Je me permet de vous contacter afin de vous demandez de l'aide.
J'ai été infecté par le virus digital protection, je souhaiterais donc de l'aide afin de pouvoir le supprimer.
Pour l'instant, j'arrive encore a ouvrir mon pc sans passer ar le mode sans echec, étant novice en informatique, il me faudrait quelqu'un pour me guider afin de pouvoir réparer mon pc.
Ayant lu un post précédent avec le meme problème, j'ai télécharger OTL et j'ai lancé le programme.
Le résultat du rapport est:
- Code: Tout sélectionner
Internet Explorer (Version = 7.0.5730.13)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy
2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 64,00% Memory free
4,00 Gb Paging File | 3,00 Gb Available in Paging File | 81,00% Paging File free
Paging file location(s): C:\pagefile.sys 0 0 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 29,99 Gb Total Space | 12,91 Gb Free Space | 43,03% Space Free | Partition Type: NTFS
Drive D: | 268,09 Gb Total Space | 22,30 Gb Free Space | 8,32% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: SN121946020317
Current User Name: mss
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
[color=#E56717]========== Processes (SafeList) ==========[/color]
PRC - D:\Documents and Settings\mss\Bureau\OTL.exe (OldTimer Tools)
PRC - D:\Documents and Settings\mss\Local Settings\Application Data\dtesaqh.exe (elipsoidal)
PRC - D:\Documents and Settings\mss\Local Settings\Temp\drweb.exe ()
PRC - D:\Documents and Settings\mss\Local Settings\Temp\ko3f7.exe ()
PRC - C:\Program Files\Digital Protection\digprot.exe ()
PRC - D:\Documents and Settings\mss\Local Settings\Temp\davclnt.exe (Microsoft Corporation)
PRC - C:\Program Files\Alwil Software\Avast5\AvastUI.exe (ALWIL Software)
PRC - D:\Documents and Settings\mss\Application Data\Microsoft\Notification de cadeaux MSN\lsnfier.exe (Microsoft Corporation)
PRC - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (Apple Inc.)
PRC - C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corporation)
PRC - C:\Program Files\Java\jre6\bin\jucheck.exe (Sun Microsystems, Inc.)
PRC - C:\Program Files\AskBarDis\bar\bin\ASKUpgrade.exe ()
PRC - C:\Program Files\AskBarDis\bar\bin\AskService.exe ()
PRC - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\APPS\Softex\OmniPass\ScureApp.exe ()
PRC - C:\APPS\Softex\OmniPass\OmniServ.exe (Softex Inc.)
PRC - C:\APPS\Softex\OmniPass\OPXPApp.exe ()
PRC - C:\WINDOWS\CDCtr.exe ()
PRC - C:\WINDOWS\mHotkey.exe ()
PRC - C:\Program Files\Fingerprint Sensor\ATSwpNav.exe (AuthenTec, Inc.)
PRC - c:\Program Files\ATI Technologies\ATI.ACE\CLI.exe (ATI Technologies Inc.)
PRC - C:\Program Files\Realtek\Card Reader Software\DriveIcon\DriveIcon.exe (Realtek Semiconductor Corp.)
PRC - C:\APPS\SMP\SMPSYS.EXE (Packard Bell BV)
PRC - C:\Program Files\Sonic\DigitalMedia LE v7\MyDVD LE\DetectorApp.exe ()
PRC - C:\Program Files\Sonic\DigitalMedia LE v7\MyDVD LE\USBDeviceService.exe ()
PRC - C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe (Ulead Systems, Inc.)
PRC - C:\Program Files\Goto Software\Vade Retro\Vaderetro_oe.exe ()
PRC - C:\Program Files\Fichiers communs\AOL\ACS\AOLacsd.exe (America Online, Inc.)
PRC - C:\Program Files\OFFICE One6.5\OFFICE One Clock\ooneclockv65.exe (ISSENDIS)
PRC - C:\Program Files\OFFICE One6.5\OFFICE One Notes\oonotesv65.exe (ISSENDIS)
PRC - C:\Program Files\Common Files\X10\Common\X10nets.exe (X10)
[color=#E56717]========== Modules (SafeList) ==========[/color]
MOD - D:\Documents and Settings\mss\Bureau\OTL.exe (OldTimer Tools)
MOD - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll (Microsoft Corporation)
MOD - C:\APPS\Softex\OmniPass\scuredll.dll ()
MOD - C:\Program Files\Goto Software\Vade Retro\VrOe_hook.dll ()
MOD - C:\WINDOWS\system32\msscript.ocx (Microsoft Corporation)
[color=#E56717]========== Win32 Services (SafeList) ==========[/color]
SRV - (avast! Web Scanner) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (ALWIL Software)
SRV - (avast! Mail Scanner) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (ALWIL Software)
SRV - (fsssvc) -- C:\Program Files\Windows Live\Family Safety\fsssvc.exe (Microsoft Corporation)
SRV - (Apple Mobile Device) -- C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (Apple Inc.)
SRV - (SeaPort) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corporation)
SRV - (ASKUpgrade) -- C:\Program Files\AskBarDis\bar\bin\ASKUpgrade.exe ()
SRV - (ASKService) -- C:\Program Files\AskBarDis\bar\bin\AskService.exe ()
SRV - (SrvCDEject) -- C:\Program Files\Packard Bell\SrvCDEject.exe ()
SRV - (omniserv) -- C:\APPS\Softex\OmniPass\OmniServ.exe (Softex Inc.)
