PC infecté, a l'aide !!! - Page 2

Précédent
  • 1
  • 2
  1. mou_yem Messages postés 116 Statut Membre 1
     
    Salut,

    voici le rapport:

    ComboFix 10-01-02.05 - Mourad 01/03/2010 20:12:37.1.2 - x86
    Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3063.2589 [GMT 3:00]
    Running from: c:\documents and settings\Mourad\Desktop\ComboFix.exe
    AV: AntiVir Desktop *On-access scanning disabled* (Updated) {AD166499-45F9-482A-A743-FDD3350758C7}
    FW: PC Tools Firewall Plus *enabled* {ABBD5028-5A95-4B6D-996E-98D64AE88D52}
    .

    ((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
    .

    c:\progra~1\COMMON~1\{525D3~1
    c:\progra~1\COMMON~1\{525D3~1\slscp.log
    c:\progra~1\COMMON~1\{525D3~1\SLTLINK\autorun.inf
    c:\progra~1\COMMON~1\{525D3~1\SLTLINK\Ivr.scp
    c:\progra~1\COMMON~1\{525D3~1\SLTLINK\readme.txt
    c:\progra~1\COMMON~1\{525D3~1\SLTLINK\Setup.exe
    c:\progra~1\COMMON~1\{525D3~1\SLTLINK\Setup.MSI
    c:\progra~1\COMMON~1\{525D3~1\SLTLINK\Setup.scp
    c:\progra~1\COMMON~1\{525D3~1\SLTLINK\SLExtBU\ivr.scp
    c:\progra~1\COMMON~1\{525D3~1\SLTLINK\SLExtBU\Setup.scp
    c:\progra~1\COMMON~1\{525D3~1\SLTLINK\slusbvip.cat
    c:\progra~1\COMMON~1\{525D3~1\SLTLINK\slusbvip.inf
    c:\progra~1\COMMON~1\{525D3~1\SLTLINK\slusbvip.sys
    c:\progra~1\COMMON~1\{525D3~1\SLTLINK\slvad.cat
    c:\progra~1\COMMON~1\{525D3~1\SLTLINK\slvad.inf
    c:\progra~1\COMMON~1\{525D3~1\SLTLINK\slvad.sys
    c:\progra~1\COMMON~1\{525D3~1\SLTLINK\slvipco.dll
    c:\progra~1\COMMON~1\{525D3~1\SLTLINK\slvipgx.dll
    c:\progra~1\COMMON~1\{525D3~1\SLTLINK\TLRecAgent.sys

    .
    ((((((((((((((((((((((((( Files Created from 2009-12-03 to 2010-01-03 )))))))))))))))))))))))))))))))
    .

    2010-01-02 04:36 . 2010-01-02 04:36 -------- d--h--w- c:\windows\PIF
    2010-01-02 03:58 . 2010-01-02 03:58 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Application Data\ESET
    2010-01-02 03:57 . 2010-01-02 04:22 -------- d-----w- C:\UsbFix
    2010-01-02 03:48 . 2010-01-02 03:49 -------- d-----w- C:\rsit
    2010-01-02 02:58 . 2010-01-02 02:58 -------- d-----w- c:\documents and settings\All Users\Application Data\ESET
    2010-01-01 18:18 . 2010-01-02 02:58 -------- d-----w- c:\program files\ESET
    2010-01-01 11:51 . 2009-06-30 06:37 28552 ----a-w- c:\windows\system32\drivers\pavboot.sys
    2010-01-01 03:39 . 2010-01-01 03:41 -------- d-----w- c:\program files\OpenVPN
    2009-12-31 18:22 . 2009-03-25 11:29 130432 ----a-w- c:\windows\system32\drivers\Rtnicxp.sys
    2009-12-31 17:28 . 2004-08-03 19:31 20992 -c--a-w- c:\windows\system32\dllcache\rtl8139.sys
    2009-12-31 17:28 . 2004-08-03 19:31 20992 ----a-w- c:\windows\system32\drivers\RTL8139.sys
    2009-12-30 15:27 . 2009-12-30 15:27 6868368 ----a-w- c:\documents and settings\Mourad\Application Data\ESTsoft\ALUpdate\ALZIP\newfile\TEMP\ALZip.exe
    2009-12-23 22:52 . 2009-12-23 22:52 -------- d-----w- c:\program files\Common Files\Skype
    2009-12-23 15:56 . 2009-12-23 15:57 -------- d-----w- c:\documents and settings\Mourad\Application Data\RealTunnelv2
    2009-12-20 21:33 . 2009-12-20 21:33 -------- d-----w- c:\documents and settings\All Users\Application Data\SolarWinds
    2009-12-20 21:32 . 2009-12-20 21:32 -------- d-----w- c:\program files\SolarWinds
    2009-12-20 20:16 . 2009-12-20 20:16 729088 ----a-w- c:\windows\iun6002.exe
    2009-12-20 20:16 . 2009-12-20 21:47 -------- d-----w- c:\program files\TFTP Desktop
    2009-12-20 08:33 . 2009-10-12 13:38 149504 -c----w- c:\windows\system32\dllcache\rastls.dll
    2009-12-20 08:33 . 2009-10-12 13:38 79872 -c----w- c:\windows\system32\dllcache\raschap.dll
    2009-12-20 08:31 . 2009-10-13 10:30 270336 -c----w- c:\windows\system32\dllcache\oakley.dll

    .
    (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2010-01-03 15:00 . 2009-04-22 14:35 -------- d-----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
    2010-01-03 10:39 . 2009-08-18 03:15 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP
    2010-01-03 04:12 . 2009-04-23 21:22 1 ----a-w- c:\documents and settings\Mourad\Application Data\OpenOffice.org\3\user\uno_packages\cache\stamp.sys
    2010-01-02 10:23 . 2009-04-23 03:01 -------- d-----w- c:\program files\Real
    2010-01-02 08:56 . 2009-04-23 03:01 -------- d-----w- c:\program files\Common Files\Real
    2010-01-01 13:21 . 2009-06-07 10:28 -------- d-----w- c:\program files\Panda Security
    2010-01-01 00:18 . 2009-04-22 23:09 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
    2010-01-01 00:18 . 2009-04-22 23:10 5061520 -c--a-w- c:\documents and settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\mbam-setup.exe
    2009-12-31 23:41 . 2009-04-29 23:02 -------- d-----w- c:\program files\ma-config.com
    2009-12-31 22:34 . 2009-08-18 03:14 -------- d-----w- c:\program files\PC Tools Firewall Plus
    2009-12-31 18:22 . 2009-04-22 13:49 -------- d-----w- c:\program files\Realtek
    2009-12-31 18:22 . 2009-04-22 13:49 -------- d--h--w- c:\program files\InstallShield Installation Information
    2009-12-31 18:14 . 2009-04-29 23:02 -------- d-----w- c:\documents and settings\All Users\Application Data\ma-config.com
    2009-12-31 05:03 . 2009-10-13 18:49 -------- d-----w- c:\documents and settings\Mourad\Application Data\Skype
    2009-12-31 05:00 . 2009-04-22 23:13 -------- d-----w- c:\documents and settings\Mourad\Application Data\skypePM
    2009-12-30 18:19 . 2009-08-01 10:35 -------- d-----w- c:\documents and settings\Mourad\Application Data\vlc
    2009-12-30 11:55 . 2009-04-22 23:09 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
    2009-12-30 11:54 . 2009-04-22 23:09 19160 -c--a-w- c:\windows\system32\drivers\mbam.sys
    2009-12-24 04:03 . 2009-04-22 22:57 -------- d-----w- c:\program files\Google Chrome
    2009-12-23 22:52 . 2009-10-13 18:48 -------- d-----r- c:\program files\Skype
    2009-12-23 22:52 . 2009-04-22 23:11 -------- d-----w- c:\documents and settings\All Users\Application Data\Skype
    2009-12-20 08:49 . 2009-04-22 14:35 -------- d-----w- c:\program files\Spybot - Search & Destroy
    2009-12-20 08:48 . 2009-07-14 16:13 56816 ----a-w- c:\windows\system32\drivers\avgntflt.sys
    2009-11-11 06:30 . 2009-10-19 21:48 177056 ----a-w- c:\documents and settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
    2009-11-11 03:13 . 2009-06-06 15:08 -------- d-----w- c:\documents and settings\Mourad\Application Data\HP
    2009-11-11 03:13 . 2009-06-06 14:48 -------- d-----w- c:\documents and settings\All Users\Application Data\HP
    2009-11-11 02:14 . 2009-04-22 14:05 32024 -c--a-w- c:\documents and settings\Mourad\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
    2009-11-03 21:04 . 2008-07-31 22:42 25984 ----a-w- c:\windows\system32\drivers\tap0901.sys
    2009-10-31 08:23 . 2009-04-22 14:23 411368 -c--a-w- c:\windows\system32\deploytk.dll
    2009-10-29 07:45 . 2004-09-29 18:47 916480 ----a-w- c:\windows\system32\wininet.dll
    2009-10-13 10:30 . 2004-08-04 12:00 270336 ----a-w- c:\windows\system32\oakley.dll
    2009-10-12 13:38 . 2004-08-04 12:00 149504 ----a-w- c:\windows\system32\rastls.dll
    2009-10-12 13:38 . 2004-08-04 12:00 79872 ----a-w- c:\windows\system32\raschap.dll
    .

    ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Note* empty entries & legit default entries are not shown
    REGEDIT4

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153]
    "00PCTFW"="c:\program files\PC Tools Firewall Plus\FirewallGUI.exe" [2009-02-23 2652056]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
    "HonorAutoRunSetting"= 0 (0x0)

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
    "HonorAutoRunSetting"= 0 (0x0)

    [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Bluetooth.lnk]
    path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Bluetooth.lnk
    backup=c:\windows\pss\Bluetooth.lnkCommon Startup

    [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]
    path=c:\documents and settings\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
    backup=c:\windows\pss\HP Digital Imaging Monitor.lnkCommon Startup

    [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^KeyyoFax.lnk]
    path=c:\documents and settings\All Users\Start Menu\Programs\Startup\KeyyoFax.lnk
    backup=c:\windows\pss\KeyyoFax.lnkCommon Startup

    [HKLM\~\startupfolder\C:^Documents and Settings^Mourad^Start Menu^Programs^Startup^OpenOffice.org 3.0.lnk]
    path=c:\documents and settings\Mourad\Start Menu\Programs\Startup\OpenOffice.org 3.0.lnk
    backup=c:\windows\pss\OpenOffice.org 3.0.lnkStartup

    [HKLM\~\startupfolder\C:^Documents and Settings^Mourad^Start Menu^Programs^Startup^Outil de notification Live Search.lnk]
    path=c:\documents and settings\Mourad\Start Menu\Programs\Startup\Outil de notification Live Search.lnk
    backup=c:\windows\pss\Outil de notification Live Search.lnkStartup
    HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\C:
    HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\C:\WINDOWS
    HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\c:\windows\system32

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\c:\windows\system32\V0420Ext.ax]
    c:\windows\system32\V0420Ext.ax [X]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CnxDslTaskBar]
    c:\program files\ZTE Corporation\ZXDSL852\CnxDslTb.exe ZTE Corporation\ZXDSL852 [X]
    HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ParadialRealTun2
    HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WengoPhoneNG

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
    2009-09-04 09:08 935288 -c--a-r- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
    2009-10-03 01:08 35696 -c--a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Alcmtr]
    2009-03-02 08:14 57344 -c--a-w- c:\windows\ALCMTR.EXE

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BluetoothAuthenticationAgent]
    2008-04-14 00:12 110592 -c--a-w- c:\windows\system32\bthprops.cpl

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\c:\windows\system32\V0420Cvw.dll]
    2007-05-14 01:00 262144 -c--a-r- c:\windows\system32\V0420CVW.dll

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
    2008-04-14 00:12 15360 ------w- c:\windows\system32\ctfmon.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\diagnostics]
    2009-05-08 21:19 557149 -c--a-w- c:\program files\Thomson\ST330\diagnostics\diagnostics.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DLinkMonitor.exe]
    2007-01-03 11:12 651264 -c--a-w- c:\program files\D-Link\D-Link USB VoIP Adapter\DLinkMonitor.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FlashPlayerUpdate]
    2009-07-18 03:21 257440 -c--a-w- c:\windows\system32\Macromed\Flash\NPSWF32_FlashUtil.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
    2009-04-22 22:50 133104 -c--atw- c:\documents and settings\Mourad\Local Settings\Application Data\Google\Update\GoogleUpdate.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]
    2008-02-15 09:46 159744 -c--a-w- c:\windows\system32\hkcmd.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
    2007-10-14 18:17 49152 -c--a-w- c:\program files\HP\HP Software Update\hpwuSchd2.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\hpqSRMon]
    2007-08-22 13:31 80896 -c--a-w- c:\program files\HP\Digital Imaging\bin\HpqSRmon.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]
    2008-02-15 09:46 135168 -c--a-w- c:\windows\system32\igfxtray.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Messenger (Yahoo!)]
    2009-03-18 15:50 4363504 -c--a-w- c:\program files\Yahoo!\Messenger\YahooMessenger.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSConfig]
    2008-04-14 00:12 169984 -c--a-w- c:\windows\pchealth\helpctr\binaries\msconfig.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
    2009-08-26 20:07 3883856 -c--a-w- c:\program files\Windows Live\Messenger\msnmsgr.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
    2008-05-28 05:27 570664 -c--a-w- c:\program files\Common Files\Ahead\Lib\NeroCheck.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence]
    2008-02-15 09:46 131072 -c--a-w- c:\windows\system32\igfxpers.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL]
    2009-04-10 10:38 17879552 -c--a-w- c:\windows\RTHDCPL.EXE

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SkyTel]
    2007-11-20 15:15 1826816 -c--a-w- c:\windows\SkyTel.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer]
    2009-03-05 13:07 2260480 -c----w- c:\program files\Spybot - Search & Destroy\TeaTimer.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
    2009-10-31 08:23 149280 -c--a-w- c:\program files\Java\jre6\bin\jusched.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\V0420Mon.exe]
    2007-04-30 01:00 32768 -c--a-r- c:\windows\V0420Mon.exe

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
    "EnableFirewall"= 0 (0x0)

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
    "%windir%\\system32\\sessmgr.exe"=
    "%windir%\\Network Diagnostic\\xpnetdiag.exe"=
    "c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
    "c:\\Program Files\\Thomson\\ST330\\service\\st330service.exe"=
    "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
    "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
    "c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
    "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpiscnapp.exe"=
    "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
    "c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
    "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
    "c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
    "c:\\Program Files\\Skype\\Phone\\Skype.exe"=

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
    "5060:UDP"= 5060:UDP:5060
    "5061:UDP"= 5061:UDP:5061
    "16384:UDP"= 16384:UDP:16384
    "16482:UDP"= 16482:UDP:16482

