Il y a actuellement 630 visiteurs
Vendredi 22 Novembre 2024
accueilactualitésdossierscomparer les prixtélécharger gratuitement vos logicielsoffres d'emploiforum informatique
Connexion
Créer un compte

Pop up récalcitrant analyse du test

Un ordinateur qui ralentit, des écrans publicitaires qui apparaissent, des applications qui refusent de démarrer ou encore votre navigateur qui s'obstine à ouvrir une page douteuse sont autant d'éléments qui indiquent que l'intégrité de votre ordinateur est menacée par un virus. Vous trouverez dans ce forum quelques conseils et logiciels pour surfer tranquillement.
Règles du forum
Pour afficher un rapport d'analyse ou un rapport d'infection (HijackThis, OTL, AdwCleaner etc...)‎, veuillez utiliser le système de fichiers joints interne au forum. Seuls les formats les .txt et .log de moins de 1Mo sont acceptés. Pour obtenir de l'aide pour insérer vos fichiers joints, veuillez consulter ce tutoriel
Répondre

Pop up récalcitrant analyse du test

Message le 06 Juin 2010 18:10

Bonjour,

J'ai un problème de pop up récalcitrant toujours la même celle avec un logo multicolore plein de carré j'ai donc été voir sur ce forum le sujet "pop up récalcitrant résolu" et j'ai lancer sur malwarebytes l'analyse complète. Seulement je ne sais pas quoi faire ensuite, si quelqu'un peut m'aider ce serait super.

PS : Pour info je navigue sur chrome et j'ai installer récemment adblock+

Merci de votre aide.

Voici le rapport:

Code: Tout sélectionner
Malwarebytes' Anti-Malware 1.46
http://www.malwarebytes.org

Version de la base de données: 4172

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

06/06/2010 19:08:27
mbam-log-2010-06-06 (19-08-27).txt

Type d'examen: Examen complet (C:\|D:\|)
Elément(s) analysé(s): 268161
Temps écoulé: 1 heure(s), 2 minute(s), 17 seconde(s)

Processus mémoire infecté(s): 1
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 9
Valeur(s) du Registre infectée(s): 2
Elément(s) de données du Registre infecté(s): 2
Dossier(s) infecté(s): 4
Fichier(s) infecté(s): 12

Processus mémoire infecté(s):
C:\documents and settings\Fred\local settings\application data\mrhnlrh.exe (Adware.Navipromo.H) -> No action taken.

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1d4db7d2-6ec9-47a3-bd87-1e41684e07bb} (Adware.MyWebSearch) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{2d2bee6e-3c9a-4d58-b9ec-458edb28d0f6} (Rogue.DriveCleaner) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{09f1adac-76d8-4d0f-99a5-5c907dadb988} (Rogue.Multiple) -> No action taken.
HKEY_CURRENT_USER\Software\epk_extr (Trojan.Skintrim) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\fcn (Rogue.Residue) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\OOO (Malware.Trace) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\EoRezo (Rogue.Eorezo) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\OOO (Rogue.LivePlayer) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\WebMediaPlayer (Rogue.WebMedia) -> No action taken.

Valeur(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\mrhnlrh (Adware.Navipromo.H) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\iyqqqmy (Trojan.Agent.H) -> No action taken.

Elément(s) de données du Registre infecté(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken.

Dossier(s) infecté(s):
C:\Program Files\WebMediaPlayer (Adware.EGDAccess) -> No action taken.
C:\Program Files\WebMediaPlayer\resources (Adware.EGDAccess) -> No action taken.
C:\Program Files\WebMediaPlayer\skins (Adware.EGDAccess) -> No action taken.
C:\Program Files\WebMediaPlayer\updates (Adware.EGDAccess) -> No action taken.

Fichier(s) infecté(s):
C:\Documents and Settings\Fred\Local Settings\Application Data\mrhnlrh_navps.dat (Adware.Navipromo.H) -> No action taken.
C:\Documents and Settings\Fred\Local Settings\Application Data\mrhnlrh_nav.dat (Adware.Navipromo.H) -> No action taken.
C:\Documents and Settings\Fred\Local Settings\Application Data\mrhnlrh.dat (Adware.Navipromo.H) -> No action taken.
C:\Documents and Settings\Fred\Local Settings\Application Data\mrhnlrh.exe (Adware.Navipromo.H) -> No action taken.
C:\Program Files\WebMediaPlayer\sqlite3.dll (Adware.EGDAccess) -> No action taken.
C:\Program Files\WebMediaPlayer\Website.url (Adware.EGDAccess) -> No action taken.
C:\Program Files\WebMediaPlayer\Confidentialité.url (Adware.EGDAccess) -> No action taken.
C:\Program Files\WebMediaPlayer\Conditions générales.url (Adware.EGDAccess) -> No action taken.
C:\Program Files\WebMediaPlayer\resources\languages_v2.xml (Adware.EGDAccess) -> No action taken.
C:\Program Files\WebMediaPlayer\resources\webmedias (Adware.EGDAccess) -> No action taken.
C:\Program Files\WebMediaPlayer\skins\classic.skn (Adware.EGDAccess) -> No action taken.
C:\WINDOWS\system32\nvs2.inf (Adware.EGDAccess) -> No action taken.


EDIT Skynet : balises [code] ajoutées.
acfred
Visiteur
Visiteur
 
Messages: 3
Inscription: 06 Juin 2010 10:22
 
Haut

Re: Pop up récalcitrant analyse du test

Message le 06 Juin 2010 18:32

hello,

Bienvenue sur PC-Infopratique :wink:

tu as bien supprimés les éléments trouvés par Malwarebytes ?
si oui, c'est OK, sinon fais le et redémarres ton pc comme demandé par Malwarebytes

Fais cela stp...

* Télécharge >> OTL <<sur ton bureau.

* Fait un double-clic sur l'icône d'OTL pour le lancer

* Assure toi d'avoir fermé toutes les applications en court de fonctionnement.

* Quand la fenêtre d'OTL apparaît, assure toi que dans la section "Rapport" (en haut à droite) la case "rapport minimal " soit cochée.

* Coches les case situées devant "Tous les utilisateurs", " Recherche LOP" et "Recherche Purity".

* Copier et colle le contenue de cette citation dans la partie inférieure d'OTL "personnalisation"


%systemroot%\system32\drivers\*.sys /lockedfiles
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%SYSTEMDRIVE%\*.exe
netsvcs
%SYSTEMDRIVE%\*.exe
/md5start
tcpip.sys
Sfloppy.sys
Changer.sys
cdrom.sys
disk.sys
ndis.sys
usbscan.sys
usbprint.sys
tdtcp.sys
tdpipe.sys
swmidi.sys
splitter.sys
rdpwd.sys
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
sceclt.dll
ntelogon.dll
logevent.dll
RASACD.SYS
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
nvrd32.sys
/md5stop
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles


* Cliques sur l'icône "Analyse" (en haut à gauche) .
* Laisse le scan aller à son terme sans te servir du PC
* A la fin du scan deux rapports vont s'ouvrir "OTL.Txt" et ( ou ) "Extras.Txt"( réduit dans la barre des taches).
* Copie et colle les rapports dans ta réponse stp...
* Au cas où, tu peux les retrouver dans le dossier C:\OTL ou sur ton bureau en fonction des cas rencontrés
Avatar de l'utilisateur
jeanmimigab
PC-Infopraticien
PC-Infopraticien
 
Messages: 2986
Inscription: 29 Nov 2009 12:05
 
Haut

Re: Pop up récalcitrant analyse du test

Message le 06 Juin 2010 19:29

Merci de ton coup de main voila le rapport OTL :

Code: Tout sélectionner
OTL logfile created on: 06/06/2010 20:16:57 - Run 1
OTL by OldTimer - Version 3.2.5.3     Folder = C:\Documents and Settings\Fred\Mes documents\Downloads
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy
 
1 014,00 Mb Total Physical Memory | 411,00 Mb Available Physical Memory | 41,00% Memory free
2,00 Gb Paging File | 2,00 Gb Available in Paging File | 79,00% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 35,60 Gb Total Space | 3,36 Gb Free Space | 9,44% Space Free | Partition Type: FAT32
Drive D: | 35,98 Gb Total Space | 2,52 Gb Free Space | 7,01% Space Free | Partition Type: FAT32
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
 
Computer Name: FREDERIC1
Current User Name: Fred
Logged in as Administrator.
 
Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
 
[color=#E56717]========== Processes (SafeList) ==========[/color]
 
PRC - C:\Documents and Settings\Fred\Mes documents\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Documents and Settings\Fred\Local Settings\Application Data\Google\Chrome\Application\chrome.exe (Google Inc.)
PRC - C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
PRC - C:\Program Files\Fichiers communs\Java\Java Update\jucheck.exe (Sun Microsystems, Inc.)
PRC - C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
PRC - C:\Program Files\Alwil Software\Avast4\ashDisp.exe (ALWIL Software)
PRC - C:\Program Files\Alwil Software\Avast4\ashServ.exe (ALWIL Software)
PRC - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe (ALWIL Software)
PRC - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe (ALWIL Software)
PRC - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe (ALWIL Software)
PRC - C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corporation)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe (SlySoft, Inc.)
PRC - C:\WINDOWS\system32\drivers\CDAC11BA.EXE (Macrovision)
PRC - C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe (Nero AG)
PRC - C:\Program Files\Launch Manager\QtZgAcer.EXE (Dritek System Inc.)
PRC - C:\Program Files\Acer\eRecovery\Monitor.exe (acer Inc.)
PRC - C:\Acer\ePM\epm-dm.exe (Acer Inc)
PRC - C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLSched.exe ()
PRC - C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLCapSvc.exe ()
PRC - C:\Program Files\Acer\Acer Arcade\PCMService.exe (CyberLink Corp.)
PRC - C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLService.exe (Cyberlink)
PRC - C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLServer.exe (Cyberlink)
PRC - C:\Acer\eManager\anbmServ.exe (OSA Technologies Inc.)
PRC - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe (Intel Corporation )
PRC - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe (Intel Corporation)
PRC - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe (Intel Corporation)
PRC - C:\Program Files\Synaptics\SynTP\SynTPLpr.exe (Synaptics, Inc.)
PRC - C:\Program Files\NGS Mouse Driver\MouseDrv.exe ()
PRC - C:\Program Files\SuperCopier\SuperCopier.exe (SFX TEAM)
PRC - C:\Program Files\PikaOne Software\FlyCASE\PikaBackup.exe (PikaOne)
 
 
[color=#E56717]========== Modules (SafeList) ==========[/color]
 
