Aller au contenu

  • Pas encore inscrit ?

    Pourquoi ne pas vous inscrire ? C'est simple, rapide et gratuit.
    Pour en savoir plus, lisez Les avantages de l'inscription... et la Charte de Zébulon.
    De plus, les messages que vous postez en tant qu'invité restent invisibles tant qu'un modérateur ne les a pas validés. Inscrivez-vous, ce sera un gain de temps pour tout le monde, vous, les helpeurs et les modérateurs ! :wink:

Interprétation suite à Virus Trojan

plongeelixir
 Partager

Messages recommandés

plongeelixir Junior Member

plongeelixir

Posté(e)
Posté(e)

Bonjour à tou-te-s,

 

Suite à un virus Trojan (que Kaspersky a détecté) mon ordinateur a commencé à devenir très lent depuis une semaine et depuis deux jours le fond d'écran n'apparaît plus. Je ne sais pas d'où vient le virus et Spybot, Maleware et Kaspersky ne le détecte plus. Pourtant les symptômes sont toujours là. J'en appelle donc à vos génies :P

 

J'ai effectué la procédure initiale indiquée et voici mes rapports:

 

- le rapport de Malewarebyte:

 

Malwarebytes' Anti-Malware 1.45

www.malwarebytes.org

 

Version de la base de données: 3991

 

Windows 5.1.2600 Service Pack 3

Internet Explorer 8.0.6001.18702

 

15/04/2010 19:58:57

mbam-log-2010-04-15 (19-58-57).txt

 

Type d'examen: Examen rapide

Elément(s) analysé(s): 110881

Temps écoulé: 4 minute(s), 26 seconde(s)

 

Processus mémoire infecté(s): 0

Module(s) mémoire infecté(s): 0

Clé(s) du Registre infectée(s): 0

Valeur(s) du Registre infectée(s): 0

Elément(s) de données du Registre infecté(s): 0

Dossier(s) infecté(s): 0

Fichier(s) infecté(s): 0

 

Processus mémoire infecté(s):

(Aucun élément nuisible détecté)

 

Module(s) mémoire infecté(s):

(Aucun élément nuisible détecté)

 

Clé(s) du Registre infectée(s):

(Aucun élément nuisible détecté)

 

Valeur(s) du Registre infectée(s):

(Aucun élément nuisible détecté)

 

Elément(s) de données du Registre infecté(s):

(Aucun élément nuisible détecté)

 

Dossier(s) infecté(s):

(Aucun élément nuisible détecté)

 

Fichier(s) infecté(s):

(Aucun élément nuisible détecté)

 

 

 

- les rapports ODT:

 

OTL Extras logfile created on: 15/04/2010 20:01:40 - Run 1

OTL by OldTimer - Version 3.2.1.1 Folder = C:\Documents and Settings\Do\Bureau

Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 8.0.6001.18702)

Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

 

2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 69,00% Memory free

4,00 Gb Paging File | 3,00 Gb Available in Paging File | 90,00% Paging File free

Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files

Drive C: | 73,24 Gb Total Space | 10,58 Gb Free Space | 14,45% Space Free | Partition Type: NTFS

Drive D: | 75,80 Gb Total Space | 28,98 Gb Free Space | 38,23% Space Free | Partition Type: NTFS

E: Drive not present or media not loaded

F: Drive not present or media not loaded

G: Drive not present or media not loaded

H: Drive not present or media not loaded

I: Drive not present or media not loaded

Drive L: | 74,53 Gb Total Space | 23,30 Gb Free Space | 31,26% Space Free | Partition Type: NTFS

 

Computer Name: USER-7546D903F4

Current User Name: Do

Logged in as Administrator.

 

Current Boot Mode: Normal

Scan Mode: All users

Company Name Whitelist: Off

Skip Microsoft Files: Off

File Age = 30 Days

Output = Standard

 

========== Extra Registry (SafeList) ==========

 

 

========== File Associations ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.js [@ = Reg Error: Value error.] -- Reg Error: Key error. File not found

 

[HKEY_USERS\S-1-5-21-2194610944-3195102602-2929692973-1005\SOFTWARE\Classes\<extension>]

.html [@ = htmlfile] -- Reg Error: Key error. File not found

 

========== Shell Spawning ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

exefile [open] -- "%1" %*

htmlfile [edit] -- "C:\Program Files\Adobe\Adobe GoLive CS2\GoLive.exe" "%1" File not found

jsfile [edit] -- Reg Error: Key error.

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)

Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

 

========== Security Center Settings ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"FirstRunDisabled" = 1

"AntiVirusDisableNotify" = 0

"FirewallDisableNotify" = 0

"UpdatesDisableNotify" = 0

"AntiVirusOverride" = 0

"FirewallOverride" = 0

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

"DisableMonitoring" = 1

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

"DisableMonitoring" = 1

"" =

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

"DisableMonitoring" = 1

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

"DisableMonitoring" = 1

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

"EnableFirewall" = 1

"DisableNotifications" = 0

"DoNotAllowExceptions" = 0

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

"48113:TCP" = 48113:TCP:LocalSubNet:Enabled:maconfig_tcp

"48113:UDP" = 48113:UDP:LocalSubNet:Enabled:maconfig_udp

 

========== Authorized Applications List ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

"C:\Program Files\Windows Live\Messenger\wlcsdk.exe" = C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation)

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

"C:\Program Files\LimeWire\LimeWire.exe" = C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire -- File not found

"C:\Program Files\iView MediaPro3\IVIEW_MP.exe" = C:\Program Files\iView MediaPro3\IVIEW_MP.exe:*:Enabled:iView Multimedia -- File not found

"C:\Program Files\Pinnacle\VideoSpin\Programs\RM.exe" = C:\Program Files\Pinnacle\VideoSpin\Programs\RM.exe:*:Enabled:Render Manager -- File not found

"C:\Program Files\Pinnacle\VideoSpin\Programs\PMSRegisterFile.exe" = C:\Program Files\Pinnacle\VideoSpin\Programs\PMSRegisterFile.exe:*:Enabled:PMSRegisterFile -- File not found

"C:\Program Files\Pinnacle\VideoSpin\Programs\umi.exe" = C:\Program Files\Pinnacle\VideoSpin\Programs\umi.exe:*:Enabled:umi -- File not found

"C:\Program Files\Pinnacle\VideoSpin\Programs\VideoSpin.exe" = C:\Program Files\Pinnacle\VideoSpin\Programs\VideoSpin.exe:*:Enabled:Pinnacle VideoSpin -- File not found

"C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe" = C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe:*:Enabled:Veoh Web Player -- File not found

"C:\Program Files\Windows Live\Messenger\wlcsdk.exe" = C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation)

"C:\Program Files\ma-config.com\maconfservice.exe" = C:\Program Files\ma-config.com\maconfservice.exe:LocalSubNet:Enabled:maconfservice -- File not found

"C:\Program Files\BitTorrent\bittorrent.exe" = C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent -- File not found

