Se connecter / S'enregistrer
Votre question

virus gendarmerie xp pro pc bloquer

Tags :
  • Virus
  • Sécurité
Dernière réponse : dans Sécurité et virus
3 Mars 2012 21:48:15

bonsoir
j'ai le virus de la gendarmerie, impossiblr
e de faire le mode sans echec car la page gendarmerie s'ouvre aussi, j'ai tout essayé alors j'ai telecharge otlpe puis grave sur cd puis lancer dans le pc infecte mais maintenant je sais plus quoi faire
merci de votre aide j'y suis depuis hier soir et je viens juste de tomber sur votre site

Autres pages sur : virus gendarmerie pro bloquer

4 Mars 2012 00:24:35

OTL logfile created on: 3/4/2012 12:06:00 AM - Run
OTLPE by OldTimer - Version 3.1.48.0 Folder = X:\Programs\OTLPE
Microsoft Windows XP Service Pack 3 (Version = 5.1.2600) - Type = SYSTEM
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

446.00 Mb Total Physical Memory | 200.00 Mb Available Physical Memory | 45.00% Memory free
366.00 Mb Paging File | 242.00 Mb Available in Paging File | 66.00% Paging File free
Paging file location(s): C:\pagefile.sys 672 1344 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74.52 Gb Total Space | 52.11 Gb Free Space | 69.92% Space Free | Partition Type: NTFS
Drive E: | 7.50 Gb Total Space | 7.50 Gb Free Space | 99.99% Space Free | Partition Type: FAT32
Drive X: | 284.12 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: Off | File Age = 30 Days
Using ControlSet: ControlSet002

