Il y a actuellement 646 visiteurs
Dimanche 22 Décembre 2024
accueilactualitésdossierscomparer les prixtélécharger gratuitement vos logicielsoffres d'emploiforum informatique
Connexion
Créer un compte

Virus Win 32/nuquel.E • page 4

Un ordinateur qui ralentit, des écrans publicitaires qui apparaissent, des applications qui refusent de démarrer ou encore votre navigateur qui s'obstine à ouvrir une page douteuse sont autant d'éléments qui indiquent que l'intégrité de votre ordinateur est menacée par un virus. Vous trouverez dans ce forum quelques conseils et logiciels pour surfer tranquillement.
Règles du forum
Pour afficher un rapport d'analyse ou un rapport d'infection (HijackThis, OTL, AdwCleaner etc...)‎, veuillez utiliser le système de fichiers joints interne au forum. Seuls les formats les .txt et .log de moins de 1Mo sont acceptés. Pour obtenir de l'aide pour insérer vos fichiers joints, veuillez consulter ce tutoriel

Re: Virus Win 32/nuquel.E

Message le 26 Oct 2010 17:15

hello,

J'en pense que Windows a souffert de l'infection :-?

On va faire un dernier scan pour être sur qu'il n'y ai pas un rootkit qui nous fait la misère.

Si rien de spécial n'est présent, il faudra se résigner a sauvegarder tous ce qui est important et si tu as le cd de windows >> faire une réparation sans perte de données.
Si tu as un CD de restauration, il faudra l'utiliser afin de réinstaller ton système.

Opération de la dernière chance, on va scanner ton pc avec un live CD qui aura l'avantage de scanner un windows "à l'arrêt", donc si rootkit il y a, on le verra car il ne sera pas actif :wink:

Insère un CD (ou un DVD) vierge dans ton graveur...si une fenêtre s'ouvre te demandant ce que tu veux faire, ferme cette fenêtre.
  • Télécharge OTLPENet.iso sur ton bureau.
  • Insère un CD vierge dans ton graveur, si une fenêtre s'ouvre te demandant ce que tu veux faire, ferme cette fenêtre.
  • Fais un double-clic sur l'icône d'OTLPENet.iso et suis les instructions pour graver le CD/DVD automatiquement

Note : Le CD gravé, vous devez maintenant redémarrer votre machine sur le lecteur CDROM

Si ton pc ne boot pas automatiquement sur le CD, je t'invite sur ce lien : http://forum.malekal.com/booter-sur-dvd-t9447.html
= Le setup se charge en RAM
Image

= Une fois le CD lancé Windows se charge (comptez 15 à 20 minutes) vous arrivez sur le bureau REATOGO-X-PE

Image

= Double cliquer sur OTLPEImage

= Une fenêtre s'ouvre : Do you wish to load the remote registry ; Cliquez sur YES

Image

= Une seconde : Do you wish to load remote user profile(s) for scanning ;choisis ta session et Clique sur YES

Image

= Veillez à ce que la case "Automatically Load All Remaining Users" soit cochée et cliquez sur "OK"

Image

=OTL se lance tu arrives sur cette fenêtre

Image

Tu utilises une clé usb pour sauver le contenu du cadre ci dessous dans un fichier bloc notes , afin de le retrouver facilement
et de le coller ensuite sous" Custom Scan box"

NetSvcs
%systemroot%\system32\drivers\*.sys /lockedfiles
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%SYSTEMDRIVE%\*.exe
netsvcs
%SYSTEMDRIVE%\*.exe
/md5start
explorer.exe
userinit.exe
winlogon.exe
tcpip.sys
Sfloppy.sys
Changer.sys
cdrom.sys
disk.sys
ndis.sys
usbscan.sys
usbprint.sys
tdtcp.sys
tdpipe.sys
netlogon.dll
cngaudit.dll
sceclt.dll
ntelogon.dll
logevent.dll
RASACD.SYS
iaStor.sys
nvstor.sys
atapi.sys
/md5stop
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles


* cliques Run Scan pour démarrer le scan.
* une fois terminé , le fichier se trouve là C:\OTL.txt
* copie_colle le sur ta clef USB et poste son contenu dans ta prochaine réponse :wink:

@++
Avatar de l'utilisateur
jeanmimigab
PC-Infopraticien
PC-Infopraticien
 
Messages: 2986
Inscription: 29 Nov 2009 12:05
 


Re: Virus Win 32/nuquel.E

Message le 26 Oct 2010 19:32

Bonsoir jeanmimi,

Encore moi et mon problème....
Alors, j'ai fait à nouveau tout ce que tu m'as dit et voici les 2 rapports qui en sont sortis.
Je te mets les 2, on ne sait jamais ......
L1er c'est "OTL" et le 2nd c'est "Extras"

A plus tard ...

Code: Tout sélectionner
OTL logfile created on: 10/26/2010 10:03:11 PM - Run
OTLPE by OldTimer - Version 3.1.43.0     Folder = X:\Programs\OTLPE
Microsoft Windows XP Service Pack 2 (Version = 5.1.2600) - Type = SYSTEM
Internet Explorer (Version = 8.0.6001.18702)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy
 
382.00 Mb Total Physical Memory | 171.00 Mb Available Physical Memory | 45.00% Memory free
326.00 Mb Paging File | 199.00 Mb Available in Paging File | 61.00% Paging File free
Paging file location(s): C:\pagefile.sys 576 1152 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 145.19 Gb Total Space | 11.43 Gb Free Space | 7.87% Space Free | Partition Type: NTFS
Drive H: | 3.84 Gb Total Space | 0.37 Gb Free Space | 9.59% Space Free | Partition Type: FAT32
Drive I: | 7.63 Gb Total Space | 6.05 Gb Free Space | 79.28% Space Free | Partition Type: FAT32
Drive X: | 434.99 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
 
Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet001
 
[color=#E56717]========== Win32 Services (SafeList) ==========[/color]
 
SRV - File not found [Disabled] -- C:\WINDOWS\System32\hidserv.dll -- (HidServ)
SRV - File not found [On_Demand] -- C:\WINDOWS\System32\appmgmts.dll -- (AppMgmt)
SRV - [2010/08/17 07:39:03 | 000,135,336 | ---- | M] (Avira GmbH) [Auto] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2010/08/17 07:38:55 | 000,267,944 | ---- | M] (Avira GmbH) [Auto] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2010/06/10 15:03:08 | 000,144,176 | ---- | M] (Apple Inc.) [Auto] -- C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2005/04/03 19:41:10 | 000,069,632 | ---- | M] (Macrovision Corporation) [On_Demand] -- C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe -- (IDriverT)
SRV - [2003/06/20 03:25:00 | 000,322,120 | ---- | M] (Microsoft Corporation) [Auto] -- C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe -- (MDM)
 
 
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
 
DRV - File not found [Kernel | On_Demand] --  -- (WDICA)
DRV - File not found [Kernel | On_Demand] --  -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand] --  -- (PDRELI)
DRV - File not found [Kernel | On_Demand] --  -- (PDFRAME)
DRV - File not found [Kernel | On_Demand] --  -- (PDCOMP)
DRV - File not found [Kernel | System] --  -- (PCIDump)
DRV - File not found [Kernel | System] --  -- (lbrtfdc)
DRV - File not found [Kernel | System] -- C:\WINDOWS\System32\DRIVERS\intelppm.sys -- (intelppm)
DRV - File not found [Kernel | System] --  -- (i2omgmt)
DRV - File not found [Kernel | System] --  -- (Changer)
DRV - File not found [Kernel | On_Demand] -- C:\DOCUME~1\COMPAQ~1\LOCALS~1\Temp\catchme.sys -- (catchme)
DRV - [2010/08/17 07:39:11 | 000,126,856 | ---- | M] (Avira GmbH) [Kernel | System] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)
DRV - [2010/08/17 07:39:11 | 000,060,936 | ---- | M] (Avira GmbH) [File_System | Auto] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2010/06/17 09:28:02 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2010/06/17 09:27:52 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System] -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys -- (avgio)
DRV - [2009/05/05 05:20:37 | 000,005,632 | ---- | M] () [File_System | System] -- C:\WINDOWS\System32\drivers\StarOpen.sys -- (StarOpen)
DRV - [2008/07/08 03:11:00 | 000,103,936 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ZTEusbser6k.sys -- (ZTEusbser6k)
DRV - [2008/07/08 03:11:00 | 000,103,936 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ZTEusbnmea.sys -- (ZTEusbnmea)
DRV - [2008/07/08 03:11:00 | 000,103,936 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ZTEusbmdm6k.sys -- (ZTEusbmdm6k)
DRV - [2007/08/21 09:38:58 | 000,032,512 | ---- | M] (Service & Quality Technology.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\Capt905c.sys -- (SQTECH905C)
DRV - [2007/06/24 08:19:56 | 000,008,552 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | Auto] -- C:\WINDOWS\System32\drivers\asctrm.sys -- (ASCTRM)
DRV - [2007/05/02 05:11:18 | 000,109,704 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ss_mdm.sys -- (ss_mdm)
DRV - [2007/05/02 05:11:18 | 000,015,112 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ss_mdfl.sys -- (ss_mdfl)
DRV - [2007/05/02 05:11:16 | 000,083,592 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ss_bus.sys -- (ss_bus) SAMSUNG Mobile USB Device 1.0 driver (WDM)
DRV - [2007/01/26 15:09:40 | 000,068,954 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\jl2005c.sys -- (JL2005C)
DRV - [2005/11/18 21:13:18 | 000,020,096 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\PCASp50.sys -- (PCASp50)
DRV - [2005/08/24 09:55:48 | 000,066,560 | ---- | M] (Protection Technology) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\sfvfs02.sys -- (sfvfs02) StarForce Protection VFS Driver (version 2.x)
DRV - [2005/08/10 10:06:28 | 000,019,968 | ---- | M] (Protection Technology) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\sfsync02.sys -- (sfsync02) StarForce Protection Synchronization Driver (version 2.x)
DRV - [2005/08/10 08:44:04 | 000,050,688 | ---- | M] (Protection Technology) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\sfdrv01.sys -- (sfdrv01) StarForce Protection Environment Driver (version 1.x)
DRV - [2005/05/16 09:20:39 | 000,006,656 | ---- | M] (Protection Technology) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\sfhlp02.sys -- (sfhlp02) StarForce Protection Helper Driver (version 2.x)
DRV - [2005/04/20 14:00:56 | 002,317,696 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS -- (ALCXWDM) Service for Realtek AC97 Audio (WDM)
DRV - [2005/04/06 00:58:48 | 001,035,776 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2005/03/09 17:53:00 | 000,043,008 | ---- | M] (Advanced Micro Devices) [Kernel | System] -- C:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8)
DRV - [2005/01/19 12:21:56 | 000,012,416 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\PcdrNdisuio.sys -- (PcdrNdisuio)
DRV - [2004/08/05 14:00:00 | 000,012,672 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\usb8023.sys -- (usb_rndis)
DRV - [2004/08/04 02:46:46 | 000,607,452 | ---- | M] (LT) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ltmdmnt.sys -- (ltmodem5)
DRV - [2004/08/03 17:07:56 | 000,059,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\USBAUDIO.sys -- (usbaudio) Pilote USB audio (WDM)
DRV - [2004/06/29 13:07:18 | 001,268,204 | ---- | M] (Agere Systems) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2003/12/17 03:50:00 | 000,070,801 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\LMouFlt2.Sys -- (LMouFlt2)
DRV - [2003/12/17 03:50:00 | 000,051,729 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\L8042pr2.Sys -- (L8042pr2)
DRV - [2003/01/10 10:13:04 | 000,033,588 | ---- | M] (America Online, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\wanatw4.sys -- (wanatw) WAN Miniport (ATW)
DRV - [2002/10/04 13:04:10 | 000,046,976 | ---- | M] (Realtek Semiconductor Corporation       ) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\R8139n51.sys -- (rtl8139)
DRV - [2002/07/29 17:43:50 | 000,023,808 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\PS2.sys -- (Ps2)
 