    R0 BtHidBus;Bluetooth HID Bus Service;c:\windows\system32\drivers\BtHidBus.sys [1/7/2009 11:39 PM 20744]
    R0 pavboot;pavboot;c:\windows\system32\drivers\pavboot.sys [1/1/2010 2:51 PM 28552]
    R0 TLRecAgent;TLRecAgent;c:\windows\system32\drivers\TLRecAgent.sys [7/22/2009 11:19 AM 37208]
    R1 pctgntdi;pctgntdi;c:\windows\system32\drivers\pctgntdi.sys [8/18/2009 6:15 AM 159600]
    R2 AntiVirSchedulerService;Avira AntiVir Planificateur;c:\program files\Avira\AntiVir Desktop\sched.exe [7/14/2009 7:13 PM 108289]
    R2 PCTAppEvent;PCTAppEvent Driver;c:\windows\system32\drivers\PCTAppEvent.sys [8/18/2009 6:15 AM 73840]
    R2 VService;VService;c:\program files\D-Link\D-Link USB VoIP Adapter\VServ.exe [1/2/2007 1:07 PM 105208]
    R3 pctplfw;pctplfw;c:\windows\system32\drivers\pctplfw.sys [8/18/2009 6:14 AM 95640]
    R3 ST330;ST330;c:\windows\system32\drivers\st330.sys [4/30/2009 7:43 PM 30464]
    R3 STBUS;STBUS;c:\windows\system32\drivers\stbus.sys [4/30/2009 7:43 PM 12672]
    R3 stppp;Speedtouch PPP Adapter Adapter;c:\windows\system32\drivers\stppp.sys [4/30/2009 7:43 PM 32000]
    S2 gupdate1c9c3c0e7640a00;Service Google Update (gupdate1c9c3c0e7640a00);c:\program files\Google\Update\GoogleUpdate.exe [4/23/2009 6:09 AM 133104]
    S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [4/30/2009 3:13 AM 1684736]
    S3 btnetBUs;Bluetooth PAN Bus Service;c:\windows\system32\drivers\btnetBus.sys [12/7/2008 12:44 PM 30088]
    S3 CnxEtP;ZTE ZXDSL852 Adapter Filter Driver;c:\windows\system32\DRIVERS\CnxEtP.sys --> c:\windows\system32\DRIVERS\CnxEtP.sys [?]
    S3 CnxEtU;ZTE ZXDSL852 Interface Device Driver;c:\windows\system32\DRIVERS\CnxEtU.sys --> c:\windows\system32\DRIVERS\CnxEtU.sys [?]
    S3 CnxTgNW;ZTE ZXDSL852 WAN PPPoA Adapter Driver;c:\windows\system32\DRIVERS\CnxTgNW.sys --> c:\windows\system32\DRIVERS\CnxTgNW.sys [?]
    S3 DOSMEMIO;MEMIO;\??\g:\memio.sys --> g:\MEMIO.SYS [?]
    S3 IvtBtBUs;IVT Bluetooth Bus Service;c:\windows\system32\drivers\IvtBtBus.sys [7/2/2008 2:58 PM 26248]
    S3 maconfservice;Ma-Config Service;c:\program files\ma-config.com\maconfservice.exe [12/17/2009 7:00 PM 243056]
    S3 slusbvip;SL3800 USB Driver;c:\windows\system32\drivers\slusbvip.sys [7/22/2009 11:19 AM 591832]
    S3 SLVAD_simple;D-Link Virtual Audio Device;c:\windows\system32\drivers\slvad.sys [7/22/2009 11:20 AM 85656]
    S3 SolarWinds TFTP Server;SolarWinds TFTP Server;c:\program files\SolarWinds\TFTPServer\SolarWinds TFTP Server.exe [10/20/2009 9:52 PM 54272]
    S3 V0420VID;Live! Cam Vista IM (VF0420);c:\windows\system32\drivers\V0420Vid.sys [5/31/2009 5:38 PM 99648]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
    HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
    hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
    .
    Contents of the 'Scheduled Tasks' folder

    2010-01-03 c:\windows\Tasks\defrag.job
    - c:\windows\system32\defrag.exe [2004-08-04 00:12]

    2010-01-03 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
    - c:\program files\Google\Update\GoogleUpdate.exe [2009-04-23 03:09]

    2010-01-03 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
    - c:\program files\Google\Update\GoogleUpdate.exe [2009-04-23 03:09]

    2010-01-03 c:\windows\Tasks\User_Feed_Synchronization-{894F263C-E34C-448D-AD66-4A9A7005FF4A}.job
    - c:\windows\system32\msfeedssync.exe [2009-03-08 01:31]
    .
    .
    ------- Supplementary Scan -------
    .
    uInternet Settings,ProxyOverride = local
    IE: Send To &Bluetooth - c:\program files\Belkin\Bluetooth Software\btsendto_ie_ctx.htm
    TCP: {33AFB313-4EC0-403E-A9F3-948279A1C833} = 82.114.162.33 195.94.0.34
    FF - ProfilePath - c:\documents and settings\Mourad\Application Data\Mozilla\Firefox\Profiles\moulsvwe.default\
    FF - prefs.js: browser.search.selectedEngine - Live Search
    FF - prefs.js: browser.startup.homepage - hxxp://www.google.fr/
    FF - prefs.js: keyword.URL - hxxp://search.live.com/results.aspx?mkt=fr-FR&FORM=MIMWA5&q=
    FF - plugin: c:\documents and settings\Mourad\Local Settings\Application Data\Google\Update\1.2.141.5\npGoogleOneClick7.dll
    FF - plugin: c:\program files\Google\Google Earth\plugin\npgeplugin.dll
    FF - plugin: c:\program files\Google\Update\1.2.183.13\npGoogleOneClick8.dll
    FF - plugin: c:\program files\ma-config.com\nphardwaredetection.dll
    FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
    .
    - - - - ORPHANS REMOVED - - - -

    MSConfigStartUp-BtTray - c:\program files\IVT Corporation\BlueSoleil\BtTray.exe
    MSConfigStartUp-InCD - c:\program files\Nero\Nero 7\InCD\InCD.exe
    MSConfigStartUp-SecurDisc - c:\program files\Nero\Nero 7\InCD\NBHGui.exe
    MSConfigStartUp-SpeedTouch USB Diagnostics - c:\program files\Thomson\SpeedTouch USB\Dragdiag.exe
    MSConfigStartUp-TkBellExe - c:\program files\Common Files\Real\Update_OB\realsched.exe
    MSConfigStartUp-TLinkAgent - c:\program files\D-Link\D-Link USB Phone Adapter\DPH-50U Utility.exe

    **************************************************************************
    scanning hidden processes ...

    scanning hidden autostart entries ...

    scanning hidden files ...

    scan completed successfully
    hidden files:

    **************************************************************************

    [HKEY_LOCAL_MACHINE\System\ControlSet001\Services\st330service]
    "ImagePath"="C:\Program Files/Thomson/ST330/service/st330service.exe -service"
    .
    --------------------- DLLs Loaded Under Running Processes ---------------------

    - - - - - - - > 'winlogon.exe'(668)
    c:\windows\system32\MSVCP60.dll
    .
    Completion time: 2010-01-03 20:18:35
    ComboFix-quarantined-files.txt 2010-01-03 17:18

    Pre-Run: 22,489,088,000 bytes free
    Post-Run: 22,441,598,976 bytes free

    WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe
    [boot loader]
    timeout=2
    default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
    [operating systems]
    c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
    multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect

    - - End Of File - - 35D177D1D3026A8FB727AE1E0B1733D7
    0
  2. mou_yem Messages postés 116 Statut Membre 1
     
    Bonsoir,

    J'ai reussi a mener le scan a terme. Voici le rapport:

    BitDefender Online Scanner

    Rapport d'analyse gnr : Mon, Jan 04, 2010 - 00:27:54

    Voie d'analyse: A:\;C:\;D:\;E:\;F:\;G:\;I:\;

    Statistiques

    Temps
    01:47:55

    Fichiers
    76633

    Directoires
    6576

    Secteurs de boot
    0

    Archives
    1694

    Paquets programmes
    4170

    Rsultats

    Virus identifis
    1

    Fichiers infects
    3

    Fichiers suspects
    0

    Avertissements
    0

    Dsinfects
    0

    Fichiers effacs
    3

    Info sur les moteurs

    Dfinition virus
    4811475

    Version des moteurs
    AVCORE v2.1 Windows/i386 11.0.0.33 (Nov 24 2009)

    Analyse des plugins
    17

    Archive des plugins
    44

    Unpack des plugins
    8

    E-mail plugins
    6

    Systme plugins
    4

    Paramtres d'analyse

    Premire action
    Désinfecté

    Seconde Action
    Supprimés

    Heuristique
    Oui

    Acceptez les avertissements
    Oui

    Extensions analyses
    exe;com;dll;ocx;scr;bin;dat;386;vxd;sys;wdm;cla;class;ovl;ole;hlp;doc;dot;xls;ppt;wbk;wiz;pot;ppa;xla;xlt;vbs;vbe;mdb;rtf;htm;hta;html;xml;xtp;php;asp;js;shs;chm;lnk;pif;prc;url;smm;pfd;msi;ini;csc;cmd;bas;

    Excludez les extensions

    Analyse d'emails
    Oui

    Analyse des Archives
    Oui

    Analyser paquets programmes
    Oui

    Analyse des fichiers
    Oui

    Analyse de boot
    Oui

    Fichier analys
    Statut

    C:\System Volume Information\_restore{DB3E0604-AAFE-4E2E-9854-F409F163C479}\RP236\A0123577.exe
    Infecté par: Gen:Trojan.Heur.AutoIT.Yq3@byjiJjfO

    C:\System Volume Information\_restore{DB3E0604-AAFE-4E2E-9854-F409F163C479}\RP236\A0123577.exe
    Echec de la désinfection

    C:\System Volume Information\_restore{DB3E0604-AAFE-4E2E-9854-F409F163C479}\RP236\A0123577.exe
    Supprimé

    C:\System Volume Information\_restore{DB3E0604-AAFE-4E2E-9854-F409F163C479}\RP236\A0129574.exe
    Infecté par: Gen:Trojan.Heur.AutoIT.Yq3@byjiJjfO

    C:\System Volume Information\_restore{DB3E0604-AAFE-4E2E-9854-F409F163C479}\RP236\A0129574.exe
    Echec de la désinfection

    C:\System Volume Information\_restore{DB3E0604-AAFE-4E2E-9854-F409F163C479}\RP236\A0129574.exe
    Supprimé

    C:\System Volume Information\_restore{DB3E0604-AAFE-4E2E-9854-F409F163C479}\RP241\A0134569.exe
    Infecté par: Gen:Trojan.Heur.AutoIT.Yq3@byjiJjfO

    C:\System Volume Information\_restore{DB3E0604-AAFE-4E2E-9854-F409F163C479}\RP241\A0134569.exe
    Echec de la désinfection

    C:\System Volume Information\_restore{DB3E0604-AAFE-4E2E-9854-F409F163C479}\RP241\A0134569.exe
    Supprimé

    C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Build.Framework\3.5.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
    Nettoyé

    C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Build.Tasks
    Nettoyé

    C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a
    Nettoyé

    C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll
    Nettoyé

    C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Build.Tasks.resources
    Nettoyé

    C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Build.Tasks.resources\2.0.0.0_fr_b03f5f7f11d50a3a
    Nettoyé

    C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Build.Tasks.resources\2.0.0.0_fr_b03f5f7f11d50a3a\Microsoft.Build.Tasks.resources.dll
    Nettoyé

    C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Build.Tasks.v3.5
    Nettoyé

    C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Build.Tasks.v3.5\3.5.0.0__b03f5f7f11d50a3a
    Nettoyé

    C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Build.Tasks.v3.5\3.5.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.v3.5.dll
    Nettoyé

    C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Build.Tasks.v3.5.resources
    Nettoyé

    C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Build.Tasks.v3.5.resources\3.5.0.0_fr_b03f5f7f11d50a3a
    Nettoyé

    C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Build.Tasks.v3.5.resources\3.5.0.0_fr_b03f5f7f11d50a3a\Microsoft.Build.Tasks.v3.5.resources.dll
    Nettoyé

    C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Build.Utilities
    Nettoyé

    C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a
    Nettoyé

    C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll
    Nettoyé

    C:\WINDOWS\assembly\GAC_MSIL\microsoft.build.utilities.resources
    Nettoyé

    C:\WINDOWS\assembly\GAC_MSIL\microsoft.build.utilities.resources\2.0.0.0_fr_b03f5f7f11d50a3a
    Nettoyé

    C:\WINDOWS\assembly\GAC_MSIL\microsoft.build.utilities.resources\2.0.0.0_fr_b03f5f7f11d50a3a\Microsoft.Build.Utilities.Resources.dll
    Nettoyé

    C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Build.Utilities.v3.5
    Nettoyé

    C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Build.Utilities.v3.5\3.5.0.0__b03f5f7f11d50a3a
    Nettoyé

    C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Build.Utilities.v3.5\3.5.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.v3.5.dll
    Nettoyé

    C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Build.Utilities.v3.5.resources
    Nettoyé

    C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Build.Utilities.v3.5.resources\3.5.0.0_fr_b03f5f7f11d50a3a
    Nettoyé

    C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Build.Utilities.v3.5.resources\3.5.0.0_fr_b03f5f7f11d50a3a\Microsoft.Build.Utilities.v3.5.resources.dll
    Nettoyé

    C:\WINDOWS\assembly\GAC_MSIL\Microsoft.JScript
    Nettoyé

    C:\WINDOWS\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a
    Nettoyé

    C:\WINDOWS\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
    Nettoyé

    C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Jscript.resources
    Nettoyé

    C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Jscript.resources\8.0.0.0_fr_b03f5f7f11d50a3a
    Nettoyé

    C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Jscript.resources\8.0.0.0_fr_b03f5f7f11d50a3a\Microsoft.JScript.Resources.dll
    Nettoyé

    C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Transactions.Bridge
    Nettoyé

    C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Transactions.Bridge\3.0.0.0__b03f5f7f11d50a3a
    Nettoyé

    C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Transactions.Bridge\3.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.dll
    Nettoyé

    C:\WINDOWS\assembly\GAC_MSIL\microsoft.transactions.bridge.dtc.resources
    Nettoyé

    C:\WINDOWS\assembly\GAC_MSIL\microsoft.transactions.bridge.dtc.resources\3.0.0.0_fr_b03f5f7f11d50a3a
    Nettoyé

    C:\WINDOWS\assembly\GAC_MSIL\microsoft.transactions.bridge.dtc.resources\3.0.0.0_fr_b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.Dtc.Resources.dll
    Nettoyé

    C:\WINDOWS\assembly\GAC_MSIL\microsoft.transactions.bridge.resources
    Nettoyé

    C:\WINDOWS\assembly\GAC_MSIL\microsoft.transactions.bridge.resources\3.0.0.0_fr_b03f5f7f11d50a3a
    Nettoyé

    C:\WINDOWS\assembly\GAC_MSIL\microsoft.transactions.bridge.resources\3.0.0.0_fr_b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.Resources.dll
    Nettoyé

    C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualBasic
    Nettoyé

    C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a
    Nettoyé

    C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
    Nettoyé

    C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility
    Nettoyé

    C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a
    Nettoyé

    C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
    Nettoyé

    C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data
    Nettoyé

    C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a
    Nettoyé

    C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
    Nettoyé

    C:\WINDOWS\assembly\GAC_MSIL\microsoft.visualbasic.compatibility.data.resources
    Nettoyé

    C:\WINDOWS\assembly\GAC_MSIL\microsoft.visualbasic.compatibility.data.resources\8.0.0.0_fr_b03f5f7f11d50a3a
    Nettoyé

    C:\WINDOWS\assembly\GAC_MSIL\microsoft.visualbasic.compatibility.data.resources\8.0.0.0_fr_b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.resources.dll
    Nettoyé

    C:\WINDOWS\assembly\GAC_MSIL\microsoft.visualbasic.compatibility.resources
    Nettoyé

    C:\WINDOWS\assembly\GAC_MSIL\microsoft.visualbasic.compatibility.resources\8.0.0.0_fr_b03f5f7f11d50a3a
    Nettoyé

    C:\WINDOWS\assembly\GAC_MSIL\microsoft.visualbasic.compatibility.resources\8.0.0.0_fr_b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.resources.dll
    Nettoyé

    C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualBasic.resources
    Nettoyé

    C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualBasic.resources\8.0.0.0_fr_b03f5f7f11d50a3a
    Nettoyé

    C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualBasic.resources\8.0.0.0_fr_b03f5f7f11d50a3a\Microsoft.VisualBasic.resources.dll
    Nettoyé

    C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa
    Nettoyé

    C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a
    Nettoyé

    C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll
    Nettoyé

    C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualC
    Nettoyé

    C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a
    Nettoyé

    C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
    Nettoyé

    C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualC.STLCLR
    Nettoyé

    C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualC.STLCLR\1.0.0.0__b03f5f7f11d50a3a
    Nettoyé

    C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualC.STLCLR\1.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.STLCLR.dll
    Nettoyé