SRV - (USBDeviceService) -- C:\Program Files\Sonic\DigitalMedia LE v7\MyDVD LE\USBDeviceService.exe ()
SRV - (UleadBurningHelper) -- C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe (Ulead Systems, Inc.)
SRV - (Pml Driver HPZ12) -- C:\WINDOWS\system32\HPZipm12.exe (HP)
SRV - (AOL ACS) -- C:\Program Files\Fichiers communs\AOL\ACS\AOLacsd.exe (America Online, Inc.)
SRV - (x10nets) -- C:\Program Files\Common Files\X10\Common\X10nets.exe (X10)
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
DRV - (aswTdi) -- C:\WINDOWS\system32\drivers\aswTdi.sys (ALWIL Software)
DRV - (aswSP) -- C:\WINDOWS\system32\drivers\aswSP.sys (ALWIL Software)
DRV - (aswRdr) -- C:\WINDOWS\system32\drivers\aswRdr.sys (ALWIL Software)
DRV - (aswMon2) -- C:\WINDOWS\system32\drivers\aswmon2.sys (ALWIL Software)
DRV - (aswFsBlk) -- C:\WINDOWS\system32\drivers\aswFsBlk.sys (ALWIL Software)
DRV - (Aavmker4) -- C:\WINDOWS\system32\drivers\aavmker4.sys (ALWIL Software)
DRV - (fssfltr) -- C:\WINDOWS\system32\drivers\fssfltr_tdi.sys (Microsoft Corporation)
DRV - (ASCTRM) -- C:\WINDOWS\system32\drivers\asctrm.sys (Windows (R) 2000 DDK provider)
DRV - (ati2mtag) -- C:\WINDOWS\system32\drivers\ati2mtag.sys (ATI Technologies Inc.)
DRV - (nvnetbus) -- C:\WINDOWS\system32\drivers\nvnetbus.sys (NVIDIA Corporation)
DRV - (NVENETFD) -- C:\WINDOWS\system32\drivers\NVENETFD.sys (NVIDIA Corporation)
DRV - (nvata) -- C:\WINDOWS\system32\DRIVERS\nvata.sys (NVIDIA Corporation)
DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\WINDOWS\system32\drivers\RtkHDAud.Sys (Realtek Semiconductor Corp.)
DRV - (ATSWPDRV) AuthenTec TruePrint USB Driver (AES2500) -- C:\WINDOWS\system32\drivers\atswpdrv.sys (AuthenTec, Inc.)
DRV - (AmdK8) -- C:\WINDOWS\system32\drivers\AmdK8.sys (Advanced Micro Devices)
DRV - (3xHybrid) -- C:\WINDOWS\system32\drivers\3xHybrid.sys (Philips Semiconductors GmbH)
DRV - (RTSTOR) -- C:\WINDOWS\system32\drivers\RTSTOR.sys (Realtek Semiconductor Corp.)
DRV - (X10Hid) -- C:\WINDOWS\system32\drivers\x10hid.sys (X10 Wireless Technology, Inc.)
DRV - (PCASp50) -- C:\WINDOWS\system32\drivers\PCASp50.sys (Printing Communications Assoc., Inc. (PCAUSA))
DRV - (SIS163u) -- C:\WINDOWS\system32\drivers\sis163u.sys (SiS Corporation)
DRV - (XUIF) -- C:\WINDOWS\system32\drivers\x10ufx2.sys (X10 Wireless Technology, Inc.)
DRV - (PRISM_A02) -- C:\WINDOWS\system32\drivers\PRISMA02.sys (Conexant Systems, Inc.)
DRV - (HDAudBus) -- C:\WINDOWS\system32\drivers\Hdaudbus.sys (Windows (R) Server 2003 DDK provider)
DRV - (usb_rndis) -- C:\WINDOWS\system32\drivers\usb8023.sys (Microsoft Corporation)
DRV - (MPE) -- C:\WINDOWS\system32\drivers\MPE.sys (Microsoft Corporation)
DRV - (amdagp) -- C:\WINDOWS\system32\DRIVERS\amdagp.sys (Advanced Micro Devices, Inc.)
DRV - (sisagp) -- C:\WINDOWS\system32\DRIVERS\sisagp.sys (Silicon Integrated Systems Corporation)
DRV - (wanatw) WAN Miniport (ATW) -- C:\WINDOWS\system32\drivers\wanatw4.sys (America Online, Inc.)
DRV - (CmdIde) -- C:\WINDOWS\system32\DRIVERS\cmdide.sys (CMD Technology, Inc.)
DRV - (Sparrow) -- C:\WINDOWS\system32\DRIVERS\sparrow.sys (Adaptec, Inc.)
DRV - (sym_u3) -- C:\WINDOWS\system32\DRIVERS\sym_u3.sys (LSI Logic)
DRV - (sym_hi) -- C:\WINDOWS\system32\DRIVERS\sym_hi.sys (LSI Logic)
DRV - (symc8xx) -- C:\WINDOWS\system32\DRIVERS\symc8xx.sys (LSI Logic)
DRV - (symc810) -- C:\WINDOWS\system32\DRIVERS\symc810.sys (Symbios Logic Inc.)
DRV - (ultra) -- C:\WINDOWS\system32\DRIVERS\ultra.sys (Promise Technology, Inc.)