MOD - C:\Documents and Settings\Fred\Mes documents\Downloads\OTL.exe (OldTimer Tools)
MOD - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Chrome\Hook\rpchromebrowserrecordhelper.dll (RealPlayer)
MOD - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6001.22319_x-ww_f0b4c2df\GdiPlus.dll (Microsoft Corporation)
MOD - C:\WINDOWS\system32\msacm32.dll (Microsoft Corporation)
MOD - C:\WINDOWS\AppPatch\AcGenral.dll (Microsoft Corporation)
MOD - C:\WINDOWS\system32\msscript.ocx (Microsoft Corporation)
MOD - C:\WINDOWS\system32\SynTPFcs.dll (Synaptics, Inc.)
MOD - C:\WINDOWS\system32\serwvdrv.dll (Microsoft Corporation)
MOD - C:\WINDOWS\system32\umdmxfrm.dll (Microsoft Corporation)
MOD - C:\WINDOWS\system32\msvcp71.dll (Microsoft Corporation)
MOD - C:\WINDOWS\system32\msvcr71.dll (Microsoft Corporation)
 
 
[color=#E56717]========== Win32 Services (SafeList) ==========[/color]
 
SRV - (avast! Antivirus) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe (ALWIL Software)
SRV - (avast! Mail Scanner) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe (ALWIL Software)
SRV - (avast! Web Scanner) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe (ALWIL Software)
SRV - (aswUpdSv) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe (ALWIL Software)
SRV - (SeaPort) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corporation)
SRV - (getPlus(R) Helper) getPlus(R) -- C:\Program Files\NOS\bin\getPlus_HelperSvc.exe (NOS Microsystems Ltd.)
SRV - (SerialKeys) -- C:\WINDOWS\system32\skeys.exe (Microsoft Corporation)
SRV - (Pml Driver HPZ12) -- C:\WINDOWS\system32\HPZipm12.exe (HP)
SRV - (ServiceLayer) -- C:\Program Files\Fichiers communs\PCSuite\Services\ServiceLayer.exe (Nokia.)
SRV - (C-DillaCdaC11BA) -- C:\WINDOWS\system32\drivers\CDAC11BA.EXE (Macrovision)
SRV - (CLSched) CyberLink Task Scheduler (CTS) -- C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLSched.exe ()
SRV - (CLCapSvc) CyberLink Background Capture Service (CBCS) -- C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLCapSvc.exe ()
SRV - (CyberLink Media Library Service) -- C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLServer.exe (Cyberlink)
SRV - (anbmService) -- C:\Acer\eManager\anbmServ.exe (OSA Technologies Inc.)
SRV - (S24EventMonitor) -- C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe (Intel Corporation )
SRV - (EvtEng) -- C:\Program Files\Intel\Wireless\Bin\EvtEng.exe (Intel Corporation)
SRV - (RegSrvc) -- C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe (Intel Corporation)
 
 
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
 
DRV - (aswMon2) -- C:\WINDOWS\system32\drivers\aswmon2.sys (ALWIL Software)
DRV - (aswSP) -- C:\WINDOWS\system32\drivers\aswSP.sys (ALWIL Software)
DRV - (aswFsBlk) -- C:\WINDOWS\system32\drivers\aswFsBlk.sys (ALWIL Software)
DRV - (aswTdi) -- C:\WINDOWS\system32\drivers\aswTdi.sys (ALWIL Software)
DRV - (aswRdr) -- C:\WINDOWS\system32\drivers\aswRdr.sys (ALWIL Software)
DRV - (Aavmker4) -- C:\WINDOWS\system32\drivers\aavmker4.sys (ALWIL Software)
DRV - (sptd) -- C:\WINDOWS\System32\Drivers\sptd.sys ()
DRV - (amdagp) -- C:\WINDOWS\system32\DRIVERS\amdagp.sys (Advanced Micro Devices, Inc.)
DRV - (sisagp) -- C:\WINDOWS\system32\DRIVERS\sisagp.sys (Silicon Integrated Systems Corporation)
DRV - (HDAudBus) -- C:\WINDOWS\system32\drivers\Hdaudbus.sys (Windows (R) Server 2003 DDK provider)
DRV - (Nokia USB Phone Parent) -- C:\WINDOWS\system32\drivers\nmwcd.sys (Nokia)
DRV - (Nokia USB Modem) -- C:\WINDOWS\system32\drivers\nmwcdcm.sys (Nokia)
DRV - (Nokia USB Generic) -- C:\WINDOWS\system32\drivers\nmwcdc.sys (Nokia)
DRV - (CdaC15BA) -- C:\WINDOWS\system32\drivers\CDAC15BA.SYS (Macrovision Europe Ltd)
DRV - (RT61) -- C:\WINDOWS\system32\drivers\rt61.sys (Ralink Technology Inc.)
DRV - (NTIDrvr) -- C:\WINDOWS\system32\drivers\NTIDrvr.sys (NewTech Infosystems, Inc.)
DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\WINDOWS\system32\drivers\RtkHDAud.sys (Realtek Semiconductor Corp.)
DRV - (AnyDVD) -- C:\WINDOWS\system32\drivers\AnyDVD.sys (SlySoft, Inc.)
DRV - (osaio) -- C:\WINDOWS\system32\drivers\osaio.sys (OSA Technologies, An Avocent Company)
DRV - (HSF_DPV) -- C:\WINDOWS\system32\drivers\HSF_DPV.sys (Conexant Systems, Inc.)
DRV - (HSFHWAZL) -- C:\WINDOWS\system32\drivers\HSFHWAZL.sys (Conexant Systems, Inc.)
DRV - (winachsf) -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys (Conexant Systems, Inc.)
DRV - (ElbyCDIO) -- C:\WINDOWS\system32\drivers\ElbyCDIO.sys (Elaborate Bytes AG)
DRV - (EpmShd) -- C:\WINDOWS\system32\drivers\epm-shd.sys (Acer Value Labs, USA)
DRV - (ovt530) -- C:\WINDOWS\system32\drivers\ov530vid.sys (OmniVision Technologies, Inc.)
DRV - (RTL8023xp) -- C:\WINDOWS\system32\drivers\Rtlnicxp.sys (Realtek Semiconductor Corporation                           )
DRV - (Afc) -- C:\WINDOWS\system32\drivers\afc.sys (Arcsoft, Inc.)
DRV - (osanbm) -- C:\WINDOWS\system32\drivers\osanbm.sys (Windows (R) 2000 DDK provider)
DRV - (int15.sys) -- C:\Program Files\Acer\eRecovery\int15.sys ()
DRV - (HdAudAddService) -- C:\WINDOWS\system32\drivers\Hdaudio.sys (Windows (R) Server 2003 DDK provider)
DRV - (UBHelper) -- C:\WINDOWS\system32\drivers\UBHelper.sys ()
DRV - (DKbFltr) -- C:\WINDOWS\system32\drivers\DKbFltr.SYS (Dritek System Inc.)
DRV - (w29n51) Pilote de carte de connexion réseau Intel(R) -- C:\WINDOWS\system32\drivers\w29n51.sys (Intel® Corporation)
DRV - (s24trans) -- C:\WINDOWS\system32\drivers\s24trans.sys (Intel Corporation)
DRV - (SynTP) -- C:\WINDOWS\system32\drivers\SynTP.sys (Synaptics, Inc.)
DRV - (dac2w2k) -- C:\WINDOWS\system32\DRIVERS\dac2w2k.sys (Mylex Corporation)
DRV - (ql1280) -- C:\WINDOWS\system32\DRIVERS\ql1280.sys (QLogic Corporation)
DRV - (ql12160) -- C:\WINDOWS\system32\DRIVERS\ql12160.sys (QLogic Corporation)
DRV - (ql1080) -- C:\WINDOWS\system32\DRIVERS\ql1080.sys (QLogic Corporation)
DRV - (ultra) -- C:\WINDOWS\system32\DRIVERS\ultra.sys (Promise Technology, Inc.)
DRV - (symc8xx) -- C:\WINDOWS\system32\DRIVERS\symc8xx.sys (LSI Logic)
DRV - (sym_u3) -- C:\WINDOWS\system32\DRIVERS\sym_u3.sys (LSI Logic)
DRV - (sym_hi) -- C:\WINDOWS\system32\DRIVERS\sym_hi.sys (LSI Logic)
DRV - (asc) -- C:\WINDOWS\system32\DRIVERS\asc.sys (Advanced System Products, Inc.)
DRV - (Sparrow) -- C:\WINDOWS\system32\DRIVERS\sparrow.sys (Adaptec, Inc.)
DRV - (mraid35x) -- C:\WINDOWS\system32\DRIVERS\mraid35x.sys (American Megatrends Inc.)
DRV - (symc810) -- C:\WINDOWS\system32\DRIVERS\symc810.sys (Symbios Logic Inc.)
DRV - (asc3550) -- C:\WINDOWS\system32\DRIVERS\asc3550.sys (Advanced System Products, Inc.)
DRV - (CmdIde) -- C:\WINDOWS\system32\DRIVERS\cmdide.sys (CMD Technology, Inc.)
DRV - (AliIde) -- C:\WINDOWS\system32\DRIVERS\aliide.sys (Acer Laboratories Inc.)
DRV - (EpmPsd) -- C:\WINDOWS\system32\drivers\epm-psd.sys (Acer Value Labs, USA)
DRV - (ElbyDelay) -- C:\WINDOWS\system32\drivers\ElbyDelay.sys (Elaborate Bytes AG)
DRV - (TaurusUsb) -- C:\WINDOWS\system32\drivers\torususb.sys ()
DRV - (Stmatm) -- C:\WINDOWS\system32\drivers\stmatm.sys (STMicroelectronics              )
DRV - (NPF) -- C:\WINDOWS\system32\drivers\npf.sys (Politecnico di Torino)
DRV - (MODEMCSA) -- C:\WINDOWS\system32\drivers\MODEMCSA.sys (Microsoft Corporation)
DRV - (Aspi32) -- C:\WINDOWS\system32\drivers\Aspi32.sys (Adaptec)
 
 
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== Internet Explorer ==========[/color]
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yoower.com/
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\S-1-5-21-1377555683-3664876793-2747138006-1005\SOFTWARE\Microsoft\Internet Explorer\Main,AlwaysUseDefaultPrinter =
IE - HKU\S-1-5-21-1377555683-3664876793-2747138006-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR
IE - HKU\S-1-5-21-1377555683-3664876793-2747138006-1005\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-1377555683-3664876793-2747138006-1005\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKU\S-1-5-21-1377555683-3664876793-2747138006-1005\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
IE - HKU\S-1-5-21-1377555683-3664876793-2747138006-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
IE - HKU\S-1-5-21-1377555683-3664876793-2747138006-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://fr.msn.com/?ocid=iehp
IE - HKU\S-1-5-21-1377555683-3664876793-2747138006-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = fr
IE - HKU\S-1-5-21-1377555683-3664876793-2747138006-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 9B 66 BC 61 6C DD C9 01  [binary data]
IE - HKU\S-1-5-21-1377555683-3664876793-2747138006-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore = http://www.yoower.com/
IE - HKU\S-1-5-21-1377555683-3664876793-2747138006-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1377555683-3664876793-2747138006-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
FF - HKLM\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2010/03/13 10:20:42 | 000,000,000 | ---D | M]
 
