Connection internet impossible causée par virus

OK j'attends ta réponse.

Bonjour trax26, rubised,

Le problème me semble lié à un problème de configuration, mais je vais tout de même m'en assurer.

trax26,

1) Télécharge Winsock XP Fix et enregistre le sur ton bureau.

- Ferme tous les programmes susceptibles d'utiliser la connexion internet. Lance Winsock XP Fix en double cliquant sur l'exécutable WinsockxpFix.exe.
- Cliquez sur le bouton Fix.
- A la question Apply The VB_Winsock Fix?, réponds Oui.
- A la fin de la réparation, un message va te demander de redémarrer le PC. Accepte en cliquant sur OK.


2) Télécharge OTViewIt de OldTimer sur ton bureau.

- Ferme toutes les fenêtres et applications.
- Double clique sur OTViewIt.exe pour le lancer.
- Dans la liste déroulante "File Age" choisis : 30 days (ou selon votre choix)
- Clique sur le bouton "Run Scan".
- Patiente quelques minutes.
- le bloc note va s'ouvrir, poste les deux rapports obtenus dans ta prochaine réponse.

Si le bloc note ne s'ouvre pas, tu les trouveras sur ton bureau : OTViewIt.txt et Extras.txt


Cordialement.

Bonsoir,

Merci pour ton aide Curson. Voici les 2 rapports

OTViewIt logfile created on: 05/03/2009 23:33:01 - Run
OTViewIt by OldTimer - Version 1.0.21.0 Folder = D:\Documents and Settings\Gokhan\Bureau
Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: | Country: | Language: | Date Format:

1,19 Gb Total Physical Memory | 0,89 Gb Available Physical Memory | 74,87% Memory free
2,24 Gb Paging File | 2,05 Gb Available in Paging File | 91,62% Paging File free
Paging file location(s): C:\pagefile.sys 0 0;

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 37,80 Gb Total Space | 12,41 Gb Free Space | 32,82% Space Free | Partition Type: NTFS
Drive D: | 73,98 Gb Total Space | 2,88 Gb Free Space | 3,90% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: HEREK
Current User Name: Gokhan
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Whitelist: On
File Age = 30 Days

========== Processes ==========

[2008/10/15 13:31:25 | 00,068,865 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
[2008/10/15 13:29:28 | 00,151,297 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
[2004/08/05 14:00:00 | 00,013,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wscntfy.exe
[2008/10/16 14:09:44 | 00,051,224 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wuauclt.exe
[2004/08/05 14:00:00 | 00,218,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiprvse.exe
[2009/03/05 14:35:50 | 00,422,912 | ---- | M] (OldTimer Tools) -- D:\Documents and Settings\Gokhan\Bureau\OTViewIt.exe

========== (O23) Win32 Services ==========

File not found -- -- (Alerter [Disabled | Stopped])
File not found -- -- (AntiVirScheduler [Auto | Running])
File not found -- -- (AntiVirService [Auto | Running])
File not found -- -- (AOL ACS [Disabled | Stopped])
File not found -- -- (AppMgmt [On_Demand | Stopped])
File not found -- -- (aspnet_state [On_Demand | Stopped])
[2009/01/08 20:16:29 | 00,000,000 | ---D | M] -- C:\WINDOWS\System32\bits -- (BITS [Auto | Running])
File not found -- -- (CLCapSvc [Disabled | Stopped])
File not found -- -- (clr_optimization_v2.0.50727_32 [On_Demand | Stopped])
File not found -- -- (CLSched [Disabled | Stopped])
File not found -- -- (COMSysApp [On_Demand | Stopped])
File not found -- -- (CyberLink Media Library Service [Disabled | Stopped])
File not found -- -- (DcomLaunch [Auto | Running])
[2004/08/16 17:46:32 | 00,000,000 | ---D | M] -- C:\WINDOWS\System32\dhcp -- (Dhcp [Auto | Running])
File not found -- -- (Dnscache [Auto | Running])
[2004/08/05 14:00:00 | 00,055,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\eventlog.dll -- (Eventlog [Auto | Running])
File not found -- -- (EventSystem [On_Demand | Running])
File not found -- -- (FastUserSwitchingCompatibility [On_Demand | Running])
File not found -- -- (GenericHidService [Disabled | Stopped])
File not found -- -- (helpsvc [Auto | Running])
File not found -- -- (hpqcxs08 [On_Demand | Running])
File not found -- -- (hpqddsvc [Auto | Running])
File not found -- -- (HTTPFilter [On_Demand | Stopped])
File not found -- -- (IDriverT [Disabled | Stopped])
File not found -- -- (ImapiService [On_Demand | Stopped])
File not found -- -- (lanmanserver [Auto | Running])
File not found -- -- (lanmanworkstation [Auto | Running])
File not found -- -- (LmHosts [Auto | Running])
File not found -- -- (Messenger [Disabled | Stopped])
[2004/08/16 18:03:04 | 00,000,000 | ---D | M] -- C:\WINDOWS\system32\msdtc -- (MSDTC [On_Demand | Stopped])
File not found -- -- (MSIServer [On_Demand | Stopped])
File not found -- -- (Net Driver HPZ12 [Auto | Running])
File not found -- -- (NetDDEdsdm [Disabled | Stopped])
[2004/08/05 14:00:00 | 00,407,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\netlogon.dll -- (Netlogon [On_Demand | Stopped])
File not found -- -- (Nla [On_Demand | Running])
File not found -- -- (NtLmSsp [On_Demand | Stopped])
File not found -- -- (ose [Disabled | Stopped])
File not found -- -- (PlugPlay [Auto | Running])
File not found -- -- (Pml Driver HPZ12 [Auto | Running])
File not found -- -- (PolicyAgent [Auto | Running])
File not found -- -- (ProtectedStorage [Auto | Running])
[2008/04/14 03:33:39 | 00,061,440 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\rasman.dll -- (RasMan [On_Demand | Running])
File not found -- -- (RDSessMgr [On_Demand | Stopped])
File not found -- -- (RemoteAccess [Disabled | Stopped])
File not found -- -- (RpcLocator [On_Demand | Stopped])
File not found -- -- (SamSs [Auto | Running])
File not found -- -- (Schedule [Auto | Running])
File not found -- -- (SharedAccess [Auto | Running])
File not found -- -- (ShellHWDetection [Auto | Running])
File not found -- -- (Spooler [Auto | Running])
File not found -- -- (srservice [Auto | Running])
File not found -- -- (stisvc [Auto | Running])
[2004/08/05 14:00:00 | 00,139,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\swprv.dll -- (SwPrv [On_Demand | Stopped])
File not found -- -- (SysmonLog [On_Demand | Stopped])
File not found -- -- (TermService [On_Demand | Running])
File not found -- -- (Themes [Auto | Running])
File not found -- -- (VSS [On_Demand | Stopped])
File not found -- -- (WebClient [Auto | Running])
File not found -- -- (winmgmt [Auto | Running])
File not found -- -- (WmdmPmSN [On_Demand | Stopped])
File not found -- -- (WmiApSrv [On_Demand | Stopped])
File not found -- -- (WMPNetworkSvc [Disabled | Stopped])

========== Driver Services ==========

[2005/02/23 13:58:56 | 00,011,776 | ---- | M] (Arcsoft, Inc.) -- C:\WINDOWS\System32\drivers\afc.sys -- (Afc [On_Demand | Running])
[2005/01/28 17:48:58 | 02,310,272 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\System32\drivers\ALCXWDM.SYS -- (ALCXWDM [On_Demand | Running])
[2001/08/17 21:51:56 | 00,005,248 | ---- | M] (Acer Laboratories Inc.) -- C:\WINDOWS\System32\drivers\aliide.sys -- (AliIde [Boot | Running])
[2008/04/13 19:36:39 | 00,043,008 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\WINDOWS\System32\drivers\amdagp.sys -- (amdagp [Boot | Running])
[2004/08/11 16:30:00 | 00,043,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\AmdK8.sys -- (AmdK8 [System | Running])
[2001/08/17 21:52:00 | 00,026,496 | ---- | M] (Advanced System Products, Inc.) -- C:\WINDOWS\System32\drivers\asc.sys -- (asc [Boot | Running])
[2001/08/17 21:51:58 | 00,014,848 | ---- | M] (Advanced System Products, Inc.) -- C:\WINDOWS\System32\drivers\asc3550.sys -- (asc3550 [Boot | Running])
[2007/11/20 13:29:55 | 00,008,552 | ---- | M] (Windows (R) 2000 DDK provider) -- C:\WINDOWS\System32\drivers\asctrm.sys -- (ASCTRM [Auto | Running])
File not found -- -- (avgio [System | Running])
File not found -- -- (avgntflt [On_Demand | Running])
[2008/10/30 10:21:03 | 00,075,072 | ---- | M] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avipbb.sys -- (avipbb [System | Running])
[2006/10/03 15:06:38 | 00,022,656 | R--- | M] (Guillemot Corporation) -- C:\WINDOWS\System32\drivers\camfilt.sys -- (camfilt [On_Demand | Stopped])
File not found -- -- (cbidf [Boot | Running])
[2001/08/23 17:04:44 | 00,006,656 | ---- | M] (CMD Technology, Inc.) -- C:\WINDOWS\System32\drivers\cmdide.sys -- (CmdIde [Boot | Running])
[2001/08/17 21:52:16 | 00,179,584 | ---- | M] (Mylex Corporation) -- C:\WINDOWS\System32\drivers\dac2w2k.sys -- (dac2w2k [Boot | Running])
[2008/04/13 19:36:40 | 00,046,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\gagp30kx.sys -- (gagp30kx [Boot | Running])
File not found -- -- (Gpc [On_Demand | Running])
[2007/03/08 05:20:48 | 00,049,920 | R--- | M] (HP) -- C:\WINDOWS\System32\drivers\HPZid412.sys -- (HPZid412 [On_Demand | Stopped])
[2007/03/08 05:20:49 | 00,016,496 | R--- | M] (HP) -- C:\WINDOWS\System32\drivers\HPZipr12.sys -- (HPZipr12 [On_Demand | Stopped])
[2007/03/08 05:20:50 | 00,021,568 | R--- | M] (HP) -- C:\WINDOWS\System32\drivers\HPZius12.sys -- (HPZius12 [On_Demand | Stopped])
[2008/04/14 03:05:15 | 00,014,720 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\kbdhid.sys -- (kbdhid [System | Running])
[2001/08/17 21:52:12 | 00,017,280 | ---- | M] (American Megatrends Inc.) -- C:\WINDOWS\System32\drivers\mraid35x.sys -- (mraid35x [Boot | Running])
[2005/11/19 02:13:18 | 00,020,096 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) -- C:\WINDOWS\System32\drivers\PCASp50.sys -- (PCASp50 [On_Demand | Stopped])
File not found -- -- (PptpMiniport [On_Demand | Running])
[2004/08/05 14:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) -- C:\WINDOWS\System32\drivers\ptilink.sys -- (Ptilink [On_Demand | Running])
[2004/10/21 02:03:00 | 00,020,576 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\System32\drivers\pxhelp20.sys -- (PxHelp20 [Boot | Running])
[2001/08/17 21:52:20 | 00,040,320 | ---- | M] (QLogic Corporation) -- C:\WINDOWS\System32\drivers\ql1080.sys -- (ql1080 [Boot | Running])
[2001/08/17 21:52:20 | 00,045,312 | ---- | M] (QLogic Corporation) -- C:\WINDOWS\System32\drivers\ql12160.sys -- (ql12160 [Boot | Running])
[2001/08/17 21:52:18 | 00,049,024 | ---- | M] (QLogic Corporation) -- C:\WINDOWS\System32\drivers\ql1280.sys -- (ql1280 [Boot | Running])
File not found -- -- (ROOTMODEM [On_Demand | Running])
File not found -- -- (RTL8023xp [On_Demand | Running])
[2007/11/13 11:25:54 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\WINDOWS\System32\drivers\secdrv.sys -- (Secdrv [On_Demand | Stopped])
[2001/08/17 22:07:44 | 00,019,072 | ---- | M] (Adaptec, Inc.) -- C:\WINDOWS\System32\drivers\sparrow.sys -- (Sparrow [Boot | Running])
[2007/07/03 16:54:24 | 00,080,552 | ---- | M] (MCCI Corporation) -- C:\WINDOWS\System32\drivers\sscdbus.sys -- (sscdbus [On_Demand | Stopped])
[2007/07/03 16:57:24 | 00,011,944 | ---- | M] (MCCI Corporation) -- C:\WINDOWS\System32\drivers\sscdmdfl.sys -- (sscdmdfl [On_Demand | Stopped])
[2007/07/03 16:58:20 | 00,106,792 | ---- | M] (MCCI Corporation) -- C:\WINDOWS\System32\drivers\sscdmdm.sys -- (sscdmdm [On_Demand | Stopped])
[2007/11/08 18:03:26 | 00,021,248 | ---- | M] (AVIRA GmbH) -- C:\WINDOWS\System32\drivers\ssmdrv.sys -- (ssmdrv [System | Running])
[2006/07/24 16:05:00 | 00,005,632 | ---- | M] () -- C:\WINDOWS\System32\drivers\StarOpen.sys -- (StarOpen [System | Running])
[2001/08/17 22:07:34 | 00,016,256 | ---- | M] (Symbios Logic Inc.) -- C:\WINDOWS\System32\drivers\symc810.sys -- (symc810 [Boot | Running])
[2001/08/17 22:07:36 | 00,032,640 | ---- | M] (LSI Logic) -- C:\WINDOWS\System32\drivers\symc8xx.sys -- (symc8xx [Boot | Running])
[2001/08/17 22:07:40 | 00,028,384 | ---- | M] (LSI Logic) -- C:\WINDOWS\System32\drivers\sym_hi.sys -- (sym_hi [Boot | Running])
[2001/08/17 22:07:42 | 00,030,688 | ---- | M] (LSI Logic) -- C:\WINDOWS\System32\drivers\sym_u3.sys -- (sym_u3 [Boot | Running])
[2001/08/17 21:52:22 | 00,036,736 | ---- | M] (Promise Technology, Inc.) -- C:\WINDOWS\System32\drivers\ultra.sys -- (ultra [Boot | Running])
[2008/04/13 19:45:12 | 00,060,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\USBAUDIO.sys -- (usbaudio [On_Demand | Stopped])
File not found -- -- (VgaSave [System | Running])
[2003/07/02 05:42:00 | 00,027,904 | ---- | M] (VIA Technologies, Inc.) -- C:\WINDOWS\System32\drivers\VIAAGP1.SYS -- (viaagp1 [Boot | Running])
File not found -- -- (viagfx [On_Demand | Running])
[2004/07/06 23:45:42 | 00,060,672 | ---- | M] (VIA Technologies inc,.ltd) -- C:\WINDOWS\System32\drivers\viamraid.sys -- (viamraid [Boot | Running])
File not found -- -- (wanatw [On_Demand | Running])

========== (R ) Internet Explorer ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main]
"Default_page_url"=http://go.microsoft.com/fwlink/?LinkId=69157
"Default_search_url"=http://go.microsoft.com/fwlink/?LinkId=54896
"Local Page"=%SystemRoot%\system32\blank.htm
"Search page"=http://go.microsoft.com/fwlink/?LinkId=54896
"Start Page"=http://fr.msn.com/

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Search]
"CustomizeSearch"=http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
"Default_Search_URL"=http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
"SearchAssistant"=http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main]

========== (O1) Hosts File ==========

HOSTS File = (736 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
First 25 entries...
127.0.0.1 localhost

========== (O2) BHO's ==========

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\]
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} (HKLM) -- C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} (HKLM) -- C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll (Sun Microsystems, Inc.)

========== (O4) Run Keys ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avgnt"="C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min File not found

========== (O4) RunOnce Keys ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
""= File not found
"GrpConv"=grpconv -o File not found
"Malwarebytes' Anti-Malware"=C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent File not found

========== (O4) Startup Folders ==========

File not found -- D:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\desktop

========== (O6 & O7) Current Version Policies ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
"NoCDBurning"=0
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
"NoDrives"=0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"DisableRegistryTools"=0

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0

========== (O9) IE Extensions ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\]
{FB5F1910-F110-11d2-BB9E-00C04F795683}: Button: Messenger -- %ProgramFiles%\Messenger\msmsgs File not found
{FB5F1910-F110-11d2-BB9E-00C04F795683}: Menu: Windows Messenger -- %ProgramFiles%\Messenger\msmsgs File not found

========== (O12) Internet Explorer Plugins ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\]
PluginsPage: "" = http://activex.microsoft.com/controls/find.asp?ext=%s&mime=%s
PluginsPageFriendlyName: "" = Bibliothèque de contrôles ActiveX Microsoft

========== (O13) Default Prefixes ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix]
""=http://

========== (O15) Trusted Sites ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\]
1 domain(s) and sub-domain(s) not assigned to a zone.

========== (O16) DPF ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\]
{8AD9C840-044E-11D1-B3E9-00805F499D93}: http://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab -- Java Plug-in 1.6.0_03
{CAFEEFAC-0015-0000-0004-ABCDEFFEDCBA}: http://java.sun.com/update/1.5.0/jinstall-1_5_0_04-windows-i586.cab -- Java Plug-in 1.5.0_04
{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}: http://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab -- Java Plug-in 1.6.0_03
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}: http://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab -- Java Plug-in 1.6.0_03
{D27CDB6E-AE6D-11CF-96B8-444553540000}: http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab -- Shockwave Flash Object

========== (O17) DNS Name Servers ==========

{2843962C-C6E7-4FC9-BF1C-058D8ECBBCC7} (Servers: | Description: )
{C51F95C9-D9F0-4B0F-84BF-3E152EF3F2C4} (Servers: | Description: Neuf Box 4 (BCM USB/NDIS))
{DBA4BE95-6DAD-40F3-BA4C-EAF947612B77} (Servers: | Description: 802.11g USB 2.0 WLAN Dongle)
{FABB7875-035B-4F96-9A6D-C963ACF7A881} (Servers: | Description: Realtek RTL8139/810x Family Fast Ethernet NIC)

========== (O20) HKLM Winlogon Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"Shell"=Explorer.exe
>File not found -- C:\WINDOWS\explorer

"UserInit"=C:\WINDOWS\system32\userinit.exe,
>File not found -- C:\WINDOWS\system32\userinit

"UIHost"=logonui.exe
>File not found -- C:\WINDOWS\system32\logonui

"VMApplet"=rundll32 shell32,Control_RunDLL "sysdm.cpl"
>File not found -- C:\WINDOWS\system32\sysdm


========== IFEO "Debugger" Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\]
Your Image File Name Here without a path:"Debugger" = C:\WINDOWS\system32\ntsd File not found

========== Safeboot Options ==========

"AlternateShell"=cmd.exe

========== CDRom AutoRun Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom]
"AutoRun" = 1

========== Autorun Files on Drives ==========

autorun.bin [+,-.*+,-.*+,-.*+,-.*+,-.*+,-.*+,±ÒÒ¹ÁôÄï,-.*+,-.*+,-.*+,-.*+,-.*+,-.*+,- | !"º±´´ÊýÄ룮ÖØÁݱÏÒ¶£®²¾Ê¨àµÐ롥ſµÇÁé¸Ñ£®¿ô×û´Ë³ÍÐôÓÝÒ¿Èռ壮Ò×±ñÁôÄï¡¥ÓÉÓÛ³ÎÐõ?¾ùΫcxxoswq£°¹ÊÃýÃýέeuuquyn·è±«¡¦Èø¾ýΫ¸áÊÙ£°×Ô²¼Ö·Ò¾Ðª£¬È¼·ÓÎÒÒ¼·®ÐÇÑ®£¬Ò³ÐïÄßÁòÈËÓÑËûµÆ¡§ !"#$ !"#$ !"#$ !"#$ !"#$ !"#$ !"#$ !"#$ ! | $ !"#´Ï³ÌÐóËæÄß´¯²¥£­µ­È·Î⺦¡¤½øÓݽõÈÕÓÑ´ÍÌäÊÂ:*£®Ö±º÷ÔÙÎß´­²¨¡§ !"#$ ! | $ !"ÏãÐɸ÷μ¼¶ÓîÐÉ´óÓÑÔ·£¯×ØÄÜ!Ãò´Î·ë±©;+£«´÷²»ÁÌÉÀ#ËýÓеÅcxxoswq£­¡£!"# | !"#$ !"#$ !"#$ !"#$ !"#$ !"#$ !"#$ !"#$ !"#$ !"#$ !"#$ !"#$ !"#$ !"#$ !" !"#$ !"#$ !"#$ !"#$ !"#$ !"#$ !"#$ !"#$ !"#$ !"#$ !"#$ !"#$ !"#$ !"#$ ! | $ !"#$ !"#$ !"#$ !"#$ !"#$ !"#$ !"#$ !"#$ !"#$ !"#$ !"#$ !"#$ !"#$ !"#$ #$ !"#$ !"#$ !"#$ !"#$ !"#$ !"#$ !"#$ !"#$ !"#$ !"#$ !"#$ !"#$ !"#$ !"#$ | "#$ !"#$ !"#$ !"#$ !"#$ !"#$ !"#$ !"#$ !"#$ !"#$ !"#$ !"#$ !½Ç±Á¿õÈË!"#$ | "#$ !"#$ !"#$ !"#$ !"#$ !"#$ !"#$ !"#$ !"#$ !"#$ !"#$ !"#$2129Äî6ÔÃ37ÈÙ #$ !"#$ !"#$ !"#$ !"#$ !"#$ !"#$ !"#$ !"#$ !"#$ !"#$ !"#$ !"#$ !åÒÒ¦¾×Ê¿ | ]
File not found -- D:\autorun -- [ NTFS ]

Autorun.ico []
File not found -- D:\Autorun -- [ NTFS ]