DRV - (ql12160) -- C:\WINDOWS\system32\DRIVERS\ql12160.sys (QLogic Corporation)
DRV - (ql1080) -- C:\WINDOWS\system32\DRIVERS\ql1080.sys (QLogic Corporation)
DRV - (ql1280) -- C:\WINDOWS\system32\DRIVERS\ql1280.sys (QLogic Corporation)
DRV - (dac2w2k) -- C:\WINDOWS\system32\DRIVERS\dac2w2k.sys (Mylex Corporation)
DRV - (mraid35x) -- C:\WINDOWS\system32\DRIVERS\mraid35x.sys (American Megatrends Inc.)
DRV - (asc) -- C:\WINDOWS\system32\DRIVERS\asc.sys (Advanced System Products, Inc.)
DRV - (asc3550) -- C:\WINDOWS\system32\DRIVERS\asc3550.sys (Advanced System Products, Inc.)
DRV - (AliIde) -- C:\WINDOWS\system32\DRIVERS\aliide.sys (Acer Laboratories Inc.)
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
[color=#E56717]========== Internet Explorer ==========[/color]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
[color=#E56717]========== FireFox ==========[/color]
FF - prefs.js..browser.startup.homepage: "http://fr.msn.com/"
FF - prefs.js..extensions.enabledItems: {E2883E8F-472F-4fb0-9522-AC9BF37916A7}:1
FF - prefs.js..extensions.enabledItems: 6
FF - prefs.js..extensions.enabledItems: 2
FF - prefs.js..extensions.enabledItems: 48
FF - prefs.js..extensions.enabledItems: {E9A1DEE0-C623-4439-8932-001E7D17607D}:2.1.0.5
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..keyword.URL: "http://www.bing.com/search?mkt=fr-FR&form=MIMWA5&q="
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.8\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2009/11/29 17:44:31 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.8\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/04/09 17:12:48 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.9\extensions\\Components: C:\Program Files\Mozilla Firefox 3.1 Beta 3\components [2010/03/27 00:34:37 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.9\extensions\\Plugins: C:\Program Files\Mozilla Firefox 3.1 Beta 3\plugins [2010/04/09 17:12:48 | 000,000,000 | ---D | M]
[2009/04/20 00:57:00 | 000,000,000 | ---D | M] -- D:\Documents and Settings\mss\Application Data\Mozilla\Extensions
[2009/04/20 00:57:00 | 000,000,000 | ---D | M] -- D:\Documents and Settings\mss\Application Data\Mozilla\Extensions\mozswing@mozswing.org
[2010/04/09 16:45:32 | 000,000,000 | ---D | M] -- D:\Documents and Settings\mss\Application Data\Mozilla\Firefox\Profiles\7iac8npa.default\extensions
[2009/09/06 16:25:00 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- D:\Documents and Settings\mss\Application Data\Mozilla\Firefox\Profiles\7iac8npa.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2009/10/16 16:25:41 | 000,000,000 | ---D | M] (Adobe DLM (powered by getPlus(R))) -- D:\Documents and Settings\mss\Application Data\Mozilla\Firefox\Profiles\7iac8npa.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}
[2009/09/06 16:31:26 | 000,000,000 | ---D | M] (No name found) -- D:\Documents and Settings\mss\Application Data\Mozilla\Firefox\Profiles\7iac8npa.default\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}
[2010/03/03 15:16:35 | 000,002,650 | ---- | M] () -- D:\Documents and Settings\mss\Application Data\Mozilla\Firefox\Profiles\7iac8npa.default\searchplugins\bing.xml
[2009/02/20 17:37:29 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2006/09/10 13:35:08 | 000,001,516 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazon-france.xml
[2008/09/28 09:10:26 | 000,000,757 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-france.xml
[2006/09/10 13:35:08 | 000,000,748 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\MediaDICO-fr.xml
[2008/03/29 15:59:44 | 000,001,426 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-fr.xml
[2006/09/12 20:49:04 | 000,000,652 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-france.xml
O1 HOSTS File: ([2010/05/04 21:08:40 | 000,000,822 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 212.150.54.250
O2 - BHO: (C:\WINDOWS\system32\clsomeaq.dll) - {A9BA40A1-74F1-52BD-F431-00B15A2C8953} - C:\WINDOWS\system32\clsomeaq.dll ()
O2 - BHO: (EpsonToolBandKicker Class) - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\epson\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll (Ask.com)
O3 - HKLM\..\Toolbar: (Share Accelerator MM Toolbar) - {4596013b-6c31-408b-a266-deae5c086dc2} - C:\Program Files\Share_Accelerator_MM\tbSha0.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (EPSON Web-To-Page) - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\epson\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
O3 - HKCU\..\Toolbar\ShellBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKCU\..\Toolbar\ShellBrowser: (Share Accelerator MM Toolbar) - {4596013B-6C31-408B-A266-DEAE5C086DC2} - C:\Program Files\Share_Accelerator_MM\tbSha0.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Ask Toolbar) - {3041D03E-FD4B-44E0-B742-2D9B88305F98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll (Ask.com)
O3 - HKCU\..\Toolbar\WebBrowser: (Share Accelerator MM Toolbar) - {4596013B-6C31-408B-A266-DEAE5C086DC2} - C:\Program Files\Share_Accelerator_MM\tbSha0.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (EPSON Web-To-Page) - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\epson\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [ATICCC] c:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe ()
O4 - HKLM..\Run: [ATSwpNav] C:\Program Files\Fingerprint Sensor\ATSwpNav.exe (AuthenTec, Inc.)
