Virus Win 32/nuquel.E • page 4

jeanmimigab · le 26 Oct 2010 17:15

hello,

J'en pense que Windows a souffert de l'infection :-?

On va faire un dernier scan pour être sur qu'il n'y ai pas un rootkit qui nous fait la misère.

Si rien de spécial n'est présent, il faudra se résigner a sauvegarder tous ce qui est important et si tu as le cd de windows >> faire une réparation sans perte de données.
Si tu as un CD de restauration, il faudra l'utiliser afin de réinstaller ton système.

Opération de la dernière chance, on va scanner ton pc avec un live CD qui aura l'avantage de scanner un windows "à l'arrêt", donc si rootkit il y a, on le verra car il ne sera pas actif :wink:

Insère un CD (ou un DVD) vierge dans ton graveur...si une fenêtre s'ouvre te demandant ce que tu veux faire, ferme cette fenêtre.

Télécharge OTLPENet.iso sur ton bureau.
Insère un CD vierge dans ton graveur, si une fenêtre s'ouvre te demandant ce que tu veux faire, ferme cette fenêtre.
Fais un double-clic sur l'icône d'OTLPENet.iso et suis les instructions pour graver le CD/DVD automatiquement

Note : Le CD gravé, vous devez maintenant redémarrer votre machine sur le lecteur CDROM

Si ton pc ne boot pas automatiquement sur le CD, je t'invite sur ce lien : http://forum.malekal.com/booter-sur-dvd-t9447.html
= Le setup se charge en RAM

= Une fois le CD lancé Windows se charge (comptez 15 à 20 minutes) vous arrivez sur le bureau REATOGO-X-PE

= Double cliquer sur OTLPE

= Une fenêtre s'ouvre : Do you wish to load the remote registry ; Cliquez sur YES

= Une seconde : Do you wish to load remote user profile(s) for scanning ;choisis ta session et Clique sur YES

= Veillez à ce que la case "Automatically Load All Remaining Users" soit cochée et cliquez sur "OK"

=OTL se lance tu arrives sur cette fenêtre

Tu utilises une clé usb pour sauver le contenu du cadre ci dessous dans un fichier bloc notes , afin de le retrouver facilement
et de le coller ensuite sous" Custom Scan box"

NetSvcs
%systemroot%\system32\drivers\*.sys /lockedfiles
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%SYSTEMDRIVE%\*.exe
netsvcs
%SYSTEMDRIVE%\*.exe
/md5start
explorer.exe
userinit.exe
winlogon.exe
tcpip.sys
Sfloppy.sys
Changer.sys
cdrom.sys
disk.sys
ndis.sys
usbscan.sys
usbprint.sys
tdtcp.sys
tdpipe.sys
netlogon.dll
cngaudit.dll
sceclt.dll
ntelogon.dll
logevent.dll
RASACD.SYS
iaStor.sys
nvstor.sys
atapi.sys
/md5stop
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles

* cliques Run Scan pour démarrer le scan.
* une fois terminé , le fichier se trouve là C:\OTL.txt
* copie_colle le sur ta clef USB et poste son contenu dans ta prochaine réponse :wink:

@++

dodremi · le 26 Oct 2010 19:32

Bonsoir jeanmimi,

Encore moi et mon problème....
Alors, j'ai fait à nouveau tout ce que tu m'as dit et voici les 2 rapports qui en sont sortis.
Je te mets les 2, on ne sait jamais ......
L1er c'est "OTL" et le 2nd c'est "Extras"

A plus tard ...