 
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== Internet Explorer ==========[/color]
 
IE - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=FR_FR&c=Q305&bd=presario&pf=desktop
IE - HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=FR_FR&c=Q305&bd=presario&pf=desktop
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\Compaq_Propriétaire_ON_C\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=FR_FR&c=Q305&bd=presario&pf=desktop
IE - HKU\Compaq_Propriétaire_ON_C\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKU\Compaq_Propriétaire_ON_C\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
IE - HKU\Compaq_Propriétaire_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
IE - HKU\Compaq_Propriétaire_ON_C\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKU\Compaq_Propriétaire_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\Invité_ON_C\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=FR_FR&c=Q305&bd=presario&pf=desktop
IE - HKU\Invité_ON_C\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=FR_FR&c=Q305&bd=presario&pf=desktop
IE - HKU\Invité_ON_C\Software\Microsoft\Internet Explorer\Main,Search Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=FR_FR&c=Q305&bd=presario&pf=desktop
IE - HKU\Invité_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=FR_FR&c=Q305&bd=presario&pf=desktop
IE - HKU\Invité_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
IE - HKU\MANON_ON_C\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=FR_FR&c=Q305&bd=presario&pf=desktop
IE - HKU\MANON_ON_C\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=FR_FR&c=Q305&bd=presario&pf=desktop
IE - HKU\MANON_ON_C\Software\Microsoft\Internet Explorer\Main,Search Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=FR_FR&c=Q305&bd=presario&pf=desktop
IE - HKU\MANON_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = http://mystart.incredimail.com/
IE - HKU\MANON_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
 
 
O1 HOSTS File: ([2010/10/23 02:32:45 | 000,000,098 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1       localhost
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Objet d'aide à la navigation SFR) - {0F6E720A-1A6B-40E1-A294-1D4D19F156C8} - C:\Program Files\SFR\Kit\SFRNavErrorHelper.dll (SFR)
O2 - BHO: (EWPBrowseObject Class) - {68F9551E-0411-48E4-9AAF-4BC42A6A46BE} - C:\Program Files\Canon\Easy-WebPrint\EWPBrowseLoader.dll ()
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Easy-WebPrint) - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll ()
O3 - HKU\Compaq_Propriétaire_ON_C\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKU\MANON_ON_C\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [KernelFaultCheck]  File not found
O4 - HKLM..\Run: [Logitech Utility] C:\WINDOWS\LOGI_MWX.EXE (Logitech Inc.)
O4 - HKLM..\Run: [LSBWatcher] C:\hp\drivers\hplsbwatcher\LSBurnWatcher.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [MMTray] C:\Program Files\MusicMatch\MusicMatch Jukebox\mm_tray.exe (MusicMatch)
O4 - HKLM..\Run: [OpwareSE4] C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe (ScanSoft, Inc.)
O4 - HKLM..\Run: [PS2] C:\WINDOWS\system32\ps2.EXE (Hewlett-Packard Company)
O4 - HKLM..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [Recguard] C:\WINDOWS\SMINST\Recguard.exe ()
O4 - HKLM..\Run: [SSBkgdUpdate] C:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe (Scansoft, Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
O4 - HKU\Compaq_Propriétaire_ON_C..\Run: [Connexion SFR 9props.exe] C:\Program Files\SFR\Kit\9props.exe (SFR)
O4 - HKU\Compaq_Propriétaire_ON_C..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe (IncrediMail, Ltd.)
O4 - HKU\Compaq_Propriétaire_ON_C..\Run: [Magentic] C:\Program Files\Magentic\bin\Magentic.exe ()
O4 - HKU\Compaq_Propriétaire_ON_C..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - HKU\MANON_ON_C..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe (IncrediMail, Ltd.)
O4 - HKU\MANON_ON_C..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe (Adobe Systems Incorporated)
O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\MioSync.lnk = C:\Program Files\Mio Technology\MioSync\mioSync.exe (Mio Technology)
O4 - Startup: C:\Documents and Settings\Compaq_Propriétaire\Menu Démarrer\Programmes\Démarrage\widget_programmes.lnk = C:\Program Files\widget_programmes\widget_programmes.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\Compaq_Propriétaire_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\Compaq_Propriétaire_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\Compaq_Propriétaire_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\Invité_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\LocalService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\MANON_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\NetworkService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: &Add animation to IncrediMail Style Box - C:\Program Files\IncrediMail\bin\resources\WebMenuImg.htm ()
O8 - Extra context menu item: Add to AMV Converter... - C:\Program Files\MP3 Player Utilities 4.11\AMVConverter\grab.html ()
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll (Google Inc.)
O8 - Extra context menu item: MediaManager tool grab multimedia file - C:\Program Files\MP3 Player Utilities 4.11\MediaManager\grab.html ()
O9 - Extra Button: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm ()
O9 - Extra 'Tools' menuitem : Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1287917643109 (WUWebControl Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1287917621765 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Fichiers communs\Microsoft Shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files\Fichiers communs\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop Components:0 (Ma page d'accueil) - About:Home
O24 - Desktop WallPaper: B:\Documents and Settings\Default User\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: B:\Documents and Settings\Default User\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2001/07/27 20:07:38 | 000,000,000 | -HS- | M] () - H:\AUTOEXEC.BAT -- [ FAT32 ]
O32 - AutoRun File - [2006/03/24 07:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
NetSvcs: 6to4 -  File not found
NetSvcs: AppMgmt - C:\WINDOWS\System32\appmgmts.dll File not found
NetSvcs: HidServ - C:\WINDOWS\System32\hidserv.dll File not found
NetSvcs: Ias -  File not found
NetSvcs: Iprip -  File not found
NetSvcs: Irmon -  File not found
NetSvcs: NWCWorkstation -  File not found
NetSvcs: Nwsapagent -  File not found
NetSvcs: WmdmPmSp -  File not found
 
MsConfig - State: "system.ini" - 0
MsConfig - State: "win.ini" - 0
MsConfig - State: "bootini" - 0
MsConfig - State: "services" - 0
MsConfig - State: "startup" - 2
 
SafeBootMin: AppMgmt - C:\WINDOWS\System32\appmgmts.dll File not found
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PEVSystemStart - Service
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: procexp90.Sys - Driver
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: sermouse.sys - Driver
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vga.sys - Driver
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
 
SafeBootNet: AppMgmt - C:\WINDOWS\System32\appmgmts.dll File not found
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PEVSystemStart - Service
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: procexp90.Sys - Driver
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: sermouse.sys - Driver
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vga.sys - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
 
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Rendu VML (Vector Graphics Rendering)
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4
ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation
ActiveX: {2A3320D6-C805-4280-B423-B665BDE33D8F} - Microsoft .NET Framework 1.1 Security Update (KB979906)
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Liaison de données Dynamic HTML pour Java
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe
ActiveX: {411EDCF7-755D-414E-A74B-3DCD6583F589} - Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)
ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Création avancée
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - Classes Java DirectAnimation
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.7
ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser
ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - Dossiers Web
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - c:\WINDOWS\system32\Rundll32.exe c:\WINDOWS\system32\mscories.dll,Install
ActiveX: {8b15971b-5355-4c82-8c07-7e181ea07608} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\fxsocm.inf,Fax.UnInstall.PerUser
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {94de52c8-2d59-4f1b-883e-79663d2d9a8c} - rundll32.exe C:\WINDOWS\system32\Setup\FxsOcm.dll,XP_UninstallProvider
ActiveX: {9A394342-4A68-4EBA-85A6-55B559F4E700} - .NET Framework
ActiveX: {ACC563BC-4266-43f0-B6ED-9D38C4202C7E} -
ActiveX: {B508B3F1-A24A-32C0-B310-85786919EF28} - .NET Framework
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework
ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Planificateur de tâches
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exe
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\WINDOWS\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE
 
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: VIDC.JDCT - C:\WINDOWS\System32\jl_jdct.drv (JEILIN Tech.)
Drivers32: vidc.VP60 - C:\WINDOWS\system32\vp6vfw.dll (On2.com)
Drivers32: vidc.VP61 - C:\WINDOWS\system32\vp6vfw.dll (On2.com)
 
NetSvcs: 6to4 -  File not found
NetSvcs: AppMgmt - C:\WINDOWS\System32\appmgmts.dll File not found
NetSvcs: HidServ - C:\WINDOWS\System32\hidserv.dll File not found
NetSvcs: Ias -  File not found
NetSvcs: Iprip -  File not found
NetSvcs: Irmon -  File not found
NetSvcs: NWCWorkstation -  File not found
NetSvcs: Nwsapagent -  File not found
NetSvcs: WmdmPmSp -  File not found
 