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\AvastUI.exe (ALWIL Software)
O4 - HKLM..\Run: [BOOT] C:\Program Files\ISSENDIS\ISSENDIS WebUpdate v6\issendiswebupdatev6.exe (ISSENDIS)
O4 - HKLM..\Run: [CDEjtCtr] C:\WINDOWS\CDCtr.exe ()
O4 - HKLM..\Run: [DetectorApp] C:\Program Files\Sonic\DigitalMedia LE v7\MyDVD LE\DetectorApp.exe ()
O4 - HKLM..\Run: [DriveIcons] C:\Program Files\Realtek\Card Reader Software\DriveIcon\DriveIcon.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [IMJPMIG8.1] C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [ISUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe File not found
O4 - HKLM..\Run: [ISUSScheduler] C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe File not found
O4 - HKLM..\Run: [mHotkey] C:\WINDOWS\mHotkey.exe ()
O4 - HKLM..\Run: [OmniPass] C:\APPS\Softex\OmniPass\ScureApp.exe ()
O4 - HKLM..\Run: [PBEjectButtonControl] C:\Program Files\Packard Bell Eject buttons control\EjectButtonControl.exe ()
O4 - HKLM..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [SkyTel] C:\WINDOWS\SkyTel.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [Vade Retro Outlook Express] C:\Program Files\Goto Software\Vade Retro\Vaderetro_oe.exe ()
O4 - HKCU..\Run: [davclnt.exe] D:\Documents and Settings\mss\Local Settings\Temp\davclnt.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Digital Protection] C:\Program Files\Digital Protection\digprot.exe ()
O4 - HKCU..\Run: [dtesaqh] d:\documents and settings\mss\local settings\application data\dtesaqh.exe (elipsoidal)
O4 - HKCU..\Run: [hf8wefhuaihf8ewfydiujhfdsfdf] D:\Documents and Settings\mss\Local Settings\Temp\ko3f7.exe ()
O4 - HKCU..\Run: [hsf87efjhdsf87f3jfsdi7fhsujfd] D:\Documents and Settings\mss\Local Settings\Temp\drweb.exe ()
O4 - HKCU..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe (Google Inc.)
O4 - HKCU..\Run: [SmpcSys] C:\APPS\SMP\SMPSYS.EXE (Packard Bell BV)
O4 - HKCU..\Run: [Steam] C:\Program Files\Valve\Steam\Steam.exe (Valve Corporation)
O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - Startup: D:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE (Microsoft Corporation)
O4 - Startup: D:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\OFFICE One Clock v6.5.lnk = C:\Program Files\OFFICE One6.5\OFFICE One Clock\ooneclockv65.exe (ISSENDIS)
O4 - Startup: D:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\OFFICE One Notes v6.5.lnk = C:\Program Files\OFFICE One6.5\OFFICE One Notes\oonotesv65.exe (ISSENDIS)
O4 - Startup: D:\Documents and Settings\mss\Menu Démarrer\Programmes\Démarrage\Notification de cadeaux MSN.lnk = D:\Documents and Settings\mss\Application Data\Microsoft\Notification de cadeaux MSN\lsnfier.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallVisualStyle = C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles (Microsoft)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallTheme = C:\WINDOWS\Resources\Themes\Royale.theme ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFolderOptions = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 1
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll (Google Inc.)
O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui (Microsoft Corporation)
O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui (Microsoft Corporation)
O9 - Extra Button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe (PokerStars)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab (Java Plug-in 1.6.0_11)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: TaskMan - (D:\Documents and Settings\mss\csrss.exe) - D:\Documents and Settings\mss\csrss.exe ()
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O20 - Winlogon\Notify\OPXPGina: DllName - C:\Apps\Softex\OmniPass\opxpgina.dll - C:\APPS\Softex\OmniPass\OPXPGina.dll ()
O22 - SharedTaskScheduler: {A9BA40A1-74F1-52BD-F431-00B15A2C8953} - hasiufhiusdfjdhfudd - C:\WINDOWS\system32\clsomeaq.dll ()
O24 - Desktop Components:0 (Ma page d'accueil) - About:Home
O24 - Desktop WallPaper: D:\Documents and Settings\mss\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: D:\Documents and Settings\mss\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010/05/04 20:47:40 | 000,000,000 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{07ebff90-2286-11de-b46c-000b6b9f813e}\Shell\AutoRun\command - "" = F:\1utbfd.bat -- File not found
