4751-B10F-5534770B91F2}" = Adobe Color EU Recommended Settings "{75708411-3DC4-4E88-8100-7FBB1978E84B}" = Commandos 3 - Destination Berlin Demo v2 "{7C05592D-424B-46CB-B505-E0013E8E75C9}" = ATK Hotkey "{7CC7BDD5-6F10-4724-96A1-EAC7D9F2831C}" = Adobe InDesign CS4 Common Base Files "{802771A9-A856-4A41-ACF7-1450E523C923}" = Adobe XMP Panels CS3 "{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}" = Adobe Type Support CS4 "{83770D14-21B9-44B3-8689-F7B523F94560}" = Cisco LEAP Module "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{83877DB1-8B77-45BC-AB43-2BAC22E093E0}" = Adobe Bridge CS4 "{83F73CB1-7705-49D1-9852-84D839CA2A45}" = Wireless Console 2 "{842B4B72-9E8F-4962-B3C1-1C422A5C4434}" = Suite Shared Configuration CS4 "{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8169 8168 8101E 8102E Ethernet Driver "{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3 "{8D7BD6EE-C597-4375-B07F-A91FC78991C7}" = V-Ray for SketchUp 6 "{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007 "{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007 "{90120000-0015-040C-0000-0000000FF1CE}" = Microsoft Office Access MUI (French) 2007 "{90120000-0015-0410-0000-0000000FF1CE}" = Microsoft Office Access MUI (Italian) 2007 "{90120000-0015-0413-0000-0000000FF1CE}" = Microsoft Office Access MUI (Dutch) 2007 "{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007 "{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007 "{90120000-0016-040C-0000-0000000FF1CE}" = Microsoft Office Excel MUI (French) 2007 "{90120000-0016-0410-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Italian) 2007 "{90120000-0016-0413-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Dutch) 2007 "{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007 "{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007 "{90120000-0018-040C-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (French) 2007 "{90120000-0018-0410-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Italian) 2007 "{90120000-0018-0413-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Dutch) 2007 "{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007 "{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007 "{90120000-0019-040C-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (French) 2007 "{90120000-0019-0410-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Italian) 2007 "{90120000-0019-0413-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Dutch) 2007 "{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007 "{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007 "{90120000-001A-040C-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (French) 2007 "{90120000-001A-0410-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Italian) 2007 "{90120000-001A-0413-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Dutch) 2007 "{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007 "{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007 "{90120000-001B-040C-0000-0000000FF1CE}" = Microsoft Office Word MUI (French) 2007 "{90120000-001B-0410-0000-0000000FF1CE}" = Microsoft Office Word MUI (Italian) 2007 "{90120000-001B-0413-0000-0000000FF1CE}" = Microsoft Office Word MUI (Dutch) 2007 "{90120000-001F-0401-0000-0000000FF1CE}" = Microsoft Office Proof (Arabic) 2007 "{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007 "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007 "{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007 "{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007 "{90120000-001F-0413-0000-0000000FF1CE}" = Microsoft Office Proof (Dutch) 2007 "{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007 "{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007 "{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007 "{90120000-002C-040C-0000-0000000FF1CE}" = Microsoft Office Proofing (French) 2007 "{90120000-002C-0410-0000-0000000FF1CE}" = Microsoft Office Proofing (Italian) 2007 "{90120000-002C-0413-0000-0000000FF1CE}" = Microsoft Office Proofing (Dutch) 2007 "{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007 "{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007 "{90120000-006E-040C-0000-0000000FF1CE}" = Microsoft Office Shared MUI (French) 2007 "{90120000-006E-0410-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Italian) 2007 "{90120000-006E-0413-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Dutch) 2007 "{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007 "{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007 "{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3 "{91120000-0031-0000-0000-0000000FF1CE}" = Microsoft Office Professional Hybrid 2007 "{931AB7EA-3656-4BB7-864D-022B09E3DD67}" = Adobe Linguistics CS4 "{94D398EB-D2FD-4FD1-B8C4-592635E8A191}" = Adobe CMaps CS4 "{98736A65-3C79-49EC-B7E9-A3C77774B0E6}" = Google SketchUp 6 "{9A346205-EA92-4406-B1AB-50379DA3F057}" = Autodesk DWF Viewer 7 "{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}" = ASUS Power4Gear Hybrid "{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3 "{A2D81E70-2A98-4A08-A628-94388B063C5E}" = Adobe Color - Photoshop Specific "{A429C2AE-EBF1-4F81-A221-1C115CAADDAD}" = QuickTime "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{AADEA55D-C834-4BCB-98A3-4B8D1C18F4EE}" = Apple Mobile Device Support "{AC76BA86-7AD7-1036-7B44-A81200000003}" = Adobe Reader 8.1.2 - Français "{B29AD377-CC12-490A-A480-1452337C618D}" = Connect "{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0 "{B3D8B2F8-3C2C-45BC-933E-8B60E78F6684}" = Google SketchUp 6 "{B607C354-CD79-4D22-86D1-92DC94153F42}" = Apple Application Support "{B73CFB12-C814-4638-AFFD-7E3AAFAF0B4E}" = Adobe BridgeTalk Plugin CS3 "{BB4E33EC-8181-4685-96F7-8554293DEC6A}" = Adobe Output Module "{BE136F60-5D0F-4663-8B32-938A3EFD3FCB}" = Adobe Setup "{BE5F3842-8309-4754-92D5-83E02E6077A3}" = Adobe Extension Manager CS3 "{C1FA4B3B-1625-4922-9C9D-780E8FCE161A}" = Adobe Photoshop CS3 "{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}" = Adobe ExtendScript Toolkit 2 "{C52E3EC1-048C-45E1-8D53-10B0C6509683}" = Adobe Default Language CS4 "{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint "{C5BD220A-EFE8-48A5-B70E-9503D535FACE}" = Adobe WAS CS3 "{CA1CA5F8-7500-45C5-9D4C-47D13FBC92D2}" = Adobe Setup "{CC75AB5C-2110-4A7F-AF52-708680D22FE8}" = Photoshop Camera Raw "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client "{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2 "{D1A74FBB-CA8D-4CCA-9B89-BAAA436DB178}" = iTunes "{D1E5870E-E3E5-4475-98A6-ADD614524ADF}" = ATK Media "{D3D54F3E-C5C3-443D-978F-87A72E5616E8}" = ATK Generic Function Service "{DE10AB76-4756-4913-BE25-55D1C1051F9A}" = WinFlash "{E5FCED12-3E77-4C0E-A305-5AEB38A52A70}" = AdobeColorCommonSetCMYK "{E657B243-9AD4-4ECC-BE81-4CCF8D667FD0}" = ASUS Live Update "{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3 "{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}" = ASUS Virtual Camera "{F0E64E2E-3A60-40D8-A55D-92F6831875DA}" = Adobe Search for Help "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{F7B0939E-58DF-11DF-B3A6-005056806466}" = Google Earth "{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}" = Adobe ExtendScript Toolkit CS4 "{F93C84A6-0DC6-42AF-89FA-776F7C377353}" = Adobe PDF Library Files CS4 "{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}" = Adobe Fonts All "{FF29A7E2-FF40-4D07-B7E4-2093DE59E10A}" = Adobe Color NA Extra Settings "8461-7759-5462-8226" = Vuze "Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites "Adobe AIR" = Adobe AIR "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "Adobe_1710d324011afc3e7658e969025f4ba" = Adobe InDesign CS4 "Adobe_e7f691c6f2bf7b70c25ea19f3d73b6e" = Ajouter ou supprimer Adobe Creative Suite 3 Web Premium "Ask Toolbar_is1" = Vuze Toolbar "ASUS_Notebook_N50" = ASUS_Notebook_N50 Screen Saver "AutoCAD 2008 - Français" = AutoCAD 2008 - Français "AutoCAD Architecture 2008 - Français" = AutoCAD Architecture 2008 - Français "avast5" = avast! Free Antivirus "BearShare MediaBar" = MediaBar 2.0 "com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player "DAEMON Tools Toolbar" = DAEMON Tools Toolbar "Google Chrome" = Google Chrome "Google Desktop" = Google Desktop "Google Updater" = Outil de mise à jour Google "InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go "InstallShield_{63415CB1-3C97-4D9C-980D-336710EB0526}" = Age of Empires III - The Asian Dynasties Trial "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "NVIDIA Drivers" = NVIDIA Drivers "PDFCreator Toolbar" = PDFCreator Toolbar "Picasa 3" = Picasa 3 "PROHYBRIDR" = 2007 Microsoft Office system "SynTPDeinstKey" = Synaptics Pointing Device Driver "USB 2.0 2.0M UVC WebCam" = USB 2.0 2.0M UVC WebCam "vdkzhx" = Favorit "VLC media player" = VLC media player 1.0.5 "WinRAR archiver" = Archiveur WinRAR [color=#E56717]========== HKEY_USERS Uninstall List ==========[/color] [HKEY_USERS\S-1-5-21-756219789-2391649786-1416619542-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "Antimalware Doctor" = Antimalware Doctor [color=#E56717]========== Last 10 Event Log Errors ==========[/color] [ Application Events ] Error - 26/05/2010 00:26:05 | Computer Name = PC-de-Loulou | Source = Google Update | ID = 20 Description = Error - 26/05/2010 00:33:00 | Computer Name = PC-de-Loulou | Source = WinMgmt | ID = 10 Description = Error - 26/05/2010 11:31:30 | Computer Name = PC-de-Loulou | Source = Windows Search Service | ID = 3013 Description = Error - 26/05/2010 22:26:05 | Computer Name = PC-de-Loulou | Source = Google Update | ID = 20 Description = Error - 26/05/2010 23:26:05 | Computer Name = PC-de-Loulou | Source = Google Update | ID = 20 Description = Error - 26/05/2010 23:35:53 | Computer Name = PC-de-Loulou | Source = WinMgmt | ID = 10 Description = Error - 27/05/2010 12:27:37 | Computer Name = PC-de-Loulou | Source = Google Update | ID = 20 Description = Error - 28/05/2010 01:22:30 | Computer Name = PC-de-Loulou | Source = Application Error | ID = 1000 Description = Application défaillante Illustrator.exe, version 13.0.128.0, horodatage 0x45fa64db, module défaillant Illustrator.exe, version 13.0.128.0, horodatage 0x45fa64db, code d’exception 0xc0000005, décalage d’erreur 0x0049d323, ID du processus 0x950, heure de début de l’application 0x01cafe2428f6d800. Error - 28/05/2010 01:34:08 | Computer Name = PC-de-Loulou | Source = Application Error | ID = 1000 Description = Application défaillante Illustrator.exe, version 13.0.128.0, horodatage 0x45fa64db, module défaillant Illustrator.exe, version 13.0.128.0, horodatage 0x45fa64db, code d’exception 0xc0000005, décalage d’erreur 0x0057af5b, ID du processus 0x16b8, heure de début de l’application 0x01cafe260f6593c0. Error - 29/05/2010 11:58:49 | Computer Name = PC-de-Loulou | Source = WinMgmt | ID = 10 Description = [color=#E56717]========== Last 10 Event Log Errors ==========[/color] Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt! < End of report >

