Probleme de c:\WINDOWS\MPKrnl.dll • page 2

Arenaaa · le 04 Aoû 2010 13:39

Del, desolé de te le dire comme, ca.
C'est bien que tu veuille m'aidé, mais je croi que tu n'as pas vraiment lut mon probleme et mais messges posté.

1) je ne les plus sur mon bureau car j'ai telechargé AVG et il m'a dégagé OTL. DOnc j'ai du utilisé un USB pour le transferé.
2) C'est dificil pour moi de faire quelque chose:
* Je ne suis plus admintrateur du pc, alors je peut rien démaré en temps qu'administrateur
* Je ne peux aller dans panno de configuration pour modifié les utilisateur
* Je peux aller nul par autre que sur le bureau et certain cite internet car il me demande les droit d'administrateur

Voila, J'ai utilisé un USB pour metre OTL

J'ai bien suivis les intruction cette fois si.

Les rapport correct:

OTL.TXT

Code: Tout sélectionner: OTL logfile created on: 04/08/2010 14:24:39 - Run 1 OTL by OldTimer - Version 3.2.9.1 Folder = L:\ Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 7.0.5730.13) Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy 958,00 Mb Total Physical Memory | 536,00 Mb Available Physical Memory | 56,00% Memory free 2,00 Gb Paging File | 2,00 Gb Available in Paging File | 79,00% Paging File free Paging file location(s): C:\pagefile.sys 1440 2880 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 227,03 Gb Total Space | 191,92 Gb Free Space | 84,54% Space Free | Partition Type: NTFS D: Drive not present or media not loaded E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded Drive H: | 5,85 Gb Total Space | 4,98 Gb Free Space | 85,24% Space Free | Partition Type: NTFS I: Drive not present or media not loaded Drive L: | 3,69 Gb Total Space | 0,58 Gb Free Space | 15,67% Space Free | Partition Type: FAT32 Computer Name: PCALR Current User Name: Alex Logged in as Administrator. Current Boot Mode: Normal Scan Mode: All users Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days Output = Standard [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2010/08/04 13:53:06 | 000,574,976 | ---- | M] (OldTimer Tools) -- L:\OTL.exe PRC - [2010/08/04 11:09:00 | 000,540,440 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\aAvgApi.exe PRC - [2010/08/04 11:08:55 | 000,424,216 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgnsx.exe PRC - [2010/08/04 11:08:55 | 000,287,000 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgrsx.exe PRC - [2010/08/04 11:08:53 | 001,220,888 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgfws8.exe PRC - [2010/08/04 11:08:53 | 000,638,744 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgam.exe PRC - [2010/08/04 11:08:52 | 000,231,704 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgwdsvc.exe PRC - [2010/03/04 23:38:00 | 000,071,096 | ---- | M] () -- C:\Program Files\CDBurnerXP\NMSAccessU.exe PRC - [2009/08/28 20:42:54 | 000,144,672 | ---- | M] (Apple Inc.) -- C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe PRC - [2007/10/29 11:53:44 | 001,916,416 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe [color=#E56717]========== Modules (SafeList) ==========[/color] MOD - [2010/08/04 13:53:06 | 000,574,976 | ---- | M] (OldTimer Tools) -- L:\OTL.exe MOD - [2010/08/04 11:09:06 | 000,010,520 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\system32\avgrsstx.dll MOD - [2010/08/03 18:59:44 | 000,124,538 | ---- | M] () -- C:\Documents and Settings\Administrateur\Application Data\Dna.sys MOD - [2008/04/14 18:00:00 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - File not found [Auto | Stopped] -- C:\Program Files\RealVNC\VNC4\WinVNC4.exe -- (WinVNC4) SRV - File not found [On_Demand | Stopped] -- C:\Program Files\ma-config.com\maconfservice.exe -- (maconfservice) SRV - File not found [Auto | Stopped] -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service) SRV - File not found [On_Demand | Stopped] -- C:\Program Files\iPod\bin\iPodService.exe -- (iPod Service) SRV - File not found [Disabled | Stopped] -- C:\WINDOWS\System32\hidserv.dll -- (HidServ) SRV - File not found [On_Demand | Stopped] -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc) SRV - File not found [Auto | Stopped] -- C:\Program Files\Google\Update\GoogleUpdate.exe -- (gupdate) Service Google Update (gupdate) SRV - File not found [Auto | Stopped] -- C:\PROGRA~1\AVG\AVG8\avgemc.exe -- (avg8emc) SRV - [2010/08/04 11:08:53 | 001,220,888 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG8\avgfws8.exe -- (avgfws8) SRV - [2010/08/04 11:08:52 | 000,231,704 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG8\avgwdsvc.exe -- (avg8wd) SRV - [2010/03/04 23:38:00 | 000,071,096 | ---- | M] () [Auto | Running] -- C:\Program Files\CDBurnerXP\NMSAccessU.exe -- (NMSAccess) SRV - [2009/08/28 20:42:54 | 000,144,672 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -- (Apple Mobile Device) SRV - [2008/04/14 18:00:00 | 000,020,992 | ---- | M] () [Auto | Running] -- C:\WINDOWS\system32\ADMon.dll -- (ADMon) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\EagleNT.sys -- (EagleNT) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\gjprmf.sys -- (amsint32) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\gjprmf.sys -- (aic32p) DRV - [2010/08/04 11:09:06 | 000,012,936 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS\System32\Drivers\avgrkx86.sys -- (AvgRkx86) DRV - [2010/08/04 11:09:05 | 000,076,040 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | Auto | Running] -- C:\WINDOWS\System32\Drivers\avgtdix.sys -- (AvgTdiX) DRV - [2010/08/04 11:09:02 | 000,097,928 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\avgldx86.sys -- (AvgLdx86) DRV - [2010/08/04 11:09:02 | 000,026,824 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\WINDOWS\System32\Drivers\avgmfx86.sys -- (AvgMfx86) DRV - [2010/08/04 11:08:49 | 000,023,296 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\avgfwdx.sys -- (Avgfwfd) DRV - [2010/08/04 11:08:49 | 000,023,296 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\avgfwdx.sys -- (Avgfwdx) DRV - [2010/08/04 10:00:17 | 000,017,152 | ---- | M] () [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\nvmini.sys -- (nvmini) DRV - [2010/08/03 20:15:19 | 000,064,288 | ---- | M] (Lavasoft AB) [File_System | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\Lbd.sys -- (Lbd) DRV - [2010/05/01 14:05:04 | 000,014,336 | ---- | M] (CybelSoft) [Kernel | On_Demand | Stopped] -- C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys -- (driverhardwarev2) DRV - [2010/02/11 09:38:10 | 003,565,056 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag) DRV - [2009/11/12 14:48:56 | 000,007,168 | ---- | M] () [File_System | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\StarOpen.sys -- (StarOpen) DRV - [2009/03/25 15:29:52 | 000,130,432 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtnicxp.sys -- (RTL8023xp) DRV - [2008/09/24 11:40:22 | 004,122,368 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\alcxwdm.sys -- (ALCXWDM) Service for Realtek AC97 Audio (WDM) DRV - [2008/04/13 09:35:40 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139) Pilote NT de carte Realtek PCI Fast Ethernet à base RTL8139(A/B/C) DRV - [2006/07/01 23:42:58 | 000,043,520 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8) DRV - [2005/09/29 19:01:51 | 000,066,048 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfvfs02.sys -- (sfvfs02) StarForce Protection VFS Driver (version 2.x) DRV - [2005/08/10 14:44:04 | 000,050,688 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfdrv01.sys -- (sfdrv01) StarForce Protection Environment Driver (version 1.x) DRV - [2005/05/16 15:20:39 | 000,006,656 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfhlp02.sys -- (sfhlp02) StarForce Protection Helper Driver (version 2.x) DRV - [2004/02/14 12:55:12 | 000,471,712 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\lvcd.sys -- (QCDonner) Logitech QuickCam Express(PID_0840) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/ IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.fr IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.fr IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.fr IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.fr IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ IE - HKU\S-1-5-21-1606980848-2146986927-1417001333-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.fr IE - HKU\S-1-5-21-1606980848-2146986927-1417001333-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ IE - HKU\S-1-5-21-1606980848-2146986927-1417001333-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 O1 HOSTS File: ([2008/04/14 18:00:00 | 000,000,790 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated) O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (AVG Technologies CZ, s.r.o.) O2 - BHO: (Messenger Plus Live France Toolbar) - {59994074-c06d-4a75-9768-49e5a8c21264} - C:\Program Files\Messenger_Plus_Live_France\tbMes1.dll (Conduit Ltd.) O2 - BHO: (Programme d'aide de l'Assistant de connexion Windows Live) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) O2 - BHO: (AVG Security Toolbar) - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\Program Files\AVG\AVG8\avgtoolbar.dll (AVG, Technologies CZ, s.r.o ) O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll (Google Inc.) O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O3 - HKLM\..\Toolbar: (Messenger Plus Live France Toolbar) - {59994074-c06d-4a75-9768-49e5a8c21264} - C:\Program Files\Messenger_Plus_Live_France\tbMes1.dll (Conduit Ltd.) O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\Program Files\AVG\AVG8\avgtoolbar.dll (AVG, Technologies CZ, s.r.o ) O3 - HKU\S-1-5-21-1606980848-2146986927-1417001333-1001\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O3 - HKU\S-1-5-21-1606980848-2146986927-1417001333-1001\..\Toolbar\WebBrowser: (Messenger Plus Live France Toolbar) - {59994074-C06D-4A75-9768-49E5A8C21264} - C:\Program Files\Messenger_Plus_Live_France\tbMes1.dll (Conduit Ltd.) O3 - HKU\S-1-5-21-1606980848-2146986927-1417001333-1001\..\Toolbar\WebBrowser: (AVG Security Toolbar) - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\Program Files\AVG\AVG8\avgtoolbar.dll (AVG, Technologies CZ, s.r.o ) O4 - HKLM..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe File not found O4 - HKLM..\Run: [MPKrnl] C:\WINDOWS\MPKrnl.DLL File not found O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKU\.DEFAULT..\Run: [VisualTaskTip] File not found O4 - HKU\S-1-5-18..\Run: [VisualTaskTip] File not found O4 - HKU\S-1-5-19..\Run: [VisualTaskTip] File not found O4 - HKU\S-1-5-20..\Run: [VisualTaskTip] File not found O4 - HKU\S-1-5-21-1606980848-2146986927-1417001333-1001..\Run: [VisualTaskTip] File not found O4 - HKU\.DEFAULT..\RunOnce: [nltide_2] File not found O4 - HKU\S-1-5-18..\RunOnce: [nltide_2] File not found O4 - HKU\S-1-5-19..\RunOnce: [nltide_2] File not found O4 - HKU\S-1-5-20..\RunOnce: [nltide_2] File not found O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE File not found O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktopCleanupWizard = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 1 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: MemCheckBoxInRunDlg = 1 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMBalloonTip = 1 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktopCleanupWizard = 1 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoWelcomeScreen = 1 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 1 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: MemCheckBoxInRunDlg = 1 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMBalloonTip = 1 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktopCleanupWizard = 1 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoWelcomeScreen = 1 O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 1 O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1 O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: MemCheckBoxInRunDlg = 1 O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMBalloonTip = 1 O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktopCleanupWizard = 1 O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoWelcomeScreen = 1 O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 1 O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1 O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: MemCheckBoxInRunDlg = 1 O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMBalloonTip = 1 O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktopCleanupWizard = 1 O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoWelcomeScreen = 1 O7 - HKU\S-1-5-21-1606980848-2146986927-1417001333-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-1606980848-2146986927-1417001333-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 1 O7 - HKU\S-1-5-21-1606980848-2146986927-1417001333-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1 O7 - HKU\S-1-5-21-1606980848-2146986927-1417001333-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: MemCheckBoxInRunDlg = 1 O7 - HKU\S-1-5-21-1606980848-2146986927-1417001333-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMBalloonTip = 1 O7 - HKU\S-1-5-21-1606980848-2146986927-1417001333-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktopCleanupWizard = 1 O7 - HKU\S-1-5-21-1606980848-2146986927-1417001333-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoWelcomeScreen = 1 O7 - HKU\S-1-5-21-1606980848-2146986927-1417001333-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 1 O7 - HKU\S-1-5-21-1606980848-2146986927-1417001333-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 1 O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll (Google Inc.) O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe File not found O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} http://fichiers.touslesdrivers.com/maconfig/MaConfig_4_1_0_3.cab ("Ma-Config.com control) O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 81.220.139.26 192.168.0.1 O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll (AVG Technologies CZ, s.r.o.) O20 - AppInit_DLLs: (avgrsstx.dll) - C:\WINDOWS\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.) O24 - Desktop Components:0 (Ma page d'accueil) - About:Home O24 - Desktop WallPaper: C:\Documents and Settings\Alex\Local Settings\Application Data\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: C:\Documents and Settings\Alex\Local Settings\Application Data\Microsoft\Wallpaper1.bmp O27 - HKLM IFEO\360rpt.exe: Debugger - ntsd -d (Microsoft Corporation) O27 - HKLM IFEO\360Safe.exe: Debugger - ntsd -d (Microsoft Corporation) O27 - HKLM IFEO\360tray.exe: Debugger - ntsd -d (Microsoft Corporation) O27 - HKLM IFEO\arvmon.exe: Debugger - ntsd -d (Microsoft Corporation) O27 - HKLM IFEO\AST.exe: Debugger - ntsd -d (Microsoft Corporation) O27 - HKLM IFEO\AvMonitor.exe: Debugger - ntsd -d (Microsoft Corporation) O27 - HKLM IFEO\ÐÞ¸´¹¤¾ß.exe: Debugger - ntsd -d (Microsoft Corporation) O27 - HKLM IFEO\HelpSvc.exe: Debugger - ntsd -d (Microsoft Corporation) O27 - HKLM IFEO\killhidepid.exe: Debugger - ntsd -d (Microsoft Corporation) O27 - HKLM IFEO\KPFWSvc.exe: Debugger - ntsd -d (Microsoft Corporation) O27 - HKLM IFEO\KvDetect.exe: Debugger - ntsd -d (Microsoft Corporation) O27 - HKLM IFEO\kvfw.exe: Debugger - ntsd -d (Microsoft Corporation) O27 - HKLM IFEO\KvfwMcl.exe: Debugger - ntsd -d (Microsoft