Aller au contenu

  • Pas encore inscrit ?

    Pourquoi ne pas vous inscrire ? C'est simple, rapide et gratuit.
    Pour en savoir plus, lisez Les avantages de l'inscription... et la Charte de Zébulon.
    De plus, les messages que vous postez en tant qu'invité restent invisibles tant qu'un modérateur ne les a pas validés. Inscrivez-vous, ce sera un gain de temps pour tout le monde, vous, les helpeurs et les modérateurs ! :wink:

Ton PC est atteint par le virus du sida

zolo

Par zolo
dans Analyses et éradication malwares

 Partager

Messages recommandés

zolo Junior Member

zolo

Posté(e)
Posté(e)

bonjour a tous,

depuis un mois j'ai un virus sur mon mini pc "samsung nc 10"

il m'ouvre une page internet mozilla est m'affiche TON PC EST ATTEINT PAR LE VIRUS SIDA

j'ai fait une restauration système

a l'état initial du pc

est le virus semble être parti une semaine mais il est toujours la..

je ne sais pas que faire help me please

le gestionnaire des tache ne s'affiche pas l'accès est refusé par l'administrateur

mais c'est moi l'unique utilisateur soit l'admin..

no.ppp Extrem Member

no.ppp

Posté(e)
Posté(e)

Salut,

 

Bienvenue sur Zébulon. Si tu as des questions, n'hésite pas.

 

080821120923886402.png Télécharge OTL sur ton Bureau

  • Double-clique sur OTL.exe pour le lancer.
  • Coche la case Tous les utilisateurs
  • Fais de même avec Recherche Lop et Recherche Purity.
  • Clique ensuite sur Analyse puis patiente pendant qu'il scanne le registre et les fichiers.
  • Quand l'analyse est terminée, deux fenêtres du Bloc-notes vont s'ouvrir. OTL.Txt et Extras.Txt. Ces fichiers sont sauvegardés au même endroit que OTL.
  • Copie-colle les dans ta prochaine réponse.

zolo Junior Member

zolo

Posté(e)
  • Auteur
Posté(e)

MERCI d'avance voici les resultats du scan

 

OTL logfile created on: 23/06/2010 00:08:19 - Run 1

OTL by OldTimer - Version 3.2.6.1 Folder = C:\Documents and Settings\AL\Mes documents\Téléchargements

Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 8.0.6001.18702)

Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

 

1 014,00 Mb Total Physical Memory | 559,00 Mb Available Physical Memory | 55,00% Memory free

2,00 Gb Paging File | 2,00 Gb Available in Paging File | 87,00% Paging File free

Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files

Drive C: | 25,04 Gb Total Space | 17,06 Gb Free Space | 68,10% Space Free | Partition Type: NTFS

Drive D: | 118,00 Gb Total Space | 61,07 Gb Free Space | 51,75% Space Free | Partition Type: NTFS

E: Drive not present or media not loaded

F: Drive not present or media not loaded

G: Drive not present or media not loaded

H: Drive not present or media not loaded

I: Drive not present or media not loaded

 

Computer Name: NC10-F401E8581C

Current User Name: AL

Logged in as Administrator.

 

Current Boot Mode: Normal

Scan Mode: All users

Company Name Whitelist: Off

Skip Microsoft Files: Off

File Age = 30 Days

Output = Standard

 

========== Processes (SafeList) ==========

 

PRC - [2010/06/22 23:55:24 | 000,574,464 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\AL\Mes documents\Téléchargements\OTL.exe

PRC - [2010/05/06 22:59:42 | 002,815,192 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe

PRC - [2010/05/06 22:59:38 | 000,040,384 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe

PRC - [2008/10/28 18:48:19 | 000,036,972 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre1.5.0\bin\jusched.exe

PRC - [2008/10/07 18:22:48 | 002,768,896 | ---- | M] () -- C:\Program Files\Samsung\Samsung Battery Manager\BatteryManager.exe

PRC - [2008/10/06 19:07:26 | 000,679,936 | ---- | M] (SAMSUNG Electronics) -- C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe

PRC - [2008/05/21 17:44:30 | 000,299,008 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files\Samsung\MagicKBD\PerformanceManager.exe

PRC - [2008/05/20 21:02:08 | 000,372,736 | ---- | M] (SAMSUNG Electronics Co., Ltd.) -- C:\Program Files\Samsung\MagicKBD\MagicKBD.exe

PRC - [2008/04/14 14:00:00 | 001,037,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe

PRC - [2008/02/29 00:00:10 | 000,170,520 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\igfxext.exe

PRC - [2007/12/20 21:40:30 | 000,659,456 | ---- | M] (Samsung Electronics,.LTD) -- C:\Program Files\Samsung\Samsung EDS\EDSAgent.exe

PRC - [2007/04/01 10:02:38 | 001,416,072 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe

PRC - [2007/04/01 10:02:38 | 000,568,176 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe

PRC - [2006/10/30 15:29:28 | 000,036,864 | ---- | M] () -- C:\Program Files\Samsung\Samsung Network Manager\SNMWLANService.exe

 

 

========== Modules (SafeList) ==========

 

MOD - [2010/06/22 23:55:24 | 000,574,464 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\AL\Mes documents\Téléchargements\OTL.exe

MOD - [2008/04/14 14:00:00 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx

MOD - [2007/04/02 07:00:48 | 000,086,016 | ---- | M] (Broadcom Corporation.) -- C:\WINDOWS\system32\BtMmHook.dll

 

 

========== Win32 Services (SafeList) ==========

 

SRV - [2010/05/06 22:59:38 | 000,040,384 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Web Scanner)

SRV - [2010/05/06 22:59:38 | 000,040,384 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Mail Scanner)

SRV - [2010/05/06 22:59:38 | 000,040,384 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)

SRV - [2006/10/30 15:29:28 | 000,036,864 | ---- | M] () [Auto | Running] -- C:\Program Files\samsung\Samsung Network Manager\SNMWLANService.exe -- (SNM WLAN Service)

 

 

========== Driver Services (SafeList) ==========

 

DRV - [2010/05/06 22:39:23 | 000,046,672 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aswTdi.sys -- (aswTdi)

DRV - [2010/05/06 22:39:00 | 000,164,048 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aswSP.sys -- (aswSP)

DRV - [2010/05/06 22:34:27 | 000,023,376 | ---- | M] (ALWIL Software) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\aswRdr.sys -- (aswRdr)

DRV - [2010/05/06 22:33:59 | 000,100,432 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\aswmon2.sys -- (aswMon2)

DRV - [2010/05/06 22:33:47 | 000,019,024 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\aswFsBlk.sys -- (aswFsBlk)

DRV - [2010/05/06 22:33:29 | 000,028,880 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aavmker4.sys -- (Aavmker4)

DRV - [2009/06/03 22:05:26 | 001,570,240 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\athw.sys -- (AR5416)

DRV - [2009/04/21 10:09:00 | 000,297,344 | ---- | M] (Marvell) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\yk51x86.sys -- (yukonwxp)

DRV - [2008/09/23 22:23:58 | 000,238,464 | ---- | M] (Vimicro Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\VMC326.sys -- (VMC326)

