Analyse de HijackThis

[Jisca]

Bonjour,

 

Je me permets de poster un rapport HijackThis afin de savoir

si mon PC n'est pas infecté .

 

Systeme exploitation XP familial

 

Merci d'avance pour votre aide !

 

-----------------------------------------

 

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 14:34:54, on 2011-03-09

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v8.00 (8.00.6001.18702)

Boot mode: Normal

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\Avira\AntiVir Desktop\sched.exe

C:\WINDOWS\System32\igfxtray.exe

C:\WINDOWS\System32\hkcmd.exe

C:\Program Files\Analog Devices\SoundMAX\Smax4.exe

C:\Program Files\HP\HP Software Update\HPWuSchd2.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe

C:\Program Files\Avira\AntiVir Desktop\avgnt.exe

C:\Program Files\Fichiers communs\Spigot\Search Settings\SearchSettings.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Windows Live\Messenger\msnmsgr.exe

C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

C:\WINDOWS\FSScrCtl.exe

C:\Program Files\Avira\AntiVir Desktop\avguard.exe

C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

C:\Program Files\Application Updater\ApplicationUpdater.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\Java\jre6\bin\jqs.exe

C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE

C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe

C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\Windows Live\Contacts\wlcomm.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\WINDOWS\System32\wbem\wmiapsrv.exe

C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe

C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe

C:\Program Files\Avira\AntiVir Desktop\avscan.exe

C:\Program Files\Outlook Express\msimn.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Windows Live\Toolbar\wltuser.exe

C:\WINDOWS\System32\msiexec.exe

C:\Program Files\trend micro\HiJackThis\HiJackThis.exe

 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = La Poésie que j'aime ... - 1999-2011- le site officiel

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = La Poésie que j'aime ...

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens

R3 - URLSearchHook: pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files\pdfforge Toolbar\IE\4.3\pdfforgeToolbarIE.dll

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)

O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll

O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files\pdfforge Toolbar\IE\4.3\pdfforgeToolbarIE.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll

O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll

O3 - Toolbar: pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files\pdfforge Toolbar\IE\4.3\pdfforgeToolbarIE.dll

O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\System32\igfxtray.exe

O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe

O4 - HKLM\..\Run: [soundMax] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray

O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe"

O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min

O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [searchSettings] "C:\Program Files\Fichiers communs\Spigot\Search Settings\SearchSettings.exe"

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe

O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background

O4 - HKCU\..\RunOnce: [shockwave Updater] C:\WINDOWS\system32\Adobe\Shockwave 11\SwHelper_1150596.exe -Update -1150596 -"Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; Trident/4.0; .NET CLR 1.1.4322; .NET CLR 2.0.50727; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729)" -"http://pages.videotron.com/biogest/biologietotale/fr_index.html"

O4 - Startup: Screen Saver Control.lnk = C:\WINDOWS\FSScrCtl.exe

O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

O4 - Global Startup: Microsoft Office.lnk = C:\Office\OSA9.EXE

O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present

O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200

O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html

O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe

O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe

O9 - Extra button: Flash Decompiler SWF Capture tool - {86B4FC19-8FA4-4FD3-B243-9AEDB42FA2D5} - C:\WINDOWS\System32\shdocvw.dll

O9 - Extra 'Tools' menuitem: Flash Decompiler SWF Capture tool menu - {86B4FC19-8FA4-4FD3-B243-9AEDB42FA2D5} - C:\WINDOWS\System32\shdocvw.dll

O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)

O16 - DPF: {1F2F4C9E-6F09-47BC-970D-3C54734667FE} - http://www.symantec.com/techsupp/asa/ctrl/LSSupCtl.cab

O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/SSC/SharedContent/vc/bin/AvSniff.cab

O16 - DPF: {3451DEDE-631F-421C-8127-FD793AFC6CC8} - https://www-secure.symantec.com/techsupp/asa/ctrl/SymAData.cab

O16 - DPF: {55027008-315F-4F45-BBC3-8BE119764741} (Slide Image Uploader Control) - http://static.slide.com/uploader/SlideImageUploader.cab

O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - Free Online Virus Scan - BitDefender Online Scanner

O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - Technical difficulties

O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab

O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://fdata.over-blog.com/99/00/00/01/js/javauploader/ImageUploader4.cab

O16 - DPF: {A18962F6-E6ED-40B1-97C9-1FB36F38BFA8} (Aurigma Image Uploader 3.5 Control) - http://fdata.over-blog.com/script/ImageUploader3.cab

O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} (ActiveDataInfo Class) - http://www.symantec.com/techsupp/asa/ctrl/SymAData.cab

O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://wwwimages.adobe.com/www.adobe.com/products/acrobat/nos/gp.cab

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

O16 - DPF: {D4323BF2-006A-4440-A2F5-27E3E7AB25F8} - http://a532.g.akamai.net/f/532/6712/5m/virtools.download.akamai.com/6712/player/install/installer.exe

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} (get_atlcom Class) - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} (Windows Live Hotmail Photo Upload Tool) - http://gfx1.hotmail.com/mail/w4/pr01/photouploadcontrol/MSNPUpld.cab

O22 - SharedTaskScheduler: Pré-chargeur Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll

O22 - SharedTaskScheduler: Démon de cache des catégories de composant - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll

O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe

O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe

O23 - Service: Apache - Unknown owner - C:\PROGRA~1\EASYPH~1\Apache\apache.exe

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

O23 - Service: Application Updater - Spigot, Inc. - C:\Program Files\Application Updater\ApplicationUpdater.exe

O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: Service d'administration du Gestionnaire de disque logique (dmadmin) - Unknown owner - C:\WINDOWS\System32\dmadmin.exe

O23 - Service: Journal des événements (Eventlog) - Unknown owner - C:\WINDOWS\system32\services.exe

O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: Service COM de gravage de CD IMAPI (ImapiService) - Unknown owner - C:\WINDOWS\System32\imapi.exe

O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe

O23 - Service: Partage de Bureau à distance NetMeeting (mnmsrvc) - Unknown owner - C:\WINDOWS\System32\mnmsrvc.exe

O23 - Service: MySql - Unknown owner - C:\PROGRA~1\EASYPH~1\MySql\bin\mysqld.exe

O23 - Service: Plug-and-Play (PlugPlay) - Unknown owner - C:\WINDOWS\system32\services.exe

O23 - Service: Gestionnaire de session d'aide sur le Bureau à distance (RDSessMgr) - Unknown owner - C:\WINDOWS\system32\sessmgr.exe

O23 - Service: Carte à puce (SCardSvr) - Unknown owner - C:\WINDOWS\System32\SCardSvr.exe

O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe

O23 - Service: Journaux et alertes de performance (SysmonLog) - Unknown owner - C:\WINDOWS\system32\smlogsvc.exe

O23 - Service: Cliché instantané de volume (VSS) - Unknown owner - C:\WINDOWS\System32\vssvc.exe

O23 - Service: Carte de performance WMI (WmiApSrv) - Unknown owner - C:\WINDOWS\System32\wbem\wmiapsrv.exe

O23 - Service: Service Partage réseau du Lecteur Windows Media (WMPNetworkSvc) - Unknown owner - C:\Program Files\Windows Media Player\WMPNetwk.exe

 

--

End of file - 13221 bytes

Modifié le 9 mars 2011 par Jisca

[jeanmimigab]

Bonsoir et bienvenue sur Zébulon,

 

effectivement tu es infecté...fais cela stp...

 

• télécharge Malwarebytes et installe le.
  
• Après avoir effectué la mise à jour, Choisis "exécuter un examen rapide", à la fin du scanne, coches tous les éléments trouvés,et clique sur supprimer la sélection.
  
• Poste moi le rapport stp.

 

ensuite..

 

* Télécharge >> OTL <<sur ton bureau.

 

* Fait un double-clic sur l'icône d'OTL pour le lancer

 

* Assure toi d'avoir fermé toutes les applications en court de fonctionnement.

 

* Quand la fenêtre d'OTL apparaît, assure toi que dans la section "Rapport" (en haut à droite) la case "rapport minimal " soit cochée.

 

* Coches les case situées devant "Tous les utilisateurs", " Recherche LOP" et "Recherche Purity".

 

* Copier et colle le contenue de cette citation dans la partie inférieure d'OTL "personnalisation"

 

NetSvcs

%systemroot%\system32\drivers\*.sys /lockedfiles

msconfig

safebootminimal

safebootnetwork

activex

drivers32

%ALLUSERSPROFILE%\Application Data\*.

%ALLUSERSPROFILE%\Application Data\*.exe /s

%APPDATA%\*.

%APPDATA%\*.exe /s

%SYSTEMDRIVE%\*.exe

netsvcs

%SYSTEMDRIVE%\*.exe

/md5start

explorer.exe

userinit.exe

winlogon.exe

wininit.exe

tcpip.sys

Sfloppy.sys

Changer.sys

cdrom.sys

disk.sys

ndis.sys

usbscan.sys

usbprint.sys

tdtcp.sys

tdpipe.sys

swmidi.sys

splitter.sys

rdpwd.sys

eventlog.dll

scecli.dll

netlogon.dll

cngaudit.dll

sceclt.dll

ntelogon.dll

logevent.dll

RASACD.SYS

iaStor.sys

nvstor.sys

atapi.sys

IdeChnDr.sys

viasraid.sys

AGP440.sys

vaxscsi.sys

nvatabus.sys

viamraid.sys

nvata.sys

nvgts.sys

iastorv.sys

ViPrt.sys

eNetHook.dll

ahcix86.sys

KR10N.sys

nvstor32.sys

ahcix86s.sys

nvrd32.sys

/md5stop

%systemroot%\*. /mp /s

%systemroot%\system32\*.dll /lockedfiles

%systemroot%\Tasks\*.job /lockedfiles

 

* Cliques sur l'icône "Analyse" (en haut à gauche) .

* Laisse le scan aller à son terme sans te servir du PC

* A la fin du scan deux rapports vont s'ouvrir "OTL.Txt" et ( ou ) "Extras.Txt"( réduit dans la barre des taches).

* Copie et colle les rapports dans ta réponse stp...

* Au cas où, tu peux les retrouver dans le dossier C:\OTL

 

@++

[Jisca]

Merci pour votre réponse

 

voici les 2 rapports:

 

Malwarebytes' Anti-Malware 1.50.1.1100

www.malwarebytes.org

 

Version de la base de données: 6004

 

Windows 5.1.2600 Service Pack 3

Internet Explorer 8.0.6001.18702

 

2011-03-09 18:47:07

mbam-log-2011-03-09 (18-47-07).txt

 

Type d'examen: Examen rapide

Elément(s) analysé(s): 148221

Temps écoulé: 11 minute(s), 46 seconde(s)

 

Processus mémoire infecté(s): 2

Module(s) mémoire infecté(s): 0

Clé(s) du Registre infectée(s): 9

Valeur(s) du Registre infectée(s): 5

Elément(s) de données du Registre infecté(s): 0

Dossier(s) infecté(s): 0

Fichier(s) infecté(s): 3

 

Processus mémoire infecté(s):

c:\program files\application updater\applicationupdater.exe (PUP.Dealio) -> 548 -> Unloaded process successfully.

c:\program files\fichiers communs\Spigot\search settings\searchsettings.exe (PUP.Dealio) -> 1692 -> Unloaded process successfully.

 

Module(s) mémoire infecté(s):

(Aucun élément nuisible détecté)

 

Clé(s) du Registre infectée(s):

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Application Updater (PUP.Dealio) -> Not selected for removal.

HKEY_CLASSES_ROOT\CLSID\{B922D405-6D13-4A2B-AE89-08A030DA4402} (PUP.Dealio) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B922D405-6D13-4A2B-AE89-08A030DA4402} (PUP.Dealio) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{B922D405-6D13-4A2B-AE89-08A030DA4402} (PUP.Dealio) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{B922D405-6D13-4A2B-AE89-08A030DA4402} (PUP.Dealio) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{E312764E-7706-43F1-8DAB-FCDD2B1E416D} (PUP.Dealio) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\Software\epk_extr (Trojan.Skintrim) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_AXPSHOOK11 (Rogue.SpywareNukerXT) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AXPSHOOK11 (Rogue.SpywareNukerXT) -> Quarantined and deleted successfully.

 

Valeur(s) du Registre infectée(s):

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\PROGRAM FILES\APPLICATION UPDATER\APPLICATIONUPDATER.EXE (PUP.Dealio) -> Value: APPLICATIONUPDATER.EXE -> Not selected for removal.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\{B922D405-6D13-4A2B-AE89-08A030DA4402} (PUP.Dealio) -> Value: {B922D405-6D13-4A2B-AE89-08A030DA4402} -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{B922D405-6D13-4A2B-AE89-08A030DA4402} (PUP.Dealio) -> Value: {B922D405-6D13-4A2B-AE89-08A030DA4402} -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\SearchSettings (PUP.Dealio) -> Value: SearchSettings -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\PROGRAM FILES\FICHIERS COMMUNS\SPIGOT\SEARCH SETTINGS\SEARCHSETTINGS.EXE (PUP.Dealio) -> Value: SEARCHSETTINGS.EXE -> Quarantined and deleted successfully.

 

Elément(s) de données du Registre infecté(s):

(Aucun élément nuisible détecté)

 

Dossier(s) infecté(s):

(Aucun élément nuisible détecté)

 

Fichier(s) infecté(s):

c:\program files\application updater\applicationupdater.exe (PUP.Dealio) -> Not selected for removal.

c:\program files\pdfforge toolbar\IE\4.3\pdfforgetoolbarie.dll (PUP.Dealio) -> Quarantined and deleted successfully.

c:\program files\fichiers communs\Spigot\search settings\searchsettings.exe (PUP.Dealio) -> Quarantined and deleted successfully.

 

-----------------

 

 

OTL logfile created on: 2011-03-09 19:05:38 - Run 1 OTL by OldTimer - Version 3.2.22.3 Folder = C:\Documents and Settings\GC\Bureau

Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 8.0.6001.18702)

Locale: 00000C0C | Country: Canada | Language: FRC | Date Format: yyyy-MM-dd

 

239,00 Mb Total Physical Memory | 51,00 Mb Available Physical Memory | 21,00% Memory free

586,00 Mb Paging File | 211,00 Mb Available in Paging File | 36,00% Paging File free

Paging file location(s): C:\pagefile.sys 360 720 [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files

Drive C: | 37,27 Gb Total Space | 22,40 Gb Free Space | 60,12% Space Free | Partition Type: NTFS

 

Computer Name: GHISLAINE | User Name: GC | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: All users

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

 

========== Processes (SafeList) ==========

 

PRC - C:\Documents and Settings\GC\Bureau\OTL.exe (OldTimer Tools)

PRC - C:\Program Files\Application Updater\ApplicationUpdater.exe (Spigot, Inc.)

PRC - C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)

PRC - C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)

PRC - C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH)

PRC - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)

PRC - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (Apple Inc.)

PRC - C:\Program Files\Picasa2\PicasaMediaDetector.exe (Google Inc.)

PRC - C:\WINDOWS\FSScrCtl.exe (Stardust Software)

PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)

PRC - C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE (Microsoft Corporation)

PRC - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe (Analog Devices, Inc.)

 

 

========== Modules (SafeList) ==========

 

MOD - C:\Documents and Settings\GC\Bureau\OTL.exe (OldTimer Tools)

MOD - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll (Microsoft Corporation)

 

 

========== Win32 Services (SafeList) ==========

 

SRV - (HidServ) -- File not found

SRV - (AppMgmt) -- File not found

SRV - (Application Updater) -- C:\Program Files\Application Updater\ApplicationUpdater.exe (Spigot, Inc.)

SRV - (getPlusHelper) getPlus® -- C:\Program Files\NOS\bin\getPlus_Helper.dll (NOS Microsystems Ltd.)

SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)

SRV - (AntiVirSchedulerService) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH)

SRV - (Apple Mobile Device) -- C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (Apple Inc.)

SRV - (IDriverT) -- C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe (Macrovision Corporation)

SRV - (MySql) -- C:\Program Files\EasyPHP1-8\mysql\bin\mysqld.exe ()

SRV - (Apache) -- C:\Program Files\EasyPHP1-8\apache\Apache.exe ()

SRV - (ose) -- C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)

SRV - (MDM) -- C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE (Microsoft Corporation)

SRV - (SoundMAX Agent Service (default)) -- C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe (Analog Devices, Inc.)