========== Win32 Services (SafeList) ==========

SRV - [2012/01/19 05:02:55 | 000,909,152 | ---- | M] () [Auto] -- C:\Program Files\Fichiers communs\AVG Secure Search\vToolbarUpdater\10.0.6\ToolbarUpdater.exe -- (vToolbarUpdater)
SRV - [2011/11/10 08:17:31 | 000,167,264 | ---- | M] () [On_Demand] -- C:\Program Files\AVG\AVG8\Toolbar\ToolbarBroker.exe -- (AVG Security Toolbar Service)
SRV - [2010/06/14 07:39:26 | 001,053,424 | ---- | M] () [Auto] -- C:\Program Files\Orange\OrangeUpdate\Service\OUCore.exe -- (Orange update Core Service)
SRV - [2009/08/28 11:45:15 | 000,297,752 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto] -- C:\Program Files\AVG\AVG8\avgwdsvc.exe -- (avg8wd)
SRV - [2007/09/25 13:27:50 | 000,065,536 | ---- | M] (France Telecom SA) [Auto] -- C:\Program Files\Fichiers communs\France Telecom\Shared Modules\FTRTSVC\1\FTRTSVC.exe -- (FTRTSVC)
SRV - [2007/08/09 02:27:52 | 000,073,728 | ---- | M] (HP) [Auto] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12)
SRV - [2005/07/24 17:35:00 | 000,053,248 | ---- | M] (Hewlett-Packard Company) [Auto] -- C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe -- (LightScribeService)
SRV - [2005/01/27 12:16:57 | 000,856,064 | ---- | M] (Nero AG) [Auto] -- C:\Program Files\Ahead\InCD\InCDsrv.exe -- (InCDsrvR) InCD Helper (read only)
SRV - [2003/07/28 13:28:22 | 000,089,136 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
SRV - [2003/06/19 16:25:00 | 000,322,120 | ---- | M] (Microsoft Corporation) [Auto] -- C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE -- (MDM)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand] -- -- (PDCOMP)
DRV - File not found [Kernel | System] -- -- (PCIDump)
DRV - File not found [Kernel | System] -- -- (lbrtfdc)
DRV - File not found [Kernel | System] -- -- (i2omgmt)
DRV - File not found [Kernel | System] -- -- (Changer)
DRV - [2009/08/28 11:46:31 | 000,027,784 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System] -- C:\WINDOWS\System32\Drivers\avgmfx86.sys -- (AvgMfx86)
DRV - [2009/08/28 11:46:30 | 000,335,240 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System] -- C:\WINDOWS\System32\Drivers\avgldx86.sys -- (AvgLdx86)
DRV - [2009/05/20 10:32:18 | 000,108,552 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System] -- C:\WINDOWS\System32\Drivers\avgtdix.sys -- (AvgTdiX)
DRV - [2006/03/01 13:53:54 | 000,032,128 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand] -- C:\WINDOWS\system32\pcandis5.sys -- (PCANDIS5)
DRV - [2005/03/19 13:25:24 | 000,132,608 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\b57xp32.sys -- (b57w2k)
DRV - [2005/03/15 11:04:00 | 000,161,792 | ---- | M] (OmniVision Technologies, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ov530vid.sys -- (ovt530)
DRV - [2005/03/09 08:53:00 | 000,043,008 | ---- | M] (Advanced Micro Devices) [Kernel | System] -- C:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8)
DRV - [2005/03/04 07:21:36 | 000,065,664 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\baspxp32.sys -- (Blfp)
DRV - [2005/02/23 08:58:56 | 000,011,776 | ---- | M] (Arcsoft, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\afc.sys -- (Afc)
DRV - [2005/02/08 16:33:06 | 000,970,240 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2005/02/03 20:16:16 | 000,291,456 | ---- | M] (Roxio) [File_System | System] -- C:\WINDOWS\System32\drivers\Cdudf_xp.sys -- (cdudf_xp)
DRV - [2005/02/03 20:15:46 | 000,024,064 | ---- | M] (Roxio) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\dvd_2k.sys -- (dvd_2K)
DRV - [2005/02/03 20:09:30 | 000,024,832 | ---- | M] (Roxio) [Kernel | System] -- C:\WINDOWS\System32\drivers\cdralw2k.sys -- (Cdralw2k)
DRV - [2005/02/03 20:06:36 | 000,044,288 | ---- | M] (Roxio) [Kernel | System] -- C:\WINDOWS\System32\drivers\cdr4_xp.sys -- (Cdr4_xp)
DRV - [2005/02/03 20:06:34 | 000,141,184 | ---- | M] (Windows (R) 2000 DDK provider) [File_System | System] -- C:\WINDOWS\System32\drivers\DVDVRRdr_xp.sys -- (DVDVRRdr_xp)
DRV - [2005/02/03 20:02:58 | 000,202,368 | ---- | M] (Roxio) [File_System | System] -- C:\WINDOWS\System32\drivers\Udfreadr.sys -- (UDFReadr)
DRV - [2005/02/03 20:01:54 | 000,023,808 | ---- | M] (Roxio) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\mmc_2k.sys -- (mmc_2K)
DRV - [2005/02/03 19:49:48 | 000,117,632 | ---- | M] (Roxio) [Kernel | System] -- C:\WINDOWS\System32\drivers\Pwd_2k.sys -- (pwd_2k)
DRV - [2005/01/27 13:08:08 | 000,008,704 | ---- | M] (Nero AG) [Recognizer | System] -- C:\WINDOWS\System32\drivers\InCDrec.sys -- (InCDrec)
DRV - [2005/01/27 13:08:02 | 000,099,200 | ---- | M] (Nero AG) [File_System | Disabled] -- C:\WINDOWS\System32\drivers\InCDfs.sys -- (InCDfs)
DRV - [2005/01/27 13:07:34 | 000,028,928 | ---- | M] (Nero AG) [Kernel | System] -- C:\WINDOWS\system32\drivers\InCDpass.sys -- (InCDPass)
DRV - [2005/01/27 12:07:28 | 000,027,776 | ---- | M] (Nero AG) [Kernel | System] -- C:\WINDOWS\System32\drivers\InCDrm.sys -- (incdrm)
DRV - [2004/09/21 14:53:18 | 002,278,784 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS -- (ALCXWDM) Service for Realtek AC97 Audio (WDM)
DRV - [2004/08/03 19:29:50 | 000,019,455 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\wVchNTxx.sys -- (iAimFP4)
DRV - [2004/08/03 19:29:48 | 000,012,063 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\wSiINTxx.sys -- (iAimFP3)
DRV - [2004/08/03 19:29:46 | 000,025,471 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\wATV10nt.sys -- (iAimTV5)
DRV - [2004/08/03 19:29:46 | 000,023,615 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\wCh7xxNT.sys -- (iAimTV4)
DRV - [2004/08/03 19:29:46 | 000,022,271 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\wATV06nt.sys -- (iAimTV6)
DRV - [2004/08/03 19:29:44 | 000,033,599 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\wATV04nt.sys -- (iAimTV3)
DRV - [2004/08/03 19:29:44 | 000,019,551 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\wATV02NT.sys -- (iAimTV1)
DRV - [2004/08/03 19:29:42 | 000,029,311 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\wATV01nt.sys -- (iAimTV0)
DRV - [2004/08/03 19:29:42 | 000,011,871 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\wADV09NT.sys -- (iAimFP7)
DRV - [2004/08/03 19:29:40 | 000,011,807 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\wADV07nt.sys -- (iAimFP5)
DRV - [2004/08/03 19:29:40 | 000,011,295 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\wADV08NT.sys -- (iAimFP6)
DRV - [2004/08/03 19:29:38 | 000,161,020 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\i81xnt5.sys -- (i81x)
DRV - [2004/08/03 19:29:38 | 000,012,415 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\wADV01nt.sys -- (iAimFP0)
DRV - [2004/08/03 19:29:38 | 000,012,127 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\wADV02NT.sys -- (iAimFP1)
DRV - [2004/08/03 19:29:38 | 000,011,775 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\wADV05NT.sys -- (iAimFP2)
DRV - [2003/09/23 05:38:34 | 000,034,688 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand] -- C:\WINDOWS\system32\pcampr5.sys -- (PCAMPR5)
DRV - [2002/04/04 01:32:06 | 000,028,416 | R--- | M] (LSI Logic) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\symmpi.sys -- (Symmpi)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie


IE - HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://r.orange.fr/r/Ohome_portail?ref=O_OI_defaultPage
IE - HKU\.DEFAULT\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - Reg Error: Key error. File not found
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\Administrateur_ON_C\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\Administrateur_ON_C\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKU\Administrateur_ON_C\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
IE - HKU\Administrateur_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = http://r.orange.fr/r/Ohome_portail?ref=O_OI_defaultPage
IE - HKU\Administrateur_ON_C\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKU\Administrateur_ON_C\..\URLSearchHook: {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\Orange\SearchURLHook\SearchPageURL.dll ()
IE - HKU\Administrateur_ON_C\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - Reg Error: Key error. File not found
IE - HKU\Administrateur_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\LocalService_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.hp.com

IE - HKU\NetworkService_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.hp.com


FF - HKLM\Software\MozillaPlugins\@pack.google.com/Google Updater;version=14: C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll (Google)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\avg@toolbar: C:\Documents and Settings\All Users\Application Data\AVG Secure Search\10.0.0.7\ [2012/01/19 05:03:47 | 000,000,000 | ---D | M]


O1 HOSTS File: ([2004/08/05 02:00:00 | 000,000,790 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - No CLSID value found.
O2 - BHO: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\10.0.0.7\AVG Secure Search_toolbar.dll ()
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\10.0.0.7\AVG Secure Search_toolbar.dll ()
O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKU\Administrateur_ON_C\..\Toolbar\WebBrowser: (no name) - {A057A204-BACC-4D26-9990-79A187E2698E} - No CLSID value found.
O3 - HKU\Administrateur_ON_C\..\Toolbar\WebBrowser: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKU\Administrateur_ON_C\..\Toolbar\WebBrowser: (no name) - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No CLSID value found.
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [AVG8_TRAY] C:\Program Files\AVG\AVG8\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh)
O4 - HKLM..\Run: [ORAHSSSessionManager] C:\Program Files\Orange\SessionManager\SessionManager.exe (France Telecom SA)
O4 - HKLM..\Run: [ROC_roc_dec12] C:\Program Files\AVG Secure Search\ROC_roc_dec12.exe ()
O4 - HKLM..\Run: [RoxioDragToDisc] C:\Program Files\Roxio\Easy Media Creator 7\Drag to Disc\DrgToDsc.exe (Roxio)
O4 - HKLM..\Run: [SetRefresh] C:\Program Files\Compaq\SetRefresh\SetRefresh.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [SystrayORAHSS] C:\Program Files\Orange\Systray\SystrayApp.exe (France Telecom SA)
O4 - HKLM..\Run: [vProt] C:\Program Files\AVG Secure Search\vprot.exe ()
O4 - HKU\.DEFAULT..\Run: [orangeinside] C:\Documents and Settings\LocalService\Application Data\Orange\OrangeInside\one\OrangeInside.exe (Orange)
O4 - HKU\Administrateur_ON_C..\Run: [MailNotifier] C:\Program Files\Orange\MailNotifier\MailNotifier.exe ()
O4 - HKU\Administrateur_ON_C..\Run: [orangeinside] C:\Documents and Settings\Administrateur\Application Data\Orange\OrangeInside\one\OrangeInside.exe (Orange)
O4 - HKU\Administrateur_ON_C..\Run: [PhotoShow Deluxe Media Manager] C:\Program Files\Ahead\Nero PhotoShow\data\Xtras\mssysmgr.exe (Ahead Software)
O4 - HKU\Administrateur_ON_C..\Run: [qscyblhq] C:\documents and settings\administrateur\local settings\application data\qscyblhq.exe (téléphonais)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: CDRAutoRun = 0
O7 - HKU\Administrateur_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\LocalService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\NetworkService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra 'Tools' menuitem : Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\NPJPI150.dll (Sun Microsystems, Inc.)
O16 - DPF: {5A779DC0-837B-4590-AC42-C7C0847478C5} http://logicielsgratuits.orange.fr/download_service/Ins... (OrangeInstaller_ModuleIE Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.5.0/jinstall-1_5_0-windows... (Java Plug-in 1.5.0)
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} http://game13.zylom.com/activex/zylomgamesplayer.cab (Zylom Games Player)
O16 - DPF: {CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0-windows... (Java Plug-in 1.5.0)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Fichiers communs\Microsoft Shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files\Fichiers communs\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Fichiers communs\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Fichiers communs\AVG Secure Search\ViProtocolInstaller\10.0.6\ViProtocol.dll ()
O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe ()
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O20 - Winlogon\Notify\avgrsstarter: DllName - avgrsstx.dll - C:\WINDOWS\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
O24 - Desktop WallPaper: B:\Documents and Settings\Default User\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: B:\Documents and Settings\Default User\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/03/24 06:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