"C:\Program Files\Adobe\Adobe Version Cue CS2\bin\VersionCueCS2.exe" = C:\Program Files\Adobe\Adobe Version Cue CS2\bin\VersionCueCS2.exe:*:Enabled:Adobe Version Cue CS2 -- (Adobe Systems Incorporated)

"K:\LimeWire.exe" = K:\LimeWire.exe:*:Disabled:LimeWire -- File not found

 

 

========== HKEY_LOCAL_MACHINE Uninstall List ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{0134A1A1-C283-4A47-91A1-92F19F960372}" = Adobe Creative Suite 2

"{0FA44E79-CD7D-4E8D-A2EE-26FE05F509B6}" = OpenOffice.org 3.1

"{20749F76-4228-43AD-8AB5-E7B20D8040C4}" = hph_readme

"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT

"{236BB7C4-4419-42FD-040C-1E257A25E34D}" = Adobe Photoshop CS2

"{26A24AE4-039D-4CA4-87B4-2F83216011FF}" = Java 6 Update 19

"{3248F0A8-6813-11D6-A77B-00B0D0160010}" = Java SE Runtime Environment 6 Update 1

"{3248F0A8-6813-11D6-A77B-00B0D0160050}" = Java 6 Update 5

"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java 6 Update 7

"{350C940c-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP

"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform

"{3FA365DF-2D68-45ED-8F83-8C8A33E65143}" = Apple Application Support

"{42EDF895-158C-484E-A7F2-42B90759F281}" = Camera RAW Plug-In for EPSON Creativity Suite

"{4634B21A-CC07-4396-890C-2B8168661FEA}" = Windows Live Writer

"{46548E80-040C-0000-7E8A-45000F855001}" = Adobe GoLive CS2

"{46ABBC54-1872-4AA3-95E2-F2C063A63F31}" = Installation Windows Live

"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater

"{4CBA3D4C-8F51-4D60-B27E-F6B641C571E7}" = Microsoft Search Enhancement Pack

"{521AAD14-5030-44BB-8B0E-5CE65FCE57E0}" = InterVideo DeviceService

"{5DD76286-9BE7-4894-A990-E905E91AC818}" = Windows Live Mail

"{66910000-8B30-4973-A159-6371345AFFA5}" = WebReg

"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update

"{6DE13770-01B7-4366-8DA6-48237793F445}" = VoiceOver Kit

"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable

"{767CC44C-9BBC-438D-BAD3-FD4595DD148B}" = VC80CRTRedist - 8.0.50727.762

"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

"{770F1BEC-2871-4E70-B837-FB8525FFA3B1}" = Windows Live Messenger

"{786C5747-0C40-4930-9AFE-113BCE553101}" = Adobe Stock Photos 1.0

"{7F4C8163-F259-49A0-A018-2857A90578BC}" = Adobe InDesign CS2

"{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}" = Windows Live Call

"{868F24EB-5CA7-4285-B39B-3617CF37462A}" = D2300_Help

"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)

"{8EDBA74D-0686-4C99-BFDD-F894678E5101}" = Adobe Common File Installer

"{943B6738-4801-4982-90EC-0442EF7AEB16}" = Kaspersky Anti-Virus 2010

"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting

"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI

"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2

"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper

"{AC76BA86-1033-F400-7760-000000000002}" = Adobe Acrobat 7.0 Professionel

"{AC76BA86-7AD7-1036-7B44-A81300000003}" = Adobe Reader 8.1.3 - Français

"{ACCA20B0-C4D1-4BF5-BF21-0A0EB5EF9730}" = REALTEK GbE & FE Ethernet PCI NIC Driver

"{ADBE46EE-54E0-4610-B436-D7E93D829100}" = Adobe Version Cue CS2

"{B131E59D-202C-43C6-84C9-68F0C37541F1}" = Galerie de photos Windows Live

"{B19F9155-9337-4807-B5EF-ED471DDB2CCE}" = hph_software_req

"{B2F5D08C-7E79-4FCD-AAF4-57AD35FF0601}" = Adobe Illustrator CS2

"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)

"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2

"{C49DAA9C-5BA8-459A-8244-E57B69DF0F04}" = Suite Specific

"{CB84F0F2-927B-458D-9DC5-87832E3DC653}" = GearDrvs

"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1

"{D3116CC7-24DC-4CA3-9CE1-23FED836E9F2}" = Assistant de connexion Windows Live

"{D5D81435-B8DE-4CAF-867F-7998F2B92CFC}" = Windows Live Contrôle parental

"{DABF43D9-1104-4764-927B-5BED1274A3B0}" = Runtime

"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update

"{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}" = IDT Audio

"{E9787678-119F-4D52-B551-6739B2B22101}" = Adobe Help Center 1.0

"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]

"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard

"{F7D27C70-90F5-49B9-B188-0A133C0CE353}" = Windows Live Toolbar

"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin

"Adobe SVG Viewer" = Adobe SVG Viewer 3.0

"CCleaner" = CCleaner

"EPSON Scanner" = EPSON Scan

"EPSON Stylus SX200 Series" = EPSON Stylus SX200 Series Printer Uninstall

"ERUNT_is1" = ERUNT 1.1j

"FileZilla Client" = FileZilla Client 3.3.2.1

"Google Chrome" = Google Chrome

"HDMI" = Intel® Graphics Media Accelerator Driver

"HijackThis" = HijackThis 2.0.2

"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs

"ie7" = Windows Internet Explorer 7

"ie8" = Windows Internet Explorer 8

"InstallWIX_{943B6738-4801-4982-90EC-0442EF7AEB16}" = Kaspersky Anti-Virus 2010

"KLiteCodecPack_is1" = K-Lite Codec Pack 5.0.5 (Full)

"LiveUpdate" = LiveUpdate 3.2 (Symantec Corporation)

"LMS" = C-Dilla Licence Management System

"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware

"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1

"Mozilla Firefox (3.6.3)" = Mozilla Firefox (3.6.3)

"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP

"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs

"Notepad++" = Notepad++

"Windows Media Format Runtime" = Windows Media Format 11 runtime

"Windows Media Player" = Lecteur Windows Media 11

"Windows XP Service" = Windows XP Service Pack 3

"WinLiveSuite_Wave3" = Installation Windows Live

"WinRAR archiver" = Archiveur WinRAR

"WMFDist11" = Windows Media Format 11 runtime

"wmp11" = Windows Media Player 11

"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0

 

========== Last 10 Event Log Errors ==========

 

[ Application Events ]

Error - 31/03/2010 11:29:35 | Computer Name = USER-7546D903F4 | Source = WindowsLiveMessenger | ID = 15728647

Description =

 

Error - 31/03/2010 11:29:35 | Computer Name = USER-7546D903F4 | Source = WindowsLiveMessenger | ID = 15728647

Description =

 

Error - 04/04/2010 18:02:09 | Computer Name = USER-7546D903F4 | Source = Application Hang | ID = 1002

Description = Application bloquée rundll32.exe, version 5.1.2600.5512, module bloqué

hungapp, version 0.0.0.0, adresse de blocage 0x00000000.