[2008/04/24 22:44:20 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2008/04/24 22:44:24 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\realplayer@partners.mozilla.com
 
O1 HOSTS File: ([2004/08/05 05:00:00 | 000,000,790 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (EoBho Class) - {64F56FC1-1272-44CD-BA6E-39723696E350} - C:\PROGRA~1\eoRezo\EoAdv\EOREZO~1.DLL File not found
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
O2 - BHO: (Programme d'aide de l'Assistant de connexion Windows Live) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll (Google Inc.)
O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (Veoh Web Player Video Finder) - {0FBB9689-D3D7-4f7a-A2E2-585B10099BFC} - C:\Program Files\Veoh Networks\VeohWebPlayer\VeohIEToolbar.dll (Veoh Networks Inc)
O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (Veoh Browser Plug-in) - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll (Veoh Networks Inc)
O3 - HKU\S-1-5-21-1377555683-3664876793-2747138006-1005\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O3 - HKU\S-1-5-21-1377555683-3664876793-2747138006-1005\..\Toolbar\WebBrowser: (no name) - {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - No CLSID value found.
O3 - HKU\S-1-5-21-1377555683-3664876793-2747138006-1005\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKU\S-1-5-21-1377555683-3664876793-2747138006-1005\..\Toolbar\WebBrowser: (PDFCreator Toolbar) - {31CF9EBE-5755-4A1D-AC25-2834D952D9B4} - C:\Program Files\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll File not found
O4 - HKLM..\Run: [AdslTaskBar] C:\WINDOWS\System32\stmctrl.dll (BeWAN systems                   )
O4 - HKLM..\Run: [Agendatronic Alarm] C:\PROGRA~1\RIBMON~1\AGENDA~1\AlarmClock\AlarmClock.exe File not found
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [AnyDVD] C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe (SlySoft, Inc.)
O4 - HKLM..\Run: [avast!] C:\Program Files\Alwil Software\Avast4\ashDisp.exe (ALWIL Software)
O4 - HKLM..\Run: [AzMixerSel] C:\Program Files\Realtek\InstallShield\AzMixerSel.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [CreativeMouse ] C:\Program Files\NGS Mouse Driver\MouseDrv.exe ()
O4 - HKLM..\Run: [EPM-DM] c:\Acer\ePM\epm-dm.exe (Acer Inc)
O4 - HKLM..\Run: [ePowerManagement] C:\Acer\ePM\ePM.exe (Acer Value Labs, Taiwan)
O4 - HKLM..\Run: [eRecoveryService] C:\Program Files\Acer\eRecovery\Monitor.exe (acer Inc.)
O4 - HKLM..\Run: [High Definition Audio Property Page Shortcut] C:\WINDOWS\System32\HdAShCut.exe (Windows (R) Server 2003 DDK provider)
O4 - HKLM..\Run: [IMJPMIG8.1] C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [LaunchApp] C:\WINDOWS\Alaunch.exe (Acer Inc.)
O4 - HKLM..\Run: [LManager] C:\Program Files\Launch Manager\QtZgAcer.EXE (Dritek System Inc.)
O4 - HKLM..\Run: [MSPY2002] C:\WINDOWS\System32\IME\PINTLGNT\ImScInst.exe ()
O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh)
O4 - HKLM..\Run: [NWEReboot]  File not found
O4 - HKLM..\Run: [PCMService] C:\Program Files\Acer\Acer Arcade\PCMService.exe (CyberLink Corp.)
O4 - HKLM..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [PROMT Integrator] C:\Program Files\PROMT5\INTEGRAL\PinStart.exe (PROject MT, Ltd.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe (Synaptics, Inc.)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKU\S-1-5-21-1377555683-3664876793-2747138006-1005..\Run: []  File not found
O4 - HKU\S-1-5-21-1377555683-3664876793-2747138006-1005..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe (Nero AG)
O4 - HKU\S-1-5-21-1377555683-3664876793-2747138006-1005..\Run: [SuperCopier.exe] C:\Program Files\SuperCopier\SuperCopier.exe (SFX TEAM)
O4 - HKU\S-1-5-21-1377555683-3664876793-2747138006-1005..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe (Adobe Systems Incorporated)
O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Google Updater.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe (Google)
O4 - Startup: C:\Documents and Settings\Fred\Menu Démarrer\Programmes\Démarrage\Pika Backup.lnk = C:\Program Files\PikaOne Software\FlyCASE\PikaBackup.exe (PikaOne)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1377555683-3664876793-2747138006-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra Button: Traduction - {7A2EFD41-E6B3-11D2-89E3-00E0292EE574} - C:\Program Files\PROMT5\PROMTIE4\promtie5.htm ()
O9 - Extra 'Tools' menuitem : Traduire - {7A2EFD41-E6B3-11D2-89E3-00E0292EE574} - C:\Program Files\PROMT5\PROMTIE4\promtie5.htm ()
O9 - Extra 'Tools' menuitem : Personnaliser les options de traduction - {7A2EFD41-E6B3-11D2-89E3-00E0292EE575} - C:\Program Files\PROMT5\PROMTIE4\OPTIONS.HTM ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {09CC593B-E8A9-4491-927D-A3E33534DDD4} http://www.m6video.fr/1click/install/files/installer2.cab (InstallerObj Class)
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} http://lesportesdepolux.spaces.live.com//PhotoUpload/MsnPUpld.cab (MSN Photo Upload Tool)
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab (Symantec RuFSI Utility Class)
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} http://download.divx.com/player/DivXBrowserPlugin.cab (DivXBrowserPlugin Object)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E1AF091A-9F23-4059-89D7-C05EE073285D} https://www.canalplay.com/cabs/msway44.cab (Canal+ Active MSWAY)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 212.27.40.240 212.27.40.241
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Fichiers communs\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS\System32\igfxdev.dll (Intel Corporation)
O24 - Desktop Components:0 (Ma page d'accueil) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Fred\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Fred\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2005/08/24 03:52:00 | 000,000,050 | ---- | M] () - C:\AUTOEXEC.BAT -- [ FAT32 ]
O33 - MountPoints2\{5d896f00-d76c-11dc-8290-0013ce90b6fb}\Shell - "" = AutoRun
O33 - MountPoints2\{667de94e-d765-11dc-828f-0013ce90b6fb}\Shell - "" = AutoRun
O33 - MountPoints2\{cad81a80-271c-11dc-81a5-0013ce90b6fb}\Shell\Auto\command - "" = H:\bittorrent.exe -- File not found
O33 - MountPoints2\{fa2b09d8-ef85-11db-8118-0013ce90b6fb}\Shell\Auto\command - "" = G:\bittorrent.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk /p \??\F:) -  File not found
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
MsConfig - StartUpReg: [b]BitTorrent[/b] - hkey= - key= - C:\Program Files\BitTorrent\bittorrent.exe File not found
MsConfig - StartUpReg: [b]DAEMON Tools Lite[/b] - hkey= - key= - C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
MsConfig - StartUpReg: [b]PCSuiteTrayApplication[/b] - hkey= - key= - C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe (Nokia)
MsConfig - StartUpReg: [b]PcSync[/b] - hkey= - key= - C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe (Time Information Services Ltd.)
MsConfig - StartUpReg: [b]Veoh[/b] - hkey= - key= - C:\Program Files\Veoh Networks\Veoh\VeohClient.exe (Veoh Networks)
MsConfig - StartUpReg: [b]VeohPlugin[/b] - hkey= - key= - C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe (Veoh Networks)
 
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: sermouse.sys - Driver
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vds - Service
SafeBootMin: vga.sys - Driver
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
 
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: sermouse.sys - Driver
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vga.sys - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
 
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Rendu VML (Vector Graphics Rendering)
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4
ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Liaison de données Dynamic HTML pour Java
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe
ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Création avancée
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - Classes Java DirectAnimation
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser
ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - Dossiers Web
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe -BaseSettings
ActiveX: {8b15971b-5355-4c82-8c07-7e181ea07608} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\fxsocm.inf,Fax.Install.PerUser
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {94de52c8-2d59-4f1b-883e-79663d2d9a8c} - Fax Provider
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Planificateur de tâches
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exe
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\WINDOWS\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE
ActiveX: >{DFB17AA8-042A-429D-987C-26CE244A4189} - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
 
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3codecp -  File not found
Drivers32: msacm.mkdmp3enc - C:\PROGRA~1\Acer\ACERAR~1\Kernel\Burner\MKDMP3Enc.ACM File not found
Drivers32: msacm.siren - C:\WINDOWS\System32\sirenacm.dll (Microsoft Corporation)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.dvsd - C:\WINDOWS\System32\pdvcodec.dll (Matsushita Electric Industrial Co., Ltd.)
Drivers32: vidc.ffds - C:\WINDOWS\System32\ff_vfw.dll ()
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: vidc.XVID - C:\WINDOWS\System32\xvidvfw.dll ()
Drivers32: wave1 - C:\WINDOWS\System32\serwvdrv.dll (Microsoft Corporation)
 
NetSvcs: 6to4 -  File not found
NetSvcs: Ias - C:\WINDOWS\system32\ias [2005/08/24 03:23:34 | 000,000,000 | ---D | M]
NetSvcs: Iprip -  File not found
NetSvcs: Irmon -  File not found
NetSvcs: NWCWorkstation -  File not found
NetSvcs: Nwsapagent -  File not found
NetSvcs: Wmi - C:\WINDOWS\system32\wmi.dll (Microsoft Corporation)
NetSvcs: WmdmPmSp -  File not found
 
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
 
[2010/06/06 11:15:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Fred\Application Data\Malwarebytes
[2010/06/06 11:14:55 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/06/06 11:14:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2010/06/06 11:14:52 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010/06/06 11:14:52 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/05/30 12:09:38 | 000,000,000 | -HSD | C] -- C:\FOUND.017
[2010/05/25 07:28:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Fred\Application Data\vlc
[2010/05/14 10:22:35 | 000,000,000 | ---D | C] -- C:\Program Files\JRE
[2010/05/14 10:13:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Fred\Bureau\OpenOffice.org 3.2 (fr) Installation Files
[2010/05/14 10:13:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Documents\sun
[4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
 