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
 
[2010/10/26 12:56:40 | 127,353,979 | ---- | C] (Igor Pavlov) -- C:\Documents and Settings\Compaq_Propriétaire\Bureau\OTLPENet.exe
[2010/10/25 13:34:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\Minidump
[2010/10/25 12:27:29 | 000,000,000 | ---D | C] -- C:\tdsskiller
[2010/10/25 10:51:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2010/10/25 10:42:05 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot_bak
[2010/10/25 01:13:34 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\XPSViewer
[2010/10/25 01:13:18 | 000,000,000 | ---D | C] -- C:\Program Files\MSBuild
[2010/10/25 01:13:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\en-US
[2010/10/25 01:12:56 | 000,000,000 | ---D | C] -- C:\Program Files\Reference Assemblies
[2010/10/25 01:04:53 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2010/10/25 01:02:42 | 000,000,000 | ---D | C] -- C:\Program Files\MSXML 6.0
[2010/10/24 16:15:27 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\NetworkService\Cookies
[2010/10/24 16:14:16 | 000,018,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mucltui.dll.mui
[2010/10/24 16:14:12 | 000,274,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mucltui.dll
[2010/10/24 15:43:44 | 000,073,728 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl
[2010/10/24 15:43:43 | 000,472,808 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deployJava1.dll
[2010/10/24 15:43:43 | 000,153,376 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2010/10/24 15:43:43 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2010/10/24 15:43:42 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2010/10/24 15:31:32 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Compaq_Propriétaire\PrivacIE
[2010/10/24 15:27:13 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Compaq_Propriétaire\IETldCache
[2010/10/24 13:02:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\ie8updates
[2010/10/24 13:00:38 | 000,743,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iedvtool.dll
[2010/10/24 12:56:10 | 000,000,000 | -H-D | C] -- C:\WINDOWS\ie8
[2010/10/24 12:25:04 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft CAPICOM 2.1.0.2
[2010/10/24 11:58:04 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\browserchoice.exe
[2010/10/24 06:55:06 | 000,016,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuapi.dll.mui
[2010/10/24 06:49:48 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Compaq_Propriétaire\Recent
[2010/10/24 06:24:56 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2010/10/24 06:24:10 | 001,187,896 | ---- | C] (Piriform Ltd) -- C:\Documents and Settings\Compaq_Propriétaire\Bureau\ccsetup236.exe
[2010/10/24 03:56:05 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\NtmsData
[2010/10/24 03:37:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Propriétaire\Application Data\Avira
[2010/10/24 03:33:15 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\ssmdrv.sys
[2010/10/24 03:33:11 | 000,126,856 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avipbb.sys
[2010/10/24 03:33:11 | 000,060,936 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntflt.sys
[2010/10/24 03:33:11 | 000,022,360 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntmgr.sys
[2010/10/24 03:33:10 | 000,045,416 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntdd.sys
[2010/10/23 04:44:52 | 000,000,000 | ---D | C] -- C:\Program Files\Avira
[2010/10/23 02:14:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Temp
[2010/10/22 16:28:28 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Compaq_Propriétaire\Bureau\OTL.exe
[2010/10/21 14:54:13 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2010/10/21 14:24:07 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\LocalService\Cookies
[2010/10/21 14:18:53 | 000,000,000 | ---D | C] -- C:\WINDOWS\temp
[2010/10/21 14:00:35 | 000,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2010/10/21 14:00:35 | 000,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2010/10/21 14:00:35 | 000,031,232 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2010/10/21 14:00:34 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2010/10/21 13:52:32 | 001,445,888 | ---- | C] (Option^Explicit Software Solutions) -- C:\Documents and Settings\Compaq_Propriétaire\Bureau\WinsockxpFix.exe
[2010/10/20 13:50:10 | 000,000,000 | ---D | C] -- C:\_OTL
[2010/10/20 04:48:53 | 006,153,384 | ---- | C] (Malwarebytes Corporation                                    ) -- C:\Documents and Settings\Compaq_Propriétaire\Bureau\mbam-setup.exe
[2010/10/20 04:40:58 | 000,401,720 | ---- | C] (Trend Micro Inc.) -- C:\Documents and Settings\Compaq_Propriétaire\Bureau\sniffle.exe
[2010/10/06 04:34:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Propriétaire\Bureau\Dual Mode Camera
[2010/10/06 04:34:01 | 000,000,000 | ---D | C] -- C:\Program Files\JL2005C
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
 
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
 
[2010/10/26 14:54:07 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/10/26 14:53:47 | 000,513,048 | ---- | M] () -- C:\WINDOWS\System32\perfh00C.dat
[2010/10/26 14:53:47 | 000,443,218 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/10/26 14:53:47 | 000,085,932 | ---- | M] () -- C:\WINDOWS\System32\perfc00C.dat
[2010/10/26 14:53:47 | 000,072,100 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010/10/26 14:53:22 | 000,000,188 | ---- | M] () -- C:\WINDOWS\System\hpsysdrv.DAT
[2010/10/26 14:49:05 | 000,001,050 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010/10/26 14:48:57 | 401,133,568 | -HS- | M] () -- C:\hiberfil.sys
[2010/10/26 13:20:00 | 000,001,054 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010/10/26 12:56:39 | 127,353,979 | ---- | M] (Igor Pavlov) -- C:\Documents and Settings\Compaq_Propriétaire\Bureau\OTLPENet.exe
[2010/10/26 00:59:15 | 000,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010/10/25 13:30:54 | 000,286,404 | ---- | M] () -- C:\Documents and Settings\Compaq_Propriétaire\Bureau\gmer.zip
[2010/10/25 12:27:06 | 000,845,916 | ---- | M] () -- C:\Documents and Settings\Compaq_Propriétaire\Bureau\Load_tdsskiller.exe
[2010/10/25 10:56:29 | 000,076,288 | ---- | M] () -- C:\Documents and Settings\Compaq_Propriétaire\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/10/25 10:50:40 | 000,153,976 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/10/25 04:57:33 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/10/24 21:04:57 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\ATHPRXY(2).DLL
[2010/10/24 15:27:33 | 000,000,823 | ---- | M] () -- C:\Documents and Settings\Compaq_Propriétaire\Application Data\Microsoft\Internet Explorer\Quick Launch\Démarrer Internet Explorer.lnk
[2010/10/24 15:13:10 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\Compaq_Propriétaire\Bureau\.htm
[2010/10/24 12:18:45 | 000,000,045 | ---- | M] () -- C:\WINDOWS\System32\mapisvc.inf
[2010/10/24 06:52:31 | 000,178,974 | ---- | M] () -- C:\Documents and Settings\Compaq_Propriétaire\Mes documents\cc_20101024_125152.reg
[2010/10/24 06:25:06 | 000,000,690 | ---- | M] () -- C:\Documents and Settings\Compaq_Propriétaire\Bureau\CCleaner.lnk
[2010/10/24 06:24:18 | 001,187,896 | ---- | M] (Piriform Ltd) -- C:\Documents and Settings\Compaq_Propriétaire\Bureau\ccsetup236.exe
[2010/10/24 04:43:22 | 000,000,038 | ---- | M] () -- C:\WINDOWS\AviSplitter.INI
[2010/10/24 03:16:25 | 054,115,280 | ---- | M] () -- C:\Documents and Settings\Compaq_Propriétaire\Bureau\avira_antivir_personal_free.exe
[2010/10/23 06:26:11 | 000,003,072 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2010/10/23 04:40:31 | 022,148,280 | ---- | M] () -- C:\Documents and Settings\Compaq_Propriétaire\Bureau\antivir_workstation_winu_fr_h.exe
[2010/10/23 02:32:45 | 000,000,098 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\Hosts
[2010/10/22 16:28:37 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Compaq_Propriétaire\Bureau\OTL.exe
[2010/10/21 13:53:45 | 003,882,134 | R--- | M] () -- C:\Documents and Settings\Compaq_Propriétaire\Bureau\ComboFix.exe
[2010/10/21 13:52:32 | 001,445,888 | ---- | M] (Option^Explicit Software Solutions) -- C:\Documents and Settings\Compaq_Propriétaire\Bureau\WinsockxpFix.exe
[2010/10/21 12:31:06 | 006,153,384 | ---- | M] (Malwarebytes Corporation                                    ) -- C:\Documents and Settings\Compaq_Propriétaire\Bureau\mbam-setup.exe
[2010/10/20 04:40:59 | 000,401,720 | ---- | M] (Trend Micro Inc.) -- C:\Documents and Settings\Compaq_Propriétaire\Bureau\sniffle.exe
[2010/10/19 10:00:08 | 000,294,912 | ---- | M] () -- C:\Documents and Settings\Compaq_Propriétaire\Bureau\gmer.exe
[2010/10/17 03:20:32 | 000,026,756 | -H-- | M] () -- C:\WINDOWS\System32\mlfcache.dat
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
[2010/10/25 13:30:50 | 000,286,404 | ---- | C] () -- C:\Documents and Settings\Compaq_Propriétaire\Bureau\gmer.zip
[2010/10/25 12:27:06 | 000,845,916 | ---- | C] () -- C:\Documents and Settings\Compaq_Propriétaire\Bureau\Load_tdsskiller.exe
[2010/10/25 10:50:39 | 401,133,568 | -HS- | C] () -- C:\hiberfil.sys
[2010/10/24 15:27:33 | 000,000,823 | ---- | C] () -- C:\Documents and Settings\Compaq_Propriétaire\Application Data\Microsoft\Internet Explorer\Quick Launch\Démarrer Internet Explorer.lnk
[2010/10/24 15:13:10 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Compaq_Propriétaire\Bureau\.htm
[2010/10/24 12:28:28 | 000,001,393 | ---- | C] () -- C:\WINDOWS\imsins.BAK
[2010/10/24 06:51:58 | 000,178,974 | ---- | C] () -- C:\Documents and Settings\Compaq_Propriétaire\Mes documents\cc_20101024_125152.reg
[2010/10/24 06:25:06 | 000,000,690 | ---- | C] () -- C:\Documents and Settings\Compaq_Propriétaire\Bureau\CCleaner.lnk
[2010/10/24 04:41:15 | 000,000,038 | ---- | C] () -- C:\WINDOWS\AviSplitter.INI
[2010/10/24 03:16:26 | 054,115,280 | ---- | C] () -- C:\Documents and Settings\Compaq_Propriétaire\Bureau\avira_antivir_personal_free.exe
[2010/10/23 04:40:31 | 022,148,280 | ---- | C] () -- C:\Documents and Settings\Compaq_Propriétaire\Bureau\antivir_workstation_winu_fr_h.exe
[2010/10/21 14:00:35 | 000,256,512 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2010/10/21 14:00:35 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2010/10/21 14:00:35 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2010/10/21 14:00:35 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2010/10/21 13:53:45 | 003,882,134 | R--- | C] () -- C:\Documents and Settings\Compaq_Propriétaire\Bureau\ComboFix.exe
[2010/10/19 10:00:08 | 000,294,912 | ---- | C] () -- C:\Documents and Settings\Compaq_Propriétaire\Bureau\gmer.exe
[2009/08/03 06:47:47 | 000,000,000 | ---- | C] () -- C:\WINDOWS\SETUP32.INI
[2009/05/05 05:11:44 | 000,005,632 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys
[2008/12/17 14:47:01 | 000,000,112 | ---- | C] () -- C:\WINDOWS\ActiveSkin.INI
[2008/07/13 02:59:20 | 000,000,000 | ---- | C] () -- C:\WINDOWS\PTWebCam.INI
[2008/06/14 10:48:37 | 000,000,035 | ---- | C] () -- C:\WINDOWS\iltwain.ini
[2008/04/30 03:53:52 | 000,000,212 | ---- | C] () -- C:\WINDOWS\disneysy.ini
[2008/01/18 15:17:21 | 000,002,508 | ---- | C] () -- C:\Documents and Settings\Compaq_Propriétaire\Application Data\$_hpcst$.hpc
[2007/12/28 15:28:17 | 000,000,135 | ---- | C] () -- C:\Documents and Settings\Invité\Local Settings\Application Data\fusioncache.dat
[2007/12/28 15:23:17 | 000,003,584 | ---- | C] () -- C:\Documents and Settings\MANON\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007/12/28 15:14:56 | 000,000,135 | ---- | C] () -- C:\Documents and Settings\MANON\Local Settings\Application Data\fusioncache.dat
[2007/12/23 04:31:23 | 000,000,072 | ---- | C] () -- C:\WINDOWS\MediaManager.INI
[2007/12/20 06:56:15 | 000,000,002 | ---- | C] () -- C:\WINDOWS\msoffice.ini
[2007/12/04 15:26:11 | 000,000,285 | ---- | C] () -- C:\WINDOWS\cdPlayer.ini
[2007/11/17 07:58:30 | 000,000,788 | ---- | C] () -- C:\WINDOWS\disney.ini
[2007/09/22 07:13:57 | 000,000,035 | ---- | C] () -- C:\WINDOWS\A6W.INI
[2007/09/15 13:22:10 | 000,021,840 | ---- | C] () -- C:\WINDOWS\System32\SIntfNT.dll
[2007/09/15 13:22:10 | 000,017,212 | ---- | C] () -- C:\WINDOWS\System32\SIntf32.dll
[2007/08/14 12:37:31 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\xmltok.dll
[2007/08/14 12:37:31 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\xmlparse.dll
[2007/07/31 05:34:58 | 000,000,000 | ---- | C] () -- C:\WINDOWS\bbcauto.INI
[2007/07/15 06:25:04 | 000,000,308 | ---- | C] () -- C:\WINDOWS\ka.ini
[2007/07/02 03:39:02 | 000,015,428 | ---- | C] () -- C:\Documents and Settings\Compaq_Propriétaire\RefEdit.exd
[2007/06/29 03:29:23 | 000,076,288 | ---- | C] () -- C:\Documents and Settings\Compaq_Propriétaire\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007/06/26 12:53:03 | 000,000,049 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2007/06/25 04:28:03 | 000,000,085 | ---- | C] () -- C:\Documents and Settings\Compaq_Propriétaire\LuResult.txt
[2007/06/24 12:49:35 | 000,000,385 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2007/06/24 12:32:49 | 000,000,419 | ---- | C] () -- C:\WINDOWS\MAXLINK.INI
[2007/06/24 08:15:10 | 000,000,135 | ---- | C] () -- C:\Documents and Settings\Compaq_Propriétaire\Local Settings\Application Data\fusioncache.dat
[2007/03/30 07:31:20 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\dec_jl6.dll
[2006/03/06 05:41:02 | 000,073,728 | ---- | C] () -- C:\WINDOWS\System32\AMV_DecDLL.dll
[2005/04/29 22:29:26 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2005/01/19 17:45:40 | 000,090,112 | ---- | C] () -- C:\WINDOWS\System32\PcdrKernelModeServices.dll
[2005/01/19 17:45:40 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\ProgressTrace.dll
[2005/01/01 15:36:52 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2005/01/01 15:34:12 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeW7.dll
[2005/01/01 15:34:12 | 000,200,704 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeA6.dll
[2005/01/01 15:34:12 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeP6.dll
[2005/01/01 15:34:12 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeM6.dll
[2005/01/01 15:34:12 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\IVIresizePX.dll
[2005/01/01 15:34:12 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\IVIresize.dll
[2005/01/01 15:07:36 | 000,013,281 | ---- | C] () -- C:\WINDOWS\System32\CHODDI.SYS
[2005/01/01 15:07:31 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\hpreg.dll
[2005/01/01 14:40:01 | 000,000,829 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2005/01/01 14:38:03 | 000,323,584 | ---- | C] () -- C:\WINDOWS\System32\pythoncom22.dll
[2005/01/01 14:38:03 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\pywintypes22.dll
[2005/01/01 14:37:38 | 000,016,896 | ---- | C] () -- C:\WINDOWS\System32\bcbmm.dll
[2004/11/23 17:21:24 | 000,004,205 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2004/09/16 08:26:40 | 000,012,634 | ---- | C] () -- C:\WINDOWS\System32\drivers\ADFUUD.SYS
[2004/09/16 08:26:40 | 000,012,634 | ---- | C] () -- C:\WINDOWS\ADFUUD.SYS
[2004/07/27 00:17:16 | 000,000,659 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2003/04/10 17:04:00 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\JAWTAccessBridge.dll
[2001/06/02 08:00:00 | 000,207,360 | ---- | C] () -- C:\WINDOWS\System32\LAME_ENC.DLL
[2001/01/21 21:25:24 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\ATHPRXY(2).DLL
[1997/11/17 11:13:16 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\vidx16.dll
 