 

Error - 13/04/2010 15:55:15 | Computer Name = USER-7546D903F4 | Source = Application Hang | ID = 1002

Description = Application bloquée setup.exe, version 1.4.0.1, module bloqué hungapp,

version 0.0.0.0, adresse de blocage 0x00000000.

 

Error - 13/04/2010 16:20:36 | Computer Name = USER-7546D903F4 | Source = MsiInstaller | ID = 11905

Description = Product: Ask Toolbar -- Error 1905.Module C:\Program Files\Ask.com\GenericAskToolbar.dll

failed to unregister. HRESULT -2147220472. Contact your support personnel.

 

Error - 13/04/2010 17:17:27 | Computer Name = USER-7546D903F4 | Source = MsiInstaller | ID = 11406

Description = Product: Microsoft Silverlight -- Error 1406. Could not write value

UpdateConsentMode to key \SOFTWARE\Microsoft\Silverlight. System error . Verify

that you have sufficient access to that key, or contact your support personnel.

 

Error - 13/04/2010 17:17:34 | Computer Name = USER-7546D903F4 | Source = MsiInstaller | ID = 11406

Description = Product: Microsoft Silverlight -- Error 1406. Could not write value

UpdateConsentMode to key \SOFTWARE\Microsoft\Silverlight. System error . Verify

that you have sufficient access to that key, or contact your support personnel.

 

Error - 13/04/2010 17:17:35 | Computer Name = USER-7546D903F4 | Source = MsiInstaller | ID = 11406

Description = Product: Microsoft Silverlight -- Error 1406. Could not write value

UpdateConsentMode to key \SOFTWARE\Microsoft\Silverlight. System error . Verify

that you have sufficient access to that key, or contact your support personnel.

 

Error - 13/04/2010 17:17:35 | Computer Name = USER-7546D903F4 | Source = MsiInstaller | ID = 11406

Description = Product: Microsoft Silverlight -- Error 1406. Could not write value

UpdateConsentMode to key \SOFTWARE\Microsoft\Silverlight. System error . Verify

that you have sufficient access to that key, or contact your support personnel.

 

Error - 13/04/2010 17:17:36 | Computer Name = USER-7546D903F4 | Source = MsiInstaller | ID = 11406

Description = Product: Microsoft Silverlight -- Error 1406. Could not write value

UpdateConsentMode to key \SOFTWARE\Microsoft\Silverlight. System error . Verify

that you have sufficient access to that key, or contact your support personnel.

 

[ System Events ]

Error - 14/04/2010 17:30:16 | Computer Name = USER-7546D903F4 | Source = Service Control Manager | ID = 7000

Description = Le service Google Update Service (gupdate) n'a pas pu démarrer en

raison de l'erreur : %%3

 

Error - 14/04/2010 17:35:53 | Computer Name = USER-7546D903F4 | Source = Service Control Manager | ID = 7000

Description = Le service Google Update Service (gupdate) n'a pas pu démarrer en

raison de l'erreur : %%3

 

Error - 14/04/2010 17:47:18 | Computer Name = USER-7546D903F4 | Source = Windows Update Agent | ID = 20

Description = Échec de l'installation : l'installation de la mise à jour suivante

a échoué avec l'erreur 0x8007f0f4 : Mise à jour de sécurité pour Jscript 5.8 pour

Windows XP (KB971961).

 

Error - 14/04/2010 17:47:20 | Computer Name = USER-7546D903F4 | Source = Windows Update Agent | ID = 20

Description = Échec de l'installation : l'installation de la mise à jour suivante

a échoué avec l'erreur 0x8007f0f4 : Mise à jour de sécurité pour Windows XP (KB981332).

 

Error - 14/04/2010 17:47:21 | Computer Name = USER-7546D903F4 | Source = Windows Update Agent | ID = 20

Description = Échec de l'installation : l'installation de la mise à jour suivante

a échoué avec l'erreur 0x8007f0f4 : Mise à jour pour Windows XP (KB976662).

 

Error - 15/04/2010 05:15:16 | Computer Name = USER-7546D903F4 | Source = Service Control Manager | ID = 7000

Description = Le service Google Update Service (gupdate) n'a pas pu démarrer en

raison de l'erreur : %%3

 

Error - 15/04/2010 05:24:21 | Computer Name = USER-7546D903F4 | Source = Service Control Manager | ID = 7000

Description = Le service Google Update Service (gupdate) n'a pas pu démarrer en

raison de l'erreur : %%3

 

Error - 15/04/2010 08:13:34 | Computer Name = USER-7546D903F4 | Source = Service Control Manager | ID = 7000

Description = Le service Google Update Service (gupdate) n'a pas pu démarrer en

raison de l'erreur : %%3

 

Error - 15/04/2010 12:21:48 | Computer Name = USER-7546D903F4 | Source = Service Control Manager | ID = 7000

Description = Le service Google Update Service (gupdate) n'a pas pu démarrer en

raison de l'erreur : %%3

 

Error - 15/04/2010 13:27:59 | Computer Name = USER-7546D903F4 | Source = Service Control Manager | ID = 7000

Description = Le service Google Update Service (gupdate) n'a pas pu démarrer en

raison de l'erreur : %%3

 

 

< End of report >

 

 

 

OTL logfile created on: 15/04/2010 20:01:40 - Run 1

OTL by OldTimer - Version 3.2.1.1 Folder = C:\Documents and Settings\Do\Bureau

Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 8.0.6001.18702)

Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

 

2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 69,00% Memory free

4,00 Gb Paging File | 3,00 Gb Available in Paging File | 90,00% Paging File free

Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files

Drive C: | 73,24 Gb Total Space | 10,58 Gb Free Space | 14,45% Space Free | Partition Type: NTFS

Drive D: | 75,80 Gb Total Space | 28,98 Gb Free Space | 38,23% Space Free | Partition Type: NTFS

E: Drive not present or media not loaded

F: Drive not present or media not loaded

G: Drive not present or media not loaded

H: Drive not present or media not loaded

I: Drive not present or media not loaded

Drive L: | 74,53 Gb Total Space | 23,30 Gb Free Space | 31,26% Space Free | Partition Type: NTFS

 

Computer Name: USER-7546D903F4

Current User Name: Do

Logged in as Administrator.