O33 - MountPoints2\{07ebff90-2286-11de-b46c-000b6b9f813e}\Shell\open\Command - "" = F:\1utbfd.bat -- File not found
O33 - MountPoints2\{1c739d32-2f80-11df-b5e1-000b6b9f813e}\Shell\AutoRun\command - "" = F:\WDSetup.exe -- File not found
O33 - MountPoints2\{2f549b47-8717-11dc-b3c3-001b2f76416f}\Shell - "" = AutoRun
O33 - MountPoints2\{2f549b47-8717-11dc-b3c3-001b2f76416f}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -- File not found
O33 - MountPoints2\{5f357ce2-4b41-11dd-b3f3-c73731fa04ae}\Shell\Auto\command - "" = F:\AdobeR.exe -- File not found
O33 - MountPoints2\{6bf390ac-ad1c-11de-b4ec-000b6b9f813e}\Shell\AutoRun\command - "" = F:\boyedt.com -- File not found
O33 - MountPoints2\{6bf390ac-ad1c-11de-b4ec-000b6b9f813e}\Shell\open\Command - "" = F:\boyedt.com -- File not found
O33 - MountPoints2\{c8208f8a-ef39-11de-b55f-000b6b9f813e}\Shell\AutoRun\command - "" = F:\WDSetup.exe -- File not found
O33 - MountPoints2\{c9fe763e-43f9-11df-b606-000b6b9f813e}\Shell\AutoRun\command - "" = F:\LONG\island.exe -- File not found
O33 - MountPoints2\{c9fe763e-43f9-11df-b606-000b6b9f813e}\Shell\open\command - "" = F:\LONG\island.exe -- File not found
O33 - MountPoints2\{cbe3b9df-f6a5-11dd-b411-001731730b07}\Shell\AutoRun\command - "" = 1ce.cmd
O33 - MountPoints2\{cbe3b9df-f6a5-11dd-b411-001731730b07}\Shell\explore\Command - "" = 1ce.cmd
O33 - MountPoints2\{cbe3b9df-f6a5-11dd-b411-001731730b07}\Shell\open\Command - "" = 1ce.cmd
O33 - MountPoints2\{eba34068-e8b9-11db-b36a-001731730b07}\Shell\Auto\command - "" = AdobeR.exe e
O33 - MountPoints2\{f5294244-0b42-11de-b440-000b6b9f813e}\Shell\AutoRun\command - "" = xn1i9x.com
O33 - MountPoints2\{f5294244-0b42-11de-b440-000b6b9f813e}\Shell\explore\Command - "" = xn1i9x.com
O33 - MountPoints2\{f5294244-0b42-11de-b440-000b6b9f813e}\Shell\open\Command - "" = xn1i9x.com
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
NetSvcs: 6to4 - File not found
NetSvcs: Ias - C:\WINDOWS\system32\ias [2004/09/23 18:42:14 | 000,000,000 | ---D | M]
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
[2010/05/04 20:43:11 | 000,000,000 | ---D | C] -- C:\Program Files\Enigma Software Group
[2010/05/04 20:42:48 | 000,000,000 | ---D | C] -- C:\WINDOWS\61D3AAE1D5214CD7939B37813DE8F955.TMP
[2010/05/04 20:42:47 | 000,000,000 | ---D | C] -- C:\Program Files\Fichiers communs\Wise Installation Wizard
[2010/05/04 20:26:27 | 000,570,880 | ---- | C] (OldTimer Tools) -- D:\Documents and Settings\mss\Bureau\OTL.exe
[2010/05/04 20:14:23 | 000,438,272 | ---- | C] (elipsoidal) -- D:\Documents and Settings\mss\Local Settings\Application Data\dtesaqh.exe
[2010/04/16 17:00:19 | 000,000,000 | ---D | C] -- D:\Documents and Settings\mss\Tracing
[2010/04/16 16:50:22 | 000,162,640 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2010/04/16 16:50:22 | 000,100,432 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2010/04/16 16:50:22 | 000,094,800 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2010/04/16 16:50:22 | 000,046,672 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2010/04/16 16:50:22 | 000,028,880 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2010/04/16 16:50:22 | 000,023,376 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2010/04/16 16:50:22 | 000,019,024 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2010/04/16 16:50:10 | 000,153,184 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\aswBoot.exe
[2010/04/16 16:50:10 | 000,038,848 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\avastSS.scr
[2010/04/16 16:28:32 | 000,000,000 | ---D | C] -- D:\Documents and Settings\LocalService\Application Data\Adobe
[2010/04/16 12:32:09 | 000,000,000 | ---D | C] -- C:\WINDOWS\CSC
[2010/04/11 13:46:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\Minidump
[2010/04/11 13:37:32 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Application Data\Alwil Software
[2010/04/11 13:21:17 | 000,000,000 | ---D | C] -- C:\Program Files\Digital Protection
[2010/04/11 13:16:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\PRAGMAfucriwwkin
[2010/04/11 12:53:00 | 000,000,000 | ---D | C] -- C:\WINDOWS\PRAGMAxetbvornfy
[2010/04/11 12:19:27 | 000,000,000 | ---D | C] -- C:\WINDOWS\PRAGMAadsticxrnn
[2010/04/11 12:15:51 | 000,000,000 | ---D | C] -- C:\WINDOWS\PRAGMAjxvnmdxbvr
[2010/04/11 12:13:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\PRAGMAspfvreecbv