Autorun.ini [[AUTORUN] | CAPTION = "Driver Installation tool Ver 1.0" | LOADICON = "AUTORUN.ICO" | BACKGROUND = "BMP\menu1.BMP" | BACKGROUND16 = "BMP\menu16.BMP" | DEBUGMODE = 0 | STRING1 = 01 | STRING2 = 3 | STRING3 = 32 | STRING4 = 5 | STRING5 = 4 | STRING6 = 9 | STRING7 = 13 | STRING8 = 15 | STRING9 = 1 | STRING10 = 4 | STRING11 = 9 | STRING12 = 13 | STRING13 = 15 | STRING14 = 12 | STRING15 = 12 | | [SEARCH] | SETUPSCRIPT = "BIOS Search String" | SETUPNO = 90 | SEARCH1 = "6A6LKSN9" | ;77kV/KVB | SEARCH2 = "6A61BSN9" | ;75FRN Nforce2(SPP) | SEARCH3 = "6A69VSAM" | ;85MD2-L(SDram) | SEARCH4 = "6A69RSNG" | ;65ME 65ME2 | SEARCH5 = "6A69RSNC" | ;65EP 4MB | SEARCH6 = "6A69RSNF" | ;65EP 2MB | SEARCH7 = "6A69RSNH" | ;65EP2/EP2B/EP2+ | SEARCH8 = "6A69VSN9" | ;85SD,85SDC,85Sid,85SD+,85SDB,85Dr-Tc,85Dr2-Tc | SEARCH9 = "6A6LXSN9" | ;85ERV2 85Erv2-C(P4X400) | SEARCH10 = "6A69VSAL" | ;(B8A)(B8A-F)(B8C)Baby Case(2M) | SEARCH11 = "6A61BSNC" | ;Nforce2(IGP)2M 75MRN | SEARCH12 = "2A6LGSNP" | ;65FVB | SEARCH13 = "6A6LGSNC" | ;65DV/DVB/DV2 | SEARCH14 = "6A6LJSNB" | ;65JV/JVB/JVB-X | SEARCH15 = "6A6LJSN9" | ;65KV/KVB/KV2/65KIV/65kIV-T | SEARCH16 = "6A6LJSNF" | ;65KV2-T | SEARCH17 = "6A6LMSN9" | ;75KAV/KIV/KV+/KV2/JV | SEARCH18 = "6A6LNSN9" | ;75MAV/MIV | SEARCH19 = "6A6LLSN9" | ;65MV/MIV/MIV-C/MIV2 | SEARCH20 = "6A6LJSND" | ;68C | SEARCH21 = "6A6LJSNE" | ;68C+ | SEARCH22 = "6A6LUSN9" | ;65DRV | SEARCH23 = "6A6LVSN9" | ;75DRV/DRV-X | SEARCH24 = "6A6LNSNA" | ;75LIV | SEARCH25 = "6A6LISN9" | ;65LIV/-T | SEARCH26 = "2A6LGSNC" | ;67FV1/FV | SEARCH27 = "2A6LGSNE" | ;65FV/FV+ | SEARCH28 = "6A6LWSN9" | ;85DRV/DRV+ | SEARCH29 = "6A6LUSNA" | ;65DRV-T | SEARCH30 = "6A6LVSNA" | ;75DRV2+ | SEARCH31 = "6A6LISNA" | ;65LIV-TL | SEARCH32 = "6A69RSNI" | ;65ME-T | SEARCH33 = "6A69RSNJ" | ;65ep-t | SEARCH34 = "6A69VSAA" | ;85DR/DR+/DR-C/DIR AMI BIOS | SEARCH35 = "6A6IXSN9" | ;85DRS AWARD BIOS | SEARCH36 = "6A6IXSA9" | ;85DRS AMI BIOS | SEARCH37 = "6A69VSAE" | ;85DIR2/85DR2-C(ICH2) | SEARCH38 = "6A6LWSND" | ;85MIV-L | SEARCH39 = "6A6LWSNB" | ;85DIV-L | SEARCH40 = "6A6IXSAA" | ;85MIS AMI BIOS | SEARCH41 = "6A6LVSNB" | ;75DRV5 | SEARCH42 = "6A69VSAC" | ;85MIR-L/85Lir | SEARCH43 = "6A69VSAD" | ;85DR2,85DR2-DC(ICH4) | SEARCH44 = "6A6LWSNG" | ;85DRV4-C/ | SEARCH45 = "6A6LVSNC" | ;75DRV5-E | SEARCH46 = "6A69VSNG" | ;85DIR2-L | SEARCH47 = "6A69VSNH" | ;85MR2+-L 85MR3-R(4M) | SEARCH48 = "6A6LWSNH" | ;85DRV5/85DRV5-L/85DiV3(Alc),85DRV5-C(via_1612) | SEARCH49 = "6A6LYSA9" | ;75FRV,KT400-A4(KT400) | SEARCH50 = "6A69VSAI" | ;85DR3-L & 85Dir3-L 85Dir4(845Pe) | SEARCH51 = "6A6LYSAA" | ;KT400 and serial_ATA_20375,KT400-AL(kt400a_0312CD) | SEARCH52 = "6A6LVSAD" | ;KT333A and serial_ATA_20375 | SEARCH53 = "6A69VSAK" | ;85Mir2/85Lir2/85Mir3 85Lir3 (2M) 845Ge 845Gv | SEARCH54 = "6A69VSAJ" | ;85MR3 (2M) 845Ge 85MR3-CL(2M) | SEARCH55 = "6A6LYSAB" | ;KT400-C(KT-400)(Alc202A),KT400-A4C,KT400A-c | SEARCH56 = "6A69WSNA" | ;(85FR)(85FR-R)(E7205)(winbond-627)(PDC20376) | SEARCH57 = "6A7L0SN9" | ;(K8AV-R,+8235+20378)Award | SEARCH58 = "6A61BSNA" | ;(75FRN2)(CR18D_A4)(75FRN3_ultra400) | SEARCH59 = "6A79ASA9" | ;(86MP-L,86Mip,ICH5,Spring dale_865G) | SEARCH60 = "6A6LWSAI" | ;(85MIV3-L,85Miv4,P4M266A,8235 AMI_BIOS) | SEARCH61 = "6A61BSNB" | ;Nforce2(IGP)4M 75MRN-RL | SEARCH62 = "6A79ASAA" | ;(86SPE,86SPE2,86sp2,865-GR ICH5,Spring dale_No Onboard_VGA) | SEARCH63 = "6A61BSND" | ;2M B7A-F_Award(IGP,MCP-T,A3_Support_DDR333) | SEARCH64 = "6A61BSAD" | ;2M B7A-F_AMI(IGP,MCP-T,A3_Support_DDR333) | SEARCH65 = "6A69VSAN" | ;B8D-FR(4M) | SEARCH66 = "6A6LYSAC" | ;KM400(75Miv2) | SEARCH67 = "6A6LYSAD" | ;KT600-R(support 200 CPU)(8237) | SEARCH68 = "6A79ASAB" | ;B8E-Fr ICH5-R (Raid 0)Winbond-83627THF | SEARCH69 = "6A79ASAC" | ;B8E-F ICH5 (No Raid)Winbond-83627THF | SEARCH70 = "6A6LYSAE" | ;KT400A2-L(8237) | SEARCH71 = "6A6LYSAF" | ;KT600-C(8235)(Alc101) | SEARCH72 = "6A79ASNC" | ;86Spe3,86sp3 (Ich4+ALC655) | SEARCH73 = "6A79BSN9" | ;87CW(Giga_Lan) | SEARCH74 = "6A79ASND" | ;848P2 (Ich4+ALC655) | SEARCH75 = "6A79ASNE" | ;848P (Ich5+ALC650) | SEARCH76 = "6A79ASNF" | ;86Mip2 (865G+Ich4) | SEARCH77 = "6A7L0SAA" | ;(K8AV2-RL,+8237) Award | SEARCH78 = "6A7L2SA9" | ;PT880E-RL(AMI) PT800CE | SEARCH79 = "6A7L2SN9" | ;PT880E-RL(Award) PT800CE | SEARCH80 = "6A61CSN9" | ;(K8AN-RL,K8AN-L,Pdc20376)award | SEARCH81 = "6A61CSA9" | ;(K8AN-RL,K8AN-L,Pdc20376)AMI | SEARCH82 = "6A6LWSAJ" | ;(85Div4 no onboard VGA the same 85Miv4) | SEARCH83 = "6A79ASAD" | ;(86PIE-L) | SEARCH84 = "6A6LUSNB" | ;(Cle266 & 8235CD_B6A) | SEARCH85 = "6A79ASAF" | ;(865Ge+Ich5+ISA)XP865G-L | SEARCH86 = "6A79ASAG" | ;(865Pe+Ich5+Ite8212+Silicon+Giga_Lan)865Pro-FGR | SEARCH87 = "6A7L0SND" | ;(via8237+silicon+Giga_Lan+10/100 Lan)K8PRO-GLR | SEARCH88 = "2A69KSNG" | ;63A_test | | | [6A69VSAM] | SETUPNO = 6 | STRING1 = 12 | STRING2 = 13 | STRING3 = 19 | STRING4 = 27 | STRING5 = 28 | STRING6 = 16 | | ;85MD2-L(SD ram) | | [6A69RSNC] | SETUPNO = 6 | STRING1 = 12 | STRING2 = 13 | STRING3 = 19 | STRING4 = 8 | STRING5 = 11 | STRING6 = 9 | | ;65ME/ME+/MIE/ME2+ | | [6A69RSNI] | SETUPNO = 6 | STRING1 = 12 | STRING2 = 13 | STRING3 = 19 | STRING4 = 8 | STRING5 = 11 | STRING6 = 9 | | ;65ME-T | | [6A69RSNF] | SETUPNO = 4 | STRING1 = 12 | STRING2 = 13 | STRING3 = 11 | STRING4 = 9 | | ;65EP/EP+ | | [6A69RSNJ] | SETUPNO = 4 | STRING1 = 12 | STRING2 = 13 | STRING3 = 11 | STRING4 = 9 | | ;65EP-T | | [6A69RSNH] | SETUPNO = 4 | STRING1 = 12 | STRING2 = 13 | STRING3 = 11 | STRING4 = 9 | | ;65EP2/EP2+/EP2B | | | [6A6LJSN9] | SETUPNO = 3 | STRING1 = 1 | STRING2 = 2 | STRING3 = 5 | ;65KV/KVB/KV2/KIV/67KV | | [6A6LGSNC] | SETUPNO = 3 | STRING1 = 1 | STRING2 = 2 | STRING3 = 5 | ;65DV/DVB/DV2 | | [6A6LNSNA] | SETUPNO = 5 | STRING1 = 1 | STRING2 =19 | STRING3 = 4 | STRING4 = 2 | STRING5 = 5 | ;75LIV | | | [6A6LISN9] | SETUPNO = 5 | STRING1 = 1 | STRING2 =19 | STRING3 = 4 | STRING4 = 2 | STRING5 = 5 | ;65LIV/T | | [6A6LISNA] | SETUPNO = 5 | STRING1 = 1 | STRING2 =19 | STRING3 = 4 | STRING4 = 2 | STRING5 = 5 | ;65LIV-TL | | | [6A69VSN9] | SETUPNO = 4 | STRING1 = 12 | STRING2 = 13 | STRING3 = 11 | STRING4 = 14 | | ;85SD,85SDC,85Sid,85SD+,85SDB,85Dr-Tc,85Dr2-Tc series | | [6A69VSAA] | SETUPNO = 4 | STRING1 = 12 | STRING2 = 13 | STRING3 = 11 | STRING4 = 22 | | ;85DR/DR+/DR-C/DIR series AMI BIOS | | [6A6LMSN9] | SETUPNO = 3 | STRING1 = 1 | STRING2 = 2 | STRING3 = 5 | ;75KV/KV+/KAV/-X | | [6A6LJSNF] | SETUPNO = 3 | STRING1 = 1 | STRING2 = 2 | STRING3 = 5 | ;65KV2-T | | [2A6LGSNP] | SETUPNO = 1 | STRING1 = 1 | ;65FVB | | | [6A6LVSN9] | SETUPNO = 3 | STRING1 = 1 | STRING2 = 18 | STRING3 = 9 | ;75DRV/DRV-X/DRV2 | | | [6A6LWSN9] | SETUPNO = 3 | STRING1 = 29 | STRING2 = 18 | STRING3 = 9 | ;85DRV/DRV+/DRV2/DRV3 | | [6A6LWSNG] | SETUPNO =3 | STRING1 = 29 | STRING2 = 18 | STRING3 = 9 | ;85DRV4-C(P4X266E,8233A) | | [6A6LWSNH] | SETUPNO =4 | STRING1 = 29 | STRING2 = 18 | STRING3 = 10 | STRING4 = 9 | ;85DRV5/85DRV5-L(P4X266E,8235)/85Div3(Alc),85DRV5-C(Via_1612) | | [6A6LUSN9] | SETUPNO = 3 | STRING1 = 1 | STRING2 = 18 | STRING3 = 9 | ;65DRV | | [6A6LUSNA] | SETUPNO = 3 | STRING1 = 1 | STRING2 = 18 | STRING3 = 9 | ;65DRV-T | | [6A6LNSN9] | SETUPNO = 5 | STRING1 = 1 | STRING2 = 2 | STRING3 = 19 | STRING4 = 3 | STRING5 = 5 | ;75MAV/75MIV | | [6A6LYSAC] | SETUPNO =6 | STRING1 =29 | STRING2 =19 | STRING3 =24 | STRING4 =10 | STRING5 =18 | STRING6 =14 | ;KM400(75Miv2) | | [6A6LYSAD] | SETUPNO =4 | STRING1 =29 | STRING2 =10 | STRING3 =18 | STRING4 =14 | ;KT600-R (8237)(Support 200 CPU & Raid 0,1) | | [6A6LYSAF] | SETUPNO =4 | STRING1 =29 | STRING2 =10 | STRING3 =28 | STRING4 =14 | ;KT600-C (8235CD)(Support 200 cpu)(Alc101) | | | | [6A6LYSAD] | SETUPNO =4 | STRING1 =29 | STRING2 =10 | STRING3 =18 | STRING4 =14 | ;KT400A2-L (8237)(Raid 0,1) | | | [6A6LLSN9] | SETUPNO = 5 | STRING1 = 1 | STRING2 = 2 | STRING3 = 19 | STRING4 = 3 | STRING5 = 5 | ;65MIV/MV/MIV2 | | | | [6A6LJSNB] | SETUPNO = 1 | STRING1 = 1 | ;65JB/JVB/JVB-X | | [2A6LGSNE] | SETUPNO = 1 | STRING1 = 1 | ;65FV/FV+ | | [6A6LKSN9] | SETUPNO = 3 | STRING1 = 1 | STRING2 = 2 | STRING3 = 5 | ;77KV/KVB | | [6A6LJSND] | SETUPNO = 3 | STRING1 = 1 | STRING2 = 2 | STRING3 = 5 | ;68C | | [6A6LJSNE] | SETUPNO = 3 | STRING1 = 1 | STRING2 = 2 | STRING3 = 5 | ;68C+ | | [2A6LGSNC] | SETUPNO = 3 | STRING1 = 1 | STRING2 = 2 | STRING3 = 5 | ;67FV/FV1 | | [6A6IXSN9] | SETUPNO = 3 | STRING1 = 20 | STRING2 = 21 | STRING3 = 9 | ;85DRS series AWARD BIOS | | [6A6IXSA9] | SETUPNO = 3 | STRING1 = 20 | STRING2 = 21 | STRING3 = 9 | ;85DRS series AMI BIOS | | [6A6LWSND] | SETUPNO = 5 | STRING1 = 29 | STRING2 = 18 | STRING3 = 19 | STRING4 = 17 | STRING5 = 9 | ;85MIV-L 85MIV2(Award) | | [6A6LWSAI] | SETUPNO = 6 | STRING1 = 29 | STRING2 = 10 | STRING3 = 19 | STRING4 = 17 | STRING5 = 18 | STRING6 = 14 | ;85MIV3-L,85Miv4 (AMI_BIOS) | | | [6A6LWSAJ] | SETUPNO = 4 | STRING1 = 29 | STRING2 = 10 | STRING3 = 18 | STRING4 = 14 | ;85Div4 the same 85Miv4 No VGA (AMI_BIOS) | | | [6A6LWSNB] | SETUPNO = 3 | STRING1 = 29 | STRING2 = 18 | STRING3 = 9 | ;85DIV-L | | | [6A6IXSAA] | SETUPNO = 5 | STRING1 = 20 | STRING2 = 19 | STRING3 = 24 | STRING4 = 21 | STRING5 = 9 | ;85MIS-L series AMI BIOS | | | [6A6LVSNB] | SETUPNO = 3 | STRING1 = 29 | STRING2 = 18 | STRING3 = 9 | ;75DRV5(KT333) | | [6A6LVSNA] | SETUPNO = 3 | STRING1 = 29 | STRING2 = 18 | STRING3 = 9 | ;75DRV3+/75ERV(KT266A) | | [6A6LVSNC] | SETUPNO = 3 | STRING1 = 29 | STRING2 = 18 | STRING3 = 9 | ;75DRV5-E(KT333) | | [6A6LVSAD] | SETUPNO = 4 | STRING1 = 29 | STRING2 = 10 | STRING3 = 28 | STRING4 = 9 | ;KT333A and serial_ATA_20375 | | [6A6LYSA9] | SETUPNO = 4 | STRING1 = 29 | STRING2 = 10 | STRING3 = 28 | STRING4 = 16 | ;75FRV,KT400-A4(KT400) | | [6A6LYSAB] | SETUPNO = 4 | STRING1 = 29 | STRING2 = 10 | STRING3 = 28 | STRING4 = 16 | ;KT400-C(KT400,Alc202a),kT400-A4C,KT400A-C | | | [6A6LYSAA] | SETUPNO = 4 | STRING1 = 29 | STRING2 = 10 | STRING3 = 28 | STRING4 = 16 | ;KT400 and serial_ATA_20375,KT400-AL(kt400a_0312CD) | | [6A7L0SN9] | SETUPNO = 4 | STRING1 = 29 | STRING2 = 10 | STRING3 = 18 | STRING4 = 14 | ;K8AV-R(8235+20378) Award | | [6A7L0SAA] | SETUPNO = 4 | STRING1 = 29 | STRING2 = 10 | STRING3 = 18 | STRING4 = 14 | ;K8AV2-RL(8237) Award | | | | [6A7L0SND] | SETUPNO = 5 | STRING1 = 29 | STRING2 = 10 | STRING3 = 18 | STRING4 = 31 | STRING5 = 14 | ;K8PRO-GLR(Via8237+silicon+Giga_Lan+10/100 Lan) | | | | [6A61CSN9] | SETUPNO = 2 | STRING1 = 30 | STRING2 = 14 | ;(K8AN-RL,K8AN-L,pdc20378)award | | [6A61CSA9] | SETUPNO = 2 | STRING1 = 30 | STRING2 = 14 | ;(K8AN-RL,K8AN-L,pdc20378)AMI | | | | [6A69VSAC] | SETUPNO = 6 | STRING1 = 12 | STRING2 = 13 | STRING3 = 19 | STRING4 = 27 | STRING5 = 28 | STRING6 = 14 | ;85MIR-L 85Lir | | [6A69VSAK] | SETUPNO = 6 | STRING1 = 12 | STRING2 = 13 | STRING3 = 19 | STRING4 = 27 | STRING5 = 28 | STRING6 = 14 | ;85MIR2 85Lir2 85Mir3 85Lir3 (2M) 845Ge 845Gv | | [6A69VSAD] | SETUPNO = 4 | STRING1 = 12 | STRING2 = 13 | STRING3 = 28 | STRING4 = 14 | ;85DR2 85DR2-DC(ICH4) | | [6A69VSAE] | SETUPNO = 4 | STRING1 = 12 | STRING2 = 13 | STRING3 = 28 | STRING4 = 22 | ;85DIR2/85DR2-C(ICH2) | | [6A6LXSN9] | SETUPNO = 4 | STRING1 = 29 | STRING2 = 28 | STRING3 = 10 | STRING4 = 14 | ;85ERV2 85erv2_C(P4X400) | | | [6A7L2SA9] | SETUPNO = 5 | STRING1 = 29 | STRING2 = 10 | STRING3 = 28 | STRING4 = 31 | STRING5 = 14 | ;PT880E-RL PT800CE AMI | | | [6A7L2SN9] | SETUPNO = 5 | STRING1 = 29 | STRING2 = 10 | STRING3 = 28 | STRING4 = 31 | STRING5 = 14 | ;PT880E-RL PT800CE AWard | | | | | [6A69VSNH] | SETUPNO =6 | STRING1 =12 | STRING2 =13 | STRING3 =19 | STRING4 =27 | STRING5 =28 | STRING6 =9 | ;85MR2+-L 85MR3-R(4M) | | [6A69VSAJ] | SETUPNO =6 | STRING1 =12 | STRING2 =13 | STRING3 =19 | STRING4 =27 | STRING5 =28 | STRING6 =16 | ;85MR3(2M) 845Ge | | [6A69VSNG] | SETUPNO =4 | STRING1 =12 | STRING2 =13 | STRING3 =28 | STRING4 =9 | ;85DIR2-L | | [6A69VSAI] | SETUPNO =4 | STRING1 =12 | STRING2 =13 | STRING3 =28 | STRING4 =14 | ;85Dir3-L & 85Dr3-L 85Dir4 (845Pe) | | [6A69VSAL] | SETUPNO =6 | STRING1 =12 | STRING2 =13 | STRING3 =19 | STRING4 =27 | STRING5 =28 | STRING6 =16 | ; B8A,B8A-F(Baby case)(2M) | | [6A69VSAN] | SETUPNO =6 | STRING1 =12 | STRING2 =13 | STRING3 =19 | STRING4 =27 | STRING5 =28 | STRING6 =14 | ; B8D-FR (Baby case)(4M) | | | [6A79ASAB] | SETUPNO =5 | STRING1 =25 | STRING2 =19 | STRING3 =26 | STRING4 =28 | STRING5 =14 | ; B8E-Fr (ICH5-R)Raid 0 Winbond-83627THF | | [6A79ASAC] | SETUPNO =5 | STRING1 =25 | STRING2 =19 | STRING3 =26 | STRING4 =28 | STRING5 =14 | ; B8E-F ICH5 (No Raid) Winbond-83627THF | | | | [6A69WSNA] | SETUPNO =4 | STRING1 =12 | STRING2 =13 | STRING3 =28 | STRING4 =16 | ;85FR , 85FR-R (E7205) | | [6A61BSN9] | SETUPNO =3 | STRING1 =6 | STRING2 =28 | STRING3 =16 | ;75FRN (Nforce2/SPP/MCP) | | | [6A61BSNA] | SETUPNO =3 | STRING1 =6 | STRING2 =28 | STRING3 =16 | ;75FRN2 (Nforce2_CR18D_A4/SPP/MCP)(75Frn3_ultra400) | | | [6A61BSNC] | SETUPNO =5 | STRING1 =6 | STRING2 =19 | STRING3 =7 | STRING4 =28 | STRING5 =16 | ;Nforce2 (IGP)75MRN_2M | | [6A61BSNB] | SETUPNO =5 | STRING1 =6 | STRING2 =19 | STRING3 =7 | STRING4 =28 | STRING5 =16 | ;Nforce2 (IGP)75MRN-RL_4M | | | [6A61BSND] | SETUPNO =4 | STRING1 =6 | STRING2 =19 | STRING3 =7 | STRING4 =14 | | ;B7A-F(IGP)_Award 2M(MCP-T)(Support DDR3333) | | [6A61BSAD] | SETUPNO =4 | STRING1 =6 | STRING2 =19 | STRING3 =7 | STRING4 =14 | | ;B7A-F(IGP)_AMI 2M(MCP-T)(Support DDR3333) | | | | [6A79ASA9] | SETUPNO = 5 | STRING1 = 25 | STRING2 = 19 | STRING3 = 26 | STRING4 = 28 | STRING5 = 14 | ;86MP-L,86MiP(Spring dale_865G) | | | [6A79ASAD] | SETUPNO = 3 | STRING1 = 25 | STRING2 = 28 | STRING3 = 14 | ;86PIE-L | | | | | [6A79ASNF] | SETUPNO = 6 | STRING1 = 25 | STRING2 = 13 | STRING3 = 19 | STRING4 = 26 | STRING5 = 28 | STRING6 = 14 | ;86Mip2(865G+Ich4) | | | | | [6A79ASAA] | SETUPNO = 3 | STRING1 = 25 | STRING2 = 28 | STRING3 = 14 | ;86SPE,86spe2,86sp2,865-GR(Spring dale_NO onboard VGA) | | [6A79ASNC] | SETUPNO = 4 | STRING1 = 25 | STRING2 = 13 | STRING3 = 28 | STRING4 = 14 | ;86spe3,86sp3(ICH4+ALC655) | | [6A79BSN9] | SETUPNO = 3 | STRING1 = 25 | STRING2 = 28 | STRING3 = 14 | ;87CW(Giga_Lan) | | | | [6A79ASAF] | SETUPNO = 5 | STRING1 = 25 | STRING2 = 19 | STRING3 = 26 | STRING4 = 28 | STRING5 = 14 | ;XP865G-L(865Ge+Ich5+ISA) | | | | [6A79ASAG] | SETUPNO = 3 | STRING1 = 25 | STRING2 = 28 | STRING3 = 14 | ;(865Pe+Ich5+Ite8212+Silicon+Giga_Lan)865Pro-FGR | | | | | [6A79ASND] | SETUPNO = 4 | STRING1 = 25 | STRING2 = 13 | STRING3 = 28 | STRING4 = 14 | ;848P2 (ICH4+ALC655) | | [6A79ASNE] | SETUPNO = 3 | STRING1 = 25 | STRING2 = 28 | STRING3 = 14 | ;848P (ICH5+ALC650) | | [6A6LUSNB] | SETUPNO = 7 | STRING1 = 29 | STRING2 = 10 | STRING3 = 19 | STRING4 = 23 | STRING5 = 18 | STRING6 = 31 | STRING7 = 14 | ;B6A_Cle266 & 8235CD(Award) | | | | | | [2A69KSNG] | SETUPNO = 1 | STRING1 = 12 | ;63A | | | | | | | | | | | | | | | | [LANGUAGE] | SETUPSCRIPT = "Language define" | DEFAULT = 1 | SETUPNO = 6 | LANGUAGE1 = "ENGLISH" | LANGUAGE2 = "TCHINESE" | LANGUAGE3 = "SCHINESE" | LANGUAGE4 = "Japanese" | LANGUAGE5 = "German" | LANGUAGE6 = "French" | | [ENGLISH] | SETUPSCRIPT = "Support English Language" | SETUPKEY = 1033 | SETUPFILE = "EN.INI" | | [TCHINESE] | SETUPSCRIPT = "Support Traditional-Chinese Language" | SETUPKEY = 1028 | SETUPFILE = "EN.INI" | | [SCHINESE] | SETUPSCRIPT = "Support Simple-Chinese Language" | SETUPKEY = 2052 | SETUPFILE = "EN.INI" | | [Japanese] | SETUPSCRIPT = "Support Japanese Language" | SETUPKEY = 1041 | SETUPFILE = "EN.INI" | | [German] | SETUPSCRIPT = "Support German Language" | SETUPKEY = 1031 | SETUPFILE = "EN.INI" | | [French] | SETUPSCRIPT = "Support French Language" | SETUPKEY = 1036 | SETUPFILE = "EN.INI" | | | [SUPPORT] | SETUPSCRIPT = "Support OS Setting" | DEFAULT = 0 | SETUPNO = 7 | SUPPORT1 = "WIN98SE" | SUPPORT2 = "WIN98" | SUPPORT3 = "WINNT4" | SUPPORT4 = "WIN2K" | SUPPORT5 = "WINME" | SUPPORT6 = "XP" | SUPPORT7 = "2003" | | [WIN98SE] | MAJOR = 4 | MINOR = 10 | PLATFORMID = 1 | BUILDNUMBER = 2222 | | [WIN98] | MAJOR = 4 | MINOR = 10 | PLATFORMID = 1 | BUILDNUMBER = -1 | | [WINNT4] | MAJOR = 4 | MINOR = 0 | PLATFORMID = 2 | BUILDNUMBER = -1 | | [WIN2K] | MAJOR = 5 | MINOR = 0 | PLATFORMID = 2 | BUILDNUMBER = -1 | | [WINME] | MAJOR = 4 | MINOR = 90 | PLATFORMID = 1 | BUILDNUMBER = -1 | | [XP] | MAJOR = 5 | MINOR = 1 | PLATFORMID = 2 | BUILDNUMBER = -1 | | | [2003] | MAJOR = 5 | MINOR = 2 | PLATFORMID = 2 | BUILDNUMBER = -1 | [TARGET] | STRING="6A69VSAD" | DIR="K:\" | ]
File not found -- D:\Autorun -- [ NTFS ]

autorun.txt [[autorun] | icon=daij.ico | ]
File not found -- D:\autorun -- [ NTFS ]

autorun.wsh [[ScriptFile] | Path=E:\autorun.vbs | [Options] | Timeout=1 | DisplayLogo=0 | ]
File not found -- D:\autorun -- [ NTFS ]

========== Files/Folders - Created Within 30 Days ==========

[459 C:\WINDOWS\System32\*.tmp files]
[5 C:\WINDOWS\*.tmp files]
[2009/03/01 23:16:48 | 00,000,000 | ---D | C] -- C:\WINDOWS\temp
[2009/03/01 23:15:35 | 00,401,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\CF11394.exe
[2009/02/26 22:19:13 | 00,000,000 | ---D | C] -- C:\Program Files\Navilog1
[2009/02/26 21:55:23 | 12,745,97376 | -HS- | C] () -- C:\hiberfil.sys
[2009/02/26 00:56:21 | 00,578,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\user32.dll
[2009/02/24 22:08:01 | 00,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
[2009/02/24 15:51:39 | 00,000,850 | ---- | C] () -- C:\WINDOWS\System32\ProductTweaks.xml
[2009/02/24 15:51:37 | 00,000,385 | ---- | C] () -- C:\WINDOWS\System32\user_gensett.xml
[2009/02/24 15:49:03 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\logs
[2009/02/24 15:46:03 | 00,000,000 | ---D | C] -- C:\Program Files\Fichiers communs\BitDefender
[2009/02/23 18:55:12 | 00,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Application Data\TuneUp Software
[2009/02/23 18:52:37 | 00,000,000 | -HSD | C] -- D:\Documents and Settings\All Users\Application Data\{55A29068-F2CE-456C-9148-C869879E2357}
[2009/02/23 18:38:20 | 00,000,000 | -HSD | C] -- C:\RECYCLER
[2009/02/22 23:19:56 | 00,015,504 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2009/02/22 23:19:54 | 00,038,496 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2009/02/21 15:13:36 | 00,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2009/02/21 15:13:36 | 00,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2009/02/21 15:13:36 | 00,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2009/02/21 15:13:36 | 00,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2009/02/21 15:13:36 | 00,089,504 | ---- | C] (Smallfrogs Studio) -- C:\WINDOWS\fdsv.exe
[2009/02/21 15:13:36 | 00,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2009/02/21 15:13:36 | 00,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2009/02/21 15:13:36 | 00,049,152 | ---- | C] () -- C:\WINDOWS\VFIND.exe
[2009/02/21 15:13:36 | 00,029,696 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2009/02/21 15:13:31 | 00,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2009/02/21 15:13:31 | 00,000,000 | ---D | C] -- C:\Qoobox
[2009/02/17 21:01:29 | 00,001,706 | ---- | C] () -- D:\Documents and Settings\All Users\Bureau\AntiVir PE Classic.lnk
[2009/02/17 21:01:23 | 00,045,376 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntdd.sys
[2009/02/17 21:01:23 | 00,022,336 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntmgr.sys
[2009/02/17 21:01:22 | 00,021,248 | ---- | C] (AVIRA GmbH) -- C:\WINDOWS\System32\drivers\ssmdrv.sys
[2009/02/17 21:01:21 | 00,075,072 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avipbb.sys
[2009/02/17 21:01:20 | 00,000,000 | ---D | C] -- C:\Program Files\Avira
[2009/02/17 20:42:42 | 00,000,581 | ---- | C] () -- D:\Documents and Settings\All Users\Bureau\Malwarebytes' Anti-Malware.lnk
[2009/02/17 20:23:08 | 00,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Application Data\TEMP
@Alternate Data Stream - 121 bytes -> D:\Documents and Settings\All Users\Application Data\TEMP:CB0AACC9