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
 
[2010/06/06 20:12:18 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/06/06 20:11:34 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\eRLog.ini
[2010/06/06 20:11:10 | 000,001,000 | ---- | M] () -- C:\WINDOWS\tasks\Google Software Updater.job
[2010/06/06 20:10:56 | 000,000,276 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1377555683-3664876793-2747138006-1005.job
[2010/06/06 20:10:54 | 000,001,050 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010/06/06 20:10:44 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/06/06 20:10:40 | 000,000,062 | ---- | M] () -- C:\WINDOWS\PikaBackup.INI
[2010/06/06 20:10:06 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/06/06 20:10:04 | 1063,374,848 | -HS- | M] () -- C:\hiberfil.sys
[2010/06/06 20:09:10 | 013,631,488 | -H-- | M] () -- C:\Documents and Settings\Fred\NTUSER.DAT
[2010/06/06 20:08:42 | 000,000,184 | -HS- | M] () -- C:\Documents and Settings\Fred\ntuser.ini
[2010/06/06 20:07:16 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-1377555683-3664876793-2747138006-1005.job
[2010/06/06 19:30:14 | 000,001,054 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010/06/06 11:55:04 | 000,011,158 | ---- | M] () -- C:\Documents and Settings\Fred\Mes documents\Sans nom 1fd.odt
[2010/06/06 11:15:00 | 000,000,609 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Malwarebytes' Anti-Malware.lnk
[2010/06/06 09:47:52 | 000,000,430 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{A91DE4A0-A2FF-4DAA-933F-04AD026E704C}.job
[2010/06/05 20:53:56 | 000,225,280 | ---- | M] () -- C:\Documents and Settings\Fred\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/06/05 18:42:02 | 000,001,090 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1377555683-3664876793-2747138006-1005Core1cac6c1a970742c.job
[2010/05/28 18:46:54 | 000,002,190 | ---- | M] () -- C:\Documents and Settings\Fred\Bureau\Google Chrome.lnk
[2010/05/25 07:27:34 | 000,000,632 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\VLC media player.lnk
[2010/05/21 18:32:40 | 000,001,828 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Google Earth.lnk
[2010/05/15 10:59:46 | 000,813,064 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/05/14 10:23:48 | 000,000,897 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\OpenOffice.org 3.2.lnk
[2010/05/14 09:31:36 | 150,968,072 | ---- | M] () -- C:\Documents and Settings\Fred\Bureau\OOo_3.2.0_Win32Intel_install_wJRE_fr.exe
[2010/05/14 07:01:26 | 018,499,623 | ---- | M] () -- C:\Documents and Settings\Fred\Mes documents\vlc-1.0.5-win32.exe
[2010/05/12 07:57:00 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
[2010/06/06 11:54:59 | 000,011,158 | ---- | C] () -- C:\Documents and Settings\Fred\Mes documents\Sans nom 1fd.odt
[2010/06/06 11:14:58 | 000,000,609 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Malwarebytes' Anti-Malware.lnk
[2010/05/25 07:27:32 | 000,000,632 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\VLC media player.lnk
[2010/05/21 18:32:38 | 000,001,828 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Google Earth.lnk
[2010/05/14 10:23:47 | 000,000,897 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\OpenOffice.org 3.2.lnk
[2010/05/14 09:26:35 | 150,968,072 | ---- | C] () -- C:\Documents and Settings\Fred\Bureau\OOo_3.2.0_Win32Intel_install_wJRE_fr.exe
[2008/08/25 19:00:20 | 000,000,420 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2008/02/01 10:51:06 | 000,000,024 | ---- | C] () -- C:\WINDOWS\memo.ini
[2007/11/10 10:58:51 | 000,691,696 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2007/11/09 18:26:26 | 000,001,078 | ---- | C] () -- C:\WINDOWS\VPlayer.INI
[2007/08/12 22:03:26 | 000,000,072 | ---- | C] () -- C:\WINDOWS\EurekaLog.ini
[2007/01/28 18:10:53 | 000,000,036 | ---- | C] () -- C:\WINDOWS\PikaFormat.INI
[2007/01/28 18:10:14 | 000,000,062 | ---- | C] () -- C:\WINDOWS\PikaBackup.INI
[2006/08/27 19:08:57 | 000,000,083 | ---- | C] () -- C:\WINDOWS\wwp.INI
[2006/06/28 00:09:25 | 000,000,227 | ---- | C] () -- C:\WINDOWS\HP_CounterReport_Update_HPSU.ini
[2006/06/28 00:09:11 | 000,000,214 | ---- | C] () -- C:\WINDOWS\HP_48BitScanUpdatePatch.ini
[2006/06/28 00:00:32 | 000,000,206 | ---- | C] () -- C:\WINDOWS\HPGdiPlus.ini
[2006/06/27 23:59:17 | 000,000,221 | ---- | C] () -- C:\WINDOWS\HP_RedboxHprblog_HPSU.ini
[2006/06/27 23:29:20 | 000,000,037 | ---- | C] () -- C:\WINDOWS\emcee.ini
[2006/06/22 18:06:33 | 000,000,035 | ---- | C] () -- C:\WINDOWS\C_it.ini
[2006/06/21 19:46:02 | 000,000,072 | ---- | C] () -- C:\WINDOWS\boxworld.ini
[2006/06/01 00:19:47 | 000,000,038 | ---- | C] () -- C:\WINDOWS\SOL.INI
[2006/05/28 02:13:52 | 000,541,090 | R--- | C] () -- C:\WINDOWS\System32\drivers\torususb.sys
[2006/05/28 00:26:45 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2006/05/27 19:07:10 | 000,639,052 | ---- | C] () -- C:\WINDOWS\System32\BBPDFPortMon.dll
[2006/05/27 18:51:14 | 000,000,385 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2006/05/27 17:34:00 | 000,000,638 | ---- | C] () -- C:\WINDOWS\System32\Autorun.ini
[2006/05/27 17:29:59 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\eRLog.ini
[2006/05/27 17:23:31 | 000,000,000 | ---- | C] () -- C:\WINDOWS\NT.INI
[2006/05/27 17:21:23 | 000,053,299 | ---- | C] () -- C:\WINDOWS\System32\pthreadVC.dll
[2005/12/07 12:31:00 | 000,202,752 | R--- | C] () -- C:\WINDOWS\System32\CddbCdda.dll
[2005/08/25 08:53:52 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2005/08/25 08:34:26 | 000,000,033 | ---- | C] () -- C:\WINDOWS\Acer.ini
[2005/08/25 08:34:25 | 000,000,319 | ---- | C] () -- C:\WINDOWS\uninstall.ini
[2005/08/24 03:52:22 | 000,001,024 | RH-- | C] () -- C:\WINDOWS\System32\NTIBUN4.dll
[2005/08/24 03:52:10 | 000,013,952 | ---- | C] () -- C:\WINDOWS\System32\drivers\UBHelper.sys
[2005/08/24 03:51:28 | 000,001,024 | RH-- | C] () -- C:\WINDOWS\System32\NTIMPEG2.dll
[2005/08/24 03:51:28 | 000,001,024 | RH-- | C] () -- C:\WINDOWS\System32\NTIMP3.dll
[2005/08/24 03:51:28 | 000,001,024 | RH-- | C] () -- C:\WINDOWS\System32\NTIFCD3.dll
[2005/08/24 03:51:28 | 000,001,024 | RH-- | C] () -- C:\WINDOWS\System32\NTICDMK7.dll
[2005/08/24 03:39:42 | 000,000,750 | ---- | C] () -- C:\WINDOWS\PowerOption.ini
[2005/08/24 03:39:18 | 000,037,776 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2005/08/24 03:32:09 | 000,003,712 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2005/04/04 11:52:42 | 000,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2005/04/04 11:35:24 | 000,745,472 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2005/03/03 20:24:16 | 000,005,632 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2005/02/24 16:51:52 | 000,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest
[2003/01/30 06:04:00 | 000,618,496 | ---- | C] () -- C:\WINDOWS\System32\stlpmt45.dll
[2002/10/15 22:54:04 | 000,153,088 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2002/03/13 16:46:46 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\zlib.dll
[2001/12/26 16:12:30 | 000,065,536 | R--- | C] () -- C:\WINDOWS\System32\multiplex_vcd.dll
[2001/09/03 23:46:38 | 000,110,592 | R--- | C] () -- C:\WINDOWS\System32\Hmpg12.dll
[2001/07/30 16:33:56 | 000,118,784 | R--- | C] () -- C:\WINDOWS\System32\HMPV2_ENC.dll
[2001/07/23 22:04:36 | 000,118,784 | R--- | C] () -- C:\WINDOWS\System32\HMPV2_ENC_MMX.dll
[2001/07/06 15:30:00 | 000,003,279 | ---- | C] () -- C:\WINDOWS\System32\HPTCPMON.INI
[1997/09/30 18:30:00 | 000,014,336 | ---- | C] () -- C:\WINDOWS\System32\Delphimm.dll
[1980/01/01 00:00:00 | 000,002,772 | ---- | C] () -- C:\WINDOWS\ANTIV.INI
[1980/01/01 00:00:00 | 000,000,082 | ---- | C] () -- C:\WINDOWS\ALaunch.ini
 
[color=#E56717]========== LOP Check ==========[/color]
 
[2006/05/27 19:00:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Bluebeam Software
[2006/05/27 19:22:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Autodesk
[2006/05/28 12:19:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\BVRP Software
[2007/06/20 19:44:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Downloaded Installations
[2007/06/20 19:44:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Suite
[2009/08/15 12:35:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
[2009/10/30 22:24:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Lite
[2010/01/18 21:22:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\2DBoy
[2006/05/27 19:22:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Fred\Application Data\Autodesk
[2006/05/28 11:57:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Fred\Application Data\Image Zone Express
[2006/09/29 13:13:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Fred\Application Data\BitTorrent
[2006/11/05 17:31:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Fred\Application Data\EoRezo
[2007/06/03 22:00:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Fred\Application Data\uTorrent
[2007/06/20 19:44:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Fred\Application Data\PC Suite
[2007/06/20 19:49:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Fred\Application Data\Nokia
[2007/06/20 19:49:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Fred\Application Data\Datalayer
[2007/06/20 21:16:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Fred\Application Data\Nokia Multimedia Player
[2008/06/21 12:10:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Fred\Application Data\Printer Info Cache
[2009/03/17 21:16:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Fred\Application Data\gtk-2.0
[2009/06/10 19:21:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Fred\Application Data\Amazon
[2009/10/10 12:43:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Fred\Application Data\Blender Foundation
[2009/10/30 22:25:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Fred\Application Data\DAEMON Tools Lite
[2009/11/16 15:10:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Fred\Application Data\OpenOffice.org
[2010/06/06 09:47:52 | 000,000,430 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{A91DE4A0-A2FF-4DAA-933F-04AD026E704C}.job
 
[color=#E56717]========== Purity Check ==========[/color]
 
 
 
[color=#E56717]========== Custom Scans ==========[/color]
 
 
[color=#A23BEC]< %systemroot%\system32\drivers\*.sys /lockedfiles >[/color]
[2009/10/30 22:25:50 | 000,691,696 | ---- | M] ()[b] Unable to obtain MD5[/b] -- C:\WINDOWS\system32\drivers\sptd.sys
 