 

Current Boot Mode: Normal

Scan Mode: All users

Company Name Whitelist: Off

Skip Microsoft Files: Off

File Age = 30 Days

Output = Standard

 

========== Processes (SafeList) ==========

 

PRC - [2010/04/15 19:36:25 | 000,059,964 | ---- | M] (Macrovision Europe Ltd.) -- C:\Documents and Settings\Do\Local Settings\Temp\Adobelm_Cleanup.0001

PRC - [2010/04/15 19:35:21 | 000,561,664 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Do\Bureau\OTL.exe

PRC - [2010/04/13 23:21:27 | 000,072,704 | ---- | M] (Adobe Systems) -- C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe

PRC - [2010/04/04 23:42:39 | 000,910,296 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe

PRC - [2009/10/20 20:39:28 | 000,340,456 | ---- | M] (Kaspersky Lab) -- C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe

PRC - [2009/10/20 20:34:38 | 000,207,376 | ---- | M] (Kaspersky Lab) -- C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\klwtblfs.exe

PRC - [2009/05/19 11:36:18 | 000,240,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe

PRC - [2008/04/14 04:34:03 | 001,037,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe

PRC - [2008/03/25 11:29:42 | 000,221,239 | ---- | M] (IDT, Inc.) -- c:\Program Files\IDT\ECSXPV_5902_012208\WDM\stacsv.exe

PRC - [2008/03/25 11:26:58 | 000,442,433 | ---- | M] (IDT, Inc.) -- C:\Program Files\IDT\WDM\sttray.exe

PRC - [2007/08/09 09:27:52 | 000,073,728 | ---- | M] (HP) -- C:\WINDOWS\system32\HPZipm12.exe

PRC - [2007/03/06 11:35:02 | 000,198,168 | ---- | M] (InterVideo Inc.) -- C:\Program Files\Fichiers communs\InterVideo\DeviceService\DevSvc.exe

PRC - [2006/05/16 23:12:59 | 000,075,376 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\Acrobat.exe

PRC - [2005/04/06 16:53:04 | 000,856,064 | ---- | M] (Adobe Sytems Incorporated) -- C:\Program Files\Adobe\Adobe Version Cue CS2\ControlPanel\VersionCueCS2Tray.exe

 

 

========== Modules (SafeList) ==========

 

MOD - [2010/04/15 19:35:21 | 000,561,664 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Do\Bureau\OTL.exe

 

 

========== Win32 Services (SafeList) ==========

 

SRV - File not found [Auto | Stopped] -- -- (gupdate) Google Update Service (gupdate)

SRV - File not found [Disabled | Stopped] -- -- (FirebirdServerMAGIXInstance)

SRV - [2010/04/13 23:21:27 | 000,072,704 | ---- | M] (Adobe Systems) [On_Demand | Running] -- C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe -- (Adobe LM Service)

SRV - [2009/10/20 20:39:28 | 000,340,456 | ---- | M] (Kaspersky Lab) [Auto | Running] -- C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe -- (AVP)

SRV - [2009/08/05 22:48:42 | 000,704,864 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Live\Family Safety\fsssvc.exe -- (fsssvc)

SRV - [2009/05/19 11:36:18 | 000,240,512 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe -- (SeaPort)

SRV - [2008/03/25 11:29:42 | 000,221,239 | ---- | M] (IDT, Inc.) [Auto | Running] -- c:\Program Files\IDT\ECSXPV_5902_012208\WDM\stacsv.exe -- (STacSV)

SRV - [2007/08/09 09:27:52 | 000,073,728 | ---- | M] (HP) [Auto | Running] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12)

SRV - [2007/03/06 11:35:02 | 000,198,168 | ---- | M] (InterVideo Inc.) [Auto | Running] -- C:\Program Files\Fichiers communs\InterVideo\DeviceService\DevSvc.exe -- (Capture Device Service)

SRV - [2005/11/14 01:06:04 | 000,069,632 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe -- (IDriverT)

SRV - [2005/04/06 16:53:02 | 000,163,840 | ---- | M] (Adobe Systems Incorporated) [Disabled | Stopped] -- C:\Program Files\Adobe\Adobe Version Cue CS2\bin\VersionCueCS2.exe -- (Adobe Version Cue CS2)

SRV - [2001/09/10 20:08:50 | 000,032,256 | ---- | M] (C-Dilla Ltd) [On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\CDANTSRV.EXE -- (C-DillaSrv)

 

 

========== Driver Services (SafeList) ==========

 

DRV - [2010/04/14 11:25:42 | 000,315,408 | ---- | M] (Kaspersky Lab) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\klif.sys -- (KLIF)

DRV - [2009/10/14 21:18:34 | 000,036,880 | ---- | M] (Kaspersky Lab) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\klbg.sys -- (klbg)

DRV - [2009/10/02 19:39:44 | 000,019,472 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\klmouflt.sys -- (klmouflt)

DRV - [2009/09/14 14:42:46 | 000,032,272 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\klim5.sys -- (klim5)

DRV - [2009/09/01 15:29:50 | 000,128,016 | ---- | M] (Kaspersky Lab) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\kl1.sys -- (kl1)

DRV - [2009/08/05 22:48:42 | 000,054,752 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\fssfltr_tdi.sys -- (fssfltr)

DRV - [2009/01/21 16:49:40 | 000,118,656 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtnicxp.sys -- (RTL8023xp)

DRV - [2008/11/04 19:37:11 | 000,008,864 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\CDAC15BA.SYS -- (CdaC15BA)

DRV - [2008/05/06 08:01:50 | 000,016,512 | ---- | M] (Adaptec) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\ASPI32.SYS -- (Aspi32)

DRV - [2008/04/13 20:45:12 | 000,060,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\USBAUDIO.sys -- (usbaudio) Pilote USB audio (WDM)

DRV - [2008/04/13 18:36:05 | 000,144,384 | ---- | M] (Windows ® Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)

DRV - [2008/03/25 11:32:12 | 001,292,888 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA)

DRV - [2008/02/15 14:12:06 | 005,854,752 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\igxpmp32.sys -- (ialm)

DRV - [2006/09/05 20:00:54 | 000,086,432 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\se58obex.sys -- (se58obex)

DRV - [2006/09/05 20:00:06 | 000,088,624 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\se58mgmt.sys -- (se58mgmt) Sony Ericsson Device 088 USB WMC Device Management Drivers (WDM)

DRV - [2006/09/05 19:59:18 | 000,097,088 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\se58mdm.sys -- (se58mdm)

DRV - [2006/09/05 19:59:14 | 000,009,360 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\se58mdfl.sys -- (se58mdfl)

DRV - [2006/09/05 19:58:26 | 000,061,536 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\se58bus.sys -- (se58bus) Sony Ericsson Device 088 driver (WDM)

DRV - [2006/09/05 19:57:54 | 000,018,704 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\se58nd5.sys -- (se58nd5) Sony Ericsson Device 088 USB Ethernet Emulation SEMC58 (NDIS)

DRV - [2006/09/05 19:57:48 | 000,090,800 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\se58unic.sys -- (se58unic) Sony Ericsson Device 088 USB Ethernet Emulation SEMC58 (WDM)

DRV - [2004/08/04 00:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139) Pilote NT de carte Realtek PCI Fast Ethernet à base RTL8139(A/B/C)

DRV - [2003/09/20 09:45:48 | 000,021,248 | ---- | M] (Padus, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pfc.sys -- (pfc)