bob35 · le 08 Juin 2010 18:05

Rapport OTL

Code: Tout sélectionner: OTL logfile created on: 08/06/2010 18:25:56 - Run 1 OTL by OldTimer - Version 3.2.5.3 Folder = C:\Users\Loulou\Desktop Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation Internet Explorer (Version = 7.0.6001.18000) Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy 3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 55,00% Memory free 6,00 Gb Paging File | 5,00 Gb Available in Paging File | 77,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 149,04 Gb Total Space | 13,95 Gb Free Space | 9,36% Space Free | Partition Type: NTFS Drive D: | 139,28 Gb Total Space | 68,72 Gb Free Space | 49,34% Space Free | Partition Type: NTFS E: Drive not present or media not loaded F: Drive not present or media not loaded Drive G: | 3,84 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS Drive H: | 973,17 Mb Total Space | 510,89 Mb Free Space | 52,50% Space Free | Partition Type: FAT I: Drive not present or media not loaded Computer Name: PC-DE-LOULOU Current User Name: Loulou Logged in as Administrator. Current Boot Mode: Normal Scan Mode: All users Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days Output = Minimal [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - C:\Users\Loulou\Desktop\OTL.exe (OldTimer Tools) PRC - C:\Users\Loulou\gckcomka.exe () PRC - C:\Users\Loulou\AppData\Roaming\CBE3FBC7AC5FADF7B4C95F3071F95353\setupupdater0000.exe (MS) PRC - C:\Users\Loulou\AppData\Local\vdkzhx.exe (listé) PRC - C:\Program Files\Alwil Software\Avast5\AvastUI.exe (ALWIL Software) PRC - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (ALWIL Software) PRC - C:\Program Files\AskBarDis\bar\bin\ASKUpgrade.exe () PRC - C:\Program Files\AskBarDis\bar\bin\AskService.exe () PRC - C:\Windows\AsScrPro.exe (ASUS) PRC - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.) PRC - C:\Windows\explorer.exe (Microsoft Corporation) PRC - C:\Program Files\P4G\BatteryLife.exe (ATK) PRC - C:\Program Files\Protector Suite QL\upeksvr.exe (UPEK Inc.) PRC - C:\Program Files\Protector Suite QL\psqltray.exe (UPEK Inc.) PRC - C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe (Broadcom Corporation.) PRC - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.) PRC - C:\Windows\RtHDVCpl.exe (Realtek Semiconductor) PRC - C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe (CyberLink) PRC - C:\Program Files\ASUS\ATKOSD2\ATKOSD2.exe (ASUS) PRC - C:\Program Files\ASUS\ATK Hotkey\HControl.exe (ASUS) PRC - C:\Program Files\ASUS\ATK Media\DMedia.exe (ASUS) PRC - C:\Program Files\ASUS\ATK Hotkey\ATKOSD.exe (ASUS) PRC - C:\Program Files\ASUS\ASUS CopyProtect\aspg.exe (ASUS) PRC - C:\Program Files\ASUS\SmartLogon\sensorsrv.exe (ASUS) PRC - C:\Program Files\ASUS\Splendid\ACMON.exe (ATK) PRC - C:\Program Files\ASUS\ATK Hotkey\WDC.exe () PRC - C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation) PRC - C:\Program Files\ASUS\ATK Hotkey\HControlUser.exe () PRC - C:\Program Files\ASUS\ASUS Live Update\ALU.exe () PRC - C:\Program Files\ASUS\ATK Hotkey\MsgTranAgt.exe () PRC - C:\Program Files\ASUS\ATK Hotkey\ASLDRSrv.exe () PRC - C:\Program Files\ASUS\ATK Hotkey\KBFiltr.exe () PRC - C:\Program Files\ATKGFNEX\GFNEXSrv.exe () PRC - C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe () PRC - C:\Program Files\Wireless Console 2\wcourier.exe () PRC - C:\Program Files\Adobe\Reader 8.0\Reader\AcroRd32.exe (Adobe Systems Incorporated) PRC - C:\Windows\System32\ACEngSvr.exe (ASUSTeK) [color=#E56717]========== Modules (SafeList) ==========[/color] MOD - C:\Users\Loulou\Desktop\OTL.exe (OldTimer Tools) MOD - C:\Windows\System32\msscript.ocx (Microsoft Corporation) MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll (Microsoft Corporation) [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - (avast! Web Scanner) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (ALWIL Software) SRV - (avast! Mail Scanner) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (ALWIL Software) SRV - (avast! Antivirus) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (ALWIL Software) SRV - (GoogleDesktopManager-093009-130223) -- C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (Google) SRV - (FLEXnet Licensing Service) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Acresso Software Inc.) SRV - (ASKUpgrade) -- C:\Program Files\AskBarDis\bar\bin\ASKUpgrade.exe () SRV - (ASKService) -- C:\Program Files\AskBarDis\bar\bin\AskService.exe () SRV - (Autodesk Licensing Service) -- C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe (Autodesk) SRV - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation) SRV - (ASLDRService) -- C:\Program Files\ASUS\ATK Hotkey\ASLDRSrv.exe () SRV - (ATKGFNEXSrv) -- C:\Program Files\ATKGFNEX\GFNEXSrv.exe () SRV - (spmgr) -- C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe () [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - (atksgt) -- C:\Windows\System32\drivers\atksgt.sys () DRV - (lirsgt) -- C:\Windows\System32\drivers\lirsgt.sys () DRV - (aswTdi) -- C:\Windows\System32\drivers\aswTdi.sys (ALWIL Software) DRV - (aswSP) -- C:\Windows\System32\drivers\aswSP.sys (ALWIL Software) DRV - (aswRdr) -- C:\Windows\System32\drivers\aswRdr.sys (ALWIL Software) DRV - (aswMonFlt) -- C:\Windows\System32\drivers\aswMonFlt.sys (ALWIL Software) DRV - (aswFsBlk) -- C:\Windows\System32\drivers\aswFsBlk.sys (ALWIL Software) DRV - (sptd) -- C:\Windows\System32\drivers\sptd.sys (Duplex Secure Ltd.) DRV - (adfs) -- C:\Windows\System32\drivers\adfs.sys (Adobe Systems, Inc.) DRV - (RTL8169) -- C:\Windows\System32\drivers\Rtlh86.sys (Realtek Corporation ) DRV - (TcUsb) -- C:\Windows\System32\drivers\tcusb.sys (UPEK Inc.) DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation) DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\Windows\System32\drivers\RTKVHDA.sys (Realtek Semiconductor Corp.) DRV - (btwaudio) -- C:\Windows\System32\drivers\btwaudio.sys (Broadcom Corporation.) DRV - (NVHDA) -- C:\Windows\System32\drivers\nvhda32v.sys (NVIDIA Corporation) DRV - (kbfiltr) -- C:\Windows\System32\drivers\kbfiltr.sys ( ) DRV - (lullaby) -- C:\Windows\system32\DRIVERS\lullaby.sys (Windows (R) Codename Longhorn DDK provider) DRV - (btwrchid) -- C:\Windows\System32\drivers\btwrchid.sys (Broadcom Corporation.) DRV - (btwavdt) -- C:\Windows\System32\drivers\btwavdt.sys (Broadcom Corporation.) DRV - (iaStor) -- C:\Windows\system32\DRIVERS\iaStor.sys (Intel Corporation) DRV - (athr) -- C:\Windows\System32\drivers\athr.sys (Atheros Communications, Inc.) DRV - (SNP2UVC) USB2.0 PC Camera (SNP2UVC) -- C:\Windows\System32\drivers\snp2uvc.sys () DRV - (rimmptsk) -- C:\Windows\System32\drivers\rimmptsk.sys (REDC) DRV - (btwl2cap) -- C:\Windows\System32\drivers\btwl2cap.sys (Broadcom Corporation.) DRV - (MegaSR) -- C:\Windows\system32\drivers\megasr.sys (LSI Corporation, Inc.) DRV - (adpu320) -- C:\Windows\system32\drivers\adpu320.sys (Adaptec, Inc.) DRV - (megasas) -- C:\Windows\system32\drivers\megasas.sys (LSI Corporation) DRV - (adpu160m) -- C:\Windows\system32\drivers\adpu160m.sys (Adaptec, Inc.) DRV - (SiSRaid4) -- C:\Windows\system32\drivers\sisraid4.sys (Silicon Integrated Systems) DRV - (HpCISSs) -- C:\Windows\system32\drivers\hpcisss.sys (Hewlett-Packard Company) DRV - (adpahci) -- C:\Windows\system32\drivers\adpahci.sys (Adaptec, Inc.) DRV - (LSI_SAS) -- C:\Windows\system32\drivers\lsi_sas.sys (LSI Logic) DRV - (ql2300) -- C:\Windows\system32\drivers\ql2300.sys (QLogic Corporation) DRV - (E1G60) Intel(R) -- C:\Windows\System32\drivers\E1G60I32.sys (Intel Corporation) DRV - (arcsas) -- C:\Windows\system32\drivers\arcsas.sys (Adaptec, Inc.) DRV - (iaStorV) -- C:\Windows\system32\drivers\iastorv.sys (Intel Corporation) DRV - (vsmraid) -- C:\Windows\system32\drivers\vsmraid.sys (VIA Technologies Inc.,Ltd) DRV - (ulsata2) -- C:\Windows\system32\drivers\ulsata2.sys (Promise Technology, Inc.) DRV - (LSI_SCSI) -- C:\Windows\system32\drivers\lsi_scsi.sys (LSI Logic) DRV - (LSI_FC) -- C:\Windows\system32\drivers\lsi_fc.sys (LSI Logic) DRV - (arc) -- C:\Windows\system32\drivers\arc.sys (Adaptec, Inc.) DRV - (elxstor) -- C:\Windows\system32\drivers\elxstor.sys (Emulex) DRV - (adp94xx) -- C:\Windows\system32\drivers\adp94xx.sys (Adaptec, Inc.) DRV - (nvraid) -- C:\Windows\system32\drivers\nvraid.sys (NVIDIA Corporation) DRV - (nvstor) -- C:\Windows\system32\drivers\nvstor.sys (NVIDIA Corporation) DRV - (uliahci) -- C:\Windows\system32\drivers\uliahci.sys (ULi Electronics Inc.) DRV - (viaide) -- C:\Windows\system32\drivers\viaide.sys (VIA Technologies, Inc.) DRV - (cmdide) -- C:\Windows\system32\drivers\cmdide.sys (CMD Technology, Inc.) DRV - (aliide) -- C:\Windows\system32\drivers\aliide.sys (Acer Laboratories Inc.) DRV - (SynTP) -- C:\Windows\System32\drivers\SynTP.sys (Synaptics, Inc.) DRV - (ghaio) -- C:\Program Files\ASUS\NB Probe\SPM\ghaio.sys () DRV - (rismxdp) -- C:\Windows\System32\drivers\rixdptsk.sys (REDC) DRV - (rimsptsk) -- C:\Windows\System32\drivers\rimsptsk.sys (REDC) DRV - (ASMMAP) -- C:\Program Files\ATKGFNEX\ASMMAP.sys () DRV - (MTsensor) -- C:\Windows\System32\drivers\ATKACPI.sys (ATK0100) DRV - (ql40xx) -- C:\Windows\system32\drivers\ql40xx.sys (QLogic Corporation) DRV - (UlSata) -- C:\Windows\system32\drivers\ulsata.sys (Promise Technology, Inc.) DRV - (nfrd960) -- C:\Windows\system32\drivers\nfrd960.sys (IBM Corporation) DRV - (iirsp) -- C:\Windows\system32\drivers\iirsp.sys (Intel Corp./ICP vortex GmbH) DRV - (aic78xx) -- C:\Windows\system32\drivers\djsvs.sys (Adaptec, Inc.) DRV - (iteraid) -- C:\Windows\system32\drivers\iteraid.sys (Integrated Technology Express, Inc.) DRV - (iteatapi) -- C:\Windows\system32\drivers\iteatapi.sys (Integrated Technology Express, Inc.) DRV - (Symc8xx) -- C:\Windows\system32\drivers\symc8xx.sys (LSI Logic) DRV - (Sym_u3) -- C:\Windows\system32\drivers\sym_u3.sys (LSI Logic) DRV - (Mraid35x) -- C:\Windows\system32\drivers\mraid35x.sys (LSI Logic Corporation) DRV - (Sym_hi) -- C:\Windows\system32\drivers\sym_hi.sys (LSI Logic) DRV - (Brserid) Brother MFC Serial Port Interface Driver (WDM) -- C:\Windows\system32\drivers\brserid.sys (Brother Industries Ltd.) DRV - (BrUsbSer) -- C:\Windows\system32\drivers\brusbser.sys (Brother Industries Ltd.) DRV - (BrFiltUp) -- C:\Windows\system32\drivers\brfiltup.sys (Brother Industries, Ltd.) DRV - (BrFiltLo) -- C:\Windows\system32\drivers\brfiltlo.sys (Brother Industries, Ltd.) DRV - (BrSerWdm) -- C:\Windows\system32\drivers\brserwdm.sys (Brother Industries Ltd.) DRV - (BrUsbMdm) -- C:\Windows\system32\drivers\brusbmdm.sys (Brother Industries Ltd.) DRV - (smserial) -- C:\Windows\System32\drivers\smserial.sys (Motorola Inc.) DRV - (ntrigdigi) -- C:\Windows\system32\drivers\ntrigdigi.sys (N-trig Innovative Technologies) DRV - (yukonwlh) -- C:\Windows\System32\drivers\yk60x86.sys (Marvell) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/redirectdomain?brand=ASUS&bmod=ASUS IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ig/redirectdomain?brand=ASUS&bmod=ASUS IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/redirectdomain?brand=ASUS&bmod=ASUS IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ig/redirectdomain?brand=ASUS&bmod=ASUS IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/redirectdomain?brand=ASUS&bmod=ASUS IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ig/redirectdomain?brand=ASUS&bmod=ASUS IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-756219789-2391649786-1416619542-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/redirectdomain?brand=ASUS&bmod=ASUS IE - HKU\S-1-5-21-756219789-2391649786-1416619542-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com IE - HKU\S-1-5-21-756219789-2391649786-1416619542-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ IE - HKU\S-1-5-21-756219789-2391649786-1416619542-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKU\S-1-5-21-756219789-2391649786-1416619542-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1 IE - HKU\S-1-5-21-756219789-2391649786-1416619542-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local> IE - HKU\S-1-5-21-756219789-2391649786-1416619542-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:64921 [2009/02/21 14:43:11 | 000,000,000 | ---D | M] -- C:\Users\Loulou\AppData\Roaming\mozilla\Extensions [2009/02/21 14:43:11 | 000,000,000 | ---D | M] -- C:\Users\Loulou\AppData\Roaming\mozilla\Extensions\mozswing@mozswing.org [2009/10/06 17:04:14 | 000,000,000 | ---D | M] -- C:\Users\Loulou\AppData\Roaming\mozilla\Firefox\extensions [2009/10/06 17:04:14 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Loulou\AppData\Roaming\mozilla\Firefox\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D} O1 HOSTS File: ([2006/09/18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2 - BHO: (Aide pour le lien d'Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O2 - BHO: (AskBar BHO) - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll File not found O2 - BHO: (UrlHelper Class) - {74322BF9-DF26-493f-B0DA-6D2FC5E6429E} - C:\Program Files\BearShare Applications\BearShare MediaBar\BearShareIEHelper.dll File not found O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll (Google Inc.) O2 - BHO: (PDFCreator Toolbar Helper) - {C451C08A-EC37-45DF-AAAD-18B51AB5E837} - C:\Program Files\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll File not found O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O3 - HKLM\..