    C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Vsa
    Nettoyé

    C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a
    Nettoyé

    C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll
    Nettoyé

    C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor
    Nettoyé

    C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a
    Nettoyé

    C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
    Nettoyé

    C:\WINDOWS\assembly\GAC_MSIL\Microsoft_VsaVb
    Nettoyé

    C:\WINDOWS\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a
    Nettoyé

    C:\WINDOWS\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll
    Nettoyé

    C:\WINDOWS\assembly\GAC_MSIL\mscorlib.resources
    Nettoyé

    C:\WINDOWS\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_fr_b77a5c561934e089
    Nettoyé

    C:\WINDOWS\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_fr_b77a5c561934e089\mscorlib.Resources.dll
    Nettoyé

    C:\WINDOWS\assembly\GAC_MSIL\policy.1.0.cli_basetypes
    Nettoyé

    C:\WINDOWS\assembly\GAC_MSIL\policy.1.0.cli_basetypes\14.0.0.0__ce2cb7e279207b9e
    Nettoyé

    C:\WINDOWS\assembly\GAC_MSIL\policy.1.0.cli_basetypes\14.0.0.0__ce2cb7e279207b9e\policy.1.0.cli_basetypes.dll
    Nettoyé

    C:\WINDOWS\assembly\GAC_MSIL\policy.1.0.cli_oootypes
    Nettoyé

    C:\WINDOWS\assembly\GAC_MSIL\policy.1.0.cli_oootypes\3.0.0.0__ce2cb7e279207b9e
    Nettoyé

    C:\WINDOWS\assembly\GAC_MSIL\policy.1.0.cli_oootypes\3.0.0.0__ce2cb7e279207b9e\policy.1.0.cli_oootypes.dll
    Nettoyé

    C:\WINDOWS\assembly\GAC_MSIL\policy.1.0.cli_ure
    Nettoyé

    C:\WINDOWS\assembly\GAC_MSIL\policy.1.0.cli_ure\17.0.0.0__ce2cb7e279207b9e
    Nettoyé

    C:\WINDOWS\assembly\GAC_MSIL\policy.1.0.cli_ure\17.0.0.0__ce2cb7e279207b9e\policy.1.0.cli_ure.dll
    Nettoyé

    C:\WINDOWS\assembly\GAC_MSIL\policy.1.0.cli_uretypes
    Nettoyé

    C:\WINDOWS\assembly\GAC_MSIL\policy.1.0.cli_uretypes\3.0.0.0__ce2cb7e279207b9e
    Nettoyé

    C:\WINDOWS\assembly\GAC_MSIL\policy.1.0.cli_uretypes\3.0.0.0__ce2cb7e279207b9e\policy.1.0.cli_uretypes.dll
    Nettoyé

    C:\WINDOWS\assembly\GAC_MSIL\PresentationBuildTasks
    Nettoyé

    C:\WINDOWS\assembly\GAC_MSIL\PresentationBuildTasks\3.0.0.0__31bf3856ad364e35
    Nettoyé

    C:\WINDOWS\assembly\GAC_MSIL\PresentationBuildTasks\3.0.0.0__31bf3856ad364e35\PresentationBuildTasks.dll
    Nettoyé

    C:\WINDOWS\assembly\GAC_MSIL\PresentationBuildTasks.resources
    Nettoyé

    C:\WINDOWS\assembly\GAC_MSIL\PresentationBuildTasks.resources\3.0.0.0_fr_31bf3856ad364e35
    Nettoyé

    C:\WINDOWS\assembly\GAC_MSIL\PresentationBuildTasks.resources\3.0.0.0_fr_31bf3856ad364e35\PresentationBuildTasks.resources.dll
    Nettoyé

    C:\WINDOWS\assembly\GAC_MSIL\PresentationCFFRasterizer
    Nettoyé

    C:\WINDOWS\assembly\GAC_MSIL\PresentationCFFRasterizer\3.0.0.0__31bf3856ad364e35
    Nettoyé

    C:\WINDOWS\assembly\GAC_MSIL\PresentationCFFRasterizer\3.0.0.0__31bf3856ad364e35\PresentationCFFRasterizer.dll
    Nettoyé

    C:\WINDOWS\assembly\GAC_MSIL\PresentationCore.resources
    Nettoyé

    C:\WINDOWS\assembly\GAC_MSIL\PresentationCore.resources\3.0.0.0_fr_31bf3856ad364e35
    Nettoyé

    C:\WINDOWS\assembly\GAC_MSIL\PresentationCore.resources\3.0.0.0_fr_31bf3856ad364e35\PresentationCore.resources.dll
    Nettoyé

    C:\WINDOWS\assembly\GAC_MSIL\PresentationFontCache
    Nettoyé

    C:\WINDOWS\assembly\GAC_MSIL\PresentationFontCache\3.0.0.0__31bf3856ad364e35
    Nettoyé

    C:\WINDOWS\assembly\GAC_MSIL\PresentationFontCache\3.0.0.0__31bf3856ad364e35\PresentationFontCache.exe
    Nettoyé

    C:\WINDOWS\assembly\GAC_MSIL\PresentationFramework
    Nettoyé

    C:\WINDOWS\assembly\GAC_MSIL\PresentationFramework\3.0.0.0__31bf3856ad364e35
    Nettoyé

    C:\WINDOWS\assembly\GAC_MSIL\PresentationFramework\3.0.0.0__31bf3856ad364e35\PresentationFramework.dll
    Nettoyé

    C:\WINDOWS\assembly\GAC_MSIL\PresentationFramework.Aero
    Nettoyé

    C:\WINDOWS\assembly\GAC_MSIL\PresentationFramework.Aero\3.0.0.0__31bf3856ad364e35
    Nettoyé

    C:\WINDOWS\assembly\GAC_MSIL\PresentationFramework.Aero\3.0.0.0__31bf3856ad364e35\PresentationFramework.Aero.dll
    Nettoyé

    C:\WINDOWS\assembly\GAC_MSIL\PresentationFramework.Classic
    Nettoyé

    C:\WINDOWS\assembly\GAC_MSIL\PresentationFramework.Classic\3.0.0.0__31bf3856ad364e35
    Nettoyé
    0
  3. dédétraqué Messages postés 4522 Statut Contributeur sécurité 286
     
    Salut mou_yem

    Ton rapport est propre, seulement des points de restauration système infectés que l'on va purger :

    Désactive la restauration système sur tous les lecteurs :

    - Clique droit sur le Poste de travail sur le bureau, dans propriété tu cliques sur l'onglet Restauration système

    - Coche la case désactiver la restauration et applique

    Redémarre l’ordinateur et réactive la restauration système.

    Tutoriel XP : http://www.libellules.ch/desactiver_restauration.php

    Tutoriel Vista : https://www.commentcamarche.net/faq/13214-vista-desactiver-reactiver-la-restauration-systeme-de-vista

    As-tu d'autre souci?

    @++ :)
    0
  4. Vous n’avez pas trouvé la réponse que vous recherchez ?

    Posez votre question
  5. mou_yem Messages postés 116 Statut Membre 1
     
    Salut dédétraqué,

    j'ai encore quelques soucis avec Windows XP:

    - il est encore très très long au démarrage: déjà pour ouvrir ma session, et même après son ouverture mon bureau n'est pas exploitable (impossible de faire quoique ce soit) qu'après quelques minutes,

    - impossible de redémarrer ou d'éteindre le PC "normalement": il reste fige sur "windows is shutting down", même si je le laisse plusieurs minutes, ca fait que je suis obligé de l'éteindre manuellement a chaque fois.

    - si je lance plusieurs programmes simultanément c'est la panique a bord, il bug ! Alors que ma configuration PC n'est pas si pourrie que ca (processeur intel dual core 1.8, 3Go de Ram)

    Ces problèmes sont nouveaux, ils ne sont apparus qu'il y a quelques jours...

    Merci pour ton aide.
    @+
    0
  6. dédétraqué Messages postés 4522 Statut Contributeur sécurité 286
     
    Salut mou_yem

    Télécharge OTL (de OldTimer) et enregistre-le sur ton Bureau.
    http://www.geekstogo.com/forum/files/file/398-otl-oldtimers-list-it/

    - Quitte les applications en cours afin de ne pas interrompre le scan.
    - Double clique sur OTL.exe pour lancer le.
    - Une fenêtre apparaît. Sous Custom Scans (en bas), copie/colle ceci :

    netsvcs
    %SYSTEMDRIVE%\*.*
    %SYSTEMDRIVE%\*.exe
    %PROGRAMFILES%\*.*
    %PROGRAMFILES%\*.
    /md5start
    eventlog.dll
    scecli.dll
    netlogon.dll
    cngaudit.dll
    sceclt.dll
    ntelogon.dll
    logevent.dll
    iaStor.sys
    nvstor.sys
    atapi.sys
    IdeChnDr.sys
    viasraid.sys
    AGP440.sys
    vaxscsi.sys
    nvatabus.sys
    viamraid.sys
    nvata.sys
    nvgts.sys
    iastorv.sys
    ViPrt.sys
    eNetHook.dll
    explorer.exe
    svchost.exe
    userinit.exe
    qmgr.dll
    ws2_32.dll
    proquota.exe
    imm32.dll
    kernel32.dll
    ndis.sys
    autochk.exe
    spoolsv.exe
    xmlprov.dll
    ntmssvc.dll
    mswsock.dll
    Beep.SYS
    ntfs.sys
    termsrv.dll
    sfcfiles.dll
    st3shark.sys
    /md5stop
    %systemroot%\*. /mp /s
    c:\$recycle.bin\*.* /s


    - Clique sur le bouton Run Scan.
    - Une fois l'analyse terminée, deux fenêtres vont s'ouvrir dans le Bloc-notes : OTL.txt et Extras.txt. Ils se trouvent au même endroit que OTListIT2 (donc par défaut sur le Bureau).

    - Copie/colle ici le contenu des deux fichiers. Utilise un message par rapport.

    @++ :)
    0
  7. mou_yem Messages postés 116 Statut Membre 1
     
    Salut dédétraqué,

    j'essaie depuis ce matin de poster les rapports mais je n'y arrive pas...
    0
  8. mou_yem Messages postés 116 Statut Membre 1
     
    Je vais essayer en 2 fois, peut-etre est-il trop long;

    - OTL.txt:

    OTL logfile created on: 1/4/2010 6:34:19 AM - Run 1
    OTL by OldTimer - Version 3.1.21.0 Folder = C:\Documents and Settings\Mourad\Desktop
    Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
    Internet Explorer (Version = 8.0.6001.18702)
    Locale: 00000409 | Country: États-Unis | Language: ENU | Date Format: M/d/yyyy

    3.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 85.00% Memory free
    5.00 Gb Paging File | 4.00 Gb Available in Paging File | 93.00% Paging File free
    Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
    Drive C: | 39.07 Gb Total Space | 23.54 Gb Free Space | 60.26% Space Free | Partition Type: NTFS
    Drive D: | 39.07 Gb Total Space | 38.97 Gb Free Space | 99.74% Space Free | Partition Type: NTFS
    Drive E: | 39.07 Gb Total Space | 38.97 Gb Free Space | 99.75% Space Free | Partition Type: NTFS
    Drive F: | 31.84 Gb Total Space | 31.75 Gb Free Space | 99.71% Space Free | Partition Type: NTFS
    G: Drive not present or media not loaded
    H: Drive not present or media not loaded
    Drive I: | 962.70 Mb Total Space | 603.00 Mb Free Space | 62.64% Space Free | Partition Type: FAT

    Computer Name: 7206BD0B
    Current User Name: Mourad
    Logged in as Administrator.

    Current Boot Mode: Normal
    Scan Mode: Current user
    Company Name Whitelist: Off
    Skip Microsoft Files: Off
    File Age = 30 Days
    Output = Standard

    [color=#E56717]========== Processes (SafeList) ==========/color

    PRC - [2010/01/04 06:30:07 | 00,513,536 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Mourad\Desktop\OTL.exe
    PRC - [2009/10/31 11:23:37 | 00,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe
    PRC - [2009/08/19 23:40:09 | 00,185,089 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
    PRC - [2009/07/14 19:19:31 | 00,108,289 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
    PRC - [2009/05/09 00:19:35 | 00,581,632 | ---- | M] (THOMSON Telecom Belgium) -- C:\Program Files\Thomson\ST330\service\st330service.exe
    PRC - [2009/03/02 13:08:11 | 00,209,153 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
    PRC - [2009/02/23 09:49:16 | 02,652,056 | ---- | M] (PC Tools) -- C:\Program Files\PC Tools Firewall Plus\FirewallGUI.exe
    PRC - [2008/12/11 15:58:44 | 00,146,800 | ---- | M] (PC Tools) -- C:\Program Files\PC Tools Firewall Plus\FWService.exe
    PRC - [2008/04/14 03:12:19 | 01,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
    PRC - [2007/01/02 13:07:38 | 00,105,208 | ---- | M] () -- C:\Program Files\D-Link\D-Link USB VoIP Adapter\VServ.exe
    PRC - [2006/12/19 10:30:26 | 00,081,920 | ---- | M] (Prolific Technology Inc.) -- C:\WINDOWS\system32\IoctlSvc.exe
    PRC - [2005/08/24 14:00:28 | 00,258,103 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\Belkin\Bluetooth Software\bin\btwdins.exe
    PRC - [2004/04/13 17:12:18 | 00,103,936 | ---- | M] (BonSoft) -- C:\Program Files\ClocX\ClocX.exe

    [color=#E56717]========== Modules (SafeList) ==========/color

    MOD - [2010/01/04 06:30:07 | 00,513,536 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Mourad\Desktop\OTL.exe

    [color=#E56717]========== Win32 Services (SafeList) ==========/color

    SRV - [2009/12/17 19:00:28 | 00,243,056 | ---- | M] (CybelSoft) [On_Demand | Stopped] -- C:\Program Files\ma-config.com\maconfservice.exe -- (maconfservice)
    SRV - [2009/10/31 11:23:37 | 00,153,376 | ---- | M] (Sun Microsystems, Inc.) [Auto | Running] -- C:\Program Files\Java\jre6\bin\jqs.exe -- (JavaQuickStarterService)
    SRV - [2009/10/20 21:52:24 | 00,054,272 | ---- | M] (SolarWinds) [On_Demand | Stopped] -- C:\Program Files\SolarWinds\TFTPServer\SolarWinds TFTP Server.exe -- (SolarWinds TFTP Server)
    SRV - [2009/08/19 23:40:09 | 00,185,089 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
    SRV - [2009/07/14 19:19:31 | 00,108,289 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
    SRV - [2009/05/09 00:19:35 | 00,581,632 | ---- | M] (THOMSON Telecom Belgium) [Auto | Running] -- C:\Program Files\Thomson\ST330\service\st330service.exe -- (st330service)
    SRV - [2009/04/23 06:09:12 | 00,133,104 | ---- | M] (Google Inc.) [Auto | Stopped] -- C:\Program Files\Google\Update\GoogleUpdate.exe -- (gupdate1c9c3c0e7640a00) Service Google Update (gupdate1c9c3c0e7640a00)
    SRV - [2008/12/11 15:58:44 | 00,146,800 | ---- | M] (PC Tools) [Auto | Running] -- C:\Program Files\PC Tools Firewall Plus\FWService.exe -- (PCToolsFirewallPlus)
    SRV - [2008/04/14 03:11:55 | 00,028,160 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\irmon.dll -- (Irmon)
    SRV - [2008/04/08 09:56:30 | 00,800,040 | ---- | M] (Nero AG) [On_Demand | Stopped] -- C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe -- (NBService)
    SRV - [2008/01/22 11:13:26 | 00,275,752 | ---- | M] (Nero AG) [On_Demand | Stopped] -- C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe -- (NMIndexingService)
    SRV - [2007/11/06 21:16:54 | 00,217,088 | ---- | M] (Hewlett-Packard Co.) [On_Demand | Running] -- C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll -- (hpqcxs08)
    SRV - [2007/11/06 21:16:54 | 00,139,264 | ---- | M] (Hewlett-Packard Co.) [Auto | Running] -- C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll -- (hpqddsvc)
    SRV - [2007/01/02 13:07:38 | 00,105,208 | ---- | M] () [Auto | Running] -- C:\Program Files\D-Link\D-Link USB VoIP Adapter\VServ.exe -- (VService)
    SRV - [2006/12/19 10:30:26 | 00,081,920 | ---- | M] (Prolific Technology Inc.) [Auto | Running] -- C:\WINDOWS\system32\IoctlSvc.exe -- (PLFlash DeviceIoControl Service)
    SRV - [2006/11/08 16:35:38 | 00,053,248 | ---- | M] (Hewlett-Packard) [Auto | Running] -- C:\WINDOWS\system32\HPZipm12.dll -- (Pml Driver HPZ12)
    SRV - [2006/11/08 16:35:36 | 00,043,520 | ---- | M] (Hewlett-Packard) [Auto | Running] -- C:\WINDOWS\system32\HPZinw12.dll -- (Net Driver HPZ12)
    SRV - [2005/11/14 01:06:04 | 00,069,632 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe -- (IDriverT)
    SRV - [2005/08/24 14:00:28 | 00,258,103 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Program Files\Belkin\Bluetooth Software\bin\btwdins.exe -- (btwdins)