========== Files - Modified Within 30 Days ==========

[459 C:\WINDOWS\System32\*.tmp files]
[5 C:\WINDOWS\*.tmp files]
[2009/03/05 23:31:19 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009/03/05 23:31:17 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009/03/05 23:31:15 | 12,745,97376 | -HS- | M] () -- C:\hiberfil.sys
[2009/03/05 23:30:16 | 04,312,668 | -H-- | M] () -- D:\Documents and Settings\Gokhan\Local Settings\Application Data\IconCache.db
[2009/03/05 23:29:27 | 00,000,736 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\HOSTS
[2009/03/05 23:02:50 | 00,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2009/03/03 00:39:48 | 00,000,581 | ---- | M] () -- D:\Documents and Settings\All Users\Bureau\Malwarebytes' Anti-Malware.lnk
[2009/03/01 23:15:24 | 00,401,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\CF11394.exe
[2009/02/27 00:31:23 | 00,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2009/02/26 00:56:22 | 00,578,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\user32.dll
[2009/02/26 00:05:14 | 00,001,503 | ---- | M] () -- D:\Documents and Settings\All Users\Bureau\Mozilla Firefox.lnk
[2009/02/24 15:51:39 | 00,000,850 | ---- | M] () -- C:\WINDOWS\System32\ProductTweaks.xml
[2009/02/24 15:51:37 | 00,000,385 | ---- | M] () -- C:\WINDOWS\System32\user_gensett.xml
[2009/02/22 15:47:15 | 00,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2009/02/17 21:01:29 | 00,001,706 | ---- | M] () -- D:\Documents and Settings\All Users\Bureau\AntiVir PE Classic.lnk
[2009/02/17 20:14:51 | 00,092,264 | ---- | M] () -- D:\Documents and Settings\Gokhan\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2009/02/11 10:19:42 | 00,038,496 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2009/02/11 10:19:34 | 00,015,504 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2009/02/08 21:25:35 | 01,032,066 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2009/02/08 21:25:35 | 00,474,734 | ---- | M] () -- C:\WINDOWS\System32\perfh00C.dat
[2009/02/08 21:25:35 | 00,406,464 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2009/02/08 21:25:35 | 00,077,278 | ---- | M] () -- C:\WINDOWS\System32\perfc00C.dat
[2009/02/08 21:25:35 | 00,063,664 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2009/02/08 21:19:30 | 00,001,083 | ---- | M] () -- C:\WINDOWS\win.ini
< End of report >


OTViewIt Extras logfile created on: 05/03/2009 23:33:01 - Run
OTViewIt by OldTimer - Version 1.0.21.0 Folder = D:\Documents and Settings\Gokhan\Bureau
Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: | Country: | Language: | Date Format:

1,19 Gb Total Physical Memory | 0,89 Gb Available Physical Memory | 74,87% Memory free
2,24 Gb Paging File | 2,05 Gb Available in Paging File | 91,62% Paging File free
Paging file location(s): C:\pagefile.sys 0 0;

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 37,80 Gb Total Space | 12,41 Gb Free Space | 32,82% Space Free | Partition Type: NTFS
Drive D: | 73,98 Gb Total Space | 2,88 Gb Free Space | 3,90% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: HEREK
Current User Name: Gokhan
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Whitelist: On
File Age = 30 Days

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.chm [@ = chm.file] -- C:\WINDOWS\hh File not found
.hlp [@ = hlpfile] -- C:\WINDOWS\system32\winhlp32 File not found
.hta [@ = htafile] -- C:\WINDOWS\system32\mshta File not found
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore File not found
.inf [@ = inffile] -- C:\WINDOWS\system32\notepad File not found
.ini [@ = inifile] -- C:\WINDOWS\system32\notepad File not found
.js [@ = JSFile] -- C:\WINDOWS\system32\wscript File not found
.jse [@ = JSEFile] -- C:\WINDOWS\system32\wscript File not found
.reg [@ = regfile] -- C:\WINDOWS\regedit File not found
.txt [@ = txtfile] -- C:\WINDOWS\system32\notepad File not found
.vbe [@ = VBEFile] -- C:\WINDOWS\system32\wscript File not found
.vbs [@ = VBSFile] -- C:\WINDOWS\system32\wscript File not found
.wsf [@ = WSFFile] -- C:\WINDOWS\system32\wscript File not found
.wsh [@ = WSHFile] -- C:\WINDOWS\system32\wscript File not found

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled"=1
"AntiVirusDisableNotify"=0
"FirewallDisableNotify"=0
"UpdatesDisableNotify"=0
"AntiVirusOverride"=0
"FirewallOverride"=0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile
"EnableFirewall"=1
"DoNotAllowExceptions"=0
"DisableNotifications"=0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts]

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
File not found -- %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019
File not found -- %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000
File not found -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger
File not found -- C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
File not found -- %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019
File not found -- C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger
File not found -- D:\Program Files\eMule\emule.exe:*:Enabled:eMule
File not found -- %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000
File not found -- C:\Program Files\eMule\emule.exe:*:Disabled:eMule
File not found -- C:\Program Files\Hercules\Hercules DualPix HD Webcam\ControlUI.exe:*:Disabled:Hercules Zoom Controller Main Application
""=
File not found -- C:\WINDOWS\pchealth\helpctr\binaries\HelpCtr.exe:*:Enabled:Assistance à distance - Windows Messenger et voix
File not found -- C:\Program Files\Microsoft Games\Age of Empires III\age3.exe:*:Disabled:Age of Empires 3

========== (O10) Winsock2 Catalogs ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\]
NameSpace_Catalog5\Catalog_Entries\000000000004 [NWLink IPX/SPX/NetBIOS Compatible Transport Protocol] -- C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation)

========== (O18) Protocol Handlers ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\]
ipp: [HKLM - No CLSID value]
[2005/09/20 11:33:58 | 00,843,984 | ---- | M] (Microsoft Corporation) C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL ipp\0x00000001:{E1D2BF42-A96B-11d1-9C6B-0000F875AC61} (HKLM) [HKLM - MSDAMON.BINDER]
msdaipp: [HKLM - No CLSID value]
[2005/09/20 11:33:58 | 00,843,984 | ---- | M] (Microsoft Corporation) C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL msdaipp\0x00000001:{E1D2BF42-A96B-11d1-9C6B-0000F875AC61} (HKLM) [HKLM - MSDAMON.BINDER]
[2005/09/20 11:33:58 | 00,843,984 | ---- | M] (Microsoft Corporation) C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL msdaipp\oledb:{E1D2BF40-A96B-11d1-9C6B-0000F875AC61} (HKLM) [HKLM - MSDAIPP.BINDER]
[2007/03/14 12:10:22 | 07,255,384 | ---- | M] (Microsoft Corporation) C:\Program Files\Fichiers communs\Microsoft Shared\Web Components\10\OWC10.DLL (mso-offdap:{3D9F03FA-7A94-11D3-BE81-0050048385D1} (HKLM) [Data Page Pluggable Protocol mso-offdap Handler])
[2007/05/10 12:45:34 | 08,069,464 | ---- | M] (Microsoft Corporation) C:\Program Files\Fichiers communs\Microsoft Shared\Web Components\11\OWC11.DLL (mso-offdap11:{32505114-5902-49B2-880A-1F7738E5A384} (HKLM) [Data Page Plugable Protocal mso-offdap11 Handler])

========== (O18) Protocol Filters ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Filter\] - Protocol Filters
[2007/04/19 12:57:40 | 00,046,432 | ---- | M] (Microsoft Corporation) C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE11\MSOXMLMF.DLL text/xml:{807553E5-5146-11D5-A672-00B0D022E945} (HKLM) [Reg Error: Value does not exist or could not be read.]

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{001E7FB6-BB6B-4ED0-BEDC-B5404ED96D4E}"=DocProc
"{10E1E87C-656C-4D08-86D6-5443D28583BE}"=TrayApp
"{13F00518-807A-4B3A-83B0-A7CD90F3A398}"=MarketResearch
"{1753255A-0AEB-4220-8C75-607B73F0C133}"=Copy
"{1E04F83B-2AB9-4301-9EF7-E86307F79C72}"=Google Earth
"{21657574-BD54-48A2-9450-EB03B2C7FC29}"=Sonic MyDVD
"{29FA38B4-0AE4-4D0D-8A51-6165BB990BB0}"=WebReg
"{2F28B3C9-2C89-4206-8B33-8ADC9577C49B}"=Scan
"{3248F0A8-6813-11D6-A77B-00B0D0150040}"=J2SE Runtime Environment 5.0 Update 4
"{3248F0A8-6813-11D6-A77B-00B0D0160030}"=Java(TM) 6 Update 3
"{33288D98-C013-4BC3-95A5-EA69B7C543FD}"=ArcSoft Media Card Companion
"{350C940c-3D7C-4EE8-BAA9-00BCB3D54227}"=WebFldrs XP
"{36FDBE6E-6684-462B-AE98-9A39A1B200CC}"=HP Product Assistant
"{3921A67A-5AB1-4E48-9444-C71814CF3027}"=VCRedistSetup
"{485775E8-AEB8-46BD-922B-242879E03DD5}"=Age of Empires III
"{487B0B9B-DCD4-440D-89A0-A6EDE1A545A3}"=HPSSupply
"{543E938C-BDC4-4933-A612-01293996845F}"=UnloadSupport
"{557696ED-2543-4D5D-9F53-0BDAAF8D5FB8}"=ArcSoft VideoImpression 2
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}"=neroxml
"{59E1EEA6-EDBC-45C1-9754-A88119760547}"=ArcSoft MediaConverter 2
"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}"=eSupportQFolder
"{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}"=CustomerResearchQFolder
"{7D1D6A24-65D4-454C-8815-4F08A5FFF12C}"=Macromedia Shockwave Player
"{7DE4B31F-651E-4773-8DD4-399E7E58477E}"=MP Manager
"{824D3839-DAA1-4315-A822-7AE3E620E528}"=VideoToolkit01
"{8389382B-53BA-4A87-8854-91E3D80A5AC7}"=HP Photosmart Essential2.01
"{87E2B986-07E8-477a-93DC-AF0B6758B192}"=DocProcQFolder
"{8C6027FD-53DC-446D-BB75-CACD7028A134}"=HP Update
"{9011040C-6000-11D3-8CFE-0150048383C9}"=Microsoft Office Professional Edition 2003
"{93F54611-2701-454e-94AB-623F458D9E6B}"=DeviceDiscovery
"{9541FED0-327F-4DF0-8B96-EF57EF622F19}"=Sonic RecordNow!
"{9A394342-4A68-4EBA-85A6-55B559F4E700}"=Microsoft .NET Framework 1.1 French Language Pack
"{A036E231-5A03-4d63-94F6-7864CC77EC48}"=PS_AIO_ProductContext
"{A70FA218-6598-4AC9-813D-63597C5DD068}"=Galerie de photos Windows Live
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}"=DeviceManagementQFolder
"{AC76BA86-7AD7-1036-7B44-A71000000002}"=Adobe Reader 7.1.0 - Français
"{AEA07F97-9088-497c-8821-0F36BD5DC251}"=HPProductAssistant
"{AF7FC1CA-79DF-43c3-90A3-33EFEB9294CE}"=AIO_Scan
"{B040FEFE-B45F-4e30-B3C6-035F53F544A9}"=c4200_Help
"{B22C19AE-6A67-4f28-B541-5AE72FB17A25}"=HP Photosmart All-In-One Software 9.0
"{B508B3F1-A24A-32C0-B310-85786919EF28}"=Microsoft .NET Framework 2.0 Service Pack 1
"{B9F3A6E6-9C77-4535-9ED9-B16C1EBDFEC2}"=C4200
"{BC4AE628-81A4-4FC6-863A-7A9BA2E2531F}"=Nokia Connectivity Cable Driver
"{BCD6CD1A-0DBE-412E-9F25-3B500D1E6BA1}"=SolutionCenter
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}"=Microsoft .NET Framework 1.1
"{D0E39A1D-0CEE-4D85-B4A2-E3BE990D075E}"=Destination Component
"{D719E8F1-6931-40b4-AC0B-5FE2C097F995}"=C4200_doccd
"{E2662C24-B31E-4349-A084-32EB76E8B760}"=BufferChm
"{E39A3770-3DDE-404c-B91F-3522947874A3}"=PS_AIO_Software_min
"{E9C18EBD-85BE-47D0-AA73-3FEDCC976B04}"=Toolbox
"{EBA29752-DDD2-4B62-B2E3-9841F92A3E3A}"=Samsung PC Studio 3 USB Driver Installer
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}"=Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0CFDC72-63D2-4086-A54F-1514494394A0}"=Hercules DualPix HD Webcam
"{F1E63043-54FC-429B-AB2C-31AF9FBA4BC7}"=32 Bit HP CIO Components Installer
"{F72E2DDC-3DB8-4190-A21D-63883D955FE7}"=PSSWCORE
"{FA4FA322-5C90-4d2b-A019-9E588273DED5}"=PS_AIO_Software
"{FB08F381-6533-4108-B7DD-039E11FBC27E}"=Realtek AC'97 Audio
"{FD8D8B04-BEAD-4A55-AA1D-62D2373E7DEA}"=Status
"AbiWord2"=AbiWord 2.4.6 (remove only)
"Adobe Flash Player ActiveX"=Adobe Flash Player ActiveX
"AntiVir PersonalEdition Classic"=Avira AntiVir Personal - Free Antivirus
"AviSynth"=AviSynth 2.5
"AVS Video Tools 5_is1"=AVS Video Tools 5.5
"CCleaner"=CCleaner (remove only)
"HP Imaging Device Functions"=HP Imaging Device Functions 9.0
"HP Photosmart Essential"=HP Photosmart Essential 2.01
"HP Solution Center & Imaging Support Tools"=HP Solution Center 9.0
"HPExtendedCapabilities"=HP Customer Participation Program 9.0
"HPOCR"=HP OCR Software 9.0
"IDNMitigationAPIs"=Microsoft Internationalized Domain Names Mitigation APIs
"InstallShield_{485775E8-AEB8-46BD-922B-242879E03DD5}"=Age of Empires III
"LMSOFT Web Creator Pro 4"=LMSOFT Web Creator Pro 4
"Logitech VideoCall"=Logitech VideoCall
"Malwarebytes' Anti-Malware_is1"=Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1 (1033)"=Microsoft .NET Framework 1.1
"Mozilla Firefox (3.0.6)"=Mozilla Firefox (3.0.6)
"MSNINST"=MSN
"NeroMultiInstaller!UninstallKey"=Nero Suite
"Neuf_Kit"=Neuf - Kit de connexion
"NLSDownlevelMapping"=Microsoft National Language Support Downlevel APIs
"SAMSUNG Mobile Modem"=SAMSUNG Mobile Modem Driver Set
"Samsung Mobile phone USB driver"=Samsung Mobile phone USB driver Software
"SAMSUNG Mobile USB Modem"=SAMSUNG Mobile USB Modem Software
"SAMSUNG Mobile USB Modem 1.0"=SAMSUNG Mobile USB Modem 1.0 Software
"VIA/S3G UniChrome Family Win2K/XP/Server2003 Display"=VIA/S3G Display Driver
"VLC media player"=VideoLAN VLC media player 0.8.5
"WIC"=Windows Imaging Component
"Windows Media Format Runtime"=Windows Media Format 11 runtime
"Windows Media Player"=Lecteur Windows Media 11
"Windows XP Service"=Windows XP Service Pack 3
"WinRAR archiver"=Archiveur WinRAR
"WMFDist11"=Windows Media Format 11 runtime
"wmp11"=Windows Media Player 11

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 22/11/2008 10:20:07 | Computer Name = HEREK | Source = MsiInstaller | ID = 11706
Description = Produit : HP Smart Web Printing -- Erreur 1706. Package d'installation
pour le produit HP Smart Web Printing introuvable. Réessayez d'exécuter Windows
Installer avec un package d'installation valide SmartWebPrinting.msi.

Error - 22/11/2008 10:23:16 | Computer Name = HEREK | Source = MsiInstaller | ID = 11706
Description = Produit : HP Smart Web Printing -- Erreur 1706. Package d'installation
pour le produit HP Smart Web Printing introuvable. Réessayez d'exécuter Windows
Installer avec un package d'installation valide SmartWebPrinting.msi.

Error - 22/11/2008 10:23:54 | Computer Name = HEREK | Source = MsiInstaller | ID = 11706
Description = Produit : HP Smart Web Printing -- Erreur 1706. Package d'installation
pour le produit HP Smart Web Printing introuvable. Réessayez d'exécuter Windows
Installer avec un package d'installation valide SmartWebPrinting.msi.

Error - 22/11/2008 10:27:28 | Computer Name = HEREK | Source = MsiInstaller | ID = 11706
Description = Produit : HP Smart Web Printing -- Erreur 1706. Package d'installation
pour le produit HP Smart Web Printing introuvable. Réessayez d'exécuter Windows
Installer avec un package d'installation valide SmartWebPrinting.msi.

Error - 22/11/2008 10:27:29 | Computer Name = HEREK | Source = MsiInstaller | ID = 11706
Description = Produit : HP Smart Web Printing -- Erreur 1706. Package d'installation
pour le produit HP Smart Web Printing introuvable. Réessayez d'exécuter Windows
Installer avec un package d'installation valide SmartWebPrinting.msi.

Error - 22/11/2008 10:52:10 | Computer Name = HEREK | Source = MsiInstaller | ID = 11706
Description = Produit : HP Smart Web Printing -- Erreur 1706. Package d'installation
pour le produit HP Smart Web Printing introuvable. Réessayez d'exécuter Windows
Installer avec un package d'installation valide SmartWebPrinting.msi.

Error - 22/11/2008 10:52:11 | Computer Name = HEREK | Source = MsiInstaller | ID = 11706
Description = Produit : HP Smart Web Printing -- Erreur 1706. Package d'installation
pour le produit HP Smart Web Printing introuvable. Réessayez d'exécuter Windows
Installer avec un package d'installation valide SmartWebPrinting.msi.

Error - 12/12/2008 17:23:43 | Computer Name = HEREK | Source = Application Error | ID = 1000
Description = Application défaillante hpqtra08.exe, version 90.0.146.0, module défaillant
hpqtra08.exe, version 90.0.146.0, adresse de défaillance 0x0000bf08.

Error - 12/12/2008 17:23:45 | Computer Name = HEREK | Source = Application Error | ID = 1001
Description = Détecteur d'erreurs 437899184.

Error - 12/12/2008 17:26:28 | Computer Name = HEREK | Source = Application Error | ID = 1000
Description = Application défaillante rundll32.exe, version 5.1.2600.2180, module
défaillant appwiz.cpl, version 5.1.2600.2180, adresse de défaillance 0x0000c881.

[ System Events ]
Error - 02/03/2009 18:54:26 | Computer Name = HEREK | Source = Windows Update Agent | ID = 20
Description = Échec de l'installation : l'installation de la mise à jour suivante
a échoué avec l'erreur 0x8007f0ed : Mise à jour de sécurité pour Windows XP (KB946648).

Error - 02/03/2009 19:01:14 | Computer Name = HEREK | Source = Service Control Manager | ID = 7023
Description = Le service Services IPSEC s'est arrêté avec l'erreur : %%10044

Error - 02/03/2009 19:01:14 | Computer Name = HEREK | Source = Service Control Manager | ID = 7023
Description = Le service Pare-feu Windows / Partage de connexion Internet s'est
arrêté avec l'erreur : %%10047

Error - 02/03/2009 19:06:14 | Computer Name = HEREK | Source = Service Control Manager | ID = 7023
Description = Le service Explorateur d'ordinateur s'est arrêté avec l'erreur : %%1460

Error - 02/03/2009 19:08:32 | Computer Name = HEREK | Source = W32Time | ID = 39452689
Description = Fournisseur de temps NtpClient : une erreur s'est produite lors de
la recherche DNS de l'homologue manuellement configuré 'time.windows.com,0x1'. NtpClient
va essayer à nouveau la recherche DNS dans 15 minutes. L'erreur était : Une opération
a été tentée sur un hôte impossible à atteindre. (0x80072751)

Error - 02/03/2009 19:08:32 | Computer Name = HEREK | Source = W32Time | ID = 39452701
Description = Le fournisseur de temps NtpClient est configuré pour acquérir le temps
à partir d'une ou plusieurs sources de temps, cependant aucune source n'est actuellement
accessible. Aucune tentative pour en contacter une ne sera effectuée d'ici 14 minutes.
NtpClient
n'a pas de source de temps précis.

Error - 02/03/2009 19:08:32 | Computer Name = HEREK | Source = W32Time | ID = 39452689
Description = Fournisseur de temps NtpClient : une erreur s'est produite lors de
la recherche DNS de l'homologue manuellement configuré 'time.windows.com,0x1'. NtpClient
va essayer à nouveau la recherche DNS dans 15 minutes. L'erreur était : Une opération
a été tentée sur un hôte impossible à atteindre. (0x80072751)

Error - 02/03/2009 19:08:32 | Computer Name = HEREK | Source = W32Time | ID = 39452701
Description = Le fournisseur de temps NtpClient est configuré pour acquérir le temps
à partir d'une ou plusieurs sources de temps, cependant aucune source n'est actuellement
accessible. Aucune tentative pour en contacter une ne sera effectuée d'ici 14 minutes.
NtpClient
n'a pas de source de temps précis.

Error - 05/03/2009 18:03:53 | Computer Name = HEREK | Source = Windows Update Agent | ID = 16
Description = Connexion impossible : Windows ne parvient pas à se connecter au service
Mises à jour automatiques et ne peut donc pas procéder au téléchargement et à l'installation
des mises à jour définies par la planification. Windows continuera d'essayer d'établir
la connexion.

Error - 05/03/2009 18:04:53 | Computer Name = HEREK | Source = Windows Update Agent | ID = 20
Description = Échec de l'installation : l'installation de la mise à jour suivante
a échoué avec l'erreur 0x8007f0ed : Mise à jour de sécurité pour Windows XP (KB946648).


< End of report >

Bonsoir,

Il y a eu un problème. Les rapports sont anormaux.
Recommence.