Code: Tout sélectionner: OTL logfile created on: 10/26/2010 10:03:11 PM - Run OTLPE by OldTimer - Version 3.1.43.0 Folder = X:\Programs\OTLPE Microsoft Windows XP Service Pack 2 (Version = 5.1.2600) - Type = SYSTEM Internet Explorer (Version = 8.0.6001.18702) Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy 382.00 Mb Total Physical Memory | 171.00 Mb Available Physical Memory | 45.00% Memory free 326.00 Mb Paging File | 199.00 Mb Available in Paging File | 61.00% Paging File free Paging file location(s): C:\pagefile.sys 576 1152 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 145.19 Gb Total Space | 11.43 Gb Free Space | 7.87% Space Free | Partition Type: NTFS Drive H: | 3.84 Gb Total Space | 0.37 Gb Free Space | 9.59% Space Free | Partition Type: FAT32 Drive I: | 7.63 Gb Total Space | 6.05 Gb Free Space | 79.28% Space Free | Partition Type: FAT32 Drive X: | 434.99 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS Computer Name: REATOGO | User Name: SYSTEM Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days Using ControlSet: ControlSet001 [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - File not found [Disabled] -- C:\WINDOWS\System32\hidserv.dll -- (HidServ) SRV - File not found [On_Demand] -- C:\WINDOWS\System32\appmgmts.dll -- (AppMgmt) SRV - [2010/08/17 07:39:03 | 000,135,336 | ---- | M] (Avira GmbH) [Auto] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService) SRV - [2010/08/17 07:38:55 | 000,267,944 | ---- | M] (Avira GmbH) [Auto] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService) SRV - [2010/06/10 15:03:08 | 000,144,176 | ---- | M] (Apple Inc.) [Auto] -- C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device) SRV - [2005/04/03 19:41:10 | 000,069,632 | ---- | M] (Macrovision Corporation) [On_Demand] -- C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe -- (IDriverT) SRV - [2003/06/20 03:25:00 | 000,322,120 | ---- | M] (Microsoft Corporation) [Auto] -- C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe -- (MDM) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - File not found [Kernel | On_Demand] -- -- (WDICA) DRV - File not found [Kernel | On_Demand] -- -- (PDRFRAME) DRV - File not found [Kernel | On_Demand] -- -- (PDRELI) DRV - File not found [Kernel | On_Demand] -- -- (PDFRAME) DRV - File not found [Kernel | On_Demand] -- -- (PDCOMP) DRV - File not found [Kernel | System] -- -- (PCIDump) DRV - File not found [Kernel | System] -- -- (lbrtfdc) DRV - File not found [Kernel | System] -- C:\WINDOWS\System32\DRIVERS\intelppm.sys -- (intelppm) DRV - File not found [Kernel | System] -- -- (i2omgmt) DRV - File not found [Kernel | System] -- -- (Changer) DRV - File not found [Kernel | On_Demand] -- C:\DOCUME~1\COMPAQ~1\LOCALS~1\Temp\catchme.sys -- (catchme) DRV - [2010/08/17 07:39:11 | 000,126,856 | ---- | M] (Avira GmbH) [Kernel | System] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb) DRV - [2010/08/17 07:39:11 | 000,060,936 | ---- | M] (Avira GmbH) [File_System | Auto] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt) DRV - [2010/06/17 09:28:02 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv) DRV - [2010/06/17 09:27:52 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System] -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys -- (avgio) DRV - [2009/05/05 05:20:37 | 000,005,632 | ---- | M] () [File_System | System] -- C:\WINDOWS\System32\drivers\StarOpen.sys -- (StarOpen) DRV - [2008/07/08 03:11:00 | 000,103,936 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ZTEusbser6k.sys -- (ZTEusbser6k) DRV - [2008/07/08 03:11:00 | 000,103,936 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ZTEusbnmea.sys -- (ZTEusbnmea) DRV - [2008/07/08 03:11:00 | 000,103,936 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ZTEusbmdm6k.sys -- (ZTEusbmdm6k) DRV - [2007/08/21 09:38:58 | 000,032,512 | ---- | M] (Service & Quality Technology.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\Capt905c.sys -- (SQTECH905C) DRV - [2007/06/24 08:19:56 | 000,008,552 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | Auto] -- C:\WINDOWS\System32\drivers\asctrm.sys -- (ASCTRM) DRV - [2007/05/02 05:11:18 | 000,109,704 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ss_mdm.sys -- (ss_mdm) DRV - [2007/05/02 05:11:18 | 000,015,112 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ss_mdfl.sys -- (ss_mdfl) DRV - [2007/05/02 05:11:16 | 000,083,592 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ss_bus.sys -- (ss_bus) SAMSUNG Mobile USB Device 1.0 driver (WDM) DRV - [2007/01/26 15:09:40 | 000,068,954 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\jl2005c.sys -- (JL2005C) DRV - [2005/11/18 21:13:18 | 000,020,096 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\PCASp50.sys -- (PCASp50) DRV - [2005/08/24 09:55:48 | 000,066,560 | ---- | M] (Protection Technology) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\sfvfs02.sys -- (sfvfs02) StarForce Protection VFS Driver (version 2.x) DRV - [2005/08/10 10:06:28 | 000,019,968 | ---- | M] (Protection Technology) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\sfsync02.sys -- (sfsync02) StarForce Protection Synchronization Driver (version 2.x) DRV - [2005/08/10 08:44:04 | 000,050,688 | ---- | M] (Protection Technology) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\sfdrv01.sys -- (sfdrv01) StarForce Protection Environment Driver (version 1.x) DRV - [2005/05/16 09:20:39 | 000,006,656 | ---- | M] (Protection Technology) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\sfhlp02.sys -- (sfhlp02) StarForce Protection Helper Driver (version 2.x) DRV - [2005/04/20 14:00:56 | 002,317,696 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS -- (ALCXWDM) Service for Realtek AC97 Audio (WDM) DRV - [2005/04/06 00:58:48 | 001,035,776 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag) DRV - [2005/03/09 17:53:00 | 000,043,008 | ---- | M] (Advanced Micro Devices) [Kernel | System] -- C:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8) DRV - [2005/01/19 12:21:56 | 000,012,416 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\PcdrNdisuio.sys -- (PcdrNdisuio) DRV - [2004/08/05 14:00:00 | 000,012,672 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\usb8023.sys -- (usb_rndis) DRV - [2004/08/04 02:46:46 | 000,607,452 | ---- | M] (LT) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ltmdmnt.sys -- (ltmodem5) DRV - [2004/08/03 17:07:56 | 000,059,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\USBAUDIO.sys -- (usbaudio) Pilote USB audio (WDM) DRV - [2004/06/29 13:07:18 | 001,268,204 | ---- | M] (Agere Systems) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\AGRSM.sys -- (AgereSoftModem) DRV - [2003/12/17 03:50:00 | 000,070,801 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\LMouFlt2.Sys -- (LMouFlt2) DRV - [2003/12/17 03:50:00 | 000,051,729 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\L8042pr2.Sys -- (L8042pr2) DRV - [2003/01/10 10:13:04 | 000,033,588 | ---- | M] (America Online, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\wanatw4.sys -- (wanatw) WAN Miniport (ATW) DRV - [2002/10/04 13:04:10 | 000,046,976 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\R8139n51.sys -- (rtl8139) DRV - [2002/07/29 17:43:50 | 000,023,808 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\PS2.sys -- (Ps2) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie IE - HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=FR_FR&c=Q305&bd=presario&pf=desktop IE - HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=FR_FR&c=Q305&bd=presario&pf=desktop IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\Compaq_Propriétaire_ON_C\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=FR_FR&c=Q305&bd=presario&pf=desktop IE - HKU\Compaq_Propriétaire_ON_C\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google IE - HKU\Compaq_Propriétaire_ON_C\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8 IE - HKU\Compaq_Propriétaire_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ IE - HKU\Compaq_Propriétaire_ON_C\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie IE - HKU\Compaq_Propriétaire_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\Invité_ON_C\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=FR_FR&c=Q305&bd=presario&pf=desktop IE - HKU\Invité_ON_C\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=FR_FR&c=Q305&bd=presario&pf=desktop IE - HKU\Invité_ON_C\Software\Microsoft\Internet Explorer\Main,Search Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=FR_FR&c=Q305&bd=presario&pf=desktop IE - HKU\Invité_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=FR_FR&c=Q305&bd=presario&pf=desktop IE - HKU\Invité_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\MANON_ON_C\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=FR_FR&c=Q305&bd=presario&pf=desktop IE - HKU\MANON_ON_C\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=FR_FR&c=Q305&bd=presario&pf=desktop IE - HKU\MANON_ON_C\Software\Microsoft\Internet Explorer\Main,Search Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=FR_FR&c=Q305&bd=presario&pf=desktop IE - HKU\MANON_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = http://mystart.incredimail.com/ IE - HKU\MANON_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 O1 HOSTS File: ([2010/10/23 02:32:45 | 000,000,098 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\Hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O2 - BHO: (Objet d'aide à la navigation SFR) - {0F6E720A-1A6B-40E1-A294-1D4D19F156C8} - C:\Program Files\SFR\Kit\SFRNavErrorHelper.dll (SFR) O2 - BHO: (EWPBrowseObject Class) - {68F9551E-0411-48E4-9AAF-4BC42A6A46BE} - C:\Program Files\Canon\Easy-WebPrint\EWPBrowseLoader.dll () O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll (Google Inc.) O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O3 - HKLM\..\Toolbar: (Easy-WebPrint) - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll () O3 - HKU\Compaq_Propriétaire_ON_C\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O3 - HKU\MANON_ON_C\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) O4 - HKLM..\Run: [KernelFaultCheck] File not found O4 - HKLM..\Run: [Logitech Utility] C:\WINDOWS\LOGI_MWX.EXE (Logitech Inc.) O4 - HKLM..\Run: [LSBWatcher] C:\hp\drivers\hplsbwatcher\LSBurnWatcher.exe (Hewlett-Packard Company) O4 - HKLM..\Run: [MMTray] C:\Program Files\MusicMatch\MusicMatch Jukebox\mm_tray.exe (MusicMatch) O4 - HKLM..\Run: [OpwareSE4] C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe (ScanSoft, Inc.) O4 - HKLM..\Run: [PS2] C:\WINDOWS\system32\ps2.EXE (Hewlett-Packard Company) O4 - HKLM..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe (RealNetworks, Inc.) O4 - HKLM..\Run: [Recguard] C:\WINDOWS\SMINST\Recguard.exe () O4 - HKLM..\Run: [SSBkgdUpdate] C:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe (Scansoft, Inc.) O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe (Sun Microsystems, Inc.) O4 - HKU\Compaq_Propriétaire_ON_C..\Run: [Connexion SFR 9props.exe] C:\Program Files\SFR\Kit\9props.exe (SFR) O4 - HKU\Compaq_Propriétaire_ON_C..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe (IncrediMail, Ltd.) O4 - HKU\Compaq_Propriétaire_ON_C..