[color=#E56717]========== LOP Check ==========[/color]
 
[2005/01/01 15:17:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Default User\Application Data\SampleView
[2010/06/06 14:33:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Propriétaire\Application Data\AdSigner
[2007/08/23 12:22:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Propriétaire\Application Data\Canon
[2008/09/06 11:04:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Propriétaire\Application Data\com.adobe.example.widget-programmes.40247E01796E652D304FB5752B197AB47987A585.1
[2009/08/12 12:30:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Propriétaire\Application Data\com.adobe.example.widget.33A7EEEDEE7A114BE5163F740489DD413641A8EC.1
[2010/03/17 07:50:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Propriétaire\Application Data\com.smashingideas.ICanBeGrandPrize.955FB31728C43225F1147BC469B6F02AA2FCF43E.1
[2008/04/02 12:56:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Propriétaire\Application Data\DeepBurner
[2007/06/26 12:12:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Propriétaire\Application Data\InterVideo
[2007/08/06 12:55:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Propriétaire\Application Data\Leadertech
[2009/03/17 14:52:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Propriétaire\Application Data\LimeWire
[2009/11/30 12:05:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Propriétaire\Application Data\Mindscape
[2007/06/24 13:19:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Propriétaire\Application Data\MSNInstaller
[2010/04/14 12:50:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Propriétaire\Application Data\My Stitch
[2009/08/21 07:11:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Propriétaire\Application Data\Playrix Entertainment
[2005/01/01 15:17:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Propriétaire\Application Data\SampleView
[2009/05/05 05:49:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Propriétaire\Application Data\Samsung
[2007/06/24 12:32:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Propriétaire\Application Data\ScanSoft
[2008/05/12 03:31:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Propriétaire\Application Data\TaoUSign
[2005/01/01 15:17:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Invité\Application Data\SampleView
[2005/01/01 15:17:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MANON\Application Data\SampleView
 
[color=#E56717]========== Purity Check ==========[/color]
 
 
 
[color=#E56717]========== Custom Scans ==========[/color]
 
 
[color=#A23BEC]< %systemroot%\system32\drivers\*.sys /lockedfiles >[/color]
 
Invalid Environment Variable: %ALLUSERSPROFILE%\Application Data\*.
 
Invalid Environment Variable: %ALLUSERSPROFILE%\Application Data\*.exe
 
Invalid Environment Variable: %APPDATA%\*.
 
Invalid Environment Variable: %APPDATA%\*.exe
 
[color=#A23BEC]< %SYSTEMDRIVE%\*.exe >[/color]
[2001/05/24 07:59:30 | 000,162,304 | ---- | M] () -- C:\UNWISE.EXE
 
[color=#A23BEC]< %SYSTEMDRIVE%\*.exe >[/color]
[2001/05/24 07:59:30 | 000,162,304 | ---- | M] () -- C:\UNWISE.EXE
 
 
[color=#A23BEC]< MD5 for: ATAPI.SYS  >[/color]
[2008/10/25 02:59:23 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\$NtServicePackUninstall$\sp3.cab:atapi.sys
[2004/08/05 14:00:00 | 018,779,217 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2010/10/25 03:47:45 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2004/08/05 00:00:00 | 018,779,217 | ---- | M] () .cab file -- C:\WINDOWS\I386\sp2.cab:atapi.sys
[2010/10/25 03:47:45 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2010/10/25 03:47:45 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\SoftwareDistribution\Download\327771f7f3830b5acec68906a2aac4ab\sp3.cab:atapi.sys
[2008/04/13 14:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\SoftwareDistribution\Download\327771f7f3830b5acec68906a2aac4ab\atapi.sys
[2004/08/04 00:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys
[2004/08/04 00:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\ERDNT\cache\atapi.sys
[2004/08/04 00:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\dllcache\atapi.sys
[2004/08/04 00:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004/08/05 14:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0000\DriverFiles\i386\atapi.sys
 
[color=#A23BEC]< MD5 for: CDROM.SYS  >[/color]
[2008/10/25 02:59:23 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\$NtServicePackUninstall$\sp3.cab:cdrom.sys
[2004/08/05 14:00:00 | 018,779,217 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys
[2010/10/25 03:47:45 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2004/08/05 00:00:00 | 018,779,217 | ---- | M] () .cab file -- C:\WINDOWS\I386\sp2.cab:cdrom.sys
[2010/10/25 03:47:45 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:cdrom.sys
[2010/10/25 03:47:45 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\SoftwareDistribution\Download\327771f7f3830b5acec68906a2aac4ab\sp3.cab:cdrom.sys
[2008/04/13 14:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\SoftwareDistribution\Download\327771f7f3830b5acec68906a2aac4ab\cdrom.sys
[2004/08/05 14:00:00 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\$NtServicePackUninstall$\cdrom.sys
[2004/08/05 14:00:00 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\system32\drivers\cdrom.sys
 
[color=#A23BEC]< MD5 for: CHANGER.SYS  >[/color]
[2008/10/25 02:59:23 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\$NtServicePackUninstall$\sp3.cab:Changer.sys
[2004/08/05 14:00:00 | 018,779,217 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:Changer.sys
[2010/10/25 03:47:45 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:Changer.sys
[2004/08/05 00:00:00 | 018,779,217 | ---- | M] () .cab file -- C:\WINDOWS\I386\sp2.cab:Changer.sys
[2010/10/25 03:47:45 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:Changer.sys
[2010/10/25 03:47:45 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\SoftwareDistribution\Download\327771f7f3830b5acec68906a2aac4ab\sp3.cab:Changer.sys
[2008/04/13 14:40:58 | 000,008,192 | ---- | M] (Microsoft Corporation) MD5=2A5815CA6FFF24B688C01F828B96819C -- C:\WINDOWS\SoftwareDistribution\Download\327771f7f3830b5acec68906a2aac4ab\changer.sys
 
