Supprimer un virus de mon ordinateur

Dernière réponse : 4 Février 2011 09:10 dans Sécurité

chat1972

4 Février 2011 08:30:42

Bonjour,
depuis hier , j'etais attaquer par un virus, j'arrive pas a se connecter,au debut il ya eu un anti-virus qui se lancer tout seul , mais j'ai reusssis dene pas laisser scannner mon ordinateur, mais il vient toujours un message comme quoi mon ordinateur est infecter, il faut lancer ce anti-virus, il a perturbé l'ordianteur, je suis maintenant en mode sans echec, aider moi a supprimer ce virus , merci, j'attends votre réponse.

Autres pages sur : supprimer virus ordinateur

| Etre averti des réponses
| Alerter

Répondre à chat1972

Lassé par la pub ? Créez un compte

chat1972

4 Février 2011 09:10:20

voilà. j'ai trouver une réponse dans votre forusm et ja'u suivi les consigne, voilà
OTL logfile created on: 04.02.2011 09:56:45 - Run 1 OTL by OldTimer - Version 3.2.20.6 Folder = C:\Users\danamal\Desktop Windows Vista Home Premium Edition (Version = 6.0.6000) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18904) Locale: 0000100C | Country: Suisse | Language: FRS | Date Format: dd.MM.yyyy 2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 44.00% Memory free 4.00 Gb Paging File | 3.00 Gb Available in Paging File | 78.00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 144.30 Gb Total Space | 90.27 Gb Free Space | 62.56% Space Free | Partition Type: NTFS Drive D: | 144.03 Gb Total Space | 143.76 Gb Free Space | 99.81% Space Free | Partition Type: NTFS Drive J: | 931.28 Gb Total Space | 743.38 Gb Free Space | 79.82% Space Free | Partition Type: FAT32 Computer Name: PC-DE-DANAMAL | User Name: danamal | Logged in as Administrator. Boot Mode: SafeMode with Networking | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2011.02.04 09:55:26 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Users\danamal\Desktop\OTL.exe PRC - [2008.10.29 07:20:29 | 002,923,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2008.05.16 14:32:38 | 000,397,312 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Mail\WinMail.exe PRC - [2006.11.02 10:45:13 | 000,497,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\HelpPane.exe ========== Modules (SafeList) ========== MOD - [2011.02.04 09:55:26 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Users\danamal\Desktop\OTL.exe MOD - [2006.11.02 10:38:57 | 001,648,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll ========== Win32 Services (SafeList) ========== SRV - File not found [Auto | Stopped] -- -- (CLTNetCnService) SRV - [2011.01.13 09:47:33 | 000,040,384 | ---- | M] (AVAST Software) [Disabled | Stopped] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus) SRV - [2010.10.16 00:40:40 | 000,037,664 | ---- | M] (Apple Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device) SRV - [2010.05.14 10:00:26 | 000,249,136 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe -- (SeaPort) SRV - [2010.04.28 07:44:02 | 000,704,872 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Live\Family Safety\fsssvc.exe -- (fsssvc) SRV - [2010.01.15 13:49:20 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService) SRV - [2009.07.15 08:08:24 | 000,233,472 | ---- | M] (Teruten) [Auto | Stopped] -- C:\Windows\System32\FsUsbExService.Exe -- (FsUsbExService) SRV - [2008.06.27 15:21:00 | 000,394,608 | ---- | M] (SupportSoft, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\SupportSoft\bin\ssrc.exe -- (SupportSoft RemoteAssist) SRV - [2008.06.27 15:20:56 | 000,202,016 | ---- | M] (SupportSoft, Inc.) [Auto | Stopped] -- C:\Program Files\Sunrise\bin\sprtsvc.exe -- (sprtsvc_sunrise) SupportSoft Sprocket Service (sunrise) SRV - [2008.05.16 14:31:06 | 000,265,912 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV - [2008.04.07 08:17:30 | 000,430,592 | ---- | M] (Nokia.) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer) SRV - [2007.04.04 17:54:08 | 000,266,343 | ---- | M] (CyberLink) [Auto | Stopped] -- C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe -- (Acer HomeMedia Connect Service) SRV - [2007.02.06 23:04:26 | 000,457,512 | ---- | M] (HiTRSUT) [Auto | Stopped] -- C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe -- (eDataSecurity Service) SRV - [2007.01.31 17:18:42 | 000,053,248 | ---- | M] (Acer Inc.) [Auto | Stopped] -- C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe -- (eRecoveryService) SRV - [2006.12.29 16:51:56 | 000,028,672 | ---- | M] () [Auto | Stopped] -- C:\Acer\Empowering Technology\ePerformance\MemCheck.exe -- (AcerMemUsageCheckService) ========== Driver Services (SafeList) ========== DRV - [2011.01.13 09:41:16 | 000,294,608 | ---- | M] (AVAST Software) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP) DRV - [2011.01.13 09:40:16 | 000,047,440 | ---- | M] (AVAST Software) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi) DRV - [2011.01.13 09:37:30 | 000,023,632 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr.sys -- (aswRdr) DRV - [2011.01.13 09:37:19 | 000,051,280 | ---- | M] (AVAST Software) [File_System | Auto | Stopped] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt) DRV - [2011.01.13 09:37:09 | 000,017,744 | ---- | M] (AVAST Software) [File_System | Auto | Stopped] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk) DRV - [2009.12.04 14:49:54 | 000,024,704 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NinjaUSB.sys -- (NinjaUSB) DRV - [2009.08.05 22:48:42 | 000,054,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\fssfltr.sys -- (fssfltr) DRV - [2009.07.15 08:08:24 | 000,036,608 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\FsUsbExDisk.Sys -- (FsUsbExDisk) DRV - [2007.12.06 08:51:00 | 000,298,496 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\yk60x86.sys -- (yukonwlh) DRV - [2007.09.17 14:53:26 | 000,021,632 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd) DRV - [2007.07.03 15:58:20 | 000,106,792 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sscdmdm.sys -- (sscdmdm) DRV - [2007.07.03 15:57:24 | 000,011,944 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sscdmdfl.sys -- (sscdmdfl) DRV - [2007.07.03 15:54:24 | 000,080,552 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sscdbus.sys -- (sscdbus) SAMSUNG USB Composite Device driver (WDM) DRV - [2007.05.17 15:01:46 | 002,608,640 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag) DRV - [2007.05.06 20:16:50 | 000,006,144 | ---- | M] (NewTech Infosystems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NTIDrvr.sys -- (NTIDrvr) DRV - [2007.03.26 12:18:18 | 001,761,696 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\RTKVHDA.