résultat des rapports d'analyse - pour pc piraté par keylogg

Sécurité et insécurité. Virus, Trojans, Spywares, Failles etc. …

Modérateur: Modérateurs et Modératrices

Règles du forum
Assiste.com a suspendu l'assistance à la décontamination après presque 15 ans sur l'ancien forum puis celui-ci. Voir :

Procédure de décontamination 1 - Anti-malware
Décontamination anti-malwares

Procédure de décontamination 2 - Anti-malware et antivirus (La Manip)
La Manip - Procédure standard de décontamination

Entretien périodique d'un PC sous Windows
Entretien périodique d'un PC sous Windows

Protection des navigateurs, de la navigation et de la vie privée
Protéger le navigateur, la navigation et la vie privée

résultat des rapports d'analyse - pour pc piraté par keylogg

Messagede statue0065 » 10 Déc 2010, 19:48

Voilà, ça a été long....mais bon, en attendant que le dernier scan OTL soit terminé, voici le rapport de malwarebyte :

Malwarebytes' Anti-Malware 1.50
www.malwarebytes.org

Version de la base de données: 5289

Windows 6.0.6001 Service Pack 1
Internet Explorer 8.0.6001.18975

10/12/2010 19:34:14
mbam-log-2010-12-10 (19-34-14).txt

Type d'examen: Examen rapide
Elément(s) analysé(s): 141696
Temps écoulé: 27 minute(s), 22 seconde(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
(Aucun élément nuisible détecté)
statue0065
 
Messages: 43
Inscription: 10 Déc 2010, 02:25

Messagede statue0065 » 10 Déc 2010, 19:56

J'ai contacté mon fournisseur internet aujourd'hui pour modifier mon accès réseau (clé réseau), chose faite. Par contre, j'espère que je n'ai pas fait ça pour rien?



OTL tourne toujours pour l'instant.
Merci
PS :pourvu qu'il n'y ait plus rien...
statue0065
 
Messages: 43
Inscription: 10 Déc 2010, 02:25

Messagede statue0065 » 10 Déc 2010, 20:30

OTL logfile created on: 10/12/2010 19:38:01 - Run 1
OTL by OldTimer - Version 3.2.17.3 Folder = C:\Users\vivi\Downloads
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18975)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

1 013,00 Mb Total Physical Memory | 190,00 Mb Available Physical Memory | 19,00% Memory free
2,00 Gb Paging File | 1,00 Gb Available in Paging File | 43,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 106,70 Gb Total Space | 78,74 Gb Free Space | 73,79% Space Free | Partition Type: NTFS
Drive D: | 5,09 Gb Total Space | 1,21 Gb Free Space | 23,83% Space Free | Partition Type: NTFS

Computer Name: PC | User Name: vivi | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2010/12/10 18:49:31 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\vivi\Downloads\OTL.exe
PRC - [2010/12/10 17:22:32 | 002,069,344 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgtray.exe
PRC - [2010/12/10 17:22:22 | 000,515,424 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgrsx.exe
PRC - [2010/12/10 17:22:20 | 000,621,920 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgnsx.exe
PRC - [2010/12/10 17:22:09 | 000,308,136 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgwdsvc.exe
PRC - [2010/12/10 17:21:56 | 000,596,560 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\Identity Protection\agent\bin\avgidsmonitor.exe
PRC - [2010/12/10 17:21:55 | 005,897,808 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\Identity Protection\Agent\Bin\AVGIDSAgent.exe
PRC - [2010/12/10 17:21:00 | 002,331,544 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgfws9.exe
PRC - [2010/12/10 17:20:52 | 000,921,952 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgemc.exe
PRC - [2010/12/10 17:20:51 | 000,725,344 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgcsrvx.exe
PRC - [2010/12/10 17:20:48 | 001,101,152 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgchsvx.exe
PRC - [2010/12/10 17:20:38 | 000,842,592 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgam.exe
PRC - [2010/12/10 14:39:27 | 001,047,904 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgupd.exe
PRC - [2010/12/10 11:57:38 | 000,016,856 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\plugin-container.exe
PRC - [2010/12/10 11:57:35 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2010/10/27 09:20:10 | 003,804,912 | ---- | M] (SuperHideIP.Com) -- C:\Program Files\SuperHideIP\SuperHideIP.exe
PRC - [2010/09/07 17:12:02 | 002,838,912 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2010/09/07 17:11:59 | 000,040,384 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2009/09/29 17:15:02 | 002,927,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2009/08/19 10:31:42 | 007,418,368 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\soffice.bin
PRC - [2009/08/19 10:31:40 | 007,424,000 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\soffice.exe
PRC - [2006/11/02 10:24:10 | 000,491,606 | ---- | M] () -- C:\PROGRA~1\HEWLET~1\Shared\HPQTOA~1.EXE
PRC - [2005/07/12 18:54:32 | 000,278,528 | ---- | M] () -- C:\Program Files\Philips\SPC 200NC PC Camera\TrayMin200.exe
PRC - [2004/06/09 14:37:02 | 000,040,960 | ---- | M] (BIGDOG) -- C:\WINDOWS\VM_STI.EXE