Corporation) O27 - HKLM IFEO\kvol.exe: Debugger - ntsd -d (Microsoft Corporation) O27 - HKLM IFEO\kvolself.exe: Debugger - ntsd -d (Microsoft Corporation) O27 - HKLM IFEO\KVSrvXP.exe: Debugger - ntsd -d (Microsoft Corporation) O27 - HKLM IFEO\kvupload.exe: Debugger - ntsd -d (Microsoft Corporation) O27 - HKLM IFEO\kvwsc.exe: Debugger - ntsd -d (Microsoft Corporation) O27 - HKLM IFEO\KWatch.exe: Debugger - ntsd -d (Microsoft Corporation) O27 - HKLM IFEO\KWatchX.exe: Debugger - ntsd -d (Microsoft Corporation) O27 - HKLM IFEO\loaddll.exe: Debugger - ntsd -d (Microsoft Corporation) O27 - HKLM IFEO\MagicSet.exe: Debugger - ntsd -d (Microsoft Corporation) O27 - HKLM IFEO\mcconsol.exe: Debugger - ntsd -d (Microsoft Corporation) O27 - HKLM IFEO\mmqczj.exe: Debugger - ntsd -d (Microsoft Corporation) O27 - HKLM IFEO\mmsk.exe: Debugger - ntsd -d (Microsoft Corporation) O27 - HKLM IFEO\NAVSetup.exe: Debugger - ntsd -d (Microsoft Corporation) O27 - HKLM IFEO\nod32krn.exe: Debugger - ntsd -d (Microsoft Corporation) O27 - HKLM IFEO\nod32kui.exe: Debugger - ntsd -d (Microsoft Corporation) O27 - HKLM IFEO\PFW.exe: Debugger - ntsd -d (Microsoft Corporation) O27 - HKLM IFEO\PFWLiveUpdate.exe: Debugger - ntsd -d (Microsoft Corporation) O27 - HKLM IFEO\QHSET.exe: Debugger - ntsd -d (Microsoft Corporation) O27 - HKLM IFEO\Ras.exe: Debugger - ntsd -d (Microsoft Corporation) O27 - HKLM IFEO\RavMon.exe: Debugger - ntsd -d (Microsoft Corporation) O27 - HKLM IFEO\RavMonD.exe: Debugger - ntsd -d (Microsoft Corporation) O27 - HKLM IFEO\RavStore.exe: Debugger - ntsd -d (Microsoft Corporation) O27 - HKLM IFEO\RavStub.exe: Debugger - ntsd -d (Microsoft Corporation) O27 - HKLM IFEO\ravt08.exe: Debugger - ntsd -d (Microsoft Corporation) O27 - HKLM IFEO\RavTask.exe: Debugger - ntsd -d (Microsoft Corporation) O27 - HKLM IFEO\RegClean.exe: Debugger - ntsd -d (Microsoft Corporation) O27 - HKLM IFEO\rfwcfg.exe: Debugger - ntsd -d (Microsoft Corporation) O27 - HKLM IFEO\rfwProxy.exe: Debugger - ntsd -d (Microsoft Corporation) O27 - HKLM IFEO\rfwsrv.exe: Debugger - ntsd -d (Microsoft Corporation) O27 - HKLM IFEO\RsAgent.exe: Debugger - ntsd -d (Microsoft Corporation) O27 - HKLM IFEO\Rsaupd.exe: Debugger - ntsd -d (Microsoft Corporation) O27 - HKLM IFEO\RSTray.exe: Debugger - ntsd -d (Microsoft Corporation) O27 - HKLM IFEO\runiep.exe: Debugger - ntsd -d (Microsoft Corporation) O27 - HKLM IFEO\safeboxtray.exe: Debugger - ntsd -d (Microsoft Corporation) O27 - HKLM IFEO\safelive.exe: Debugger - ntsd -d (Microsoft Corporation) O27 - HKLM IFEO\scan32.exe: Debugger - ntsd -d (Microsoft Corporation) O27 - HKLM IFEO\SREng.exe: Debugger - ntsd -d (Microsoft Corporation) O27 - HKLM IFEO\SREngPS.exe: Debugger - ntsd -d (Microsoft Corporation) O27 - HKLM IFEO\symlcsvc.exe: Debugger - ntsd -d (Microsoft Corporation) O27 - HKLM IFEO\Syscheck2.exe: Debugger - ntsd -d (Microsoft Corporation) O27 - HKLM IFEO\TrojanDetector.exe: Debugger - ntsd -d (Microsoft Corporation) O27 - HKLM IFEO\TrojDie.kxp: Debugger - ntsd -d (Microsoft Corporation) O27 - HKLM IFEO\UIHost.kxp: Debugger - ntsd -d (Microsoft Corporation) O28 - HKLM ShellExecuteHooks: {DD5FFEDC-8DC7-420F-B99C-770DBDEE5749} - C:\Documents and Settings\Administrateur\Application Data\Dna.sys () O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2010/01/10 01:12:51 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O32 - AutoRun File - [2010/08/03 18:59:28 | 000,000,219 | RHS- | M] () - C:\autorun.inf -- [ NTFS ] O32 - AutoRun File - [2010/08/03 18:59:29 | 000,000,361 | RHS- | M] () - H:\autorun.inf -- [ NTFS ] O33 - MountPoints2\{25a152b2-fd70-11de-b0a4-806d6172696f}\Shell\AutOpLay\COMmand - "" = H:\dugerm.pif -- [2010/08/04 12:14:42 | 000,164,580 | ---- | M] () O33 - MountPoints2\{25a152b2-fd70-11de-b0a4-806d6172696f}\Shell\AutoRun\command - "" = H:\dugerm.pif -- [2010/08/04 12:14:42 | 000,164,580 | ---- | M] () O33 - MountPoints2\{25a152b2-fd70-11de-b0a4-806d6172696f}\Shell\exploRe\comMAnd - "" = H:\dugerm.pif -- [2010/08/04 12:14:42 | 000,164,580 | ---- | M] () O33 - MountPoints2\{25a152b2-fd70-11de-b0a4-806d6172696f}\Shell\opEn\CoMmanD - "" = H:\dugerm.pif -- [2010/08/04 12:14:42 | 000,164,580 | ---- | M] () O33 - MountPoints2\{25a152b4-fd70-11de-b0a4-806d6172696f}\Shell\AutOpLay\ComManD - "" = C:\msvn.exe -- [2010/08/04 12:13:47 | 000,164,580 | ---- | M] () O33 - MountPoints2\{25a152b4-fd70-11de-b0a4-806d6172696f}\Shell\AutoRun\command - "" = C:\msvn.exe -- [2010/08/04 12:13:47 | 000,164,580 | ---- | M] () O33 - MountPoints2\{25a152b4-fd70-11de-b0a4-806d6172696f}\Shell\ExPLoRE\CoMmaNd - "" = C:\msvn.exe -- [2010/08/04 12:13:47 | 000,164,580 | ---- | M] () O33 - MountPoints2\{25a152b4-fd70-11de-b0a4-806d6172696f}\Shell\open\CommAnd - "" = C:\msvn.exe -- [2010/08/04 12:13:47 | 000,164,580 | ---- | M] () O34 - HKLM BootExecute: (autocheck autochk *) - File not found O34 - HKLM BootExecute: (lsdelete) - C:\WINDOWS\System32\lsdelete.exe () O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* NetSvcs: 6to4 - File not found NetSvcs: HidServ - C:\WINDOWS\System32\hidserv.dll File not found NetSvcs: Ias - File not found NetSvcs: Iprip - File not found NetSvcs: Irmon - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: WmdmPmSp - File not found [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2010/08/04 14:19:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\LastGood [2010/08/04 11:11:12 | 000,000,000 | -H-D | C] -- C:\$AVG8.VAULT$ [2010/08/04 11:09:06 | 000,012,936 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgrkx86.sys [2010/08/04 11:09:06 | 000,010,520 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\avgrsstx.dll [2010/08/04 11:09:05 | 000,076,040 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgtdix.sys [2010/08/04 11:09:02 | 000,097,928 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgldx86.sys [2010/08/04 11:09:02 | 000,026,824 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgmfx86.sys [2010/08/04 11:09:01 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\Avg [2010/08/04 10:01:05 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\MpEngineStore [2010/08/04 09:48:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Alex\Local Settings\Application Data\Apple Computer [2010/08/04 08:57:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Alex\Local Settings\Application Data\WinZip [2010/08/04 00:05:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Alex\Local Settings\Application Data\Axialis [2010/08/03 23:30:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Alex\Bureau\backups [2010/08/03 22:47:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Alex\Mes documents\Downloads [2010/08/03 22:43:43 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MSGSCR.TLB [2010/08/03 22:34:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Alex\Application Data\PriceGong [2010/08/03 22:13:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Alex\Application Data\AVGTOOLBAR [2010/08/03 22:13:00 | 000,045,568 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\avgfwdx.dll [2010/08/03 22:13:00 | 000,023,296 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgfwdx.sys [2010/08/03 22:13:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\avg8 [2010/08/03 22:13:00 | 000,000,000 | ---D | C] -- C:\Program Files\AVG [2010/08/03 22:07:42 | 067,290,485 | ---- | C] (AVG Technologies) -- C:\Documents and Settings\Alex\Bureau\avg_afwt_stf_all_8_169a1359_softonic.exe [2010/08/03 21:59:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Alex\Application Data\Macromedia [2010/08/03 21:20:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Alex\Application Data\Adobe [2010/08/03 21:17:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Alex\Local Settings\Application Data\Conduit [2010/08/03 21:16:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Alex\Local Settings\Application Data\Google [2010/08/03 21:16:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Alex\Application Data\Google [2010/08/03 21:15:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Alex\Local Settings\Application Data\Messenger_Plus_Live_France [2010/08/03 21:10:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Alex\Local Settings\Application Data\ATI [2010/08/03 21:10:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Alex\Application Data\ATI [2010/08/03 21:09:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Alex\Application Data\Identities [2010/08/03 21:09:51 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Alex\Mes documents\Mes images [2010/08/03 21:09:51 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Alex\Mes documents\Ma musique [2010/08/03 21:09:29 | 000,000,000 | --SD | C] -- C:\Documents and Settings\Alex\Local Settings\Application Data\Microsoft [2010/08/03 21:09:29 | 000,000,000 | --SD | C] -- C:\Documents and Settings\Alex\Application Data\Microsoft [2010/08/03 21:09:29 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Alex\SendTo [2010/08/03 21:09:29 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Alex\Recent [2010/08/03 21:09:29 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Alex\Application Data [2010/08/03 21:09:29 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Alex\Mes documents [2010/08/03 21:09:29 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Alex\Menu Démarrer [2010/08/03 21:09:29 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Alex\Favoris [2010/08/03 21:09:29 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Alex\Cookies [2010/08/03 21:09:29 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Alex\Voisinage réseau [2010/08/03 21:09:29 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Alex\Voisinage d'impression [2010/08/03 21:09:29 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Alex\Modèles [2010/08/03 21:09:29 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Alex\Local Settings [2010/08/03 21:09:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Alex\Bureau [2010/08/03 21:09:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Alex\Local Settings\Application Data\Adobe [2010/08/03 20:44:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\avg9 [2010/08/03 20:15:50 | 000,095,024 | ---- | C] (Sunbelt Software) -- C:\WINDOWS\System32\drivers\SBREDrv.sys [2010/08/03 19:23:58 | 000,000,000 | ---D | C] -- C:\Program Files\Ad-Remover [2010/08/03 19:12:20 | 000,064,288 | ---- | C] (Lavasoft AB) -- C:\WINDOWS\System32\drivers\Lbd.sys [2010/08/03 19:10:01 | 000,000,000 | ---D | C] -- C:\Program Files\Lavasoft [2010/08/03 19:10:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Lavasoft [2010/08/03 18:59:39 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\syswsock32.dll [2010/08/03 18:59:08 | 000,142,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sfcos.dll [2010/08/03 18:58:21 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\amidimap.dll [2010/08/03 18:57:48 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\aksuser.dll [2010/08/03 18:57:27 | 000,000,000 | ---D | C] -- C:\Program Files\WinRar [2010/08/03 18:57:24 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\PreInstall [2010/08/03 18:57:16 | 000,000,000 | ---D | C] -- C:\Program Files\MSXML 4.0 [2010/08/03 18:43:33 | 000,000,000 | ---D | C] -- C:\Program Files\Messenger [2010/08/01 18:29:34 | 000,000,000 | ---D | C] -- C:\Config.Msi [2010/08/01 16:38:18 | 000,272,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bthport.sys [2010/08/01 16:37:57 | 000,455,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mrxsmb.sys [2010/08/01 16:36:36 | 003,558,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\moviemk.exe [2010/08/01 16:24:30 | 001,172,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msxml3.dll [2010/08/01 15:58:33 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\SoftwareDistribution [2010/07/31 19:54:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\12261 [2010/07/31 19:51:53 | 000,000,000 | ---D | C] -- C:\Program Files\BearShare Applications [2010/07/27 13:25:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Messenger Plus! [2010/07/27 13:23:47 | 000,000,000 | ---D | C] -- C:\Program Files\Messenger_Plus_Live_France [2010/07/27 13:23:25 | 000,000,000 | ---D | C] -- C:\Program Files\Messenger Plus! Live [2010/07/12 22:58:10 | 000,000,000 | ---D | C] -- C:\Program Files\Mumble [2010/07/08 18:05:58 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mouhid.sys [2010/07/08 18:05:53 | 000,010,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hidusb.sys [2010/07/06 16:24:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Nexon [2010/07/06 16:20:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\ATI [2010/07/06 16:16:44 | 000,000,000 | ---D | C] -- C:\Program Files\IObit [2010/07/06 15:59:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\NexonEU [2010/07/06 14:24:07 | 000,000,000 | ---D | C] -- C:\Download [2010/07/06 14:24:01 | 000,000,000 | ---D | C] -- C:\Nexon [4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [1 C:\WINDOWS\System32\dllcache\*.tmp files -> C:\WINDOWS\System32\dllcache\*.tmp -> ] [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2010/08/04 14:20:00 | 000,001,054 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job [2010/08/04 14:17:52 | 000,012,480 | ---- | M] () -- C:\Documents and Settings\Alex\Local Settings\Application Data\GDIPFONTCACHEV1.DAT [2010/08/04 14:17:18 | 000,001,050 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job [2010/08/04 14:17:15 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT [2010/08/04 14:17:07 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2010/08/04 14:17:01 | 000,101,440 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2010/08/04 14:15:57 | 000,000,184 | -HS- | M] () -- C:\Documents and Settings\Alex\ntuser.ini [2010/08/04 14:15:56 | 001,310,720 | -H-- | M] () -- C:\Documents and Settings\Alex\NTUSER.DAT [2010/08/04 14:15:15 | 006,418,662 | -H-- | M] () -- C:\Documents and Settings\Alex\Local Settings\Application Data\IconCache.db [2010/08/04 12:13:47 | 000,164,580 | ---- | M] () -- C:\msvn.exe [2010/08/04 11:31:06 | 017,176,064 | ---- | M] () -- C:\Documents and Settings\Alex\Bureau\WindowsLiveMessenger8.5-French.msi [2010/08/04 11:09:06 | 000,012,936 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgrkx86.sys [2010/08/04 11:09:06 | 000,010,520 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\avgrsstx.dll [2010/08/04 11:09:06 | 000,001,507 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\AVG 8.0.lnk [2010/08/04 11:09:05 | 000,076,040 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgtdix.sys [2010/08/04 11:09:02 | 026,574,096 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\incavi.avm [2010/08/04 11:09:02 | 000,097,928 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgldx86.sys [2010/08/04 11:09:02 | 000,026,824 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgmfx86.sys [2010/08/04 11:09:01 | 006,061,540 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\avi7.avg [2010/08/04 11:09:01 | 000,211,986 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\miniavi.avg [2010/08/04 11:09:01 | 000,050,972 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\microavi.avg [2010/08/04 11:08:49 | 000,045,568 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\avgfwdx.dll [2010/08/04 11:08:49 | 000,023,296 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgfwdx.sys [2010/08/04 10:00:17 | 000,017,152 | ---- | M] () -- C:\WINDOWS\System32\drivers\nvmini.sys [2010/08/04 03:07:37 | 000,951,708 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI [2010/08/04 03:07:37 | 000,461,614 | ---- | M] () -- C:\WINDOWS\System32\perfh00C.dat [2010/08/04 03:07:37 | 000,394,686 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2010/08/04 03:07:37 | 000,071,272 | ---- | M] () -- C:\WINDOWS\System32\perfc00C.dat [2010/08/04 03:07:37 | 000,058,398 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2010/08/03 22:43:43 | 000,048,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\MSGSCR.TLB [2010/08/03 22:10:53 | 067,290,485 | ---- | M] (AVG Technologies) -- C:\Documents and Settings\Alex\Bureau\avg_afwt_stf_all_8_169a1359_softonic.exe [2010/08/03 21:55:07 | 000,000,492 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job [2010/08/03 21:10:08 | 000,000,815 | ---- | M] () -- C:\Documents and Settings\Alex\Application Data\Microsoft\Internet Explorer\Quick Launch\Démarrer Internet Explorer.lnk [2010/08/03 21:09:59 | 000,000,079 | ---- | M] () -- C:\Documents and Settings\Alex\Application Data\Microsoft\Internet Explorer\Quick Launch\Bureau.scf [2010/08/03 20:15:45 | 000,095,024 | ---- | M] (Sunbelt Software) -- C:\WINDOWS\System32\drivers\SBREDrv.sys [2010/08/03 20:15:43 | 000,015,880 | ---- | M] () -- C:\WINDOWS\System32\lsdelete.exe [2010/08/03 20:15:19 | 000,064,288 | ---- | M] (Lavasoft AB) -- C:\WINDOWS\System32\drivers\Lbd.sys [2010/08/03 20:10:59 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2010/08/03 19:00:06 | 000,027,824 | ---- | M] () -- C:\WINDOWS\System32\mmgl15.dll [2010/08/03 18:59:28 | 000,000,219 | RHS- | M] () -- C:\autorun.inf [2010/08/03 18:59:08 | 000,028,852 | ---- | M] () -- C:\WINDOWS\System32\mmgl17.dll [2010/08/03 18:59:08 | 000,028,672 | ---- | M] () -- C:\Program Files\Wednesday.ime [2010/08/03 18:59:08 | 000,025,600 | ---- | M] () -- C:\Program Files\Monday.ime [2010/08/03 18:59:08 | 000,010,240 | ---- | M] () -- C:\Program Files\taskmgr.upx [2010/08/03 18:59:08 | 000,009,728 | ---- | M] () -- C:\Program Files\Tuesday.ime [2010/08/03 18:59:08 | 000,004,096 | ---- | M] () -- C:\WINDOWS\System32\msimg32.dll [2010/08/03 18:58:55 | 000,044,000 | ---- | M] () -- C:\Program Files\Sunday.ime [2010/08/03 18:58:21 | 000,030,384 | ---- | M] () -- C:\WINDOWS\System32\mmgl16.dll [2010/08/03 18:58:21 | 000,021,684 | ---- | M] () -- C:\WINDOWS\System32\midimap.dll [2010/08/03 18:57:20 | 000,017,920 | ---- | M] () -- C:\WINDOWS\System32\qt-dx3.dll [2010/08/03 18:54:32 | 000,000,000 | ---- | M] () -- C:\WINDOWS\MEMORY.DMP [2010/08/03 18:42:05 | 000,003,072 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT [2010/08/01 16:20:01 | 000,000,068 | ---- | M] () -- C:\Program Files\Saturday [2010/08/01 14:14:51 | 000,000,265 | ---- | M] () -- C:\WINDOWS\system.ini [2010/07/31 19:42:44 | 000,002,137 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\iTunes.lnk [2010/07/29 15:40:28 | 000,000,576 | -H-- | M] () -- C:\WINDOWS\tasks\Norton Security Scan for Administrateur.job [2010/07/24 20:35:01 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job [2010/07/12 22:58:32 | 000,000,671 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Mumble (Backwards Compatible).lnk [2010/07/12 22:58:32 | 000,000,654 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Mumble.lnk [2010/07/06 16:19:13 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat [2010/07/06 16:16:44 | 000,000,737 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Game Booster.lnk [4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [1 C:\WINDOWS\System32\dllcache\*.tmp files -> C:\WINDOWS\System32\dllcache\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2010/08/04 12:13:47 | 000,164,580 | ---- | C] () -- C:\msvn.exe [2010/08/04 11:31:06 | 017,176,064 | ---- | C] () -- C:\Documents and Settings\Alex\Bureau\WindowsLiveMessenger8.5-French.msi [2010/08/04 11:09:06 | 000,001,507 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\AVG 8.0.lnk [2010/08/04 11:09:01 | 026,574,096 | ---- | C] () -- C:\WINDOWS\System32\drivers\Avg\incavi.avm [2010/08/04 11:09:01 | 006,061,540 | ---- | C] () -- C:\WINDOWS\System32\drivers\Avg\avi7.avg [2010/08/04 11:09:01 | 000,211,986 | ---- | C] () -- C:\WINDOWS\System32\drivers\Avg\miniavi.avg [2010/08/04 11:09:01 | 000,050,972 | ---- | C] () -- C:\WINDOWS\System32\drivers\Avg\microavi.avg [2010/08/03 21:10:08 | 000,000,815 | ---- | C] () -- C:\Documents and Settings\Alex\Application Data\Microsoft\Internet Explorer\Quick Launch\Démarrer Internet Explorer.lnk [2010/08/03 21:09:59 | 000,000,079 | ---- | C] () -- C:\Documents and Settings\Alex\Application Data\Microsoft\Internet Explorer\Quick Launch\Bureau.scf [2010/08/03 21:09:31 | 000,000,184 | -HS- | C] () -- C:\Documents and Settings\Alex\ntuser.ini [2010/08/03 21:09:30 | 000,389,120 | -H-- | C] () -- C:\Documents and Settings\Alex\ntuser.dat.LOG [2010/08/03 21:09:30 | 000,000,862 | ---- | C] () -- C:\Documents and Settings\Alex\Application Data\Microsoft\Internet Explorer\Quick Launch\Volet Windows.lnk [2010/08/03 21:09:29 | 001,310,720 | -H-- | C] () -- C:\Documents and Settings\Alex\NTUSER.DAT [2010/08/03 19:50:49 | 000,015,880 | ---- | C] () -- C:\WINDOWS\System32\lsdelete.exe [2010/08/03 19:11:12 | 000,000,492 | ---- | C] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job [2010/08/03 19:00:06 | 000,027,824 | ---- | C] () -- C:\WINDOWS\System32\mmgl15.dll [2010/08/03 18:59:23 | 000,000,219 | RHS- | C] () -- C:\autorun.inf [2010/08/03 18:59:08 | 000,044,000 | ---- | C] () -- C:\Program Files\Sunday.ime [2010/08/03 18:59:08 | 000,028,852 | ---- | C] () -- C:\WINDOWS\System32\mmgl17.dll [2010/08/03 18:59:08 | 000,028,672 | ---- | C] () -- C:\Program Files\Wednesday.ime [2010/08/03 18:59:08 | 000,025,600 | ---- | C] () -- C:\Program Files\Monday.ime [2010/08/03 18:59:08 | 000,009,728 | ---- | C] () -- C:\Program Files\Tuesday.ime [2010/08/03 18:58:21 | 000,030,384 | ---- | C] () -- C:\WINDOWS\System32\mmgl16.dll [2010/08/03 18:57:20 | 000,017,920 | ---- | C] () -- C:\WINDOWS\System32\qt-dx3.dll [2010/08/01 16:20:01 | 000,010,240 | ---- | C] () -- C:\Program Files\taskmgr.upx [2010/08/01 16:20:01 | 000,000,068 | ---- | C] () -- C:\Program Files\Saturday [2010/08/01 14:14:51 | 000,017,152 | ---- | C] () -- C:\WINDOWS\System32\drivers\nvmini.sys [2010/07/12 22:58:32 | 000,000,671 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Mumble (Backwards Compatible).lnk [2010/07/12 22:58:32 | 000,000,654 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Mumble.lnk [2010/07/06 16:16:44 | 000,000,737 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Game Booster.lnk [2010/07/06 14:36:54 | 000,593,920 | ---- | C] () -- C:\WINDOWS\System32\ati2sgag.exe [2010/05/19 14:29:09 | 000,000,000 | ---- | C] () -- C:\WINDOWS\PROTOCOL.INI [2010/05/10 14:44:06 | 000,007,168 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys [2010/05/08 13:54:02 | 000,000,010 | ---- | C] () -- C:\WINDOWS\WININIT.INI [2010/01/10 01:56:38 | 000,005,993 | ---- | C] () -- C:\WINDOWS\System32\lvcoinst.ini [2010/01/10 01:42:37 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll [2010/01/10 01:40:28 | 000,073,728 | ---- | C] () -- C:\WINDOWS\System32\RtNicProp32.dll [2010/01/10 01:13:52 | 000,000,288 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini [2008/04/14 18:00:00 | 000,021,684 | ---- | C] () -- C:\WINDOWS\System32\midimap.dll [2008/04/14 18:00:00 | 000,020,992 | ---- | C] () -- C:\WINDOWS\System32\ADMon.dll [2008/04/14 18:00:00 | 000,004,096 | ---- | C] () -- C:\WINDOWS\System32\msimg32.dll [2008/02/05 02:23:10 | 000,693,792 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.DLL [2007/05/15 20:18:52 | 000,011,692 | ---- | C] () -- C:\WINDOWS\System32\Notepad2.ini [color=#E56717]========== LOP Check ==========[/color] [2010/08/01 12:52:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrateur\Application Data\bearsharemediabartb [2010/05/10 14:44:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrateur\Application Data\Canneverbe Limited [2010/07/30 20:20:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrateur\Application Data\Mumble [2010/08/03 20:57:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrateur\Application Data\PriceGong [2010/08/04 11:33:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alex\Application Data\AVGTOOLBAR [2010/08/04 14:20:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alex\Application Data\PriceGong [2010/07/31 19:54:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\12261 [2010/08/03 18:42:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Alwil Software [2010/08/03 20:49:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\avg9 [2010/05/10 14:44:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Canneverbe Limited [2010/07/06 14:27:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ma-config.com [2010/07/27 13:25:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Messenger Plus! [2010/07/06 16:24:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Nexon [2010/07/06 16:24:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NexonEU [2010/06/25 21:23:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WinZip [2010/01/21 16:50:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD} [2010/08/03 21:55:07 | 000,000,492 | ---- | M] () -- C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Custom Scans ==========[/color] [color=#A23BEC]< %SYSTEMDRIVE%\*.exe >[/color] [2010/08/04 12:13:47 | 000,164,580 | ---- | M] () -- C:\msvn.exe [color=#A23BEC]< MD5 for: AGP440.SYS >[/color] [2008/05/15 19:53:42 | 010,174,543 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys [color=#A23BEC]< MD5 for: ATAPI.SYS >[/color] [2008/05/15 19:53:42 | 010,174,543 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys [2008/04/14 18:00:00 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys [color=#A23BEC]< MD5 for: CDROM.SYS >[/color] [2008/05/15 19:53:42 | 010,174,543 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys [2008/04/14 18:00:00 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys [color=#A23BEC]< MD5 for: CHANGER.SYS >[/color] [2008/05/15 19:53:42 | 010,174,543 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:Changer.sys [color=#A23BEC]< MD5 for: DISK.SYS >[/color] [2008/05/15 19:53:42 | 010,174,543 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:disk.sys [2008/04/14 18:00:00 | 000,036,352 | ---- | M] (Microsoft Corporation) MD5=044452051F3E02E7963599FC8F4F3E25 -- C:\WINDOWS\system32\drivers\disk.sys [color=#A23BEC]< MD5 for: EVENTLOG.DLL >[/color] [2008/04/14 18:00:00 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=4EC800BDF80521B0207BD2301DFC7D14 -- C:\WINDOWS\system32\dllcache\eventlog.dll [2008/04/14 18:00:00 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=4EC800BDF80521B0207BD2301DFC7D14 -- C:\WINDOWS\system32\eventlog.dll [color=#A23BEC]< MD5 for: NDIS.SYS >[/color] [2008/04/14 18:00:00 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\dllcache\ndis.sys [2008/04/14 18:00:00 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys [color=#A23BEC]< MD5 for: NETLOGON.DLL >[/color] [2008/04/14 18:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=04821179C3171554C1BD1F9888A113E2 -- C:\WINDOWS\system32\dllcache\netlogon.dll [2008/04/14 18:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=04821179C3171554C1BD1F9888A113E2 -- C:\WINDOWS\system32\netlogon.dll [color=#A23BEC]< MD5 for: RASACD.SYS >[/color] [2008/04/14 18:00:00 | 000,008,832 | ---- | M] (Microsoft Corporation) MD5=FE0D99D6F31E4FAD8159F690D68DED9C -- C:\WINDOWS\system32\dllcache\rasacd.sys [2008/04/14 18:00:00 | 000,008,832 | ---- | M] (Microsoft Corporation) MD5=FE0D99D6F31E4FAD8159F690D68DED9C -- C:\WINDOWS\system32\drivers\rasacd.sys [color=#A23BEC]< MD5 for: RDPWD.SYS >[/color] [2008/04/14 18:00:00 | 000,139,656 | ---- | M] (Microsoft Corporation) MD5=6728E45B66F93C08F11DE2E316FC70DD -- C:\WINDOWS\system32\dllcache\rdpwd.sys [2008/04/14 18:00:00 | 000,139,656 | ---- | M] (Microsoft Corporation) MD5=6728E45B66F93C08F11DE2E316FC70DD -- C:\WINDOWS\system32\drivers\rdpwd.sys [color=#A23BEC]< MD5 for: SCECLI.DLL >[/color] [2008/04/14 18:00:00 | 000,187,392 | ---- | M] (Microsoft Corporation) MD5=973B36634C544948C663E8269AA1B3A3 -- C:\WINDOWS\system32\dllcache\scecli.dll [2008/04/14 18:00:00 | 000,187,392 | ---- | M] (Microsoft Corporation) MD5=973B36634C544948C663E8269AA1B3A3 -- C:\WINDOWS\system32\scecli.dll [color=#A23BEC]< MD5 for: SFLOPPY.SYS >[/color] [2008/05/15 19:53:42 | 010,174,543 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:Sfloppy.sys [2008/04/14 18:00:00 | 000,011,392 | ---- | M] (Microsoft Corporation) MD5=8E6B8C671615D126FDC553D1E2DE5562 -- C:\WINDOWS\system32\drivers\sfloppy.sys [color=#A23BEC]< MD5 for: SPLITTER.SYS >[/color] [2008/05/15 19:53:42 | 010,174,543 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:splitter.sys [2008/04/13 10:45:08 | 000,006,272 | ---- | M] (Microsoft Corporation) MD5=AB8B92451ECB048A4D1DE7C3FFCB4A9F -- C:\WINDOWS\system32\dllcache\splitter.sys [2008/04/13 10:45:08 | 000,006,272 | ---- | M] (Microsoft Corporation) MD5=AB8B92451ECB048A4D1DE7C3FFCB4A9F -- C:\WINDOWS\system32\drivers\splitter.sys [color=#A23BEC]< MD5 for: SWMIDI.SYS >[/color] [2008/05/15 19:53:42 | 010,174,543 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:swmidi.sys [2008/04/13 10:45:10 | 000,056,576 | ---- | M] (Microsoft Corporation) MD5=8CE882BCC6CF8A62F2B2323D95CB3D01 -- C:\WINDOWS\system32\dllcache\swmidi.sys [2008/04/13 10:45:10 | 000,056,576 | ---- | M] (Microsoft Corporation) MD5=8CE882BCC6CF8A62F2B2323D95CB3D01 -- C:\WINDOWS\system32\drivers\swmidi.sys [color=#A23BEC]< MD5 for: TDPIPE.SYS >[/color] [2008/04/14 18:00:00 | 000,012,040 | ---- | M] (Microsoft Corporation) MD5=6471A66807F5E104E4885F5B67349397 -- C:\WINDOWS\system32\dllcache\tdpipe.sys [2008/04/14 18:00:00 | 000,012,040 | ---- | M] (Microsoft Corporation) MD5=6471A66807F5E104E4885F5B67349397 -- C:\WINDOWS\system32\drivers\tdpipe.sys [color=#A23BEC]< MD5 for: TDTCP.SYS >[/color] [2008/04/14 18:00:00 | 000,021,896 | ---- | M] (Microsoft Corporation) MD5=C56B6D0402371CF3700EB322EF3AAF61 -- C:\WINDOWS\system32\dllcache\tdtcp.sys [2008/04/14 18:00:00 | 000,021,896 | ---- | M] (Microsoft Corporation) MD5=C56B6D0402371CF3700EB322EF3AAF61 -- C:\WINDOWS\system32\drivers\tdtcp.sys [color=#A23BEC]< MD5 for: USBPRINT.SYS >[/color] [2008/05/15 19:53:42 | 010,174,543 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:usbprint.sys [color=#A23BEC]< MD5 for: USBSCAN.SYS >[/color] [2008/05/15 19:53:42 | 010,174,543 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:usbscan.sys [color=#A23BEC]< %systemroot%\*. /mp /s >[/color] [color=#A23BEC]< %systemroot%\system32\*.dll /lockedfiles >[/color] [2010/02/11 06:46:14 | 000,442,368 | ---- | M] (Advanced Micro Devices, Inc.)[b] Unable to obtain MD5[/b] -- C:\WINDOWS\system32\ATIDEMGX.dll [2008/03/01 14:58:06 | 000,347,136 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\WINDOWS\system32\dxtmsft.dll [2008/03/01 14:58:06 | 000,214,528 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\WINDOWS\system32\dxtrans.dll [4 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ] [color=#A23BEC]< %systemroot%\Tasks\*.job /lockedfiles >[/color] < End of report >