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM) DRV - [2007.02.06 23:04:54 | 000,016,680 | ---- | M] (HiTRUST) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\PSDNServ.sys -- (PSDNServ) DRV - [2007.02.06 23:04:50 | 000,060,712 | ---- | M] (HiTRUST) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\psdvdisk.sys -- (psdvdisk) DRV - [2007.02.06 23:04:48 | 000,020,264 | ---- | M] (HiTRUST) [File_System | Boot | Running] -- C:\Windows\system32\DRIVERS\psdfilter.sys -- (PSDFilter) DRV - [2006.12.07 17:12:02 | 000,076,584 | ---- | M] () [Kernel | Auto | Stopped] -- C:\Acer\Empowering Technology\eRecovery\int15.sys -- (int15) DRV - [2006.11.02 10:51:45 | 000,900,712 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300) DRV - [2006.11.02 10:51:38 | 000,420,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx) DRV - [2006.11.02 10:51:34 | 000,316,520 | ---- | M] (Emulex) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor) DRV - [2006.11.02 10:51:32 | 000,297,576 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci) DRV - [2006.11.02 10:51:25 | 000,235,112 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci) DRV - [2006.11.02 10:51:25 | 000,232,040 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV) DRV - [2006.11.02 10:51:00 | 000,147,048 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320) DRV - [2006.11.02 10:50:45 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2) DRV - [2006.11.02 10:50:41 | 000,112,232 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid) DRV - [2006.11.02 10:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx) DRV - [2006.11.02 10:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata) DRV - [2006.11.02 10:50:35 | 000,098,408 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m) DRV - [2006.11.02 10:50:24 | 000,088,680 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid) DRV - [2006.11.02 10:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960) DRV - [2006.11.02 10:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp) DRV - [2006.11.02 10:50:16 | 000,071,784 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4) DRV - [2006.11.02 10:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor) DRV - [2006.11.02 10:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx) DRV - [2006.11.02 10:50:10 | 000,067,688 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas) DRV - [2006.11.02 10:50:10 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI) DRV - [2006.11.02 10:50:10 | 000,038,504 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid2.sys -- (SiSRaid2) DRV - [2006.11.02 10:50:10 | 000,037,480 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs) DRV - [2006.11.02 10:50:09 | 000,067,688 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arc.sys -- (arc) DRV - [2006.11.02 10:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid) DRV - [2006.11.02 10:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi) DRV - [2006.11.02 10:50:05 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS) DRV - [2006.11.02 10:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx) DRV - [2006.11.02 10:50:04 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC) DRV - [2006.11.02 10:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3) DRV - [2006.11.02 10:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x) DRV - [2006.11.02 10:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi) DRV - [2006.11.02 10:49:53 | 000,028,776 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasas.sys -- (megasas) DRV - [2006.11.02 10:49:30 | 000,017,512 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\viaide.sys -- (viaide) DRV - [2006.11.02 10:49:28 | 000,016,488 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide) DRV - [2006.11.02 10:49:20 | 000,014,952 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\aliide.sys -- (aliide) DRV - [2006.11.02 09:55:04 | 000,071,552 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\USBAUDIO.sys -- (usbaudio) Pilote USB audio (WDM) DRV - [2006.11.02 09:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\BrSerId.sys -- (Brserid) Pilote d’interface de port série Brother MFC (WDM) DRV - [2006.11.02 09:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\BrUsbSer.sys -- (BrUsbSer) DRV - [2006.11.02 09:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp) DRV - [2006.11.02 09:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo) DRV - [2006.11.02 09:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm) DRV - [2006.11.02 09:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm) DRV - [2006.11.02 08:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi) DRV - [2006.11.02 08:30:56 | 000,311,808 | ---- | M] (Realtek) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RTL85n86.sys -- (RTL85n86) DRV - [2006.11.02 08:30:54 | 000,117,760 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel(R) DRV - [2006.10.30 04:22:26 | 000,008,192 | ---- | M] (ATI Technologies Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\AtiPcie.sys -- (AtiPcie) ATI PCI Express (3GIO) DRV - [2004.10.08 12:58:32 | 000,585,824 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lvcm.sys -- (QCMerced) DRV - [2004.10.08 12:57:48 | 000,022,016 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\LVUSBSta.sys -- (LVUSBSta) DRV - [2000.03.29 16:11:20 | 000,008,096 | ---- | M] (MicroStaff Co.,Ltd.) [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\MASPINT.SYS -- (MASPINT) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\..