========== Modules (SafeList) ==========

MOD - [2010/12/10 18:49:31 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\vivi\Downloads\OTL.exe
MOD - [2010/12/10 17:22:21 | 000,012,536 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\avgrsstx.dll
MOD - [2010/09/20 10:25:01 | 000,231,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msshsq.dll
MOD - [2010/08/31 16:39:57 | 001,684,480 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18523_none_5cdd65e20837faf2\comctl32.dll
MOD - [2009/09/29 19:34:56 | 000,241,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\PortableDeviceApi.dll
MOD - [2009/09/29 17:49:05 | 002,386,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\WMVCORE.DLL
MOD - [2009/09/29 17:00:59 | 000,712,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\WindowsCodecs.dll
MOD - [2008/11/27 05:35:06 | 001,748,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\GdiPlus.dll
MOD - [2008/01/19 08:38:03 | 000,242,744 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\rsaenh.dll
MOD - [2008/01/19 08:36:58 | 000,223,232 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\WMASF.DLL
MOD - [2008/01/19 08:36:40 | 000,080,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\thumbcache.dll
MOD - [2008/01/19 08:36:10 | 000,225,792 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\SLC.dll
MOD - [2008/01/19 08:35:58 | 000,063,488 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ntlanman.dll
MOD - [2008/01/19 08:35:37 | 002,226,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\networkexplorer.dll
MOD - [2008/01/19 08:34:07 | 000,183,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\duser.dll
MOD - [2008/01/19 08:34:00 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\cscapi.dll
MOD - [2008/01/19 08:33:42 | 000,326,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\actxprxy.dll
MOD - [2006/11/02 13:34:33 | 000,009,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\IconCodecService.dll
MOD - [2006/11/02 13:34:32 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\davclnt.dll
MOD - [2006/11/02 10:46:04 | 000,017,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drprov.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (CLTNetCnService)
SRV - [2010/12/10 17:22:09 | 000,308,136 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG9\avgwdsvc.exe -- (avg9wd)
SRV - [2010/12/10 17:21:55 | 005,897,808 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG9\Identity Protection\Agent\Bin\AVGIDSAgent.exe -- (AVGIDSAgent)
SRV - [2010/12/10 17:21:00 | 002,331,544 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG9\avgfws9.exe -- (avgfws9)
SRV - [2010/12/10 17:20:52 | 000,921,952 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG9\avgemc.exe -- (avg9emc)
SRV - [2010/10/06 11:31:48 | 000,517,448 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\AVG\AVG9\Toolbar\ToolbarBroker.exe -- (AVG Security Toolbar Service)
SRV - [2010/09/07 17:11:59 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Web Scanner)
SRV - [2010/09/07 17:11:59 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Mail Scanner)
SRV - [2010/09/07 17:11:59 | 000,040,384 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2010/03/18 12:16:28 | 000,753,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe -- (WPFFontCache_v0400)
SRV - [2010/03/18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2008/01/19 08:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)
SRV - [2006/06/26 09:50:08 | 000,126,976 | ---- | M] (Hewlett-Packard Development Company, L.P.) [On_Demand | Stopped] -- C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\AddFiltr.exe -- (AddFiltr)
SRV - [2004/10/22 03:24:18 | 000,073,728 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Program Files\Roxio\Roxio MyDVD Basic v9\InstallShield\Driver\1050\Intel 32\IDriverT.exe -- (IDriverT)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | System | Stopped] -- C:\Windows\System32\drivers\SandBox.sys -- (SandBox)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\blbdrive.sys -- (blbdrive)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Filt\ASWFilt.dll -- (ASWFilt)
DRV - File not found [Kernel | System | Stopped] -- C:\Windows\System32\DRIVERS\afw.sys -- (afw)
DRV - [2010/12/10 17:22:29 | 000,243,024 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\Drivers\avgtdix.sys -- (AvgTdiX)
DRV - [2010/12/10 17:22:20 | 000,029,584 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\System32\Drivers\avgmfx86.sys -- (AvgMfx86)
DRV - [2010/12/10 17:21:59 | 000,025,168 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\AVGIDSvx.sys -- (AVGIDSErHrvtx)
DRV - [2010/12/10 17:21:58 | 000,122,448 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Program Files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_Vista\AVGIDSDriver.sys -- (AVGIDSDrivervtx)
DRV - [2010/12/10 17:21:58 | 000,030,288 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Program Files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_Vista\AVGIDSFilter.sys -- (AVGIDSFiltervtx)
DRV - [2010/12/10 17:21:58 | 000,027,216 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Program Files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_Vista\AVGIDSShim.sys -- (AVGIDSShimvtx)
DRV - [2010/12/10 17:21:06 | 000,024,856 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\avgfwd6x.sys -- (Avgfwfd)
DRV - [2010/12/10 17:20:51 | 000,216,400 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\Drivers\avgldx86.sys -- (AvgLdx86)
DRV - [2010/12/10 17:20:40 | 000,052,872 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\System32\Drivers\avgrkx86.sys -- (AvgRkx86)
DRV - [2010/09/07 16:52:25 | 000,046,672 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2010/09/07 16:52:03 | 000,165,584 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2010/09/07 16:47:46 | 000,023,376 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2010/09/07 16:47:30 | 000,050,768 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2010/09/07 16:47:07 | 000,017,744 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2006/11/30 10:24:58 | 000,008,192 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\eabfiltr.sys -- (eabfiltr)
DRV - [2006/11/17 17:20:26 | 000,534,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\BCMWL6.SYS -- (BCM43XX)
DRV - [2006/11/17 17:20:26 | 000,534,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\BCMWL6.SYS -- (BCM43XV)
DRV - [2006/11/15 07:24:00 | 000,179,256 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\SynTP.sys -- (SynTP)
DRV - [2006/11/09 10:02:30 | 001,786,880 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\NETw3v32.sys -- (NETw3v32) Pilote de carte réseau Intel(R)
DRV - [2006/11/06 11:29:14 | 001,473,024 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\igdkmd32.sys -- (igfx)
DRV - [2006/11/06 11:29:14 | 001,473,024 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\igdkmd32.sys -- (ialm)
DRV - [2006/11/02 15:43:50 | 000,145,920 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\CHDART.sys -- (HdAudAddService)
DRV - [2006/11/02 10:51:45 | 000,900,712 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300)
DRV - [2006/11/02 10:51:38 | 000,420,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx)
DRV - [2006/11/02 10:51:34 | 000,316,520 | ---- | M] (Emulex) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor)
DRV - [2006/11/02 10:51:32 | 000,297,576 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci)
DRV - [2006/11/02 10:51:25 | 000,235,112 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci)
DRV - [2006/11/02 10:51:25 | 000,232,040 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV)
DRV - [2006/11/02 10:51:00 | 000,147,048 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320)
DRV - [2006/11/02 10:50:45 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2)
DRV - [2006/11/02 10:50:41 | 000,112,232 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid)
DRV - [2006/11/02 10:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx)
DRV - [2006/11/02 10:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata)
DRV - [2006/11/02 10:50:35 | 000,098,408 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m)
DRV - [2006/11/02 10:50:24 | 000,088,680 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid)
DRV - [2006/11/02 10:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960)
DRV - [2006/11/02 10:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp)
DRV - [2006/11/02 10:50:16 | 000,071,784 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4)
DRV - [2006/11/02 10:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor)
DRV - [2006/11/02 10:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx)
DRV - [2006/11/02 10:50:10 | 000,067,688 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas)
DRV - [2006/11/02 10:50:10 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI)
DRV - [2006/11/02 10:50:10 | 000,038,504 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid2.sys -- (SiSRaid2)
DRV - [2006/11/02 10:50:10 | 000,037,480 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs)
DRV - [2006/11/02 10:50:09 | 000,067,688 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arc.sys -- (arc)
DRV - [2006/11/02 10:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid)
DRV - [2006/11/02 10:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi)
DRV - [2006/11/02 10:50:05 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS)
DRV - [2006/11/02 10:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx)
DRV - [2006/11/02 10:50:04 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC)
DRV - [2006/11/02 10:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3)
DRV - [2006/11/02 10:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x)
DRV - [2006/11/02 10:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi)
DRV - [2006/11/02 10:49:53 | 000,028,776 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasas.sys -- (megasas)
DRV - [2006/11/02 10:49:30 | 000,017,512 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\viaide.sys -- (viaide)
DRV - [2006/11/02 10:49:28 | 000,016,488 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide)
DRV - [2006/11/02 10:49:20 | 000,014,952 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\aliide.sys -- (aliide)
DRV - [2006/11/02 09:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
DRV - [2006/11/02 09:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer)
DRV - [2006/11/02 09:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp)
DRV - [2006/11/02 09:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo)
DRV - [2006/11/02 09:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm)
DRV - [2006/11/02 09:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm)
DRV - [2006/11/02 08:41:49 | 000,200,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\VSTAZL3.SYS -- (HSFHWAZL)
DRV - [2006/11/02 08:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi)
DRV - [2006/11/02 08:30:54 | 000,117,760 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\E1G60I32.sys -- (E1G60) Intel(R)
DRV - [2006/10/18 12:09:26 | 000,986,624 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\HSX_DPV.sys -- (HSF_DPV)
DRV - [2006/10/18 12:08:14 | 000,206,848 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\HSXHWAZL.sys -- (HSXHWAZL)
DRV - [2006/10/18 12:08:04 | 000,659,968 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\HSX_CNXT.sys -- (winachsf)
DRV - [2006/09/26 00:19:52 | 000,050,176 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\Rtnicxp.sys -- (RTL8023xp)
DRV - [2006/08/04 18:39:10 | 000,008,192 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\XAudio.sys -- (XAudio)
DRV - [2006/06/28 09:54:00 | 000,009,472 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\CPQBttn.sys -- (HBtnKey)
DRV - [2005/02/26 15:25:52 | 000,091,527 | ---- | M] (VM) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\usbVM31b.sys -- (ZSMC301b)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/