Extras.Txt

Code: Tout sélectionner: OTL Extras logfile created on: 04/08/2010 14:24:39 - Run 1 OTL by OldTimer - Version 3.2.9.1 Folder = L:\ Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 7.0.5730.13) Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy 958,00 Mb Total Physical Memory | 536,00 Mb Available Physical Memory | 56,00% Memory free 2,00 Gb Paging File | 2,00 Gb Available in Paging File | 79,00% Paging File free Paging file location(s): C:\pagefile.sys 1440 2880 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 227,03 Gb Total Space | 191,92 Gb Free Space | 84,54% Space Free | Partition Type: NTFS D: Drive not present or media not loaded E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded Drive H: | 5,85 Gb Total Space | 4,98 Gb Free Space | 85,24% Space Free | Partition Type: NTFS I: Drive not present or media not loaded Drive L: | 3,69 Gb Total Space | 0,58 Gb Free Space | 15,67% Space Free | Partition Type: FAT32 Computer Name: PCALR Current User Name: Alex Logged in as Administrator. Current Boot Mode: Normal Scan Mode: All users Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days Output = Standard [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .inf [@ = inffile] -- C:\WINDOWS\System32\NOTEPAD.EXE () .ini [@ = inifile] -- C:\WINDOWS\System32\NOTEPAD.EXE () .txt [@ = txtfile] -- C:\WINDOWS\System32\NOTEPAD.EXE () [color=#E56717]========== Shell Spawning ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 () batfile [open] -- "%1" %* batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 () cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 () cmdfile [open] -- "%1" %* cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 () comfile [open] -- "%1" %* exefile [open] -- "%1" %* htmlfile [edit] -- Reg Error: Key error. inffile [open] -- %SystemRoot%\System32\NOTEPAD.EXE %1 () inffile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 () inifile [open] -- %SystemRoot%\System32\NOTEPAD.EXE %1 () inifile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 () jsfile [edit] -- %SystemRoot%\System32\Notepad.exe %1 () jsfile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 () jsefile [edit] -- %SystemRoot%\System32\Notepad.exe %1 () jsefile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 () piffile [open] -- "%1" %* regfile [edit] -- %SystemRoot%\system32\NOTEPAD.EXE %1 () regfile [merge] -- Reg Error: Key error. regfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 () scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation) scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. txtfile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 () txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 () txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4" () vbefile [edit] -- %SystemRoot%\System32\Notepad.exe %1 () vbefile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 () vbsfile [edit] -- %SystemRoot%\System32\Notepad.exe %1 () vbsfile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 () wsffile [edit] -- %SystemRoot%\System32\Notepad.exe %1 () wsffile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 () Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" File not found Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" File not found Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "AntiVirusOverride" = 1 "FirewallOverride" = 1 "AntiVirusDisableNotify" = 1 "FirewallDisableNotify" = 1 "UpdatesDisableNotify" = 1 "DisablePagingExecutive" = 1 "LargeSystemCache" = 0 "UacDisableNotify" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "AntiVirusOverride" = 1 "AntiVirusDisableNotify" = 1 "FirewallDisableNotify" = 1 "FirewallOverride" = 1 "UpdatesDisableNotify" = 1 "UacDisableNotify" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall" = 0 "DoNotAllowExceptions" = 0 "DisableNotifications" = 0 "DisableUnicastResponsesToMulticastBroadcast" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 0 "DoNotAllowExceptions" = 0 "DisableNotifications" = 1 "DisableUnicastResponsesToMulticastBroadcast" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] "48113:TCP" = 48113:TCP:LocalSubNet:Enabled:maconfig_tcp "48113:UDP" = 48113:UDP:LocalSubNet:Enabled:maconfig_udp "1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007 "2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008 [color=#E56717]========== Authorized Applications List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] "%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- File not found "C:\Program Files\Windows Live\Messenger\wlcsdk.exe" = C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation) "C:\Nexon\Combat Arms EU\CombatArms.exe" = C:\Nexon\Combat Arms EU\CombatArms.exe:*Enabled:CombatArms.exe -- File not found "C:\Nexon\Combat Arms EU\Engine.exe" = C:\Nexon\Combat Arms EU\Engine.exe:*Enabled:Engine.exe -- File not found "C:\Program Files\BearShare Applications\BearShare\BearShare.exe" = C:\Program Files\BearShare Applications\BearShare\BearShare.exe:*:Enabled:BearShare -- File not found [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- File not found "C:\Program Files\Windows Live\Messenger\wlcsdk.exe" = C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation) "C:\Program Files\iTunes\iTunes.exe" = C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes -- File not found "C:\Program Files\Steam\Steam.exe" = C:\Program Files\Steam\Steam.exe:*:Enabled:Steam -- File not found "C:\Nexon\NEXON_EU_Downloader\NEXON_EU_Downloader_Engine.exe" = C:\Nexon\NEXON_EU_Downloader\NEXON_EU_Downloader_Engine.exe:*:Enabled:ipsec -- File not found "C:\Program Files\ma-config.com\maconfservice.exe" = C:\Program Files\ma-config.com\maconfservice.exe:LocalSubNet:Enabled:maconfservice -- File not found "C:\Documents and Settings\All Users\Application Data\NexonEU\NGM\NGM.exe" = C:\Documents and Settings\All Users\Application Data\NexonEU\NGM\NGM.exe:*:Enabled:Nexon Game Manager -- File not found "C:\Nexon\Combat Arms EU\CombatArms.exe" = C:\Nexon\Combat Arms EU\CombatArms.exe:*Enabled:CombatArms.exe -- File not found "C:\Nexon\Combat Arms EU\Engine.exe" = C:\Nexon\Combat Arms EU\Engine.exe:*Enabled:Engine.exe -- File not found "C:\Nexon\Combat Arms EU\NMService.exe" = C:\Nexon\Combat Arms EU\NMService.exe:*:Enabled:Nexon Messenger Core -- File not found "C:\Program Files\BearShare Applications\BearShare\BearShare.exe" = C:\Program Files\BearShare Applications\BearShare\BearShare.exe:*:Enabled:BearShare -- File not found "C:\Program Files\RocketDock\RocketDock.exe" = C:\Program Files\RocketDock\RocketDock.exe:*:Enabled:ipsec -- File not found "C:\Program Files\QuickTime\qttask.exe" = C:\Program Files\QuickTime\qttask.exe:*:Enabled:ipsec -- File not found "C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winsitemg.exe" = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winsitemg.exe:*:Enabled:ipsec -- File not found "C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winxocev.exe" = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winxocev.exe:*:Enabled:ipsec -- File not found "C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\wincjku.exe" = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\wincjku.exe:*:Enabled:ipsec -- File not found "C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winuefju.exe" = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winuefju.exe:*:Enabled:ipsec -- File not found "C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\wc742b.exe" = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\wc742b.exe:*:Enabled:ipsec -- File not found "C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe" = C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe:*:Enabled:ipsec -- File not found "C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winnhylro.exe" = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winnhylro.exe:*:Enabled:ipsec -- File not found "C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\mhmfn.exe" = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\mhmfn.exe:*:Enabled:ipsec -- File not found "C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\oxaea.exe" = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\oxaea.exe:*:Enabled:ipsec -- File not found "C:\Program Files\Ad-Remover\Main.exe" = C:\Program Files\Ad-Remover\Main.exe:*:Enabled:ipsec -- File not found "C:\Program Files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe" = C:\Program Files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe:*:Enabled:ipsec -- File not found "C:\PROGRA~1\BEARSH~1\MediaBar\DataMngr\DataMngrUI.exe" = C:\PROGRA~1\BEARSH~1\MediaBar\DataMngr\DataMngrUI.exe:*:Enabled:ipsec -- File not found "C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winmjpo.exe" = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winmjpo.exe:*:Enabled:ipsec -- File not found "C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\wincxktj.exe" = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\wincxktj.exe:*:Enabled:ipsec -- File not found "C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winkbjd.exe" = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winkbjd.exe:*:Enabled:ipsec -- File not found "C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winqmly.exe" = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winqmly.exe:*:Enabled:ipsec -- File not found "C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winhgli.exe" = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winhgli.exe:*:Enabled:ipsec -- File not found "C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winpmukdp.exe" = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winpmukdp.exe:*:Enabled:ipsec -- File not found "C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\w83cb4.exe" = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\w83cb4.exe:*:Enabled:ipsec -- File not found "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" = C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe:*:Enabled:ipsec -- File not found "C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\suad.exe" = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\suad.exe:*:Enabled:ipsec -- File not found "C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winjagl.exe" = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winjagl.exe:*:Enabled:ipsec -- File not found "C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winxthpok.exe" = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winxthpok.exe:*:Enabled:ipsec -- File not found "C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winvuwxqp.exe" = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winvuwxqp.exe:*:Enabled:ipsec -- File not found "C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\pspx.exe" = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\pspx.exe:*:Enabled:ipsec -- File not found "C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\windcoy.exe" = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\windcoy.exe:*:Enabled:ipsec -- File not found "C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winankl.exe" = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winankl.exe:*:Enabled:ipsec -- File not found "C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\w7b043.exe" = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\w7b043.exe:*:Enabled:ipsec -- File not found "C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\wintcwrp.exe" = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\wintcwrp.exe:*:Enabled:ipsec -- File not found "C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\bmjp.exe" = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\bmjp.exe:*:Enabled:ipsec -- File not found "C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winfivkx.exe" = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winfivkx.exe:*:Enabled:ipsec -- File not found "C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\ylfyk.exe" = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\ylfyk.exe:*:Enabled:ipsec -- File not found "C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\mjqs.exe" = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\mjqs.exe:*:Enabled:ipsec -- File not found "C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winlugerh.exe" = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winlugerh.exe:*:Enabled:ipsec -- File not found "C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\w75b3d.exe" = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\w75b3d.exe:*:Enabled:ipsec -- File not found "C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\pygt.exe" = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\pygt.exe:*:Enabled:ipsec -- File not found "C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\wingdeqrk.exe" = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\wingdeqrk.exe:*:Enabled:ipsec -- File not found "C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\wincxgl.exe" = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\wincxgl.exe:*:Enabled:ipsec -- File not found "C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\windmfbsr.exe" = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\windmfbsr.exe:*:Enabled:ipsec -- File not found "C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\djtq.exe" = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\djtq.exe:*:Enabled:ipsec -- File not found "C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe" = C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe:*:Enabled:ipsec -- File not found "C:\WINDOWS\TEMP\winhupjpc.exe" = C:\WINDOWS\TEMP\winhupjpc.exe:*:Enabled:ipsec -- File not found "C:\WINDOWS\TEMP\winadtx.exe" = C:\WINDOWS\TEMP\winadtx.exe:*:Enabled:ipsec -- File not found "C:\WINDOWS\TEMP\winfbvfo.exe" = C:\WINDOWS\TEMP\winfbvfo.exe:*:Enabled:ipsec -- File not found "C:\DOCUME~1\Alex\LOCALS~1\Temp\winuevq.exe" = C:\DOCUME~1\Alex\LOCALS~1\Temp\winuevq.exe:*:Enabled:ipsec -- File not found "C:\DOCUME~1\Alex\LOCALS~1\Temp\winxval.exe" = C:\DOCUME~1\Alex\LOCALS~1\Temp\winxval.exe:*:Enabled:ipsec -- File not found "C:\DOCUME~1\Alex\LOCALS~1\Temp\winmydeo.exe" = C:\DOCUME~1\Alex\LOCALS~1\Temp\winmydeo.exe:*:Enabled:ipsec -- File not found "C:\WINDOWS\TEMP\w7eda9.exe" = C:\WINDOWS\TEMP\w7eda9.exe:*:Enabled:ipsec -- File not found "C:\DOCUME~1\Alex\LOCALS~1\Temp\w8dbf1.exe" = C:\DOCUME~1\Alex\LOCALS~1\Temp\w8dbf1.exe:*:Enabled:ipsec -- File not found "C:\DOCUME~1\Alex\LOCALS~1\Temp\w94c30.exe" = C:\DOCUME~1\Alex\LOCALS~1\Temp\w94c30.exe:*:Enabled:ipsec -- File not found "C:\WINDOWS\TEMP\winkbnknw.exe" = C:\WINDOWS\TEMP\winkbnknw.exe:*:Enabled:ipsec -- File not found "C:\WINDOWS\TEMP\winujrcue.exe" = C:\WINDOWS\TEMP\winujrcue.exe:*:Enabled:ipsec -- File not found "C:\WINDOWS\TEMP\winqhfnh.exe" = C:\WINDOWS\TEMP\winqhfnh.exe:*:Enabled:ipsec -- File not found "C:\DOCUME~1\Alex\LOCALS~1\Temp\mskp.exe" = C:\DOCUME~1\Alex\LOCALS~1\Temp\mskp.exe:*:Enabled:ipsec -- File not found "C:\WINDOWS\TEMP\w710a7.exe" = C:\WINDOWS\TEMP\w710a7.exe:*:Enabled:ipsec -- File not found "C:\WINDOWS\TEMP\winmfxac.exe" = C:\WINDOWS\TEMP\winmfxac.exe:*:Enabled:ipsec -- File not found "C:\WINDOWS\TEMP\wingjwb.exe" = C:\WINDOWS\TEMP\wingjwb.exe:*:Enabled:ipsec -- File not found "C:\DOCUME~1\Alex\LOCALS~1\Temp\winomjpuy.exe" = C:\DOCUME~1\Alex\LOCALS~1\Temp\winomjpuy.exe:*:Enabled:ipsec -- File not found "C:\WINDOWS\TEMP\winwfbd.exe" = C:\WINDOWS\TEMP\winwfbd.exe:*:Enabled:ipsec -- File not found "C:\DOCUME~1\Alex\LOCALS~1\Temp\tmpyvf.exe" = C:\DOCUME~1\Alex\LOCALS~1\Temp\tmpyvf.exe:*:Enabled:ipsec -- File not found "C:\WINDOWS\TEMP\w7f8a6.exe" = C:\WINDOWS\TEMP\w7f8a6.exe:*:Enabled:ipsec -- File not found "C:\DOCUME~1\Alex\LOCALS~1\Temp\w8c433.exe" = C:\DOCUME~1\Alex\LOCALS~1\Temp\w8c433.exe:*:Enabled:ipsec -- File not found "C:\DOCUME~1\Alex\LOCALS~1\Temp\w999b3.exe" = C:\DOCUME~1\Alex\LOCALS~1\Temp\w999b3.exe:*:Enabled:ipsec -- File not found "C:\DOCUME~1\Alex\LOCALS~1\Temp\winlhnw.exe" = C:\DOCUME~1\Alex\LOCALS~1\Temp\winlhnw.exe:*:Enabled:ipsec -- File not found "C:\DOCUME~1\Alex\LOCALS~1\Temp\winqffw.exe" = C:\DOCUME~1\Alex\LOCALS~1\Temp\winqffw.exe:*:Enabled:ipsec -- File not found "C:\DOCUME~1\Alex\LOCALS~1\Temp\oqgj.exe" = C:\DOCUME~1\Alex\LOCALS~1\Temp\oqgj.exe:*:Enabled:ipsec -- File not found "C:\DOCUME~1\Alex\LOCALS~1\Temp\winqxfci.exe" = C:\DOCUME~1\Alex\LOCALS~1\Temp\winqxfci.exe:*:Enabled:ipsec -- File not found "C:\DOCUME~1\Alex\LOCALS~1\Temp\winuaiy.exe" = C:\DOCUME~1\Alex\LOCALS~1\Temp\winuaiy.exe:*:Enabled:ipsec -- File not found "C:\Program Files\Google\Update\GoogleUpdate.exe" = C:\Program Files\Google\Update\GoogleUpdate.exe:*:Enabled:ipsec -- File not found "C:\DOCUME~1\Alex\LOCALS~1\Temp\winxofbi.exe" = C:\DOCUME~1\Alex\LOCALS~1\Temp\winxofbi.exe:*:Enabled:ipsec -- File not found "C:\DOCUME~1\Alex\LOCALS~1\Temp\ygcaj.exe" = C:\DOCUME~1\Alex\LOCALS~1\Temp\ygcaj.exe:*:Enabled:ipsec -- File not found "C:\DOCUME~1\Alex\LOCALS~1\Temp\hnbygt.exe" = C:\DOCUME~1\Alex\LOCALS~1\Temp\hnbygt.exe:*:Enabled:ipsec -- File not found "C:\DOCUME~1\Alex\LOCALS~1\Temp\winqemee.exe" = C:\DOCUME~1\Alex\LOCALS~1\Temp\winqemee.exe:*:Enabled:ipsec -- File not found "C:\DOCUME~1\Alex\LOCALS~1\Temp\w96f0a.exe" = C:\DOCUME~1\Alex\LOCALS~1\Temp\w96f0a.exe:*:Enabled:ipsec -- File not found "C:\DOCUME~1\Alex\LOCALS~1\Temp\winccob.exe" = C:\DOCUME~1\Alex\LOCALS~1\Temp\winccob.exe:*:Enabled:ipsec -- File not found "C:\DOCUME~1\Alex\LOCALS~1\Temp\winxmroa.exe" = C:\DOCUME~1\Alex\LOCALS~1\Temp\winxmroa.exe:*:Enabled:ipsec -- File not found "C:\DOCUME~1\Alex\LOCALS~1\Temp\winekorb.exe" = C:\DOCUME~1\Alex\LOCALS~1\Temp\winekorb.exe:*:Enabled:ipsec -- File not found "C:\DOCUME~1\Alex\LOCALS~1\Temp\anpmvh.exe" = C:\DOCUME~1\Alex\LOCALS~1\Temp\anpmvh.exe:*:Enabled:ipsec -- File not found "C:\DOCUME~1\Alex\LOCALS~1\Temp\rlvbx.exe" = C:\DOCUME~1\Alex\LOCALS~1\Temp\rlvbx.exe:*:Enabled:ipsec -- File not found "C:\DOCUME~1\Alex\LOCALS~1\Temp\winesitmq.exe" = C:\DOCUME~1\Alex\LOCALS~1\Temp\winesitmq.exe:*:Enabled:ipsec -- File not found "C:\DOCUME~1\Alex\LOCALS~1\Temp\winocngs.exe" = C:\DOCUME~1\Alex\LOCALS~1\Temp\winocngs.exe:*:Enabled:ipsec -- File not found "C:\DOCUME~1\Alex\LOCALS~1\Temp\hfjc.exe" = C:\DOCUME~1\Alex\LOCALS~1\Temp\hfjc.exe:*:Enabled:ipsec -- File not found "C:\DOCUME~1\Alex\LOCALS~1\Temp\windrfhvf.exe" = C:\DOCUME~1\Alex\LOCALS~1\Temp\windrfhvf.exe:*:Enabled:ipsec -- File not found "C:\DOCUME~1\Alex\LOCALS~1\Temp\winymbu.exe" = C:\DOCUME~1\Alex\LOCALS~1\Temp\winymbu.exe:*:Enabled:ipsec -- File not found "C:\DOCUME~1\Alex\LOCALS~1\Temp\winfitegd.exe" = C:\DOCUME~1\Alex\LOCALS~1\Temp\winfitegd.exe:*:Enabled:ipsec -- File not found "C:\DOCUME~1\Alex\LOCALS~1\Temp\w77ccf.exe" = C:\DOCUME~1\Alex\LOCALS~1\Temp\w77ccf.exe:*:Enabled:ipsec -- File not found "C:\DOCUME~1\Alex\LOCALS~1\Temp\winxpsvwb.exe" = C:\DOCUME~1\Alex\LOCALS~1\Temp\winxpsvwb.exe:*:Enabled:ipsec -- File not found "C:\DOCUME~1\Alex\LOCALS~1\Temp\hydcex.exe" = C:\DOCUME~1\Alex\LOCALS~1\Temp\hydcex.exe:*:Enabled:ipsec -- File not found "C:\DOCUME~1\Alex\LOCALS~1\Temp\winadin.exe" = C:\DOCUME~1\Alex\LOCALS~1\Temp\winadin.exe:*:Enabled:ipsec -- File not found "C:\DOCUME~1\Alex\LOCALS~1\Temp\wineahqc.exe" = C:\DOCUME~1\Alex\LOCALS~1\Temp\wineahqc.exe:*:Enabled:ipsec -- File not found "C:\DOCUME~1\Alex\LOCALS~1\Temp\winmhjmn.exe" = C:\DOCUME~1\Alex\LOCALS~1\Temp\winmhjmn.exe:*:Enabled:ipsec -- File not found "C:\DOCUME~1\Alex\LOCALS~1\Temp\winiiqi.exe" = C:\DOCUME~1\Alex\LOCALS~1\Temp\winiiqi.exe:*:Enabled:ipsec -- File not found "C:\DOCUME~1\Alex\LOCALS~1\Temp\qhprtb.exe" = C:\DOCUME~1\Alex\LOCALS~1\Temp\qhprtb.exe:*:Enabled:ipsec -- File not found "C:\DOCUME~1\Alex\LOCALS~1\Temp\winaoxql.exe" = C:\DOCUME~1\Alex\LOCALS~1\Temp\winaoxql.exe:*:Enabled:ipsec -- File not found "C:\DOCUME~1\Alex\LOCALS~1\Temp\winfvsuch.exe" = C:\DOCUME~1\Alex\LOCALS~1\Temp\winfvsuch.exe:*:Enabled:ipsec -- File not found "C:\DOCUME~1\Alex\LOCALS~1\Temp\xfqh.exe" = C:\DOCUME~1\Alex\LOCALS~1\Temp\xfqh.exe:*:Enabled:ipsec -- File not found "C:\DOCUME~1\Alex\LOCALS~1\Temp\wintropo.exe" = C:\DOCUME~1\Alex\LOCALS~1\Temp\wintropo.exe:*:Enabled:ipsec -- File not found "C:\DOCUME~1\Alex\LOCALS~1\Temp\winbbca.exe" = C:\DOCUME~1\Alex\LOCALS~1\Temp\winbbca.exe:*:Enabled:ipsec -- File not found "C:\DOCUME~1\Alex\LOCALS~1\Temp\winqyxvlu.exe" = C:\DOCUME~1\Alex\LOCALS~1\Temp\winqyxvlu.exe:*:Enabled:ipsec -- File not found "C:\DOCUME~1\Alex\LOCALS~1\Temp\ikkpq.exe" = C:\DOCUME~1\Alex\LOCALS~1\Temp\ikkpq.exe:*:Enabled:ipsec -- File not found "C:\DOCUME~1\Alex\LOCALS~1\Temp\vluil.exe" = C:\DOCUME~1\Alex\LOCALS~1\Temp\vluil.exe:*:Enabled:ipsec -- File not found "C:\DOCUME~1\Alex\LOCALS~1\Temp\winwqolx.exe" = C:\DOCUME~1\Alex\LOCALS~1\Temp\winwqolx.exe:*:Enabled:ipsec -- File not found "C:\DOCUME~1\Alex\LOCALS~1\Temp\winhkwls.exe" = C:\DOCUME~1\Alex\LOCALS~1\Temp\winhkwls.exe:*:Enabled:ipsec -- File not found "C:\DOCUME~1\Alex\LOCALS~1\Temp\winxwda.exe" = C:\DOCUME~1\Alex\LOCALS~1\Temp\winxwda.exe:*:Enabled:ipsec -- File not found "C:\DOCUME~1\Alex\LOCALS~1\Temp\winjukg.exe" = C:\DOCUME~1\Alex\LOCALS~1\Temp\winjukg.exe:*:Enabled:ipsec -- File not found "C:\DOCUME~1\Alex\LOCALS~1\Temp\kltnv.exe" = C:\DOCUME~1\Alex\LOCALS~1\Temp\kltnv.exe:*:Enabled:ipsec -- File not found "C:\DOCUME~1\Alex\LOCALS~1\Temp\winlvdp.exe" = C:\DOCUME~1\Alex\LOCALS~1\Temp\winlvdp.exe:*:Enabled:ipsec -- File not found "C:\DOCUME~1\Alex\LOCALS~1\Temp\wincbgcwa.exe" = C:\DOCUME~1\Alex\LOCALS~1\Temp\wincbgcwa.exe:*:Enabled:ipsec -- File not found "C:\DOCUME~1\Alex\LOCALS~1\Temp\winwifh.exe" = C:\DOCUME~1\Alex\LOCALS~1\Temp\winwifh.exe:*:Enabled:ipsec -- File not found "C:\DOCUME~1\Alex\LOCALS~1\Temp\yafbd.exe" = C:\DOCUME~1\Alex\LOCALS~1\Temp\yafbd.exe:*:Enabled:ipsec -- File not found "C:\DOCUME~1\Alex\LOCALS~1\Temp\winksqx.exe" = C:\DOCUME~1\Alex\LOCALS~1\Temp\winksqx.exe:*:Enabled:ipsec -- File not found "C:\DOCUME~1\Alex\LOCALS~1\Temp\winmrcgit.exe" = C:\DOCUME~1\Alex\LOCALS~1\Temp\winmrcgit.exe:*:Enabled:ipsec -- File not found "C:\DOCUME~1\Alex\LOCALS~1\Temp\winbkpsaa.exe" = C:\DOCUME~1\Alex\LOCALS~1\Temp\winbkpsaa.exe:*:Enabled:ipsec -- File not found "C:\DOCUME~1\Alex\LOCALS~1\Temp\winuuok.exe" = C:\DOCUME~1\Alex\LOCALS~1\Temp\winuuok.exe:*:Enabled:ipsec -- File not found "C:\DOCUME~1\Alex\LOCALS~1\Temp\wjlwsr.exe" = C:\DOCUME~1\Alex\LOCALS~1\Temp\wjlwsr.exe:*:Enabled:ipsec -- File not found "C:\DOCUME~1\Alex\LOCALS~1\Temp\wjpp.exe" = C:\DOCUME~1\Alex\LOCALS~1\Temp\wjpp.exe:*:Enabled:ipsec -- File not found "C:\Program Files\WinZip\WZQKPICK.EXE" = C:\Program Files\WinZip\WZQKPICK.EXE:*:Enabled:ipsec -- File not found "C:\DOCUME~1\Alex\LOCALS~1\Temp\winpqoo.exe" = C:\DOCUME~1\Alex\LOCALS~1\Temp\winpqoo.exe:*:Enabled:ipsec -- File not found "C:\DOCUME~1\Alex\LOCALS~1\Temp\winbugk.exe" = C:\DOCUME~1\Alex\LOCALS~1\Temp\winbugk.exe:*:Enabled:ipsec -- File not found "C:\DOCUME~1\Alex\LOCALS~1\Temp\winfxjamp.exe" = C:\DOCUME~1\Alex\LOCALS~1\Temp\winfxjamp.exe:*:Enabled:ipsec -- File not found "C:\DOCUME~1\Alex\LOCALS~1\Temp\xnebx.exe" = C:\DOCUME~1\Alex\LOCALS~1\Temp\xnebx.exe:*:Enabled:ipsec -- File not found "C:\DOCUME~1\Alex\LOCALS~1\Temp\windxvb.exe" = C:\DOCUME~1\Alex\LOCALS~1\Temp\windxvb.exe:*:Enabled:ipsec -- File not found "C:\DOCUME~1\Alex\LOCALS~1\Temp\w7e82b.exe" = C:\DOCUME~1\Alex\LOCALS~1\Temp\w7e82b.exe:*:Enabled:ipsec -- File not found "C:\DOCUME~1\Alex\LOCALS~1\Temp\winddfjmd.exe" = C:\DOCUME~1\Alex\LOCALS~1\Temp\winddfjmd.exe:*:Enabled:ipsec -- File not found "C:\DOCUME~1\Alex\LOCALS~1\Temp\winxndvd.exe" = C:\DOCUME~1\Alex\LOCALS~1\Temp\winxndvd.exe:*:Enabled:ipsec -- File not found "C:\DOCUME~1\Alex\LOCALS~1\Temp\winbnqo.exe" = C:\DOCUME~1\Alex\LOCALS~1\Temp\winbnqo.exe:*:Enabled:ipsec -- File not found "C:\DOCUME~1\Alex\LOCALS~1\Temp\winimmk.exe" = C:\DOCUME~1\Alex\LOCALS~1\Temp\winimmk.exe:*:Enabled:ipsec -- File not found "C:\DOCUME~1\Alex\LOCALS~1\Temp\wbqfjn.exe" = C:\DOCUME~1\Alex\LOCALS~1\Temp\wbqfjn.exe:*:Enabled:ipsec -- File not found "C:\DOCUME~1\Alex\LOCALS~1\Temp\winpdlyuo.exe" = C:\DOCUME~1\Alex\LOCALS~1\Temp\winpdlyuo.exe:*:Enabled:ipsec -- File not found "C:\DOCUME~1\Alex\LOCALS~1\Temp\winayui.exe" = C:\DOCUME~1\Alex\LOCALS~1\Temp\winayui.exe:*:Enabled:ipsec -- File not found "C:\DOCUME~1\Alex\LOCALS~1\Temp\winkdthgo.exe" = C:\DOCUME~1\Alex\LOCALS~1\Temp\winkdthgo.exe:*:Enabled:ipsec -- File not found "C:\DOCUME~1\Alex\LOCALS~1\Temp\winqcvso.exe" = C:\DOCUME~1\Alex\LOCALS~1\Temp\winqcvso.exe:*:Enabled:ipsec -- File not found "C:\DOCUME~1\Alex\LOCALS~1\Temp\qvlu.exe" = C:\DOCUME~1\Alex\LOCALS~1\Temp\qvlu.exe:*:Enabled:ipsec -- File not found "C:\DOCUME~1\Alex\LOCALS~1\Temp\winwxea.exe" = C:\DOCUME~1\Alex\LOCALS~1\Temp\winwxea.exe:*:Enabled:ipsec -- File not found "C:\DOCUME~1\Alex\LOCALS~1\Temp\windlhsgm.exe" = C:\DOCUME~1\Alex\LOCALS~1\Temp\windlhsgm.exe:*:Enabled:ipsec -- File not found "C:\DOCUME~1\Alex\LOCALS~1\Temp\winbvjxxw.exe" = C:\DOCUME~1\Alex\LOCALS~1\Temp\winbvjxxw.exe:*:Enabled:ipsec -- File not found "C:\DOCUME~1\Alex\LOCALS~1\Temp\winttnj.exe" = C:\DOCUME~1\Alex\LOCALS~1\Temp\winttnj.exe:*:Enabled:ipsec -- File not found "C:\DOCUME~1\Alex\LOCALS~1\Temp\usbo.exe" = C:\DOCUME~1\Alex\LOCALS~1\Temp\usbo.exe:*:Enabled:ipsec -- File not found "C:\DOCUME~1\Alex\LOCALS~1\Temp\winfovjg.exe" = C:\DOCUME~1\Alex\LOCALS~1\Temp\winfovjg.exe:*:Enabled:ipsec -- File not found "C:\DOCUME~1\Alex\LOCALS~1\Temp\winwdygi.exe" = C:\DOCUME~1\Alex\LOCALS~1\Temp\winwdygi.exe:*:Enabled:ipsec -- File not found "C:\DOCUME~1\Alex\LOCALS~1\Temp\wineldidp.exe" = C:\DOCUME~1\Alex\LOCALS~1\Temp\wineldidp.exe:*:Enabled:ipsec -- File not found "C:\DOCUME~1\Alex\LOCALS~1\Temp\winfpkcyf.exe" = C:\DOCUME~1\Alex\LOCALS~1\Temp\winfpkcyf.exe:*:Enabled:ipsec -- File not found "C:\DOCUME~1\Alex\LOCALS~1\Temp\xrola.exe" = C:\DOCUME~1\Alex\LOCALS~1\Temp\xrola.exe:*:Enabled:ipsec -- File not found "C:\DOCUME~1\Alex\LOCALS~1\Temp\winnfixiq.exe" = C:\DOCUME~1\Alex\LOCALS~1\Temp\winnfixiq.exe:*:Enabled:ipsec -- File not found "C:\DOCUME~1\Alex\LOCALS~1\Temp\winsihbx.exe" = C:\DOCUME~1\Alex\LOCALS~1\Temp\winsihbx.exe:*:Enabled:ipsec -- File not found "C:\DOCUME~1\Alex\LOCALS~1\Temp\psig.exe" = C:\DOCUME~1\Alex\LOCALS~1\Temp\psig.exe:*:Enabled:ipsec -- File not found "C:\DOCUME~1\Alex\LOCALS~1\Temp\winjiwbus.exe" = C:\DOCUME~1\Alex\LOCALS~1\Temp\winjiwbus.exe:*:Enabled:ipsec -- File not found "C:\DOCUME~1\Alex\LOCALS~1\Temp\winaqalu.exe" = C:\DOCUME~1\Alex\LOCALS~1\Temp\winaqalu.exe:*:Enabled:ipsec -- File not found "C:\DOCUME~1\Alex\LOCALS~1\Temp\w7c6e7.exe" = C:\DOCUME~1\Alex\LOCALS~1\Temp\w7c6e7.exe:*:Enabled:ipsec -- File not found "C:\DOCUME~1\Alex\LOCALS~1\Temp\winitoee.exe" = C:\DOCUME~1\Alex\LOCALS~1\Temp\winitoee.exe:*:Enabled:ipsec -- File not found "C:\DOCUME~1\Alex\LOCALS~1\Temp\winqlhmys.exe" = C:\DOCUME~1\Alex\LOCALS~1\Temp\winqlhmys.exe:*:Enabled:ipsec -- File not found "C:\DOCUME~1\Alex\LOCALS~1\Temp\winjhknen.exe" = C:\DOCUME~1\Alex\LOCALS~1\Temp\winjhknen.exe:*:Enabled:ipsec -- File not found "C:\DOCUME~1\Alex\LOCALS~1\Temp\winvrcvl.exe" = C:\DOCUME~1\Alex\LOCALS~1\Temp\winvrcvl.exe:*:Enabled:ipsec -- File not found "C:\DOCUME~1\Alex\LOCALS~1\Temp\winqgjr.exe" = C:\DOCUME~1\Alex\LOCALS~1\Temp\winqgjr.exe:*:Enabled:ipsec -- File not found "C:\DOCUME~1\Alex\LOCALS~1\Temp\winlvbot.exe" = C:\DOCUME~1\Alex\LOCALS~1\Temp\winlvbot.exe:*:Enabled:ipsec -- File not found "C:\DOCUME~1\Alex\LOCALS~1\Temp\winlkeu.exe" = C:\DOCUME~1\Alex\LOCALS~1\Temp\winlkeu.exe:*:Enabled:ipsec -- File not found "C:\DOCUME~1\Alex\LOCALS~1\Temp\ofgt.exe" = C:\DOCUME~1\Alex\LOCALS~1\Temp\ofgt.exe:*:Enabled:ipsec -- File not found "C:\WINDOWS\explorer.exe" = C:\WINDOWS\Explorer.EXE:*:Enabled:ipsec -- (Microsoft Corporation) "C:\DOCUME~1\Alex\LOCALS~1\Temp\wincvphr.exe" = C:\DOCUME~1\Alex\LOCALS~1\Temp\wincvphr.exe:*:Enabled:ipsec -- () "C:\DOCUME~1\Alex\LOCALS~1\Temp\winjhhd.exe" = C:\DOCUME~1\Alex\LOCALS~1\Temp\winjhhd.exe:*:Enabled:ipsec -- File not found "C:\DOCUME~1\Alex\LOCALS~1\Temp\eprdey.exe" = C:\DOCUME~1\Alex\LOCALS~1\Temp\eprdey.exe:*:Enabled:ipsec -- File not found "C:\DOCUME~1\Alex\LOCALS~1\Temp\winwkma.exe" = C:\DOCUME~1\Alex\LOCALS~1\Temp\winwkma.exe:*:Enabled:ipsec -- File not found "C:\DOCUME~1\Alex\LOCALS~1\Temp\winvsdjmv.exe" = C:\DOCUME~1\Alex\LOCALS~1\Temp\winvsdjmv.exe:*:Enabled:ipsec -- File not found "C:\DOCUME~1\Alex\LOCALS~1\Temp\winvtyama.exe" = C:\DOCUME~1\Alex\LOCALS~1\Temp\winvtyama.exe:*:Enabled:ipsec -- File not found "C:\DOCUME~1\Alex\LOCALS~1\Temp\w716c2.exe" = C:\DOCUME~1\Alex\LOCALS~1\Temp\w716c2.exe:*:Enabled:ipsec -- () "C:\DOCUME~1\Alex\LOCALS~1\Temp\winupyqou.exe" = C:\DOCUME~1\Alex\LOCALS~1\Temp\winupyqou.exe:*:Enabled:ipsec -- File not found "C:\DOCUME~1\Alex\LOCALS~1\Temp\winfqwia.exe" = C:\DOCUME~1\Alex\LOCALS~1\Temp\winfqwia.exe:*:Enabled:ipsec -- File not found "C:\DOCUME~1\Alex\LOCALS~1\Temp\winbcbrt.exe" = C:\DOCUME~1\Alex\LOCALS~1\Temp\winbcbrt.exe:*:Enabled:ipsec -- File not found "C:\DOCUME~1\Alex\LOCALS~1\Temp\lvmsi.exe" = C:\DOCUME~1\Alex\LOCALS~1\Temp\lvmsi.exe:*:Enabled:ipsec -- File not found "C:\DOCUME~1\Alex\LOCALS~1\Temp\winuwid.exe" = C:\DOCUME~1\Alex\LOCALS~1\Temp\winuwid.exe:*:Enabled:ipsec -- File not found "C:\Program Files\AVG\AVG8\avgscanx.exe" = C:\Program Files\AVG\AVG8\avgscanx.exe:*:Enabled:ipsec -- (AVG Technologies CZ, s.r.o.) "C:\DOCUME~1\Alex\LOCALS~1\Temp\winnwui.exe" = C:\DOCUME~1\Alex\LOCALS~1\Temp\winnwui.exe:*:Enabled:ipsec -- File not found "C:\DOCUME~1\Alex\LOCALS~1\Temp\winmeqijb.exe" = C:\DOCUME~1\Alex\LOCALS~1\Temp\winmeqijb.exe:*:Enabled:ipsec -- File not found "C:\DOCUME~1\Alex\LOCALS~1\Temp\winpjkp.exe" = C:\DOCUME~1\Alex\LOCALS~1\Temp\winpjkp.exe:*:Enabled:ipsec -- File not found "C:\DOCUME~1\Alex\LOCALS~1\Temp\qeske.exe" = C:\DOCUME~1\Alex\LOCALS~1\Temp\qeske.exe:*:Enabled:ipsec -- File not found "C:\DOCUME~1\Alex\LOCALS~1\Temp\winyfxj.exe" = C:\DOCUME~1\Alex\LOCALS~1\Temp\winyfxj.exe:*:Enabled:ipsec -- File not found "C:\DOCUME~1\Alex\LOCALS~1\Temp\winiloqor.exe" = C:\DOCUME~1\Alex\LOCALS~1\Temp\winiloqor.exe:*:Enabled:ipsec -- File not found "C:\DOCUME~1\Alex\LOCALS~1\Temp\winsrba.exe" = C:\DOCUME~1\Alex\LOCALS~1\Temp\winsrba.exe:*:Enabled:ipsec -- File not found "C:\DOCUME~1\Alex\LOCALS~1\Temp\wincqjf.exe" = C:\DOCUME~1\Alex\LOCALS~1\Temp\wincqjf.exe:*:Enabled:ipsec -- File not found "C:\DOCUME~1\Alex\LOCALS~1\Temp\winnnig.exe" = C:\DOCUME~1\Alex\LOCALS~1\Temp\winnnig.exe:*:Enabled:ipsec -- File not found "C:\DOCUME~1\Alex\LOCALS~1\Temp\winqibuki.exe" = C:\DOCUME~1\Alex\LOCALS~1\Temp\winqibuki.exe:*:Enabled:ipsec -- File not found "C:\DOCUME~1\Alex\LOCALS~1\Temp\winndrb.exe" = C:\DOCUME~1\Alex\LOCALS~1\Temp\winndrb.exe:*:Enabled:ipsec -- File not found "C:\DOCUME~1\Alex\LOCALS~1\Temp\winmpneei.exe" = C:\DOCUME~1\Alex\LOCALS~1\Temp\winmpneei.exe:*:Enabled:ipsec -- File not found "C:\DOCUME~1\Alex\LOCALS~1\Temp\winovjl.exe" = C:\DOCUME~1\Alex\LOCALS~1\Temp\winovjl.exe:*:Enabled:ipsec -- File not found "C:\DOCUME~1\Alex\LOCALS~1\Temp\winowuf.exe" = C:\DOCUME~1\Alex\LOCALS~1\Temp\winowuf.exe:*:Enabled:ipsec -- File not found "C:\DOCUME~1\Alex\LOCALS~1\Temp\winpxbxwy.exe" = C:\DOCUME~1\Alex\LOCALS~1\Temp\winpxbxwy.exe:*:Enabled:ipsec -- File not found [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{03ADC8AB-C130-0C3D-1FF9-2C385DF25689}" = CCC Help Czech "{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam "{055EE59D-217B-43A7-ABFF-507B966405D8}" = ATI Catalyst Control Center "{07021185-008D-ABF9-7716-475AC035F8B3}" = CCC Help Spanish "{0F8D0406-7755-AC37-6529-73AD649DBE32}" = Catalyst Control Center Graphics Previews Common "{1451DE6B-ABE1-4F62-BE9A-B363A17588A2}" = QuickTime "{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer "{1E5E2F9A-17D3-45CA-8FF0-B0C2927D4B03}" = MobileMe Control Panel "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Outil de téléchargement Windows Live "{22072CC8-7230-96F8-52F4-05EAF3F906B6}" = CCC Help Polish "{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT "{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer "{2368ADBD-6FDF-4B9F-FE41-E20B4D78E79E}" = CCC Help Chinese Standard "{25EF0DC4-B072-2E04-4581-A13C91423CE6}" = CCC Help Portuguese "{26F7855C-443B-00A6-F7B8-A97A5403F617}" = CCC Help Danish "{2CB4A925-48A7-DA65-DCEE-D4DE224B7D84}" = CCC Help English "{306D75B9-7FFF-FF65-0C76-57F2FE4FE1D6}" = Catalyst Control Center Core Implementation "{32B12FE4-5A51-751A-1FB6-A14E97EBDD5C}" = CCC Help German "{338F08AB-C262-42C7-B000-34DE1A475273}" = Ad-Aware Email Scanner for Outlook "{351512E5-01BD-E878-6F57-AA3E517D9ECE}" = Skins "{354A387E-0374-21A3-6832-335674A6D7D1}" = CCC Help French "{3C00BEE9-26D0-D9E0-A2D1-62F70D412A12}" = CCC Help Turkish "{3F3733A5-8322-454D-A638-3B74E1C83752}" = Gadget Installer "{4346F7AA-3D56-0941-424C-4454E04D37F6}" = CCC Help Italian "{46ABBC54-1872-4AA3-95E2-F2C063A63F31}" = Installation Windows Live "{4CAE2F2C-75CD-A0DE-7520-449BCBBCC833}" = CCC Help Korean "{553255F3-78FD-40F1-A6F8-6882140265FE}" = Apple Application Support "{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml "{57F7F0A5-8F22-8E63-E819-803B5C9CA3A5}" = CCC Help Dutch "{5EA437D2-7A57-B60E-E8F2-76BFAC0895A5}" = CCC Help Chinese Traditional "{5f7f11e1-7244-4974-b187-259bb931f2d3}" = Nero 9 Lite "{61AF4E75-050E-0304-3417-8BC16417FEB1}" = CCC Help Greek "{62008929-7F3E-4565-A3DF-F55F35009021}" = Ma-Config.com "{632005DA-C291-5275-284C-5EE96B05C714}" = Catalyst Control Center HydraVision Full "{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update "{6C72BE0C-3E25-CACD-0070-2FD9C02ABA14}" = ccc-core-preinstall "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{770F1BEC-2871-4E70-B837-FB8525FFA3B1}" = Windows Live Messenger "{7748AC8C-18E3-43BB-959B-088FAEA16FB2}" = Nero StartSmart "{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP "{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}" = Windows Live Call "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{880BB617-914E-17E8-D877-A96BAC5794D2}" = Catalyst Control Center Graphics Full New "{8897CF22-DB6C-8248-895C-12BFA2677F51}" = CCC Help Hungarian "{8D7133DE-27D2-47E5-B248-4180278D32AA}" = Catalyst Control Center - Branding "{90120000-008A-040C-0000-0000000FF1CE}" = Gadget Documents récents Microsoft Office 2007 "{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting "{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI "{A67BB21E-D419-45BB-AB86-7D87D14BBCE2}" = Safari "{A6FDF86A-F541-4E7B-AEA0-8849A2A700D5}" = iTunes "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{AADEA55D-C834-4BCB-98A3-4B8D1C18F4EE}" = Apple Mobile Device Support "{AC76BA86-7AD7-1036-7B44-A93000000001}" = Adobe Reader 9.3.2 - Français "{ACCA20B0-C4D1-4BF5-BF21-0A0EB5EF9730}" = REALTEK GbE & FE Ethernet PCI NIC Driver "{AF710FDE-2815-8C8D-5281-8004C2654AA6}" = CCC Help Russian "{AFF2D965-C6F2-A210-FBF7-532612AA1D23}" = CCC Help Swedish "{B21336EE-4AEF-9940-4AC7-EDB89854B8D3}" = CCC Help Thai "{B2EC4A38-B545-4A00-8214-13FE0E915E6D}" = Advertising Center "{BB05D173-9681-4812-A7FA-BD4042A3DA00}" = Alky for Applications (Windows XP) "{BBA69346-61A1-BD34-E75A-4D81232DB1FE}" = Catalyst Control Center Localization All "{BD5CA0DA-71AD-43DA-B19E-6EEE0C9ADC9A}" = Nero ControlCenter "{BFD5ED08-F066-92D5-BE67-3B9AE5DCFF0C}" = CCC Help Japanese "{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2 "{C151CE54-E7EA-4804-854B-F515368B0798}" = AMD Processor Driver "{C43048A9-742C-4DAD-90D2-E3B53C9DB825}" = Logiciel QuickCam de Logitech "{C4609F15-FB3C-D97E-BAA1-4F10815039C2}" = Catalyst Control Center Graphics Full Existing "{C81A2FE0-3574-00A9-CED4-BDAA334CBE8E}" = Nero Online Upgrade "{CD95F661-A5C4-44F5-A6AA-ECDD91C240BD}" = WinZip 14.5 "{D01FAC3D-86B4-3A19-9D10-9156A0EB3EBE}" = CCC Help Finnish "{D73722C8-3F65-C75B-A631-5D36894DAB92}" = ccc-core-static "{DCE8CD14-FBF5-4464-B9A4-E18E473546C7}" = Assistant de connexion Windows Live "{DDAD33B6-8C00-428D-087B-A7088355B9BE}" = Catalyst Control Center Graphics Light "{E333F074-FC7F-596D-3D61-44F0EC28E8C0}" = ccc-utility "{E8A80433-302B-4FF1-815D-FCC8EAC482FF}" = Nero Installer "{ED00D08A-3C5F-488D-93A0-A04F21F23956}" = Windows Live Communications Platform "{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard "{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729) "{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01 "{FA38F9E4-BED7-E021-B660-8FDFF7EC6E1A}" = CCC Help Norwegian "{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio "{FB26A501-6BA6-459B-89AA-9736730752FB}" = VoiceOver Kit "7-Zip" = 7-Zip 4.65 "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player Plugin "Adobe Shockwave Player" = Adobe Shockwave Player 11.5 "Ad-Remover" = Ad-Remover By C_XX "All ATI Software" = ATI - Utilitaire de désinstallation du logiciel "ATI Display Driver" = ATI Display Driver "AVG8Uninstall" = AVG 8.0 "BearShare MediaBar" = MediaBar "BurnAware Free_is1" = BurnAware Free 2.4.4 "Game Booster_is1" = Game Booster "Google Chrome" = Google Chrome "HijackThis" = HijackThis 2.0.2 "McAfee Security Scan" = McAfee Security Scan "Messenger Plus! Live" = Messenger Plus! Live "Messenger_Plus_Live_France Toolbar" = Messenger_Plus_Live_France Toolbar "Mumble" = Mumble and Murmur "NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs "NSS" = Norton Security Scan "QcDrv" = Programme de gestion Camera de Logitech® "RealVNC_is1" = VNC Free Edition 4.1.2 "SpyCam Version 6.34" = SpyCam Version 6.34 "Steam App 240" = Counter-Strike: Source "Steam App 300" = Day of Defeat: Source "Steam App 320" = Half-Life 2: Deathmatch "Steam App 340" = Half-Life 2: Lost Coast "TmOriginalDemo_is1" = TrackMania Original Demo 1.5.0 "VLC media player" = VLC media player 1.0.5 "Windows Live OneCare safety scanner" = Windows Live OneCare safety scanner "Windows Sidebar" = Volet Windows "WinLiveSuite_Wave3" = Installation Windows Live [color=#E56717]========== Last 10 Event Log Errors ==========[/color] [ System Events ] Error - 03/08/2010 12:34:47 | Computer Name = PCALR | Source = Service Control Manager | ID = 7034 Description = Le service Acquisition d'image Windows (WIA) s'est terminé de façon inattendue pour la 1ème fois. Error - 03/08/2010 12:34:47 | Computer Name = PCALR | Source = Service Control Manager | ID = 7031 Description = Le service Bandoo Coordinator s'est terminé de manière inattendue. Ceci s'est produit 1 fois. L'action corrective suivante va être effectuée dans 60000 millisecondes : Redémarrer le service. Error - 03/08/2010 12:35:00 | Computer Name = PCALR | Source = Service Control Manager | ID = 7032 Description = Le Gestionnaire de services de contrôle a essayé d'entreprendre une action corrective (Redémarrer le service) après la fin inattendue du service Bandoo Coordinator, mais cette action a échoué en raison de l'erreur suivante : %%1056 Error - 03/08/2010 12:50:30 | Computer Name = PCALR | Source = Service Control Manager | ID = 7009 Description = Délai (30000 millisecondes) d'attente pour une connexion du service VNC Server Version 4. Error - 03/08/2010 15:09:46 | Computer Name = PCALR | Source = Service Control Manager | ID = 7009 Description = Délai (30000 millisecondes) d'attente pour une connexion du service VNC Server Version 4. Error - 04/08/2010 02:36:11 | Computer Name = PCALR | Source = Service Control Manager | ID = 7000 Description = Le service Lavasoft Ad-Aware Service n'a pas pu démarrer en raison de l'erreur : %%2 Error - 04/08/2010 02:36:11 | Computer Name = PCALR | Source = Service Control Manager | ID = 7009 Description = Délai (30000 millisecondes) d'attente pour une connexion du service VNC Server Version 4. Error - 04/08/2010 02:36:11 | Computer Name = PCALR | Source = Service Control Manager | ID = 7000 Description = Le service aic32p n'a pas pu démarrer en raison de l'erreur : %%2 Error - 04/08/2010 07:02:25 | Computer Name = PCALR | Source = DCOM | ID = 10001 Description = Le démarrage d'un serveur DCOM : {FBA44040-BD27-4A09-ACC8-C08B7C723DCD} en tant que n'est pas possible. L'erreur : "%2" s'est produite lors du démarrage de la commande : "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" -Embedding Error - 04/08/2010 07:02:40 | Computer Name = PCALR | Source = DCOM | ID = 10001 Description = Le démarrage d'un serveur DCOM : {FBA44040-BD27-4A09-ACC8-C08B7C723DCD} en tant que n'est pas possible. L'erreur : "%2" s'est produite lors du démarrage de la commande : "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" -Embedding < End of report >

