Pc qui ne réagis plus....Virus ?
Dernière réponse : dans Sécurité
Bonsoir,
Alors pour faire simple : J'ai un GROS soucis avec mon pc.
J'ai jamais eu affaire à ce genre de problème avant.
Enfin bref, mon pc est un Compaq presario v6000.
Il y à quelque jours je l'ai nettoyer avec Malware bytes; tout allais bien.
Et hier après midi, tranquillement entrain de regarder un film, je reçois un message que je n'ai pas le temps de lire.
Je rallume, et LA c'est le drame !
- 30 min pour démarrer , voir plus !
- Plus aucun son !
- Windows XP ma refourguer sont ancien thème !
- Je ne peu plus visionner d'images
- je peu toujours ouvrir les logiciels
- dans le système les giga Hertz ne sont pas afficher ! (wtf?)
- la barre des menu n'est plus apparente n'y accessible
- aucun accès à internet
Je n'ai pas essayer de formater car je n'ai pas envie de perdre tous mon travail sur photoshop, ou mes compos .
( J'avais déja poster sur le forum "système d'éxploitation" mais ce forum me semble plus adéquat .
Aussi je rajoute que mon pc ne réagis pas lorsque je connecte une clé usb; et c'est ce qui me dérange le plus car je pense enregistrer mes données pour passer ensuite au grand nettoyage.)
Si quelqu'un à une idée, qu'il ou elle n'hésite pas.![:(]( ":(")
Voila, merci de m'avoir lu, et bonne fête de la musique à vous.![:)]( ":)")
Alors pour faire simple : J'ai un GROS soucis avec mon pc.
J'ai jamais eu affaire à ce genre de problème avant.
Enfin bref, mon pc est un Compaq presario v6000.
Il y à quelque jours je l'ai nettoyer avec Malware bytes; tout allais bien.
Et hier après midi, tranquillement entrain de regarder un film, je reçois un message que je n'ai pas le temps de lire.
Je rallume, et LA c'est le drame !
- 30 min pour démarrer , voir plus !
- Plus aucun son !
- Windows XP ma refourguer sont ancien thème !
- Je ne peu plus visionner d'images
- je peu toujours ouvrir les logiciels
- dans le système les giga Hertz ne sont pas afficher ! (wtf?)
- la barre des menu n'est plus apparente n'y accessible
- aucun accès à internet
Je n'ai pas essayer de formater car je n'ai pas envie de perdre tous mon travail sur photoshop, ou mes compos .
( J'avais déja poster sur le forum "système d'éxploitation" mais ce forum me semble plus adéquat .
Aussi je rajoute que mon pc ne réagis pas lorsque je connecte une clé usb; et c'est ce qui me dérange le plus car je pense enregistrer mes données pour passer ensuite au grand nettoyage.)
Si quelqu'un à une idée, qu'il ou elle n'hésite pas.
Voila, merci de m'avoir lu, et bonne fête de la musique à vous.
Autres pages sur : reagis virus
Lassé par la pub ? Créez un compte
Bonjour,
Il nous faudrait le premier rapport de malwarebyte's (sous l'onglet "rapport" ) puis :
Télécharge OTL (de Old Timer) sur ton bureau.
Ferme toutes tes fenêtres, puis double clique sur OTL.exe pour le lancer.
(Utilisateur de Vista/Windows 7 faites un clic droit -> "Exécuter en tant qu'administrateur")
Coche en haut la case devant "Tous les utilisateurs"
Sous Personnalisation, copie-colle l'ensemble du texte ci-dessous, laisse les autres options par défaut.
Clique sur le bouton Analyse en haut à gauche puis patiente quelques instants.
A la fin du scan, deux rapports s'ouvriront OTL.Txt et Extras.Txt. Copie/colle ici l'ensemble des rapports.
PS : Les rapports sont aussi enregistrés sur le bureau
Pour les rapports, merci d'utiliser ce service de rapport en ligne : dépose le fichier via "parcourir" et poste simplement le lien obtenu.
Il nous faudrait le premier rapport de malwarebyte's (sous l'onglet "rapport" ) puis :
Télécharge OTL (de Old Timer) sur ton bureau.
(Utilisateur de Vista/Windows 7 faites un clic droit -> "Exécuter en tant qu'administrateur")
netsvcs
msconfig
drivers32
activex
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
CREATERESTOREPOINT
msconfig
drivers32
activex
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
CREATERESTOREPOINT
PS : Les rapports sont aussi enregistrés sur le bureau
Pour les rapports, merci d'utiliser ce service de rapport en ligne : dépose le fichier via "parcourir" et poste simplement le lien obtenu.
Merci pour ta réponse.
Je n'ai décidément pas de chance, mais je ne trouve nul part OLT, même sur ton lien, le pc sur lequel je suis me dit que le délai d'attente est dépassé...( j'éssaierais plus tard).
(je suis sur le pc portable de mon frère.)
Et pour te donner les rapports ce sera difficile car la fonction "copier coller " de MON pc ne fonctionne plus. Et c'est dommage car en connectant le disque dur externe avant d'allumer le pc, celui ci le détecte .
Je n'ai décidément pas de chance, mais je ne trouve nul part OLT, même sur ton lien, le pc sur lequel je suis me dit que le délai d'attente est dépassé...( j'éssaierais plus tard).
(je suis sur le pc portable de mon frère.)
Et pour te donner les rapports ce sera difficile car la fonction "copier coller " de MON pc ne fonctionne plus. Et c'est dommage car en connectant le disque dur externe avant d'allumer le pc, celui ci le détecte .
Re,
Non tu ne pourras pas recopier à la main de tel rapport !
Essaye en mode sans échec, sinon comme je disais, on en passera par un livecd.
(Mode sans échec :
Redémarre en Mode Sans Echec :
- Au démarrage, après le chargement du bios, appuie successivement sur la touche F8 (ou F5) de ton clavier jusqu'à l'apparition d'un menu sur fond noir. Une fois arrivé à ce stade, sélectionne à l'aide du clavier Mode sans Echec.
-- Dans ce mode, tu n'as pas accès à Internet, et tu te retrouves avec une configuration visuelle différente (pas de fond d'écran, icônes très grosses). Ne sois donc pas étonné.
--- C'est pour ces différentes raisons que je t'invite à imprimer, noter, ou enregistrer dans un document texte les informations suivantes afin de ne pas être perdu.
---- ! Ne fais pas démarrer ton ordinateur en mode sans échec via MSConfig ! Pourquoi ? Certaines infections cassent les clefs du mode sans échec, ce qui ferait crasher ton ordinateur.
Aide : Comment faire démarrer son ordinateur en mode sans échec. )
Non tu ne pourras pas recopier à la main de tel rapport !
Essaye en mode sans échec, sinon comme je disais, on en passera par un livecd.
(Mode sans échec :
Redémarre en Mode Sans Echec :
- Au démarrage, après le chargement du bios, appuie successivement sur la touche F8 (ou F5) de ton clavier jusqu'à l'apparition d'un menu sur fond noir. Une fois arrivé à ce stade, sélectionne à l'aide du clavier Mode sans Echec.
-- Dans ce mode, tu n'as pas accès à Internet, et tu te retrouves avec une configuration visuelle différente (pas de fond d'écran, icônes très grosses). Ne sois donc pas étonné.
--- C'est pour ces différentes raisons que je t'invite à imprimer, noter, ou enregistrer dans un document texte les informations suivantes afin de ne pas être perdu.
---- ! Ne fais pas démarrer ton ordinateur en mode sans échec via MSConfig ! Pourquoi ? Certaines infections cassent les clefs du mode sans échec, ce qui ferait crasher ton ordinateur.
Aide : Comment faire démarrer son ordinateur en mode sans échec. )
Le rapport Extras :
OTL Extras logfile created on: 24/06/2011 07:41:21 - Run 1
OTL by OldTimer - Version 3.2.24.1 Folder = E:\
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy
1,99 Gb Total Physical Memory | 1,76 Gb Available Physical Memory | 88,25% Memory free
3,84 Gb Paging File | 3,78 Gb Available in Paging File | 98,51% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 102,60 Gb Total Space | 35,14 Gb Free Space | 34,25% Space Free | Partition Type: NTFS
Drive E: | 976,59 Mb Total Space | 454,72 Mb Free Space | 46,56% Space Free | Partition Type: FAT
Computer Name: PC-PORTABLE | User Name: Jimmy | Logged in as Administrator.
Boot Mode: SafeMode | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.url [@ = InternetShortcut] -- rundll32.exe shdocvw.dll,OpenURL %l
[HKEY_USERS\.DEFAULT\SOFTWARE\Classes\<extension>]
.exe [@ = exefile] -- "C:\Documents and Settings\NetworkService\Local Settings\Application Data\lfm.exe" -a "%1" %*
[HKEY_USERS\S-1-5-18\SOFTWARE\Classes\<extension>]
.exe [@ = exefile] -- "C:\Documents and Settings\NetworkService\Local Settings\Application Data\lfm.exe" -a "%1" %*
[HKEY_USERS\S-1-5-21-1409082233-1303643608-725345543-1003\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htafile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
InternetShortcut [open] -- rundll32.exe shdocvw.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [DirectoryAppearanceCreate] -- desktop.ini_create.cmd "%1\desktop.ini" "%1"
Directory [DirectoryAppearanceEdit] -- notepad.exe "%1\desktop.ini"
Directory [DirectoryAppearanceSet] -- attrib.exe "%1" +s (Microsoft Corporation)
Directory [DirectoryAppearanceUnset] -- attrib.exe "%1" -s (Microsoft Corporation)
Directory [Envoyer vers: ajouter ce dossier] -- SendToAdd.exe "%1" ()
Directory [Envoyer vers: supprimer ce dossier] -- SendToRemove.exe "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Find.Target] -- "explorer.exe" /select,"%1" (Microsoft Corporation)
Directory [Ouvrir une console ici] -- cmd.exe /k cd "%1" (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [SuperFinder] -- SuperFinder.exe "%1" (FSL)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"AntiVirusOverride" = 1
"FirewallOverride" = 1
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 4
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
"DisableNotifications" = 1
"DisableUnicastResponsesToMulticastBroadcast" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 1
"DisableUnicastResponsesToMulticastBroadcast" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet![:D]( ":D")
isabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet![:D]( ":D")
isabled:@xpsp2res.dll,-22008
"20376:TCP" = 20376:TCP:*:Enabled:spport
"13568:TCP" = 13568:TCP:*:Enabled:spport
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\VideoLAN\VLC\vlc.exe" = C:\Program Files\VideoLAN\VLC\vlc.exe:*:Enabled:VLC media player -- ()
"C:\Program Files\Google\Google SketchUp 7\LayOut\LayOut.exe" = C:\Program Files\Google\Google SketchUp 7\LayOut\LayOut.exe:*:Enabled:LayOut
"C:\Program Files\Google\Google SketchUp 7\SketchUp.exe" = C:\Program Files\Google\Google SketchUp 7\SketchUp.exe:*:Enabled:SketchUp Application
"C:\Program Files\Counter-Strike Source\hl2.exe" = C:\Program Files\Counter-Strike Source\hl2.exe:*![:D]( ":D")
isabled:hl2
"D:\Worms2\worms2.hbd.exe" = D:\Worms2\worms2.hbd.exe:*:Enabled:Worms 2 Frontend
"C:\Documents and Settings\Jimmy\Bureau\worms 2\worms2.hbd.exe" = C:\Documents and Settings\Jimmy\Bureau\worms 2\worms2.hbd.exe:*![:D]( ":D")
isabled:Worms 2 Frontend
"C:\Documents and Settings\Jimmy\Bureau\Nouveau dossier\worms2.hbd.exe" = C:\Documents and Settings\Jimmy\Bureau\Nouveau dossier\worms2.hbd.exe:*:Enabled:Worms 2 Frontend
"C:\Program Files\cacaoweb\cacaoweb.exe" = C:\Program Files\cacaoweb\cacaoweb.exe:*:Enabled:cacaoweb -- ()
"C:\Documents and Settings\Jimmy\Mes documents\Age of Empire II\empires2.exe" = C:\Documents and Settings\Jimmy\Mes documents\Age of Empire II\empires2.exe:*:Enabled:Age of Empires II -- (Microsoft Corporation)
"C:\Documents and Settings\Jimmy\Mes documents\Age of Empire II\age2_x1.exe" = C:\Documents and Settings\Jimmy\Mes documents\Age of Empire II\age2_x1.exe:*:Enabled:Age of Empires II Expansion -- (Microsoft Corporation)
"C:\Documents and Settings\Jimmy\Mes documents\Téléchargements\Counter-Strike v1.6\hl.exe" = C:\Documents and Settings\Jimmy\Mes documents\Téléchargements\Counter-Strike v1.6\hl.exe:*:Enabled:Half-Life Launcher
"C:\Documents and Settings\Jimmy\Local Settings\Temp\RarSFX0\hl.exe" = C:\Documents and Settings\Jimmy\Local Settings\Temp\RarSFX0\hl.exe:*:Enabled:Half-Life Launcher
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01501EBA-EC35-4F9F-8889-3BE346E5DA13}" = MSXML4 Parser
"{04AF207D-9A77-465A-8B76-991F6AB66245}" = Adobe Help Viewer CS3
"{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting
"{0E26E09B-6687-4A99-BD08-A9E705373029}_is1" = Vyzex Pocket POD 1.17
"{133742BA-6F46-4D3E-85AF-78631D9AD8B8}" = Installation Windows Live
"{14A487F2-1259-4E6C-AE3C-3C888DDBCB60}_is1" = Guitar Pro 6
"{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}" = Adobe WinSoft Linguistics Plugin
"{1D13221B-42DE-4B3C-A43F-0F6AF3CF3DA2}" = Client Windows Rights Management avec Service Pack 2
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F77C418-2C90-459C-BD33-B56A4182B9FA}" = System Requirements Lab CYRI
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Outil de téléchargement Windows Live
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{29E5EA97-5F74-4A57-B8B2-D4F169117183}" = Adobe Stock Photos CS3
"{2A697B53-0DE3-42DA-B41D-C3F804B1C538}" = iTunes
"{2A981294-F14C-4F0F-9627-D793270922F8}" = Bonjour
"{2DC94AFD-A6E2-4AB4-9132-4A3F8E07B386}" = Apple Application Support
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{3248F0A8-6813-11D6-A77B-00B0D0160000}" = Java(TM) SE Runtime Environment 6
"{350C940c-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{445B183D-F4F1-45C8-B9DB-F11355CA657B}" = Windows Live Messenger
"{46A5D1D1-8956-497C-92FB-59C44EFA6214}" = Safari
"{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6ABE0BEE-D572-4FE8-B434-9E72A289431B}" = Adobe Fonts All
"{6FE30813-AC60-40A3-BE53-F6713A1F3893}" = HP Wireless Assistant
"{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}" = Adobe Asset Services CS3
"{73B5D990-04EA-4751-B10F-5534770B91F2}" = Adobe Color EU Recommended Settings
"{802771A9-A856-4A41-ACF7-1450E523C923}" = Adobe XMP Panels CS3
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3
"{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}" = Adobe Type Support
"{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3
"{90AF040C-6000-11D3-8CFE-0150048383C9}" = Microsoft Office PowerPoint Viewer 2003
"{926DEB4E-2B0A-4C5C-AE4A-BF6C06949702}" = Adobe Setup
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3
"{a0fe116e-9a8a-466f-aee0-625cb7c207e3}" = Microsoft Visual C++ 2005 Redistributable - KB2467175
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}" = Adobe CMaps
"{A2D81E70-2A98-4A08-A628-94388B063C5E}" = Adobe Color - Photoshop Specific
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A7DB362E-16DC-4E29-8A34-E74381E00B5B}" = Adobe Shockwave Player
"{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}" = PDF Settings
"{B3B487E7-6171-4376-9074-B28082CEB504}" = Windows Live Call
"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0
"{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}" = Adobe Default Language CS3
"{BF794769-8875-4E01-B7BE-E00104604F4A}" = Adobe Photoshop CS3
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}" = Adobe ExtendScript Toolkit 2
"{CACAEB5F-174D-4C7C-AC56-A33289A807CA}" = Apple Mobile Device Support
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CD97C166-020E-415A-98D2-2D89DD9D68F0}" = Mise à jour de logiciel pour les Dossiers Web
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client
"{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}" = Adobe PDF Library Files
"{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}" = Adobe Color Common Settings
"{DCE8CD14-FBF5-4464-B9A4-E18E473546C7}" = Assistant de connexion Windows Live
"{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}" = Adobe Color JA Extra Settings
"{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F196AC50-7C95-42E1-9947-BDAB18BF3C8C}" = Microsoft .NET Framework 2.0 Language Pack - FRA
"{FF29A7E2-FF40-4D07-B7E4-2093DE59E10A}" = Adobe Color NA Extra Settings
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe_32e9033392a51340b32fdc6ad893ab7" = Adobe Photoshop CS3
"ASIO4ALL" = ASIO4ALL
"AsUninst.exe" = Anvil Studio
"Audacity_is1" = Audacity 1.2.6
"avast!" = avast! Antivirus
"Broadcom 802.11b Network Adapter" = Broadcom 802.11 Wireless LAN Adapter
"CNXT_HDAUDIO" = Conexant HD Audio
"CNXT_MODEM_PCI_VEN_14F1&DEV_5045_at8ven5m" = Soft Data Fax Modem with SmartCP
"Drumaxx" = Drumaxx
"FL Studio 9" = FL Studio 9
"Guitar Pro 5_is1" = Guitar Pro 5.0
"Hardcore" = Hardcore
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"ie8" = Windows Internet Explorer 8
"IL Download Manager" = IL Download Manager
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 2.0 Language Pack - FRA" = Module de prise en charge linguistique de Microsoft .NET Framework 2.0 - FRA
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox 4.0.1 (x86 fr)" = Mozilla Firefox 4.0.1 (x86 fr)
"OpenAL" = OpenAL
"Pen Tablet Driver" = Pen Tablet
"PoiZone" = PoiZone
"PowerShell" = Windows PowerShell(TM) 1.0
"PROSet" = Intel(R) PRO Network Connections Drivers
"Sakura" = Sakura
"Sawer" = Sawer
"Toxic Biohazard" = Toxic Biohazard
"VLC media player" = VLC media player 1.0.3
"WIC" = Windows Imaging Component
"Windows XP Service" = Windows XP Service Pack 3
"WinLiveSuite_Wave3" = Installation Windows Live
"WinPcapInst" = WinPcap 4.1.1
"WinRAR archiver" = Logiciel d'archivage WinRAR
"WMV9_VCM" = Microsoft Windows Media Video 9 VCM
"Wondershare Streaming Audio Recorder_is1" = Wondershare Streaming Audio Recorder(Build 1.0.6.0)
"ZOOM G Series Audio Driver" = ZOOM G Series Audio Driver
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-1409082233-1303643608-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Facebook Plug-In" = Facebook Plug-In
========== Last 10 Event Log Errors ==========
Error: Unable to start EventLog service!