IE - HKU\.DEFAULT\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll ()
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll ()
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-2549409942-649879418-3700690813-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
IE - HKU\S-1-5-21-2549409942-649879418-3700690813-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-2549409942-649879418-3700690813-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKU\S-1-5-21-2549409942-649879418-3700690813-1000\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll ()
IE - HKU\S-1-5-21-2549409942-649879418-3700690813-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKU\S-1-5-21-2549409942-649879418-3700690813-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=69.164.204.168:3128;ftp=69.164.204.168:3128;https=69.164.204.168:3128;

========== FireFox ==========

FF - prefs.js..browser.search.selectedEngine: "Search the Web"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://fr.start3.mozilla.com/firefox?client=firefox-a&rls=org.mozilla:fr:official"
FF - prefs.js..extensions.enabledItems: {636fae0b-69b4-4324-9fea-80fc7fb887dc}:1.300.306
FF - prefs.js..extensions.enabledItems: {3f963a5b-e555-4543-90e2-c3908898db71}:9.0.0.872
FF - prefs.js..extensions.enabledItems: avg@igeared:6.010.006.004
FF - prefs.js..extensions.enabledItems: support@super-hide-ip.com:1.0
FF - prefs.js..keyword.URL: "http://search.freecause.com/search?fr=freecause&ourmark=3&type=61101&p="
FF - prefs.js..network.proxy.ftp: "69.164.204.168"
FF - prefs.js..network.proxy.ftp_port: 3128
FF - prefs.js..network.proxy.gopher: "69.164.204.168"
FF - prefs.js..network.proxy.gopher_port: 3128
FF - prefs.js..network.proxy.http: "69.164.204.168"
FF - prefs.js..network.proxy.http_port: 3128
FF - prefs.js..network.proxy.type: 1
FF - prefs.js..sweetim.toolbar.previous.keyword.URL: "http://search.freecause.com/search?fr=freecause&ourmark=3&type=61101&p="

FF - HKLM\software\mozilla\Firefox\Extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\Program Files\AVG\AVG9\Firefox [2010/12/10 17:42:18 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\avg@igeared: C:\Program Files\AVG\AVG9\Toolbar\Firefox\avg@igeared [2010/12/10 17:27:15 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/12/10 11:57:46 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/12/10 11:57:45 | 000,000,000 | ---D | M]

[2009/11/04 20:43:13 | 000,000,000 | ---D | M] -- C:\Users\vivi\AppData\Roaming\mozilla\Extensions
[2010/12/10 18:16:15 | 000,000,000 | ---D | M] -- C:\Users\vivi\AppData\Roaming\mozilla\Firefox\Profiles\5lkcum6r.default\extensions
[2010/04/27 18:37:22 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\vivi\AppData\Roaming\mozilla\Firefox\Profiles\5lkcum6r.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/04/13 17:29:56 | 000,000,000 | ---D | M] (Is Cool) -- C:\Users\vivi\AppData\Roaming\mozilla\Firefox\Profiles\5lkcum6r.default\extensions\{636fae0b-69b4-4324-9fea-80fc7fb887dc}
[2010/12/10 18:16:02 | 000,000,000 | ---D | M] -- C:\Users\vivi\AppData\Roaming\mozilla\Firefox\Profiles\5lkcum6r.default\extensions\support@super-hide-ip.com
[2010/07/17 20:57:15 | 000,001,741 | ---- | M] () -- C:\Users\vivi\AppData\Roaming\Mozilla\FireFox\Profiles\5lkcum6r.default\searchplugins\search-the-web.xml
[2009/11/15 15:41:16 | 000,003,729 | ---- | M] () -- C:\Users\vivi\AppData\Roaming\Mozilla\FireFox\Profiles\5lkcum6r.default\searchplugins\Searcheo.xml
[2010/10/04 18:24:34 | 000,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions
[2010/10/22 05:18:36 | 000,001,516 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-france.xml
[2010/10/22 05:18:36 | 000,001,822 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\cnrtl-tlfi-fr.xml
[2010/10/22 05:18:36 | 000,000,757 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-france.xml
[2010/10/22 05:18:36 | 000,001,426 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-fr.xml
[2010/10/22 05:18:36 | 000,000,956 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-france.xml