[color=#A23BEC]< %ALLUSERSPROFILE%\Application Data\*. >[/color]
[2005/08/24 03:27:34 | 000,000,000 | --SD | M] -- C:\Documents and Settings\All Users\Application Data\Microsoft
[2005/08/24 03:49:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Adobe
[2005/08/25 08:30:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\CyberLink
[2006/05/27 17:21:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Intel
[2006/05/27 18:06:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Symantec
[2006/05/27 19:00:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Bluebeam Software
[2006/05/27 19:22:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Autodesk
[2006/05/27 19:26:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Macrovision
[2006/05/27 20:45:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\HP
[2006/05/27 22:00:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
[2006/05/28 12:19:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\BVRP Software
[2006/10/19 19:10:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Apple Computer
[2006/11/29 18:40:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Windows Live Toolbar
[2007/06/20 19:44:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Downloaded Installations
[2007/06/20 19:44:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Suite
[2007/09/07 19:48:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Google Updater
[2007/09/07 19:48:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Google
[2008/09/20 10:50:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NOS
[2008/12/21 21:35:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\HP Product Assistant
[2009/08/15 11:21:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Apple
[2009/08/15 12:35:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
[2009/10/04 10:51:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Real
[2009/10/30 22:24:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Lite
[2010/01/18 21:22:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\2DBoy
[2010/02/17 19:15:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sun
[2010/06/06 11:14:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
 
[color=#A23BEC]< %ALLUSERSPROFILE%\Application Data\*.exe /s >[/color]
 
[color=#A23BEC]< %APPDATA%\*. >[/color]
[2005/08/24 03:39:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Fred\Application Data\Identities
[2005/08/24 03:27:34 | 000,000,000 | --SD | M] -- C:\Documents and Settings\Fred\Application Data\Microsoft
[2006/05/27 18:03:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Fred\Application Data\Adobe
[2006/05/27 18:04:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Fred\Application Data\AdobeUM
[2006/05/27 18:06:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Fred\Application Data\Symantec
[2006/05/27 19:09:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Fred\Application Data\SolidWorks
[2006/05/27 19:22:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Fred\Application Data\Autodesk
[2006/05/27 19:32:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Fred\Application Data\CyberLink
[2006/05/27 19:41:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Fred\Application Data\ArcSoft
[2006/05/27 20:55:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Fred\Application Data\Ahead
[2006/05/27 20:16:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Fred\Application Data\Macromedia
[2006/05/27 20:29:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Fred\Application Data\HP
[2006/05/28 11:57:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Fred\Application Data\Image Zone Express
[2006/05/28 12:30:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Fred\Application Data\dvdcss
[2006/09/29 13:13:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Fred\Application Data\BitTorrent
[2006/10/01 15:24:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Fred\Application Data\Google
[2006/10/21 18:17:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Fred\Application Data\Apple Computer
[2006/11/05 17:31:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Fred\Application Data\EoRezo
[2006/11/13 18:47:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Fred\Application Data\Skype
[2006/12/14 11:46:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Fred\Application Data\Real
[2007/01/30 18:23:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Fred\Application Data\Help
[2007/06/03 22:00:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Fred\Application Data\uTorrent
[2007/06/20 19:44:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Fred\Application Data\PC Suite
[2007/06/20 19:49:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Fred\Application Data\Nokia
[2007/06/20 19:49:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Fred\Application Data\Datalayer
[2007/06/20 21:16:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Fred\Application Data\Nokia Multimedia Player
[2008/06/21 12:10:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Fred\Application Data\Printer Info Cache
[2008/09/05 16:15:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Fred\Application Data\Sun
[2008/12/06 10:46:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Fred\Application Data\AccurateRip
[2009/03/17 21:16:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Fred\Application Data\gtk-2.0
[2009/06/09 21:00:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Fred\Application Data\Media Player Classic
[2009/06/10 19:21:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Fred\Application Data\Amazon
[2009/10/10 12:43:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Fred\Application Data\Blender Foundation
[2009/10/30 22:25:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Fred\Application Data\DAEMON Tools Lite
[2009/11/16 15:10:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Fred\Application Data\OpenOffice.org
[2010/05/25 07:28:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Fred\Application Data\vlc
[2010/06/06 11:15:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Fred\Application Data\Malwarebytes
 
[color=#A23BEC]< %APPDATA%\*.exe /s >[/color]
 
[color=#A23BEC]< %SYSTEMDRIVE%\*.exe >[/color]
 
[color=#A23BEC]< %SYSTEMDRIVE%\*.exe >[/color]
 
 
[color=#A23BEC]< MD5 for: AGP440.SYS  >[/color]
[2004/08/05 05:00:00 | 018,779,217 | ---- | M] () .cab file -- C:\i386\sp2.cab:AGP440.sys
[2009/02/22 15:43:12 | 023,892,017 | ---- | M] () .cab file -- C:\i386\sp3.cab:AGP440.sys
[2004/08/05 05:00:00 | 018,779,217 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2009/02/22 15:43:12 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys
[2008/04/13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008/04/13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys
[2004/08/03 23:07:42 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\WINDOWS\$NtServicePackUninstall$\agp440.sys
 
[color=#A23BEC]< MD5 for: ATAPI.SYS  >[/color]
[2004/08/05 05:00:00 | 018,779,217 | ---- | M] () .cab file -- C:\i386\sp2.cab:atapi.sys
[2009/02/22 15:43:12 | 023,892,017 | ---- | M] () .cab file -- C:\i386\sp3.cab:atapi.sys
[2004/08/05 05:00:00 | 018,779,217 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2009/02/22 15:43:12 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008/04/13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008/04/13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004/08/05 05:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys
[2004/08/05 05:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0013\DriverFiles\i386\atapi.sys
 
[color=#A23BEC]< MD5 for: CDROM.SYS  >[/color]
[2004/08/05 05:00:00 | 018,779,217 | ---- | M] () .cab file -- C:\i386\sp2.cab:cdrom.sys
[2009/02/22 15:43:12 | 023,892,017 | ---- | M] () .cab file -- C:\i386\sp3.cab:cdrom.sys
[2004/08/05 05:00:00 | 018,779,217 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys
[2009/02/22 15:43:12 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:cdrom.sys
[2008/04/13 20:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\ServicePackFiles\i386\cdrom.sys
[2008/04/13 20:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys
[2004/08/05 05:00:00 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\$NtServicePackUninstall$\cdrom.sys
 
[color=#A23BEC]< MD5 for: CHANGER.SYS  >[/color]
[2004/08/05 05:00:00 | 018,779,217 | ---- | M] () .cab file -- C:\i386\sp2.cab:Changer.sys
[2009/02/22 15:43:12 | 023,892,017 | ---- | M] () .cab file -- C:\i386\sp3.cab:Changer.sys
[2004/08/05 05:00:00 | 018,779,217 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:Changer.sys
[2009/02/22 15:43:12 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:Changer.sys
[2008/04/13 20:40:58 | 000,008,192 | ---- | M] (Microsoft Corporation) MD5=2A5815CA6FFF24B688C01F828B96819C -- C:\WINDOWS\ServicePackFiles\i386\changer.sys
 
[color=#A23BEC]< MD5 for: DISK.SYS  >[/color]
[2004/08/05 05:00:00 | 018,779,217 | ---- | M] () .cab file -- C:\i386\sp2.cab:disk.sys
[2009/02/22 15:43:12 | 023,892,017 | ---- | M] () .cab file -- C:\i386\sp3.cab:disk.sys
[2004/08/05 05:00:00 | 018,779,217 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:disk.sys
[2009/02/22 15:43:12 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:disk.sys
[2004/08/05 05:00:00 | 000,036,352 | ---- | M] (Microsoft Corporation) MD5=00CA44E4534865F8A3B64F7C0984BFF0 -- C:\WINDOWS\$NtServicePackUninstall$\disk.sys
[2008/04/13 20:40:48 | 000,036,352 | ---- | M] (Microsoft Corporation) MD5=044452051F3E02E7963599FC8F4F3E25 -- C:\WINDOWS\ServicePackFiles\i386\disk.sys
[2008/04/13 20:40:48 | 000,036,352 | ---- | M] (Microsoft Corporation) MD5=044452051F3E02E7963599FC8F4F3E25 -- C:\WINDOWS\system32\drivers\disk.sys
 
[color=#A23BEC]< MD5 for: EVENTLOG.DLL  >[/color]
[2004/08/05 05:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=21E83876A6287F15538EF187D286FE11 -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll
[2008/04/14 04:33:24 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=4EC800BDF80521B0207BD2301DFC7D14 -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008/04/14 04:33:24 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=4EC800BDF80521B0207BD2301DFC7D14 -- C:\WINDOWS\system32\eventlog.dll
 
[color=#A23BEC]< MD5 for: NDIS.SYS  >[/color]
[2008/04/13 21:20:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\ServicePackFiles\i386\ndis.sys
[2008/04/13 21:20:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys
[2004/08/05 05:00:00 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\$NtServicePackUninstall$\ndis.sys
 
[color=#A23BEC]< MD5 for: NETLOGON.DLL  >[/color]
[2008/04/14 04:33:34 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=04821179C3171554C1BD1F9888A113E2 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2008/04/14 04:33:34 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=04821179C3171554C1BD1F9888A113E2 -- C:\WINDOWS\system32\netlogon.dll
[2004/08/05 05:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=FAF07FDCDE76000621A28D19F8E2E8EB -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll
 
[color=#A23BEC]< MD5 for: RASACD.SYS  >[/color]
[2004/08/05 05:00:00 | 000,008,832 | ---- | M] (Microsoft Corporation) MD5=FE0D99D6F31E4FAD8159F690D68DED9C -- C:\WINDOWS\system32\dllcache\rasacd.sys
[2004/08/05 05:00:00 | 000,008,832 | ---- | M] (Microsoft Corporation) MD5=FE0D99D6F31E4FAD8159F690D68DED9C -- C:\WINDOWS\system32\drivers\rasacd.sys
 
[color=#A23BEC]< MD5 for: RDPWD.SYS  >[/color]
[2005/06/10 06:06:02 | 000,139,528 | ---- | M] (Microsoft Corporation) MD5=047BEA21274C8A4A233674A76C958C2C -- C:\WINDOWS\$hf_mig$\KB899591\SP2QFE\rdpwd.sys
[2008/04/14 04:34:54 | 000,139,656 | ---- | M] (Microsoft Corporation) MD5=6728E45B66F93C08F11DE2E316FC70DD -- C:\WINDOWS\ServicePackFiles\i386\rdpwd.sys
[2008/04/14 04:34:54 | 000,139,656 | ---- | M] (Microsoft Corporation) MD5=6728E45B66F93C08F11DE2E316FC70DD -- C:\WINDOWS\system32\drivers\rdpwd.sys
[2005/06/10 06:11:22 | 000,139,528 | ---- | M] (Microsoft Corporation) MD5=B54CD38A9EBFBF2B3561426E3FE26F62 -- C:\WINDOWS\$NtServicePackUninstall$\rdpwd.sys
[2004/08/05 05:00:00 | 000,139,400 | ---- | M] (Microsoft Corporation) MD5=D4F5643D7714EF499AE9527FDCD50894 -- C:\WINDOWS\$NtUninstallKB899591$\rdpwd.sys
 