\Toolbar: (Ask Toolbar) - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll File not found O3 - HKLM\..\Toolbar: (PDFCreator Toolbar) - {31CF9EBE-5755-4A1D-AC25-2834D952D9B4} - C:\Program Files\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll File not found O3 - HKLM\..\Toolbar: (BearShare MediaBar) - {D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A} - C:\Program Files\BearShare Applications\BearShare MediaBar\BearShareMediaBar.dll File not found O3 - HKU\S-1-5-21-756219789-2391649786-1416619542-1000\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O3 - HKU\S-1-5-21-756219789-2391649786-1416619542-1000\..\Toolbar\WebBrowser: (PDFCreator Toolbar) - {31CF9EBE-5755-4A1D-AC25-2834D952D9B4} - C:\Program Files\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll File not found O3 - HKU\S-1-5-21-756219789-2391649786-1416619542-1000\..\Toolbar\WebBrowser: (BearShare MediaBar) - {D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A} - C:\Program Files\BearShare Applications\BearShare MediaBar\BearShareMediaBar.dll File not found O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [AdobeCS4ServiceManager] C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe (Apple Inc.) O4 - HKLM..\Run: [ASUS Screen Saver Protector] C:\Windows\AsScrPro.exe (ASUS) O4 - HKLM..\Run: [ATKMEDIA] C:\Program Files\ASUS\ATK Media\DMedia.exe (ASUS) O4 - HKLM..\Run: [ATKOSD2] C:\Program Files\ASUS\ATKOSD2\ATKOSD2.exe (ASUS) O4 - HKLM..\Run: [avast5] C:\Programmes\Alwil Software\Avast5\AvastUI.exe File not found O4 - HKLM..\Run: [CLMLServer] C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe (CyberLink) O4 - HKLM..\Run: [Google Desktop Search] C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (Google) O4 - HKLM..\Run: [HControlUser] C:\Program Files\ASUS\ATK Hotkey\HControlUser.exe () O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.DLL (NVIDIA Corporation) O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.DLL (NVIDIA Corporation) O4 - HKLM..\Run: [P2Go_Menu] C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.) O4 - HKLM..\Run: [PSQLLauncher] C:\Program Files\Protector Suite QL\launcher.exe (UPEK Inc.) O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor) O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation) O4 - HKU\S-1-5-21-756219789-2391649786-1416619542-1000..\Run: [AdobeUpdater] C:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater.exe (Adobe Systems Incorporated) O4 - HKU\S-1-5-21-756219789-2391649786-1416619542-1000..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\daemon.exe (DT Soft Ltd) O4 - HKU\S-1-5-21-756219789-2391649786-1416619542-1000..\Run: [gckcomka] C:\Users\Loulou\gckcomka.exe () O4 - HKU\S-1-5-21-756219789-2391649786-1416619542-1000..\Run: [Halo2] C:\Users\Loulou\AppData\Local\Temp\sshnas21.DLL () O4 - HKU\S-1-5-21-756219789-2391649786-1416619542-1000..\Run: [M5T8QL3YW3] C:\Users\Loulou\AppData\Local\Temp\Ck1.exe File not found O4 - HKU\S-1-5-21-756219789-2391649786-1416619542-1000..\Run: [setupupdater0000.exe] C:\Users\Loulou\AppData\Roaming\CBE3FBC7AC5FADF7B4C95F3071F95353\setupupdater0000.exe (MS) O4 - HKU\S-1-5-21-756219789-2391649786-1416619542-1000..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.) O4 - HKU\S-1-5-21-756219789-2391649786-1416619542-1000..\Run: [vdkzhx] c:\users\loulou\appdata\local\vdkzhx.exe (listé) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableCAD = 1 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.) O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll (Google Inc.) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O13 - gopher Prefix: missing O15 - HKU\S-1-5-21-756219789-2391649786-1416619542-1000\..Trusted Domains: localhost ([]http in Local intranet) O15 - HKU\S-1-5-21-756219789-2391649786-1416619542-1000\..Trusted Ranges: GD ([http] in Local intranet) O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} http://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.4.8.cab (DLM Control) O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab (Facebook Photo Uploader 5 Control) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15) O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15) O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL) - C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL (Google) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: GinaDLL - (vrlogon.dll) - C:\Windows\System32\vrlogon.dll (UPEK Inc.) O20 - Winlogon\Notify\psfus: DllName - C:\Windows\system32\psqlpwd.dll - C:\Windows\System32\psqlpwd.dll (UPEK Inc.) O24 - Desktop WallPaper: C:\Users\Loulou\AppData\Roaming\Microsoft\Windows Photo Gallery\Papier peint de la Galerie de photos Windows.jpg O24 - Desktop BackupWallPaper: C:\Users\Loulou\AppData\Roaming\Microsoft\Windows Photo Gallery\Papier peint de la Galerie de photos Windows.jpg O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006/09/18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O32 - AutoRun File - [2005/06/27 15:16:56 | 000,000,145 | R--- | M] () - G:\autorun.inf -- [ CDFS ] O33 - MountPoints2\{0cf685bc-657f-11de-a555-002243c1836f}\Shell\AutoRun\command - "" = F:\w.com -- File not found O33 - MountPoints2\{0cf685bc-657f-11de-a555-002243c1836f}\Shell\open\Command - "" = F:\w.com -- File not found O33 - MountPoints2\{1b1018e4-21fa-11df-94f9-002243c1836f}\Shell - "" = AutoRun O33 - MountPoints2\{1b1018e4-21fa-11df-94f9-002243c1836f}\Shell\AutoRun\command - "" = G:\LaunchU3.exe -- [2005/10/11 13:58:51 | 000,921,600 | R--- | M] () O33 - MountPoints2\{45f6338b-e663-11dd-b181-002243c1836f}\Shell\AutoRun\command - "" = F:\r8wb.bat -- File not found O33 - MountPoints2\{45f6338b-e663-11dd-b181-002243c1836f}\Shell\explore\Command - "" = F:\r8wb.bat -- File not found O33 - MountPoints2\{45f6338b-e663-11dd-b181-002243c1836f}\Shell\open\Command - "" = F:\r8wb.bat -- File not found O33 - MountPoints2\{506920c3-b67c-11de-9603-002243c1836f}\Shell - "" = AutoRun O33 - MountPoints2\{506920c3-b67c-11de-9603-002243c1836f}\Shell\AutoRun\command - "" = F:\Autorun.exe -- File not found O33 - MountPoints2\{5d8aec2f-eedc-11dd-b419-002243c1836f}\Shell\AutoRun\command - "" = H:\PMB_P.exe -- File not found O33 - MountPoints2\{5fb244c8-b737-11de-8d04-002243c1836f}\Shell\AutoRun\command - "" = G:\3.cmd -- File not found O33 - MountPoints2\{5fb244c8-b737-11de-8d04-002243c1836f}\Shell\open\Command - "" = G:\3.cmd -- File not found O33 - MountPoints2\{67ad6947-b1cc-11de-98bc-002243c1836f}\Shell - "" = AutoRun O33 - MountPoints2\{67ad6947-b1cc-11de-98bc-002243c1836f}\Shell\AutoRun\command - "" = G:\LaunchU3.exe -- [2005/10/11 13:58:51 | 000,921,600 | R--- | M] () O33 - MountPoints2\{825ebf27-5757-11de-aa6e-002243c1836f}\Shell - "" = AutoRun O33 - MountPoints2\{825ebf27-5757-11de-aa6e-002243c1836f}\Shell\AutoRun\command - "" = H:\LaunchU3.exe -- [2005/10/11 12:58:52 | 000,921,600 | R--- | M] () O33 - MountPoints2\{8c0eb082-50de-11de-9f52-002243c1836f}\Shell\AutoRun\command - "" = q9.cmd O33 - MountPoints2\{8c0eb082-50de-11de-9f52-002243c1836f}\Shell\open\Command - "" = q9.cmd O33 - MountPoints2\{915f997f-e1e0-11dd-8416-002243c1836f}\Shell\AutoRun\command - "" = G:\ -- File not found O33 - MountPoints2\{915f997f-e1e0-11dd-8416-002243c1836f}\Shell\open\command - "" = JOVANA/pojatar.exe O33 - MountPoints2\{f4d184c0-ae91-11de-b062-002243c1836f}\Shell - "" = AutoRun O33 - MountPoints2\{f4d184c0-ae91-11de-b062-002243c1836f}\Shell\AutoRun\command - "" = G:\laucher.exe -- File not found O33 - MountPoints2\{f5ac4de2-bf2e-11de-ab2e-002243c1836f}\Shell\AutoRun\command - "" = G:\ZRNO\\soli.exe -- File not found O33 - MountPoints2\{f5ac4de2-bf2e-11de-ab2e-002243c1836f}\Shell\open\command - "" = G:\ZRNO\\soli.exe -- File not found O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* NetSvcs: FastUserSwitchingCompatibility - File not found NetSvcs: Ias - C:\Windows\System32\ias [2008/01/21 04:34:27 | 000,000,000 | ---D | M] NetSvcs: Nla - File not found NetSvcs: Ntmssvc - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: SRService - File not found NetSvcs: Wmi - C:\Windows\System32\wmi.dll (Microsoft Corporation) NetSvcs: WmdmPmSp - File not found NetSvcs: LogonHours - File not found NetSvcs: PCAudit - File not found NetSvcs: helpsvc - File not found NetSvcs: uploadmgr - File not found [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2010/06/08 18:14:24 | 000,571,904 | ---- | C] (OldTimer Tools) -- C:\Users\Loulou\Desktop\OTL.exe [2010/06/08 03:47:57 | 000,000,000 | --SD | C] -- C:\ComboFix [2010/06/08 03:47:41 | 000,212,480 | ---- | C] (SteelWerX) -- C:\Windows\SWXCACLS.exe [2010/06/08 01:28:51 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro [2010/06/08 01:28:51 | 000,000,000 | ---D | C] -- C:\rsit [2010/06/08 00:45:36 | 000,161,792 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe [2010/06/08 00:45:36 | 000,136,704 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe [2010/06/08 00:45:36 | 000,031,232 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe [2010/06/08 00:45:22 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT [2010/06/08 00:43:14 | 000,000,000 | ---D | C] -- C:\Qoobox [2010/06/08 00:32:31 | 036,597,872 | ---- | C] (PC Tools ) -- C:\Users\Loulou\Desktop\sdsetup_aff.exe [2010/06/08 00:00:00 | 000,164,048 | ---- | C] (ALWIL Software) -- C:\Windows\System32\drivers\aswSP.sys [2010/06/08 00:00:00 | 000,019,024 | ---- | C] (ALWIL Software) -- C:\Windows\System32\drivers\aswFsBlk.sys [2010/06/07 23:59:59 | 000,051,792 | ---- | C] (ALWIL Software) -- C:\Windows\System32\drivers\aswMonFlt.sys [2010/06/07 23:59:59 | 000,046,672 | ---- | C] (ALWIL Software) -- C:\Windows\System32\drivers\aswTdi.sys [2010/06/07 23:59:59 | 000,023,376 | ---- | C] (ALWIL Software) -- C:\Windows\System32\drivers\aswRdr.sys [2010/06/07 23:59:36 | 000,165,032 | ---- | C] (ALWIL Software) -- C:\Windows\System32\aswBoot.exe [2010/06/07 23:59:36 | 000,038,848 | ---- | C] (ALWIL Software) -- C:\Windows\System32\avastSS.scr [2010/06/07 22:43:29 | 000,000,000 | ---D | C] -- C:\Users\Loulou\AppData\Roaming\CBE3FBC7AC5FADF7B4C95F3071F95353 [2010/06/07 19:01:18 | 000,507,904 | ---- | C] (listé) -- C:\Users\Loulou\AppData\Local\vdkzhx.exe [2010/06/06 16:56:36 | 000,000,000 | ---D | C] -- C:\Users\Loulou\Desktop\Bxl - Mecanique des Sols [2010/06/03 00:32:07 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype [2010/06/03 00:32:06 | 000,000,000 | R--D | C] -- C:\Program Files\Skype [2010/06/01 16:22:36 | 000,000,000 | ---D | C] -- C:\ProgramData\WindowsSearch [2010/05/31 04:40:20 | 000,000,000 | ---D | C] -- C:\Users\Loulou\Documents\Anno 1404 [2010/05/31 04:01:01 | 000,000,000 | ---D | C] -- C:\Users\Loulou\AppData\Roaming\Ubisoft [2010/05/31 03:46:30 | 004,178,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_41.dll [2010/05/31 03:46:30 | 001,846,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_41.dll [2010/05/31 03:46:30 | 000,517,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_4.dll [2010/05/31 03:46:30 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_41.dll [2010/05/31 03:46:30 | 000,069,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_3.dll [2010/05/31 03:46:29 | 000,235,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_4.dll [2010/05/31 03:46:28 | 002,036,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_40.dll [2010/05/31 03:46:28 | 000,452,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_40.dll [2010/05/31 03:46:28 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_6.dll [2010/05/31 03:46:27 | 004,379,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_40.dll [2010/05/31 03:46:27 | 000,514,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_3.dll [2010/05/31 03:46:27 | 000,070,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_2.dll [2010/05/31 03:46:26 | 000,509,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_2.dll [2010/05/31 03:46:26 | 000,235,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_3.dll [2010/05/31 03:46:26 | 000,068,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_1.dll [2010/05/31 03:46:26 | 000,023,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_5.dll [2010/05/31 03:46:25 | 003,851,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_39.dll [2010/05/31 03:46:25 | 001,493,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_39.dll [2010/05/31 03:46:25 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_39.dll [2010/05/31 03:46:25 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_2.dll [2010/05/31 03:46:24 | 001,491,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_38.dll [2010/05/31 03:46:24 | 000,507,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_1.dll [2010/05/31 03:46:24 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_38.dll [2010/05/31 03:46:24 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_1.dll [2010/05/31 03:46:24 | 000,065,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_0.dll [2010/05/31 03:46:24 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_4.dll [2010/05/31 03:46:23 | 003,850,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_38.dll [2010/05/31 03:46:23 | 000,479,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_0.dll [2010/05/31 03:46:23 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_0.dll [2010/05/31 03:46:22 | 001,420,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_37.dll [2010/05/31 03:46:22 | 000,462,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_37.dll [2010/05/31 03:46:22 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_3.dll [2010/05/31 03:46:21 | 003,786,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_37.dll [2010/05/31 03:46:20 | 000,267,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_10.dll [2010/05/31 03:46:19 | 003,734,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_36.dll [2010/05/31 03:46:19 | 001,374,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_36.dll [2010/05/31 03:46:19 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_36.dll [2010/05/31 03:46:17 | 000,267,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_9.dll [2010/05/31 03:46:16 | 003,727,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_35.dll [2010/05/31 03:46:16 | 001,358,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_35.dll [2010/05/31 03:46:16 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_35.dll [2010/05/31 03:46:16 | 000,266,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_8.dll [2010/05/31 03:46:16 | 000,017,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_2.dll [2010/05/31 03:46:15 | 003,497,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_34.dll [2010/05/31 03:46:15 | 001,124,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_34.dll [2010/05/31 03:46:15 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_34.dll [2010/05/31 03:46:14 | 000,081,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xinput1_3.dll [2010/05/31 03:46:13 | 003,495,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_33.dll [2010/05/31 03:46:13 | 001,123,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_33.dll [2010/05/31 03:46:13 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_33.dll [2010/05/31 03:46:13 | 000,261,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_7.dll [2010/05/31 03:46:12 | 000,255,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_6.dll [2010/05/31 03:46:11 | 000,251,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_5.dll [2010/05/31 03:46:10 | 003,426,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_32.dll [2010/05/31 03:46:10 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_31.dll [2010/05/31 03:46:10 | 000,440,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10.dll [2010/05/31 03:46:10 | 000,237,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_4.dll [2010/05/31 03:46:10 | 000,015,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\x3daudio1_1.dll [2010/05/31 03:46:09 | 000,236,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_3.dll [2010/05/31 03:46:09 | 000,230,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_2.dll [2010/05/31 03:46:09 | 000,062,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xinput1_2.dll [2010/05/31 03:46:09 | 000,062,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xinput1_1.dll [2010/05/31 03:46:08 | 000,229,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_1.dll [2010/05/31 03:45:53 | 002,332,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_29.dll [2010/05/31 03:45:53 | 000,230,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_0.dll [2010/05/31 03:45:53 | 000,014,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\x3daudio1_0.dll [2010/05/31 03:36:15 | 000,000,000 | ---D | C] -- C:\Program Files\Ubisoft [2010/05/31 03:35:06 | 000,000,000 | ---D | C] -- C:\Program Files\DAEMON Tools Toolbar [2010/05/31 03:35:04 | 000,000,000 | ---D | C] -- C:\Program Files\DAEMON Tools Lite [2010/05/31 01:56:19 | 000,000,000 | ---D | C] -- C:\Users\Loulou\AppData\Roaming\vlc [2010/05/31 01:52:57 | 000,000,000 | ---D | C] -- C:\Users\Loulou\Documents\Nouveau dossier [2010/05/30 19:49:05 | 002,323,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_28.dll [2010/05/30 19:49:05 | 002,319,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_27.dll [2010/05/30 19:49:02 | 002,222,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_24.dll [2010/05/30 15:07:46 | 000,000,000 | ---D | C] -- C:\Users\Loulou\AppData\Roaming\PCF-VLC [2010/05/30 15:06:17 | 000,000,000 | ---D | C] -- C:\Users\Loulou\Documents\Azureus Downloads [2010/05/30 14:10:02 | 000,000,000 | ---D | C] -- C:\Users\Loulou\AppData\Roaming\Participatory Culture Foundation [2010/05/25 20:22:54 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll [2010/05/25 14:41:13 | 000,000,000 | ---D | C] -- C:\Users\Loulou\Desktop\DPP Feria [2010/05/13 21:58:07 | 000,000,000 | ---D | C] -- C:\Program Files\Eidos [2010/05/13 16:49:33 | 000,000,000 | ---D | C] -- C:\Program Files\WIBUKEY [2010/05/12 00:37:02 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\SWF Studio [2010/05/11 15:42:12 | 000,000,000 | ---D | C] -- C:\Users\Loulou\Desktop\Stage S6 [2008/06/03 08:41:51 | 000,015,928 | ---- | C] ( ) -- C:\Windows\System32\drivers\kbfiltr.sys [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2010/06/08 18:27:51 | 000,003,222 | ---- | M] () -- C:\Users\Loulou\AppData\Local\vdkzhx.dat [2010/06/08 18:27:40 | 000,002,139 | ---- | M] () -- C:\Users\Loulou\AppData\Local\vdkzhx_navps.dat [2010/06/08 18:26:07 | 000,001,054 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2010/06/08 18:25:20 | 003,407,872 | -HS- | M] () -- C:\Users\Loulou\NTUSER.DAT [2010/06/08 18:24:25 | 001,470,810 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI [2010/06/08 18:24:25 | 000,669,566 | ---- | M] () -- C:\Windows\System32\perfh00C.dat [2010/06/08 18:24:25 | 000,587,178 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2010/06/08 18:24:25 | 000,123,556 | ---- | M] () -- C:\Windows\System32\perfc00C.dat [2010/06/08 18:24:25 | 000,101,250 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2010/06/08 18:22:36 | 000,021,692 | ---- | M] () -- C:\Users\Loulou\Desktop\otl luis.pdf [2010/06/08 18:13:04 | 000,571,904 | ---- | M] (OldTimer Tools) -- C:\Users\Loulou\Desktop\OTL.exe [2010/06/08 17:56:08 | 000,001,000 | ---- | M] () -- C:\Windows\tasks\Google Software Updater.job [2010/06/08 17:53:56 | 000,000,090 | ---- | M] () -- C:\Users\Loulou\AppData\Local\jtpsoac.bat [2010/06/08 17:53:53 | 000,055,302 | ---- | M] () -- C:\ProgramData\nvModes.001 [2010/06/08 17:53:37 | 000,001,050 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2010/06/08 17:53:35 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT [2010/06/08 17:53:34 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2010/06/08 17:53:34 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2010/06/08 17:53:30 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2010/06/08 17:53:23 | 3220,295,680 | -HS- | M] () -- C:\hiberfil.sys [2010/06/08 03:49:40 | 000,524,288 | -HS- | M] () -- C:\Users\Loulou\NTUSER.DAT{29150e2c-4962-11df-a88e-002243c1836f}.TMContainer00000000000000000001.regtrans-ms [2010/06/08 03:49:40 | 000,065,536 | -HS- | M] () -- C:\Users\Loulou\NTUSER.DAT{29150e2c-4962-11df-a88e-002243c1836f}.TM.blf [2010/06/08 03:49:36 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat [2010/06/08 03:49:29 | 001,887,476 | -H-- | M] () -- C:\Users\Loulou\AppData\Local\IconCache.db [2010/06/08 02:09:14 | 002,555,264 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2010/06/08 02:08:55 | 000,045,056 | ---- | M] () -- C:\Windows\System32\acovcnt.exe [2010/06/08 01:24:43 | 000,000,056 | -H-- | M] () -- C:\Windows\System32\ezsidmv.dat [2010/06/08 00:45:57 | 000,055,302 | ---- | M] () -- C:\ProgramData\nvModes.dat [2010/06/08 00:28:28 | 000,244,860 | ---- | M] () -- C:\Users\Loulou\Desktop\Désactiver l'UAC dans Vista - Zebulon.fr.pdf [2010/06/08 00:27:08 | 003,704,271 | R--- | M] () -- C:\Users\Loulou\Desktop\ComboFix.exe [2010/06/08 00:26:02 | 000,824,681 | ---- | M] () -- C:\Users\Loulou\Desktop\RSIT.exe [2010/06/08 00:25:56 | 000,222,395 | ---- | M] () -- C:\Users\Loulou\Desktop\Extermination de antimalware doctor.pdf [2010/06/08 00:20:56 | 036,597,872 | ---- | M] (PC Tools ) -- C:\Users\Loulou\Desktop\sdsetup_aff.exe [2010/06/08 00:12:04 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt [2010/06/08 00:00:01 | 000,001,847 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk [2010/06/07 22:46:01 | 000,052,736 | ---- | M] () -- C:\Users\Loulou\AppData\Local\syssvc.exe [2010/06/07 22:43:49 | 000,038,912 | ---- | M] () -- C:\Users\Loulou\gckcomka.exe [2010/06/07 19:01:18 | 000,507,904 | ---- | M] (listé) -- C:\Users\Loulou\AppData\Local\vdkzhx.exe [2010/06/06 22:44:32 | 000,059,904 | ---- | M] () -- C:\Users\Loulou\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010/06/06 03:06:17 | 736,733,184 | ---- | M] () -- C:\Users\Loulou\Desktop\2012.FRENCH.BDRiP.REPACK.1CD.XviD-LECHTI.avi [2010/06/02 23:11:48 | 000,180,845 | ---- | M] () -- C:\Users\Loulou\AppData\Local\vdkzhx_nav.dat [2010/06/01 02:00:02 | 000,146,248 | ---- | M] () -- C:\Users\Loulou\Desktop\exa-adm-brochure2.pdf [2010/06/01 01:59:51 | 000,087,214 | ---- | M] () -- C:\Users\Loulou\Desktop\exa-adm-brochure1.pdf [2010/05/31 20:13:59 | 000,030,743 | ---- | M] () -- C:\Users\Loulou\Desktop\exa-adm-info.pdf [2010/05/31 03:46:32 | 000,281,760 | ---- | M] () -- C:\Windows\System32\drivers\atksgt.sys [2010/05/31 03:46:32 | 000,025,888 | ---- | M] () -- C:\Windows\System32\drivers\lirsgt.sys [2010/05/25 22:52:37 | 000,000,198 | -H-- | M] () -- C:\Users\Loulou\Desktop\niv.dwl2 [2010/05/25 22:52:37 | 000,000,048 | -H-- | M] () -- C:\Users\Loulou\Desktop\niv.dwl [2010/05/25 22:52:10 | 000,000,198 | -H-- | M] () -- C:\Users\Loulou\Documents\Musee Rendu Final.dwl2 [2010/05/25 22:52:10 | 000,000,048 | -H-- | M] () -- C:\Users\Loulou\Documents\Musee Rendu Final.dwl [2010/05/17 11:46:51 | 000,000,000 | ---- | M] () -- C:\Windows\vpd.properties [2010/05/13 21:58:25 | 000,002,148 | ---- | M] () -- C:\Users\Public\Desktop\Commandos 3 Demo v2.lnk [2010/05/13 21:56:44 | 237,527,505 | ---- | M] () -- C:\Users\Loulou\Desktop\Commandos_3_-_Destination_Berlin_Demo_jouable.exe [2010/05/12 11:21:16 | 000,221,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe [2010/05/11 23:21:28 | 000,025,411 | ---- | M] () -- C:\Users\Loulou\Desktop\f.jpg [2010/05/11 23:20:05 | 000,014,446 | ---- | M] () -- C:\Users\Loulou\Desktop\d.jpg [color=#E56717]========== Files Created - No Company Name ==========[/color] [2010/06/08 18:23:20 | 000,021,692 | ---- | C] () -- C:\Users\Loulou\Desktop\otl luis.pdf [2010/06/08 01:24:43 | 000,000,056 | -H-- | C] () -- C:\Windows\System32\ezsidmv.dat [2010/06/08 00:45:36 | 000,256,512 | ---- | C] () -- C:\Windows\PEV.exe [2010/06/08 00:45:36 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe [2010/06/08 00:45:36 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe [2010/06/08 00:45:36 | 000,077,312 | ---- | C] () -- C:\Windows\MBR.exe [2010/06/08 00:45:36 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe [2010/06/08 00:32:27 | 000,824,681 | ---- | C] () -- C:\Users\Loulou\Desktop\RSIT.exe [2010/06/08 00:32:23 | 000,222,395 | ---- | C] () -- C:\Users\Loulou\Desktop\Extermination de antimalware doctor.pdf [2010/06/08 00:32:21 | 000,244,860 | ---- | C] () -- C:\Users\Loulou\Desktop\Désactiver l'UAC dans Vista - Zebulon.fr.pdf [2010/06/08 00:32:17 | 003,704,271 | R--- | C] () -- C:\Users\Loulou\Desktop\ComboFix.exe [2010/06/08 00:00:01 | 000,001,847 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk [2010/06/07 22:46:01 | 000,052,736 | ---- | C] () -- C:\Users\Loulou\AppData\Local\syssvc.exe [2010/06/07 22:43:49 | 000,038,912 | ---- | C] () -- C:\Users\Loulou\gckcomka.exe [2010/06/07 19:01:19 | 000,180,845 | ---- | C] () -- C:\Users\Loulou\AppData\Local\vdkzhx_nav.dat [2010/06/07 19:01:19 | 000,003,344 | ---- | C] () -- C:\Users\Loulou\AppData\Local\vdkzhx.dat [2010/06/07 19:01:19 | 000,002,009 | ---- | C] () -- C:\Users\Loulou\AppData\Local\vdkzhx_navps.dat [2010/06/06 04:16:39 | 736,733,184 | ---- | C] () -- C:\Users\Loulou\Desktop\2012.FRENCH.BDRiP.REPACK.1CD.XviD-LECHTI.avi [2010/06/01 02:00:02 | 000,146,248 | ---- | C] () -- C:\Users\Loulou\Desktop\exa-adm-brochure2.pdf [2010/06/01 01:59:51 | 000,087,214 | ---- | C] () -- C:\Users\Loulou\Desktop\exa-adm-brochure1.pdf [2010/05/31 20:13:59 | 000,030,743 | ---- | C] () -- C:\Users\Loulou\Desktop\exa-adm-info.pdf [2010/05/30 19:49:21 | 000,281,760 | ---- | C] () -- C:\Windows\System32\drivers\atksgt.sys [2010/05/30 19:49:20 | 000,025,888 | ---- | C] () -- C:\Windows\System32\drivers\lirsgt.sys [2010/05/25 22:52:37 | 000,000,198 | -H-- | C] () -- C:\Users\Loulou\Desktop\niv.dwl2 [2010/05/25 22:52:37 | 000,000,048 | -H-- | C] () -- C:\Users\Loulou\Desktop\niv.dwl [2010/05/25 22:52:10 | 000,000,198 | -H-- | C] () -- C:\Users\Loulou\Documents\Musee Rendu Final.dwl2 [2010/05/25 22:52:10 | 000,000,048 | -H-- | C] () -- C:\Users\Loulou\Documents\Musee Rendu Final.dwl [2010/05/13 21:58:25 | 000,002,148 | ---- | C] () -- C:\Users\Public\Desktop\Commandos 3 Demo v2.lnk [2010/05/13 21:57:10 | 237,527,505 | ---- | C] () -- C:\Users\Loulou\Desktop\Commandos_3_-_Destination_Berlin_Demo_jouable.exe [2010/05/11 23:21:04 | 000,025,411 | ---- | C] () -- C:\Users\Loulou\Desktop\f.jpg [2010/05/11 23:20:03 | 000,014,446 | ---- | C] () -- C:\Users\Loulou\Desktop\d.jpg [2009/11/10 