\Run: [Magentic] C:\Program Files\Magentic\bin\Magentic.exe () O4 - HKU\Compaq_Propriétaire_ON_C..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.) O4 - HKU\MANON_ON_C..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe (IncrediMail, Ltd.) O4 - HKU\MANON_ON_C..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.) O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe (Adobe Systems Incorporated) O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\MioSync.lnk = C:\Program Files\Mio Technology\MioSync\mioSync.exe (Mio Technology) O4 - Startup: C:\Documents and Settings\Compaq_Propriétaire\Menu Démarrer\Programmes\Démarrage\widget_programmes.lnk = C:\Program Files\widget_programmes\widget_programmes.exe File not found O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKU\Compaq_Propriétaire_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKU\Compaq_Propriétaire_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKU\Compaq_Propriétaire_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O7 - HKU\Invité_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\LocalService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\MANON_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\NetworkService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O8 - Extra context menu item: &Add animation to IncrediMail Style Box - C:\Program Files\IncrediMail\bin\resources\WebMenuImg.htm () O8 - Extra context menu item: Add to AMV Converter... - C:\Program Files\MP3 Player Utilities 4.11\AMVConverter\grab.html () O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll (Google Inc.) O8 - Extra context menu item: MediaManager tool grab multimedia file - C:\Program Files\MP3 Player Utilities 4.11\MediaManager\grab.html () O9 - Extra Button: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm () O9 - Extra 'Tools' menuitem : Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm () O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation) O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1287917643109 (WUWebControl Class) O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1287917621765 (MUWebControl Class) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22) O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Fichiers communs\Microsoft Shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation) O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files\Fichiers communs\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.) O24 - Desktop Components:0 (Ma page d'accueil) - About:Home O24 - Desktop WallPaper: B:\Documents and Settings\Default User\Local Settings\Application Data\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: B:\Documents and Settings\Default User\Local Settings\Application Data\Microsoft\Wallpaper1.bmp O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2001/07/27 20:07:38 | 000,000,000 | -HS- | M] () - H:\AUTOEXEC.BAT -- [ FAT32 ] O32 - AutoRun File - [2006/03/24 07:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ] O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* NetSvcs: 6to4 - File not found NetSvcs: AppMgmt - C:\WINDOWS\System32\appmgmts.dll File not found NetSvcs: HidServ - C:\WINDOWS\System32\hidserv.dll File not found NetSvcs: Ias - File not found NetSvcs: Iprip - File not found NetSvcs: Irmon - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: WmdmPmSp - File not found MsConfig - State: "system.ini" - 0 MsConfig - State: "win.ini" - 0 MsConfig - State: "bootini" - 0 MsConfig - State: "services" - 0 MsConfig - State: "startup" - 2 SafeBootMin: AppMgmt - C:\WINDOWS\System32\appmgmts.dll File not found SafeBootMin: Base - Driver Group SafeBootMin: Boot Bus Extender - Driver Group SafeBootMin: Boot file system - Driver Group SafeBootMin: File system - Driver Group SafeBootMin: Filter - Driver Group SafeBootMin: PCI Configuration - Driver Group SafeBootMin: PEVSystemStart - Service SafeBootMin: PNP Filter - Driver Group SafeBootMin: Primary disk - Driver Group SafeBootMin: procexp90.Sys - Driver SafeBootMin: SCSI Class - Driver Group SafeBootMin: sermouse.sys - Driver SafeBootMin: System Bus Extender - Driver Group SafeBootMin: vga.sys - Driver SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet: AppMgmt - C:\WINDOWS\System32\appmgmts.dll File not found SafeBootNet: Base - Driver Group SafeBootNet: Boot Bus Extender - Driver Group SafeBootNet: Boot file system - Driver Group SafeBootNet: File system - Driver Group SafeBootNet: Filter - Driver Group SafeBootNet: NDIS Wrapper - Driver Group SafeBootNet: NetBIOSGroup - Driver Group SafeBootNet: NetDDEGroup - Driver Group SafeBootNet: Network - Driver Group SafeBootNet: NetworkProvider - Driver Group SafeBootNet: PCI Configuration - Driver Group SafeBootNet: PEVSystemStart - Service SafeBootNet: PNP Filter - Driver Group SafeBootNet: PNP_TDI - Driver Group SafeBootNet: Primary disk - Driver Group SafeBootNet: procexp90.Sys - Driver SafeBootNet: SCSI Class - Driver Group SafeBootNet: sermouse.sys - Driver SafeBootNet: Streams Drivers - Driver Group SafeBootNet: System Bus Extender - Driver Group SafeBootNet: TDI - Driver Group SafeBootNet: vga.sys - Driver SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun) ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Rendu VML (Vector Graphics Rendering) ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4 ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation ActiveX: {2A3320D6-C805-4280-B423-B665BDE33D8F} - Microsoft .NET Framework 1.1 Security Update (KB979906) ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Liaison de données Dynamic HTML pour Java ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe ActiveX: {411EDCF7-755D-414E-A74B-3DCD6583F589} - Microsoft .NET Framework 1.1 Service Pack 1 (KB867460) ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Création avancée ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - Classes Java DirectAnimation ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.7 ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access ActiveX: {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - Dossiers Web ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe -BaseSettings ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - c:\WINDOWS\system32\Rundll32.exe c:\WINDOWS\system32\mscories.dll,Install ActiveX: {8b15971b-5355-4c82-8c07-7e181ea07608} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\fxsocm.inf,Fax.UnInstall.PerUser ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding ActiveX: {94de52c8-2d59-4f1b-883e-79663d2d9a8c} - rundll32.exe C:\WINDOWS\system32\Setup\FxsOcm.dll,XP_UninstallProvider ActiveX: {9A394342-4A68-4EBA-85A6-55B559F4E700} - .NET Framework ActiveX: {ACC563BC-4266-43f0-B6ED-9D38C4202C7E} - ActiveX: {B508B3F1-A24A-32C0-B310-85786919EF28} - .NET Framework ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Planificateur de tâches ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1 ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Adobe Flash Player ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface ActiveX: <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exe ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\WINDOWS\system32\ie4uinit.exe -UserIconConfig ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation) Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS) Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.) Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.) Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation) Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.) Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll () Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll () Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation) Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation) Drivers32: VIDC.JDCT - C:\WINDOWS\System32\jl_jdct.drv (JEILIN Tech.) Drivers32: vidc.VP60 - C:\WINDOWS\system32\vp6vfw.dll (On2.com) Drivers32: vidc.VP61 - C:\WINDOWS\system32\vp6vfw.dll (On2.com) NetSvcs: 6to4 - File not found NetSvcs: AppMgmt - C:\WINDOWS\System32\appmgmts.dll File not found NetSvcs: HidServ - C:\WINDOWS\System32\hidserv.dll File not found NetSvcs: Ias - File not found NetSvcs: Iprip - File not found NetSvcs: Irmon - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: WmdmPmSp - File not found [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2010/10/26 12:56:40 | 127,353,979 | ---- | C] (Igor Pavlov) -- C:\Documents and Settings\Compaq_Propriétaire\Bureau\OTLPENet.exe [2010/10/25 13:34:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\Minidump [2010/10/25 12:27:29 | 000,000,000 | ---D | C] -- C:\tdsskiller [2010/10/25 10:51:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch [2010/10/25 10:42:05 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot_bak [2010/10/25 01:13:34 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\XPSViewer [2010/10/25 01:13:18 | 000,000,000 | ---D | C] -- C:\Program Files\MSBuild [2010/10/25 01:13:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\en-US [2010/10/25 01:12:56 | 000,000,000 | ---D | C] -- C:\Program Files\Reference Assemblies [2010/10/25 01:04:53 | 000,000,000 | -HSD | C] -- C:\Config.Msi [2010/10/25 01:02:42 | 000,000,000 | ---D | C] -- C:\Program Files\MSXML 6.0 [2010/10/24 16:15:27 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\NetworkService\Cookies [2010/10/24 16:14:16 | 000,018,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mucltui.dll.mui [2010/10/24 16:14:12 | 000,274,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mucltui.dll [2010/10/24 15:43:44 | 000,073,728 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl [2010/10/24 15:43:43 | 000,472,808 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deployJava1.dll [2010/10/24 15:43:43 | 000,153,376 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe [2010/10/24 15:43:43 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe [2010/10/24 15:43:42 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe [2010/10/24 15:31:32 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Compaq_Propriétaire\PrivacIE [2010/10/24 15:27:13 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Compaq_Propriétaire\IETldCache [2010/10/24 13:02:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\ie8updates [2010/10/24 13:00:38 | 000,743,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iedvtool.dll [2010/10/24 12:56:10 | 000,000,000 | -H-D | C] -- C:\WINDOWS\ie8 [2010/10/24 12:25:04 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft CAPICOM 2.1.0.2 [2010/10/24 11:58:04 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\browserchoice.exe [2010/10/24 06:55:06 | 000,016,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuapi.dll.mui [2010/10/24 06:49:48 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Compaq_Propriétaire\Recent [2010/10/24 06:24:56 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner [2010/10/24 06:24:10 | 001,187,896 | ---- | C] (Piriform Ltd) -- C:\Documents and Settings\Compaq_Propriétaire\Bureau\ccsetup236.exe [2010/10/24 03:56:05 