[color=#A23BEC]< MD5 for: DISK.SYS  >[/color]
[2008/10/25 02:59:23 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\$NtServicePackUninstall$\sp3.cab:disk.sys
[2004/08/05 14:00:00 | 018,779,217 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:disk.sys
[2010/10/25 03:47:45 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:disk.sys
[2004/08/05 00:00:00 | 018,779,217 | ---- | M] () .cab file -- C:\WINDOWS\I386\sp2.cab:disk.sys
[2010/10/25 03:47:45 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:disk.sys
[2010/10/25 03:47:45 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\SoftwareDistribution\Download\327771f7f3830b5acec68906a2aac4ab\sp3.cab:disk.sys
[2004/08/05 14:00:00 | 000,036,352 | ---- | M] (Microsoft Corporation) MD5=00CA44E4534865F8A3B64F7C0984BFF0 -- C:\WINDOWS\$NtServicePackUninstall$\disk.sys
[2004/08/05 14:00:00 | 000,036,352 | ---- | M] (Microsoft Corporation) MD5=00CA44E4534865F8A3B64F7C0984BFF0 -- C:\WINDOWS\system32\dllcache\disk.sys
[2004/08/05 14:00:00 | 000,036,352 | ---- | M] (Microsoft Corporation) MD5=00CA44E4534865F8A3B64F7C0984BFF0 -- C:\WINDOWS\system32\drivers\disk.sys
[2008/04/13 14:40:48 | 000,036,352 | ---- | M] (Microsoft Corporation) MD5=044452051F3E02E7963599FC8F4F3E25 -- C:\WINDOWS\SoftwareDistribution\Download\327771f7f3830b5acec68906a2aac4ab\disk.sys
 
[color=#A23BEC]< MD5 for: EXPLORER.EXE  >[/color]
[2004/08/05 14:00:00 | 001,036,288 | ---- | M] (Microsoft Corporation) MD5=4C33E5B9A6197B6ED215F6CFBA0A2DAA -- C:\WINDOWS\$NtUninstallKB938828$\explorer.exe
[2007/06/13 09:10:53 | 001,037,312 | ---- | M] (Microsoft Corporation) MD5=B795475444D6D57A572C14B9E1A29839 -- C:\WINDOWS\$hf_mig$\KB938828\SP2QFE\explorer.exe
[2007/06/13 09:22:28 | 001,037,312 | ---- | M] (Microsoft Corporation) MD5=D0288319660EDCFED07C7E74C4EA38A5 -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe
[2007/06/13 09:22:28 | 001,037,312 | ---- | M] (Microsoft Corporation) MD5=D0288319660EDCFED07C7E74C4EA38A5 -- C:\WINDOWS\ERDNT\cache\explorer.exe
[2007/06/13 09:22:28 | 001,037,312 | ---- | M] (Microsoft Corporation) MD5=D0288319660EDCFED07C7E74C4EA38A5 -- C:\WINDOWS\explorer.exe
[2007/06/13 09:22:28 | 001,037,312 | ---- | M] (Microsoft Corporation) MD5=D0288319660EDCFED07C7E74C4EA38A5 -- C:\WINDOWS\system32\dllcache\explorer.exe
[2008/04/13 22:34:03 | 001,037,824 | ---- | M] (Microsoft Corporation) MD5=F2317622D29F9FF0F88AEECD5F60F0DD -- C:\WINDOWS\SoftwareDistribution\Download\327771f7f3830b5acec68906a2aac4ab\explorer.exe
 
[color=#A23BEC]< MD5 for: NDIS.SYS  >[/color]
[2008/04/13 15:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\SoftwareDistribution\Download\327771f7f3830b5acec68906a2aac4ab\ndis.sys
[2004/08/05 14:00:00 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\$NtServicePackUninstall$\ndis.sys
[2004/08/05 14:00:00 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\ERDNT\cache\ndis.sys
[2004/08/05 14:00:00 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\system32\dllcache\ndis.sys
[2004/08/05 14:00:00 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\system32\drivers\ndis.sys
 
[color=#A23BEC]< MD5 for: NETLOGON.DLL  >[/color]
[2008/04/13 22:33:34 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=04821179C3171554C1BD1F9888A113E2 -- C:\WINDOWS\SoftwareDistribution\Download\327771f7f3830b5acec68906a2aac4ab\netlogon.dll
[2009/02/06 14:46:49 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=ECD7791E0E9246CA5F218A19F3911EB9 -- C:\WINDOWS\$hf_mig$\KB968389\SP2QFE\netlogon.dll
[2009/02/06 14:46:49 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=ECD7791E0E9246CA5F218A19F3911EB9 -- C:\WINDOWS\$hf_mig$\KB975467\SP2QFE\netlogon.dll
[2009/02/06 14:46:49 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=ECD7791E0E9246CA5F218A19F3911EB9 -- C:\WINDOWS\SoftwareDistribution\Download\e5d538fd9a974271877bfc69f00e1e0a\sp2qfe\netlogon.dll
[2009/02/06 14:46:49 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=ECD7791E0E9246CA5F218A19F3911EB9 -- C:\WINDOWS\SoftwareDistribution\Download\fd39c169e8cb784cefd1d3b2f372297e\sp2qfe\netlogon.dll
[2004/08/05 14:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=FAF07FDCDE76000621A28D19F8E2E8EB -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll
[2004/08/05 14:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=FAF07FDCDE76000621A28D19F8E2E8EB -- C:\WINDOWS\ERDNT\cache\netlogon.dll
[2004/08/05 14:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=FAF07FDCDE76000621A28D19F8E2E8EB -- C:\WINDOWS\system32\dllcache\netlogon.dll
[2004/08/05 14:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=FAF07FDCDE76000621A28D19F8E2E8EB -- C:\WINDOWS\system32\netlogon.dll
 
[color=#A23BEC]< MD5 for: RASACD.SYS  >[/color]
[2004/08/05 00:00:00 | 000,008,832 | ---- | M] (Microsoft Corporation) MD5=FE0D99D6F31E4FAD8159F690D68DED9C -- C:\WINDOWS\system32\dllcache\rasacd.sys
[2004/08/05 00:00:00 | 000,008,832 | ---- | M] (Microsoft Corporation) MD5=FE0D99D6F31E4FAD8159F690D68DED9C -- C:\WINDOWS\system32\drivers\rasacd.sys
 
[color=#A23BEC]< MD5 for: SFLOPPY.SYS  >[/color]
[2008/10/25 02:59:23 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\$NtServicePackUninstall$\sp3.cab:Sfloppy.sys
[2004/08/05 14:00:00 | 018,779,217 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:Sfloppy.sys
[2010/10/25 03:47:45 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:Sfloppy.sys
[2004/08/05 00:00:00 | 018,779,217 | ---- | M] () .cab file -- C:\WINDOWS\I386\sp2.cab:Sfloppy.sys
[2010/10/25 03:47:45 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:Sfloppy.sys
[2010/10/25 03:47:45 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\SoftwareDistribution\Download\327771f7f3830b5acec68906a2aac4ab\sp3.cab:Sfloppy.sys
[2004/08/05 14:00:00 | 000,011,392 | ---- | M] (Microsoft Corporation) MD5=0D13B6DF6E9E101013A7AFB0CE629FE0 -- C:\WINDOWS\$NtServicePackUninstall$\sfloppy.sys
[2004/08/05 14:00:00 | 000,011,392 | ---- | M] (Microsoft Corporation) MD5=0D13B6DF6E9E101013A7AFB0CE629FE0 -- C:\WINDOWS\system32\dllcache\sfloppy.sys
[2004/08/05 14:00:00 | 000,011,392 | ---- | M] (Microsoft Corporation) MD5=0D13B6DF6E9E101013A7AFB0CE629FE0 -- C:\WINDOWS\system32\drivers\sfloppy.sys
[2008/04/13 14:40:48 | 000,011,392 | ---- | M] (Microsoft Corporation) MD5=8E6B8C671615D126FDC553D1E2DE5562 -- C:\WINDOWS\SoftwareDistribution\Download\327771f7f3830b5acec68906a2aac4ab\sfloppy.sys
 
[color=#A23BEC]< MD5 for: TCPIP.SYS  >[/color]
[2006/04/20 07:51:50 | 000,359,808 | ---- | M] (Microsoft Corporation) MD5=1DBF125862891817F374F407626967F4 -- C:\WINDOWS\$NtUninstallKB941644$\tcpip.sys
[2008/06/20 06:45:13 | 000,360,320 | ---- | M] (Microsoft Corporation) MD5=2A5554FC5B1E04E131230E3CE035C3F9 -- C:\WINDOWS\$NtServicePackUninstall$\tcpip.sys
[2008/06/20 06:45:13 | 000,360,320 | ---- | M] (Microsoft Corporation) MD5=2A5554FC5B1E04E131230E3CE035C3F9 -- C:\WINDOWS\ERDNT\cache\tcpip.sys
[2008/06/20 06:45:13 | 000,360,320 | ---- | M] (Microsoft Corporation) MD5=2A5554FC5B1E04E131230E3CE035C3F9 -- C:\WINDOWS\system32\dllcache\tcpip.sys
[2008/06/20 06:45:13 | 000,360,320 | ---- | M] (Microsoft Corporation) MD5=2A5554FC5B1E04E131230E3CE035C3F9 -- C:\WINDOWS\system32\drivers\tcpip.sys
[2007/10/30 12:53:32 | 000,360,832 | ---- | M] (Microsoft Corporation) MD5=64798ECFA43D78C7178375FCDD16D8C8 -- C:\WINDOWS\$hf_mig$\KB941644\SP2QFE\tcpip.sys
[2008/06/20 06:44:42 | 000,360,960 | ---- | M] (Microsoft Corporation) MD5=744E57C99232201AE98C49168B918F48 -- C:\WINDOWS\$hf_mig$\KB951748\SP2QFE\tcpip.sys
[2007/10/30 13:20:55 | 000,360,064 | ---- | M] (Microsoft Corporation) MD5=90CAFF4B094573449A0872A0F919B178 -- C:\WINDOWS\$NtUninstallKB951748$\tcpip.sys
[2008/04/13 15:20:16 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\SoftwareDistribution\Download\327771f7f3830b5acec68906a2aac4ab\tcpip.sys
[2008/06/20 07:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\$hf_mig$\KB951748\SP3GDR\tcpip.sys
[2004/08/05 14:00:00 | 000,359,040 | ---- | M] (Microsoft Corporation) MD5=9F4B36614A0FC234525BA224957DE55C -- C:\WINDOWS\$NtUninstallKB917953$\tcpip.sys
[2008/06/20 07:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip.sys
[2006/04/20 08:18:35 | 000,360,576 | ---- | M] (Microsoft Corporation) MD5=B2220C618B42A2212A59D91EBD6FC4B4 -- C:\WINDOWS\$hf_mig$\KB917953\SP2QFE\tcpip.sys
 