DRV - [2008/08/28 20:18:14 | 000,224,736 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SynTP.sys -- (SynTP)

DRV - [2008/08/27 01:35:00 | 004,753,920 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)

DRV - [2008/04/14 14:00:00 | 000,144,384 | ---- | M] (Windows ® Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)

DRV - [2008/02/15 22:12:06 | 005,854,752 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\igxpmp32.sys -- (ialm)

DRV - [2008/01/14 20:01:02 | 000,030,208 | ---- | M] (Samsung Electronics,.LTD) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SamsungEDS.SYS -- (DNSeFilter)

DRV - [2007/03/31 22:02:42 | 000,876,384 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btkrnl.sys -- (BTKRNL)

DRV - [2007/03/23 19:50:42 | 000,067,960 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btwusb.sys -- (BTWUSB)

DRV - [2006/10/30 15:29:28 | 000,019,840 | ---- | M] (Samsung) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SUE_PD.sys -- (SUEPD)

DRV - [2005/10/27 06:18:05 | 000,004,300 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\MEMIO.SYS -- (DOSMEMIO)

 

 

========== Standard Registry (SafeList) ==========

 

 

========== Internet Explorer ==========

 

 

 

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

 

 

IE - HKU\S-1-5-21-2578818418-2825335827-470265143-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Pas de site bizarre !

IE - HKU\S-1-5-21-2578818418-2825335827-470265143-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

========== FireFox ==========

 

 

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/06/13 02:44:53 | 000,000,000 | ---D | M]

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/06/22 23:35:52 | 000,000,000 | ---D | M]

 

[2010/06/13 02:45:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\AL\Application Data\Mozilla\Extensions

[2010/06/13 23:19:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\AL\Application Data\Mozilla\Firefox\Profiles\9hkoqgfz.default\extensions

[2010/06/13 02:32:35 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions

[2010/04/01 19:07:29 | 000,001,516 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazon-france.xml

[2010/04/01 19:07:29 | 000,001,822 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\cnrtl-tlfi-fr.xml

[2010/04/01 19:07:29 | 000,000,757 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-france.xml

[2010/04/01 19:07:29 | 000,001,426 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-fr.xml

[2010/04/01 19:07:29 | 000,000,956 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-france.xml

 

O1 HOSTS File: ([2008/04/14 14:00:00 | 000,000,790 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts

O1 - Hosts: 127.0.0.1 localhost

O2 - BHO: (Aide pour le lien d'Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)

O2 - BHO: (Programme d'aide de l'Assistant de connexion Windows Live) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)

O4 - HKLM..\Run: [] File not found

O4 - HKLM..\Run: [Adobe ARM] C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)

O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)

O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\ALCMTR.EXE (Realtek Semiconductor Corp.)

O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\AvastUI.exe (ALWIL Software)

O4 - HKLM..\Run: [batteryManager] C:\Program Files\Samsung\Samsung Battery Manager\BatteryManager.exe ()

O4 - HKLM..\Run: [DMHotKey] C:\Program Files\Samsung\Easy Display Manager\DMLoader.exe (SAMSUNG Electronics)

O4 - HKLM..\Run: [EDS] C:\Program Files\Samsung\Samsung EDS\EDSAgent.exe (Samsung Electronics,.LTD)

O4 - HKLM..\Run: [MagicKeyboard] C:\Program Files\Samsung\MagicKBD\PreMKbd.exe ()

O4 - HKLM..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0\bin\jusched.exe (Sun Microsystems, Inc.)

O4 - HKLM..\Run: [sUPBackground] C:\Program Files\Samsung\Samsung Update Plus\SUPBackGround.exe ()

O4 - HKLM..\Run: [system] C:\WINDOWS\antivirus.vbe ()

O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\BTTray.lnk = C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1

O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\S-1-5-21-2578818418-2825335827-470265143-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\S-1-5-21-2578818418-2825335827-470265143-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFolderOptions = 1

O7 - HKU\S-1-5-21-2578818418-2825335827-470265143-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 1

O7 - HKU\S-1-5-21-2578818418-2825335827-470265143-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 1

O8 - Extra context menu item: Envoyer au périphérique &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()

O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()

O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.5.0/jinstall-1_5_0-windows-i586.cab (Java Plug-in 1.5.0)

O16 - DPF: {CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0-windows-i586.cab (Java Plug-in 1.5.0)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.6.1

O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)

O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)

O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS\System32\igfxdev.dll (Intel Corporation)

O24 - Desktop Components:0 (Ma page d'accueil) - About:Home

O24 - Desktop WallPaper: C:\Documents and Settings\AL\Local Settings\Application Data\Microsoft\Wallpaper1.bmp

O24 - Desktop BackupWallPaper: C:\Documents and Settings\AL\Local Settings\Application Data\Microsoft\Wallpaper1.bmp

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2008/10/28 18:44:43 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]

O33 - MountPoints2\{de9ed3cc-7d60-11df-923c-00242b63e6c4}\Shell\AutoRun\command - "" = wscript.exe hivie.vbe

O33 - MountPoints2\{de9ed3cc-7d60-11df-923c-00242b63e6c4}\Shell\open\Command - "" = wscript.exe hivie.vbe

O34 - HKLM BootExecute: (autocheck autochk *) - File not found

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

 

========== Files/Folders - Created Within 30 Days ==========

 

[2010/06/22 23:57:57 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\AL\Recent

[2010/06/22 23:07:30 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe

[2010/06/22 23:06:27 | 000,000,000 | -HSD | C] -- C:\Config.Msi

[2010/06/21 20:15:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\AL\Bureau\terrain

[2010/06/13 22:17:55 | 000,274,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mucltui.dll

[2010/06/13 22:17:55 | 000,018,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mucltui.dll.mui

[2010/06/13 12:03:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\AL\Application Data\dvdcss

[2010/06/13 11:24:46 | 000,000,000 | R-SD | C] -- C:\Documents and Settings\AL\Mes documents\My Stationery

[2010/06/13 11:22:26 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft

[2010/06/13 11:22:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Documents\microsoft

[2010/06/13 11:22:07 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Live SkyDrive

[2010/06/13 11:21:50 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Live

[2010/06/13 11:18:04 | 000,000,000 | ---D | C] -- C:\Program Files\Fichiers communs\Windows Live

[2010/06/13 11:17:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\AL\Mes documents\Téléchargements

[2010/06/13 03:27:58 | 001,570,240 | ---- | C] (Atheros Communications, Inc.) -- C:\WINDOWS\System32\drivers\athw.sys

[2010/06/13 03:27:58 | 000,000,000 | ---D | C] -- C:\Program Files\Atheros WLAN Client

[2010/06/13 03:19:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\AL\Application Data\vlc

[2010/06/13 02:57:43 | 000,000,000 | ---D | C] -- C:\Program Files\Marvell

[2010/06/13 02:44:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\AL\Local Settings\Application Data\Mozilla

[2010/06/13 02:44:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\AL\Application Data\Mozilla

[2010/06/13 02:44:09 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\AL\IETldCache

[2010/06/13 02:39:47 | 000,164,048 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswSP.sys

[2010/06/13 02:39:47 | 000,019,024 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys

[2010/06/13 02:39:46 | 000,023,376 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys

[2010/06/13 02:39:45 | 000,046,672 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys

[2010/06/13 02:39:44 | 000,100,432 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys

[2010/06/13 02:39:44 | 000,094,800 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon.sys

[2010/06/13 02:39:44 | 000,028,880 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys

[2010/06/13 02:39:31 | 000,165,032 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\aswBoot.exe

[2010/06/13 02:39:31 | 000,038,848 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\avastSS.scr

[2010/06/13 02:39:24 | 000,000,000 | ---D | C] -- C:\Program Files\Alwil Software

[2010/06/13 02:39:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Alwil Software

[2010/06/13 02:33:27 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeedsbs.dll

[2010/06/13 02:33:26 | 011,076,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieframe.dll

[2010/06/13 02:33:26 | 001,985,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iertutil.dll

[2010/06/13 02:33:26 | 000,743,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iedvtool.dll

[2010/06/13 02:33:26 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeeds.dll

[2010/06/13 02:33:23 | 000,000,000 | ---D | C] -- C:\WINDOWS\ie8updates

[2010/06/13 02:33:09 | 000,000,000 | ---D | C] -- C:\WINDOWS\WBEM

[2010/06/13 02:32:32 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox

[2010/06/13 02:32:05 | 000,000,000 | -H-D | C] -- C:\WINDOWS\ie8

[2010/06/13 02:23:03 | 000,000,000 | ---D | C] -- C:\Program Files\VideoLAN

[2010/06/13 02:19:12 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner

[2010/06/13 02:17:29 | 000,455,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mrxsmb.sys

[2010/06/13 02:17:13 | 000,272,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bthport.sys

[2010/06/13 02:17:00 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\browserchoice.exe

[2010/06/13 02:12:29 | 002,192,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntoskrnl.exe

[2010/06/13 02:12:27 | 002,148,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrnlmp.exe

[2010/06/13 02:12:26 | 002,026,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrpamp.exe

[2010/06/13 02:08:54 | 000,026,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spupdsvc.exe

[2010/06/13 02:08:54 | 000,017,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spmsg.dll

[2010/06/13 02:08:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\PreInstall

[2010/06/13 02:08:53 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$hf_mig$

[2010/06/13 00:06:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\AL\Application Data\Macromedia

[2010/06/13 00:06:22 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\SoftwareDistribution

[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

 

========== Files - Modified Within 30 Days ==========

 

[2010/06/22 23:35:52 | 000,001,729 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Adobe Reader 8.lnk

[2010/06/22 18:33:44 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT

[2010/06/22 18:33:25 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat

[2010/06/22 18:33:22 | 1063,702,528 | -HS- | M] () -- C:\hiberfil.sys

[2010/06/22 18:29:10 | 001,572,864 | -H-- | M] () -- C:\Documents and Settings\AL\NTUSER.DAT

[2010/06/22 18:29:10 | 000,000,184 | -HS- | M] () -- C:\Documents and Settings\AL\ntuser.ini

[2010/06/22 18:29:05 | 006,921,062 | -H-- | M] () -- C:\Documents and Settings\AL\Local Settings\Application Data\IconCache.db

[2010/06/22 17:02:14 | 000,002,440 | -HS- | M] () -- C:\Documents and Settings\AL\hiv.html

[2010/06/21 20:18:55 | 000,024,646 | RHS- | M] () -- C:\WINDOWS\System32\hivie.vbe

[2010/06/21 17:53:18 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl

[2010/06/20 15:13:03 | 000,011,264 | ---- | M] () -- C:\Documents and Settings\AL\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2010/06/20 09:57:45 | 000,114,180 | ---- | M] () -- C:\Documents and Settings\AL\Bureau\Muay_Thai_Logo_by_striderchea.jpg

[2010/06/20 09:54:28 | 000,399,044 | ---- | M] () -- C:\Documents and Settings\AL\Bureau\2627281007_fcbc8fb3fb_o.jpg

[2010/06/20 09:53:12 | 002,779,020 | ---- | M] () -- C:\Documents and Settings\AL\Bureau\2627272871_342d46d20f_o.png

[2010/06/20 09:51:47 | 000,256,550 | ---- | M] () -- C:\Documents and Settings\AL\Bureau\1920-1200-n.png

[2010/06/20 09:38:09 | 000,000,283 | ---- | M] () -- C:\Documents and Settings\AL\Bureau\Raccourci vers Stockage (D).lnk

[2010/06/13 23:20:31 | 000,775,034 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI

[2010/06/13 23:20:31 | 000,368,314 | ---- | M] () -- C:\WINDOWS\System32\perfh00C.dat

[2010/06/13 23:20:31 | 000,311,938 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat

[2010/06/13 23:20:31 | 000,049,054 | ---- | M] () -- C:\WINDOWS\System32\perfc00C.dat

[2010/06/13 23:20:31 | 000,040,326 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat

[2010/06/13 22:28:58 | 000,035,659 | ---- | M] () -- C:\Documents and Settings\AL\Bureau\l_d4c861fb04f74f6ce6cb61fab3a5b635.jpg

[2010/06/13 22:24:53 | 000,051,461 | ---- | M] () -- C:\Documents and Settings\AL\Bureau\l_31acfe1c3c300ae6202dcd84672c0f73.jpg

[2010/06/13 11:23:35 | 000,002,011 | ---- | M] () -- C:\Documents and Settings\AL\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Live Mail (2).lnk

[2010/06/13 11:17:50 | 000,012,720 | ---- | M] () -- C:\Documents and Settings\AL\Local Settings\Application Data\GDIPFONTCACHEV1.DAT

[2010/06/13 02:48:04 | 000,000,893 | ---- | M] () -- C:\Documents and Settings\AL\Bureau\CCleaner.lnk

[2010/06/13 02:44:55 | 000,000,000 | ---- | M] () -- C:\WINDOWS\nsreg.dat

[2010/06/13 02:44:14 | 000,000,815 | ---- | M] () -- C:\Documents and Settings\AL\Application Data\Microsoft\Internet Explorer\Quick Launch\Démarrer Internet Explorer.lnk

[2010/06/13 02:43:58 | 000,091,088 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT

[2010/06/13 02:39:44 | 000,003,121 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT

[2010/06/13 02:32:38 | 000,001,620 | ---- | M] () -- C:\Documents and Settings\AL\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk

[2010/06/13 02:23:32 | 000,000,719 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\VLC.lnk

[2010/06/13 01:59:00 | 000,001,605 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Samsung Update Plus.lnk

[2010/06/13 01:58:09 | 000,002,431 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Samsung Network Manager.lnk

[2010/05/29 14:04:50 | 000,024,646 | RHS- | M] () -- C:\WINDOWS\antivirus.vbe

[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

 

========== Files Created - No Company Name ==========

 

[2010/06/22 23:07:50 | 000,001,729 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Adobe Reader 8.lnk

[2010/06/22 17:02:14 | 000,002,440 | -HS- | C] () -- C:\Documents and Settings\AL\hiv.html

[2010/06/21 20:18:55 | 000,024,646 | RHS- | C] () -- C:\WINDOWS\System32\hivie.vbe