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\NtmsData [2010/10/24 03:37:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Propriétaire\Application Data\Avira [2010/10/24 03:33:15 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\ssmdrv.sys [2010/10/24 03:33:11 | 000,126,856 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avipbb.sys [2010/10/24 03:33:11 | 000,060,936 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntflt.sys [2010/10/24 03:33:11 | 000,022,360 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntmgr.sys [2010/10/24 03:33:10 | 000,045,416 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntdd.sys [2010/10/23 04:44:52 | 000,000,000 | ---D | C] -- C:\Program Files\Avira [2010/10/23 02:14:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Temp [2010/10/22 16:28:28 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Compaq_Propriétaire\Bureau\OTL.exe [2010/10/21 14:54:13 | 000,000,000 | -HSD | C] -- C:\RECYCLER [2010/10/21 14:24:07 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\LocalService\Cookies [2010/10/21 14:18:53 | 000,000,000 | ---D | C] -- C:\WINDOWS\temp [2010/10/21 14:00:35 | 000,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe [2010/10/21 14:00:35 | 000,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe [2010/10/21 14:00:35 | 000,031,232 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe [2010/10/21 14:00:34 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe [2010/10/21 13:52:32 | 001,445,888 | ---- | C] (Option^Explicit Software Solutions) -- C:\Documents and Settings\Compaq_Propriétaire\Bureau\WinsockxpFix.exe [2010/10/20 13:50:10 | 000,000,000 | ---D | C] -- C:\_OTL [2010/10/20 04:48:53 | 006,153,384 | ---- | C] (Malwarebytes Corporation ) -- C:\Documents and Settings\Compaq_Propriétaire\Bureau\mbam-setup.exe [2010/10/20 04:40:58 | 000,401,720 | ---- | C] (Trend Micro Inc.) -- C:\Documents and Settings\Compaq_Propriétaire\Bureau\sniffle.exe [2010/10/06 04:34:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Propriétaire\Bureau\Dual Mode Camera [2010/10/06 04:34:01 | 000,000,000 | ---D | C] -- C:\Program Files\JL2005C [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2010/10/26 14:54:07 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2010/10/26 14:53:47 | 000,513,048 | ---- | M] () -- C:\WINDOWS\System32\perfh00C.dat [2010/10/26 14:53:47 | 000,443,218 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2010/10/26 14:53:47 | 000,085,932 | ---- | M] () -- C:\WINDOWS\System32\perfc00C.dat [2010/10/26 14:53:47 | 000,072,100 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2010/10/26 14:53:22 | 000,000,188 | ---- | M] () -- C:\WINDOWS\System\hpsysdrv.DAT [2010/10/26 14:49:05 | 000,001,050 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job [2010/10/26 14:48:57 | 401,133,568 | -HS- | M] () -- C:\hiberfil.sys [2010/10/26 13:20:00 | 000,001,054 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job [2010/10/26 12:56:39 | 127,353,979 | ---- | M] (Igor Pavlov) -- C:\Documents and Settings\Compaq_Propriétaire\Bureau\OTLPENet.exe [2010/10/26 00:59:15 | 000,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK [2010/10/25 13:30:54 | 000,286,404 | ---- | M] () -- C:\Documents and Settings\Compaq_Propriétaire\Bureau\gmer.zip [2010/10/25 12:27:06 | 000,845,916 | ---- | M] () -- C:\Documents and Settings\Compaq_Propriétaire\Bureau\Load_tdsskiller.exe [2010/10/25 10:56:29 | 000,076,288 | ---- | M] () -- C:\Documents and Settings\Compaq_Propriétaire\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010/10/25 10:50:40 | 000,153,976 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2010/10/25 04:57:33 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2010/10/24 21:04:57 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\ATHPRXY(2).DLL [2010/10/24 15:27:33 | 000,000,823 | ---- | M] () -- C:\Documents and Settings\Compaq_Propriétaire\Application Data\Microsoft\Internet Explorer\Quick Launch\Démarrer Internet Explorer.lnk [2010/10/24 15:13:10 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\Compaq_Propriétaire\Bureau\.htm [2010/10/24 12:18:45 | 000,000,045 | ---- | M] () -- C:\WINDOWS\System32\mapisvc.inf [2010/10/24 06:52:31 | 000,178,974 | ---- | M] () -- C:\Documents and Settings\Compaq_Propriétaire\Mes documents\cc_20101024_125152.reg [2010/10/24 06:25:06 | 000,000,690 | ---- | M] () -- C:\Documents and Settings\Compaq_Propriétaire\Bureau\CCleaner.lnk [2010/10/24 06:24:18 | 001,187,896 | ---- | M] (Piriform Ltd) -- C:\Documents and Settings\Compaq_Propriétaire\Bureau\ccsetup236.exe [2010/10/24 04:43:22 | 000,000,038 | ---- | M] () -- C:\WINDOWS\AviSplitter.INI [2010/10/24 03:16:25 | 054,115,280 | ---- | M] () -- C:\Documents and Settings\Compaq_Propriétaire\Bureau\avira_antivir_personal_free.exe [2010/10/23 06:26:11 | 000,003,072 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT [2010/10/23 04:40:31 | 022,148,280 | ---- | M] () -- C:\Documents and Settings\Compaq_Propriétaire\Bureau\antivir_workstation_winu_fr_h.exe [2010/10/23 02:32:45 | 000,000,098 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\Hosts [2010/10/22 16:28:37 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Compaq_Propriétaire\Bureau\OTL.exe [2010/10/21 13:53:45 | 003,882,134 | R--- | M] () -- C:\Documents and Settings\Compaq_Propriétaire\Bureau\ComboFix.exe [2010/10/21 13:52:32 | 001,445,888 | ---- | M] (Option^Explicit Software Solutions) -- C:\Documents and Settings\Compaq_Propriétaire\Bureau\WinsockxpFix.exe [2010/10/21 12:31:06 | 006,153,384 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\Compaq_Propriétaire\Bureau\mbam-setup.exe [2010/10/20 04:40:59 | 000,401,720 | ---- | M] (Trend Micro Inc.) -- C:\Documents and Settings\Compaq_Propriétaire\Bureau\sniffle.exe [2010/10/19 10:00:08 | 000,294,912 | ---- | M] () -- C:\Documents and Settings\Compaq_Propriétaire\Bureau\gmer.exe [2010/10/17 03:20:32 | 000,026,756 | -H-- | M] () -- C:\WINDOWS\System32\mlfcache.dat [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2010/10/25 13:30:50 | 000,286,404 | ---- | C] () -- C:\Documents and Settings\Compaq_Propriétaire\Bureau\gmer.zip [2010/10/25 12:27:06 | 000,845,916 | ---- | C] () -- C:\Documents and Settings\Compaq_Propriétaire\Bureau\Load_tdsskiller.exe [2010/10/25 10:50:39 | 401,133,568 | -HS- | C] () -- C:\hiberfil.sys [2010/10/24 15:27:33 | 000,000,823 | ---- | C] () -- C:\Documents and Settings\Compaq_Propriétaire\Application Data\Microsoft\Internet Explorer\Quick Launch\Démarrer Internet Explorer.lnk [2010/10/24 15:13:10 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Compaq_Propriétaire\Bureau\.htm [2010/10/24 12:28:28 | 000,001,393 | ---- | C] () -- C:\WINDOWS\imsins.BAK [2010/10/24 06:51:58 | 000,178,974 | ---- | C] () -- C:\Documents and Settings\Compaq_Propriétaire\Mes documents\cc_20101024_125152.reg [2010/10/24 06:25:06 | 000,000,690 | ---- | C] () -- C:\Documents and Settings\Compaq_Propriétaire\Bureau\CCleaner.lnk [2010/10/24 04:41:15 | 000,000,038 | ---- | C] () -- C:\WINDOWS\AviSplitter.INI [2010/10/24 03:16:26 | 054,115,280 | ---- | C] () -- C:\Documents and Settings\Compaq_Propriétaire\Bureau\avira_antivir_personal_free.exe [2010/10/23 04:40:31 | 022,148,280 | ---- | C] () -- C:\Documents and Settings\Compaq_Propriétaire\Bureau\antivir_workstation_winu_fr_h.exe [2010/10/21 14:00:35 | 000,256,512 | ---- | C] () -- C:\WINDOWS\PEV.exe [2010/10/21 14:00:35 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe [2010/10/21 14:00:35 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe [2010/10/21 14:00:35 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe [2010/10/21 13:53:45 | 003,882,134 | R--- | C] () -- C:\Documents and Settings\Compaq_Propriétaire\Bureau\ComboFix.exe [2010/10/19 10:00:08 | 000,294,912 | ---- | C] () -- C:\Documents and Settings\Compaq_Propriétaire\Bureau\gmer.exe [2009/08/03 06:47:47 | 000,000,000 | ---- | C] () -- C:\WINDOWS\SETUP32.INI [2009/05/05 05:11:44 | 000,005,632 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys [2008/12/17 14:47:01 | 000,000,112 | ---- | C] () -- C:\WINDOWS\ActiveSkin.INI [2008/07/13 02:59:20 | 000,000,000 | ---- | C] () -- C:\WINDOWS\PTWebCam.INI [2008/06/14 10:48:37 | 000,000,035 | ---- | C] () -- C:\WINDOWS\iltwain.ini [2008/04/30 03:53:52 | 000,000,212 | ---- | C] () -- C:\WINDOWS\disneysy.ini [2008/01/18 15:17:21 | 000,002,508 | ---- | C] () -- C:\Documents and Settings\Compaq_Propriétaire\Application Data\$_hpcst$.hpc [2007/12/28 15:28:17 | 000,000,135 | ---- | C] () -- C:\Documents and Settings\Invité\Local Settings\Application Data\fusioncache.dat [2007/12/28 15:23:17 | 000,003,584 | ---- | C] () -- C:\Documents and Settings\MANON\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2007/12/28 15:14:56 | 000,000,135 | ---- | C] () -- C:\Documents and Settings\MANON\Local Settings\Application Data\fusioncache.dat [2007/12/23 04:31:23 | 000,000,072 | ---- | C] () -- C:\WINDOWS\MediaManager.INI [2007/12/20 06:56:15 | 000,000,002 | ---- | C] () -- C:\WINDOWS\msoffice.ini [2007/12/04 15:26:11 | 000,000,285 | ---- | C] () -- C:\WINDOWS\cdPlayer.ini [2007/11/17 07:58:30 | 000,000,788 | ---- | C] () -- C:\WINDOWS\disney.ini [2007/09/22 07:13:57 | 000,000,035 | ---- | C] () -- C:\WINDOWS\A6W.INI [2007/09/15 13:22:10 | 000,021,840 | ---- | C] () -- C:\WINDOWS\System32\SIntfNT.dll [2007/09/15 13:22:10 | 000,017,212 | ---- | C] () -- C:\WINDOWS\System32\SIntf32.dll [2007/08/14 12:37:31 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\xmltok.dll [2007/08/14 12:37:31 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\xmlparse.dll [2007/07/31 05:34:58 | 000,000,000 | ---- | C] () -- C:\WINDOWS\bbcauto.INI [2007/07/15 06:25:04 | 000,000,308 | ---- | C] () -- C:\WINDOWS\ka.ini [2007/07/02 03:39:02 | 000,015,428 | ---- | C] () -- C:\Documents and Settings\Compaq_Propriétaire\RefEdit.exd [2007/06/29 03:29:23 | 000,076,288 | ---- | C] () -- C:\Documents and Settings\Compaq_Propriétaire\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2007/06/26 12:53:03 | 000,000,049 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini [2007/06/25 04:28:03 | 000,000,085 | ---- | C] () -- C:\Documents and Settings\Compaq_Propriétaire\LuResult.txt [2007/06/24 12:49:35 | 000,000,385 | ---- | C] () -- C:\WINDOWS\ODBC.INI [2007/06/24 12:32:49 | 000,000,419 | ---- | C] () -- C:\WINDOWS\MAXLINK.INI [2007/06/24 08:15:10 | 000,000,135 | ---- | C] () -- C:\Documents and Settings\Compaq_Propriétaire\Local Settings\Application Data\fusioncache.dat [2007/03/30 07:31:20 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\dec_jl6.dll [2006/03/06 05:41:02 | 000,073,728 | ---- | C] () -- C:\WINDOWS\System32\AMV_DecDLL.dll [2005/04/29 22:29:26 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini [2005/01/19 17:45:40 | 000,090,112 | ---- | C] () -- C:\WINDOWS\System32\PcdrKernelModeServices.dll [2005/01/19 17:45:40 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\ProgressTrace.dll [2005/01/01 15:36:52 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini [2005/01/01 15:34:12 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeW7.dll [2005/01/01 15:34:12 | 000,200,704 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeA6.dll [2005/01/01 15:34:12 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeP6.dll [2005/01/01 15:34:12 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeM6.dll [2005/01/01 15:34:12 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\IVIresizePX.dll [2005/01/01 15:34:12 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\IVIresize.dll [2005/01/01 15:07:36 | 000,013,281 | ---- | C] () -- C:\WINDOWS\System32\CHODDI.SYS [2005/01/01 15:07:31 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\hpreg.dll [2005/01/01 14:40:01 | 000,000,829 | ---- | C] () -- C:\WINDOWS\orun32.ini [2005/01/01 14:38:03 | 000,323,584 | ---- | C] () -- C:\WINDOWS\System32\pythoncom22.dll [2005/01/01 14:38:03 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\pywintypes22.dll [2005/01/01 14:37:38 | 000,016,896 | ---- | C] () -- C:\WINDOWS\System32\bcbmm.dll [2004/11/23 17:21:24 | 000,004,205 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI [2004/09/16 08:26:40 | 000,012,634 | ---- | C] () -- C:\WINDOWS\System32\drivers\ADFUUD.SYS [2004/09/16 08:26:40 | 000,012,634 | ---- | C] () -- C:\WINDOWS\ADFUUD.SYS [2004/07/27 00:17:16 | 000,000,659 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini [2003/04/10 17:04:00 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\JAWTAccessBridge.dll [2001/06/02 08:00:00 | 000,207,360 | ---- | C] () -- C:\WINDOWS\System32\LAME_ENC.DLL [2001/01/21 21:25:24 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\ATHPRXY(2).DLL [1997/11/17 11:13:16 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\vidx16.dll [color=#E56717]========== LOP Check ==========[/color] [2005/01/01 15:17:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Default User\Application Data\SampleView [2010/06/06 14:33:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Propriétaire\Application Data\AdSigner [2007/08/23 12:22:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Propriétaire\Application Data\Canon [2008/09/06 11:04:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Propriétaire\Application Data\com.adobe.example.widget-programmes.40247E01796E652D304FB5752B197AB47987A585.1 [2009/08/12 12:30:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Propriétaire\Application Data\com.adobe.example.widget.33A7EEEDEE7A114BE5163F740489DD413641A8EC.1 [2010/03/17 07:50:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Propriétaire\Application Data\com.smashingideas.ICanBeGrandPrize.955FB31728C43225F1147BC469B6F02AA2FCF43E.1 [2008/04/02 12:56:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Propriétaire\Application Data\DeepBurner [2007/06/26 12:12:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Propriétaire\Application Data\InterVideo [2007/08/06 12:55:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Propriétaire\Application Data\Leadertech [2009/03/17 14:52:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Propriétaire\Application Data\LimeWire [2009/11/30 12:05:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Propriétaire\Application Data\Mindscape [2007/06/24 13:19:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Propriétaire\Application Data\MSNInstaller [2010/04/14 12:50:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Propriétaire\Application Data\My Stitch [2009/08/21 07:11:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Propriétaire\Application Data\Playrix Entertainment [2005/01/01 15:17:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Propriétaire\Application Data\SampleView [2009/05/05 05:49:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Propriétaire\Application Data\Samsung [2007/06/24 12:32:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Propriétaire\Application Data\ScanSoft [2008/05/12 03:31:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Propriétaire\Application Data\TaoUSign [2005/01/01 15:17:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Invité\Application Data\SampleView [2005/01/01 15:17:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MANON\Application Data\SampleView [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Custom Scans ==========[/color] [color=#A23BEC]< %systemroot%\system32\drivers\*.sys /lockedfiles >[/color] Invalid Environment Variable: %ALLUSERSPROFILE%\Application Data\*. Invalid Environment Variable: %ALLUSERSPROFILE%\Application Data\*.exe Invalid Environment Variable: %APPDATA%\*. Invalid Environment Variable: %APPDATA%\*.exe [color=#A23BEC]< %SYSTEMDRIVE%\*.exe >[/color] [2001/05/24 07:59:30 | 000,162,304 | ---- | M] () -- C:\UNWISE.EXE [color=#A23BEC]< %SYSTEMDRIVE%\*.exe >[/color] [2001/05/24 07:59:30 | 000,162,304 | ---- | M] () -- C:\UNWISE.EXE [color=#A23BEC]< MD5 for: ATAPI.SYS >[/color] [2008/10/25 02:59:23 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\$NtServicePackUninstall$\sp3.cab:atapi.sys [2004/08/05 14:00:00 | 018,779,217 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys [2010/10/25 03:47:45 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys [2004/08/05 00:00:00 | 018,779,217 | ---- | M] () .cab file -- C:\WINDOWS\I386\sp2.cab:atapi.sys [2010/10/25 03:47:45 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys [2010/10/25 03:47:45 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\SoftwareDistribution\Download\327771f7f3830b5acec68906a2aac4ab\sp3.cab:atapi.sys [2008/04/13 14:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\SoftwareDistribution\Download\327771f7f3830b5acec68906a2aac4ab\atapi.sys [2004/08/04 00:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys [2004/08/04 00:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\ERDNT\cache\atapi.sys [2004/08/04 00:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\dllcache\atapi.sys [2004/08/04 00:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\drivers\atapi.sys [2004/08/05 14:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0000\DriverFiles\i386\atapi.sys [color=#A23BEC]< MD5 for: CDROM.SYS >[/color] [2008/10/25 02:59:23 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\$NtServicePackUninstall$\sp3.cab:cdrom.sys [2004/08/05 14:00:00 | 018,779,217 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys [2010/10/25 03:47:45 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys [2004/08/05 00:00:00 | 018,779,217 | ---- | M] () .cab file -- C:\WINDOWS\I386\sp2.cab:cdrom.sys [2010/10/25 03:47:45 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:cdrom.sys [2010/10/25 03:47:45 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\SoftwareDistribution\Download\327771f7f3830b5acec68906a2aac4ab\sp3.cab:cdrom.sys [2008/04/13 14:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\SoftwareDistribution\Download\327771f7f3830b5acec68906a2aac4ab\cdrom.sys [2004/08/05 14:00:00 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\$NtServicePackUninstall$\cdrom.sys [2004/08/05 14:00:00 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\system32\drivers\cdrom.sys [color=#A23BEC]< MD5 for: CHANGER.SYS >[/color] [2008/10/25 02:59:23 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\$NtServicePackUninstall$\sp3.cab:Changer.sys [2004/08/05 14:00:00 | 018,779,217 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:Changer.sys [2010/10/25 03:47:45 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:Changer.sys [2004/08/05 00:00:00 | 018,779,217 | ---- | M] () .cab file -- C:\WINDOWS\I386\sp2.cab:Changer.sys [2010/10/25 03:47:45 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:Changer.sys [2010/10/25 03:47:45 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\SoftwareDistribution\Download\327771f7f3830b5acec68906a2aac4ab\sp3.cab:Changer.sys [2008/04/13 14:40:58 | 000,008,192 | ---- | M] (Microsoft Corporation) MD5=2A5815CA6FFF24B688C01F828B96819C -- C:\WINDOWS\SoftwareDistribution\Download\327771f7f3830b5acec68906a2aac4ab\changer.sys [color=#A23BEC]< MD5 for: DISK.SYS >[/color] [2008/10/25 02:59:23 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\$NtServicePackUninstall$\sp3.cab:disk.sys [2004/08/05 14:00:00 | 018,779,217 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:disk.sys [2010/10/25 03:47:45 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:disk.sys [2004/08/05 00:00:00 | 018,779,217 | ---- | M] () .cab file -- C:\WINDOWS\I386\sp2.cab:disk.sys [2010/10/25 03:47:45 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:disk.sys [2010/10/25 03:47:45 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\SoftwareDistribution\Download\327771f7f3830b5acec68906a2aac4ab\sp3.cab:disk.sys [2004/08/05 14:00:00 | 000,036,352 | ---- | M] (Microsoft Corporation) MD5=00CA44E4534865F8A3B64F7C0984BFF0 -- C:\WINDOWS\$NtServicePackUninstall$\disk.sys [2004/08/05 14:00:00 | 000,036,352 | ---- | M] (Microsoft Corporation) MD5=00CA44E4534865F8A3B64F7C0984BFF0 -- C:\WINDOWS\system32\dllcache\disk.sys [2004/08/05 14:00:00 | 000,036,352 | ---- | M] (Microsoft Corporation) MD5=00CA44E4534865F8A3B64F7C0984BFF0 -- C:\WINDOWS\system32\drivers\disk.sys [2008/04/13 14:40:48 | 000,036,352 | ---- | M] (Microsoft Corporation) MD5=044452051F3E02E7963599FC8F4F3E25 -- C:\WINDOWS\SoftwareDistribution\Download\327771f7f3830b5acec68906a2aac4ab\disk.sys [color=#A23BEC]< MD5 for: EXPLORER.EXE >[/color] [2004/08/05 14:00:00 | 001,036,288 | ---- | M] (Microsoft Corporation) MD5=4C33E5B9A6197B6ED215F6CFBA0A2DAA -- C:\WINDOWS\$NtUninstallKB938828$\explorer.exe [2007/06/13 09:10:53 | 001,037,312 | ---- | M] (Microsoft Corporation) MD5=B795475444D6D57A572C14B9E1A29839 -- C:\WINDOWS\$hf_mig$\KB938828\SP2QFE\explorer.exe [2007/06/13 09:22:28 | 001,037,312 | ---- | M] (Microsoft Corporation) MD5=D0288319660EDCFED07C7E74C4EA38A5 -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe [2007/06/13 09:22:28 | 001,037,312 | ---- | M] (Microsoft Corporation) MD5=D0288319660EDCFED07C7E74C4EA38A5 -- C:\WINDOWS\ERDNT\cache\explorer.exe [2007/06/13 09:22:28 | 001,037,312 | ---- | M] (Microsoft Corporation) MD5=D0288319660EDCFED07C7E74C4EA38A5 -- C:\WINDOWS\explorer.exe [2007/06/13 09:22:28 | 001,037,312 | ---- | M] (Microsoft Corporation) MD5=D0288319660EDCFED07C7E74C4EA38A5 -- C:\WINDOWS\system32\dllcache\explorer.exe [2008/04/13 22:34:03 | 001,037,824 | ---- | M] (Microsoft Corporation) MD5=F2317622D29F9FF0F88AEECD5F60F0DD -- C:\WINDOWS\SoftwareDistribution\Download\327771f7f3830b5acec68906a2aac4ab\explorer.exe [color=#A23BEC]< MD5 for: NDIS.SYS >[/color] [2008/04/13 15:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\SoftwareDistribution\Download\327771f7f3830b5acec68906a2aac4ab\ndis.sys [2004/08/05 14:00:00 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\$NtServicePackUninstall$\ndis.sys [2004/08/05 14:00:00 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\ERDNT\cache\ndis.sys [2004/08/05 14:00:00 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\system32\dllcache\ndis.sys [2004/08/05 14:00:00 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\system32\drivers\ndis.sys [color=#A23BEC]< MD5 for: NETLOGON.DLL >[/color] [2008/04/13 22:33:34 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=04821179C3171554C1BD1F9888A113E2 -- C:\WINDOWS\SoftwareDistribution\Download\327771f7f3830b5acec68906a2aac4ab\netlogon.dll [2009/02/06 