DRV - [2001/09/10 20:09:46 | 000,057,392 | ---- | M] (Macrovision) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\CDANT.SYS -- (C-Dilla)

 

 

========== Standard Registry (SafeList) ==========

 

 

========== Internet Explorer ==========

 

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie

 

 

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

 

 

IE - HKU\S-1-5-21-2194610944-3195102602-2929692973-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie

IE - HKU\S-1-5-21-2194610944-3195102602-2929692973-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com

IE - HKU\S-1-5-21-2194610944-3195102602-2929692973-1005\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1

IE - HKU\S-1-5-21-2194610944-3195102602-2929692973-1005\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google

IE - HKU\S-1-5-21-2194610944-3195102602-2929692973-1005\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerm...tf8&oe=utf8

IE - HKU\S-1-5-21-2194610944-3195102602-2929692973-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource=10&ctid=CT2095689

IE - HKU\S-1-5-21-2194610944-3195102602-2929692973-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://fr.msn.com/?ocid=iehp

IE - HKU\S-1-5-21-2194610944-3195102602-2929692973-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = fr

IE - HKU\S-1-5-21-2194610944-3195102602-2929692973-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 92 57 AB 0E 4A AF CA 01 [binary data]

IE - HKU\S-1-5-21-2194610944-3195102602-2929692973-1005\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie

IE - HKU\S-1-5-21-2194610944-3195102602-2929692973-1005\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie

IE - HKU\S-1-5-21-2194610944-3195102602-2929692973-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

========== FireFox ==========

 

FF - prefs.js..browser.search.defaultengine: "Ask.com"

FF - prefs.js..browser.search.defaultenginename: "Ask.com"

FF - prefs.js..browser.search.defaulturl: "http://fr.search.yahoo.com/search?ei=UTF-8&fr=ytff-&p="

FF - prefs.js..browser.search.order.1: "Ask.com"

FF - prefs.js..browser.search.selectedEngine: "Google"

FF - prefs.js..browser.search.suggest.enabled: false

FF - prefs.js..browser.search.useDBForOrder: true

FF - prefs.js..browser.startup.homepage: "http://www.google.fr/"

FF - prefs.js..extensions.enabledItems: [email protected]:1.0

FF - prefs.js..extensions.enabledItems: [email protected]:9.0.0.736

 

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/04/13 22:18:42 | 000,000,000 | ---D | M]

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/04/13 22:29:50 | 000,000,000 | ---D | M]

 

[2009/03/04 18:40:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Do\Application Data\Mozilla\Extensions

[2010/01/17 20:27:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Do\Application Data\Mozilla\Extensions\[email protected]

[2009/03/04 18:40:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Do\Application Data\Mozilla\Extensions\[email protected]

[2010/04/13 22:22:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Do\Application Data\Mozilla\Firefox\Profiles\0zkw2e2b.default\extensions

[2009/06/30 00:30:08 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Do\Application Data\Mozilla\Firefox\Profiles\0zkw2e2b.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}

[2010/03/27 19:34:15 | 000,002,253 | ---- | M] () -- C:\Documents and Settings\Do\Application Data\Mozilla\Firefox\Profiles\0zkw2e2b.default\searchplugins\askcom.xml

[2010/04/13 21:28:58 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions

[2010/01/27 16:49:48 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\[email protected]

[2010/03/13 17:18:59 | 000,001,516 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazon-france.xml

[2010/03/13 17:18:59 | 000,001,822 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\cnrtl-tlfi-fr.xml

[2010/03/13 17:18:59 | 000,000,757 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-france.xml

[2009/10/05 21:40:03 | 000,000,748 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\MediaDICO-fr.xml

[2010/02/15 22:49:16 | 000,000,940 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\vmndtxtb.xml

[2010/03/13 17:18:59 | 000,001,426 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-fr.xml

[2010/03/24 00:13:39 | 000,000,956 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-france.xml

 

O1 HOSTS File: ([2006/03/02 14:00:00 | 000,000,790 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts

O1 - Hosts: 127.0.0.1 localhost

O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Adobe Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)

O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\ievkbd.dll (Kaspersky Lab)

O2 - BHO: (Programme d'aide de l'Assistant de connexion Windows Live) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)

O2 - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\klwtbbho.dll (Kaspersky Lab)

O3 - HKU\S-1-5-21-2194610944-3195102602-2929692973-1005\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll File not found

O3 - HKU\S-1-5-21-2194610944-3195102602-2929692973-1005\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll File not found

O4 - HKLM..\Run: [] File not found

O4 - HKLM..\Run: [Adobe Version Cue CS2] C:\Program Files\Adobe\Adobe Version Cue CS2\ControlPanel\VersionCueCS2Tray.exe (Adobe Sytems Incorporated)

O4 - HKLM..\Run: [AVP] C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe (Kaspersky Lab)

O4 - HKLM..\Run: [sysTrayApp] C:\Program Files\IDT\WDM\sttray.exe (IDT, Inc.)

O4 - HKU\S-1-5-21-2194610944-3195102602-2929692973-1005..\Run: [EPSON Stylus SX200 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIEFE.EXE (SEIKO EPSON CORPORATION)

O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)

O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Lancement rapide d'Adobe Acrobat.lnk = C:\WINDOWS\Installer\{AC76BA86-1033-F400-7760-000000000002}\SC_Acrobat.exe ()

O4 - Startup: C:\Documents and Settings\Do\Menu Démarrer\Programmes\Démarrage\ERUNT AutoBackup.lnk = C:\Program Files\ERUNT\AUTOBACK.EXE ()

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 60

O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\S-1-5-21-2194610944-3195102602-2929692973-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\S-1-5-21-2194610944-3195102602-2929692973-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutorun = 0

O9 - Extra Button: Clavier &virtuel - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\klwtbbho.dll (Kaspersky Lab)

O9 - Extra Button: Analyse des &liens - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\klwtbbho.dll (Kaspersky Lab)

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_19)

O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Reg Error: Key error.)

O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Reg Error: Key error.)

O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Reg Error: Key error.)