[2010/06/21 20:18:55 | 000,024,646 | RHS- | C] () -- C:\WINDOWS\antivirus.vbe

[2010/06/20 09:57:45 | 000,114,180 | ---- | C] () -- C:\Documents and Settings\AL\Bureau\Muay_Thai_Logo_by_striderchea.jpg

[2010/06/20 09:54:22 | 000,399,044 | ---- | C] () -- C:\Documents and Settings\AL\Bureau\2627281007_fcbc8fb3fb_o.jpg

[2010/06/20 09:53:11 | 002,779,020 | ---- | C] () -- C:\Documents and Settings\AL\Bureau\2627272871_342d46d20f_o.png

[2010/06/20 09:51:46 | 000,256,550 | ---- | C] () -- C:\Documents and Settings\AL\Bureau\1920-1200-n.png

[2010/06/20 09:38:09 | 000,000,283 | ---- | C] () -- C:\Documents and Settings\AL\Bureau\Raccourci vers Stockage (D).lnk

[2010/06/13 22:28:57 | 000,035,659 | ---- | C] () -- C:\Documents and Settings\AL\Bureau\l_d4c861fb04f74f6ce6cb61fab3a5b635.jpg

[2010/06/13 22:24:52 | 000,051,461 | ---- | C] () -- C:\Documents and Settings\AL\Bureau\l_31acfe1c3c300ae6202dcd84672c0f73.jpg

[2010/06/13 11:23:35 | 000,002,011 | ---- | C] () -- C:\Documents and Settings\AL\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Live Mail (2).lnk

[2010/06/13 02:52:28 | 000,011,264 | ---- | C] () -- C:\Documents and Settings\AL\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2010/06/13 02:48:04 | 000,000,893 | ---- | C] () -- C:\Documents and Settings\AL\Bureau\CCleaner.lnk

[2010/06/13 02:44:55 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat

[2010/06/13 02:32:38 | 000,001,620 | ---- | C] () -- C:\Documents and Settings\AL\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk

[2010/06/13 02:23:32 | 000,000,719 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\VLC.lnk

[2009/02/24 20:58:51 | 000,001,520 | ---- | C] () -- C:\WINDOWS\System32\AL_KBD.ini

[2009/01/21 16:16:39 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini

[2008/10/29 00:19:49 | 000,000,416 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini

[2008/10/28 18:56:44 | 000,001,522 | ---- | C] () -- C:\WINDOWS\System32\MagicKBD.INI

[2008/10/28 18:56:44 | 000,001,520 | ---- | C] () -- C:\WINDOWS\System32\Propriétaire_KBD.ini

[2008/10/28 18:56:41 | 000,003,425 | ---- | C] () -- C:\WINDOWS\System32\KBDR.INI

[2008/10/28 18:56:41 | 000,002,741 | ---- | C] () -- C:\WINDOWS\System32\KBDD.INI

[2008/10/28 18:56:41 | 000,002,699 | ---- | C] () -- C:\WINDOWS\System32\KBDO.INI

[2008/10/28 18:56:41 | 000,002,699 | ---- | C] () -- C:\WINDOWS\System32\KBDC.INI

[2008/10/28 18:56:41 | 000,002,606 | ---- | C] () -- C:\WINDOWS\System32\KBDB.INI

[2008/10/28 18:56:41 | 000,002,236 | ---- | C] () -- C:\WINDOWS\System32\KBDQ.INI

[2008/10/28 18:56:41 | 000,001,956 | ---- | C] () -- C:\WINDOWS\System32\KBDE.INI

[2008/10/28 18:56:41 | 000,001,885 | ---- | C] () -- C:\WINDOWS\System32\KBDP.INI

[2008/10/28 18:56:41 | 000,001,857 | ---- | C] () -- C:\WINDOWS\System32\KBDUU.INI

[2008/10/28 18:56:41 | 000,001,835 | ---- | C] () -- C:\WINDOWS\System32\KBDG.INI

[2008/10/28 18:56:41 | 000,001,835 | ---- | C] () -- C:\WINDOWS\System32\KBDA.INI

[2008/10/28 18:56:41 | 000,001,834 | ---- | C] () -- C:\WINDOWS\System32\KBDU.INI

[2008/10/28 18:56:41 | 000,001,819 | ---- | C] () -- C:\WINDOWS\System32\KBDN.INI

[2008/10/28 18:56:41 | 000,001,699 | ---- | C] () -- C:\WINDOWS\System32\KBDT.INI

[2008/10/28 18:56:41 | 000,001,697 | ---- | C] () -- C:\WINDOWS\System32\KBDV.INI

[2008/10/28 18:56:41 | 000,001,522 | ---- | C] () -- C:\WINDOWS\System32\KBDS.INI

[2008/10/28 18:56:41 | 000,001,476 | ---- | C] () -- C:\WINDOWS\System32\KBDF.INI

[2008/10/28 18:54:33 | 000,000,135 | R--- | C] () -- C:\WINDOWS\System32\lngEng.ini

[2008/10/28 18:54:33 | 000,000,117 | ---- | C] () -- C:\WINDOWS\System32\lngKor.ini

[2008/10/28 18:51:25 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4926.dll

[2008/10/28 18:48:48 | 000,004,300 | ---- | C] () -- C:\WINDOWS\System32\MEMIO.SYS

[2007/04/01 10:00:28 | 002,842,624 | ---- | C] () -- C:\WINDOWS\System32\btwicons.dll

[2007/04/01 09:41:52 | 000,090,112 | ---- | C] () -- C:\WINDOWS\System32\btprn2k.dll

[2005/02/17 13:41:32 | 000,000,603 | ---- | C] () -- C:\WINDOWS\System32\BTNeighborhood.dll.manifest

[2005/02/17 13:41:30 | 000,000,593 | ---- | C] () -- C:\WINDOWS\System32\btcss.dll.manifest

[2001/11/14 14:56:00 | 001,802,240 | ---- | C] () -- C:\WINDOWS\System32\lcppn21.dll

 

========== LOP Check ==========

 

[2010/06/13 02:39:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Alwil Software

[2008/10/28 18:52:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WLAN

 

========== Purity Check ==========

 

 

< End of report >

[2010/06/22 23:35:52 | 000,001,729 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Adobe Reader 8.lnk

[2010/06/22 18:33:44 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT

[2010/06/22 18:33:25 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat

[2010/06/22 18:29:10 | 001,572,864 | -H-- | M] () -- C:\Documents and Settings\AL\NTUSER.DAT

[2010/06/22 18:29:10 | 000,000,184 | -HS- | M] () -- C:\Documents and Settings\AL\ntuser.ini

[2010/06/22 18:29:05 | 006,921,062 | -H-- | M] () -- C:\Documents and Settings\AL\Local Settings\Application Data\IconCache.db

[2010/06/22 17:02:14 | 000,002,440 | -HS- | M] () -- C:\Documents and Settings\AL\hiv.html

[2010/06/21 20:18:55 | 000,024,646 | RHS- | M] () -- C:\WINDOWS\System32\hivie.vbe