[2010/04/09 17:20:05 | 000,000,000 | ---D | C] -- D:\Documents and Settings\mss\Mes documents\OFFICE One Notes v6.5
[2 D:\Documents and Settings\mss\Mes documents\*.tmp files -> D:\Documents and Settings\mss\Mes documents\*.tmp -> ]
[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
[2010/05/04 23:07:17 | 000,004,660 | ---- | M] () -- D:\Documents and Settings\mss\Local Settings\Application Data\dtesaqh_navps.dat
[2010/05/04 23:07:07 | 000,823,808 | ---- | M] () -- C:\WINDOWS\System32\drivers\baqvdkx.sys
[2010/05/04 23:06:54 | 000,004,690 | ---- | M] () -- D:\Documents and Settings\mss\Local Settings\Application Data\dtesaqh.dat
[2010/05/04 23:05:35 | 006,291,456 | -H-- | M] () -- D:\Documents and Settings\mss\NTUSER.DAT
[2010/05/04 23:05:35 | 000,004,716 | ---- | M] () -- D:\Documents and Settings\All Users\Application Data\fiosejgfse.dll
[2010/05/04 23:04:17 | 000,000,698 | ---- | M] () -- D:\Documents and Settings\All Users\Bureau\pornotube.com.lnk
[2010/05/04 23:04:17 | 000,000,694 | ---- | M] () -- D:\Documents and Settings\All Users\Bureau\nudetube.com.lnk
[2010/05/04 23:04:17 | 000,000,690 | ---- | M] () -- D:\Documents and Settings\All Users\Bureau\youporn.com.lnk
[2010/05/04 22:53:33 | 000,001,050 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010/05/04 22:52:56 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/05/04 22:52:54 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/05/04 22:52:48 | 2145,964,032 | -HS- | M] () -- C:\hiberfil.sys
[2010/05/04 22:52:02 | 002,107,246 | -H-- | M] () -- D:\Documents and Settings\mss\Local Settings\Application Data\IconCache.db
[2010/05/04 22:48:00 | 000,001,054 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010/05/04 21:14:19 | 044,460,280 | ---- | M] () -- D:\Documents and Settings\mss\Bureau\setup_av_free_fre.exe
[2010/05/04 20:47:40 | 000,000,000 | ---- | M] () -- C:\autoexec.bat
[2010/05/04 20:26:31 | 000,570,880 | ---- | M] (OldTimer Tools) -- D:\Documents and Settings\mss\Bureau\OTL.exe
[2010/05/04 20:20:07 | 000,000,958 | ---- | M] () -- C:\WINDOWS\win.ini
[2010/05/04 20:14:41 | 000,001,183 | ---- | M] () -- D:\Documents and Settings\All Users\Application Data\pragmamfeklnmal.dll
[2010/05/04 20:14:23 | 000,438,272 | ---- | M] (elipsoidal) -- D:\Documents and Settings\mss\Local Settings\Application Data\dtesaqh.exe
[2010/05/04 20:13:42 | 000,014,970 | -HS- | M] () -- D:\Documents and Settings\mss\Local Settings\Application Data\6358482v
[2010/05/04 20:13:42 | 000,014,970 | -HS- | M] () -- D:\Documents and Settings\All Users\Application Data\6358482v
[2010/05/04 20:12:55 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/04/17 11:46:43 | 000,000,142 | ---- | M] () -- C:\WINDOWS\System32\PRAGMAwcmiqhgoie.dat
[2010/04/16 17:55:08 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010/04/16 16:50:22 | 000,003,121 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2010/04/16 13:20:13 | 001,121,548 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010/04/16 13:20:13 | 000,510,986 | ---- | M] () -- C:\WINDOWS\System32\perfh00C.dat
[2010/04/16 13:20:13 | 000,441,574 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/04/16 13:20:13 | 000,085,078 | ---- | M] () -- C:\WINDOWS\System32\perfc00C.dat
[2010/04/16 13:20:13 | 000,071,510 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010/04/16 12:41:40 | 000,000,184 | -HS- | M] () -- D:\Documents and Settings\mss\ntuser.ini
[2010/04/11 13:42:11 | 000,020,000 | ---- | M] () -- C:\WINDOWS\System32\rtnrr.dll
[2010/04/11 13:22:05 | 000,020,000 | ---- | M] () -- C:\WINDOWS\System32\n5hti.dll
[2010/04/11 13:19:50 | 000,049,152 | ---- | M] () -- C:\WINDOWS\System32\PRAGMAbiqjgrcvhx.dll
[2010/04/11 13:19:49 | 000,049,152 | ---- | M] () -- C:\WINDOWS\System32\PRAGMAmtssppkpdp.dll
[2010/04/11 13:18:19 | 000,029,696 | ---- | M] () -- C:\WINDOWS\System32\PRAGMApevyycycam.dll
[2010/04/11 13:16:27 | 000,020,000 | ---- | M] () -- C:\WINDOWS\System32\ywv5y.dll
[2010/04/11 13:12:36 | 000,020,000 | ---- | M] () -- C:\WINDOWS\System32\h9pssiq3.dll
[2010/04/11 12:52:30 | 000,020,000 | ---- | M] () -- C:\WINDOWS\System32\qnr49nloq.dll
[2010/04/11 12:19:12 | 000,020,000 | ---- | M] () -- C:\WINDOWS\System32\z4l5zeux5.dll
[2010/04/11 12:15:46 | 000,020,000 | ---- | M] () -- C:\WINDOWS\System32\h90b11.dll
[2010/04/11 12:12:44 | 000,020,000 | ---- | M] () -- C:\WINDOWS\System32\clsomeaq.dll
[2010/04/09 21:12:34 | 000,081,984 | ---- | M] () -- C:\WINDOWS\System32\bdod.bin
