wormsseur

Membres

Afficher le profil Afficher son activité

Compteur de contenus
68
Inscription
le 16 juin 2009
Dernière visite
le 23 février 2014

Type de contenu

Toute l’activité

Profils

Forums

Blogs

Tout ce qui a été posté par wormsseur

rootkit sur mon pc detecté mais pas viré

wormsseur a répondu à un(e) sujet de wormsseur dans Analyses et éradication malwares

All processes killed ========== FILES ========== C:\WINDOWS\System32\drivers\etc\hosts.msn moved successfully. ========== OTL ========== C:\Program Files\Mozilla Firefox\plugins\npCouponPrinter.dll moved successfully. Registry key HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Restrictions\ deleted successfully. C:\WINDOWS\System32\CONFIG.TMP deleted successfully. C:\WINDOWS\System32\SET43.tmp deleted successfully. C:\WINDOWS\System32\SET47.tmp deleted successfully. C:\WINDOWS\System32\SET4F.tmp deleted successfully. C:\WINDOWS\System32\SETAC.tmp deleted successfully. C:\WINDOWS\System32\SETAE.tmp deleted successfully. C:\WINDOWS\System32\SETB2.tmp deleted successfully. C:\WINDOWS\System32\SETBA.tmp deleted successfully. C:\WINDOWS\000001_.tmp deleted successfully. C:\WINDOWS\002799_.tmp deleted successfully. C:\WINDOWS\005645_.tmp deleted successfully. C:\WINDOWS\E220AutoRunLog.tmp deleted successfully. C:\WINDOWS\SET3.tmp deleted successfully. C:\WINDOWS\SET4.tmp deleted successfully. C:\WINDOWS\SET8.tmp deleted successfully. C:\Documents and Settings\Propriétaire\Local Settings\Application Data\GLF24.tmp deleted successfully. ========== COMMANDS ========== [EMPTYTEMP] User: All Users User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 67 bytes User: LocalService ->Temp folder emptied: 65748 bytes ->Temporary Internet Files folder emptied: 32902 bytes User: NetworkService ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes User: Propriétaire ->Temp folder emptied: 2575053 bytes ->Temporary Internet Files folder emptied: 11528651 bytes ->Java cache emptied: 0 bytes ->FireFox cache emptied: 113998292 bytes ->Google Chrome cache emptied: 113932735 bytes ->Opera cache emptied: 6281982 bytes ->Flash cache emptied: 8632 bytes User: PropriÚtaire ->Temp folder emptied: 1959705959 bytes %systemdrive% .tmp files removed: 4 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32\dllcache .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 256 bytes %systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes %systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes RecycleBin emptied: 139483348 bytes Total Files Cleaned = 2.239,00 mb [EMPTYFLASH] User: All Users User: Default User User: LocalService User: NetworkService User: Propriétaire ->Flash cache emptied: 0 bytes User: PropriÚtaire Total Flash Files Cleaned = 0,00 mb C:\WINDOWS\System32\drivers\etc\Hosts moved successfully. HOSTS file reset successfully OTL by OldTimer - Version 3.2.20.6 log created on 01302011_135827 Files\Folders moved on Reboot... C:\Documents and Settings\Propriétaire\Local Settings\Temp\~DFFB7E.tmp moved successfully. File move failed. C:\WINDOWS\temp\_avast5_\Webshlock.txt scheduled to be moved on reboot. File\Folder C:\WINDOWS\temp\ZLT01a65.TMP not found! Registry entries deleted on Reboot... et voila ^^ cela a marché?
- le 30 janvier 2011
- 16 réponses
rootkit sur mon pc detecté mais pas viré

wormsseur a répondu à un(e) sujet de wormsseur dans Analyses et éradication malwares