Cordialement.

ok voici les nouveaux rapports

OTViewIt logfile created on: 05/03/2009 23:45:53 - Run 2
OTViewIt by OldTimer - Version 1.0.21.0 Folder = D:\Documents and Settings\Gokhan\Bureau
Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: | Country: | Language: | Date Format:

1,19 Gb Total Physical Memory | 0,90 Gb Available Physical Memory | 76,15% Memory free
2,24 Gb Paging File | 2,06 Gb Available in Paging File | 92,13% Paging File free
Paging file location(s): C:\pagefile.sys 0 0;

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 37,80 Gb Total Space | 12,41 Gb Free Space | 32,82% Space Free | Partition Type: NTFS
Drive D: | 73,98 Gb Total Space | 2,88 Gb Free Space | 3,90% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: HEREK
Current User Name: Gokhan
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Whitelist: On
File Age = 30 Days

========== Processes ==========

[2008/10/15 13:31:25 | 00,068,865 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
[2008/10/15 13:29:28 | 00,151,297 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
[2004/08/05 14:00:00 | 00,013,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wscntfy.exe
[2009/03/05 14:35:50 | 00,422,912 | ---- | M] (OldTimer Tools) -- D:\Documents and Settings\Gokhan\Bureau\OTViewIt.exe

========== (O23) Win32 Services ==========

File not found -- -- (Alerter [Disabled | Stopped])
File not found -- -- (AntiVirScheduler [Auto | Running])
File not found -- -- (AntiVirService [Auto | Running])
File not found -- -- (AOL ACS [Disabled | Stopped])
File not found -- -- (AppMgmt [On_Demand | Stopped])
File not found -- -- (aspnet_state [On_Demand | Stopped])
[2009/01/08 20:16:29 | 00,000,000 | ---D | M] -- C:\WINDOWS\System32\bits -- (BITS [Auto | Running])
File not found -- -- (CLCapSvc [Disabled | Stopped])
File not found -- -- (clr_optimization_v2.0.50727_32 [On_Demand | Stopped])
File not found -- -- (CLSched [Disabled | Stopped])
File not found -- -- (COMSysApp [On_Demand | Stopped])
File not found -- -- (CyberLink Media Library Service [Disabled | Stopped])
File not found -- -- (DcomLaunch [Auto | Running])
[2004/08/16 17:46:32 | 00,000,000 | ---D | M] -- C:\WINDOWS\System32\dhcp -- (Dhcp [Auto | Running])
File not found -- -- (Dnscache [Auto | Running])
[2004/08/05 14:00:00 | 00,055,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\eventlog.dll -- (Eventlog [Auto | Running])
File not found -- -- (EventSystem [On_Demand | Running])
File not found -- -- (FastUserSwitchingCompatibility [On_Demand | Running])
File not found -- -- (GenericHidService [Disabled | Stopped])
File not found -- -- (helpsvc [Auto | Running])
File not found -- -- (hpqcxs08 [On_Demand | Running])
File not found -- -- (hpqddsvc [Auto | Running])
File not found -- -- (HTTPFilter [On_Demand | Stopped])
File not found -- -- (IDriverT [Disabled | Stopped])
File not found -- -- (ImapiService [On_Demand | Stopped])
File not found -- -- (lanmanserver [Auto | Running])
File not found -- -- (lanmanworkstation [Auto | Running])
File not found -- -- (LmHosts [Auto | Running])
File not found -- -- (Messenger [Disabled | Stopped])
[2004/08/16 18:03:04 | 00,000,000 | ---D | M] -- C:\WINDOWS\system32\msdtc -- (MSDTC [On_Demand | Stopped])
File not found -- -- (MSIServer [On_Demand | Stopped])
File not found -- -- (Net Driver HPZ12 [Auto | Running])
File not found -- -- (NetDDEdsdm [Disabled | Stopped])
[2004/08/05 14:00:00 | 00,407,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\netlogon.dll -- (Netlogon [On_Demand | Stopped])
File not found -- -- (Nla [On_Demand | Running])
File not found -- -- (NtLmSsp [On_Demand | Stopped])
File not found -- -- (ose [Disabled | Stopped])
File not found -- -- (PlugPlay [Auto | Running])
File not found -- -- (Pml Driver HPZ12 [Auto | Running])
File not found -- -- (PolicyAgent [Auto | Running])
File not found -- -- (ProtectedStorage [Auto | Running])
[2008/04/14 03:33:39 | 00,061,440 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\rasman.dll -- (RasMan [On_Demand | Running])
File not found -- -- (RDSessMgr [On_Demand | Stopped])
File not found -- -- (RemoteAccess [Disabled | Stopped])
File not found -- -- (RpcLocator [On_Demand | Stopped])
File not found -- -- (SamSs [Auto | Running])
File not found -- -- (Schedule [Auto | Running])
File not found -- -- (SharedAccess [Auto | Running])
File not found -- -- (ShellHWDetection [Auto | Running])
File not found -- -- (Spooler [Auto | Running])
File not found -- -- (srservice [Auto | Running])
File not found -- -- (stisvc [Auto | Running])
[2004/08/05 14:00:00 | 00,139,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\swprv.dll -- (SwPrv [On_Demand | Stopped])
File not found -- -- (SysmonLog [On_Demand | Stopped])
File not found -- -- (TermService [On_Demand | Running])
File not found -- -- (Themes [Auto | Running])
File not found -- -- (VSS [On_Demand | Stopped])
File not found -- -- (WebClient [Auto | Running])
File not found -- -- (winmgmt [Auto | Running])
File not found -- -- (WmdmPmSN [On_Demand | Stopped])
File not found -- -- (WmiApSrv [On_Demand | Stopped])
File not found -- -- (WMPNetworkSvc [Disabled | Stopped])

========== Driver Services ==========

[2005/02/23 13:58:56 | 00,011,776 | ---- | M] (Arcsoft, Inc.) -- C:\WINDOWS\System32\drivers\afc.sys -- (Afc [On_Demand | Running])
[2005/01/28 17:48:58 | 02,310,272 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\System32\drivers\ALCXWDM.SYS -- (ALCXWDM [On_Demand | Running])
[2001/08/17 21:51:56 | 00,005,248 | ---- | M] (Acer Laboratories Inc.) -- C:\WINDOWS\System32\drivers\aliide.sys -- (AliIde [Boot | Running])
[2008/04/13 19:36:39 | 00,043,008 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\WINDOWS\System32\drivers\amdagp.sys -- (amdagp [Boot | Running])
[2004/08/11 16:30:00 | 00,043,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\AmdK8.sys -- (AmdK8 [System | Running])
[2001/08/17 21:52:00 | 00,026,496 | ---- | M] (Advanced System Products, Inc.) -- C:\WINDOWS\System32\drivers\asc.sys -- (asc [Boot | Running])
[2001/08/17 21:51:58 | 00,014,848 | ---- | M] (Advanced System Products, Inc.) -- C:\WINDOWS\System32\drivers\asc3550.sys -- (asc3550 [Boot | Running])
[2007/11/20 13:29:55 | 00,008,552 | ---- | M] (Windows (R) 2000 DDK provider) -- C:\WINDOWS\System32\drivers\asctrm.sys -- (ASCTRM [Auto | Running])
File not found -- -- (avgio [System | Running])
File not found -- -- (avgntflt [On_Demand | Running])
[2008/10/30 10:21:03 | 00,075,072 | ---- | M] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avipbb.sys -- (avipbb [System | Running])
[2006/10/03 15:06:38 | 00,022,656 | R--- | M] (Guillemot Corporation) -- C:\WINDOWS\System32\drivers\camfilt.sys -- (camfilt [On_Demand | Stopped])
File not found -- -- (cbidf [Boot | Running])
[2001/08/23 17:04:44 | 00,006,656 | ---- | M] (CMD Technology, Inc.) -- C:\WINDOWS\System32\drivers\cmdide.sys -- (CmdIde [Boot | Running])
[2001/08/17 21:52:16 | 00,179,584 | ---- | M] (Mylex Corporation) -- C:\WINDOWS\System32\drivers\dac2w2k.sys -- (dac2w2k [Boot | Running])
[2008/04/13 19:36:40 | 00,046,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\gagp30kx.sys -- (gagp30kx [Boot | Running])
File not found -- -- (Gpc [On_Demand | Running])
[2007/03/08 05:20:48 | 00,049,920 | R--- | M] (HP) -- C:\WINDOWS\System32\drivers\HPZid412.sys -- (HPZid412 [On_Demand | Stopped])
[2007/03/08 05:20:49 | 00,016,496 | R--- | M] (HP) -- C:\WINDOWS\System32\drivers\HPZipr12.sys -- (HPZipr12 [On_Demand | Stopped])
[2007/03/08 05:20:50 | 00,021,568 | R--- | M] (HP) -- C:\WINDOWS\System32\drivers\HPZius12.sys -- (HPZius12 [On_Demand | Stopped])
[2008/04/14 03:05:15 | 00,014,720 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\kbdhid.sys -- (kbdhid [System | Running])
[2001/08/17 21:52:12 | 00,017,280 | ---- | M] (American Megatrends Inc.) -- C:\WINDOWS\System32\drivers\mraid35x.sys -- (mraid35x [Boot | Running])
[2005/11/19 02:13:18 | 00,020,096 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) -- C:\WINDOWS\System32\drivers\PCASp50.sys -- (PCASp50 [On_Demand | Stopped])
File not found -- -- (PptpMiniport [On_Demand | Running])
[2004/08/05 14:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) -- C:\WINDOWS\System32\drivers\ptilink.sys -- (Ptilink [On_Demand | Running])
[2004/10/21 02:03:00 | 00,020,576 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\System32\drivers\pxhelp20.sys -- (PxHelp20 [Boot | Running])
[2001/08/17 21:52:20 | 00,040,320 | ---- | M] (QLogic Corporation) -- C:\WINDOWS\System32\drivers\ql1080.sys -- (ql1080 [Boot | Running])
[2001/08/17 21:52:20 | 00,045,312 | ---- | M] (QLogic Corporation) -- C:\WINDOWS\System32\drivers\ql12160.sys -- (ql12160 [Boot | Running])
[2001/08/17 21:52:18 | 00,049,024 | ---- | M] (QLogic Corporation) -- C:\WINDOWS\System32\drivers\ql1280.sys -- (ql1280 [Boot | Running])
File not found -- -- (ROOTMODEM [On_Demand | Running])
File not found -- -- (RTL8023xp [On_Demand | Running])
[2007/11/13 11:25:54 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\WINDOWS\System32\drivers\secdrv.sys -- (Secdrv [On_Demand | Stopped])
[2001/08/17 22:07:44 | 00,019,072 | ---- | M] (Adaptec, Inc.) -- C:\WINDOWS\System32\drivers\sparrow.sys -- (Sparrow [Boot | Running])
[2007/07/03 16:54:24 | 00,080,552 | ---- | M] (MCCI Corporation) -- C:\WINDOWS\System32\drivers\sscdbus.sys -- (sscdbus [On_Demand | Stopped])
[2007/07/03 16:57:24 | 00,011,944 | ---- | M] (MCCI Corporation) -- C:\WINDOWS\System32\drivers\sscdmdfl.sys -- (sscdmdfl [On_Demand | Stopped])
[2007/07/03 16:58:20 | 00,106,792 | ---- | M] (MCCI Corporation) -- C:\WINDOWS\System32\drivers\sscdmdm.sys -- (sscdmdm [On_Demand | Stopped])
[2007/11/08 18:03:26 | 00,021,248 | ---- | M] (AVIRA GmbH) -- C:\WINDOWS\System32\drivers\ssmdrv.sys -- (ssmdrv [System | Running])
[2006/07/24 16:05:00 | 00,005,632 | ---- | M] () -- C:\WINDOWS\System32\drivers\StarOpen.sys -- (StarOpen [System | Running])
[2001/08/17 22:07:34 | 00,016,256 | ---- | M] (Symbios Logic Inc.) -- C:\WINDOWS\System32\drivers\symc810.sys -- (symc810 [Boot | Running])
[2001/08/17 22:07:36 | 00,032,640 | ---- | M] (LSI Logic) -- C:\WINDOWS\System32\drivers\symc8xx.sys -- (symc8xx [Boot | Running])
[2001/08/17 22:07:40 | 00,028,384 | ---- | M] (LSI Logic) -- C:\WINDOWS\System32\drivers\sym_hi.sys -- (sym_hi [Boot | Running])
[2001/08/17 22:07:42 | 00,030,688 | ---- | M] (LSI Logic) -- C:\WINDOWS\System32\drivers\sym_u3.sys -- (sym_u3 [Boot | Running])
[2001/08/17 21:52:22 | 00,036,736 | ---- | M] (Promise Technology, Inc.) -- C:\WINDOWS\System32\drivers\ultra.sys -- (ultra [Boot | Running])
[2008/04/13 19:45:12 | 00,060,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\USBAUDIO.sys -- (usbaudio [On_Demand | Stopped])
File not found -- -- (VgaSave [System | Running])
[2003/07/02 05:42:00 | 00,027,904 | ---- | M] (VIA Technologies, Inc.) -- C:\WINDOWS\System32\drivers\VIAAGP1.SYS -- (viaagp1 [Boot | Running])
File not found -- -- (viagfx [On_Demand | Running])
[2004/07/06 23:45:42 | 00,060,672 | ---- | M] (VIA Technologies inc,.ltd) -- C:\WINDOWS\System32\drivers\viamraid.sys -- (viamraid [Boot | Running])
File not found -- -- (wanatw [On_Demand | Running])

========== (R ) Internet Explorer ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main]
"Default_page_url"=http://go.microsoft.com/fwlink/?LinkId=69157
"Default_search_url"=http://go.microsoft.com/fwlink/?LinkId=54896
"Local Page"=%SystemRoot%\system32\blank.htm
"Search page"=http://go.microsoft.com/fwlink/?LinkId=54896
"Start Page"=http://fr.msn.com/

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Search]
"CustomizeSearch"=http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
"Default_Search_URL"=http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
"SearchAssistant"=http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main]

========== (O1) Hosts File ==========

HOSTS File = (736 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
First 25 entries...
127.0.0.1 localhost

========== (O2) BHO's ==========

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\]
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} (HKLM) -- C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} (HKLM) -- C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll (Sun Microsystems, Inc.)

========== (O4) Run Keys ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avgnt"="C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min File not found

========== (O4) RunOnce Keys ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
""= File not found
"GrpConv"=grpconv -o File not found
"Malwarebytes' Anti-Malware"=C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent File not found

========== (O4) Startup Folders ==========

File not found -- D:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\desktop

========== (O6 & O7) Current Version Policies ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
"NoCDBurning"=0
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
"NoDrives"=0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"DisableRegistryTools"=0

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0

========== (O9) IE Extensions ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\]
{FB5F1910-F110-11d2-BB9E-00C04F795683}: Button: Messenger -- %ProgramFiles%\Messenger\msmsgs File not found
{FB5F1910-F110-11d2-BB9E-00C04F795683}: Menu: Windows Messenger -- %ProgramFiles%\Messenger\msmsgs File not found

========== (O12) Internet Explorer Plugins ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\]
PluginsPage: "" = http://activex.microsoft.com/controls/find.asp?ext=%s&mime=%s
PluginsPageFriendlyName: "" = Bibliothèque de contrôles ActiveX Microsoft

========== (O13) Default Prefixes ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix]
""=http://

========== (O15) Trusted Sites ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\]
1 domain(s) and sub-domain(s) not assigned to a zone.

========== (O16) DPF ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\]
{8AD9C840-044E-11D1-B3E9-00805F499D93}: http://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab -- Java Plug-in 1.6.0_03
{CAFEEFAC-0015-0000-0004-ABCDEFFEDCBA}: http://java.sun.com/update/1.5.0/jinstall-1_5_0_04-windows-i586.cab -- Java Plug-in 1.5.0_04
{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}: http://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab -- Java Plug-in 1.6.0_03
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}: http://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab -- Java Plug-in 1.6.0_03
{D27CDB6E-AE6D-11CF-96B8-444553540000}: http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab -- Shockwave Flash Object

========== (O17) DNS Name Servers ==========

{2843962C-C6E7-4FC9-BF1C-058D8ECBBCC7} (Servers: | Description: )
{C51F95C9-D9F0-4B0F-84BF-3E152EF3F2C4} (Servers: | Description: Neuf Box 4 (BCM USB/NDIS))
{DBA4BE95-6DAD-40F3-BA4C-EAF947612B77} (Servers: | Description: 802.11g USB 2.0 WLAN Dongle)
{FABB7875-035B-4F96-9A6D-C963ACF7A881} (Servers: | Description: Realtek RTL8139/810x Family Fast Ethernet NIC)

========== (O20) HKLM Winlogon Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"Shell"=Explorer.exe
>File not found -- C:\WINDOWS\explorer

"UserInit"=C:\WINDOWS\system32\userinit.exe,
>File not found -- C:\WINDOWS\system32\userinit

"UIHost"=logonui.exe
>File not found -- C:\WINDOWS\system32\logonui

"VMApplet"=rundll32 shell32,Control_RunDLL "sysdm.cpl"
>File not found -- C:\WINDOWS\system32\sysdm


========== IFEO "Debugger" Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\]
Your Image File Name Here without a path:"Debugger" = C:\WINDOWS\system32\ntsd File not found

========== Safeboot Options ==========

"AlternateShell"=cmd.exe

========== CDRom AutoRun Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom]
"AutoRun" = 1

========== Autorun Files on Drives ==========

autorun.bin [+,-.*+,-.*+,-.*+,-.*+,-.*+,-.*+,±ÒÒ¹ÁôÄï,-.*+,-.*+,-.*+,-.*+,-.*+,-.*+,- | !"º±´´ÊýÄ룮ÖØÁݱÏÒ¶£®²¾Ê¨àµÐ롥ſµÇÁé¸Ñ£®¿ô×û´Ë³ÍÐôÓÝÒ¿Èռ壮Ò×±ñÁôÄï¡¥ÓÉÓÛ³ÎÐõ?¾ùΫcxxoswq£°¹ÊÃýÃýέeuuquyn·è±«¡¦Èø¾ýΫ¸áÊÙ£°×Ô²¼Ö·Ò¾Ðª£¬È¼·ÓÎÒÒ¼·®ÐÇÑ®£¬Ò³ÐïÄßÁòÈËÓÑËûµÆ¡§ !"#$ !"#$ !"#$ !"#$ !"#$ !"#$ !"#$ !"#$ ! | $ !"#´Ï³ÌÐóËæÄß´¯²¥£­µ­È·Î⺦¡¤½øÓݽõÈÕÓÑ´ÍÌäÊÂ:*£®Ö±º÷ÔÙÎß´­²¨¡§ !"#$ ! | $ !"ÏãÐɸ÷μ¼¶ÓîÐÉ´óÓÑÔ·£¯×ØÄÜ!Ãò´Î·ë±©;+£«´÷²»ÁÌÉÀ#ËýÓеÅcxxoswq£­¡£!"# | !"#$ !"#$ !"#$ !"#$ !"#$ !"#$ !"#$ !"#$ !"#$ !"#$ !"#$ !"#$ !"#$ !"#$ !" !"#$ !"#$ !"#$ !"#$ !"#$ !"#$ !"#$ !"#$ !"#$ !"#$ !"#$ !"#$ !"#$ !"#$ ! | $ !"#$ !"#$ !"#$ !"#$ !"#$ !"#$ !"#$ !"#$ !"#$ !"#$ !"#$ !"#$ !"#$ !"#$ #$ !"#$ !"#$ !"#$ !"#$ !"#$ !"#$ !"#$ !"#$ !"#$ !"#$ !"#$ !"#$ !"#$ !"#$ | "#$ !"#$ !"#$ !"#$ !"#$ !"#$ !"#$ !"#$ !"#$ !"#$ !"#$ !"#$ !½Ç±Á¿õÈË!"#$ | "#$ !"#$ !"#$ !"#$ !"#$ !"#$ !"#$ !"#$ !"#$ !"#$ !"#$ !"#$2129Äî6ÔÃ37ÈÙ #$ !"#$ !"#$ !"#$ !"#$ !"#$ !"#$ !"#$ !"#$ !"#$ !"#$ !"#$ !"#$ !åÒÒ¦¾×Ê¿ | ]
File not found -- D:\autorun -- [ NTFS ]

Autorun.ico []
File not found -- D:\Autorun -- [ NTFS ]