O16 - DPF: {CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_19)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_19)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1

O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)

O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)

O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)

O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)

O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)

O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)

O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)

O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)

O20 - AppInit_DLLs: (C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll) - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\mzvkbd3.dll (Kaspersky Lab)

O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)

O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS\System32\igfxdev.dll (Intel Corporation)

O20 - Winlogon\Notify\klogon: DllName - C:\WINDOWS\system32\klogon.dll - C:\WINDOWS\system32\klogon.dll (Kaspersky Lab)

O24 - Desktop Components:0 (Ma page d'accueil) - About:Home

O24 - Desktop WallPaper: C:\Documents and Settings\Do\Application Data\Microsoft\Windows Live Photo Gallery\Papier peint de la Galerie de photos Windows Live.bmp

O24 - Desktop BackupWallPaper: C:\Documents and Settings\Do\Application Data\Microsoft\Windows Live Photo Gallery\Papier peint de la Galerie de photos Windows Live.bmp

O32 - HKLM CDRom: AutoRun - 0

O32 - AutoRun File - [2008/03/26 18:33:26 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]

O32 - AutoRun File - [2002/01/12 01:38:13 | 000,000,000 | ---- | M] () - L:\AUTOEXEC.BAT -- [ NTFS ]

O33 - MountPoints2\{1a1f4ec4-3845-11df-ad60-0019214b7108}\Shell\Auto\command - "" = F:\launcher.exe -- File not found

O33 - MountPoints2\{44c8b7e4-96d0-11de-ab3e-0019214b7108}\Shell\AutoRun\command - "" = F:\WD_Windows_Tools\Setup.exe -- File not found

O34 - HKLM BootExecute: (autocheck autochk *) - File not found

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

 

NetSvcs: 6to4 - File not found

NetSvcs: Ias - C:\WINDOWS\system32\ias [2008/03/26 19:18:14 | 000,000,000 | ---D | M]

NetSvcs: Iprip - File not found

NetSvcs: Irmon - File not found

NetSvcs: NWCWorkstation - File not found

NetSvcs: Nwsapagent - File not found

NetSvcs: Wmi - C:\WINDOWS\system32\wmi.dll (Microsoft Corporation)

NetSvcs: WmdmPmSp - File not found

 

========== Files/Folders - Created Within 30 Days ==========

 

[2010/04/15 19:42:20 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT

[2010/04/15 19:40:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Do\Bureau\ERUNT

[2010/04/15 19:37:47 | 000,000,000 | ---D | C] -- C:\Program Files\ERUNT

[2010/04/15 19:35:19 | 000,561,664 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Do\Bureau\OTL.exe

[2010/04/15 19:30:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Do\Mes documents\Mes fichiers reçus

[2010/04/15 14:43:51 | 000,000,000 | ---D | C] -- C:\Program Files\FileZilla FTP Client

[2010/04/15 14:27:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Do\Mes documents\Téléchargements

[2010/04/15 14:17:19 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Do\Recent

[2010/04/14 23:42:17 | 000,000,000 | -H-D | C] -- C:\WINDOWS\ie8

[2010/04/14 22:25:55 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Do\Mes documents\Ma musique

[2010/04/14 11:17:41 | 000,000,000 | ---D | C] -- C:\Program Files\Kaspersky Lab

[2010/04/14 11:17:22 | 000,315,408 | ---- | C] (Kaspersky Lab) -- C:\WINDOWS\System32\drivers\klif.sys

[2010/04/14 11:14:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab Setup Files

[2010/04/14 00:07:43 | 008,101,951 | ---- | C] (IDT, Inc.) -- C:\WINDOWS\System32\idtsg.cpl

[2010/04/14 00:07:43 | 002,314,240 | ---- | C] (IDT, Inc.) -- C:\WINDOWS\System32\stlang.dll

[2010/04/14 00:07:43 | 000,442,433 | ---- | C] (IDT, Inc.) -- C:\WINDOWS\sttray.exe

[2010/04/14 00:07:43 | 000,221,239 | ---- | C] (IDT, Inc.) -- C:\WINDOWS\System32\stacsv.exe

[2010/04/14 00:07:21 | 000,150,016 | ---- | C] (IDT, Inc.) -- C:\WINDOWS\System32\staco.dll

[2010/04/14 00:07:11 | 001,292,888 | ---- | C] (IDT, Inc.) -- C:\WINDOWS\System32\drivers\sthda.sys

[2010/04/14 00:07:11 | 000,442,439 | ---- | C] (IDT, Inc.) -- C:\WINDOWS\System32\stacapi.dll

[2010/04/14 00:07:02 | 000,000,000 | ---D | C] -- C:\Program Files\IDT

[2010/04/14 00:06:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Do\Bureau\IDT

[2010/04/14 00:00:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Do\Local Settings\Application Data\Eazel-FR

[2010/04/14 00:00:45 | 000,000,000 | ---D | C] -- C:\Program Files\Conduit

[2010/04/14 00:00:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Do\Local Settings\Application Data\Conduit

[2010/04/13 23:21:27 | 000,000,000 | ---D | C] -- C:\Program Files\Fichiers communs\Adobe Systems Shared

[2010/04/13 17:42:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\TEMP

[2010/04/13 16:46:28 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro

[2010/04/13 16:41:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Do\Bureau\backups

[2010/04/13 16:37:36 | 000,401,720 | ---- | C] (Trend Micro Inc.) -- C:\Documents and Settings\Do\Bureau\HiJackThis.exe

[2010/04/13 16:37:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy

[2010/04/13 14:40:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Do\Application Data\Malwarebytes

[2010/04/13 14:39:32 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys

[2010/04/13 14:39:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes

[2010/04/13 14:39:28 | 000,020,824 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys

[2010/04/13 14:39:28 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware

[2010/04/13 14:04:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Yahoo! Companion

[2010/04/13 14:04:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Do\Application Data\Yahoo!

[2010/04/13 14:03:38 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner

[2010/04/04 07:46:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Do\Application Data\igraal

[2010/03/31 17:36:22 | 000,000,000 | ---D | C] -- C:\WINDOWS\pss

[2010/03/30 23:33:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Do\Application Data\Dynamique

[2010/03/30 23:33:17 | 000,000,000 | ---D | C] -- C:\SUPPORT_388945a0cuments and Settings

[2010/03/30 23:33:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Do\Application Data\Sites

[2010/03/30 23:33:16 | 000,000,000 | ---D | C] -- C:\Invitécuments and Settings

[2010/03/30 23:33:16 | 000,000,000 | ---D | C] -- C:\HelpAssistantcuments and Settings

[2010/03/30 23:33:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Do\Application Data\Classes de site

[2010/03/30 23:33:16 | 000,000,000 | ---D | C] -- C:\Administrateurcuments and Settings

[2010/03/30 23:26:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Sun

[2010/03/30 23:25:56 | 000,153,376 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe

[2010/03/30 23:25:56 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe

[2010/03/30 23:25:56 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe

[2010/03/25 21:39:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Do\Application Data\MP-Manager

[2009/08/21 16:57:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Google

[2009/08/21 16:52:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Google

[2009/07/22 15:25:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft

[2009/06/18 22:25:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\MediaMonkey

[2009/03/17 11:40:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft

[2008/07/18 23:34:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Apple

[2008/03/26 18:33:23 | 000,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Application Data\Microsoft

[2008/03/26 18:33:23 | 000,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Application Data\Microsoft

[7 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

[6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

 

========== Files - Modified Within 30 Days ==========

 

[2010/04/15 19:37:53 | 000,000,773 | ---- | M] () -- C:\Documents and Settings\Do\Menu Démarrer\Programmes\Démarrage\ERUNT AutoBackup.lnk

[2010/04/15 19:35:21 | 000,561,664 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Do\Bureau\OTL.exe

[2010/04/15 19:27:49 | 000,002,359 | ---- | M] () -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Lancement rapide d'Adobe Acrobat.lnk