 

 

========== Driver Services (SafeList) ==========

 

DRV - (avgntflt) -- C:\WINDOWS\system32\drivers\avgntflt.sys (Avira GmbH)

DRV - (ssmdrv) -- C:\WINDOWS\system32\drivers\ssmdrv.sys (Avira GmbH)

DRV - (avipbb) -- C:\WINDOWS\system32\drivers\avipbb.sys (Avira GmbH)

DRV - (avgio) -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys (Avira GmbH)

DRV - (SMBios) Intel ® -- C:\WINDOWS\system32\drivers\SMBios.sys (Intel Corporation)

DRV - (sf) -- C:\WINDOWS\system32\drivers\sf.sys (Sonic Focus, Inc)

DRV - (MidiSyn) -- C:\WINDOWS\system32\drivers\MidiSyn.sys (Analog Devices Inc)

 

 

========== Standard Registry (SafeList) ==========

 

 

========== Internet Explorer ==========

 

 

 

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

IE - HKU\S-1-5-21-343818398-1960408961-839522115-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = about:T_PAG

IE - HKU\S-1-5-21-343818398-1960408961-839522115-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie

IE - HKU\S-1-5-21-343818398-1960408961-839522115-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = Google

IE - HKU\S-1-5-21-343818398-1960408961-839522115-1004\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Yahoo! Search

IE - HKU\S-1-5-21-343818398-1960408961-839522115-1004\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = {searchTerms} - Yahoo! Search Results

IE - HKU\S-1-5-21-343818398-1960408961-839522115-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = La Poésie que j'aime ... - 1999-2011- le site officiel

IE - HKU\S-1-5-21-343818398-1960408961-839522115-1004\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie

IE - HKU\S-1-5-21-343818398-1960408961-839522115-1004\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie

IE - HKU\S-1-5-21-343818398-1960408961-839522115-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-343818398-1960408961-839522115-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

 

========== FireFox ==========

 

FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=971163"

FF - prefs.js..browser.search.selectedEngine: "Google"

FF - prefs.js..browser.startup.homepage: "http://lapoesiequejaime.net"

FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0

FF - prefs.js..extensions.enabledItems: pdfforge@mybrowserbar.com:4.3

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21

FF - prefs.js..extensions.enabledItems: {6236BA26-C117-4007-928C-DE0716C7FA79}:1.0.21

FF - prefs.js..extensions.enabledItems: twitternotifier@naan.net:1.9.7.3

FF - prefs.js..extensions.enabledItems: wtxpcom@mybrowserbar.com:4.3

FF - prefs.js..extensions.enabledItems: {d9284e50-81fc-11da-a72b-0800200c9a66}:7.6.2

FF - prefs.js..keyword.URL: "http://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&type=971163&p="

FF - prefs.js..network.proxy.autoconfig_url: "http://biblioxtrn.uqar.qc.ca/proxy.pac"

 

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011-01-17 16:13:23 | 000,000,000 | ---D | M]

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011-02-14 20:16:27 | 000,000,000 | ---D | M]

 

[2009-02-02 09:58:55 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\GC\Application Data\Mozilla\Extensions

[2011-03-01 09:51:34 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\GC\Application Data\Mozilla\Firefox\Profiles\il8p72jp.default\extensions

[2009-10-05 11:57:28 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\GC\Application Data\Mozilla\Firefox\Profiles\il8p72jp.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}(2)

[2011-01-16 14:56:11 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\GC\Application Data\Mozilla\Firefox\Profiles\il8p72jp.default\extensions\{22e03916-85c5-44b0-8dc9-1830c11238d9}

[2010-09-25 19:46:05 | 000,000,000 | ---D | M] (Chameleon Tom) -- C:\Documents and Settings\GC\Application Data\Mozilla\Firefox\Profiles\il8p72jp.default\extensions\{6236BA26-C117-4007-928C-DE0716C7FA79}

[2009-10-05 13:21:08 | 000,000,000 | ---D | M] (IE Tab) -- C:\Documents and Settings\GC\Application Data\Mozilla\Firefox\Profiles\il8p72jp.default\extensions\{77b819fa-95ad-4f2c-ac7c-486b356188a9}

[2011-03-01 09:17:48 | 000,000,000 | ---D | M] ("Yoono") -- C:\Documents and Settings\GC\Application Data\Mozilla\Firefox\Profiles\il8p72jp.default\extensions\{d9284e50-81fc-11da-a72b-0800200c9a66}

[2011-01-16 14:56:10 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\GC\Application Data\Mozilla\Firefox\Profiles\il8p72jp.default\extensions\engine@conduit.com

[2009-10-05 13:21:04 | 000,000,000 | ---D | M] (Dictionnaire HunSpell en Français) -- C:\Documents and Settings\GC\Application Data\Mozilla\Firefox\Profiles\il8p72jp.default\extensions\fr-FR@dictionaries.addons.mozilla.org

[2011-03-01 09:51:30 | 000,000,000 | ---D | M] (Echofon) -- C:\Documents and Settings\GC\Application Data\Mozilla\Firefox\Profiles\il8p72jp.default\extensions\twitternotifier@naan.net

[2010-09-25 19:46:06 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\GC\Application Data\Mozilla\Firefox\Profiles\o4gac0l3.default\extensions

[2010-09-25 19:46:06 | 000,000,000 | ---D | M] (Chameleon Tom) -- C:\Documents and Settings\GC\Application Data\Mozilla\Firefox\Profiles\o4gac0l3.default\extensions\{6236BA26-C117-4007-928C-DE0716C7FA79}

[2005-06-23 09:19:15 | 000,000,000 | ---D | M] (Firefox (default)) -- C:\Documents and Settings\GC\Application Data\Mozilla\Firefox\Profiles\o4gac0l3.default\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

[2010-09-25 19:46:06 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\GC\Application Data\Mozilla\Firefox\Profiles\pw6n3w6j.default\extensions

[2010-09-25 19:46:06 | 000,000,000 | ---D | M] (Chameleon Tom) -- C:\Documents and Settings\GC\Application Data\Mozilla\Firefox\Profiles\pw6n3w6j.default\extensions\{6236BA26-C117-4007-928C-DE0716C7FA79}

[2005-06-27 08:17:20 | 000,000,000 | ---D | M] (Firefox (default)) -- C:\Documents and Settings\GC\Application Data\Mozilla\Firefox\Profiles\pw6n3w6j.default\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

[2011-03-01 09:38:27 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions

[2010-07-28 08:32:49 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}

[2011-02-17 15:06:42 | 000,000,000 | ---D | M] (Widgi Toolbar Platform) -- C:\PROGRAM FILES\FICHIERS COMMUNS\SPIGOT\WTXPCOM

[2009-07-24 14:34:16 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF

[2011-02-17 15:06:45 | 000,000,000 | ---D | M] (pdfforge Toolbar) -- C:\PROGRAM FILES\PDFFORGE TOOLBAR\FF

[2009-09-02 02:00:58 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION

[2010-07-17 04:00:04 | 000,423,656 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll

[2011-01-15 22:14:15 | 000,001,516 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazon-france.xml

[2011-01-15 22:14:16 | 000,001,822 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\cnrtl-tlfi-fr.xml

[2011-01-15 22:14:16 | 000,000,757 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-france.xml

[2011-01-15 22:14:16 | 000,001,426 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-fr.xml

[2011-01-15 22:14:16 | 000,000,956 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-france.xml

 

O1 HOSTS File: ([2003-04-24 07:00:00 | 000,000,790 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\hosts

O1 - Hosts: 127.0.0.1 localhost

O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.

O2 - BHO: (Programme d'aide de l'Assistant de connexion Windows Live) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)

O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.

O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.

O3 - HKU\S-1-5-21-343818398-1960408961-839522115-1004\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.

O3 - HKU\S-1-5-21-343818398-1960408961-839522115-1004\..\Toolbar\WebBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.

O3 - HKU\S-1-5-21-343818398-1960408961-839522115-1004\..\Toolbar\WebBrowser: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No CLSID value found.

O4 - HKLM..\Run: [] File not found

O4 - HKLM..\Run: [Adobe ARM] C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)

O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)

O4 - HKLM..\Run: [KernelFaultCheck] File not found

O4 - HKLM..\Run: [sunJavaUpdateSched] C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)

O4 - HKU\S-1-5-21-343818398-1960408961-839522115-1004..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe (Google Inc.)

O4 - HKU\S-1-5-21-343818398-1960408961-839522115-1004..\RunOnce: [shockwave Updater] File not found

O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Microsoft Office.lnk = C:\Office\OSA9.EXE (Microsoft Corporation)

O4 - Startup: C:\Documents and Settings\GC\Menu Démarrer\Programmes\Démarrage\Screen Saver Control.lnk = C:\WINDOWS\FSScrCtl.exe (Stardust Software)

O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1

O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Restrictions present

O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Restrictions present

O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Restrictions present

O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Restrictions present

O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\S-1-5-21-343818398-1960408961-839522115-1004\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKU\S-1-5-21-343818398-1960408961-839522115-1004\Software\Policies\Microsoft\Internet Explorer\Restrictions present

O7 - HKU\S-1-5-21-343818398-1960408961-839522115-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)

O9 - Extra Button: Flash Decompiler SWF Capture tool - {86B4FC19-8FA4-4FD3-B243-9AEDB42FA2D5} - Reg Error: Key error. File not found

O9 - Extra 'Tools' menuitem : Flash Decompiler SWF Capture tool menu - {86B4FC19-8FA4-4FD3-B243-9AEDB42FA2D5} - Reg Error: Key error. File not found

O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - File not found

O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - File not found

O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)

O15 - HKU\S-1-5-21-343818398-1960408961-839522115-1004\..Trusted Domains: lapoesiequejaime.net ([]https in Sites de confiance)

O15 - HKU\S-1-5-21-343818398-1960408961-839522115-1004\..Trusted Domains: live.ca ([]https in Sites de confiance)

O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} http://www.apple.com/qtactivex/qtplugin.cab (QuickTime Object)

O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)

O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/5/b/0/5b0d4654-aa20-495c-b89f-c1c34c691085/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool)

O16 - DPF: {1F2F4C9E-6F09-47BC-970D-3C54734667FE} http://www.symantec.com/techsupp/asa/ctrl/LSSupCtl.cab (Reg Error: Key error.)

O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)

O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} http://security.symantec.com/SSC/SharedContent/vc/bin/AvSniff.cab (Symantec AntiVirus scanner)

O16 - DPF: {3451DEDE-631F-421C-8127-FD793AFC6CC8} https://www-secure.symantec.com/techsupp/asa/ctrl/SymAData.cab (Reg Error: Key error.)

O16 - DPF: {4B48D5DF-9021-45F7-A240-60304302A215} http://download.microsoft.com/download/5/c/2/5c2fc4b7-3875-4eec-946b-ffe15472cabc/WebCleaner.cab (Malicious Software Removal Tool)

O16 - DPF: {55027008-315F-4F45-BBC3-8BE119764741} http://static.slide.com/uploader/SlideImageUploader.cab (Slide Image Uploader Control)

O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} Free Online Virus Scan - BitDefender Online Scanner (BDSCANONLINE Control)

O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} Technical difficulties (Windows Live Safety Center Base Module)

O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab (Symantec RuFSI Utility Class)

O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} http://fdata.over-blog.com/99/00/00/01/js/javauploader/ImageUploader4.cab (Image Uploader Control)

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)

O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab (Reg Error: Key error.)

O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} http://v4.windowsupdate.microsoft.com/CAB/x86/unicode/iuctl.CAB?38044.6048148148 (Reg Error: Key error.)

O16 - DPF: {A18962F6-E6ED-40B1-97C9-1FB36F38BFA8} http://fdata.over-blog.com/script/ImageUploader3.cab (Aurigma Image Uploader 3.5 Control)

O16 - DPF: {A8658086-E6AC-4957-BC8E-7D54A7E8A78E} http://www.microsoft.com/security/controls/SassCln.CAB (SassCln Object)

O16 - DPF: {CAFEEFAC-0014-0002-0006-ABCDEFFEDCBA} Java Plug-in Technology (Reg Error: Key error.)

O16 - DPF: {CAFEEFAC-0015-0000-0002-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_02-windows-i586.cab (Reg Error: Key error.)

O16 - DPF: {CAFEEFAC-0015-0000-0004-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_04-windows-i586.cab (Reg Error: Key error.)

O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab (Reg Error: Key error.)

O16 - DPF: {CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_09-windows-i586.cab (Reg Error: Key error.)

O16 - DPF: {CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_10-windows-i586.cab (Reg Error: Key error.)

O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab (Reg Error: Key error.)

O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab (Reg Error: Key error.)

O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab (Reg Error: Key error.)

O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Reg Error: Key error.)

O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)

O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} http://www.symantec.com/techsupp/asa/ctrl/SymAData.cab (ActiveDataInfo Class)

O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} http://wwwimages.adobe.com/www.adobe.com/products/acrobat/nos/gp.cab (get_atlcom Class)

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)

O16 - DPF: {D4323BF2-006A-4440-A2F5-27E3E7AB25F8} http://a532.g.akamai.net/f/532/6712/5m/virtools.download.akamai.com/6712/player/install/installer.exe (Reg Error: Key error.)

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (get_atlcom Class)

O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} http://gfx1.hotmail.com/mail/w4/pr01/photouploadcontrol/MSNPUpld.cab (Windows Live Hotmail Photo Upload Tool)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1

O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)

O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Fichiers communs\Microsoft Shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation)

O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Fichiers communs\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)

O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)

O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)

O20 - Winlogon\Notify\igfxcui: DllName - igfxsrvc.dll - C:\WINDOWS\System32\igfxsrvc.dll (Intel Corporation)

O24 - Desktop Components:0 (Ma page d'accueil) - About:Home

O24 - Desktop WallPaper: C:\Documents and Settings\GC\Local Settings\Application Data\Microsoft\Wallpaper1.bmp

O24 - Desktop BackupWallPaper: C:\Documents and Settings\GC\Local Settings\Application Data\Microsoft\Wallpaper1.bmp

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2004-02-27 17:16:49 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]

O33 - MountPoints2\{976f4921-2640-11dc-8840-000cf1a37008}\Shell\Auto\command - "" = AdobeR.exe e

O33 - MountPoints2\{976f4921-2640-11dc-8840-000cf1a37008}\Shell\AutoRun\command - "" = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL AdobeR.exe e

O34 - HKLM BootExecute: (autocheck autochk *) - File not found

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

 

NetSvcs: 6to4 - File not found

NetSvcs: AppMgmt - File not found

NetSvcs: HidServ - File not found

NetSvcs: Ias - File not found

NetSvcs: Iprip - File not found

NetSvcs: Irmon - File not found

NetSvcs: NWCWorkstation - File not found

NetSvcs: Nwsapagent - File not found

NetSvcs: WmdmPmSp - File not found

NetSvcs: Ip6FwHlp - File not found

 

 

SafeBootMin: AppMgmt - File not found

SafeBootMin: Base - Driver Group

SafeBootMin: Boot Bus Extender - Driver Group

SafeBootMin: Boot file system - Driver Group

SafeBootMin: File system - Driver Group

SafeBootMin: Filter - Driver Group

SafeBootMin: PCI Configuration - Driver Group

SafeBootMin: PNP Filter - Driver Group

SafeBootMin: Primary disk - Driver Group

SafeBootMin: SCSI Class - Driver Group

SafeBootMin: sermouse.sys - Driver

SafeBootMin: System Bus Extender - Driver Group

SafeBootMin: vds - Service

SafeBootMin: vga.sys - Driver

SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers

SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive

SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive

SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller

SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc

SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard

SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse

SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters

SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter

SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System

SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive

SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy

SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume

SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

 

SafeBootNet: AppMgmt - File not found

SafeBootNet: Base - Driver Group

SafeBootNet: Boot Bus Extender - Driver Group

SafeBootNet: Boot file system - Driver Group

SafeBootNet: File system - Driver Group

SafeBootNet: Filter - Driver Group

SafeBootNet: NDIS Wrapper - Driver Group

SafeBootNet: NetBIOSGroup - Driver Group

SafeBootNet: NetDDEGroup - Driver Group

SafeBootNet: Network - Driver Group

SafeBootNet: NetworkProvider - Driver Group

SafeBootNet: PCI Configuration - Driver Group

SafeBootNet: PNP Filter - Driver Group

SafeBootNet: PNP_TDI - Driver Group

SafeBootNet: Primary disk - Driver Group

SafeBootNet: SCSI Class - Driver Group

SafeBootNet: sermouse.sys - Driver

SafeBootNet: Streams Drivers - Driver Group

SafeBootNet: System Bus Extender - Driver Group

SafeBootNet: TDI - Driver Group

SafeBootNet: UploadMgr - Service

SafeBootNet: vga.sys - Driver

SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers

SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive

SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive

SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller

SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc

SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard

SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse

SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net

SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient

SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService

SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans

SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters

SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter

SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System

SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive

SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume

SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

 

ActiveX: {02f78298-8af6-495c-9ecb-b6ae68678186} - KB867282

ActiveX: {04d6265d-6b5d-41c3-9e7c-48be15919643} - KB890923

ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)

ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Rendu VML (Vector Graphics Rendering)

ActiveX: {166B1BCA-3F9C-11CF-8075-444553540000} - Macromedia Shockwave Director 10.1

ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow

ActiveX: {2298d453-bcae-4519-bf33-1cbf3faf1524} - Q867801

ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4

ActiveX: {2337076a-dd0c-43a6-8d85-54070578a42f} - KB912812

ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation

ActiveX: {2A202491-F00D-11cf-87CC-0020AFEECF20} - Macromedia Shockwave Director 10.1

ActiveX: {2A3320D6-C805-4280-B423-B665BDE33D8F} - Microsoft .NET Framework 1.1 Security Update (KB979906)

ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll

ActiveX: {2cc9d512-6db6-4f1c-8979-9a41fae88de0} - Q837009

ActiveX: {2F6EFCE6-10DF-49F9-9E64-9AE3775B2588} - Microsoft .NET Framework 1.1 Security Update (KB2416447)

ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Liaison de données Dynamic HTML pour Java

ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack

ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe

ActiveX: {3e7bb08a-a7a3-4692-8eac-ac5e7895755b} - KB834707

ActiveX: {411EDCF7-755D-414E-A74B-3DCD6583F589} - Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)

ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Création avancée

ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install

ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT

ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow

ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015C} - Microsoft DirectX

ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx

ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help

ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - Classes Java DirectAnimation

ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6

ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser

ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW

ActiveX: {5c9ff2bf-938d-47fe-85d9-9dbab4f65018} - KB897715

ActiveX: {5f3c70b3-ac2f-432c-8f9c-1624df61f54f} - Microsoft Data Access Components KB870669

ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools

ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements

ActiveX: {689e5762-8d75-4346-90cf-bc1902c32d63} - KB896688

ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player

ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access

ActiveX: {7131646D-CD3C-40F4-97B9-CD9E4E6262EF} - .NET Framework

ActiveX: {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - Dossiers Web

ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install

ActiveX: {795d0712-722c-43ec-906a-fc5e678eada9} - Q831167

ActiveX: {839117ee-2132-4bae-a56a-42b50204c9b9} - KB889293

ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll

ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe -BaseSettings

ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - c:\WINDOWS\system32\Rundll32.exe c:\WINDOWS\system32\mscories.dll,Install

ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding

ActiveX: {9A394342-4A68-4EBA-85A6-55B559F4E700} - .NET Framework

ActiveX: {abcdf74f-9a64-4e6e-b8eb-6e5a41de6550} -

ActiveX: {B508B3F1-A24A-32C0-B310-85786919EF28} - .NET Framework

ActiveX: {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} - .NET Framework

ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts

ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework

ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Planificateur de tâches

ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1

ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Adobe Flash Player

ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help

ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface

ActiveX: {eddbec60-89cb-44ef-8291-0850fd28ff6a} - Q832894

ActiveX: {f15ee071-deb7-4cbb-951f-431c98338d8e} - KB911567

ActiveX: {F196AC50-7C95-42E1-9947-BDAB18BF3C8C} - .NET Framework

ActiveX: {f5173cf0-1dfb-4978-8e50-a90169ee7ca9} - Q823353

ActiveX: {F5776D81-AE53-4935-8E84-B0B283D8BCEF} - Q330994

ActiveX: <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exe

ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP

ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\WINDOWS\system32\ie4uinit.exe -UserIconConfig

ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP

ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP

ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE

 

Drivers32: msacm.iac2 - C:\WINDOWS\System32\iac25_32.ax (Intel Corporation)

Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)

Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)

Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)

Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)

Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()

Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()

Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)

Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)

 

NetSvcs: 6to4 - File not found

NetSvcs: AppMgmt - File not found

NetSvcs: HidServ - File not found

NetSvcs: Ias - File not found

NetSvcs: Iprip - File not found

NetSvcs: Irmon - File not found

NetSvcs: NWCWorkstation - File not found

NetSvcs: Nwsapagent - File not found

NetSvcs: WmdmPmSp - File not found

NetSvcs: Ip6FwHlp - File not found

 

========== Files/Folders - Created Within 30 Days ==========

 

[2011-03-09 19:02:36 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\GC\Bureau\OTL.exe