O1 HOSTS File: ([2006/09/18 22:41:30 | 000,000,761 | ---- | M]) - C:\WINDOWS\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Aide pour le lien d'Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (AVG Security Toolbar BHO) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll ()
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll ()
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [AVG9_TRAY] C:\PROGRA~1\AVG\AVG9\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [BigDogPath] C:\Windows\VM_STI.EXE (BIGDOG)
O4 - HKLM..\Run: [HP Health Check Scheduler] C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe (Hewlett-Packard)
O4 - HKLM..\Run: [TrojanScanner] C:\Program Files\Trojan Remover\Trjscan.exe (Simply Super Software)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-2549409942-649879418-3700690813-1000..\Run: [] F:\Super Hide IP 3.0.6.2 + Crack\Super Hide IP 3.0.6.2\Crack\SuperHideIP.exe File not found
O4 - HKU\S-1-5-21-2549409942-649879418-3700690813-1000..\Run: [ISUSPM Startup] C:\Programmes\Common Files\InstallShield\UpdateService\ISUSPM.exe File not found
O4 - Startup: C:\Users\vivi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk = C:\Program Files\ERUNT\AUTOBACK.EXE ()
O4 - Startup: C:\Users\vivi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.1.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-21-2549409942-649879418-3700690813-1000\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)
O9 - Extra Button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0)
O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_18)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\avgsecuritytoolbar {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll ()
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O20 - AppInit_DLLs: (avgrsstx.dll) - C:\Windows\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\Windows\System32\igfxdev.dll (Intel Corporation)
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\img33.jpg
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\img33.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2005/09/11 16:18:54 | 000,000,340 | -HS- | M] () - D:\AUTOMODE -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - File not found
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2010/12/10 19:00:47 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2010/12/10 19:00:13 | 000,000,000 | ---D | C] -- C:\Program Files\ERUNT
[2010/12/10 18:23:18 | 000,000,000 | ---D | C] -- C:\Users\vivi\Documents\Simply Super Software
[2010/12/10 18:22:44 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ztvcabinet.dll
[2010/12/10 18:22:38 | 000,000,000 | ---D | C] -- C:\Program Files\Trojan Remover
[2010/12/10 18:22:38 | 000,000,000 | ---D | C] -- C:\Users\vivi\AppData\Roaming\Simply Super Software
[2010/12/10 18:22:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Simply Super Software
[2010/12/10 18:14:14 | 000,000,000 | ---D | C] -- C:\Users\vivi\AppData\Roaming\SuperHideIP
[2010/12/10 18:14:14 | 000,000,000 | ---D | C] -- C:\ProgramData\SuperHideIP
[2010/12/10 18:14:00 | 000,000,000 | ---D | C] -- C:\Program Files\SuperHideIP
[2010/12/10 18:11:55 | 000,000,000 | ---D | C] -- C:\Users\vivi\AppData\Roaming\F__Super Hide IP 3.0.6.2 + Crack_Super Hide IP 3.0.6.2_Crack_SuperHideIP.exe
[2010/12/10 18:11:55 | 000,000,000 | ---D | C] -- C:\ProgramData\F__Super Hide IP 3.0.6.2 + Crack_Super Hide IP 3.0.6.2_Crack_SuperHideIP.exe
[2010/12/10 17:59:39 | 000,000,000 | ---D | C] -- C:\Users\vivi\AppData\Local\AVG Security Toolbar
[2010/12/10 17:22:21 | 000,012,536 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\avgrsstx.dll
[2010/12/10 17:00:00 | 000,000,000 | ---D | C] -- C:\Program Files\VS Revo Group
[2010/12/10 14:14:20 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\Avg
[2010/12/10 14:14:07 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG Security Toolbar
[2010/12/10 14:12:37 | 000,025,168 | ---- | C] (AVG Technologies CZ, s.r.o. ) -- C:\Windows\System32\drivers\AVGIDSvx.sys
[2010/12/10 14:12:36 | 000,052,872 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgrkx86.sys
[2010/12/10 14:12:33 | 000,243,024 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgtdix.sys
[2010/12/10 14:12:32 | 000,216,400 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgldx86.sys
[2010/12/10 14:12:28 | 000,029,584 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgmfx86.sys
[2010/12/10 14:10:04 | 000,024,856 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgfwd6x.sys
[2010/12/10 14:09:57 | 000,000,000 | ---D | C] -- C:\Program Files\AVG
[2010/12/10 14:09:51 | 000,000,000 | ---D | C] -- C:\ProgramData\avg9
[2010/12/09 21:24:56 | 000,000,000 | ---D | C] -- C:\Program Files\SEAF
[2010/12/08 23:28:37 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2010/11/28 18:10:28 | 000,165,584 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswSP.sys
[2010/11/28 18:10:28 | 000,017,744 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswFsBlk.sys
[2010/11/28 18:10:27 | 000,046,672 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswTdi.sys
[2010/11/28 18:10:27 | 000,023,376 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswRdr.sys
[2010/11/28 18:10:25 | 000,050,768 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
[2010/11/28 18:09:17 | 000,038,848 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2010/11/28 18:09:16 | 000,167,592 | ---- | C] (AVAST Software) -- C:\Windows\System32\aswBoot.exe

========== Files - Modified Within 30 Days ==========

[2010/12/10 19:51:44 | 000,000,420 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{37A44AF2-3AC5-449A-ACDC-850441E40271}.job
[2010/12/10 19:43:26 | 000,003,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010/12/10 19:43:26 | 000,003,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010/12/10 19:00:25 | 000,000,913 | ---- | M] () -- C:\Users\vivi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
[2010/12/10 19:00:20 | 000,000,733 | ---- | M] () -- C:\Users\vivi\Desktop\NTREGOPT.lnk
[2010/12/10 19:00:20 | 000,000,714 | ---- | M] () -- C:\Users\vivi\Desktop\ERUNT.lnk
[2010/12/10 18:58:12 | 000,000,541 | ---- | M] () -- C:\Users\vivi\Desktop\erunt-loc_fr.zip - Raccourci.lnk
[2010/12/10 18:58:06 | 000,000,584 | ---- | M] () -- C:\Users\vivi\Desktop\erunt-setup.exe - Raccourci.lnk
[2010/12/10 18:50:20 | 000,000,538 | ---- | M] () -- C:\Users\vivi\Desktop\OTL.exe - Raccourci.lnk
[2010/12/10 18:28:54 | 000,000,936 | ---- | M] () -- C:\Users\Public\Desktop\Trojan Remover.lnk
[2010/12/10 18:14:04 | 000,000,840 | ---- | M] () -- C:\Users\Public\Desktop\Super Hide IP.lnk
[2010/12/10 17:46:33 | 000,000,150 | ---- | M] () -- C:\Users\Public\Documents\hpqp.ini
[2010/12/10 17:42:35 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010/12/10 17:42:32 | 1063,378,944 | -HS- | M] () -- C:\hiberfil.sys
[2010/12/10 17:29:02 | 000,638,975 | ---- | M] () -- C:\Windows\System32\drivers\Avg\iavifw.avm
[2010/12/10 17:22:29 | 000,243,024 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgtdix.sys
[2010/12/10 17:22:21 | 000,012,536 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\avgrsstx.dll
[2010/12/10 17:22:20 | 000,029,584 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgmfx86.sys
[2010/12/10 17:21:59 | 000,025,168 | ---- | M] (AVG Technologies CZ, s.r.o. ) -- C:\Windows\System32\drivers\AVGIDSvx.sys
[2010/12/10 17:21:33 | 068,781,423 | ---- | M] () -- C:\Windows\System32\drivers\Avg\incavi.avm
[2010/12/10 17:21:06 | 000,024,856 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgfwd6x.sys
[2010/12/10 17:20:51 | 000,216,400 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgldx86.sys
[2010/12/10 17:20:45 | 000,492,629 | ---- | M] () -- C:\Windows\System32\drivers\Avg\miniavi.avg
[2010/12/10 17:20:45 | 000,142,495 | ---- | M] () -- C:\Windows\System32\drivers\Avg\microavi.avg
[2010/12/10 17:20:40 | 000,052,872 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgrkx86.sys
[2010/12/10 17:00:03 | 000,001,057 | ---- | M] () -- C:\Users\vivi\Desktop\Revo Uninstaller.lnk
[2010/12/10 14:15:00 | 000,001,647 | ---- | M] () -- C:\Users\Public\Desktop\AVG 9.0.lnk
[2010/12/10 14:14:59 | 000,113,461 | ---- | M] () -- C:\Windows\System32\drivers\Avg\iavichjw.avm
[2010/12/10 14:14:21 | 006,061,540 | ---- | M] () -- C:\Windows\System32\drivers\Avg\avi7.avg
[2010/12/10 14:01:29 | 000,679,042 | ---- | M] () -- C:\Windows\System32\perfh00C.dat
[2010/12/10 14:01:29 | 000,595,996 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010/12/10 14:01:29 | 000,126,626 | ---- | M] () -- C:\Windows\System32\perfc00C.dat
[2010/12/10 14:01:29 | 000,104,070 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010/12/10 01:29:20 | 000,000,036 | ---- | M] () -- C:\Users\vivi\AppData\Local\housecall.guid.cache
[2010/12/09 00:03:43 | 000,022,730 | ---- | M] () -- C:\Users\vivi\Documents\cc_20101209_000327.reg
[2010/12/08 23:28:44 | 000,000,804 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2010/11/29 17:42:18 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010/11/29 17:42:06 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010/11/28 18:10:29 | 000,001,840 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2010/11/28 18:10:25 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt

========== Files Created - No Company Name ==========

[2010/12/10 19:00:25 | 000,000,913 | ---- | C] () -- C:\Users\vivi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
[2010/12/10 19:00:20 | 000,000,733 | ---- | C] () -- C:\Users\vivi\Desktop\NTREGOPT.lnk
[2010/12/10 19:00:20 | 000,000,714 | ---- | C] () -- C:\Users\vivi\Desktop\ERUNT.lnk
[2010/12/10 18:58:12 | 000,000,541 | ---- | C] () -- C:\Users\vivi\Desktop\erunt-loc_fr.zip - Raccourci.lnk
[2010/12/10 18:58:06 | 000,000,584 | ---- | C] () -- C:\Users\vivi\Desktop\erunt-setup.exe - Raccourci.lnk
[2010/12/10 18:50:20 | 000,000,538 | ---- | C] () -- C:\Users\vivi\Desktop\OTL.exe - Raccourci.lnk
[2010/12/10 18:28:54 | 000,000,936 | ---- | C] () -- C:\Users\Public\Desktop\Trojan Remover.lnk
[2010/12/10 18:22:45 | 000,077,312 | ---- | C] () -- C:\Windows\System32\ztvunace26.dll
[2010/12/10 18:22:44 | 000,162,304 | ---- | C] () -- C:\Windows\System32\ztvunrar36.dll
[2010/12/10 18:22:44 | 000,153,088 | ---- | C] () -- C:\Windows\System32\UNRAR3.dll
[2010/12/10 18:22:44 | 000,075,264 | ---- | C] () -- C:\Windows\System32\unacev2.dll
[2010/12/10 18:14:04 | 000,000,840 | ---- | C] () -- C:\Users\Public\Desktop\Super Hide IP.lnk
[2010/12/10 17:00:03 | 000,001,057 | ---- | C] () -- C:\Users\vivi\Desktop\Revo Uninstaller.lnk
[2010/12/10 16:37:42 | 1063,378,944 | -HS- | C] () -- C:\hiberfil.sys
[2010/12/10 14:15:00 | 000,001,647 | ---- | C] () -- C:\Users\Public\Desktop\AVG 9.0.lnk
[2010/12/10 14:14:59 | 000,638,975 | ---- | C] () -- C:\Windows\System32\drivers\Avg\iavifw.avm
[2010/12/10 14:14:59 | 000,113,461 | ---- | C] () -- C:\Windows\System32\drivers\Avg\iavichjw.avm
[2010/12/10 14:14:21 | 068,781,423 | ---- | C] () -- C:\Windows\System32\drivers\Avg\incavi.avm
[2010/12/10 14:14:21 | 006,061,540 | ---- | C] () -- C:\Windows\System32\drivers\Avg\avi7.avg
[2010/12/10 14:14:21 | 000,492,629 | ---- | C] () -- C:\Windows\System32\drivers\Avg\miniavi.avg
[2010/12/10 14:14:21 | 000,142,495 | ---- | C] () -- C:\Windows\System32\drivers\Avg\microavi.avg
[2010/12/10 01:29:20 | 000,000,036 | ---- | C] () -- C:\Users\vivi\AppData\Local\housecall.guid.cache
[2010/12/09 00:03:35 | 000,022,730 | ---- | C] () -- C:\Users\vivi\Documents\cc_20101209_000327.reg
[2010/12/08 23:28:44 | 000,000,804 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2010/11/28 18:10:29 | 000,001,840 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2010/08/05 16:36:36 | 000,069,632 | ---- | C] () -- C:\Windows\System32\MobOlExt.dll
[2010/02/01 18:31:40 | 000,004,892 | ---- | C] () -- C:\Users\vivi\AppData\Local\d3d9caps.dat
[2009/10/02 13:14:38 | 000,007,680 | ---- | C] () -- C:\Users\vivi\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/09/26 00:05:51 | 000,000,000 | ---- | C] () -- C:\Users\vivi\AppData\Local\QSwitch.txt
[2009/09/26 00:05:51 | 000,000,000 | ---- | C] () -- C:\Users\vivi\AppData\Local\DSwitch.txt
[2009/09/26 00:05:51 | 000,000,000 | ---- | C] () -- C:\Users\vivi\AppData\Local\AtStart.txt
[2006/11/29 08:32:42 | 000,000,000 | ---- | C] () -- C:\Windows\System32\px.ini
[2006/11/06 12:02:10 | 000,204,800 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1114.dll
[2006/11/06 10:05:40 | 000,061,440 | ---- | C] () -- C:\Windows\System32\igfxTMM.dll
[2006/11/06 10:03:16 | 000,053,248 | ---- | C] () -- C:\Windows\System32\oemdspif.dll
[2006/11/06 10:00:56 | 000,077,824 | ---- | C] () -- C:\Windows\System32\hccutils.dll
[2006/11/02 13:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 08:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/09/18 23:02:40 | 000,520,192 | ---- | C] () -- C:\Windows\System32\CddbPlaylist2Roxio.dll
[2006/09/18 23:02:40 | 000,204,800 | ---- | C] () -- C:\Windows\System32\CddbFileTaggerRoxio.dll
[2006/03/10 01:58:00 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll

========== LOP Check ==========

[2010/12/10 18:11:55 | 000,000,000 | ---D | M] -- C:\Users\vivi\AppData\Roaming\F__Super Hide IP 3.0.6.2 + Crack_Super Hide IP 3.0.6.2_Crack_SuperHideIP.exe
[2009/11/15 15:41:16 | 000,000,000 | ---D | M] -- C:\Users\vivi\AppData\Roaming\Icones
[2009/11/04 21:57:47 | 000,000,000 | ---D | M] -- C:\Users\vivi\AppData\Roaming\OpenOffice.org
[2010/12/10 18:22:38 | 000,000,000 | ---D | M] -- C:\Users\vivi\AppData\Roaming\Simply Super Software
[2010/12/10 18:14:14 | 000,000,000 | ---D | M] -- C:\Users\vivi\AppData\Roaming\SuperHideIP
[2010/12/10 17:40:52 | 000,032,562 | ---- | M] () -- C:\WINDOWS\Tasks\SCHEDLGU.TXT
[2010/12/10 19:51:44 | 000,000,420 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{37A44AF2-3AC5-449A-ACDC-850441E40271}.job

========== Purity Check ==========



========== Custom Scans ==========


< %SYSTEMDRIVE%\*.exe >


< MD5 for: AGP440.SYS >
[2008/01/19 08:42:25 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\WINDOWS\System32\DriverStore\FileRepository\machine.inf_f750e484\AGP440.sys
[2008/01/19 08:42:25 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\WINDOWS\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys
[2008/01/19 08:42:25 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\WINDOWS\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\AGP440.sys
[2006/11/02 10:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\WINDOWS\System32\drivers\AGP440.sys
[2006/11/02 10:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys

< MD5 for: ATAPI.SYS >
[2008/01/19 08:41:30 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\WINDOWS\System32\drivers\atapi.sys
[2008/01/19 08:41:30 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\WINDOWS\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys
[2008/01/19 08:41:30 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\WINDOWS\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys
[2009/09/29 17:18:09 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=E03E8C99D15D0381E02743C36AFC7C6F -- C:\WINDOWS\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.20757_none_dbac78a93da31a8b\atapi.sys
[2009/04/11 07:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\SoftwareDistribution\Download\cde11068f5b77b180111333ef9781925\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys
[2009/09/29 17:18:10 | 000,021,560 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\System32\DriverStore\FileRepository\mshdc.inf_7de13c21\atapi.sys
[2006/11/02 10:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys
[2009/09/29 17:18:10 | 000,021,560 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.16632_none_db337a442479c42c\atapi.sys

< MD5 for: CNGAUDIT.DLL >
[2006/11/02 10:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\WINDOWS\System32\cngaudit.dll
[2006/11/02 10:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\WINDOWS\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll

< MD5 for: IASTORV.SYS >
[2008/01/19 08:42:51 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\WINDOWS\System32\DriverStore\FileRepository\iastorv.inf_c9df7691\iaStorV.sys
[2006/11/02 10:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\WINDOWS\System32\drivers\iaStorV.sys
[2006/11/02 10:51:25 | 000,232,040 | ---- | M] (Intel Corporation) Unable to obtain MD5 -- C:\WINDOWS\System32\DriverStore\FileRepository\iastorv.inf_37cdafa4\iaStorV.sys
[2008/01/19 08:42:51 | 000,235,064 | ---- | M] (Intel Corporation) Unable to obtain MD5 -- C:\WINDOWS\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_af11527887c7fa8f\iaStorV.sys

< MD5 for: NETLOGON.DLL >
[2006/11/02 10:46:11 | 000,559,616 | ---- | M] (Microsoft Corporation) MD5=889A2C9F2AACCD8F64EF50AC0B3D553B -- C:\WINDOWS\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6000.16386_none_fb80f5473b0ed783\netlogon.dll
[2009/04/11 07:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\WINDOWS\SoftwareDistribution\Download\cde11068f5b77b180111333ef9781925\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_ffa3304f351bb3a3\netlogon.dll
[2008/01/19 08:35:36 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\WINDOWS\System32\netlogon.dll
[2008/01/19 08:35:36 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\WINDOWS\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7b74337f9e857\netlogon.dll

< MD5 for: NVSTOR.SYS >
[2006/11/02 10:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\WINDOWS\System32\drivers\nvstor.sys
[2006/11/02 10:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\WINDOWS\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys
[2008/01/19 08:42:09 | 000,045,112 | ---- | M] (NVIDIA Corporation) Unable to obtain MD5 -- C:\WINDOWS\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvstor.sys
[2008/01/19 08:42:09 | 000,045,112 | ---- | M] (NVIDIA Corporation) Unable to obtain MD5 -- C:\WINDOWS\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvstor.sys

< MD5 for: SCECLI.DLL >
[2008/01/19 08:36:19 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\WINDOWS\System32\scecli.dll
[2008/01/19 08:36:19 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\WINDOWS\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll
[2006/11/02 10:46:12 | 000,176,640 | ---- | M] (Microsoft Corporation) MD5=80E2839D05CA5970A86D7BE2A08BFF61 -- C:\WINDOWS\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6000.16386_none_35d7205fdc305e3e\scecli.dll
[2009/04/11 07:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\WINDOWS\SoftwareDistribution\Download\cde11068f5b77b180111333ef9781925\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_39f95b67d63d3a5e\scecli.dll

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[2009/03/08 12:31:42 | 000,348,160 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\System32\dxtmsft.dll
[2009/03/08 12:31:37 | 000,216,064 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\System32\dxtrans.dll
[2008/01/19 08:38:03 | 000,242,744 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\System32\rsaenh.dll
[2008/01/19 08:36:10 | 000,225,792 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\System32\SLC.dll

< %systemroot%\Tasks\*.job /lockedfiles >

< End of report >
statue0065
 
Messages: 43
Inscription: 10 Déc 2010, 02:25

Messagede statue0065 » 10 Déc 2010, 20:32

statue0065
 
Messages: 43
Inscription: 10 Déc 2010, 02:25

Messagede statue0065 » 10 Déc 2010, 20:33

OTL Extras logfile created on: 10/12/2010 19:38:01 - Run 1
OTL by OldTimer - Version 3.2.17.3 Folder = C:\Users\vivi\Downloads
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18975)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

1 013,00 Mb Total Physical Memory | 190,00 Mb Available Physical Memory | 19,00% Memory free
2,00 Gb Paging File | 1,00 Gb Available in Paging File | 43,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 106,70 Gb Total Space | 78,74 Gb Free Space | 73,79% Space Free | Partition Type: NTFS
Drive D: | 5,09 Gb Total Space | 1,21 Gb Free Space | 23,83% Space Free | Partition Type: NTFS