[2010/04/15 19:27:47 | 000,001,042 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job

[2010/04/15 19:27:46 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT

[2010/04/15 19:27:43 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat

[2010/04/15 18:43:30 | 009,175,040 | -H-- | M] () -- C:\Documents and Settings\Do\NTUSER.DAT

[2010/04/15 18:43:30 | 000,000,184 | -HS- | M] () -- C:\Documents and Settings\Do\ntuser.ini

[2010/04/15 18:43:23 | 004,847,248 | -H-- | M] () -- C:\Documents and Settings\Do\Local Settings\Application Data\IconCache.db

[2010/04/15 15:13:00 | 000,001,046 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job

[2010/04/15 14:25:52 | 000,020,944 | ---- | M] () -- C:\Documents and Settings\Do\Mes documents\panda final.odt

[2010/04/14 12:47:06 | 000,012,626 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl

[2010/04/14 11:25:42 | 000,315,408 | ---- | M] (Kaspersky Lab) -- C:\WINDOWS\System32\drivers\klif.sys

[2010/04/14 11:18:40 | 000,108,059 | ---- | M] () -- C:\WINDOWS\System32\drivers\klin.dat

[2010/04/14 11:18:39 | 000,095,259 | ---- | M] () -- C:\WINDOWS\System32\drivers\klick.dat

[2010/04/13 23:59:44 | 000,413,048 | ---- | M] () -- C:\WINDOWS\System32\SpoonUninstall.exe

[2010/04/13 16:46:28 | 000,001,740 | ---- | M] () -- C:\Documents and Settings\Do\Bureau\HijackThis.lnk

[2010/04/13 14:39:36 | 000,000,702 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Malwarebytes' Anti-Malware.lnk

[2010/04/13 14:03:44 | 000,001,554 | ---- | M] () -- C:\Documents and Settings\Do\Bureau\CCleaner.lnk

[2010/04/13 14:00:40 | 000,401,720 | ---- | M] (Trend Micro Inc.) -- C:\Documents and Settings\Do\Bureau\HiJackThis.exe

[2010/04/12 18:38:49 | 000,024,988 | ---- | M] () -- C:\Documents and Settings\Do\Bureau\24570_383642336465_525041465_4375396_6812568_n.jpg

[2010/04/12 13:16:35 | 000,110,683 | ---- | M] () -- C:\Documents and Settings\Do\Bureau\351568.jpg

[2010/04/12 13:01:09 | 000,020,497 | ---- | M] () -- C:\Documents and Settings\Do\Bureau\buffalo1.jpg

[2010/04/01 22:03:01 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job

[2010/03/31 17:36:49 | 000,000,507 | ---- | M] () -- C:\WINDOWS\win.ini

[2010/03/31 17:36:49 | 000,000,227 | ---- | M] () -- C:\WINDOWS\system.ini

[2010/03/31 17:36:49 | 000,000,216 | RHS- | M] () -- C:\boot.ini

[2010/03/31 10:48:48 | 000,012,800 | ---- | M] () -- C:\Documents and Settings\Do\Application Data\Settings.cfg

[2010/03/30 23:25:31 | 001,094,430 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI

[2010/03/30 23:25:31 | 000,501,232 | ---- | M] () -- C:\WINDOWS\System32\perfh00C.dat

[2010/03/30 23:25:31 | 000,432,806 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat

[2010/03/30 23:25:31 | 000,081,096 | ---- | M] () -- C:\WINDOWS\System32\perfc00C.dat

[2010/03/30 23:25:31 | 000,067,762 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat

[2010/03/30 13:37:24 | 000,000,600 | ---- | M] () -- C:\Documents and Settings\Do\Local Settings\Application Data\PUTTY.RND

[2010/03/30 00:46:30 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys

[2010/03/30 00:45:52 | 000,020,824 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys

[2010/03/22 11:47:17 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat

[7 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

[6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

 

========== Files Created - No Company Name ==========

 

[2010/04/15 19:37:53 | 000,000,773 | ---- | C] () -- C:\Documents and Settings\Do\Menu Démarrer\Programmes\Démarrage\ERUNT AutoBackup.lnk

[2010/04/15 12:54:34 | 000,020,944 | ---- | C] () -- C:\Documents and Settings\Do\Mes documents\panda final.odt

[2010/04/14 11:18:40 | 000,108,059 | ---- | C] () -- C:\WINDOWS\System32\drivers\klin.dat

[2010/04/14 11:18:39 | 000,095,259 | ---- | C] () -- C:\WINDOWS\System32\drivers\klick.dat

[2010/04/13 16:46:28 | 000,001,740 | ---- | C] () -- C:\Documents and Settings\Do\Bureau\HijackThis.lnk

[2010/04/13 14:39:36 | 000,000,702 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Malwarebytes' Anti-Malware.lnk

[2010/04/13 14:03:43 | 000,001,554 | ---- | C] () -- C:\Documents and Settings\Do\Bureau\CCleaner.lnk

[2010/04/12 18:38:48 | 000,024,988 | ---- | C] () -- C:\Documents and Settings\Do\Bureau\24570_383642336465_525041465_4375396_6812568_n.jpg

[2010/04/12 13:16:35 | 000,110,683 | ---- | C] () -- C:\Documents and Settings\Do\Bureau\351568.jpg

[2010/04/12 13:01:08 | 000,020,497 | ---- | C] () -- C:\Documents and Settings\Do\Bureau\buffalo1.jpg

[2010/03/30 23:33:17 | 000,012,800 | ---- | C] () -- C:\Documents and Settings\Do\Application Data\Settings.cfg

[2010/03/30 13:37:24 | 000,000,600 | ---- | C] () -- C:\Documents and Settings\Do\Local Settings\Application Data\PUTTY.RND

[2010/03/22 11:47:13 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat

[2009/08/06 19:31:24 | 000,000,097 | ---- | C] () -- C:\WINDOWS\System32\PICSDK.ini

[2009/08/06 19:17:05 | 000,000,025 | ---- | C] () -- C:\WINDOWS\CDE SX200DEFGIPS.ini

[2009/04/28 16:38:21 | 000,000,246 | ---- | C] () -- C:\WINDOWS\w32dasm8.ini

[2009/03/20 19:35:26 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4926.dll

[2009/01/19 20:09:53 | 000,007,219 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\N360BUOptions.ini

[2008/11/09 17:19:23 | 000,168,448 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll

[2008/11/09 17:19:22 | 000,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini

[2008/11/09 17:19:20 | 000,881,664 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll

[2008/11/09 17:19:19 | 000,205,824 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll

[2008/11/09 17:19:18 | 000,085,504 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll

[2008/11/09 17:19:18 | 000,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest

[2008/11/09 02:37:50 | 000,120,200 | ---- | C] () -- C:\WINDOWS\System32\DLLDEV32i.dll