[2010/06/21 17:53:18 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl

[2010/06/20 15:13:03 | 000,011,264 | ---- | M] () -- C:\Documents and Settings\AL\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2010/06/20 09:57:45 | 000,114,180 | ---- | M] () -- C:\Documents and Settings\AL\Bureau\Muay_Thai_Logo_by_striderchea.jpg

[2010/06/20 09:54:28 | 000,399,044 | ---- | M] () -- C:\Documents and Settings\AL\Bureau\2627281007_fcbc8fb3fb_o.jpg

[2010/06/20 09:53:12 | 002,779,020 | ---- | M] () -- C:\Documents and Settings\AL\Bureau\2627272871_342d46d20f_o.png

[2010/06/20 09:51:47 | 000,256,550 | ---- | M] () -- C:\Documents and Settings\AL\Bureau\1920-1200-n.png

[2010/06/20 09:38:09 | 000,000,283 | ---- | M] () -- C:\Documents and Settings\AL\Bureau\Raccourci vers Stockage (D).lnk

[2010/06/13 23:20:31 | 000,775,034 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI

[2010/06/13 23:20:31 | 000,368,314 | ---- | M] () -- C:\WINDOWS\System32\perfh00C.dat

[2010/06/13 23:20:31 | 000,311,938 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat

[2010/06/13 23:20:31 | 000,049,054 | ---- | M] () -- C:\WINDOWS\System32\perfc00C.dat

[2010/06/13 23:20:31 | 000,040,326 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat

[2010/06/13 22:28:58 | 000,035,659 | ---- | M] () -- C:\Documents and Settings\AL\Bureau\l_d4c861fb04f74f6ce6cb61fab3a5b635.jpg

[2010/06/13 22:24:53 | 000,051,461 | ---- | M] () -- C:\Documents and Settings\AL\Bureau\l_31acfe1c3c300ae6202dcd84672c0f73.jpg

[2010/06/13 11:23:35 | 000,002,011 | ---- | M] () -- C:\Documents and Settings\AL\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Live Mail (2).lnk

[2010/06/13 11:17:50 | 000,012,720 | ---- | M] () -- C:\Documents and Settings\AL\Local Settings\Application Data\GDIPFONTCACHEV1.DAT

[2010/06/13 02:48:04 | 000,000,893 | ---- | M] () -- C:\Documents and Settings\AL\Bureau\CCleaner.lnk

[2010/06/13 02:44:55 | 000,000,000 | ---- | M] () -- C:\WINDOWS\nsreg.dat

[2010/06/13 02:44:14 | 000,000,815 | ---- | M] () -- C:\Documents and Settings\AL\Application Data\Microsoft\Internet Explorer\Quick Launch\Démarrer Internet Explorer.lnk

[2010/06/13 02:43:58 | 000,091,088 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT

[2010/06/13 02:39:44 | 000,003,121 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT

[2010/06/13 02:32:38 | 000,001,620 | ---- | M] () -- C:\Documents and Settings\AL\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk

[2010/06/13 02:23:32 | 000,000,719 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\VLC.lnk

[2010/06/13 01:59:00 | 000,001,605 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Samsung Update Plus.lnk

[2010/06/13 01:58:09 | 000,002,431 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Samsung Network Manager.lnk

[2010/05/29 14:04:50 | 000,024,646 | RHS- | M] () -- C:\WINDOWS\antivirus.vbe

[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

 

========== LOP Check ==========

 

[2010/06/13 02:39:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Alwil Software

[2008/10/28 18:52:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WLAN

 

========== Purity Check ==========

 

 

 

< End of report >

 

OTL Extras logfile created on: 23/06/2010 00:08:19 - Run 1

OTL by OldTimer - Version 3.2.6.1 Folder = C:\Documents and Settings\AL\Mes documents\Téléchargements

Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 8.0.6001.18702)

Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

 

1 014,00 Mb Total Physical Memory | 559,00 Mb Available Physical Memory | 55,00% Memory free

2,00 Gb Paging File | 2,00 Gb Available in Paging File | 87,00% Paging File free

Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files

Drive C: | 25,04 Gb Total Space | 17,06 Gb Free Space | 68,10% Space Free | Partition Type: NTFS

Drive D: | 118,00 Gb Total Space | 61,07 Gb Free Space | 51,75% Space Free | Partition Type: NTFS

E: Drive not present or media not loaded

F: Drive not present or media not loaded

G: Drive not present or media not loaded

H: Drive not present or media not loaded

I: Drive not present or media not loaded

 

Computer Name: NC10-F401E8581C

Current User Name: AL

Logged in as Administrator.

 

Current Boot Mode: Normal

Scan Mode: All users

Company Name Whitelist: Off

Skip Microsoft Files: Off

File Age = 30 Days

Output = Standard

 

========== Extra Registry (SafeList) ==========

 

 

========== File Associations ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

 

[HKEY_USERS\S-1-5-21-2578818418-2825335827-470265143-1005\SOFTWARE\Classes\<extension>]

.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

 

========== Shell Spawning ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

exefile [open] -- "%1" %*

htmlfile [edit] -- Reg Error: Key error.

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()

Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)

Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

 

========== Security Center Settings ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"FirstRunDisabled" = 1

"AntiVirusDisableNotify" = 0

"FirewallDisableNotify" = 0

"UpdatesDisableNotify" = 0

"AntiVirusOverride" = 0

"FirewallOverride" = 0

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

"EnableFirewall" = 1

 

========== Authorized Applications List ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

"C:\WINDOWS\system32\dpvsetup.exe" = C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test -- (Microsoft Corporation)

 

 

========== HKEY_LOCAL_MACHINE Uninstall List ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{133742BA-6F46-4D3E-85AF-78631D9AD8B8}" = Installation Windows Live

"{145DE957-0679-4A2A-BB5C-1D3E9808FAB2}" = Samsung Recovery Solution III

"{17283B95-21A8-4996-97DA-547A48DB266F}" = Easy Display Manager

"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Outil de téléchargement Windows Live