[color=#A23BEC]< MD5 for: TDPIPE.SYS  >[/color]
[2004/08/05 14:00:00 | 000,012,040 | ---- | M] (Microsoft Corporation) MD5=38D437CF2D98965F239B0ABCD66DCB0F -- C:\WINDOWS\$NtServicePackUninstall$\tdpipe.sys
[2004/08/05 14:00:00 | 000,012,040 | ---- | M] (Microsoft Corporation) MD5=38D437CF2D98965F239B0ABCD66DCB0F -- C:\WINDOWS\system32\dllcache\tdpipe.sys
[2004/08/05 14:00:00 | 000,012,040 | ---- | M] (Microsoft Corporation) MD5=38D437CF2D98965F239B0ABCD66DCB0F -- C:\WINDOWS\system32\drivers\tdpipe.sys
[2008/04/13 22:34:52 | 000,012,040 | ---- | M] (Microsoft Corporation) MD5=6471A66807F5E104E4885F5B67349397 -- C:\WINDOWS\SoftwareDistribution\Download\327771f7f3830b5acec68906a2aac4ab\tdpipe.sys
 
[color=#A23BEC]< MD5 for: TDTCP.SYS  >[/color]
[2008/04/13 22:34:53 | 000,021,896 | ---- | M] (Microsoft Corporation) MD5=C56B6D0402371CF3700EB322EF3AAF61 -- C:\WINDOWS\SoftwareDistribution\Download\327771f7f3830b5acec68906a2aac4ab\tdtcp.sys
[2004/08/05 14:00:00 | 000,021,896 | ---- | M] (Microsoft Corporation) MD5=ED0580AF02502D00AD8C4C066B156BE9 -- C:\WINDOWS\$NtServicePackUninstall$\tdtcp.sys
[2004/08/05 14:00:00 | 000,021,896 | ---- | M] (Microsoft Corporation) MD5=ED0580AF02502D00AD8C4C066B156BE9 -- C:\WINDOWS\system32\dllcache\tdtcp.sys
[2004/08/05 14:00:00 | 000,021,896 | ---- | M] (Microsoft Corporation) MD5=ED0580AF02502D00AD8C4C066B156BE9 -- C:\WINDOWS\system32\drivers\tdtcp.sys
 
[color=#A23BEC]< MD5 for: USBPRINT.SYS  >[/color]
[2008/10/25 02:59:23 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\$NtServicePackUninstall$\sp3.cab:usbprint.sys
[2004/08/05 14:00:00 | 018,779,217 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:usbprint.sys
[2010/10/25 03:47:45 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:usbprint.sys
[2004/08/05 00:00:00 | 018,779,217 | ---- | M] () .cab file -- C:\WINDOWS\I386\sp2.cab:usbprint.sys
[2010/10/25 03:47:45 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:usbprint.sys
[2010/10/25 03:47:45 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\SoftwareDistribution\Download\327771f7f3830b5acec68906a2aac4ab\sp3.cab:usbprint.sys
[2004/08/03 17:01:26 | 000,025,856 | ---- | M] (Microsoft Corporation) MD5=A42369B7CD8886CD7C70F33DA6FCBCF5 -- C:\WINDOWS\$NtServicePackUninstall$\usbprint.sys
[2004/08/03 17:01:26 | 000,025,856 | ---- | M] (Microsoft Corporation) MD5=A42369B7CD8886CD7C70F33DA6FCBCF5 -- C:\WINDOWS\system32\dllcache\usbprint.sys
[2004/08/03 17:01:26 | 000,025,856 | ---- | M] (Microsoft Corporation) MD5=A42369B7CD8886CD7C70F33DA6FCBCF5 -- C:\WINDOWS\system32\drivers\usbprint.sys
[2008/04/13 14:47:38 | 000,025,856 | ---- | M] (Microsoft Corporation) MD5=A717C8721046828520C9EDF31288FC00 -- C:\WINDOWS\SoftwareDistribution\Download\327771f7f3830b5acec68906a2aac4ab\usbprint.sys
 
[color=#A23BEC]< MD5 for: USBSCAN.SYS  >[/color]
[2008/10/25 02:59:23 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\$NtServicePackUninstall$\sp3.cab:usbscan.sys
[2004/08/05 14:00:00 | 018,779,217 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:usbscan.sys
[2010/10/25 03:47:45 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:usbscan.sys
[2004/08/05 00:00:00 | 018,779,217 | ---- | M] () .cab file -- C:\WINDOWS\I386\sp2.cab:usbscan.sys
[2010/10/25 03:47:45 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:usbscan.sys
[2010/10/25 03:47:45 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\SoftwareDistribution\Download\327771f7f3830b5acec68906a2aac4ab\sp3.cab:usbscan.sys
[2008/04/13 14:45:34 | 000,015,104 | ---- | M] (Microsoft Corporation) MD5=A0B8CF9DEB1184FBDD20784A58FA75D4 -- C:\WINDOWS\SoftwareDistribution\Download\327771f7f3830b5acec68906a2aac4ab\usbscan.sys
[2004/08/03 16:58:46 | 000,015,104 | ---- | M] (Microsoft Corporation) MD5=A6BC71402F4F7DD5B77FD7F4A8DDBA85 -- C:\WINDOWS\$NtServicePackUninstall$\usbscan.sys
[2004/08/03 16:58:46 | 000,015,104 | ---- | M] (Microsoft Corporation) MD5=A6BC71402F4F7DD5B77FD7F4A8DDBA85 -- C:\WINDOWS\system32\dllcache\usbscan.sys
[2004/08/03 16:58:46 | 000,015,104 | ---- | M] (Microsoft Corporation) MD5=A6BC71402F4F7DD5B77FD7F4A8DDBA85 -- C:\WINDOWS\system32\drivers\usbscan.sys
 
[color=#A23BEC]< MD5 for: USERINIT.EXE  >[/color]
[2004/08/05 14:00:00 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=D6D65EA32B190401B57EDB6706F29669 -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe
[2004/08/05 14:00:00 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=D6D65EA32B190401B57EDB6706F29669 -- C:\WINDOWS\ERDNT\cache\userinit.exe
[2004/08/05 14:00:00 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=D6D65EA32B190401B57EDB6706F29669 -- C:\WINDOWS\system32\dllcache\userinit.exe
[2004/08/05 14:00:00 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=D6D65EA32B190401B57EDB6706F29669 -- C:\WINDOWS\system32\userinit.exe
[2008/04/13 22:34:26 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=E74DDB12188C2FF57A78624DBF7332FC -- C:\WINDOWS\SoftwareDistribution\Download\327771f7f3830b5acec68906a2aac4ab\userinit.exe
 
[color=#A23BEC]< MD5 for: WINLOGON.EXE  >[/color]
[2004/08/05 14:00:00 | 000,506,368 | ---- | M] (Microsoft Corporation) MD5=D2DE785AEAB0BB8CA4C14A8A199DBE4E -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2004/08/05 14:00:00 | 000,506,368 | ---- | M] (Microsoft Corporation) MD5=D2DE785AEAB0BB8CA4C14A8A199DBE4E -- C:\WINDOWS\ERDNT\cache\winlogon.exe
[2004/08/05 14:00:00 | 000,506,368 | ---- | M] (Microsoft Corporation) MD5=D2DE785AEAB0BB8CA4C14A8A199DBE4E -- C:\WINDOWS\system32\dllcache\winlogon.exe
[2004/08/05 14:00:00 | 000,506,368 | ---- | M] (Microsoft Corporation) MD5=D2DE785AEAB0BB8CA4C14A8A199DBE4E -- C:\WINDOWS\system32\winlogon.exe
[2008/04/13 22:34:28 | 000,512,000 | ---- | M] (Microsoft Corporation) MD5=DD73D6B9F6B4CB630CF35B438B540174 -- C:\WINDOWS\SoftwareDistribution\Download\327771f7f3830b5acec68906a2aac4ab\winlogon.exe
 
[color=#A23BEC]< %systemroot%\*. /mp /s >[/color]
 
[color=#A23BEC]< %systemroot%\system32\*.dll /lockedfiles >[/color]
[2008/07/03 09:15:39 | 008,510,976 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\WINDOWS\system32\shell32.dll
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
 
[color=#A23BEC]< %systemroot%\Tasks\*.job /lockedfiles  >[/color]
< End of report >


Code: Tout sélectionner
OTL Extras logfile created on: 10/26/2010 10:03:11 PM - Run
OTLPE by OldTimer - Version 3.1.43.0     Folder = X:\Programs\OTLPE
Microsoft Windows XP Service Pack 2 (Version = 5.1.2600) - Type = SYSTEM
Internet Explorer (Version = 8.0.6001.18702)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy
 
382.00 Mb Total Physical Memory | 171.00 Mb Available Physical Memory | 45.00% Memory free
326.00 Mb Paging File | 199.00 Mb Available in Paging File | 61.00% Paging File free
Paging file location(s): C:\pagefile.sys 576 1152 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 145.19 Gb Total Space | 11.43 Gb Free Space | 7.87% Space Free | Partition Type: NTFS
Drive H: | 3.84 Gb Total Space | 0.37 Gb Free Space | 9.59% Space Free | Partition Type: FAT32
Drive I: | 7.63 Gb Total Space | 6.05 Gb Free Space | 79.28% Space Free | Partition Type: FAT32
Drive X: | 434.99 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
 
Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet001
 
[color=#E56717]========== Extra Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== File Associations ==========[/color]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
 
[color=#E56717]========== Shell Spawning ==========[/color]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[color=#E56717]========== Security Center Settings ==========[/color]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 1
"FirewallOverride" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
 
[color=#E56717]========== System Restore Settings ==========[/color]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Sr]
"Start" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SrService]
"Start" = 2
 
[color=#E56717]========== Firewall Settings ==========[/color]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
 
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
 
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008
 
[color=#E56717]========== Authorized Applications List ==========[/color]
 
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%ProgramFiles%\iTunes\iTunes.exe" = %ProgramFiles%\iTunes\iTunes.exe:*:enabled:iTunes -- (Apple Inc.)
"C:\Program Files\Fichiers communs\AOL\ACS\AOLacsd.exe" = C:\Program Files\Fichiers communs\AOL\ACS\AOLacsd.exe:*:Enabled:AOL -- File not found
"C:\Program Files\Fichiers communs\AOL\ACS\AOLDial.exe" = C:\Program Files\Fichiers communs\AOL\ACS\AOLDial.exe:*:Enabled:AOL -- File not found
"C:\Program Files\AOL 9.0\waol.exe" = C:\Program Files\AOL 9.0\waol.exe:*:Enabled:AOL 9.0 -- File not found
 