< End of report >
OTL Extras logfile created on: 24/06/2011 07:41:21 - Run 1
OTL by OldTimer - Version 3.2.24.1 Folder = E:\
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy
1,99 Gb Total Physical Memory | 1,76 Gb Available Physical Memory | 88,25% Memory free
3,84 Gb Paging File | 3,78 Gb Available in Paging File | 98,51% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 102,60 Gb Total Space | 35,14 Gb Free Space | 34,25% Space Free | Partition Type: NTFS
Drive E: | 976,59 Mb Total Space | 454,72 Mb Free Space | 46,56% Space Free | Partition Type: FAT
Computer Name: PC-PORTABLE | User Name: Jimmy | Logged in as Administrator.
Boot Mode: SafeMode | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.url [@ = InternetShortcut] -- rundll32.exe shdocvw.dll,OpenURL %l
[HKEY_USERS\.DEFAULT\SOFTWARE\Classes\<extension>]
.exe [@ = exefile] -- "C:\Documents and Settings\NetworkService\Local Settings\Application Data\lfm.exe" -a "%1" %*
[HKEY_USERS\S-1-5-18\SOFTWARE\Classes\<extension>]
.exe [@ = exefile] -- "C:\Documents and Settings\NetworkService\Local Settings\Application Data\lfm.exe" -a "%1" %*
[HKEY_USERS\S-1-5-21-1409082233-1303643608-725345543-1003\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htafile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
InternetShortcut [open] -- rundll32.exe shdocvw.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [DirectoryAppearanceCreate] -- desktop.ini_create.cmd "%1\desktop.ini" "%1"
Directory [DirectoryAppearanceEdit] -- notepad.exe "%1\desktop.ini"
Directory [DirectoryAppearanceSet] -- attrib.exe "%1" +s (Microsoft Corporation)
Directory [DirectoryAppearanceUnset] -- attrib.exe "%1" -s (Microsoft Corporation)
Directory [Envoyer vers: ajouter ce dossier] -- SendToAdd.exe "%1" ()
Directory [Envoyer vers: supprimer ce dossier] -- SendToRemove.exe "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Find.Target] -- "explorer.exe" /select,"%1" (Microsoft Corporation)
Directory [Ouvrir une console ici] -- cmd.exe /k cd "%1" (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [SuperFinder] -- SuperFinder.exe "%1" (FSL)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"AntiVirusOverride" = 1
"FirewallOverride" = 1
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 4
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
"DisableNotifications" = 1
"DisableUnicastResponsesToMulticastBroadcast" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 1
"DisableUnicastResponsesToMulticastBroadcast" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet
isabled:@xpsp2res.dll,-22007"2869:TCP" = 2869:TCP:LocalSubNet
isabled:@xpsp2res.dll,-22008"20376:TCP" = 20376:TCP:*:Enabled:spport
"13568:TCP" = 13568:TCP:*:Enabled:spport
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\VideoLAN\VLC\vlc.exe" = C:\Program Files\VideoLAN\VLC\vlc.exe:*:Enabled:VLC media player -- ()
"C:\Program Files\Google\Google SketchUp 7\LayOut\LayOut.exe" = C:\Program Files\Google\Google SketchUp 7\LayOut\LayOut.exe:*:Enabled:LayOut
"C:\Program Files\Google\Google SketchUp 7\SketchUp.exe" = C:\Program Files\Google\Google SketchUp 7\SketchUp.exe:*:Enabled:SketchUp Application
"C:\Program Files\Counter-Strike Source\hl2.exe" = C:\Program Files\Counter-Strike Source\hl2.exe:*
isabled:hl2"D:\Worms2\worms2.hbd.exe" = D:\Worms2\worms2.hbd.exe:*:Enabled:Worms 2 Frontend
"C:\Documents and Settings\Jimmy\Bureau\worms 2\worms2.hbd.exe" = C:\Documents and Settings\Jimmy\Bureau\worms 2\worms2.hbd.exe:*
isabled:Worms 2 Frontend"C:\Documents and Settings\Jimmy\Bureau\Nouveau dossier\worms2.hbd.exe" = C:\Documents and Settings\Jimmy\Bureau\Nouveau dossier\worms2.hbd.exe:*:Enabled:Worms 2 Frontend
"C:\Program Files\cacaoweb\cacaoweb.exe" = C:\Program Files\cacaoweb\cacaoweb.exe:*:Enabled:cacaoweb -- ()
"C:\Documents and Settings\Jimmy\Mes documents\Age of Empire II\empires2.exe" = C:\Documents and Settings\Jimmy\Mes documents\Age of Empire II\empires2.exe:*:Enabled:Age of Empires II -- (Microsoft Corporation)
"C:\Documents and Settings\Jimmy\Mes documents\Age of Empire II\age2_x1.exe" = C:\Documents and Settings\Jimmy\Mes documents\Age of Empire II\age2_x1.exe:*:Enabled:Age of Empires II Expansion -- (Microsoft Corporation)
"C:\Documents and Settings\Jimmy\Mes documents\Téléchargements\Counter-Strike v1.6\hl.exe" = C:\Documents and Settings\Jimmy\Mes documents\Téléchargements\Counter-Strike v1.6\hl.exe:*:Enabled:Half-Life Launcher
"C:\Documents and Settings\Jimmy\Local Settings\Temp\RarSFX0\hl.exe" = C:\Documents and Settings\Jimmy\Local Settings\Temp\RarSFX0\hl.exe:*:Enabled:Half-Life Launcher
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01501EBA-EC35-4F9F-8889-3BE346E5DA13}" = MSXML4 Parser
"{04AF207D-9A77-465A-8B76-991F6AB66245}" = Adobe Help Viewer CS3
"{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting
"{0E26E09B-6687-4A99-BD08-A9E705373029}_is1" = Vyzex Pocket POD 1.17
"{133742BA-6F46-4D3E-85AF-78631D9AD8B8}" = Installation Windows Live
"{14A487F2-1259-4E6C-AE3C-3C888DDBCB60}_is1" = Guitar Pro 6
"{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}" = Adobe WinSoft Linguistics Plugin
"{1D13221B-42DE-4B3C-A43F-0F6AF3CF3DA2}" = Client Windows Rights Management avec Service Pack 2
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F77C418-2C90-459C-BD33-B56A4182B9FA}" = System Requirements Lab CYRI
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Outil de téléchargement Windows Live
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{29E5EA97-5F74-4A57-B8B2-D4F169117183}" = Adobe Stock Photos CS3
"{2A697B53-0DE3-42DA-B41D-C3F804B1C538}" = iTunes
"{2A981294-F14C-4F0F-9627-D793270922F8}" = Bonjour
"{2DC94AFD-A6E2-4AB4-9132-4A3F8E07B386}" = Apple Application Support
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{3248F0A8-6813-11D6-A77B-00B0D0160000}" = Java(TM) SE Runtime Environment 6
"{350C940c-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{445B183D-F4F1-45C8-B9DB-F11355CA657B}" = Windows Live Messenger
"{46A5D1D1-8956-497C-92FB-59C44EFA6214}" = Safari
"{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6ABE0BEE-D572-4FE8-B434-9E72A289431B}" = Adobe Fonts All
"{6FE30813-AC60-40A3-BE53-F6713A1F3893}" = HP Wireless Assistant
"{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}" = Adobe Asset Services CS3
"{73B5D990-04EA-4751-B10F-5534770B91F2}" = Adobe Color EU Recommended Settings
"{802771A9-A856-4A41-ACF7-1450E523C923}" = Adobe XMP Panels CS3
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3
"{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}" = Adobe Type Support
"{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3
"{90AF040C-6000-11D3-8CFE-0150048383C9}" = Microsoft Office PowerPoint Viewer 2003
"{926DEB4E-2B0A-4C5C-AE4A-BF6C06949702}" = Adobe Setup
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3
"{a0fe116e-9a8a-466f-aee0-625cb7c207e3}" = Microsoft Visual C++ 2005 Redistributable - KB2467175
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}" = Adobe CMaps
"{A2D81E70-2A98-4A08-A628-94388B063C5E}" = Adobe Color - Photoshop Specific
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A7DB362E-16DC-4E29-8A34-E74381E00B5B}" = Adobe Shockwave Player
"{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}" = PDF Settings
"{B3B487E7-6171-4376-9074-B28082CEB504}" = Windows Live Call
"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0
"{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}" = Adobe Default Language CS3
"{BF794769-8875-4E01-B7BE-E00104604F4A}" = Adobe Photoshop CS3
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}" = Adobe ExtendScript Toolkit 2
"{CACAEB5F-174D-4C7C-AC56-A33289A807CA}" = Apple Mobile Device Support
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CD97C166-020E-415A-98D2-2D89DD9D68F0}" = Mise à jour de logiciel pour les Dossiers Web
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client
"{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}" = Adobe PDF Library Files
"{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}" = Adobe Color Common Settings
"{DCE8CD14-FBF5-4464-B9A4-E18E473546C7}" = Assistant de connexion Windows Live
"{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}" = Adobe Color JA Extra Settings
"{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F196AC50-7C95-42E1-9947-BDAB18BF3C8C}" = Microsoft .NET Framework 2.0 Language Pack - FRA
"{FF29A7E2-FF40-4D07-B7E4-2093DE59E10A}" = Adobe Color NA Extra Settings
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe_32e9033392a51340b32fdc6ad893ab7" = Adobe Photoshop CS3
"ASIO4ALL" = ASIO4ALL
"AsUninst.exe" = Anvil Studio
"Audacity_is1" = Audacity 1.2.6
"avast!" = avast! Antivirus
"Broadcom 802.11b Network Adapter" = Broadcom 802.11 Wireless LAN Adapter
"CNXT_HDAUDIO" = Conexant HD Audio
"CNXT_MODEM_PCI_VEN_14F1&DEV_5045_at8ven5m" = Soft Data Fax Modem with SmartCP
"Drumaxx" = Drumaxx
"FL Studio 9" = FL Studio 9
"Guitar Pro 5_is1" = Guitar Pro 5.0
"Hardcore" = Hardcore
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"ie8" = Windows Internet Explorer 8
"IL Download Manager" = IL Download Manager
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 2.0 Language Pack - FRA" = Module de prise en charge linguistique de Microsoft .NET Framework 2.0 - FRA
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox 4.0.1 (x86 fr)" = Mozilla Firefox 4.0.1 (x86 fr)
"OpenAL" = OpenAL
"Pen Tablet Driver" = Pen Tablet
"PoiZone" = PoiZone
"PowerShell" = Windows PowerShell(TM) 1.0
"PROSet" = Intel(R) PRO Network Connections Drivers
"Sakura" = Sakura
"Sawer" = Sawer
"Toxic Biohazard" = Toxic Biohazard
"VLC media player" = VLC media player 1.0.3
"WIC" = Windows Imaging Component
"Windows XP Service" = Windows XP Service Pack 3
"WinLiveSuite_Wave3" = Installation Windows Live
"WinPcapInst" = WinPcap 4.1.1
"WinRAR archiver" = Logiciel d'archivage WinRAR
"WMV9_VCM" = Microsoft Windows Media Video 9 VCM
"Wondershare Streaming Audio Recorder_is1" = Wondershare Streaming Audio Recorder(Build 1.0.6.0)
"ZOOM G Series Audio Driver" = ZOOM G Series Audio Driver
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-1409082233-1303643608-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Facebook Plug-In" = Facebook Plug-In
========== Last 10 Event Log Errors ==========
Error: Unable to start EventLog service!
< End of report >
Le rapport OTL :
OTL logfile created on: 24/06/2011 07:41:21 - Run 1
OTL by OldTimer - Version 3.2.24.1 Folder = E:\
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy
1,99 Gb Total Physical Memory | 1,76 Gb Available Physical Memory | 88,25% Memory free
3,84 Gb Paging File | 3,78 Gb Available in Paging File | 98,51% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 102,60 Gb Total Space | 35,14 Gb Free Space | 34,25% Space Free | Partition Type: NTFS
Drive E: | 976,59 Mb Total Space | 454,72 Mb Free Space | 46,56% Space Free | Partition Type: FAT
Computer Name: PC-PORTABLE | User Name: Jimmy | Logged in as Administrator.
Boot Mode: SafeMode | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2011/06/22 01:35:54 | 000,579,072 | ---- | M] (OldTimer Tools) -- E:\OTL.exe
PRC - [2008/04/14 04:34:03 | 001,037,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
========== Modules (SafeList) ==========
MOD - [2011/06/22 01:35:54 | 000,579,072 | ---- | M] (OldTimer Tools) -- E:\OTL.exe
MOD - [2010/08/23 18:12:39 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
========== Win32 Services (SafeList) ==========
========== Driver Services (SafeList) ==========
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.fr/ie
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1409082233-1303643608-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.fr
IE - HKU\S-1-5-21-1409082233-1303643608-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
IE - HKU\S-1-5-21-1409082233-1303643608-725345543-1003\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - File not found
IE - HKU\S-1-5-21-1409082233-1303643608-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1409082233-1303643608-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Ask.com"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "Ask.com"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.google.fr/"
FF - prefs.js..extensions.enabledItems: cacaoweb@cacaoweb.org:1.0.11
FF - prefs.js..keyword.URL: "http://www.google.com/search?ie=UTF-8&oe=UTF-8&sourceid..."
FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/05/06 22:12:06 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/06/02 21:39:12 | 000,000,000 | ---D | M]
[2010/01/25 22:36:09 | 000,000,000 | -H-D | M] (No name found) -- C:\Documents and Settings\Jimmy\Application Data\Mozilla\Extensions
[2010/01/25 22:36:09 | 000,000,000 | -H-D | M] (No name found) -- C:\Documents and Settings\Jimmy\Application Data\Mozilla\Extensions\mozswing@mozswing.org
[2011/05/06 22:12:13 | 000,000,000 | -H-D | M] (No name found) -- C:\Documents and Settings\Jimmy\Application Data\Mozilla\Firefox\Profiles\cayvyl3n.default\extensions
[2010/04/27 16:07:07 | 000,000,000 | -H-D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Jimmy\Application Data\Mozilla\Firefox\Profiles\cayvyl3n.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011/03/03 15:34:42 | 000,000,000 | -H-D | M] (cacaoweb) -- C:\Documents and Settings\Jimmy\Application Data\Mozilla\Firefox\Profiles\cayvyl3n.default\extensions\cacaoweb@cacaoweb.org
[2010/06/20 03:26:44 | 000,001,589 | -H-- | M] () -- C:\Documents and Settings\Jimmy\Application Data\Mozilla\Firefox\Profiles\cayvyl3n.default\searchplugins\web-search.xml
[2011/06/02 22:03:03 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
File not found (No name found) --
[2011/05/06 22:11:59 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\browsercomps.dll
[2011/06/02 21:38:57 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2011/05/06 22:12:02 | 000,001,516 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazon-france.xml
[2011/05/06 22:12:02 | 000,002,252 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\bing.xml
[2011/05/06 22:12:02 | 000,001,822 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\cnrtl-tlfi-fr.xml
[2011/05/06 22:12:02 | 000,001,154 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-france.xml
[2011/05/06 22:12:02 | 000,001,426 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-fr.xml
[2011/05/06 22:12:02 | 000,000,956 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-france.xml
O1 HOSTS File: ([2011/06/11 18:49:34 | 000,000,000 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Programme d'aide de l'Assistant de connexion Windows Live) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (VDownloader Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - File not found
O3 - HKLM\..\Toolbar: (VDownloader Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - File not found
O3 - HKU\S-1-5-21-1409082233-1303643608-725345543-1003\..\Toolbar\ShellBrowser: (no name) - {4ADFE869-0C09-4F41-AD79-A8F1CFA201E8} - No CLSID value found.