[2010/04/09 17:41:25 | 000,154,112 | ---- | M] () -- D:\Documents and Settings\mss\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/04/06 19:32:44 | 000,183,808 | RHS- | M] () -- D:\Documents and Settings\mss\csrss.exe
[2 D:\Documents and Settings\mss\Mes documents\*.tmp files -> D:\Documents and Settings\mss\Mes documents\*.tmp -> ]
[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[color=#E56717]========== Files Created - No Company Name ==========[/color]
[2010/05/04 21:13:56 | 044,460,280 | ---- | C] () -- D:\Documents and Settings\mss\Bureau\setup_av_free_fre.exe
[2010/05/04 20:47:40 | 000,000,000 | ---- | C] () -- C:\autoexec.bat
[2010/05/04 20:14:26 | 000,004,811 | ---- | C] () -- D:\Documents and Settings\mss\Local Settings\Application Data\dtesaqh_navps.dat
[2010/05/04 20:14:25 | 000,329,530 | ---- | C] () -- D:\Documents and Settings\mss\Local Settings\Application Data\dtesaqh_nav.dat
[2010/05/04 20:14:25 | 000,004,690 | ---- | C] () -- D:\Documents and Settings\mss\Local Settings\Application Data\dtesaqh.dat
[2010/04/17 11:53:04 | 000,014,970 | -HS- | C] () -- D:\Documents and Settings\mss\Local Settings\Application Data\6358482v
[2010/04/17 11:53:04 | 000,014,970 | -HS- | C] () -- D:\Documents and Settings\All Users\Application Data\6358482v
[2010/04/16 17:09:39 | 000,000,698 | ---- | C] () -- D:\Documents and Settings\All Users\Bureau\pornotube.com.lnk
[2010/04/16 17:09:39 | 000,000,694 | ---- | C] () -- D:\Documents and Settings\All Users\Bureau\nudetube.com.lnk
[2010/04/16 17:09:39 | 000,000,690 | ---- | C] () -- D:\Documents and Settings\All Users\Bureau\youporn.com.lnk
[2010/04/16 12:42:18 | 2145,964,032 | -HS- | C] () -- C:\hiberfil.sys
[2010/04/16 12:41:17 | 000,380,928 | ---- | C] () -- C:\WINDOWS\System32\actskin4.ocx
[2010/04/11 13:43:58 | 000,004,716 | ---- | C] () -- D:\Documents and Settings\All Users\Application Data\fiosejgfse.dll
[2010/04/11 13:42:11 | 000,020,000 | ---- | C] () -- C:\WINDOWS\System32\rtnrr.dll
[2010/04/11 13:22:05 | 000,020,000 | ---- | C] () -- C:\WINDOWS\System32\n5hti.dll
[2010/04/11 13:19:51 | 000,001,183 | ---- | C] () -- D:\Documents and Settings\All Users\Application Data\pragmamfeklnmal.dll
[2010/04/11 13:19:50 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\PRAGMAbiqjgrcvhx.dll
[2010/04/11 13:19:49 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\PRAGMAmtssppkpdp.dll
[2010/04/11 13:18:42 | 000,000,142 | ---- | C] () -- C:\WINDOWS\System32\PRAGMAwcmiqhgoie.dat
[2010/04/11 13:18:19 | 000,029,696 | ---- | C] () -- C:\WINDOWS\System32\PRAGMApevyycycam.dll
[2010/04/11 13:16:27 | 000,020,000 | ---- | C] () -- C:\WINDOWS\System32\ywv5y.dll
[2010/04/11 13:12:54 | 000,823,808 | ---- | C] () -- C:\WINDOWS\System32\drivers\baqvdkx.sys
[2010/04/11 13:12:36 | 000,020,000 | ---- | C] () -- C:\WINDOWS\System32\h9pssiq3.dll
[2010/04/11 12:52:30 | 000,020,000 | ---- | C] () -- C:\WINDOWS\System32\qnr49nloq.dll
[2010/04/11 12:19:12 | 000,020,000 | ---- | C] () -- C:\WINDOWS\System32\z4l5zeux5.dll
[2010/04/11 12:15:46 | 000,020,000 | ---- | C] () -- C:\WINDOWS\System32\h90b11.dll
[2010/04/11 12:12:44 | 000,020,000 | ---- | C] () -- C:\WINDOWS\System32\clsomeaq.dll
[2010/04/09 19:03:49 | 000,183,808 | RHS- | C] () -- D:\Documents and Settings\mss\csrss.exe
[2009/12/07 18:09:30 | 000,000,025 | ---- | C] () -- C:\WINDOWS\SIERRA.INI
[2009/02/18 22:26:55 | 000,114,688 | ---- | C] () -- C:\WINDOWS\System32\WLANUTL.dll
[2008/01/04 20:25:41 | 000,000,030 | ---- | C] () -- C:\WINDOWS\Iedit.INI
[2007/07/07 10:08:22 | 000,000,379 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2007/07/07 09:54:15 | 000,606,720 | ---- | C] () -- C:\WINDOWS\System32\OoPdfManagerPopup.dll
[2007/06/22 21:09:32 | 000,000,097 | ---- | C] () -- C:\WINDOWS\System32\PICSDK.ini
[2007/06/22 21:05:43 | 000,000,025 | ---- | C] () -- C:\WINDOWS\CDE DX5000EFDG.ini
[2007/04/12 07:51:17 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2007/04/12 07:44:51 | 000,000,602 | ---- | C] () -- C:\WINDOWS\System32\SETUPPC.INI
[2007/04/12 07:40:24 | 000,000,059 | ---- | C] () -- C:\WINDOWS\WININIT.INI
[2007/04/12 07:38:12 | 000,007,604 | ---- | C] () -- C:\WINDOWS\HDReg.ini
[2007/04/12 07:24:12 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\34CoInstaller.dll
[2007/04/12 07:24:00 | 000,135,168 | ---- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll
[2007/04/12 07:23:17 | 000,294,912 | ---- | C] () -- C:\WINDOWS\PIC.dll
[2006/07/26 08:57:34 | 000,006,741 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2006/01/12 12:23:10 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2005/08/05 15:38:54 | 000,235,008 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2003/10/09 15:16:46 | 000,452,608 | ---- | C] () -- C:\WINDOWS\System32\OoneZipPopup.dll
[2001/07/06 16:30:00 | 000,003,279 | ---- | C] () -- C:\WINDOWS\System32\HPTCPMON.INI
[1999/01/22 20:46:58 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\MSRTEDIT.DLL
[color=#E56717]========== Custom Scans ==========[/color]
[color=#A23BEC]< %SYSTEMDRIVE%\*.exe >[/color]
[color=#A23BEC]< MD5 for: AGP440.SYS >[/color]
[2004/08/10 14:00:00 | 017,013,719 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2004/08/10 14:00:00 | 017,013,719 | ---- | M] () .cab file -- C:\WINDOWS\I386\sp2.cab:AGP440.sys
[2008/04/13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\SoftwareDistribution\Download\44b6174a4a693136d02d4a7ecd7cbd54\agp440.sys
[2004/08/03 23:07:42 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\WINDOWS\system32\drivers\AGP440.SYS
[color=#A23BEC]< MD5 for: ATAPI.SYS >[/color]
[2004/08/10 14:00:00 | 017,013,719 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2004/08/10 14:00:00 | 017,013,719 | ---- | M] () .cab file -- C:\WINDOWS\I386\sp2.cab:atapi.sys
[2008/04/13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\SoftwareDistribution\Download\44b6174a4a693136d02d4a7ecd7cbd54\atapi.sys
[2004/08/03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\drivers\atapi.sys
[color=#A23BEC]< MD5 for: EVENTLOG.DLL >[/color]
[2004/08/10 14:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=21E83876A6287F15538EF187D286FE11 -- C:\WINDOWS\system32\eventlog.dll
[2008/04/14 04:33:24 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=4EC800BDF80521B0207BD2301DFC7D14 -- C:\WINDOWS\SoftwareDistribution\Download\44b6174a4a693136d02d4a7ecd7cbd54\eventlog.dll
[color=#A23BEC]< MD5 for: NETLOGON.DLL >[/color]
[2008/04/14 04:33:34 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=04821179C3171554C1BD1F9888A113E2 -- C:\WINDOWS\SoftwareDistribution\Download\44b6174a4a693136d02d4a7ecd7cbd54\netlogon.dll
[2009/02/06 20:46:49 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=ECD7791E0E9246CA5F218A19F3911EB9 -- C:\WINDOWS\system32\dllcache\netlogon.dll
[2009/02/06 20:46:49 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=ECD7791E0E9246CA5F218A19F3911EB9 -- C:\WINDOWS\system32\netlogon.dll
[2004/08/10 14:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=FAF07FDCDE76000621A28D19F8E2E8EB -- C:\WINDOWS\$NtUninstallKB968389$\netlogon.dll
[color=#A23BEC]< MD5 for: NVATA.SYS >[/color]
[2006/06/28 17:38:56 | 000,105,088 | ---- | M] (NVIDIA Corporation) MD5=9ECCD189A9554C30A0D18A429778C7BA -- C:\PNP\MOBO\NVATA.SYS
[2006/06/28 17:38:56 | 000,105,088 | ---- | M] (NVIDIA Corporation) MD5=9ECCD189A9554C30A0D18A429778C7BA -- C:\WINDOWS\system32\drivers\nvata.sys
[color=#A23BEC]< MD5 for: NVATABUS.SYS >[/color]
[2006/06/28 17:38:56 | 000,105,088 | ---- | M] (NVIDIA Corporation) MD5=9ECCD189A9554C30A0D18A429778C7BA -- C:\PNP\MOBO\NVATABUS.SYS
[color=#A23BEC]< MD5 for: SCECLI.DLL >[/color]
[2008/04/14 04:33:40 | 000,187,392 | ---- | M] (Microsoft Corporation) MD5=973B36634C544948C663E8269AA1B3A3 -- C:\WINDOWS\SoftwareDistribution\Download\44b6174a4a693136d02d4a7ecd7cbd54\scecli.dll
[2004/08/10 14:00:00 | 000,186,368 | ---- | M] (Microsoft Corporation) MD5=DEC0397F35D027874804EC72979D03CC -- C:\WINDOWS\system32\scecli.dll
[color=#A23BEC]< %systemroot%\*. /mp /s >[/color]
[color=#A23BEC]< %systemroot%\system32\*.dll /lockedfiles >[/color]
[2005/07/26 06:39:57 | 001,267,200 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\WINDOWS\system32\comsvcs.dll
[2010/03/11 14:34:31 | 000,347,136 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\WINDOWS\system32\dxtmsft.dll
[2010/03/11 14:34:31 | 000,214,528 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\WINDOWS\system32\dxtrans.dll
[2004/08/10 14:00:00 | 001,392,671 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\WINDOWS\system32\msvbvm60.dll
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
[color=#A23BEC]< %systemroot%\Tasks\*.job /lockedfiles >[/color]
< End of report >
En espérant que vous pourrez m'aider
Cordialement
Clément