Voici donc les deux rapports comme promis. Ca donne quoi en francais? lol 1er rapport: OTL logfile created on: 28/01/2011 21:02:50 - Run 1 OTL by OldTimer - Version 3.2.20.6 Folder = C:\Documents and Settings\Propriétaire\Bureau Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 0000080C | Country: Belgique | Language: FRB | Date Format: d/MM/yyyy 2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 68,00% Memory free 3,00 Gb Paging File | 3,00 Gb Available in Paging File | 84,00% Paging File free Paging file location(s): C:\pagefile.sys 1536 3072 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 186,30 Gb Total Space | 75,23 Gb Free Space | 40,38% Space Free | Partition Type: NTFS Computer Name: ARNOOO-8B4C1CC6 | User Name: Propriétaire | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Documents and Settings\Propriétaire\Bureau\OTL.exe (OldTimer Tools) PRC - C:\Program Files\Alwil Software\Avast5\AvastUI.exe (AVAST Software) PRC - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (AVAST Software) PRC - C:\Program Files\Mozilla Firefox\plugin-container.exe (Mozilla Corporation) PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) PRC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe (Check Point Software Technologies LTD) PRC - C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe (Check Point Software Technologies LTD) PRC - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe (StarWind Software) PRC - C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe () PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation) PRC - C:\WINDOWS\system32\lxdpcoms.exe ( ) PRC - C:\Program Files\SuperCopier2\SuperCopier2.exe (SFX TEAM) PRC - C:\Program Files\ANYCOM\Blue USB-200-250\BTTray.exe (Broadcom Corporation.) PRC - C:\Program Files\ANYCOM\Blue USB-200-250\BTStackServer.exe (Broadcom Corporation.) PRC - C:\Program Files\ANYCOM\Blue USB-200-250\bin\btwdins.exe (Broadcom Corporation.) PRC - C:\WINDOWS\system32\spool\drivers\w32x86\3\E_FATIACE.EXE (SEIKO EPSON CORPORATION) PRC - C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe (ATI Technologies Inc.) PRC - C:\Program Files\SEC\MagicTune 2.5\GammaTray.exe () PRC - C:\WINDOWS\mixer.exe (C-Media Electronic Inc. (www.cmedia.com.tw)) PRC - C:\WINDOWS\system32\NotifyPhoneBook.exe () PRC - C:\Program Files\SEC\Natural Color\NaturalColorLoad.exe () ========== Modules (SafeList) ========== MOD - C:\Documents and Settings\Propriétaire\Bureau\OTL.exe (OldTimer Tools) MOD - C:\Program Files\Alwil Software\Avast5\snxhk.dll (AVAST Software) MOD - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll (Microsoft Corporation) MOD - C:\Program Files\SuperCopier2\SC2Hook.dll (SFX TEAM) ========== Win32 Services (SafeList) ========== SRV - (AppMgmt) -- File not found SRV - (avast! Antivirus) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (AVAST Software) SRV - (vsmon) -- C:\WINDOWS\System32\ZoneLabs\vsmon.exe (Check Point Software Technologies LTD) SRV - (getPlusHelper) getPlus® -- C:\Program Files\NOS\bin\getPlus_Helper.dll (NOS Microsystems Ltd.) SRV - (StarWindServiceAE) -- C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe (StarWind Software) SRV - (npggsvc) -- C:\WINDOWS\System32\GameMon.des (INCA Internet Co., Ltd.) SRV - (OMSI download service) -- C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe () SRV - (odserv) -- C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\ODSERV.EXE (Microsoft Corporation) SRV - (lxdp_device) -- C:\WINDOWS\System32\lxdpcoms.exe ( ) SRV - (lxdpCATSCustConnectService) -- C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\\lxdpserv.exe () SRV - (ose) -- C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation) SRV - (btwdins) -- C:\Program Files\ANYCOM\Blue USB-200-250\bin\btwdins.exe (Broadcom Corporation.) SRV - (WmcCds) Windows Media Connect (WMC) -- c:\Program Files\Windows Media Connect\mswmccds.exe (Microsoft Corporation) SRV - (WmcCdsLs) Windows Media Connect (WMC) -- C:\Program Files\Windows Media Connect\mswmcls.exe (Microsoft Corporation) ========== Driver Services (SafeList) ========== DRV - (aswSP) -- C:\WINDOWS\System32\drivers\aswSP.sys (AVAST Software) DRV - (aswTdi) -- C:\WINDOWS\System32\drivers\aswTdi.sys (AVAST Software) DRV - (aswMon2) -- C:\WINDOWS\System32\drivers\aswmon2.sys (AVAST Software) DRV - (aswRdr) -- C:\WINDOWS\System32\drivers\aswRdr.sys (AVAST Software) DRV - (Aavmker4) -- C:\WINDOWS\System32\drivers\aavmker4.sys (AVAST Software) DRV - (aswFsBlk) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys (AVAST Software) DRV - (atksgt) -- C:\WINDOWS\system32\drivers\atksgt.sys () DRV - (lirsgt) -- C:\WINDOWS\system32\drivers\lirsgt.sys () DRV - (sptd) -- C:\WINDOWS\System32\Drivers\sptd.sys (Duplex Secure Ltd.) DRV - (vsdatant) -- C:\WINDOWS\system32\vsdatant.sys (Check Point Software Technologies LTD) DRV - (Tcpip6) -- C:\WINDOWS\system32\drivers\tcpip6.sys (Microsoft Corporation) DRV - (s0016unic) Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (WDM) -- C:\WINDOWS\system32\drivers\s0016unic.sys (MCCI Corporation) DRV - (s0016nd5) Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (NDIS) -- C:\WINDOWS\system32\drivers\s0016nd5.sys (MCCI Corporation) DRV - (s0016mdfl) -- C:\WINDOWS\system32\drivers\s0016mdfl.sys (MCCI Corporation) DRV - (s0016mdm) -- C:\WINDOWS\system32\drivers\s0016mdm.sys (MCCI Corporation) DRV - (s0016mgmt) Sony Ericsson Device 0016 USB WMC Device Management Drivers (WDM) -- C:\WINDOWS\system32\drivers\s0016mgmt.sys (MCCI Corporation) DRV - (s0016obex) -- C:\WINDOWS\system32\drivers\s0016obex.sys (MCCI Corporation) DRV - (s0016bus) Sony Ericsson Device 0016 driver (WDM) -- C:\WINDOWS\system32\drivers\s0016bus.sys (MCCI Corporation) DRV - (AtmLane) -- C:\WINDOWS\system32\drivers\atmlane.sys (Microsoft Corporation) DRV - (AtmElan) -- C:\WINDOWS\system32\drivers\atmlane.sys (Microsoft Corporation) DRV - (gameenum) -- C:\WINDOWS\system32\drivers\gameenum.sys (Microsoft Corporation) DRV - (hwdatacard) -- C:\WINDOWS\system32\drivers\ewusbmdm.sys (Huawei Technologies Co., Ltd.) DRV - (AmdK8) -- C:\WINDOWS\system32\drivers\AmdK8.sys (Advanced Micro Devices) DRV - (btaudio) -- C:\WINDOWS\system32\drivers\btaudio.sys (Broadcom Corporation.) DRV - (BTKRNL) -- C:\WINDOWS\system32\drivers\btkrnl.sys (Broadcom Corporation.) DRV - (BTDriver) -- C:\WINDOWS\system32\drivers\btport.sys (Broadcom Corporation.) DRV - (btwmodem) -- C:\WINDOWS\system32\drivers\btwmodem.sys (Broadcom Corporation.) DRV - (BTWUSB) -- C:\WINDOWS\system32\drivers\btwusb.sys (Broadcom Corporation.) DRV - (BTWDNDIS) -- C:\WINDOWS\system32\drivers\btwdndis.sys (Broadcom Corporation.) DRV - (btwhid) -- C:\WINDOWS\system32\drivers\btwhid.sys (Broadcom Corporation.) DRV - (nvatabus) -- C:\WINDOWS\system32\DRIVERS\nvatabus.sys (NVIDIA Corporation) DRV - (ati2mtag) -- C:\WINDOWS\system32\drivers\ati2mtag.sys (ATI Technologies Inc.) DRV - (nvnetbus) -- C:\WINDOWS\system32\drivers\nvnetbus.sys (NVIDIA Corporation) DRV - (NVENETFD) -- C:\WINDOWS\system32\drivers\NVENETFD.sys (NVIDIA Corporation) DRV - (MagicTune) -- C:\WINDOWS\system32\drivers\MTictwl.sys () DRV - (Atmuni) -- C:\WINDOWS\system32\drivers\atmuni.sys (Microsoft Corporation) DRV - (Rawwan) -- C:\WINDOWS\system32\drivers\rawwan.sys (Microsoft Corporation) DRV - (P1131VID) Creative WebCam NX Pro (WDM) -- C:\WINDOWS\system32\drivers\P1131Vid.sys (Creative Technology Ltd.) DRV - (AmeAtmPc) -- C:\WINDOWS\system32\drivers\ameatmpc.sys (Alcatel Microelectronics) DRV - (cmpci) -- C:\WINDOWS\system32\drivers\cmaudio.sys (C-Media Inc) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = MSN : Hotmail, Messenger, Bing, Actualité et Sport IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-1390067357-1614895754-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = MSN : Hotmail, Messenger, Bing, Actualité et Sport IE - HKU\S-1-5-21-1390067357-1614895754-839522115-1003\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Reg Error: Key error. File not found IE - HKU\S-1-5-21-1390067357-1614895754-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "Google" FF - prefs.js..browser.search.order.1: "Web Search" FF - prefs.js..browser.search.selectedEngine: "WikipÃ©dia (fr)" FF - prefs.js..browser.startup.homepage: "http://www.google.be/"'>http://www.google.be/" FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0 FF - prefs.js..extensions.enabledItems: {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}:20100908 FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.9.1 FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:2.1.1.20091029021655 FF - prefs.js..keyword.URL: "http://www.google.com/search?sourceid=navclient&hl=fr&q="'>http://www.google.com/search?sourceid=navclient&hl=fr&q=" FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/01/20 15:36:53 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/12/25 15:30:25 | 000,000,000 | ---D | M] [2010/07/21 19:52:02 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Extensions [2010/07/21 19:52:02 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Extensions\home2@tomtom.com [2011/01/28 14:30:27 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\m3hk9gci.default\extensions [2010/04/27 18:21:52 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\m3hk9gci.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2011/01/03 20:42:04 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\m3hk9gci.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c} [2010/12/10 20:52:41 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\m3hk9gci.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1} [2010/09/09 21:46:07 | 000,000,000 | ---D | M] (WOT) -- C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\m3hk9gci.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2011/01/27 18:19:12 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\m3hk9gci.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781} [2011/01/28 14:30:27 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\PROPRIÃ©TAIRE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\M3HK9GCI.DEFAULT\EXTENSIONS\{20A82645-C095-46ED-80E3-08825760534B} File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\PROPRIÃ©TAIRE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\M3HK9GCI.DEFAULT\EXTENSIONS\{3112CA9C-DE6D-4884-A869-9855DE68056C} File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\PROPRIÃ©TAIRE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\M3HK9GCI.DEFAULT\EXTENSIONS\{635ABD67-4FE9-1B23-4F01-E679FA7484C1} File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\PROPRIÃ©TAIRE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\M3HK9GCI.DEFAULT\EXTENSIONS\{A0D7CCB3-214D-498B-B4AA-0E8FDA9A7BF7} File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\PROPRIÃ©TAIRE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\M3HK9GCI.DEFAULT\EXTENSIONS\{E4A8A97B-F2ED-450B-B12D-EE082BA24781} [2009/09/22 20:53:48 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF [2010/12/22 17:34:29 | 000,086,016 | ---- | M] (Coupons, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npCouponPrinter.dll [2010/12/10 21:03:39 | 000,001,516 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazon-france.xml [2010/12/10 21:03:39 | 000,001,822 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\cnrtl-tlfi-fr.xml [2010/12/10 21:03:39 | 000,000,757 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-france.xml [2009/09/25 04:41:11 | 000,000,748 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\MediaDICO-fr.xml [2010/12/10 21:03:39 | 000,001,426 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-fr.xml [2010/12/10 21:03:39 | 000,000,956 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-france.xml O1 HOSTS File: ([2011/01/25 21:55:27 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found. O2 - BHO: (Aide pour le lien d'Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated) O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found. O2 - BHO: (Programme d'aide de l'Assistant de connexion Windows Live) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) O2 - BHO: (EpsonToolBandKicker Class) - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\epson\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION) O3 - HKLM\..\Toolbar: (EPSON Web-To-Page) - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\epson\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION) O3 - HKU\S-1-5-21-1390067357-1614895754-839522115-1003\..\Toolbar\WebBrowser: (no name) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - No CLSID value found. O3 - HKU\S-1-5-21-1390067357-1614895754-839522115-1003\..\Toolbar\WebBrowser: (EPSON Web-To-Page) - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\epson\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION) O4 - HKLM..\Run: [AME_CSA] C:\WINDOWS\System32\AmeCSA.cpl (Alcatel Microelectronics) O4 - HKLM..\Run: [ATICCC] C:\Program Files\ATI Technologies\ATI.ACE\cli.exe (ATI Technologies Inc.) O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\AvastUI.exe (AVAST Software) O4 - HKLM..\Run: [C-Media Mixer] C:\WINDOWS\mixer.exe (C-Media Electronic Inc. (www.cmedia.com.tw)) O4 - HKLM..\Run: [EPSON Stylus DX3800 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACE.EXE (SEIKO EPSON CORPORATION) O4 - HKLM..\Run: [ZoneAlarm Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe (Check Point Software Technologies LTD) O4 - HKU\.DEFAULT..\Run: [ATICCC] C:\Program Files\ATI Technologies\ATI.ACE\cli.exe (ATI Technologies Inc.) O4 - HKU\S-1-5-18..\Run: [ATICCC] C:\Program Files\ATI Technologies\ATI.ACE\cli.exe (ATI Technologies Inc.) O4 - HKU\S-1-5-21-1390067357-1614895754-839522115-1003..\Run: [superCopier2.exe] C:\Program Files\SuperCopier2\SuperCopier2.exe (SFX TEAM) O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\ATI CATALYST System Tray.lnk = C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe (ATI Technologies Inc.) O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\BTTray.lnk = C:\Program Files\ANYCOM\Blue USB-200-250\BTTray.exe (Broadcom Corporation.) O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Color Calibration.lnk = C:\Program Files\SEC\MagicTune 2.5\GammaTray.exe () O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\NaturalColorLoad.lnk = C:\Program Files\SEC\Natural Color\NaturalColorLoad.exe () O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-1390067357-1614895754-839522115-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-1390067357-1614895754-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKU\S-1-5-21-1390067357-1614895754-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKU\S-1-5-21-1390067357-1614895754-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O8 - Extra context menu item: Envoyer à &Bluetooth - C:\Program Files\ANYCOM\Blue USB-200-250\btsendto_ie_ctx.htm () O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\ANYCOM\Blue USB-200-250\btsendto_ie.htm () O9 - Extra 'Tools' menuitem : @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\ANYCOM\Blue USB-200-250\btsendto_ie.htm () O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} http://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab (QuickTime Plugin Control) O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab (Checkers Class) O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab (Solitaire Showdown Class) O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} http://messenger.zone.msn.com/MessengerGamesContent/GameContent/fr/uno1/GAME_UNO1.cab (UnoCtrl Class) O16 - DPF: {7A0D1738-10EA-47FF-92BE-4E137B5BE1A4} https://mpsnare.iesnare.com/StmOCX.cab (Stm Class) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_19-windows-i586.cab (Java Plug-in 1.6.0_19) O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab (MessengerStatsClient Class) O16 - DPF: {CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_19-windows-i586.cab (Java Plug-in 1.6.0_19) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_19-windows-i586.cab (Java Plug-in 1.6.0_19) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (get_atlcom Class) O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab (Minesweeper Flags Class) O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Fichiers communs\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.) O24 - Desktop Components:0 (Ma page d'accueil) - About:Home O24 - Desktop WallPaper: C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Wallpaper1.bmp O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009/09/22 17:03:14 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = ComFile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* NetSvcs: AppMgmt - File not found NetSvcs: Ias - File not found NetSvcs: Iprip - File not found NetSvcs: Irmon - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: WmdmPmSp - File not found MsConfig - StartUpReg: NeroFilterCheck - hkey= - key= - File not found MsConfig - StartUpReg: SunJavaUpdateSched - hkey= - key= - C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe (Sun Microsystems, Inc.) SafeBootMin: AppMgmt - File not found SafeBootMin: Base - Driver Group SafeBootMin: Boot Bus Extender - Driver Group SafeBootMin: Boot file system - Driver Group SafeBootMin: File system - Driver Group SafeBootMin: Filter - Driver Group SafeBootMin: PCI Configuration - Driver Group SafeBootMin: PNP Filter - Driver Group SafeBootMin: Primary disk - Driver Group SafeBootMin: SCSI Class - Driver Group SafeBootMin: sermouse.sys - Driver SafeBootMin: System Bus Extender - Driver Group SafeBootMin: vds - Service SafeBootMin: vga.sys - Driver SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet: AppMgmt - File not found SafeBootNet: Base - Driver Group SafeBootNet: Boot Bus Extender - Driver Group SafeBootNet: Boot file system - Driver Group SafeBootNet: File system - Driver Group SafeBootNet: Filter - Driver Group SafeBootNet: NDIS Wrapper - Driver Group SafeBootNet: NetBIOSGroup - Driver Group SafeBootNet: NetDDEGroup - Driver Group SafeBootNet: Network - Driver Group SafeBootNet: NetworkProvider - Driver Group SafeBootNet: PCI Configuration - Driver Group SafeBootNet: PNP Filter - Driver Group SafeBootNet: PNP_TDI - Driver Group SafeBootNet: Primary disk - Driver Group SafeBootNet: SCSI Class - Driver Group SafeBootNet: sermouse.sys - Driver SafeBootNet: Streams Drivers - Driver Group SafeBootNet: System Bus Extender - Driver Group SafeBootNet: TDI - Driver Group SafeBootNet: vga.sys - Driver SafeBootNet: vsmon - C:\WINDOWS\System32\ZoneLabs\vsmon.exe (Check Point Software Technologies LTD) SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun) ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Rendu VML (Vector Graphics Rendering) ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4 ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation ActiveX: {2A3320D6-C805-4280-B423-B665BDE33D8F} - Microsoft .NET Framework 1.1 Security Update (KB979906) ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll ActiveX: {2F6EFCE6-10DF-49F9-9E64-9AE3775B2588} - Microsoft .NET Framework 1.1 Security Update (KB2416447) ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Liaison de données Dynamic HTML pour Java ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe ActiveX: {411EDCF7-755D-414E-A74B-3DCD6583F589} - Microsoft .NET Framework 1.1 Service Pack 1 (KB867460) ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Création avancée ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - Classes Java DirectAnimation ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.8 ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access ActiveX: {72AD53CC-CCC0-3757-8480-9EE176866A7C} - .NET Framework ActiveX: {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - Web Folders ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe -BaseSettings ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - c:\WINDOWS\system32\Rundll32.exe c:\WINDOWS\system32\mscories.dll,Install ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding ActiveX: {9A394342-4A68-4EBA-85A6-55B559F4E700} - .NET Framework ActiveX: {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} - .NET Framework ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Planificateur de tâches ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1 ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Adobe Flash Player ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface ActiveX: {EF289A85-8E57-408d-BE47-73B55609861A} - RootsUpdate ActiveX: <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exe ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigIE ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE ActiveX: Microsoft Base Smart Card Crypto Provider Package - Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation) Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS) Drivers32: msacm.lhacm - C:\WINDOWS\System32\lhacm.acm (Microsoft Corporation) Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.) Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.) Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation) Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.) Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll () Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll () Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation) Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation) Drivers32: vidc.VP60 - C:\WINDOWS\system32\vp6vfw.dll (On2.com) Drivers32: vidc.VP61 - C:\WINDOWS\system32\vp6vfw.dll (On2.com) NetSvcs: AppMgmt - File not found NetSvcs: Ias - File not found NetSvcs: Iprip - File not found NetSvcs: Irmon - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: WmdmPmSp - File not found ========== Files/Folders - Created Within 30 Days ========== [2011/01/28 18:56:19 | 000,602,624 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Propriétaire\Bureau\OTL.exe [2011/01/28 13:16:47 | 000,000,000 | ---D | C] -- C:\WINDOWS\LastGood [2011/01/25 22:27:15 | 000,000,000 | -HSD | C] -- C:\RECYCLER [2011/01/25 21:51:16 | 000,000,000 | RHSD | C] -- C:\cmdcons [2011/01/25 21:46:00 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe [2011/01/25 21:46:00 | 000,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe [2011/01/25 21:46:00 | 000,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe [2011/01/25 21:46:00 | 000,031,232 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe [2011/01/25 21:45:53 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT [2011/01/25 21:45:45 | 000,000,000 | ---D | C] -- C:\Qoobox [2011/01/25 21:31:36 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro [2011/01/25 13:01:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Propriétaire\Mes documents\Downloads [2011/01/24 20:34:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Propriétaire\Bureau\new zik [2011/01/20 13:58:29 | 000,000,000 | ---D | C] -- C:\Program Files\Fichiers communs\Skype [2011/01/18 15:09:27 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Propriétaire\Recent [2011/01/04 21:44:27 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft [2011/01/03 20:42:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Google [2011/01/01 21:46:24 | 000,000,000 | ---D | C] -- C:\Program Files\7-Zip [2011/01/01 21:37:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Propriétaire\Local Settings\Application Data\assembly [2011/01/01 21:32:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\assembly [2011/01/01 21:30:23 | 000,197,632 | ---- | C] (Dino Chiesa) -- C:\WINDOWS\System32\Ionic.Zip.Reduced.dll [2011/01/01 16:15:23 | 000,000,000 | ---D | C] -- C:\Program Files\SlySoft [2011/01/01 16:10:29 | 000,000,000 | ---D | C] -- C:\Program Files\RegCleaner [2010/04/22 22:02:34 | 000,438,272 | ---- | C] ( ) -- C:\WINDOWS\System32\LXDPhcp.dll [2010/04/22 22:02:34 | 000,364,544 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdpinpa.dll [2010/04/22 22:02:34 | 000,339,968 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdpiesc.dll [2010/04/22 22:02:33 | 001,101,824 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdpserv.dll [2010/04/22 22:02:33 | 000,843,776 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdpusb1.dll [2010/04/22 22:02:32 | 000,647,168 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdppmui.dll [2010/04/22 22:02:32 | 000,569,344 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdplmpm.dll [2010/04/22 22:02:32 | 000,053,248 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdpprox.dll [2010/04/22 22:02:30 | 000,663,552 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdphbn3.dll [2010/04/22 22:02:28 | 000,851,968 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdpcomc.dll [2010/04/22 22:02:28 | 000,376,832 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdpcomm.dll [2010/03/23 19:47:16 | 000,208,896 | ---- | C] (www.mp3dev.org) -- C:\Program Files\lame_enc.dll [2009/09/22 21:08:23 | 004,300,800 | ---- | C] (Gabest) -- C:\Program Files\mplayerc.exe [8 