O3 - HKU\S-1-5-21-1409082233-1303643608-725345543-1003\..\Toolbar\WebBrowser: (VDownloader Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - File not found
O4 - HKLM..\Run: [avast!] C:\Program Files\Alwil Software\Avast4\ashDisp.exe (ALWIL Software)
O4 - HKLM..\Run: [High Definition Audio Property Page Shortcut] C:\WINDOWS\System32\CHDAudPropShortcut.exe (Windows (R) Server 2003 DDK provider)
O4 - HKLM..\Run: [SpyHunter Security Suite] File not found
O4 - HKU\.DEFAULT..\Run: [JtSWvJfiQpeA] C:\Documents and Settings\All Users\Application Data\JtSWvJfiQpeA.exe (Sysinternals)
O4 - HKU\S-1-5-18..\Run: [JtSWvJfiQpeA] C:\Documents and Settings\All Users\Application Data\JtSWvJfiQpeA.exe (Sysinternals)
O4 - HKU\S-1-5-21-1409082233-1303643608-725345543-1003..\Run: [cacaoweb] C:\Program Files\cacaoweb\cacaoweb.exe ()
O4 - Startup: C:\Documents and Settings\Jimmy\Menu Démarrer\Programmes\Démarrage\IcoSauve.lnk = C:\WINDOWS\system32\IcoSauve.exe (Pierre TORRIS)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRemoteRecursiveEvents = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSimpleStartMenu = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SynchronousMachineGroupPolicy = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SynchronousUserGroupPolicy = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 1
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Recovery present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktop = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 1
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Recovery present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktop = 1
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 1
O7 - HKU\S-1-5-21-1409082233-1303643608-725345543-1003\Software\Policies\Microsoft\Internet Explorer\Recovery present
O7 - HKU\S-1-5-21-1409082233-1303643608-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1409082233-1303643608-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoStrCmpLogical = 0
O7 - HKU\S-1-5-21-1409082233-1303643608-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSaveSettings = 0
O7 - HKU\S-1-5-21-1409082233-1303643608-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoTrayItemsDisplay = 0
O7 - HKU\S-1-5-21-1409082233-1303643608-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoToolbarsOnTaskbar = 0
O7 - HKU\S-1-5-21-1409082233-1303643608-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LockTaskbar = 0
O7 - HKU\S-1-5-21-1409082233-1303643608-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 0
O7 - HKU\S-1-5-21-1409082233-1303643608-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 0
O7 - HKU\S-1-5-21-1409082233-1303643608-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoNetworkConnections = 0
O7 - HKU\S-1-5-21-1409082233-1303643608-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 0
O7 - HKU\S-1-5-21-1409082233-1303643608-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFind = 0
O7 - HKU\S-1-5-21-1409082233-1303643608-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMMyPictures = 0
O7 - HKU\S-1-5-21-1409082233-1303643608-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoUserNameInStartMenu = 0
O7 - HKU\S-1-5-21-1409082233-1303643608-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoStartMenuMorePrograms = 0
O7 - HKU\S-1-5-21-1409082233-1303643608-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: MaxRecentDocs = 15
O7 - HKU\S-1-5-21-1409082233-1303643608-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 1
O7 - HKU\S-1-5-21-1409082233-1303643608-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: MemCheckBoxInRunDlg = 1
O7 - HKU\S-1-5-21-1409082233-1303643608-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMBalloonTip = 0
O7 - HKU\S-1-5-21-1409082233-1303643608-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: DisallowCpl = 1
O9 - Extra 'Tools' menuitem : Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\npjpi160.dll (Sun Microsystems, Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} http://messenger.zone.msn.com/MessengerGamesContent/Gam... (UnoCtrl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0-windows... (Java Plug-in 1.6.0)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zone.msn.com/binary/MessengerStatsPACl... (MessengerStatsClient Class)
O16 - DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0-windows... (Java Plug-in 1.6.0)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0-windows... (Java Plug-in 1.6.0)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/fl... (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 212.27.40.240 212.27.40.241
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\WgaLogon: DllName - WgaLogon.dll - File not found
O24 - Desktop Components:0 (Ma page d'accueil) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Jimmy\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Jimmy\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011/06/11 18:49:34 | 000,000,000 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{070f9dfa-ed83-11de-bbd2-b0ee25d73315}\Shell\AutoRun\command - "" = E:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\isee.exe
O33 - MountPoints2\{070f9dfa-ed83-11de-bbd2-b0ee25d73315}\Shell\open\command - "" = E:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\isee.exe
O33 - MountPoints2\{0a82784a-31f4-11e0-bd81-0018de0ab3f9}\Shell - "" = AutoRun
O33 - MountPoints2\{0a82784a-31f4-11e0-bd81-0018de0ab3f9}\Shell\AutoRun\command - "" = E:\Vodaphone_uninstaller.exe
O33 - MountPoints2\{e78ecccc-1cd3-11e0-bd56-0018de0ab3f9}\Shell - "" = AutoRun
O33 - MountPoints2\{e78ecccc-1cd3-11e0-bd56-0018de0ab3f9}\Shell\AutoRun\command - "" = E:\Vodaphone_uninstaller.exe
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O35 - HKU\S-1-5-21-1409082233-1303643608-725345543-1003..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKU\.DEFAULT\...exe [@ = exefile] -- "C:\Documents and Settings\NetworkService\Local Settings\Application Data\lfm.exe" -a "%1" %*
O37 - HKU\S-1-5-18\...exe [@ = exefile] -- "C:\Documents and Settings\NetworkService\Local Settings\Application Data\lfm.exe" -a "%1" %*
O37 - HKU\S-1-5-21-1409082233-1303643608-725345543-1003\...exe [@ = exefile] -- "%1" %*
NetSvcs: 6to4 - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: msacm.vorbis - C:\WINDOWS\System32\vorbis.acm (HMS http://hp.vector.co.jp/authors/VA012897/)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: VIDC.WMV3 - C:\WINDOWS\System32\wmv9vcm.dll (Microsoft Corporation)
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Rendu VML (Vector Graphics Rendering)
ActiveX: {166B1BCA-3F9C-11CF-8075-444553540000} - Adobe Shockwave Director 10.1
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4
ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation
ActiveX: {2A202491-F00D-11cf-87CC-0020AFEECF20} - Adobe Shockwave Director 10.1
ActiveX: {2A3320D6-C805-4280-B423-B665BDE33D8F} - Microsoft .NET Framework 1.1 Security Update (KB979906)
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {2F6EFCE6-10DF-49F9-9E64-9AE3775B2588} - Microsoft .NET Framework 1.1 Security Update (KB2416447)
ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Liaison de données Dynamic HTML pour Java
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe
ActiveX: {411EDCF7-755D-414E-A74B-3DCD6583F589} - Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)
ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Création avancée
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP![:o]( ":o")
E /CALLER:WINNT /user /install
ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - Classes Java DirectAnimation
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.8
ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser
ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7131646D-CD3C-40F4-97B9-CD9E4E6262EF} - .NET Framework
ActiveX: {73fa19d0-2d75-11d2-995d-00c04f98bbc9} - Web Folders
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - c:\WINDOWS\system32\Rundll32.exe c:\WINDOWS\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {9A394342-4A68-4EBA-85A6-55B559F4E700} - .NET Framework
ActiveX: {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} - .NET Framework
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework
ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Planificateur de tâches
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.0
ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {F196AC50-7C95-42E1-9947-BDAB18BF3C8C} - .NET Framework
ActiveX: <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exe
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\WINDOWS\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE
ActiveX: Microsoft Base Smart Card Crypto Provider Package -
========== Files/Folders - Created Within 30 Days ==========
[2011/06/17 19:08:08 | 000,000,000 | ---D | C] -- C:\Windows XP Repair
[2011/06/17 19:07:57 | 000,374,784 | ---- | C] (Sysinternals) -- C:\Documents and Settings\All Users\Application Data\24698660.exe
[2011/06/17 18:58:50 | 000,462,848 | -H-- | C] (Sysinternals) -- C:\Documents and Settings\All Users\Application Data\JtSWvJfiQpeA.exe
[2011/06/11 20:29:39 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Jimmy\Application Data\Malwarebytes
[2011/06/11 20:29:22 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Malwarebytes' Anti-Malware
[2011/06/11 20:29:19 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2011/06/11 20:29:18 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2011/06/11 20:29:17 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011/06/11 20:10:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Identities
[2011/06/11 19:14:39 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2011/06/11 18:49:12 | 000,000,000 | ---D | C] -- C:\Program Files\Enigma Software Group
[2011/06/11 18:48:52 | 000,000,000 | ---D | C] -- C:\Program Files\Fichiers communs\Wise Installation Wizard
[2011/06/10 17:59:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Sun
[2011/06/09 16:41:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Macromedia
[2011/06/05 01:53:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Adobe
[2011/06/04 19:29:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Macromedia
[2011/06/04 19:29:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Adobe
[2011/06/02 21:40:11 | 000,000,000 | ---D | C] -- C:\Program Files\SystemRequirementsLab
[2011/06/02 21:40:06 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Jimmy\Application Data\SystemRequirementsLab
[2011/06/02 21:39:31 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Application Data\Sun
[2011/06/02 21:39:12 | 000,472,808 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deployJava1.dll
[2011/06/02 21:39:12 | 000,139,264 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2011/06/02 21:39:12 | 000,135,168 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2011/06/02 21:39:12 | 000,135,168 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2011/05/27 14:43:24 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Jimmy\Application Data\GetRightToGo
[2011/05/27 13:22:18 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Jimmy\Local Settings\Application Data\DOSBox
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[176 C:\WINDOWS\System32\dllcache\*.tmp files -> C:\WINDOWS\System32\dllcache\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2011/06/24 07:19:16 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/06/24 07:16:07 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/06/21 22:06:17 | 000,048,640 | -H-- | M] () -- C:\Documents and Settings\Jimmy\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/06/17 19:08:09 | 000,000,703 | ---- | M] () -- C:\Windows XP Repair.lnk
[2011/06/17 19:08:09 | 000,000,176 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\~24698660
[2011/06/17 19:08:09 | 000,000,152 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\~24698660r
[2011/06/17 19:08:05 | 000,000,344 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\24698660
[2011/06/17 19:07:57 | 000,374,784 | ---- | M] (Sysinternals) -- C:\Documents and Settings\All Users\Application Data\24698660.exe
[2011/06/17 18:58:49 | 000,462,848 | -H-- | M] (Sysinternals) -- C:\Documents and Settings\All Users\Application Data\JtSWvJfiQpeA.exe
[2011/06/17 08:03:59 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011/06/13 16:19:47 | 000,404,640 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2011/06/11 20:35:25 | 000,018,100 | -HS- | M] () -- C:\Documents and Settings\Jimmy\Local Settings\Application Data\e1i8cp645hqv0g03h401
[2011/06/11 20:35:25 | 000,018,100 | -HS- | M] () -- C:\Documents and Settings\All Users\Application Data\e1i8cp645hqv0g03h401
[2011/06/11 18:49:34 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2011/06/11 18:49:34 | 000,000,000 | ---- | M] () -- C:\autoexec.bat
[2011/06/11 18:29:54 | 000,002,160 | -HS- | M] () -- C:\Documents and Settings\Jimmy\Local Settings\Application Data\3842150890
[2011/06/11 18:29:54 | 000,002,160 | -HS- | M] () -- C:\Documents and Settings\All Users\Application Data\1874102850
[2011/06/11 18:29:48 | 000,002,124 | -HS- | M] () -- C:\Documents and Settings\All Users\Application Data\3842150890
[2011/06/04 19:12:58 | 000,000,000 | -H-- | M] () -- C:\Documents and Settings\Jimmy\Application Data\chrtmp
[2011/06/02 21:38:54 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deployJava1.dll
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[176 C:\WINDOWS\System32\dllcache\*.tmp files -> C:\WINDOWS\System32\dllcache\*.tmp -> ]
========== Files Created - No Company Name ==========
[2011/06/17 19:08:09 | 000,000,703 | ---- | C] () -- C:\Windows XP Repair.lnk
[2011/06/17 19:08:09 | 000,000,176 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\~24698660
[2011/06/17 19:08:09 | 000,000,152 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\~24698660r
[2011/06/17 19:08:05 | 000,000,344 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\24698660
[2011/06/11 18:49:34 | 000,000,000 | ---- | C] () -- C:\autoexec.bat
[2011/06/11 18:29:28 | 000,002,160 | -HS- | C] () -- C:\Documents and Settings\Jimmy\Local Settings\Application Data\3842150890
[2011/06/11 18:29:28 | 000,002,160 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\1874102850
[2011/06/11 18:29:27 | 000,018,100 | -HS- | C] () -- C:\Documents and Settings\Jimmy\Local Settings\Application Data\e1i8cp645hqv0g03h401
[2011/06/11 18:29:27 | 000,002,124 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\3842150890
[2011/06/11 18:27:54 | 000,018,100 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\e1i8cp645hqv0g03h401
[2011/06/11 18:27:54 | 000,002,116 | -HS- | C] () -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\e1i8cp645hqv0g03h401
[2011/06/05 00:59:59 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011/06/04 19:12:58 | 000,000,000 | -H-- | C] () -- C:\Documents and Settings\Jimmy\Application Data\chrtmp
[2011/03/03 06:11:56 | 000,002,272 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2010/05/24 00:00:12 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2010/02/26 04:07:23 | 000,005,382 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2010/01/27 04:09:02 | 000,053,299 | ---- | C] () -- C:\WINDOWS\System32\pthreadVC.dll
[2010/01/18 22:53:10 | 000,048,640 | -H-- | C] () -- C:\Documents and Settings\Jimmy\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/01/08 02:29:29 | 000,011,956 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2010/01/04 22:05:24 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2009/12/20 18:26:12 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4670.dll
[2009/12/20 18:17:11 | 000,004,205 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2009/12/20 18:15:08 | 001,408,744 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009/12/20 18:04:07 | 000,000,128 | -H-- | C] () -- C:\Documents and Settings\Jimmy\Local Settings\Application Data\fusioncache.dat
[2009/12/20 17:58:52 | 002,111,096 | ---- | C] () -- C:\WINDOWS\System32\NPSWF32.dll
[2009/12/20 17:46:45 | 000,591,552 | ---- | C] () -- C:\WINDOWS\System32\Ntest.exe
[2009/12/20 17:46:45 | 000,069,120 | ---- | C] () -- C:\WINDOWS\System32\TransBar.exe
[2009/12/20 17:46:45 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\SMPSeesaw.exe
[2009/12/20 17:46:45 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\SendToRemove.exe
[2009/12/20 17:46:45 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\SendToAdd.exe
[2009/12/20 17:46:45 | 000,032,610 | ---- | C] () -- C:\WINDOWS\System32\Refresh.exe
[2009/12/20 17:46:44 | 000,742,912 | ---- | C] () -- C:\WINDOWS\System32\deadlink.exe
[2009/12/20 17:46:44 | 000,079,872 | ---- | C] () -- C:\WINDOWS\System32\Enregistrer sous Editeur.exe
[2009/12/20 17:46:44 | 000,005,120 | ---- | C] () -- C:\WINDOWS\System32\Enregistrer sous Test.exe
[2009/12/20 17:46:43 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\Aide.exe
[2009/12/20 17:46:18 | 000,002,844 | ---- | C] () -- C:\WINDOWS\System32\faview_lng.ini
[2009/12/20 17:46:18 | 000,002,588 | ---- | C] () -- C:\WINDOWS\System32\shman_lng.ini
[2009/12/20 17:46:18 | 000,002,323 | ---- | C] () -- C:\WINDOWS\System32\Starter.ini
[2009/12/20 17:46:18 | 000,001,725 | ---- | C] () -- C:\WINDOWS\System32\WinAudit.ini
[2009/12/20 17:46:18 | 000,001,239 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2009/12/20 17:46:18 | 000,000,047 | ---- | C] () -- C:\WINDOWS\System32\TransBar.ini
[2009/12/20 17:31:19 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2009/12/20 17:23:40 | 000,021,892 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2008/08/11 11:02:00 | 000,047,616 | ---- | C] () -- C:\WINDOWS\System32\zmghpaso.dll
[2008/08/11 11:01:58 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\zmghpaudcp.exe
[2006/07/23 20:13:33 | 000,031,232 | ---- | C] () -- C:\WINDOWS\System32\cmdow.exe
[2006/07/05 23:52:10 | 000,476,672 | ---- | C] () -- C:\WINDOWS\System32\7za442.exe
[2005/09/02 02:53:02 | 000,126,976 | ---- | C] () -- C:\WINDOWS\System32\sleep.exe
[2004/08/19 19:23:25 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2004/08/02 17:20:39 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2002/09/06 22:59:59 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2002/09/06 22:59:59 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2002/09/06 22:59:59 | 000,510,546 | ---- | C] () -- C:\WINDOWS\System32\perfh00C.dat
[2002/09/06 22:59:59 | 000,441,036 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2002/09/06 22:59:59 | 000,322,810 | ---- | C] () -- C:\WINDOWS\System32\perfi00C.dat
[2002/09/06 22:59:59 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2002/09/06 22:59:59 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2002/09/06 22:59:59 | 000,085,412 | ---- | C] () -- C:\WINDOWS\System32\perfc00C.dat
[2002/09/06 22:59:59 | 000,071,354 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2002/09/06 22:59:59 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2002/09/06 22:59:59 | 000,034,108 | ---- | C] () -- C:\WINDOWS\System32\perfd00C.dat
[2002/09/06 22:59:59 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2002/09/06 22:59:59 | 000,004,463 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2002/09/06 22:59:59 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2002/06/06 03:01:58 | 000,029,696 | ---- | C] () -- C:\WINDOWS\System32\asutl8.dll
========== Custom Scans ==========
< %SYSTEMDRIVE%\*.exe >
< %ALLUSERSPROFILE%\Application Data\*. >