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\IncrediMail\bin\ImApp.exe" = C:\Program Files\IncrediMail\bin\ImApp.exe:*:Enabled:IncrediMail -- (IncrediMail, Ltd.)
"C:\Program Files\IncrediMail\bin\IncMail.exe" = C:\Program Files\IncrediMail\bin\IncMail.exe:*:Enabled:IncrediMail -- (IncrediMail, Ltd.)
"C:\Program Files\IncrediMail\bin\ImpCnt.exe" = C:\Program Files\IncrediMail\bin\ImpCnt.exe:*:Enabled:IncrediMail -- (IncrediMail, Ltd.)
"C:\Program Files\IncrediMail\bin\ImLc.exe" = C:\Program Files\IncrediMail\bin\ImLc.exe:*:Enabled:IncrediMail -- (IncrediMail, Ltd.)
"C:\Program Files\IncrediMail\bin\IncrediMail_Install.exe" = C:\Program Files\IncrediMail\bin\IncrediMail_Install.exe:*:Enabled:IncrediMail Installer -- ()
"C:\Program Files\Magentic\bin\MgImp.exe" = C:\Program Files\Magentic\bin\MgImp.exe:*:Enabled:Magentic -- (IncrediMail, Ltd.)
"C:\Program Files\Magentic\bin\Magentic.exe" = C:\Program Files\Magentic\bin\Magentic.exe:*:Enabled:Magentic -- ()
"C:\Program Files\Magentic\bin\MgApp.exe" = C:\Program Files\Magentic\bin\MgApp.exe:*:Enabled:Magentic -- ()
"C:\Program Files\LimeWire\LimeWire.exe" = C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire -- (Lime Wire, LLC)
"C:\Program Files\eMule\emule.exe" = C:\Program Files\eMule\emule.exe:*:Enabled:eMule -- (http://www.emule-project.net)
"C:\Program Files\iTunes\iTunes.exe" = C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)
 
 
[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{075473F5-846A-448B-BCB3-104AA1760205}" = Sonic RecordNow Data
"{0BEDBD4E-2D34-47B5-9973-57E62B29307C}" = ATI Control Panel
"{0CB9668D-F979-4F31-B8B8-67FE90F929F8}" = Bonjour
"{0DD140D3-9563-481E-AA75-BA457CBDAEF2}" = PC Inspector File Recovery
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP160" = Canon MP160
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{19C989C4-50AE-43A4-B06E-8C70FFFF852F}" = PC-Doctor for Windows
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{21657574-BD54-48A2-9450-EB03B2C7FC29}" = Sonic MyDVD Plus
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83216011FF}" = Java(TM) 6 Update 22
"{29D851C2-048C-4B5E-8D1F-25D473342BB5}" = ScanSoft OmniPage SE 4.0
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Sonic Update Manager
"{3248F0A8-6813-11D6-A77B-00B0D0150000}" = J2SE Runtime Environment 5.0
"{3248F0A8-6813-11D6-A77B-00B0D0160030}" = Java(TM) 6 Update 3
"{3248F0A8-6813-11D6-A77B-00B0D0160050}" = Java(TM) 6 Update 5
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java(TM) 6 Update 7
"{350C940c-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3912A629-0020-0005-3757-2FBA74D4DF0A}" = InterVideo WinDVD Player
"{3BB53C4E-97B3-4504-B4C3-6C5012FBCD83}" = Mission Equitation 2
"{3D9892BB-A751-4E48-ADC8-E4289956CE1D}" = QuickTime
"{3EBC0693-0A27-4B50-90A1-A8B688911C7A}" = Samsung PC Studio 3
"{4286E640-B5FB-11DF-AC4B-005056C00008}" = Google Earth
"{49F00501-E02F-458F-8AED-85949AB9656F}" = MioTransfer
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{5809E7CF-4DCF-11D4-9875-00105ACE7734}" = Logitech MouseWare 9.79.1
"{5E97F3BD-CDDC-4188-9D98-532E14FABB5D}" = IncrediMail
"{650D1904-ED7F-4F37-9325-33C2815D260C}" = MioMap v3 Updater
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Sonic Express Labeler
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6E7DD182-9FC6-4651-0095-2E666CC6AF35}" = Les Sims 2
"{75AE8014-1184-4BC0-B279-C879540719EE}" = PhotoMail Maker
"{7AB3A249-FB81-416B-917A-A2A10E74C503}" = iTunes
"{7AC15160-A49B-4A89-B181-D4619C025FFF}" = Samsung Samples Installer
"{7C979B2E-B5B9-E33F-6958-2301034CDB7D}" = Barbie I Can Be
"{8105684D-8CA6-440D-8F58-7E5FD67A499D}" = Connexion Facile à Internet
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83d96ed0-98aa-4515-8ddc-816f3efdd104}" = MyDSC2
"{85309D89-7BE9-4094-BB17-24999C6118FC}" = ArcSoft PhotoStudio 5.5
"{85991ED2-010C-4930-96FA-52F43C2CE98A}" = Apple Mobile Device Support
"{8B9852AF-B0B0-47B7-9BC5-89A95D77B6C9}" = MP3 Player Utilities 4.11
"{9028040C-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Professional avec FrontPage
"{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}" = InterVideo WinDVD Player
"{93D34EE3-99B3-4DB1-8B0A-0A657466F90D}" = Clé Internet de prêt
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9901E703-D169-7139-1EA3-11AA788D09E6}" = EA Download Manager UI
"{9A394342-4A68-4EBA-85A6-55B559F4E700}" = Microsoft .NET Framework 1.1 French Language Pack
"{9CE14C25-0395-4DDA-8B47-06A944DF9E5F}" = Mon Petit Poney
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A93C4E94-1005-489D-BEAA-B873C1AA6CFC}" = HP Help and Support 4.0
"{AB708C9B-97C8-4AC9-899B-DBF226AC9382}" = Sonic RecordNow Audio
"{AC76BA86-7AD7-1036-7B44-A70000000000}" = Adobe Reader 7.0 - Français
"{AC76BA86-7AD7-5464-3428-7E8A450000A7}" = Spelling Dictionaries For Adobe Reader Package
"{AFAC914D-9E83-4A89-8ABE-427521C82CCF}" = Safari
"{B12665F4-4E93-4AB4-B7FC-37053B524629}" = Sonic RecordNow Copy
"{B2D328BE-45AD-4D92-96F9-2151490A203E}" = Apple Application Support
"{B508B3F1-A24A-32C0-B310-85786919EF28}" = Microsoft .NET Framework 2.0 Service Pack 1
"{C29302BF-32F8-7834-A4C8-780349DE9659}" = La Chaîne Météo
"{C4A4722E-79F9-417C-BD72-8D359A090C97}" = Samsung PC Studio 3
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{DB518BA6-CB74-4EB6-9ABD-880B6D6E1F38}" = HpSdpAppCoreApp
"{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}" = Codeur Windows Media Série 9
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{EBA29752-DDD2-4B62-B2E3-9841F92A3E3A}" = Samsung PC Studio 3 USB Driver Installer
"{EEE76149-DC7F-4D3E-B021-6152DF574FA6}" = Alexandra Ledermann 8
"{F715F7A4-67BA-11DD-93EF-B74D56D89593}" = Alexandra Ledermann - La colline aux chevaux sauvages
"Adibou V.3.00 on C" = Adibou V.3.00 on C
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Agere Systems Soft Modem" = Agere Systems PCI Soft Modem
"Alexandra Ledermann 6" = Alexandra Ledermann 6
"ATI Display Driver" = ATI Display Driver
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"Barbie(TM) Horse Adventures(TM)" = Barbie(TM) Horse Adventures(TM)
"Briberry_is1" = Briberry 1.2
"CCleaner" = CCleaner
"com.adobe.example.widget.33A7EEEDEE7A114BE5163F740489DD413641A8EC.1" = La Chaîne Météo
"com.ea.Vault.919CACB699904AC5D41B606703500DD39747C02D.1" = EA Download Manager UI
"com.smashingideas.ICanBeGrandPrize.955FB31728C43225F1147BC469B6F02AA2FCF43E.1" = Barbie I Can Be
"dBpowerAMP Musepack Codec" = dBpowerAMP Musepack Codec
"Dogz" = Dogz (remove only)
"Dual Mode Camera_is1" = Uninstall Dual Mode Camera
"DVD Shrink_is1" = DVD Shrink 3.2
"EA Download Manager" = EA Download Manager
"Easy-PhotoPrint" = Canon Utilities Easy-PhotoPrint
"Easy-WebPrint" = Easy-WebPrint
"eMule" = eMule
"Enregistrement utilisateur de Canon MP160" = Enregistrement utilisateur de Canon MP160
"FormatFactory" = FormatFactory 2.50
"Frankie Maternelle - Moyenne section" = Frankie Maternelle - Moyenne section
"Help and Support Additions" = Compléments d'aide et de support
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"IncrediMail" = IncrediMail 2.0
"InstallShield_{19C989C4-50AE-43A4-B06E-8C70FFFF852F}" = PC-Doctor for Windows
"InstallShield_{8105684D-8CA6-440D-8F58-7E5FD67A499D}" = Connexion Facile à Internet
"LimeWire" = LimeWire 4.16.6
"Magentic" = Magentic
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1  (1033)" = Microsoft .NET Framework 1.1
"Mio Technology Speedcam Synchronisation" = Mio Technology Speedcam Synchronisation 1.1.16.04.06
"Mio Technology Speedcam Synchronisation ( PNA Version )" = Mio Technology Speedcam Synchronisation ( PNA Version ) 1.2.10.07.06
"Mio Technology SpeedCam Tool" = Mio Technology SpeedCam Tool
"Mon Petit Poney" = Mon Petit Poney
"MP Navigator 3.0" = Canon MP Navigator 3.0
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"MSNINST" = MSN
"MusicMatch Jukebox" = MusicMatch Jukebox
"My Stitch_is1" = My Stitch 1.1
"NATHAN Vacances CP V.1.00 (C:)" = NATHAN Vacances CP V.1.00 (C:)
"Neuf_TV_PC" = TV sur PC
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"PhoTagsExpress" = PhoTags Express
"PhotoMail" = PhotoMail Maker
"PS2" = PS2
"Puppy Grandit & Connaît ton Nom_is1" = Puppy Grandit & Connaît ton Nom
"Python 2.2.3" = Python 2.2.3
"pywin32-py2.2" = Python 2.2 pywin32 extensions (build 203)
"RealPlayer 6.0" = RealPlayer Basic
"SAMSUNG Mobile Modem" = SAMSUNG Mobile Modem Driver Set
"Samsung Mobile phone USB driver" = Samsung Mobile phone USB driver Software
"SAMSUNG Mobile USB Modem" = SAMSUNG Mobile USB Modem Software
"SAMSUNG Mobile USB Modem 1.0" = SAMSUNG Mobile USB Modem 1.0 Software
"SFR_Kit" = SFR - Kit de connexion
"Softonic_France_FF Toolbar" = Softonic France FF Toolbar
"spirit-9.17fr" = Spirit (remove only)
"StreetPlugin" = Learn2 Player (Uninstall Only)
"Studio de création numérique de Lapin Malin" = Studio de création numérique de Lapin Malin
"SuperEleves_11FM" = SdLL - Superélèves CP
"Video Journal_is1" = Video Journal Version 2.04
"ViewpointMediaPlayer" = Viewpoint Media Player
"VLC media player" = VideoLAN VLC media player 0.8.4a
"WIC" = Windows Imaging Component
"Windows Media Encoder 9" = Codeur Windows Media Série 9
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Lecteur Windows Media 11
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
 
< End of report >
Avatar de l'utilisateur
dodremi
Apprenti(e)
Apprenti(e)
 
Messages: 38
Inscription: 02 Mar 2010 10:50
 

Re: Virus Win 32/nuquel.E

Message le 26 Oct 2010 20:23

hello,

On va restaurer un driver absent et virer qq trace d'infections mais je ne pense pas que le ralentissement vienne de là... :-?


toujours sous live CD relance OTL et coller cette citation dans sa fenetre "costum scan/fix" et cliques sur "RUN FIX"

:files
C:\WINDOWS\System32\dec_jl6.dll
C:\WINDOWS\iltwain.ini
C:\WINDOWS\System32\ATHPRXY(2).DLL
C:\WINDOWS\system32\drivers\changer.sys | C:\WINDOWS\SoftwareDistribution\Download\327771f7f3830b5acec68906a2aac4ab\changer.sys /replace
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

:reg
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"ViewpointMediaPlayer" =-


ensuite redémarre ton pc normalement pour voir si il y a du changement :wink:
Avatar de l'utilisateur
jeanmimigab
PC-Infopraticien
PC-Infopraticien
 
Messages: 2986
Inscription: 29 Nov 2009 12:05
 

Re: Virus Win 32/nuquel.E

Message le 26 Oct 2010 21:56

Re,

Alors pas de changement au niveau du démarrage; il rame toujours autant ...
Mais une fois démarrer, il a l'air de bosser correctement !