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [7 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [1 C:\Documents and Settings\Propriétaire\Local Settings\Application Data\*.tmp files -> C:\Documents and Settings\Propriétaire\Local Settings\Application Data\*.tmp -> ] [1 C:\*.tmp files -> C:\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2011/01/28 21:03:47 | 000,000,446 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{193EBDFA-13AF-4DDC-8D6A-C9AFF35C7031}.job [2011/01/28 20:33:00 | 000,001,066 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job [2011/01/28 20:25:23 | 000,174,592 | ---- | M] () -- C:\Documents and Settings\Propriétaire\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011/01/28 18:56:37 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Propriétaire\Bureau\OTL.exe [2011/01/28 15:33:00 | 000,001,062 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job [2011/01/28 11:59:44 | 000,000,445 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.ics [2011/01/28 11:58:42 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2011/01/26 21:06:14 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2011/01/26 21:04:41 | 000,000,072 | ---- | M] () -- C:\Documents and Settings\Propriétaire\defogger_reenable [2011/01/25 21:55:27 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.msn [2011/01/25 21:55:27 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts [2011/01/25 21:51:20 | 000,000,344 | RHS- | M] () -- C:\boot.ini [2011/01/25 19:43:38 | 000,002,265 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Skype.lnk [2011/01/20 18:47:44 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini [2011/01/16 00:12:38 | 000,003,121 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT [2011/01/15 12:15:58 | 000,002,337 | ---- | M] () -- C:\Documents and Settings\Propriétaire\Bureau\Google Chrome.lnk [2011/01/15 12:15:58 | 000,002,315 | ---- | M] () -- C:\Documents and Settings\Propriétaire\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk [2011/01/13 09:47:35 | 000,038,848 | ---- | M] (AVAST Software) -- C:\WINDOWS\avastSS.scr [2011/01/13 09:47:32 | 000,188,216 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe [2011/01/13 09:41:16 | 000,294,608 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys [2011/01/13 09:40:16 | 000,047,440 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys [2011/01/13 09:40:04 | 000,100,176 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys [2011/01/13 09:39:50 | 000,094,544 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys [2011/01/13 09:37:30 | 000,023,632 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys [2011/01/13 09:37:11 | 000,029,392 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys [2011/01/13 09:37:09 | 000,017,744 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys [2011/01/12 22:25:55 | 000,281,760 | ---- | M] () -- C:\WINDOWS\System32\drivers\atksgt.sys [2011/01/12 22:25:55 | 000,025,888 | ---- | M] () -- C:\WINDOWS\System32\drivers\lirsgt.sys [2011/01/10 19:21:17 | 000,001,628 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Allods Online.lnk [2011/01/01 23:21:46 | 000,000,110 | ---- | M] () -- C:\Documents and Settings\Propriétaire\Mes documents\ax_files.xml [2011/01/01 20:36:55 | 000,000,041 | -HS- | M] () -- C:\Documents and Settings\All Users\Application Data\.zreglib [2010/12/30 19:34:33 | 000,000,827 | ---- | M] () -- C:\Documents and Settings\Propriétaire\Bureau\Raccourci vers Comptes 2011.lnk [8 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [7 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [1 C:\Documents and Settings\Propriétaire\Local Settings\Application Data\*.tmp files -> C:\Documents and Settings\Propriétaire\Local Settings\Application Data\*.tmp -> ] [1 C:\*.tmp files -> C:\*.tmp -> ] ========== Files Created - No Company Name ========== [2011/01/26 21:04:36 | 000,000,072 | ---- | C] () -- C:\Documents and Settings\Propriétaire\defogger_reenable [2011/01/25 21:51:20 | 000,000,228 | ---- | C] () -- C:\Boot.bak [2011/01/25 21:51:16 | 000,263,488 | RHS- | C] () -- C:\cmldr [2011/01/25 21:46:00 | 000,256,512 | ---- | C] () -- C:\WINDOWS\PEV.exe [2011/01/25 21:46:00 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe [2011/01/25 21:46:00 | 000,089,088 | ---- | C] () -- C:\WINDOWS\MBR.exe [2011/01/25 21:46:00 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe [2011/01/25 21:46:00 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe [2011/01/12 22:25:55 | 000,281,760 | ---- | C] () -- C:\WINDOWS\System32\drivers\atksgt.sys [2011/01/12 22:25:55 | 000,025,888 | ---- | C] () -- C:\WINDOWS\System32\drivers\lirsgt.sys [2011/01/10 19:21:17 | 000,001,628 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Allods Online.lnk [2011/01/01 20:36:55 | 000,000,041 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\.zreglib [2010/12/30 19:34:33 | 000,000,827 | ---- | C] () -- C:\Documents and Settings\Propriétaire\Bureau\Raccourci vers Comptes 2011.lnk [2010/12/22 17:34:28 | 000,000,031 | -H-- | C] () -- C:\WINDOWS\UKCpInfo.sys [2010/09/06 19:59:45 | 000,000,000 | ---- | C] () -- C:\WINDOWS\mngui.INI [2010/08/20 16:42:25 | 000,000,385 | ---- | C] () -- C:\WINDOWS\ODBC.INI [2010/07/14 00:30:20 | 000,000,018 | ---- | C] () -- C:\WINDOWS\avi2divx.INI [2010/04/22 22:03:49 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\lxdpvs.dll [2010/04/22 22:03:40 | 000,348,160 | ---- | C] () -- C:\WINDOWS\System32\lxdpcoin.dll [2010/04/22 22:02:45 | 000,000,044 | ---- | C] () -- C:\WINDOWS\System32\lxdprwrd.ini [2010/04/22 22:02:34 | 000,348,160 | ---- | C] () -- C:\WINDOWS\System32\LXDPinst.dll [2010/04/22 22:02:29 | 000,208,896 | ---- | C] () -- C:\WINDOWS\System32\lxdpgrd.dll [2010/04/22 19:10:14 | 000,000,035 | ---- | C] () -- C:\WINDOWS\A5W.INI [2010/04/04 20:39:49 | 000,000,000 | ---- | C] () -- C:\WINDOWS\Irremote.ini [2010/03/28 19:50:34 | 000,000,137 | ---- | C] () -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\fusioncache.dat [2010/02/24 20:58:47 | 000,000,122 | ---- | C] () -- C:\Documents and Settings\Propriétaire\Application Data\AVSMediaPlayer.m3u [2010/01/25 22:33:31 | 000,000,041 | ---- | C] () -- C:\WINDOWS\Filzip.ini [2010/01/03 21:03:05 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini [2009/12/09 22:03:43 | 000,000,145 | ---- | C] () -- C:\WINDOWS\NAVIGMA.INI [2009/11/09 15:45:00 | 000,323,584 | ---- | C] () -- C:\WINDOWS\System32\MultLang.dll [2009/11/09 15:45:00 | 000,004,408 | ---- | C] () -- C:\WINDOWS\System32\FileList.ini [2009/11/09 15:45:00 | 000,003,059 | ---- | C] () -- C:\WINDOWS\System32\AmeCfg.ini [2009/11/09 15:45:00 | 000,000,312 | ---- | C] () -- C:\WINDOWS\System32\Gains.ini [2009/11/09 15:44:59 | 000,000,101 | ---- | C] () -- C:\WINDOWS\System32\WipCfg.ini [2009/10/12 21:59:33 | 000,174,592 | ---- | C] () -- C:\Documents and Settings\Propriétaire\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2009/09/30 17:55:48 | 000,065,864 | ---- | C] () -- C:\WINDOWS\System32\Digita.sys [2009/09/30 17:55:48 | 000,006,144 | ---- | C] () -- C:\WINDOWS\System32\ImgLibLead.dll [2009/09/30 17:55:47 | 000,100,864 | ---- | C] () -- C:\WINDOWS\System32\Dc50ip32.dll [2009/09/30 17:55:47 | 000,007,808 | ---- | C] () -- C:\WINDOWS\System32\dc240u.sys [2009/09/30 17:55:41 | 000,210,944 | ---- | C] () -- C:\WINDOWS\System32\MSVCRT10.DLL [2009/09/25 19:53:09 | 000,000,571 | ---- | C] () -- C:\WINDOWS\System32\FeMakro.ini [2009/09/25 19:53:09 | 000,000,497 | ---- | C] () -- C:\WINDOWS\System32\FeAnim.ini [2009/09/22 19:15:31 | 000,000,099 | ---- | C] () -- C:\WINDOWS\System32\PICSDK.ini [2009/09/22 19:14:18 | 000,000,025 | ---- | C] () -- C:\WINDOWS\CDE DX3800EFGIPSD.ini [2009/09/22 18:53:57 | 000,004,205 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI [2009/09/22 18:45:56 | 000,000,025 | ---- | C] () -- C:\WINDOWS\mixerdef.ini [2009/09/22 17:57:42 | 000,000,135 | ---- | C] () -- C:\Documents and Settings\Propriétaire\Local Settings\Application Data\fusioncache.dat [2009/09/22 17:27:36 | 000,025,294 | ---- | C] () -- C:\WINDOWS\System32\drivers\MTictwl.sys [2009/09/22 17:23:24 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\Gif89.dll [2008/10/07 08:13:30 | 000,197,912 | ---- | C] () -- C:\WINDOWS\System32\physxcudart_20.dll [2008/10/07 08:13:22 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll [2008/10/07 08:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll [2008/10/07 08:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll [2008/10/07 08:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll [2008/10/07 08:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll [2008/10/07 08:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll [2008/10/07 08:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll [2008/10/07 08:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll [2008/10/07 08:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll [2008/05/26 21:23:32 | 000,016,698 | ---- | C] () -- C:\WINDOWS\System32\gthrctr.ini [2008/05/26 21:23:30 | 000,021,596 | ---- | C] () -- C:\WINDOWS\System32\idxcntrs.ini [2008/05/26 21:23:28 | 000,016,036 | ---- | C] () -- C:\WINDOWS\System32\gsrvctr.ini [2005/09/06 14:42:34 | 000,090,112 | ---- | C] () -- C:\WINDOWS\System32\btprn2k.dll [2004/08/05 13:00:00 | 000,014,336 | ---- | C] () -- C:\WINDOWS\System32\msdmo(2).dll [2001/11/14 12:56:00 | 001,802,240 | ---- | C] () -- C:\WINDOWS\System32\lcppn21.dll ========== LOP Check ========== [2010/06/09 22:01:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AlawarWrapper [2010/06/16 18:57:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Alwil Software [2010/09/06 20:16:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\BVRP Software [2009/09/25 16:33:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MailFrontier [2010/06/27 22:49:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Nexon [2010/06/02 20:21:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Drivers HeadQuarters [2010/08/08 12:22:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP [2010/07/21 19:53:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TomTom [2009/09/22 19:17:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\UDL [2010/12/10 21:08:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WinZip [2010/12/10 14:17:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Propriétaire\Application Data\.purple [2010/07/05 23:10:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Propriétaire\Application Data\Astro Gemini Software [2010/11/06 20:02:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Propriétaire\Application Data\CheckPoint [2010/12/09 23:11:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Propriétaire\Application Data\enchant [2009/09/23 16:27:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Propriétaire\Application Data\EPSON [2010/06/14 19:01:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Propriétaire\Application Data\Facebook [2010/12/09 23:13:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Propriétaire\Application Data\gtk-2.0 [2009/09/22 19:09:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Propriétaire\Application Data\InterTrust [2010/12/10 19:05:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Propriétaire\Application Data\Miranda [2010/10/22 16:54:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Propriétaire\Application Data\OneSwarm [2009/09/22 20:56:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Propriétaire\Application Data\OpenOffice.org [2010/11/16 19:14:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Propriétaire\Application Data\SystemRequirementsLab [2010/03/25 17:36:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Propriétaire\Application Data\TeamViewer [2010/09/06 19:47:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Propriétaire\Application Data\Teleca [2009/10/25 13:09:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Propriétaire\Application Data\The Creative Assembly [2010/07/21 19:51:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Propriétaire\Application Data\TomTom [2010/12/26 22:52:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Propriétaire\Application Data\TS3Client [2009/09/27 16:45:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Propriétaire\Application Data\Windows Desktop Search [2009/09/28 21:13:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Propriétaire\Application Data\Windows Search [2011/01/23 23:57:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Propriétaire\Application Data\XnView [2011/01/28 21:03:47 | 000,000,446 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{193EBDFA-13AF-4DDC-8D6A-C9AFF35C7031}.job ========== Purity Check ========== ========== Custom Scans ========== < %SYSTEMDRIVE%\spdt.* /s > < %systemroot%\system32\drivers\*.sys /lockedfiles > < %ALLUSERSPROFILE%\Application Data\*. > [2010/10/06 17:07:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Adobe [2009/09/22 18:49:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ahead [2010/06/09 22:01:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AlawarWrapper [2010/06/16 18:57:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Alwil Software [2010/02/24 20:56:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVS4YOU [2010/09/06 20:16:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\BVRP Software [2011/01/02 21:12:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ESTsoft [2011/01/03 20:42:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Google [2009/09/25 16:33:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MailFrontier [2009/09/22 21:13:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes [2011/01/12 22:23:57 | 000,000,000 | --SD | M] -- C:\Documents and Settings\All Users\Application Data\Microsoft [2011/01/12 18:22:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Microsoft Help [2010/04/04 20:41:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Nero [2010/06/27 22:49:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Nexon [2010/02/09 22:57:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NOS [2010/06/02 20:21:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Drivers HeadQuarters [2011/01/20 13:58:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Skype [2010/09/06 20:14:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sony Ericsson [2010/03/30 23:35:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sun [2010/08/08 12:22:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP [2010/07/21 19:53:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TomTom [2009/09/22 19:17:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\UDL [2009/09/22 23:18:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage [2010/12/10 21:08:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WinZip [2009/10/19 20:21:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WLInstaller [2010/12/13 15:53:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Yahoo! < %ALLUSERSPROFILE%\Application Data\*.exe /s > [2010/10/07 06:43:28 | 000,365,912 | ---- | M] (ESTsoft Corp.) -- C:\Documents and Settings\All Users\Application Data\ESTsoft\ALAuth\AuthSerialReg.exe [2010/04/27 05:20:44 | 000,374,104 | ---- | M] (ESTsoft corp.) -- C:\Documents and Settings\All Users\Application Data\ESTsoft\ALCM\ALCMUpdate.exe [2011/01/01 22:07:44 | 007,734,208 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\mbam-setup.exe [2010/09/01 07:53:54 | 001,861,000 | ---- | M] (Nexon Corp.) -- C:\Documents and Settings\All Users\Application Data\Nexon\Common\NMService.exe < %APPDATA%\*. > [2010/12/10 14:17:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Propriétaire\Application Data\.purple [2009/09/24 17:34:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Propriétaire\Application Data\Adobe [2010/07/05 23:10:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Propriétaire\Application Data\Astro Gemini Software [2009/09/22 17:57:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Propriétaire\Application Data\ATI [2010/11/06 20:02:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Propriétaire\Application Data\CheckPoint [2009/09/22 19:12:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Propriétaire\Application Data\Creative [2011/01/28 20:01:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Propriétaire\Application Data\dvdcss [2010/12/09 23:11:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Propriétaire\Application Data\enchant [2009/09/23 16:27:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Propriétaire\Application Data\EPSON [2011/01/02 21:12:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Propriétaire\Application Data\ESTsoft [2010/06/14 19:01:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Propriétaire\Application Data\Facebook [2010/08/06 15:22:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Propriétaire\Application Data\Google [2010/12/09 23:13:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Propriétaire\Application Data\gtk-2.0 [2010/04/29 18:23:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Propriétaire\Application Data\Help [2009/09/22 17:06:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Propriétaire\Application Data\Identities [2009/09/22 19:09:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Propriétaire\Application Data\InterTrust [2009/09/22 21:50:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Propriétaire\Application Data\Lavasoft [2009/09/22 22:10:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Propriétaire\Application Data\Macromedia [2009/09/22 21:13:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Propriétaire\Application Data\Malwarebytes [2010/06/09 21:34:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Propriétaire\Application Data\Media Player Classic [2010/08/26 11:48:32 | 000,000,000 | --SD | M] -- C:\Documents and Settings\Propriétaire\Application Data\Microsoft [2010/12/10 19:05:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Propriétaire\Application Data\Miranda [2010/11/06 21:06:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Propriétaire\Application Data\Mozilla [2010/01/03 19:14:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Propriétaire\Application Data\Nero [2010/10/22 16:54:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Propriétaire\Application Data\OneSwarm [2009/09/22 20:56:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Propriétaire\Application Data\OpenOffice.org [2010/12/09 23:08:08 | 000,000,000 | RH-D | M] -- C:\Documents and Settings\Propriétaire\Application Data\SecuROM [2011/01/26 23:34:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Propriétaire\Application Data\Skype [2011/01/26 23:16:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Propriétaire\Application Data\skypePM [2010/09/06 19:45:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Propriétaire\Application Data\Sony Ericsson [2009/09/22 20:53:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Propriétaire\Application Data\Sun [2010/11/16 19:14:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Propriétaire\Application Data\SystemRequirementsLab [2009/10/12 19:06:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Propriétaire\Application Data\teamspeak2 [2010/03/25 17:36:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Propriétaire\Application Data\TeamViewer [2010/09/06 19:47:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Propriétaire\Application Data\Teleca [2009/10/25 13:09:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Propriétaire\Application Data\The Creative Assembly [2010/07/21 19:51:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Propriétaire\Application Data\TomTom [2010/12/26 22:52:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Propriétaire\Application Data\TS3Client [2011/01/28 20:52:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Propriétaire\Application Data\vlc [2009/09/27 16:45:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Propriétaire\Application Data\Windows Desktop Search [2009/09/28 21:13:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Propriétaire\Application Data\Windows Search [2010/08/20 17:08:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Propriétaire\Application Data\WinRAR [2011/01/23 23:57:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Propriétaire\Application Data\XnView [2010/12/13 15:50:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Propriétaire\Application Data\Yahoo! < %APPDATA%\*.exe /s > [2010/06/14 19:01:59 | 000,050,354 | ---- | M] (Facebook, Inc.) -- C:\Documents and Settings\Propriétaire\Application Data\Facebook\uninstall.exe [2010/04/22 19:16:23 | 000,002,238 | R--- | M] () -- C:\Documents and Settings\Propriétaire\Application Data\Microsoft\Installer\{9BBE1474-DA14-4309-AD6E-75673873EB5D}\wwicon.exe [2010/04/28 18:36:46 | 000,004,710 | R--- | M] () -- C:\Documents and Settings\Propriétaire\Application Data\Microsoft\Installer\{F93F0793-AE93-4C61-8F46-CD5A0C3A9038}\ARPPRODUCTICON.exe [2010/04/28 18:36:46 | 000,065,536 | R--- | M] (InstallShield Software Corp.) -- C:\Documents and Settings\Propriétaire\Application Data\Microsoft\Installer\{F93F0793-AE93-4C61-8F46-CD5A0C3A9038}\FlexiPoints.exe1_F93F0793AE934C618F46CD5A0C3A9038.exe [2010/04/28 18:36:46 | 000,065,536 | R--- | M] (InstallShield Software Corp.) -- C:\Documents and Settings\Propriétaire\Application Data\Microsoft\Installer\{F93F0793-AE93-4C61-8F46-CD5A0C3A9038}\FlexiPoints.exe_F93F0793AE934C618F46CD5A0C3A9038.exe [2010/04/28 18:36:46 | 000,008,854 | R--- | M] () -- C:\Documents and Settings\Propriétaire\Application Data\Microsoft\Installer\{F93F0793-AE93-4C61-8F46-CD5A0C3A9038}\UNINST_Deinstalliere_F93F0793AE934C618F46CD5A0C3A9038.exe < %SYSTEMDRIVE%\*.exe > < %SYSTEMDRIVE%\*.exe > < MD5 for: AGP440.SYS > [2009/09/23 00:03:54 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\$NtServicePackUninstall$\sp3.cab:AGP440.sys [2004/08/19 15:20:54 | 018,782,711 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys [2009/09/23 00:03:54 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys [2004/08/19 15:20:54 | 018,782,711 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:AGP440.sys [2009/09/23 00:03:54 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys [2008/04/13 19:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys [2008/04/13 19:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys [2004/08/03 22:07:42 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\WINDOWS\$NtServicePackUninstall$\agp440.sys < MD5 for: ATAPI.SYS > [2009/09/23 00:03:54 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\$NtServicePackUninstall$\sp3.cab:atapi.sys [2004/08/19 15:20:54 | 018,782,711 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys [2009/09/23 00:03:54 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys [2004/08/19 15:20:54 | 018,782,711 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:atapi.sys [2009/09/23 00:03:54 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys [2008/04/13 19:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys [2008/04/13 19:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys [2004/08/05 13:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys [2004/08/05 13:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0002\DriverFiles\i386\atapi.sys [2004/08/05 13:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0003\DriverFiles\i386\atapi.sys [2004/08/05 13:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0004\DriverFiles\i386\atapi.sys < MD5 for: CDROM.SYS > [2009/09/23 00:03:54 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\$NtServicePackUninstall$\sp3.cab:cdrom.sys [2004/08/19 15:20:54 | 018,782,711 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys [2009/09/23 00:03:54 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys [2004/08/19 15:20:54 | 018,782,711 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:cdrom.sys [2009/09/23 00:03:54 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:cdrom.sys [2008/04/13 19:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\ServicePackFiles\i386\cdrom.sys [2008/04/13 19:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys [2004/08/05 13:00:00 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\$NtServicePackUninstall$\cdrom.sys < MD5 for: CHANGER.SYS > [2009/09/23 00:03:54 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\$NtServicePackUninstall$\sp3.cab:Changer.sys [2004/08/19 15:20:54 | 018,782,711 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:Changer.sys [2009/09/23 00:03:54 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:Changer.sys [2004/08/19 15:20:54 | 018,782,711 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:Changer.sys [2009/09/23 00:03:54 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:Changer.sys [2008/04/13 19:40:58 | 000,008,192 | ---- | M] (Microsoft Corporation) MD5=2A5815CA6FFF24B688C01F828B96819C -- C:\WINDOWS\ServicePackFiles\i386\changer.sys [2004/08/03 22:00:14 | 000,008,192 | ---- | M] (Microsoft