    [color=#E56717]========== Driver Services (SafeList) ==========/color

    DRV - File not found [File_System | Unknown | Running] -- -- (pavboot)
    DRV - [2009/12/20 11:48:25 | 00,056,816 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt)
    DRV - [2009/12/18 10:23:14 | 00,014,336 | ---- | M] (CybelSoft) [Kernel | On_Demand | Stopped] -- C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys -- (driverhardwarev2)
    DRV - [2009/11/04 00:04:50 | 00,025,984 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tap0901.sys -- (tap0901)
    DRV - [2009/10/25 06:11:34 | 00,077,312 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\MBR.exe -- (mbr)
    DRV - [2009/07/20 04:40:02 | 00,591,832 | R--- | M] ( ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\slusbvip.sys -- (slusbvip)
    DRV - [2009/07/20 04:40:02 | 00,085,656 | R--- | M] ( ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\slvad.sys -- (SLVAD_simple)
    DRV - [2009/07/20 04:40:02 | 00,037,208 | R--- | M] ( ) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\TLRecAgent.sys -- (TLRecAgent)
    DRV - [2009/07/14 19:19:31 | 00,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)
    DRV - [2009/04/30 19:43:05 | 00,032,000 | ---- | M] (THOMSON Telecom Belgium) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\stppp.sys -- (stppp)
    DRV - [2009/04/30 19:43:05 | 00,030,464 | ---- | M] (THOMSON Telecom Belgium) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\st330.sys -- (ST330)
    DRV - [2009/04/30 19:43:05 | 00,012,672 | ---- | M] (THOMSON Telecom Belgium) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\stbus.sys -- (STBUS)
    DRV - [2009/04/30 02:12:13 | 00,130,816 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp)
    DRV - [2009/04/14 16:09:56 | 05,069,312 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
    DRV - [2009/03/30 10:32:47 | 00,096,104 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)
    DRV - [2009/03/25 14:29:52 | 00,130,432 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtnicxp.sys -- (RTL8023xp)
    DRV - [2009/02/13 12:34:33 | 00,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys -- (avgio)
    DRV - [2009/01/21 09:38:32 | 00,095,640 | ---- | M] (PC Tools) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pctplfw.sys -- (pctplfw)
    DRV - [2009/01/07 23:39:36 | 00,020,744 | ---- | M] (IVT Corporation.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\BtHidBus.sys -- (BtHidBus)
    DRV - [2008/12/18 12:16:56 | 00,073,840 | ---- | M] (PC Tools) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\PCTAppEvent.sys -- (PCTAppEvent)
    DRV - [2008/12/11 08:38:22 | 00,159,600 | ---- | M] (PC Tools) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\pctgntdi.sys -- (pctgntdi)
    DRV - [2008/12/07 12:44:54 | 00,030,088 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btnetBus.sys -- (btnetBUs)
    DRV - [2008/09/22 11:29:18 | 00,097,408 | ---- | M] (PC Tools) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pctfw.sys -- (SFilter)
    DRV - [2008/08/05 20:10:12 | 01,684,736 | ---- | M] (Creative) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Ambfilt.sys -- (Ambfilt)
    DRV - [2008/07/02 14:58:48 | 00,026,248 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\IvtBtBus.sys -- (IvtBtBUs)
    DRV - [2008/04/13 21:45:12 | 00,060,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\USBAUDIO.sys -- (usbaudio) USB Audio Driver (WDM)
    DRV - [2008/04/13 19:39:15 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\secdrv.sys -- (Secdrv)
    DRV - [2008/04/13 19:36:05 | 00,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
    DRV - [2008/02/15 13:12:06 | 05,854,752 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\igxpmp32.sys -- (ialm)
    DRV - [2007/10/30 12:25:55 | 00,021,568 | R--- | M] (HP) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HPZius12.sys -- (HPZius12)
    DRV - [2007/10/30 12:25:54 | 00,016,496 | R--- | M] (HP) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HPZipr12.sys -- (HPZipr12)
    DRV - [2007/10/30 12:25:53 | 00,049,920 | R--- | M] (HP) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HPZid412.sys -- (HPZid412)
    DRV - [2007/05/31 04:32:34 | 00,099,648 | R--- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\V0420Vid.sys -- (V0420VID) Live! Cam Vista IM (VF0420)
    DRV - [2006/01/04 15:41:48 | 01,389,056 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Monfilt.sys -- (Monfilt)
    DRV - [2005/08/24 13:53:46 | 00,401,152 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btaudio.sys -- (btaudio)
    DRV - [2005/08/24 13:51:10 | 01,341,466 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btkrnl.sys -- (BTKRNL)
    DRV - [2005/08/24 13:49:12 | 00,030,363 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btport.sys -- (BTDriver)
    DRV - [2005/08/24 13:49:04 | 00,030,189 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btwmodem.sys -- (btwmodem)
    DRV - [2005/08/24 13:48:38 | 00,056,648 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btwusb.sys -- (BTWUSB)
    DRV - [2005/08/24 13:45:46 | 00,148,040 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btwdndis.sys -- (BTWDNDIS)
    DRV - [2004/08/04 15:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ptilink.sys -- (Ptilink)
    DRV - [2004/08/03 22:31:34 | 00,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139) Realtek RTL8139(A/B/C)
    DRV - [2003/12/08 11:53:48 | 00,053,600 | ---- | M] (THOMSON) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\alcan5wn.sys -- (alcan5wn) SpeedTouch USB ADSL PPP Networking Driver (NDISWAN)
    DRV - [2003/12/08 11:53:46 | 00,070,688 | ---- | M] (THOMSON) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\alcaudsl.sys -- (alcaudsl)
    DRV - [2001/08/17 16:51:32 | 00,018,688 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\irsir.sys -- (irsir)

    [color=#E56717]========== Standard Registry (SafeList) ==========/color

    [color=#E56717]========== Internet Explorer ==========/color

    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr

    IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

    [color=#E56717]========== FireFox ==========/color

    FF - prefs.js..browser.search.selectedEngine: "Live Search"
    FF - prefs.js..browser.startup.homepage: "https://www.google.fr/?gws_rd=ssl"
    FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
    FF - prefs.js..extensions.enabledItems: {bb628310-0ab7-11db-9cd8-0800200c9a66}:3.5.0.0
    FF - prefs.js..extensions.enabledItems: {73a6fe31-595d-460b-a920-fcc0f8843232}:1.9.9.30
    FF - prefs.js..extensions.enabledItems: {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}:20091028
    FF - prefs.js..extensions.enabledItems: {36C13C8F-54F1-412e-8177-2E411719162D}:4.0.1
    FF - prefs.js..keyword.URL: "https://www.bing.com/?scope=web&mkt=fr-FR&FORM=MIMWA5"

    FF - HKLM\software\mozilla\Mozilla Firefox 3.5.6\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/01/02 21:30:05 | 00,000,000 | ---D | M]
    FF - HKLM\software\mozilla\Mozilla Firefox 3.5.6\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2009/12/30 13:25:06 | 00,000,000 | ---D | M]

    [2009/04/23 02:00:51 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Mourad\Application Data\Mozilla\Extensions
    [2010/01/04 06:11:17 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Mourad\Application Data\Mozilla\Firefox\Profiles\moulsvwe.default\extensions
    [2009/07/26 14:07:30 | 00,000,000 | ---D | M] (Qute) -- C:\Documents and Settings\Mourad\Application Data\Mozilla\Firefox\Profiles\moulsvwe.default\extensions\{36C13C8F-54F1-412e-8177-2E411719162D}
    [2009/07/14 13:50:28 | 00,000,000 | ---D | M] (Speed Dial) -- C:\Documents and Settings\Mourad\Application Data\Mozilla\Firefox\Profiles\moulsvwe.default\extensions\{64161300-e22b-11db-8314-0800200c9a66}
    [2009/12/31 21:06:56 | 00,000,000 | ---D | M] (NoScript) -- C:\Documents and Settings\Mourad\Application Data\Mozilla\Firefox\Profiles\moulsvwe.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}
    [2009/11/06 18:49:13 | 00,000,000 | ---D | M] (WOT) -- C:\Documents and Settings\Mourad\Application Data\Mozilla\Firefox\Profiles\moulsvwe.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
    [2009/07/16 10:38:10 | 00,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Mourad\Application Data\Mozilla\Firefox\Profiles\moulsvwe.default\extensions\{bb628310-0ab7-11db-9cd8-0800200c9a66}
    [2009/08/26 19:04:39 | 00,001,775 | ---- | M] () -- C:\Documents and Settings\Mourad\Application Data\Mozilla\Firefox\Profiles\moulsvwe.default\searchplugins\live-search.xml
    [2010/01/04 06:11:17 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
    [2009/05/11 07:04:59 | 00,000,000 | ---D | M] (BlueSoleil Extension) -- C:\Program Files\Mozilla Firefox\extensions\{231D7D17-4F1B-4933-AB61-E502DB82FD11}(2)
    [2009/12/30 13:24:59 | 00,001,516 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazon-france.xml
    [2009/12/30 13:24:59 | 00,001,822 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\cnrtl-tlfi-fr.xml
    [2009/12/30 13:24:59 | 00,000,757 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-france.xml
    [2009/12/30 13:24:59 | 00,001,426 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-fr.xml
    [2009/12/30 13:24:59 | 00,000,652 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-france.xml

    O1 HOSTS File: (789 bytes) - C:\WINDOWS\system32\drivers\etc\hosts
    O1 - Hosts: 127.0.0.1 localhost
    O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
    O2 - BHO: (HP Print Enhancer) - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
    O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
    O2 - BHO: (Skype add-on (mastermind)) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
    O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
    O2 - BHO: (no name) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - No CLSID value found.
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - No CLSID value found.
    O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
    O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
    O2 - BHO: (HP Smart BHO Class) - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
    O3 - HKLM\..\Toolbar: (no name) - - No CLSID value found.
    O4 - HKLM..\Run: [00PCTFW] C:\Program Files\PC Tools Firewall Plus\FirewallGUI.exe (PC Tools)
    O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 0
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
    O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
    O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
    O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 0
    O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
    O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files\Belkin\Bluetooth Software\btsendto_ie_ctx.htm ()
    O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
    O9 - Extra Button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
    O9 - Extra 'Tools' menuitem : Uninstall BitDefender Online Scanner - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe ()
    O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Belkin\Bluetooth Software\btsendto_ie.htm ()
    O9 - Extra 'Tools' menuitem : @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Belkin\Bluetooth Software\btsendto_ie.htm ()
    O9 - Extra Button: HP Smart Select - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
    O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
    O15 - HKLM\..Trusted Domains: 58 domain(s) and sub-domain(s) not assigned to a zone.
    O15 - HKCU\..Trusted Domains: 57 domain(s) and sub-domain(s) not assigned to a zone.
    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} Reg Error: Value error. (Windows Genuine Advantage Validation Tool)
    O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} http://download.bitdefender.com/resources/scanner/sources/fr/scan8/oscan8.cab (BDSCANONLINE Control)
    O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (Reg Error: Key error.)
    O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} Reg Error: Value error. (Java Plug-in 1.6.0_16)
    O16 - DPF: {CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA} Reg Error: Value error. (Java Plug-in 1.5.0)
    O16 - DPF: {CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA} Reg Error: Value error. (Reg Error: Key error.)
    O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} Reg Error: Value error. (Java Plug-in 1.6.0_16)
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} Reg Error: Value error. (Shockwave Flash Object)
    O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
    O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
    O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
    O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS\System32\igfxdev.dll (Intel Corporation)
    O32 - HKLM CDRom: AutoRun - 1
    O32 - AutoRun File - [2009/04/22 15:04:26 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
    O32 - AutoRun File - [2010/01/02 07:20:48 | 00,000,000 | R--D | M] - C:\autorun.inf -- [ NTFS ]
    O32 - AutoRun File - [2010/01/02 07:20:48 | 00,000,000 | R--D | M] - D:\autorun.inf -- [ NTFS ]
    O32 - AutoRun File - [2010/01/02 07:20:48 | 00,000,000 | R--D | M] - E:\autorun.inf -- [ NTFS ]
    O32 - AutoRun File - [2010/01/02 07:20:48 | 00,000,000 | R--D | M] - F:\autorun.inf -- [ NTFS ]
    O32 - AutoRun File - [2010/01/02 07:20:50 | 00,000,000 | RHSD | M] - I:\autorun.inf -- [ FAT ]
    O34 - HKLM BootExecute: (autocheck autochk *) - File not found
    O35 - comfile [open] -- "%1" %*
    O35 - exefile [open] -- "%1" %*

    NetSvcs: 6to4 - File not found
    NetSvcs: Ias - C:\WINDOWS\system32\ias [2010/01/01 14:14:44 | 00,000,000 | ---D | M]
    NetSvcs: Iprip - File not found
    NetSvcs: Irmon - C:\WINDOWS\system32\irmon.dll (Microsoft Corporation)
    NetSvcs: NWCWorkstation - File not found
    NetSvcs: Nwsapagent - File not found
    NetSvcs: WmdmPmSp - File not found

    [color=#E56717]========== Files/Folders - Created Within 30 Days ==========/color