22:05:36 | 000,029,696 | ---- | C] () -- C:\Windows\System32\pthread.dll [2009/01/24 21:12:16 | 002,463,976 | ---- | C] () -- C:\Windows\System32\NPSWF32.dll [2009/01/20 02:04:39 | 000,116,224 | ---- | C] () -- C:\Windows\System32\pdfcmnnt.dll [2008/07/30 02:33:22 | 000,057,344 | ---- | C] () -- C:\Windows\System32\BtwNamespaceExt2.dll [2008/04/16 12:43:39 | 000,000,010 | ---- | C] () -- C:\Windows\System32\ABLKSR.ini [2008/04/01 09:13:57 | 001,807,744 | ---- | C] () -- C:\Windows\System32\drivers\snp2uvc.sys [2007/05/09 09:16:39 | 000,028,160 | ---- | C] () -- C:\Windows\System32\drivers\sncduvc.sys [2006/11/02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll [2006/11/02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini [2006/03/09 03:57:59 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll [2001/11/14 22:56:00 | 001,802,240 | ---- | C] () -- C:\Windows\System32\lcppn21.dll [color=#E56717]========== LOP Check ==========[/color] [2009/04/29 21:01:15 | 000,000,000 | ---D | M] -- C:\Users\Loulou\AppData\Roaming\Autodesk [2010/06/04 14:04:35 | 000,000,000 | ---D | M] -- C:\Users\Loulou\AppData\Roaming\Azureus [2010/06/08 00:06:32 | 000,000,000 | ---D | M] -- C:\Users\Loulou\AppData\Roaming\CBE3FBC7AC5FADF7B4C95F3071F95353 [2009/10/11 17:52:20 | 000,000,000 | ---D | M] -- C:\Users\Loulou\AppData\Roaming\DAEMON Tools Lite [2010/05/17 11:46:59 | 000,000,000 | ---D | M] -- C:\Users\Loulou\AppData\Roaming\Graphisoft [2009/04/28 10:22:43 | 000,000,000 | ---D | M] -- C:\Users\Loulou\AppData\Roaming\LimeWire [2010/05/30 14:10:02 | 000,000,000 | ---D | M] -- C:\Users\Loulou\AppData\Roaming\Participatory Culture Foundation [2010/05/30 15:13:35 | 000,000,000 | ---D | M] -- C:\Users\Loulou\AppData\Roaming\PCF-VLC [2008/12/25 05:10:14 | 000,000,000 | ---D | M] -- C:\Users\Loulou\AppData\Roaming\Protector Suite [2010/05/31 04:01:01 | 000,000,000 | ---D | M] -- C:\Users\Loulou\AppData\Roaming\Ubisoft [2010/06/08 03:49:36 | 000,032,580 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Custom Scans ==========[/color] [color=#A23BEC]< %SYSTEMDRIVE%\*.exe >[/color] [color=#A23BEC]< MD5 for: AGP440.SYS >[/color] [2008/01/21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\drivers\AGP440.sys [2008/01/21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\AGP440.sys [2008/01/21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys [2008/01/21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\AGP440.sys [2006/11/02 11:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys [color=#A23BEC]< MD5 for: ATAPI.SYS >[/color] [2009/04/11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\SoftwareDistribution\Download\cd2b15b1a90e884578188440a1660b12\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys [2008/01/21 04:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\drivers\atapi.sys [2008/01/21 04:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys [2008/01/21 04:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys [2006/11/02 11:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys [color=#A23BEC]< MD5 for: CDROM.SYS >[/color] [2008/01/21 04:23:02 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=1EC25CEA0DE6AC4718BF89F9E1778B57 -- C:\Windows\System32\drivers\cdrom.sys [2008/01/21 04:23:02 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=1EC25CEA0DE6AC4718BF89F9E1778B57 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_a29e71c6\cdrom.sys [2008/01/21 04:23:02 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=1EC25CEA0DE6AC4718BF89F9E1778B57 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.0.6001.18000_none_5fa95be2a3c76a4a\cdrom.sys [2009/04/11 06:39:17 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\Windows\SoftwareDistribution\Download\cd2b15b1a90e884578188440a1660b12\x86_cdrom.inf_31bf3856ad364e35_6.0.6002.18005_none_6194d4eea0e93596\cdrom.sys [2006/11/02 10:51:44 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=8D1866E61AF096AE8B582454F5E4D303 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_e487f727\cdrom.sys [color=#A23BEC]< MD5 for: CNGAUDIT.DLL >[/color] [2006/11/02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\System32\cngaudit.dll [2006/11/02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll [color=#A23BEC]< MD5 for: DISK.SYS >[/color] [2009/04/11 08:32:31 | 000,053,736 | ---- | M] (Microsoft Corporation) MD5=5D4AEFC3386920236A548271F8F1AF6A -- C:\Windows\SoftwareDistribution\Download\cd2b15b1a90e884578188440a1660b12\x86_disk.inf_31bf3856ad364e35_6.0.6002.18005_none_fbb1faf0714e4ea6\disk.sys [2008/01/21 04:23:20 | 000,055,352 | ---- | M] (Microsoft Corporation) MD5=64109E623ABD6955C8FB110B592E68B7 -- C:\Windows\System32\drivers\disk.sys [2008/01/21 04:23:20 | 000,055,352 | ---- | M] (Microsoft Corporation) MD5=64109E623ABD6955C8FB110B592E68B7 -- C:\Windows\System32\DriverStore\FileRepository\disk.inf_90722180\disk.sys [2008/01/21 04:23:20 | 000,055,352 | ---- | M] (Microsoft Corporation) MD5=64109E623ABD6955C8FB110B592E68B7 -- C:\Windows\winsxs\x86_disk.inf_31bf3856ad364e35_6.0.6001.18000_none_f9c681e4742c835a\disk.sys [2006/11/02 11:49:51 | 000,052,840 | ---- | M] (Microsoft Corporation) MD5=841AF4C4D41D3E3B2F244E976B0F7963 -- C:\Windows\System32\DriverStore\FileRepository\disk.inf_e0b0b355\disk.sys [color=#A23BEC]< MD5 for: IASTOR.SYS >[/color] [2008/05/07 11:40:01 | 000,317,976 | ---- | M] (Intel Corporation) MD5=80C633722DA72E97F3F5B3B11325696D -- C:\Windows\System32\drivers\iaStor.sys [2008/05/07 11:40:01 | 000,317,976 | ---- | M] (Intel Corporation) MD5=80C633722DA72E97F3F5B3B11325696D -- C:\Windows\System32\DriverStore\FileRepository\iaahci.inf_1ab0331f\iaStor.sys [color=#A23BEC]< MD5 for: IASTORV.SYS >[/color] [2008/01/21 04:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\drivers\iaStorV.sys [2008/01/21 04:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_c9df7691\iaStorV.sys [2008/01/21 04:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_af11527887c7fa8f\iaStorV.sys [2006/11/02 11:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_37cdafa4\iaStorV.sys [color=#A23BEC]< MD5 for: NDIS.SYS >[/color] [2009/04/11 08:32:49 | 000,527,848 | ---- | M] (Microsoft Corporation) MD5=1357274D1883F68300AEADD15D7BBB42 -- C:\Windows\SoftwareDistribution\Download\cd2b15b1a90e884578188440a1660b12\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6002.18005_none_a9b2a4d31930d864\ndis.sys [2008/01/21 04:23:50 | 000,529,464 | ---- | M] (Microsoft Corporation) MD5=9BDC71790FA08F0A0B5F10462B1BD0B1 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6001.18000_none_a7c72bc71c0f0d18\ndis.sys [2008/02/08 06:25:28 | 000,529,464 | ---- | M] (Microsoft Corporation) MD5=C8560010A542B5DCA94C62468DC20784 -- C:\Windows\System32\drivers\ndis.sys [2008/02/08 06:25:28 | 000,529,464 | ---- | M] (Microsoft Corporation) MD5=C8560010A542B5DCA94C62468DC20784 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6001.22110_none_a845f8a63534c8d3\ndis.sys [2008/02/08 06:22:00 | 000,503,352 | ---- | M] (Microsoft Corporation) MD5=E50187F20ED749F57C97836FEDE14BD6 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6000.20768_none_a631acb4382f8e4f\ndis.sys [color=#A23BEC]< MD5 for: NETLOGON.DLL >[/color] [2009/04/11 08:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\SoftwareDistribution\Download\cd2b15b1a90e884578188440a1660b12\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_ffa3304f351bb3a3\netlogon.dll [2008/01/21 04:24:05 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\System32\netlogon.dll [2008/01/21 04:24:05 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7b74337f9e857\netlogon.dll [color=#A23BEC]< MD5 for: NVSTOR.SYS >[/color] [2006/11/02 11:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys [2008/01/21 04:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\drivers\nvstor.sys [2008/01/21 04:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvstor.sys [2008/01/21 04:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvstor.sys [color=#A23BEC]< MD5 for: RASACD.SYS >[/color] [2008/01/21 04:24:19 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=147D7F9C556D259924351FEB0DE606C3 -- C:\Windows\System32\drivers\rasacd.sys [2008/01/21 04:24:19 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=147D7F9C556D259924351FEB0DE606C3 -- C:\Windows\winsxs\x86_microsoft-windows-rasautodial_31bf3856ad364e35_6.0.6001.18000_none_0fd9feb665531f63\rasacd.sys [color=#A23BEC]< MD5 for: RDPWD.SYS >[/color] [2009/04/11 06:51:27 | 000,180,736 | ---- | M] (Microsoft Corporation) MD5=30BFBDFB7F95559EDE971F9DDB9A00BA -- C:\Windows\SoftwareDistribution\Download\cd2b15b1a90e884578188440a1660b12\x86_microsoft-windows-t..dp-winstationdriver_31bf3856ad364e35_6.0.6002.18005_none_4d610153d22453a6\rdpwd.sys [2008/01/21 04:24:49 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=E1C18F4097A5ABCEC941DC4B2F99DB7E -- C:\Windows\System32\drivers\rdpwd.sys [2008/01/21 04:24:49 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=E1C18F4097A5ABCEC941DC4B2F99DB7E -- C:\Windows\winsxs\x86_microsoft-windows-t..dp-winstationdriver_31bf3856ad364e35_6.0.6001.18000_none_4b758847d502885a\rdpwd.sys [color=#A23BEC]< MD5 for: SCECLI.DLL >[/color] [2008/01/21 04:24:50 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\System32\scecli.dll [2008/01/21 04:24:50 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll [2009/04/11 08:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\SoftwareDistribution\Download\cd2b15b1a90e884578188440a1660b12\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_39f95b67d63d3a5e\scecli.dll [color=#A23BEC]< MD5 for: SFLOPPY.SYS >[/color] [2006/11/02 10:51:40 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=46ED8E91793B2E6F848015445A0AC188 -- C:\Windows\System32\DriverStore\FileRepository\flpydisk.inf_7a4ca8e4\sfloppy.sys [2008/01/21 04:23:20 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=C33BFBD6E9E41FCD9FFEF9729E9FAED6 -- C:\Windows\System32\drivers\sfloppy.sys [2008/01/21 04:23:20 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=C33BFBD6E9E41FCD9FFEF9729E9FAED6 -- C:\Windows\System32\DriverStore\FileRepository\flpydisk.inf_36da1340\sfloppy.sys [2008/01/21 04:23:20 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=C33BFBD6E9E41FCD9FFEF9729E9FAED6 -- C:\Windows\winsxs\x86_flpydisk.inf_31bf3856ad364e35_6.0.6001.18000_none_e70a102d7a7bbf43\sfloppy.sys [color=#A23BEC]< MD5 for: TDPIPE.SYS >[/color] [2008/01/21 04:24:08 | 000,017,920 | ---- | M] (Microsoft Corporation) MD5=5DCF5E267BE67A1AE926F2DF77FBCC56 -- C:\Windows\System32\drivers\tdpipe.sys [2008/01/21 04:24:08 | 000,017,920 | ---- | M] (Microsoft Corporation) MD5=5DCF5E267BE67A1AE926F2DF77FBCC56 -- C:\Windows\winsxs\x86_microsoft-windows-t..es-transportdrivers_31bf3856ad364e35_6.0.6001.18000_none_dbac376c44b742d7\tdpipe.sys [color=#A23BEC]< MD5 for: TDTCP.SYS >[/color] [2008/01/21 04:24:08 | 000,029,184 | ---- | M] (Microsoft Corporation) MD5=389C63E32B3CEFED425B61ED92D3F021 -- C:\Windows\System32\drivers\tdtcp.sys [2008/01/21 04:24:08 | 000,029,184 | ---- | M] (Microsoft Corporation) MD5=389C63E32B3CEFED425B61ED92D3F021 -- C:\Windows\winsxs\x86_microsoft-windows-t..es-transportdrivers_31bf3856ad364e35_6.0.6001.18000_none_dbac376c44b742d7\tdtcp.sys [color=#A23BEC]< MD5 for: USBPRINT.SYS >[/color] [2006/11/02 11:14:58 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=B51E52ACF758BE00EF3A58EA452FE360 -- C:\Windows\System32\drivers\usbprint.sys [2006/11/02 11:14:58 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=B51E52ACF758BE00EF3A58EA452FE360 -- C:\Windows\System32\DriverStore\FileRepository\usbprint.inf_35521f61\usbprint.sys [2008/01/21 04:23:22 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=E75C4B5269091D15A2E7DC0B6D35F2F5 -- C:\Windows\System32\DriverStore\FileRepository\usbprint.inf_29f90369\usbprint.sys [2008/01/21 04:23:22 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=E75C4B5269091D15A2E7DC0B6D35F2F5 -- C:\Windows\winsxs\x86_usbprint.inf_31bf3856ad364e35_6.0.6001.18000_none_32f9c26ac169fb1e\usbprint.sys [color=#A23BEC]< MD5 for: USBSCAN.SYS >[/color] [2008/01/21 04:23:27 | 000,035,328 | ---- | M] (Microsoft Corporation) MD5=A508C9BD8724980512136B039BBA65E9 -- C:\Windows\System32\DriverStore\FileRepository\sti.inf_67b3f94c\usbscan.sys [2008/01/21 04:23:27 | 000,035,328 | ---- | M] (Microsoft Corporation) MD5=A508C9BD8724980512136B039BBA65E9 -- C:\Windows\winsxs\x86_sti.inf_31bf3856ad364e35_6.0.6001.18000_none_59ded168e0c6a0d3\usbscan.sys [2008/01/21 04:23:27 | 000,035,328 | ---- | M] (Microsoft Corporation) MD5=A508C9BD8724980512136B039BBA65E9 -- C:\Windows\winsxs\x86_sti.inf_31bf3856ad364e35_6.0.6002.18005_none_5bca4a74dde86c1f\usbscan.sys [2006/11/02 11:14:17 | 000,035,328 | ---- | M] (Microsoft Corporation) MD5=B1F95285C08DDFE00C0B955462637EC7 -- C:\Windows\System32\DriverStore\FileRepository\sti.inf_727905e0\usbscan.sys [color=#A23BEC]< %systemroot%\*. /mp /s >[/color] [color=#A23BEC]< %systemroot%\system32\*.dll /lockedfiles >[/color] [2008/01/21 04:24:42 | 000,242,744 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\Windows\System32\rsaenh.dll [2008/01/21 04:24:38 | 000,225,792 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\Windows\System32\SLC.dll [color=#A23BEC]< %systemroot%\Tasks\*.job /lockedfiles >[/color] < End of report >