Corporation) MD5=DAF1A8193B6CAF0FB858CADCC5C4AF4A -- C:\WINDOWS\$NtServicePackUninstall$\changer.sys < MD5 for: DISK.SYS > [2009/09/23 00:03:54 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\$NtServicePackUninstall$\sp3.cab:disk.sys [2004/08/19 15:20:54 | 018,782,711 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:disk.sys [2009/09/23 00:03:54 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:disk.sys [2004/08/19 15:20:54 | 018,782,711 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:disk.sys [2009/09/23 00:03:54 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:disk.sys [2004/08/05 13:00:00 | 000,036,352 | ---- | M] (Microsoft Corporation) MD5=00CA44E4534865F8A3B64F7C0984BFF0 -- C:\WINDOWS\$NtServicePackUninstall$\disk.sys [2008/04/13 19:40:47 | 000,036,352 | ---- | M] (Microsoft Corporation) MD5=044452051F3E02E7963599FC8F4F3E25 -- C:\WINDOWS\ServicePackFiles\i386\disk.sys [2008/04/13 19:40:47 | 000,036,352 | ---- | M] (Microsoft Corporation) MD5=044452051F3E02E7963599FC8F4F3E25 -- C:\WINDOWS\system32\drivers\disk.sys < MD5 for: EVENTLOG.DLL > [2004/08/19 15:09:26 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=49B1376885340BF9EA0D99F71557B59A -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll [2008/04/14 03:33:24 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=4EC800BDF80521B0207BD2301DFC7D14 -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll [2008/04/14 03:33:24 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=4EC800BDF80521B0207BD2301DFC7D14 -- C:\WINDOWS\system32\eventlog.dll < MD5 for: EXPLORER.EXE > [2004/08/19 15:09:54 | 001,036,288 | ---- | M] (Microsoft Corporation) MD5=2A7BD330924252A2FD80344FC949BB72 -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe [2008/04/14 03:34:03 | 001,037,824 | ---- | M] (Microsoft Corporation) MD5=F2317622D29F9FF0F88AEECD5F60F0DD -- C:\WINDOWS\explorer.exe [2008/04/14 03:34:03 | 001,037,824 | ---- | M] (Microsoft Corporation) MD5=F2317622D29F9FF0F88AEECD5F60F0DD -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe < MD5 for: NDIS.SYS > [2008/04/13 20:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\ServicePackFiles\i386\ndis.sys [2008/04/13 20:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys [2004/08/05 13:00:00 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\$NtServicePackUninstall$\ndis.sys < MD5 for: NETLOGON.DLL > [2008/04/14 03:33:34 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=04821179C3171554C1BD1F9888A113E2 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll [2008/04/14 03:33:34 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=04821179C3171554C1BD1F9888A113E2 -- C:\WINDOWS\system32\netlogon.dll [2004/08/19 15:09:38 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=D4CFAC76926C24E32B7F25A35C31BC6E -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll < MD5 for: NVATABUS.SYS > [2004/12/07 09:15:54 | 000,087,936 | R--- | M] (NVIDIA Corporation) MD5=E4F1F95A6BBBFBBFF9A713C6063AA2CB -- C:\WINDOWS\system32\drivers\nvatabus.sys < MD5 for: RASACD.SYS > [2004/08/05 13:00:00 | 000,008,832 | ---- | M] (Microsoft Corporation) MD5=FE0D99D6F31E4FAD8159F690D68DED9C -- C:\WINDOWS\system32\dllcache\rasacd.sys [2004/08/05 13:00:00 | 000,008,832 | ---- | M] (Microsoft Corporation) MD5=FE0D99D6F31E4FAD8159F690D68DED9C -- C:\WINDOWS\system32\drivers\rasacd.sys < MD5 for: RDPWD.SYS > [2008/04/14 03:34:54 | 000,139,656 | ---- | M] (Microsoft Corporation) MD5=6728E45B66F93C08F11DE2E316FC70DD -- C:\WINDOWS\ServicePackFiles\i386\rdpwd.sys [2008/04/14 03:34:54 | 000,139,656 | ---- | M] (Microsoft Corporation) MD5=6728E45B66F93C08F11DE2E316FC70DD -- C:\WINDOWS\system32\drivers\rdpwd.sys [2004/08/05 13:00:00 | 000,139,400 | ---- | M] (Microsoft Corporation) MD5=D4F5643D7714EF499AE9527FDCD50894 -- C:\WINDOWS\$NtServicePackUninstall$\rdpwd.sys < MD5 for: SCECLI.DLL > [2004/08/19 15:09:40 | 000,186,368 | ---- | M] (Microsoft Corporation) MD5=58D439F6EF73A2D9288B204E819F4BBD -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll [2008/04/14 03:33:40 | 000,187,392 | ---- | M] (Microsoft Corporation) MD5=973B36634C544948C663E8269AA1B3A3 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll [2008/04/14 03:33:40 | 000,187,392 | ---- | M] (Microsoft Corporation) MD5=973B36634C544948C663E8269AA1B3A3 -- C:\WINDOWS\system32\scecli.dll < MD5 for: SFLOPPY.SYS > [2009/09/23 00:03:54 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\$NtServicePackUninstall$\sp3.cab:Sfloppy.sys [2004/08/19 15:20:54 | 018,782,711 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:Sfloppy.sys [2009/09/23 00:03:54 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:Sfloppy.sys [2004/08/19 15:20:54 | 018,782,711 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:Sfloppy.sys [2009/09/23 00:03:54 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:Sfloppy.sys [2004/08/05 13:00:00 | 000,011,392 | ---- | M] (Microsoft Corporation) MD5=0D13B6DF6E9E101013A7AFB0CE629FE0 -- C:\WINDOWS\$NtServicePackUninstall$\sfloppy.sys [2008/04/13 19:40:48 | 000,011,392 | ---- | M] (Microsoft Corporation) MD5=8E6B8C671615D126FDC553D1E2DE5562 -- C:\WINDOWS\ServicePackFiles\i386\sfloppy.sys [2008/04/13 19:40:48 | 000,011,392 | ---- | M] (Microsoft Corporation) MD5=8E6B8C671615D126FDC553D1E2DE5562 -- C:\WINDOWS\system32\drivers\sfloppy.sys < MD5 for: SPLITTER.SYS > [2009/09/23 00:03:54 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\$NtServicePackUninstall$\sp3.cab:splitter.sys [2004/08/19 15:20:54 | 018,782,711 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:splitter.sys [2009/09/23 00:03:54 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:splitter.sys [2004/08/19 15:20:54 | 018,782,711 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:splitter.sys [2009/09/23 00:03:54 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:splitter.sys [2004/08/03 22:07:48 | 000,006,400 | ---- | M] (Microsoft Corporation) MD5=8E186B8F23295D1E42C573B82B80D548 -- C:\WINDOWS\$NtServicePackUninstall$\splitter.sys [2008/04/13 19:45:07 | 000,006,272 | ---- | M] (Microsoft Corporation) MD5=AB8B92451ECB048A4D1DE7C3FFCB4A9F -- C:\WINDOWS\ServicePackFiles\i386\splitter.sys [2008/04/13 19:45:07 | 000,006,272 | ---- | M] (Microsoft Corporation) MD5=AB8B92451ECB048A4D1DE7C3FFCB4A9F -- C:\WINDOWS\system32\drivers\splitter.sys < MD5 for: SWMIDI.SYS > [2009/09/23 00:03:54 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\$NtServicePackUninstall$\sp3.cab:swmidi.sys [2009/09/23 00:03:54 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:swmidi.sys [2009/09/23 00:03:54 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:swmidi.sys [2008/04/13 19:45:09 | 000,056,576 | ---- | M] (Microsoft Corporation) MD5=8CE882BCC6CF8A62F2B2323D95CB3D01 -- C:\WINDOWS\ServicePackFiles\i386\swmidi.sys [2008/04/13 19:45:09 | 000,056,576 | ---- | M] (Microsoft Corporation) MD5=8CE882BCC6CF8A62F2B2323D95CB3D01 -- C:\WINDOWS\system32\drivers\swmidi.sys [2001/08/17 21:00:52 | 000,054,272 | ---- | M] (Microsoft Corporation) MD5=94ABC808FC4B6D7D2BBF42B85E25BB4D -- C:\WINDOWS\$NtServicePackUninstall$\swmidi.sys < MD5 for: TCPIP.SYS > [2008/06/20 11:45:13 | 000,360,320 | ---- | M] (Microsoft Corporation) MD5=2A5554FC5B1E04E131230E3CE035C3F9 -- C:\WINDOWS\$NtServicePackUninstall$\tcpip.sys [2008/06/20 12:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=4AFB3B0919649F95C1964AA1FAD27D73 -- C:\WINDOWS\system32\drivers\tcpip.sys [2008/06/20 11:44:42 | 000,360,960 | ---- | M] (Microsoft Corporation) MD5=744E57C99232201AE98C49168B918F48 -- C:\WINDOWS\$hf_mig$\KB951748\SP2QFE\tcpip.sys [2008/04/13 20:20:16 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\$NtUninstallKB951748$\tcpip.sys [2008/04/13 20:20:16 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\ServicePackFiles\i386\tcpip.sys [2008/06/20 12:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\$hf_mig$\KB951748\SP3GDR\tcpip.sys [2008/06/20 12:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\dllcache\tcpip.sys [2004/08/05 13:00:00 | 000,359,040 | ---- | M] (Microsoft Corporation) MD5=9F4B36614A0FC234525BA224957DE55C -- C:\WINDOWS\$NtUninstallKB951748_0$\tcpip.sys [2008/06/20 12:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip.sys < MD5 for: TDPIPE.SYS > [2004/08/05 13:00:00 | 000,012,040 | ---- | M] (Microsoft Corporation) MD5=38D437CF2D98965F239B0ABCD66DCB0F -- C:\WINDOWS\$NtServicePackUninstall$\tdpipe.sys [2008/04/14 03:34:52 | 000,012,040 | ---- | M] (Microsoft Corporation) MD5=6471A66807F5E104E4885F5B67349397 -- C:\WINDOWS\ServicePackFiles\i386\tdpipe.sys [2008/04/14 03:34:52 | 000,012,040 | ---- | M] (Microsoft Corporation) MD5=6471A66807F5E104E4885F5B67349397 -- C:\WINDOWS\system32\drivers\tdpipe.sys < MD5 for: TDTCP.SYS > [2008/04/14 03:34:53 | 000,021,896 | ---- | M] (Microsoft Corporation) MD5=C56B6D0402371CF3700EB322EF3AAF61 -- C:\WINDOWS\ServicePackFiles\i386\tdtcp.sys [2008/04/14 03:34:53 | 000,021,896 | ---- | M] (Microsoft Corporation) MD5=C56B6D0402371CF3700EB322EF3AAF61 -- C:\WINDOWS\system32\drivers\tdtcp.sys [2004/08/05 13:00:00 | 000,021,896 | ---- | M] (Microsoft Corporation) MD5=ED0580AF02502D00AD8C4C066B156BE9 -- C:\WINDOWS\$NtServicePackUninstall$\tdtcp.sys < MD5 for: USBPRINT.SYS > [2009/09/23 00:03:54 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\$NtServicePackUninstall$\sp3.cab:usbprint.sys [2004/08/19 15:20:54 | 018,782,711 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:usbprint.sys [2009/09/23 00:03:54 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:usbprint.sys [2004/08/19 15:20:54 | 018,782,711 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:usbprint.sys [2009/09/23 00:03:54 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:usbprint.sys [2004/08/03 22:01:26 | 000,025,856 | ---- | M] (Microsoft Corporation) MD5=A42369B7CD8886CD7C70F33DA6FCBCF5 -- C:\WINDOWS\$NtServicePackUninstall$\usbprint.sys [2008/04/13 19:47:37 | 000,025,856 | ---- | M] (Microsoft Corporation) MD5=A717C8721046828520C9EDF31288FC00 -- C:\WINDOWS\ServicePackFiles\i386\usbprint.sys [2008/04/13 19:47:37 | 000,025,856 | ---- | M] (Microsoft Corporation) MD5=A717C8721046828520C9EDF31288FC00 -- C:\WINDOWS\system32\drivers\usbprint.sys < MD5 for: USBSCAN.SYS > [2009/09/23 00:03:54 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\$NtServicePackUninstall$\sp3.cab:usbscan.sys [2004/08/19 15:20:54 | 018,782,711 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:usbscan.sys [2009/09/23 00:03:54 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:usbscan.sys [2004/08/19 15:20:54 | 018,782,711 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:usbscan.sys [2009/09/23 00:03:54 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:usbscan.sys [2008/04/13 19:45:34 | 000,015,104 | ---- | M] (Microsoft Corporation) MD5=A0B8CF9DEB1184FBDD20784A58FA75D4 -- C:\WINDOWS\ServicePackFiles\i386\usbscan.sys [2008/04/13 19:45:34 | 000,015,104 | ---- | M] (Microsoft Corporation) MD5=A0B8CF9DEB1184FBDD20784A58FA75D4 -- C:\WINDOWS\system32\drivers\usbscan.sys [2004/08/03 21:58:46 | 000,015,104 | ---- | M] (Microsoft Corporation) MD5=A6BC71402F4F7DD5B77FD7F4A8DDBA85 -- C:\WINDOWS\$NtServicePackUninstall$\usbscan.sys < MD5 for: USERINIT.EXE > [2004/08/19 15:10:04 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=84717891F0734C611721F56C60B5FBC3 -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe [2008/04/14 03:34:26 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=E74DDB12188C2FF57A78624DBF7332FC -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe [2008/04/14 03:34:26 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=E74DDB12188C2FF57A78624DBF7332FC -- C:\WINDOWS\system32\userinit.exe < MD5 for: WINLOGON.EXE > [2004/08/19 15:10:06 | 000,506,368 | ---- | M] (Microsoft Corporation) MD5=123EEA158F74D0F67A51DCDF065D1091 -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe [2008/04/14 03:34:28 | 000,512,000 | ---- | M] (Microsoft Corporation) MD5=DD73D6B9F6B4CB630CF35B438B540174 -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe [2008/04/14 03:34:28 | 000,512,000 | ---- | M] (Microsoft Corporation) MD5=DD73D6B9F6B4CB630CF35B438B540174 -- C:\WINDOWS\system32\winlogon.exe < %systemroot%\*. /mp /s > < %systemroot%\system32\*.dll /lockedfiles > [8 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ] < %systemroot%\Tasks\*.job /lockedfiles > ========== Alternate Data Streams ========== @Alternate Data Stream - 114 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:0F8F5844 < End of report > 2em rapport: OTL logfile created on: 28/01/2011 21:02:50 - Run 1 OTL by OldTimer - Version 3.2.20.6 Folder = C:\Documents and Settings\Propriétaire\Bureau Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 0000080C | Country: Belgique | Language: FRB | Date Format: d/MM/yyyy 2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 68,00% Memory free 3,00 Gb Paging File | 3,00 Gb Available in Paging File | 84,00% Paging File free Paging file location(s): C:\pagefile.sys 1536 3072 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 186,30 Gb Total Space | 75,23 Gb Free Space | 40,38% Space Free | Partition Type: NTFS Computer Name: ARNOOO-8B4C1CC6 | User Name: Propriétaire | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Documents and Settings\Propriétaire\Bureau\OTL.exe (OldTimer Tools) PRC - C:\Program Files\Alwil Software\Avast5\AvastUI.exe (AVAST Software) PRC - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (AVAST Software) PRC - C:\Program Files\Mozilla Firefox\plugin-container.exe (Mozilla Corporation) PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) PRC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe (Check Point Software Technologies LTD) PRC - C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe (Check Point Software Technologies LTD) PRC - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe (StarWind Software) PRC - C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe () PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation) PRC - C:\WINDOWS\system32\lxdpcoms.exe ( ) PRC - C:\Program Files\SuperCopier2\SuperCopier2.exe (SFX TEAM) PRC - C:\Program Files\ANYCOM\Blue USB-200-250\BTTray.exe (Broadcom Corporation.) PRC - C:\Program Files\ANYCOM\Blue USB-200-250\BTStackServer.exe (Broadcom Corporation.) PRC - C:\Program Files\ANYCOM\Blue USB-200-250\bin\btwdins.exe (Broadcom Corporation.) PRC - C:\WINDOWS\system32\spool\drivers\w32x86\3\E_FATIACE.EXE (SEIKO EPSON CORPORATION) PRC - C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe (ATI Technologies Inc.) PRC - C:\Program Files\SEC\MagicTune 2.5\GammaTray.exe () PRC - C:\WINDOWS\mixer.exe (C-Media Electronic Inc. (www.cmedia.com.tw)) PRC - C:\WINDOWS\system32\NotifyPhoneBook.exe () PRC - C:\Program Files\SEC\Natural Color\NaturalColorLoad.exe () ========== Modules (SafeList) ========== MOD - C:\Documents and Settings\Propriétaire\Bureau\OTL.exe (OldTimer Tools) MOD - C:\Program Files\Alwil Software\Avast5\snxhk.dll (AVAST Software) MOD - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll (Microsoft Corporation) MOD - C:\Program Files\SuperCopier2\SC2Hook.dll (SFX TEAM) ========== Win32 Services (SafeList) ========== SRV - (AppMgmt) -- File not found SRV - (avast! Antivirus) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (AVAST Software) SRV - (vsmon) -- C:\WINDOWS\System32\ZoneLabs\vsmon.exe (Check Point Software Technologies LTD) SRV - (getPlusHelper) getPlus® -- C:\Program Files\NOS\bin\getPlus_Helper.dll (NOS Microsystems Ltd.) SRV - (StarWindServiceAE) -- C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe (StarWind Software) SRV - (npggsvc) -- C:\WINDOWS\System32\GameMon.des (INCA Internet Co., Ltd.) SRV - (OMSI download service) -- C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe () SRV - (odserv) -- C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\ODSERV.EXE (Microsoft Corporation) SRV - (lxdp_device) -- C:\WINDOWS\System32\lxdpcoms.exe ( ) SRV - (lxdpCATSCustConnectService) -- C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\\lxdpserv.exe () SRV - (ose) -- C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation) SRV - (btwdins) -- C:\Program Files\ANYCOM\Blue USB-200-250\bin\btwdins.exe (Broadcom Corporation.) SRV - (WmcCds) Windows Media Connect (WMC) -- c:\Program Files\Windows Media Connect\mswmccds.exe (Microsoft Corporation) SRV - (WmcCdsLs) Windows Media Connect (WMC) -- C:\Program Files\Windows Media Connect\mswmcls.exe (Microsoft Corporation) ========== Driver Services (SafeList) ========== DRV - (aswSP) -- C:\WINDOWS\System32\drivers\aswSP.sys (AVAST Software) DRV - (aswTdi) -- C:\WINDOWS\System32\drivers\aswTdi.sys (AVAST Software) DRV - (aswMon2) -- C:\WINDOWS\System32\drivers\aswmon2.sys (AVAST Software) DRV - (aswRdr) -- C:\WINDOWS\System32\drivers\aswRdr.sys (AVAST Software) DRV - (Aavmker4) -- C:\WINDOWS\System32\drivers\aavmker4.sys (AVAST Software) DRV - (aswFsBlk) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys (AVAST Software) DRV - (atksgt) -- C:\WINDOWS\system32\drivers\atksgt.sys () DRV - (lirsgt) -- C:\WINDOWS\system32\drivers\lirsgt.sys () DRV - (sptd) -- C:\WINDOWS\System32\Drivers\sptd.sys (Duplex Secure Ltd.) DRV - (vsdatant) -- C:\WINDOWS\system32\vsdatant.sys (Check Point Software Technologies LTD) DRV - (Tcpip6) -- C:\WINDOWS\system32\drivers\tcpip6.sys (Microsoft Corporation) DRV - (s0016unic) Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (WDM) -- C:\WINDOWS\system32\drivers\s0016unic.sys (MCCI Corporation) DRV - (s0016nd5) Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (NDIS) -- C:\WINDOWS\system32\drivers\s0016nd5.sys (MCCI Corporation) DRV - (s0016mdfl) -- C:\WINDOWS\system32\drivers\s0016mdfl.sys (MCCI Corporation) DRV - (s0016mdm) -- C:\WINDOWS\system32\drivers\s0016mdm.sys (MCCI Corporation) DRV - (s0016mgmt) Sony Ericsson Device 0016 USB WMC Device Management Drivers (WDM) -- C:\WINDOWS\system32\drivers\s0016mgmt.sys (MCCI Corporation) DRV - (s0016obex) -- C:\WINDOWS\system32\drivers\s0016obex.sys (MCCI Corporation) DRV - (s0016bus) Sony Ericsson Device 0016 driver (WDM) -- C:\WINDOWS\system32\drivers\s0016bus.sys (MCCI Corporation) DRV - (AtmLane) -- C:\WINDOWS\system32\drivers\atmlane.sys (Microsoft Corporation) DRV - (AtmElan) -- C:\WINDOWS\system32\drivers\atmlane.sys (Microsoft Corporation) DRV - (gameenum) -- C:\WINDOWS\system32\drivers\gameenum.sys (Microsoft Corporation) DRV - (hwdatacard) -- C:\WINDOWS\system32\drivers\ewusbmdm.sys (Huawei Technologies Co., Ltd.) DRV - (AmdK8) -- C:\WINDOWS\system32\drivers\AmdK8.sys (Advanced Micro Devices) DRV - (btaudio) -- C:\WINDOWS\system32\drivers\btaudio.sys (Broadcom Corporation.) DRV - (BTKRNL) -- C:\WINDOWS\system32\drivers\btkrnl.sys (Broadcom Corporation.) DRV - (BTDriver) -- C:\WINDOWS\system32\drivers\btport.sys (Broadcom Corporation.) DRV - (btwmodem) -- C:\WINDOWS\system32\drivers\btwmodem.sys (Broadcom Corporation.) DRV - (BTWUSB) -- C:\WINDOWS\system32\drivers\btwusb.sys (Broadcom Corporation.) DRV - (BTWDNDIS) -- C:\WINDOWS\system32\drivers\btwdndis.sys (Broadcom Corporation.) DRV - (btwhid) -- C:\WINDOWS\system32\drivers\btwhid.sys (Broadcom Corporation.) DRV - (nvatabus) -- C:\WINDOWS\system32\DRIVERS\nvatabus.sys (NVIDIA Corporation) DRV - (ati2mtag) -- C:\WINDOWS\system32\drivers\ati2mtag.sys (ATI Technologies Inc.) DRV - (nvnetbus) -- C:\WINDOWS\system32\drivers\nvnetbus.sys (NVIDIA Corporation) DRV - (NVENETFD) -- C:\WINDOWS\system32\drivers\NVENETFD.sys (NVIDIA Corporation) DRV - (MagicTune) -- C:\WINDOWS\system32\drivers\MTictwl.sys () DRV - (Atmuni) -- C:\WINDOWS\system32\drivers\atmuni.sys (Microsoft Corporation) DRV - (Rawwan) -- C:\WINDOWS\system32\drivers\rawwan.sys (Microsoft Corporation) DRV - (P1131VID) Creative WebCam NX Pro (WDM) -- C:\WINDOWS\system32\drivers\P1131Vid.sys (Creative Technology Ltd.) DRV - (AmeAtmPc) -- C:\WINDOWS\system32\drivers\ameatmpc.sys (Alcatel Microelectronics) DRV - (cmpci) -- C:\WINDOWS\system32\drivers\cmaudio.sys (C-Media Inc) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = MSN : Hotmail, Messenger, Bing, Actualité et Sport IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-1390067357-1614895754-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = MSN : Hotmail, Messenger, Bing, Actualité et Sport IE - HKU\S-1-5-21-1390067357-1614895754-839522115-1003\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Reg Error: Key error. File not found IE - HKU\S-1-5-21-1390067357-1614895754-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "Google" FF - prefs.js..browser.search.order.1: "Web Search" FF - prefs.js..browser.search.selectedEngine: "WikipÃ©dia (fr)" FF - prefs.js..browser.startup.homepage: "http://www.google.be/" FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0 FF - prefs.js..extensions.enabledItems: {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}:20100908 FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.9.1 FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:2.1.1.20091029021655 FF - prefs.js..keyword.URL: "http://www.google.com/search?sourceid=navclient&hl=fr&q=" FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/01/20 15:36:53 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/12/25 15:30:25 | 000,000,000 | ---D | M] [2010/07/21 19:52:02 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Extensions [2010/07/21 19:52:02 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Extensions\home2@tomtom.com [2011/01/28 14:30:27 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\m3hk9gci.default\extensions [2010/04/27 18:21:52 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\m3hk9gci.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2011/01/03 20:42:04 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\m3hk9gci.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c} [2010/12/10 20:52:41 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\m3hk9gci.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1} [2010/09/09 21:46:07 | 000,000,000 | ---D | M] (WOT) -- C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\m3hk9gci.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2011/01/27 18:19:12 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\m3hk9gci.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781} [2011/01/28 14:30:27 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\PROPRIÃ©TAIRE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\M3HK9GCI.DEFAULT\EXTENSIONS\{20A82645-C095-46ED-80E3-08825760534B} File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\PROPRIÃ©TAIRE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\M3HK9GCI.DEFAULT\EXTENSIONS\{3112CA9C-DE6D-4884-A869-9855DE68056C} File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\PROPRIÃ©TAIRE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\M3HK9GCI.DEFAULT\EXTENSIONS\{635ABD67-4FE9-1B23-4F01-E679FA7484C1} File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\PROPRIÃ©TAIRE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\M3HK9GCI.DEFAULT\EXTENSIONS\{A0D7CCB3-214D-498B-B4AA-0E8FDA9A7BF7} File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\PROPRIÃ©TAIRE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\M3HK9GCI.DEFAULT\EXTENSIONS\{E4A8A97B-F2ED-450B-B12D-EE082BA24781} [2009/09/22 20:53:48 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF [2010/12/22 17:34:29 | 000,086,016 | ---- | M] (Coupons, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npCouponPrinter.dll [2010/12/10 21:03:39 | 000,001,516 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazon-france.xml [2010/12/10 21:03:39 | 000,001,822 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\cnrtl-tlfi-fr.xml [2010/12/10 21:03:39 | 000,000,757 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-france.xml [2009/09/25 04:41:11 | 000,000,748 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\MediaDICO-fr.xml [2010/12/10 21:03:39 | 000,001,426 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-fr.xml [2010/12/10 21:03:39 | 000,000,956 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-france.xml O1 HOSTS File: ([2011/01/25 21:55:27 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found. O2 - BHO: (Aide pour le lien d'Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated) O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found. O2 - BHO: (Programme d'aide de l'Assistant de connexion Windows Live) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) O2 - BHO: (EpsonToolBandKicker Class) - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\epson\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION) O3 - HKLM\..\Toolbar: (EPSON Web-To-Page) - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\epson\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION) O3 - HKU\S-1-5-21-1390067357-1614895754-839522115-1003\..\Toolbar\WebBrowser: (no name) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - No CLSID value found. O3 - HKU\S-1-5-21-1390067357-1614895754-839522115-1003\..