"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT

"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform

"{3248F0A8-6813-11D6-A77B-00B0D0150000}" = J2SE Runtime Environment 5.0

"{32D6A58F-9659-446C-BBFC-E6F2B41F24DC}" = Samsung Magic Doctor

"{350C940c-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP

"{5CBB720F-08E6-4043-B83F-76C277AF6DE7}" = Samsung Wallpaper

"{5DD76286-9BE7-4894-A990-E905E91AC818}" = Windows Live Mail

"{6F730513-8688-4C3C-90A3-6B9792CE2EF3}" = Samsung Battery Manager

"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK

"{71A51B59-E7D3-11DB-A386-005056C00008}" = Namuga 1.3M Webcam

"{7B46F9CF-CF60-492E-816E-95EB1A9D1BB4}" = Play Camera

"{84814E6B-2581-46EC-926A-823BD1C670F6}" = WIDCOMM Bluetooth Software

"{8E106A57-A17E-431D-B48F-175E42EB9F74}" = imagine digital freedom - Samsung

"{8E5233E1-7495-44FB-8DEB-4BE906D59619}" = Junk Mail filter update

"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting

"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI

"{ABB14904-A11B-4F42-996C-80FD608A0F17}" = Samsung EDS

"{AC76BA86-7AD7-1036-7B44-A82000000003}" = Adobe Reader 8.2.2 - Français

"{BAE68339-B0F6-4D33-9554-5A3DB2DFF5DA}" = User Guide

"{BD723E53-A42C-4702-AA04-1D74A0311590}" = Magic Keyboard

"{D3F2FAA5-FEC4-42AA-9ABA-1F763919A2B5}" = Samsung Update Plus

"{DCE8CD14-FBF5-4464-B9A4-E18E473546C7}" = Assistant de connexion Windows Live

"{DEA48EFD-22C1-4CD6-B887-EB2E6B2E4735}" = Samsung Network Manager 2.0

"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard

"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver

"{F4F41D14-E0DD-4FB4-AA09-A14225C769BD}" = Atheros WLAN Client

"Adobe Flash Player ActiveX" = Adobe Flash Player ActiveX

"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin

"avast5" = avast! Free Antivirus

"CCleaner" = CCleaner

"HDMI" = Intel® Graphics Media Accelerator Driver

"ie8" = Windows Internet Explorer 8

"InstallShield_{7B46F9CF-CF60-492E-816E-95EB1A9D1BB4}" = Play Camera

"InstallShield_{DEA48EFD-22C1-4CD6-B887-EB2E6B2E4735}" = Samsung Network Manager 2.0

"Marvell Miniport Driver" = Marvell Miniport Driver

"Mozilla Firefox (3.6.3)" = Mozilla Firefox (3.6.3)

"SynTPDeinstKey" = Synaptics Pointing Device Driver

"VLC media player" = VLC media player 1.0.5

"WinLiveSuite_Wave3" = Installation Windows Live

 

========== Last 10 Event Log Errors ==========

 

[ Application Events ]

Error - 19/06/2010 03:29:07 | Computer Name = NC10-F401E8581C | Source = Application Hang | ID = 1002

Description = Application bloquée firefox.exe, version 1.9.2.3743, module bloqué

hungapp, version 0.0.0.0, adresse de blocage 0x00000000.

 

[ System Events ]

Error - 21/06/2010 16:20:58 | Computer Name = NC10-F401E8581C | Source = W32Time | ID = 39452689

Description = Fournisseur de temps NtpClient : une erreur s'est produite lors de

la recherche DNS de l'homologue manuellement configuré 'time.windows.com,0x1'. NtpClient

va essayer à nouveau la recherche DNS dans 15 minutes. L'erreur était : Une opération

a été tentée sur un hôte impossible à atteindre. (0x80072751)

 

Error - 21/06/2010 16:20:58 | Computer Name = NC10-F401E8581C | Source = W32Time | ID = 39452701

Description = Le fournisseur de temps NtpClient est configuré pour acquérir le temps

à partir d'une ou plusieurs sources de temps, cependant aucune source n'est actuellement

accessible. Aucune tentative pour en contacter une ne sera effectuée d'ici 14 minutes.

NtpClient

n'a pas de source de temps précis.

 

Error - 21/06/2010 16:35:58 | Computer Name = NC10-F401E8581C | Source = W32Time | ID = 39452689

Description = Fournisseur de temps NtpClient : une erreur s'est produite lors de

la recherche DNS de l'homologue manuellement configuré 'time.windows.com,0x1'. NtpClient

va essayer à nouveau la recherche DNS dans 30 minutes. L'erreur était : Une opération

a été tentée sur un hôte impossible à atteindre. (0x80072751)

 

Error - 21/06/2010 16:35:58 | Computer Name = NC10-F401E8581C | Source = W32Time | ID = 39452701

Description = Le fournisseur de temps NtpClient est configuré pour acquérir le temps

à partir d'une ou plusieurs sources de temps, cependant aucune source n'est actuellement

accessible. Aucune tentative pour en contacter une ne sera effectuée d'ici 29 minutes.

NtpClient

n'a pas de source de temps précis.

 

Error - 22/06/2010 11:03:08 | Computer Name = NC10-F401E8581C | Source = Dhcp | ID = 1002

Description = Le bail de l'adresse IP 192.168.0.10 pour la carte réseau dont l'adresse

réseau est 00242B63E6C4 a été refusé par le serveur DHCP 0.0.0.0 (celui-ci a envoyé

un message DHCPNACK).

 

Error - 22/06/2010 11:19:07 | Computer Name = NC10-F401E8581C | Source = Dhcp | ID = 1002

Description = Le bail de l'adresse IP 192.168.5.2 pour la carte réseau dont l'adresse

réseau est 00242B63E6C4 a été refusé par le serveur DHCP 192.168.6.1 (celui-ci a

envoyé un message DHCPNACK).

 

 

< End of report >

 

========== Extra Registry (SafeList) ==========

 

 

========== File Associations ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

 

[HKEY_USERS\S-1-5-21-2578818418-2825335827-470265143-1005\SOFTWARE\Classes\<extension>]

.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

 

========== Shell Spawning ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

exefile [open] -- "%1" %*

htmlfile [edit] -- Reg Error: Key error.

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()

Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)

Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

 

========== Security Center Settings ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"FirstRunDisabled" = 1

"AntiVirusDisableNotify" = 0

"FirewallDisableNotify" = 0

"UpdatesDisableNotify" = 0

"AntiVirusOverride" = 0

"FirewallOverride" = 0

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

"EnableFirewall" = 1

 

========== Authorized Applications List ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

"C:\WINDOWS\system32\dpvsetup.exe" = C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test -- (Microsoft Corporation)

 

 

========== HKEY_LOCAL_MACHINE Uninstall List ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{133742BA-6F46-4D3E-85AF-78631D9AD8B8}" = Installation Windows Live

"{145DE957-0679-4A2A-BB5C-1D3E9808FAB2}" = Samsung Recovery Solution III

"{17283B95-21A8-4996-97DA-547A48DB266F}" = Easy Display Manager

"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Outil de téléchargement Windows Live