14:46:49 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=ECD7791E0E9246CA5F218A19F3911EB9 -- C:\WINDOWS\$hf_mig$\KB968389\SP2QFE\netlogon.dll [2009/02/06 14:46:49 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=ECD7791E0E9246CA5F218A19F3911EB9 -- C:\WINDOWS\$hf_mig$\KB975467\SP2QFE\netlogon.dll [2009/02/06 14:46:49 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=ECD7791E0E9246CA5F218A19F3911EB9 -- C:\WINDOWS\SoftwareDistribution\Download\e5d538fd9a974271877bfc69f00e1e0a\sp2qfe\netlogon.dll [2009/02/06 14:46:49 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=ECD7791E0E9246CA5F218A19F3911EB9 -- C:\WINDOWS\SoftwareDistribution\Download\fd39c169e8cb784cefd1d3b2f372297e\sp2qfe\netlogon.dll [2004/08/05 14:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=FAF07FDCDE76000621A28D19F8E2E8EB -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll [2004/08/05 14:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=FAF07FDCDE76000621A28D19F8E2E8EB -- C:\WINDOWS\ERDNT\cache\netlogon.dll [2004/08/05 14:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=FAF07FDCDE76000621A28D19F8E2E8EB -- C:\WINDOWS\system32\dllcache\netlogon.dll [2004/08/05 14:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=FAF07FDCDE76000621A28D19F8E2E8EB -- C:\WINDOWS\system32\netlogon.dll [color=#A23BEC]< MD5 for: RASACD.SYS >[/color] [2004/08/05 00:00:00 | 000,008,832 | ---- | M] (Microsoft Corporation) MD5=FE0D99D6F31E4FAD8159F690D68DED9C -- C:\WINDOWS\system32\dllcache\rasacd.sys [2004/08/05 00:00:00 | 000,008,832 | ---- | M] (Microsoft Corporation) MD5=FE0D99D6F31E4FAD8159F690D68DED9C -- C:\WINDOWS\system32\drivers\rasacd.sys [color=#A23BEC]< MD5 for: SFLOPPY.SYS >[/color] [2008/10/25 02:59:23 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\$NtServicePackUninstall$\sp3.cab:Sfloppy.sys [2004/08/05 14:00:00 | 018,779,217 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:Sfloppy.sys [2010/10/25 03:47:45 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:Sfloppy.sys [2004/08/05 00:00:00 | 018,779,217 | ---- | M] () .cab file -- C:\WINDOWS\I386\sp2.cab:Sfloppy.sys [2010/10/25 03:47:45 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:Sfloppy.sys [2010/10/25 03:47:45 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\SoftwareDistribution\Download\327771f7f3830b5acec68906a2aac4ab\sp3.cab:Sfloppy.sys [2004/08/05 14:00:00 | 000,011,392 | ---- | M] (Microsoft Corporation) MD5=0D13B6DF6E9E101013A7AFB0CE629FE0 -- C:\WINDOWS\$NtServicePackUninstall$\sfloppy.sys [2004/08/05 14:00:00 | 000,011,392 | ---- | M] (Microsoft Corporation) MD5=0D13B6DF6E9E101013A7AFB0CE629FE0 -- C:\WINDOWS\system32\dllcache\sfloppy.sys [2004/08/05 14:00:00 | 000,011,392 | ---- | M] (Microsoft Corporation) MD5=0D13B6DF6E9E101013A7AFB0CE629FE0 -- C:\WINDOWS\system32\drivers\sfloppy.sys [2008/04/13 14:40:48 | 000,011,392 | ---- | M] (Microsoft Corporation) MD5=8E6B8C671615D126FDC553D1E2DE5562 -- C:\WINDOWS\SoftwareDistribution\Download\327771f7f3830b5acec68906a2aac4ab\sfloppy.sys [color=#A23BEC]< MD5 for: TCPIP.SYS >[/color] [2006/04/20 07:51:50 | 000,359,808 | ---- | M] (Microsoft Corporation) MD5=1DBF125862891817F374F407626967F4 -- C:\WINDOWS\$NtUninstallKB941644$\tcpip.sys [2008/06/20 06:45:13 | 000,360,320 | ---- | M] (Microsoft Corporation) MD5=2A5554FC5B1E04E131230E3CE035C3F9 -- C:\WINDOWS\$NtServicePackUninstall$\tcpip.sys [2008/06/20 06:45:13 | 000,360,320 | ---- | M] (Microsoft Corporation) MD5=2A5554FC5B1E04E131230E3CE035C3F9 -- C:\WINDOWS\ERDNT\cache\tcpip.sys [2008/06/20 06:45:13 | 000,360,320 | ---- | M] (Microsoft Corporation) MD5=2A5554FC5B1E04E131230E3CE035C3F9 -- C:\WINDOWS\system32\dllcache\tcpip.sys [2008/06/20 06:45:13 | 000,360,320 | ---- | M] (Microsoft Corporation) MD5=2A5554FC5B1E04E131230E3CE035C3F9 -- C:\WINDOWS\system32\drivers\tcpip.sys [2007/10/30 12:53:32 | 000,360,832 | ---- | M] (Microsoft Corporation) MD5=64798ECFA43D78C7178375FCDD16D8C8 -- C:\WINDOWS\$hf_mig$\KB941644\SP2QFE\tcpip.sys [2008/06/20 06:44:42 | 000,360,960 | ---- | M] (Microsoft Corporation) MD5=744E57C99232201AE98C49168B918F48 -- C:\WINDOWS\$hf_mig$\KB951748\SP2QFE\tcpip.sys [2007/10/30 13:20:55 | 000,360,064 | ---- | M] (Microsoft Corporation) MD5=90CAFF4B094573449A0872A0F919B178 -- C:\WINDOWS\$NtUninstallKB951748$\tcpip.sys [2008/04/13 15:20:16 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\SoftwareDistribution\Download\327771f7f3830b5acec68906a2aac4ab\tcpip.sys [2008/06/20 07:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\$hf_mig$\KB951748\SP3GDR\tcpip.sys [2004/08/05 14:00:00 | 000,359,040 | ---- | M] (Microsoft Corporation) MD5=9F4B36614A0FC234525BA224957DE55C -- C:\WINDOWS\$NtUninstallKB917953$\tcpip.sys [2008/06/20 07:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip.sys [2006/04/20 08:18:35 | 000,360,576 | ---- | M] (Microsoft Corporation) MD5=B2220C618B42A2212A59D91EBD6FC4B4 -- C:\WINDOWS\$hf_mig$\KB917953\SP2QFE\tcpip.sys [color=#A23BEC]< MD5 for: TDPIPE.SYS >[/color] [2004/08/05 14:00:00 | 000,012,040 | ---- | M] (Microsoft Corporation) MD5=38D437CF2D98965F239B0ABCD66DCB0F -- C:\WINDOWS\$NtServicePackUninstall$\tdpipe.sys [2004/08/05 14:00:00 | 000,012,040 | ---- | M] (Microsoft Corporation) MD5=38D437CF2D98965F239B0ABCD66DCB0F -- C:\WINDOWS\system32\dllcache\tdpipe.sys [2004/08/05 14:00:00 | 000,012,040 | ---- | M] (Microsoft Corporation) MD5=38D437CF2D98965F239B0ABCD66DCB0F -- C:\WINDOWS\system32\drivers\tdpipe.sys [2008/04/13 22:34:52 | 000,012,040 | ---- | M] (Microsoft Corporation) MD5=6471A66807F5E104E4885F5B67349397 -- C:\WINDOWS\SoftwareDistribution\Download\327771f7f3830b5acec68906a2aac4ab\tdpipe.sys [color=#A23BEC]< MD5 for: TDTCP.SYS >[/color] [2008/04/13 22:34:53 | 000,021,896 | ---- | M] (Microsoft Corporation) MD5=C56B6D0402371CF3700EB322EF3AAF61 -- C:\WINDOWS\SoftwareDistribution\Download\327771f7f3830b5acec68906a2aac4ab\tdtcp.sys [2004/08/05 14:00:00 | 000,021,896 | ---- | M] (Microsoft Corporation) MD5=ED0580AF02502D00AD8C4C066B156BE9 -- C:\WINDOWS\$NtServicePackUninstall$\tdtcp.sys [2004/08/05 14:00:00 | 000,021,896 | ---- | M] (Microsoft Corporation) MD5=ED0580AF02502D00AD8C4C066B156BE9 -- C:\WINDOWS\system32\dllcache\tdtcp.sys [2004/08/05 14:00:00 | 000,021,896 | ---- | M] (Microsoft Corporation) MD5=ED0580AF02502D00AD8C4C066B156BE9 -- C:\WINDOWS\system32\drivers\tdtcp.sys [color=#A23BEC]< MD5 for: USBPRINT.SYS >[/color] [2008/10/25 02:59:23 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\$NtServicePackUninstall$\sp3.cab:usbprint.sys [2004/08/05 14:00:00 | 018,779,217 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:usbprint.sys [2010/10/25 03:47:45 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:usbprint.sys [2004/08/05 00:00:00 | 018,779,217 | ---- | M] () .cab file -- C:\WINDOWS\I386\sp2.cab:usbprint.sys [2010/10/25 03:47:45 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:usbprint.sys [2010/10/25 03:47:45 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\SoftwareDistribution\Download\327771f7f3830b5acec68906a2aac4ab\sp3.cab:usbprint.sys [2004/08/03 17:01:26 | 000,025,856 | ---- | M] (Microsoft Corporation) MD5=A42369B7CD8886CD7C70F33DA6FCBCF5 -- C:\WINDOWS\$NtServicePackUninstall$\usbprint.sys [2004/08/03 17:01:26 | 000,025,856 | ---- | M] (Microsoft Corporation) MD5=A42369B7CD8886CD7C70F33DA6FCBCF5 -- C:\WINDOWS\system32\dllcache\usbprint.sys [2004/08/03 17:01:26 | 000,025,856 | ---- | M] (Microsoft Corporation) MD5=A42369B7CD8886CD7C70F33DA6FCBCF5 -- C:\WINDOWS\system32\drivers\usbprint.sys [2008/04/13 14:47:38 | 000,025,856 | ---- | M] (Microsoft Corporation) MD5=A717C8721046828520C9EDF31288FC00 -- C:\WINDOWS\SoftwareDistribution\Download\327771f7f3830b5acec68906a2aac4ab\usbprint.sys [color=#A23BEC]< MD5 for: USBSCAN.SYS >[/color] [2008/10/25 02:59:23 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\$NtServicePackUninstall$\sp3.cab:usbscan.sys [2004/08/05 14:00:00 | 018,779,217 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:usbscan.sys [2010/10/25 03:47:45 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:usbscan.sys [2004/08/05 00:00:00 | 018,779,217 | ---- | M] () .cab file -- C:\WINDOWS\I386\sp2.cab:usbscan.sys [2010/10/25 03:47:45 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:usbscan.sys [2010/10/25 03:47:45 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\SoftwareDistribution\Download\327771f7f3830b5acec68906a2aac4ab\sp3.cab:usbscan.sys [2008/04/13 14:45:34 | 000,015,104 | ---- | M] (Microsoft Corporation) MD5=A0B8CF9DEB1184FBDD20784A58FA75D4 -- C:\WINDOWS\SoftwareDistribution\Download\327771f7f3830b5acec68906a2aac4ab\usbscan.sys [2004/08/03 16:58:46 | 000,015,104 | ---- | M] (Microsoft Corporation) MD5=A6BC71402F4F7DD5B77FD7F4A8DDBA85 -- C:\WINDOWS\$NtServicePackUninstall$\usbscan.sys [2004/08/03 16:58:46 | 000,015,104 | ---- | M] (Microsoft Corporation) MD5=A6BC71402F4F7DD5B77FD7F4A8DDBA85 -- C:\WINDOWS\system32\dllcache\usbscan.sys [2004/08/03 16:58:46 | 000,015,104 | ---- | M] (Microsoft Corporation) MD5=A6BC71402F4F7DD5B77FD7F4A8DDBA85 -- C:\WINDOWS\system32\drivers\usbscan.sys [color=#A23BEC]< MD5 for: USERINIT.EXE >[/color] [2004/08/05 14:00:00 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=D6D65EA32B190401B57EDB6706F29669 -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe [2004/08/05 14:00:00 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=D6D65EA32B190401B57EDB6706F29669 -- C:\WINDOWS\ERDNT\cache\userinit.exe [2004/08/05 14:00:00 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=D6D65EA32B190401B57EDB6706F29669 -- C:\WINDOWS\system32\dllcache\userinit.exe [2004/08/05 14:00:00 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=D6D65EA32B190401B57EDB6706F29669 -- C:\WINDOWS\system32\userinit.exe [2008/04/13 22:34:26 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=E74DDB12188C2FF57A78624DBF7332FC -- C:\WINDOWS\SoftwareDistribution\Download\327771f7f3830b5acec68906a2aac4ab\userinit.exe [color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color] [2004/08/05 14:00:00 | 000,506,368 | ---- | M] (Microsoft Corporation) MD5=D2DE785AEAB0BB8CA4C14A8A199DBE4E -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe [2004/08/05 14:00:00 | 000,506,368 | ---- | M] (Microsoft Corporation) MD5=D2DE785AEAB0BB8CA4C14A8A199DBE4E -- C:\WINDOWS\ERDNT\cache\winlogon.exe [2004/08/05 14:00:00 | 000,506,368 | ---- | M] (Microsoft Corporation) MD5=D2DE785AEAB0BB8CA4C14A8A199DBE4E -- C:\WINDOWS\system32\dllcache\winlogon.exe [2004/08/05 14:00:00 | 000,506,368 | ---- | M] (Microsoft Corporation) MD5=D2DE785AEAB0BB8CA4C14A8A199DBE4E -- C:\WINDOWS\system32\winlogon.exe [2008/04/13 22:34:28 | 000,512,000 | ---- | M] (Microsoft Corporation) MD5=DD73D6B9F6B4CB630CF35B438B540174 -- C:\WINDOWS\SoftwareDistribution\Download\327771f7f3830b5acec68906a2aac4ab\winlogon.exe [color=#A23BEC]< %systemroot%\*. /mp /s >[/color] [color=#A23BEC]< %systemroot%\system32\*.dll /lockedfiles >[/color] [2008/07/03 09:15:39 | 008,510,976 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\WINDOWS\system32\shell32.dll [1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ] [color=#A23BEC]< %systemroot%\Tasks\*.job /lockedfiles >[/color] < End of report >