bob35 · le 08 Juin 2010 18:08

rapport USBfix

Code: Tout sélectionner: ############################## | UsbFix 7.006 | [Recherche] Utilisateur: Loulou (Administrateur) # PC-DE-LOULOU [ASUSTeK Computer Inc. N50Vn] Mis ‡ jour le 07/06/10 par El Desaparecido / C_XX LancÈ ‡ 18:51:21 | 08/06/2010 Site Web: http://pagesperso-orange.fr/NosTools/index.html Contact: FindyKill.Contact@gmail.com CPU: Intel(R) Core(TM)2 Duo CPU T9400 @ 2.53GHz CPU 2: Intel(R) Core(TM)2 Duo CPU T9400 @ 2.53GHz MicrosoftÆ Windows Vistaô …dition Familiale Premium (6.0.6001 32-Bit) # Service Pack 1 Internet Explorer 7.0.6001.18000 Pare-feu Windows: ActivÈ RAM -> 3070 Mo C:\ (%systemdrive%) -> Disque fixe # 149 Go (14 Go libre(s) - 9%) [VistaOS] # NTFS D:\ -> Disque fixe # 139 Go (69 Go libre(s) - 49%) [DATA] # NTFS E:\ -> CD-ROM G:\ -> CD-ROM H:\ -> Disque amovible # 973 Mo (509 Mo libre(s) - 52%) [LOIUTA 2] # FAT ################## | …lÈments infectieux | PrÈsent! C:\Users\Loulou\iTunesSetup.exe PrÈsent! C:\Users\Loulou\AppData\Local\Temp\a.dat PrÈsent! C:\Users\Loulou\AppData\Local\Temp\Ckz.exe PrÈsent! C:\Users\Loulou\AppData\Local\Temp\1.tmp PrÈsent! C:\Users\Loulou\AppData\Local\Temp\11E.tmp PrÈsent! C:\Users\Loulou\AppData\Local\Temp\11F.tmp PrÈsent! C:\Users\Loulou\AppData\Local\Temp\120.tmp PrÈsent! C:\Users\Loulou\AppData\Local\Temp\121.tmp PrÈsent! C:\Users\Loulou\AppData\Local\Temp\122.tmp PrÈsent! C:\Users\Loulou\AppData\Local\Temp\123.tmp PrÈsent! C:\Users\Loulou\AppData\Local\Temp\124.tmp PrÈsent! C:\Users\Loulou\AppData\Local\Temp\125.tmp PrÈsent! C:\Users\Loulou\AppData\Local\Temp\126.tmp PrÈsent! C:\Users\Loulou\AppData\Local\Temp\127.tmp PrÈsent! C:\Users\Loulou\AppData\Local\Temp\128.tmp PrÈsent! C:\Users\Loulou\AppData\Local\Temp\129.tmp PrÈsent! C:\Users\Loulou\AppData\Local\Temp\12F.tmp PrÈsent! C:\Users\Loulou\AppData\Local\Temp\139.tmp PrÈsent! C:\Users\Loulou\AppData\Local\Temp\13A.tmp PrÈsent! C:\Users\Loulou\AppData\Local\Temp\13B.tmp PrÈsent! C:\Users\Loulou\AppData\Local\Temp\13C.tmp PrÈsent! C:\Users\Loulou\AppData\Local\Temp\15.tmp PrÈsent! C:\Users\Loulou\AppData\Local\Temp\16.tmp PrÈsent! C:\Users\Loulou\AppData\Local\Temp\17.tmp PrÈsent! C:\Users\Loulou\AppData\Local\Temp\178.tmp PrÈsent! C:\Users\Loulou\AppData\Local\Temp\18.tmp PrÈsent! C:\Users\Loulou\AppData\Local\Temp\19.tmp PrÈsent! C:\Users\Loulou\AppData\Local\Temp\1A.tmp PrÈsent! C:\Users\Loulou\AppData\Local\Temp\1B.tmp PrÈsent! C:\Users\Loulou\AppData\Local\Temp\1C.tmp PrÈsent! C:\Users\Loulou\AppData\Local\Temp\1D.tmp PrÈsent! C:\Users\Loulou\AppData\Local\Temp\1EB.tmp PrÈsent! C:\Users\Loulou\AppData\Local\Temp\2.tmp PrÈsent! C:\Users\Loulou\AppData\Local\Temp\223.tmp PrÈsent! C:\Users\Loulou\AppData\Local\Temp\266.tmp PrÈsent! C:\Users\Loulou\AppData\Local\Temp\2C3.tmp PrÈsent! C:\Users\Loulou\AppData\Local\Temp\2E.tmp PrÈsent! C:\Users\Loulou\AppData\Local\Temp\3.tmp PrÈsent! C:\Users\Loulou\AppData\Local\Temp\4.tmp PrÈsent! C:\Users\Loulou\AppData\Local\Temp\434.tmp PrÈsent! C:\Users\Loulou\AppData\Local\Temp\45E.tmp PrÈsent! C:\Users\Loulou\AppData\Local\Temp\5.tmp PrÈsent! C:\Users\Loulou\AppData\Local\Temp\56.tmp PrÈsent! C:\Users\Loulou\AppData\Local\Temp\56E.tmp PrÈsent! C:\Users\Loulou\AppData\Local\Temp\57.tmp PrÈsent! C:\Users\Loulou\AppData\Local\Temp\582.tmp PrÈsent! C:\Users\Loulou\AppData\Local\Temp\583.tmp PrÈsent! C:\Users\Loulou\AppData\Local\Temp\584.tmp PrÈsent! C:\Users\Loulou\AppData\Local\Temp\5A4.tmp PrÈsent! C:\Users\Loulou\AppData\Local\Temp\5A5.tmp PrÈsent! C:\Users\Loulou\AppData\Local\Temp\5A6.tmp PrÈsent! C:\Users\Loulou\AppData\Local\Temp\5A7.tmp PrÈsent! C:\Users\Loulou\AppData\Local\Temp\5A8.tmp PrÈsent! C:\Users\Loulou\AppData\Local\Temp\5A9.tmp PrÈsent! C:\Users\Loulou\AppData\Local\Temp\5AA.tmp PrÈsent! C:\Users\Loulou\AppData\Local\Temp\5AB.tmp PrÈsent! C:\Users\Loulou\AppData\Local\Temp\5AC.tmp PrÈsent! C:\Users\Loulou\AppData\Local\Temp\5AD.tmp PrÈsent! C:\Users\Loulou\AppData\Local\Temp\5AE.tmp PrÈsent! C:\Users\Loulou\AppData\Local\Temp\5AF.tmp PrÈsent! C:\Users\Loulou\AppData\Local\Temp\5B0.tmp PrÈsent! C:\Users\Loulou\AppData\Local\Temp\5F7.tmp PrÈsent! C:\Users\Loulou\AppData\Local\Temp\5F8.tmp PrÈsent! C:\Users\Loulou\AppData\Local\Temp\63.tmp PrÈsent! C:\Users\Loulou\AppData\Local\Temp\6C0.tmp PrÈsent! C:\Users\Loulou\AppData\Local\Temp\6D9.tmp PrÈsent! C:\Users\Loulou\AppData\Local\Temp\73C.tmp PrÈsent! C:\Users\Loulou\AppData\Local\Temp\73D.tmp PrÈsent! C:\Users\Loulou\AppData\Local\Temp\73E.tmp PrÈsent! C:\Users\Loulou\AppData\Local\Temp\73F.tmp PrÈsent! C:\Users\Loulou\AppData\Local\Temp\74.tmp PrÈsent! C:\Users\Loulou\AppData\Local\Temp\740.tmp PrÈsent! C:\Users\Loulou\AppData\Local\Temp\741.tmp PrÈsent! C:\Users\Loulou\AppData\Local\Temp\742.tmp PrÈsent! C:\Users\Loulou\AppData\Local\Temp\743.tmp PrÈsent! C:\Users\Loulou\AppData\Local\Temp\744.tmp PrÈsent! C:\Users\Loulou\AppData\Local\Temp\74A.tmp PrÈsent! C:\Users\Loulou\AppData\Local\Temp\74B.tmp PrÈsent! C:\Users\Loulou\AppData\Local\Temp\74C.tmp PrÈsent! C:\Users\Loulou\AppData\Local\Temp\74D.tmp PrÈsent! C:\Users\Loulou\AppData\Local\Temp\74E.tmp PrÈsent! C:\Users\Loulou\AppData\Local\Temp\74F.tmp PrÈsent! C:\Users\Loulou\AppData\Local\Temp\75.tmp PrÈsent! C:\Users\Loulou\AppData\Local\Temp\750.tmp PrÈsent! C:\Users\Loulou\AppData\Local\Temp\754.tmp PrÈsent! C:\Users\Loulou\AppData\Local\Temp\755.tmp PrÈsent! C:\Users\Loulou\AppData\Local\Temp\756.tmp PrÈsent! C:\Users\Loulou\AppData\Local\Temp\757.tmp PrÈsent! C:\Users\Loulou\AppData\Local\Temp\758.tmp PrÈsent! C:\Users\Loulou\AppData\Local\Temp\759.tmp PrÈsent! C:\Users\Loulou\AppData\Local\Temp\75A.tmp PrÈsent! C:\Users\Loulou\AppData\Local\Temp\75B.tmp PrÈsent! C:\Users\Loulou\AppData\Local\Temp\75C.tmp PrÈsent! C:\Users\Loulou\AppData\Local\Temp\760.tmp PrÈsent! C:\Users\Loulou\AppData\Local\Temp\78F.tmp PrÈsent! C:\Users\Loulou\AppData\Local\Temp\7CF.tmp PrÈsent! C:\Users\Loulou\AppData\Local\Temp\86.tmp PrÈsent! C:\Users\Loulou\AppData\Local\Temp\861.tmp PrÈsent! C:\Users\Loulou\AppData\Local\Temp\862.tmp PrÈsent! C:\Users\Loulou\AppData\Local\Temp\863.tmp PrÈsent! C:\Users\Loulou\AppData\Local\Temp\864.tmp PrÈsent! C:\Users\Loulou\AppData\Local\Temp\865.tmp PrÈsent! C:\Users\Loulou\AppData\Local\Temp\866.tmp PrÈsent! C:\Users\Loulou\AppData\Local\Temp\867.tmp PrÈsent! C:\Users\Loulou\AppData\Local\Temp\87.tmp PrÈsent! C:\Users\Loulou\AppData\Local\Temp\877.tmp PrÈsent! C:\Users\Loulou\AppData\Local\Temp\8E0.tmp PrÈsent! C:\Users\Loulou\AppData\Local\Temp\8E1.tmp PrÈsent! C:\Users\Loulou\AppData\Local\Temp\9B2.tmp PrÈsent! C:\Users\Loulou\AppData\Local\Temp\9B3.tmp PrÈsent! C:\Users\Loulou\AppData\Local\Temp\9C1.tmp PrÈsent! C:\Users\Loulou\AppData\Local\Temp\9C2.tmp PrÈsent! C:\Users\Loulou\AppData\Local\Temp\A38.tmp PrÈsent! C:\Users\Loulou\AppData\Local\Temp\A48.tmp PrÈsent! C:\Users\Loulou\AppData\Local\Temp\A49.tmp PrÈsent! C:\Users\Loulou\AppData\Local\Temp\A4A.tmp PrÈsent! C:\Users\Loulou\AppData\Local\Temp\A4B.tmp PrÈsent! C:\Users\Loulou\AppData\Local\Temp\A60.tmp PrÈsent! C:\Users\Loulou\AppData\Local\Temp\A61.tmp PrÈsent! C:\Users\Loulou\AppData\Local\Temp\A62.tmp PrÈsent! C:\Users\Loulou\AppData\Local\Temp\A63.tmp PrÈsent! C:\Users\Loulou\AppData\Local\Temp\A64.tmp PrÈsent! C:\Users\Loulou\AppData\Local\Temp\A65.tmp PrÈsent! C:\Users\Loulou\AppData\Local\Temp\A66.tmp PrÈsent! C:\Users\Loulou\AppData\Local\Temp\A67.tmp PrÈsent! C:\Users\Loulou\AppData\Local\Temp\A68.tmp PrÈsent! C:\Users\Loulou\AppData\Local\Temp\A69.tmp PrÈsent! C:\Users\Loulou\AppData\Local\Temp\A6A.tmp PrÈsent! C:\Users\Loulou\AppData\Local\Temp\A6B.tmp PrÈsent! C:\Users\Loulou\AppData\Local\Temp\A6C.tmp PrÈsent! C:\Users\Loulou\AppData\Local\Temp\A6D.tmp PrÈsent! C:\Users\Loulou\AppData\Local\Temp\A6E.tmp PrÈsent! C:\Users\Loulou\AppData\Local\Temp\A6F.tmp PrÈsent! C:\Users\Loulou\AppData\Local\Temp\A7.tmp PrÈsent! C:\Users\Loulou\AppData\Local\Temp\A70.tmp PrÈsent! C:\Users\Loulou\AppData\Local\Temp\A71.tmp PrÈsent! C:\Users\Loulou\AppData\Local\Temp\A72.tmp PrÈsent! C:\Users\Loulou\AppData\Local\Temp\A73.tmp PrÈsent! C:\Users\Loulou\AppData\Local\Temp\A74.tmp PrÈsent! C:\Users\Loulou\AppData\Local\Temp\A75.tmp PrÈsent! C:\Users\Loulou\AppData\Local\Temp\A7B.tmp PrÈsent! C:\Users\Loulou\AppData\Local\Temp\A7C.tmp PrÈsent! C:\Users\Loulou\AppData\Local\Temp\A7D.tmp PrÈsent! C:\Users\Loulou\AppData\Local\Temp\A8.tmp PrÈsent! C:\Users\Loulou\AppData\Local\Temp\A85.tmp PrÈsent! C:\Users\Loulou\AppData\Local\Temp\A86.tmp PrÈsent! C:\Users\Loulou\AppData\Local\Temp\A87.tmp PrÈsent! C:\Users\Loulou\AppData\Local\Temp\A88.tmp PrÈsent! C:\Users\Loulou\AppData\Local\Temp\A89.tmp PrÈsent! C:\Users\Loulou\AppData\Local\Temp\A8A.tmp PrÈsent! C:\Users\Loulou\AppData\Local\Temp\A9.tmp PrÈsent! C:\Users\Loulou\AppData\Local\Temp\AA.tmp PrÈsent! C:\Users\Loulou\AppData\Local\Temp\AA7.tmp PrÈsent! C:\Users\Loulou\AppData\Local\Temp\ACA.tmp PrÈsent! C:\Users\Loulou\AppData\Local\Temp\B96.tmp PrÈsent! C:\Users\Loulou\AppData\Local\Temp\BB.tmp PrÈsent! C:\Users\Loulou\AppData\Local\Temp\BBE.tmp PrÈsent! C:\Users\Loulou\AppData\Local\Temp\BC.tmp PrÈsent! C:\Users\Loulou\AppData\Local\Temp\BC5.tmp PrÈsent! C:\Users\Loulou\AppData\Local\Temp\BCD.tmp PrÈsent! C:\Users\Loulou\AppData\Local\Temp\BD.tmp PrÈsent! C:\Users\Loulou\AppData\Local\Temp\BE.tmp PrÈsent! C:\Users\Loulou\AppData\Local\Temp\BF.tmp PrÈsent! C:\Users\Loulou\AppData\Local\Temp\BF2.tmp PrÈsent! C:\Users\Loulou\AppData\Local\Temp\BF3.tmp PrÈsent! C:\Users\Loulou\AppData\Local\Temp\BF4.tmp PrÈsent! C:\Users\Loulou\AppData\Local\Temp\BF5.tmp PrÈsent! C:\Users\Loulou\AppData\Local\Temp\BF6.tmp PrÈsent! C:\Users\Loulou\AppData\Local\Temp\BF7.tmp PrÈsent! C:\Users\Loulou\AppData\Local\Temp\BF8.tmp PrÈsent! C:\Users\Loulou\AppData\Local\Temp\BF9.tmp PrÈsent! C:\Users\Loulou\AppData\Local\Temp\BFA.tmp PrÈsent! C:\Users\Loulou\AppData\Local\Temp\BFB.tmp PrÈsent! C:\Users\Loulou\AppData\Local\Temp\BFC.tmp PrÈsent! C:\Users\Loulou\AppData\Local\Temp\C0.tmp PrÈsent! C:\Users\Loulou\AppData\Local\Temp\C0D.tmp PrÈsent! C:\Users\Loulou\AppData\Local\Temp\C0E.tmp PrÈsent! C:\Users\Loulou\AppData\Local\Temp\C1.tmp PrÈsent! C:\Users\Loulou\AppData\Local\Temp\C2.tmp PrÈsent! C:\Users\Loulou\AppData\Local\Temp\C2E.tmp PrÈsent! C:\Users\Loulou\AppData\Local\Temp\C3.tmp PrÈsent! C:\Users\Loulou\AppData\Local\Temp\C7C.tmp PrÈsent! C:\Users\Loulou\AppData\Local\Temp\D1A.tmp PrÈsent! C:\Users\Loulou\AppData\Local\Temp\D3D.tmp PrÈsent! C:\Users\Loulou\AppData\Local\Temp\D3E.tmp PrÈsent! C:\Users\Loulou\AppData\Local\Temp\D3F.tmp PrÈsent! C:\Users\Loulou\AppData\Local\Temp\D40.tmp PrÈsent! C:\Users\Loulou\AppData\Local\Temp\D41.tmp PrÈsent! C:\Users\Loulou\AppData\Local\Temp\D42.tmp PrÈsent! C:\Users\Loulou\AppData\Local\Temp\D43.tmp PrÈsent! C:\Users\Loulou\AppData\Local\Temp\D44.tmp PrÈsent! C:\Users\Loulou\AppData\Local\Temp\D54.tmp PrÈsent! C:\Users\Loulou\AppData\Local\Temp\D55.tmp PrÈsent! C:\Users\Loulou\AppData\Local\Temp\D56.tmp PrÈsent! C:\Users\Loulou\AppData\Local\Temp\D57.tmp PrÈsent! C:\Users\Loulou\AppData\Local\Temp\D58.tmp PrÈsent! C:\Users\Loulou\AppData\Local\Temp\D59.tmp PrÈsent! C:\Users\Loulou\AppData\Local\Temp\D8F.tmp PrÈsent! C:\Users\Loulou\AppData\Local\Temp\DEB.tmp PrÈsent! C:\Users\Loulou\AppData\Local\Temp\DEC.tmp PrÈsent! C:\Users\Loulou\AppData\Local\Temp\DF.tmp PrÈsent! C:\Users\Loulou\AppData\Local\Temp\DFC.tmp PrÈsent! C:\Users\Loulou\AppData\Local\Temp\DFD.tmp PrÈsent! C:\Users\Loulou\AppData\Local\Temp\DFE.tmp PrÈsent! C:\Users\Loulou\AppData\Local\Temp\DFF.tmp PrÈsent! C:\Users\Loulou\AppData\Local\Temp\E00.tmp PrÈsent! C:\Users\Loulou\AppData\Local\Temp\E01.tmp PrÈsent! C:\Users\Loulou\AppData\Local\Temp\E83.tmp PrÈsent! C:\Users\Loulou\AppData\Local\Temp\EB6.tmp PrÈsent! C:\Users\Loulou\AppData\Local\Temp\EC7.tmp PrÈsent! C:\Users\Loulou\AppData\Local\Temp\EDE.tmp PrÈsent! C:\Users\Loulou\AppData\Local\Temp\EEE.tmp PrÈsent! C:\Users\Loulou\AppData\Local\Temp\EFF.tmp PrÈsent! C:\Users\Loulou\AppData\Local\Temp\F00.tmp PrÈsent! C:\Users\Loulou\AppData\Local\Temp\F01.tmp PrÈsent! C:\Users\Loulou\AppData\Local\Temp\F02.tmp PrÈsent! C:\Users\Loulou\AppData\Local\Temp\F03.tmp PrÈsent! C:\Users\Loulou\AppData\Local\Temp\F04.tmp PrÈsent! C:\Users\Loulou\AppData\Local\Temp\F05.tmp PrÈsent! C:\Users\Loulou\AppData\Local\Temp\F06.tmp PrÈsent! C:\Users\Loulou\AppData\Local\Temp\F07.tmp PrÈsent! C:\Users\Loulou\AppData\Local\Temp\F08.tmp PrÈsent! C:\Users\Loulou\AppData\Local\Temp\F09.tmp PrÈsent! C:\Users\Loulou\AppData\Local\Temp\sshnas21.dll PrÈsent! G:\Autorun.inf PrÈsent! C:\$Recycle.Bin\S-1-5-18 PrÈsent! C:\$Recycle.Bin\S-1-5-21-756219789-2391649786-1416619542-1000 PrÈsent! D:\$Recycle.Bin\S-1-5-18 PrÈsent! D:\$Recycle.Bin\S-1-5-21-756219789-2391649786-1416619542-1000 PrÈsent! D:\$Recycle.Bin\S-1-5-21-756219789-2391649786-1416619542-500 PrÈsent! H:\ravmon.exe ################## | Registre | PrÈsent! HKCU\Software\M5T8QL3YW3 PrÈsent! HKCU\Software\Microsoft\Handle PrÈsent! HKCU\Software\XML PrÈsent! HKCU\Software\Microsoft\Windows\CurrentVersion\Run|M5T8QL3YW3 ################## | Mountpoints2 | HKCU\.\.\.\.\Explorer\MountPoints2\{0cf685bc-657f-11de-a555-002243c1836f} Shell\AutoRun\Command = F:\w.com Shell\open\Command = F:\w.com HKCU\.\.\.\.\Explorer\MountPoints2\{1b1018e4-21fa-11df-94f9-002243c1836f} Shell\AutoRun\Command = G:\LaunchU3.exe HKCU\.\.\.\.\Explorer\MountPoints2\{45f6338b-e663-11dd-b181-002243c1836f} Shell\AutoRun\Command = F:\r8wb.bat Shell\explore\Command = F:\r8wb.bat Shell\open\Command = F:\r8wb.bat HKCU\.\.\.\.\Explorer\MountPoints2\{506920c3-b67c-11de-9603-002243c1836f} Shell\AutoRun\Command = F:\Autorun.exe HKCU\.\.\.\.\Explorer\MountPoints2\{5d8aec2f-eedc-11dd-b419-002243c1836f} Shell\AutoRun\Command = H:\PMB_P.exe HKCU\.\.\.\.\Explorer\MountPoints2\{5fb244c8-b737-11de-8d04-002243c1836f} Shell\AutoRun\Command = G:\3.cmd Shell\open\Command = G:\3.cmd HKCU\.\.\.\.\Explorer\MountPoints2\{67ad6947-b1cc-11de-98bc-002243c1836f} Shell\AutoRun\Command = G:\LaunchU3.exe -a HKCU\.\.\.\.\Explorer\MountPoints2\{825ebf27-5757-11de-aa6e-002243c1836f} Shell\AutoRun\Command = H:\LaunchU3.exe -a HKCU\.\.\.\.\Explorer\MountPoints2\{8c0eb082-50de-11de-9f52-002243c1836f} Shell\AutoRun\Command = q9.cmd Shell\open\Command = q9.cmd HKCU\.\.\.\.\Explorer\MountPoints2\{915f997f-e1e0-11dd-8416-002243c1836f} Shell\AutoRun\Command = G:\ Shell\open\Command = JOVANA/pojatar.exe HKCU\.\.\.\.\Explorer\MountPoints2\{cac7102a-f9f2-11dd-ab5f-002243c1836f} Shell\AutoRun\Command = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL F:\NoLimit.exe HKCU\.\.\.\.\Explorer\MountPoints2\{f4d184c0-ae91-11de-b062-002243c1836f} Shell\AutoRun\Command = G:\laucher.exe HKCU\.\.\.\.\Explorer\MountPoints2\{f5ac4de2-bf2e-11de-ab2e-002243c1836f} Shell\AutoRun\Command = G:\ZRNO///soli.exe Shell\open\Command = G:\ZRNO///soli.exe ################## | Vaccin | (!) Cet ordinateur n'est pas vaccinÈ! ################## | E.O.F |