Autorun.ini [[AUTORUN] | CAPTION = "Driver Installation tool Ver 1.0" | LOADICON = "AUTORUN.ICO" | BACKGROUND = "BMP\menu1.BMP" | BACKGROUND16 = "BMP\menu16.BMP" | DEBUGMODE = 0 | STRING1 = 01 | STRING2 = 3 | STRING3 = 32 | STRING4 = 5 | STRING5 = 4 | STRING6 = 9 | STRING7 = 13 | STRING8 = 15 | STRING9 = 1 | STRING10 = 4 | STRING11 = 9 | STRING12 = 13 | STRING13 = 15 | STRING14 = 12 | STRING15 = 12 | | [SEARCH] | SETUPSCRIPT = "BIOS Search String" | SETUPNO = 90 | SEARCH1 = "6A6LKSN9" | ;77kV/KVB | SEARCH2 = "6A61BSN9" | ;75FRN Nforce2(SPP) | SEARCH3 = "6A69VSAM" | ;85MD2-L(SDram) | SEARCH4 = "6A69RSNG" | ;65ME 65ME2 | SEARCH5 = "6A69RSNC" | ;65EP 4MB | SEARCH6 = "6A69RSNF" | ;65EP 2MB | SEARCH7 = "6A69RSNH" | ;65EP2/EP2B/EP2+ | SEARCH8 = "6A69VSN9" | ;85SD,85SDC,85Sid,85SD+,85SDB,85Dr-Tc,85Dr2-Tc | SEARCH9 = "6A6LXSN9" | ;85ERV2 85Erv2-C(P4X400) | SEARCH10 = "6A69VSAL" | ;(B8A)(B8A-F)(B8C)Baby Case(2M) | SEARCH11 = "6A61BSNC" | ;Nforce2(IGP)2M 75MRN | SEARCH12 = "2A6LGSNP" | ;65FVB | SEARCH13 = "6A6LGSNC" | ;65DV/DVB/DV2 | SEARCH14 = "6A6LJSNB" | ;65JV/JVB/JVB-X | SEARCH15 = "6A6LJSN9" | ;65KV/KVB/KV2/65KIV/65kIV-T | SEARCH16 = "6A6LJSNF" | ;65KV2-T | SEARCH17 = "6A6LMSN9" | ;75KAV/KIV/KV+/KV2/JV | SEARCH18 = "6A6LNSN9" | ;75MAV/MIV | SEARCH19 = "6A6LLSN9" | ;65MV/MIV/MIV-C/MIV2 | SEARCH20 = "6A6LJSND" | ;68C | SEARCH21 = "6A6LJSNE" | ;68C+ | SEARCH22 = "6A6LUSN9" | ;65DRV | SEARCH23 = "6A6LVSN9" | ;75DRV/DRV-X | SEARCH24 = "6A6LNSNA" | ;75LIV | SEARCH25 = "6A6LISN9" | ;65LIV/-T | SEARCH26 = "2A6LGSNC" | ;67FV1/FV | SEARCH27 = "2A6LGSNE" | ;65FV/FV+ | SEARCH28 = "6A6LWSN9" | ;85DRV/DRV+ | SEARCH29 = "6A6LUSNA" | ;65DRV-T | SEARCH30 = "6A6LVSNA" | ;75DRV2+ | SEARCH31 = "6A6LISNA" | ;65LIV-TL | SEARCH32 = "6A69RSNI" | ;65ME-T | SEARCH33 = "6A69RSNJ" | ;65ep-t | SEARCH34 = "6A69VSAA" | ;85DR/DR+/DR-C/DIR AMI BIOS | SEARCH35 = "6A6IXSN9" | ;85DRS AWARD BIOS | SEARCH36 = "6A6IXSA9" | ;85DRS AMI BIOS | SEARCH37 = "6A69VSAE" | ;85DIR2/85DR2-C(ICH2) | SEARCH38 = "6A6LWSND" | ;85MIV-L | SEARCH39 = "6A6LWSNB" | ;85DIV-L | SEARCH40 = "6A6IXSAA" | ;85MIS AMI BIOS | SEARCH41 = "6A6LVSNB" | ;75DRV5 | SEARCH42 = "6A69VSAC" | ;85MIR-L/85Lir | SEARCH43 = "6A69VSAD" | ;85DR2,85DR2-DC(ICH4) | SEARCH44 = "6A6LWSNG" | ;85DRV4-C/ | SEARCH45 = "6A6LVSNC" | ;75DRV5-E | SEARCH46 = "6A69VSNG" | ;85DIR2-L | SEARCH47 = "6A69VSNH" | ;85MR2+-L 85MR3-R(4M) | SEARCH48 = "6A6LWSNH" | ;85DRV5/85DRV5-L/85DiV3(Alc),85DRV5-C(via_1612) | SEARCH49 = "6A6LYSA9" | ;75FRV,KT400-A4(KT400) | SEARCH50 = "6A69VSAI" | ;85DR3-L & 85Dir3-L 85Dir4(845Pe) | SEARCH51 = "6A6LYSAA" | ;KT400 and serial_ATA_20375,KT400-AL(kt400a_0312CD) | SEARCH52 = "6A6LVSAD" | ;KT333A and serial_ATA_20375 | SEARCH53 = "6A69VSAK" | ;85Mir2/85Lir2/85Mir3 85Lir3 (2M) 845Ge 845Gv | SEARCH54 = "6A69VSAJ" | ;85MR3 (2M) 845Ge 85MR3-CL(2M) | SEARCH55 = "6A6LYSAB" | ;KT400-C(KT-400)(Alc202A),KT400-A4C,KT400A-c | SEARCH56 = "6A69WSNA" | ;(85FR)(85FR-R)(E7205)(winbond-627)(PDC20376) | SEARCH57 = "6A7L0SN9" | ;(K8AV-R,+8235+20378)Award | SEARCH58 = "6A61BSNA" | ;(75FRN2)(CR18D_A4)(75FRN3_ultra400) | SEARCH59 = "6A79ASA9" | ;(86MP-L,86Mip,ICH5,Spring dale_865G) | SEARCH60 = "6A6LWSAI" | ;(85MIV3-L,85Miv4,P4M266A,8235 AMI_BIOS) | SEARCH61 = "6A61BSNB" | ;Nforce2(IGP)4M 75MRN-RL | SEARCH62 = "6A79ASAA" | ;(86SPE,86SPE2,86sp2,865-GR ICH5,Spring dale_No Onboard_VGA) | SEARCH63 = "6A61BSND" | ;2M B7A-F_Award(IGP,MCP-T,A3_Support_DDR333) | SEARCH64 = "6A61BSAD" | ;2M B7A-F_AMI(IGP,MCP-T,A3_Support_DDR333) | SEARCH65 = "6A69VSAN" | ;B8D-FR(4M) | SEARCH66 = "6A6LYSAC" | ;KM400(75Miv2) | SEARCH67 = "6A6LYSAD" | ;KT600-R(support 200 CPU)(8237) | SEARCH68 = "6A79ASAB" | ;B8E-Fr ICH5-R (Raid 0)Winbond-83627THF | SEARCH69 = "6A79ASAC" | ;B8E-F ICH5 (No Raid)Winbond-83627THF | SEARCH70 = "6A6LYSAE" | ;KT400A2-L(8237) | SEARCH71 = "6A6LYSAF" | ;KT600-C(8235)(Alc101) | SEARCH72 = "6A79ASNC" | ;86Spe3,86sp3 (Ich4+ALC655) | SEARCH73 = "6A79BSN9" | ;87CW(Giga_Lan) | SEARCH74 = "6A79ASND" | ;848P2 (Ich4+ALC655) | SEARCH75 = "6A79ASNE" | ;848P (Ich5+ALC650) | SEARCH76 = "6A79ASNF" | ;86Mip2 (865G+Ich4) | SEARCH77 = "6A7L0SAA" | ;(K8AV2-RL,+8237) Award | SEARCH78 = "6A7L2SA9" | ;PT880E-RL(AMI) PT800CE | SEARCH79 = "6A7L2SN9" | ;PT880E-RL(Award) PT800CE | SEARCH80 = "6A61CSN9" | ;(K8AN-RL,K8AN-L,Pdc20376)award | SEARCH81 = "6A61CSA9" | ;(K8AN-RL,K8AN-L,Pdc20376)AMI | SEARCH82 = "6A6LWSAJ" | ;(85Div4 no onboard VGA the same 85Miv4) | SEARCH83 = "6A79ASAD" | ;(86PIE-L) | SEARCH84 = "6A6LUSNB" | ;(Cle266 & 8235CD_B6A) | SEARCH85 = "6A79ASAF" | ;(865Ge+Ich5+ISA)XP865G-L | SEARCH86 = "6A79ASAG" | ;(865Pe+Ich5+Ite8212+Silicon+Giga_Lan)865Pro-FGR | SEARCH87 = "6A7L0SND" | ;(via8237+silicon+Giga_Lan+10/100 Lan)K8PRO-GLR | SEARCH88 = "2A69KSNG" | ;63A_test | | | [6A69VSAM] | SETUPNO = 6 | STRING1 = 12 | STRING2 = 13 | STRING3 = 19 | STRING4 = 27 | STRING5 = 28 | STRING6 = 16 | | ;85MD2-L(SD ram) | | [6A69RSNC] | SETUPNO = 6 | STRING1 = 12 | STRING2 = 13 | STRING3 = 19 | STRING4 = 8 | STRING5 = 11 | STRING6 = 9 | | ;65ME/ME+/MIE/ME2+ | | [6A69RSNI] | SETUPNO = 6 | STRING1 = 12 | STRING2 = 13 | STRING3 = 19 | STRING4 = 8 | STRING5 = 11 | STRING6 = 9 | | ;65ME-T | | [6A69RSNF] | SETUPNO = 4 | STRING1 = 12 | STRING2 = 13 | STRING3 = 11 | STRING4 = 9 | | ;65EP/EP+ | | [6A69RSNJ] | SETUPNO = 4 | STRING1 = 12 | STRING2 = 13 | STRING3 = 11 | STRING4 = 9 | | ;65EP-T | | [6A69RSNH] | SETUPNO = 4 | STRING1 = 12 | STRING2 = 13 | STRING3 = 11 | STRING4 = 9 | | ;65EP2/EP2+/EP2B | | | [6A6LJSN9] | SETUPNO = 3 | STRING1 = 1 | STRING2 = 2 | STRING3 = 5 | ;65KV/KVB/KV2/KIV/67KV | | [6A6LGSNC] | SETUPNO = 3 | STRING1 = 1 | STRING2 = 2 | STRING3 = 5 | ;65DV/DVB/DV2 | | [6A6LNSNA] | SETUPNO = 5 | STRING1 = 1 | STRING2 =19 | STRING3 = 4 | STRING4 = 2 | STRING5 = 5 | ;75LIV | | | [6A6LISN9] | SETUPNO = 5 | STRING1 = 1 | STRING2 =19 | STRING3 = 4 | STRING4 = 2 | STRING5 = 5 | ;65LIV/T | | [6A6LISNA] | SETUPNO = 5 | STRING1 = 1 | STRING2 =19 | STRING3 = 4 | STRING4 = 2 | STRING5 = 5 | ;65LIV-TL | | | [6A69VSN9] | SETUPNO = 4 | STRING1 = 12 | STRING2 = 13 | STRING3 = 11 | STRING4 = 14 | | ;85SD,85SDC,85Sid,85SD+,85SDB,85Dr-Tc,85Dr2-Tc series | | [6A69VSAA] | SETUPNO = 4 | STRING1 = 12 | STRING2 = 13 | STRING3 = 11 | STRING4 = 22 | | ;85DR/DR+/DR-C/DIR series AMI BIOS | | [6A6LMSN9] | SETUPNO = 3 | STRING1 = 1 | STRING2 = 2 | STRING3 = 5 | ;75KV/KV+/KAV/-X | | [6A6LJSNF] | SETUPNO = 3 | STRING1 = 1 | STRING2 = 2 | STRING3 = 5 | ;65KV2-T | | [2A6LGSNP] | SETUPNO = 1 | STRING1 = 1 | ;65FVB | | | [6A6LVSN9] | SETUPNO = 3 | STRING1 = 1 | STRING2 = 18 | STRING3 = 9 | ;75DRV/DRV-X/DRV2 | | | [6A6LWSN9] | SETUPNO = 3 | STRING1 = 29 | STRING2 = 18 | STRING3 = 9 | ;85DRV/DRV+/DRV2/DRV3 | | [6A6LWSNG] | SETUPNO =3 | STRING1 = 29 | STRING2 = 18 | STRING3 = 9 | ;85DRV4-C(P4X266E,8233A) | | [6A6LWSNH] | SETUPNO =4 | STRING1 = 29 | STRING2 = 18 | STRING3 = 10 | STRING4 = 9 | ;85DRV5/85DRV5-L(P4X266E,8235)/85Div3(Alc),85DRV5-C(Via_1612) | | [6A6LUSN9] | SETUPNO = 3 | STRING1 = 1 | STRING2 = 18 | STRING3 = 9 | ;65DRV | | [6A6LUSNA] | SETUPNO = 3 | STRING1 = 1 | STRING2 = 18 | STRING3 = 9 | ;65DRV-T | | [6A6LNSN9] | SETUPNO = 5 | STRING1 = 1 | STRING2 = 2 | STRING3 = 19 | STRING4 = 3 | STRING5 = 5 | ;75MAV/75MIV | | [6A6LYSAC] | SETUPNO =6 | STRING1 =29 | STRING2 =19 | STRING3 =24 | STRING4 =10 | STRING5 =18 | STRING6 =14 | ;KM400(75Miv2) | | [6A6LYSAD] | SETUPNO =4 | STRING1 =29 | STRING2 =10 | STRING3 =18 | STRING4 =14 | ;KT600-R (8237)(Support 200 CPU & Raid 0,1) | | [6A6LYSAF] | SETUPNO =4 | STRING1 =29 | STRING2 =10 | STRING3 =28 | STRING4 =14 | ;KT600-C (8235CD)(Support 200 cpu)(Alc101) | | | | [6A6LYSAD] | SETUPNO =4 | STRING1 =29 | STRING2 =10 | STRING3 =18 | STRING4 =14 | ;KT400A2-L (8237)(Raid 0,1) | | | [6A6LLSN9] | SETUPNO = 5 | STRING1 = 1 | STRING2 = 2 | STRING3 = 19 | STRING4 = 3 | STRING5 = 5 | ;65MIV/MV/MIV2 | | | | [6A6LJSNB] | SETUPNO = 1 | STRING1 = 1 | ;65JB/JVB/JVB-X | | [2A6LGSNE] | SETUPNO = 1 | STRING1 = 1 | ;65FV/FV+ | | [6A6LKSN9] | SETUPNO = 3 | STRING1 = 1 | STRING2 = 2 | STRING3 = 5 | ;77KV/KVB | | [6A6LJSND] | SETUPNO = 3 | STRING1 = 1 | STRING2 = 2 | STRING3 = 5 | ;68C | | [6A6LJSNE] | SETUPNO = 3 | STRING1 = 1 | STRING2 = 2 | STRING3 = 5 | ;68C+ | | [2A6LGSNC] | SETUPNO = 3 | STRING1 = 1 | STRING2 = 2 | STRING3 = 5 | ;67FV/FV1 | | [6A6IXSN9] | SETUPNO = 3 | STRING1 = 20 | STRING2 = 21 | STRING3 = 9 | ;85DRS series AWARD BIOS | | [6A6IXSA9] | SETUPNO = 3 | STRING1 = 20 | STRING2 = 21 | STRING3 = 9 | ;85DRS series AMI BIOS | | [6A6LWSND] | SETUPNO = 5 | STRING1 = 29 | STRING2 = 18 | STRING3 = 19 | STRING4 = 17 | STRING5 = 9 | ;85MIV-L 85MIV2(Award) | | [6A6LWSAI] | SETUPNO = 6 | STRING1 = 29 | STRING2 = 10 | STRING3 = 19 | STRING4 = 17 | STRING5 = 18 | STRING6 = 14 | ;85MIV3-L,85Miv4 (AMI_BIOS) | | | [6A6LWSAJ] | SETUPNO = 4 | STRING1 = 29 | STRING2 = 10 | STRING3 = 18 | STRING4 = 14 | ;85Div4 the same 85Miv4 No VGA (AMI_BIOS) | | | [6A6LWSNB] | SETUPNO = 3 | STRING1 = 29 | STRING2 = 18 | STRING3 = 9 | ;85DIV-L | | | [6A6IXSAA] | SETUPNO = 5 | STRING1 = 20 | STRING2 = 19 | STRING3 = 24 | STRING4 = 21 | STRING5 = 9 | ;85MIS-L series AMI BIOS | | | [6A6LVSNB] | SETUPNO = 3 | STRING1 = 29 | STRING2 = 18 | STRING3 = 9 | ;75DRV5(KT333) | | [6A6LVSNA] | SETUPNO = 3 | STRING1 = 29 | STRING2 = 18 | STRING3 = 9 | ;75DRV3+/75ERV(KT266A) | | [6A6LVSNC] | SETUPNO = 3 | STRING1 = 29 | STRING2 = 18 | STRING3 = 9 | ;75DRV5-E(KT333) | | [6A6LVSAD] | SETUPNO = 4 | STRING1 = 29 | STRING2 = 10 | STRING3 = 28 | STRING4 = 9 | ;KT333A and serial_ATA_20375 | | [6A6LYSA9] | SETUPNO = 4 | STRING1 = 29 | STRING2 = 10 | STRING3 = 28 | STRING4 = 16 | ;75FRV,KT400-A4(KT400) | | [6A6LYSAB] | SETUPNO = 4 | STRING1 = 29 | STRING2 = 10 | STRING3 = 28 | STRING4 = 16 | ;KT400-C(KT400,Alc202a),kT400-A4C,KT400A-C | | | [6A6LYSAA] | SETUPNO = 4 | STRING1 = 29 | STRING2 = 10 | STRING3 = 28 | STRING4 = 16 | ;KT400 and serial_ATA_20375,KT400-AL(kt400a_0312CD) | | [6A7L0SN9] | SETUPNO = 4 | STRING1 = 29 | STRING2 = 10 | STRING3 = 18 | STRING4 = 14 | ;K8AV-R(8235+20378) Award | | [6A7L0SAA] | SETUPNO = 4 | STRING1 = 29 | STRING2 = 10 | STRING3 = 18 | STRING4 = 14 | ;K8AV2-RL(8237) Award | | | | [6A7L0SND] | SETUPNO = 5 | STRING1 = 29 | STRING2 = 10 | STRING3 = 18 | STRING4 = 31 | STRING5 = 14 | ;K8PRO-GLR(Via8237+silicon+Giga_Lan+10/100 Lan) | | | | [6A61CSN9] | SETUPNO = 2 | STRING1 = 30 | STRING2 = 14 | ;(K8AN-RL,K8AN-L,pdc20378)award | | [6A61CSA9] | SETUPNO = 2 | STRING1 = 30 | STRING2 = 14 | ;(K8AN-RL,K8AN-L,pdc20378)AMI | | | | [6A69VSAC] | SETUPNO = 6 | STRING1 = 12 | STRING2 = 13 | STRING3 = 19 | STRING4 = 27 | STRING5 = 28 | STRING6 = 14 | ;85MIR-L 85Lir | | [6A69VSAK] | SETUPNO = 6 | STRING1 = 12 | STRING2 = 13 | STRING3 = 19 | STRING4 = 27 | STRING5 = 28 | STRING6 = 14 | ;85MIR2 85Lir2 85Mir3 85Lir3 (2M) 845Ge 845Gv | | [6A69VSAD] | SETUPNO = 4 | STRING1 = 12 | STRING2 = 13 | STRING3 = 28 | STRING4 = 14 | ;85DR2 85DR2-DC(ICH4) | | [6A69VSAE] | SETUPNO = 4 | STRING1 = 12 | STRING2 = 13 | STRING3 = 28 | STRING4 = 22 | ;85DIR2/85DR2-C(ICH2) | | [6A6LXSN9] | SETUPNO = 4 | STRING1 = 29 | STRING2 = 28 | STRING3 = 10 | STRING4 = 14 | ;85ERV2 85erv2_C(P4X400) | | | [6A7L2SA9] | SETUPNO = 5 | STRING1 = 29 | STRING2 = 10 | STRING3 = 28 | STRING4 = 31 | STRING5 = 14 | ;PT880E-RL PT800CE AMI | | | [6A7L2SN9] | SETUPNO = 5 | STRING1 = 29 | STRING2 = 10 | STRING3 = 28 | STRING4 = 31 | STRING5 = 14 | ;PT880E-RL PT800CE AWard | | | | | [6A69VSNH] | SETUPNO =6 | STRING1 =12 | STRING2 =13 | STRING3 =19 | STRING4 =27 | STRING5 =28 | STRING6 =9 | ;85MR2+-L 85MR3-R(4M) | | [6A69VSAJ] | SETUPNO =6 | STRING1 =12 | STRING2 =13 | STRING3 =19 | STRING4 =27 | STRING5 =28 | STRING6 =16 | ;85MR3(2M) 845Ge | | [6A69VSNG] | SETUPNO =4 | STRING1 =12 | STRING2 =13 | STRING3 =28 | STRING4 =9 | ;85DIR2-L | | [6A69VSAI] | SETUPNO =4 | STRING1 =12 | STRING2 =13 | STRING3 =28 | STRING4 =14 | ;85Dir3-L & 85Dr3-L 85Dir4 (845Pe) | | [6A69VSAL] | SETUPNO =6 | STRING1 =12 | STRING2 =13 | STRING3 =19 | STRING4 =27 | STRING5 =28 | STRING6 =16 | ; B8A,B8A-F(Baby case)(2M) | | [6A69VSAN] | SETUPNO =6 | STRING1 =12 | STRING2 =13 | STRING3 =19 | STRING4 =27 | STRING5 =28 | STRING6 =14 | ; B8D-FR (Baby case)(4M) | | | [6A79ASAB] | SETUPNO =5 | STRING1 =25 | STRING2 =19 | STRING3 =26 | STRING4 =28 | STRING5 =14 | ; B8E-Fr (ICH5-R)Raid 0 Winbond-83627THF | | [6A79ASAC] | SETUPNO =5 | STRING1 =25 | STRING2 =19 | STRING3 =26 | STRING4 =28 | STRING5 =14 | ; B8E-F ICH5 (No Raid) Winbond-83627THF | | | | [6A69WSNA] | SETUPNO =4 | STRING1 =12 | STRING2 =13 | STRING3 =28 | STRING4 =16 | ;85FR , 85FR-R (E7205) | | [6A61BSN9] | SETUPNO =3 | STRING1 =6 | STRING2 =28 | STRING3 =16 | ;75FRN (Nforce2/SPP/MCP) | | | [6A61BSNA] | SETUPNO =3 | STRING1 =6 | STRING2 =28 | STRING3 =16 | ;75FRN2 (Nforce2_CR18D_A4/SPP/MCP)(75Frn3_ultra400) | | | [6A61BSNC] | SETUPNO =5 | STRING1 =6 | STRING2 =19 | STRING3 =7 | STRING4 =28 | STRING5 =16 | ;Nforce2 (IGP)75MRN_2M | | [6A61BSNB] | SETUPNO =5 | STRING1 =6 | STRING2 =19 | STRING3 =7 | STRING4 =28 | STRING5 =16 | ;Nforce2 (IGP)75MRN-RL_4M | | | [6A61BSND] | SETUPNO =4 | STRING1 =6 | STRING2 =19 | STRING3 =7 | STRING4 =14 | | ;B7A-F(IGP)_Award 2M(MCP-T)(Support DDR3333) | | [6A61BSAD] | SETUPNO =4 | STRING1 =6 | STRING2 =19 | STRING3 =7 | STRING4 =14 | | ;B7A-F(IGP)_AMI 2M(MCP-T)(Support DDR3333) | | | | [6A79ASA9] | SETUPNO = 5 | STRING1 = 25 | STRING2 = 19 | STRING3 = 26 | STRING4 = 28 | STRING5 = 14 | ;86MP-L,86MiP(Spring dale_865G) | | | [6A79ASAD] | SETUPNO = 3 | STRING1 = 25 | STRING2 = 28 | STRING3 = 14 | ;86PIE-L | | | | | [6A79ASNF] | SETUPNO = 6 | STRING1 = 25 | STRING2 = 13 | STRING3 = 19 | STRING4 = 26 | STRING5 = 28 | STRING6 = 14 | ;86Mip2(865G+Ich4) | | | | | [6A79ASAA] | SETUPNO = 3 | STRING1 = 25 | STRING2 = 28 | STRING3 = 14 | ;86SPE,86spe2,86sp2,865-GR(Spring dale_NO onboard VGA) | | [6A79ASNC] | SETUPNO = 4 | STRING1 = 25 | STRING2 = 13 | STRING3 = 28 | STRING4 = 14 | ;86spe3,86sp3(ICH4+ALC655) | | [6A79BSN9] | SETUPNO = 3 | STRING1 = 25 | STRING2 = 28 | STRING3 = 14 | ;87CW(Giga_Lan) | | | | [6A79ASAF] | SETUPNO = 5 | STRING1 = 25 | STRING2 = 19 | STRING3 = 26 | STRING4 = 28 | STRING5 = 14 | ;XP865G-L(865Ge+Ich5+ISA) | | | | [6A79ASAG] | SETUPNO = 3 | STRING1 = 25 | STRING2 = 28 | STRING3 = 14 | ;(865Pe+Ich5+Ite8212+Silicon+Giga_Lan)865Pro-FGR | | | | | [6A79ASND] | SETUPNO = 4 | STRING1 = 25 | STRING2 = 13 | STRING3 = 28 | STRING4 = 14 | ;848P2 (ICH4+ALC655) | | [6A79ASNE] | SETUPNO = 3 | STRING1 = 25 | STRING2 = 28 | STRING3 = 14 | ;848P (ICH5+ALC650) | | [6A6LUSNB] | SETUPNO = 7 | STRING1 = 29 | STRING2 = 10 | STRING3 = 19 | STRING4 = 23 | STRING5 = 18 | STRING6 = 31 | STRING7 = 14 | ;B6A_Cle266 & 8235CD(Award) | | | | | | [2A69KSNG] | SETUPNO = 1 | STRING1 = 12 | ;63A | | | | | | | | | | | | | | | | [LANGUAGE] | SETUPSCRIPT = "Language define" | DEFAULT = 1 | SETUPNO = 6 | LANGUAGE1 = "ENGLISH" | LANGUAGE2 = "TCHINESE" | LANGUAGE3 = "SCHINESE" | LANGUAGE4 = "Japanese" | LANGUAGE5 = "German" | LANGUAGE6 = "French" | | [ENGLISH] | SETUPSCRIPT = "Support English Language" | SETUPKEY = 1033 | SETUPFILE = "EN.INI" | | [TCHINESE] | SETUPSCRIPT = "Support Traditional-Chinese Language" | SETUPKEY = 1028 | SETUPFILE = "EN.INI" | | [SCHINESE] | SETUPSCRIPT = "Support Simple-Chinese Language" | SETUPKEY = 2052 | SETUPFILE = "EN.INI" | | [Japanese] | SETUPSCRIPT = "Support Japanese Language" | SETUPKEY = 1041 | SETUPFILE = "EN.INI" | | [German] | SETUPSCRIPT = "Support German Language" | SETUPKEY = 1031 | SETUPFILE = "EN.INI" | | [French] | SETUPSCRIPT = "Support French Language" | SETUPKEY = 1036 | SETUPFILE = "EN.INI" | | | [SUPPORT] | SETUPSCRIPT = "Support OS Setting" | DEFAULT = 0 | SETUPNO = 7 | SUPPORT1 = "WIN98SE" | SUPPORT2 = "WIN98" | SUPPORT3 = "WINNT4" | SUPPORT4 = "WIN2K" | SUPPORT5 = "WINME" | SUPPORT6 = "XP" | SUPPORT7 = "2003" | | [WIN98SE] | MAJOR = 4 | MINOR = 10 | PLATFORMID = 1 | BUILDNUMBER = 2222 | | [WIN98] | MAJOR = 4 | MINOR = 10 | PLATFORMID = 1 | BUILDNUMBER = -1 | | [WINNT4] | MAJOR = 4 | MINOR = 0 | PLATFORMID = 2 | BUILDNUMBER = -1 | | [WIN2K] | MAJOR = 5 | MINOR = 0 | PLATFORMID = 2 | BUILDNUMBER = -1 | | [WINME] | MAJOR = 4 | MINOR = 90 | PLATFORMID = 1 | BUILDNUMBER = -1 | | [XP] | MAJOR = 5 | MINOR = 1 | PLATFORMID = 2 | BUILDNUMBER = -1 | | | [2003] | MAJOR = 5 | MINOR = 2 | PLATFORMID = 2 | BUILDNUMBER = -1 | [TARGET] | STRING="6A69VSAD" | DIR="K:\" | ]
File not found -- D:\Autorun -- [ NTFS ]

autorun.txt [[autorun] | icon=daij.ico | ]
File not found -- D:\autorun -- [ NTFS ]

autorun.wsh [[ScriptFile] | Path=E:\autorun.vbs | [Options] | Timeout=1 | DisplayLogo=0 | ]
File not found -- D:\autorun -- [ NTFS ]

========== Files/Folders - Created Within 30 Days ==========

[459 C:\WINDOWS\System32\*.tmp files]
[5 C:\WINDOWS\*.tmp files]
[2009/03/01 23:16:48 | 00,000,000 | ---D | C] -- C:\WINDOWS\temp
[2009/03/01 23:15:35 | 00,401,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\CF11394.exe
[2009/02/26 22:19:13 | 00,000,000 | ---D | C] -- C:\Program Files\Navilog1
[2009/02/26 21:55:23 | 12,745,97376 | -HS- | C] () -- C:\hiberfil.sys
[2009/02/26 00:56:21 | 00,578,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\user32.dll
[2009/02/24 22:08:01 | 00,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
[2009/02/24 15:51:39 | 00,000,850 | ---- | C] () -- C:\WINDOWS\System32\ProductTweaks.xml
[2009/02/24 15:51:37 | 00,000,385 | ---- | C] () -- C:\WINDOWS\System32\user_gensett.xml
[2009/02/24 15:49:03 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\logs
[2009/02/24 15:46:03 | 00,000,000 | ---D | C] -- C:\Program Files\Fichiers communs\BitDefender
[2009/02/23 18:55:12 | 00,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Application Data\TuneUp Software
[2009/02/23 18:52:37 | 00,000,000 | -HSD | C] -- D:\Documents and Settings\All Users\Application Data\{55A29068-F2CE-456C-9148-C869879E2357}
[2009/02/23 18:38:20 | 00,000,000 | -HSD | C] -- C:\RECYCLER
[2009/02/22 23:19:56 | 00,015,504 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2009/02/22 23:19:54 | 00,038,496 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2009/02/21 15:13:36 | 00,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2009/02/21 15:13:36 | 00,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2009/02/21 15:13:36 | 00,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2009/02/21 15:13:36 | 00,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2009/02/21 15:13:36 | 00,089,504 | ---- | C] (Smallfrogs Studio) -- C:\WINDOWS\fdsv.exe
[2009/02/21 15:13:36 | 00,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2009/02/21 15:13:36 | 00,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2009/02/21 15:13:36 | 00,049,152 | ---- | C] () -- C:\WINDOWS\VFIND.exe
[2009/02/21 15:13:36 | 00,029,696 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2009/02/21 15:13:31 | 00,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2009/02/21 15:13:31 | 00,000,000 | ---D | C] -- C:\Qoobox
[2009/02/17 21:01:29 | 00,001,706 | ---- | C] () -- D:\Documents and Settings\All Users\Bureau\AntiVir PE Classic.lnk
[2009/02/17 21:01:23 | 00,045,376 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntdd.sys
[2009/02/17 21:01:23 | 00,022,336 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntmgr.sys
[2009/02/17 21:01:22 | 00,021,248 | ---- | C] (AVIRA GmbH) -- C:\WINDOWS\System32\drivers\ssmdrv.sys
[2009/02/17 21:01:21 | 00,075,072 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avipbb.sys
[2009/02/17 21:01:20 | 00,000,000 | ---D | C] -- C:\Program Files\Avira
[2009/02/17 20:42:42 | 00,000,581 | ---- | C] () -- D:\Documents and Settings\All Users\Bureau\Malwarebytes' Anti-Malware.lnk
[2009/02/17 20:23:08 | 00,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Application Data\TEMP
@Alternate Data Stream - 121 bytes -> D:\Documents and Settings\All Users\Application Data\TEMP:CB0AACC9

========== Files - Modified Within 30 Days ==========

[459 C:\WINDOWS\System32\*.tmp files]
[5 C:\WINDOWS\*.tmp files]
[2009/03/05 23:31:19 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009/03/05 23:31:17 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009/03/05 23:31:15 | 12,745,97376 | -HS- | M] () -- C:\hiberfil.sys
[2009/03/05 23:30:16 | 04,312,668 | -H-- | M] () -- D:\Documents and Settings\Gokhan\Local Settings\Application Data\IconCache.db
[2009/03/05 23:29:27 | 00,000,736 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\HOSTS
[2009/03/05 23:02:50 | 00,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2009/03/03 00:39:48 | 00,000,581 | ---- | M] () -- D:\Documents and Settings\All Users\Bureau\Malwarebytes' Anti-Malware.lnk
[2009/03/01 23:15:24 | 00,401,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\CF11394.exe
[2009/02/27 00:31:23 | 00,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2009/02/26 00:56:22 | 00,578,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\user32.dll
[2009/02/26 00:05:14 | 00,001,503 | ---- | M] () -- D:\Documents and Settings\All Users\Bureau\Mozilla Firefox.lnk
[2009/02/24 15:51:39 | 00,000,850 | ---- | M] () -- C:\WINDOWS\System32\ProductTweaks.xml
[2009/02/24 15:51:37 | 00,000,385 | ---- | M] () -- C:\WINDOWS\System32\user_gensett.xml
[2009/02/22 15:47:15 | 00,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2009/02/17 21:01:29 | 00,001,706 | ---- | M] () -- D:\Documents and Settings\All Users\Bureau\AntiVir PE Classic.lnk
[2009/02/17 20:14:51 | 00,092,264 | ---- | M] () -- D:\Documents and Settings\Gokhan\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2009/02/11 10:19:42 | 00,038,496 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2009/02/11 10:19:34 | 00,015,504 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2009/02/08 21:25:35 | 01,032,066 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2009/02/08 21:25:35 | 00,474,734 | ---- | M] () -- C:\WINDOWS\System32\perfh00C.dat
[2009/02/08 21:25:35 | 00,406,464 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2009/02/08 21:25:35 | 00,077,278 | ---- | M] () -- C:\WINDOWS\System32\perfc00C.dat
[2009/02/08 21:25:35 | 00,063,664 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2009/02/08 21:19:30 | 00,001,083 | ---- | M] () -- C:\WINDOWS\win.ini
< End of report >


OTViewIt Extras logfile created on: 05/03/2009 23:45:53 - Run 2
OTViewIt by OldTimer - Version 1.0.21.0 Folder = D:\Documents and Settings\Gokhan\Bureau
Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: | Country: | Language: | Date Format:

1,19 Gb Total Physical Memory | 0,90 Gb Available Physical Memory | 76,15% Memory free
2,24 Gb Paging File | 2,06 Gb Available in Paging File | 92,13% Paging File free
Paging file location(s): C:\pagefile.sys 0 0;

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 37,80 Gb Total Space | 12,41 Gb Free Space | 32,82% Space Free | Partition Type: NTFS
Drive D: | 73,98 Gb Total Space | 2,88 Gb Free Space | 3,90% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: HEREK
Current User Name: Gokhan
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Whitelist: On
File Age = 30 Days