[color=#A23BEC]< MD5 for: SCECLI.DLL  >[/color]
[2008/04/14 04:33:40 | 000,187,392 | ---- | M] (Microsoft Corporation) MD5=973B36634C544948C663E8269AA1B3A3 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008/04/14 04:33:40 | 000,187,392 | ---- | M] (Microsoft Corporation) MD5=973B36634C544948C663E8269AA1B3A3 -- C:\WINDOWS\system32\scecli.dll
[2004/08/05 05:00:00 | 000,186,368 | ---- | M] (Microsoft Corporation) MD5=DEC0397F35D027874804EC72979D03CC -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
 
[color=#A23BEC]< MD5 for: SFLOPPY.SYS  >[/color]
[2004/08/05 05:00:00 | 018,779,217 | ---- | M] () .cab file -- C:\i386\sp2.cab:Sfloppy.sys
[2009/02/22 15:43:12 | 023,892,017 | ---- | M] () .cab file -- C:\i386\sp3.cab:Sfloppy.sys
[2004/08/05 05:00:00 | 018,779,217 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:Sfloppy.sys
[2009/02/22 15:43:12 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:Sfloppy.sys
[2004/08/05 05:00:00 | 000,011,392 | ---- | M] (Microsoft Corporation) MD5=0D13B6DF6E9E101013A7AFB0CE629FE0 -- C:\WINDOWS\$NtServicePackUninstall$\sfloppy.sys
[2008/04/13 20:40:48 | 000,011,392 | ---- | M] (Microsoft Corporation) MD5=8E6B8C671615D126FDC553D1E2DE5562 -- C:\WINDOWS\ServicePackFiles\i386\sfloppy.sys
[2008/04/13 20:40:48 | 000,011,392 | ---- | M] (Microsoft Corporation) MD5=8E6B8C671615D126FDC553D1E2DE5562 -- C:\WINDOWS\system32\drivers\sfloppy.sys
 
[color=#A23BEC]< MD5 for: SPLITTER.SYS  >[/color]
[2004/08/05 05:00:00 | 018,779,217 | ---- | M] () .cab file -- C:\i386\sp2.cab:splitter.sys
[2009/02/22 15:43:12 | 023,892,017 | ---- | M] () .cab file -- C:\i386\sp3.cab:splitter.sys
[2004/08/05 05:00:00 | 018,779,217 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:splitter.sys
[2009/02/22 15:43:12 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:splitter.sys
[2006/06/14 09:47:46 | 000,006,400 | ---- | M] (Microsoft Corporation) MD5=0CE218578FFF5F4F7E4201539C45C78F -- C:\WINDOWS\$NtServicePackUninstall$\splitter.sys
[2004/08/03 23:07:48 | 000,006,400 | ---- | M] (Microsoft Corporation) MD5=8E186B8F23295D1E42C573B82B80D548 -- C:\WINDOWS\$NtUninstallKB920872$\splitter.sys
[2006/06/14 09:50:20 | 000,006,272 | ---- | M] (Microsoft Corporation) MD5=9BB1DD670CB7505A90FC4E61D4AA8227 -- C:\WINDOWS\$hf_mig$\KB920872\SP2QFE\splitter.sys
[2008/04/13 20:45:08 | 000,006,272 | ---- | M] (Microsoft Corporation) MD5=AB8B92451ECB048A4D1DE7C3FFCB4A9F -- C:\WINDOWS\ServicePackFiles\i386\splitter.sys
[2008/04/13 20:45:08 | 000,006,272 | ---- | M] (Microsoft Corporation) MD5=AB8B92451ECB048A4D1DE7C3FFCB4A9F -- C:\WINDOWS\system32\drivers\splitter.sys
 
[color=#A23BEC]< MD5 for: SWMIDI.SYS  >[/color]
[2009/02/22 15:43:12 | 023,892,017 | ---- | M] () .cab file -- C:\i386\sp3.cab:swmidi.sys
[2009/02/22 15:43:12 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:swmidi.sys
[2008/04/13 20:45:10 | 000,056,576 | ---- | M] (Microsoft Corporation) MD5=8CE882BCC6CF8A62F2B2323D95CB3D01 -- C:\WINDOWS\ServicePackFiles\i386\swmidi.sys
[2008/04/13 20:45:10 | 000,056,576 | ---- | M] (Microsoft Corporation) MD5=8CE882BCC6CF8A62F2B2323D95CB3D01 -- C:\WINDOWS\system32\drivers\swmidi.sys
[2001/08/17 22:00:52 | 000,054,272 | ---- | M] (Microsoft Corporation) MD5=94ABC808FC4B6D7D2BBF42B85E25BB4D -- C:\WINDOWS\$NtServicePackUninstall$\swmidi.sys
 
[color=#A23BEC]< MD5 for: TCPIP.SYS  >[/color]
[2008/08/12 21:01:50 | 000,360,320 | ---- | M] (Microsoft Corporation) MD5=073941D59AE065910064B728DEE981EE -- C:\WINDOWS\$NtServicePackUninstall$\tcpip.sys
[2006/04/20 13:51:50 | 000,359,808 | ---- | M] (Microsoft Corporation) MD5=1DBF125862891817F374F407626967F4 -- C:\WINDOWS\$NtUninstallKB941644$\tcpip.sys
[2006/01/13 19:07:08 | 000,360,448 | ---- | M] (Microsoft Corporation) MD5=5562CC0A47B2AEF06D3417B733F3C195 -- C:\WINDOWS\$hf_mig$\KB913446\SP2QFE\tcpip.sys
[2006/01/13 04:28:14 | 000,359,808 | ---- | M] (Microsoft Corporation) MD5=583E063FDC888CA30D05C2724B0D7EF4 -- C:\WINDOWS\$NtUninstallKB917953$\tcpip.sys
[2007/10/30 17:53:32 | 000,360,832 | ---- | M] (Microsoft Corporation) MD5=64798ECFA43D78C7178375FCDD16D8C8 -- C:\WINDOWS\$hf_mig$\KB941644\SP2QFE\tcpip.sys
[2008/06/20 12:44:42 | 000,360,960 | ---- | M] (Microsoft Corporation) MD5=744E57C99232201AE98C49168B918F48 -- C:\WINDOWS\$hf_mig$\KB951748\SP2QFE\tcpip.sys
[2007/10/30 18:20:56 | 000,360,064 | ---- | M] (Microsoft Corporation) MD5=90CAFF4B094573449A0872A0F919B178 -- C:\WINDOWS\$NtUninstallKB951748_0$\tcpip.sys
[2008/04/13 21:20:16 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\$NtUninstallKB951748$\tcpip.sys
[2008/04/13 21:20:16 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\ServicePackFiles\i386\tcpip.sys
[2008/06/20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\$hf_mig$\KB951748\SP3GDR\tcpip.sys
[2008/06/20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\dllcache\tcpip.sys
[2008/06/20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\drivers\tcpip.sys
[2004/08/05 05:00:00 | 000,359,040 | ---- | M] (Microsoft Corporation) MD5=9F4B36614A0FC234525BA224957DE55C -- C:\WINDOWS\$NtUninstallKB913446$\tcpip.sys
[2008/06/20 13:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip.sys
[2006/04/20 14:18:36 | 000,360,576 | ---- | M] (Microsoft Corporation) MD5=B2220C618B42A2212A59D91EBD6FC4B4 -- C:\WINDOWS\$hf_mig$\KB917953\SP2QFE\tcpip.sys
 
[color=#A23BEC]< MD5 for: TDPIPE.SYS  >[/color]
[2004/08/05 05:00:00 | 000,012,040 | ---- | M] (Microsoft Corporation) MD5=38D437CF2D98965F239B0ABCD66DCB0F -- C:\WINDOWS\$NtServicePackUninstall$\tdpipe.sys
[2008/04/14 04:34:52 | 000,012,040 | ---- | M] (Microsoft Corporation) MD5=6471A66807F5E104E4885F5B67349397 -- C:\WINDOWS\ServicePackFiles\i386\tdpipe.sys
[2008/04/14 04:34:52 | 000,012,040 | ---- | M] (Microsoft Corporation) MD5=6471A66807F5E104E4885F5B67349397 -- C:\WINDOWS\system32\drivers\tdpipe.sys
 
[color=#A23BEC]< MD5 for: TDTCP.SYS  >[/color]
[2008/04/14 04:34:54 | 000,021,896 | ---- | M] (Microsoft Corporation) MD5=C56B6D0402371CF3700EB322EF3AAF61 -- C:\WINDOWS\ServicePackFiles\i386\tdtcp.sys
[2008/04/14 04:34:54 | 000,021,896 | ---- | M] (Microsoft Corporation) MD5=C56B6D0402371CF3700EB322EF3AAF61 -- C:\WINDOWS\system32\drivers\tdtcp.sys
[2004/08/05 05:00:00 | 000,021,896 | ---- | M] (Microsoft Corporation) MD5=ED0580AF02502D00AD8C4C066B156BE9 -- C:\WINDOWS\$NtServicePackUninstall$\tdtcp.sys
 
[color=#A23BEC]< MD5 for: USBPRINT.SYS  >[/color]
[2004/08/05 05:00:00 | 018,779,217 | ---- | M] () .cab file -- C:\i386\sp2.cab:usbprint.sys
[2009/02/22 15:43:12 | 023,892,017 | ---- | M] () .cab file -- C:\i386\sp3.cab:usbprint.sys
[2004/08/05 05:00:00 | 018,779,217 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:usbprint.sys
[2009/02/22 15:43:12 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:usbprint.sys
[2004/08/03 23:01:26 | 000,025,856 | ---- | M] (Microsoft Corporation) MD5=A42369B7CD8886CD7C70F33DA6FCBCF5 -- C:\WINDOWS\$NtServicePackUninstall$\usbprint.sys
[2008/04/13 20:47:38 | 000,025,856 | ---- | M] (Microsoft Corporation) MD5=A717C8721046828520C9EDF31288FC00 -- C:\WINDOWS\ServicePackFiles\i386\usbprint.sys
[2008/04/13 20:47:38 | 000,025,856 | ---- | M] (Microsoft Corporation) MD5=A717C8721046828520C9EDF31288FC00 -- C:\WINDOWS\system32\drivers\usbprint.sys
 
[color=#A23BEC]< MD5 for: USBSCAN.SYS  >[/color]
[2004/08/05 05:00:00 | 018,779,217 | ---- | M] () .cab file -- C:\i386\sp2.cab:usbscan.sys
[2009/02/22 15:43:12 | 023,892,017 | ---- | M] () .cab file -- C:\i386\sp3.cab:usbscan.sys
[2004/08/05 05:00:00 | 018,779,217 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:usbscan.sys
[2009/02/22 15:43:12 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:usbscan.sys
[2008/04/13 20:45:34 | 000,015,104 | ---- | M] (Microsoft Corporation) MD5=A0B8CF9DEB1184FBDD20784A58FA75D4 -- C:\WINDOWS\ServicePackFiles\i386\usbscan.sys
[2008/04/13 20:45:34 | 000,015,104 | ---- | M] (Microsoft Corporation) MD5=A0B8CF9DEB1184FBDD20784A58FA75D4 -- C:\WINDOWS\system32\drivers\usbscan.sys
[2004/08/03 22:58:46 | 000,015,104 | ---- | M] (Microsoft Corporation) MD5=A6BC71402F4F7DD5B77FD7F4A8DDBA85 -- C:\WINDOWS\$NtServicePackUninstall$\usbscan.sys
 