"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT

"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform

"{3248F0A8-6813-11D6-A77B-00B0D0150000}" = J2SE Runtime Environment 5.0

"{32D6A58F-9659-446C-BBFC-E6F2B41F24DC}" = Samsung Magic Doctor

"{350C940c-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP

"{5CBB720F-08E6-4043-B83F-76C277AF6DE7}" = Samsung Wallpaper

"{5DD76286-9BE7-4894-A990-E905E91AC818}" = Windows Live Mail

"{6F730513-8688-4C3C-90A3-6B9792CE2EF3}" = Samsung Battery Manager

"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK

"{71A51B59-E7D3-11DB-A386-005056C00008}" = Namuga 1.3M Webcam

"{7B46F9CF-CF60-492E-816E-95EB1A9D1BB4}" = Play Camera

"{84814E6B-2581-46EC-926A-823BD1C670F6}" = WIDCOMM Bluetooth Software

"{8E106A57-A17E-431D-B48F-175E42EB9F74}" = imagine digital freedom - Samsung

"{8E5233E1-7495-44FB-8DEB-4BE906D59619}" = Junk Mail filter update

"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting

"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI

"{ABB14904-A11B-4F42-996C-80FD608A0F17}" = Samsung EDS

"{AC76BA86-7AD7-1036-7B44-A82000000003}" = Adobe Reader 8.2.2 - Français

"{BAE68339-B0F6-4D33-9554-5A3DB2DFF5DA}" = User Guide

"{BD723E53-A42C-4702-AA04-1D74A0311590}" = Magic Keyboard

"{D3F2FAA5-FEC4-42AA-9ABA-1F763919A2B5}" = Samsung Update Plus

"{DCE8CD14-FBF5-4464-B9A4-E18E473546C7}" = Assistant de connexion Windows Live

"{DEA48EFD-22C1-4CD6-B887-EB2E6B2E4735}" = Samsung Network Manager 2.0

"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard

"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver

"{F4F41D14-E0DD-4FB4-AA09-A14225C769BD}" = Atheros WLAN Client

"Adobe Flash Player ActiveX" = Adobe Flash Player ActiveX

"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin

"avast5" = avast! Free Antivirus

"CCleaner" = CCleaner

"HDMI" = Intel® Graphics Media Accelerator Driver

"ie8" = Windows Internet Explorer 8

"InstallShield_{7B46F9CF-CF60-492E-816E-95EB1A9D1BB4}" = Play Camera

"InstallShield_{DEA48EFD-22C1-4CD6-B887-EB2E6B2E4735}" = Samsung Network Manager 2.0

"Marvell Miniport Driver" = Marvell Miniport Driver

"Mozilla Firefox (3.6.3)" = Mozilla Firefox (3.6.3)

"SynTPDeinstKey" = Synaptics Pointing Device Driver

"VLC media player" = VLC media player 1.0.5

"WinLiveSuite_Wave3" = Installation Windows Live

 

========== Last 10 Event Log Errors ==========

 

[ Application Events ]

Error - 19/06/2010 03:29:07 | Computer Name = NC10-F401E8581C | Source = Application Hang | ID = 1002

Description = Application bloquée firefox.exe, version 1.9.2.3743, module bloqué

hungapp, version 0.0.0.0, adresse de blocage 0x00000000.

 

[ System Events ]

Error - 21/06/2010 16:20:58 | Computer Name = NC10-F401E8581C | Source = W32Time | ID = 39452689

Description = Fournisseur de temps NtpClient : une erreur s'est produite lors de

la recherche DNS de l'homologue manuellement configuré 'time.windows.com,0x1'. NtpClient

va essayer à nouveau la recherche DNS dans 15 minutes. L'erreur était : Une opération

a été tentée sur un hôte impossible à atteindre. (0x80072751)

 

Error - 21/06/2010 16:20:58 | Computer Name = NC10-F401E8581C | Source = W32Time | ID = 39452701

Description = Le fournisseur de temps NtpClient est configuré pour acquérir le temps

à partir d'une ou plusieurs sources de temps, cependant aucune source n'est actuellement

accessible. Aucune tentative pour en contacter une ne sera effectuée d'ici 14 minutes.

NtpClient

n'a pas de source de temps précis.

 

Error - 21/06/2010 16:35:58 | Computer Name = NC10-F401E8581C | Source = W32Time | ID = 39452689

Description = Fournisseur de temps NtpClient : une erreur s'est produite lors de

la recherche DNS de l'homologue manuellement configuré 'time.windows.com,0x1'. NtpClient

va essayer à nouveau la recherche DNS dans 30 minutes. L'erreur était : Une opération

a été tentée sur un hôte impossible à atteindre. (0x80072751)

 

Error - 21/06/2010 16:35:58 | Computer Name = NC10-F401E8581C | Source = W32Time | ID = 39452701

Description = Le fournisseur de temps NtpClient est configuré pour acquérir le temps

à partir d'une ou plusieurs sources de temps, cependant aucune source n'est actuellement

accessible. Aucune tentative pour en contacter une ne sera effectuée d'ici 29 minutes.

NtpClient

n'a pas de source de temps précis.

 

Error - 22/06/2010 11:03:08 | Computer Name = NC10-F401E8581C | Source = Dhcp | ID = 1002

Description = Le bail de l'adresse IP 192.168.0.10 pour la carte réseau dont l'adresse

réseau est 00242B63E6C4 a été refusé par le serveur DHCP 0.0.0.0 (celui-ci a envoyé

un message DHCPNACK).

 

Error - 22/06/2010 11:19:07 | Computer Name = NC10-F401E8581C | Source = Dhcp | ID = 1002

Description = Le bail de l'adresse IP 192.168.5.2 pour la carte réseau dont l'adresse

réseau est 00242B63E6C4 a été refusé par le serveur DHCP 192.168.6.1 (celui-ci a

envoyé un message DHCPNACK).

 

 

< End of report >

no.ppp Extrem Member

no.ppp

Posté(e)
Posté(e)

Re,

 

Bien. :P

 

Tu connais : C:\Documents and Settings\AL\hiv.html ? A priori non vu les symptômes que tu présentes (Ton PC est atteint par le virus du SIDA) et HIV.html..

Si tu ne connais pas, supprime.

 

080821120923886402.png Relance OTL.exe.

 

  • Copie-colle le code suivant dans la fenêtre Personnalisation
     

    :OTL
    O4 - HKLM..\Run: [] File not found
    O4 - HKLM..\Run: [system] C:\WINDOWS\antivirus.vbe ()
    O33 - MountPoints2\{de9ed3cc-7d60-11df-923c-00242b63e6c4}\Shell\AutoRun\command - "" = wscript.exe hivie.vbe
    O33 - MountPoints2\{de9ed3cc-7d60-11df-923c-00242b63e6c4}\Shell\open\Command - "" = wscript.exe hivie.vbe
     
    :files
    C:\WINDOWS\antivirus.vbe
    C:\WINDOWS\System32\hivie.vbe
    :services
     
    :reg
     
    :commands
    [EmptyTemp]
    [EmptyFlash]
    [Purity]
    [CREATERESTOREPOINT]
    [ResetHosts]
    [Reboot]
  • Clique ensuite sur Correction et patiente pendant que l'outil travaille.
  • Copie-colle le contenu du rapport qui s'ouvre (C\_OTL\MovedFiles) dans ta prochaine réponse.

 

 

 

Si tu es sous Vista/7 : Désactive provisoirement l'UAC

 

080821120923886402.png Télécharge USBFix sur ton Bureau.

 

  • Double-clique sur USBFix.exe pour le lancer. (Sous Vista, clique-droit sur USBFix.exe et choisis Exécuter en tant qu'administrateur.)
  • Clique sur Recherche et laisse l'outil travailler.
  • Une fenêtre te demandera de bancher tous les périphériques externes(clés USB, lecteurs MP3, disques durs externes, etc ...). Branche le matériel puis clique sur OK pour poursuivre.
  • Patiente le temps d'exécution du scan.
  • A la fin, un rapport va être généré (C:\USBFix.txt). Copie-colle l'intégralité de son contenu dans ta prochaine réponse.

zolo Junior Member

zolo

Posté(e)
  • Auteur
Posté(e) (modifié)

merci pour la reponse c'est effectivement : C:\Documents and Settings\AL\hiv.html le virus

donc j'ai suivi tes instructions le pc a redemarrer a la demande d'otc voici le rapportAll processes killed

========== OTL ==========

Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ not found.

Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\System deleted successfully.

File move failed. C:\WINDOWS\antivirus.vbe scheduled to be moved on reboot.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{de9ed3cc-7d60-11df-923c-00242b63e6c4}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{de9ed3cc-7d60-11df-923c-00242b63e6c4}\ not found.

File wscript.exe hivie.vbe not found.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{de9ed3cc-7d60-11df-923c-00242b63e6c4}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{de9ed3cc-7d60-11df-923c-00242b63e6c4}\ not found.

File wscript.exe hivie.vbe not found.

========== FILES ==========

File move failed. C:\WINDOWS\antivirus.vbe scheduled to be moved on reboot.

File move failed. C:\WINDOWS\System32\hivie.vbe scheduled to be moved on reboot.

========== SERVICES/DRIVERS ==========

========== REGISTRY ==========

========== COMMANDS ==========

 

[EMPTYTEMP]

 

User: AL

->Temp folder emptied: 589908 bytes

->Temporary Internet Files folder emptied: 33170 bytes

->FireFox cache emptied: 20183148 bytes

->Flash cache emptied: 456 bytes

 

User: All Users

 

User: Default User

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 0 bytes

 

User: LocalService

->Temp folder emptied: 66016 bytes

->Temporary Internet Files folder emptied: 33170 bytes

 

User: NetworkService

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 0 bytes

 

%systemdrive% .tmp files removed: 0 bytes

%systemroot% .tmp files removed: 0 bytes

%systemroot%\System32 .tmp files removed: 0 bytes

%systemroot%\System32\dllcache .tmp files removed: 0 bytes

%systemroot%\System32\drivers .tmp files removed: 0 bytes

Windows Temp folder emptied: 0 bytes

%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes

%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes

RecycleBin emptied: 25736 bytes

 

Total Files Cleaned = 20,00 mb

 

 

[EMPTYFLASH]

 

User: AL

->Flash cache emptied: 0 bytes

 

User: All Users

 

User: Default User

 

User: LocalService

 

User: NetworkService

 

Total Flash Files Cleaned = 0,00 mb

 

Restore point Set: OTL Restore Point (0)

C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.

HOSTS file reset successfully

 

OTL by OldTimer - Version 3.2.6.1 log created on 06232010_193016

 

Files\Folders moved on Reboot...

C:\WINDOWS\antivirus.vbe moved successfully.

File move failed. C:\WINDOWS\System32\hivie.vbe scheduled to be moved on reboot.

File move failed. C:\WINDOWS\temp\_avast5_\Webshlock.txt scheduled to be moved on reboot.

 

Registry entries deleted on Reboot...

 

lorsque j'essaye de faire controle alt suppr j'ai toujour pas acces "le gestionnaire des taches a été desactivé par votre admin"..

que dois-je faire?

Modifié par zolo
zolo Junior Member

zolo

Posté(e)
  • Auteur
Posté(e)

merci pour la reponse c'est effectivement : C:\Documents and Settings\AL\hiv.html le virus

donc j'ai suivi tes instructions le pc a redemarrer a la demande d'otc voici le rapportAll processes killed

========== OTL ==========

Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ not found.

Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\System deleted successfully.

File move failed. C:\WINDOWS\antivirus.vbe scheduled to be moved on reboot.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{de9ed3cc-7d60-11df-923c-00242b63e6c4}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{de9ed3cc-7d60-11df-923c-00242b63e6c4}\ not found.

File wscript.exe hivie.vbe not found.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{de9ed3cc-7d60-11df-923c-00242b63e6c4}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{de9ed3cc-7d60-11df-923c-00242b63e6c4}\ not found.

File wscript.exe hivie.vbe not found.

========== FILES ==========

File move failed. C:\WINDOWS\antivirus.vbe scheduled to be moved on reboot.

File move failed. C:\WINDOWS\System32\hivie.vbe scheduled to be moved on reboot.

========== SERVICES/DRIVERS ==========

========== REGISTRY ==========

========== COMMANDS ==========

 

[EMPTYTEMP]

 

User: AL

->Temp folder emptied: 589908 bytes

->Temporary Internet Files folder emptied: 33170 bytes

->FireFox cache emptied: 20183148 bytes

->Flash cache emptied: 456 bytes

 

User: All Users

 

User: Default User

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 0 bytes

 

User: LocalService

->Temp folder emptied: 66016 bytes

->Temporary Internet Files folder emptied: 33170 bytes

 

User: NetworkService

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 0 bytes

 

%systemdrive% .tmp files removed: 0 bytes

%systemroot% .tmp files removed: 0 bytes

%systemroot%\System32 .tmp files removed: 0 bytes

%systemroot%\System32\dllcache .tmp files removed: 0 bytes

%systemroot%\System32\drivers .tmp files removed: 0 bytes

Windows Temp folder emptied: 0 bytes

%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes

%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes

RecycleBin emptied: 25736 bytes

 

Total Files Cleaned = 20,00 mb

 

 

[EMPTYFLASH]

 

User: AL

->Flash cache emptied: 0 bytes

 

User: All Users

 

User: Default User

 

User: LocalService

 

User: NetworkService

 

Total Flash Files Cleaned = 0,00 mb

 

Restore point Set: OTL Restore Point (0)

C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.

HOSTS file reset successfully

 

OTL by OldTimer - Version 3.2.6.1 log created on 06232010_193016

 

Files\Folders moved on Reboot...

C:\WINDOWS\antivirus.vbe moved successfully.

File move failed. C:\WINDOWS\System32\hivie.vbe scheduled to be moved on reboot.

File move failed. C:\WINDOWS\temp\_avast5_\Webshlock.txt scheduled to be moved on reboot.

 

Registry entries deleted on Reboot...

 

lorsque j'essaye de faire controle alt suppr j'ai toujours pas accées "le gestionnaire des taches a été desactivé par votre admin"..et le virus est toujour la...

que dois-je faire?

zolo Junior Member

zolo

Posté(e)
  • Auteur
Posté(e)

Salut,

 

Où en es-tu ?

[/c'est bon pour l'instant le virus à été supprimé merci du coup de main tu es trop fort merci beaucoup

car formater ce pc sans lecteur cd c'est chiant..

up

Rejoindre la conversation

Vous pouvez publier maintenant et vous inscrire plus tard. Si vous avez un compte, connectez-vous maintenant pour publier avec votre compte.
Remarque : votre message nécessitera l’approbation d’un modérateur avant de pouvoir être visible.

Invité
Répondre à ce sujet…

×   Collé en tant que texte enrichi.   Coller en tant que texte brut à la place

  Seulement 75 émoticônes maximum sont autorisées.

×   Votre lien a été automatiquement intégré.   Afficher plutôt comme un lien

×   Votre contenu précédent a été rétabli.   Vider l’éditeur

×   Vous ne pouvez pas directement coller des images. Envoyez-les depuis votre ordinateur ou insérez-les depuis une URL.

×
 Partager
Aller sur la liste des sujets

  • En ligne récemment   0 membre est en ligne

    • Aucun utilisateur enregistré regarde cette page.
×
×
  • Créer...