[2011-03-09 18:33:11 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\GC\Recent

[2011-03-09 15:38:53 | 007,734,208 | ---- | C] (Malwarebytes Corporation ) -- C:\Documents and Settings\GC\Bureau\mbam-setup.exe

[2011-03-09 14:33:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\GC\Menu Démarrer\Programmes\HiJackThis

[2011-02-27 14:59:04 | 000,360,580 | ---- | C] (eSellerate Inc.) -- C:\WINDOWS\eSellerateEngine.dll

[2011-02-27 14:59:04 | 000,000,000 | ---D | C] -- C:\Program Files\Fichiers communs\eSellerate

[2011-02-27 14:59:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\GC\Mes documents\docXConverter logs

[2011-02-27 14:57:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\docXConverter3

[2011-02-17 15:07:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\GC\Application Data\Search Settings

[2011-02-17 15:06:41 | 000,000,000 | ---D | C] -- C:\Program Files\Application Updater

[2011-02-17 15:06:40 | 000,000,000 | ---D | C] -- C:\Program Files\Fichiers communs\Spigot

[2011-02-17 15:06:39 | 000,000,000 | ---D | C] -- C:\Program Files\pdfforge Toolbar

[2011-02-12 11:00:55 | 000,000,000 | ---D | C] -- C:\Program Files\TweetDeck

[2009-11-09 20:55:57 | 000,834,042 | ---- | C] (REBOL Technologies) -- C:\Program Files\altme.exe

[2006-07-16 08:58:31 | 002,988,224 | ---- | C] (Microsoft Corporation) -- C:\Program Files\vwdsetup.exe

[2005-02-04 11:05:52 | 012,718,080 | ---- | C] (Microsoft Corporation) -- C:\Program Files\mp10setup.exe

[2005-01-28 11:50:01 | 002,065,552 | ---- | C] (Symantec Corporation) -- C:\Program Files\NAVSetup.exe

[2004-09-15 08:14:20 | 000,134,424 | ---- | C] (Microsoft Corporation) -- C:\Program Files\o2ksr1a.exe

[2004-06-11 09:00:11 | 003,836,584 | ---- | C] (Microsoft Corporation) -- C:\Program Files\msorun.exe

[1999-03-23 09:12:40 | 000,011,264 | ---- | C] (InstallShield Corporation, Inc.) -- C:\Program Files\_SETUP.DLL

[1999-03-23 09:12:22 | 000,008,192 | ---- | C] (Stirling Technologies, Inc.) -- C:\Program Files\_ISDEL.EXE

[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

 

========== Files - Modified Within 30 Days ==========

 

[2011-03-09 19:13:11 | 000,000,416 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{FD958403-7332-4CDC-9CDD-9F1D4B9B2B70}.job

[2011-03-09 19:02:41 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\GC\Bureau\OTL.exe

[2011-03-09 19:00:00 | 000,000,480 | ---- | M] () -- C:\WINDOWS\tasks\1-Click Maintenance.job

[2011-03-09 18:49:42 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat

[2011-03-09 15:40:56 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Malwarebytes' Anti-Malware.lnk

[2011-03-09 15:38:53 | 007,734,208 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\GC\Bureau\mbam-setup.exe

[2011-03-09 14:33:46 | 000,002,441 | ---- | M] () -- C:\Documents and Settings\GC\Bureau\HiJackThis.lnk

[2011-03-09 14:24:34 | 001,402,880 | ---- | M] () -- C:\Documents and Settings\GC\Bureau\HiJackThis.msi

[2011-03-09 11:15:34 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl

[2011-03-09 09:12:19 | 000,002,567 | ---- | M] () -- C:\Documents and Settings\GC\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Office FrontPage 2003.lnk

[2011-03-07 15:31:28 | 000,040,731 | ---- | M] () -- C:\Documents and Settings\GC\Bureau\bg.jpg

[2011-03-05 19:08:23 | 000,003,146 | ---- | M] () -- C:\Documents and Settings\GC\Bureau\bg2.jpg

[2011-03-04 15:40:12 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job

[2011-03-01 09:05:09 | 000,539,750 | ---- | M] () -- C:\Documents and Settings\GC\Bureau\Echofon-1.9.7.3.xpi

[2011-02-28 19:49:17 | 001,144,379 | ---- | M] () -- C:\Documents and Settings\GC\Bureau\P1040187.jpg

[2011-02-28 19:48:51 | 001,109,873 | ---- | M] () -- C:\Documents and Settings\GC\Bureau\P1040183.jpg

[2011-02-27 15:02:22 | 000,010,584 | ---- | M] () -- C:\Documents and Settings\GC\Application Data\docXConverter (3).ini

[2011-02-27 15:01:54 | 000,000,130 | -H-- | M] () -- C:\Documents and Settings\GC\Application Data\lakerda1967.sys

[2011-02-27 14:59:04 | 000,360,580 | ---- | M] (eSellerate Inc.) -- C:\WINDOWS\eSellerateEngine.dll

[2011-02-17 09:56:11 | 001,462,272 | ---- | M] () -- C:\Documents and Settings\GC\Bureau\Le frette.pps

[2011-02-14 20:16:29 | 000,001,729 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Adobe Reader 9.lnk

[2011-02-12 11:00:57 | 000,000,640 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\TweetDeck.lnk

[2011-02-10 03:27:57 | 000,228,488 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT

[2011-02-09 08:54:09 | 000,270,848 | ---- | M] () -- C:\WINDOWS\System32\dllcache\sbe.dll

[2011-02-09 08:54:09 | 000,186,880 | ---- | M] () -- C:\WINDOWS\System32\dllcache\encdec.dll

[2011-02-08 09:45:45 | 000,045,569 | ---- | M] () -- C:\Documents and Settings\GC\Bureau\photo_1345716_resize.jpg

[2011-02-07 21:57:43 | 000,167,871 | ---- | M] () -- C:\Documents and Settings\GC\Bureau\paysage-fleuri.jpg

[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

 

========== Files Created - No Company Name ==========

 

[2011-03-09 15:40:56 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Malwarebytes' Anti-Malware.lnk

[2011-03-09 14:33:29 | 000,002,441 | ---- | C] () -- C:\Documents and Settings\GC\Bureau\HiJackThis.lnk

[2011-03-09 14:02:37 | 001,402,880 | ---- | C] () -- C:\Documents and Settings\GC\Bureau\HiJackThis.msi

[2011-03-05 19:15:36 | 000,003,146 | ---- | C] () -- C:\Documents and Settings\GC\Bureau\bg2.jpg

[2011-03-05 17:34:31 | 000,040,731 | ---- | C] () -- C:\Documents and Settings\GC\Bureau\bg.jpg

[2011-03-01 09:05:01 | 000,539,750 | ---- | C] () -- C:\Documents and Settings\GC\Bureau\Echofon-1.9.7.3.xpi

[2011-02-28 19:49:20 | 001,144,379 | ---- | C] () -- C:\Documents and Settings\GC\Bureau\P1040187.jpg

[2011-02-28 19:49:10 | 001,109,873 | ---- | C] () -- C:\Documents and Settings\GC\Bureau\P1040183.jpg

[2011-02-27 14:59:04 | 000,000,130 | -H-- | C] () -- C:\Documents and Settings\GC\Application Data\lakerda1967.sys

[2011-02-27 14:57:46 | 000,010,584 | ---- | C] () -- C:\Documents and Settings\GC\Application Data\docXConverter (3).ini

[2011-02-17 09:56:09 | 001,462,272 | ---- | C] () -- C:\Documents and Settings\GC\Bureau\Le frette.pps

[2011-02-09 08:54:09 | 000,186,880 | ---- | C] () -- C:\WINDOWS\System32\dllcache\encdec.dll

[2011-02-08 09:47:05 | 000,045,569 | ---- | C] () -- C:\Documents and Settings\GC\Bureau\photo_1345716_resize.jpg

[2011-02-07 21:58:58 | 000,167,871 | ---- | C] () -- C:\Documents and Settings\GC\Bureau\paysage-fleuri.jpg

[2010-08-30 19:07:26 | 000,116,224 | ---- | C] () -- C:\WINDOWS\System32\pdfcmnnt.dll

[2010-07-02 18:51:28 | 000,000,583 | ---- | C] () -- C:\WINDOWS\System32\Raccourci vers notepad.exe.lnk

[2010-01-02 12:51:41 | 000,000,125 | ---- | C] () -- C:\WINDOWS\FlashDecompiler.INI

[2009-07-24 14:01:08 | 000,049,552 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat

[2009-05-25 10:54:42 | 000,125,177 | ---- | C] () -- C:\WINDOWS\hpqins00.dat

[2007-08-05 10:01:32 | 000,146,750 | ---- | C] () -- C:\WINDOWS\HPHins13.dat

[2007-08-05 10:01:32 | 000,002,977 | ---- | C] () -- C:\WINDOWS\hphmdl13.dat

[2007-08-05 09:01:15 | 000,111,770 | ---- | C] () -- C:\WINDOWS\hpqins15.dat

[2007-05-18 19:32:45 | 000,000,147 | ---- | C] () -- C:\WINDOWS\Eudcedit.ini

[2006-08-20 13:22:00 | 000,042,496 | ---- | C] () -- C:\WINDOWS\System32\swreg.exe

[2006-08-20 13:22:00 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\swsc.exe

[2006-07-16 09:13:26 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin

[2006-07-16 09:12:49 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll

[2006-07-15 19:48:57 | 015,037,696 | ---- | C] () -- C:\Program Files\20060715-006-x86.exe

[2006-07-11 09:38:46 | 000,004,392 | ---- | C] () -- C:\WINDOWS\System32\lhracdexku.dat

[2005-12-07 14:53:37 | 000,000,044 | ---- | C] () -- C:\WINDOWS\liveup.ini

[2005-12-07 14:05:45 | 000,000,025 | ---- | C] () -- C:\WINDOWS\cdplayer.ini

[2005-09-25 12:14:06 | 000,001,755 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache

[2005-08-12 08:15:01 | 000,071,749 | ---- | C] () -- C:\WINDOWS\hcextoutput.dll

[2005-08-12 08:15:01 | 000,000,674 | ---- | C] () -- C:\WINDOWS\tsc.ini

[2005-08-12 08:14:28 | 000,000,170 | ---- | C] () -- C:\WINDOWS\GetServer.ini

[2005-06-23 09:19:27 | 000,000,335 | ---- | C] () -- C:\WINDOWS\nsreg.dat

[2005-06-23 09:18:43 | 000,014,326 | ---- | C] () -- C:\WINDOWS\mozver.dat

[2005-05-22 13:15:52 | 000,000,041 | RH-- | C] () -- C:\WINDOWS\dsez4412.dat

[2005-04-06 12:42:00 | 000,045,056 | ---- | C] () -- C:\Program Files\Psp8bf.pfl

[2005-03-20 14:50:04 | 000,000,126 | ---- | C] () -- C:\WINDOWS\System32\mmc.exe.config

[2005-03-14 12:38:28 | 000,000,469 | ---- | C] () -- C:\WINDOWS\bdoscandellang.ini

[2005-03-12 07:58:41 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat

[2005-03-04 13:10:36 | 000,106,496 | ---- | C] () -- C:\WINDOWS\bdoscandel.exe

[2004-12-08 15:30:16 | 000,000,192 | ---- | C] () -- C:\WINDOWS\Graphex3.ini

[2004-11-28 15:50:59 | 000,001,125 | ---- | C] () -- C:\WINDOWS\winamp.ini

[2004-09-14 13:56:33 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\DBQARM.dll

[2004-08-19 14:07:14 | 000,000,039 | ---- | C] () -- C:\WINDOWS\wininit.ini

[2004-08-19 14:07:10 | 000,000,045 | ---- | C] () -- C:\WINDOWS\CBLEIJI.ini

[2004-04-29 08:45:35 | 000,000,125 | ---- | C] () -- C:\Documents and Settings\GC\Local Settings\Application Data\fusioncache.dat

[2004-04-24 11:12:07 | 000,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI

[2004-03-05 14:07:03 | 000,012,800 | ---- | C] () -- C:\Documents and Settings\GC\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2004-03-01 15:03:55 | 000,000,076 | ---- | C] () -- C:\WINDOWS\KMGDI.INI

[2004-03-01 12:56:54 | 000,000,755 | ---- | C] () -- C:\WINDOWS\ODBC.INI

[2004-02-27 17:27:40 | 000,012,288 | R--- | C] () -- C:\WINDOWS\System32\e100bmsg.dll

[2004-02-27 17:19:04 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat

[2004-02-27 17:14:13 | 000,021,892 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat

[2004-02-27 10:25:16 | 000,004,207 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI

[2004-02-27 10:24:16 | 000,228,488 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT

[2003-08-29 13:26:36 | 000,002,065 | ---- | C] () -- C:\WINDOWS\my_03-20-2005_11h21.ini

[2003-08-29 13:26:36 | 000,002,065 | ---- | C] () -- C:\WINDOWS\my_02-12-2005_20h56.ini

[2003-08-29 13:26:36 | 000,002,065 | ---- | C] () -- C:\WINDOWS\my_02-12-2005_19h39.ini

[2003-08-22 23:01:48 | 000,744,128 | ---- | C] () -- C:\Program Files\_SETUP.1

[2003-08-22 23:01:48 | 000,000,511 | ---- | C] () -- C:\Program Files\SETUP.PKG

[2003-08-22 23:01:48 | 000,000,005 | ---- | C] () -- C:\Program Files\DISK1.ID

[2003-08-22 23:01:46 | 000,210,195 | ---- | C] () -- C:\Program Files\_SETUP.LIB

[2003-08-22 23:01:46 | 000,000,029 | ---- | C] () -- C:\Program Files\SETUP.INI

[2003-04-24 07:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin

[2003-04-24 07:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat

[2003-04-24 07:00:00 | 000,570,506 | ---- | C] () -- C:\WINDOWS\System32\perfh00C.dat

[2003-04-24 07:00:00 | 000,493,216 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat

[2003-04-24 07:00:00 | 000,322,810 | ---- | C] () -- C:\WINDOWS\System32\perfi00C.dat

[2003-04-24 07:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat

[2003-04-24 07:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat

[2003-04-24 07:00:00 | 000,113,862 | ---- | C] () -- C:\WINDOWS\System32\perfc00C.dat

[2003-04-24 07:00:00 | 000,094,504 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat

[2003-04-24 07:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin

[2003-04-24 07:00:00 | 000,034,108 | ---- | C] () -- C:\WINDOWS\System32\perfd00C.dat

[2003-04-24 07:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat

[2003-04-24 07:00:00 | 000,004,461 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat

[2003-04-24 07:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat

[1999-07-23 12:46:48 | 000,000,116 | ---- | C] () -- C:\WINDOWS\AuHCcup1.ini

[1999-07-23 09:53:20 | 000,129,536 | ---- | C] () -- C:\WINDOWS\AuHCcup1.dll

[1999-04-08 11:26:40 | 000,081,342 | ---- | C] () -- C:\Program Files\SETUP.INS

[1999-03-23 09:12:22 | 000,294,079 | ---- | C] () -- C:\Program Files\_INST32I.EX_

[1999-01-22 13:46:58 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\MSRTEDIT.DLL

 

========== LOP Check ==========

 

[2010-01-02 13:59:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP

[2009-01-11 20:07:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WinZip

[2009-03-06 09:17:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}

[2011-01-16 16:33:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\GC\Application Data\com.seesmic.desktop.client.D89F32799270693BEF34AAA36E9B2632B59240FA.1

[2010-08-02 13:19:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\GC\Application Data\gtk-2.0

[2008-08-05 08:49:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\GC\Application Data\ICQ

[2010-05-28 06:54:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\GC\Application Data\Image Zone Express

[2009-05-25 19:05:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\GC\Application Data\IPC

[2008-10-26 09:30:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\GC\Application Data\JAlbum

[2010-01-01 20:32:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\GC\Application Data\pdfforge

[2007-08-09 08:34:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\GC\Application Data\PhotoInPress

[2008-02-01 12:54:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\GC\Application Data\Printer Info Cache

[2010-01-02 16:27:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\GC\Application Data\scriptocean

[2011-02-17 15:07:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\GC\Application Data\Search Settings

[2008-06-03 08:10:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\GC\Application Data\TuneUp Software

[2010-09-05 15:52:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\GC\Application Data\TweetDeckFast.FFF259DC0CE2657847BBB4AFF0E62062EFC56543.1

[2004-11-09 14:24:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\GC\Application Data\Visicom Media

[2006-07-22 10:17:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\GC\Application Data\Windows Live Safety Center

[2005-05-15 11:00:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\GC\Application Data\XnView

[2011-03-09 19:00:00 | 000,000,480 | ---- | M] () -- C:\WINDOWS\Tasks\1-Click Maintenance.job

[2011-03-09 19:13:11 | 000,000,416 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{FD958403-7332-4CDC-9CDD-9F1D4B9B2B70}.job

 

========== Purity Check ==========

 

 

 

========== Custom Scans ==========

 

 

< %systemroot%\system32\drivers\*.sys /lockedfiles >

 

< %ALLUSERSPROFILE%\Application Data\*. >

[2010-10-09 15:38:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Adobe

[2008-01-11 13:16:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Apple

[2007-04-12 08:58:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Apple Computer

[2010-02-09 12:14:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Avira

[2010-02-09 12:14:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Avira(3)

[2007-08-04 10:39:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Hewlett-Packard

[2007-08-05 10:07:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\HP

[2008-11-06 15:22:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\HP Product Assistant

[2007-08-05 10:08:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\HPSSUPPLY

[2008-09-12 13:23:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Lavasoft

[2008-11-03 14:31:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes

[2009-12-29 15:08:49 | 000,000,000 | --SD | M] -- C:\Documents and Settings\All Users\Application Data\Microsoft

[2006-07-17 14:37:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Microsoft Help

[2007-06-17 07:19:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MSN6

[2009-12-30 15:47:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NOS

[2005-06-23 08:09:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\QuickTime

[2006-11-21 10:01:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy

[2010-07-28 08:34:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sun

[2010-01-02 13:59:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP

[2007-08-04 10:46:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WEBREG

[2005-10-13 07:54:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage

[2009-01-11 20:07:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WinZip

[2009-03-06 09:17:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}

 

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

[2008-07-04 13:35:40 | 000,054,632 | ---- | M] (GEAR Software, Inc.) -- C:\Documents and Settings\All Users\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}\x86\DifXInstall32.exe

[2010-09-21 13:37:40 | 000,338,856 | ---- | M] (Adobe Systems Incorporated) -- C:\Documents and Settings\All Users\Application Data\Adobe\Reader\9.3\ARM\19632\AcrobatUpdater.exe