[2008/11/09 02:37:40 | 000,007,023 | ---- | C] () -- C:\WINDOWS\mgxoschk.ini

[2008/11/04 19:37:13 | 000,008,864 | ---- | C] () -- C:\WINDOWS\System32\drivers\CDAC15BA.SYS

[2008/05/26 22:24:00 | 000,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI

[2008/05/14 03:06:36 | 000,012,829 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\hpzinstall.log

[2008/05/14 02:59:56 | 009,175,040 | -H-- | C] () -- C:\Documents and Settings\Do\NTUSER.DAT

[2008/05/14 02:59:56 | 000,016,384 | -H-- | C] () -- C:\Documents and Settings\Do\ntuser.dat.LOG

[2008/05/14 02:59:56 | 000,000,184 | -HS- | C] () -- C:\Documents and Settings\Do\ntuser.ini

[2008/05/14 02:59:48 | 000,262,144 | ---- | C] () -- C:\Documents and Settings\All Users\NTUSER.DAT

[2008/05/14 02:59:48 | 000,001,024 | -H-- | C] () -- C:\Documents and Settings\All Users\NTUSER.DAT.LOG

[2008/05/13 21:03:42 | 000,048,128 | ---- | C] () -- C:\Documents and Settings\Do\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2008/03/27 00:11:30 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini

[2008/03/26 19:00:53 | 000,204,800 | R--- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4785.dll

[2006/05/16 08:25:43 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\hpzids01.dll

[2002/03/17 02:00:00 | 000,007,420 | ---- | C] () -- C:\WINDOWS\UA000082.DLL

 

========== LOP Check ==========

 

[2009/08/06 19:30:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\EPSON

[2009/03/23 14:33:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ma-config.com

[2009/03/23 14:32:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MAGIX

[2008/11/11 23:20:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Pinnacle

[2008/11/11 23:25:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Pinnacle VideoSpin

[2010/04/13 17:45:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP

[2009/08/06 19:40:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\UDL

[2009/03/23 15:05:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ulead Systems

[2008/11/11 23:22:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\VideoSpin

[2010/04/13 15:52:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WinZip

[2008/10/07 10:05:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}

[2009/11/04 20:23:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}

[2009/05/15 00:03:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}

[2009/07/11 17:38:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Do\Application Data\Canon

[2010/03/30 23:33:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Do\Application Data\Classes de site

[2010/03/30 23:34:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Do\Application Data\Dynamique

[2009/08/06 22:46:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Do\Application Data\EPSON

[2010/04/15 14:59:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Do\Application Data\FileZilla

[2010/01/17 20:27:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Do\Application Data\Greyfirst

[2008/07/17 21:54:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Do\Application Data\gtk-2.0

[2010/04/04 07:46:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Do\Application Data\igraal

[2008/07/03 18:05:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Do\Application Data\iView

[2009/03/20 19:41:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Do\Application Data\MAGIX

[2010/03/25 22:20:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Do\Application Data\MP-Manager

[2010/01/27 17:05:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Do\Application Data\Notepad++

[2009/03/27 16:49:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Do\Application Data\OpenOffice.org

[2010/03/31 10:07:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Do\Application Data\Sites

[2010/04/05 11:43:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Do\Application Data\Teleca

[2009/03/20 16:32:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Do\Application Data\Ulead Systems

[2009/04/18 16:44:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Do\Application Data\VSO

 

========== Purity Check ==========

 

 

 

========== Custom Scans ==========

 

 

< %SYSTEMDRIVE%\*.exe >

 

 

< MD5 for: AGP440.SYS >

[2006/03/02 14:00:00 | 018,782,711 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys

[2008/06/08 14:33:04 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys

[2008/06/08 14:33:04 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys

[2008/04/13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys

[2008/04/13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys

 

< MD5 for: ATAPI.SYS >

[2006/03/02 14:00:00 | 018,782,711 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys

[2008/06/08 14:33:04 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys

[2008/06/08 14:33:04 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys

[2008/04/13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys

[2008/04/13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys

[2004/08/03 23:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys

[2006/03/02 14:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0002\DriverFiles\i386\atapi.sys

[2004/08/03 23:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0003\DriverFiles\i386\atapi.sys

 

< MD5 for: EVENTLOG.DLL >

[2006/03/02 14:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=49B1376885340BF9EA0D99F71557B59A -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll

[2008/04/14 04:33:24 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=4EC800BDF80521B0207BD2301DFC7D14 -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll

[2008/04/14 04:33:24 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=4EC800BDF80521B0207BD2301DFC7D14 -- C:\WINDOWS\system32\eventlog.dll

 

< MD5 for: NETLOGON.DLL >

[2008/04/14 04:33:34 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=04821179C3171554C1BD1F9888A113E2 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll

[2008/04/14 04:33:34 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=04821179C3171554C1BD1F9888A113E2 -- C:\WINDOWS\system32\netlogon.dll

[2006/03/02 14:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=D4CFAC76926C24E32B7F25A35C31BC6E -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll

 

< MD5 for: SCECLI.DLL >

[2006/03/02 14:00:00 | 000,186,368 | ---- | M] (Microsoft Corporation) MD5=58D439F6EF73A2D9288B204E819F4BBD -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll

[2008/04/14 04:33:40 | 000,187,392 | ---- | M] (Microsoft Corporation) MD5=973B36634C544948C663E8269AA1B3A3 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll

[2008/04/14 04:33:40 | 000,187,392 | ---- | M] (Microsoft Corporation) MD5=973B36634C544948C663E8269AA1B3A3 -- C:\WINDOWS\system32\scecli.dll

 

< %systemroot%\*. /mp /s >

 

< %systemroot%\system32\*.dll /lockedfiles >

[2008/04/14 04:33:33 | 001,384,479 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\msvbvm60.dll

[7 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

 

< %systemroot%\Tasks\*.job /lockedfiles >

 

========== Alternate Data Streams ==========

 

@Alternate Data Stream - 124 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:CB0AACC9

< End of report >

 

 

En vous remerciant infiniment

Lien vers le commentaire
Partager sur d’autres sites

Rejoindre la conversation

Vous pouvez publier maintenant et vous inscrire plus tard. Si vous avez un compte, connectez-vous maintenant pour publier avec votre compte.
Remarque : votre message nécessitera l’approbation d’un modérateur avant de pouvoir être visible.

Invité
Répondre à ce sujet…

×   Collé en tant que texte enrichi.   Coller en tant que texte brut à la place

  Seulement 75 émoticônes maximum sont autorisées.

×   Votre lien a été automatiquement intégré.   Afficher plutôt comme un lien

×   Votre contenu précédent a été rétabli.   Vider l’éditeur

×   Vous ne pouvez pas directement coller des images. Envoyez-les depuis votre ordinateur ou insérez-les depuis une URL.

×
 Partager
Aller sur la liste des sujets

  • En ligne récemment   0 membre est en ligne

    • Aucun utilisateur enregistré regarde cette page.
×
×
  • Créer...