\Toolbar\WebBrowser: (EPSON Web-To-Page) - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\epson\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION) O4 - HKLM..\Run: [AME_CSA] C:\WINDOWS\System32\AmeCSA.cpl (Alcatel Microelectronics) O4 - HKLM..\Run: [ATICCC] C:\Program Files\ATI Technologies\ATI.ACE\cli.exe (ATI Technologies Inc.) O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\AvastUI.exe (AVAST Software) O4 - HKLM..\Run: [C-Media Mixer] C:\WINDOWS\mixer.exe (C-Media Electronic Inc. (www.cmedia.com.tw)) O4 - HKLM..\Run: [EPSON Stylus DX3800 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACE.EXE (SEIKO EPSON CORPORATION) O4 - HKLM..\Run: [ZoneAlarm Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe (Check Point Software Technologies LTD) O4 - HKU\.DEFAULT..\Run: [ATICCC] C:\Program Files\ATI Technologies\ATI.ACE\cli.exe (ATI Technologies Inc.) O4 - HKU\S-1-5-18..\Run: [ATICCC] C:\Program Files\ATI Technologies\ATI.ACE\cli.exe (ATI Technologies Inc.) O4 - HKU\S-1-5-21-1390067357-1614895754-839522115-1003..\Run: [superCopier2.exe] C:\Program Files\SuperCopier2\SuperCopier2.exe (SFX TEAM) O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\ATI CATALYST System Tray.lnk = C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe (ATI Technologies Inc.) O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\BTTray.lnk = C:\Program Files\ANYCOM\Blue USB-200-250\BTTray.exe (Broadcom Corporation.) O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Color Calibration.lnk = C:\Program Files\SEC\MagicTune 2.5\GammaTray.exe () O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\NaturalColorLoad.lnk = C:\Program Files\SEC\Natural Color\NaturalColorLoad.exe () O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-1390067357-1614895754-839522115-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-1390067357-1614895754-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKU\S-1-5-21-1390067357-1614895754-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKU\S-1-5-21-1390067357-1614895754-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O8 - Extra context menu item: Envoyer à &Bluetooth - C:\Program Files\ANYCOM\Blue USB-200-250\btsendto_ie_ctx.htm () O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\ANYCOM\Blue USB-200-250\btsendto_ie.htm () O9 - Extra 'Tools' menuitem : @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\ANYCOM\Blue USB-200-250\btsendto_ie.htm () O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} http://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab (QuickTime Plugin Control) O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab (Checkers Class) O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab (Solitaire Showdown Class) O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} http://messenger.zone.msn.com/MessengerGamesContent/GameContent/fr/uno1/GAME_UNO1.cab (UnoCtrl Class) O16 - DPF: {7A0D1738-10EA-47FF-92BE-4E137B5BE1A4} https://mpsnare.iesnare.com/StmOCX.cab (Stm Class) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_19-windows-i586.cab (Java Plug-in 1.6.0_19) O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab (MessengerStatsClient Class) O16 - DPF: {CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_19-windows-i586.cab (Java Plug-in 1.6.0_19) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_19-windows-i586.cab (Java Plug-in 1.6.0_19) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (get_atlcom Class) O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab (Minesweeper Flags Class) O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Fichiers communs\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.) O24 - Desktop Components:0 (Ma page d'accueil) - About:Home O24 - Desktop WallPaper: C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Wallpaper1.bmp O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009/09/22 17:03:14 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = ComFile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* NetSvcs: AppMgmt - File not found NetSvcs: Ias - File not found NetSvcs: Iprip - File not found NetSvcs: Irmon - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: WmdmPmSp - File not found MsConfig - StartUpReg: NeroFilterCheck - hkey= - key= - File not found MsConfig - StartUpReg: SunJavaUpdateSched - hkey= - key= - C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe (Sun Microsystems, Inc.) SafeBootMin: AppMgmt - File not found SafeBootMin: Base - Driver Group SafeBootMin: Boot Bus Extender - Driver Group SafeBootMin: Boot file system - Driver Group SafeBootMin: File system - Driver Group SafeBootMin: Filter - Driver Group SafeBootMin: PCI Configuration - Driver Group SafeBootMin: PNP Filter - Driver Group SafeBootMin: Primary disk - Driver Group SafeBootMin: SCSI Class - Driver Group SafeBootMin: sermouse.sys - Driver SafeBootMin: System Bus Extender - Driver Group SafeBootMin: vds - Service SafeBootMin: vga.sys - Driver SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet: AppMgmt - File not found SafeBootNet: Base - Driver Group SafeBootNet: Boot Bus Extender - Driver Group SafeBootNet: Boot file system - Driver Group SafeBootNet: File system - Driver Group SafeBootNet: Filter - Driver Group SafeBootNet: NDIS Wrapper - Driver Group SafeBootNet: NetBIOSGroup - Driver Group SafeBootNet: NetDDEGroup - Driver Group SafeBootNet: Network - Driver Group SafeBootNet: NetworkProvider - Driver Group SafeBootNet: PCI Configuration - Driver Group SafeBootNet: PNP Filter - Driver Group SafeBootNet: PNP_TDI - Driver Group SafeBootNet: Primary disk - Driver Group SafeBootNet: SCSI Class - Driver Group SafeBootNet: sermouse.sys - Driver SafeBootNet: Streams Drivers - Driver Group SafeBootNet: System Bus Extender - Driver Group SafeBootNet: TDI - Driver Group SafeBootNet: vga.sys - Driver SafeBootNet: vsmon - C:\WINDOWS\System32\ZoneLabs\vsmon.exe (Check Point Software Technologies LTD) SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun) ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Rendu VML (Vector Graphics Rendering) ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4 ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation ActiveX: {2A3320D6-C805-4280-B423-B665BDE33D8F} - Microsoft .NET Framework 1.1 Security Update (KB979906) ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll ActiveX: {2F6EFCE6-10DF-49F9-9E64-9AE3775B2588} - Microsoft .NET Framework 1.1 Security Update (KB2416447) ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Liaison de données Dynamic HTML pour Java ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe ActiveX: {411EDCF7-755D-414E-A74B-3DCD6583F589} - Microsoft .NET Framework 1.1 Service Pack 1 (KB867460) ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Création avancée ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - Classes Java DirectAnimation ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.8 ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access ActiveX: {72AD53CC-CCC0-3757-8480-9EE176866A7C} - .NET Framework ActiveX: {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - Web Folders ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe -BaseSettings ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - c:\WINDOWS\system32\Rundll32.exe c:\WINDOWS\system32\mscories.dll,Install ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding ActiveX: {9A394342-4A68-4EBA-85A6-55B559F4E700} - .NET Framework ActiveX: {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} - .NET Framework ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Planificateur de tâches ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1 ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Adobe Flash Player ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface ActiveX: {EF289A85-8E57-408d-BE47-73B55609861A} - RootsUpdate ActiveX: <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exe ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigIE ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE ActiveX: Microsoft Base Smart Card Crypto Provider Package - Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation) Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS) Drivers32: msacm.lhacm - C:\WINDOWS\System32\lhacm.acm (Microsoft Corporation) Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.) Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.) Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation) Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.) Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll () Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll () Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation) Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation) Drivers32: vidc.VP60 - C:\WINDOWS\system32\vp6vfw.dll (On2.com) Drivers32: vidc.VP61 - C:\WINDOWS\system32\vp6vfw.dll (On2.com) NetSvcs: AppMgmt - File not found NetSvcs: Ias - File not found NetSvcs: Iprip - File not found NetSvcs: Irmon - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: WmdmPmSp - File not found ========== Files/Folders - Created Within 30 Days ========== [2011/01/28 18:56:19 | 000,602,624 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Propriétaire\Bureau\OTL.exe [2011/01/28 13:16:47 | 000,000,000 | ---D | C] -- C:\WINDOWS\LastGood [2011/01/25 22:27:15 | 000,000,000 | -HSD | C] -- C:\RECYCLER [2011/01/25 21:51:16 | 000,000,000 | RHSD | C] -- C:\cmdcons [2011/01/25 21:46:00 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe [2011/01/25 21:46:00 | 000,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe [2011/01/25 21:46:00 | 000,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe [2011/01/25 21:46:00 | 000,031,232 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe [2011/01/25 21:45:53 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT [2011/01/25 21:45:45 | 000,000,000 | ---D | C] -- C:\Qoobox [2011/01/25 21:31:36 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro [2011/01/25 13:01:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Propriétaire\Mes documents\Downloads [2011/01/24 20:34:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Propriétaire\Bureau\new zik [2011/01/20 13:58:29 | 000,000,000 | ---D | C] -- C:\Program Files\Fichiers communs\Skype [2011/01/18 15:09:27 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Propriétaire\Recent [2011/01/04 21:44:27 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft [2011/01/03 20:42:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Google [2011/01/01 21:46:24 | 000,000,000 | ---D | C] -- C:\Program Files\7-Zip [2011/01/01 21:37:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Propriétaire\Local Settings\Application Data\assembly [2011/01/01 21:32:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\assembly [2011/01/01 21:30:23 | 000,197,632 | ---- | C] (Dino Chiesa) -- C:\WINDOWS\System32\Ionic.Zip.Reduced.dll [2011/01/01 16:15:23 | 000,000,000 | ---D | C] -- C:\Program Files\SlySoft [2011/01/01 16:10:29 | 000,000,000 | ---D | C] -- C:\Program Files\RegCleaner [2010/04/22 22:02:34 | 000,438,272 | ---- | C] ( ) -- C:\WINDOWS\System32\LXDPhcp.dll [2010/04/22 22:02:34 | 000,364,544 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdpinpa.dll [2010/04/22 22:02:34 | 000,339,968 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdpiesc.dll [2010/04/22 22:02:33 | 001,101,824 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdpserv.dll [2010/04/22 22:02:33 | 000,843,776 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdpusb1.dll [2010/04/22 22:02:32 | 000,647,168 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdppmui.dll [2010/04/22 22:02:32 | 000,569,344 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdplmpm.dll [2010/04/22 22:02:32 | 000,053,248 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdpprox.dll [2010/04/22 22:02:30 | 000,663,552 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdphbn3.dll [2010/04/22 22:02:28 | 000,851,968 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdpcomc.dll [2010/04/22 22:02:28 | 000,376,832 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdpcomm.dll [2010/03/23 19:47:16 | 000,208,896 | ---- | C] (www.mp3dev.org) -- C:\Program Files\lame_enc.dll [2009/09/22 21:08:23 | 004,300,800 | ---- | C] (Gabest) -- C:\Program Files\mplayerc.exe [8 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [7 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [1 C:\Documents and Settings\Propriétaire\Local Settings\Application Data\*.tmp files -> C:\Documents and Settings\Propriétaire\Local Settings\Application Data\*.tmp -> ] [1 C:\*.tmp files -> C:\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2011/01/28 21:03:47 | 000,000,446 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{193EBDFA-13AF-4DDC-8D6A-C9AFF35C7031}.job [2011/01/28 20:33:00 | 000,001,066 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job [2011/01/28 20:25:23 | 000,174,592 | ---- | M] () -- C:\Documents and Settings\Propriétaire\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011/01/28 18:56:37 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Propriétaire\Bureau\OTL.exe [2011/01/28 15:33:00 | 000,001,062 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job [2011/01/28 11:59:44 | 000,000,445 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.ics [2011/01/28 11:58:42 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2011/01/26 21:06:14 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2011/01/26 21:04:41 | 000,000,072 | ---- | M] () -- C:\Documents and Settings\Propriétaire\defogger_reenable [2011/01/25 21:55:27 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.msn [2011/01/25 21:55:27 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts [2011/01/25 21:51:20 | 000,000,344 | RHS- | M] () -- C:\boot.ini [2011/01/25 19:43:38 | 000,002,265 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Skype.lnk [2011/01/20 18:47:44 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini [2011/01/16 00:12:38 | 000,003,121 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT [2011/01/15 12:15:58 | 000,002,337 | ---- | M] () -- C:\Documents and Settings\Propriétaire\Bureau\Google Chrome.lnk [2011/01/15 12:15:58 | 000,002,315 | ---- | M] () -- C:\Documents and Settings\Propriétaire\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk [2011/01/13 09:47:35 | 000,038,848 | ---- | M] (AVAST Software) -- C:\WINDOWS\avastSS.scr [2011/01/13 09:47:32 | 000,188,216 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe [2011/01/13 09:41:16 | 000,294,608 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys [2011/01/13 09:40:16 | 000,047,440 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys [2011/01/13 09:40:04 | 000,100,176 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys [2011/01/13 09:39:50 | 000,094,544 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys [2011/01/13 09:37:30 | 000,023,632 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys [2011/01/13 09:37:11 | 000,029,392 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys [2011/01/13 09:37:09 | 000,017,744 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys [2011/01/12 22:25:55 | 000,281,760 | ---- | M] () -- C:\WINDOWS\System32\drivers\atksgt.sys [2011/01/12 22:25:55 | 000,025,888 | ---- | M] () -- C:\WINDOWS\System32\drivers\lirsgt.sys [2011/01/10 19:21:17 | 000,001,628 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Allods Online.lnk [2011/01/01 23:21:46 | 000,000,110 | ---- | M] () -- C:\Documents and Settings\Propriétaire\Mes documents\ax_files.xml [2011/01/01 20:36:55 | 000,000,041 | -HS- | M] () -- C:\Documents and Settings\All Users\Application Data\.zreglib [2010/12/30 19:34:33 | 000,000,827 | ---- | M] () -- C:\Documents and Settings\Propriétaire\Bureau\Raccourci vers Comptes 2011.lnk [8 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [7 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [1 C:\Documents and Settings\Propriétaire\Local Settings\Application Data\*.tmp files -> C:\Documents and Settings\Propriétaire\Local Settings\Application Data\*.tmp -> ] [1 C:\*.tmp files -> C:\*.tmp -> ] ========== Files Created - No Company Name ========== [2011/01/26 21:04:36 | 000,000,072 | ---- | C] () -- C:\Documents and Settings\Propriétaire\defogger_reenable [2011/01/25 21:51:20 | 000,000,228 | ---- | C] () -- C:\Boot.bak [2011/01/25 21:51:16 | 000,263,488 | RHS- | C] () -- C:\cmldr [2011/01/25 21:46:00 | 000,256,512 | ---- | C] () -- C:\WINDOWS\PEV.exe [2011/01/25 21:46:00 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe [2011/01/25 21:46:00 | 000,089,088 | ---- | C] () -- C:\WINDOWS\MBR.exe [2011/01/25 21:46:00 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe [2011/01/25 21:46:00 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe [2011/01/12 22:25:55 | 000,281,760 | ---- | C] () -- C:\WINDOWS\System32\drivers\atksgt.sys [2011/01/12 22:25:55 | 000,025,888 | ---- | C] () -- C:\WINDOWS\System32\drivers\lirsgt.sys [2011/01/10 19:21:17 | 000,001,628 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Allods Online.lnk [2011/01/01 20:36:55 | 000,000,041 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\.zreglib [2010/12/30 19:34:33 | 000,000,827 | ---- | C] () -- C:\Documents and Settings\Propriétaire\Bureau\Raccourci vers Comptes 2011.lnk [2010/12/22 17:34:28 | 000,000,031 | -H-- | C] () -- C:\WINDOWS\UKCpInfo.sys [2010/09/06 19:59:45 | 000,000,000 | ---- | C] () -- C:\WINDOWS\mngui.INI [2010/08/20 16:42:25 | 000,000,385 | ---- | C] () -- C:\WINDOWS\ODBC.INI [2010/07/14 00:30:20 | 000,000,018 | ---- | C] () -- C:\WINDOWS\avi2divx.INI [2010/04/22 22:03:49 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\lxdpvs.dll [2010/04/22 22:03:40 | 000,348,160 | ---- | C] () -- C:\WINDOWS\System32\lxdpcoin.dll [2010/04/22 22:02:45 | 000,000,044 | ---- | C] () -- C:\WINDOWS\System32\lxdprwrd.ini [2010/04/22 22:02:34 | 000,348,160 | ---- | C] () -- C:\WINDOWS\System32\LXDPinst.dll [2010/04/22 22:02:29 | 000,208,896 | ---- | C] () -- C:\WINDOWS\System32\lxdpgrd.dll [2010/04/22 19:10:14 | 000,000,035 | ---- | C] () -- C:\WINDOWS\A5W.INI [2010/04/04 20:39:49 | 000,000,000 | ---- | C] () -- C:\WINDOWS\Irremote.ini [2010/03/28 19:50:34 | 000,000,137 | ---- | C] () -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\fusioncache.dat [2010/02/24 20:58:47 | 000,000,122 | ---- | C] () -- C:\Documents and Settings\Propriétaire\Application Data\AVSMediaPlayer.m3u [2010/01/25 22:33:31 | 000,000,041 | ---- | C] () -- C:\WINDOWS\Filzip.ini [2010/01/03 21:03:05 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini [2009/12/09 22:03:43 | 000,000,145 | ---- | C] () -- C:\WINDOWS\NAVIGMA.INI [2009/11/09 15:45:00 | 000,323,584 | ---- | C] () -- C:\WINDOWS\System32\MultLang.dll [2009/11/09 15:45:00 | 000,004,408 | ---- | C] () -- C:\WINDOWS\System32\FileList.ini [2009/11/09 15:45:00 | 000,003,059 | ---- | C] () -- C:\WINDOWS\System32\AmeCfg.ini [2009/11/09 15:45:00 | 000,000,312 | ---- | C] () -- C:\WINDOWS\System32\Gains.ini [2009/11/09 15:44:59 | 000,000,101 | ---- | C] () -- C:\WINDOWS\System32\WipCfg.ini [2009/10/12 21:59:33 | 000,174,592 | ---- | C] () -- C:\Documents and Settings\Propriétaire\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2009/09/30 17:55:48 | 000,065,864 | ---- | C] () -- C:\WINDOWS\System32\Digita.sys [2009/09/30 17:55:48 | 000,006,144 | ---- | C] () -- C:\WINDOWS\System32\ImgLibLead.dll [2009/09/30 17:55:47 | 000,100,864 | ---- | C] () -- C:\WINDOWS\System32\Dc50ip32.dll [2009/09/30 17:55:47 | 000,007,808 | ---- | C] () -- C:\WINDOWS\System32\dc240u.sys [2009/09/30 17:55:41 | 000,210,944 | ---- | C] () -- C:\WINDOWS\System32\MSVCRT10.DLL [2009/09/25 19:53:09 | 000,000,571 | ---- | C] () -- C:\WINDOWS\System32\FeMakro.ini [2009/09/25 19:53:09 | 000,000,497 | ---- | C] () -- C:\WINDOWS\System32\FeAnim.ini [2009/09/22 19:15:31 | 000,000,099 | ---- | C] () -- C:\WINDOWS\System32\PICSDK.ini [2009/09/22 19:14:18 | 000,000,025 | ---- | C] () -- C:\WINDOWS\CDE DX3800EFGIPSD.ini [2009/09/22 18:53:57 | 000,004,205 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI [2009/09/22 18:45:56 | 000,000,025 | ---- | C] () -- C:\WINDOWS\mixerdef.ini [2009/09/22 17:57:42 | 000,000,135 | ---- | C] () -- C:\Documents and Settings\Propriétaire\Local Settings\Application Data\fusioncache.dat [2009/09/22 17:27:36 | 000,025,294 | ---- | C] () -- C:\WINDOWS\System32\drivers\MTictwl.sys [2009/09/22 17:23:24 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\Gif89.dll [2008/10/07 08:13:30 | 000,197,912 | ---- | C] () -- C:\WINDOWS\System32\physxcudart_20.dll [2008/10/07 08:13:22 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll [2008/10/07 08:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll [2008/10/07 08:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll [2008/10/07 08:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll [2008/10/07 08:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll [2008/10/07 08:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll [2008/10/07 08:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll [2008/10/07 08:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll [2008/10/07 08:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll [2008/05/26 21:23:32 | 000,016,698 | ---- | C] () -- C:\WINDOWS\System32\gthrctr.ini [2008/05/26 21:23:30 | 000,021,596 | ---- | C] () -- C:\WINDOWS\System32\idxcntrs.ini [2008/05/26 21:23:28 | 000,016,036 | ---- | C] () -- C:\WINDOWS\System32\gsrvctr.ini [2005/09/06 14:42:34 | 000,090,112 | ---- | C] () -- C:\WINDOWS\System32\btprn2k.dll [2004/08/05 13:00:00 | 000,014,336 | ---- | C] () -- C:\WINDOWS\System32\msdmo(2).dll [2001/11/14 12:56:00 | 001,802,240 | ---- | C] () -- C:\WINDOWS\System32\lcppn21.dll ========== LOP Check ========== [2010/06/09 22:01:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AlawarWrapper [2010/06/16 18:57:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Alwil Software [2010/09/06 20:16:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\BVRP Software [2009/09/25 16:33:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MailFrontier [2010/06/27 22:49:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Nexon [2010/06/02 20:21:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Drivers HeadQuarters [2010/08/08 12:22:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP [2010/07/21 19:53:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TomTom [2009/09/22 19:17:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\UDL [2010/12/10 21:08:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WinZip [2010/12/10 14:17:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Propriétaire\Application Data\.purple [2010/07/05 23:10:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Propriétaire\Application Data\Astro Gemini Software [2010/11/06 20:02:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Propriétaire\Application Data\CheckPoint [2010/12/09 23:11:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Propriétaire\Application Data\enchant [2009/09/23 16:27:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Propriétaire\Application Data\EPSON [2010/06/14 19:01:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Propriétaire\Application Data\Facebook [2010/12/09 23:13:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Propriétaire\Application Data\gtk-2.0 [2009/09/22 19:09:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Propriétaire\Application Data\InterTrust [2010/12/10 19:05:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Propriétaire\Application Data\Miranda [2010/10/22 16:54:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Propriétaire\Application Data\OneSwarm [2009/09/22 20:56:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Propriétaire\Application Data\OpenOffice.org [2010/11/16 19:14:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Propriétaire\Application Data\SystemRequirementsLab [2010/03/25 17:36:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Propriétaire\Application Data\TeamViewer [2010/09/06 19:47:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Propriétaire\Application Data\Teleca [2009/10/25 13:09:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Propriétaire\Application Data\The Creative Assembly [2010/07/21 19:51:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Propriétaire\Application Data\TomTom [2010/12/26 22:52:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Propriétaire\Application Data\TS3Client [2009/09/27 16:45:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Propriétaire\Application Data\Windows Desktop Search [2009/09/28 21:13:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Propriétaire\Application Data\Windows Search [2011/01/23 23:57:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Propriétaire\Application Data\XnView [2011/01/28 21:03:47 | 000,000,446 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{193EBDFA-13AF-4DDC-8D6A-C9AFF35C7031}.job ========== Purity Check ========== ========== Custom Scans ========== < %SYSTEMDRIVE%\spdt.