    [2010/01/04 06:29:56 | 00,513,536 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Mourad\Desktop\OTL.exe
    [2010/01/04 00:34:25 | 00,000,000 | -HSD | C] -- C:\RECYCLER
    [2010/01/03 20:11:48 | 00,000,000 | RHSD | C] -- C:\cmdcons
    [2010/01/03 20:06:05 | 00,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
    [2010/01/03 20:06:05 | 00,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
    [2010/01/03 20:06:05 | 00,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
    [2010/01/03 20:06:05 | 00,031,232 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
    [2010/01/03 20:05:49 | 00,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
    [2010/01/03 20:05:46 | 00,000,000 | ---D | C] -- C:\ComboFix
    [2010/01/03 20:05:36 | 00,000,000 | ---D | C] -- C:\Qoobox
    [2010/01/03 12:01:44 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Mourad\Desktop\WAG54GX2_1005_AnnexA
    [2010/01/02 23:13:01 | 00,452,096 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Mourad\Desktop\OTM.exe
    [2010/01/02 12:10:07 | 00,000,000 | RH-D | C] -- C:\Documents and Settings\Mourad\Recent
    [2010/01/02 07:36:47 | 00,000,000 | -H-D | C] -- C:\WINDOWS\PIF
    [2010/01/02 07:20:48 | 00,000,000 | R--D | C] -- C:\autorun.inf
    [2010/01/02 06:58:37 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\ESET
    [2010/01/02 06:57:52 | 00,000,000 | ---D | C] -- C:\UsbFix
    [2010/01/02 06:48:26 | 00,000,000 | ---D | C] -- C:\rsit
    [2010/01/02 05:58:40 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\ESET
    [2010/01/01 06:39:53 | 00,000,000 | ---D | C] -- C:\Program Files\OpenVPN
    [2009/12/31 21:22:41 | 00,130,432 | ---- | C] (Realtek Semiconductor Corporation ) -- C:\WINDOWS\System32\drivers\Rtnicxp.sys
    [2009/12/31 20:28:50 | 00,020,992 | ---- | C] (Realtek Semiconductor Corporation) -- C:\WINDOWS\System32\drivers\RTL8139.sys
    [2009/12/31 20:28:50 | 00,020,992 | ---- | C] (Realtek Semiconductor Corporation) -- C:\WINDOWS\System32\dllcache\rtl8139.sys
    [2009/12/26 18:05:16 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Mourad\Desktop\CLE USB
    [2009/12/25 06:26:01 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Mourad\Desktop\Incontinence
    [2009/12/24 01:52:42 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
    [2009/12/23 21:36:21 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Mourad\Desktop\Firewall Traversal
    [2009/12/23 18:56:54 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Mourad\Application Data\RealTunnelv2
    [2009/12/21 00:33:32 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SolarWinds
    [2009/12/21 00:33:04 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Mourad\My Documents\SolarWinds
    [2009/12/21 00:32:47 | 00,000,000 | ---D | C] -- C:\Program Files\SolarWinds
    [2009/12/20 23:16:19 | 00,729,088 | ---- | C] (Indigo Rose Corporation) -- C:\WINDOWS\iun6002.exe
    [2009/12/20 23:16:17 | 00,000,000 | ---D | C] -- C:\Program Files\TFTP Desktop
    [2009/12/20 11:33:24 | 00,149,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rastls.dll
    [2009/12/20 11:33:24 | 00,079,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\raschap.dll
    [2009/12/20 11:31:54 | 00,270,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\oakley.dll
    [2009/07/22 11:20:03 | 00,085,656 | R--- | C] ( ) -- C:\WINDOWS\System32\drivers\slvad.sys
    [2009/07/22 11:19:20 | 00,591,832 | R--- | C] ( ) -- C:\WINDOWS\System32\drivers\slusbvip.sys
    [2009/07/22 11:19:20 | 00,037,208 | R--- | C] ( ) -- C:\WINDOWS\System32\drivers\TLRecAgent.sys
    [2009/06/03 15:32:06 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft
    [2009/04/23 12:37:01 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Google
    [2009/04/23 06:09:28 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Google
    [2009/04/23 02:27:34 | 00,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Application Data\Microsoft
    [2009/04/23 00:42:01 | 00,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Application Data\Microsoft
    [2009/04/22 15:09:44 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft
    0
  9. mou_yem Messages postés 116 Statut Membre 1
     
    (suite de OTL.Txt):

    [color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

    [2010/01/04 06:30:07 | 00,513,536 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Mourad\Desktop\OTL.exe
    [2010/01/04 06:12:00 | 00,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
    [2010/01/04 06:00:18 | 00,000,552 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.ics
    [2010/01/04 05:59:56 | 00,013,690 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
    [2010/01/04 05:58:08 | 00,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
    [2010/01/04 05:58:06 | 00,000,258 | ---- | M] () -- C:\WINDOWS\tasks\defrag.job
    [2010/01/04 05:58:06 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
    [2010/01/04 05:57:54 | 32,121,03680 | -HS- | M] () -- C:\hiberfil.sys
    [2010/01/04 05:57:54 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
    [2010/01/04 05:54:33 | 09,437,184 | ---- | M] () -- C:\Documents and Settings\Mourad\ntuser.dat
    [2010/01/04 05:54:33 | 00,000,178 | -HS- | M] () -- C:\Documents and Settings\Mourad\ntuser.ini
    [2010/01/04 01:09:51 | 00,000,424 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{894F263C-E34C-448D-AD66-4A9A7005FF4A}.job
    [2010/01/03 22:26:20 | 00,002,265 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Skype.lnk
    [2010/01/03 21:38:29 | 00,274,952 | ---- | M] () -- C:\Documents and Settings\Mourad\Desktop\Sans nom 1.pdf
    [2010/01/03 20:16:32 | 00,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
    [2010/01/03 20:11:55 | 00,000,281 | RHS- | M] () -- C:\boot.ini
    [2010/01/03 19:23:44 | 03,818,002 | R--- | M] () -- C:\Documents and Settings\Mourad\Desktop\ComboFix.exe
    [2010/01/03 07:16:32 | 06,441,045 | ---- | M] () -- C:\Documents and Settings\Mourad\Desktop\WAG54GX2_1005_AnnexA.zip
    [2010/01/02 23:14:27 | 00,452,096 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Mourad\Desktop\OTM.exe
    [2010/01/02 13:23:01 | 35,293,542 | ---- | M] () -- C:\Documents and Settings\Mourad\Desktop\UsbFix_Upload_Me_7206BD0B.zip
    [2010/01/02 06:47:55 | 00,781,909 | ---- | M] () -- C:\Documents and Settings\Mourad\Desktop\RSIT.exe
    [2010/01/01 18:33:07 | 00,000,600 | ---- | M] () -- C:\Documents and Settings\Mourad\PUTTY.RND
    [2010/01/01 06:58:49 | 00,000,566 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Anonine.lnk
    [2010/01/01 06:39:55 | 00,000,792 | ---- | M] () -- C:\Documents and Settings\Mourad\Desktop\OpenVPN GUI.lnk
    [2010/01/01 04:54:03 | 00,000,789 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
    [2010/01/01 02:52:53 | 26,257,920 | ---- | M] () -- C:\Documents and Settings\Mourad\Desktop\yeynch52.exe
    [2009/12/31 07:27:51 | 00,000,574 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\ItsHidden.lnk
    [2009/12/30 14:55:24 | 00,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
    [2009/12/30 14:54:58 | 00,019,160 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
    [2009/12/28 05:57:48 | 00,370,712 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20100101-032351.backup
    [2009/12/25 05:57:49 | 00,002,293 | ---- | M] () -- C:\Documents and Settings\Mourad\Desktop\Google Chrome.lnk
    [2009/12/25 05:53:47 | 00,370,712 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20091228-055748.backup
    [2009/12/24 07:04:31 | 00,000,789 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20091225-055347.backup
    [2009/12/24 02:16:26 | 00,001,915 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Google Earth.lnk
    [2009/12/20 23:35:20 | 00,000,000 | ---- | M] () -- C:\WINDOWS\tftpdesk.INI
    [2009/12/20 23:16:11 | 00,729,088 | ---- | M] (Indigo Rose Corporation) -- C:\WINDOWS\iun6002.exe
    [2009/12/20 11:48:25 | 00,056,816 | ---- | M] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntflt.sys
    [2009/12/09 22:54:07 | 00,261,632 | ---- | M] () -- C:\WINDOWS\PEV.exe

    [color=#E56717]========== Files Created - No Company Name ==========[/color]

    [2010/01/03 21:38:29 | 00,274,952 | ---- | C] () -- C:\Documents and Settings\Mourad\Desktop\Sans nom 1.pdf
    [2010/01/03 20:11:55 | 00,000,211 | ---- | C] () -- C:\Boot.bak
    [2010/01/03 20:11:51 | 00,260,272 | ---- | C] () -- C:\cmldr
    [2010/01/03 20:06:05 | 00,261,632 | ---- | C] () -- C:\WINDOWS\PEV.exe
    [2010/01/03 20:06:05 | 00,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
    [2010/01/03 20:06:05 | 00,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
    [2010/01/03 20:06:05 | 00,077,312 | ---- | C] () -- C:\WINDOWS\MBR.exe
    [2010/01/03 20:06:05 | 00,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
    [2010/01/03 19:20:41 | 03,818,002 | R--- | C] () -- C:\Documents and Settings\Mourad\Desktop\ComboFix.exe
    [2010/01/03 07:14:53 | 06,441,045 | ---- | C] () -- C:\Documents and Settings\Mourad\Desktop\WAG54GX2_1005_AnnexA.zip
    [2010/01/02 07:22:36 | 35,293,542 | ---- | C] () -- C:\Documents and Settings\Mourad\Desktop\UsbFix_Upload_Me_7206BD0B.zip
    [2010/01/02 06:47:49 | 00,781,909 | ---- | C] () -- C:\Documents and Settings\Mourad\Desktop\RSIT.exe
    [2010/01/01 06:58:49 | 00,000,566 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Anonine.lnk
    [2010/01/01 06:39:55 | 00,000,792 | ---- | C] () -- C:\Documents and Settings\Mourad\Desktop\OpenVPN GUI.lnk
    [2010/01/01 02:44:36 | 26,257,920 | ---- | C] () -- C:\Documents and Settings\Mourad\Desktop\yeynch52.exe
    [2009/12/31 07:27:51 | 00,000,574 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\ItsHidden.lnk
    [2009/12/24 02:16:26 | 00,001,915 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Google Earth.lnk
    [2009/12/20 23:35:20 | 00,000,000 | ---- | C] () -- C:\WINDOWS\tftpdesk.INI
    [2009/11/05 06:55:16 | 00,006,144 | ---- | C] () -- C:\Documents and Settings\Mourad\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    [2009/10/28 14:29:40 | 00,000,940 | ---- | C] () -- C:\WINDOWS\bdoscandellang.ini
    [2009/10/20 00:48:58 | 00,177,056 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
    [2009/08/10 16:55:03 | 00,354,816 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
    [2009/07/22 11:20:03 | 00,248,664 | R--- | C] () -- C:\WINDOWS\System32\slvipgx.dll
    [2009/07/22 11:11:43 | 00,150,368 | R--- | C] () -- C:\WINDOWS\System32\slvipco.dll
    [2009/07/22 11:09:46 | 00,000,077 | ---- | C] () -- C:\WINDOWS\slsetup.ini
    [2009/06/06 17:43:47 | 00,000,741 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\hpzinstall.log
    [2009/05/12 14:39:13 | 00,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
    [2009/04/30 02:34:43 | 00,147,456 | ---- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4926.dll
    [2009/04/30 02:22:12 | 00,073,728 | ---- | C] () -- C:\WINDOWS\System32\RtNicProp32.dll
    [2009/04/25 06:08:05 | 00,000,223 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\Microsoft.SqlServer.Compact.351.32.bc
    [2009/04/22 15:16:50 | 00,204,800 | R--- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4764.dll
    [2009/04/22 15:13:26 | 00,000,535 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini
    [2009/04/22 15:13:22 | 00,010,288 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS
    [2009/04/22 15:06:55 | 00,000,996 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
    [2009/04/06 05:50:57 | 00,005,606 | ---- | C] () -- C:\WINDOWS\System32\stci.dll
    [2008/12/07 12:44:54 | 00,030,088 | ---- | C] () -- C:\WINDOWS\System32\drivers\btnetBus.sys
    [2007/10/25 13:04:22 | 00,163,840 | ---- | C] () -- C:\WINDOWS\System32\keyyofaxmon.dll
    [2005/08/24 13:56:04 | 00,090,112 | ---- | C] () -- C:\WINDOWS\System32\btprn2k.dll
    [2002/05/15 23:29:04 | 00,000,607 | ---- | C] () -- C:\WINDOWS\System32\BTNeighborhood.dll.manifest
    [2001/11/23 18:18:00 | 00,000,597 | ---- | C] () -- C:\WINDOWS\System32\btcss.dll.manifest
    [2001/11/14 13:56:00 | 01,802,240 | ---- | C] () -- C:\WINDOWS\System32\lcppn21.dll

    [color=#E56717]========== Custom Scans ==========[/color]

    [color=#A23BEC]< %SYSTEMDRIVE%\*.* >[/color]
    [2009/04/22 15:04:26 | 00,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
    [2009/09/09 04:06:08 | 00,000,211 | ---- | M] () -- C:\Boot.bak
    [2010/01/03 20:11:55 | 00,000,281 | RHS- | M] () -- C:\boot.ini
    [2004/08/03 23:00:00 | 00,260,272 | ---- | M] () -- C:\cmldr
    [2010/01/03 20:18:37 | 00,021,174 | ---- | M] () -- C:\ComboFix.txt
    [2009/04/22 15:04:26 | 00,000,000 | ---- | M] () -- C:\CONFIG.SYS
    [2010/01/04 05:57:54 | 32,121,03680 | -HS- | M] () -- C:\hiberfil.sys
    [2009/08/21 15:37:45 | 08,407,882 | ---- | M] () -- C:\immudebug.log
    [2009/04/22 15:04:26 | 00,000,000 | RHS- | M] () -- C:\IO.SYS
    [2009/04/23 14:19:47 | 00,001,035 | ---- | M] () -- C:\JavaRa.log
    [2009/04/22 15:04:26 | 00,000,000 | RHS- | M] () -- C:\MSDOS.SYS
    [2004/08/04 15:00:00 | 00,047,564 | RHS- | M] () -- C:\NTDETECT.COM
    [2009/04/23 01:29:25 | 00,250,048 | RHS- | M] () -- C:\ntldr
    [2010/01/04 05:57:44 | 21,453,86496 | -HS- | M] () -- C:\pagefile.sys
    [2009/04/22 15:06:56 | 00,001,392 | ---- | M] () -- C:\Recovery-Info.lnk
    [2009/12/29 13:48:37 | 00,001,608 | ---- | M] () -- C:\resiplog.txt
    [2009/06/12 22:29:38 | 00,058,752 | ---- | M] () -- C:\resultat.txt
    [2009/06/12 22:28:37 | 20,320,679 | ---- | M] () -- C:\upload_moi_MOURAD-7206BD0B.tar.gz
    [2010/01/02 07:25:54 | 00,005,860 | ---- | M] () -- C:\UsbFix.txt

    [color=#A23BEC]< %SYSTEMDRIVE%\*.exe >[/color]

    [color=#A23BEC]< %PROGRAMFILES%\*.* >[/color]