========== Files/Folders - Created Within 30 Days ==========

[2011/12/14 09:58:34 | 000,778,240 | ---- | C] (téléphonais) -- C:\Documents and Settings\Administrateur\Local Settings\Application Data\qscyblhq.exe
[2009/09/03 11:41:38 | 000,262,144 | ---- | C] (olivier) -- C:\Documents and Settings\Administrateur\Local Settings\Application Data\ewohy.exe
[2005/05/11 16:36:48 | 000,012,288 | ---- | C] (Hewlett-Packard Co.) -- C:\WINDOWS\Fonts\RandFont.dll
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/03/03 22:34:12 | 003,670,016 | ---- | M] () -- C:\Documents and Settings\Administrateur\ntuser.dat
[2012/03/03 19:53:37 | 000,262,144 | ---- | M] () -- C:\WINDOWS\system32\config\systemprofile\ntuser.dat
[2012/03/03 12:35:06 | 000,001,056 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2012/03/03 12:35:00 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012/03/03 12:33:03 | 000,001,052 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2012/03/03 12:32:57 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2012/03/03 12:32:43 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012/03/03 12:32:38 | 468,242,432 | -HS- | M] () -- C:\hiberfil.sys
[2012/03/03 04:29:02 | 000,229,376 | ---- | M] () -- C:\Documents and Settings\NetworkService\NTUSER.DAT
[2012/03/03 04:28:52 | 000,000,284 | -HS- | M] () -- C:\Documents and Settings\Administrateur\ntuser.ini
[2012/03/02 06:00:00 | 000,000,384 | ---- | M] () -- C:\WINDOWS\tasks\HPpromotions journeysoftware.job
[2012/03/02 05:05:00 | 000,001,000 | ---- | M] () -- C:\WINDOWS\tasks\Google Software Updater.job
[2012/03/02 04:26:50 | 000,003,624 | ---- | M] () -- C:\Documents and Settings\Administrateur\Local Settings\Application Data\qscyblhq_navps.dat
[2012/03/02 04:26:27 | 000,003,392 | ---- | M] () -- C:\Documents and Settings\Administrateur\Local Settings\Application Data\qscyblhq.dat
[2012/03/02 03:45:14 | 090,848,072 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\incavi.avm
[2012/03/01 08:03:40 | 000,262,144 | ---- | M] () -- C:\Documents and Settings\LocalService\NTUSER.DAT
[2012/02/28 04:13:31 | 000,002,003 | ---- | M] () -- C:\Documents and Settings\Administrateur\Bureau\imp
[2012/02/28 04:13:15 | 000,002,003 | ---- | M] () -- C:\Documents and Settings\Administrateur\Bureau\retraite
[2012/02/23 06:16:08 | 000,326,518 | ---- | M] () -- C:\Documents and Settings\Administrateur\Local Settings\Application Data\qscyblhq_nav.dat
[2012/02/19 10:50:31 | 000,000,229 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Google.url
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/03/03 12:32:38 | 468,242,432 | -HS- | C] () -- C:\hiberfil.sys
[2012/02/28 04:13:31 | 000,002,003 | ---- | C] () -- C:\Documents and Settings\Administrateur\Bureau\imp
[2012/02/28 04:13:15 | 000,002,003 | ---- | C] () -- C:\Documents and Settings\Administrateur\Bureau\retraite
[2011/12/14 09:59:01 | 000,326,518 | ---- | C] () -- C:\Documents and Settings\Administrateur\Local Settings\Application Data\qscyblhq_nav.dat
[2011/12/14 09:59:01 | 000,003,624 | ---- | C] () -- C:\Documents and Settings\Administrateur\Local Settings\Application Data\qscyblhq_navps.dat
[2011/12/14 09:59:01 | 000,003,392 | ---- | C] () -- C:\Documents and Settings\Administrateur\Local Settings\Application Data\qscyblhq.dat
[2011/10/09 04:21:26 | 000,000,221 | ---- | C] () -- C:\WINDOWS\NCLogConfig.ini
[2009/06/10 07:44:35 | 000,354,816 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2009/04/12 12:35:46 | 000,000,227 | ---- | C] () -- C:\WINDOWS\HP_CounterReport_Update_HPSU.ini
[2009/04/12 12:35:32 | 000,000,214 | ---- | C] () -- C:\WINDOWS\HP_48BitScanUpdatePatch.ini
[2009/04/12 12:30:27 | 000,000,234 | ---- | C] () -- C:\WINDOWS\PrnHlpLogConfig.ini