[2010-09-21 13:37:40 | 000,932,288 | ---- | M] (Adobe Systems Incorporated) -- C:\Documents and Settings\All Users\Application Data\Adobe\Reader\9.3\ARM\19632\AdobeARM.exe

[2010-09-21 13:37:40 | 000,338,856 | ---- | M] (Adobe Systems Incorporated) -- C:\Documents and Settings\All Users\Application Data\Adobe\Reader\9.3\ARM\19632\ReaderUpdater.exe

[2009-01-06 13:50:48 | 000,079,144 | ---- | M] (Apple Inc.) -- C:\Documents and Settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 8.0.2.20\SetupAdmin.exe

[2009-07-01 19:17:38 | 000,069,632 | ---- | M] (Apple Inc.) -- C:\Documents and Settings\All Users\Application Data\Apple Computer\Installer Cache\Safari 4.30.19.1\SetupAdmin.exe

[2009-05-14 08:56:20 | 002,967,799 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\mbam-setup.exe

 

< %APPDATA%\*. >

[2010-09-05 15:49:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\GC\Application Data\Adobe

[2006-07-31 14:21:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\GC\Application Data\AdobeUM

[2009-07-24 13:47:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\GC\Application Data\Apple Computer

[2011-01-16 16:33:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\GC\Application Data\com.seesmic.desktop.client.D89F32799270693BEF34AAA36E9B2632B59240FA.1

[2007-08-09 12:46:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\GC\Application Data\Creative

[2009-02-11 13:21:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\GC\Application Data\ESTsoft

[2009-12-30 15:50:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\GC\Application Data\Google

[2010-08-02 13:19:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\GC\Application Data\gtk-2.0

[2004-03-02 17:56:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\GC\Application Data\Help

[2007-08-04 10:40:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\GC\Application Data\HP

[2011-01-25 15:45:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\GC\Application Data\HpUpdate

[2008-08-05 08:49:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\GC\Application Data\ICQ

[2006-08-08 09:14:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\GC\Application Data\Identities

[2010-05-28 06:54:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\GC\Application Data\Image Zone Express

[2009-05-25 19:05:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\GC\Application Data\IPC

[2008-10-26 09:30:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\GC\Application Data\JAlbum

[2007-02-21 14:48:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\GC\Application Data\Lavasoft

[2004-12-25 09:32:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\GC\Application Data\Macromedia

[2008-11-03 14:31:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\GC\Application Data\Malwarebytes

[2011-03-09 14:33:31 | 000,000,000 | --SD | M] -- C:\Documents and Settings\GC\Application Data\Microsoft

[2005-06-27 09:33:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\GC\Application Data\Microsoft Web Folders

[2009-02-02 09:58:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\GC\Application Data\Mozilla

[2007-06-17 07:20:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\GC\Application Data\MSN6

[2010-01-01 20:32:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\GC\Application Data\pdfforge

[2007-08-09 08:34:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\GC\Application Data\PhotoInPress

[2008-02-01 12:54:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\GC\Application Data\Printer Info Cache

[2005-12-09 11:57:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\GC\Application Data\Real

[2010-01-02 16:27:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\GC\Application Data\scriptocean

[2011-02-17 15:07:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\GC\Application Data\Search Settings

[2006-11-21 10:04:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\GC\Application Data\Skype

[2004-03-23 09:03:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\GC\Application Data\Sun

[2004-02-27 18:38:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\GC\Application Data\Symantec

[2005-06-25 17:31:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\GC\Application Data\Talkback

[2008-06-03 08:10:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\GC\Application Data\TuneUp Software

[2010-09-05 15:52:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\GC\Application Data\TweetDeckFast.FFF259DC0CE2657847BBB4AFF0E62062EFC56543.1

[2004-11-09 14:24:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\GC\Application Data\Visicom Media

[2006-07-22 10:17:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\GC\Application Data\Windows Live Safety Center

[2008-04-05 13:20:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\GC\Application Data\WinRAR

[2005-05-15 11:00:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\GC\Application Data\XnView

 

< %APPDATA%\*.exe /s >

[2010-12-28 13:32:31 | 000,053,632 | ---- | M] (Adobe Systems Inc.) -- C:\Documents and Settings\GC\Application Data\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe

[2011-03-09 14:33:31 | 000,388,096 | R--- | M] (Trend Micro Inc.) -- C:\Documents and Settings\GC\Application Data\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe

 

< %SYSTEMDRIVE%\*.exe >

[2005-04-01 11:18:54 | 000,632,528 | ---- | M] (Symantec Corporation) -- C:\sevinst.exe

 

< %SYSTEMDRIVE%\*.exe >

[2005-04-01 11:18:54 | 000,632,528 | ---- | M] (Symantec Corporation) -- C:\sevinst.exe

 

 

< MD5 for: AGP440.SYS >

[2006-08-08 10:54:53 | 022,282,803 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys

[2008-07-09 09:33:31 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys

[2006-08-08 10:54:53 | 022,282,803 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:AGP440.sys

[2008-07-09 09:33:31 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys

[2008-04-13 13:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys

[2008-04-13 13:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys

[2004-08-04 01:07:41 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\WINDOWS\$NtServicePackUninstall$\agp440.sys

 

< MD5 for: ATAPI.SYS >

[2003-04-24 07:00:00 | 010,179,564 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp1.cab:atapi.sys

[2006-08-08 10:54:53 | 022,282,803 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys

[2008-07-09 09:33:31 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys

[2006-08-08 10:54:53 | 022,282,803 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:atapi.sys

[2008-07-09 09:33:31 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys

[2003-04-24 07:00:00 | 000,086,912 | ---- | M] (Microsoft Corporation) MD5=95B858761A00E1D4F81F79A0DA019ACA -- C:\WINDOWS\system32\ReinstallBackups\0005\DriverFiles\i386\atapi.sys

[2008-04-13 13:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys

[2008-04-13 13:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys

[2004-08-04 00:59:42 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys

 

< MD5 for: CDROM.SYS >

[2003-04-24 07:00:00 | 010,179,564 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp1.cab:cdrom.sys

[2006-08-08 10:54:53 | 022,282,803 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys

[2008-07-09 09:33:31 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys

[2006-08-08 10:54:53 | 022,282,803 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:cdrom.sys

[2008-07-09 09:33:31 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:cdrom.sys

[2008-04-13 13:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\ServicePackFiles\i386\cdrom.sys

[2008-04-13 13:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys

[2004-08-04 00:59:52 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\$NtServicePackUninstall$\cdrom.sys

 

< MD5 for: CHANGER.SYS >

[2006-08-08 10:54:53 | 022,282,803 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:Changer.sys

[2008-07-09 09:33:31 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:Changer.sys

[2006-08-08 10:54:53 | 022,282,803 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:Changer.sys

[2008-07-09 09:33:31 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:Changer.sys

[2008-04-13 13:40:58 | 000,008,192 | ---- | M] (Microsoft Corporation) MD5=2A5815CA6FFF24B688C01F828B96819C -- C:\WINDOWS\ServicePackFiles\i386\changer.sys

[2004-08-04 01:00:12 | 000,008,192 | ---- | M] (Microsoft Corporation) MD5=DAF1A8193B6CAF0FB858CADCC5C4AF4A -- C:\WINDOWS\$NtServicePackUninstall$\changer.sys

 

< MD5 for: DISK.SYS >

[2003-04-24 07:00:00 | 010,179,564 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp1.cab:disk.sys

[2006-08-08 10:54:53 | 022,282,803 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:disk.sys

[2008-07-09 09:33:31 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:disk.sys

[2006-08-08 10:54:53 | 022,282,803 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:disk.sys

[2008-07-09 09:33:31 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:disk.sys

[2004-08-04 00:59:54 | 000,036,352 | ---- | M] (Microsoft Corporation) MD5=00CA44E4534865F8A3B64F7C0984BFF0 -- C:\WINDOWS\$NtServicePackUninstall$\disk.sys

[2008-04-13 13:40:47 | 000,036,352 | ---- | M] (Microsoft Corporation) MD5=044452051F3E02E7963599FC8F4F3E25 -- C:\WINDOWS\ServicePackFiles\i386\disk.sys

[2008-04-13 13:40:47 | 000,036,352 | ---- | M] (Microsoft Corporation) MD5=044452051F3E02E7963599FC8F4F3E25 -- C:\WINDOWS\system32\drivers\disk.sys

 

< MD5 for: EVENTLOG.DLL >

[2004-08-19 18:09:25 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=49B1376885340BF9EA0D99F71557B59A -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll

[2008-04-13 21:33:24 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=4EC800BDF80521B0207BD2301DFC7D14 -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll

[2008-04-13 21:33:24 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=4EC800BDF80521B0207BD2301DFC7D14 -- C:\WINDOWS\system32\eventlog.dll

 

< MD5 for: EXPLORER.EXE >

[2007-06-13 08:10:53 | 001,037,312 | ---- | M] (Microsoft Corporation) MD5=B795475444D6D57A572C14B9E1A29839 -- C:\WINDOWS\$hf_mig$\KB938828\SP2QFE\explorer.exe

[2007-06-13 08:22:28 | 001,037,312 | ---- | M] (Microsoft Corporation) MD5=D0288319660EDCFED07C7E74C4EA38A5 -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe

[2008-04-13 21:34:03 | 001,037,824 | ---- | M] (Microsoft Corporation) MD5=F2317622D29F9FF0F88AEECD5F60F0DD -- C:\WINDOWS\explorer.exe

[2008-04-13 21:34:03 | 001,037,824 | ---- | M] (Microsoft Corporation) MD5=F2317622D29F9FF0F88AEECD5F60F0DD -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe

 

< MD5 for: NDIS.SYS >

[2008-04-13 14:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\ServicePackFiles\i386\ndis.sys

[2008-04-13 14:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys

[2004-08-04 01:14:28 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\$NtServicePackUninstall$\ndis.sys

 

< MD5 for: NETLOGON.DLL >

[2008-04-13 21:33:34 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=04821179C3171554C1BD1F9888A113E2 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll

[2008-04-13 21:33:34 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=04821179C3171554C1BD1F9888A113E2 -- C:\WINDOWS\system32\netlogon.dll

[2004-08-19 18:09:36 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=D4CFAC76926C24E32B7F25A35C31BC6E -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll

 

< MD5 for: RASACD.SYS >

[2003-04-24 07:00:00 | 000,008,832 | ---- | M] (Microsoft Corporation) MD5=FE0D99D6F31E4FAD8159F690D68DED9C -- C:\WINDOWS\system32\dllcache\rasacd.sys

[2003-04-24 07:00:00 | 000,008,832 | ---- | M] (Microsoft Corporation) MD5=FE0D99D6F31E4FAD8159F690D68DED9C -- C:\WINDOWS\system32\drivers\rasacd.sys

 

< MD5 for: RDPWD.SYS >

[2005-06-09 23:06:01 | 000,139,528 | ---- | M] (Microsoft Corporation) MD5=047BEA21274C8A4A233674A76C958C2C -- C:\WINDOWS\$hf_mig$\KB899591\SP2QFE\rdpwd.sys

[2008-04-13 21:34:54 | 000,139,656 | ---- | M] (Microsoft Corporation) MD5=6728E45B66F93C08F11DE2E316FC70DD -- C:\WINDOWS\ServicePackFiles\i386\rdpwd.sys

[2008-04-13 21:34:54 | 000,139,656 | ---- | M] (Microsoft Corporation) MD5=6728E45B66F93C08F11DE2E316FC70DD -- C:\WINDOWS\system32\drivers\rdpwd.sys

[2005-06-09 23:11:22 | 000,139,528 | ---- | M] (Microsoft Corporation) MD5=B54CD38A9EBFBF2B3561426E3FE26F62 -- C:\WINDOWS\$hf_mig$\KB899591\SP2GDR\rdpwd.sys

[2005-06-09 23:11:22 | 000,139,528 | ---- | M] (Microsoft Corporation) MD5=B54CD38A9EBFBF2B3561426E3FE26F62 -- C:\WINDOWS\$NtServicePackUninstall$\rdpwd.sys

 

< MD5 for: SCECLI.DLL >

[2004-08-19 18:09:39 | 000,186,368 | ---- | M] (Microsoft Corporation) MD5=58D439F6EF73A2D9288B204E819F4BBD -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll

[2008-04-13 21:33:40 | 000,187,392 | ---- | M] (Microsoft Corporation) MD5=973B36634C544948C663E8269AA1B3A3 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll

[2008-04-13 21:33:40 | 000,187,392 | ---- | M] (Microsoft Corporation) MD5=973B36634C544948C663E8269AA1B3A3 -- C:\WINDOWS\system32\scecli.dll

 

< MD5 for: SFLOPPY.SYS >

[2003-04-24 07:00:00 | 010,179,564 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp1.cab:Sfloppy.sys

[2006-08-08 10:54:53 | 022,282,803 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:Sfloppy.sys

[2008-07-09 09:33:31 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:Sfloppy.sys

[2006-08-08 10:54:53 | 022,282,803 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:Sfloppy.sys

[2008-07-09 09:33:31 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:Sfloppy.sys

[2004-08-04 00:59:54 | 000,011,392 | ---- | M] (Microsoft Corporation) MD5=0D13B6DF6E9E101013A7AFB0CE629FE0 -- C:\WINDOWS\$NtServicePackUninstall$\sfloppy.sys

[2008-04-13 13:40:48 | 000,011,392 | ---- | M] (Microsoft Corporation) MD5=8E6B8C671615D126FDC553D1E2DE5562 -- C:\WINDOWS\ServicePackFiles\i386\sfloppy.sys

[2008-04-13 13:40:48 | 000,011,392 | ---- | M] (Microsoft Corporation) MD5=8E6B8C671615D126FDC553D1E2DE5562 -- C:\WINDOWS\system32\drivers\sfloppy.sys

 

< MD5 for: SPLITTER.SYS >

[2003-04-24 07:00:00 | 010,179,564 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp1.cab:splitter.sys

[2006-08-08 10:54:53 | 022,282,803 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:splitter.sys

[2008-07-09 09:33:31 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:splitter.sys

[2006-08-08 10:54:53 | 022,282,803 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:splitter.sys

[2008-07-09 09:33:31 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:splitter.sys

[2006-06-14 03:47:46 | 000,006,400 | ---- | M] (Microsoft Corporation) MD5=0CE218578FFF5F4F7E4201539C45C78F -- C:\WINDOWS\$NtServicePackUninstall$\splitter.sys

[2006-06-14 03:50:19 | 000,006,272 | ---- | M] (Microsoft Corporation) MD5=9BB1DD670CB7505A90FC4E61D4AA8227 -- C:\WINDOWS\$hf_mig$\KB920872\SP2QFE\splitter.sys

[2008-04-13 13:45:07 | 000,006,272 | ---- | M] (Microsoft Corporation) MD5=AB8B92451ECB048A4D1DE7C3FFCB4A9F -- C:\WINDOWS\ServicePackFiles\i386\splitter.sys

[2008-04-13 13:45:07 | 000,006,272 | ---- | M] (Microsoft Corporation) MD5=AB8B92451ECB048A4D1DE7C3FFCB4A9F -- C:\WINDOWS\system32\drivers\splitter.sys

 

< MD5 for: SWMIDI.SYS >

[2008-07-09 09:33:31 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:swmidi.sys

[2008-07-09 09:33:31 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:swmidi.sys

[2008-04-13 13:45:09 | 000,056,576 | ---- | M] (Microsoft Corporation) MD5=8CE882BCC6CF8A62F2B2323D95CB3D01 -- C:\WINDOWS\ServicePackFiles\i386\swmidi.sys

[2008-04-13 13:45:09 | 000,056,576 | ---- | M] (Microsoft Corporation) MD5=8CE882BCC6CF8A62F2B2323D95CB3D01 -- C:\WINDOWS\system32\drivers\swmidi.sys

[2001-08-17 22:00:52 | 000,054,272 | ---- | M] (Microsoft Corporation) MD5=94ABC808FC4B6D7D2BBF42B85E25BB4D -- C:\WINDOWS\$NtServicePackUninstall$\swmidi.sys

 

< MD5 for: TCPIP.SYS >

[2006-01-13 12:07:08 | 000,360,448 | ---- | M] (Microsoft Corporation) MD5=5562CC0A47B2AEF06D3417B733F3C195 -- C:\WINDOWS\$hf_mig$\KB913446\SP2QFE\tcpip.sys

[2006-01-12 21:28:14 | 000,359,808 | ---- | M] (Microsoft Corporation) MD5=583E063FDC888CA30D05C2724B0D7EF4 -- C:\WINDOWS\$hf_mig$\KB913446\SP2GDR\tcpip.sys

[2005-05-25 14:07:12 | 000,359,936 | ---- | M] (Microsoft Corporation) MD5=63FDFEA54EB53DE2D863EE454937CE1E -- C:\WINDOWS\$hf_mig$\KB893066\SP2QFE\tcpip.sys

[2007-10-30 11:53:32 | 000,360,832 | ---- | M] (Microsoft Corporation) MD5=64798ECFA43D78C7178375FCDD16D8C8 -- C:\WINDOWS\$hf_mig$\KB941644\SP2QFE\tcpip.sys

[2005-05-25 14:04:02 | 000,359,808 | ---- | M] (Microsoft Corporation) MD5=88763A98A4C26C409741B4AA162720C9 -- C:\WINDOWS\$hf_mig$\KB893066\SP2GDR\tcpip.sys

[2007-10-30 12:20:55 | 000,360,064 | ---- | M] (Microsoft Corporation) MD5=90CAFF4B094573449A0872A0F919B178 -- C:\WINDOWS\$NtServicePackUninstall$\tcpip.sys

[2008-04-13 14:20:16 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\ServicePackFiles\i386\tcpip.sys

[2008-06-20 06:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\dllcache\tcpip.sys

[2008-06-20 06:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\drivers\tcpip.sys

[2008-06-20 06:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip.sys

[2006-04-20 07:18:35 | 000,360,576 | ---- | M] (Microsoft Corporation) MD5=B2220C618B42A2212A59D91EBD6FC4B4 -- C:\WINDOWS\$hf_mig$\KB917953\SP2QFE\tcpip.sys

 

< MD5 for: TDPIPE.SYS >

[2004-08-19 18:10:18 | 000,012,040 | ---- | M] (Microsoft Corporation) MD5=38D437CF2D98965F239B0ABCD66DCB0F -- C:\WINDOWS\$NtServicePackUninstall$\tdpipe.sys

[2008-04-13 21:34:52 | 000,012,040 | ---- | M] (Microsoft Corporation) MD5=6471A66807F5E104E4885F5B67349397 -- C:\WINDOWS\ServicePackFiles\i386\tdpipe.sys

[2008-04-13 21:34:52 | 000,012,040 | ---- | M] (Microsoft Corporation) MD5=6471A66807F5E104E4885F5B67349397 -- C:\WINDOWS\system32\drivers\tdpipe.sys