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.chm [@ = chm.file] -- C:\WINDOWS\hh File not found
.hlp [@ = hlpfile] -- C:\WINDOWS\system32\winhlp32 File not found
.hta [@ = htafile] -- C:\WINDOWS\system32\mshta File not found
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore File not found
.inf [@ = inffile] -- C:\WINDOWS\system32\notepad File not found
.ini [@ = inifile] -- C:\WINDOWS\system32\notepad File not found
.js [@ = JSFile] -- C:\WINDOWS\system32\wscript File not found
.jse [@ = JSEFile] -- C:\WINDOWS\system32\wscript File not found
.reg [@ = regfile] -- C:\WINDOWS\regedit File not found
.txt [@ = txtfile] -- C:\WINDOWS\system32\notepad File not found
.vbe [@ = VBEFile] -- C:\WINDOWS\system32\wscript File not found
.vbs [@ = VBSFile] -- C:\WINDOWS\system32\wscript File not found
.wsf [@ = WSFFile] -- C:\WINDOWS\system32\wscript File not found
.wsh [@ = WSHFile] -- C:\WINDOWS\system32\wscript File not found

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled"=1
"AntiVirusDisableNotify"=0
"FirewallDisableNotify"=0
"UpdatesDisableNotify"=0
"AntiVirusOverride"=0
"FirewallOverride"=0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile
"EnableFirewall"=1
"DoNotAllowExceptions"=0
"DisableNotifications"=0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts]

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
File not found -- %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019
File not found -- %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000
File not found -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger
File not found -- C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
File not found -- %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019
File not found -- C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger
File not found -- D:\Program Files\eMule\emule.exe:*:Enabled:eMule
File not found -- %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000
File not found -- C:\Program Files\eMule\emule.exe:*:Disabled:eMule
File not found -- C:\Program Files\Hercules\Hercules DualPix HD Webcam\ControlUI.exe:*:Disabled:Hercules Zoom Controller Main Application
""=
File not found -- C:\WINDOWS\pchealth\helpctr\binaries\HelpCtr.exe:*:Enabled:Assistance à distance - Windows Messenger et voix
File not found -- C:\Program Files\Microsoft Games\Age of Empires III\age3.exe:*:Disabled:Age of Empires 3

========== (O10) Winsock2 Catalogs ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\]
NameSpace_Catalog5\Catalog_Entries\000000000004 [NWLink IPX/SPX/NetBIOS Compatible Transport Protocol] -- C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation)

========== (O18) Protocol Handlers ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\]
ipp: [HKLM - No CLSID value]
[2005/09/20 11:33:58 | 00,843,984 | ---- | M] (Microsoft Corporation) C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL ipp\0x00000001:{E1D2BF42-A96B-11d1-9C6B-0000F875AC61} (HKLM) [HKLM - MSDAMON.BINDER]
msdaipp: [HKLM - No CLSID value]
[2005/09/20 11:33:58 | 00,843,984 | ---- | M] (Microsoft Corporation) C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL msdaipp\0x00000001:{E1D2BF42-A96B-11d1-9C6B-0000F875AC61} (HKLM) [HKLM - MSDAMON.BINDER]
[2005/09/20 11:33:58 | 00,843,984 | ---- | M] (Microsoft Corporation) C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL msdaipp\oledb:{E1D2BF40-A96B-11d1-9C6B-0000F875AC61} (HKLM) [HKLM - MSDAIPP.BINDER]
[2007/03/14 12:10:22 | 07,255,384 | ---- | M] (Microsoft Corporation) C:\Program Files\Fichiers communs\Microsoft Shared\Web Components\10\OWC10.DLL (mso-offdap:{3D9F03FA-7A94-11D3-BE81-0050048385D1} (HKLM) [Data Page Pluggable Protocol mso-offdap Handler])
[2007/05/10 12:45:34 | 08,069,464 | ---- | M] (Microsoft Corporation) C:\Program Files\Fichiers communs\Microsoft Shared\Web Components\11\OWC11.DLL (mso-offdap11:{32505114-5902-49B2-880A-1F7738E5A384} (HKLM) [Data Page Plugable Protocal mso-offdap11 Handler])

========== (O18) Protocol Filters ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Filter\] - Protocol Filters
[2007/04/19 12:57:40 | 00,046,432 | ---- | M] (Microsoft Corporation) C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE11\MSOXMLMF.DLL text/xml:{807553E5-5146-11D5-A672-00B0D022E945} (HKLM) [Reg Error: Value does not exist or could not be read.]

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{001E7FB6-BB6B-4ED0-BEDC-B5404ED96D4E}"=DocProc
"{10E1E87C-656C-4D08-86D6-5443D28583BE}"=TrayApp
"{13F00518-807A-4B3A-83B0-A7CD90F3A398}"=MarketResearch
"{1753255A-0AEB-4220-8C75-607B73F0C133}"=Copy
"{1E04F83B-2AB9-4301-9EF7-E86307F79C72}"=Google Earth
"{21657574-BD54-48A2-9450-EB03B2C7FC29}"=Sonic MyDVD
"{29FA38B4-0AE4-4D0D-8A51-6165BB990BB0}"=WebReg
"{2F28B3C9-2C89-4206-8B33-8ADC9577C49B}"=Scan
"{3248F0A8-6813-11D6-A77B-00B0D0150040}"=J2SE Runtime Environment 5.0 Update 4
"{3248F0A8-6813-11D6-A77B-00B0D0160030}"=Java(TM) 6 Update 3
"{33288D98-C013-4BC3-95A5-EA69B7C543FD}"=ArcSoft Media Card Companion
"{350C940c-3D7C-4EE8-BAA9-00BCB3D54227}"=WebFldrs XP
"{36FDBE6E-6684-462B-AE98-9A39A1B200CC}"=HP Product Assistant
"{3921A67A-5AB1-4E48-9444-C71814CF3027}"=VCRedistSetup
"{485775E8-AEB8-46BD-922B-242879E03DD5}"=Age of Empires III
"{487B0B9B-DCD4-440D-89A0-A6EDE1A545A3}"=HPSSupply
"{543E938C-BDC4-4933-A612-01293996845F}"=UnloadSupport
"{557696ED-2543-4D5D-9F53-0BDAAF8D5FB8}"=ArcSoft VideoImpression 2
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}"=neroxml
"{59E1EEA6-EDBC-45C1-9754-A88119760547}"=ArcSoft MediaConverter 2
"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}"=eSupportQFolder
"{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}"=CustomerResearchQFolder
"{7D1D6A24-65D4-454C-8815-4F08A5FFF12C}"=Macromedia Shockwave Player
"{7DE4B31F-651E-4773-8DD4-399E7E58477E}"=MP Manager
"{824D3839-DAA1-4315-A822-7AE3E620E528}"=VideoToolkit01
"{8389382B-53BA-4A87-8854-91E3D80A5AC7}"=HP Photosmart Essential2.01
"{87E2B986-07E8-477a-93DC-AF0B6758B192}"=DocProcQFolder
"{8C6027FD-53DC-446D-BB75-CACD7028A134}"=HP Update
"{9011040C-6000-11D3-8CFE-0150048383C9}"=Microsoft Office Professional Edition 2003
"{93F54611-2701-454e-94AB-623F458D9E6B}"=DeviceDiscovery
"{9541FED0-327F-4DF0-8B96-EF57EF622F19}"=Sonic RecordNow!
"{9A394342-4A68-4EBA-85A6-55B559F4E700}"=Microsoft .NET Framework 1.1 French Language Pack
"{A036E231-5A03-4d63-94F6-7864CC77EC48}"=PS_AIO_ProductContext
"{A70FA218-6598-4AC9-813D-63597C5DD068}"=Galerie de photos Windows Live
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}"=DeviceManagementQFolder
"{AC76BA86-7AD7-1036-7B44-A71000000002}"=Adobe Reader 7.1.0 - Français
"{AEA07F97-9088-497c-8821-0F36BD5DC251}"=HPProductAssistant
"{AF7FC1CA-79DF-43c3-90A3-33EFEB9294CE}"=AIO_Scan
"{B040FEFE-B45F-4e30-B3C6-035F53F544A9}"=c4200_Help
"{B22C19AE-6A67-4f28-B541-5AE72FB17A25}"=HP Photosmart All-In-One Software 9.0
"{B508B3F1-A24A-32C0-B310-85786919EF28}"=Microsoft .NET Framework 2.0 Service Pack 1
"{B9F3A6E6-9C77-4535-9ED9-B16C1EBDFEC2}"=C4200
"{BC4AE628-81A4-4FC6-863A-7A9BA2E2531F}"=Nokia Connectivity Cable Driver
"{BCD6CD1A-0DBE-412E-9F25-3B500D1E6BA1}"=SolutionCenter
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}"=Microsoft .NET Framework 1.1
"{D0E39A1D-0CEE-4D85-B4A2-E3BE990D075E}"=Destination Component
"{D719E8F1-6931-40b4-AC0B-5FE2C097F995}"=C4200_doccd
"{E2662C24-B31E-4349-A084-32EB76E8B760}"=BufferChm
"{E39A3770-3DDE-404c-B91F-3522947874A3}"=PS_AIO_Software_min
"{E9C18EBD-85BE-47D0-AA73-3FEDCC976B04}"=Toolbox
"{EBA29752-DDD2-4B62-B2E3-9841F92A3E3A}"=Samsung PC Studio 3 USB Driver Installer
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}"=Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0CFDC72-63D2-4086-A54F-1514494394A0}"=Hercules DualPix HD Webcam
"{F1E63043-54FC-429B-AB2C-31AF9FBA4BC7}"=32 Bit HP CIO Components Installer
"{F72E2DDC-3DB8-4190-A21D-63883D955FE7}"=PSSWCORE
"{FA4FA322-5C90-4d2b-A019-9E588273DED5}"=PS_AIO_Software
"{FB08F381-6533-4108-B7DD-039E11FBC27E}"=Realtek AC'97 Audio
"{FD8D8B04-BEAD-4A55-AA1D-62D2373E7DEA}"=Status
"AbiWord2"=AbiWord 2.4.6 (remove only)
"Adobe Flash Player ActiveX"=Adobe Flash Player ActiveX
"AntiVir PersonalEdition Classic"=Avira AntiVir Personal - Free Antivirus
"AviSynth"=AviSynth 2.5
"AVS Video Tools 5_is1"=AVS Video Tools 5.5
"CCleaner"=CCleaner (remove only)
"HP Imaging Device Functions"=HP Imaging Device Functions 9.0
"HP Photosmart Essential"=HP Photosmart Essential 2.01
"HP Solution Center & Imaging Support Tools"=HP Solution Center 9.0
"HPExtendedCapabilities"=HP Customer Participation Program 9.0
"HPOCR"=HP OCR Software 9.0
"IDNMitigationAPIs"=Microsoft Internationalized Domain Names Mitigation APIs
"InstallShield_{485775E8-AEB8-46BD-922B-242879E03DD5}"=Age of Empires III
"LMSOFT Web Creator Pro 4"=LMSOFT Web Creator Pro 4
"Logitech VideoCall"=Logitech VideoCall
"Malwarebytes' Anti-Malware_is1"=Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1 (1033)"=Microsoft .NET Framework 1.1
"Mozilla Firefox (3.0.6)"=Mozilla Firefox (3.0.6)
"MSNINST"=MSN
"NeroMultiInstaller!UninstallKey"=Nero Suite
"Neuf_Kit"=Neuf - Kit de connexion
"NLSDownlevelMapping"=Microsoft National Language Support Downlevel APIs
"SAMSUNG Mobile Modem"=SAMSUNG Mobile Modem Driver Set
"Samsung Mobile phone USB driver"=Samsung Mobile phone USB driver Software
"SAMSUNG Mobile USB Modem"=SAMSUNG Mobile USB Modem Software
"SAMSUNG Mobile USB Modem 1.0"=SAMSUNG Mobile USB Modem 1.0 Software
"VIA/S3G UniChrome Family Win2K/XP/Server2003 Display"=VIA/S3G Display Driver
"VLC media player"=VideoLAN VLC media player 0.8.5
"WIC"=Windows Imaging Component
"Windows Media Format Runtime"=Windows Media Format 11 runtime
"Windows Media Player"=Lecteur Windows Media 11
"Windows XP Service"=Windows XP Service Pack 3
"WinRAR archiver"=Archiveur WinRAR
"WMFDist11"=Windows Media Format 11 runtime
"wmp11"=Windows Media Player 11

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 22/11/2008 10:20:07 | Computer Name = HEREK | Source = MsiInstaller | ID = 11706
Description = Produit : HP Smart Web Printing -- Erreur 1706. Package d'installation
pour le produit HP Smart Web Printing introuvable. Réessayez d'exécuter Windows
Installer avec un package d'installation valide SmartWebPrinting.msi.

Error - 22/11/2008 10:23:16 | Computer Name = HEREK | Source = MsiInstaller | ID = 11706
Description = Produit : HP Smart Web Printing -- Erreur 1706. Package d'installation
pour le produit HP Smart Web Printing introuvable. Réessayez d'exécuter Windows
Installer avec un package d'installation valide SmartWebPrinting.msi.

Error - 22/11/2008 10:23:54 | Computer Name = HEREK | Source = MsiInstaller | ID = 11706
Description = Produit : HP Smart Web Printing -- Erreur 1706. Package d'installation
pour le produit HP Smart Web Printing introuvable. Réessayez d'exécuter Windows
Installer avec un package d'installation valide SmartWebPrinting.msi.

Error - 22/11/2008 10:27:28 | Computer Name = HEREK | Source = MsiInstaller | ID = 11706
Description = Produit : HP Smart Web Printing -- Erreur 1706. Package d'installation
pour le produit HP Smart Web Printing introuvable. Réessayez d'exécuter Windows
Installer avec un package d'installation valide SmartWebPrinting.msi.

Error - 22/11/2008 10:27:29 | Computer Name = HEREK | Source = MsiInstaller | ID = 11706
Description = Produit : HP Smart Web Printing -- Erreur 1706. Package d'installation
pour le produit HP Smart Web Printing introuvable. Réessayez d'exécuter Windows
Installer avec un package d'installation valide SmartWebPrinting.msi.

Error - 22/11/2008 10:52:10 | Computer Name = HEREK | Source = MsiInstaller | ID = 11706
Description = Produit : HP Smart Web Printing -- Erreur 1706. Package d'installation
pour le produit HP Smart Web Printing introuvable. Réessayez d'exécuter Windows
Installer avec un package d'installation valide SmartWebPrinting.msi.

Error - 22/11/2008 10:52:11 | Computer Name = HEREK | Source = MsiInstaller | ID = 11706
Description = Produit : HP Smart Web Printing -- Erreur 1706. Package d'installation
pour le produit HP Smart Web Printing introuvable. Réessayez d'exécuter Windows
Installer avec un package d'installation valide SmartWebPrinting.msi.

Error - 12/12/2008 17:23:43 | Computer Name = HEREK | Source = Application Error | ID = 1000
Description = Application défaillante hpqtra08.exe, version 90.0.146.0, module défaillant
hpqtra08.exe, version 90.0.146.0, adresse de défaillance 0x0000bf08.

Error - 12/12/2008 17:23:45 | Computer Name = HEREK | Source = Application Error | ID = 1001
Description = Détecteur d'erreurs 437899184.

Error - 12/12/2008 17:26:28 | Computer Name = HEREK | Source = Application Error | ID = 1000
Description = Application défaillante rundll32.exe, version 5.1.2600.2180, module
défaillant appwiz.cpl, version 5.1.2600.2180, adresse de défaillance 0x0000c881.

[ System Events ]
Error - 02/03/2009 18:54:26 | Computer Name = HEREK | Source = Windows Update Agent | ID = 20
Description = Échec de l'installation : l'installation de la mise à jour suivante
a échoué avec l'erreur 0x8007f0ed : Mise à jour de sécurité pour Windows XP (KB946648).

Error - 02/03/2009 19:01:14 | Computer Name = HEREK | Source = Service Control Manager | ID = 7023
Description = Le service Services IPSEC s'est arrêté avec l'erreur : %%10044

Error - 02/03/2009 19:01:14 | Computer Name = HEREK | Source = Service Control Manager | ID = 7023
Description = Le service Pare-feu Windows / Partage de connexion Internet s'est
arrêté avec l'erreur : %%10047

Error - 02/03/2009 19:06:14 | Computer Name = HEREK | Source = Service Control Manager | ID = 7023
Description = Le service Explorateur d'ordinateur s'est arrêté avec l'erreur : %%1460

Error - 02/03/2009 19:08:32 | Computer Name = HEREK | Source = W32Time | ID = 39452689
Description = Fournisseur de temps NtpClient : une erreur s'est produite lors de
la recherche DNS de l'homologue manuellement configuré 'time.windows.com,0x1'. NtpClient
va essayer à nouveau la recherche DNS dans 15 minutes. L'erreur était : Une opération
a été tentée sur un hôte impossible à atteindre. (0x80072751)

Error - 02/03/2009 19:08:32 | Computer Name = HEREK | Source = W32Time | ID = 39452701
Description = Le fournisseur de temps NtpClient est configuré pour acquérir le temps
à partir d'une ou plusieurs sources de temps, cependant aucune source n'est actuellement
accessible. Aucune tentative pour en contacter une ne sera effectuée d'ici 14 minutes.
NtpClient
n'a pas de source de temps précis.

Error - 02/03/2009 19:08:32 | Computer Name = HEREK | Source = W32Time | ID = 39452689
Description = Fournisseur de temps NtpClient : une erreur s'est produite lors de
la recherche DNS de l'homologue manuellement configuré 'time.windows.com,0x1'. NtpClient
va essayer à nouveau la recherche DNS dans 15 minutes. L'erreur était : Une opération
a été tentée sur un hôte impossible à atteindre. (0x80072751)

Error - 02/03/2009 19:08:32 | Computer Name = HEREK | Source = W32Time | ID = 39452701
Description = Le fournisseur de temps NtpClient est configuré pour acquérir le temps
à partir d'une ou plusieurs sources de temps, cependant aucune source n'est actuellement
accessible. Aucune tentative pour en contacter une ne sera effectuée d'ici 14 minutes.
NtpClient
n'a pas de source de temps précis.

Error - 05/03/2009 18:03:53 | Computer Name = HEREK | Source = Windows Update Agent | ID = 16
Description = Connexion impossible : Windows ne parvient pas à se connecter au service
Mises à jour automatiques et ne peut donc pas procéder au téléchargement et à l'installation
des mises à jour définies par la planification. Windows continuera d'essayer d'établir
la connexion.

Error - 05/03/2009 18:04:53 | Computer Name = HEREK | Source = Windows Update Agent | ID = 20
Description = Échec de l'installation : l'installation de la mise à jour suivante
a échoué avec l'erreur 0x8007f0ed : Mise à jour de sécurité pour Windows XP (KB946648).


< End of report >

Bonsoir,

Télécharge http://images.malwareremoval.com/random/RSIT.exe par random/random et sauvegarde-le sur le Bureau.

- Double-clique sur RSIT.exe afin de lancer RSIT.
- Clique Continue à l'écran Disclaimer.
- Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera et tu devras accepter la licence.
- Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront.
Poste le contenu de log.txt (<<qui sera affiché) ainsi que de info.txt (<<qui sera réduit dans la Barre des Tâches).

- Si tu ne vois pas ces deux rapports, tu les trouveras dans le dossier C:\rsit


Cordialement.

Logfile of random's system information tool 1.05 (written by random/random)
Run by Gokhan at 2009-03-06 00:05:39
Microsoft Windows XP Édition familiale Service Pack 2
System drive C: has 13 GB (33%) free of 39 GB
Total RAM: 1215 MB (75% free)

HijackThis download failed

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2006-12-18 59032]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll [2007-09-25 501136]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"avgnt"=C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe [2008-06-12 266497]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
""= []
"GrpConv"=grpconv -o []
"Malwarebytes' Anti-Malware"=C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe [2009-02-11 399504]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\avgnt]
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe [2008-06-12 266497]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2007-03-11 49152]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IMJPMIG8.1]
C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE [2004-08-05 208952]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup]
C:\Program Files\Fichiers communs\InstallShield\UpdateService\isuspm.exe [2005-06-10 249856]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler]
C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe [2005-06-10 81920]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSConfig]
C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe [2008-04-14 172544]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCMService]
c:\APPS\Powercinema\PCMService.exe [2006-02-23 147456]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PHIME2002A]
C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-05 455168]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PHIME2002ASync]
C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-05 455168]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\qttask.exe [2007-11-20 98304]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMan]
C:\WINDOWS\SOUNDMAN.EXE [2005-01-20 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe [2007-09-25 132496]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VTTimer]
C:\WINDOWS\system32\VTTimer.exe [2005-03-08 53248]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VTTrayp]
C:\WINDOWS\system32\VTtrayp.exe [2005-11-01 163840]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\D:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^HP Digital Imaging Monitor.lnk]
C:\PROGRA~1\HP\DIGITA~1\bin\hpqtra08.exe [2007-03-11 210520]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\D:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Lancement rapide d'Adobe Reader.lnk]
C:\PROGRA~1\Adobe\ACROBA~1.0\Reader\READER~1.EXE [2008-04-23 29696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\D:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Monitor.lnk]
C:\PROGRA~1\ArcSoft\MEDIAC~2\MCCMON~1.EXE [2005-04-15 110592]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"WMPNetworkSvc"=3
"WLSetupSvc"=3
"vkservice"=2
"ose"=3
"IDriverT"=3
"GenericHidService"=2
"CyberLink Media Library Service"=2
"CLSched"=2
"CLCapSvc"=2
"AOL ACS"=2
"AntiVirService"=2
"AntiVirScheduler"=2

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"NoDrives"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"D:\Program Files\eMule\emule.exe"="D:\Program Files\eMule\emule.exe:*:Enabled:eMule"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\eMule\emule.exe"="C:\Program Files\eMule\emule.exe:*:Disabled:eMule"
"C:\Program Files\Hercules\Hercules DualPix HD Webcam\ControlUI.exe"="C:\Program Files\Hercules\Hercules DualPix HD Webcam\ControlUI.exe:*:Disabled:Hercules Zoom Controller Main Application"
""=""
"C:\WINDOWS\pchealth\helpctr\binaries\HelpCtr.exe"="C:\WINDOWS\pchealth\helpctr\binaries\HelpCtr.exe:*:Enabled:Assistance à distance - Windows Messenger et voix"
"C:\Program Files\Microsoft Games\Age of Empires III\age3.exe"="C:\Program Files\Microsoft Games\Age of Empires III\age3.exe:*:Disabled:Age of Empires 3"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"

======List of files/folders created in the last 1 months======

2009-03-06 00:05:39 ----D---- C:\rsit
2009-03-06 00:05:39 ----D---- C:\Program Files\trend micro
2009-03-05 23:29:59 ----A---- C:\WINDOWS\resetlog.txt
2009-03-01 23:16:48 ----D---- C:\WINDOWS\temp
2009-03-01 23:15:35 ----A---- C:\WINDOWS\system32\CF11394.exe
2009-02-26 22:19:13 ----D---- C:\Program Files\Navilog1
2009-02-25 23:35:05 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-02-24 22:08:01 ----D---- D:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2009-02-24 15:49:03 ----D---- C:\WINDOWS\system32\logs
2009-02-24 15:46:03 ----D---- C:\Program Files\Fichiers communs\BitDefender
2009-02-23 18:55:12 ----D---- D:\Documents and Settings\All Users\Application Data\TuneUp Software
2009-02-23 18:52:37 ----SHD---- D:\Documents and Settings\All Users\Application Data\{55A29068-F2CE-456C-9148-C869879E2357}
2009-02-23 18:38:20 ----SHD---- C:\RECYCLER
2009-02-21 15:13:36 ----A---- C:\WINDOWS\zip.exe
2009-02-21 15:13:36 ----A---- C:\WINDOWS\VFIND.exe
2009-02-21 15:13:36 ----A---- C:\WINDOWS\SWXCACLS.exe
2009-02-21 15:13:36 ----A---- C:\WINDOWS\SWSC.exe
2009-02-21 15:13:36 ----A---- C:\WINDOWS\SWREG.exe
2009-02-21 15:13:36 ----A---- C:\WINDOWS\sed.exe
2009-02-21 15:13:36 ----A---- C:\WINDOWS\NIRCMD.exe
2009-02-21 15:13:36 ----A---- C:\WINDOWS\grep.exe
2009-02-21 15:13:36 ----A---- C:\WINDOWS\fdsv.exe
2009-02-21 15:13:31 ----D---- C:\WINDOWS\ERDNT
2009-02-21 15:13:31 ----AD---- C:\Qoobox
2009-02-17 21:01:20 ----D---- C:\Program Files\Avira
2009-02-17 20:23:08 ----AD---- D:\Documents and Settings\All Users\Application Data\TEMP

======List of files/folders modified in the last 1 months======

2009-03-06 00:05:39 ----RD---- C:\Program Files
2009-03-05 23:33:40 ----D---- C:\WINDOWS\PREFETCH
2009-03-05 23:31:28 ----D---- C:\WINDOWS
2009-03-05 23:04:30 ----HD---- C:\WINDOWS\inf
2009-03-05 23:04:21 ----D---- C:\WINDOWS\system32\CatRoot2
2009-03-03 00:40:09 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-03-03 00:39:48 ----D---- C:\WINDOWS\system32\drivers
2009-03-03 00:09:52 ----D---- C:\Program Files\Mozilla Firefox
2009-03-03 00:06:54 ----D---- C:\WINDOWS\security
2009-03-01 23:15:39 ----AD---- C:\WINDOWS\system32
2009-03-01 22:45:10 ----SHD---- C:\WINDOWS\Installer
2009-02-27 00:31:23 ----A---- C:\WINDOWS\NeroDigital.ini
2009-02-26 22:17:03 ----SHD---- C:\System Volume Information
2009-02-26 22:17:03 ----D---- C:\WINDOWS\system32\Restore
2009-02-26 22:12:38 ----D---- C:\Program Files\eMule
2009-02-26 20:57:12 ----SHD---- C:\DRIVERS
2009-02-26 01:47:05 ----D---- C:\WINDOWS\Debug
2009-02-26 00:56:21 ----RSHD---- C:\WINDOWS\system32\dllcache
2009-02-26 00:26:49 ----D---- C:\WINDOWS\occache
2009-02-24 21:53:02 ----SD---- C:\WINDOWS\Downloaded Program Files
2009-02-24 19:37:33 ----HD---- C:\Config.Msi
2009-02-24 17:28:39 ----D---- C:\WINDOWS\system32\CatRoot
2009-02-24 15:46:03 ----D---- C:\Program Files\Fichiers communs
2009-02-24 01:39:11 ----SD---- C:\WINDOWS\Tasks
2009-02-23 18:55:43 ----D---- C:\WINDOWS\system32\config
2009-02-22 15:47:15 ----A---- C:\WINDOWS\system.ini
2009-02-22 15:46:37 ----D---- C:\WINDOWS\AppPatch
2009-02-17 21:01:20 ----D---- D:\Documents and Settings\All Users\Application Data\Avira
2009-02-17 20:57:43 ----D---- D:\Documents and Settings\All Users\Application Data\Ulead Systems
2009-02-17 20:57:42 ----HD---- C:\Program Files\InstallShield Installation Information
2009-02-17 20:57:41 ----D---- C:\Program Files\Fichiers communs\Ulead Systems
2009-02-17 20:39:41 ----D---- C:\Program Files\CCleaner
2009-02-09 21:54:46 ----D---- C:\Program Files\Windows Live
2009-02-08 21:25:35 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2009-02-08 21:19:30 ----A---- C:\WINDOWS\win.ini