[2009/04/12 12:30:07 | 000,000,214 | ---- | C] () -- C:\WINDOWS\HP_InstantSHareJPG.ini
[2009/04/12 12:29:36 | 000,000,217 | ---- | C] () -- C:\WINDOWS\HP_IZClosingDiscErrorPatch.ini
[2009/04/12 12:22:09 | 000,000,221 | ---- | C] () -- C:\WINDOWS\HP_RedboxHprblog_HPSU.ini
[2009/02/08 05:50:10 | 000,000,000 | ---- | C] () -- C:\WINDOWS\hpqEmlSz.INI
[2008/06/07 05:55:07 | 000,000,086 | ---- | C] () -- C:\WINDOWS\System32\netwbix32.dll
[2008/05/14 11:42:06 | 001,805,711 | ---- | C] () -- C:\Documents and Settings\Administrateur\unnamed.dat
[2008/04/17 13:38:34 | 000,000,151 | ---- | C] () -- C:\WINDOWS\PhotoSnapViewer.INI
[2008/03/02 02:37:05 | 000,003,584 | ---- | C] () -- C:\Documents and Settings\Administrateur\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/01/27 09:53:04 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2007/09/01 02:20:30 | 000,077,824 | R--- | C] () -- C:\WINDOWS\System32\hpzids01.dll
[2007/09/01 02:17:18 | 000,090,425 | ---- | C] () -- C:\WINDOWS\hpoins06.dat
[2007/09/01 02:17:18 | 000,005,389 | ---- | C] () -- C:\WINDOWS\hpomdl06.dat
[2006/10/11 12:05:37 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Administrateur\Local Settings\Application Data\imageCache7.db
[2006/08/22 09:08:26 | 000,084,624 | ---- | C] () -- C:\Documents and Settings\Administrateur\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2006/08/18 05:44:31 | 003,670,016 | ---- | C] () -- C:\Documents and Settings\Administrateur\ntuser.dat
[2006/08/18 04:40:44 | 000,000,385 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2006/08/17 20:12:20 | 000,156,672 | ---- | C] () -- C:\WINDOWS\System32\RTLCPAPI.dll
[2006/08/17 20:11:31 | 000,073,845 | ---- | C] () -- C:\WINDOWS\System32\atiicdxx.dat
[2006/08/17 20:07:02 | 000,000,658 | ---- | C] () -- C:\WINDOWS\win.ini
[2006/08/17 20:07:02 | 000,000,037 | ---- | C] () -- C:\WINDOWS\vbaddin.ini
[2006/08/17 20:07:02 | 000,000,036 | ---- | C] () -- C:\WINDOWS\vb.ini
[2006/08/17 20:06:26 | 000,001,147 | ---- | C] () -- C:\WINDOWS\System32\vwipxspx.exe
[2006/08/17 20:06:05 | 000,000,882 | ---- | C] () -- C:\WINDOWS\System32\share.exe
[2006/08/17 20:06:04 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2006/08/17 20:05:55 | 000,000,363 | ---- | C] () -- C:\WINDOWS\System32\prodspec.ini
[2006/08/17 20:05:53 | 000,001,293 | ---- | C] () -- C:\WINDOWS\System32\perffilt.ini
[2006/08/17 20:05:33 | 000,004,605 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2006/08/17 20:05:21 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2006/08/17 20:05:14 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2006/08/17 20:04:55 | 000,000,817 | ---- | C] () -- C:\WINDOWS\System32\mscdexnt.exe
[2006/08/17 20:04:45 | 000,001,187 | ---- | C] () -- C:\WINDOWS\System32\loadfix.com
[2006/08/17 20:04:29 | 000,000,882 | ---- | C] () -- C:\WINDOWS\System32\fastopen.exe
[2006/08/17 20:03:17 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2006/08/17 20:03:10 | 000,000,231 | ---- | C] () -- C:\WINDOWS\system.ini
[2006/08/17 20:02:21 | 000,001,405 | ---- | C] () -- C:\WINDOWS\msdfmap.ini
[2006/08/17 20:02:15 | 000,000,000 | ---- | C] () -- C:\WINDOWS\control.ini
[2006/08/17 19:49:15 | 000,000,847 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2006/08/17 11:27:47 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2006/08/17 11:23:51 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeW7.dll
[2006/08/17 11:23:51 | 000,200,704 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeA6.dll
[2006/08/17 11:23:51 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeP6.dll
[2006/08/17 11:23:51 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeM6.dll
[2006/08/17 11:23:51 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\IVIresizePX.dll