Code: Tout sélectionner: OTL Extras logfile created on: 10/26/2010 10:03:11 PM - Run OTLPE by OldTimer - Version 3.1.43.0 Folder = X:\Programs\OTLPE Microsoft Windows XP Service Pack 2 (Version = 5.1.2600) - Type = SYSTEM Internet Explorer (Version = 8.0.6001.18702) Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy 382.00 Mb Total Physical Memory | 171.00 Mb Available Physical Memory | 45.00% Memory free 326.00 Mb Paging File | 199.00 Mb Available in Paging File | 61.00% Paging File free Paging file location(s): C:\pagefile.sys 576 1152 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 145.19 Gb Total Space | 11.43 Gb Free Space | 7.87% Space Free | Partition Type: NTFS Drive H: | 3.84 Gb Total Space | 0.37 Gb Free Space | 9.59% Space Free | Partition Type: FAT32 Drive I: | 7.63 Gb Total Space | 6.05 Gb Free Space | 79.28% Space Free | Partition Type: FAT32 Drive X: | 434.99 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS Computer Name: REATOGO | User Name: SYSTEM Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days Using ControlSet: ControlSet001 [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] [color=#E56717]========== Shell Spawning ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation) scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "FirstRunDisabled" = 1 "AntiVirusDisableNotify" = 0 "FirewallDisableNotify" = 0 "UpdatesDisableNotify" = 0 "AntiVirusOverride" = 1 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall] [color=#E56717]========== System Restore Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore] "DisableSR" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Sr] "Start" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SrService] "Start" = 2 [color=#E56717]========== Firewall Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 1 "DoNotAllowExceptions" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] "1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007 "2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008 [color=#E56717]========== Authorized Applications List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] "%ProgramFiles%\iTunes\iTunes.exe" = %ProgramFiles%\iTunes\iTunes.exe:*:enabled:iTunes -- (Apple Inc.) "C:\Program Files\Fichiers communs\AOL\ACS\AOLacsd.exe" = C:\Program Files\Fichiers communs\AOL\ACS\AOLacsd.exe:*:Enabled:AOL -- File not found "C:\Program Files\Fichiers communs\AOL\ACS\AOLDial.exe" = C:\Program Files\Fichiers communs\AOL\ACS\AOLDial.exe:*:Enabled:AOL -- File not found "C:\Program Files\AOL 9.0\waol.exe" = C:\Program Files\AOL 9.0\waol.exe:*:Enabled:AOL 9.0 -- File not found [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "C:\Program Files\IncrediMail\bin\ImApp.exe" = C:\Program Files\IncrediMail\bin\ImApp.exe:*:Enabled:IncrediMail -- (IncrediMail, Ltd.) "C:\Program Files\IncrediMail\bin\IncMail.exe" = C:\Program Files\IncrediMail\bin\IncMail.exe:*:Enabled:IncrediMail -- (IncrediMail, Ltd.) "C:\Program Files\IncrediMail\bin\ImpCnt.exe" = C:\Program Files\IncrediMail\bin\ImpCnt.exe:*:Enabled:IncrediMail -- (IncrediMail, Ltd.) "C:\Program Files\IncrediMail\bin\ImLc.exe" = C:\Program Files\IncrediMail\bin\ImLc.exe:*:Enabled:IncrediMail -- (IncrediMail, Ltd.) "C:\Program Files\IncrediMail\bin\IncrediMail_Install.exe" = C:\Program Files\IncrediMail\bin\IncrediMail_Install.exe:*:Enabled:IncrediMail Installer -- () "C:\Program Files\Magentic\bin\MgImp.exe" = C:\Program Files\Magentic\bin\MgImp.exe:*:Enabled:Magentic -- (IncrediMail, Ltd.) "C:\Program Files\Magentic\bin\Magentic.exe" = C:\Program Files\Magentic\bin\Magentic.exe:*:Enabled:Magentic -- () "C:\Program Files\Magentic\bin\MgApp.exe" = C:\Program Files\Magentic\bin\MgApp.exe:*:Enabled:Magentic -- () "C:\Program Files\LimeWire\LimeWire.exe" = C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire -- (Lime Wire, LLC) "C:\Program Files\eMule\emule.exe" = C:\Program Files\eMule\emule.exe:*:Enabled:eMule -- (http://www.emule-project.net) "C:\Program Files\iTunes\iTunes.exe" = C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.) [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{075473F5-846A-448B-BCB3-104AA1760205}" = Sonic RecordNow Data "{0BEDBD4E-2D34-47B5-9973-57E62B29307C}" = ATI Control Panel "{0CB9668D-F979-4F31-B8B8-67FE90F929F8}" = Bonjour "{0DD140D3-9563-481E-AA75-BA457CBDAEF2}" = PC Inspector File Recovery "{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP160" = Canon MP160 "{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer "{19C989C4-50AE-43A4-B06E-8C70FFFF852F}" = PC-Doctor for Windows "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{21657574-BD54-48A2-9450-EB03B2C7FC29}" = Sonic MyDVD Plus "{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer "{26A24AE4-039D-4CA4-87B4-2F83216011FF}" = Java(TM) 6 Update 22 "{29D851C2-048C-4B5E-8D1F-25D473342BB5}" = ScanSoft OmniPage SE 4.0 "{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Sonic Update Manager "{3248F0A8-6813-11D6-A77B-00B0D0150000}" = J2SE Runtime Environment 5.0 "{3248F0A8-6813-11D6-A77B-00B0D0160030}" = Java(TM) 6 Update 3 "{3248F0A8-6813-11D6-A77B-00B0D0160050}" = Java(TM) 6 Update 5 "{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java(TM) 6 Update 7 "{350C940c-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP "{3912A629-0020-0005-3757-2FBA74D4DF0A}" = InterVideo WinDVD Player "{3BB53C4E-97B3-4504-B4C3-6C5012FBCD83}" = Mission Equitation 2 "{3D9892BB-A751-4E48-ADC8-E4289956CE1D}" = QuickTime "{3EBC0693-0A27-4B50-90A1-A8B688911C7A}" = Samsung PC Studio 3 "{4286E640-B5FB-11DF-AC4B-005056C00008}" = Google Earth "{49F00501-E02F-458F-8AED-85949AB9656F}" = MioTransfer "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{5809E7CF-4DCF-11D4-9875-00105ACE7734}" = Logitech MouseWare 9.79.1 "{5E97F3BD-CDDC-4188-9D98-532E14FABB5D}" = IncrediMail "{650D1904-ED7F-4F37-9325-33C2815D260C}" = MioMap v3 Updater "{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Sonic Express Labeler "{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update "{6E7DD182-9FC6-4651-0095-2E666CC6AF35}" = Les Sims 2 "{75AE8014-1184-4BC0-B279-C879540719EE}" = PhotoMail Maker "{7AB3A249-FB81-416B-917A-A2A10E74C503}" = iTunes "{7AC15160-A49B-4A89-B181-D4619C025FFF}" = Samsung Samples Installer "{7C979B2E-B5B9-E33F-6958-2301034CDB7D}" = Barbie I Can Be "{8105684D-8CA6-440D-8F58-7E5FD67A499D}" = Connexion Facile à Internet "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{83d96ed0-98aa-4515-8ddc-816f3efdd104}" = MyDSC2 "{85309D89-7BE9-4094-BB17-24999C6118FC}" = ArcSoft PhotoStudio 5.5 "{85991ED2-010C-4930-96FA-52F43C2CE98A}" = Apple Mobile Device Support "{8B9852AF-B0B0-47B7-9BC5-89A95D77B6C9}" = MP3 Player Utilities 4.11 "{9028040C-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Professional avec FrontPage "{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}" = InterVideo WinDVD Player "{93D34EE3-99B3-4DB1-8B0A-0A657466F90D}" = Clé Internet de prêt "{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting "{9901E703-D169-7139-1EA3-11AA788D09E6}" = EA Download Manager UI "{9A394342-4A68-4EBA-85A6-55B559F4E700}" = Microsoft .NET Framework 1.1 French Language Pack "{9CE14C25-0395-4DDA-8B47-06A944DF9E5F}" = Mon Petit Poney "{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{A93C4E94-1005-489D-BEAA-B873C1AA6CFC}" = HP Help and Support 4.0 "{AB708C9B-97C8-4AC9-899B-DBF226AC9382}" = Sonic RecordNow Audio "{AC76BA86-7AD7-1036-7B44-A70000000000}" = Adobe Reader 7.0 - Français "{AC76BA86-7AD7-5464-3428-7E8A450000A7}" = Spelling Dictionaries For Adobe Reader Package "{AFAC914D-9E83-4A89-8ABE-427521C82CCF}" = Safari "{B12665F4-4E93-4AB4-B7FC-37053B524629}" = Sonic RecordNow Copy "{B2D328BE-45AD-4D92-96F9-2151490A203E}" = Apple Application Support "{B508B3F1-A24A-32C0-B310-85786919EF28}" = Microsoft .NET Framework 2.0 Service Pack 1 "{C29302BF-32F8-7834-A4C8-780349DE9659}" = La Chaîne Météo "{C4A4722E-79F9-417C-BD72-8D359A090C97}" = Samsung PC Studio 3 "{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1 "{DB518BA6-CB74-4EB6-9ABD-880B6D6E1F38}" = HpSdpAppCoreApp "{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}" = Codeur Windows Media Série 9 "{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime "{EBA29752-DDD2-4B62-B2E3-9841F92A3E3A}" = Samsung PC Studio 3 USB Driver Installer "{EEE76149-DC7F-4D3E-B021-6152DF574FA6}" = Alexandra Ledermann 8 "{F715F7A4-67BA-11DD-93EF-B74D56D89593}" = Alexandra Ledermann - La colline aux chevaux sauvages "Adibou V.3.00 on C" = Adibou V.3.00 on C "Adobe AIR" = Adobe AIR "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Agere Systems Soft Modem" = Agere Systems PCI Soft Modem "Alexandra Ledermann 6" = Alexandra Ledermann 6 "ATI Display Driver" = ATI Display Driver "Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus "Barbie(TM) Horse Adventures(TM)" = Barbie(TM) Horse Adventures(TM) "Briberry_is1" = Briberry 1.2 "CCleaner" = CCleaner "com.adobe.example.widget.33A7EEEDEE7A114BE5163F740489DD413641A8EC.1" = La Chaîne Météo "com.ea.Vault.919CACB699904AC5D41B606703500DD39747C02D.1" = EA Download Manager UI "com.smashingideas.ICanBeGrandPrize.955FB31728C43225F1147BC469B6F02AA2FCF43E.1" = Barbie I Can Be "dBpowerAMP Musepack Codec" = dBpowerAMP Musepack Codec "Dogz" = Dogz (remove only) "Dual Mode Camera_is1" = Uninstall Dual Mode Camera "DVD Shrink_is1" = DVD Shrink 3.2 "EA Download Manager" = EA Download Manager "Easy-PhotoPrint" = Canon Utilities Easy-PhotoPrint "Easy-WebPrint" = Easy-WebPrint "eMule" = eMule "Enregistrement utilisateur de Canon MP160" = Enregistrement utilisateur de Canon MP160 "FormatFactory" = FormatFactory 2.50 "Frankie Maternelle - Moyenne section" = Frankie Maternelle - Moyenne section "Help and Support Additions" = Compléments d'aide et de support "IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs "ie7" = Windows Internet Explorer 7 "ie8" = Windows Internet Explorer 8 "IncrediMail" = IncrediMail 2.0 "InstallShield_{19C989C4-50AE-43A4-B06E-8C70FFFF852F}" = PC-Doctor for Windows "InstallShield_{8105684D-8CA6-440D-8F58-7E5FD67A499D}" = Connexion Facile à Internet "LimeWire" = LimeWire 4.16.6 "Magentic" = Magentic "Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware "Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1 "Mio Technology Speedcam Synchronisation" = Mio Technology Speedcam Synchronisation 1.1.16.04.06 "Mio Technology Speedcam Synchronisation ( PNA Version )" = Mio Technology Speedcam Synchronisation ( PNA Version ) 1.2.10.07.06 "Mio Technology SpeedCam Tool" = Mio Technology SpeedCam Tool "Mon Petit Poney" = Mon Petit Poney "MP Navigator 3.0" = Canon MP Navigator 3.0 "MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP "MSNINST" = MSN "MusicMatch Jukebox" = MusicMatch Jukebox "My Stitch_is1" = My Stitch 1.1 "NATHAN Vacances CP V.1.00 (C:)" = NATHAN Vacances CP V.1.00 (C:) "Neuf_TV_PC" = TV sur PC "NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs "PhoTagsExpress" = PhoTags Express "PhotoMail" = PhotoMail Maker "PS2" = PS2 "Puppy Grandit & Connaît ton Nom_is1" = Puppy Grandit & Connaît ton Nom "Python 2.2.3" = Python 2.2.3 "pywin32-py2.2" = Python 2.2 pywin32 extensions (build 203) "RealPlayer 6.0" = RealPlayer Basic "SAMSUNG Mobile Modem" = SAMSUNG Mobile Modem Driver Set "Samsung Mobile phone USB driver" = Samsung Mobile phone USB driver Software "SAMSUNG Mobile USB Modem" = SAMSUNG Mobile USB Modem Software "SAMSUNG Mobile USB Modem 1.0" = SAMSUNG Mobile USB Modem 1.0 Software "SFR_Kit" = SFR - Kit de connexion "Softonic_France_FF Toolbar" = Softonic France FF Toolbar "spirit-9.17fr" = Spirit (remove only) "StreetPlugin" = Learn2 Player (Uninstall Only) "Studio de création numérique de Lapin Malin" = Studio de création numérique de Lapin Malin "SuperEleves_11FM" = SdLL - Superélèves CP "Video Journal_is1" = Video Journal Version 2.04 "ViewpointMediaPlayer" = Viewpoint Media Player "VLC media player" = VideoLAN VLC media player 0.8.4a "WIC" = Windows Imaging Component "Windows Media Encoder 9" = Codeur Windows Media Série 9 "Windows Media Format Runtime" = Windows Media Format 11 runtime "Windows Media Player" = Lecteur Windows Media 11 "WMFDist11" = Windows Media Format 11 runtime "wmp11" = Windows Media Player 11 "Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0 < End of report >