Computer Name: PC | User Name: vivi | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-2549409942-649879418-3700690813-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"UacDisableNotify" = 0
"InternetSettingsDisableNotify" = 0
"AutoUpdateDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{141CF0D3-44C6-4C6B-8BBE-A430BD2EE2A8}" = lport=2869 | protocol=6 | dir=in | app=system |
"{2B3B7DD4-4C9B-4FCB-A10F-73BEBBE5DBBF}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{4F3925C3-2FFC-4F50-AFE7-067306899C64}" = protocol=17 | dir=in | app=c:\program files\hp\quickplay\qp.exe |
"{9D943437-E058-44A0-A8BA-50094168FF99}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe |
"{B0043770-305B-4FA8-868E-E4576F3A5797}" = protocol=6 | dir=in | app=c:\program files\hp\quickplay\qp.exe |
"{B0F89DE3-6C6A-46F7-8392-BEC92D75BB2A}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{DE0D441C-354B-4734-BBDF-08311758A527}" = protocol=17 | dir=in | app=c:\users\vivi\downloads\jxpiinstall(3).exe |
"{ECE5C997-65D0-4F5C-8B4D-2D73E6076135}" = protocol=6 | dir=in | app=c:\users\vivi\downloads\jxpiinstall(3).exe |
"TCP Query User{9C1975AB-288B-4D92-B147-C44507B6E0DB}C:\program files\java\jre1.6.0\bin\java.exe" = protocol=6 | dir=in | app=c:\program files\java\jre1.6.0\bin\java.exe |
"TCP Query User{E80FBA5F-D74F-420B-B0FB-3E7358C7D085}C:\users\vivi\appdata\local\screamer radio\screamer.exe" = protocol=6 | dir=in | app=c:\users\vivi\appdata\local\screamer radio\screamer.exe |
"UDP Query User{4AF94542-A3D8-40E9-9E16-DCED84FF56DB}C:\program files\java\jre1.6.0\bin\java.exe" = protocol=17 | dir=in | app=c:\program files\java\jre1.6.0\bin\java.exe |
"UDP Query User{F7E09916-E1AF-4151-B0F6-BF04F24B2E4C}C:\users\vivi\appdata\local\screamer radio\screamer.exe" = protocol=17 | dir=in | app=c:\users\vivi\appdata\local\screamer radio\screamer.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0394CDC8-FABD-4ed8-B104-03393876DFDF}" = Roxio Creator Tools
"{0D397393-9B50-4c52-84D5-77E344289F87}" = Roxio Creator Data
"{0F5B4A82-9DAF-3D13-8CB8-AEB25E4A614E}" = Microsoft .NET Framework 4 Client Profile FRA Language Pack
"{0FA44E79-CD7D-4E8D-A2EE-26FE05F509B6}" = OpenOffice.org 3.1
"{11F93B4B-48F0-4A4E-AE77-DFA96A99664B}" = Roxio Creator EasyArchive
"{15DD1D3C-8386-47D4-91A4-2D25FAFE1255}" = HP User Guide 0039
"{17342E3B-0818-4A6F-BFF8-99476605ADD6}" = Livebox
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Outil de téléchargement Windows Live
"{2075CB0A-D26F-4DAA-B424-5079296B43BA}" = Windows Live FolderShare
"{21E62565-8639-457C-B64C-A3FF0A8B4D80}" = HP Active Support Library
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{254C37AA-6B72-4300-84F6-98A82419187E}" = ActiveCheck component for HP Active Support Library
"{26A24AE4-039D-4CA4-87B4-2F83216016FF}" = Java(TM) 6 Update 18
"{2A2646FB-7BAC-451B-BF90-4889C4429C5E}" = Philips SPC 200NC PC Camera
"{3248F0A8-6813-11D6-A77B-00B0D0160000}" = Java(TM) SE Runtime Environment 6
"{33C65B6A-5D73-4E3E-A1F9-127C27BD3F72}" = Roxio MyDVD Basic v9
"{34D2AB40-150D-475D-AE32-BD23FB5EE355}" = HP Quick Launch Buttons 6.10 C1
"{355FADAF-55C4-4E08-88D4-A86C4CA6930C}" = HP Wireless Assistant
"{35E1EC43-D4FC-4E4A-AAB3-20DDA27E8BB0}" = Sonic Activation Module
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3E31821C-7917-367E-938E-E65FC413EA31}" = Microsoft .NET Framework 3.5 Language Pack SP1 - fra
"{40F7AED3-0C7D-4582-99F6-484A515C73F2}" = HP Easy Setup - Frontend
"{45D707E9-F3C4-11D9-A373-0050BAE317E1}" = HP DVD Play 3.0
"{4634B21A-CC07-4396-890C-2B8168661FEA}" = Windows Live Writer
"{46ABBC54-1872-4AA3-95E2-F2C063A63F31}" = Installation Windows Live
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{53B20C18-D8D4-4588-8737-9BBFE303C354}" = Windows Live Movie Maker
"{5DD76286-9BE7-4894-A990-E905E91AC818}" = Windows Live Mail
"{619CDD8A-14B6-43a1-AB6C-0F4EE48CE048}" = Roxio Creator Copy
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler 3
"{669D4A35-146B-4314-89F1-1AC3D7B88367}" = HPAsset component for HP Active Support Library
"{6B1CB38D-E2E4-4a30-933D-EFDEBA76AD9C}" = Microsoft Works
"{770F1BEC-2871-4E70-B837-FB8525FFA3B1}" = Windows Live Messenger
"{80CA15EA-C0A5-7CAF-B9E9-B8B2A87EFE11}" = Orange
"{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}" = Windows Live Call
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83FFCFC7-88C6-41c6-8752-958A45325C82}" = Roxio Creator Audio
"{8C6027FD-53DC-446D-BB75-CACD7028A134}" = HP Update
"{90CA15EA-C0A5-7CAF-B9E9-B8B2A87EFE11}" = Orange Les offres Internet
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{AB5E289E-76BF-4251-9F3F-9B763F681AE0}" = HP Customer Experience Enhancements
"{AC76BA86-7AD7-1036-7B44-A81300000003}" = Adobe Reader 8.1.3 - Français
"{B131E59D-202C-43C6-84C9-68F0C37541F1}" = Galerie de photos Windows Live
"{C8B0680B-CDAE-4809-9F91-387B6DE00F7C}" = Roxio Creator Basic v9
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{DCE8CD14-FBF5-4464-B9A4-E18E473546C7}" = Assistant de connexion Windows Live
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{E4DDBA93-769B-49D8-BA33-8814E45ED0C1}" = HP Help and Support
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F94234DB-FD06-42C3-B88D-6FC4DC9F988C}" = HP Easy Setup - Core
"{FAB0C302-CB18-4A7A-BA03-C3DC23101A68}" = ASL_HS_Installer32
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"ALCATEL PC Suite_is1" = ALCATEL PC Suite V6.3.18
"avast5" = avast! Free Antivirus
"AVG9Uninstall" = AVG 9.0
"CCleaner" = CCleaner
"CNXT_HDAUDIO" = Conexant HD Audio
"CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_5045&SUBSYS_103C30A5" = HDAUDIO Soft Data Fax Modem with SmartCP
"ERUNT_is1" = ERUNT 1.1j
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"MappySynchro_is1" = MappySynchro v2.1
"Microsoft .NET Framework 3.5 Language Pack SP1 - fra" = Module linguistique Microsoft .NET Framework 3.5 SP1- fra
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile FRA Language Pack" = Module linguistique Microsoft .NET Framework 4 Client Profile FRA
"Mozilla Firefox (3.6.13)" = Mozilla Firefox (3.6.13)
"Picasa 3" = Picasa 3
"Revo Uninstaller" = Revo Uninstaller 1.90
"SEAF" = SEAF By C_XX
"ShockwaveFlash" = Adobe Flash Player 9 ActiveX
"SIPPS!UninstallKey" = SIPPS
"SuperHideIP" = Super Hide IP
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"Trojan Remover_is1" = Trojan Remover 6.8.2
"WinLiveSuite_Wave3" = Installation Windows Live

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 10/12/2010 11:33:22 | Computer Name = PC | Source = System Restore | ID = 8193
Description =

Error - 10/12/2010 11:36:55 | Computer Name = PC | Source = Microsoft-Windows-CAPI2 | ID = 131584
Description =

Error - 10/12/2010 12:02:00 | Computer Name = PC | Source = VSS | ID = 8194
Description =

Error - 10/12/2010 12:22:42 | Computer Name = PC | Source = VSS | ID = 8194
Description =

Error - 10/12/2010 13:26:46 | Computer Name = PC | Source = Application Error | ID = 1000
Description = Application défaillante Rmvtrjan.exe, version 6.8.2.2596, horodatage
0x4c4dd00e, module défaillant unknown, version 0.0.0.0, horodatage 0x00000000,
code d’exception 0xc0000096, décalage d’erreur 0x00f235f0, ID du processus 0x13c4,
heure de début de l’application 0x01cb988f6a13bfc6.