[2006/08/17 11:23:51 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\IVIresize.dll
[2006/08/17 11:23:14 | 000,040,448 | ---- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2006/08/17 11:20:14 | 000,000,137 | ---- | C] () -- C:\Documents and Settings\Administrateur\Local Settings\Application Data\fusioncache.dat
[2006/08/17 11:13:35 | 000,262,144 | ---- | C] () -- C:\WINDOWS\system32\config\systemprofile\ntuser.dat
[2004/08/23 09:19:56 | 000,000,488 | RH-- | C] () -- C:\WINDOWS\System32\logonui.exe.manifest
[2004/08/23 09:17:56 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\cdplayer.exe.manifest
[2004/08/23 09:13:47 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2004/08/23 09:12:42 | 000,000,020 | -HS- | C] () -- C:\Documents and Settings\NetworkService\ntuser.ini
[2004/08/23 09:12:41 | 000,229,376 | ---- | C] () -- C:\Documents and Settings\NetworkService\NTUSER.DAT
[2004/08/23 09:12:25 | 000,000,020 | -HS- | C] () -- C:\Documents and Settings\LocalService\ntuser.ini
[2004/08/23 09:12:24 | 000,262,144 | ---- | C] () -- C:\Documents and Settings\LocalService\NTUSER.DAT
[2004/08/23 09:12:24 | 000,000,284 | -HS- | C] () -- C:\Documents and Settings\Administrateur\ntuser.ini
[2004/08/23 09:12:19 | 004,847,614 | -H-- | C] () -- C:\Documents and Settings\Administrateur\Local Settings\Application Data\IconCache.db
[2004/08/16 05:36:00 | 001,077,874 | ---- | C] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2004/08/16 05:36:00 | 000,489,792 | ---- | C] () -- C:\WINDOWS\System32\perfh00C.dat
[2004/08/16 05:36:00 | 000,419,030 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2004/08/16 05:36:00 | 000,086,288 | ---- | C] () -- C:\WINDOWS\System32\perfc00C.dat
[2004/08/16 05:36:00 | 000,070,232 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2004/08/16 05:32:10 | 000,309,192 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2004/08/16 05:25:12 | 000,004,205 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2004/08/16 05:20:30 | 000,021,892 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2004/08/05 04:00:00 | 000,355,112 | ---- | C] () -- C:\WINDOWS\System32\msjetoledb40.dll
[2004/08/05 04:00:00 | 000,157,696 | ---- | C] () -- C:\WINDOWS\System32\paqsp.dll
[2004/08/05 04:00:00 | 000,059,392 | ---- | C] () -- C:\WINDOWS\System32\dvdplay.exe
[2004/08/04 02:54:50 | 000,205,312 | ---- | C] () -- C:\WINDOWS\explorer.exe
[2004/08/04 02:54:38 | 000,270,848 | ---- | C] () -- C:\WINDOWS\System32\sbe.dll
[2004/08/04 02:54:34 | 000,014,336 | ---- | C] () -- C:\WINDOWS\System32\msdmo.dll
[2004/08/04 02:54:26 | 000,186,880 | ---- | C] () -- C:\WINDOWS\System32\encdec.dll
[2004/08/04 02:54:24 | 000,253,440 | ---- | C] () -- C:\WINDOWS\System32\compatui.dll
[2004/08/04 02:54:22 | 000,070,656 | ---- | C] () -- C:\WINDOWS\System32\amstream.dll
[2004/08/04 02:53:42 | 000,733,696 | ---- | C] () -- C:\WINDOWS\System32\qedwipes.dll
[2004/08/04 00:51:28 | 000,054,080 | ---- | C] () -- C:\WINDOWS\System32\dosx.exe
[2004/08/04 00:48:48 | 000,003,352 | ---- | C] () -- C:\WINDOWS\System32\redir.exe
[2004/08/04 00:46:56 | 000,042,537 | ---- | C] () -- C:\WINDOWS\System32\keyboard.sys
[2004/08/04 00:45:26 | 000,034,000 | ---- | C] () -- C:\WINDOWS\System32\ntio.sys
[2004/08/04 00:45:16 | 000,035,424 | ---- | C] () -- C:\WINDOWS\System32\ntio412.sys
[2004/08/04 00:45:16 | 000,034,560 | ---- | C] () -- C:\WINDOWS\System32\ntio404.sys
[2004/08/04 00:45:14 | 000,034,560 | ---- | C] () -- C:\WINDOWS\System32\ntio804.sys
[2004/08/04 00:45:12 | 000,035,648 | ---- | C] () -- C:\WINDOWS\System32\ntio411.sys
[2004/07/17 13:46:14 | 000,053,478 | ---- | C] () -- C:\WINDOWS\System32\tcpmon.ini