 

< MD5 for: TDTCP.SYS >

[2008-04-13 21:34:53 | 000,021,896 | ---- | M] (Microsoft Corporation) MD5=C56B6D0402371CF3700EB322EF3AAF61 -- C:\WINDOWS\ServicePackFiles\i386\tdtcp.sys

[2008-04-13 21:34:53 | 000,021,896 | ---- | M] (Microsoft Corporation) MD5=C56B6D0402371CF3700EB322EF3AAF61 -- C:\WINDOWS\system32\drivers\tdtcp.sys

[2004-08-19 18:10:18 | 000,021,896 | ---- | M] (Microsoft Corporation) MD5=ED0580AF02502D00AD8C4C066B156BE9 -- C:\WINDOWS\$NtServicePackUninstall$\tdtcp.sys

 

< MD5 for: USBPRINT.SYS >

[2003-04-24 07:00:00 | 010,179,564 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp1.cab:usbprint.sys

[2006-08-08 10:54:53 | 022,282,803 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:usbprint.sys

[2008-07-09 09:33:31 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:usbprint.sys

[2006-08-08 10:54:53 | 022,282,803 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:usbprint.sys

[2008-07-09 09:33:31 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:usbprint.sys

[2004-08-04 01:01:24 | 000,025,856 | ---- | M] (Microsoft Corporation) MD5=A42369B7CD8886CD7C70F33DA6FCBCF5 -- C:\WINDOWS\$NtServicePackUninstall$\usbprint.sys

[2008-04-13 13:47:37 | 000,025,856 | ---- | M] (Microsoft Corporation) MD5=A717C8721046828520C9EDF31288FC00 -- C:\WINDOWS\ServicePackFiles\i386\usbprint.sys

[2008-04-13 13:47:37 | 000,025,856 | ---- | M] (Microsoft Corporation) MD5=A717C8721046828520C9EDF31288FC00 -- C:\WINDOWS\system32\drivers\usbprint.sys

 

< MD5 for: USBSCAN.SYS >

[2003-04-24 07:00:00 | 010,179,564 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp1.cab:usbscan.sys

[2006-08-08 10:54:53 | 022,282,803 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:usbscan.sys

[2008-07-09 09:33:31 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:usbscan.sys

[2006-08-08 10:54:53 | 022,282,803 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:usbscan.sys

[2008-07-09 09:33:31 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:usbscan.sys

[2008-04-13 13:45:34 | 000,015,104 | ---- | M] (Microsoft Corporation) MD5=A0B8CF9DEB1184FBDD20784A58FA75D4 -- C:\WINDOWS\ServicePackFiles\i386\usbscan.sys

[2008-04-13 13:45:34 | 000,015,104 | ---- | M] (Microsoft Corporation) MD5=A0B8CF9DEB1184FBDD20784A58FA75D4 -- C:\WINDOWS\system32\drivers\usbscan.sys

[2004-08-04 00:58:46 | 000,015,104 | ---- | M] (Microsoft Corporation) MD5=A6BC71402F4F7DD5B77FD7F4A8DDBA85 -- C:\WINDOWS\$NtServicePackUninstall$\usbscan.sys

 

< MD5 for: USERINIT.EXE >

[2004-08-19 18:10:03 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=84717891F0734C611721F56C60B5FBC3 -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe

[2008-04-13 21:34:26 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=E74DDB12188C2FF57A78624DBF7332FC -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe

[2008-04-13 21:34:26 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=E74DDB12188C2FF57A78624DBF7332FC -- C:\WINDOWS\system32\userinit.exe

 

< MD5 for: WINLOGON.EXE >

[2004-08-19 18:10:04 | 000,506,368 | ---- | M] (Microsoft Corporation) MD5=123EEA158F74D0F67A51DCDF065D1091 -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe

[2008-04-13 21:34:28 | 000,512,000 | ---- | M] (Microsoft Corporation) MD5=DD73D6B9F6B4CB630CF35B438B540174 -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe

[2008-04-13 21:34:28 | 000,512,000 | ---- | M] (Microsoft Corporation) MD5=DD73D6B9F6B4CB630CF35B438B540174 -- C:\WINDOWS\system32\winlogon.exe

 

< %systemroot%\*. /mp /s >

 

< %systemroot%\system32\*.dll /lockedfiles >

[2009-03-08 03:31:44 | 000,348,160 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\dxtmsft.dll

[2009-03-08 03:31:38 | 000,216,064 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\dxtrans.dll

[2010-12-20 18:53:03 | 000,184,320 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\iepeers.dll

[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

 

< %systemroot%\Tasks\*.job /lockedfiles >

 

< >

 

< >

 

< >

 

========== Alternate Data Streams ==========

 

@Alternate Data Stream - 140 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:0A8E2C33

@Alternate Data Stream - 133 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:F4CA4D70

@Alternate Data Stream - 110 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2

 

< End of report >

Modifié le 11 mars 2011 par ipl_001
Jisca, svp clique sur "Ajouter une réponse" au bas du sujet plutôt que sur "Répondre" en bas à droite du message

[jeanmimigab]

hello,

 

fais cela stp...

 

* Fais un double-clic sur l'icône d'OTL pour le lancer

/!\ pour Vista/Seven fais un clic-droit sur l'icône d'OTL et choisis "Exécuter en tant qu'administrateur"

 

* Assure toi d'avoir fermé toutes les applications en court de fonctionnement.

 

* Quand la fenêtre d'OTL apparaît, assure toi que dans la section "Rapport" (en haut à droite) la case "Rapport minimal" soit cochée.

 

* Copies et colles le contenue de cette citation dans la partie inférieure d'OTL "Personnalisation"

:Files

C:\Program Files\Application Updater

C:\Documents and Settings\GC\Application Data\Mozilla\Firefox\Profiles\il8p72jp.default\extensions\{22e03916-85c5-44b0-8dc9-1830c11238d9}

C:\Documents and Settings\GC\Application Data\Mozilla\Firefox\Profiles\il8p72jp.default\extensions\engine@conduit.com

C:\PROGRAM FILES\FICHIERS COMMUNS\SPIGOT

C:\PROGRAM FILES\PDFFORGE TOOLBAR

C:\Documents and Settings\GC\Application Data\Search Settings

C:\WINDOWS\System32\lhracdexku.dat

c:\WINDOWS\system32\lhracdexku_navps.dat

C:\WINDOWS\dsez4412.dat

C:\Documents and Settings\All Users\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}

C:\Documents and Settings\GC\Application Data\pdfforge

 

:OTL

PRC - C:\Program Files\Application Updater\ApplicationUpdater.exe (Spigot, Inc.)

SRV - (Application Updater) -- C:\Program Files\Application Updater\ApplicationUpdater.exe (Spigot, Inc.)

IE - HKU\S-1-5-21-343818398-1960408961-839522115-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = about:T_PAG

FF - prefs.js..extensions.enabledItems: pdfforge@mybrowserbar.com:4.3

[2011-01-16 14:56:11 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\GC\Application Data\Mozilla\Firefox\Profiles\il8p72jp.default\extensions\{22e03916-85c5-44b0-8dc9-1830c11238d9}

[2011-01-16 14:56:10 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\GC\Application Data\Mozilla\Firefox\Profiles\il8p72jp.default\extensions\engine@conduit.com

[2011-02-17 15:06:42 | 000,000,000 | ---D | M] (Widgi Toolbar Platform) -- C:\PROGRAM FILES\FICHIERS COMMUNS\SPIGOT\WTXPCOM

[2011-02-17 15:06:45 | 000,000,000 | ---D | M] (pdfforge Toolbar) -- C:\PROGRAM FILES\PDFFORGE TOOLBAR\FF

O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present

O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Restrictions present

O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Restrictions present

O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Restrictions present

O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Restrictions present

O7 - HKU\S-1-5-21-343818398-1960408961-839522115-1004\Software\Policies\Microsoft\Internet Explorer\Restrictions present

O16 - DPF: {CAFEEFAC-0014-0002-0006-ABCDEFFEDCBA} Java Plug-in Technology (Reg Error: Key error.)

O16 - DPF: {CAFEEFAC-0015-0000-0002-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)

O16 - DPF: {CAFEEFAC-0015-0000-0004-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)

O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)

O16 - DPF: {CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)

O16 - DPF: {CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)

O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)

O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)

O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)

O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)

O33 - MountPoints2\{976f4921-2640-11dc-8840-000cf1a37008}\Shell\Auto\command - "" = AdobeR.exe e

O33 - MountPoints2\{976f4921-2640-11dc-8840-000cf1a37008}\Shell\AutoRun\command - "" = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL AdobeR.exe e

 

:Commands

[emptytemp]

[EMPTYFLASH]

 

* Cliques sur l'icône "Correction" (en haut à gauche) .

* Laisse le scan aller à son terme sans te servir du PC

* A la fin du scan un rapport va s'ouvrir "OTL.Txt"

* Copie et colle le rapports dans ta réponse stp...

* Au cas où, tu peux les retrouver dans le dossier C:\OTL

 

@++

[Jisca]

Merci !

 

Voici le rapport

All processes killed

========== FILES ==========

File\Folder C:\Program Files\Application Updater not found.

File\Folder C:\Documents and Settings\GC\Application Data\Mozilla\Firefox\Profiles\il8p72jp.default\extensions\{22e03916-85c5-44b0-8dc9-1830c11238d9} not found.

File\Folder C:\Documents and Settings\GC\Application Data\Mozilla\Firefox\Profiles\il8p72jp.default\extensions\engine@conduit.com not found.

File\Folder C:\PROGRAM FILES\FICHIERS COMMUNS\SPIGOT not found.

File\Folder C:\PROGRAM FILES\PDFFORGE TOOLBAR not found.

File\Folder C:\Documents and Settings\GC\Application Data\Search Settings not found.

C:\WINDOWS\System32\lhracdexku.dat moved successfully.

File\Folder c:\WINDOWS\system32\lhracdexku_navps.dat not found.

C:\WINDOWS\dsez4412.dat moved successfully.

C:\Documents and Settings\All Users\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}\x86\x86 folder moved successfully.

C:\Documents and Settings\All Users\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}\x86 folder moved successfully.

C:\Documents and Settings\All Users\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6} folder moved successfully.

File\Folder C:\Documents and Settings\GC\Application Data\pdfforge not found.

========== OTL ==========

No active process named ApplicationUpdater.exe was found!

Error: No service named Application Updater was found to stop!

Service\Driver key Application Updater not found.

File C:\Program Files\Application Updater\ApplicationUpdater.exe not found.

HKU\S-1-5-21-343818398-1960408961-839522115-1004\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Page_URL| /E : value set successfully!

Prefs.js: pdfforge@mybrowserbar.com:4.3 removed from extensions.enabledItems

Folder C:\Documents and Settings\GC\Application Data\Mozilla\Firefox\Profiles\il8p72jp.default\extensions\{22e03916-85c5-44b0-8dc9-1830c11238d9}\ not found.

Folder C:\Documents and Settings\GC\Application Data\Mozilla\Firefox\Profiles\il8p72jp.default\extensions\engine@conduit.com\ not found.

Folder C:\PROGRAM FILES\FICHIERS COMMUNS\SPIGOT\WTXPCOM\ not found.

Folder C:\PROGRAM FILES\PDFFORGE TOOLBAR\FF\ not found.

Registry key HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Restrictions\ deleted successfully.

Registry key HKEY_USERS\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Restrictions\ not found.

Registry key HKEY_USERS\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Restrictions\ not found.

Registry key HKEY_USERS\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Restrictions\ not found.

Registry key HKEY_USERS\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Restrictions\ not found.

Registry key HKEY_USERS\S-1-5-21-343818398-1960408961-839522115-1004\Software\Policies\Microsoft\Internet Explorer\Restrictions\ deleted successfully.

Starting removal of ActiveX control {CAFEEFAC-0014-0002-0006-ABCDEFFEDCBA}

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0014-0002-0006-ABCDEFFEDCBA}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0006-ABCDEFFEDCBA}\ not found.

Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0006-ABCDEFFEDCBA}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0014-0002-0006-ABCDEFFEDCBA}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0006-ABCDEFFEDCBA}\ not found.

Starting removal of ActiveX control {CAFEEFAC-0015-0000-0002-ABCDEFFEDCBA}

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0015-0000-0002-ABCDEFFEDCBA}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0002-ABCDEFFEDCBA}\ not found.

Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0002-ABCDEFFEDCBA}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0015-0000-0002-ABCDEFFEDCBA}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0002-ABCDEFFEDCBA}\ not found.

Starting removal of ActiveX control {CAFEEFAC-0015-0000-0004-ABCDEFFEDCBA}

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0015-0000-0004-ABCDEFFEDCBA}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0004-ABCDEFFEDCBA}\ not found.

Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0004-ABCDEFFEDCBA}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0015-0000-0004-ABCDEFFEDCBA}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0004-ABCDEFFEDCBA}\ not found.

Starting removal of ActiveX control {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}\ not found.

Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}\ not found.

Starting removal of ActiveX control {CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA}

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA}\ not found.

Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA}\ not found.

Starting removal of ActiveX control {CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA}

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA}\ not found.

Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA}\ not found.

Starting removal of ActiveX control {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}\ not found.

Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}\ not found.

Starting removal of ActiveX control {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}\ not found.

Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}\ not found.

Starting removal of ActiveX control {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}\ not found.

Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}\ not found.

Starting removal of ActiveX control {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\ not found.

Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\ not found.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{976f4921-2640-11dc-8840-000cf1a37008}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{976f4921-2640-11dc-8840-000cf1a37008}\ not found.

File AdobeR.exe e not found.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{976f4921-2640-11dc-8840-000cf1a37008}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{976f4921-2640-11dc-8840-000cf1a37008}\ not found.

File C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL AdobeR.exe e not found.

========== COMMANDS ==========

 

[EMPTYTEMP]

 

User: All Users

 

User: Default User

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 40822 bytes

->Flash cache emptied: 56502 bytes

 

User: GC

->Temp folder emptied: 160382202 bytes

->Temporary Internet Files folder emptied: 216679057 bytes

->Java cache emptied: 0 bytes

->Apple Safari cache emptied: 0 bytes

->Flash cache emptied: 63897 bytes

 

User: LocalService

->Temp folder emptied: 66016 bytes

->Temporary Internet Files folder emptied: 33170 bytes

 

User: NetworkService

->Temp folder emptied: 13920 bytes

->Temporary Internet Files folder emptied: 35686986 bytes

 

%systemdrive% .tmp files removed: 0 bytes

%systemroot% .tmp files removed: 19569 bytes

%systemroot%\System32 .tmp files removed: 99840 bytes

%systemroot%\System32\dllcache .tmp files removed: 0 bytes

%systemroot%\System32\drivers .tmp files removed: 0 bytes

Windows Temp folder emptied: 4992917 bytes

%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 39946204 bytes

%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 26789245 bytes

RecycleBin emptied: 0 bytes

 

Total Files Cleaned = 462,00 mb

 

 

[EMPTYFLASH]

 

User: All Users

 

User: Default User

->Flash cache emptied: 0 bytes

 

User: GC

->Flash cache emptied: 0 bytes

 

User: LocalService

 

User: NetworkService

 

Total Flash Files Cleaned = 0,00 mb

 

 

OTL by OldTimer - Version 3.2.22.3 log created on 03102011_182017

 

Files\Folders moved on Reboot...

File\Folder C:\Documents and Settings\GC\Local Settings\Temporary Internet Files\Content.IE5\Y78ZNR9G\Essais_[qXD4fb]. not found!

C:\Documents and Settings\GC\Local Settings\Temporary Internet Files\Content.IE5\D6JQH1G7\AP_ADV_728x90[1].htm moved successfully.

C:\Documents and Settings\GC\Local Settings\Temporary Internet Files\Content.IE5\D6JQH1G7\ban_home_728x90[1].htm moved successfully.

C:\Documents and Settings\GC\Local Settings\Temporary Internet Files\Content.IE5\5JZ2TLMW\afr[1].htm moved successfully.

C:\Documents and Settings\GC\Local Settings\Temporary Internet Files\Content.IE5\5JZ2TLMW\analyse-de-hijackthis-t183659[1].html moved successfully.

C:\Documents and Settings\GC\Local Settings\Temporary Internet Files\Content.IE5\5JZ2TLMW\AP_CPL_728x90[1].htm moved successfully.

C:\Documents and Settings\GC\Local Settings\Temporary Internet Files\AntiPhishing\2CEDBFBC-DBA8-43AA-B1FD-CC8E6316E3E2.dat moved successfully.

 

Registry entries deleted on Reboot...

Modifié le 11 mars 2011 par ipl_001
Jisca, svp clique sur "Ajouter une réponse" au bas du sujet plutôt que sur "Répondre" en bas à droite du post

[jeanmimigab]

Bonjour,

 

Peux-tu me re-poster un rapport OTL comme tu l'as fais la première fois stp...?

 

Comment se comporte ton PC maintenant ?

 

@++

[Jisca]

Bonjour,

 

Peux-tu me re-poster un rapport OTL comme tu l'as fais la première fois stp...?

 

Comment se comporte ton PC maintenant ?

 

@++

 

Merci !

 

il y a une nette amélioration

je crois que vais recommencer à l'aimer

 

 

voici le rapport demandé

 

 

 

OTL logfile created on: 2011-03-11 09:54:23 - Run 2

OTL by OldTimer - Version 3.2.22.3 Folder = C:\Documents and Settings\GC\Bureau\nettoyage

Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 8.0.6001.18702)

Locale: 00000C0C | Country: Canada | Language: FRC | Date Format: yyyy-MM-dd

 

239,00 Mb Total Physical Memory | 61,00 Mb Available Physical Memory | 25,00% Memory free

586,00 Mb Paging File | 100,00 Mb Available in Paging File | 17,00% Paging File free

Paging file location(s): C:\pagefile.sys 360 720 [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files

Drive C: | 37,27 Gb Total Space | 23,14 Gb Free Space | 62,10% Space Free | Partition Type: NTFS

 

Computer Name: GHISLAINE | User Name: GC | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user | Quick Scan

Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

 

========== Processes (SafeList) ==========

 

PRC - C:\Documents and Settings\GC\Bureau\nettoyage\OTL.exe (OldTimer Tools)

PRC - C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)

PRC - C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)

PRC - C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH)

PRC - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)

PRC - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (Apple Inc.)

PRC - C:\WINDOWS\FSScrCtl.exe (Stardust Software)

PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)

PRC - C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE (Microsoft Corporation)

PRC - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe (Analog Devices, Inc.)