* /s > < %systemroot%\system32\drivers\*.sys /lockedfiles > < %ALLUSERSPROFILE%\Application Data\*. > [2010/10/06 17:07:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Adobe [2009/09/22 18:49:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ahead [2010/06/09 22:01:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AlawarWrapper [2010/06/16 18:57:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Alwil Software [2010/02/24 20:56:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVS4YOU [2010/09/06 20:16:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\BVRP Software [2011/01/02 21:12:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ESTsoft [2011/01/03 20:42:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Google [2009/09/25 16:33:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MailFrontier [2009/09/22 21:13:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes [2011/01/12 22:23:57 | 000,000,000 | --SD | M] -- C:\Documents and Settings\All Users\Application Data\Microsoft [2011/01/12 18:22:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Microsoft Help [2010/04/04 20:41:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Nero [2010/06/27 22:49:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Nexon [2010/02/09 22:57:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NOS [2010/06/02 20:21:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Drivers HeadQuarters [2011/01/20 13:58:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Skype [2010/09/06 20:14:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sony Ericsson [2010/03/30 23:35:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sun [2010/08/08 12:22:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP [2010/07/21 19:53:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TomTom [2009/09/22 19:17:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\UDL [2009/09/22 23:18:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage [2010/12/10 21:08:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WinZip [2009/10/19 20:21:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WLInstaller [2010/12/13 15:53:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Yahoo! < %ALLUSERSPROFILE%\Application Data\*.exe /s > [2010/10/07 06:43:28 | 000,365,912 | ---- | M] (ESTsoft Corp.) -- C:\Documents and Settings\All Users\Application Data\ESTsoft\ALAuth\AuthSerialReg.exe [2010/04/27 05:20:44 | 000,374,104 | ---- | M] (ESTsoft corp.) -- C:\Documents and Settings\All Users\Application Data\ESTsoft\ALCM\ALCMUpdate.exe [2011/01/01 22:07:44 | 007,734,208 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\mbam-setup.exe [2010/09/01 07:53:54 | 001,861,000 | ---- | M] (Nexon Corp.) -- C:\Documents and Settings\All Users\Application Data\Nexon\Common\NMService.exe < %APPDATA%\*. > [2010/12/10 14:17:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Propriétaire\Application Data\.purple [2009/09/24 17:34:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Propriétaire\Application Data\Adobe [2010/07/05 23:10:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Propriétaire\Application Data\Astro Gemini Software [2009/09/22 17:57:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Propriétaire\Application Data\ATI [2010/11/06 20:02:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Propriétaire\Application Data\CheckPoint [2009/09/22 19:12:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Propriétaire\Application Data\Creative [2011/01/28 20:01:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Propriétaire\Application Data\dvdcss [2010/12/09 23:11:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Propriétaire\Application Data\enchant [2009/09/23 16:27:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Propriétaire\Application Data\EPSON [2011/01/02 21:12:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Propriétaire\Application Data\ESTsoft [2010/06/14 19:01:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Propriétaire\Application Data\Facebook [2010/08/06 15:22:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Propriétaire\Application Data\Google [2010/12/09 23:13:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Propriétaire\Application Data\gtk-2.0 [2010/04/29 18:23:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Propriétaire\Application Data\Help [2009/09/22 17:06:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Propriétaire\Application Data\Identities [2009/09/22 19:09:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Propriétaire\Application Data\InterTrust [2009/09/22 21:50:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Propriétaire\Application Data\Lavasoft [2009/09/22 22:10:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Propriétaire\Application Data\Macromedia [2009/09/22 21:13:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Propriétaire\Application Data\Malwarebytes [2010/06/09 21:34:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Propriétaire\Application Data\Media Player Classic [2010/08/26 11:48:32 | 000,000,000 | --SD | M] -- C:\Documents and Settings\Propriétaire\Application Data\Microsoft [2010/12/10 19:05:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Propriétaire\Application Data\Miranda [2010/11/06 21:06:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Propriétaire\Application Data\Mozilla [2010/01/03 19:14:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Propriétaire\Application Data\Nero [2010/10/22 16:54:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Propriétaire\Application Data\OneSwarm [2009/09/22 20:56:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Propriétaire\Application Data\OpenOffice.org [2010/12/09 23:08:08 | 000,000,000 | RH-D | M] -- C:\Documents and Settings\Propriétaire\Application Data\SecuROM [2011/01/26 23:34:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Propriétaire\Application Data\Skype [2011/01/26 23:16:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Propriétaire\Application Data\skypePM [2010/09/06 19:45:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Propriétaire\Application Data\Sony Ericsson [2009/09/22 20:53:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Propriétaire\Application Data\Sun [2010/11/16 19:14:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Propriétaire\Application Data\SystemRequirementsLab [2009/10/12 19:06:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Propriétaire\Application Data\teamspeak2 [2010/03/25 17:36:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Propriétaire\Application Data\TeamViewer [2010/09/06 19:47:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Propriétaire\Application Data\Teleca [2009/10/25 13:09:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Propriétaire\Application Data\The Creative Assembly [2010/07/21 19:51:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Propriétaire\Application Data\TomTom [2010/12/26 22:52:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Propriétaire\Application Data\TS3Client [2011/01/28 20:52:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Propriétaire\Application Data\vlc [2009/09/27 16:45:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Propriétaire\Application Data\Windows Desktop Search [2009/09/28 21:13:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Propriétaire\Application Data\Windows Search [2010/08/20 17:08:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Propriétaire\Application Data\WinRAR [2011/01/23 23:57:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Propriétaire\Application Data\XnView [2010/12/13 15:50:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Propriétaire\Application Data\Yahoo! < %APPDATA%\*.exe /s > [2010/06/14 19:01:59 | 000,050,354 | ---- | M] (Facebook, Inc.) -- C:\Documents and Settings\Propriétaire\Application Data\Facebook\uninstall.exe [2010/04/22 19:16:23 | 000,002,238 | R--- | M] () -- C:\Documents and Settings\Propriétaire\Application Data\Microsoft\Installer\{9BBE1474-DA14-4309-AD6E-75673873EB5D}\wwicon.exe [2010/04/28 18:36:46 | 000,004,710 | R--- | M] () -- C:\Documents and Settings\Propriétaire\Application Data\Microsoft\Installer\{F93F0793-AE93-4C61-8F46-CD5A0C3A9038}\ARPPRODUCTICON.exe [2010/04/28 18:36:46 | 000,065,536 | R--- | M] (InstallShield Software Corp.) -- C:\Documents and Settings\Propriétaire\Application Data\Microsoft\Installer\{F93F0793-AE93-4C61-8F46-CD5A0C3A9038}\FlexiPoints.exe1_F93F0793AE934C618F46CD5A0C3A9038.exe [2010/04/28 18:36:46 | 000,065,536 | R--- | M] (InstallShield Software Corp.) -- C:\Documents and Settings\Propriétaire\Application Data\Microsoft\Installer\{F93F0793-AE93-4C61-8F46-CD5A0C3A9038}\FlexiPoints.exe_F93F0793AE934C618F46CD5A0C3A9038.exe [2010/04/28 18:36:46 | 000,008,854 | R--- | M] () -- C:\Documents and Settings\Propriétaire\Application Data\Microsoft\Installer\{F93F0793-AE93-4C61-8F46-CD5A0C3A9038}\UNINST_Deinstalliere_F93F0793AE934C618F46CD5A0C3A9038.exe < %SYSTEMDRIVE%\*.exe > < %SYSTEMDRIVE%\*.exe > < MD5 for: AGP440.SYS > [2009/09/23 00:03:54 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\$NtServicePackUninstall$\sp3.cab:AGP440.sys [2004/08/19 15:20:54 | 018,782,711 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys [2009/09/23 00:03:54 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys [2004/08/19 15:20:54 | 018,782,711 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:AGP440.sys [2009/09/23 00:03:54 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys [2008/04/13 19:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys [2008/04/13 19:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys [2004/08/03 22:07:42 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\WINDOWS\$NtServicePackUninstall$\agp440.sys < MD5 for: ATAPI.SYS > [2009/09/23 00:03:54 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\$NtServicePackUninstall$\sp3.cab:atapi.sys [2004/08/19 15:20:54 | 018,782,711 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys [2009/09/23 00:03:54 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys [2004/08/19 15:20:54 | 018,782,711 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:atapi.sys [2009/09/23 00:03:54 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys [2008/04/13 19:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys [2008/04/13 19:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys [2004/08/05 13:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys [2004/08/05 13:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0002\DriverFiles\i386\atapi.sys [2004/08/05 13:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0003\DriverFiles\i386\atapi.sys [2004/08/05 13:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0004\DriverFiles\i386\atapi.sys < MD5 for: CDROM.SYS > [2009/09/23 00:03:54 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\$NtServicePackUninstall$\sp3.cab:cdrom.sys [2004/08/19 15:20:54 | 018,782,711 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys [2009/09/23 00:03:54 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys [2004/08/19 15:20:54 | 018,782,711 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:cdrom.sys [2009/09/23 00:03:54 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:cdrom.sys [2008/04/13 19:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\ServicePackFiles\i386\cdrom.sys [2008/04/13 19:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys [2004/08/05 13:00:00 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\$NtServicePackUninstall$\cdrom.sys < MD5 for: CHANGER.SYS > [2009/09/23 00:03:54 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\$NtServicePackUninstall$\sp3.cab:Changer.sys [2004/08/19 15:20:54 | 018,782,711 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:Changer.sys [2009/09/23 00:03:54 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:Changer.sys [2004/08/19 15:20:54 | 018,782,711 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:Changer.sys [2009/09/23 00:03:54 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:Changer.sys [2008/04/13 19:40:58 | 000,008,192 | ---- | M] (Microsoft Corporation) MD5=2A5815CA6FFF24B688C01F828B96819C -- C:\WINDOWS\ServicePackFiles\i386\changer.sys [2004/08/03 22:00:14 | 000,008,192 | ---- | M] (Microsoft Corporation) MD5=DAF1A8193B6CAF0FB858CADCC5C4AF4A -- C:\WINDOWS\$NtServicePackUninstall$\changer.sys < MD5 for: DISK.SYS > [2009/09/23 00:03:54 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\$NtServicePackUninstall$\sp3.cab:disk.sys [2004/08/19 15:20:54 | 018,782,711 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:disk.sys [2009/09/23 00:03:54 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:disk.sys [2004/08/19 15:20:54 | 018,782,711 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:disk.sys [2009/09/23 00:03:54 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:disk.sys [2004/08/05 13:00:00 | 000,036,352 | ---- | M] (Microsoft Corporation) MD5=00CA44E4534865F8A3B64F7C0984BFF0 -- C:\WINDOWS\$NtServicePackUninstall$\disk.sys [2008/04/13 19:40:47 | 000,036,352 | ---- | M] (Microsoft Corporation) MD5=044452051F3E02E7963599FC8F4F3E25 -- C:\WINDOWS\ServicePackFiles\i386\disk.sys [2008/04/13 19:40:47 | 000,036,352 | ---- | M] (Microsoft Corporation) MD5=044452051F3E02E7963599FC8F4F3E25 -- C:\WINDOWS\system32\drivers\disk.sys < MD5 for: EVENTLOG.DLL > [2004/08/19 15:09:26 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=49B1376885340BF9EA0D99F71557B59A -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll [2008/04/14 03:33:24 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=4EC800BDF80521B0207BD2301DFC7D14 -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll [2008/04/14 03:33:24 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=4EC800BDF80521B0207BD2301DFC7D14 -- C:\WINDOWS\system32\eventlog.dll < MD5 for: EXPLORER.EXE > [2004/08/19 15:09:54 | 001,036,288 | ---- | M] (Microsoft Corporation) MD5=2A7BD330924252A2FD80344FC949BB72 -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe [2008/04/14 03:34:03 | 001,037,824 | ---- | M] (Microsoft Corporation) MD5=F2317622D29F9FF0F88AEECD5F60F0DD -- C:\WINDOWS\explorer.exe [2008/04/14 03:34:03 | 001,037,824 | ---- | M] (Microsoft Corporation) MD5=F2317622D29F9FF0F88AEECD5F60F0DD -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe < MD5 for: NDIS.SYS > [2008/04/13 20:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\ServicePackFiles\i386\ndis.sys [2008/04/13 20:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys [2004/08/05 13:00:00 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\$NtServicePackUninstall$\ndis.sys < MD5 for: NETLOGON.DLL > [2008/04/14 03:33:34 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=04821179C3171554C1BD1F9888A113E2 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll [2008/04/14 03:33:34 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=04821179C3171554C1BD1F9888A113E2 -- C:\WINDOWS\system32\netlogon.dll [2004/08/19 15:09:38 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=D4CFAC76926C24E32B7F25A35C31BC6E -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll < MD5 for: NVATABUS.SYS > [2004/12/07 09:15:54 | 000,087,936 | R--- | M] (NVIDIA Corporation) MD5=E4F1F95A6BBBFBBFF9A713C6063AA2CB -- C:\WINDOWS\system32\drivers\nvatabus.sys < MD5 for: RASACD.SYS > [2004/08/05 13:00:00 | 000,008,832 | ---- | M] (Microsoft Corporation) MD5=FE0D99D6F31E4FAD8159F690D68DED9C -- C:\WINDOWS\system32\dllcache\rasacd.sys [2004/08/05 13:00:00 | 000,008,832 | ---- | M] (Microsoft Corporation) MD5=FE0D99D6F31E4FAD8159F690D68DED9C -- C:\WINDOWS\system32\drivers\rasacd.sys < MD5 for: RDPWD.SYS > [2008/04/14 03:34:54 | 000,139,656 | ---- | M] (Microsoft Corporation) MD5=6728E45B66F93C08F11DE2E316FC70DD -- C:\WINDOWS\ServicePackFiles\i386\rdpwd.sys [2008/04/14 03:34:54 | 000,139,656 | ---- | M] (Microsoft Corporation) MD5=6728E45B66F93C08F11DE2E316FC70DD -- C:\WINDOWS\system32\drivers\rdpwd.sys [2004/08/05 13:00:00 | 000,139,400 | ---- | M] (Microsoft Corporation) MD5=D4F5643D7714EF499AE9527FDCD50894 -- C:\WINDOWS\$NtServicePackUninstall$\rdpwd.sys < MD5 for: SCECLI.DLL > [2004/08/19 15:09:40 | 000,186,368 | ---- | M] (Microsoft Corporation) MD5=58D439F6EF73A2D9288B204E819F4BBD -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll [2008/04/14 03:33:40 | 000,187,392 | ---- | M] (Microsoft Corporation) MD5=973B36634C544948C663E8269AA1B3A3 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll [2008/04/14 03:33:40 | 000,187,392 | ---- | M] (Microsoft Corporation) MD5=973B36634C544948C663E8269AA1B3A3 -- C:\WINDOWS\system32\scecli.dll < MD5 for: SFLOPPY.SYS > [2009/09/23 00:03:54 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\$NtServicePackUninstall$\sp3.cab:Sfloppy.sys [2004/08/19 15:20:54 | 018,782,711 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:Sfloppy.sys [2009/09/23 00:03:54 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:Sfloppy.sys [2004/08/19 15:20:54 | 018,782,711 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:Sfloppy.sys [2009/09/23 00:03:54 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:Sfloppy.sys [2004/08/05 13:00:00 | 000,011,392 | ---- | M] (Microsoft Corporation) MD5=0D13B6DF6E9E101013A7AFB0CE629FE0 -- C:\WINDOWS\$NtServicePackUninstall$\sfloppy.sys [2008/04/13 19:40:48 | 000,011,392 | ---- | M] (Microsoft Corporation) MD5=8E6B8C671615D126FDC553D1E2DE5562 -- C:\WINDOWS\ServicePackFiles\i386\sfloppy.sys [2008/04/13 19:40:48 | 000,011,392 | ---- | M] (Microsoft Corporation) MD5=8E6B8C671615D126FDC553D1E2DE5562 -- C:\WINDOWS\system32\drivers\sfloppy.sys < MD5 for: SPLITTER.SYS > [2009/09/23 00:03:54 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\$NtServicePackUninstall$\sp3.cab:splitter.sys [2004/08/19 15:20:54 | 018,782,711 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:splitter.sys [2009/09/23 00:03:54 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:splitter.sys [2004/08/19 15:20:54 | 018,782,711 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:splitter.sys [2009/09/23 00:03:54 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:splitter.sys [2004/08/03 22:07:48 | 000,006,400 | ---- | M] (Microsoft Corporation) MD5=8E186B8F23295D1E42C573B82B80D548 -- C:\WINDOWS\$NtServicePackUninstall$\splitter.sys [2008/04/13 19:45:07 | 000,006,272 | ---- | M] (Microsoft Corporation) MD5=AB8B92451ECB048A4D1DE7C3FFCB4A9F -- C:\WINDOWS\ServicePackFiles\i386\splitter.sys [2008/04/13 19:45:07 | 000,006,272 | ---- | M] (Microsoft Corporation) MD5=AB8B92451ECB048A4D1DE7C3FFCB4A9F -- C:\WINDOWS\system32\drivers\splitter.sys < MD5 for: SWMIDI.SYS > [2009/09/23 00:03:54 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\$NtServicePackUninstall$\sp3.cab:swmidi.sys [2009/09/23 00:03:54 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:swmidi.sys [2009/09/23 00:03:54 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:swmidi.sys [2008/04/13 19:45:09 | 000,056,576 | ---- | M] (Microsoft Corporation) MD5=8CE882BCC6CF8A62F2B2323D95CB3D01 -- C:\WINDOWS\ServicePackFiles\i386\swmidi.sys [2008/04/13 19:45:09 | 000,056,576 | ---- | M] (Microsoft Corporation) MD5=8CE882BCC6CF8A62F2B2323D95CB3D01 -- C:\WINDOWS\system32\drivers\swmidi.sys [2001/08/17 21:00:52 | 000,054,272 | ---- | M] (Microsoft Corporation) MD5=94ABC808FC4B6D7D2BBF42B85E25BB4D -- C:\WINDOWS\$NtServicePackUninstall$\swmidi.sys < MD5 for: TCPIP.SYS > [2008/06/20 11:45:13 | 000,360,320 | ---- | M] (Microsoft Corporation) MD5=2A5554FC5B1E04E131230E3CE035C3F9 -- C:\WINDOWS\$NtServicePackUninstall$\tcpip.sys [2008/06/20 12:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=4AFB3B0919649F95C1964AA1FAD27D73 -- C:\WINDOWS\system32\drivers\tcpip.sys [2008/06/20 11:44:42 | 000,360,960 | ---- | M] (Microsoft Corporation) MD5=744E57C99232201AE98C49168B918F48 -- C:\WINDOWS\$hf_mig$\KB951748\SP2QFE\tcpip.sys [2008/04/13 20:20:16 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\$NtUninstallKB951748$\tcpip.sys [2008/04/13 20:20:16 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\ServicePackFiles\i386\tcpip.sys [2008/06/20 12:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\$hf_mig$\KB951748\SP3GDR\tcpip.sys [2008/06/20 12:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\dllcache\tcpip.sys [2004/08/05 13:00:00 | 000,359,040 | ---- | M] (Microsoft Corporation) MD5=9F4B36614A0FC234525BA224957DE55C -- C:\WINDOWS\$NtUninstallKB951748_0$\tcpip.sys [2008/06/20 12:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip.sys < MD5 for: TDPIPE.SYS > [2004/08/05 13:00:00 | 000,012,040 | ---- | M] (Microsoft Corporation) MD5=38D437CF2D98965F239B0ABCD66DCB0F -- C:\WINDOWS\$NtServicePackUninstall$\tdpipe.sys [2008/04/14 03:34:52 | 000,012,040 | ---- | M] (Microsoft Corporation) MD5=6471A66807F5E104E4885F5B67349397 -- C:\WINDOWS\ServicePackFiles\i386\tdpipe.sys [2008/04/14 03:34:52 | 000,012,040 | ---- | M] (Microsoft Corporation) MD5=6471A66807F5E104E4885F5B67349397 -- C:\WINDOWS\system32\drivers\tdpipe.sys < MD5 for: TDTCP.SYS > [2008/04/14 03:34:53 | 000,021,896 | ---- | M] (Microsoft Corporation) MD5=C56B6D0402371CF3700EB322EF3AAF61 -- C:\WINDOWS\ServicePackFiles\i386\tdtcp.sys [2008/04/14 03:34:53 | 000,021,896 | ---- | M] (Microsoft Corporation) MD5=C56B6D0402371CF3700EB322EF3AAF61 -- C:\WINDOWS\system32\drivers\tdtcp.sys [2004/08/05 13:00:00 | 000,021,896 | ---- | M] (Microsoft Corporation) MD5=ED0580AF02502D00AD8C4C066B156BE9 -- C:\WINDOWS\$NtServicePackUninstall$\tdtcp.sys < MD5 for: USBPRINT.SYS > [2009/09/23 00:03:54 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\$NtServicePackUninstall$\sp3.cab:usbprint.sys [2004/08/19 15:20:54 | 018,782,711 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:usbprint.sys [2009/09/23 00:03:54 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:usbprint.sys [2004/08/19 15:20:54 | 018,782,711 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:usbprint.sys [2009/09/23 00:03:54 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:usbprint.sys [2004/08/03 22:01:26 | 000,025,856 | ---- | M] (Microsoft Corporation) MD5=A42369B7CD8886CD7C70F33DA6FCBCF5 -- C:\WINDOWS\$NtServicePackUninstall$\usbprint.sys [2008/04/13 19:47:37 | 000,025,856 | ---- | M] (Microsoft Corporation) MD5=A717C8721046828520C9EDF31288FC00 -- C:\WINDOWS\ServicePackFiles\i386\usbprint.sys [2008/04/13 19:47:37 | 000,025,856 | ---- | M] (Microsoft Corporation) MD5=A717C8721046828520C9EDF31288FC00 -- C:\WINDOWS\system32\drivers\usbprint.sys < MD5 for: USBSCAN.SYS > [2009/09/23 00:03:54 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\$NtServicePackUninstall$\sp3.cab:usbscan.sys [2004/08/19 15:20:54 | 018,782,711 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:usbscan.sys [2009/09/23 00:03:54 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:usbscan.sys [2004/08/19 15:20:54 | 018,782,711 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:usbscan.sys [2009/09/23 00:03:54 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:usbscan.sys [2008/04/13 19:45:34 | 000,015,104 | ---- | M] (Microsoft Corporation) MD5=A0B8CF9DEB1184FBDD20784A58FA75D4 -- C:\WINDOWS\ServicePackFiles\i386\usbscan.sys [2008/04/13 19:45:34 | 000,015,104 | ---- | M] (Microsoft Corporation) MD5=A0B8CF9DEB1184FBDD20784A58FA75D4 -- C:\WINDOWS\system32\drivers\usbscan.sys [2004/08/03 21:58:46 | 000,015,104 | ---- | M] (Microsoft Corporation) MD5=A6BC71402F4F7DD5B77FD7F4A8DDBA85 -- C:\WINDOWS\$NtServicePackUninstall$\usbscan.sys < MD5 for: USERINIT.EXE > [2004/08/19 15:10:04 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=84717891F0734C611721F56C60B5FBC3 -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe [2008/04/14 03:34:26 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=E74DDB12188C2FF57A78624DBF7332FC -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe [2008/04/14 03:34:26 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=E74DDB12188C2FF57A78624DBF7332FC -- C:\WINDOWS\system32\userinit.exe < MD5 for: WINLOGON.EXE > [2004/08/19 15:10:06 | 000,506,368 | ---- | M] (Microsoft Corporation) MD5=123EEA158F74D0F67A51DCDF065D1091 -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe [2008/04/14 03:34:28 | 000,512,000 | ---- | M] (Microsoft Corporation) MD5=DD73D6B9F6B4CB630CF35B438B540174 -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe [2008/04/14 03:34:28 | 000,512,000 | ---- | M] (Microsoft Corporation) MD5=DD73D6B9F6B4CB630CF35B438B540174 -- C:\WINDOWS\system32\winlogon.exe < %systemroot%\*. /mp /s > < %systemroot%\system32\*.dll /lockedfiles > [8 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ] < %systemroot%\Tasks\*.job /lockedfiles > ========== Alternate Data Streams ========== @Alternate Data Stream - 114 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:0F8F5844 < End of report > et beh heureusement que c'est rapport minimal lol je prefere pas voir l'autre ^^
- le 28 janvier 2011
- 16 réponses
rootkit sur mon pc detecté mais pas viré