[2003/04/01 03:58:02 | 000,005,260 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2001/08/23 19:47:20 | 000,015,360 | ---- | C] () -- C:\WINDOWS\System32\tsd32.dll
[2001/08/23 19:47:16 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\scriptpw.dll
[2001/08/23 19:47:10 | 000,094,282 | ---- | C] () -- C:\WINDOWS\System32\msencode.dll
[2001/08/23 19:47:06 | 000,199,168 | ---- | C] () -- C:\WINDOWS\System32\ir32_32.dll
[2001/08/23 18:48:02 | 000,322,810 | ---- | C] () -- C:\WINDOWS\System32\perfi00C.dat
[2001/08/23 18:48:02 | 000,034,108 | ---- | C] () -- C:\WINDOWS\System32\perfd00C.dat
[2001/08/23 18:47:52 | 000,003,258 | ---- | C] () -- C:\WINDOWS\System32\nw16.exe
[2001/08/23 18:47:50 | 000,012,067 | ---- | C] () -- C:\WINDOWS\System32\setver.exe
[2001/08/23 18:47:44 | 000,027,916 | ---- | C] () -- C:\WINDOWS\System32\ntdos.sys
[2001/08/23 18:47:38 | 000,007,116 | ---- | C] () -- C:\WINDOWS\System32\nlsfunc.exe
[2001/08/23 18:47:36 | 000,039,434 | ---- | C] () -- C:\WINDOWS\System32\mem.exe
[2001/08/23 18:47:32 | 000,014,841 | ---- | C] () -- C:\WINDOWS\System32\kb16.com
[2001/08/23 18:47:30 | 000,004,912 | ---- | C] () -- C:\WINDOWS\System32\himem.sys
[2001/08/23 18:47:28 | 000,019,902 | ---- | C] () -- C:\WINDOWS\System32\graphics.com
[2001/08/23 18:47:24 | 000,008,424 | ---- | C] () -- C:\WINDOWS\System32\exe2bin.exe
[2001/08/23 18:47:22 | 000,013,010 | ---- | C] () -- C:\WINDOWS\System32\edlin.exe
[2001/08/23 18:47:18 | 000,021,162 | ---- | C] () -- C:\WINDOWS\System32\debug.exe
[2001/08/23 18:47:14 | 000,052,103 | ---- | C] () -- C:\WINDOWS\System32\command.com
[2001/08/23 18:47:08 | 000,012,642 | ---- | C] () -- C:\WINDOWS\System32\append.exe
[2001/08/23 18:47:06 | 000,009,037 | ---- | C] () -- C:\WINDOWS\System32\ansi.sys
[2001/08/23 17:49:02 | 000,027,768 | ---- | C] () -- C:\WINDOWS\System32\tslabels.ini
[2001/08/23 17:48:54 | 000,015,937 | ---- | C] () -- C:\WINDOWS\System32\rsvp.ini
[2001/08/23 17:48:54 | 000,014,073 | ---- | C] () -- C:\WINDOWS\System32\pschdprf.ini
[2001/08/23 17:48:54 | 000,006,212 | ---- | C] () -- C:\WINDOWS\System32\rasctrs.ini
[2001/08/23 17:48:20 | 000,071,102 | ---- | C] () -- C:\WINDOWS\System32\edit.com
[2001/08/23 17:46:00 | 000,020,727 | ---- | C] () -- C:\WINDOWS\System32\mqperf.ini
[2001/08/23 17:46:00 | 000,003,030 | ---- | C] () -- C:\WINDOWS\System32\perfci.ini
[2001/08/23 17:46:00 | 000,002,994 | ---- | C] () -- C:\WINDOWS\System32\perfwci.ini
[2001/08/23 17:44:56 | 000,003,914 | ---- | C] () -- C:\WINDOWS\System32\msdtcprf.ini
[2001/08/17 23:31:58 | 000,042,809 | ---- | C] () -- C:\WINDOWS\System32\key01.sys
[2001/08/17 23:31:58 | 000,027,097 | ---- | C] () -- C:\WINDOWS\System32\country.sys
[2001/08/17 23:31:52 | 000,029,274 | ---- | C] () -- C:\WINDOWS\System32\ntdos412.sys
[2001/08/17 23:31:48 | 000,029,370 | ---- | C] () -- C:\WINDOWS\System32\ntdos411.sys
[2001/08/17 23:31:48 | 000,029,146 | ---- | C] () -- C:\WINDOWS\System32\ntdos404.sys
[2001/08/17 23:31:46 | 000,029,146 | ---- | C] () -- C:\WINDOWS\System32\ntdos804.sys
[2001/08/17 23:30:26 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2001/08/17 23:30:26 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2001/08/17 23:15:40 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2001/08/17 23:13:26 | 000,002,656 | ---- | C] () -- C:\WINDOWS\System32\netware.drv
[2001/08/17 21:55:06 | 001,015,477 | ---- | C] () -- C:\WINDOWS\System32\esentprf.ini
[2001/07/22 00:36:50 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2001/07/22 00:36:06 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2001/07/22 00:15:52 | 000,013,312 | ---- | C] () -- C:\WINDOWS\System32\win87em.dll
[2001/07/06 08:30:00 | 000,003,279 | ---- | C] () -- C:\WINDOWS\System32\HPTCPMON.INI