[2011/06/11 20:52:40 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Adobe
[2011/01/03 03:20:01 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Alwil Software
[2010/01/04 22:45:00 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Apple
[2010/01/04 22:43:53 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Apple Computer
[2010/02/21 01:40:45 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Lite
[2010/02/21 18:01:02 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\DFX
[2010/03/09 01:27:25 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\EarMaster
[2010/03/24 04:21:47 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\FLEXnet
[2011/02/24 02:58:13 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Guitar Pro 6
[2011/06/11 20:29:18 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2010/01/05 15:07:31 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\McAfee
[2010/01/05 15:06:38 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\McAfee Security Scan
[2010/03/09 16:13:33 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Microsoft
[2010/01/06 15:24:34 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\NOS
[2010/02/26 00:23:34 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Psicraft
[2010/01/05 15:50:19 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Soulseek
[2010/03/18 03:10:57 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Steinberg
[2011/06/02 21:39:31 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Sun
[2010/01/06 20:45:45 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
[2011/04/13 18:45:18 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2010/01/04 22:44:18 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
[2011/06/17 19:07:57 | 000,374,784 | ---- | M] (Sysinternals) -- C:\Documents and Settings\All Users\Application Data\24698660.exe
[2011/06/17 18:58:49 | 000,462,848 | -H-- | M] (Sysinternals) -- C:\Documents and Settings\All Users\Application Data\JtSWvJfiQpeA.exe
[2009/02/04 13:56:14 | 000,075,112 | -H-- | M] (GEAR Software, Inc.) -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}\x86\DifXInstall32.exe
[2011/04/13 18:34:40 | 000,073,000 | -H-- | M] (Apple Inc.) -- C:\Documents and Settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 10.2.1.1\SetupAdmin.exe
[2010/03/02 04:48:41 | 000,079,144 | -H-- | M] (Apple Inc.) -- C:\Documents and Settings\All Users\Application Data\Apple Computer\Installer Cache\Safari 5.31.21.10\SetupAdmin.exe
[2010/01/05 15:06:34 | 001,924,200 | -H-- | M] (Adobe Systems Incorporated) -- C:\Documents and Settings\All Users\Application Data\NOS\Adobe_Downloads\install_flash_player.exe
< %APPDATA%\*. >
[2010/02/26 04:14:34 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jimmy\Application Data\ACAMPREF
[2010/10/05 23:58:13 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jimmy\Application Data\Adobe
[2009/12/20 18:04:12 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jimmy\Application Data\aignes
[2011/01/24 12:07:26 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jimmy\Application Data\Anvil Studio
[2010/03/02 05:07:59 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jimmy\Application Data\Apple Computer
[2011/06/17 18:15:12 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jimmy\Application Data\cacaoweb
[2010/02/21 01:48:04 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jimmy\Application Data\DAEMON Tools Lite
[2011/04/13 02:45:57 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jimmy\Application Data\Daichi
[2010/02/24 00:13:08 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jimmy\Application Data\DMCache
[2011/06/16 20:43:23 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jimmy\Application Data\dvdcss
[2010/05/10 16:24:01 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jimmy\Application Data\EPSON
[2010/03/25 03:04:43 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jimmy\Application Data\Facebook
[2011/05/27 14:46:21 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jimmy\Application Data\GetRightToGo
[2010/05/10 17:49:48 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jimmy\Application Data\Google
[2009/12/20 18:04:11 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jimmy\Application Data\gtopala
[2011/04/01 01:56:54 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jimmy\Application Data\Guitar Pro 6
[2009/12/20 18:04:01 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jimmy\Application Data\Identities
[2009/12/20 18:45:14 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jimmy\Application Data\InstallShield
[2009/12/20 17:58:54 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jimmy\Application Data\Macromedia
[2011/06/11 20:29:39 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jimmy\Application Data\Malwarebytes
[2011/06/11 19:14:47 | 000,000,000 | --SD | M] -- C:\Documents and Settings\Jimmy\Application Data\Microsoft
[2010/01/04 22:05:32 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jimmy\Application Data\Mozilla
[2011/01/20 18:05:47 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jimmy\Application Data\NevoSoft Games
[2010/10/14 22:25:19 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jimmy\Application Data\OfferBox
[2011/01/10 18:09:54 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jimmy\Application Data\SFR
[2010/05/24 14:10:35 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jimmy\Application Data\Skype
[2010/05/24 12:42:02 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jimmy\Application Data\skypePM
[2011/04/19 01:05:15 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jimmy\Application Data\SoundSpectrum
[2010/03/18 03:10:57 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jimmy\Application Data\Steinberg
[2009/12/20 17:58:57 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jimmy\Application Data\Sun
[2011/04/13 03:28:45 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jimmy\Application Data\SynthMaker
[2011/06/02 21:42:15 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jimmy\Application Data\SystemRequirementsLab
[2010/06/02 22:57:56 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jimmy\Application Data\U3
[2011/06/21 22:07:11 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jimmy\Application Data\vlc
[2010/09/12 22:27:33 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jimmy\Application Data\widestream
[2010/01/04 22:02:08 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jimmy\Application Data\WinRAR
[2011/06/17 17:51:09 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jimmy\Application Data\WTablet
< %APPDATA%\*.exe /s >
[2011/01/03 03:32:07 | 000,050,354 | -H-- | M] (Facebook, Inc.) -- C:\Documents and Settings\Jimmy\Application Data\Facebook\uninstall.exe
[2008/08/26 17:49:54 | 000,110,592 | -H-- | M] (U3 LLC) -- C:\Documents and Settings\Jimmy\Application Data\U3\temp\cleanup.exe
[2008/08/26 17:37:56 | 003,493,888 | -H-- | M] (SanDisk Corporation) -- C:\Documents and Settings\Jimmy\Application Data\U3\temp\Launchpad Removal.exe
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
[2 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
< %systemroot%\Tasks\*.job /lockedfiles >
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< End of report >
OTL logfile created on: 24/06/2011 07:41:21 - Run 1
OTL by OldTimer - Version 3.2.24.1 Folder = E:\
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy
1,99 Gb Total Physical Memory | 1,76 Gb Available Physical Memory | 88,25% Memory free
3,84 Gb Paging File | 3,78 Gb Available in Paging File | 98,51% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 102,60 Gb Total Space | 35,14 Gb Free Space | 34,25% Space Free | Partition Type: NTFS
Drive E: | 976,59 Mb Total Space | 454,72 Mb Free Space | 46,56% Space Free | Partition Type: FAT
Computer Name: PC-PORTABLE | User Name: Jimmy | Logged in as Administrator.
Boot Mode: SafeMode | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2011/06/22 01:35:54 | 000,579,072 | ---- | M] (OldTimer Tools) -- E:\OTL.exe
PRC - [2008/04/14 04:34:03 | 001,037,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
========== Modules (SafeList) ==========
MOD - [2011/06/22 01:35:54 | 000,579,072 | ---- | M] (OldTimer Tools) -- E:\OTL.exe
MOD - [2010/08/23 18:12:39 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
========== Win32 Services (SafeList) ==========
========== Driver Services (SafeList) ==========
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.fr/ie
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1409082233-1303643608-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.fr
IE - HKU\S-1-5-21-1409082233-1303643608-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
IE - HKU\S-1-5-21-1409082233-1303643608-725345543-1003\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - File not found
IE - HKU\S-1-5-21-1409082233-1303643608-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1409082233-1303643608-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Ask.com"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "Ask.com"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.google.fr/"
FF - prefs.js..extensions.enabledItems: cacaoweb@cacaoweb.org:1.0.11
FF - prefs.js..keyword.URL: "http://www.google.com/search?ie=UTF-8&oe=UTF-8&sourceid..."
FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/05/06 22:12:06 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/06/02 21:39:12 | 000,000,000 | ---D | M]
[2010/01/25 22:36:09 | 000,000,000 | -H-D | M] (No name found) -- C:\Documents and Settings\Jimmy\Application Data\Mozilla\Extensions
[2010/01/25 22:36:09 | 000,000,000 | -H-D | M] (No name found) -- C:\Documents and Settings\Jimmy\Application Data\Mozilla\Extensions\mozswing@mozswing.org
[2011/05/06 22:12:13 | 000,000,000 | -H-D | M] (No name found) -- C:\Documents and Settings\Jimmy\Application Data\Mozilla\Firefox\Profiles\cayvyl3n.default\extensions
[2010/04/27 16:07:07 | 000,000,000 | -H-D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Jimmy\Application Data\Mozilla\Firefox\Profiles\cayvyl3n.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011/03/03 15:34:42 | 000,000,000 | -H-D | M] (cacaoweb) -- C:\Documents and Settings\Jimmy\Application Data\Mozilla\Firefox\Profiles\cayvyl3n.default\extensions\cacaoweb@cacaoweb.org
[2010/06/20 03:26:44 | 000,001,589 | -H-- | M] () -- C:\Documents and Settings\Jimmy\Application Data\Mozilla\Firefox\Profiles\cayvyl3n.default\searchplugins\web-search.xml
[2011/06/02 22:03:03 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
File not found (No name found) --
[2011/05/06 22:11:59 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\browsercomps.dll
[2011/06/02 21:38:57 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2011/05/06 22:12:02 | 000,001,516 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazon-france.xml
[2011/05/06 22:12:02 | 000,002,252 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\bing.xml
[2011/05/06 22:12:02 | 000,001,822 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\cnrtl-tlfi-fr.xml
[2011/05/06 22:12:02 | 000,001,154 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-france.xml
[2011/05/06 22:12:02 | 000,001,426 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-fr.xml
[2011/05/06 22:12:02 | 000,000,956 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-france.xml
O1 HOSTS File: ([2011/06/11 18:49:34 | 000,000,000 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Programme d'aide de l'Assistant de connexion Windows Live) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (VDownloader Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - File not found
O3 - HKLM\..\Toolbar: (VDownloader Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - File not found
O3 - HKU\S-1-5-21-1409082233-1303643608-725345543-1003\..\Toolbar\ShellBrowser: (no name) - {4ADFE869-0C09-4F41-AD79-A8F1CFA201E8} - No CLSID value found.
O3 - HKU\S-1-5-21-1409082233-1303643608-725345543-1003\..\Toolbar\WebBrowser: (VDownloader Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - File not found
O4 - HKLM..\Run: [avast!] C:\Program Files\Alwil Software\Avast4\ashDisp.exe (ALWIL Software)
O4 - HKLM..\Run: [High Definition Audio Property Page Shortcut] C:\WINDOWS\System32\CHDAudPropShortcut.exe (Windows (R) Server 2003 DDK provider)
O4 - HKLM..\Run: [SpyHunter Security Suite] File not found
O4 - HKU\.DEFAULT..\Run: [JtSWvJfiQpeA] C:\Documents and Settings\All Users\Application Data\JtSWvJfiQpeA.exe (Sysinternals)
O4 - HKU\S-1-5-18..\Run: [JtSWvJfiQpeA] C:\Documents and Settings\All Users\Application Data\JtSWvJfiQpeA.exe (Sysinternals)
O4 - HKU\S-1-5-21-1409082233-1303643608-725345543-1003..\Run: [cacaoweb] C:\Program Files\cacaoweb\cacaoweb.exe ()
O4 - Startup: C:\Documents and Settings\Jimmy\Menu Démarrer\Programmes\Démarrage\IcoSauve.lnk = C:\WINDOWS\system32\IcoSauve.exe (Pierre TORRIS)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRemoteRecursiveEvents = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSimpleStartMenu = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SynchronousMachineGroupPolicy = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SynchronousUserGroupPolicy = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 1
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Recovery present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktop = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 1
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Recovery present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktop = 1
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 1
O7 - HKU\S-1-5-21-1409082233-1303643608-725345543-1003\Software\Policies\Microsoft\Internet Explorer\Recovery present
O7 - HKU\S-1-5-21-1409082233-1303643608-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1409082233-1303643608-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoStrCmpLogical = 0
O7 - HKU\S-1-5-21-1409082233-1303643608-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSaveSettings = 0
O7 - HKU\S-1-5-21-1409082233-1303643608-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoTrayItemsDisplay = 0
O7 - HKU\S-1-5-21-1409082233-1303643608-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoToolbarsOnTaskbar = 0
O7 - HKU\S-1-5-21-1409082233-1303643608-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LockTaskbar = 0
O7 - HKU\S-1-5-21-1409082233-1303643608-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 0
O7 - HKU\S-1-5-21-1409082233-1303643608-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 0
O7 - HKU\S-1-5-21-1409082233-1303643608-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoNetworkConnections = 0
O7 - HKU\S-1-5-21-1409082233-1303643608-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 0
O7 - HKU\S-1-5-21-1409082233-1303643608-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFind = 0
O7 - HKU\S-1-5-21-1409082233-1303643608-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMMyPictures = 0
O7 - HKU\S-1-5-21-1409082233-1303643608-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoUserNameInStartMenu = 0
O7 - HKU\S-1-5-21-1409082233-1303643608-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoStartMenuMorePrograms = 0
O7 - HKU\S-1-5-21-1409082233-1303643608-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: MaxRecentDocs = 15
O7 - HKU\S-1-5-21-1409082233-1303643608-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 1
O7 - HKU\S-1-5-21-1409082233-1303643608-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: MemCheckBoxInRunDlg = 1
O7 - HKU\S-1-5-21-1409082233-1303643608-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMBalloonTip = 0
O7 - HKU\S-1-5-21-1409082233-1303643608-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: DisallowCpl = 1
O9 - Extra 'Tools' menuitem : Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\npjpi160.dll (Sun Microsystems, Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} http://messenger.zone.msn.com/MessengerGamesContent/Gam... (UnoCtrl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0-windows... (Java Plug-in 1.6.0)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zone.msn.com/binary/MessengerStatsPACl... (MessengerStatsClient Class)
O16 - DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0-windows... (Java Plug-in 1.6.0)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0-windows... (Java Plug-in 1.6.0)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/fl... (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 212.27.40.240 212.27.40.241
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\WgaLogon: DllName - WgaLogon.dll - File not found
O24 - Desktop Components:0 (Ma page d'accueil) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Jimmy\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Jimmy\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011/06/11 18:49:34 | 000,000,000 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{070f9dfa-ed83-11de-bbd2-b0ee25d73315}\Shell\AutoRun\command - "" = E:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\isee.exe
O33 - MountPoints2\{070f9dfa-ed83-11de-bbd2-b0ee25d73315}\Shell\open\command - "" = E:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\isee.exe
O33 - MountPoints2\{0a82784a-31f4-11e0-bd81-0018de0ab3f9}\Shell - "" = AutoRun
O33 - MountPoints2\{0a82784a-31f4-11e0-bd81-0018de0ab3f9}\Shell\AutoRun\command - "" = E:\Vodaphone_uninstaller.exe
O33 - MountPoints2\{e78ecccc-1cd3-11e0-bd56-0018de0ab3f9}\Shell - "" = AutoRun
O33 - MountPoints2\{e78ecccc-1cd3-11e0-bd56-0018de0ab3f9}\Shell\AutoRun\command - "" = E:\Vodaphone_uninstaller.exe
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O35 - HKU\S-1-5-21-1409082233-1303643608-725345543-1003..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKU\.DEFAULT\...exe [@ = exefile] -- "C:\Documents and Settings\NetworkService\Local Settings\Application Data\lfm.exe" -a "%1" %*
O37 - HKU\S-1-5-18\...exe [@ = exefile] -- "C:\Documents and Settings\NetworkService\Local Settings\Application Data\lfm.exe" -a "%1" %*
O37 - HKU\S-1-5-21-1409082233-1303643608-725345543-1003\...exe [@ = exefile] -- "%1" %*
NetSvcs: 6to4 - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: msacm.vorbis - C:\WINDOWS\System32\vorbis.acm (HMS http://hp.vector.co.jp/authors/VA012897/)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: VIDC.WMV3 - C:\WINDOWS\System32\wmv9vcm.dll (Microsoft Corporation)
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Rendu VML (Vector Graphics Rendering)
ActiveX: {166B1BCA-3F9C-11CF-8075-444553540000} - Adobe Shockwave Director 10.1
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4
ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation
ActiveX: {2A202491-F00D-11cf-87CC-0020AFEECF20} - Adobe Shockwave Director 10.1
ActiveX: {2A3320D6-C805-4280-B423-B665BDE33D8F} - Microsoft .NET Framework 1.1 Security Update (KB979906)
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {2F6EFCE6-10DF-49F9-9E64-9AE3775B2588} - Microsoft .NET Framework 1.1 Security Update (KB2416447)
ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Liaison de données Dynamic HTML pour Java
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe
ActiveX: {411EDCF7-755D-414E-A74B-3DCD6583F589} - Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)
ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Création avancée
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP
E /CALLER:WINNT /user /installActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - Classes Java DirectAnimation