\URLSearchHook: {e9911ec6-1bcc-40b0-9993-e0eea7f6953f} - C:\Program Files\DVDVideoSoft\tbDVDV.dll (Conduit Ltd.) IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Yahoo! Search IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.sunrise.ch/fr/index.htm IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://ch.msn.com/defaultf.aspx?lang=fr-ch&ocid=iehp IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = fr-ch IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:8992 ========== FireFox ========== FF - prefs.js..network.proxy.no_proxies_on: "localhost" FF - prefs.js..browser.startup.homepage: "http://www.lo.st" FF - prefs.js..keyword.URL: "http://search.live.com/results.aspx?mkt=fr-CH&FORM=MSNI..." FF - HKLM\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Program Files\Real\RealPlayer\browserrecord [2009.04.05 09:36:18 | 000,000,000 | ---D | M] [2009.03.09 08:00:19 | 000,000,000 | ---D | M] (No name found) -- C:\Users\danamal\AppData\Roaming\mozilla\Extensions [2009.03.09 08:00:19 | 000,000,000 | ---D | M] (No name found) -- C:\Users\danamal\AppData\Roaming\mozilla\Extensions\mozswing@mozswing.org [2010.04.12 10:59:44 | 000,000,000 | ---D | M] (No name found) -- C:\Users\danamal\AppData\Roaming\mozilla\Firefox\Profiles\dhxsvpp7.default\extensions [2010.04.12 10:59:44 | 000,000,000 | ---D | M] (DVDVideoSoft Toolbar) -- C:\Users\danamal\AppData\Roaming\mozilla\Firefox\Profiles\dhxsvpp7.default\extensions\{e9911ec6-1bcc-40b0-9993-e0eea7f6953f} O1 HOSTS File: ([2006.09.18 22:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2 - BHO: (Aide pour le lien d'Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll (RealPlayer) O2 - BHO: (no name) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No CLSID value found. O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found. O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation) O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\Program Files\Google\GoogleToolbar1.dll (Google Inc.) O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation) O2 - BHO: (DVDVideoSoft Toolbar) - {e9911ec6-1bcc-40b0-9993-e0eea7f6953f} - C:\Program Files\DVDVideoSoft\tbDVDV.dll (Conduit Ltd.) O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation) O3 - HKLM\..\Toolbar: (&Google) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar1.dll (Google Inc.) O3 - HKLM\..\Toolbar: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\System32\eDStoolbar.dll (HiTRUST) O3 - HKLM\..\Toolbar: (DVDVideoSoft Toolbar) - {e9911ec6-1bcc-40b0-9993-e0eea7f6953f} - C:\Program Files\DVDVideoSoft\tbDVDV.dll (Conduit Ltd.) O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKCU\..\Toolbar\ShellBrowser: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477E-A7DD-396DB0476E29} - C:\Windows\System32\eDStoolbar.dll (HiTRUST) O3 - HKCU\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation) O3 - HKCU\..\Toolbar\WebBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar1.dll (Google Inc.) O3 - HKCU\..\Toolbar\WebBrowser: (DVDVideoSoft Toolbar) - {E9911EC6-1BCC-40B0-9993-E0EEA7F6953F} - C:\Program Files\DVDVideoSoft\tbDVDV.dll (Conduit Ltd.) O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [D066UUtility] C:\Windows\twain_32\D66U\D066UUTY.EXE () O4 - HKLM..\Run: [Hiyo] C:\Program Files\HiYo\bin\HiYo.exe (IncrediMail, Ltd.) O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation) O4 - HKLM..\Run: [Malwarebytes' Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation) O4 - HKLM..\Run: [MSConfig] C:\Windows\System32\msconfig.exe (Microsoft Corporation) O4 - HKCU..\Run: [AutoStartNPSAgent] C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe (Samsung Electronics Co., Ltd.) O4 - HKCU..\Run: [Pleyo] C:\Users\danamal\AppData\Local\pgcnfs.dll () O4 - HKCU..\Run: [rwrpcloe] C:\Users\danamal\AppData\Local\Temp\orngsxkpu\vopoqlrsjmo.exe () O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe (Google Inc.) O4 - HKLM..\RunOnce: [cspep.exe] C:\Program Files\cspep\cspep.exe () O4 - HKLM..\RunOnce: [GrpConv] C:\Windows\System32\grpconv.exe (Microsoft Corporation) O4 - Startup: C:\Users\danamal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\igfxtray.exe (MoRUN.net) O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 149 O9 - Extra Button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation) O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O13 - gopher Prefix: missing O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/curren... (Reg Error: Key error.) O16 - DPF: {D4323BF2-006A-4440-A2F5-27E3E7AB25F8} http://3dlifeplayer.dl.3dvia.com/player/install/3DVIA_p... (Virtools WebPlayer Class) O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.) O16 - DPF: {FAB2BB9D-91E9-457E-9D42-75A7FCCBBC00} http://harrypotter.ea.com/global/ti/plugin/DFusionHomeW... (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O24 - Desktop WallPaper: C:\Users\danamal\AppData\Roaming\Microsoft\Windows Photo Gallery\Papier peint de la Galerie de photos Windows.jpg O24 - Desktop BackupWallPaper: C:\Users\danamal\AppData\Roaming\Microsoft\Windows Photo Gallery\Papier peint de la Galerie de photos Windows.jpg O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006.09.18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O33 - MountPoints2\{cab83bd5-092b-11e0-a306-001c2502bfd2}\Shell - "" = AutoRun O33 - MountPoints2\{cab83bd5-092b-11e0-a306-001c2502bfd2}\Shell\AutoRun\command - "" = K:\LaunchU3.exe -a O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2011.02.04 09:55:20 | 000,602,624 | ---- | C] (OldTimer Tools) -- C:\Users\danamal\Desktop\OTL.exe [2011.02.04 07:42:31 | 000,000,000 | ---D | C] -- C:\Program Files\Avira [2011.02.04 06:50:03 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft ATS [2011.01.30 10:11:21 | 000,000,000 | ---D | C] -- C:\ProgramData\l [2011.01.27 11:28:08 | 000,000,000 | ---D | C] -- C:\Users\danamal\Documents\lettre gérance et administration [2011.01.09 10:04:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime [2011.01.09 10:03:52 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime [2011.01.07 12:57:53 | 000,955,784 | ---- | C] (Skype Technologies S.A.) -- C:\Users\danamal\Documents\SkypeSetup.exe [2010.04.12 09:16:53 | 000,047,360 | ---- | C] (VSO Software) -- C:\Users\danamal\AppData\Roaming\pcouffin.sys [2007.05.06 20:28:35 | 000,053,248 | ---- | C] ( ) -- C:\Windows\System32\Interop.Shell32.dll ========== Files - Modified Within 30 Days ========== [2011.02.04 09:55:26 