 

 

========== Modules (SafeList) ==========

 

MOD - C:\Documents and Settings\GC\Bureau\nettoyage\OTL.exe (OldTimer Tools)

MOD - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll (Microsoft Corporation)

 

 

========== Win32 Services (SafeList) ==========

 

SRV - (MySql) -- File not found

SRV - (HidServ) -- File not found

SRV - (AppMgmt) -- File not found

SRV - (Apache) -- File not found

SRV - (getPlusHelper) getPlus® -- C:\Program Files\NOS\bin\getPlus_Helper.dll (NOS Microsystems Ltd.)

SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)

SRV - (AntiVirSchedulerService) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH)

SRV - (Apple Mobile Device) -- C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (Apple Inc.)

SRV - (IDriverT) -- C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe (Macrovision Corporation)

SRV - (ose) -- C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)

SRV - (MDM) -- C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE (Microsoft Corporation)

SRV - (SoundMAX Agent Service (default)) -- C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe (Analog Devices, Inc.)

 

 

========== Driver Services (SafeList) ==========

 

DRV - (avgntflt) -- C:\WINDOWS\system32\drivers\avgntflt.sys (Avira GmbH)

DRV - (ssmdrv) -- C:\WINDOWS\system32\drivers\ssmdrv.sys (Avira GmbH)

DRV - (avipbb) -- C:\WINDOWS\system32\drivers\avipbb.sys (Avira GmbH)

DRV - (avgio) -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys (Avira GmbH)

DRV - (SMBios) Intel ® -- C:\WINDOWS\system32\drivers\SMBios.sys (Intel Corporation)

DRV - (sf) -- C:\WINDOWS\system32\drivers\sf.sys (Sonic Focus, Inc)

DRV - (MidiSyn) -- C:\WINDOWS\system32\drivers\MidiSyn.sys (Analog Devices Inc)

 

 

========== Standard Registry (SafeList) ==========

 

 

========== Internet Explorer ==========

 

 

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL =

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = Google

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Yahoo! Search

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = {searchTerms} - Yahoo! Search Results

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = La Poésie que j'aime ... - 1999-2011- le site officiel

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

 

========== FireFox ==========

 

FF - prefs.js..browser.search.selectedEngine: "Google"

FF - prefs.js..keyword.URL: "http://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&type=971163&p="

FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=971163"

 

 

[2010-09-25 19:46:06 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\GC\Application Data\Mozilla\Firefox\Profiles\o4gac0l3.default\extensions

[2010-09-25 19:46:06 | 000,000,000 | ---D | M] (Chameleon Tom) -- C:\Documents and Settings\GC\Application Data\Mozilla\Firefox\Profiles\o4gac0l3.default\extensions\{6236BA26-C117-4007-928C-DE0716C7FA79}

[2005-06-23 09:19:15 | 000,000,000 | ---D | M] (Firefox (default)) -- C:\Documents and Settings\GC\Application Data\Mozilla\Firefox\Profiles\o4gac0l3.default\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

[2010-09-25 19:46:06 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\GC\Application Data\Mozilla\Firefox\Profiles\pw6n3w6j.default\extensions

[2010-09-25 19:46:06 | 000,000,000 | ---D | M] (Chameleon Tom) -- C:\Documents and Settings\GC\Application Data\Mozilla\Firefox\Profiles\pw6n3w6j.default\extensions\{6236BA26-C117-4007-928C-DE0716C7FA79}

[2005-06-27 08:17:20 | 000,000,000 | ---D | M] (Firefox (default)) -- C:\Documents and Settings\GC\Application Data\Mozilla\Firefox\Profiles\pw6n3w6j.default\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

[2011-03-09 20:07:52 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions

[2010-07-28 08:32:49 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}

[2010-07-17 04:00:04 | 000,423,656 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll

 

O1 HOSTS File: ([2003-04-24 07:00:00 | 000,000,790 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\hosts

O1 - Hosts: 127.0.0.1 localhost

O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.

O2 - BHO: (Programme d'aide de l'Assistant de connexion Windows Live) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)

O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.

O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.

O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No CLSID value found.

O4 - HKLM..\Run: [Adobe ARM] C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)

O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)

O4 - HKLM..\Run: [KernelFaultCheck] File not found

O4 - HKLM..\Run: [sunJavaUpdateSched] C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)

O4 - HKCU..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe (Google Inc.)

O4 - HKCU..\RunOnce: [shockwave Updater] File not found

O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Microsoft Office.lnk = C:\Office\OSA9.EXE (Microsoft Corporation)

O4 - Startup: C:\Documents and Settings\GC\Menu Démarrer\Programmes\Démarrage\Screen Saver Control.lnk = C:\WINDOWS\FSScrCtl.exe (Stardust Software)

O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1

O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)

O9 - Extra Button: Flash Decompiler SWF Capture tool - {86B4FC19-8FA4-4FD3-B243-9AEDB42FA2D5} - Reg Error: Key error. File not found

O9 - Extra 'Tools' menuitem : Flash Decompiler SWF Capture tool menu - {86B4FC19-8FA4-4FD3-B243-9AEDB42FA2D5} - Reg Error: Key error. File not found

O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - File not found

O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - File not found

O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)

O15 - HKCU\..Trusted Domains: lapoesiequejaime.net ([]https in Sites de confiance)

O15 - HKCU\..Trusted Domains: live.ca ([]https in Sites de confiance)

O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} http://www.apple.com/qtactivex/qtplugin.cab (QuickTime Object)

O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)

O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/5/b/0/5b0d4654-aa20-495c-b89f-c1c34c691085/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool)

O16 - DPF: {1F2F4C9E-6F09-47BC-970D-3C54734667FE} http://www.symantec.com/techsupp/asa/ctrl/LSSupCtl.cab (Reg Error: Key error.)

O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)

O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} http://security.symantec.com/SSC/SharedContent/vc/bin/AvSniff.cab (Symantec AntiVirus scanner)

O16 - DPF: {3451DEDE-631F-421C-8127-FD793AFC6CC8} https://www-secure.symantec.com/techsupp/asa/ctrl/SymAData.cab (Reg Error: Key error.)

O16 - DPF: {4B48D5DF-9021-45F7-A240-60304302A215} http://download.microsoft.com/download/5/c/2/5c2fc4b7-3875-4eec-946b-ffe15472cabc/WebCleaner.cab (Malicious Software Removal Tool)

O16 - DPF: {55027008-315F-4F45-BBC3-8BE119764741} http://static.slide.com/uploader/SlideImageUploader.cab (Slide Image Uploader Control)

O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} Free Online Virus Scan - BitDefender Online Scanner (BDSCANONLINE Control)

O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} Technical difficulties (Windows Live Safety Center Base Module)

O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab (Symantec RuFSI Utility Class)

O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} http://fdata.over-blog.com/99/00/00/01/js/javauploader/ImageUploader4.cab (Image Uploader Control)

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)

O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab (Reg Error: Key error.)

O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} http://v4.windowsupdate.microsoft.com/CAB/x86/unicode/iuctl.CAB?38044.6048148148 (Reg Error: Key error.)

O16 - DPF: {A18962F6-E6ED-40B1-97C9-1FB36F38BFA8} http://fdata.over-blog.com/script/ImageUploader3.cab (Aurigma Image Uploader 3.5 Control)

O16 - DPF: {A8658086-E6AC-4957-BC8E-7D54A7E8A78E} http://www.microsoft.com/security/controls/SassCln.CAB (SassCln Object)

O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)

O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} http://www.symantec.com/techsupp/asa/ctrl/SymAData.cab (ActiveDataInfo Class)

O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} http://wwwimages.adobe.com/www.adobe.com/products/acrobat/nos/gp.cab (get_atlcom Class)

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)

O16 - DPF: {D4323BF2-006A-4440-A2F5-27E3E7AB25F8} http://a532.g.akamai.net/f/532/6712/5m/virtools.download.akamai.com/6712/player/install/installer.exe (Reg Error: Key error.)

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (get_atlcom Class)

O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} http://gfx1.hotmail.com/mail/w4/pr01/photouploadcontrol/MSNPUpld.cab (Windows Live Hotmail Photo Upload Tool)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1

O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)

O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Fichiers communs\Microsoft Shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation)

O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Fichiers communs\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)

O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)

O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)

O20 - Winlogon\Notify\igfxcui: DllName - igfxsrvc.dll - C:\WINDOWS\System32\igfxsrvc.dll (Intel Corporation)

O24 - Desktop Components:0 (Ma page d'accueil) - About:Home

O24 - Desktop WallPaper: C:\Documents and Settings\GC\Local Settings\Application Data\Microsoft\Wallpaper1.bmp

O24 - Desktop BackupWallPaper: C:\Documents and Settings\GC\Local Settings\Application Data\Microsoft\Wallpaper1.bmp

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2004-02-27 17:16:49 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]

O34 - HKLM BootExecute: (autocheck autochk *) - File not found

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

 

NetSvcs: 6to4 - File not found

NetSvcs: AppMgmt - File not found

NetSvcs: HidServ - File not found

NetSvcs: Ias - File not found

NetSvcs: Iprip - File not found

NetSvcs: Irmon - File not found

NetSvcs: NWCWorkstation - File not found

NetSvcs: Nwsapagent - File not found

NetSvcs: WmdmPmSp - File not found

NetSvcs: Ip6FwHlp - File not found

 

 

SafeBootMin: AppMgmt - File not found

SafeBootMin: Base - Driver Group

SafeBootMin: Boot Bus Extender - Driver Group

SafeBootMin: Boot file system - Driver Group

SafeBootMin: File system - Driver Group

SafeBootMin: Filter - Driver Group

SafeBootMin: PCI Configuration - Driver Group

SafeBootMin: PNP Filter - Driver Group

SafeBootMin: Primary disk - Driver Group

SafeBootMin: SCSI Class - Driver Group

SafeBootMin: sermouse.sys - Driver

SafeBootMin: System Bus Extender - Driver Group

SafeBootMin: vds - Service

SafeBootMin: vga.sys - Driver

SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers

SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive

SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive

SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller

SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc

SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard

SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse

SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters

SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter

SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System

SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive

SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy

SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume

SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

 

SafeBootNet: AppMgmt - File not found

SafeBootNet: Base - Driver Group

SafeBootNet: Boot Bus Extender - Driver Group

SafeBootNet: Boot file system - Driver Group

SafeBootNet: File system - Driver Group

SafeBootNet: Filter - Driver Group

SafeBootNet: NDIS Wrapper - Driver Group

SafeBootNet: NetBIOSGroup - Driver Group

SafeBootNet: NetDDEGroup - Driver Group

SafeBootNet: Network - Driver Group

SafeBootNet: NetworkProvider - Driver Group

SafeBootNet: PCI Configuration - Driver Group

SafeBootNet: PNP Filter - Driver Group

SafeBootNet: PNP_TDI - Driver Group

SafeBootNet: Primary disk - Driver Group

SafeBootNet: SCSI Class - Driver Group

SafeBootNet: sermouse.sys - Driver

SafeBootNet: Streams Drivers - Driver Group

SafeBootNet: System Bus Extender - Driver Group

SafeBootNet: TDI - Driver Group

SafeBootNet: UploadMgr - Service

SafeBootNet: vga.sys - Driver

SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers

SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive

SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive

SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller

SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc

SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard

SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse

SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net

SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient

SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService

SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans

SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters

SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter

SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System

SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive

SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume

SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

 

ActiveX: {02f78298-8af6-495c-9ecb-b6ae68678186} - KB867282

ActiveX: {04d6265d-6b5d-41c3-9e7c-48be15919643} - KB890923

ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)

ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Rendu VML (Vector Graphics Rendering)

ActiveX: {166B1BCA-3F9C-11CF-8075-444553540000} - Macromedia Shockwave Director 10.1

ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow

ActiveX: {2298d453-bcae-4519-bf33-1cbf3faf1524} - Q867801

ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4

ActiveX: {2337076a-dd0c-43a6-8d85-54070578a42f} - KB912812

ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation

ActiveX: {2A202491-F00D-11cf-87CC-0020AFEECF20} - Macromedia Shockwave Director 10.1

ActiveX: {2A3320D6-C805-4280-B423-B665BDE33D8F} - Microsoft .NET Framework 1.1 Security Update (KB979906)

ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll

ActiveX: {2cc9d512-6db6-4f1c-8979-9a41fae88de0} - Q837009

ActiveX: {2F6EFCE6-10DF-49F9-9E64-9AE3775B2588} - Microsoft .NET Framework 1.1 Security Update (KB2416447)

ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Liaison de données Dynamic HTML pour Java

ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack

ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe

ActiveX: {3e7bb08a-a7a3-4692-8eac-ac5e7895755b} - KB834707

ActiveX: {411EDCF7-755D-414E-A74B-3DCD6583F589} - Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)

ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Création avancée

ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install

ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT

ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow

ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015C} - Microsoft DirectX

ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx

ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help

ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - Classes Java DirectAnimation

ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6

ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser

ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW

ActiveX: {5c9ff2bf-938d-47fe-85d9-9dbab4f65018} - KB897715

ActiveX: {5f3c70b3-ac2f-432c-8f9c-1624df61f54f} - Microsoft Data Access Components KB870669

ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools

ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements

ActiveX: {689e5762-8d75-4346-90cf-bc1902c32d63} - KB896688

ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player

ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access

ActiveX: {7131646D-CD3C-40F4-97B9-CD9E4E6262EF} - .NET Framework

ActiveX: {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - Dossiers Web

ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install

ActiveX: {795d0712-722c-43ec-906a-fc5e678eada9} - Q831167

ActiveX: {839117ee-2132-4bae-a56a-42b50204c9b9} - KB889293

ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll

ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe -BaseSettings

ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - c:\WINDOWS\system32\Rundll32.exe c:\WINDOWS\system32\mscories.dll,Install

ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding

ActiveX: {9A394342-4A68-4EBA-85A6-55B559F4E700} - .NET Framework

ActiveX: {abcdf74f-9a64-4e6e-b8eb-6e5a41de6550} -

ActiveX: {B508B3F1-A24A-32C0-B310-85786919EF28} - .NET Framework

ActiveX: {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} - .NET Framework

ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts

ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework

ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Planificateur de tâches

ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1

ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Adobe Flash Player

ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help

ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface

ActiveX: {eddbec60-89cb-44ef-8291-0850fd28ff6a} - Q832894

ActiveX: {f15ee071-deb7-4cbb-951f-431c98338d8e} - KB911567

ActiveX: {F196AC50-7C95-42E1-9947-BDAB18BF3C8C} - .NET Framework

ActiveX: {f5173cf0-1dfb-4978-8e50-a90169ee7ca9} - Q823353

ActiveX: {F5776D81-AE53-4935-8E84-B0B283D8BCEF} - Q330994

ActiveX: <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exe

ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP

ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\WINDOWS\system32\ie4uinit.exe -UserIconConfig

ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP

ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP

ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE

 

Drivers32: msacm.iac2 - C:\WINDOWS\System32\iac25_32.ax (Intel Corporation)

Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)

Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)

Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)

Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)

Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()

Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()

Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)

Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)

 

NetSvcs: 6to4 - File not found

NetSvcs: AppMgmt - File not found

NetSvcs: HidServ - File not found

NetSvcs: Ias - File not found

NetSvcs: Iprip - File not found

NetSvcs: Irmon - File not found

NetSvcs: NWCWorkstation - File not found

NetSvcs: Nwsapagent - File not found

NetSvcs: WmdmPmSp - File not found

NetSvcs: Ip6FwHlp - File not found

 

========== Files/Folders - Created Within 30 Days ==========

 

[2011-03-10 18:20:17 | 000,000,000 | ---D | C] -- C:\_OTL

[2011-03-09 20:15:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\GC\Bureau\nettoyage

[2011-03-09 18:33:11 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\GC\Recent

[2011-02-27 14:59:04 | 000,360,580 | ---- | C] (eSellerate Inc.) -- C:\WINDOWS\eSellerateEngine.dll

[2011-02-27 14:59:04 | 000,000,000 | ---D | C] -- C:\Program Files\Fichiers communs\eSellerate

[2011-02-27 14:59:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\GC\Mes documents\docXConverter logs

[2011-02-27 14:57:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\docXConverter3

[2011-02-12 11:00:55 | 000,000,000 | ---D | C] -- C:\Program Files\TweetDeck

[2010-06-30 17:59:47 | 017,874,088 | ---- | C] (pdfforge GbR) -- C:\Program Files\PDFCreator-1_0_1_setup.exe

[2009-11-09 20:55:57 | 000,834,042 | ---- | C] (REBOL Technologies) -- C:\Program Files\altme.exe

[2006-07-16 08:58:31 | 002,988,224 | ---- | C] (Microsoft Corporation) -- C:\Program Files\vwdsetup.exe

[2005-02-04 11:05:52 | 012,718,080 | ---- | C] (Microsoft Corporation) -- C:\Program Files\mp10setup.exe

[2005-01-28 11:50:01 | 002,065,552 | ---- | C] (Symantec Corporation) -- C:\Program Files\NAVSetup.exe

[2004-09-15 08:14:20 | 000,134,424 | ---- | C] (Microsoft Corporation) -- C:\Program Files\o2ksr1a.exe

[2004-06-11 09:00:11 | 003,836,584 | ---- | C] (Microsoft Corporation) -- C:\Program Files\msorun.exe

[1999-03-23 09:12:40 | 000,011,264 | ---- | C] (InstallShield Corporation, Inc.) -- C:\Program Files\_SETUP.DLL

[1999-03-23 09:12:22 | 000,008,192 | ---- | C] (Stirling Technologies, Inc.) -- C:\Program Files\_ISDEL.EXE

 

========== Files - Modified Within 30 Days ==========

 

[2011-03-11 10:05:08 | 000,000,416 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{FD958403-7332-4CDC-9CDD-9F1D4B9B2B70}.job

[2011-03-11 10:00:05 | 000,000,480 | ---- | M] () -- C:\WINDOWS\tasks\1-Click Maintenance.job

[2011-03-10 18:24:59 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat

[2011-03-09 20:04:00 | 000,001,891 | ---- | M] () -- C:\WINDOWS\imsins.BAK

[2011-03-09 11:15:34 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl

[2011-03-09 09:12:19 | 000,002,567 | ---- | M] () -- C:\Documents and Settings\GC\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Office FrontPage 2003.lnk

[2011-03-04 15:40:12 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job

[2011-02-27 15:02:22 | 000,010,584 | ---- | M] () -- C:\Documents and Settings\GC\Application Data\docXConverter (3).ini

[2011-02-27 15:01:54 | 000,000,130 | -H-- | M] () -- C:\Documents and Settings\GC\Application Data\lakerda1967.sys

[2011-02-27 14:59:04 | 000,360,580 | ---- | M] (eSellerate Inc.) -- C:\WINDOWS\eSellerateEngine.dll

[2011-02-10 03:27:57 | 000,228,488 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT

 

========== Files Created - No Company Name ==========

 