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.8
ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser
ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7131646D-CD3C-40F4-97B9-CD9E4E6262EF} - .NET Framework
ActiveX: {73fa19d0-2d75-11d2-995d-00c04f98bbc9} - Web Folders
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - c:\WINDOWS\system32\Rundll32.exe c:\WINDOWS\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {9A394342-4A68-4EBA-85A6-55B559F4E700} - .NET Framework
ActiveX: {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} - .NET Framework
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework
ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Planificateur de tâches
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.0
ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {F196AC50-7C95-42E1-9947-BDAB18BF3C8C} - .NET Framework
ActiveX: <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exe
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\WINDOWS\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE
ActiveX: Microsoft Base Smart Card Crypto Provider Package -
========== Files/Folders - Created Within 30 Days ==========
[2011/06/17 19:08:08 | 000,000,000 | ---D | C] -- C:\Windows XP Repair
[2011/06/17 19:07:57 | 000,374,784 | ---- | C] (Sysinternals) -- C:\Documents and Settings\All Users\Application Data\24698660.exe
[2011/06/17 18:58:50 | 000,462,848 | -H-- | C] (Sysinternals) -- C:\Documents and Settings\All Users\Application Data\JtSWvJfiQpeA.exe
[2011/06/11 20:29:39 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Jimmy\Application Data\Malwarebytes
[2011/06/11 20:29:22 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Malwarebytes' Anti-Malware
[2011/06/11 20:29:19 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2011/06/11 20:29:18 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2011/06/11 20:29:17 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011/06/11 20:10:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Identities
[2011/06/11 19:14:39 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2011/06/11 18:49:12 | 000,000,000 | ---D | C] -- C:\Program Files\Enigma Software Group
[2011/06/11 18:48:52 | 000,000,000 | ---D | C] -- C:\Program Files\Fichiers communs\Wise Installation Wizard
[2011/06/10 17:59:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Sun
[2011/06/09 16:41:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Macromedia
[2011/06/05 01:53:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Adobe
[2011/06/04 19:29:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Macromedia
[2011/06/04 19:29:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Adobe
[2011/06/02 21:40:11 | 000,000,000 | ---D | C] -- C:\Program Files\SystemRequirementsLab
[2011/06/02 21:40:06 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Jimmy\Application Data\SystemRequirementsLab
[2011/06/02 21:39:31 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Application Data\Sun
[2011/06/02 21:39:12 | 000,472,808 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deployJava1.dll
[2011/06/02 21:39:12 | 000,139,264 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2011/06/02 21:39:12 | 000,135,168 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2011/06/02 21:39:12 | 000,135,168 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2011/05/27 14:43:24 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Jimmy\Application Data\GetRightToGo
[2011/05/27 13:22:18 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Jimmy\Local Settings\Application Data\DOSBox
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[176 C:\WINDOWS\System32\dllcache\*.tmp files -> C:\WINDOWS\System32\dllcache\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2011/06/24 07:19:16 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/06/24 07:16:07 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/06/21 22:06:17 | 000,048,640 | -H-- | M] () -- C:\Documents and Settings\Jimmy\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/06/17 19:08:09 | 000,000,703 | ---- | M] () -- C:\Windows XP Repair.lnk
[2011/06/17 19:08:09 | 000,000,176 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\~24698660
[2011/06/17 19:08:09 | 000,000,152 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\~24698660r
[2011/06/17 19:08:05 | 000,000,344 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\24698660
[2011/06/17 19:07:57 | 000,374,784 | ---- | M] (Sysinternals) -- C:\Documents and Settings\All Users\Application Data\24698660.exe
[2011/06/17 18:58:49 | 000,462,848 | -H-- | M] (Sysinternals) -- C:\Documents and Settings\All Users\Application Data\JtSWvJfiQpeA.exe
[2011/06/17 08:03:59 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011/06/13 16:19:47 | 000,404,640 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2011/06/11 20:35:25 | 000,018,100 | -HS- | M] () -- C:\Documents and Settings\Jimmy\Local Settings\Application Data\e1i8cp645hqv0g03h401
[2011/06/11 20:35:25 | 000,018,100 | -HS- | M] () -- C:\Documents and Settings\All Users\Application Data\e1i8cp645hqv0g03h401
[2011/06/11 18:49:34 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2011/06/11 18:49:34 | 000,000,000 | ---- | M] () -- C:\autoexec.bat
[2011/06/11 18:29:54 | 000,002,160 | -HS- | M] () -- C:\Documents and Settings\Jimmy\Local Settings\Application Data\3842150890
[2011/06/11 18:29:54 | 000,002,160 | -HS- | M] () -- C:\Documents and Settings\All Users\Application Data\1874102850
[2011/06/11 18:29:48 | 000,002,124 | -HS- | M] () -- C:\Documents and Settings\All Users\Application Data\3842150890
[2011/06/04 19:12:58 | 000,000,000 | -H-- | M] () -- C:\Documents and Settings\Jimmy\Application Data\chrtmp
[2011/06/02 21:38:54 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deployJava1.dll
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[176 C:\WINDOWS\System32\dllcache\*.tmp files -> C:\WINDOWS\System32\dllcache\*.tmp -> ]
========== Files Created - No Company Name ==========
[2011/06/17 19:08:09 | 000,000,703 | ---- | C] () -- C:\Windows XP Repair.lnk
[2011/06/17 19:08:09 | 000,000,176 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\~24698660
[2011/06/17 19:08:09 | 000,000,152 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\~24698660r
[2011/06/17 19:08:05 | 000,000,344 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\24698660
[2011/06/11 18:49:34 | 000,000,000 | ---- | C] () -- C:\autoexec.bat
[2011/06/11 18:29:28 | 000,002,160 | -HS- | C] () -- C:\Documents and Settings\Jimmy\Local Settings\Application Data\3842150890
[2011/06/11 18:29:28 | 000,002,160 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\1874102850
[2011/06/11 18:29:27 | 000,018,100 | -HS- | C] () -- C:\Documents and Settings\Jimmy\Local Settings\Application Data\e1i8cp645hqv0g03h401
[2011/06/11 18:29:27 | 000,002,124 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\3842150890
[2011/06/11 18:27:54 | 000,018,100 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\e1i8cp645hqv0g03h401
[2011/06/11 18:27:54 | 000,002,116 | -HS- | C] () -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\e1i8cp645hqv0g03h401
[2011/06/05 00:59:59 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011/06/04 19:12:58 | 000,000,000 | -H-- | C] () -- C:\Documents and Settings\Jimmy\Application Data\chrtmp
[2011/03/03 06:11:56 | 000,002,272 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2010/05/24 00:00:12 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2010/02/26 04:07:23 | 000,005,382 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2010/01/27 04:09:02 | 000,053,299 | ---- | C] () -- C:\WINDOWS\System32\pthreadVC.dll
[2010/01/18 22:53:10 | 000,048,640 | -H-- | C] () -- C:\Documents and Settings\Jimmy\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/01/08 02:29:29 | 000,011,956 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2010/01/04 22:05:24 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2009/12/20 18:26:12 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4670.dll
[2009/12/20 18:17:11 | 000,004,205 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2009/12/20 18:15:08 | 001,408,744 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009/12/20 18:04:07 | 000,000,128 | -H-- | C] () -- C:\Documents and Settings\Jimmy\Local Settings\Application Data\fusioncache.dat
[2009/12/20 17:58:52 | 002,111,096 | ---- | C] () -- C:\WINDOWS\System32\NPSWF32.dll
[2009/12/20 17:46:45 | 000,591,552 | ---- | C] () -- C:\WINDOWS\System32\Ntest.exe
[2009/12/20 17:46:45 | 000,069,120 | ---- | C] () -- C:\WINDOWS\System32\TransBar.exe
[2009/12/20 17:46:45 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\SMPSeesaw.exe
[2009/12/20 17:46:45 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\SendToRemove.exe
[2009/12/20 17:46:45 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\SendToAdd.exe
[2009/12/20 17:46:45 | 000,032,610 | ---- | C] () -- C:\WINDOWS\System32\Refresh.exe
[2009/12/20 17:46:44 | 000,742,912 | ---- | C] () -- C:\WINDOWS\System32\deadlink.exe
[2009/12/20 17:46:44 | 000,079,872 | ---- | C] () -- C:\WINDOWS\System32\Enregistrer sous Editeur.exe
[2009/12/20 17:46:44 | 000,005,120 | ---- | C] () -- C:\WINDOWS\System32\Enregistrer sous Test.exe
[2009/12/20 17:46:43 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\Aide.exe
[2009/12/20 17:46:18 | 000,002,844 | ---- | C] () -- C:\WINDOWS\System32\faview_lng.ini
[2009/12/20 17:46:18 | 000,002,588 | ---- | C] () -- C:\WINDOWS\System32\shman_lng.ini
[2009/12/20 17:46:18 | 000,002,323 | ---- | C] () -- C:\WINDOWS\System32\Starter.ini
[2009/12/20 17:46:18 | 000,001,725 | ---- | C] () -- C:\WINDOWS\System32\WinAudit.ini
[2009/12/20 17:46:18 | 000,001,239 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2009/12/20 17:46:18 | 000,000,047 | ---- | C] () -- C:\WINDOWS\System32\TransBar.ini
[2009/12/20 17:31:19 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2009/12/20 17:23:40 | 000,021,892 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2008/08/11 11:02:00 | 000,047,616 | ---- | C] () -- C:\WINDOWS\System32\zmghpaso.dll
[2008/08/11 11:01:58 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\zmghpaudcp.exe
[2006/07/23 20:13:33 | 000,031,232 | ---- | C] () -- C:\WINDOWS\System32\cmdow.exe
[2006/07/05 23:52:10 | 000,476,672 | ---- | C] () -- C:\WINDOWS\System32\7za442.exe
[2005/09/02 02:53:02 | 000,126,976 | ---- | C] () -- C:\WINDOWS\System32\sleep.exe
[2004/08/19 19:23:25 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2004/08/02 17:20:39 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2002/09/06 22:59:59 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2002/09/06 22:59:59 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2002/09/06 22:59:59 | 000,510,546 | ---- | C] () -- C:\WINDOWS\System32\perfh00C.dat
[2002/09/06 22:59:59 | 000,441,036 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2002/09/06 22:59:59 | 000,322,810 | ---- | C] () -- C:\WINDOWS\System32\perfi00C.dat
[2002/09/06 22:59:59 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2002/09/06 22:59:59 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2002/09/06 22:59:59 | 000,085,412 | ---- | C] () -- C:\WINDOWS\System32\perfc00C.dat
[2002/09/06 22:59:59 | 000,071,354 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2002/09/06 22:59:59 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2002/09/06 22:59:59 | 000,034,108 | ---- | C] () -- C:\WINDOWS\System32\perfd00C.dat
[2002/09/06 22:59:59 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2002/09/06 22:59:59 | 000,004,463 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2002/09/06 22:59:59 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2002/06/06 03:01:58 | 000,029,696 | ---- | C] () -- C:\WINDOWS\System32\asutl8.dll
========== Custom Scans ==========
< %SYSTEMDRIVE%\*.exe >
< %ALLUSERSPROFILE%\Application Data\*. >
[2011/06/11 20:52:40 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Adobe
[2011/01/03 03:20:01 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Alwil Software
[2010/01/04 22:45:00 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Apple
[2010/01/04 22:43:53 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Apple Computer
[2010/02/21 01:40:45 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Lite
[2010/02/21 18:01:02 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\DFX
[2010/03/09 01:27:25 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\EarMaster
[2010/03/24 04:21:47 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\FLEXnet
[2011/02/24 02:58:13 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Guitar Pro 6
[2011/06/11 20:29:18 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2010/01/05 15:07:31 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\McAfee
[2010/01/05 15:06:38 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\McAfee Security Scan
[2010/03/09 16:13:33 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Microsoft
[2010/01/06 15:24:34 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\NOS
[2010/02/26 00:23:34 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Psicraft
[2010/01/05 15:50:19 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Soulseek
[2010/03/18 03:10:57 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Steinberg
[2011/06/02 21:39:31 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Sun
[2010/01/06 20:45:45 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
[2011/04/13 18:45:18 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2010/01/04 22:44:18 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
[2011/06/17 19:07:57 | 000,374,784 | ---- | M] (Sysinternals) -- C:\Documents and Settings\All Users\Application Data\24698660.exe
[2011/06/17 18:58:49 | 000,462,848 | -H-- | M] (Sysinternals) -- C:\Documents and Settings\All Users\Application Data\JtSWvJfiQpeA.exe
[2009/02/04 13:56:14 | 000,075,112 | -H-- | M] (GEAR Software, Inc.) -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}\x86\DifXInstall32.exe
[2011/04/13 18:34:40 | 000,073,000 | -H-- | M] (Apple Inc.) -- C:\Documents and Settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 10.2.1.1\SetupAdmin.exe
[2010/03/02 04:48:41 | 000,079,144 | -H-- | M] (Apple Inc.) -- C:\Documents and Settings\All Users\Application Data\Apple Computer\Installer Cache\Safari 5.31.21.10\SetupAdmin.exe
[2010/01/05 15:06:34 | 001,924,200 | -H-- | M] (Adobe Systems Incorporated) -- C:\Documents and Settings\All Users\Application Data\NOS\Adobe_Downloads\install_flash_player.exe
< %APPDATA%\*. >
[2010/02/26 04:14:34 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jimmy\Application Data\ACAMPREF
[2010/10/05 23:58:13 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jimmy\Application Data\Adobe
[2009/12/20 18:04:12 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jimmy\Application Data\aignes
[2011/01/24 12:07:26 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jimmy\Application Data\Anvil Studio
[2010/03/02 05:07:59 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jimmy\Application Data\Apple Computer
[2011/06/17 18:15:12 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jimmy\Application Data\cacaoweb
[2010/02/21 01:48:04 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jimmy\Application Data\DAEMON Tools Lite
[2011/04/13 02:45:57 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jimmy\Application Data\Daichi
[2010/02/24 00:13:08 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jimmy\Application Data\DMCache
[2011/06/16 20:43:23 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jimmy\Application Data\dvdcss
[2010/05/10 16:24:01 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jimmy\Application Data\EPSON
[2010/03/25 03:04:43 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jimmy\Application Data\Facebook
[2011/05/27 14:46:21 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jimmy\Application Data\GetRightToGo
[2010/05/10 17:49:48 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jimmy\Application Data\Google
[2009/12/20 18:04:11 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jimmy\Application Data\gtopala
[2011/04/01 01:56:54 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jimmy\Application Data\Guitar Pro 6
[2009/12/20 18:04:01 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jimmy\Application Data\Identities
[2009/12/20 18:45:14 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jimmy\Application Data\InstallShield
[2009/12/20 17:58:54 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jimmy\Application Data\Macromedia
[2011/06/11 20:29:39 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jimmy\Application Data\Malwarebytes
[2011/06/11 19:14:47 | 000,000,000 | --SD | M] -- C:\Documents and Settings\Jimmy\Application Data\Microsoft
[2010/01/04 22:05:32 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jimmy\Application Data\Mozilla
[2011/01/20 18:05:47 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jimmy\Application Data\NevoSoft Games
[2010/10/14 22:25:19 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jimmy\Application Data\OfferBox
[2011/01/10 18:09:54 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jimmy\Application Data\SFR
[2010/05/24 14:10:35 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jimmy\Application Data\Skype
[2010/05/24 12:42:02 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jimmy\Application Data\skypePM
[2011/04/19 01:05:15 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jimmy\Application Data\SoundSpectrum
[2010/03/18 03:10:57 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jimmy\Application Data\Steinberg
[2009/12/20 17:58:57 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jimmy\Application Data\Sun
[2011/04/13 03:28:45 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jimmy\Application Data\SynthMaker
[2011/06/02 21:42:15 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jimmy\Application Data\SystemRequirementsLab
[2010/06/02 22:57:56 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jimmy\Application Data\U3
[2011/06/21 22:07:11 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jimmy\Application Data\vlc
[2010/09/12 22:27:33 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jimmy\Application Data\widestream
[2010/01/04 22:02:08 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jimmy\Application Data\WinRAR
[2011/06/17 17:51:09 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jimmy\Application Data\WTablet
< %APPDATA%\*.exe /s >
[2011/01/03 03:32:07 | 000,050,354 | -H-- | M] (Facebook, Inc.) -- C:\Documents and Settings\Jimmy\Application Data\Facebook\uninstall.exe
[2008/08/26 17:49:54 | 000,110,592 | -H-- | M] (U3 LLC) -- C:\Documents and Settings\Jimmy\Application Data\U3\temp\cleanup.exe
[2008/08/26 17:37:56 | 003,493,888 | -H-- | M] (SanDisk Corporation) -- C:\Documents and Settings\Jimmy\Application Data\U3\temp\Launchpad Removal.exe
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
[2 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
< %systemroot%\Tasks\*.job /lockedfiles >
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< End of report >
Re,
Ouais ben apparemment tu n'avais pas assez bien nettoyé avec Mlawarebyte's, y'a de gros reste de rogue (faux utilitaire de sécurtité/optimisation)![;)]( ";)")
Reste en mode sans échec, cela neutralisera le rogue pour le moment, suis la manipulation suivante en téléchargeant le logiciel sur une clé et en le transférant sur le pc qui a la souci.