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Users\danamal\Desktop\OTL.exe [2011.02.04 07:13:01 | 003,814,610 | ---- | M] () -- C:\Users\danamal\Desktop\mvc.zip [2011.02.04 06:50:37 | 002,883,584 | ---- | M] () -- C:\Windows\ocsetup_install_MicrosoftWindowsPowerShell.etl [2011.02.04 06:50:37 | 000,131,072 | ---- | M] () -- C:\Windows\ocsetup_cbs_install_MicrosoftWindowsPowerShell.perf [2011.02.04 06:50:37 | 000,065,536 | ---- | M] () -- C:\Windows\ocsetup_cbs_install_MicrosoftWindowsPowerShell.dpx [2011.02.04 06:37:33 | 000,065,536 | ---- | M] () -- C:\Windows\System32\Ikeext.etl [2011.02.04 06:37:14 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2011.02.03 21:35:07 | 000,003,046 | ---- | M] () -- C:\Users\danamal\AppData\Local\uqefulohoq.dll [2011.02.03 21:34:43 | 000,600,142 | ---- | M] () -- C:\Users\danamal\AppData\Roaming\igxpgd32.dat [2011.02.03 21:33:50 | 000,001,050 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2011.02.03 21:33:50 | 000,000,316 | ---- | M] () -- C:\Windows\tasks\GlaryInitialize.job [2011.02.03 21:33:42 | 000,003,200 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2011.02.03 21:33:42 | 000,003,200 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2011.02.03 20:56:06 | 000,003,046 | ---- | M] () -- C:\Users\danamal\AppData\Local\imacesoj.dll [2011.02.03 20:44:50 | 000,001,356 | ---- | M] () -- C:\Users\danamal\AppData\Local\d3d9caps.dat [2011.02.03 20:17:20 | 000,003,046 | ---- | M] () -- C:\Users\danamal\AppData\Local\ejipiyec.dll [2011.02.03 19:53:15 | 000,003,046 | ---- | M] () -- C:\Users\danamal\AppData\Local\okasidub.dll [2011.02.03 19:35:46 | 000,003,046 | ---- | M] () -- C:\Users\danamal\AppData\Local\okegehud.dll [2011.02.03 17:07:00 | 000,001,054 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2011.02.03 16:57:40 | 000,296,816 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2011.01.30 10:36:44 | 000,192,000 | ---- | M] () -- C:\Users\danamal\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011.01.22 11:31:32 | 000,690,594 | ---- | M] () -- C:\Windows\System32\perfh00C.dat [2011.01.22 11:31:32 | 000,609,944 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2011.01.22 11:31:32 | 000,117,366 | ---- | M] () -- C:\Windows\System32\perfc00C.dat [2011.01.22 11:31:32 | 000,103,726 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2011.01.18 08:29:33 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt [2011.01.16 08:25:45 | 000,116,511 | ---- | M] () -- C:\Users\danamal\Documents\hugo 1.jpg [2011.01.16 08:22:01 | 000,130,593 | ---- | M] () -- C:\Users\danamal\Documents\hugo.jpg [2011.01.13 09:47:35 | 000,038,848 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr [2011.01.13 09:47:32 | 000,188,216 | ---- | M] (AVAST Software) -- C:\Windows\System32\aswBoot.exe [2011.01.13 09:41:16 | 000,294,608 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswSP.sys [2011.01.13 09:40:16 | 000,047,440 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswTdi.sys [2011.01.13 09:37:30 | 000,023,632 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswRdr.sys [2011.01.13 09:37:19 | 000,051,280 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswMonFlt.sys [2011.01.13 09:37:09 | 000,017,744 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswFsBlk.sys ========== Files Created - No Company Name ========== [2011.02.04 07:12:48 | 003,814,610 | ---- | C] () -- C:\Users\danamal\Desktop\mvc.zip [2011.02.04 06:50:11 | 000,131,072 | ---- | C] () -- C:\Windows\ocsetup_cbs_install_MicrosoftWindowsPowerShell.perf [2011.02.04 06:50:11 | 000,065,536 | ---- | C] () -- C:\Windows\ocsetup_cbs_install_MicrosoftWindowsPowerShell.dpx [2011.02.04 06:50:10 | 002,883,584 | ---- | C] () -- C:\Windows\ocsetup_install_MicrosoftWindowsPowerShell.etl [2011.02.03 21:35:07 | 000,003,046 | ---- | C] () -- C:\Users\danamal\AppData\Local\uqefulohoq.dll [2011.02.03 21:32:30 | 000,002,241 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\PCM Media Sharing.lnk [2011.02.03 21:32:30 | 000,001,717 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2011.02.03 21:32:30 | 000,001,493 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Empowering Technology Launcher.lnk [2011.02.03 21:32:30 | 000,001,119 | ---- | C] () -- C:\Users\danamal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 - Capture d'écran et lancement.lnk [2011.02.03 21:32:30 | 000,001,051 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Image Transfer.lnk [2011.02.03 21:32:30 | 000,000,779 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Brother SmartUI PopUp.lnk [2011.02.03 20:56:06 | 000,003,046 | ---- | C] () -- C:\Users\danamal\AppData\Local\imacesoj.dll [2011.02.03 20:17:20 | 000,003,046 | ---- | C] () -- C:\Users\danamal\AppData\Local\ejipiyec.dll [2011.02.03 19:53:15 | 000,003,046 | ---- | C] () -- C:\Users\danamal\AppData\Local\okasidub.dll [2011.02.03 19:35:46 | 000,003,046 | ---- | C] () -- C:\Users\danamal\AppData\Local\okegehud.dll [2011.02.03 17:01:08 | 000,600,142 | ---- | C] () -- C:\Users\danamal\AppData\Roaming\igxpgd32.dat [2011.01.16 08:25:45 | 000,116,511 | ---- | C] () -- C:\Users\danamal\Documents\hugo 1.jpg [2011.01.16 08:22:01 | 000,130,593 | ---- | C] () -- C:\Users\danamal\Documents\hugo.jpg [2011.01.07 12:56:34 | 000,001,329 | ---- | C] () -- C:\Users\danamal\Documents\Acer Tour.lnk [2011.01.07 12:56:01 | 000,002,069 | ---- | C] () -- C:\Users\danamal\Documents\Acer Arcade Live.lnk [2011.01.07 12:55:17 | 000,001,979 | ---- | C] () -- C:\Users\danamal\Documents\NTI CD & DVD-Maker 7.lnk [2010.12.27 15:15:45 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat [2010.06.27 07:16:15 | 000,110,592 | ---- | C] () -- C:\Windows\System32\FsUsbExDevice.Dll [2010.06.27 07:16:15 | 000,036,608 | ---- | C] () -- C:\Windows\System32\FsUsbExDisk.Sys [2010.04.12 09:46:15 | 000,884,736 | ---- | C] () -- C:\Windows\System32\vorbisenc.dll [2010.04.12 09:46:15 | 000,147,456 | ---- | C] () -- C:\Windows\System32\vorbis.dll [2010.04.12 09:46:15 | 000,045,056 | ---- | C] () -- C:\Windows\System32\ogg.dll [2010.04.12 09:46:14 | 000,688,128 | ---- | C] () -- C:\Windows\System32\ia32math.dll [2010.04.12 09:46:14 | 000,491,520 | ---- | C] () -- C:\Windows\System32\mp3lib.dll [2010.04.12 