========== LOP Check ==========

[2011/12/04 10:47:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrateur\Application Data\AVG Secure Search
[2008/06/07 09:46:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrateur\Application Data\AVGTOOLBAR
[2008/06/07 06:25:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrateur\Application Data\Grisoft
[2011/10/29 05:22:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrateur\Application Data\Orange
[2006/12/03 11:22:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrateur\Application Data\Simple Star
[2010/08/01 12:50:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrateur\Application Data\Snapfish
[2006/08/22 09:08:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrateur\Application Data\Template
[2009/06/23 08:11:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\AVGTOOLBAR
[2011/11/05 04:06:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\Orange
[2012/01/19 05:03:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG Secure Search
[2010/10/28 07:52:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG Security Toolbar
[2008/01/27 07:41:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\avg7(2)
[2011/12/04 07:56:19 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Common Files
[2008/06/07 08:26:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Grisoft
[2008/01/27 07:41:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Grisoft(2)
[2011/07/28 07:50:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Orange
[2006/10/06 08:35:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Retrospect
[2009/04/12 13:15:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Zylom

========== Purity Check ==========



========== Custom Scans ==========


< %SYSTEMDRIVE%\*.exe >


< MD5 for: AGP440.SYS >
[2004/08/05 07:00:00 | 018,779,217 | ---- | M] () .cab file -- C:\i386\sp2.cab:AGP440.sys
[2004/08/05 02:00:00 | 018,779,217 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2009/04/17 09:16:21 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
[2009/04/17 09:16:21 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys
[2008/04/13 13:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008/04/13 13:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys

< MD5 for: ATAPI.SYS >
[2004/08/05 07:00:00 | 018,779,217 | ---- | M] () .cab file -- C:\i386\sp2.cab:atapi.sys
[2004/08/05 02:00:00 | 018,779,217 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2009/04/17 09:16:21 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2009/04/17 09:16:21 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008/04/13 13:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008/04/13 13:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004/08/03 15:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys
[2004/08/04 00:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0000\DriverFiles\i386\atapi.sys

< MD5 for: EVENTLOG.DLL >
[2004/08/04 02:54:26 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=21E83876A6287F15538EF187D286FE11 -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll
[2008/04/13 21:33:24 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=4EC800BDF80521B0207BD2301DFC7D14 -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008/04/13 21:33:24 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=4EC800BDF80521B0207BD2301DFC7D14 -- C:\WINDOWS\system32\eventlog.dll

< MD5 for: NETLOGON.DLL >
[2008/04/13 21:33:34 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=04821179C3171554C1BD1F9888A113E2 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2008/04/13 21:33:34 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=04821179C3171554C1BD1F9888A113E2 -- C:\WINDOWS\system32\netlogon.dll
[2004/08/04 02:54:36 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=FAF07FDCDE76000621A28D19F8E2E8EB -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll

< MD5 for: SCECLI.DLL >
[2008/04/13 21:33:40 | 000,187,392 | ---- | M] (Microsoft Corporation) MD5=973B36634C544948C663E8269AA1B3A3 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008/04/13 21:33:40 | 000,187,392 | ---- | M] (Microsoft Corporation) MD5=973B36634C544948C663E8269AA1B3A3 -- C:\WINDOWS\system32\scecli.dll
[2004/08/04 02:54:38 | 000,186,368 | ---- | M] (Microsoft Corporation) MD5=DEC0397F35D027874804EC72979D03CC -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[2011/03/03 01:55:26 | 000,149,504 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\dnsapi.dll
[2011/04/26 03:06:10 | 011,081,728 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\ieframe.dll
[2011/04/25 11:06:09 | 001,991,680 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\iertutil.dll
[2008/04/13 21:33:33 | 000,281,600 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\mstask.dll
[2008/04/13 21:33:36 | 000,067,072 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\ntdsapi.dll
[2011/01/21 09:44:12 | 008,518,656 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\shell32.dll
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\Tasks\*.job /lockedfiles >
< End of report >
VOILA LE RESULTAT DU SCAN DE OTL.TXT
MAINTENANT JE FAIT COMMENT MERCI DE VOS REPONSES
JE NE SAIS PLUS QUOI FAIRE
Tom's guide dans le monde
  • Allemagne
  • Italie
  • Irlande
  • Royaume Uni
  • Etats Unis
Suivre Tom's Guide
Inscrivez-vous à la Newsletter
  • ajouter à twitter
  • ajouter à facebook
  • ajouter un flux RSS