Error - 10/12/2010 13:27:23 | Computer Name = PC | Source = Application Error | ID = 1000
Description = Application défaillante Rmvtrjan.exe, version 6.8.2.2596, horodatage
0x4c4dd00e, module défaillant unknown, version 0.0.0.0, horodatage 0x00000000,
code d’exception 0xc0000096, décalage d’erreur 0x025035f0, ID du processus 0xce0,
heure de début de l’application 0x01cb988f814eb5a6.

Error - 10/12/2010 13:27:48 | Computer Name = PC | Source = Application Error | ID = 1000
Description = Application défaillante Rmvtrjan.exe, version 6.8.2.2596, horodatage
0x4c4dd00e, module défaillant unknown, version 0.0.0.0, horodatage 0x00000000,
code d’exception 0xc0000096, décalage d’erreur 0x003c35f0, ID du processus 0x15dc,
heure de début de l’application 0x01cb988f8e1ebd26.

Error - 10/12/2010 13:30:28 | Computer Name = PC | Source = Application Error | ID = 1000
Description = Application défaillante Rmvtrjan.exe, version 6.8.2.2596, horodatage
0x4c4dd00e, module défaillant unknown, version 0.0.0.0, horodatage 0x00000000,
code d’exception 0xc0000096, décalage d’erreur 0x022335f0, ID du processus 0xb10,
heure de début de l’application 0x01cb988fefd05a16.

Error - 10/12/2010 14:09:35 | Computer Name = PC | Source = Application Error | ID = 1000
Description = Application défaillante SuperHideIP.exe, version 0.0.0.0, horodatage
0x00000000, module défaillant ntdll.dll, version 6.0.6001.18000, horodatage 0x4791a7a6,
code d’exception 0xc0000005, décalage d’erreur 0x0003d292, ID du processus 0x4f8,
heure de début de l’application 0x01cb988e85f7e7d6.

Error - 10/12/2010 14:09:37 | Computer Name = PC | Source = Application Error | ID = 1000
Description = Application défaillante SuperHideIP.exe, version 0.0.0.0, horodatage
0x00000000, module défaillant ntdll.dll, version 6.0.6001.18000, horodatage 0x4791a7a6,
code d’exception 0xc0000005, décalage d’erreur 0x0003d292, ID du processus 0x17d8,
heure de début de l’application 0x01cb988d57e6f4e6.

[ System Events ]
Error - 10/12/2010 12:39:55 | Computer Name = PC | Source = Service Control Manager | ID = 7000
Description =

Error - 10/12/2010 12:40:00 | Computer Name = PC | Source = Service Control Manager | ID = 7000
Description =

Error - 10/12/2010 12:40:10 | Computer Name = PC | Source = Service Control Manager | ID = 7000
Description =

Error - 10/12/2010 12:40:15 | Computer Name = PC | Source = Service Control Manager | ID = 7000
Description =

Error - 10/12/2010 12:40:20 | Computer Name = PC | Source = Service Control Manager | ID = 7000
Description =

Error - 10/12/2010 12:40:25 | Computer Name = PC | Source = Service Control Manager | ID = 7000
Description =

Error - 10/12/2010 12:40:35 | Computer Name = PC | Source = Service Control Manager | ID = 7000
Description =

Error - 10/12/2010 12:43:20 | Computer Name = PC | Source = HTTP | ID = 15016
Description =

Error - 10/12/2010 12:46:26 | Computer Name = PC | Source = Service Control Manager | ID = 7026
Description =

Error - 10/12/2010 12:53:08 | Computer Name = PC | Source = Service Control Manager | ID = 7022
Description =


<End>
statue0065
 
Messages: 43
Inscription: 10 Déc 2010, 02:25

Messagede statue0065 » 10 Déc 2010, 20:37

Voilà, les 3 rapports sont postés,
évidemment j'y comprends rien mais j'ai hâte de savoir si mon pc est infecté ou pas...

Si c'était possible d'avoir une réponse ce soir (au risque de paraitre un peu trop "exigeante" ...désolée tout ça me tracasse un peu beaucoup) pour que fasse le nécessaire, car sinon ça devra attendre lundi soir...



Re merci d'avance.

Virginie.
statue0065
 
Messages: 43
Inscription: 10 Déc 2010, 02:25

Messagede statue0065 » 10 Déc 2010, 21:33

Ce midi, un ami m'a installé AVG et autre chose pour sécuriser ma connexion, est ce pour ça que ca a été si long?
Dans mon précdent message, j'avais dit que l'internaute qui m'avait assité avait bien dit qu'il y avait un keylogger et qu il se trouvait dans le dossier flyos, effectivement dans ce dossier il y avait un fichier qui contenait une conversation msn que j'avais eu en novembre 2009 avec un ami qui m'aidait à installer un detector de kelogger, ca fait vraiment bizarre quand vous ouvrez un fichier pareil, croyez moi. Je ne pense pas avoir oublié e préciser quoi que soit.
statue0065
 
Messages: 43
Inscription: 10 Déc 2010, 02:25

Messagede statue0065 » 10 Déc 2010, 22:31

Bon j'abandonne pour ce soir, trois jours sur ordinateur jusqu'à pas d'heure, sans grand résultat, je tiens plus. Tant pis, je verrais lundi.

Merci d'avance et bon week end.
statue0065
 
Messages: 43
Inscription: 10 Déc 2010, 02:25

Messagede nickW » 11 Déc 2010, 00:41

Bonsoir,

1/ On trouve sur ton PC:
F__Super Hide IP 3.0.6.2 + Crack_Super Hide IP 3.0.6.2_Crack_SuperHideIP.exe

Ce n'est pas avec ce genre de "programme" que tu pourras garder un PC propre!


2/ Deux antivirus résidents sont actifs sur ton PC: AVG et avast! : ils se gênent l'un l'autre.

Il faut en désinstaller un!

Comment se comporte le PC avec un seul antivirus?


3/ Il te faut faire preuve de plus de calme: installer des dizaines de logiciels soi-disant "miracles" ne va pas, loin de là, améliorer l'état de ton PC.
Rappel:
Remarques:
Après l'envoi des rapports ci-dessus, ne pas effectuer d'installation de nouveau logiciel, ne pas utiliser de son propre chef d'utilitaire de nettoyage/désinfection.
Bien évidemment, ne pas suivre simultanément les conseils d'un autre forum - ce qui entraînerait la fermeture immédiate de votre fil de discussion.


Salut,
nickW - Image
30/07/2012: Plus de désinfection de PC jusqu'à nouvel ordre.
Pas de demande d'analyse de log en MP (Message Privé)
Mes configs
Avatar de l’utilisateur
nickW
Modérateur
 
Messages: 21698
Inscription: 20 Mai 2004, 17:41
Localisation: Dordogne/Île de France

Messagede statue0065 » 11 Déc 2010, 09:35

Bonjour,

Je dois désinstaller un antivirus, mais lequel? les derniers ajoutés hier? et le hide, c est quoi?? je désinstalle aussi?
Ok, je vais désinstaller ce qu'il m'a mis hier.

As tu vu quelque chose de suspect stp?
merci.
statue0065
 
Messages: 43
Inscription: 10 Déc 2010, 02:25

Suivante

Retourner vers Sécurité (Contamination - Décontamination)

Qui est en ligne

Utilisateurs parcourant ce forum: Aucun utilisateur enregistré et 17 invités