09:46:14 | 000,212,992 | ---- | C] () -- C:\Windows\System32\lame_enc.dll [2010.04.12 09:46:14 | 000,204,800 | ---- | C] () -- C:\Windows\System32\libvorbis.dll [2010.04.12 09:46:14 | 000,147,522 | ---- | C] () -- C:\Windows\System32\language.ini [2010.04.12 09:46:14 | 000,045,056 | ---- | C] () -- C:\Windows\System32\LameEncShim.dll [2010.04.12 09:46:13 | 000,070,018 | ---- | C] () -- C:\Windows\System32\akrip32.dll [2010.04.12 09:18:18 | 000,000,033 | ---- | C] () -- C:\Users\danamal\AppData\Roaming\pcouffin.log [2010.04.12 09:16:53 | 000,087,608 | ---- | C] () -- C:\Users\danamal\AppData\Roaming\inst.exe [2010.04.12 09:16:53 | 000,007,887 | ---- | C] () -- C:\Users\danamal\AppData\Roaming\pcouffin.cat [2010.04.12 09:16:53 | 000,001,144 | ---- | C] () -- C:\Users\danamal\AppData\Roaming\pcouffin.inf [2009.12.04 14:49:54 | 000,024,704 | ---- | C] () -- C:\Windows\System32\drivers\NinjaUSB.sys [2009.09.18 12:15:25 | 000,000,092 | ---- | C] () -- C:\Users\danamal\AppData\Local\amzfrfiv.bat [2009.08.03 15:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll [2009.03.09 09:25:02 | 000,164,352 | ---- | C] () -- C:\Windows\System32\unrar.dll [2009.03.09 09:25:00 | 000,755,027 | ---- | C] () -- C:\Windows\System32\xvidcore.dll [2009.03.09 09:24:59 | 000,159,839 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll [2009.03.09 09:24:58 | 000,007,680 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll [2009.01.27 09:41:44 | 000,000,091 | ---- | C] () -- C:\Users\danamal\AppData\Local\bnaobo.bat [2008.12.17 09:30:54 | 000,030,208 | ---- | C] () -- C:\Windows\System32\WNASPI32.DLL [2008.12.17 09:30:54 | 000,000,291 | ---- | C] () -- C:\Windows\msfsetup.ini [2008.12.16 08:06:59 | 000,000,094 | ---- | C] () -- C:\Users\danamal\AppData\Local\eppbc.bat [2008.11.17 15:26:39 | 000,000,035 | ---- | C] () -- C:\Windows\A4W.INI [2008.11.17 15:24:43 | 000,000,021 | ---- | C] () -- C:\Windows\phbase.ini [2008.11.17 15:23:22 | 000,000,000 | ---- | C] () -- C:\Windows\OP70.INI [2008.11.17 15:22:26 | 000,000,143 | ---- | C] () -- C:\Windows\pstudio.ini [2008.11.17 15:22:26 | 000,000,028 | ---- | C] () -- C:\Windows\album.ini [2008.11.17 15:22:26 | 000,000,021 | ---- | C] () -- C:\Windows\Ps_setup.ini [2008.08.16 08:13:32 | 000,000,118 | ---- | C] () -- C:\Windows\System32\MRT.INI [2008.06.19 19:21:58 | 000,001,356 | ---- | C] () -- C:\Users\danamal\AppData\Local\d3d9caps.dat [2008.05.16 16:52:29 | 000,585,824 | ---- | C] () -- C:\Windows\System32\drivers\lvcm.sys [2008.05.16 16:52:29 | 000,006,812 | ---- | C] () -- C:\Windows\System32\lvcoinst.ini [2008.05.16 16:44:33 | 000,000,059 | ---- | C] () -- C:\Windows\WININIT.INI [2008.05.15 13:28:35 | 000,094,208 | ---- | C] () -- C:\Users\danamal\AppData\Local\pgcnfs.dll [2008.04.14 11:53:41 | 000,026,340 | ---- | C] () -- C:\Users\danamal\AppData\Roaming\UserTile.png [2008.04.12 09:42:38 | 000,000,688 | ---- | C] () -- C:\Users\danamal\AppData\Roaming\wklnhst.dat [2008.04.12 09:08:46 | 000,026,613 | ---- | C] () -- C:\Windows\maxlink.ini [2008.04.12 07:19:05 | 000,005,570 | ---- | C] () -- C:\Windows\_delis32.ini [2008.04.12 07:12:06 | 000,192,000 | ---- | C] () -- C:\Users\danamal\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2008.04.12 07:02:44 | 000,000,382 | ---- | C] () -- C:\Windows\ODBC.INI [2008.04.11 17:29:57 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll [2008.04.11 10:03:27 | 000,000,044 | ---- | C] () -- C:\Windows\Acer(Normal).ini [2008.04.11 10:03:27 | 000,000,042 | ---- | C] () -- C:\Windows\Acer(Wide).ini [2007.10.25 16:26:10 | 000,005,632 | ---- | C] () -- C:\Windows\System32\drivers\StarOpen.sys [2007.05.07 06:02:59 | 000,001,024 | RH-- | C] () -- C:\Windows\System32\NTIBUN4.dll [2007.05.07 04:44:16 | 000,000,834 | ---- | C] () -- C:\Windows\generic.ini [2007.05.07 04:44:16 | 000,000,123 | ---- | C] () -- C:\Windows\Alaunch.ini [2007.05.06 20:28:35 | 000,331,776 | ---- | C] () -- C:\Windows\System32\ScrollBarLib.dll [2007.02.06 22:58:10 | 000,204,800 | ---- | C] () -- C:\Windows\System32\NotesActnMenu.dll [2007.02.06 22:57:58 | 000,266,240 | ---- | C] () -- C:\Windows\System32\NotesExtmngr.dll [2007.02.06 22:57:20 | 000,086,016 | ---- | C] () -- C:\Windows\System32\MSNSpook.dll [2007.02.06 22:56:30 | 000,028,672 | ---- | C] () -- C:\Windows\System32\BatchCrypto.dll [2007.02.06 22:56:28 | 000,073,728 | ---- | C] () -- C:\Windows\System32\APISlice.dll [2007.02.06 22:52:08 | 000,063,488 | ---- | C] () -- C:\Windows\System32\ShowErrMsg.dll [2006.12.25 14:44:48 | 000,022,016 | ---- | C] () -- C:\Windows\System32\MailFormat_U.dll [2006.11.02 13:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll [2006.11.02 08:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini [2002.07.08 07:23:04 | 000,101,376 | ---- | C] () -- C:\Windows\System32\Welsof32.dll [2002.01.08 15:57:34 | 000,110,592 | ---- | C] () -- C:\Windows\System32\Jpeg32.dll [2001.12.26 14:12:30 | 000,065,536 | ---- | C] () -- C:\Windows\System32\multiplex_vcd.dll [2001.09.03 21:46:38 | 000,110,592 | ---- | C] () -- C:\Windows\System32\Hmpg12.dll [2001.07.30 14:33:56 | 000,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC.dll [2001.07.23 20:04:36 | 000,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC_MMX.dll [1999.01.27 12:39:06 | 000,065,024 | ---- | C] () -- C:\Windows\System32\indounin.dll [1997.06.13 06:56:08 | 000,056,832 | ---- | C] () -- C:\Windows\System32\Iyvu9_32.dll ========== LOP Check ========== [2010.03.01 09:05:57 | 000,000,000 | ---D | M] -- C:\Users\danamal\AppData\Roaming\Alawar [2010.10.13 09:49:57 | 000,000,000 | ---D | M] -- C:\Users\danamal\AppData\Roaming\Canon [2010.05.10 11:32:39 | 000,000,000 | ---D | M] -- C:\Users\danamal\AppData\Roaming\CoSoSys [2010.08.20 16:55:44 | 000,000,000 | ---D | M] -- C:\Users\danamal\AppData\Roaming\CrazyLoader [2009.06.21 08:29:07 | 000,000,000 | ---D | M] -- C:\Users\danamal\AppData\Roaming\EoRezo [2008.04.12 06:37:44 | 000,000,000 | ---D | M] -- C:\Users\danamal\AppData\Roaming\eSobi [2010.03.17 16:32:32 | 000,000,000 | ---D | M] -- C:\Users\danamal\AppData\Roaming\GlarySoft [2010.03.26 17:32:51 | 000,000,000 | ---D | M] -- C:\Users\danamal\AppData\Roaming\HiYo [2009.05.21 06:27:11 | 000,000,000 | ---D | M] -- C:\Users\danamal\AppData\Roaming\ItsLabel [2010.06.27 07:28:27 | 000,000,000 | ---D | M] -- C:\Users\danamal\AppData\Roaming\PC Suite [2008.04.14 11:53:41 | 000,000,000 | ---D | M] -- C:\Users\danamal\AppData\Roaming\PeerNetworking [2010.06.27 07:16:04 | 000,000,000 | ---D | M] -- C:\Users\danamal\AppData\Roaming\Samsung [2010.12.12 09:03:15 | 000,000,000 | ---D | M] -- C:\Users\danamal\AppData\Roaming\Shareaza [2008.04.12 09:43:15 | 000,000,000 | ---D | M] -- C:\Users\danamal\AppData\Roaming\Template [2010.04.12 09:24:10 | 000,000,000 | ---D | M] -- C:\Users\danamal\AppData\Roaming\Vso [2011.02.03 21:33:50 | 000,000,316 | ---- | M] () -- C:\Windows\Tasks\GlaryInitialize.job [2011.02.03 21:47:47 | 000,032,572 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT ========== Purity Check ========== ========== Alternate Data Streams ========== @Alternate Data Stream - 16 bytes -> C:\Users\danamal\Documents\Shareaza Downloads:Shareaza.GUID @Alternate Data Stream - 119 bytes -> C:\ProgramData\TEMP:A163B050 < End of report > DRV - [2011.01.13 09:41:16 | 000,294,608 | ---- | M] (AVAST Software) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP) DRV - [2011.01.13 09:40:16 | 000,047,440 | ---- | M] (AVAST Software) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi) DRV - [2011.01.13 09:37:30 | 000,023,632 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr.sys -- (aswRdr) DRV - [2011.01.13 09:37:19 | 000,051,280 | ---- | M] (AVAST Software) [File_System | Auto | Stopped] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt) DRV - [2011.01.13 09:37:09 | 000,017,744 | ---- | M] (AVAST Software) [File_System | Auto | Stopped] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk) DRV - [2009.12.04 14:49:54 | 000,024,704 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NinjaUSB.sys -- (NinjaUSB) DRV - [2009.08.05 22:48:42 | 000,054,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\fssfltr.sys -- (fssfltr) DRV - [2009.07.15 08:08:24 | 000,036,608 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\FsUsbExDisk.Sys -- (FsUsbExDisk) DRV - [2007.12.06 08:51:00 | 000,298,496 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\yk60x86.sys -- (yukonwlh) DRV - [2007.09.17 14:53:26 | 000,021,632 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd) DRV - [2007.07.03 15:58:20 | 000,106,792 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sscdmdm.sys -- (sscdmdm) DRV - [2007.07.03 15:57:24 | 000,011,944 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sscdmdfl.sys -- (sscdmdfl) DRV - [2007.07.03 15:54:24 | 000,080,552 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sscdbus.sys -- (sscdbus) SAMSUNG USB Composite Device driver (WDM) DRV - [2007.05.17 15:01:46 | 002,608,640 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag) DRV - [2007.05.06 20:16:50 | 000,006,144 | ---- | M] (NewTech Infosystems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NTIDrvr.sys -- (NTIDrvr) DRV - [2007.03.26 12:18:18 | 001,761,696 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\RTKVHDA.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM) DRV - [2007.02.06 23:04:54 | 000,016,680 | ---- | M] (HiTRUST) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\PSDNServ.sys -- (PSDNServ) DRV - [2007.02.06 23:04:50 | 000,060,712 | ---- | M] (HiTRUST) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\psdvdisk.sys -- (psdvdisk) DRV - [2007.02.06 23:04:48 | 000,020,264 | ---- | M] (HiTRUST) [File_System | Boot | Running] -- C:\Windows\system32\DRIVERS\psdfilter.sys -- (PSDFilter) DRV - [2006.12.07 17:12:02 | 000,076,584 | ---- | M] () [Kernel | Auto | Stopped] -- C:\Acer\Empowering Technology\eRecovery\int15.sys -- (int15) DRV - [2006.11.02 10:51:45 | 000,900,712 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300) DRV - [2006.11.02 10:51:38 | 000,420,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx) DRV - [2006.11.02 10:51:34 | 000,316,520 | ---- | M] (Emulex) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor) DRV - [2006.11.02 10:51:32 | 000,297,576 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci) DRV - [2006.11.02 10:51:25 | 000,235,112 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci) DRV - [2006.11.02 10:51:25 | 000,232,040 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV) DRV - [2006.11.02 10:51:00 | 000,147,048 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320) DRV - [2006.11.02 10:50:45 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2) DRV - [2006.11.02 10:50:41 | 000,112,232 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid) DRV - [2006.11.02 10:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx) DRV - [2006.11.02 10:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata) DRV - [2006.11.02 10:50:35 | 000,098,408 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m) DRV - [2006.11.02 10:50:24 | 000,088,680 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid) DRV - [2006.11.02 10:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960) DRV - [2006.11.02 10:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp) DRV - [2006.11.02 10:50:16 | 000,071,784 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4) DRV - [2006.11.02 10:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor) DRV - [2006.11.02 10:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx) DRV - [2006.11.02 10:50:10 | 000,067,688 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas) DRV - [2006.11.02 10:50:10 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI) DRV - [2006.11.02 10:50:10 | 000,038,504 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid2.sys -- (SiSRaid2) DRV - [2006.11.02 10:50:10 | 000,037,480 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs) DRV - [2006.11.02 10:50:09 | 000,067,688 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arc.sys -- (arc) DRV - [2006.11.02 10:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid) DRV - [2006.11.02 10:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi) DRV - [2006.11.02 10:50:05 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS) DRV - [2006.11.02 10:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx) DRV - [2006.11.02 10:50:04 