    [color=#A23BEC]< %PROGRAMFILES%\*. >[/color]
    [2009/10/15 18:21:03 | 00,000,000 | ---D | M] -- C:\Program Files\Adobe
    [2009/07/14 19:20:20 | 00,000,000 | ---D | M] -- C:\Program Files\Avira
    [2009/07/14 11:22:05 | 00,000,000 | ---D | M] -- C:\Program Files\Belkin
    [2009/04/22 18:59:18 | 00,000,000 | ---D | M] -- C:\Program Files\CCleaner
    [2009/05/05 19:18:40 | 00,000,000 | ---D | M] -- C:\Program Files\CDex_150
    [2009/06/08 05:17:07 | 00,000,000 | ---D | M] -- C:\Program Files\Ciel
    [2009/04/23 02:16:12 | 00,000,000 | ---D | M] -- C:\Program Files\ClocX
    [2010/01/03 20:16:03 | 00,000,000 | ---D | M] -- C:\Program Files\Common Files
    [2009/04/22 15:01:13 | 00,000,000 | ---D | M] -- C:\Program Files\ComPlus Applications
    [2009/07/22 11:34:30 | 00,000,000 | ---D | M] -- C:\Program Files\D-Link
    [2009/07/17 10:28:27 | 00,000,000 | ---D | M] -- C:\Program Files\Defraggler
    [2009/08/13 02:00:57 | 00,000,000 | ---D | M] -- C:\Program Files\ESTsoft
    [2009/04/23 06:11:42 | 00,000,000 | ---D | M] -- C:\Program Files\Google
    [2009/12/24 07:03:09 | 00,000,000 | ---D | M] -- C:\Program Files\Google Chrome
    [2009/06/06 17:48:21 | 00,000,000 | ---D | M] -- C:\Program Files\Hewlett-Packard
    [2009/06/06 17:48:45 | 00,000,000 | ---D | M] -- C:\Program Files\HP
    [2009/12/31 21:22:37 | 00,000,000 | -H-D | M] -- C:\Program Files\InstallShield Installation Information
    [2009/04/23 01:59:21 | 00,000,000 | ---D | M] -- C:\Program Files\Intel
    [2009/12/20 11:47:24 | 00,000,000 | ---D | M] -- C:\Program Files\Internet Explorer
    [2009/06/06 19:44:53 | 00,000,000 | ---D | M] -- C:\Program Files\IVT Corporation
    [2009/04/23 14:18:44 | 00,000,000 | ---D | M] -- C:\Program Files\Java
    [2009/10/31 11:27:54 | 00,000,000 | ---D | M] -- C:\Program Files\JRE
    [2009/04/23 17:22:36 | 00,000,000 | ---D | M] -- C:\Program Files\jv16 PowerTools
    [2009/08/15 19:10:17 | 00,000,000 | ---D | M] -- C:\Program Files\Keyyo Softphone X-Lite
    [2009/08/18 06:19:28 | 00,000,000 | ---D | M] -- C:\Program Files\Keyyo X-PRO
    [2009/08/20 17:40:59 | 00,000,000 | ---D | M] -- C:\Program Files\KeyyoFax
    [2009/04/24 19:55:54 | 00,000,000 | ---D | M] -- C:\Program Files\Lavalys
    [2010/01/01 02:41:10 | 00,000,000 | ---D | M] -- C:\Program Files\ma-config.com
    [2010/01/01 03:18:48 | 00,000,000 | ---D | M] -- C:\Program Files\Malwarebytes' Anti-Malware
    [2009/04/23 16:56:32 | 00,000,000 | ---D | M] -- C:\Program Files\media-player-classic_media_player_classic_6.4.9.1_build_20081210_francais_11019
    [2009/04/23 01:38:49 | 00,000,000 | ---D | M] -- C:\Program Files\Messenger
    [2009/08/26 19:13:32 | 00,000,000 | ---D | M] -- C:\Program Files\Microsoft
    [2009/04/22 15:07:12 | 00,000,000 | ---D | M] -- C:\Program Files\microsoft frontpage
    [2009/04/23 01:34:18 | 00,000,000 | ---D | M] -- C:\Program Files\Movie Maker
    [2010/01/04 06:33:17 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox
    [2009/05/05 21:13:41 | 00,000,000 | ---D | M] -- C:\Program Files\MP3Gain
    [2009/04/23 17:08:42 | 00,000,000 | ---D | M] -- C:\Program Files\MSBuild
    [2009/04/22 15:00:09 | 00,000,000 | ---D | M] -- C:\Program Files\MSN
    [2009/04/22 15:00:51 | 00,000,000 | ---D | M] -- C:\Program Files\MSN Gaming Zone
    [2009/05/04 19:45:15 | 00,000,000 | ---D | M] -- C:\Program Files\MSN Messenger
    [2009/04/23 14:21:45 | 00,000,000 | ---D | M] -- C:\Program Files\MSXML 4.0
    [2009/04/23 07:28:10 | 00,000,000 | ---D | M] -- C:\Program Files\Nero
    [2009/04/23 01:31:36 | 00,000,000 | ---D | M] -- C:\Program Files\NetMeeting
    [2009/04/22 17:07:13 | 00,000,000 | ---D | M] -- C:\Program Files\Online Services
    [2009/10/31 13:06:29 | 00,000,000 | ---D | M] -- C:\Program Files\OpenOffice.org 3
    [2010/01/04 06:12:09 | 00,000,000 | ---D | M] -- C:\Program Files\OpenVPN
    [2009/10/31 08:37:47 | 00,000,000 | ---D | M] -- C:\Program Files\Opera
    [2009/08/13 03:01:58 | 00,000,000 | ---D | M] -- C:\Program Files\Outlook Express
    [2010/01/04 06:12:37 | 00,000,000 | ---D | M] -- C:\Program Files\Panda Security
    [2009/08/26 23:08:42 | 00,000,000 | ---D | M] -- C:\Program Files\Patch MsnCreative
    [2010/01/01 01:34:16 | 00,000,000 | ---D | M] -- C:\Program Files\PC Tools Firewall Plus
    [2010/01/02 13:23:59 | 00,000,000 | ---D | M] -- C:\Program Files\Real
    [2009/12/31 21:22:40 | 00,000,000 | ---D | M] -- C:\Program Files\Realtek
    [2009/04/23 17:08:32 | 00,000,000 | ---D | M] -- C:\Program Files\Reference Assemblies
    [2009/12/24 01:52:43 | 00,000,000 | R--D | M] -- C:\Program Files\Skype
    [2009/12/21 00:32:47 | 00,000,000 | ---D | M] -- C:\Program Files\SolarWinds
    [2009/12/20 11:49:57 | 00,000,000 | ---D | M] -- C:\Program Files\Spybot - Search & Destroy
    [2009/12/21 00:47:02 | 00,000,000 | ---D | M] -- C:\Program Files\TFTP Desktop
    [2009/04/30 19:51:01 | 00,000,000 | ---D | M] -- C:\Program Files\Thomson
    [2009/06/07 13:23:33 | 00,000,000 | ---D | M] -- C:\Program Files\Trend Micro
    [2009/04/22 15:10:44 | 00,000,000 | -H-D | M] -- C:\Program Files\Uninstall Information
    [2009/04/23 02:20:39 | 00,000,000 | ---D | M] -- C:\Program Files\VideoLAN
    [2009/05/04 19:45:40 | 00,000,000 | ---D | M] -- C:\Program Files\Windows Live
    [2009/05/04 19:44:14 | 00,000,000 | ---D | M] -- C:\Program Files\Windows Live SkyDrive
    [2009/04/23 02:26:39 | 00,000,000 | ---D | M] -- C:\Program Files\Windows Media Connect 2
    [2009/04/23 02:28:24 | 00,000,000 | ---D | M] -- C:\Program Files\Windows Media Player
    [2009/04/23 01:31:33 | 00,000,000 | ---D | M] -- C:\Program Files\Windows NT
    [2009/04/22 15:03:17 | 00,000,000 | -H-D | M] -- C:\Program Files\WindowsUpdate
    [2009/04/22 15:07:12 | 00,000,000 | ---D | M] -- C:\Program Files\xerox
    [2010/01/04 06:14:12 | 00,000,000 | ---D | M] -- C:\Program Files\Yahoo!

    [color=#A23BEC]< MD5 for: AGP440.SYS >[/color]
    [2008/04/13 21:36:38 | 00,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ERDNT\cache\agp440.sys
    [2008/04/13 21:36:38 | 00,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
    [2008/04/13 21:36:38 | 00,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\dllcache\agp440.sys
    [2008/04/13 21:36:38 | 00,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys

    [color=#A23BEC]< MD5 for: ATAPI.SYS >[/color]
    [2008/04/13 21:40:30 | 00,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ERDNT\cache\atapi.sys
    [2008/04/13 21:40:30 | 00,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
    [2008/04/13 21:40:30 | 00,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\dllcache\atapi.sys
    [2008/04/13 21:40:30 | 00,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
    [2004/08/03 22:59:44 | 00,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys
    [2004/08/04 15:00:00 | 00,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0004\DriverFiles\i386\atapi.sys

    [color=#A23BEC]< MD5 for: AUTOCHK.EXE >[/color]
    [2008/04/14 03:12:12 | 00,588,800 | ---- | M] (Microsoft Corporation) MD5=23043C91A0F9DFB4B9E9F87B680863B4 -- C:\cmdcons\autochk.exe
    [2008/04/14 03:12:12 | 00,588,800 | ---- | M] (Microsoft Corporation) MD5=23043C91A0F9DFB4B9E9F87B680863B4 -- C:\WINDOWS\ServicePackFiles\i386\autochk.exe
    [2008/04/14 03:12:12 | 00,588,800 | ---- | M] (Microsoft Corporation) MD5=23043C91A0F9DFB4B9E9F87B680863B4 -- C:\WINDOWS\system32\autochk.exe
    [2008/04/14 03:12:12 | 00,588,800 | ---- | M] (Microsoft Corporation) MD5=23043C91A0F9DFB4B9E9F87B680863B4 -- C:\WINDOWS\system32\dllcache\autochk.exe
    [2004/08/04 15:00:00 | 00,588,800 | ---- | M] (Microsoft Corporation) MD5=B3415B9D6026F65E43089ABED096C38C -- C:\WINDOWS\$NtServicePackUninstall$\autochk.exe

    [color=#A23BEC]< MD5 for: BEEP.SYS >[/color]
    [2004/08/04 15:00:00 | 00,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\ERDNT\cache\beep.sys
    [2004/08/04 15:00:00 | 00,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\dllcache\beep.sys
    [2004/08/04 15:00:00 | 00,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\drivers\beep.sys

    [color=#A23BEC]< MD5 for: EVENTLOG.DLL >[/color]
    [2008/04/14 03:11:53 | 00,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\ERDNT\cache\eventlog.dll
    [2008/04/14 03:11:53 | 00,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
    [2008/04/14 03:11:53 | 00,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\system32\eventlog.dll
    [2004/08/04 15:00:00 | 00,055,808 | ---- | M] (Microsoft Corporation) MD5=82B24CB70E5944E6E34662205A2A5B78 -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll

    [color=#A23BEC]< MD5 for: EXPLORER.EXE >[/color]
    [2008/04/14 03:12:19 | 01,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\ERDNT\cache\explorer.exe
    [2008/04/14 03:12:19 | 01,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\explorer.exe
    [2008/04/14 03:12:19 | 01,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe
    [2004/08/04 15:00:00 | 01,032,192 | ---- | M] (Microsoft Corporation) MD5=A0732187050030AE399B241436565E64 -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe

    [color=#A23BEC]< MD5 for: IASTOR.SYS >[/color]
    [2004/09/26 16:24:54 | 00,477,952 | ---- | M] (Intel Corporation) MD5=DD19FDD8BB262F64A11C50CC23FC6F70 -- C:\WINDOWS\OEM\iaStor\iaStor.sys

    [color=#A23BEC]< MD5 for: IMM32.DLL >[/color]
    [2008/04/14 03:11:54 | 00,110,080 | ---- | M] (Microsoft Corporation) MD5=0DA85218E92526972A821587E6A8BF8F -- C:\WINDOWS\ERDNT\cache\imm32.dll
    [2008/04/14 03:11:54 | 00,110,080 | ---- | M] (Microsoft Corporation) MD5=0DA85218E92526972A821587E6A8BF8F -- C:\WINDOWS\ServicePackFiles\i386\imm32.dll
    [2008/04/14 03:11:54 | 00,110,080 | ---- | M] (Microsoft Corporation) MD5=0DA85218E92526972A821587E6A8BF8F -- C:\WINDOWS\system32\imm32.dll
    [2004/08/04 15:00:00 | 00,110,080 | ---- | M] (Microsoft Corporation) MD5=87CA7CE6469577F059297B9D6556D66D -- C:\WINDOWS\$NtServicePackUninstall$\imm32.dll

    [color=#A23BEC]< MD5 for: KERNEL32.DLL >[/color]
    [2009/03/21 16:54:07 | 00,989,184 | ---- | M] (Microsoft Corporation) MD5=80202858D245FF07DAA1739C57A3E19B -- C:\WINDOWS\$hf_mig$\KB959426\SP2QFE\kernel32.dll
    [2004/08/04 15:00:00 | 00,983,552 | ---- | M] (Microsoft Corporation) MD5=888190E31455FAD793312F8D087146EB -- C:\WINDOWS\$NtUninstallKB959426_0$\kernel32.dll
    [2009/03/21 17:18:57 | 00,986,112 | ---- | M] (Microsoft Corporation) MD5=B6ACAED7588295129791E0E6A2B0FADE -- C:\WINDOWS\$NtServicePackUninstall$\kernel32.dll
    [2009/03/21 17:06:58 | 00,989,696 | ---- | M] (Microsoft Corporation) MD5=B921FB870C9AC0D509B2CCABBBBE95F3 -- C:\WINDOWS\$hf_mig$\KB959426\SP3GDR\kernel32.dll
    [2009/03/21 17:06:58 | 00,989,696 | ---- | M] (Microsoft Corporation) MD5=B921FB870C9AC0D509B2CCABBBBE95F3 -- C:\WINDOWS\ERDNT\cache\kernel32.dll
    [2009/03/21 17:06:58 | 00,989,696 | ---- | M] (Microsoft Corporation) MD5=B921FB870C9AC0D509B2CCABBBBE95F3 -- C:\WINDOWS\system32\dllcache\kernel32.dll
    [2009/03/21 17:06:58 | 00,989,696 | ---- | M] (Microsoft Corporation) MD5=B921FB870C9AC0D509B2CCABBBBE95F3 -- C:\WINDOWS\system32\kernel32.dll
    [2008/04/14 03:11:56 | 00,989,696 | ---- | M] (Microsoft Corporation) MD5=C24B983D211C34DA8FCC1AC38477971D -- C:\WINDOWS\$NtUninstallKB959426$\kernel32.dll
    [2008/04/14 03:11:56 | 00,989,696 | ---- | M] (Microsoft Corporation) MD5=C24B983D211C34DA8FCC1AC38477971D -- C:\WINDOWS\ServicePackFiles\i386\kernel32.dll
    [2009/03/21 16:59:23 | 00,991,744 | ---- | M] (Microsoft Corporation) MD5=DA11D9D6ECBDF0F93436A4B7C13F7BEC -- C:\WINDOWS\$hf_mig$\KB959426\SP3QFE\kernel32.dll

    [color=#A23BEC]< MD5 for: MSWSOCK.DLL >[/color]
    [2008/06/20 20:41:10 | 00,245,248 | ---- | M] (Microsoft Corporation) MD5=097722F235A1FB698BF9234E01B52637 -- C:\WINDOWS\$NtServicePackUninstall$\mswsock.dll
    [2008/06/20 20:36:11 | 00,245,248 | ---- | M] (Microsoft Corporation) MD5=1DFCA7713EA5A70D5D93B436AEA0317A -- C:\WINDOWS\$hf_mig$\KB951748\SP2QFE\mswsock.dll
    [2004/08/04 15:00:00 | 00,245,248 | ---- | M] (Microsoft Corporation) MD5=4E74AF063C3271FBEA20DD940CFD1184 -- C:\WINDOWS\$NtUninstallKB951748_0$\mswsock.dll
    [2008/06/20 20:46:57 | 00,245,248 | ---- | M] (Microsoft Corporation) MD5=832E4DD8964AB7ACC880B2837CB1ED20 -- C:\WINDOWS\$hf_mig$\KB951748\SP3GDR\mswsock.dll
    [2008/06/20 20:46:57 | 00,245,248 | ---- | M] (Microsoft Corporation) MD5=832E4DD8964AB7ACC880B2837CB1ED20 -- C:\WINDOWS\ERDNT\cache\mswsock.dll
    [2008/06/20 20:46:57 | 00,245,248 | ---- | M] (Microsoft Corporation) MD5=832E4DD8964AB7ACC880B2837CB1ED20 -- C:\WINDOWS\system32\dllcache\mswsock.dll
    [2008/06/20 20:46:57 | 00,245,248 | ---- | M] (Microsoft Corporation) MD5=832E4DD8964AB7ACC880B2837CB1ED20 -- C:\WINDOWS\system32\mswsock.dll
    [2008/04/14 03:12:01 | 00,245,248 | ---- | M] (Microsoft Corporation) MD5=B4138E99236F0F57D4CF49BAE98A0746 -- C:\WINDOWS\$NtUninstallKB951748$\mswsock.dll
    [2008/04/14 03:12:01 | 00,245,248 | ---- | M] (Microsoft Corporation) MD5=B4138E99236F0F57D4CF49BAE98A0746 -- C:\WINDOWS\ServicePackFiles\i386\mswsock.dll
    [2008/06/20 20:43:05 | 00,245,248 | ---- | M] (Microsoft Corporation) MD5=FCEE5FCB99F7C724593365C706D28388 -- C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\mswsock.dll

    [color=#A23BEC]< MD5 for: NDIS.SYS >[/color]
    [2008/04/13 22:20:37 | 00,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\ERDNT\cache\ndis.sys
    [2008/04/13 22:20:37 | 00,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\ServicePackFiles\i386\ndis.sys
    [2008/04/13 22:20:37 | 00,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\dllcache\ndis.sys
    [2008/04/13 22:20:37 | 00,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys
    [2004/08/04 15:00:00 | 00,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\$NtServicePackUninstall$\ndis.sys