Voilà, en espérant que quelqu'un pourra m'aider.

Merci

Pac428 · le 08 Juin 2010 18:29

Pas de souci, Bob

j'ai juste déplacé ton sujet dans la bonne rubrique

pour que nos Helpers le voient plus rapidement et viennent te donner un coup de main.

Patiente un peu et ++

bob35 · le 08 Juin 2010 18:41

Merci beaucoup Pac. J'attendrai

reg35 · le 08 Juin 2010 18:42

[hs on]

tu es breton ou je me trompe?
si oui moi aussi^^ :wink:

[hs off]

bob35 · le 08 Juin 2010 18:51

Désolé Reg, 35 c'est juste mon age

reg35 · le 08 Juin 2010 18:53

autant pour moi bob
bonne continuation :wink:

bernard53 · le 08 Juin 2010 19:02

Bonsoir à tous

En premier fait ceci bob35

Relance USBFIX puis cette fois choisi l'option 2 puis mets le nouveau rapport.

Je regarde pendant ce temps ton rapport OTL

bob35 · le 08 Juin 2010 19:06

Bonjour Bernard,

La deuxième option "suppression" ou bien "listing"?

.... et merci pour la prise en charge :wink:

Pac428 · le 08 Juin 2010 19:12

option 2 = suppression

bob35 · le 08 Juin 2010 19:23

OK, voici le nouveau rapport USB fix option "suppression"