[2011-03-09 20:03:50 | 000,001,891 | ---- | C] () -- C:\WINDOWS\imsins.BAK

[2011-02-27 14:59:04 | 000,000,130 | -H-- | C] () -- C:\Documents and Settings\GC\Application Data\lakerda1967.sys

[2011-02-27 14:57:46 | 000,010,584 | ---- | C] () -- C:\Documents and Settings\GC\Application Data\docXConverter (3).ini

[2010-08-30 19:07:26 | 000,116,224 | ---- | C] () -- C:\WINDOWS\System32\pdfcmnnt.dll

[2010-07-02 18:51:28 | 000,000,583 | ---- | C] () -- C:\WINDOWS\System32\Raccourci vers notepad.exe.lnk

[2010-01-02 12:51:41 | 000,000,125 | ---- | C] () -- C:\WINDOWS\FlashDecompiler.INI

[2009-07-24 14:01:08 | 000,049,552 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat

[2009-05-25 10:54:42 | 000,125,177 | ---- | C] () -- C:\WINDOWS\hpqins00.dat

[2007-08-05 10:01:32 | 000,146,750 | ---- | C] () -- C:\WINDOWS\HPHins13.dat

[2007-08-05 10:01:32 | 000,002,977 | ---- | C] () -- C:\WINDOWS\hphmdl13.dat

[2007-08-05 09:01:15 | 000,111,770 | ---- | C] () -- C:\WINDOWS\hpqins15.dat

[2007-05-18 19:32:45 | 000,000,147 | ---- | C] () -- C:\WINDOWS\Eudcedit.ini

[2006-08-20 13:22:00 | 000,042,496 | ---- | C] () -- C:\WINDOWS\System32\swreg.exe

[2006-08-20 13:22:00 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\swsc.exe

[2006-07-16 09:13:26 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin

[2006-07-16 09:12:49 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll

[2006-07-15 19:48:57 | 015,037,696 | ---- | C] () -- C:\Program Files\20060715-006-x86.exe

[2005-12-07 14:53:37 | 000,000,044 | ---- | C] () -- C:\WINDOWS\liveup.ini

[2005-12-07 14:05:45 | 000,000,025 | ---- | C] () -- C:\WINDOWS\cdplayer.ini

[2005-09-25 12:14:06 | 000,001,755 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache

[2005-08-12 08:15:01 | 000,071,749 | ---- | C] () -- C:\WINDOWS\hcextoutput.dll

[2005-08-12 08:15:01 | 000,000,674 | ---- | C] () -- C:\WINDOWS\tsc.ini

[2005-08-12 08:14:28 | 000,000,170 | ---- | C] () -- C:\WINDOWS\GetServer.ini

[2005-06-23 09:19:27 | 000,000,335 | ---- | C] () -- C:\WINDOWS\nsreg.dat

[2005-06-23 09:18:43 | 000,014,326 | ---- | C] () -- C:\WINDOWS\mozver.dat

[2005-04-06 12:42:00 | 000,045,056 | ---- | C] () -- C:\Program Files\Psp8bf.pfl

[2005-03-20 14:50:04 | 000,000,126 | ---- | C] () -- C:\WINDOWS\System32\mmc.exe.config

[2005-03-14 12:38:28 | 000,000,469 | ---- | C] () -- C:\WINDOWS\bdoscandellang.ini

[2005-03-12 07:58:41 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat

[2005-03-04 13:10:36 | 000,106,496 | ---- | C] () -- C:\WINDOWS\bdoscandel.exe

[2004-12-08 15:30:16 | 000,000,192 | ---- | C] () -- C:\WINDOWS\Graphex3.ini

[2004-11-28 15:50:59 | 000,001,125 | ---- | C] () -- C:\WINDOWS\winamp.ini

[2004-09-14 13:56:33 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\DBQARM.dll

[2004-08-19 14:07:14 | 000,000,039 | ---- | C] () -- C:\WINDOWS\wininit.ini

[2004-08-19 14:07:10 | 000,000,045 | ---- | C] () -- C:\WINDOWS\CBLEIJI.ini

[2004-04-29 08:45:35 | 000,000,125 | ---- | C] () -- C:\Documents and Settings\GC\Local Settings\Application Data\fusioncache.dat

[2004-04-24 11:12:07 | 000,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI

[2004-03-05 14:07:03 | 000,012,800 | ---- | C] () -- C:\Documents and Settings\GC\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2004-03-01 15:03:55 | 000,000,076 | ---- | C] () -- C:\WINDOWS\KMGDI.INI

[2004-03-01 12:56:54 | 000,000,755 | ---- | C] () -- C:\WINDOWS\ODBC.INI

[2004-02-27 17:27:40 | 000,012,288 | R--- | C] () -- C:\WINDOWS\System32\e100bmsg.dll

[2004-02-27 17:19:04 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat

[2004-02-27 17:14:13 | 000,021,892 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat

[2004-02-27 10:25:16 | 000,004,207 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI

[2004-02-27 10:24:16 | 000,228,488 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT

[2003-08-29 13:26:36 | 000,002,065 | ---- | C] () -- C:\WINDOWS\my_03-20-2005_11h21.ini

[2003-08-29 13:26:36 | 000,002,065 | ---- | C] () -- C:\WINDOWS\my_02-12-2005_20h56.ini

[2003-08-29 13:26:36 | 000,002,065 | ---- | C] () -- C:\WINDOWS\my_02-12-2005_19h39.ini

[2003-08-22 23:01:48 | 000,744,128 | ---- | C] () -- C:\Program Files\_SETUP.1

[2003-08-22 23:01:48 | 000,000,511 | ---- | C] () -- C:\Program Files\SETUP.PKG

[2003-08-22 23:01:48 | 000,000,005 | ---- | C] () -- C:\Program Files\DISK1.ID

[2003-08-22 23:01:46 | 000,210,195 | ---- | C] () -- C:\Program Files\_SETUP.LIB

[2003-08-22 23:01:46 | 000,000,029 | ---- | C] () -- C:\Program Files\SETUP.INI

[2003-04-24 07:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin

[2003-04-24 07:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat

[2003-04-24 07:00:00 | 000,570,506 | ---- | C] () -- C:\WINDOWS\System32\perfh00C.dat

[2003-04-24 07:00:00 | 000,493,216 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat

[2003-04-24 07:00:00 | 000,322,810 | ---- | C] () -- C:\WINDOWS\System32\perfi00C.dat

[2003-04-24 07:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat

[2003-04-24 07:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat

[2003-04-24 07:00:00 | 000,113,862 | ---- | C] () -- C:\WINDOWS\System32\perfc00C.dat

[2003-04-24 07:00:00 | 000,094,504 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat

[2003-04-24 07:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin

[2003-04-24 07:00:00 | 000,034,108 | ---- | C] () -- C:\WINDOWS\System32\perfd00C.dat

[2003-04-24 07:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat

[2003-04-24 07:00:00 | 000,004,461 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat

[2003-04-24 07:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat

[1999-07-23 12:46:48 | 000,000,116 | ---- | C] () -- C:\WINDOWS\AuHCcup1.ini

[1999-07-23 09:53:20 | 000,129,536 | ---- | C] () -- C:\WINDOWS\AuHCcup1.dll

[1999-04-08 11:26:40 | 000,081,342 | ---- | C] () -- C:\Program Files\SETUP.INS

[1999-03-23 09:12:22 | 000,294,079 | ---- | C] () -- C:\Program Files\_INST32I.EX_

[1999-01-22 13:46:58 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\MSRTEDIT.DLL

 

========== LOP Check ==========

 

[2010-01-02 13:59:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP

[2009-01-11 20:07:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WinZip

[2011-01-16 16:33:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\GC\Application Data\com.seesmic.desktop.client.D89F32799270693BEF34AAA36E9B2632B59240FA.1

[2010-08-02 13:19:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\GC\Application Data\gtk-2.0

[2008-08-05 08:49:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\GC\Application Data\ICQ

[2010-05-28 06:54:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\GC\Application Data\Image Zone Express

[2009-05-25 19:05:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\GC\Application Data\IPC

[2008-10-26 09:30:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\GC\Application Data\JAlbum

[2007-08-09 08:34:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\GC\Application Data\PhotoInPress

[2008-02-01 12:54:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\GC\Application Data\Printer Info Cache

[2010-01-02 16:27:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\GC\Application Data\scriptocean

[2008-06-03 08:10:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\GC\Application Data\TuneUp Software

[2010-09-05 15:52:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\GC\Application Data\TweetDeckFast.FFF259DC0CE2657847BBB4AFF0E62062EFC56543.1

[2004-11-09 14:24:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\GC\Application Data\Visicom Media

[2006-07-22 10:17:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\GC\Application Data\Windows Live Safety Center

[2005-05-15 11:00:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\GC\Application Data\XnView

[2011-03-11 10:00:05 | 000,000,480 | ---- | M] () -- C:\WINDOWS\Tasks\1-Click Maintenance.job

[2011-03-11 10:05:08 | 000,000,416 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{FD958403-7332-4CDC-9CDD-9F1D4B9B2B70}.job

 

========== Purity Check ==========

 

 

 

========== Custom Scans ==========

 

 

< %systemroot%\system32\drivers\*.sys /lockedfiles >

 

< %ALLUSERSPROFILE%\Application Data\*. >

[2010-10-09 15:38:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Adobe

[2008-01-11 13:16:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Apple

[2007-04-12 08:58:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Apple Computer

[2010-02-09 12:14:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Avira

[2010-02-09 12:14:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Avira(3)

[2007-08-04 10:39:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Hewlett-Packard

[2007-08-05 10:07:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\HP

[2008-11-06 15:22:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\HP Product Assistant

[2007-08-05 10:08:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\HPSSUPPLY

[2008-09-12 13:23:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Lavasoft

[2008-11-03 14:31:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes

[2009-12-29 15:08:49 | 000,000,000 | --SD | M] -- C:\Documents and Settings\All Users\Application Data\Microsoft

[2006-07-17 14:37:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Microsoft Help

[2007-06-17 07:19:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MSN6

[2009-12-30 15:47:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NOS

[2005-06-23 08:09:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\QuickTime

[2006-11-21 10:01:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy

[2010-07-28 08:34:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sun

[2010-01-02 13:59:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP

[2007-08-04 10:46:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WEBREG

[2005-10-13 07:54:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage

[2009-01-11 20:07:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WinZip

 

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

[2010-09-21 13:37:40 | 000,338,856 | ---- | M] (Adobe Systems Incorporated) -- C:\Documents and Settings\All Users\Application Data\Adobe\Reader\9.3\ARM\19632\AcrobatUpdater.exe

[2010-09-21 13:37:40 | 000,932,288 | ---- | M] (Adobe Systems Incorporated) -- C:\Documents and Settings\All Users\Application Data\Adobe\Reader\9.3\ARM\19632\AdobeARM.exe

[2010-09-21 13:37:40 | 000,338,856 | ---- | M] (Adobe Systems Incorporated) -- C:\Documents and Settings\All Users\Application Data\Adobe\Reader\9.3\ARM\19632\ReaderUpdater.exe

[2009-01-06 13:50:48 | 000,079,144 | ---- | M] (Apple Inc.) -- C:\Documents and Settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 8.0.2.20\SetupAdmin.exe

[2009-07-01 19:17:38 | 000,069,632 | ---- | M] (Apple Inc.) -- C:\Documents and Settings\All Users\Application Data\Apple Computer\Installer Cache\Safari 4.30.19.1\SetupAdmin.exe

[2009-05-14 08:56:20 | 002,967,799 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\mbam-setup.exe

 

< %APPDATA%\*. >

[2010-09-05 15:49:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\GC\Application Data\Adobe

[2006-07-31 14:21:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\GC\Application Data\AdobeUM

[2009-07-24 13:47:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\GC\Application Data\Apple Computer

[2011-01-16 16:33:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\GC\Application Data\com.seesmic.desktop.client.D89F32799270693BEF34AAA36E9B2632B59240FA.1

[2007-08-09 12:46:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\GC\Application Data\Creative

[2009-02-11 13:21:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\GC\Application Data\ESTsoft

[2009-12-30 15:50:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\GC\Application Data\Google

[2010-08-02 13:19:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\GC\Application Data\gtk-2.0

[2004-03-02 17:56:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\GC\Application Data\Help

[2007-08-04 10:40:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\GC\Application Data\HP

[2011-01-25 15:45:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\GC\Application Data\HpUpdate

[2008-08-05 08:49:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\GC\Application Data\ICQ

[2006-08-08 09:14:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\GC\Application Data\Identities

[2010-05-28 06:54:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\GC\Application Data\Image Zone Express

[2009-05-25 19:05:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\GC\Application Data\IPC

[2008-10-26 09:30:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\GC\Application Data\JAlbum

[2007-02-21 14:48:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\GC\Application Data\Lavasoft

[2004-12-25 09:32:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\GC\Application Data\Macromedia

[2008-11-03 14:31:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\GC\Application Data\Malwarebytes

[2011-03-09 14:33:31 | 000,000,000 | --SD | M] -- C:\Documents and Settings\GC\Application Data\Microsoft

[2005-06-27 09:33:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\GC\Application Data\Microsoft Web Folders

[2011-03-09 20:06:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\GC\Application Data\Mozilla

[2007-06-17 07:20:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\GC\Application Data\MSN6

[2007-08-09 08:34:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\GC\Application Data\PhotoInPress

[2008-02-01 12:54:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\GC\Application Data\Printer Info Cache

[2005-12-09 11:57:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\GC\Application Data\Real

[2010-01-02 16:27:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\GC\Application Data\scriptocean

[2006-11-21 10:04:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\GC\Application Data\Skype

[2004-03-23 09:03:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\GC\Application Data\Sun

[2004-02-27 18:38:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\GC\Application Data\Symantec

[2005-06-25 17:31:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\GC\Application Data\Talkback

[2008-06-03 08:10:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\GC\Application Data\TuneUp Software

[2010-09-05 15:52:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\GC\Application Data\TweetDeckFast.FFF259DC0CE2657847BBB4AFF0E62062EFC56543.1

[2004-11-09 14:24:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\GC\Application Data\Visicom Media

[2006-07-22 10:17:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\GC\Application Data\Windows Live Safety Center

[2008-04-05 13:20:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\GC\Application Data\WinRAR

[2005-05-15 11:00:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\GC\Application Data\XnView

 

< %APPDATA%\*.exe /s >

[2011-03-09 14:33:31 | 000,388,096 | R--- | M] (Trend Micro Inc.) -- C:\Documents and Settings\GC\Application Data\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe

 

< %SYSTEMDRIVE%\*.exe >

[2005-04-01 11:18:54 | 000,632,528 | ---- | M] (Symantec Corporation) -- C:\sevinst.exe

 

< %SYSTEMDRIVE%\*.exe >

[2005-04-01 11:18:54 | 000,632,528 | ---- | M] (Symantec Corporation) -- C:\sevinst.exe

 

 

< MD5 for: AGP440.SYS >

[2006-08-08 10:54:53 | 022,282,803 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys

[2008-07-09 09:33:31 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys

[2006-08-08 10:54:53 | 022,282,803 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:AGP440.sys

[2008-07-09 09:33:31 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys

[2008-04-13 13:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys

[2008-04-13 13:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys

[2004-08-04 01:07:41 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\WINDOWS\$NtServicePackUninstall$\agp440.sys

 

< MD5 for: ATAPI.SYS >

[2003-04-24 07:00:00 | 010,179,564 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp1.cab:atapi.sys

[2006-08-08 10:54:53 | 022,282,803 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys

[2008-07-09 09:33:31 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys

[2006-08-08 10:54:53 | 022,282,803 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:atapi.sys

[2008-07-09 09:33:31 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys

[2003-04-24 07:00:00 | 000,086,912 | ---- | M] (Microsoft Corporation) MD5=95B858761A00E1D4F81F79A0DA019ACA -- C:\WINDOWS\system32\ReinstallBackups\0005\DriverFiles\i386\atapi.sys

[2008-04-13 13:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys

[2008-04-13 13:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys

[2004-08-04 00:59:42 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys

 

< MD5 for: CDROM.SYS >

[2003-04-24 07:00:00 | 010,179,564 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp1.cab:cdrom.sys

[2006-08-08 10:54:53 | 022,282,803 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys

[2008-07-09 09:33:31 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys

[2006-08-08 10:54:53 | 022,282,803 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:cdrom.sys

[2008-07-09 09:33:31 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:cdrom.sys

[2008-04-13 13:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\ServicePackFiles\i386\cdrom.sys

[2008-04-13 13:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys

[2004-08-04 00:59:52 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\$NtServicePackUninstall$\cdrom.sys

 

< MD5 for: CHANGER.SYS >

[2006-08-08 10:54:53 | 022,282,803 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:Changer.sys

[2008-07-09 09:33:31 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:Changer.sys

[2006-08-08 10:54:53 | 022,282,803 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:Changer.sys

[2008-07-09 09:33:31 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:Changer.sys

[2008-04-13 13:40:58 | 000,008,192 | ---- | M] (Microsoft Corporation) MD5=2A5815CA6FFF24B688C01F828B96819C -- C:\WINDOWS\ServicePackFiles\i386\changer.sys

[2004-08-04 01:00:12 | 000,008,192 | ---- | M] (Microsoft Corporation) MD5=DAF1A8193B6CAF0FB858CADCC5C4AF4A -- C:\WINDOWS\$NtServicePackUninstall$\changer.sys

 

< MD5 for: DISK.SYS >

[2003-04-24 07:00:00 | 010,179,564 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp1.cab:disk.sys

[2006-08-08 10:54:53 | 022,282,803 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:disk.sys

[2008-07-09 09:33:31 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:disk.sys

[2006-08-08 10:54:53 | 022,282,803 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:disk.sys

[2008-07-09 09:33:31 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:disk.sys

[2004-08-04 00:59:54 | 000,036,352 | ---- | M] (Microsoft Corporation) MD5=00CA44E4534865F8A3B64F7C0984BFF0 -- C:\WINDOWS\$NtServicePackUninstall$\disk.sys

[2008-04-13 13:40:47 | 000,036,352 | ---- | M] (Microsoft Corporation) MD5=044452051F3E02E7963599FC8F4F3E25 -- C:\WINDOWS\ServicePackFiles\i386\disk.sys

[2008-04-13 13:40:47 | 000,036,352 | ---- | M] (Microsoft Corporation) MD5=044452051F3E02E7963599FC8F4F3E25 -- C:\WINDOWS\system32\drivers\disk.sys

 

< MD5 for: EVENTLOG.DLL >

[2004-08-19 18:09:25 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=49B1376885340BF9EA0D99F71557B59A -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll

[2008-04-13 21:33:24 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=4EC800BDF80521B0207BD2301DFC7D14 -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll

[2008-04-13 21:33:24 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=4EC800BDF80521B0207BD2301DFC7D14 -- C:\WINDOWS\system32\eventlog.dll