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC) DRV - [2006.11.02 10:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3) DRV - [2006.11.02 10:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x) DRV - [2006.11.02 10:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi) DRV - [2006.11.02 10:49:53 | 000,028,776 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasas.sys -- (megasas) DRV - [2006.11.02 10:49:30 | 000,017,512 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\viaide.sys -- (viaide) DRV - [2006.11.02 10:49:28 | 000,016,488 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide) DRV - [2006.11.02 10:49:20 | 000,014,952 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\aliide.sys -- (aliide) DRV - [2006.11.02 09:55:04 | 000,071,552 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\USBAUDIO.sys -- (usbaudio) Pilote USB audio (WDM) DRV - [2006.11.02 09:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\BrSerId.sys -- (Brserid) Pilote d’interface de port série Brother MFC (WDM) DRV - [2006.11.02 09:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\BrUsbSer.sys -- (BrUsbSer) DRV - [2006.11.02 09:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp) DRV - [2006.11.02 09:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo) DRV - [2006.11.02 09:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm) DRV - [2006.11.02 09:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm) DRV - [2006.11.02 08:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi) DRV - [2006.11.02 08:30:56 | 000,311,808 | ---- | M] (Realtek) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RTL85n86.sys -- (RTL85n86) DRV - [2006.11.02 08:30:54 | 000,117,760 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel(R) DRV - [2006.10.30 04:22:26 | 000,008,192 | ---- | M] (ATI Technologies Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\AtiPcie.sys -- (AtiPcie) ATI PCI Express (3GIO) DRV - [2004.10.08 12:58:32 | 000,585,824 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lvcm.sys -- (QCMerced) DRV - [2004.10.08 12:57:48 | 000,022,016 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\LVUSBSta.sys -- (LVUSBSta) DRV - [2000.03.29 16:11:20 | 000,008,096 | ---- | M] (MicroStaff Co.,Ltd.) [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\MASPINT.SYS -- (MASPINT) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\..\URLSearchHook: {e9911ec6-1bcc-40b0-9993-e0eea7f6953f} - C:\Program Files\DVDVideoSoft\tbDVDV.dll (Conduit Ltd.) IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Yahoo! Search IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.sunrise.ch/fr/index.htm IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://ch.msn.com/defaultf.aspx?lang=fr-ch&ocid=iehp IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = fr-ch IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:8992 ========== FireFox ========== FF - prefs.js..network.proxy.no_proxies_on: "localhost" FF - prefs.js..browser.startup.homepage: "http://www.lo.st" FF - prefs.js..keyword.URL: "http://search.live.com/results.aspx?mkt=fr-CH&FORM=MSNI..." FF - HKLM\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Program Files\Real\RealPlayer\browserrecord [2009.04.05 09:36:18 | 000,000,000 | ---D | M] [2009.03.09 08:00:19 | 000,000,000 | ---D | M] (No name found) -- C:\Users\danamal\AppData\Roaming\mozilla\Extensions [2009.03.09 08:00:19 | 000,000,000 | ---D | M] (No name found) -- C:\Users\danamal\AppData\Roaming\mozilla\Extensions\mozswing@mozswing.org [2010.04.12 10:59:44 | 000,000,000 | ---D | M] (No name found) -- C:\Users\danamal\AppData\Roaming\mozilla\Firefox\Profiles\dhxsvpp7.default\extensions [2010.04.12 10:59:44 | 000,000,000 | ---D | M] (DVDVideoSoft Toolbar) -- C:\Users\danamal\AppData\Roaming\mozilla\Firefox\Profiles\dhxsvpp7.default\extensions\{e9911ec6-1bcc-40b0-9993-e0eea7f6953f} O1 HOSTS File: ([2006.09.18 22:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2 - BHO: (Aide pour le lien d'Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll (RealPlayer) O2 - BHO: (no name) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No CLSID value found. O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found. O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation) O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\Program Files\Google\GoogleToolbar1.dll (Google Inc.) O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation) O2 - BHO: (DVDVideoSoft Toolbar) - {e9911ec6-1bcc-40b0-9993-e0eea7f6953f} - C:\Program Files\DVDVideoSoft\tbDVDV.dll (Conduit Ltd.) O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation) O3 - HKLM\..\Toolbar: (&Google) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar1.dll (Google Inc.) O3 - HKLM\..\Toolbar: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\System32\eDStoolbar.dll (HiTRUST) O3 - HKLM\..\Toolbar: (DVDVideoSoft Toolbar) - {e9911ec6-1bcc-40b0-9993-e0eea7f6953f} - C:\Program Files\DVDVideoSoft\tbDVDV.dll (Conduit Ltd.) O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKCU\..\Toolbar\ShellBrowser: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477E-A7DD-396DB0476E29} - C:\Windows\System32\eDStoolbar.dll (HiTRUST) O3 - HKCU\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation) O3 - HKCU\..\Toolbar\WebBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar1.dll (Google Inc.) O3 - HKCU\..\Toolbar\WebBrowser: (DVDVideoSoft Toolbar) - {E9911EC6-1BCC-40B0-9993-E0EEA7F6953F} - C:\Program Files\DVDVideoSoft\tbDVDV.dll (Conduit Ltd.) O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [D066UUtility] C:\Windows\twain_32\D66U\D066UUTY.EXE () O4 - HKLM..\Run: [Hiyo] C:\Program Files\HiYo\bin\HiYo.exe (IncrediMail, Ltd.) O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation) O4 - HKLM..\Run: [Malwarebytes' Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation) O4 - HKLM..\Run: [MSConfig] C:\Windows\System32\msconfig.exe (Microsoft Corporation) O4 - HKCU..\Run: [AutoStartNPSAgent] C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe (Samsung Electronics Co., Ltd.) O4 - HKCU..\Run: [Pleyo] C:\Users\danamal\AppData\Local\pgcnfs.dll () O4 - HKCU..