wormsseur a répondu à un(e) sujet de wormsseur dans Analyses et éradication malwares

oki je fais ca demain et je te dis quoi. merci de ton aide. sur ce bonne nuit et a demain soir ^^
- le 26 janvier 2011
- 16 réponses
rootkit sur mon pc detecté mais pas viré

wormsseur a répondu à un(e) sujet de wormsseur dans Analyses et éradication malwares

alors j'ai du lancer le defogger en effet (bien pratique ce truc ^^) voici le resultat de l'analyse apres restart du pc imposé: File already submitted: The file sent has already been analysed by VirusTotal in the past. This is same basic info regarding the sample itself and its last analysis: MD5: a199171385be17973fd800fa91f8f78a Date first seen: 2010-09-09 21:42:37 (UTC) Date last seen: 2011-01-26 15:45:22 (UTC) Detection ratio: 0/43 j'ai donc demander de reanalyser: 0 VT Community user(s) with a total of 0 reputation credit(s) say(s) this sample is goodware. 0 VT Community user(s) with a total of 0 reputation credit(s) say(s) this sample is malware. File name: sptd.sys Submission date: 2011-01-26 20:08:44 (UTC) Current status: queued queued analysing finished Result: 0/ 43 (0.0%) VT Community not reviewed Safety score: - Compact Print results Antivirus Version Last Update Result AhnLab-V3 2011.01.18.00 2011.01.17 - AntiVir 7.11.2.0 2011.01.26 - Antiy-AVL 2.0.3.7 2011.01.26 - Avast 4.8.1351.0 2011.01.26 - Avast5 5.0.677.0 2011.01.26 - AVG 10.0.0.1190 2011.01.26 - BitDefender 7.2 2011.01.26 - CAT-QuickHeal 11.00 2011.01.25 - ClamAV 0.96.4.0 2011.01.26 - Commtouch 5.2.11.5 2011.01.26 - Comodo 7511 2011.01.26 - DrWeb 5.0.2.03300 2011.01.26 - Emsisoft 5.1.0.1 2011.01.26 - eSafe 7.0.17.0 2011.01.24 - eTrust-Vet 36.1.8121 2011.01.26 - F-Prot 4.6.2.117 2011.01.26 - F-Secure 9.0.16160.0 2011.01.26 - Fortinet 4.2.254.0 2011.01.26 - GData 21 2011.01.26 - Ikarus T3.1.1.97.0 2011.01.26 - Jiangmin 13.0.900 2011.01.26 - K7AntiVirus 9.78.3650 2011.01.26 - Kaspersky 7.0.0.125 2011.01.26 - McAfee 5.400.0.1158 2011.01.26 - McAfee-GW-Edition 2010.1C 2011.01.26 - Microsoft 1.6502 2011.01.26 - NOD32 5822 2011.01.26 - Norman 6.06.12 2011.01.26 - nProtect 2011-01-18.01 2011.01.18 - Panda 10.0.3.5 2011.01.26 - PCTools 7.0.3.5 2011.01.26 - Prevx 3.0 2011.01.26 - Rising 23.42.02.03 2011.01.26 - Sophos 4.61.0 2011.01.26 - SUPERAntiSpyware 4.40.0.1006 2011.01.26 - Symantec 20101.3.0.103 2011.01.26 - TheHacker 6.7.0.1.120 2011.01.26 - TrendMicro 9.120.0.1004 2011.01.26 - TrendMicro-HouseCall 9.120.0.1004 2011.01.26 - VBA32 3.12.14.3 2011.01.26 - VIPRE 8206 2011.01.26 - ViRobot 2011.1.26.4276 2011.01.26 - VirusBuster 13.6.166.0 2011.01.26 - Additional information Show all MD5 : a199171385be17973fd800fa91f8f78a SHA1 : 37034695bbefec4557969ec649dc61e7a4b8de8f SHA256: 815091dc5a3506a3c8414b9d0213a61df8289ba8645289cc9d338820536b42ea ssdeep: 12288:oi329nSFuaezqm4wqOK0cO+sCjRXU46vn:H3292BmLqcCjWVP File size : 436792 bytes First seen: 2010-09-09 21:42:37 Last seen : 2011-01-26 20:08:44 TrID: Win32 Executable Generic (58.4%) Clipper DOS Executable (13.8%) Generic Win/DOS Executable (13.7%) DOS Executable Generic (13.7%) VXD Driver (0.2%) sigcheck: publisher....: Duplex Secure Ltd. copyright....: Copyright © 2004 product......: SCSI Pass Through Direct description..: SCSI Pass Through Direct Host original name: sptd.sys internal name: SPTD.SYS file version.: 1.74.0.0 built by: WinDDK comments.....: n/a signers......: Duplex Secure Ltd VeriSign Class 3 Code Signing 2009-2 CA Class 3 Public Primary Certification Authority signing date.: 7:11 AM 8/24/2010 verified.....: - PEInfo: PE structure information [[ basic data ]] entrypointaddress: 0xF8D38 timedatestamp....: 0x4C736279 (Tue Aug 24 06:11:05 2010) machinetype......: 0x14c (I386) [[ 9 section(s) ]] name, viradd, virsiz, rawdsiz, ntropy, md5 .text, 0x1000, 0x3AAA0, 0x0, 0.00, d41d8cd98f00b204e9800998ecf8427e .data, 0x3C000, 0x2230C, 0x0, 0.00, d41d8cd98f00b204e9800998ecf8427e PAGE, 0x5F000, 0x296C0, 0x0, 0.00, d41d8cd98f00b204e9800998ecf8427e INIT, 0x89000, 0x5500, 0x0, 0.00, d41d8cd98f00b204e9800998ecf8427e .rsrc, 0x8F000, 0x388, 0x400, 2.98, 93f401d59543512bbdd38778bb4e25cb .sptd0, 0x90000, 0x40CE, 0x0, 0.00, d41d8cd98f00b204e9800998ecf8427e .sptd1, 0x95000, 0x136CC, 0x0, 0.00, d41d8cd98f00b204e9800998ecf8427e .sptd2, 0xA9000, 0x6827B, 0x68400, 7.92, ca07a906752dc9f222e1be8212d9e3fc .reloc, 0x112000, 0x108, 0x200, 3.29, b3d40b202d3d48cbcd431bfe285d99b4 [[ 5 import(s) ]] ntoskrnl.exe: RtlFreeUnicodeString, RtlStringFromGUID, RtlQueryRegistryValues, RtlCompareMemory, IoWMIRegistrationControl, IofCallDriver, IofCompleteRequest, ObfDereferenceObject, IoWriteErrorLogEntry, IoAllocateErrorLogEntry, ExInitializePagedLookasideList, ExInitializeNPagedLookasideList, ExDeletePagedLookasideList, ExDeleteNPagedLookasideList, MmUnmapIoSpace, MmMapIoSpace, RtlInitAnsiString, sprintf, RtlAnsiStringToUnicodeString, RtlUnicodeStringToAnsiString, ExDeleteResourceLite, KeInitializeEvent, ExInitializeResourceLite, KeSetEvent, ObReferenceObjectByHandle, ZwOpenDirectoryObject, KeClearEvent, IoCreateDevice, ObfReferenceObject, _allmul, _aulldiv, swprintf, KeQuerySystemTime, KeWaitForSingleObject, KeResetEvent, _wcsnicmp, RtlWriteRegistryValue, PsGetCurrentProcessId, IoGetCurrentProcess, _allshr, _except_handler3, ExAcquireResourceExclusiveLite, ExGetPreviousMode, RtlEqualUnicodeString, ProbeForRead, MmUserProbeAddress, RtlUpcaseUnicodeString, memmove, ExAllocatePoolWithTagPriority, _aullrem, _alldiv, IoDeleteDevice, wcsstr, RtlInitUnicodeString, RtlDeleteRegistryValue, _wcsicmp, _allrem, IoReuseIrp, ExFreeToPagedLookasideList, ExAllocateFromPagedLookasideList, IoBuildDeviceIoControlRequest, IoSetThreadHardErrorMode, ExfInterlockedInsertTailList, IoBuildPartialMdl, IoAllocateMdl, KeDelayExecutionThread, IoDriverObjectType, IoRegisterShutdownNotification, ZwQuerySymbolicLinkObject, ZwOpenSymbolicLinkObject, KeWaitForMultipleObjects, MmHighestUserAddress, IoFileObjectType, IoFreeIrp, IoAllocateIrp, MmIsAddressValid, MmProbeAndLockPages, IoFreeMdl, MmUnlockPages, MmSizeOfMdl, PsGetVersion, ProbeForWrite, KefAcquireSpinLockAtDpcLevel, KefReleaseSpinLockFromDpcLevel, strncpy, IoGetDeviceObjectPointer, IoInitializeIrp, ExfInterlockedRemoveHeadList, ExQueueWorkItem, KeReleaseSemaphore, KeInitializeSemaphore, MmGetPhysicalAddress, IoGetDeviceProperty, MmGetSystemRoutineAddress, ExAllocatePoolWithTag, IoWMIWriteEvent, ExFreePoolWithTag, KeEnterCriticalRegion, ExAcquireResourceSharedLite, ExReleaseResourceLite, KeLeaveCriticalRegion, KeGetCurrentThread, memcpy, MmMapLockedPagesSpecifyCache, IoBuildSynchronousFsdRequest, memset HAL.dll: KeStallExecutionProcessor, KfReleaseSpinLock, KfAcquireSpinLock, KfLowerIrql, KeRaiseIrqlToDpcLevel, READ_PORT_UCHAR, KeGetCurrentIrql, KfRaiseIrql SCSIPORT.SYS: ScsiPortInitialize ntoskrnl.exe: IoAllocateMdl, MmProbeAndLockPages, MmMapLockedPagesSpecifyCache, MmUnlockPages, IoFreeMdl, ExAllocatePool, ExFreePool, NtQuerySystemInformation HAL.dll: HalMakeBeep VT Community 0 This file has never been reviewed by any VT Community member. Be the first one to comment on it! visiblement c'est clean. il suffit de virer daemon tool ou d'ignorer le fichier tout betement alors? Bien que ca ne m'explique pas pk j'ai des pages web qui coince et mes sessions msn qui reste pas loguer a chaque restart. un autre soucis ca peut etre alors. beuh j'attends ta reponse avant d'anticiper de trop (deja raté je crois mdr)
- le 26 janvier 2011
- 16 réponses
rootkit sur mon pc detecté mais pas viré