Un fois la manipulation effectuée, tu peux tenter de redémarrer en mode normal et me transmettre le rapport :
Télécharge RogueKiller (de Tigzy) et transfère-le sur le pc en cause avec une clé usb
Ferme toutes tes fenêtres, puis double clique sur RogueKiller.exe pour le lancer.
(Utilisateur de Vista/Windows 7 faites un clic droit -> "Exécuter en tant qu'administrateur")
Une fois l'initialisation terminée, choisis l'option 2 et valide.
Laisse l'outil travailler.
Un rapport s'ouvrira, copie-colle son contenu dans ta prochaine réponse
(S'il ne s'ouvre pas, il est enregistré sur le bureau : RKreport.txt)
Ouais ben apparemment tu n'avais pas assez bien nettoyé avec Mlawarebyte's, y'a de gros reste de rogue (faux utilitaire de sécurtité/optimisation)
Reste en mode sans échec, cela neutralisera le rogue pour le moment, suis la manipulation suivante en téléchargeant le logiciel sur une clé et en le transférant sur le pc qui a la souci.
Un fois la manipulation effectuée, tu peux tenter de redémarrer en mode normal et me transmettre le rapport :
Télécharge RogueKiller (de Tigzy) et transfère-le sur le pc en cause avec une clé usb
(Utilisateur de Vista/Windows 7 faites un clic droit -> "Exécuter en tant qu'administrateur")
(S'il ne s'ouvre pas, il est enregistré sur le bureau : RKreport.txt)
Le rapport de RogueKiller :
RogueKiller V5.2.5 [24/06/2011] par Tigzy
contact sur http://www.sur-la-toile.com
mail: tigzyRK<at>gmail<dot>com
Remontees: http://www.sur-la-toile.com/discussion-193725-1-BRogueK...
Systeme d'exploitation: Windows XP (5.1.2600 Service Pack 3) 32 bits version
Demarrage : Mode sans echec
Utilisateur: Jimmy [Droits d'admin]
Mode: Suppression -- Date : 24/06/2011 10:13:44
Processus malicieux: 0
Entrees de registre: 0
Fichier HOSTS:
Termine : << RKreport[2].txt >>
RKreport[1].txt ; RKreport[2].txt
RogueKiller V5.2.5 [24/06/2011] par Tigzy
contact sur http://www.sur-la-toile.com
mail: tigzyRK<at>gmail<dot>com
Remontees: http://www.sur-la-toile.com/discussion-193725-1-BRogueK...
Systeme d'exploitation: Windows XP (5.1.2600 Service Pack 3) 32 bits version
Demarrage : Mode sans echec
Utilisateur: Jimmy [Droits d'admin]
Mode: Suppression -- Date : 24/06/2011 10:13:44
Processus malicieux: 0
Entrees de registre: 0
Fichier HOSTS:
Termine : << RKreport[2].txt >>
RKreport[1].txt ; RKreport[2].txt
Re,
Mouais ben apparemment ça fonctionne moyen sur clé usb.
On va commencer à corriger avec OTL voir si tu peux reprendre la main ensuite :
(tu peux le faire en mode sans échec)
Relance OTL.exe
Ferme toutes tes fenêtres, puis double clique sur OTL.exe pour le lancer.
(Utilisateur de Vista/Windows 7 faites un clic droit -> "Exécuter en tant qu'administrateur")
Copie/colle ce qui suit dans le cadre Personnalisation en bas à gauche.
Puis clique sur le bouton Correction en haut à gauche
Si le pc demande à redémarrer accepte.
Poste le rapport de suppression.
Note : le rapport est enregistré sous format ".log", il convient de changer cette extension en ".txt" si tu veux le déposer sur des sites en ligne.
Pour les rapports, merci d'utiliser ce service de rapport en ligne : dépose le fichier via "parcourir" et poste simplement le lien obtenu.
Mouais ben apparemment ça fonctionne moyen sur clé usb.
On va commencer à corriger avec OTL voir si tu peux reprendre la main ensuite :
(tu peux le faire en mode sans échec)
Relance OTL.exe
(Utilisateur de Vista/Windows 7 faites un clic droit -> "Exécuter en tant qu'administrateur")
:OTL
FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Ask.com"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "Ask.com"
O2 - BHO: (VDownloader Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - File not found
O3 - HKLM\..\Toolbar: (VDownloader Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - File not found
O3 - HKU\S-1-5-21-1409082233-1303643608-725345543-1003\..\Toolbar\ShellBrowser: (no name) - {4ADFE869-0C09-4F41-AD79-A8F1CFA201E8} - No CLSID value found.
O3 - HKU\S-1-5-21-1409082233-1303643608-725345543-1003\..\Toolbar\WebBrowser: (VDownloader Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - File not found
O4 - HKLM..\Run: [SpyHunter Security Suite] File not found
O4 - HKU\.DEFAULT..\Run: [JtSWvJfiQpeA] C:\Documents and Settings\All Users\Application Data\JtSWvJfiQpeA.exe (Sysinternals)
O4 - HKU\S-1-5-18..\Run: [JtSWvJfiQpeA] C:\Documents and Settings\All Users\Application Data\JtSWvJfiQpeA.exe (Sysinternals)
O4 - HKLM..\Run: [SpyHunter Security Suite] File not found
O4 - HKU\.DEFAULT..\Run: [JtSWvJfiQpeA] C:\Documents and Settings\All Users\Application Data\JtSWvJfiQpeA.exe (Sysinternals)
O4 - HKU\S-1-5-18..\Run: [JtSWvJfiQpeA] C:\Documents and Settings\All Users\Application Data\JtSWvJfiQpeA.exe (Sysinternals)
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktop = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 1
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Recovery present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktop = 1
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 1
O7 - HKU\S-1-5-21-1409082233-1303643608-725345543-1003\Software\Policies\Microsoft\Internet Explorer\Recovery present
O7 - HKU\S-1-5-21-1409082233-1303643608-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoStrCmpLogical = 0
O7 - HKU\S-1-5-21-1409082233-1303643608-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSaveSettings = 0
O7 - HKU\S-1-5-21-1409082233-1303643608-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoTrayItemsDisplay = 0
O7 - HKU\S-1-5-21-1409082233-1303643608-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoToolbarsOnTaskbar = 0
O7 - HKU\S-1-5-21-1409082233-1303643608-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LockTaskbar = 0
O7 - HKU\S-1-5-21-1409082233-1303643608-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 0
O7 - HKU\S-1-5-21-1409082233-1303643608-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 0
O7 - HKU\S-1-5-21-1409082233-1303643608-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoNetworkConnections = 0
O7 - HKU\S-1-5-21-1409082233-1303643608-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 0
O7 - HKU\S-1-5-21-1409082233-1303643608-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFind = 0
O33 - MountPoints2\{070f9dfa-ed83-11de-bbd2-b0ee25d73315}\Shell\AutoRun\command - "" = E:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\isee.exe
O33 - MountPoints2\{070f9dfa-ed83-11de-bbd2-b0ee25d73315}\Shell\open\command - "" = E:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\isee.exe
O37 - HKU\.DEFAULT\...exe [@ = exefile] -- "C:\Documents and Settings\NetworkService\Local Settings\Application Data\lfm.exe" -a "%1" %*
O37 - HKU\S-1-5-18\...exe [@ = exefile] -- "C:\Documents and Settings\NetworkService\Local Settings\Application Data\lfm.exe" -a "%1" %*
[2011/06/17 19:08:08 | 000,000,000 | ---D | C] -- C:\Windows XP Repair
[2011/06/17 19:07:57 | 000,374,784 | ---- | C] (Sysinternals) -- C:\Documents and Settings\All Users\Application Data\24698660.exe
[2011/06/17 18:58:50 | 000,462,848 | -H-- | C] (Sysinternals) -- C:\Documents and Settings\All Users\Application Data\JtSWvJfiQpeA.exe
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[176 C:\WINDOWS\System32\dllcache\*.tmp files -> C:\WINDOWS\System32\dllcache\*.tmp -> ]
[2011/06/17 19:08:09 | 000,000,176 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\~24698660
[2011/06/17 19:08:09 | 000,000,152 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\~24698660r
[2011/06/17 19:08:05 | 000,000,344 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\24698660
[2011/06/17 19:07:57 | 000,374,784 | ---- | M] (Sysinternals) -- C:\Documents and Settings\All Users\Application Data\24698660.exe
[2011/06/17 18:58:49 | 000,462,848 | -H-- | M] (Sysinternals) -- C:\Documents and Settings\All Users\Application Data\JtSWvJfiQpeA.exe
[2011/06/11 20:35:25 | 000,018,100 | -HS- | M] () -- C:\Documents and Settings\Jimmy\Local Settings\Application Data\e1i8cp645hqv0g03h401
[2011/06/11 20:35:25 | 000,018,100 | -HS- | M] () -- C:\Documents and Settings\All Users\Application Data\e1i8cp645hqv0g03h401
[2011/06/11 18:29:54 | 000,002,160 | -HS- | M] () -- C:\Documents and Settings\Jimmy\Local Settings\Application Data\3842150890
[2011/06/11 18:29:54 | 000,002,160 | -HS- | M] () -- C:\Documents and Settings\All Users\Application Data\1874102850
[2011/06/11 18:29:48 | 000,002,124 | -HS- | M] () -- C:\Documents and Settings\All Users\Application Data\3842150890
[2011/06/17 19:08:09 | 000,000,703 | ---- | C] () -- C:\Windows XP Repair.lnk
[2011/06/11 18:49:34 | 000,000,000 | ---- | C] () -- C:\autoexec.bat
:Commands
[emptytemp]
[emptyflash]
FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Ask.com"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "Ask.com"
O2 - BHO: (VDownloader Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - File not found
O3 - HKLM\..\Toolbar: (VDownloader Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - File not found
O3 - HKU\S-1-5-21-1409082233-1303643608-725345543-1003\..\Toolbar\ShellBrowser: (no name) - {4ADFE869-0C09-4F41-AD79-A8F1CFA201E8} - No CLSID value found.
O3 - HKU\S-1-5-21-1409082233-1303643608-725345543-1003\..\Toolbar\WebBrowser: (VDownloader Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - File not found
O4 - HKLM..\Run: [SpyHunter Security Suite] File not found
O4 - HKU\.DEFAULT..\Run: [JtSWvJfiQpeA] C:\Documents and Settings\All Users\Application Data\JtSWvJfiQpeA.exe (Sysinternals)
O4 - HKU\S-1-5-18..\Run: [JtSWvJfiQpeA] C:\Documents and Settings\All Users\Application Data\JtSWvJfiQpeA.exe (Sysinternals)
O4 - HKLM..\Run: [SpyHunter Security Suite] File not found
O4 - HKU\.DEFAULT..\Run: [JtSWvJfiQpeA] C:\Documents and Settings\All Users\Application Data\JtSWvJfiQpeA.exe (Sysinternals)
O4 - HKU\S-1-5-18..\Run: [JtSWvJfiQpeA] C:\Documents and Settings\All Users\Application Data\JtSWvJfiQpeA.exe (Sysinternals)
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktop = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 1
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Recovery present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktop = 1
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 1
O7 - HKU\S-1-5-21-1409082233-1303643608-725345543-1003\Software\Policies\Microsoft\Internet Explorer\Recovery present
O7 - HKU\S-1-5-21-1409082233-1303643608-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoStrCmpLogical = 0
O7 - HKU\S-1-5-21-1409082233-1303643608-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSaveSettings = 0
O7 - HKU\S-1-5-21-1409082233-1303643608-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoTrayItemsDisplay = 0
O7 - HKU\S-1-5-21-1409082233-1303643608-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoToolbarsOnTaskbar = 0
O7 - HKU\S-1-5-21-1409082233-1303643608-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LockTaskbar = 0
O7 - HKU\S-1-5-21-1409082233-1303643608-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 0
O7 - HKU\S-1-5-21-1409082233-1303643608-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 0
O7 - HKU\S-1-5-21-1409082233-1303643608-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoNetworkConnections = 0
O7 - HKU\S-1-5-21-1409082233-1303643608-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 0
O7 - HKU\S-1-5-21-1409082233-1303643608-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFind = 0
O33 - MountPoints2\{070f9dfa-ed83-11de-bbd2-b0ee25d73315}\Shell\AutoRun\command - "" = E:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\isee.exe
O33 - MountPoints2\{070f9dfa-ed83-11de-bbd2-b0ee25d73315}\Shell\open\command - "" = E:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\isee.exe
O37 - HKU\.DEFAULT\...exe [@ = exefile] -- "C:\Documents and Settings\NetworkService\Local Settings\Application Data\lfm.exe" -a "%1" %*
O37 - HKU\S-1-5-18\...exe [@ = exefile] -- "C:\Documents and Settings\NetworkService\Local Settings\Application Data\lfm.exe" -a "%1" %*
[2011/06/17 19:08:08 | 000,000,000 | ---D | C] -- C:\Windows XP Repair
[2011/06/17 19:07:57 | 000,374,784 | ---- | C] (Sysinternals) -- C:\Documents and Settings\All Users\Application Data\24698660.exe
[2011/06/17 18:58:50 | 000,462,848 | -H-- | C] (Sysinternals) -- C:\Documents and Settings\All Users\Application Data\JtSWvJfiQpeA.exe
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[176 C:\WINDOWS\System32\dllcache\*.tmp files -> C:\WINDOWS\System32\dllcache\*.tmp -> ]
[2011/06/17 19:08:09 | 000,000,176 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\~24698660
[2011/06/17 19:08:09 | 000,000,152 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\~24698660r
[2011/06/17 19:08:05 | 000,000,344 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\24698660
[2011/06/17 19:07:57 | 000,374,784 | ---- | M] (Sysinternals) -- C:\Documents and Settings\All Users\Application Data\24698660.exe
[2011/06/17 18:58:49 | 000,462,848 | -H-- | M] (Sysinternals) -- C:\Documents and Settings\All Users\Application Data\JtSWvJfiQpeA.exe
[2011/06/11 20:35:25 | 000,018,100 | -HS- | M] () -- C:\Documents and Settings\Jimmy\Local Settings\Application Data\e1i8cp645hqv0g03h401
[2011/06/11 20:35:25 | 000,018,100 | -HS- | M] () -- C:\Documents and Settings\All Users\Application Data\e1i8cp645hqv0g03h401
[2011/06/11 18:29:54 | 000,002,160 | -HS- | M] () -- C:\Documents and Settings\Jimmy\Local Settings\Application Data\3842150890
[2011/06/11 18:29:54 | 000,002,160 | -HS- | M] () -- C:\Documents and Settings\All Users\Application Data\1874102850
[2011/06/11 18:29:48 | 000,002,124 | -HS- | M] () -- C:\Documents and Settings\All Users\Application Data\3842150890
[2011/06/17 19:08:09 | 000,000,703 | ---- | C] () -- C:\Windows XP Repair.lnk
[2011/06/11 18:49:34 | 000,000,000 | ---- | C] () -- C:\autoexec.bat
:Commands
[emptytemp]
[emptyflash]
Note : le rapport est enregistré sous format ".log", il convient de changer cette extension en ".txt" si tu veux le déposer sur des sites en ligne.