[color=#A23BEC]< %systemroot%\*. /mp /s >[/color]
 
[color=#A23BEC]< %systemroot%\system32\*.dll /lockedfiles >[/color]
[4 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
 
[color=#A23BEC]< %systemroot%\Tasks\*.job /lockedfiles  >[/color]
< End of report >


EDIT Skynet : balises [code] ajoutées.
acfred
Visiteur
Visiteur
 
Messages: 3
Inscription: 06 Juin 2010 10:22
 
Haut

Re: Pop up récalcitrant analyse du test

Message le 06 Juin 2010 19:31

Et voici le rapport Extras :

Code: Tout sélectionner
OTL Extras logfile created on: 06/06/2010 20:16:57 - Run 1
OTL by OldTimer - Version 3.2.5.3     Folder = C:\Documents and Settings\Fred\Mes documents\Downloads
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy
 
1 014,00 Mb Total Physical Memory | 411,00 Mb Available Physical Memory | 41,00% Memory free
2,00 Gb Paging File | 2,00 Gb Available in Paging File | 79,00% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 35,60 Gb Total Space | 3,36 Gb Free Space | 9,44% Space Free | Partition Type: FAT32
Drive D: | 35,98 Gb Total Space | 2,52 Gb Free Space | 7,01% Space Free | Partition Type: FAT32
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
 
Computer Name: FREDERIC1
Current User Name: Fred
Logged in as Administrator.
 
Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
 
[color=#E56717]========== Extra Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== File Associations ==========[/color]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
 
[HKEY_USERS\S-1-5-21-1377555683-3664876793-2747138006-1005\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- C:\Documents and Settings\Fred\Local Settings\Application Data\Google\Chrome\Application\chrome.exe (Google Inc.)
 
[color=#E56717]========== Shell Spawning ==========[/color]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[color=#E56717]========== Security Center Settings ==========[/color]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"3389:TCP" = 3389:TCP:*:Enabled:@xpsp2res.dll,-22009
"4662:TCP" = 4662:TCP:*:Enabled:TPC
 
[color=#E56717]========== Authorized Applications List ==========[/color]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\MSN Messenger\msncall.exe" = C:\Program Files\MSN Messenger\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone) -- File not found
"C:\Program Files\MSN Messenger\livecall.exe" = C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone) -- File not found
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe" = C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Acer\Acer Arcade\PCMService.exe" = C:\Program Files\Acer\Acer Arcade\PCMService.exe:*:Enabled:CyberLink PowerCinema Resident Program -- (CyberLink Corp.)
"C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe:*:Enabled:hpofxm08.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe" = C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe:*:Enabled:hposfx08.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe" = C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe:*:Enabled:hpqcopy.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe" = C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe:*:Enabled:hpfccopy.exe -- (Hewlett-Packard)
"C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe" = C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe:*:Enabled:hpzwiz01.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe" = C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe:*:Enabled:hpqphunl.exe -- ()
"C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe" = C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe -- (Hewlett-Packard Co.)
"C:\Program Files\SuperCopier\SuperCopier.exe" = C:\Program Files\SuperCopier\SuperCopier.exe:*:Enabled:SuperCopier -- (SFX TEAM)
"C:\Program Files\MSN Messenger\msncall.exe" = C:\Program Files\MSN Messenger\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone) -- File not found
"C:\Program Files\BitTorrent\bittorrent.exe" = C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent -- File not found
"C:\Program Files\uTorrent\utorrent.exe" = C:\Program Files\uTorrent\utorrent.exe:*:Enabled:µTorrent -- File not found
"C:\Documents and Settings\Fred\Mes documents\Memo.exe" = C:\Documents and Settings\Fred\Mes documents\Memo.exe:*:Enabled:Desktop tool -- File not found
"C:\Program Files\Real\RealPlayer\realplay.exe" = C:\Program Files\Real\RealPlayer\realplay.exe:*:Enabled:RealPlayer -- (RealNetworks, Inc.)
"C:\Program Files\Veoh Networks\Veoh\VeohClient.exe" = C:\Program Files\Veoh Networks\Veoh\VeohClient.exe:*:Enabled:Veoh Client -- (Veoh Networks)
"H:\eMule\emule.exe" = H:\eMule\emule.exe:*:Enabled:eMule -- File not found
"C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe" = C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe:*:Enabled:Veoh Web Player  -- (Veoh Networks)
"C:\Program Files\MSN Messenger\livecall.exe" = C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone) -- File not found
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe" = C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation)
 