wormsseur a répondu à un(e) sujet de wormsseur dans Analyses et éradication malwares

oui en effet j'ai daeon tool ! pourquoi? ca viendrait de lui?
- le 26 janvier 2011
- 16 réponses
rootkit sur mon pc detecté mais pas viré

wormsseur a posté un sujet dans Analyses et éradication malwares

Bonsoir Depuis quelques jours avast me trouve un Rootkit à l'adresse suivante: c:/windows/system32/drivers/sptd.sys J'y ai droit a chaque demarrage. j'ai tenté de le mettre en quarantaine, de le suprimer, et il relance le scan hors windows ca revient sans cesse. J'ai tenter une anayse direct sur el fichier en question avec avast et malwarebyte mis a jour bien sur. Et la surprise plus rien...sauf qu'a chaque redemarage ca recommence! certaint page interne devienent depuis inaccessible (un lien?) et ce sur mozilla, explorer et google chrome a la fois! pourtant le site fonctionne a merveille sur d'autre pc. ca me rend dingue j'avoue. Je suis donc coincé, Ccleaner a nettoyer, trier le registre et virer l'espace vide sans plus de résultats. Avez vous besoin d'un rapport hijthjakthis pour mieux voir peut etre? J'avoue etre perdu, la seule option pour le moment sans votre aide est le formatage et ca serait vraiment bete car le reste fonctionne, du moins pour le moment car ma ligne adsl saute souvent et je dois rebooter le pc ( bien que mon modem devienne vieux et je me demande si c'est pas lui mais c'est bizare comme coincidence ^^)) merci d'avance de votre aide
- le 25 janvier 2011
- 16 réponses
Modem routeur wifi...desactivable?

wormsseur a répondu à un(e) sujet de wormsseur dans Conseils matériel - Achats & Ventes

en farfouillant sur votre comparateur de prix je suis tomber sur ca? serait ce indiqué? http://prix.zebulon.fr/routeurs-modems/belkin-f5d8635ed4-modem-routeur-wifi-n-3962268.html
- le 25 janvier 2011
- 1 réponse
Modem routeur wifi...desactivable?

wormsseur a posté un sujet dans Conseils matériel - Achats & Ventes

Bonjour, j'aimerais acheter un modem-routeur faisant wifi. mais peut on sur tous les model desactivé la fonction wifi quand on le désire sans trop de complications? J'ai trouver des modèles (hercule et neatgear) proposant un bouton mais je m'y perd dans les paramètres qui différencie les modeles. Je vais donc surement aller au magasin voir. neanmoins j'aimerais etre sur que tous les mode routeur wifi, offre cet option quitte a passer par une interface du pc bein sur, et ce plus ou moins facilement Pour résumer ^^ peut on mettre en pause la fonction wifi de ces modem routeur je vous remercie d'avance PS: si vous en avez a me recommander je suis ouvert car je ne sais que choisir ni quel marque et bonne ou mauvaise
- le 25 janvier 2011
- 1 réponse
Xbox live et moi SOS

wormsseur a répondu à un(e) sujet de wormsseur dans Internet & Réseaux

ok je vais tester ca au plus vite alors. pour le partage de connextion je pense mais je suis loin d'etre un expert ^^ si tu as des conseils ou des erreurs courantes je suis open! merci de ton aide
- le 31 mars 2010
- 3 réponses
Xbox live et moi SOS

wormsseur a répondu à un(e) sujet de wormsseur dans Internet & Réseaux

et voici un screen qui renforce mon discourt et qui me desespere lol merci à tous!
- le 30 mars 2010
- 3 réponses
Xbox live et moi SOS

wormsseur a posté un sujet dans Internet & Réseaux

Bonjour, Je tente de configurer ma x360 au xbox live. J'ai un simple modem adsl et pas de routeur. j'ai pris un cable qui n'est pas croisé. J'ai fait quelque recherche et me voila avec ceci en parametre reseau: Pc, reseau local en manuel: ip 192.168.0.1 sous reseau 255.255.255.0 passerelle 192.168.0.1 dns preferee 192.168.0.1 dns aux - Xbox en manuel ip 192.168.0.2 sous reseau 255.255.255.0 passerelle 192.168.0.1 dns 192.168.0.1 dns aux 192.168.0.1 Dans le menu du reseau local j'ai aussi activer la fonction partage de la connection internet en cochant les deux cases. Je lance donc la x360, je tente de me connecter au xbox live et voici ce que ca me donne sur la 360. reseau: connecté internet: echec. Ou est mon erreur? J'ai tenté le ping pour le 192.168.0.2 et rien ne passe mais je ping bien sur moi meme au 192.168.0.1 J'ai couper Zone alarm au passage pensant que le soucis venait de la. Pour infos je ne sais pas connecter le cable directement sur le modem, il est plus tout jeune. sinon j'avais deja eu cette idée aussi ^^ Alors je lance un SOS ^^ Vous m'aviez bien appris et aider déjà dans le passé et je resolicite votre aide car je bug cette fois meme si j'ai progressé entre temps.
- le 30 mars 2010
- 3 réponses
Anno 1701 sur reseau HAmachi?

wormsseur a posté un sujet dans Internet & Réseaux

Bonjour, Alors je vous explique. Je joue à Anno 1701 en reseau local avec un ami. Neanmoins il est a pres de100km de chez moi le reste du temps. Nous souhaitons continuer a jouer notre partie en reseau. Des lors on m'a conseillé Hamachi (1.0.3.0) et en francais. Nous l'avons installé, et ca marche tres bien, nous avons un ping et l'acces a nos dossier perso a distance par exemple. Mais lorsque je lance le jeu et que nous tenton de retrouver notre partie, ou meme une nouvelle nous ne trouvons rien du tout! Même en désactivant le parefeu (pour voir si il n'etait pas en cause), en verifiant que le parefeu windows est lui aussi hors service, nous ne trouvons rien. J'ai fait quelques recherche et j'ai vu que ca pouvait etre un soucis de classe C. J'ai tester avec Half life et j'ai vu le message en question "LAN servers are restricted to local client class c" Visiblement le fait que le serveur Hamachi commence par 5xxxxxxxxx pose un soucis. Alors voilà ma question! 1) Peut on résoudre ce soucis pour Anno 1701? 2) Y'a t il un autre logiciel comme Hamachi qui me permettrait de contourner ce soucis? 3) je suis ouvert à toute aide complémentaire! Patch par exemple si ca existe ^^ Merci beaucoup d'avance!
- le 21 juillet 2009
- 1 réponse
Reseau connecte mais sans ping ni echange donc!

wormsseur a répondu à un(e) sujet de wormsseur dans Internet & Réseaux

Bon et bien tout semble continuer de fonctionner comme cela malgres les branchements et changements de Ip du a la mobilité du pc2. Je vous remercie donc tous une derniere fois pour votre aider précieuse, sujet resolu merci!
- le 7 juillet 2009
- 52 réponses
Reseau connecte mais sans ping ni echange donc!

wormsseur a répondu à un(e) sujet de wormsseur dans Internet & Réseaux

Et bien j'ai modifier les données mais il a laisser son post it avec ses IP et DNS chez lui et ne les connait pas par coeur. Je te donnerais tout cela des lundi donc ^^ Le pc2 venant chez moi uniquement le We. Mais comme dis ta petites phrases perso, c'est en essayant que l'on y arrive, la preuve ^^
- le 20 juin 2009
- 52 réponses
Reseau connecte mais sans ping ni echange donc!

wormsseur a répondu à un(e) sujet de wormsseur dans Internet & Réseaux

Et bien je viens de le tester et ca marche encore. le DNS principale c'est mon ip pc1 et le dns aux est en fait le DNS princiapal de ma clé 3g si j'ai tout bein suivis c'est bien ca? En tout cas tout marche désormais.
- le 20 juin 2009
- 52 réponses
Reseau connecte mais sans ping ni echange donc!

wormsseur a répondu à un(e) sujet de wormsseur dans Internet & Réseaux

Oui j'ai fait la mise a jour mais ca ne marchait toujours pas les ping MAIS une fois que j'ai mis les DNS et DNS aux(sur pc2), j'ai eu l'acces internet de debloquer. ET une fois internet debloquer, les ping sont arrivé a leur tour(des deux cotes)! On dirait que ca a deboucher le tuyau lol Comme je te le disais j'ignore la logique qui m'a donné ce resultat mais c'est uniquement comme ca que j'ai recuperer les ping. Pour reprendre la phrase de Tiobiloute: "Sauf que ces DNS sont attribuées par ton FAI et qu'elles peuvent changer et dans ce cas ta config ne fonctionnera plus."
- le 19 juin 2009
- 52 réponses
Reseau connecte mais sans ping ni echange donc!

wormsseur a répondu à un(e) sujet de wormsseur dans Internet & Réseaux

Bonsoir! Alors une bonne nouvelle. En mettant la config ci dessous j'ai retrouver le net sur le pc 2 et...une fois le net activé les pings sont revenus tout seul! Je n'en connais pas la raison je l'avoue volontiers mais tout marche que ce soit le net ou les jeux par exemple! Je serais donc heureux si mon ami de PCA qui m'a aider au debut me disait que c'etait instable :s pc1: ip: 192.168.0.1 mask 255.255.255.0 PC2 ip 192,168,0,2 mask 255,255,255,0 pass 192,168,0,1 dns 212,73,32,3 dns aux: 213,73,32,67 (La config du pc2 étant exactement ce qui m'avait donner accès au portable sur le net.) Je m'en remet donc à ton avis sur le domaine!
- le 19 juin 2009
- 52 réponses
Reseau connecte mais sans ping ni echange donc!

wormsseur a répondu à un(e) sujet de wormsseur dans Internet & Réseaux

ALors apres dial sur msn voila ce que j'ai pour la carte du pc2: Carte Fast ethernet Compatible VIA connection a 100mbps/s Par contre j'ai vu que son pilote est de 2001 je l'envoie donc faire la mise a jour! enfin je supose? ^^ voila mise a jour en 2008,
- le 18 juin 2009
- 52 réponses
Reseau connecte mais sans ping ni echange donc!

wormsseur a répondu à un(e) sujet de wormsseur dans Internet & Réseaux

Tiens la mise a jour me conseille de revenir a une anthérieur...je passe donc de 2008 à 2006. en meme temps ca me faisait des soucis. bouh! Me revoici donc sous la mise a jour de 2006. ce qui est un progres puisque la precedente était de 2004 ^^ ---------------------------------------------------------------------------------------------------------------------------- INFOS je deviens moins mauvais lol Le portable fonctionne en reseau et sur le net pc portable: ip 192,168,0,2 mask 255,255,255,0 pass 192,168,0,1 dns 212,73,32,3 dns aux: 213,73,32,67 les dns je les ai trouvant en ouvrant l'ip de ma cle 3g ^^ bon reste a y arriver avec ce ***de pc 2 parce que c'est lui qui me gave lol. verdict demain! AH oui et le tout tourne avec ZA des deux cotes sans soucis. on y arrive avec le pc2 ^^
- le 18 juin 2009
- 52 réponses
Reseau connecte mais sans ping ni echange donc!

wormsseur a répondu à un(e) sujet de wormsseur dans Internet & Réseaux

Je dois malheureusement attendre demain soir pour savoir te répondre :s Vu que je ne recupere le PC2 que demain au soir!
- le 18 juin 2009
- 52 réponses
Reseau connecte mais sans ping ni echange donc!

wormsseur a répondu à un(e) sujet de wormsseur dans Internet & Réseaux

Mise a jour trouvée j'ai contourner le bug de recherche automatique avec explorer plutot que firefox^^ Il s'agit en fait d'une Nvidia Nforce 4 series. Téléchargement des 50mo de la mise a jour. Pour repondre a ta seconde question je vois ca ou avec les Mbps? (dsl je suis encore debutant mais je m'ameliore grace a vous^^) Bon apres recherche j'ai ca pour le portable: - Broadcom Netlink fast ethernet vitesse 100mbps/s mac adresse: ***** et connecté: oui c'est cela que tu voulais?
- le 18 juin 2009
- 52 réponses
Reseau connecte mais sans ping ni echange donc!

wormsseur a répondu à un(e) sujet de wormsseur dans Internet & Réseaux

Concernant le mise a jour je ne vois pas la version de ma Nforce :s http://www.nvidia.fr/Download/index.aspx?lang=fr je vous met le screen pour de l'infos si possible( j'utilise Everest qui detail bien pourtant car rien dans le gestionnaire): http://sd-1.archive-host.com/membres/up/94...stitre-1_35.jpg
- le 18 juin 2009
- 52 réponses
Reseau connecte mais sans ping ni echange donc!

wormsseur a répondu à un(e) sujet de wormsseur dans Internet & Réseaux

Je vais de ce pas sur le site de Nvidia voir ca alors! Sinon j'ai en effet tester mon pc avec un portable et la...Tadam j'ai un ping! Il semblerait que le soucis vienne du pc 2 donc? Sinon les deux cartes se ping sur elle donc le matos devrait allé non? Pour ce qui est de live-cd-linux jamais tester lol Je vais donc de ce pas chercher le dernier driver de ma carte. je te tiens au courant lorsque c'est fait. Neanmoins je ne recupere le pc2 problematique que demain en soirée.
- le 18 juin 2009
- 52 réponses
Reseau connecte mais sans ping ni echange donc!

wormsseur a répondu à un(e) sujet de wormsseur dans Internet & Réseaux

Pour la cable je sais j'ai verifier et j'en ai racheter un second dans le doute d'un defaut. rien a faire Certain tout est fermé.
- le 18 juin 2009
- 52 réponses
Reseau connecte mais sans ping ni echange donc!

wormsseur a répondu à un(e) sujet de wormsseur dans Internet & Réseaux

j'ai tenter la mise a jour mais visiblement elle l'est deja puisque ca n'a pas trouver de mise a jour.
- le 16 juin 2009
- 52 réponses

Connexion

wormsseur

Compteur de contenus

Inscription

Dernière visite

Type de contenu

Profils

Forums

Blogs

Tout ce qui a été posté par wormsseur

rootkit sur mon pc detecté mais pas viré

rootkit sur mon pc detecté mais pas viré

rootkit sur mon pc detecté mais pas viré

rootkit sur mon pc detecté mais pas viré

rootkit sur mon pc detecté mais pas viré

rootkit sur mon pc detecté mais pas viré

Modem routeur wifi...desactivable?

Modem routeur wifi...desactivable?

Xbox live et moi SOS

Xbox live et moi SOS

Xbox live et moi SOS

Anno 1701 sur reseau HAmachi?

Reseau connecte mais sans ping ni echange donc!

Reseau connecte mais sans ping ni echange donc!

Reseau connecte mais sans ping ni echange donc!

Reseau connecte mais sans ping ni echange donc!

Reseau connecte mais sans ping ni echange donc!

Reseau connecte mais sans ping ni echange donc!

Reseau connecte mais sans ping ni echange donc!

Reseau connecte mais sans ping ni echange donc!

Reseau connecte mais sans ping ni echange donc!

Reseau connecte mais sans ping ni echange donc!

Reseau connecte mais sans ping ni echange donc!

Reseau connecte mais sans ping ni echange donc!

Reseau connecte mais sans ping ni echange donc!

Zebulon

Outils en ligne

Naviguer