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 AmdK8;Pilote de processeur AMD; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2004-08-11 43520]
R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgio.sys []
R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2008-10-30 75072]
R1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14720]
R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2007-11-08 21248]
R1 StarOpen;StarOpen; C:\WINDOWS\system32\drivers\StarOpen.sys [2006-07-24 5632]
R2 ASCTRM;ASCTRM; C:\WINDOWS\system32\drivers\ASCTRM.sys [2007-11-20 8552]
R3 Afc;PPdus ASPI Shell; C:\WINDOWS\system32\drivers\Afc.sys [2005-02-23 11776]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2005-01-28 2310272]
R3 avgntflt;avgntflt; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgntflt.sys []
R3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2004-08-05 5888]
R3 RTL8023xp;Realtek RTL8139/810x/8169/8110 all in one NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtlnicxp.sys [2004-12-02 70912]
R3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 viagfx;viagfx; C:\WINDOWS\system32\DRIVERS\vtmini.sys [2006-02-06 248448]
R3 wanatw;WAN Miniport (ATW); C:\WINDOWS\system32\DRIVERS\wanatw4.sys [2003-01-10 33588]
S3 APL531;Hercules Dualpix HD Webcam; C:\WINDOWS\System32\Drivers\HDvid.sys [2006-09-27 274816]
S3 camfilt;camfilt; C:\WINDOWS\System32\Drivers\camfilt.sys [2006-10-03 22656]
S3 catchme;catchme; \??\C:\WINDOWS\TEMP\catchme.sys []
S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 DCamUSBEMPIA;USB 2710 Camera; C:\WINDOWS\system32\DRIVERS\emDevice.sys []
S3 FiltUSBEMPIA;USB Device Lower Filter; C:\WINDOWS\system32\DRIVERS\emFilter.sys []
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2007-03-08 49920]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2007-03-08 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2007-03-08 21568]
S3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-23 12288]
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 nmwcd;Nokia USB Phone Parent; C:\WINDOWS\system32\drivers\nmwcd.sys []
S3 nmwcdc;Nokia USB Generic; C:\WINDOWS\system32\drivers\nmwcdc.sys []
S3 nmwcdcj;Nokia USB Port; C:\WINDOWS\system32\drivers\nmwcdcj.sys []
S3 nmwcdcm;Nokia USB Modem; C:\WINDOWS\system32\drivers\nmwcdcm.sys []
S3 PCASp50;PCASp50 NDIS Protocol Driver; C:\WINDOWS\System32\Drivers\PCASp50.sys [2005-11-19 20096]
S3 Profos;Profos; \??\C:\Program Files\Fichiers communs\BitDefender\BitDefender Threat Scanner\profos.sys []
S3 RTLWUSB;802.11g USB 2.0 WLAN Dongle; C:\WINDOWS\system32\DRIVERS\RTL8187.sys [2007-01-12 169472]
S3 ScanUSBEMPIA;USB Still Image Capture Device; C:\WINDOWS\system32\DRIVERS\emScan.sys []
S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 sscdbus;SAMSUNG USB Composite Device driver (WDM); C:\WINDOWS\system32\DRIVERS\sscdbus.sys [2007-07-03 80552]
S3 sscdmdfl;SAMSUNG Mobile Modem Filter; C:\WINDOWS\system32\DRIVERS\sscdmdfl.sys [2007-07-03 11944]
S3 sscdmdm;SAMSUNG Mobile Modem Drivers; C:\WINDOWS\system32\DRIVERS\sscdmdm.sys [2007-07-03 106792]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 Trufos;Trufos; \??\C:\Program Files\Fichiers communs\BitDefender\BitDefender Threat Scanner\trufos.sys []
S3 usb_rndis;Broadcom USB Remote NDIS Device Driver; C:\WINDOWS\system32\DRIVERS\usb8023.sys [2008-04-13 12800]
S3 usbaudio;Pilote USB audio (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032]
S3 usbohci;Pilote miniport de contrôleur hôte ouvert USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-13 17152]
S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 Via4in1;Via4in1; \??\C:\Via4in1.sys []
S3 WpdUsb;WpdUsb; C:\WINDOWS\System32\Drivers\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AntiVirScheduler;Planificateur Avira AntiVir Personal - Free Antivirus; C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe [2008-10-15 68865]
R2 AntiVirService;Avira AntiVir Personal - Free Antivirus Guard; C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe [2008-10-15 151297]
R2 hpqddsvc;Service HP CUE DeviceDiscovery; C:\WINDOWS\system32\svchost.exe [2004-08-05 14336]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2004-08-05 14336]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2004-08-05 14336]
R3 hpqcxs08;hpqcxs08; C:\WINDOWS\system32\svchost.exe [2004-08-05 14336]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-10-24 33800]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-10-24 70144]
S4 AOL ACS;AOL Connectivity Service; C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe [2004-04-08 1135728]
S4 CLCapSvc;CyberLink Background Capture Service (CBCS); c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe [2006-02-23 266338]
S4 CLSched;CyberLink Task Scheduler (CTS); c:\APPS\Powercinema\Kernel\TV\CLSched.exe [2006-02-23 114784]
S4 CyberLink Media Library Service;CyberLink Media Library Service; c:\APPS\Powercinema\Kernel\CLML_NTService\CLMLServer.exe [2006-02-23 1073152]
S4 GenericHidService;Generic Service for HID Keyboard Input Collections; c:\APPS\HIDSERVICE\HIDSERVICE.exe [2005-01-07 49152]
S4 IDriverT;InstallDriver Table Manager; C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S4 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S4 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]

-----------------EOF-----------------



info.txt logfile of random's system information tool 1.05 2009-03-06 00:05:41

======Uninstall list======

-->"c:\apps\skype\phone\unins000.exe"
-->"C:\Program Files\Fichiers communs\aolshare\Coach\AolCInUn.exe" -lang="fr-fr"
-->C:\PROGRA~1\FICHIE~1\AOL\ACS\AcsUninstall.exe /c
-->C:\Program Files\Ahead\nero\uninstall\UNNERO.exe /UNINSTALL
-->C:\Program Files\Fichiers communs\AOL\Screensaver\uninst_ygpss.exe
-->C:\Program Files\Fichiers communs\aolshare\Aolunins_fr.exe
-->C:\Program Files\Fichiers communs\Real\Update\\rnuninst.exe RealNetworks|RealPlayer|6.0
-->C:\Program Files\Viewpoint\Viewpoint Experience Technology\mtsAxInstaller.exe /u
-->C:\WINDOWS\IsUn040c.exe -fC:\WINDOWS\orun32.isu
-->C:\WINDOWS\system32\\MSIEXEC.EXE /x {9541FED0-327F-4df0-8B96-EF57EF622F19}
-->C:\WINDOWS\UNNeroVision.exe /UNINSTALL
-->C:\WINDOWS\UNNMP.exe /UNINSTALL
-->C:\WINDOWS\unvise32qt.exe C:\WINDOWS\system32\QuickTime\Uninstall.log
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2637C347-9DAD-11D6-9EA2-00055D0CA761}\Setup.exe" -uninstall
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5AFA4872-16B2-419E-ADCA-8E96E739115D}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C151CE54-E7EA-4804-854B-F515368B0798}\setup.exe" -l0x40c
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
32 Bit HP CIO Components Installer-->MsiExec.exe /I{F1E63043-54FC-429B-AB2C-31AF9FBA4BC7}
AbiWord 2.4.6 (remove only)-->C:\Program Files\AbiSuite2\UninstallAbiWord2.exe
Adobe Flash Player ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Reader 7.1.0 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A71000000002}
Age of Empires III-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\11\INTEL3~1\IDriver.exe /M{485775E8-AEB8-46BD-922B-242879E03DD5}
Archiveur WinRAR-->C:\Program Files\WinRAR\uninstall.exe
ArcSoft Media Card Companion-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{33288D98-C013-4BC3-95A5-EA69B7C543FD}\Setup.exe" -l0x40c
ArcSoft MediaConverter 2-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{59E1EEA6-EDBC-45C1-9754-A88119760547}\Setup.exe" -l0x40c
ArcSoft VideoImpression 2-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{557696ED-2543-4D5D-9F53-0BDAAF8D5FB8}\Setup.exe" -l0x40c
Avira AntiVir Personal - Free Antivirus-->C:\Program Files\Avira\AntiVir PersonalEdition Classic\SETUP.EXE /REMOVE
AviSynth 2.5-->"C:\Program Files\AviSynth 2.5\Uninstall.exe"
AVS Video Tools 5.5-->"C:\Program Files\AVSMedia\VideoTools\unins000.exe"
CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe"
Correctif pour Lecteur Windows Media 11 (KB939683)-->"C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe"
Correctif pour Windows XP (KB896256)-->"C:\WINDOWS\$NtUninstallKB896256$\spuninst\spuninst.exe"
Correctif pour Windows XP (KB914440)-->"C:\WINDOWS\$NtUninstallKB914440$\spuninst\spuninst.exe"
Correctif pour Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
Correctif Windows XP - KB873339-->C:\WINDOWS\$NtUninstallKB873339$\spuninst\spuninst.exe
Correctif Windows XP - KB885250-->C:\WINDOWS\$NtUninstallKB885250$\spuninst\spuninst.exe
Correctif Windows XP - KB885835-->C:\WINDOWS\$NtUninstallKB885835$\spuninst\spuninst.exe
Correctif Windows XP - KB885836-->C:\WINDOWS\$NtUninstallKB885836$\spuninst\spuninst.exe
Correctif Windows XP - KB886185-->C:\WINDOWS\$NtUninstallKB886185$\spuninst\spuninst.exe
Correctif Windows XP - KB887472-->C:\WINDOWS\$NtUninstallKB887472$\spuninst\spuninst.exe
Correctif Windows XP - KB887742-->C:\WINDOWS\$NtUninstallKB887742$\spuninst\spuninst.exe
Correctif Windows XP - KB888113-->C:\WINDOWS\$NtUninstallKB888113$\spuninst\spuninst.exe
Correctif Windows XP - KB888302-->C:\WINDOWS\$NtUninstallKB888302$\spuninst\spuninst.exe
Correctif Windows XP - KB890859-->"C:\WINDOWS\$NtUninstallKB890859$\spuninst\spuninst.exe"
Correctif Windows XP - KB891781-->C:\WINDOWS\$NtUninstallKB891781$\spuninst\spuninst.exe
Galerie de photos Windows Live-->MsiExec.exe /X{A70FA218-6598-4AC9-813D-63597C5DD068}
Google Earth-->MsiExec.exe /I{1E04F83B-2AB9-4301-9EF7-E86307F79C72}
Hercules DualPix HD Webcam-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F0CFDC72-63D2-4086-A54F-1514494394A0}\setup.exe" -l0x40c -removeonly
Hotfix for Windows Media Format 11 SDK (KB929399)-->"C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB915865)-->"C:\WINDOWS\$NtUninstallKB915865$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB926239)-->"C:\WINDOWS\$NtUninstallKB926239$\spuninst\spuninst.exe"
HP Customer Participation Program 9.0-->C:\Program Files\HP\Digital Imaging\ExtCapUninstall\hpzscr01.exe -datfile hpqhsc01.dat
HP Imaging Device Functions 9.0-->C:\Program Files\HP\Digital Imaging\DeviceManagement\hpzscr01.exe -datfile hpqbud01.dat
HP OCR Software 9.0-->C:\Program Files\HP\Digital Imaging\OCR\hpzscr01.exe -datfile hpqbud11.dat
HP Photosmart All-In-One Software 9.0-->C:\Program Files\HP\Digital Imaging\{B22C19AE-6A67-4f28-B541-5AE72FB17A25}\setup\hpzscr01.exe -datfile hposcr15.dat
HP Photosmart Essential 2.01-->C:\Program Files\HP\Digital Imaging\PhotoSmartEssential\hpzscr01.exe -datfile hpqbud13.dat
HP Product Assistant-->MsiExec.exe /I{36FDBE6E-6684-462B-AE98-9A39A1B200CC}
HP Solution Center 9.0-->C:\Program Files\HP\Digital Imaging\eSupport\hpzscr01.exe -datfile hpqbud05.dat
HP Update-->MsiExec.exe /X{8C6027FD-53DC-446D-BB75-CACD7028A134}
HPSSupply-->MsiExec.exe /X{487B0B9B-DCD4-440D-89A0-A6EDE1A545A3}
J2SE Runtime Environment 5.0 Update 4-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150040}
Java(TM) 6 Update 3-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160030}
Lecteur Windows Media 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
LMSOFT Web Creator Pro 4-->C:\PROGRA~1\MINDSC~1\WEBCRE~1\UNWISE.EXE C:\PROGRA~1\MINDSC~1\WEBCRE~1\INSTALL.LOG
Logitech VideoCall-->C:\PROGRA~1\Logitech\VIDEOC~1\UNWISE.EXE C:\PROGRA~1\Logitech\VIDEOC~1\INSTALL.LOG
Macromedia Shockwave Player-->MsiExec.exe /X{7D1D6A24-65D4-454C-8815-4F08A5FFF12C}
Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
Microsoft .NET Framework 1.1 French Language Pack-->MsiExec.exe /X{9A394342-4A68-4EBA-85A6-55B559F4E700}
Microsoft .NET Framework 1.1 Hotfix (KB928366)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M928366\M928366Uninstall.msp"
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 2.0 Service Pack 1-->MsiExec.exe /I{B508B3F1-A24A-32C0-B310-85786919EF28}
Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"
Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"
Microsoft Office Professional Edition 2003-->MsiExec.exe /I{9011040C-6000-11D3-8CFE-0150048383C9}
Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
Mise à jour de sécurité pour Lecteur Windows Media (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 10 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP10$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 11 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP11$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Step by Step Interactive Training (KB898458)-->"C:\WINDOWS\$NtUninstallKB898458$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Step by Step Interactive Training (KB923723)-->"C:\WINDOWS\$NtUninstallKB923723$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB890046)-->"C:\WINDOWS\$NtUninstallKB890046$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB893756)-->"C:\WINDOWS\$NtUninstallKB893756$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB896358)-->"C:\WINDOWS\$NtUninstallKB896358$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB896422)-->"C:\WINDOWS\$NtUninstallKB896422$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB896423)-->"C:\WINDOWS\$NtUninstallKB896423$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB896424)-->"C:\WINDOWS\$NtUninstallKB896424$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB896428)-->"C:\WINDOWS\$NtUninstallKB896428$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB899587)-->"C:\WINDOWS\$NtUninstallKB899587$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB899589)-->"C:\WINDOWS\$NtUninstallKB899589$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB899591)-->"C:\WINDOWS\$NtUninstallKB899591$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB900725)-->"C:\WINDOWS\$NtUninstallKB900725$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB901017)-->"C:\WINDOWS\$NtUninstallKB901017$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB901190)-->"C:\WINDOWS\$NtUninstallKB901190$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB901214)-->"C:\WINDOWS\$NtUninstallKB901214$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB902400)-->"C:\WINDOWS\$NtUninstallKB902400$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB904706)-->"C:\WINDOWS\$NtUninstallKB904706$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB905414)-->"C:\WINDOWS\$NtUninstallKB905414$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB905749)-->"C:\WINDOWS\$NtUninstallKB905749$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB908519)-->"C:\WINDOWS\$NtUninstallKB908519$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB911562)-->"C:\WINDOWS\$NtUninstallKB911562$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB911927)-->"C:\WINDOWS\$NtUninstallKB911927$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB912919)-->"C:\WINDOWS\$NtUninstallKB912919$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB913446)-->"C:\WINDOWS\$NtUninstallKB913446$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB913580)-->"C:\WINDOWS\$NtUninstallKB913580$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB914388)-->"C:\WINDOWS\$NtUninstallKB914388$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB914389)-->"C:\WINDOWS\$NtUninstallKB914389$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB917344)-->"C:\WINDOWS\$NtUninstallKB917344$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB917953)-->"C:\WINDOWS\$NtUninstallKB917953$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB918118)-->"C:\WINDOWS\$NtUninstallKB918118$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB918439)-->"C:\WINDOWS\$NtUninstallKB918439$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB919007)-->"C:\WINDOWS\$NtUninstallKB919007$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB920213)-->"C:\WINDOWS\$NtUninstallKB920213$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB920670)-->"C:\WINDOWS\$NtUninstallKB920670$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB920683)-->"C:\WINDOWS\$NtUninstallKB920683$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB920685)-->"C:\WINDOWS\$NtUninstallKB920685$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB921503)-->"C:\WINDOWS\$NtUninstallKB921503$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB922819)-->"C:\WINDOWS\$NtUninstallKB922819$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB923191)-->"C:\WINDOWS\$NtUninstallKB923191$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB923414)-->"C:\WINDOWS\$NtUninstallKB923414$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB923980)-->"C:\WINDOWS\$NtUninstallKB923980$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB924270)-->"C:\WINDOWS\$NtUninstallKB924270$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB924496)-->"C:\WINDOWS\$NtUninstallKB924496$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB924667)-->"C:\WINDOWS\$NtUninstallKB924667$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB925902)-->"C:\WINDOWS\$NtUninstallKB925902$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB926255)-->"C:\WINDOWS\$NtUninstallKB926255$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB926436)-->"C:\WINDOWS\$NtUninstallKB926436$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB927779)-->"C:\WINDOWS\$NtUninstallKB927779$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB927802)-->"C:\WINDOWS\$NtUninstallKB927802$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB928255)-->"C:\WINDOWS\$NtUninstallKB928255$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB928843)-->"C:\WINDOWS\$NtUninstallKB928843$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB929123)-->"C:\WINDOWS\$NtUninstallKB929123$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB930178)-->"C:\WINDOWS\$NtUninstallKB930178$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB931261)-->"C:\WINDOWS\$NtUninstallKB931261$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB931784)-->"C:\WINDOWS\$NtUninstallKB931784$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB932168)-->"C:\WINDOWS\$NtUninstallKB932168$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB933729)-->"C:\WINDOWS\$NtUninstallKB933729$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB935839)-->"C:\WINDOWS\$NtUninstallKB935839$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB935840)-->"C:\WINDOWS\$NtUninstallKB935840$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB936021)-->"C:\WINDOWS\$NtUninstallKB936021$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB938127)-->"C:\WINDOWS\$NtUninstallKB938127$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB938829)-->"C:\WINDOWS\$NtUninstallKB938829$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB939653)-->"C:\WINDOWS\$NtUninstallKB939653$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB941202)-->"C:\WINDOWS\$NtUninstallKB941202$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB941568)-->"C:\WINDOWS\$NtUninstallKB941568$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB941644)-->"C:\WINDOWS\$NtUninstallKB941644$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB941693)-->"C:\WINDOWS\$NtUninstallKB941693$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB943055)-->"C:\WINDOWS\$NtUninstallKB943055$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB943460)-->"C:\WINDOWS\$NtUninstallKB943460$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB943485)-->"C:\WINDOWS\$NtUninstallKB943485$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB944653)-->"C:\WINDOWS\$NtUninstallKB944653$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB945553)-->"C:\WINDOWS\$NtUninstallKB945553$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB946026)-->"C:\WINDOWS\$NtUninstallKB946026$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB948590)-->"C:\WINDOWS\$NtUninstallKB948590$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB948881)-->"C:\WINDOWS\$NtUninstallKB948881$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950749)-->"C:\WINDOWS\$NtUninstallKB950749$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950760)-->"C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951376)-->"C:\WINDOWS\$NtUninstallKB951376$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB953839)-->"C:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB954600)-->"C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB957095)-->"C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB894391)-->"C:\WINDOWS\$NtUninstallKB894391$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB898461)-->"C:\WINDOWS\$NtUninstallKB898461$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB900485)-->"C:\WINDOWS\$NtUninstallKB900485$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB904942)-->"C:\WINDOWS\$NtUninstallKB904942$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB908531)-->"C:\WINDOWS\$NtUninstallKB908531$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB910437)-->"C:\WINDOWS\$NtUninstallKB910437$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB911280)-->"C:\WINDOWS\$NtUninstallKB911280$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB912945)-->"C:\WINDOWS\$NtUninstallKB912945$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB916595)-->"C:\WINDOWS\$NtUninstallKB916595$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB920872)-->"C:\WINDOWS\$NtUninstallKB920872$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB922582)-->"C:\WINDOWS\$NtUninstallKB922582$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB927891)-->"C:\WINDOWS\$NtUninstallKB927891$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB930916)-->"C:\WINDOWS\$NtUninstallKB930916$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB932823-v3)-->"C:\WINDOWS\$NtUninstallKB932823-v3$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB933360)-->"C:\WINDOWS\$NtUninstallKB933360$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB938828)-->"C:\WINDOWS\$NtUninstallKB938828$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB942763)-->"C:\WINDOWS\$NtUninstallKB942763$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB955839)-->"C:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe"
Mozilla Firefox (3.0.6)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MP Manager-->MsiExec.exe /X{7DE4B31F-651E-4773-8DD4-399E7E58477E}
MSN-->C:\Program Files\MSN\MsnInstaller\msninst.exe /Action:ARP
MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
Nero Suite-->C:\Program Files\Fichiers communs\Ahead\Uninstall\Setup.exe /uninstall
neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
Neuf - Kit de connexion-->C:\Program Files\Neuf\Kit\uninstall.exe
Nokia Connectivity Cable Driver-->RUNDLL32.EXE nsesetup.dll,DoNTUninst
Realtek AC'97 Audio-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FB08F381-6533-4108-B7DD-039E11FBC27E}\setup.exe" REMOVE
SAMSUNG Mobile Modem Driver Set-->C:\WINDOWS\system32\Samsung_USB_Drivers\3\SSCDUninstall.exe
Samsung Mobile phone USB driver Software-->C:\WINDOWS\system32\Samsung_USB_Drivers\5\SSSDUninstall.exe
SAMSUNG Mobile USB Modem 1.0 Software-->C:\WINDOWS\system32\Samsung_USB_Drivers\1\SS_Uninstall.exe
SAMSUNG Mobile USB Modem Software-->C:\WINDOWS\system32\Samsung_USB_Drivers\2\SSM_Uninstall.exe
Samsung PC Studio 3 USB Driver Installer-->"C:\Program Files\InstallShield Installation Information\{EBA29752-DDD2-4B62-B2E3-9841F92A3E3A}\setup.exe" -runfromtemp -l0x040c -removeonly
Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Sonic MyDVD-->MsiExec.exe /I{21657574-BD54-48A2-9450-EB03B2C7FC29}
Sonic RecordNow!-->MsiExec.exe /I{9541FED0-327F-4DF0-8B96-EF57EF622F19}
VCRedistSetup-->MsiExec.exe /I{3921A67A-5AB1-4E48-9444-C71814CF3027}
VIA/S3G Display Driver-->C:\PROGRA~1\S3\UChromeP\S3MINSET.EXE /u UChromeP.uns
VideoLAN VLC media player 0.8.5-->C:\Program Files\VideoLAN\VLC\uninstall.exe
Windows Imaging Component-->"C:\WINDOWS\$NtUninstallWIC$\spuninst\spuninst.exe"
Windows Installer 3.1 (KB893803)-->"C:\WINDOWS\$MSI31Uninstall_KB893803v2$\spuninst\spuninst.exe"
Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe"
Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"

======Security center information======

AV: Avira AntiVir PersonalEdition Classic (outdated)

System event log

Computer Name: HEREK
Event Code: 7036
Message: Le service Service COM de gravage de CD IMAPI est entré dans l'état : en cours d'exécution.

Record Number: 17933
Source Name: Service Control Manager
Time Written: 20090217203533.000000+060
Event Type: information
User:

Computer Name: HEREK
Event Code: 7035
Message: Un contrôle Démarrer a correctement été envoyé au service Service de découvertes SSDP.

Record Number: 17932
Source Name: Service Control Manager
Time Written: 20090217203533.000000+060
Event Type: information
User: AUTORITE NT\SYSTEM

Computer Name: HEREK
Event Code: 7036
Message: Le service NLA (Network Location Awareness) est entré dans l'état : en cours d'exécution.

Record Number: 17931
Source Name: Service Control Manager
Time Written: 20090217203533.000000+060
Event Type: information
User:

Computer Name: HEREK
Event Code: 7035
Message: Un contrôle Démarrer a correctement été envoyé au service NLA (Network Location Awareness).

Record Number: 17930
Source Name: Service Control Manager
Time Written: 20090217203532.000000+060
Event Type: information
User: AUTORITE NT\SYSTEM

Computer Name: HEREK
Event Code: 7035
Message: Un contrôle Démarrer a correctement été envoyé au service Service COM de gravage de CD IMAPI.

Record Number: 17929
Source Name: Service Control Manager
Time Written: 20090217203532.000000+060
Event Type: information
User: AUTORITE NT\SYSTEM

Application event log

Computer Name: HEREK
Event Code: 0
Message:
Record Number: 574
Source Name: CLCapSvc
Time Written: 20080607123058.000000+120
Event Type: information
User:

Computer Name: HEREK
Event Code: 4096
Message: Le service AntiVir a bien démarré!

Record Number: 573
Source Name: Avira AntiVir
Time Written: 20080607123039.000000+120
Event Type: information
User: AUTORITE NT\SYSTEM

Computer Name: HEREK
Event Code: 4096
Message: Le service AntiVir a bien démarré!

Record Number: 572
Source Name: Avira AntiVir
Time Written: 20080607045454.000000+120
Event Type: information
User: AUTORITE NT\SYSTEM

Computer Name: HEREK
Event Code: 4097
Message: Le service AntiVir a été arrêté!

Record Number: 571
Source Name: Avira AntiVir
Time Written: 20080607045446.000000+120
Event Type: information
User: AUTORITE NT\SYSTEM

Computer Name: HEREK
Event Code: 101
Message: msnmsgr (980) Le moteur de base de données est arrêté.