Je te poste le rapport OTL

Dis moi si quelque chose est encore possible ?
Bonne nuit

a demain :wink:

Code: Tout sélectionner
========== FILES ==========
C:\WINDOWS\System32\dec_jl6.dll moved successfully.
C:\WINDOWS\iltwain.ini moved successfully.
C:\WINDOWS\System32\ATHPRXY(2).DLL moved successfully.
File C:\WINDOWS\system32\drivers\changer.sys successfully replaced with C:\WINDOWS\SoftwareDistribution\Download\327771f7f3830b5acec68906a2aac4ab\changer.sys
File\Folder [1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ] not found.
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\\ViewpointMediaPlayer not found.
 
OTLPE by OldTimer - Version 3.1.43.0 log created on 10262010_233458
Avatar de l'utilisateur
dodremi
Apprenti(e)
Apprenti(e)
 
Messages: 38
Inscription: 02 Mar 2010 10:50
 

Re: Virus Win 32/nuquel.E

Message le 27 Oct 2010 17:11

Hello,

Dis moi si quelque chose est encore possible ?


Ben niveau infection, avec ce dernier script c'est clean, plus de soucis de ce coté là :wink:

Par contre comme je te l'ai dit il serait bon d'envisager une réparation du système sans perte de données si tu as le cd cd windows.
Ou bien une restauration usine si tu as les CD/DVD de restauration de ce PC.

Quels est le modèl exact de ton pc, ainsi je me renseigne pour savoir si tu dispose d'un partition de restauration cachée, cela pourrais te servir au cas où tu aurais égaré ces CD/DVD de restauration :wink:
Avatar de l'utilisateur
jeanmimigab
PC-Infopraticien
PC-Infopraticien
 
Messages: 2986
Inscription: 29 Nov 2009 12:05
 

Re: Virus Win 32/nuquel.E

Message le 27 Oct 2010 17:56

Hello,

Alors mon Pc est un Compaq presario AMD SEMPRON 3000+ 984 MHZ 384 MO de RAM.
J'ai un CD de reinstallation usine "légal" et un CD Windows XP Familial 2002 Pack 2 pas légal, comme je le croyais ...

Apparemment j'ai une Partition D sur mon PC avec un fichier à l'interieur qui se nomme reinstallation system avec une icone "gros cadenas", ainsi que d'autre fichier que je ne connais pas ..

Quand tu dis "réparation systeme sans perte de données", cela veut il dire que je ne perdrais rien de mes documents, ou alors faudra t il envisager une sauvegarde sur disque dur externe ? car j'ai pas mal de photos et doc que je ne voudrais pas perdre .....

Merci de ta réponse..
@+
Avatar de l'utilisateur
dodremi
Apprenti(e)
Apprenti(e)
 
Messages: 38
Inscription: 02 Mar 2010 10:50
 

Re: Virus Win 32/nuquel.E

Message le 27 Oct 2010 22:42

Bonsoir, désolé de passé si tard :oops:

J'ai un CD de reinstallation usine "légal"


c'est celui là qu'il te faut, car il comprend en plus de Windows, tous les programmes et drivers présent sur ton pc au jours de l'achat.

faudra t il envisager une sauvegarde sur disque dur externe


Oui, car beaucoup de CD de restauration ont une option sensée réinstaller ton système sans perte de document, mais au final il te les supprime quand même.

L'idéale dans ton cas serait de:

sauvegarder tout tes documents sur un DD externe
  • insérer le cd de restauration et redémarrer ton pc.
  • Tu auras accès au système de restauration Usine et il te suffiras de suivre les instructions pour retrouver un PC tout neuf (configurer comme le jour où tu l'as acheter)
    Il te faudra ensuite réinstaller tes programmes, faire les mises à jours de windows et recopier tes documents dessus

Si tu as besoin d'aide ou de conseils pour cette étape, n'hésite pas a me le dire :wink:
Avatar de l'utilisateur
jeanmimigab
PC-Infopraticien
PC-Infopraticien
 
Messages: 2986
Inscription: 29 Nov 2009 12:05
 

Re: Virus Win 32/nuquel.E

Message le 28 Oct 2010 07:54

Salut jeanmimi...
Merci pour ta réponse..

Bon et bien il faut que j'aille acheté un disque dur externe...et ensuite je sauvegarderai tout ce dont j'ai besoin.
En attendant je bloque les mises à jour automatiques.....

D'ailleurs puis je supprimer tous les icones des programmes installés pour sauver mon PC ?

Merci de ta réponse.

Je te remercie encore pour ta patience et ta disponibilité. Tu m'as quand même bien dépané.
Si j'ai un souci pour la reconfiguration je ferai appel au forum ....

Encore mille merci.
A bientot :wink:
Avatar de l'utilisateur
dodremi
Apprenti(e)
Apprenti(e)
 
Messages: 38
Inscription: 02 Mar 2010 10:50
 

Re: Virus Win 32/nuquel.E

Message le 28 Oct 2010 17:37

hello,
puis je supprimer tous les icones des programmes installés pour sauver mon PC ?


oui, comme cela

  • Télécharge >>> ToolsCleaner <<< (de A.Rothstein & dj QUIOU)
  • Fais un clic-droit dessus et choisis "Exécuter en tant qu'administrateur" pour lancer le programme.
  • Clique sur Recherche et laisse le scan se terminer (il peut durer une dizaine de minutes au maximum).
  • une fois la recherche lancée, ne clique pas dans la fenêtre, cela provoquerait un léger bug du programme.
  • Si toutes fois la mention (ne réponds pas) apparaissait dans le titre de la fenêtre ToolsCleaner, ne t'en occupes pas et laisse quand même le programme terminer son travail
  • Fermes le rapport qui apparait.
  • cliquer sur Suppression et fermes toolcleaner

Si il reste des icônes suite à cela, supprime les manuellement

il faut que j'aille acheté un disque dur externe...et ensuite je sauvegarderai tout ce dont j'ai besoin


Oui, c'est impératif, il faut toujours au moins une sauvegarde de tes fichiers important, un DD ça peut bloquer du jour au lendemain sans prévenir :-?

Dès que tu as fais tes sauvegarde, n'hésite pas a redemander de l'aide ici, on t'aidera avec plaisir :wink:

@++ et bonne soirée
Avatar de l'utilisateur
jeanmimigab
PC-Infopraticien
PC-Infopraticien
 
Messages: 2986
Inscription: 29 Nov 2009 12:05
 

Re: Virus Win 32/nuquel.E

Message le 28 Oct 2010 19:24

Ok merci et à bientot ...
Avatar de l'utilisateur
dodremi
Apprenti(e)
Apprenti(e)
 
Messages: 38
Inscription: 02 Mar 2010 10:50
 

Précédente


Sujets similaires

Message [Réglé] choix anti virus
bonjour a tous, je viens de changer mon pc et j'aimerai vos avis sur le choix de l anti virus.
Réponses: 8

Message HELP je pense avoir un virus
Bonsoir,Première fois que ce genre de chose m'arrive, j'ai d'abord été hackée sur Instagram, pensant que ca s'arrêterait làEnsuite ca a été au tour de STEAM malgré le steam guard ( identification à 2 facteurs) puis Linkedin !! Je n'ai eu aucune alerte de connexion, que ce soit par sms ou email !! J' ...
Réponses: 12

Message Aide suite à une analyse FRST contre un virus vbc.exe
Bonjour tout le monde, J'ai récemment constaté que j'étais infecté par un virus lié à vbc.exe, ce qui entraîne une utilisation du CPU allant jusqu'à 30% voire 40%. J'ai donc effectué mes analyses FRST et voici les rapports obtenus : - FRST.txt: https://pjjoint.malekal.com/files.php?id=FRST_20240315_ ...
Réponses: 3

Message [Réglé] Petite vérification virus
Salut Heravles ,Merci et bonne année a toi également et aussi a toute ta famille.Oui désolé j'ai pas fais attention quand j'ai téléchargé le logiciel alors que je sais très bien qu'il fallait le faire sur le bureau. Je ferais plus attention la prochaine fois.Nickel si mon Pc et pas infecté.Je t'envo ...
Réponses: 5

Message 22h2 bogues tpm et centre de sécurité: virus?
Salut,J'ai refait iso et formaté override le disque. Un reset électrique du PC.Je suis sur W11 PRO 64 v22621.525 (même bogue sur la première iso 22h2 fournie par Microsoft en 22621.382).WU est désactivé avant connexion a internet via gpedit.msc.J'ai installé à neuf en compte local. J'installe sans i ...
Réponses: 17

Message anti virus gratuit
Bonjour,Avez-vous un anti virus nettoyeur gratuit en français a me conseiller pour mon j3 2016 samsung.Cordialement.
Réponses: 3

Message Des VIRUS (encore ?)
Bonjour Bernard,merci pour ton aide, j'ai donc supprimé les logiciels adobe que j'avais cracké,voici les nouvelles analyses:Addition : https://cjoint.com/c/LKduLSQQmLnFRST : https://cjoint.com/c/LKduNhgM1vnShortcut : https://cjoint.com/c/LKduNycdWwnCordialement
Réponses: 7


Qui est en ligne

Utilisateurs parcourant ce forum: Bing [Bot] et 22 invités


.: Nous contacter :: Flux RSS :: Données personnelles :.