Pour les rapports, merci d'utiliser ce service de rapport en ligne : dépose le fichier via "parcourir" et poste simplement le lien obtenu.
Voila le rapport :
All processes killed
========== OTL ==========
Prefs.js: "Ask.com" removed from browser.search.defaultengine
Prefs.js: "Ask.com" removed from browser.search.defaultenginename
Prefs.js: "Ask.com" removed from browser.search.order.1
Prefs.js: "Ask.com" removed from browser.search.selectedEngine
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
Registry value HKEY_USERS\S-1-5-21-1409082233-1303643608-725345543-1003\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser\\{4ADFE869-0C09-4F41-AD79-A8F1CFA201E8} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4ADFE869-0C09-4F41-AD79-A8F1CFA201E8}\ not found.
Registry value HKEY_USERS\S-1-5-21-1409082233-1303643608-725345543-1003\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\SpyHunter Security Suite deleted successfully.
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\JtSWvJfiQpeA not found.
C:\Documents and Settings\All Users\Application Data\JtSWvJfiQpeA.exe moved successfully.
Registry value HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run\\JtSWvJfiQpeA not found.
File C:\Documents and Settings\All Users\Application Data\JtSWvJfiQpeA.exe not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\SpyHunter Security Suite not found.
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\JtSWvJfiQpeA not found.
File C:\Documents and Settings\All Users\Application Data\JtSWvJfiQpeA.exe not found.
Registry value HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run\\JtSWvJfiQpeA not found.
File C:\Documents and Settings\All Users\Application Data\JtSWvJfiQpeA.exe not found.
Registry value HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDesktop deleted successfully.
Registry value HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\DisableTaskMgr deleted successfully.
Registry key HKEY_USERS\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Recovery\ not found.
Registry value HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDesktop not found.
Registry value HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\DisableTaskMgr not found.
Registry key HKEY_USERS\S-1-5-21-1409082233-1303643608-725345543-1003\Software\Policies\Microsoft\Internet Explorer\Recovery\ deleted successfully.
Registry value HKEY_USERS\S-1-5-21-1409082233-1303643608-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoStrCmpLogical deleted successfully.
Registry value HKEY_USERS\S-1-5-21-1409082233-1303643608-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoSaveSettings deleted successfully.
Registry value HKEY_USERS\S-1-5-21-1409082233-1303643608-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoTrayItemsDisplay deleted successfully.
Registry value HKEY_USERS\S-1-5-21-1409082233-1303643608-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoToolbarsOnTaskbar deleted successfully.
Registry value HKEY_USERS\S-1-5-21-1409082233-1303643608-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\LockTaskbar deleted successfully.
Registry value HKEY_USERS\S-1-5-21-1409082233-1303643608-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoResolveTrack deleted successfully.
Registry value HKEY_USERS\S-1-5-21-1409082233-1303643608-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoResolveSearch deleted successfully.
Registry value HKEY_USERS\S-1-5-21-1409082233-1303643608-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoNetworkConnections deleted successfully.
Registry value HKEY_USERS\S-1-5-21-1409082233-1303643608-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoSMHelp deleted successfully.
Registry value HKEY_USERS\S-1-5-21-1409082233-1303643608-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoFind deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{070f9dfa-ed83-11de-bbd2-b0ee25d73315}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{070f9dfa-ed83-11de-bbd2-b0ee25d73315}\ not found.
File E:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\isee.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{070f9dfa-ed83-11de-bbd2-b0ee25d73315}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{070f9dfa-ed83-11de-bbd2-b0ee25d73315}\ not found.
File E:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\isee.exe not found.
Registry key HKEY_USERS\.DEFAULT\Software\Classes\.exe\ deleted successfully.
Registry key HKEY_USERS\.DEFAULT\Software\Classes\exefile\ deleted successfully.
HKEY_LOCAL_MACHINE\Software\Classes\.exe\\|exefile /E : value set successfully!
Registry key HKEY_USERS\S-1-5-18\Software\Classes\.exe\ not found.
Registry key HKEY_USERS\S-1-5-18\Software\Classes\exefile\ not found.
HKEY_LOCAL_MACHINE\Software\Classes\.exe\\|exefile /E : value set successfully!
C:\Windows XP Repair folder moved successfully.
C:\Documents and Settings\All Users\Application Data\24698660.exe moved successfully.
File C:\Documents and Settings\All Users\Application Data\JtSWvJfiQpeA.exe not found.
C:\WINDOWS\002858_.tmp deleted successfully.
C:\WINDOWS\CF33A0CE702A4E66B91BF995F9DDFD5B.TMP\WiseCustomCall.dll deleted successfully.
C:\WINDOWS\CF33A0CE702A4E66B91BF995F9DDFD5B.TMP\WiseCustomCalla.dll deleted successfully.
C:\WINDOWS\CF33A0CE702A4E66B91BF995F9DDFD5B.TMP\WiseCustomCalla17.dll deleted successfully.
C:\WINDOWS\CF33A0CE702A4E66B91BF995F9DDFD5B.TMP\WiseCustomCalla18.exe deleted successfully.
C:\WINDOWS\CF33A0CE702A4E66B91BF995F9DDFD5B.TMP\WiseCustomCalla19.dll deleted successfully.
C:\WINDOWS\CF33A0CE702A4E66B91BF995F9DDFD5B.TMP\WiseCustomCalla2.dll deleted successfully.
C:\WINDOWS\CF33A0CE702A4E66B91BF995F9DDFD5B.TMP\WiseCustomCalla20.dll deleted successfully.
C:\WINDOWS\CF33A0CE702A4E66B91BF995F9DDFD5B.TMP\WiseCustomCalla21.dll deleted successfully.
C:\WINDOWS\CF33A0CE702A4E66B91BF995F9DDFD5B.TMP\WiseCustomCalla21.exe deleted successfully.
C:\WINDOWS\CF33A0CE702A4E66B91BF995F9DDFD5B.TMP\WiseData.ini deleted successfully.
C:\WINDOWS\CF33A0CE702A4E66B91BF995F9DDFD5B.TMP folder deleted successfully.
C:\WINDOWS\LastGood.Tmp\system32\dllcache\admin.dll deleted successfully.
C:\WINDOWS\LastGood.Tmp\system32\dllcache\admin.exe deleted successfully.
C:\WINDOWS\LastGood.Tmp\system32\dllcache\admwprox.dll deleted successfully.
C:\WINDOWS\LastGood.Tmp\system32\dllcache\adsiis51.dll deleted successfully.
C:\WINDOWS\LastGood.Tmp\system32\dllcache\author.dll deleted successfully.
C:\WINDOWS\LastGood.Tmp\system32\dllcache\author.exe deleted successfully.
C:\WINDOWS\LastGood.Tmp\system32\dllcache\certmap.ocx deleted successfully.
C:\WINDOWS\LastGood.Tmp\system32\dllcache\certwiz.ocx deleted successfully.
C:\WINDOWS\LastGood.Tmp\system32\dllcache\cfgwiz.exe deleted successfully.
C:\WINDOWS\LastGood.Tmp\system32\dllcache\cnfgprts.ocx deleted successfully.
C:\WINDOWS\LastGood.Tmp\system32\dllcache\coadmin.dll deleted successfully.
C:\WINDOWS\LastGood.Tmp\system32\dllcache\fp4amsft.dll deleted successfully.
C:\WINDOWS\LastGood.Tmp\system32\dllcache\fp4anscp.dll deleted successfully.
C:\WINDOWS\LastGood.Tmp\system32\dllcache\fp4apws.dll deleted successfully.
C:\WINDOWS\LastGood.Tmp\system32\dllcache\fp4areg.dll deleted successfully.
C:\WINDOWS\LastGood.Tmp\system32\dllcache\fp4atxt.dll deleted successfully.
C:\WINDOWS\LastGood.Tmp\system32\dllcache\fp4avnb.dll deleted successfully.
C:\WINDOWS\LastGood.Tmp\system32\dllcache\fp4avss.dll deleted successfully.
C:\WINDOWS\LastGood.Tmp\system32\dllcache\fp4awebs.dll deleted successfully.
C:\WINDOWS\LastGood.Tmp\system32\dllcache\fp4awel.dll deleted successfully.
C:\WINDOWS\LastGood.Tmp\system32\dllcache\fp98sadm.exe deleted successfully.
C:\WINDOWS\LastGood.Tmp\system32\dllcache\fp98swin.exe deleted successfully.
C:\WINDOWS\LastGood.Tmp\system32\dllcache\fpcount.exe deleted successfully.
C:\WINDOWS\LastGood.Tmp\system32\dllcache\fpexedll.dll deleted successfully.
C:\WINDOWS\LastGood.Tmp\system32\dllcache\fpmmc.dll deleted successfully.
C:\WINDOWS\LastGood.Tmp\system32\dllcache folder deleted successfully.
C:\WINDOWS\LastGood.Tmp\system32 folder deleted successfully.
C:\WINDOWS\LastGood.Tmp folder deleted successfully.
C:\WINDOWS\System32\CONFIG.TMP deleted successfully.
C:\WINDOWS\System32\msxml6.dll.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\aaclient.dll.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\acgenral.dll.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\aclayers.dll.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\acspecfc.dll.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\acxtrnal.dll.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\asycfilt.dll.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\atmlib.dll.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\azroles.dll.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\bitsprx4.dll.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\cfgmgr32.dll.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD102.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD105.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD108.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD10B.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD10E.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD111.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD114.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD117.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD11A.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD11D.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD120.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD123.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD126.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD129.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD12C.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD12F.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD132.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD135.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD138.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD13B.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD13E.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD141.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD144.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD147.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD14A.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD14D.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD150.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD153.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD156.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD159.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD15C.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD15F.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD162.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD165.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD169.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD16D.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD171.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD175.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD179.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD17D.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD181.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD185.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD189.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD18D.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD190.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD194.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD197.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD19B.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD19F.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD1A3.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD1A6.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD1AA.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD1AD.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD1AE.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD1B1.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD1B5.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD1B9.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD1BD.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD1C1.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD1C5.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD1C9.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD1CD.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD1D1.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD1D5.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD1D9.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD1DD.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD1E1.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD1E5.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD1E9.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD1ED.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD1F1.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD1F5.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD1F9.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD1FD.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD201.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD205.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD208.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD20C.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD210.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD214.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD218.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD21C.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD220.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD224.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD228.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD22C.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD230.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD234.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD238.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD23C.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD240.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD244.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD248.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD24C.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD24F.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD253.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD256.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD25A.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD25E.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD262.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD266.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD26A.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD26E.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD272.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD276.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD27A.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD27E.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD282.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD285.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD289.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD28D.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD291.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD295.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD299.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD29D.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD2A1.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD2A5.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD2A9.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD2AC.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD2AF.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD2B2.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD2B5.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD2B8.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD2BB.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD2BE.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD2C1.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD2C4.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD2C7.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD2CA.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD2CD.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD2D0.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD2D3.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD7D.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD81.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD84.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD87.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD8A.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD8D.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD90.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD97.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD9E.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLDA2.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLDA6.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLDAA.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLDAE.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLDB2.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLDB6.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLDBA.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLDBE.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLDC2.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLDC6.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLDCA.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLDCE.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLDD2.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLDD6.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLDDA.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLDDE.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLDE2.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLDE5.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLDE9.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLDEC.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLDF0.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLDF4.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLDF7.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLDFB.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLDFF.tmp deleted successfully.
C:\Documents and Settings\All Users\Application Data\~24698660 moved successfully.
C:\Documents and Settings\All Users\Application Data\~24698660r moved successfully.
C:\Documents and Settings\All Users\Application Data\24698660 moved successfully.
File C:\Documents and Settings\All Users\Application Data\24698660.exe not found.
File C:\Documents and Settings\All Users\Application Data\JtSWvJfiQpeA.exe not found.
C:\Documents and Settings\Jimmy\Local Settings\Application Data\e1i8cp645hqv0g03h401 moved successfully.
C:\Documents and Settings\All Users\Application Data\e1i8cp645hqv0g03h401 moved successfully.
C:\Documents and Settings\Jimmy\Local Settings\Application Data\3842150890 moved successfully.
C:\Documents and Settings\All Users\Application Data\1874102850 moved successfully.
C:\Documents and Settings\All Users\Application Data\3842150890 moved successfully.
C:\Windows XP Repair.lnk moved successfully.
C:\autoexec.bat moved successfully.
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: Jimmy
->Temp folder emptied: 995504834 bytes
->Temporary Internet Files folder emptied: 290027694 bytes
->Java cache emptied: 1383244 bytes
->FireFox cache emptied: 376044819 bytes
->Apple Safari cache emptied: 15265792 bytes
->Flash cache emptied: 254660 bytes
User: LocalService
->Temp folder emptied: 66016 bytes
->Temporary Internet Files folder emptied: 6887071 bytes
->Flash cache emptied: 615 bytes
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 262948995 bytes
->Java cache emptied: 31767 bytes
->Flash cache emptied: 11811 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 67657936 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 13003954 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 275915 bytes
RecycleBin emptied: 365222 bytes
Total Files Cleaned = 1 936,00 mb
[EMPTYFLASH]
User: All Users
User: Default User
User: Jimmy
->Flash cache emptied: 0 bytes
User: LocalService
->Flash cache emptied: 0 bytes
User: NetworkService
->Flash cache emptied: 0 bytes
Total Flash Files Cleaned = 0,00 mb
OTL by OldTimer - Version 3.2.24.1 log created on 06242011_111758
Files\Folders moved on Reboot...
Registry entries deleted on Reboot...
All processes killed
========== OTL ==========
Prefs.js: "Ask.com" removed from browser.search.defaultengine
Prefs.js: "Ask.com" removed from browser.search.defaultenginename
Prefs.js: "Ask.com" removed from browser.search.order.1
Prefs.js: "Ask.com" removed from browser.search.selectedEngine
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
Registry value HKEY_USERS\S-1-5-21-1409082233-1303643608-725345543-1003\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser\\{4ADFE869-0C09-4F41-AD79-A8F1CFA201E8} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4ADFE869-0C09-4F41-AD79-A8F1CFA201E8}\ not found.
Registry value HKEY_USERS\S-1-5-21-1409082233-1303643608-725345543-1003\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\SpyHunter Security Suite deleted successfully.
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\JtSWvJfiQpeA not found.
C:\Documents and Settings\All Users\Application Data\JtSWvJfiQpeA.exe moved successfully.
Registry value HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run\\JtSWvJfiQpeA not found.
File C:\Documents and Settings\All Users\Application Data\JtSWvJfiQpeA.exe not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\SpyHunter Security Suite not found.
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\JtSWvJfiQpeA not found.
File C:\Documents and Settings\All Users\Application Data\JtSWvJfiQpeA.exe not found.
Registry value HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run\\JtSWvJfiQpeA not found.
File C:\Documents and Settings\All Users\Application Data\JtSWvJfiQpeA.exe not found.
Registry value HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDesktop deleted successfully.
Registry value HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\DisableTaskMgr deleted successfully.
Registry key HKEY_USERS\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Recovery\ not found.
Registry value HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDesktop not found.
Registry value HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\DisableTaskMgr not found.
Registry key HKEY_USERS\S-1-5-21-1409082233-1303643608-725345543-1003\Software\Policies\Microsoft\Internet Explorer\Recovery\ deleted successfully.
Registry value HKEY_USERS\S-1-5-21-1409082233-1303643608-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoStrCmpLogical deleted successfully.
Registry value HKEY_USERS\S-1-5-21-1409082233-1303643608-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoSaveSettings deleted successfully.
Registry value HKEY_USERS\S-1-5-21-1409082233-1303643608-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoTrayItemsDisplay deleted successfully.
Registry value HKEY_USERS\S-1-5-21-1409082233-1303643608-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoToolbarsOnTaskbar deleted successfully.
Registry value HKEY_USERS\S-1-5-21-1409082233-1303643608-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\LockTaskbar deleted successfully.
Registry value HKEY_USERS\S-1-5-21-1409082233-1303643608-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoResolveTrack deleted successfully.
Registry value HKEY_USERS\S-1-5-21-1409082233-1303643608-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoResolveSearch deleted successfully.
Registry value HKEY_USERS\S-1-5-21-1409082233-1303643608-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoNetworkConnections deleted successfully.
Registry value HKEY_USERS\S-1-5-21-1409082233-1303643608-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoSMHelp deleted successfully.
Registry value HKEY_USERS\S-1-5-21-1409082233-1303643608-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoFind deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{070f9dfa-ed83-11de-bbd2-b0ee25d73315}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{070f9dfa-ed83-11de-bbd2-b0ee25d73315}\ not found.
File E:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\isee.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{070f9dfa-ed83-11de-bbd2-b0ee25d73315}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{070f9dfa-ed83-11de-bbd2-b0ee25d73315}\ not found.
File E:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\isee.exe not found.