 
[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{0405E51E-9582-4207-8F38-AC44201D3808}" = VeohTV BETA
"{0611BD4E-4FE4-4a62-B0C0-18A4CC463428}" = CP_Package_Variety1
"{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour
"{09984AEC-6B9F-4ca7-B78D-CB44D4771DA3}" = Destinations
"{0B33B738-AD79-4E32-90C5-E67BFB10BBFF}" = AiO_Scan
"{0D80391C-0A72-43BB-9BC2-143F63CC111D}" = Nokia PC Connectivity Solution
"{10798AE3-DCBB-43C3-9C93-C23512427E25}" = Les Sims Deluxe
"{1577A05B-EE62-4BBC-9DB7-FE748FA44EC2}" = NTI CD & DVD-Maker
"{175B7C4A-CAF8-437A-B597-73E0D2D970FE}" = Détecteur de flux Windows Live Toolbar (Windows Live Toolbar)
"{1C139D7D-9FEA-468d-A9C8-2A6E3BDE564A}" = CP_Package_Variety3
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Outil de téléchargement Windows Live
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{23FB368F-1399-4EAC-817C-4B83ECBE3D83}" = mProSafe
"{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = Acer Arcade
"{26A24AE4-039D-4CA4-87B4-2F83216015FF}" = Java(TM) 6 Update 18
"{26A24AE4-039D-4CA4-87B4-2F83216016F0}" = Java(TM) 6 Update 16
"{2CADCEAB-D5DA-44D6-B5FC-7DEE87AB3C0C}" = Unload
"{2CC982C0-7EAE-11D4-ACC3-0050568AD318}" = Avery DesignPro
"{2EBA5473-558B-462C-AEE4-FE50FA799F2A}" = NGS Mouse Driver
"{30C19FF2-7FBA-4d09-B9DE-1659977F64F6}" = TrayApp
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java(TM) 6 Update 7
"{350C940c-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3585ED1C-74C5-43B0-A232-831B96A12A2B}" = Menus intelligents (Windows Live Toolbar)
"{36FDBE6E-6684-462B-AE98-9A39A1B200CC}" = HP Product Assistant
"{385979FE-DC4F-4140-8EAD-A59625000D72}" = NTI Backup NOW! 4
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3d9ac095-e115-4e94-bdef-7f7edf17697d}" = Python 2.6.3
"{4002F73D-EBB3-4EA1-A2FF-DBCB4529759E}" = Barre d'outils Outlook de Windows Live (Windows Live Toolbar)
"{46ABBC54-1872-4AA3-95E2-F2C063A63F31}" = Installation Windows Live
"{4781569D-5404-1F26-4B2B-6DF444441031}" = Nero 7 Premium
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CBA3D4C-8F51-4D60-B27E-F6B641C571E7}" = Microsoft Search Enhancement Pack
"{4EE2EF4B-25D3-4D44-8384-A2B96F811F55}" = OpenOffice.org 3.2
"{51F366F4-C2E4-429A-866A-59C885ED42FD}" = Bloqueur de fenêtres pop-up (Windows Live Toolbar)
"{531317A5-586A-4E36-87C1-CA823447B375}" = Nokia PC Suite
"{5421155F-B033-49DB-9B33-8F80F233D4D5}" = GdiplusUpgrade
"{54E3707F-808E-4fd4-95C9-15D1AB077E5D}" = NewCopy
"{56F8AFC3-FA98-4ff1-9673-8A026CBF85BE}" = WebReg
"{5783F2D7-0201-040C-0002-0060B0CE6BBA}" = AutoCAD 2004
"{58E5844B-7CE2-413D-83D1-99294BF6C74F}" = Acer ePowerManagement
"{5B622B7A-60FB-4630-B11D-F121D20BCCD6}" = MarketResearch
"{5B79CFD1-6845-4158-9D7D-6BE89DF2C135}" = HP PSC & OfficeJet 5.3.B
"{5DD76286-9BE7-4894-A990-E905E91AC818}" = Windows Live Mail
"{65248369-7CB9-43A9-82C8-C438AE04DED4}" = 1500
"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder
"{6882DD11-33B8-4DEA-8305-7E765BF74BD3}" = Nokia Connectivity Cable Driver
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6BB6627C-694F-4FDC-A3E5-C7F4BED4C724}" = DocProc
"{6D316D67-DA52-4659-9C98-F479963534D6}" = Audiosurf
"{6DE14BE4-6F04-4935-8ABD-A0A19FE2E55A}" = mCore
"{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{733AF353-1952-11D5-87A4-00E0294855E2}" = Reverso Pro 5 EFFE
"{76E41F43-59D2-4F30-BA42-9A762EE1E8DE}" = LiveUpdate BVRP Software
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{770F1BEC-2871-4E70-B837-FB8525FFA3B1}" = Windows Live Messenger
"{7850A6D2-CBEA-4728-9877-F1BEDEA9F619}" = AiOSoftware
"{7C9B95B7-B598-4398-B30F-7F6827192E6C}" = ProductContext
"{7CCFADC3-60C4-4DD2-A843-171FAFB9467A}" = Digital Video Duplicator
"{81E06318-EEB9-4D55-8CD5-7AC9148D5E66}" = 1500_Help
"{827289F5-B44F-4E49-9993-840741585A62}" = Acer eManager for Notebook
"{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}" = Windows Live Call
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A708DD8-A5E6-11D4-A706-000629E95E20}" = Intel(R) Graphics Media Accelerator Driver for Mobile
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8B928BA1-EDEC-4227-A2DA-DD83026C36F5}" = mPfMgr
"{923A7F5A-1E8C-4FBE-8DF6-85940A60A79F}" = Readme
"{94FB906A-CF42-4128-A509-D353026A607E}" = REALTEK Gigabit and Fast Ethernet NIC Driver
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{A059DE09-1B49-4450-B340-7AE097EC3F04}" = Microsoft Works
"{A195B13E-A5E3-4BAF-A995-7F70F445CD06}" = ScannerCopy
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A250D351-A07F-4D5D-AB6C-693C69B9BFAF}" = Hercules Webcam
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{AC76BA86-7AD7-1033-7B44-A70000000000}" = Adobe Reader 7.0
"{AC76BA86-7AD7-5676-5A64-7E8A45000001}" = Adobe Reader Korean Fonts
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = PowerProducer
"{B824B5C9-849F-4b9e-9EA7-6FD8CD8116DA}" = CP_Package_Variety2
"{B996AE66-10DB-4ac5-B151-E8B4BFBC42FC}" = BufferChm
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{C06554A1-2C1E-4D20-B613-EE62C79927CC}" = Acer eNetManagement
"{C506A18C-1469-4678-B094-F4EC9DAE6DB7}" = Scan
"{C78EAC6F-7A73-452E-8134-DBB2165C5A68}" = QuickTime
"{CBA30674-A242-4531-82B5-586B31F90E04}" = 1500Trb
"{CE24344F-DFD8-40C8-8FD8-C9740B5F25AC}" = Fax
"{D050D7362D214723AD585B541FFB6C11}" = DivX Content Uploader
"{D208F4A7-6B73-4C2A-8B1E-8756FCBA831E}" = Hercules WebCam Station
"{D518AD32-C710-4616-BA0D-D4B1FA5F82E8}" = Extension de Windows Live Toolbar (Windows Live Toolbar)
"{DCE65B11-710D-4C54-9DE5-1A6A0BD2186B}" = Windows Live Favorites pour Windows Live Toolbar
"{DCE8CD14-FBF5-4464-B9A4-E18E473546C7}" = Assistant de connexion Windows Live
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{E3F90083-80D4-4b5a-87C7-E97E12F5516D}" = HPProductAssistant
"{EA103B64-C0E4-4C0E-A506-751590E1653D}" = SolutionCenter
"{EB21A812-671B-4D08-B974-2A347F0D8F70}" = HP Photosmart Essential
"{F0BFC7EF-9CF8-44EE-91B0-158884CD87C5}" = mMHouse
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F242B06B-517F-4D62-B654-16B11564A912}" = OneCare Advisor (Windows Live Toolbar)
"{F4C2E5F5-2970-45f4-ABD3-C180C4D961C4}" = Status
"{F4F4F84E-804F-4E9A-84D7-C34283F0088F}" = RealUpgrade 1.0
"{F7B0939E-58DF-11DF-B3A6-005056806466}" = Google Earth
"{F7D27C70-90F5-49B9-B188-0A133C0CE353}" = Windows Live Toolbar
"{FCA651F3-5BDA-4DDA-9E4A-5D87D6914CC4}" = mWlsSafe
"{FE57DE70-95DE-4B64-9266-84DA811053DB}" = HP Update
"3271E907F27C989F2C244ACB3D32020E3DD3CA6F" = Windows Driver Package - Nokia Modem  (06/12/2006 6.81.0.21)
"AC3Filter" = AC3Filter (remove only)
"Adobe Flash Player ActiveX" = Adobe Flash Player ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Amazon MP3 Downloader" = Amazon MP3 Downloader 1.0.5
"AnyDVD" = AnyDVD
"Autodesk Express Viewer" = Autodesk Express Viewer
"avast!" = avast! Antivirus
"Blender" = Blender (remove only)
"Catalencodec Pack" = Catalencodec Pack
"CCleaner" = CCleaner (remove only)
"CdaC13Ba" = SafeCast Shared Components
"CloneDVD2" = CloneDVD2
"CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_1025008F" = HDAUDIO Soft Voice Modem with SmartCP
"Compel install Adaptec WinASPI-4.6.0(1021)_is1" = Compel Adaptec WinASPI
"dBpoweramp Midi Decoder" = dBpoweramp Midi Decoder
"dBpoweramp Musepack Codec" = dBpoweramp Musepack Codec
"dBpoweramp Music Converter" = dBpoweramp Music Converter
"dBpowerAMP Ogg Vorbis Codec" = dBpowerAMP Ogg Vorbis Codec
"dBpowerAMP WMA V8 Codec" = dBpowerAMP WMA V8 Codec
"DivXG400" = DivXG400
"dMC File Selector" = dMC File Selector
"ecobutton_is1" = ecobutton
"eMule" = eMule
"ES-Vidéo V1.40" = ES-Vidéo V1.40
"FLVplayer" = FLV Player
"FurySync_is1" = FurySync 3.0
"Google Updater" = Outil de mise à jour Google
"GridVista" = Acer GridVista
"HP Imaging Device Functions" = HP Imaging Device Functions 5.3
"HP Solution Center & Imaging Support Tools" = HP Solution Center & Imaging Support Tools 5.3
"HPExtendedCapabilities" = HP Extended Capabilities 5.3
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"InstallShield_{0405E51E-9582-4207-8F38-AC44201D3808}" = VeohTV BETA
"InstallShield_{1577A05B-EE62-4BBC-9DB7-FE748FA44EC2}" = NTI CD & DVD-Maker
"InstallShield_{385979FE-DC4F-4140-8EAD-A59625000D72}" = NTI Backup NOW! 4
"InstallShield_{827289F5-B44F-4E49-9993-840741585A62}" = Acer eManager for Notebook
"Les départements français" = Les départements français
"Les états allemands" = Les états allemands
"Les états d'Amérique du Nord" = Les états d'Amérique du Nord
"Les pays d'Afrique" = Les pays d'Afrique
"Les pays d'Amérique du Sud" = Les pays d'Amérique du Sud
"Les pays d'Asie" = Les pays d'Asie
"Les pays d'Europe" = Les pays d'Europe
"Les pays d'Océanie" = Les pays d'Océanie
"LManager" = Launch Manager
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"MaxTV Online2007" = MaxTV Online
"mmswitch" = Morgan Stream Switcher
"mrhnlrh" = Favorit
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"PikaFlyCASE" = PikaOne FlyCASE
"ProInst" = Intel(R) PROSet/Wireless Software
"RealPlayer 12.0" = RealPlayer
"StmAdsl" = BeWAN ADSL modem
"SuperCopier" = SuperCopier
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"Tomb Raider II" = Tomb Raider II
"Veoh Web Player Beta" = Veoh Web Player Beta
"VLC media player" = VLC media player 1.0.5
"VobSub" = VobSub v2.23 (Remove Only)
"WebMediaPlayer" = WebMediaPlayer
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Lecteur Windows Media 11
"Windows XP Service" = Windows XP Service Pack 3
"WinGimp-2.0_is1" = GIMP 2.6.5
"WinLiveSuite_Wave3" = Installation Windows Live
"WinRAR archiver" = Archiveur WinRAR
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"XviD_is1" = XviD MPEG-4 Video Codec
 
[color=#E56717]========== HKEY_USERS Uninstall List ==========[/color]
 
[HKEY_USERS\S-1-5-21-1377555683-3664876793-2747138006-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
 
[color=#E56717]========== Last 10 Event Log Errors ==========[/color]
 
Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!
 
< End of report >


EDIT Skynet : balises [code] ajoutées. Merci de faire attention ! C'est pourtant signalé dans l'en-tête...
acfred
Visiteur
Visiteur
 
Messages: 3
Inscription: 06 Juin 2010 10:22
 
Haut

Re: Pop up récalcitrant analyse du test

Message le 06 Juin 2010 20:20

hello,

Pense à utiliser les balise codes pour poster tes rapports stp..
pour cela...
cliques sur la balise "CODE" (dans la barre d'outil d'édition) et colle le contenu des rapports entre lla balise d'entrée et de sortie
Image

cela sera plus lisible :wink:

ensuite...

Télécharge >>> AD-Remover <<< ( de C_XX ) sur ton bureau.

- Double-clique sur le raccourcie Image pour lancer le tool.

- Pour Vista /Seven faire un cliques droit sur l'icône et choisir "Exécuter en tant qu'administrateur"

- Cliques sur "Nettoyer".

- Ensuite laisse le scan s'effectuer tranquillement sans te servir du PC

- Poste le rapport.txt qui s'ouvre.

au cas ou,le rapport est sauvegarder ici
C:\AD-Report-scan+"date"

puis...

Tu as une infection qui se propage par support amovible (Clef USB, DD externe, carte photo SD,etc...)
Branche tes clefs USB, DD externe (en position "marche) etc...

Télécharge USBFix ( par Chiquitine29, C_XX & Chimay8 ) sur ton bureau,
  • Fais un double-clic sur l'icône d'USBFix afin de le lancer.
  • Fais le choix"recherche" .
  • Laisse travailler USBFix et poste le rapport qui sera générer en fin de scan en utilisant les balises [code ] [/code].
  • Ne choisis pas d'autres options sans mon accord
Avatar de l'utilisateur
jeanmimigab
PC-Infopraticien
PC-Infopraticien
 
Messages: 2986
Inscription: 29 Nov 2009 12:05
 
Haut
Répondre

Sujets similaires

Message Aide suite à une analyse FRST contre un virus vbc.exe
Bonjour tout le monde, J'ai récemment constaté que j'étais infecté par un virus lié à vbc.exe, ce qui entraîne une utilisation du CPU allant jusqu'à 30% voire 40%. J'ai donc effectué mes analyses FRST et voici les rapports obtenus : - FRST.txt: https://pjjoint.malekal.com/files.php?id=FRST_20240315_ ...
Réponses: 3

Message Pen test scan
J'ai effectué un pen test scann sur mon réseau live box et je me retrouve avec ceci.Pouvez vous me dire ce que vous en pensez car depuis plusieurs mois j'ai des choses vraiment bizarres sur mes connexions et mes réseaux sociaux.Est ce " normal" d'avoir " netop rc" sur son réseau ...
Réponses: 8

Message [Réglé] Aide pour analyse fichier FRST
Bonsoir,J'ai une fenêtre Powershell.exe qui s'ouvre et se ferme quelques minutes après le démarrage et ca n'était pas le cas avant.Mise à jour windows et mise à jour Nvidia récente.J'ai effectué une analyse et j'ai obtenu les fichiers texte suivants.Est ce que quelqu'un peut m'aider et me dire de qu ...
Réponses: 7

Message analyse rapport RogueKiller
Bonjour,Mon pc est trop long aujourd'hui. le scan par RogueKiller fait apparaitre 2 virus ou genre malicieux.quelq"un pourra m'expliquer de quoi il s'agit exactement?merci d'avance
Réponses: 1

Message Windows: Modifier test de connectivité Microsoft
Message important de la modérationl'usage de ce genre de manip n'est pas sans risque, aussi, le forum se dégage de tout responsabilité quand à l'usage de la procédure précédemment postéeUsages à vos risque & périls
Réponses: 1

Message [Réglé] Rapport desinfection suite analyse FRST64
FRST.txtAddition.txtShortcut.txtBonjour, suite a mon message posté il y a quelques jours concernant un ordinateur tres lent, je vous poste aujourd'hui le résultat.Merci pour vos réponsesMF
Réponses: 4

Haut

Qui est en ligne

Utilisateurs parcourant ce forum: Aucun utilisateur enregistré et 40 invités

Forum Informatique aide pour le matériel sous Windows, Linux, Logiciels et Jeux Powered by phpBB © 2000, 2002, 2005, 2007 phpBB Group

.: Nous contacter :: Flux RSS :: Données personnelles :.