jeanmimigab · le 26 Oct 2010 20:23

hello,

On va restaurer un driver absent et virer qq trace d'infections mais je ne pense pas que le ralentissement vienne de là... :-?

toujours sous live CD relance OTL et coller cette citation dans sa fenetre "costum scan/fix" et cliques sur "RUN FIX"

:files
C:\WINDOWS\System32\dec_jl6.dll
C:\WINDOWS\iltwain.ini
C:\WINDOWS\System32\ATHPRXY(2).DLL
C:\WINDOWS\system32\drivers\changer.sys | C:\WINDOWS\SoftwareDistribution\Download\327771f7f3830b5acec68906a2aac4ab\changer.sys /replace
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

:reg
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"ViewpointMediaPlayer" =-

ensuite redémarre ton pc normalement pour voir si il y a du changement :wink:

dodremi · le 26 Oct 2010 21:56

Re,

Alors pas de changement au niveau du démarrage; il rame toujours autant ...
Mais une fois démarrer, il a l'air de bosser correctement !

Je te poste le rapport OTL

Dis moi si quelque chose est encore possible ?
Bonne nuit

a demain :wink:

Code: Tout sélectionner: ========== FILES ========== C:\WINDOWS\System32\dec_jl6.dll moved successfully. C:\WINDOWS\iltwain.ini moved successfully. C:\WINDOWS\System32\ATHPRXY(2).DLL moved successfully. File C:\WINDOWS\system32\drivers\changer.sys successfully replaced with C:\WINDOWS\SoftwareDistribution\Download\327771f7f3830b5acec68906a2aac4ab\changer.sys File\Folder [1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ] not found. ========== REGISTRY ========== Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\\ViewpointMediaPlayer not found. OTLPE by OldTimer - Version 3.1.43.0 log created on 10262010_233458

jeanmimigab · le 27 Oct 2010 17:11

Hello,

Dis moi si quelque chose est encore possible ?

Ben niveau infection, avec ce dernier script c'est clean, plus de soucis de ce coté là :wink:

Par contre comme je te l'ai dit il serait bon d'envisager une réparation du système sans perte de données si tu as le cd cd windows.
Ou bien une restauration usine si tu as les CD/DVD de restauration de ce PC.

Quels est le modèl exact de ton pc, ainsi je me renseigne pour savoir si tu dispose d'un partition de restauration cachée, cela pourrais te servir au cas où tu aurais égaré ces CD/DVD de restauration :wink:

dodremi · le 27 Oct 2010 17:56

Hello,

Alors mon Pc est un Compaq presario AMD SEMPRON 3000+ 984 MHZ 384 MO de RAM.
J'ai un CD de reinstallation usine "légal" et un CD Windows XP Familial 2002 Pack 2 pas légal, comme je le croyais ...

Apparemment j'ai une Partition D sur mon PC avec un fichier à l'interieur qui se nomme reinstallation system avec une icone "gros cadenas", ainsi que d'autre fichier que je ne connais pas ..

Quand tu dis "réparation systeme sans perte de données", cela veut il dire que je ne perdrais rien de mes documents, ou alors faudra t il envisager une sauvegarde sur disque dur externe ? car j'ai pas mal de photos et doc que je ne voudrais pas perdre .....

Merci de ta réponse..
@+

jeanmimigab · le 27 Oct 2010 22:42

Bonsoir, désolé de passé si tard :oops:

J'ai un CD de reinstallation usine "légal"

c'est celui là qu'il te faut, car il comprend en plus de Windows, tous les programmes et drivers présent sur ton pc au jours de l'achat.

faudra t il envisager une sauvegarde sur disque dur externe

Oui, car beaucoup de CD de restauration ont une option sensée réinstaller ton système sans perte de document, mais au final il te les supprime quand même.

L'idéale dans ton cas serait de:

sauvegarder tout tes documents sur un DD externe

insérer le cd de restauration et redémarrer ton pc.
Tu auras accès au système de restauration Usine et il te suffiras de suivre les instructions pour retrouver un PC tout neuf (configurer comme le jour où tu l'as acheter)
Il te faudra ensuite réinstaller tes programmes, faire les mises à jours de windows et recopier tes documents dessus

Si tu as besoin d'aide ou de conseils pour cette étape, n'hésite pas a me le dire :wink:

dodremi · le 28 Oct 2010 07:54

Salut jeanmimi...
Merci pour ta réponse..

Bon et bien il faut que j'aille acheté un disque dur externe...et ensuite je sauvegarderai tout ce dont j'ai besoin.
En attendant je bloque les mises à jour automatiques.....

D'ailleurs puis je supprimer tous les icones des programmes installés pour sauver mon PC ?

Merci de ta réponse.

Je te remercie encore pour ta patience et ta disponibilité. Tu m'as quand même bien dépané.
Si j'ai un souci pour la reconfiguration je ferai appel au forum ....

Encore mille merci.
A bientot :wink:

jeanmimigab · le 28 Oct 2010 17:37

hello,

puis je supprimer tous les icones des programmes installés pour sauver mon PC ?

oui, comme cela

Télécharge >>> ToolsCleaner <<< (de A.Rothstein & dj QUIOU)
Fais un clic-droit dessus et choisis "Exécuter en tant qu'administrateur" pour lancer le programme.
Clique sur Recherche et laisse le scan se terminer (il peut durer une dizaine de minutes au maximum).
une fois la recherche lancée, ne clique pas dans la fenêtre, cela provoquerait un léger bug du programme.
Si toutes fois la mention (ne réponds pas) apparaissait dans le titre de la fenêtre ToolsCleaner, ne t'en occupes pas et laisse quand même le programme terminer son travail
Fermes le rapport qui apparait.
cliquer sur Suppression et fermes toolcleaner

Si il reste des icônes suite à cela, supprime les manuellement

il faut que j'aille acheté un disque dur externe...et ensuite je sauvegarderai tout ce dont j'ai besoin

Oui, c'est impératif, il faut toujours au moins une sauvegarde de tes fichiers important, un DD ça peut bloquer du jour au lendemain sans prévenir :-?

Dès que tu as fais tes sauvegarde, n'hésite pas a redemander de l'aide ici, on t'aidera avec plaisir :wink:

@++ et bonne soirée

dodremi · le 28 Oct 2010 19:24

Ok merci et à bientot ...

Virus Win 32/nuquel.E • page 4

Re: Virus Win 32/nuquel.E

Re: Virus Win 32/nuquel.E

Re: Virus Win 32/nuquel.E

Re: Virus Win 32/nuquel.E

Re: Virus Win 32/nuquel.E

Re: Virus Win 32/nuquel.E

Re: Virus Win 32/nuquel.E

Re: Virus Win 32/nuquel.E

Re: Virus Win 32/nuquel.E

Re: Virus Win 32/nuquel.E

Sujets similaires

Qui est en ligne