    [color=#A23BEC]< MD5 for: NETLOGON.DLL >[/color]
    [2008/04/14 03:12:01 | 00,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\ERDNT\cache\netlogon.dll
    [2008/04/14 03:12:01 | 00,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
    [2008/04/14 03:12:01 | 00,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\system32\netlogon.dll
    [2004/08/04 15:00:00 | 00,407,040 | ---- | M] (Microsoft Corporation) MD5=96353FCECBA774BB8DA74A1C6507015A -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll

    [color=#A23BEC]< MD5 for: NTFS.SYS >[/color]
    [2008/04/13 22:15:53 | 00,574,976 | ---- | M] (Microsoft Corporation) MD5=78A08DD6A8D65E697C18E1DB01C5CDCA -- C:\WINDOWS\ERDNT\cache\ntfs.sys
    [2008/04/13 22:15:53 | 00,574,976 | ---- | M] (Microsoft Corporation) MD5=78A08DD6A8D65E697C18E1DB01C5CDCA -- C:\WINDOWS\ServicePackFiles\i386\ntfs.sys
    [2008/04/13 22:15:53 | 00,574,976 | ---- | M] (Microsoft Corporation) MD5=78A08DD6A8D65E697C18E1DB01C5CDCA -- C:\WINDOWS\system32\dllcache\ntfs.sys
    [2008/04/13 22:15:53 | 00,574,976 | ---- | M] (Microsoft Corporation) MD5=78A08DD6A8D65E697C18E1DB01C5CDCA -- C:\WINDOWS\system32\drivers\ntfs.sys
    [2004/08/03 23:15:10 | 00,574,592 | ---- | M] (Microsoft Corporation) MD5=B78BE402C3F63DD55521F73876951CDD -- C:\cmdcons\NTFS.SYS
    [2004/08/04 15:00:00 | 00,574,592 | ---- | M] (Microsoft Corporation) MD5=B78BE402C3F63DD55521F73876951CDD -- C:\WINDOWS\$NtServicePackUninstall$\ntfs.sys

    [color=#A23BEC]< MD5 for: NTMSSVC.DLL >[/color]
    [2008/04/14 03:12:02 | 00,435,200 | ---- | M] (Microsoft Corporation) MD5=156F64A3345BD23C600655FB4D10BC08 -- C:\WINDOWS\ERDNT\cache\ntmssvc.dll
    [2008/04/14 03:12:02 | 00,435,200 | ---- | M] (Microsoft Corporation) MD5=156F64A3345BD23C600655FB4D10BC08 -- C:\WINDOWS\ServicePackFiles\i386\ntmssvc.dll
    [2008/04/14 03:12:02 | 00,435,200 | ---- | M] (Microsoft Corporation) MD5=156F64A3345BD23C600655FB4D10BC08 -- C:\WINDOWS\system32\dllcache\ntmssvc.dll
    [2008/04/14 03:12:02 | 00,435,200 | ---- | M] (Microsoft Corporation) MD5=156F64A3345BD23C600655FB4D10BC08 -- C:\WINDOWS\system32\ntmssvc.dll
    [2004/08/04 15:00:00 | 00,435,200 | ---- | M] (Microsoft Corporation) MD5=B62F29C00AC55A761B2E45877D85EA0F -- C:\WINDOWS\$NtServicePackUninstall$\ntmssvc.dll

    [color=#A23BEC]< MD5 for: NVATABUS.SYS >[/color]
    [2004/09/02 10:24:38 | 00,082,816 | ---- | M] (NVIDIA Corporation) MD5=EEABD98AA887DD923546F20D400B2907 -- C:\WINDOWS\OEM\nvatabus\nvatabus.sys

    [color=#A23BEC]< MD5 for: PROQUOTA.EXE >[/color]
    [2004/08/04 15:00:00 | 00,050,176 | ---- | M] (Microsoft Corporation) MD5=4D9D45A4370E0C2AD00C362B7118E2A4 -- C:\WINDOWS\$NtServicePackUninstall$\proquota.exe
    [2008/04/14 03:12:32 | 00,050,176 | ---- | M] (Microsoft Corporation) MD5=F6465A2EEF75468988A4FCF124148FA8 -- C:\WINDOWS\ServicePackFiles\i386\proquota.exe
    [2008/04/14 03:12:32 | 00,050,176 | ---- | M] (Microsoft Corporation) MD5=F6465A2EEF75468988A4FCF124148FA8 -- C:\WINDOWS\system32\dllcache\proquota.exe
    [2008/04/14 03:12:32 | 00,050,176 | ---- | M] (Microsoft Corporation) MD5=F6465A2EEF75468988A4FCF124148FA8 -- C:\WINDOWS\system32\proquota.exe

    [color=#A23BEC]< MD5 for: QMGR.DLL >[/color]
    [2004/08/04 15:00:00 | 00,382,464 | ---- | M] (Microsoft Corporation) MD5=2C69EC7E5A311334D10DD95F338FCCEA -- C:\WINDOWS\$NtServicePackUninstall$\qmgr.dll
    [2008/04/14 03:12:03 | 00,409,088 | ---- | M] (Microsoft Corporation) MD5=574738F61FCA2935F5265DC4E5691314 -- C:\WINDOWS\ERDNT\cache\qmgr.dll
    [2008/04/14 03:12:03 | 00,409,088 | ---- | M] (Microsoft Corporation) MD5=574738F61FCA2935F5265DC4E5691314 -- C:\WINDOWS\ServicePackFiles\i386\qmgr.dll
    [2008/04/14 03:12:03 | 00,409,088 | ---- | M] (Microsoft Corporation) MD5=574738F61FCA2935F5265DC4E5691314 -- C:\WINDOWS\system32\bits\qmgr.dll
    [2008/04/14 03:12:03 | 00,409,088 | ---- | M] (Microsoft Corporation) MD5=574738F61FCA2935F5265DC4E5691314 -- C:\WINDOWS\system32\qmgr.dll

    [color=#A23BEC]< MD5 for: SCECLI.DLL >[/color]
    [2004/08/04 15:00:00 | 00,180,224 | ---- | M] (Microsoft Corporation) MD5=0F78E27F563F2AAF74B91A49E2ABF19A -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
    [2008/04/14 03:12:05 | 00,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\ERDNT\cache\scecli.dll
    [2008/04/14 03:12:05 | 00,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
    [2008/04/14 03:12:05 | 00,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\system32\scecli.dll

    [color=#A23BEC]< MD5 for: SFCFILES.DLL >[/color]
    [2004/08/04 15:00:00 | 01,580,544 | ---- | M] (Microsoft Corporation) MD5=30A609E00BD1D4FFC49D6B5A432BE7F2 -- C:\WINDOWS\$NtServicePackUninstall$\sfcfiles.dll
    [2008/04/14 03:12:05 | 01,614,848 | ---- | M] (Microsoft Corporation) MD5=9DD07AF82244867CA36681EA2D29CE79 -- C:\WINDOWS\ERDNT\cache\sfcfiles.dll
    [2008/04/14 03:12:05 | 01,614,848 | ---- | M] (Microsoft Corporation) MD5=9DD07AF82244867CA36681EA2D29CE79 -- C:\WINDOWS\ServicePackFiles\i386\sfcfiles.dll
    [2008/04/14 03:12:05 | 01,614,848 | ---- | M] (Microsoft Corporation) MD5=9DD07AF82244867CA36681EA2D29CE79 -- C:\WINDOWS\system32\dllcache\sfcfiles.dll
    [2008/04/14 03:12:05 | 01,614,848 | ---- | M] (Microsoft Corporation) MD5=9DD07AF82244867CA36681EA2D29CE79 -- C:\WINDOWS\system32\sfcfiles.dll

    [color=#A23BEC]< MD5 for: SPOOLSV.EXE >[/color]
    [2004/08/04 15:00:00 | 00,057,856 | ---- | M] (Microsoft Corporation) MD5=7435B108B935E42EA92CA94F59C8E717 -- C:\WINDOWS\$NtServicePackUninstall$\spoolsv.exe
    [2008/04/14 03:12:36 | 00,057,856 | ---- | M] (Microsoft Corporation) MD5=D8E14A61ACC1D4A6CD0D38AEBAC7FA3B -- C:\WINDOWS\ERDNT\cache\spoolsv.exe
    [2008/04/14 03:12:36 | 00,057,856 | ---- | M] (Microsoft Corporation) MD5=D8E14A61ACC1D4A6CD0D38AEBAC7FA3B -- C:\WINDOWS\ServicePackFiles\i386\spoolsv.exe
    [2008/04/14 03:12:36 | 00,057,856 | ---- | M] (Microsoft Corporation) MD5=D8E14A61ACC1D4A6CD0D38AEBAC7FA3B -- C:\WINDOWS\system32\spoolsv.exe

    [color=#A23BEC]< MD5 for: SVCHOST.EXE >[/color]
    [2008/04/14 03:12:36 | 00,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\ERDNT\cache\svchost.exe
    [2008/04/14 03:12:36 | 00,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\ServicePackFiles\i386\svchost.exe
    [2008/04/14 03:12:36 | 00,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\system32\svchost.exe
    [2004/08/04 15:00:00 | 00,014,336 | ---- | M] (Microsoft Corporation) MD5=8F078AE4ED187AAABC0A305146DE6716 -- C:\WINDOWS\$NtServicePackUninstall$\svchost.exe

    [color=#A23BEC]< MD5 for: TERMSRV.DLL >[/color]
    [2004/08/04 15:00:00 | 00,295,424 | ---- | M] (Microsoft Corporation) MD5=B60C877D16D9C880B952FDA04ADF16E6 -- C:\WINDOWS\$NtServicePackUninstall$\termsrv.dll
    [2008/04/14 03:12:07 | 00,295,424 | ---- | M] (Microsoft Corporation) MD5=FF3477C03BE7201C294C35F684B3479F -- C:\WINDOWS\ERDNT\cache\termsrv.dll
    [2008/04/14 03:12:07 | 00,295,424 | ---- | M] (Microsoft Corporation) MD5=FF3477C03BE7201C294C35F684B3479F -- C:\WINDOWS\ServicePackFiles\i386\termsrv.dll
    [2008/04/14 03:12:07 | 00,295,424 | ---- | M] (Microsoft Corporation) MD5=FF3477C03BE7201C294C35F684B3479F -- C:\WINDOWS\system32\termsrv.dll

    [color=#A23BEC]< MD5 for: USERINIT.EXE >[/color]
    [2004/08/04 15:00:00 | 00,024,576 | ---- | M] (Microsoft Corporation) MD5=39B1FFB03C2296323832ACBAE50D2AFF -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe
    [2008/04/14 03:12:38 | 00,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\ERDNT\cache\userinit.exe
    [2008/04/14 03:12:38 | 00,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
    [2008/04/14 03:12:38 | 00,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\system32\dllcache\userinit.exe
    [2008/04/14 03:12:38 | 00,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\system32\userinit.exe

    [color=#A23BEC]< MD5 for: VIAMRAID.SYS >[/color]
    [2004/05/18 16:55:26 | 00,074,112 | ---- | M] (VIA Technologies inc,.ltd) MD5=F199939205DCCC7836AE5AB8B5DD5E83 -- C:\WINDOWS\OEM\viapdsk\viamraid.sys

    [color=#A23BEC]< MD5 for: WS2_32.DLL >[/color]
    [2008/04/14 03:12:10 | 00,082,432 | ---- | M] (Microsoft Corporation) MD5=2CCC474EB85CEAA3E1FA1726580A3E5A -- C:\WINDOWS\ERDNT\cache\ws2_32.dll
    [2008/04/14 03:12:10 | 00,082,432 | ---- | M] (Microsoft Corporation) MD5=2CCC474EB85CEAA3E1FA1726580A3E5A -- C:\WINDOWS\ServicePackFiles\i386\ws2_32.dll
    [2008/04/14 03:12:10 | 00,082,432 | ---- | M] (Microsoft Corporation) MD5=2CCC474EB85CEAA3E1FA1726580A3E5A -- C:\WINDOWS\system32\ws2_32.dll
    [2004/08/04 15:00:00 | 00,082,944 | ---- | M] (Microsoft Corporation) MD5=2ED0B7F12A60F90092081C50FA0EC2B2 -- C:\WINDOWS\$NtServicePackUninstall$\ws2_32.dll

    [color=#A23BEC]< MD5 for: XMLPROV.DLL >[/color]
    [2008/04/14 03:12:11 | 00,129,024 | ---- | M] (Microsoft Corporation) MD5=295D21F14C335B53CB8154E5B1F892B9 -- C:\WINDOWS\ERDNT\cache\xmlprov.dll
    [2008/04/14 03:12:11 | 00,129,024 | ---- | M] (Microsoft Corporation) MD5=295D21F14C335B53CB8154E5B1F892B9 -- C:\WINDOWS\ServicePackFiles\i386\xmlprov.dll
    [2008/04/14 03:12:11 | 00,129,024 | ---- | M] (Microsoft Corporation) MD5=295D21F14C335B53CB8154E5B1F892B9 -- C:\WINDOWS\system32\dllcache\xmlprov.dll
    [2008/04/14 03:12:11 | 00,129,024 | ---- | M] (Microsoft Corporation) MD5=295D21F14C335B53CB8154E5B1F892B9 -- C:\WINDOWS\system32\xmlprov.dll
    [2004/08/04 15:00:00 | 00,129,536 | ---- | M] (Microsoft Corporation) MD5=EEF46DAB68229A14DA3D8E73C99E2959 -- C:\WINDOWS\$NtServicePackUninstall$\xmlprov.dll

    [color=#A23BEC]< %systemroot%\*. /mp /s >[/color]

    [color=#A23BEC]< c:\$recycle.bin\*.* /s >[/color]

    [color=#E56717]========== Alternate Data Streams ==========[/color]

    @Alternate Data Stream - 144 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:C31F31E6
    < End of report >
    0
  10. mou_yem Messages postés 116 Statut Membre 1
     
    et le second:
    - Extras.Txt:

    OTL Extras logfile created on: 1/4/2010 6:34:19 AM - Run 1
    OTL by OldTimer - Version 3.1.21.0 Folder = C:\Documents and Settings\Mourad\Desktop
    Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
    Internet Explorer (Version = 8.0.6001.18702)
    Locale: 00000409 | Country: États-Unis | Language: ENU | Date Format: M/d/yyyy

    3.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 85.00% Memory free
    5.00 Gb Paging File | 4.00 Gb Available in Paging File | 93.00% Paging File free
    Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
    Drive C: | 39.07 Gb Total Space | 23.54 Gb Free Space | 60.26% Space Free | Partition Type: NTFS
    Drive D: | 39.07 Gb Total Space | 38.97 Gb Free Space | 99.74% Space Free | Partition Type: NTFS
    Drive E: | 39.07 Gb Total Space | 38.97 Gb Free Space | 99.75% Space Free | Partition Type: NTFS
    Drive F: | 31.84 Gb Total Space | 31.75 Gb Free Space | 99.71% Space Free | Partition Type: NTFS
    G: Drive not present or media not loaded
    H: Drive not present or media not loaded
    Drive I: | 962.70 Mb Total Space | 603.00 Mb Free Space | 62.64% Space Free | Partition Type: FAT

    Computer Name: 7206BD0B
    Current User Name: Mourad
    Logged in as Administrator.