 

< MD5 for: EXPLORER.EXE >

[2007-06-13 08:10:53 | 001,037,312 | ---- | M] (Microsoft Corporation) MD5=B795475444D6D57A572C14B9E1A29839 -- C:\WINDOWS\$hf_mig$\KB938828\SP2QFE\explorer.exe

[2007-06-13 08:22:28 | 001,037,312 | ---- | M] (Microsoft Corporation) MD5=D0288319660EDCFED07C7E74C4EA38A5 -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe

[2008-04-13 21:34:03 | 001,037,824 | ---- | M] (Microsoft Corporation) MD5=F2317622D29F9FF0F88AEECD5F60F0DD -- C:\WINDOWS\explorer.exe

[2008-04-13 21:34:03 | 001,037,824 | ---- | M] (Microsoft Corporation) MD5=F2317622D29F9FF0F88AEECD5F60F0DD -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe

 

< MD5 for: NDIS.SYS >

[2008-04-13 14:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\ServicePackFiles\i386\ndis.sys

[2008-04-13 14:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys

[2004-08-04 01:14:28 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\$NtServicePackUninstall$\ndis.sys

 

< MD5 for: NETLOGON.DLL >

[2008-04-13 21:33:34 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=04821179C3171554C1BD1F9888A113E2 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll

[2008-04-13 21:33:34 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=04821179C3171554C1BD1F9888A113E2 -- C:\WINDOWS\system32\netlogon.dll

[2004-08-19 18:09:36 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=D4CFAC76926C24E32B7F25A35C31BC6E -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll

 

< MD5 for: RASACD.SYS >

[2003-04-24 07:00:00 | 000,008,832 | ---- | M] (Microsoft Corporation) MD5=FE0D99D6F31E4FAD8159F690D68DED9C -- C:\WINDOWS\system32\dllcache\rasacd.sys

[2003-04-24 07:00:00 | 000,008,832 | ---- | M] (Microsoft Corporation) MD5=FE0D99D6F31E4FAD8159F690D68DED9C -- C:\WINDOWS\system32\drivers\rasacd.sys

 

< MD5 for: RDPWD.SYS >

[2005-06-09 23:06:01 | 000,139,528 | ---- | M] (Microsoft Corporation) MD5=047BEA21274C8A4A233674A76C958C2C -- C:\WINDOWS\$hf_mig$\KB899591\SP2QFE\rdpwd.sys

[2008-04-13 21:34:54 | 000,139,656 | ---- | M] (Microsoft Corporation) MD5=6728E45B66F93C08F11DE2E316FC70DD -- C:\WINDOWS\ServicePackFiles\i386\rdpwd.sys

[2008-04-13 21:34:54 | 000,139,656 | ---- | M] (Microsoft Corporation) MD5=6728E45B66F93C08F11DE2E316FC70DD -- C:\WINDOWS\system32\drivers\rdpwd.sys

[2005-06-09 23:11:22 | 000,139,528 | ---- | M] (Microsoft Corporation) MD5=B54CD38A9EBFBF2B3561426E3FE26F62 -- C:\WINDOWS\$hf_mig$\KB899591\SP2GDR\rdpwd.sys

[2005-06-09 23:11:22 | 000,139,528 | ---- | M] (Microsoft Corporation) MD5=B54CD38A9EBFBF2B3561426E3FE26F62 -- C:\WINDOWS\$NtServicePackUninstall$\rdpwd.sys

 

< MD5 for: SCECLI.DLL >

[2004-08-19 18:09:39 | 000,186,368 | ---- | M] (Microsoft Corporation) MD5=58D439F6EF73A2D9288B204E819F4BBD -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll

[2008-04-13 21:33:40 | 000,187,392 | ---- | M] (Microsoft Corporation) MD5=973B36634C544948C663E8269AA1B3A3 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll

[2008-04-13 21:33:40 | 000,187,392 | ---- | M] (Microsoft Corporation) MD5=973B36634C544948C663E8269AA1B3A3 -- C:\WINDOWS\system32\scecli.dll

 

< MD5 for: SFLOPPY.SYS >

[2003-04-24 07:00:00 | 010,179,564 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp1.cab:Sfloppy.sys

[2006-08-08 10:54:53 | 022,282,803 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:Sfloppy.sys

[2008-07-09 09:33:31 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:Sfloppy.sys

[2006-08-08 10:54:53 | 022,282,803 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:Sfloppy.sys

[2008-07-09 09:33:31 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:Sfloppy.sys

[2004-08-04 00:59:54 | 000,011,392 | ---- | M] (Microsoft Corporation) MD5=0D13B6DF6E9E101013A7AFB0CE629FE0 -- C:\WINDOWS\$NtServicePackUninstall$\sfloppy.sys

[2008-04-13 13:40:48 | 000,011,392 | ---- | M] (Microsoft Corporation) MD5=8E6B8C671615D126FDC553D1E2DE5562 -- C:\WINDOWS\ServicePackFiles\i386\sfloppy.sys

[2008-04-13 13:40:48 | 000,011,392 | ---- | M] (Microsoft Corporation) MD5=8E6B8C671615D126FDC553D1E2DE5562 -- C:\WINDOWS\system32\drivers\sfloppy.sys

 

< MD5 for: SPLITTER.SYS >

[2003-04-24 07:00:00 | 010,179,564 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp1.cab:splitter.sys

[2006-08-08 10:54:53 | 022,282,803 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:splitter.sys

[2008-07-09 09:33:31 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:splitter.sys

[2006-08-08 10:54:53 | 022,282,803 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:splitter.sys

[2008-07-09 09:33:31 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:splitter.sys

[2006-06-14 03:47:46 | 000,006,400 | ---- | M] (Microsoft Corporation) MD5=0CE218578FFF5F4F7E4201539C45C78F -- C:\WINDOWS\$NtServicePackUninstall$\splitter.sys

[2006-06-14 03:50:19 | 000,006,272 | ---- | M] (Microsoft Corporation) MD5=9BB1DD670CB7505A90FC4E61D4AA8227 -- C:\WINDOWS\$hf_mig$\KB920872\SP2QFE\splitter.sys

[2008-04-13 13:45:07 | 000,006,272 | ---- | M] (Microsoft Corporation) MD5=AB8B92451ECB048A4D1DE7C3FFCB4A9F -- C:\WINDOWS\ServicePackFiles\i386\splitter.sys

[2008-04-13 13:45:07 | 000,006,272 | ---- | M] (Microsoft Corporation) MD5=AB8B92451ECB048A4D1DE7C3FFCB4A9F -- C:\WINDOWS\system32\drivers\splitter.sys

 

< MD5 for: SWMIDI.SYS >

[2008-07-09 09:33:31 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:swmidi.sys

[2008-07-09 09:33:31 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:swmidi.sys

[2008-04-13 13:45:09 | 000,056,576 | ---- | M] (Microsoft Corporation) MD5=8CE882BCC6CF8A62F2B2323D95CB3D01 -- C:\WINDOWS\ServicePackFiles\i386\swmidi.sys

[2008-04-13 13:45:09 | 000,056,576 | ---- | M] (Microsoft Corporation) MD5=8CE882BCC6CF8A62F2B2323D95CB3D01 -- C:\WINDOWS\system32\drivers\swmidi.sys

[2001-08-17 22:00:52 | 000,054,272 | ---- | M] (Microsoft Corporation) MD5=94ABC808FC4B6D7D2BBF42B85E25BB4D -- C:\WINDOWS\$NtServicePackUninstall$\swmidi.sys

 

< MD5 for: TCPIP.SYS >

[2006-01-13 12:07:08 | 000,360,448 | ---- | M] (Microsoft Corporation) MD5=5562CC0A47B2AEF06D3417B733F3C195 -- C:\WINDOWS\$hf_mig$\KB913446\SP2QFE\tcpip.sys

[2006-01-12 21:28:14 | 000,359,808 | ---- | M] (Microsoft Corporation) MD5=583E063FDC888CA30D05C2724B0D7EF4 -- C:\WINDOWS\$hf_mig$\KB913446\SP2GDR\tcpip.sys

[2005-05-25 14:07:12 | 000,359,936 | ---- | M] (Microsoft Corporation) MD5=63FDFEA54EB53DE2D863EE454937CE1E -- C:\WINDOWS\$hf_mig$\KB893066\SP2QFE\tcpip.sys

[2007-10-30 11:53:32 | 000,360,832 | ---- | M] (Microsoft Corporation) MD5=64798ECFA43D78C7178375FCDD16D8C8 -- C:\WINDOWS\$hf_mig$\KB941644\SP2QFE\tcpip.sys

[2005-05-25 14:04:02 | 000,359,808 | ---- | M] (Microsoft Corporation) MD5=88763A98A4C26C409741B4AA162720C9 -- C:\WINDOWS\$hf_mig$\KB893066\SP2GDR\tcpip.sys

[2007-10-30 12:20:55 | 000,360,064 | ---- | M] (Microsoft Corporation) MD5=90CAFF4B094573449A0872A0F919B178 -- C:\WINDOWS\$NtServicePackUninstall$\tcpip.sys

[2008-04-13 14:20:16 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\ServicePackFiles\i386\tcpip.sys

[2008-06-20 06:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\dllcache\tcpip.sys

[2008-06-20 06:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\drivers\tcpip.sys

[2008-06-20 06:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip.sys

[2006-04-20 07:18:35 | 000,360,576 | ---- | M] (Microsoft Corporation) MD5=B2220C618B42A2212A59D91EBD6FC4B4 -- C:\WINDOWS\$hf_mig$\KB917953\SP2QFE\tcpip.sys

 

< MD5 for: TDPIPE.SYS >

[2004-08-19 18:10:18 | 000,012,040 | ---- | M] (Microsoft Corporation) MD5=38D437CF2D98965F239B0ABCD66DCB0F -- C:\WINDOWS\$NtServicePackUninstall$\tdpipe.sys

[2008-04-13 21:34:52 | 000,012,040 | ---- | M] (Microsoft Corporation) MD5=6471A66807F5E104E4885F5B67349397 -- C:\WINDOWS\ServicePackFiles\i386\tdpipe.sys

[2008-04-13 21:34:52 | 000,012,040 | ---- | M] (Microsoft Corporation) MD5=6471A66807F5E104E4885F5B67349397 -- C:\WINDOWS\system32\drivers\tdpipe.sys

 

< MD5 for: TDTCP.SYS >

[2008-04-13 21:34:53 | 000,021,896 | ---- | M] (Microsoft Corporation) MD5=C56B6D0402371CF3700EB322EF3AAF61 -- C:\WINDOWS\ServicePackFiles\i386\tdtcp.sys

[2008-04-13 21:34:53 | 000,021,896 | ---- | M] (Microsoft Corporation) MD5=C56B6D0402371CF3700EB322EF3AAF61 -- C:\WINDOWS\system32\drivers\tdtcp.sys

[2004-08-19 18:10:18 | 000,021,896 | ---- | M] (Microsoft Corporation) MD5=ED0580AF02502D00AD8C4C066B156BE9 -- C:\WINDOWS\$NtServicePackUninstall$\tdtcp.sys

 

< MD5 for: USBPRINT.SYS >

[2003-04-24 07:00:00 | 010,179,564 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp1.cab:usbprint.sys

[2006-08-08 10:54:53 | 022,282,803 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:usbprint.sys

[2008-07-09 09:33:31 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:usbprint.sys

[2006-08-08 10:54:53 | 022,282,803 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:usbprint.sys

[2008-07-09 09:33:31 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:usbprint.sys

[2004-08-04 01:01:24 | 000,025,856 | ---- | M] (Microsoft Corporation) MD5=A42369B7CD8886CD7C70F33DA6FCBCF5 -- C:\WINDOWS\$NtServicePackUninstall$\usbprint.sys

[2008-04-13 13:47:37 | 000,025,856 | ---- | M] (Microsoft Corporation) MD5=A717C8721046828520C9EDF31288FC00 -- C:\WINDOWS\ServicePackFiles\i386\usbprint.sys

[2008-04-13 13:47:37 | 000,025,856 | ---- | M] (Microsoft Corporation) MD5=A717C8721046828520C9EDF31288FC00 -- C:\WINDOWS\system32\drivers\usbprint.sys

 

< MD5 for: USBSCAN.SYS >

[2003-04-24 07:00:00 | 010,179,564 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp1.cab:usbscan.sys

[2006-08-08 10:54:53 | 022,282,803 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:usbscan.sys

[2008-07-09 09:33:31 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:usbscan.sys

[2006-08-08 10:54:53 | 022,282,803 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:usbscan.sys

[2008-07-09 09:33:31 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:usbscan.sys

[2008-04-13 13:45:34 | 000,015,104 | ---- | M] (Microsoft Corporation) MD5=A0B8CF9DEB1184FBDD20784A58FA75D4 -- C:\WINDOWS\ServicePackFiles\i386\usbscan.sys

[2008-04-13 13:45:34 | 000,015,104 | ---- | M] (Microsoft Corporation) MD5=A0B8CF9DEB1184FBDD20784A58FA75D4 -- C:\WINDOWS\system32\drivers\usbscan.sys

[2004-08-04 00:58:46 | 000,015,104 | ---- | M] (Microsoft Corporation) MD5=A6BC71402F4F7DD5B77FD7F4A8DDBA85 -- C:\WINDOWS\$NtServicePackUninstall$\usbscan.sys

 

< MD5 for: USERINIT.EXE >

[2004-08-19 18:10:03 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=84717891F0734C611721F56C60B5FBC3 -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe

[2008-04-13 21:34:26 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=E74DDB12188C2FF57A78624DBF7332FC -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe

[2008-04-13 21:34:26 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=E74DDB12188C2FF57A78624DBF7332FC -- C:\WINDOWS\system32\userinit.exe

 

< MD5 for: WINLOGON.EXE >

[2004-08-19 18:10:04 | 000,506,368 | ---- | M] (Microsoft Corporation) MD5=123EEA158F74D0F67A51DCDF065D1091 -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe

[2008-04-13 21:34:28 | 000,512,000 | ---- | M] (Microsoft Corporation) MD5=DD73D6B9F6B4CB630CF35B438B540174 -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe

[2008-04-13 21:34:28 | 000,512,000 | ---- | M] (Microsoft Corporation) MD5=DD73D6B9F6B4CB630CF35B438B540174 -- C:\WINDOWS\system32\winlogon.exe

 

< %systemroot%\*. /mp /s >

 

< %systemroot%\system32\*.dll /lockedfiles >

[2010-12-20 18:53:03 | 000,184,320 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\iepeers.dll

 

< %systemroot%\Tasks\*.job /lockedfiles >

 

< >

 

< >

 

< >

 

========== Alternate Data Streams ==========

 

@Alternate Data Stream - 140 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:0A8E2C33

@Alternate Data Stream - 133 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:F4CA4D70

@Alternate Data Stream - 110 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2

 

< End of report >

[jeanmimigab]

Bonsoir,

 

C'est pas mal tout ça...

 

 

Relance OTL et clique sur "purge outil" pour le désinstaller.

 

ensuit...

 

Désactive temporairement ton Anti-virus

 

 

puis fais fais ce scanne online Bitdefender (compte une bonne heure pour le scanne)

 

ATTENTION:TU DOIS IMPÉRATIVEMENT UTILISER INTERNET EXPLORER ET NON FIREFOX

 

tu as une vidéo de la procédure indiquée ci-dessous sur ce lien

http://www.youtube.com/watch?v=6HWZFYXz9m4

 

 

pour cela:

 

* Clique sur ce lien Online Scan

 

* Une fois sur la page d'accueil, clique sur "Lancer l'analyse".

 

* Dans la fenêtre qui s'ouvre coche la case "J'accepte les Termes et Conditions" puis clique sur "Démarrer".

 

* Accepte l'installation du contrôle ActiveX proposé et ensuite clique sur "Installer".

 

* Dans la fenêtre qui s'ouvre clique sur "Dossiers à analyser" et coche la case "poste de travail"(pour XP) ou "ordinateur"(pour Vista/Seven).

 

* La mise à jour du programme commence et le scanne débute juste après.

 

* A la fin du scanne, clique sur "Plus de détail", et à l'onglet "Problèmes détectés" et choisis "Cliquer ici pour exporter le rapport" et enregistre le sur ton bureau.

 

* Copie le rapport dans ta prochaine réponse stp

 

@++

[Jisca]

Bonsoir,

 

C'est pas mal tout ça...

 

 

Relance OTL et clique sur "purge outil" pour le désinstaller.

 

ensuit...

 

Désactive temporairement ton Anti-virus

 

 

puis fais fais ce scanne online Bitdefender (compte une bonne heure pour le scanne)

 

ATTENTION:TU DOIS IMPÉRATIVEMENT UTILISER INTERNET EXPLORER ET NON FIREFOX

 

tu as une vidéo de la procédure indiquée ci-dessous sur ce lien

http://www.youtube.com/watch?v=6HWZFYXz9m4

 

 

pour cela:

 

* Clique sur ce lien Online Scan

 

* Une fois sur la page d'accueil, clique sur "Lancer l'analyse".

 

* Dans la fenêtre qui s'ouvre coche la case "J'accepte les Termes et Conditions" puis clique sur "Démarrer".

 

* Accepte l'installation du contrôle ActiveX proposé et ensuite clique sur "Installer".

 

* Dans la fenêtre qui s'ouvre clique sur "Dossiers à analyser" et coche la case "poste de travail"(pour XP) ou "ordinateur"(pour Vista/Seven).

 

* La mise à jour du programme commence et le scanne débute juste après.

 

* A la fin du scanne, clique sur "Plus de détail", et à l'onglet "Problèmes détectés" et choisis "Cliquer ici pour exporter le rapport" et enregistre le sur ton bureau.

 

* Copie le rapport dans ta prochaine réponse stp

 

@++

 

Bonjour,

 

J'ai tenté à plusieurs reprises de faire le scan, mais je ne réussis pas.

Pourtant, j'ai exécuté vos indications/video tel qu'expliqué.

Je crois que le contrôle "activex" ne s'enregistre pas correctement,

il y a un icône jaune qui indique une erreur dans le coin gauche lors du téléchargement du contrôle.

Il essaie de scanner, mais au bout 20 sec, il m'indique que le scan n'a pas réussi.

 

J'ai vérifié le niveau de sécurité et j'ai autorisé le contrôle activex au cas où.

 

Pour le moment, je suis sans solutions...

 

???

[jeanmimigab]

hello,

 

Ne t'inquiètes pas c'est pas graves..

 

Fais un scanne complet de ton PC avec Antivir en prenant soin de le configurer comme dans cette vidéo de Bobette Marlow..et poste le rapport stp...

 

http://www.youtube.com/watch?v=7tBiBl54EX8&feature=player_embedded

 

@++

Modifié le 12 mars 2011 par jeanmimigab