\Run: [rwrpcloe] C:\Users\danamal\AppData\Local\Temp\orngsxkpu\vopoqlrsjmo.exe () O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe (Google Inc.) O4 - HKLM..\RunOnce: [cspep.exe] C:\Program Files\cspep\cspep.exe () O4 - HKLM..\RunOnce: [GrpConv] C:\Windows\System32\grpconv.exe (Microsoft Corporation) O4 - Startup: C:\Users\danamal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\igfxtray.exe (MoRUN.net) O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 149 O9 - Extra Button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation) O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O13 - gopher Prefix: missing O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/curren... (Reg Error: Key error.) O16 - DPF: {D4323BF2-006A-4440-A2F5-27E3E7AB25F8} http://3dlifeplayer.dl.3dvia.com/player/install/3DVIA_p... (Virtools WebPlayer Class) O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.) O16 - DPF: {FAB2BB9D-91E9-457E-9D42-75A7FCCBBC00} http://harrypotter.ea.com/global/ti/plugin/DFusionHomeW... (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O24 - Desktop WallPaper: C:\Users\danamal\AppData\Roaming\Microsoft\Windows Photo Gallery\Papier peint de la Galerie de photos Windows.jpg O24 - Desktop BackupWallPaper: C:\Users\danamal\AppData\Roaming\Microsoft\Windows Photo Gallery\Papier peint de la Galerie de photos Windows.jpg O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006.09.18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O33 - MountPoints2\{cab83bd5-092b-11e0-a306-001c2502bfd2}\Shell - "" = AutoRun O33 - MountPoints2\{cab83bd5-092b-11e0-a306-001c2502bfd2}\Shell\AutoRun\command - "" = K:\LaunchU3.exe -a O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2011.02.04 09:55:20 | 000,602,624 | ---- | C] (OldTimer Tools) -- C:\Users\danamal\Desktop\OTL.exe [2011.02.04 07:42:31 | 000,000,000 | ---D | C] -- C:\Program Files\Avira [2011.02.04 06:50:03 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft ATS [2011.01.30 10:11:21 | 000,000,000 | ---D | C] -- C:\ProgramData\l [2011.01.27 11:28:08 | 000,000,000 | ---D | C] -- C:\Users\danamal\Documents\lettre gérance et administration [2011.01.09 10:04:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime [2011.01.09 10:03:52 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime [2011.01.07 12:57:53 | 000,955,784 | ---- | C] (Skype Technologies S.A.) -- C:\Users\danamal\Documents\SkypeSetup.exe [2010.04.12 09:16:53 | 000,047,360 | ---- | C] (VSO Software) -- C:\Users\danamal\AppData\Roaming\pcouffin.sys [2007.05.06 20:28:35 | 000,053,248 | ---- | C] ( ) -- C:\Windows\System32\Interop.Shell32.dll ========== Files - Modified Within 30 Days ========== [2011.02.04 09:55:26 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Users\danamal\Desktop\OTL.exe [2011.02.04 07:13:01 | 003,814,610 | ---- | M] () -- C:\Users\danamal\Desktop\mvc.zip [2011.02.04 06:50:37 | 002,883,584 | ---- | M] () -- C:\Windows\ocsetup_install_MicrosoftWindowsPowerShell.etl [2011.02.04 06:50:37 | 000,131,072 | ---- | M] () -- C:\Windows\ocsetup_cbs_install_MicrosoftWindowsPowerShell.perf [2011.02.04 06:50:37 | 000,065,536 | ---- | M] () -- C:\Windows\ocsetup_cbs_install_MicrosoftWindowsPowerShell.dpx [2011.02.04 06:37:33 | 000,065,536 | ---- | M] () -- C:\Windows\System32\Ikeext.etl [2011.02.04 06:37:14 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2011.02.03 21:35:07 | 000,003,046 | ---- | M] () -- C:\Users\danamal\AppData\Local\uqefulohoq.dll [2011.02.03 21:34:43 | 000,600,142 | ---- | M] () -- C:\Users\danamal\AppData\Roaming\igxpgd32.dat [2011.02.03 21:33:50 | 000,001,050 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2011.02.03 21:33:50 | 000,000,316 | ---- | M] () -- C:\Windows\tasks\GlaryInitialize.job [2011.02.03 21:33:42 | 000,003,200 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2011.02.03 21:33:42 | 000,003,200 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2011.02.03 20:56:06 | 000,003,046 | ---- | M] () -- C:\Users\danamal\AppData\Local\imacesoj.dll [2011.02.03 20:44:50 | 000,001,356 | ---- | M] () -- C:\Users\danamal\AppData\Local\d3d9caps.dat [2011.02.03 20:17:20 | 000,003,046 | ---- | M] () -- C:\Users\danamal\AppData\Local\ejipiyec.dll [2011.02.03 19:53:15 | 000,003,046 | ---- | M] () -- C:\Users\danamal\AppData\Local\okasidub.dll [2011.02.03 19:35:46 | 000,003,046 | ---- | M] () -- C:\Users\danamal\AppData\Local\okegehud.dll [2011.02.03 17:07:00 | 000,001,054 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2011.02.03 16:57:40 | 000,296,816 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2011.01.30 10:36:44 | 000,192,000 | ---- | M] () -- C:\Users\danamal\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011.01.22 11:31:32 | 000,690,594 | ---- | M] () -- C:\Windows\System32\perfh00C.dat [2011.01.22 11:31:32 | 000,609,944 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2011.01.22 11:31:32 | 000,117,366 | ---- | M] () -- C:\Windows\System32\perfc00C.dat [2011.01.22 11:31:32 | 000,103,726 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2011.01.18 08:29:33 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt [2011.01.16 08:25:45 | 000,116,511 | ---- | M] () -- C:\Users\danamal\Documents\hugo 1.jpg [2011.01.16 08:22:01 | 000,130,593 | ---- | M] () -- C:\Users\danamal\Documents\hugo.jpg [2011.01.13 09:47:35 | 000,038,848 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr [2011.01.13 09:47:32 | 000,188,216 | ---- | M] (AVAST Software) -- C:\Windows\System32\aswBoot.exe [2011.01.13 09:41:16 | 000,294,608 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswSP.sys [2011.01.13 09:40:16 | 000,047,440 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswTdi.sys [2011.01.13 09:37:30 | 000,023,632 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswRdr.sys [2011.01.13 09:37:19 | 000,051,280 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswMonFlt.sys [2011.01.13 09:37:09 | 000,017,744 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswFsBlk.sys ========== Files Created - No Company Name ========== [2011.02.04 07:12:48 | 003,814,610 | ---- | C] () -- C:

| Alerter

Répondre à chat1972

Lassé par la pub ? Créez un compte

Créer un nouveau sujet

Contenus similaires :

Tags :

virus

Tom's guide dans le monde