Registry key HKEY_USERS\.DEFAULT\Software\Classes\.exe\ deleted successfully.
Registry key HKEY_USERS\.DEFAULT\Software\Classes\exefile\ deleted successfully.
HKEY_LOCAL_MACHINE\Software\Classes\.exe\\|exefile /E : value set successfully!
Registry key HKEY_USERS\S-1-5-18\Software\Classes\.exe\ not found.
Registry key HKEY_USERS\S-1-5-18\Software\Classes\exefile\ not found.
HKEY_LOCAL_MACHINE\Software\Classes\.exe\\|exefile /E : value set successfully!
C:\Windows XP Repair folder moved successfully.
C:\Documents and Settings\All Users\Application Data\24698660.exe moved successfully.
File C:\Documents and Settings\All Users\Application Data\JtSWvJfiQpeA.exe not found.
C:\WINDOWS\002858_.tmp deleted successfully.
C:\WINDOWS\CF33A0CE702A4E66B91BF995F9DDFD5B.TMP\WiseCustomCall.dll deleted successfully.
C:\WINDOWS\CF33A0CE702A4E66B91BF995F9DDFD5B.TMP\WiseCustomCalla.dll deleted successfully.
C:\WINDOWS\CF33A0CE702A4E66B91BF995F9DDFD5B.TMP\WiseCustomCalla17.dll deleted successfully.
C:\WINDOWS\CF33A0CE702A4E66B91BF995F9DDFD5B.TMP\WiseCustomCalla18.exe deleted successfully.
C:\WINDOWS\CF33A0CE702A4E66B91BF995F9DDFD5B.TMP\WiseCustomCalla19.dll deleted successfully.
C:\WINDOWS\CF33A0CE702A4E66B91BF995F9DDFD5B.TMP\WiseCustomCalla2.dll deleted successfully.
C:\WINDOWS\CF33A0CE702A4E66B91BF995F9DDFD5B.TMP\WiseCustomCalla20.dll deleted successfully.
C:\WINDOWS\CF33A0CE702A4E66B91BF995F9DDFD5B.TMP\WiseCustomCalla21.dll deleted successfully.
C:\WINDOWS\CF33A0CE702A4E66B91BF995F9DDFD5B.TMP\WiseCustomCalla21.exe deleted successfully.
C:\WINDOWS\CF33A0CE702A4E66B91BF995F9DDFD5B.TMP\WiseData.ini deleted successfully.
C:\WINDOWS\CF33A0CE702A4E66B91BF995F9DDFD5B.TMP folder deleted successfully.
C:\WINDOWS\LastGood.Tmp\system32\dllcache\admin.dll deleted successfully.
C:\WINDOWS\LastGood.Tmp\system32\dllcache\admin.exe deleted successfully.
C:\WINDOWS\LastGood.Tmp\system32\dllcache\admwprox.dll deleted successfully.
C:\WINDOWS\LastGood.Tmp\system32\dllcache\adsiis51.dll deleted successfully.
C:\WINDOWS\LastGood.Tmp\system32\dllcache\author.dll deleted successfully.
C:\WINDOWS\LastGood.Tmp\system32\dllcache\author.exe deleted successfully.
C:\WINDOWS\LastGood.Tmp\system32\dllcache\certmap.ocx deleted successfully.
C:\WINDOWS\LastGood.Tmp\system32\dllcache\certwiz.ocx deleted successfully.
C:\WINDOWS\LastGood.Tmp\system32\dllcache\cfgwiz.exe deleted successfully.
C:\WINDOWS\LastGood.Tmp\system32\dllcache\cnfgprts.ocx deleted successfully.
C:\WINDOWS\LastGood.Tmp\system32\dllcache\coadmin.dll deleted successfully.
C:\WINDOWS\LastGood.Tmp\system32\dllcache\fp4amsft.dll deleted successfully.
C:\WINDOWS\LastGood.Tmp\system32\dllcache\fp4anscp.dll deleted successfully.
C:\WINDOWS\LastGood.Tmp\system32\dllcache\fp4apws.dll deleted successfully.
C:\WINDOWS\LastGood.Tmp\system32\dllcache\fp4areg.dll deleted successfully.
C:\WINDOWS\LastGood.Tmp\system32\dllcache\fp4atxt.dll deleted successfully.
C:\WINDOWS\LastGood.Tmp\system32\dllcache\fp4avnb.dll deleted successfully.
C:\WINDOWS\LastGood.Tmp\system32\dllcache\fp4avss.dll deleted successfully.
C:\WINDOWS\LastGood.Tmp\system32\dllcache\fp4awebs.dll deleted successfully.
C:\WINDOWS\LastGood.Tmp\system32\dllcache\fp4awel.dll deleted successfully.
C:\WINDOWS\LastGood.Tmp\system32\dllcache\fp98sadm.exe deleted successfully.
C:\WINDOWS\LastGood.Tmp\system32\dllcache\fp98swin.exe deleted successfully.
C:\WINDOWS\LastGood.Tmp\system32\dllcache\fpcount.exe deleted successfully.
C:\WINDOWS\LastGood.Tmp\system32\dllcache\fpexedll.dll deleted successfully.
C:\WINDOWS\LastGood.Tmp\system32\dllcache\fpmmc.dll deleted successfully.
C:\WINDOWS\LastGood.Tmp\system32\dllcache folder deleted successfully.
C:\WINDOWS\LastGood.Tmp\system32 folder deleted successfully.
C:\WINDOWS\LastGood.Tmp folder deleted successfully.
C:\WINDOWS\System32\CONFIG.TMP deleted successfully.
C:\WINDOWS\System32\msxml6.dll.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\aaclient.dll.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\acgenral.dll.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\aclayers.dll.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\acspecfc.dll.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\acxtrnal.dll.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\asycfilt.dll.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\atmlib.dll.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\azroles.dll.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\bitsprx4.dll.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\cfgmgr32.dll.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD102.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD105.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD108.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD10B.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD10E.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD111.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD114.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD117.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD11A.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD11D.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD120.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD123.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD126.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD129.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD12C.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD12F.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD132.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD135.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD138.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD13B.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD13E.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD141.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD144.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD147.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD14A.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD14D.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD150.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD153.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD156.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD159.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD15C.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD15F.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD162.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD165.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD169.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD16D.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD171.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD175.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD179.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD17D.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD181.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD185.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD189.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD18D.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD190.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD194.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD197.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD19B.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD19F.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD1A3.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD1A6.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD1AA.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD1AD.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD1AE.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD1B1.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD1B5.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD1B9.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD1BD.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD1C1.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD1C5.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD1C9.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD1CD.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD1D1.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD1D5.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD1D9.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD1DD.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD1E1.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD1E5.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD1E9.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD1ED.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD1F1.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD1F5.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD1F9.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD1FD.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD201.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD205.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD208.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD20C.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD210.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD214.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD218.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD21C.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD220.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD224.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD228.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD22C.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD230.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD234.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD238.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD23C.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD240.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD244.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD248.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD24C.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD24F.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD253.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD256.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD25A.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD25E.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD262.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD266.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD26A.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD26E.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD272.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD276.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD27A.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD27E.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD282.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD285.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD289.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD28D.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD291.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD295.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD299.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD29D.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD2A1.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD2A5.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD2A9.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD2AC.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD2AF.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD2B2.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD2B5.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD2B8.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD2BB.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD2BE.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD2C1.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD2C4.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD2C7.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD2CA.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD2CD.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD2D0.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD2D3.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD7D.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD81.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD84.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD87.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD8A.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD8D.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD90.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD97.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLD9E.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLDA2.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLDA6.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLDAA.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLDAE.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLDB2.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLDB6.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLDBA.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLDBE.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLDC2.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLDC6.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLDCA.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLDCE.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLDD2.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLDD6.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLDDA.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLDDE.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLDE2.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLDE5.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLDE9.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLDEC.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLDF0.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLDF4.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLDF7.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLDFB.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\OLDFF.tmp deleted successfully.
C:\Documents and Settings\All Users\Application Data\~24698660 moved successfully.
C:\Documents and Settings\All Users\Application Data\~24698660r moved successfully.
C:\Documents and Settings\All Users\Application Data\24698660 moved successfully.
File C:\Documents and Settings\All Users\Application Data\24698660.exe not found.
File C:\Documents and Settings\All Users\Application Data\JtSWvJfiQpeA.exe not found.
C:\Documents and Settings\Jimmy\Local Settings\Application Data\e1i8cp645hqv0g03h401 moved successfully.
C:\Documents and Settings\All Users\Application Data\e1i8cp645hqv0g03h401 moved successfully.
C:\Documents and Settings\Jimmy\Local Settings\Application Data\3842150890 moved successfully.
C:\Documents and Settings\All Users\Application Data\1874102850 moved successfully.
C:\Documents and Settings\All Users\Application Data\3842150890 moved successfully.
C:\Windows XP Repair.lnk moved successfully.
C:\autoexec.bat moved successfully.
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: Jimmy
->Temp folder emptied: 995504834 bytes
->Temporary Internet Files folder emptied: 290027694 bytes
->Java cache emptied: 1383244 bytes
->FireFox cache emptied: 376044819 bytes
->Apple Safari cache emptied: 15265792 bytes
->Flash cache emptied: 254660 bytes
User: LocalService
->Temp folder emptied: 66016 bytes
->Temporary Internet Files folder emptied: 6887071 bytes
->Flash cache emptied: 615 bytes
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 262948995 bytes
->Java cache emptied: 31767 bytes
->Flash cache emptied: 11811 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 67657936 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 13003954 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 275915 bytes
RecycleBin emptied: 365222 bytes
Total Files Cleaned = 1 936,00 mb
[EMPTYFLASH]
User: All Users
User: Default User
User: Jimmy
->Flash cache emptied: 0 bytes
User: LocalService
->Flash cache emptied: 0 bytes
User: NetworkService
->Flash cache emptied: 0 bytes
Total Flash Files Cleaned = 0,00 mb
OTL by OldTimer - Version 3.2.24.1 log created on 06242011_111758
Files\Folders moved on Reboot...
Registry entries deleted on Reboot...
Re,
Ok, à ton retour relance windows normalement et regarde si y'a du mieux.
Si oui, refais cette manipulation :
Télécharge RogueKiller (de Tigzy) sur ton bureau.
Ferme toutes tes fenêtres, puis double clique sur RogueKiller.exe pour le lancer.
(Utilisateur de Vista/Windows 7 faites un clic droit -> "Exécuter en tant qu'administrateur")
Une fois l'initialisation terminée, choisis l'option 2 et valide.
Laisse l'outil travailler.
Un rapport s'ouvrira, copie-colle son contenu dans ta prochaine réponse
(S'il ne s'ouvre pas, il est enregistré sur le bureau : RKreport.txt)
Ok, à ton retour relance windows normalement et regarde si y'a du mieux.
Si oui, refais cette manipulation :
Télécharge RogueKiller (de Tigzy) sur ton bureau.
(Utilisateur de Vista/Windows 7 faites un clic droit -> "Exécuter en tant qu'administrateur")
(S'il ne s'ouvre pas, il est enregistré sur le bureau : RKreport.txt)
Re, dsl pour le retard, mais j'ai pas pu accéder au pc avant.
Bon j'ai rallumer et ya pas vraiment de différence .
Toujours aucun accès à internet; pas de copier coller, le pc met toujours 30 min à démarrer, etc...
Mais j'ai fait ce que tu m'avais demander avec RogueKiller :
RogueKiller V5.2.5 [24/06/2011] par Tigzy
contact sur http://www.sur-la-toile.com
mail: tigzyRK<at>gmail<dot>com
Remontees: http://www.sur-la-toile.com/discussion-193725-1-BRogueK...
Systeme d'exploitation: Windows XP (5.1.2600 Service Pack 3) 32 bits version
Demarrage : Mode normal
Utilisateur: Jimmy [Droits d'admin]
Mode: Suppression -- Date : 25/06/2011 23:42:37
Processus malicieux: 0
Entrees de registre: 0
Fichier HOSTS:
Termine : << RKreport[1].txt >>
RKreport[1].txt
Bon j'ai rallumer et ya pas vraiment de différence .
Toujours aucun accès à internet; pas de copier coller, le pc met toujours 30 min à démarrer, etc...
Mais j'ai fait ce que tu m'avais demander avec RogueKiller :
RogueKiller V5.2.5 [24/06/2011] par Tigzy
contact sur http://www.sur-la-toile.com
mail: tigzyRK<at>gmail<dot>com
Remontees: http://www.sur-la-toile.com/discussion-193725-1-BRogueK...
Systeme d'exploitation: Windows XP (5.1.2600 Service Pack 3) 32 bits version
Demarrage : Mode normal
Utilisateur: Jimmy [Droits d'admin]
Mode: Suppression -- Date : 25/06/2011 23:42:37
Processus malicieux: 0
Entrees de registre: 0
Fichier HOSTS:
Termine : << RKreport[1].txt >>
RKreport[1].txt
Re,
On va regarder qu'il n'y ait pas d’autres restes, mais si on ne trouve pas plus, il faudra peut-être réparer/réinstaller le système.
Télécharge TDSSKiller de Kaspersky sur ton bureau.
Décompresse-le en faisant clic-droit dessus -> extraire tout... (clique sur "suivant", "suivant" et "Terminer".)
Double clique sur "TDSSKiller.exe" pour lancer l'outil.
(Utilisateur de Vista/Windows 7 : effectue un clic droit sur TDSSKiller.exe et sélectionne "Exécuter en tant qu'administrateur".)
Clique alors sur le bouton "Start Scan".
Laisse le scan s'effectuer.
Dans la fenêtre de résultat :
Si TDSS.tdl2 est détecté l'option delete sera cochée par défaut.
Si TDSS.tdl3 est détecté assure toi que Cure est bien cochée.
Pour la partie "Suspicious object" laisse sur "Skip"
Si TDSS.tdl4 (mbr) est détecté assure toi que Cure est bien coché.
Clique enfin sur "Continue"
Il te sera surement demandé de redémarrer ton pc, fait-le en cliquant sur "Reboot now"
Au redémarrage va chercher le rapport de suppression, il se trouve ici :
C:\ TDSSKiller.x.x.x.x_date_heure_log.txt
Poste son contenu dans ta prochaine réponse.
On va regarder qu'il n'y ait pas d’autres restes, mais si on ne trouve pas plus, il faudra peut-être réparer/réinstaller le système.
Télécharge TDSSKiller de Kaspersky sur ton bureau.
(Utilisateur de Vista/Windows 7 : effectue un clic droit sur TDSSKiller.exe et sélectionne "Exécuter en tant qu'administrateur".)
C:\ TDSSKiller.x.x.x.x_date_heure_log.txt
Poste son contenu dans ta prochaine réponse.
Re, dsl pour le temps de réponse, mais j'ai plus droit au pc donc je suis obliger de faire sa en cachette...
Enfin bref,
Donc, j'ai lancer ton logiciel depuis la clé usb, sa ne marche pas.
Et avec winrar je l'ai déplacer sur le bureau, je l'ai lancer, mais sa ne marche pas nonplu.
Rien ne ce passe.
Je commence à croire que c'est foutu mais j'ai vraiment pas envie de perdre mes données. Pourtant dans mon entourage on m'à dis que défois il était impossible de récupérer ces données et qu'il faut reformater et repartir à zéro.
Enfin bref,
Donc, j'ai lancer ton logiciel depuis la clé usb, sa ne marche pas.
Et avec winrar je l'ai déplacer sur le bureau, je l'ai lancer, mais sa ne marche pas nonplu.
Rien ne ce passe.
Je commence à croire que c'est foutu mais j'ai vraiment pas envie de perdre mes données. Pourtant dans mon entourage on m'à dis que défois il était impossible de récupérer ces données et qu'il faut reformater et repartir à zéro.
Re,
Essaye de me refaire un Malwarebyte's.
Pourquoi tu n'as plus le droit d'approcher le pc, c'est le tien ou celui de tes parents ?
On peut toujours récupérer les données sauf si le disque dur est mort.
On peut faire ceci par exemple pour passer outre ton système endommagé :
http://www.inforumatique.fr/recuperer-des-fichiers-avec...
Essaye de me refaire un Malwarebyte's.
Pourquoi tu n'as plus le droit d'approcher le pc, c'est le tien ou celui de tes parents ?
On peut toujours récupérer les données sauf si le disque dur est mort.
On peut faire ceci par exemple pour passer outre ton système endommagé :
http://www.inforumatique.fr/recuperer-des-fichiers-avec...
Lassé par la pub ? Créez un compte
- Contenus similaires :
- ForumPc redemarre en boucle virus
- ForumPc devenu lent pas de virus
- ForumVirus sur pc
- ForumFormater mon pc car virus et spyware
- ForumPc avec virus
- ForumVirus sur mon pc
- ForumMon pc est infecte par plusieurs virus
- ForumVirus ou autre sur mon pc
- ForumMon pc infecte par un virus
- ForumUn virus rallentis mon pc
- Voir plus