    Current Boot Mode: Normal
    Scan Mode: Current user
    Company Name Whitelist: Off
    Skip Microsoft Files: Off
    File Age = 30 Days
    Output = Standard

    [color=#E56717]========== Extra Registry (SafeList) ==========[/color]

    [color=#E56717]========== File Associations ==========[/color]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
    .html [@ = Opera.HTML] -- C:\Program Files\Opera\Opera.exe (Opera Software)

    [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
    .html [@ = htmlfile] -- Reg Error: Key error. File not found

    [color=#E56717]========== Shell Spawning ==========[/color]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
    batfile [open] -- "%1" %*
    cmdfile [open] -- "%1" %*
    comfile [open] -- "%1" %*
    exefile [open] -- "%1" %*
    htmlfile [edit] -- Reg Error: Key error.
    htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
    htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
    http [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
    https [open] -- "C:\Program Files\Opera\opera.exe" (Opera Software)
    piffile [open] -- "%1" %*
    regfile [merge] -- Reg Error: Key error.
    scrfile [config] -- "%1"
    scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
    scrfile [open] -- "%1" /S
    txtfile [edit] -- Reg Error: Key error.
    Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
    Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
    Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
    Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
    Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
    Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
    CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "%programfiles%\internet explorer\iexplore.exe" (Microsoft Corporation)

    [color=#E56717]========== Security Center Settings ==========[/color]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
    "FirstRunDisabled" = 1
    "AntiVirusDisableNotify" = 0
    "FirewallDisableNotify" = 0
    "UpdatesDisableNotify" = 0
    "AntiVirusOverride" = 0
    "FirewallOverride" = 0

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
    "EnableFirewall" = 0

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
    "139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
    "445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
    "137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
    "138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
    "EnableFirewall" = 0
    "DoNotAllowExceptions" = 0
    "DisableNotifications" = 0

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
    "48113:TCP" = 48113:TCP:LocalSubNet:Enabled:maconfig_tcp
    "48113:UDP" = 48113:UDP:LocalSubNet:Enabled:maconfig_udp
    "5060:UDP" = 5060:UDP:*:Enabled:5060
    "5061:UDP" = 5061:UDP:*:Enabled:5061
    "16384:UDP" = 16384:UDP:*:Enabled:16384
    "16482:UDP" = 16482:UDP:*:Enabled:16482
    "1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
    "2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
    "139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
    "445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
    "137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
    "138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002

    [color=#E56717]========== Authorized Applications List ==========[/color]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
    "C:\Program Files\MSN Messenger\livecall.exe" = C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone) -- File not found
    "C:\Program Files\Windows Live\Messenger\wlcsdk.exe" = C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation)

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
    "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" = C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger -- File not found
    "C:\Program Files\Thomson\ST330\service\st330service.exe" = C:\Program Files\Thomson\ST330\service\st330service.exe:*:Enabled:ST330 service -- (THOMSON Telecom Belgium)
    "C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe -- (Hewlett-Packard Co.)
    "C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe -- (Hewlett-Packard Co.)
    "C:\Program Files\HP\Digital Imaging\bin\hposid01.exe" = C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe -- (Hewlett-Packard Co.)
    "C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe" = C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe:*:Enabled:hpiscnapp.exe -- (Hewlett-Packard)
    "C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe -- (Hewlett-Packard)
    "C:\Program Files\Windows Live\Messenger\wlcsdk.exe" = C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation)
    "C:\Program Files\Skype\Plugin Manager\skypePM.exe" = C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager -- (Skype Technologies)
    "C:\Program Files\ma-config.com\maconfservice.exe" = C:\Program Files\ma-config.com\maconfservice.exe:LocalSubNet:Enabled:maconfservice -- (CybelSoft)
    "C:\Program Files\Skype\Phone\Skype.exe" = C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype -- (Skype Technologies S.A.)

    [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
    "{0A7AB28D-E7DE-458A-9243-663DADDEE290}" = D-Link USB VoIP Adapter
    "{0A7AB28D-E7DE-458A-9243-663DADDEE290}SL" = D-Link USB VoIP Adapter
    "{0BD83598-C2EF-3343-847B-7D2E84599128}" = Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - FRA
    "{0F7C2E47-089E-4d23-B9F7-39BE00100776}" = Toolbox
    "{0FA44E79-CD7D-4E8D-A2EE-26FE05F509B6}" = OpenOffice.org 3.1
    "{11B83AD3-7A46-4C2E-A568-9505981D4C6F}" = HP Update
    "{18669FF9-C8FE-407a-9F70-E674896B1DB4}" = GPBaseService
    "{18754BA4-4F0C-4E6E-888B-9496AFA05F43}" = Ma-Config.com
    "{1AA86313-B188-498D-91CF-D017AC5A82A5}" = SolarWinds TFTP Server
    "{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Outil de téléchargement Windows Live
    "{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
    "{26A24AE4-039D-4CA4-87B4-2F83216016FF}" = Java(TM) 6 Update 16
    "{3248F0A8-6813-11D6-A77B-00B0D0150000}" = J2SE Runtime Environment 5.0
    "{34BFB099-07B2-4E95-A673-7362D60866A2}" = PSSWCORE
    "{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
    "{36FDBE6E-6684-462b-AE98-9A39A1B200CC}" = HPProductAssistant
    "{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
    "{3E31821C-7917-367E-938E-E65FC413EA31}" = Microsoft .NET Framework 3.5 Language Pack SP1 - fra
    "{3F4EC965-28EF-45C3-B063-04B25D4E9679}" = Belkin Bluetooth Software
    "{46ABBC54-1872-4AA3-95E2-F2C063A63F31}" = Installation Windows Live
    "{4B296228-DF7C-43EA-8DED-76027355B219}" = Opera 10.01
    "{5109C064-813E-4e87-B0DE-C8AF7B5BC02B}" = SmartWebPrintingOC
    "{52A69E11-7CEB-4a7d-9607-68BA4F39A89B}" = DeviceDiscovery
    "{541DEAC0-5F3D-45E6-B7CB-94ECF3B96748}" = Skype web features
    "{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
    "{5ACE69F0-A3E8-44eb-88C1-0A841E700180}" = TrayApp
    "{5DD76286-9BE7-4894-A990-E905E91AC818}" = Windows Live Mail
    "{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder
    "{687FEF8A-8597-40b4-832C-297EA3F35817}" = BufferChm
    "{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder
    "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
    "{72AD53CC-CCC0-3757-8480-9EE176866A7C}" = Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - FRA
    "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
    "{770F1BEC-2871-4E70-B837-FB8525FFA3B1}" = Windows Live Messenger
    "{7988ba74-4a27-4685-991a-53f072f22808}" = F2200_Help
    "{80533B67-C407-485D-8B5D-63BB8ED9D878}" = Scan
    "{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}" = Windows Live Call
    "{8A85DEAD-7C1F-4368-881C-72AC74CB2E91}" = UnloadSupport
    "{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
    "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
    "{A0B9F8DF-C949-45ed-9808-7DC5C0C19C81}" = Status
    "{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
    "{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
    "{A5AB9D5E-52E2-440e-A3ED-9512E253C81A}" = SolutionCenter
    "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
    "{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
    "{AB8DD4C1-6237-455E-AF09-86296B3E3EE0}" = Ciel Auto-entrepreneur Facile 1.30
    "{AC76BA86-7AD7-1036-7B44-A92000000001}" = Adobe Reader 9.2 - Français
    "{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
    "{ACCA20B0-C4D1-4BF5-BF21-0A0EB5EF9730}" = REALTEK GbE & FE Ethernet PCI NIC Driver
    "{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
    "{B8DBED1E-8BC3-4d08-B94A-F9D7D88E9BBF}" = HPSSupply
    "{BAD0FA60-09CF-4411-AE6A-C2844C8812FA}" = HP Photosmart Essential 2.5
    "{C084BC61-E537-11DE-8616-005056806466}" = Google Earth
    "{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
    "{c6922d7f-c698-4d9e-9671-8b3de04d1511}" = DJ_AIO_03_F2200_Software_Min
    "{C9BED750-1211-4480-B1A5-718A3BE15525}" = REALTEK GbE & FE Ethernet PCI-E NIC Driver
    "{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
    "{CCB9B81A-167F-4832-B305-D2A0430840B3}" = WebReg
    "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
    "{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.1
    "{D2E0F0CC-6BE0-490b-B08B-9267083E34C9}" = MarketResearch
    "{D77D43B5-ED55-426b-B67B-E21F804F6102}" = HP Deskjet F2200 All-In-One Driver Software 10.0 Rel .3
    "{D99A8E3A-AE5A-4692-8B19-6F16D454E240}" = Destination Component
    "{db18dc72-cd20-4801-be82-f5d2caeec4d7}" = DJ_AIO_03_F2200_Software
    "{DCE8CD14-FBF5-4464-B9A4-E18E473546C7}" = Assistant de connexion Windows Live
    "{E08DC77E-D09A-4e36-8067-D6DBBCC5F8DC}" = VideoToolkit01
    "{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
    "{e97a9fd7-2fa1-4474-820d-3f8893a5b78a}" = F2200
    "{ECA2B21B-A180-4775-B93F-6E404E36A8CC}" = MSRuntime Libraries
    "{eca3039b-e429-420f-bd5e-7dec0683fc32}" = DJ_AIO_03_F2200_ProductContext
    "{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
    "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
    "{F1E63043-54FC-429B-AB2C-31AF9FBA4BC7}" = 32 Bit HP CIO Components Installer
    "{F42CD69D-E393-47c8-B2CD-B139C4ADA9A8}" = Copy
    "{F90D6825-8F1F-4E3A-9E42-A9C8A9DD1033}" = Nero 7 Essentials
    "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
    "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
    "ALUpdate_is1" = ALTools Update
    "ALZip_is1" = ALZip
    "Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
    "CCleaner" = CCleaner (remove only)
    "CDex" = CDex extraction audio
    "ClocX" = ClocX (1.4)
    "Creative VF0420" = Creative Live! Cam Vista IM Driver (1.00.03.0000)
    "Defraggler" = Defraggler (remove only)
    "EVEREST Home Edition_is1" = EVEREST Home Edition v2.20
    "HDMI" = Intel(R) Graphics Media Accelerator Driver
    "HijackThis" = HijackThis 2.0.2
    "HP Imaging Device Functions" = HP Imaging Device Functions 10.0
    "HP Photosmart Essential" = HP Photosmart Essential 2.5
    "HP Smart Web Printing" = HP Smart Web Printing
    "HP Solution Center & Imaging Support Tools" = HP Solution Center 10.0
    "HPExtendedCapabilities" = HP Customer Participation Program 10.0
    "ie8" = Windows Internet Explorer 8
    "InstallShield_{1AA86313-B188-498D-91CF-D017AC5A82A5}" = SolarWinds TFTP Server
    "jv16 PowerTools_is1" = jv16 PowerTools 1.3
    "Keyyo Softphone_is1" = Keyyo Softphone 2.0 release 1105c
    "KeyyoFax" = KeyyoFax 1.0
    "Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
    "Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
    "Microsoft .NET Framework 3.5 Language Pack SP1 - fra" = Module linguistique Microsoft .NET Framework 3.5 SP1- fra
    "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
    "Mozilla Firefox (3.5.6)" = Mozilla Firefox (3.5.6)
    "MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
    "PC Tools Firewall Plus" = PC Tools Firewall Plus 5.0
    "Shop for HP Supplies" = Shop for HP Supplies
    "SpeedTouch 330" = SpeedTouch 330
    "VLC media player" = VLC media player 1.0.1
    "Windows Media Format Runtime" = Windows Media Format 11 runtime
    "Windows Media Player" = Windows Media Player 11
    "Windows XP Service Pack" = Windows XP Service Pack 3
    "WinLiveSuite_Wave3" = Installation Windows Live
    "WMFDist11" = Windows Media Format 11 runtime
    "wmp11" = Windows Media Player 11
    "Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
    "XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0

    [color=#E56717]========== HKEY_CURRENT_USER Uninstall List ==========[/color]

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "cf6c187cd4791543" = e-parcours
    "Google Chrome" = Google Chrome
    "Live Search" = Notification Live Search

    [color=#E56717]========== Last 10 Event Log Errors ==========[/color]

    [ Application Events ]
    Error - 1/1/2010 4:14:34 AM | Computer Name = 7206BD0B | Source = Google Update | ID = 20
    Description =

    Error - 1/1/2010 5:14:34 AM | Computer Name = 7206BD0B | Source = Google Update | ID = 20
    Description =

    Error - 1/1/2010 6:14:34 AM | Computer Name = 7206BD0B | Source = Google Update | ID = 20
    Description =

    Error - 1/2/2010 4:12:05 AM | Computer Name = 7206BD0B | Source = Google Update | ID = 20
    Description =

    Error - 1/2/2010 5:12:05 AM | Computer Name = 7206BD0B | Source = Google Update | ID = 20
    Description =

    Error - 1/2/2010 6:12:30 AM | Computer Name = 7206BD0B | Source = Google Update | ID = 20
    Description =

    Error - 1/2/2010 7:12:15 PM | Computer Name = 7206BD0B | Source = Google Update | ID = 20
    Description =

    Error - 1/2/2010 8:12:14 PM | Computer Name = 7206BD0B | Source = Google Update | ID = 20
    Description =

    Error - 1/2/2010 9:12:39 PM | Computer Name = 7206BD0B | Source = Google Update | ID = 20
    Description =

    Error - 1/2/2010 10:12:39 PM | Computer Name = 7206BD0B | Source = Google Update | ID = 20
    Description =

    [ System Events ]
    Error - 1/3/2010 7:24:55 AM | Computer Name = 7206BD0B | Source = Service Control Manager | ID = 7006
    Description = L'appel ScRegSetValueExW a échoué pour Type avec l'erreur : %%5

    Error - 1/3/2010 7:24:57 AM | Computer Name = 7206BD0B | Source = Service Control Manager | ID = 7006
    Description = L'appel ScRegSetValueExW a échoué pour Type avec l'erreur : %%5

    Error - 1/3/2010 7:25:00 AM | Computer Name = 7206BD0B | Source = Service Control Manager | ID = 7006
    Description = L'appel ScRegSetValueExW a échoué pour Type avec l'erreur : %%5

    Error - 1/3/2010 7:25:03 AM | Computer Name = 7206BD0B | Source = Service Control Manager | ID = 7006
    Description = L'appel ScRegSetValueExW a échoué pour Type avec l'erreur : %%5

    Error - 1/3/2010 7:25:05 AM | Computer Name = 7206BD0B | Source = Service Control Manager | ID = 7006
    Description = L'appel ScRegSetValueExW a échoué pour Type avec l'erreur : %%5

    Error - 1/3/2010 10:44:27 AM | Computer Name = 7206BD0B | Source = ipnathlp | ID = 31012
    Description = L'agent proxy DNS a rencontré une erreur lors de l'obtention de la
    liste locale des serveurs de résolution de noms. Des serveurs DNS ou WINS peuvent
    être inaccessibles aux clients sur le réseau local. La donnée est le code de l'erreur.

    Error - 1/3/2010 10:44:27 AM | Computer Name = 7206BD0B | Source = ipnathlp | ID = 31012
    Description = L'agent proxy DNS a rencontré une erreur lors de l'obtention de la
    liste locale des serveurs de résolution de noms. Des serveurs DNS ou WINS peuvent
    être inaccessibles aux clients sur le réseau local. La donnée est le code de l'erreur.

    Error - 1/3/2010 10:44:27 AM | Computer Name = 7206BD0B | Source = ipnathlp | ID = 31012
    Description = L'agent proxy DNS a rencontré une erreur lors de l'obtention de la
    liste locale des serveurs de résolution de noms. Des serveurs DNS ou WINS peuvent
    être inaccessibles aux clients sur le réseau local. La donnée est le code de l'erreur.

    Error - 1/3/2010 10:44:27 AM | Computer Name = 7206BD0B | Source = ipnathlp | ID = 31012
    Description = L'agent proxy DNS a rencontré une erreur lors de l'obtention de la
    liste locale des serveurs de résolution de noms. Des serveurs DNS ou WINS peuvent
    être inaccessibles aux clients sur le réseau local. La donnée est le code de l'erreur.

    Error - 1/3/2010 1:24:52 PM | Computer Name = 7206BD0B | Source = ipnathlp | ID = 31012
    Description = L'agent proxy DNS a rencontré une erreur lors de l'obtention de la
    liste locale des serveurs de résolution de noms. Des serveurs DNS ou WINS peuvent
    être inaccessibles aux clients sur le réseau local. La donnée est le code de l'erreur.

    < End of report >
    0
Précédent
  • 1
  • 2