Code: Tout sélectionner: ############################## | UsbFix 7.006 | [Suppression] Utilisateur: Loulou (Administrateur) # PC-DE-LOULOU [ASUSTeK Computer Inc. N50Vn] Mis ‡ jour le 07/06/10 par El Desaparecido / C_XX LancÈ ‡ 20:10:19 | 08/06/2010 Site Web: http://pagesperso-orange.fr/NosTools/index.html Contact: FindyKill.Contact@gmail.com CPU: Intel(R) Core(TM)2 Duo CPU T9400 @ 2.53GHz CPU 2: Intel(R) Core(TM)2 Duo CPU T9400 @ 2.53GHz MicrosoftÆ Windows Vistaô …dition Familiale Premium (6.0.6001 32-Bit) # Service Pack 1 Internet Explorer 7.0.6001.18000 Pare-feu Windows: ActivÈ RAM -> 3070 Mo C:\ (%systemdrive%) -> Disque fixe # 149 Go (14 Go libre(s) - 9%) [VistaOS] # NTFS D:\ -> Disque fixe # 139 Go (69 Go libre(s) - 49%) [DATA] # NTFS E:\ -> CD-ROM G:\ -> CD-ROM H:\ -> Disque amovible # 973 Mo (509 Mo libre(s) - 52%) [LOIUTA 2] # FAT ################## | …lÈments infectieux | SupprimÈ! C:\Users\Loulou\iTunesSetup.exe SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\a.dat SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\Ckz.exe SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\1.tmp SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\11E.tmp SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\11F.tmp SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\120.tmp SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\121.tmp SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\122.tmp SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\123.tmp SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\124.tmp SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\125.tmp SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\126.tmp SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\127.tmp SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\128.tmp SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\129.tmp SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\12F.tmp SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\139.tmp SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\13A.tmp SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\13B.tmp SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\13C.tmp SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\15.tmp SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\16.tmp SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\17.tmp SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\178.tmp SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\18.tmp SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\19.tmp SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\1A.tmp SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\1B.tmp SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\1C.tmp SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\1D.tmp SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\1EB.tmp SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\2.tmp SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\223.tmp SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\266.tmp SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\2C3.tmp SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\2E.tmp SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\3.tmp SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\4.tmp SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\434.tmp SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\45E.tmp SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\5.tmp SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\56.tmp SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\56E.tmp SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\57.tmp SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\582.tmp SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\583.tmp SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\584.tmp SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\5A4.tmp SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\5A5.tmp SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\5A6.tmp SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\5A7.tmp SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\5A8.tmp SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\5A9.tmp SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\5AA.tmp SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\5AB.tmp SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\5AC.tmp SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\5AD.tmp SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\5AE.tmp SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\5AF.tmp SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\5B0.tmp SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\5F7.tmp SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\5F8.tmp SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\63.tmp SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\6C0.tmp SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\6D9.tmp SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\73C.tmp SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\73D.tmp SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\73E.tmp SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\73F.tmp SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\74.tmp SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\740.tmp SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\741.tmp SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\742.tmp SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\743.tmp SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\744.tmp SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\74A.tmp SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\74B.tmp SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\74C.tmp SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\74D.tmp SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\74E.tmp SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\74F.tmp SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\75.tmp SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\750.tmp SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\754.tmp SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\755.tmp SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\756.tmp SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\757.tmp SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\758.tmp SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\759.tmp SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\75A.tmp SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\75B.tmp SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\75C.tmp SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\760.tmp SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\78F.tmp SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\7CF.tmp SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\86.tmp SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\861.tmp SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\862.tmp SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\863.tmp SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\864.tmp SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\865.tmp SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\866.tmp SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\867.tmp SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\87.tmp SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\877.tmp SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\8E0.tmp SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\8E1.tmp SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\9B2.tmp SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\9B3.tmp SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\9C1.tmp SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\9C2.tmp SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\A38.tmp SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\A48.tmp SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\A49.tmp SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\A4A.tmp SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\A4B.tmp SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\A60.tmp SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\A61.tmp SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\A62.tmp SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\A63.tmp SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\A64.tmp SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\A65.tmp SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\A66.tmp SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\A67.tmp SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\A68.tmp SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\A69.tmp SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\A6A.tmp SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\A6B.tmp SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\A6C.tmp SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\A6D.tmp SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\A6E.tmp SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\A6F.tmp SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\A7.tmp SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\A70.tmp SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\A71.tmp SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\A72.tmp SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\A73.tmp SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\A74.tmp SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\A75.tmp SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\A7B.tmp SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\A7C.tmp SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\A7D.tmp SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\A8.tmp SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\A85.tmp SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\A86.tmp SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\A87.tmp SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\A88.tmp SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\A89.tmp SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\A8A.tmp SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\A9.tmp SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\AA.tmp SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\AA7.tmp SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\ACA.tmp SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\B96.tmp SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\BB.tmp SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\BBE.tmp SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\BC.tmp SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\BC5.tmp SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\BCD.tmp SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\BD.tmp SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\BE.tmp SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\BF.tmp SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\BF2.tmp SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\BF3.tmp SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\BF4.tmp SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\BF5.tmp SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\BF6.tmp SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\BF7.tmp SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\BF8.tmp SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\BF9.tmp SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\BFA.tmp SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\BFB.tmp SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\BFC.tmp SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\C0.tmp SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\C0D.tmp SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\C0E.tmp SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\C1.tmp SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\C2.tmp SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\C2E.tmp SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\C3.tmp SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\C7C.tmp SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\D1A.tmp SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\D3D.tmp SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\D3E.tmp SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\D3F.tmp SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\D40.tmp SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\D41.tmp SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\D42.tmp SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\D43.tmp SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\D44.tmp SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\D54.tmp SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\D55.tmp SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\D56.tmp SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\D57.tmp SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\D58.tmp SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\D59.tmp SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\D8F.tmp SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\DEB.tmp SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\DEC.tmp SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\DF.tmp SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\DFC.tmp SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\DFD.tmp SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\DFE.tmp SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\DFF.tmp SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\E00.tmp SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\E01.tmp SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\E83.tmp SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\EB6.tmp SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\EC7.tmp SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\EDE.tmp SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\EEE.tmp SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\EFF.tmp SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\F00.tmp SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\F01.tmp SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\F02.tmp SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\F03.tmp SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\F04.tmp SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\F05.tmp SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\F06.tmp SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\F07.tmp SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\F08.tmp SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\F09.tmp SupprimÈ! C:\Users\Loulou\AppData\Local\Temp\sshnas21.dll SupprimÈ! C:\$Recycle.Bin\S-1-5-18 SupprimÈ! C:\$Recycle.Bin\S-1-5-21-756219789-2391649786-1416619542-1000 SupprimÈ! D:\$Recycle.Bin\S-1-5-18 SupprimÈ! D:\$Recycle.Bin\S-1-5-21-756219789-2391649786-1416619542-1000 SupprimÈ! D:\$Recycle.Bin\S-1-5-21-756219789-2391649786-1416619542-500 ################## | Registre | SupprimÈ! HKCU\Software\M5T8QL3YW3 SupprimÈ! HKCU\Software\Microsoft\Handle SupprimÈ! HKCU\Software\XML SupprimÈ! HKCU\Software\Microsoft\Windows\CurrentVersion\Run|M5T8QL3YW3 ################## | Mountpoints2 | SupprimÈ! HKCU\.\.\.\.\Explorer\MountPoints2\{0cf685bc-657f-11de-a555-002243c1836f} SupprimÈ! HKCU\.\.\.\.\Explorer\MountPoints2\{45f6338b-e663-11dd-b181-002243c1836f} SupprimÈ! HKCU\.\.\.\.\Explorer\MountPoints2\{506920c3-b67c-11de-9603-002243c1836f} SupprimÈ! HKCU\.\.\.\.\Explorer\MountPoints2\{5d8aec2f-eedc-11dd-b419-002243c1836f} SupprimÈ! HKCU\.\.\.\.\Explorer\MountPoints2\{5fb244c8-b737-11de-8d04-002243c1836f} SupprimÈ! HKCU\.\.\.\.\Explorer\MountPoints2\{67ad6947-b1cc-11de-98bc-002243c1836f} SupprimÈ! HKCU\.\.\.\.\Explorer\MountPoints2\{825ebf27-5757-11de-aa6e-002243c1836f} SupprimÈ! HKCU\.\.\.\.\Explorer\MountPoints2\{8c0eb082-50de-11de-9f52-002243c1836f} SupprimÈ! HKCU\.\.\.\.\Explorer\MountPoints2\{915f997f-e1e0-11dd-8416-002243c1836f} SupprimÈ! HKCU\.\.\.\.\Explorer\MountPoints2\{cac7102a-f9f2-11dd-ab5f-002243c1836f} SupprimÈ! HKCU\.\.\.\.\Explorer\MountPoints2\{f4d184c0-ae91-11de-b062-002243c1836f} ################## | Listing | [08/06/2010 - 20:15:48 | SHD ] C:\$RECYCLE.BIN [31/10/2008 - 15:42:17 | HD ] C:\ASUS.SYS [18/09/2006 - 23:43:36 | A | 24] C:\autoexec.bat [16/04/2008 - 13:27:15 | SHD ] C:\Boot [21/01/2008 - 04:24:42 | RASH | 333203] C:\bootmgr [16/04/2008 - 13:27:17 | RAS | 8192] C:\BOOTSECT.BAK [04/04/2007 - 21:01:54 | A | 19] C:\CA21.txt [08/06/2010 - 03:48:11 | SD ] C:\ComboFix [18/09/2006 - 23:43:37 | A | 10] C:\config.sys [10/11/2009 - 22:13:55 | A | 0] C:\data.txt [03/11/2009 - 20:50:43 | A | 216] C:\DebugTrace-RockallDLL.log [31/10/2008 - 15:44:53 | A | 22832] C:\devlist.txt [02/11/2006 - 15:02:03 | SHD ] C:\Documents and Settings [31/10/2008 - 15:44:49 | A | 9] C:\Finish.log [04/05/2010 - 02:43:36 | SHD ] C:\found.000 [08/06/2010 - 17:53:23 | ASH | 3220295680] C:\hiberfil.sys [31/10/2008 - 14:34:42 | A | 481] C:\igoogle_log.txt [31/10/2008 - 14:42:32 | D ] C:\Intel [18/01/2010 - 20:47:45 | RASH | 0] C:\IO.SYS [06/10/2008 - 05:46:41 | A | 21] C:\msapp2.LOG [18/01/2010 - 20:47:45 | RASH | 0] C:\MSDOS.SYS [31/10/2008 - 13:33:10 | RHD ] C:\MSOCache [21/08/2008 - 04:00:11 | RAH | 1048576] C:\N50V.BIN [17/09/2008 - 04:31:35 | A | 14] C:\N50VN_N50VC_VISTA.20 [08/08/2008 - 09:22:19 | A | 30] C:\NERO.LOG [04/07/2008 - 06:35:34 | A | 21] C:\NIS2008.TXT [16/03/2007 - 01:18:45 | A | 25] C:\OFFICE2007_A.TXT [08/06/2010 - 17:53:22 | ASH | 3533873152] C:\pagefile.sys [31/10/2008 - 02:34:05 | A | 105] C:\Pass.txt [18/08/2008 - 12:58:09 | A | 2561] C:\Patch.LOG [21/01/2008 - 04:32:31 | D ] C:\PerfLogs [08/06/2010 - 01:28:51 | RD ] C:\Program Files [08/06/2010 - 01:24:43 | HD ] C:\ProgramData [08/06/2010 - 00:45:22 | D ] C:\Qoobox [29/04/2008 - 16:30:15 | A | 20] C:\READER_A.TXT [17/09/2008 - 04:31:35 | A | 14] C:\RECOVERY.DAT [31/10/2008 - 15:16:12 | A | 426] C:\RHDSetup.log [08/06/2010 - 01:28:53 | D ] C:\rsit [31/10/2008 - 15:38:09 | A | 163] C:\setup.log [16/05/2006 - 02:22:24 | A | 5] C:\store.log [31/10/2008 - 14:10:34 | A | 166] C:\SumHidd.txt [31/10/2008 - 14:09:39 | A | 98] C:\SumOS.txt [08/06/2010 - 00:04:49 | SHD ] C:\System Volume Information [08/06/2010 - 20:15:41 | D ] C:\UsbFix [08/06/2010 - 20:16:50 | A | 16659] C:\UsbFix.txt [25/12/2008 - 05:04:10 | RD ] C:\Users [01/08/2008 - 00:40:18 | A | 21] C:\V552.txt [08/06/2010 - 00:45:36 | D ] C:\Windows [08/06/2010 - 20:15:48 | SHD ] D:\$RECYCLE.BIN [25/09/2009 - 17:39:17 | D ] D:\Architecture [10/01/2010 - 18:11:08 | D ] D:\ConfÈrences - Pavillon de l' arsenal [06/06/2010 - 16:57:39 | D ] D:\Films [31/05/2010 - 02:15:48 | D ] D:\Musique [02/10/2008 - 19:18:22 | A | 229921202] D:\Neufert.pdf [24/05/2010 - 00:40:56 | RD ] D:\Pictures [17/06/2009 - 20:06:50 | A | 7979088] D:\plan masse 2 500.pdf [30/05/2010 - 15:32:56 | D ] D:\Program Files [13/05/2009 - 23:50:12 | A | 598493] D:\prÈ rendu 2.pdf [17/06/2009 - 22:31:16 | A | 17907983] D:\rendu a0 3.pdf [25/09/2009 - 18:25:35 | D ] D:\Stage Juillet 2009 [31/10/2008 - 13:26:32 | SHD ] D:\System Volume Information ################## | Vaccin | C:\Autorun.inf -> Dossier crÈÈ par UsbFix (El Desaparecido & C_XX) D:\Autorun.inf -> Dossier crÈÈ par UsbFix (El Desaparecido & C_XX) ################## | Upload | Veuillez envoyer le fichier: C:\UsbFix_Upload_Me_PC-DE-LOULOU.zip http://chiquitine.changelog.fr/Sample/Upload.php Merci de votre contribution. ################## | E.O.F |

bernard53 · le 08 Juin 2010 19:41

Très bien ceci à suivre s.t.p

* Fait un double-clic sur l'icône d'OTL pour le lancer
/!\ pour Vista/Seven fais un clic-droit sur l'icône d'OTL et choisis "Exécuter en tant qu'administrateur"

* Assure-toi d'avoir fermé toutes les applications en court de fonctionnement.

* Quand la fenêtre d'OTL apparaît, assure toi que dans la section "Rapport" (en haut à droite) la case " Rapport minimal" soit cochée.

* Copies et colles le contenue de cette citation dans la partie inférieure d'OTL "Personnalisation"

:OTL
PRC - C:\Users\Loulou\gckcomka.exe ()
PRC - C:\Users\Loulou\AppData\Local\vdkzhx.exe (listé)
PRC - C:\Users\Loulou\AppData\Roaming\CBE3FBC7AC5FADF7B4C95F3071F95353\setupupdater0000.exe (MS)
PRC - C:\Program Files\AskBarDis\bar\bin\ASKUpgrade.exe ()
PRC - C:\Program Files\AskBarDis\bar\bin\AskService.exe ()
SRV - (ASKUpgrade) -- C:\Program Files\AskBarDis\bar\bin\ASKUpgrade.exe ()
SRV - (ASKService) -- C:\Program Files\AskBarDis\bar\bin\AskService.exe ()
O2 - BHO: (AskBar BHO) - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll File not found
O2 - BHO: (UrlHelper Class) - {74322BF9-DF26-493f-B0DA-6D2FC5E6429E} - C:\Program Files\BearShare Applications\BearShare MediaBar\BearShareIEHelper.dll File not found
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll File not found
O3 - HKLM\..\Toolbar: (PDFCreator Toolbar) - {31CF9EBE-5755-4A1D-AC25-2834D952D9B4} - C:\Program Files\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll File not found
O3 - HKLM\..\Toolbar: (BearShare MediaBar) - {D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A} - C:\Program Files\BearShare Applications\BearShare MediaBar\BearShareMediaBar.dll File not found
O3 - HKU\S-1-5-21-756219789-2391649786-1416619542-1000\..\Toolbar\WebBrowser: (BearShare MediaBar) - {D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A} - C:\Program Files\BearShare Applications\BearShare MediaBar\BearShareMediaBar.dll File not found
O4 - HKU\S-1-5-21-756219789-2391649786-1416619542-1000\..\Run: [gckcomka] C:\Users\Loulou\gckcomka.exe ()
O4 - HKU\S-1-5-21-756219789-2391649786-1416619542-1000\..\Run: [Halo2] C:\Users\Loulou\AppData\Local\Temp\sshnas21.DLL ()
O4 - HKU\S-1-5-21-756219789-2391649786-1416619542-1000\..\Run: [M5T8QL3YW3] C:\Users\Loulou\AppData\Local\Temp\Ck1.exe File not found
O4 - HKU\S-1-5-21-756219789-2391649786-1416619542-1000\..\Run: [setupupdater0000.exe] C:\Users\Loulou\AppData\Roaming\CBE3FBC7AC5FADF7B4C95F3071F95353\setupupdater0000.exe (MS)
O4 - HKU\S-1-5-21-756219789-2391649786-1416619542-1000\..\Run: [vdkzhx] c:\users\loulou\appdata\local\vdkzhx.exe

:Files
C:\Users\Loulou\AppData\Local\vdkzhx.exe
C:\Users\Loulou\AppData\Local\vdkzhx.dat
C:\Users\Loulou\AppData\Local\vdkzhx_navps.dat
C:\Users\Loulou\AppData\Local\syssvc.exe
C:\Users\Loulou\gckcomka.exe
C:\Users\Loulou\AppData\Local\vdkzhx.exe
C:\Users\Loulou\AppData\Local\vdkzhx_nav.dat

:Commands
[emptytemp]

* Cliques sur l'icône Correction (en haut à gauche) .
* Laisse le scan aller à son terme sans te servir du PC
* A la fin du scan un ou deux rapports vont s'ouvrir "OTL.Txt" et ( ou ) "Extras.Txt"( dans certains cas).
* Copie et colle le ou les rapports dans ta réponse stp...
* Au cas où, tu peux les retrouver dans le dossier C:\OTL ou sur ton bureau en fonction des cas rencontrés

PUIS.

Télécharge Navilog1 :
http://perso.orange.fr/il.mafioso/Navifix/Navilog1.exe
Enregistrer la cible (du lien) sous... et enregistre-le sur ton bureau.

Fais un clic-droit sur le Navilog1.exe présent sur ton bureau et choisis :
"Exécuter en tant qu'administrateur". C'est impératif : "Pour Vista et Seven seulement"

Au menu principal, Fais le choix "1"
Laisse toi guider et patiente.
De nouveau choisis 1
Patiente jusqu'au message :
*** Analyse Termine le ..... ***
Appuie sur une touche le blocnote va s'ouvrir.

Copie-colle l'intégralité du rapport dans ta réponse.
Referme le blocnote.
Note : Il sera enregistré sous C:\cleannavi.txt

antimalware doctor

antimalware doctor

Re: antimalware doctor

Re: antimalware doctor

Re: antimalware doctor

Re: antimalware doctor

Re: antimalware doctor

Re: antimalware doctor

Re: antimalware doctor

Re: antimalware doctor

Re: antimalware doctor

Re: antimalware doctor

Re: antimalware doctor

Re: antimalware doctor

Re: antimalware doctor

Re: antimalware doctor

Sujets similaires

Qui est en ligne