Merci de votre aide

Arenaaa

jeanmimigab · le 04 Aoû 2010 18:02

hello vous deux,

@Arenaaa,

Ne fais la procédure que je vais te donner que si tu es sûre d'avoir à portée de main un support de restauration (DVD de restauration, CD de Windows etc...) pour réinstaller si le pc plante (c'est rare mais sur des infections aussi sérieuses ont n'est pas à l'abri)

* Fais un double-clic sur l'icône d'OTL pour le lancer
/!\ pour Vista/Seven fais un clic-droit sur l'icône d'OTL et choisis "Exécuter en tant qu'administrateur"

* Assure toi d'avoir fermé toutes les applications en court de fonctionnement.

* Quand la fenêtre d'OTL apparaît, assure toi que dans la section "Rapport" (en haut à droite) la case "Rapport minimal" soit cochée.

* Copies et colles le contenue de cette citation dans la partie inférieure d'OTL "Personnalisation"

:Files
C:\Documents and Settings\Administrateur\Application Data\Dna.sys
C:\WINDOWS\system32\drivers\gjprmf.sys
C:\Program Files\Messenger_Plus_Live_France
C:\WINDOWS\Downloaded Program Files\ThunderAdvise.dll
C:\Documents and Settings\Alex\Application Data\PriceGong
C:\Documents and Settings\Alex\Local Settings\Application Data\Messenger_Plus_Live_France
C:\WINDOWS\System32\drivers\gjprmf.sys
C:\WINDOWS\System32\drivers\NetZero.sys
C:\WINDOWS\System32\mmgl11.dll
C:\WINDOWS\System32\mmgl15.dll
C:\WINDOWS\System32\mmgl19.dll
C:\WINDOWS\System32\mmgl10.dll
C:\msvn.exe
C:\WINDOWS\System32\mmgl1.dll
C:\WINDOWS\System32\mmgl17.dll
C:\Program Files\Wednesday.ime
C:\Program Files\Monday.ime
C:\WINDOWS\System32\mmgl4.dll
C:\Program Files\taskmgr.upx
C:\Program Files\Tuesday.ime
C:\Program Files\Sunday.ime
C:\WINDOWS\System32\mmgl12.dll
C:\WINDOWS\System32\mmgl9.dll
C:\WINDOWS\System32\mmgl16.dll
C:\WINDOWS\System32\dllcache\midimap.dll
C:\WINDOWS\System32\mmgl3.dll
C:\WINDOWS\System32\mmgl2.dll
C:\WINDOWS\System32\qt-dx3.dll
C:\WINDOWS\System32\drivers\gjprmf(2).sys
C:\Program Files\Saturday

:OTL
DRV - [2010/08/03 22:27:28 | 000,005,157 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\gjprmf.sys -- (amsint32)
DRV - [2010/08/03 22:27:28 | 000,005,157 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\gjprmf.sys -- (aic32p)
O2 - BHO: (Messenger Plus Live France Toolbar) - {59994074-c06d-4a75-9768-49e5a8c21264} - C:\Program Files\Messenger_Plus_Live_France\tbMes1.dll (Conduit Ltd.)
O2 - BHO: (ThunderHlpObj Class) - {97421D0D-E07F-40DF-8F07-99597B9585AD} - C:\WINDOWS\Downloaded Program Files\ThunderAdvise.dll ()
O3 - HKLM\..\Toolbar: (no name) - {0974BA1E-64EC-11DE-B2A5-E43756D89593} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Messenger Plus Live France Toolbar) - {59994074-c06d-4a75-9768-49e5a8c21264} - C:\Program Files\Messenger_Plus_Live_France\tbMes1.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-1606980848-2146986927-1417001333-1001\..\Toolbar\WebBrowser: (Messenger Plus Live France Toolbar) - {59994074-C06D-4A75-9768-49E5A8C21264} - C:\Program Files\Messenger_Plus_Live_France\tbMes1.dll (Conduit Ltd.)
O4 - HKLM\..\Run: [MPKrnl] C:\WINDOWS\MPKrnl.DLL File not found
O4 - HKU\.DEFAULT\..\Run: [VisualTaskTip] File not found
O4 - HKU\S-1-5-18\..\Run: [VisualTaskTip] File not found
O4 - HKU\S-1-5-19\..\Run: [VisualTaskTip] File not found
O4 - HKU\S-1-5-20\..\Run: [VisualTaskTip] File not found
O4 - HKU\S-1-5-21-1606980848-2146986927-1417001333-1001\..\Run: [VisualTaskTip] File not found
O4 - HKU\S-1-5-21-1606980848-2146986927-1417001333-501\..\Run: [VisualTaskTip] File not found
O4 - HKU\.DEFAULT\..\RunOnce: [nltide_2] File not found
O4 - HKU\S-1-5-18\..\RunOnce: [nltide_2] File not found
O4 - HKU\S-1-5-19\..\RunOnce: [nltide_2] File not found
O4 - HKU\S-1-5-20\..\RunOnce: [nltide_2] File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktopCleanupWizard = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: MemCheckBoxInRunDlg = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMBalloonTip = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktopCleanupWizard = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoWelcomeScreen = 1
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 1
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: MemCheckBoxInRunDlg = 1
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMBalloonTip = 1
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktopCleanupWizard = 1
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoWelcomeScreen = 1
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 1
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: MemCheckBoxInRunDlg = 1
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMBalloonTip = 1
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktopCleanupWizard = 1
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoWelcomeScreen = 1
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 1
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: MemCheckBoxInRunDlg = 1
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMBalloonTip = 1
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktopCleanupWizard = 1
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoWelcomeScreen = 1
O7 - HKU\S-1-5-21-1606980848-2146986927-1417001333-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 1
O7 - HKU\S-1-5-21-1606980848-2146986927-1417001333-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O7 - HKU\S-1-5-21-1606980848-2146986927-1417001333-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: MemCheckBoxInRunDlg = 1
O7 - HKU\S-1-5-21-1606980848-2146986927-1417001333-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMBalloonTip = 1
O7 - HKU\S-1-5-21-1606980848-2146986927-1417001333-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktopCleanupWizard = 1
O7 - HKU\S-1-5-21-1606980848-2146986927-1417001333-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoWelcomeScreen = 1
O7 - HKU\S-1-5-21-1606980848-2146986927-1417001333-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 1
O7 - HKU\S-1-5-21-1606980848-2146986927-1417001333-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 1
O7 - HKU\S-1-5-21-1606980848-2146986927-1417001333-501\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 1
O7 - HKU\S-1-5-21-1606980848-2146986927-1417001333-501\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O7 - HKU\S-1-5-21-1606980848-2146986927-1417001333-501\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: MemCheckBoxInRunDlg = 1
O7 - HKU\S-1-5-21-1606980848-2146986927-1417001333-501\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMBalloonTip = 1
O7 - HKU\S-1-5-21-1606980848-2146986927-1417001333-501\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktopCleanupWizard = 1
O7 - HKU\S-1-5-21-1606980848-2146986927-1417001333-501\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoWelcomeScreen = 1
O21 - SSODL: ThunderAdvise - {97421D0D-E07F-40DF-8F07-99597B9585AD} - C:\WINDOWS\Downloaded Program Files\ThunderAdvise.dll ()
O27 - HKLM IFEO\360rpt.exe: Debugger - ntsd -d (Microsoft Corporation)
O27 - HKLM IFEO\360Safe.exe: Debugger - ntsd -d (Microsoft Corporation)
O27 - HKLM IFEO\360tray.exe: Debugger - ntsd -d (Microsoft Corporation)
O27 - HKLM IFEO\arvmon.exe: Debugger - ntsd -d (Microsoft Corporation)
O27 - HKLM IFEO\AST.exe: Debugger - ntsd -d (Microsoft Corporation)
O27 - HKLM IFEO\AvMonitor.exe: Debugger - ntsd -d (Microsoft Corporation)
O27 - HKLM IFEO\ÐÞ¸´¹¤¾ß.exe: Debugger - ntsd -d (Microsoft Corporation)
O27 - HKLM IFEO\HelpSvc.exe: Debugger - ntsd -d (Microsoft Corporation)
O27 - HKLM IFEO\killhidepid.exe: Debugger - ntsd -d (Microsoft Corporation)
O27 - HKLM IFEO\KPFWSvc.exe: Debugger - ntsd -d (Microsoft Corporation)
O27 - HKLM IFEO\KvDetect.exe: Debugger - ntsd -d (Microsoft Corporation)
O27 - HKLM IFEO\kvfw.exe: Debugger - ntsd -d (Microsoft Corporation)
O27 - HKLM IFEO\KvfwMcl.exe: Debugger - ntsd -d (Microsoft Corporation)
O27 - HKLM IFEO\kvol.exe: Debugger - ntsd -d (Microsoft Corporation)
O27 - HKLM IFEO\kvolself.exe: Debugger - ntsd -d (Microsoft Corporation)
O27 - HKLM IFEO\KVSrvXP.exe: Debugger - ntsd -d (Microsoft Corporation)
O27 - HKLM IFEO\kvupload.exe: Debugger - ntsd -d (Microsoft Corporation)
O27 - HKLM IFEO\kvwsc.exe: Debugger - ntsd -d (Microsoft Corporation)
O27 - HKLM IFEO\KWatch.exe: Debugger - ntsd -d (Microsoft Corporation)
O27 - HKLM IFEO\KWatchX.exe: Debugger - ntsd -d (Microsoft Corporation)
O27 - HKLM IFEO\loaddll.exe: Debugger - ntsd -d (Microsoft Corporation)
O27 - HKLM IFEO\MagicSet.exe: Debugger - ntsd -d (Microsoft Corporation)
O27 - HKLM IFEO\mcconsol.exe: Debugger - ntsd -d (Microsoft Corporation)
O27 - HKLM IFEO\mmqczj.exe: Debugger - ntsd -d (Microsoft Corporation)
O27 - HKLM IFEO\mmsk.exe: Debugger - ntsd -d (Microsoft Corporation)
O27 - HKLM IFEO\NAVSetup.exe: Debugger - ntsd -d (Microsoft Corporation)
O27 - HKLM IFEO\nod32krn.exe: Debugger - ntsd -d (Microsoft Corporation)
O27 - HKLM IFEO\nod32kui.exe: Debugger - ntsd -d (Microsoft Corporation)
O27 - HKLM IFEO\PFW.exe: Debugger - ntsd -d (Microsoft Corporation)
O27 - HKLM IFEO\PFWLiveUpdate.exe: Debugger - ntsd -d (Microsoft Corporation)
O27 - HKLM IFEO\QHSET.exe: Debugger - ntsd -d (Microsoft Corporation)
O27 - HKLM IFEO\Ras.exe: Debugger - ntsd -d (Microsoft Corporation)
O27 - HKLM IFEO\RavMon.exe: Debugger - ntsd -d (Microsoft Corporation)
O27 - HKLM IFEO\RavMonD.exe: Debugger - ntsd -d (Microsoft Corporation)
O27 - HKLM IFEO\RavStore.exe: Debugger - ntsd -d (Microsoft Corporation)
O27 - HKLM IFEO\RavStub.exe: Debugger - ntsd -d (Microsoft Corporation)
O27 - HKLM IFEO\ravt08.exe: Debugger - ntsd -d (Microsoft Corporation)
O27 - HKLM IFEO\RavTask.exe: Debugger - ntsd -d (Microsoft Corporation)
O27 - HKLM IFEO\RegClean.exe: Debugger - ntsd -d (Microsoft Corporation)
O27 - HKLM IFEO\rfwcfg.exe: Debugger - ntsd -d (Microsoft Corporation)
O27 - HKLM IFEO\rfwProxy.exe: Debugger - ntsd -d (Microsoft Corporation)
O27 - HKLM IFEO\rfwsrv.exe: Debugger - ntsd -d (Microsoft Corporation)
O27 - HKLM IFEO\RsAgent.exe: Debugger - ntsd -d (Microsoft Corporation)
O27 - HKLM IFEO\Rsaupd.exe: Debugger - ntsd -d (Microsoft Corporation)
O27 - HKLM IFEO\RSTray.exe: Debugger - ntsd -d (Microsoft Corporation)
O27 - HKLM IFEO\runiep.exe: Debugger - ntsd -d (Microsoft Corporation)
O27 - HKLM IFEO\safeboxtray.exe: Debugger - ntsd -d (Microsoft Corporation)
O27 - HKLM IFEO\safelive.exe: Debugger - ntsd -d (Microsoft Corporation)
O27 - HKLM IFEO\scan32.exe: Debugger - ntsd -d (Microsoft Corporation)
O27 - HKLM IFEO\SREng.exe: Debugger - ntsd -d (Microsoft Corporation)
O27 - HKLM IFEO\SREngPS.exe: Debugger - ntsd -d (Microsoft Corporation)
O27 - HKLM IFEO\symlcsvc.exe: Debugger - ntsd -d (Microsoft Corporation)
O27 - HKLM IFEO\Syscheck2.exe: Debugger - ntsd -d (Microsoft Corporation)
O27 - HKLM IFEO\TrojanDetector.exe: Debugger - ntsd -d (Microsoft Corporation)
O27 - HKLM IFEO\TrojDie.kxp: Debugger - ntsd -d (Microsoft Corporation)
O27 - HKLM IFEO\UIHost.kxp: Debugger - ntsd -d (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {DD5FFEDC-8DC7-420F-B99C-770DBDEE5749} - C:\Documents and Settings\Administrateur\Application Data\Dna.sys ()

:commands
[emptytemp]
[EMPTYFLASH]
[PURITY]
[REBOOT]
[RESETHOSTS]

* Cliques sur l'icône "Correction" (en haut à gauche) .
* Laisse le scan aller à son terme sans te servir du PC
* A la fin du scan le pc vas redémarrer ou te demander de la faire redémarrer>> accèpte
* un rapport va s'ouvrir "OTL.Txt"
* Copie et colle le rapports dans ta réponse stp...
* Au cas où, tu peux les retrouver dans le dossier C:\OTL ou sur ton bureau en fonction des cas rencontrés

Une fois tout cela OK

refait un scan OTL comme tu l'as fais la deuxième fois (avec la citation a copier/coller dans la fenêtre d'OTL ) pour voir l'évolution de la chose (cette fois ci tu risque de ne pas avoir de rapport "extrat.txt)

Probleme de c:\WINDOWS\MPKrnl.dll • page 2

Re: Probleme de c:\WINDOWS\MPKrnl.dll

Re: Probleme de c:\WINDOWS\MPKrnl.dll

Sujets similaires

Qui est en ligne