Record Number: 570
Source Name: ESENT
Time Written: 20080607040841.000000+120
Event Type: information
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%systemroot%\system32;%systemroot%;%systemroot%\system32\wbem;C:\PROGRA~1\FICHIE~1\SONICS~1;C:\Program Files\Fichiers communs\Ulead Systems\MPEG
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=15
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 44 Stepping 2, AuthenticAMD
"PROCESSOR_REVISION"=2c02
"NUMBER_OF_PROCESSORS"=1
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP

-----------------EOF-----------------

Je te ferai une procédure demain soir.

Bonne nuit.

Ok merci bonne nuit

Bonsoir,

1) Supprime ta version de ComboFix.

Rends-toi dans le menu Démarrer >> Exécuter. Copie/colle la commande ci-dessous dans la boite de dialogue :


2) Désactive les logiciels de protection (Antivirus, Antispywares) puis :


3) Télécharge Combofix de sUBs : combofix.exe
et sauvegarde le sur ton bureau et pas ailleurs!

3) Crée un nouveau document texte : clic droit de souris sur le bureau > Nouveau > Document Texte, et copie dedans les lignes suivantes :

- Fait un glisser/déposer de ce fichier CFScript sur le fichier ComboFix.exe comme sur la capture



- Une fenêtre bleue va apparaître. Tape 1 si nécessaire.
- Patiente le temps du scan. Le bureau va disparaître à plusieurs reprises: c'est normal!
Ne touche à rien tant que le scan n'est pas terminé.
- Une fois le scan achevé, un rapport va s'afficher: poste son contenu, en précisant où en sont tes soucis.

- Si le fichier ne s'ouvre pas, il se trouve ici > C:\ComboFix.txt


4) Fais une mise à jour manuelle de AntiVir. Tutorial.

- Fais un scan complet de ton système.
- Poste le rapport de scan dans ta prochaine réponse.


Comment se comporte le système ?


Cordialement.

Bonsoir,

voici le rapport combofix. Je suis en train de scanner le pc avec antivir. Je posterai le rapport quand il aura finit.

ComboFix 09-03-04.01 - Gokhan 06/03/09 21:19:04.4 - NTFSx86
Running from: D:\Documents and Settings\Gokhan\Bureau\ComboFix.exe
Command switches used :: D:\Documents and Settings\Gokhan\Bureau\CFScript.txt

FILE ::
C:\Via4in1.sys
C:\WINDOWS\System32\CF11394.exe
.

Bonsoir,

Le rapport n'est pas entier. Reposte-le.


Cordialement.

C'est tous. Il n'y a que ça dans le fichier que j'ai trouvé ici C:\ComboFix\ComboFix.txt . Sinon le pc a redémarré. Est-ce normal?

Le rapport devrait se trouver ici > C:\ComboFix.txt

Non, il n'y a pas de fichier texte nommé Combofix dans C. Il y a un dossier Combofix et c'est dans ce dossier que j'ai trouvé le document texte Combofix.

Dans ce cas, poursuis avec le scan Antivir.

voici le rapport antivir




Avira AntiVir Personal
Date de création du fichier de rapport : 2009-03-06 21:31

La recherche porte sur 1288153 souches de virus.

Détenteur de la licence :Avira AntiVir PersonalEdition Classic
Numéro de série : 0000149996-ADJIE-0001
Plateforme : Windows XP
Version de Windows :(Service Pack 2) [5.1.2600]
Mode Boot : Démarré normalement
Identifiant : SYSTEM
Nom de l'ordinateur :HEREK

Informations de version :
BUILD.DAT : 8.2.0.52 16931 Bytes 02/12/08 14:55:00
AVSCAN.EXE : 8.1.4.10 315649 Bytes 18/11/08 08:21:00
AVSCAN.DLL : 8.1.4.1 49921 Bytes 21/07/08 13:44:27
LUKE.DLL : 8.1.4.5 164097 Bytes 12/06/08 12:44:16
LUKERES.DLL : 8.1.4.0 13057 Bytes 04/07/08 07:30:27
ANTIVIR0.VDF : 7.1.0.0 15603712 Bytes 27/10/08 11:29:38
ANTIVIR1.VDF : 7.1.2.12 3336192 Bytes 11/02/09 19:32:40
ANTIVIR2.VDF : 7.1.2.105 513536 Bytes 03/03/09 06:40:24
ANTIVIR3.VDF : 7.1.2.134 157696 Bytes 06/03/09 15:53:50
Version du moteur: 8.2.0.105
AEVDF.DLL : 8.1.1.0 106868 Bytes 30/01/09 15:56:18
AESCRIPT.DLL : 8.1.1.57 356729 Bytes 05/03/09 17:22:54
AESCN.DLL : 8.1.1.8 127346 Bytes 05/03/09 17:22:54
AERDL.DLL : 8.1.1.3 438645 Bytes 05/11/08 07:43:26
AEPACK.DLL : 8.1.3.10 397686 Bytes 04/03/09 16:43:28
AEOFFICE.DLL : 8.1.0.36 196987 Bytes 26/02/09 19:56:12
AEHEUR.DLL : 8.1.0.104 1634679 Bytes 05/03/09 17:22:54
AEHELP.DLL : 8.1.2.2 119158 Bytes 26/02/09 19:56:12
AEGEN.DLL : 8.1.1.25 336243 Bytes 05/03/09 17:22:54
AEEMU.DLL : 8.1.0.9 393588 Bytes 15/10/08 10:49:36
AECORE.DLL : 8.1.6.6 176501 Bytes 17/02/09 16:00:12
AEBB.DLL : 8.1.0.3 53618 Bytes 15/10/08 10:49:34
AVWINLL.DLL : 1.0.0.12 15105 Bytes 09/07/08 08:40:02
AVPREF.DLL : 8.0.2.0 38657 Bytes 16/05/08 09:27:58
AVREP.DLL : 8.0.0.2 98344 Bytes 31/07/08 12:02:15
AVREG.DLL : 8.0.0.1 33537 Bytes 09/05/08 11:26:37
AVARKT.DLL : 1.0.0.23 307457 Bytes 12/02/08 08:29:19
AVEVTLOG.DLL : 8.0.0.16 119041 Bytes 12/06/08 12:27:46
SQLITE3.DLL : 3.3.17.1 339968 Bytes 22/01/08 17:28:02
SMTPLIB.DLL : 1.2.0.23 28929 Bytes 12/06/08 12:49:36
NETNT.DLL : 8.0.0.1 7937 Bytes 25/01/08 12:05:07
RCIMAGE.DLL : 8.0.0.51 2371841 Bytes 04/07/08 07:23:16
RCTEXT.DLL : 8.0.52.1 86273 Bytes 17/07/08 10:08:43

Configuration pour la recherche actuelle :
Nom de la tâche..................: Contrôle intégral du système
Fichier de configuration.........: C:\Program Files\Avira\AntiVir PersonalEdition Classic\sysscan.avp
Documentation....................: bas
Action principale................: interactif
Action secondaire................: ignorer
Recherche sur les secteurs d'amorçage maître: marche
Recherche sur les secteurs d'amorçage: marche
Secteurs d'amorçage..............: C:, D:,
Recherche dans les programmes actifs: marche
Recherche en cours sur l'enregistrement: marche
Recherche de Rootkits............: arrêt
Fichier mode de recherche........: Sélection de fichiers intelligente
Recherche sur les archives.......: marche
Limiter la profondeur de récursivité: 20
Archive Smart Extensions.........: marche
Heuristique de macrovirus........: marche
Heuristique fichier..............: moyen

Début de la recherche : 2009-03-06 21:31

La recherche sur les processus démarrés commence :
Processus de recherche 'avscan.exe' - '1' module(s) sont contrôlés
Processus de recherche 'avguard.exe' - '1' module(s) sont contrôlés
Processus de recherche 'avcenter.exe' - '1' module(s) sont contrôlés
Processus de recherche 'alg.exe' - '1' module(s) sont contrôlés
Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés
Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés
Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés
Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés
Processus de recherche 'sched.exe' - '1' module(s) sont contrôlés
Processus de recherche 'explorer.exe' - '1' module(s) sont contrôlés
Processus de recherche 'spoolsv.exe' - '1' module(s) sont contrôlés
Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés
Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés
Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés
Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés
Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés
Processus de recherche 'lsass.exe' - '1' module(s) sont contrôlés
Processus de recherche 'services.exe' - '1' module(s) sont contrôlés
Processus de recherche 'winlogon.exe' - '1' module(s) sont contrôlés
Processus de recherche 'csrss.exe' - '1' module(s) sont contrôlés
Processus de recherche 'smss.exe' - '1' module(s) sont contrôlés
'21' processus ont été contrôlés avec '21' modules

La recherche sur les secteurs d'amorçage maître commence :
Secteur d'amorçage maître HD0
[INFO] Aucun virus trouvé !

La recherche sur les secteurs d'amorçage commence :
Secteur d'amorçage 'C:\'
[INFO] Aucun virus trouvé !
Secteur d'amorçage 'D:\'
[INFO] Aucun virus trouvé !

La recherche sur les renvois aux fichiers exécutables (registre) commence.
Le registre a été contrôlé ( '47' fichiers).


La recherche sur les fichiers sélectionnés commence :

Recherche débutant dans 'C:\' <HDD>
C:\hiberfil.sys
[AVERTISSEMENT] Impossible d'ouvrir le fichier !
C:\pagefile.sys
[AVERTISSEMENT] Impossible d'ouvrir le fichier !
C:\Qoobox\Quarantine\D\Documents and Settings\Invité.HEREK\Local Settings\Application Data\eywgy.exe.vir
[RESULTAT] Contient le cheval de Troie TR/Dropper.Gen
[REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '4a288c53.qua' !
Recherche débutant dans 'D:\' <DATA>
D:\Documents and Settings\Administrateur\Bureau\Nouveau dossier\office 2003\Office 2003\L2561404.CAB
[0] Type d'archive: CAB (Microsoft)
--> OUTLFLTR.DLL
[AVERTISSEMENT] Aucun autre fichier n'a pu être décompressé de cette archive. L'archive est refermée.
D:\Documents and Settings\Administrateur\Bureau\Nouveau dossier\office 2003\Office 2003\M4561403.CAB
[0] Type d'archive: CAB (Microsoft)
--> VBLR6.CHM_1036
[AVERTISSEMENT] Aucun autre fichier n'a pu être décompressé de cette archive. L'archive est refermée.
D:\Documents and Settings\Administrateur\Bureau\Nouveau dossier\office 2003\Office 2003\prf102.tmp
[0] Type d'archive: CAB (Microsoft)
--> FD00096_.WMF
[AVERTISSEMENT] Aucun autre fichier n'a pu être décompressé de cette archive. L'archive est refermée.
D:\Documents and Settings\Administrateur\Bureau\Nouveau dossier\office 2003\Office 2003\prf151.tmp
[0] Type d'archive: CAB (Microsoft)
--> HTML.XLA
[AVERTISSEMENT] Aucun autre fichier n'a pu être décompressé de cette archive. L'archive est refermée.
D:\Documents and Settings\Administrateur\Bureau\Nouveau dossier\office 2003\Office 2003\prf152.tmp
[0] Type d'archive: CAB (Microsoft)
--> EXCEL.PIP
[AVERTISSEMENT] Aucun autre fichier n'a pu être décompressé de cette archive. L'archive est refermée.
D:\Documents and Settings\Administrateur\Bureau\Nouveau dossier\office 2003\Office 2003\FILES\ACCRT\prf14E.tmp
[0] Type d'archive: CAB (Microsoft)
--> MSAEXP30.DLL
[AVERTISSEMENT] Aucun autre fichier n'a pu être décompressé de cette archive. L'archive est refermée.
D:\Documents and Settings\Administrateur\Bureau\Nouveau dossier\office 2003\Office 2003\MSDE2000\prf10A.tmp
[0] Type d'archive: CAB SFX (self extracting)
--> \MSDE\Msi\InstMsiW.exe
[AVERTISSEMENT] Aucun autre fichier n'a pu être décompressé de cette archive. L'archive est refermée.
D:\Documents and Settings\ege\Bureau\music\album\rap\Suprême.NTM.-.Suprême.NTM.-.Album.Complet.-.Hip.Hop.Rap.-.certifier.ok.par.Love-MP3.fr.st.ace
[0] Type d'archive: ACE
--> Supreme NTM - Suprﾈme NTM - 224 kbps\02 - Back Dans Les Bacs.mp3
[AVERTISSEMENT] Aucun autre fichier n'a pu être décompressé de cette archive. L'archive est refermée.
D:\Documents and Settings\gok\Bureau\MUSIC\The Reggae History - Reggae Music CD2 (The Past) - Jimmy Cliff,Johnny Clarke,Sugar Minott,Don Carlos,Alpha Blondy,Marcia Griffiths....- by SuX.ace
[0] Type d'archive: ACE
--> 5. One Draw (Rita Marley).mp3
[AVERTISSEMENT] Aucun autre fichier n'a pu être décompressé de cette archive. L'archive est refermée.


Fin de la recherche : 2009-03-06 23:00
Temps nécessaire: 1:28:38 Heure(s)

La recherche a été effectuée intégralement

11430 Les répertoires ont été contrôlés
810777 Des fichiers ont été contrôlés
1 Des virus ou programmes indésirables ont été trouvés
0 Des fichiers ont été classés comme suspects
0 Des fichiers ont été supprimés
0 Des virus ou programmes indésirables ont été réparés
1 Les fichiers ont été déplacés dans la quarantaine
0 Les fichiers ont été renommés
2 Impossible de contrôler des fichiers
810774 Fichiers non infectés
10812 Les archives ont été contrôlées
11 Avertissements
1 Consignes

Bonsoir,

Le scan n'a rien révélé de particulier.

Essaie de recommencer la procédure avec Combofix.

Crée un nouveau document texte : clic droit de souris sur le bureau > Nouveau > Document Texte, et copie dedans les lignes suivantes :

- Fait un glisser/déposer de ce fichier CFScript sur le fichier ComboFix.exe comme sur la capture



- Une fenêtre bleue va apparaître. Tape 1 si nécessaire.
- Patiente le temps du scan. Le bureau va disparaître à plusieurs reprises: c'est normal!
Ne touche à rien tant que le scan n'est pas terminé.
- Une fois le scan achevé, un rapport va s'afficher: poste son contenu, en précisant où en sont tes soucis.

- Si le fichier ne s'ouvre pas, il se trouve ici > C:\ComboFix.txt


Comment se comporte le système ?


Cordialement.

ComboFix 09-03-04.01 - Gokhan 06/03/09 23:19:16.5 - NTFSx86
Running from: D:\Documents and Settings\Gokhan\Bureau\ComboFix.exe
Command switches used :: D:\Documents and Settings\Gokhan\Bureau\CFScript.txt

FILE ::
C:\Via4in1.sys
C:\WINDOWS\System32\CF11394.exe
.

Il n'y a que ça dans le document texte C:\ComboFix\ComboFix.txt. Il n'y a toujours rien dans C. Sinon lorsque je fait un glisser/déposer du fichier CFScript, ComboFix s'ouvre et me demande si je suis d'accord et veux continuer ; je dis oui puis il se lance. Ensuite le message suivant apparait "Erreur SCript : Echec lors du chargement des paramètres <accès refusé> " puis le scan commence. Arrivé à la fin (stage 50) le pc redémarre. Est-ce normal ?

Bonsoir,

Le redémarrage est normal.


Voila la raison de l'absence de rapport normal.

Avais-tu bien désactivé tous tes logiciels de sécurité ?


A demain.

oui j'ai désactivé antivir et le pare feu windows. A part ça il n'y a pas d'autres logiciels de sécurité sauf si ils sont cachés.

Bonne nuit, à demain.

Bonsoir,

Désactive tous tes logiciels de sécurité durant la procédure.

1) Télécharge OTMoveIt3 de OldTimer :

- Enregistre-le sur ton bureau
- Double-clique sur OTMoveIt3.exe pour le lancer (l'extension peut ne pas apparaître)
- Assure toi que la case "Unregistrer DLL's and Ocx's" soit cochée.
- Copie-colle l'entièreté de ceci ci dessous dans la partie "Paste Instructions for Items to be Moved" (en-dessous de la barre jaune) :

- Ferme tous tes programmes et clique sur le bouton rouge Moveit! pour lancer le nettoyage
- Copie-colle dans ta prochaine réponse tout ce qui se trouve dans la fenêtre Results (en vert à droite)
--> Un rapport sera généré dans le dossier C:\ _OTMoveIt\MovedFiles avec la date et l'heure du passage de l'outil (mmddyyyy_hhmmss.log)
- Ferme OTMoveIt3 (en cliquant sur Exit)

Note : Si un fichier ou un dossier ne sait être supprimé directement, l'outil peut demander un redémarrage pour terminer le processus. Clique alors sur "Yes" pour accepter...


Comment se comporte le système ?


Cordialement.

Bonjour,

voici le rapport

========== PROCESSES ==========
Process explorer.exe killed successfully.
========== SERVICES/DRIVERS ==========
Unable to stop service Profos .
Unable to stop service Trufos .
Unable to stop service Via4in1 .
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce\\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce\\GrpConv not found.
========== FILES ==========
File/Folder C:\WINDOWS\System32\CF11394.exe not found.
File/Folder C:\Via4in1.sys not found.
File/Folder C:\Program Files\Fichiers communs\BitDefender not found.
File/Folder C:\Program Files\GV Meilleur-Casino not found.
File/Folder D:\Documents and Settings\Invité.HEREK\Local Settings\TempImages not found.
File/Folder D:\Documents and Settings\Invité.HEREK\Application Data\Antivirus not found.
========== COMMANDS ==========
Explorer started successfully

OTMoveIt3 by OldTimer - Version 1.0.8.0 log created on 03072009_143531

Bonjour,

Analyse ton système avec le Kaspersky Online Scanner. Tutorial.
Poste le résultat de l'analyse ici.


Cordialement.

Je n'arrive pas à scanner le pc avec kaspersky car internet ne marche pas, ni firefox. J'ai un autre soucis : je n'arrive pas à changer la langue du pc. C'est en anglais.

Bonjour,

Pour la langue de Windows, c'est normal. Il s'agit d'une version anglaise de XP.

1) Crée un nouveau document texte : clic droit de souris sur le bureau > Nouveau > Document Texte, et copie dedans les lignes suivantes :
Dans le menu du bloc notes, clic sur "Fichier" >> Enregistrer sous.
Choisis le bureau comme lieu d'enregistrement, puis dans:

Type -> choisis "tous les fichiers"
Nom du fichier -> tape look.bat
Clic sur enregistrer.

Sur ton bureau tu auras maintenant un fichier nommé look.bat.


2) Double clic sur le fichier look.bat.

- Une fenêtre noire va s'ouvrir.
- Le bloc note va s'ouvrir après un temps plus ou moins long. Ne referme pas la fenêtre noire avant l'affichage du bloc-notes.


3) Copie et colle ici le contenu du bloc-notes.


Cordialement.

Configuration IP de Windows



Nom de l'hôte . . . . . . . . . . : Herek

Suffixe DNS principal . . . . . . :

Type de nœud . . . . . . . . . . : Inconnu

Routage IP activé . . . . . . . . : Non

Proxy WINS activé . . . . . . . . : Non



Carte Ethernet Connexion au réseau local:



Statut du média . . . . . . . . . : Média déconnecté

Description . . . . . . . . . . . : Realtek RTL8139/810x Family Fast Ethernet NIC

Adresse physique . . . . . . . . .: 00-16-E6-18-76-F8

Bonjour,

Le problème n'est pas viral.

Je te conseille d'exposer ton problème dans le sous-forum Windows & logiciels.

Suppression des outils

1) Télécharge ToolsCleaner2 de A.Rothstein et enregistre-le sur ton bureau.


2) Double-clique sur ToolsCleaner2.exe pour lancer l'outil.

- Clique sur le bouton Recherche.
- Une fois la recherche terminée, clique sur le bouton Suppression.

- Copie/colle le rapport et poste-le dans ta prochaine réponse.

Tu peux ensuite supprimer ToolsCleaner.


Cordialement.

ok je vai créer un nouveau sujet. Voici le rapport


[ Rapport ToolsCleaner version 2.3.2 (par A.Rothstein & dj QUIOU) ]

-->- Recherche:

D:\_OtMoveIt: trouvé !
D:\Documents and Settings\Gokhan\Bureau\ComboFix.exe: trouvé !
D:\Documents and Settings\Gokhan\Bureau\HJTInstall.exe: trouvé !
D:\Documents and Settings\Gokhan\Bureau\OTMoveIt3.exe: trouvé !
D:\Documents and Settings\Gokhan\Bureau\Rsit.exe: trouvé !
D:\Documents and Settings\Gokhan\Bureau\OTViewIt.txt: trouvé !
D:\Documents and Settings\Gokhan\Bureau\OTViewIt.exe: trouvé !

---------------------------------
-->- Suppression:

D:\Documents and Settings\Gokhan\Bureau\ComboFix.exe: ERREUR DE SUPPRESSION !!
D:\Documents and Settings\Gokhan\Bureau\HJTInstall.exe: supprimé !
D:\Documents and Settings\Gokhan\Bureau\OTMoveIt3.exe: supprimé !
D:\Documents and Settings\Gokhan\Bureau\Rsit.exe: supprimé !
D:\Documents and Settings\Gokhan\Bureau\OTViewIt.txt: supprimé !
D:\Documents and Settings\Gokhan\Bureau\OTViewIt.exe: supprimé !
D:\_OtMoveIt: supprimé !

Merci pour ton aide Curson a+

Bonsoir,

Désinstalle ComboFix : Rends-toi dans le menu Démarrer >> Exécuter. Copie/colle la commande ci-dessous dans la boite de dialogue :


Quelques conseils de sécurité


Je te conseille également la lecture de ce document.

Si tu désires mieux connaître le domaine de la sécurité informatique, je ne peux que t'encourager à visiter le site de Malekal_Morte.


Cordialement.

Salut, moi aussi j'ai le même problème sur mon desktop. J'ai su que c'était un malware parce que j'arrive à me connecter avec mon laptop. Je ne sais pas si c'est ton cas mais c'est seulement internet qui est bloqué, c'est à dire que mon client BitTorrent continue à télécharger. Est ce que c'est ton cas aussi ?

salut moi c'est un peu la même chose, sauf qu'en plus ça me bloque l'ouverture de loiciel en plus de me bloquer internet, j'ai fait une analyse hijacktis et voici le rapport :

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:28:09, on 05/09/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18294)
Boot mode: Normal

Running processes:
c:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Dell\DellDock\DellDock.exe
C:\Windows\system32\conime.exe
C:\Program Files\IDT\WDM\sttray.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\System32\WLTRAY.EXE
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\Dell DataSafe Online\DataSafeOnline.exe
C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe
C:\Program Files\Dell Support Center\bin\sprtcmd.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\WindowsMobile\wmdSync.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Electronic Arts\EADM\Core.exe
C:\Users\julien\AppData\Local\trxvda.exe
C:\Program Files\Free Download Manager\fdm.exe
C:\Program Files\Software Informer\softinfo.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Users\julien\AppData\Roaming\Microsoft\Notification de cadeaux MSN\lsnfier.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Users\julien\AppData\Local\Temp\Temp1_hijackthis.zip\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.uk.msn.com/USCON/7
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.imesh.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.uk.msn.com/USCON/7
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: MediaBar - {0974BA1E-64EC-11DE-B2A5-E43756D89593} - C:\Program Files\BearShareTb\BearShareDx.dll (file missing)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: McAfee Phishing Filter - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\PROGRA~1\mcafee\msk\mskapbho.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\PROGRA~1\mcafee\VIRUSS~1\scriptsn.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: MediaBar - {ABB49B3B-AB7D-4ED0-9135-93FD5AA4F69F} - C:\Program Files\iMeshMediabarTb\iMeshMediaBarDx.dll (file missing)
O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: MediaBar - {0974BA1E-64EC-11DE-B2A5-E43756D89593} - C:\Program Files\BearShareTb\BearShareDx.dll (file missing)
O3 - Toolbar: MediaBar - {ABB49B3B-AB7D-4ED0-9135-93FD5AA4F69F} - C:\Program Files\iMeshMediabarTb\iMeshMediaBarDx.dll (file missing)
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe
O4 - HKLM\..\Run: [SysTrayApp] %ProgramFiles%\IDT\WDM\sttray.exe
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] C:\Windows\system32\WLTRAY.exe
O4 - HKLM\..\Run: [QuickSet] C:\Program Files\Dell\QuickSet\QuickSet.exe
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "c:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Dell DataSafe Online] "C:\Program Files\Dell DataSafe Online\DataSafeOnline.exe" /m
O4 - HKLM\..\Run: [PDVDDXSrv] "C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe"
O4 - HKLM\..\Run: [mcagent_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
O4 - HKLM\..\Run: [dellsupportcenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P dellsupportcenter
O4 - HKLM\..\Run: [LifeCam] "C:\Program Files\Microsoft LifeCam\LifeExp.exe"
O4 - HKLM\..\Run: [Windows Mobile-based device management] %windir%\WindowsMobile\wmdSync.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Google Update] "C:\Users\julien\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [EA Core] "C:\Program Files\Electronic Arts\EADM\Core.exe" -silent
O4 - HKCU\..\Run: [trxvda] "c:\users\julien\appdata\local\trxvda.exe" trxvda
O4 - HKCU\..\Run: [Free Download Manager] "C:\Program Files\Free Download Manager\fdm.exe" -autorun
O4 - HKCU\..\Run: [Software Informer] "C:\Program Files\Software Informer\softinfo.exe" -autorun
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - .DEFAULT User Startup: Dell Dock First Run.lnk = C:\Program Files\Dell\DellDock\DellDock.exe (User 'Default user')
O4 - Startup: Dell Dock.lnk = C:\Program Files\Dell\DellDock\DellDock.exe
O4 - Startup: Notification de cadeaux MSN.lnk = C:\Users\julien\AppData\Roaming\Microsoft\Notification de cadeaux MSN\lsnfier.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Tout télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm
O8 - Extra context menu item: Télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm
O8 - Extra context menu item: Télécharger la sélection avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Télécharger la vidéo avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlfvideo.htm
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O20 - Winlogon Notify: GoToAssist - C:\Program Files\Citrix\GoToAssist\514\G2AWinLogon.dll
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_f6ef8056\aestsrv.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Dock Login Service (DockLoginService) - Stardock Corporation - C:\Program Files\Dell\DellDock\DockLogin.exe
O23 - Service: GoToAssist - Citrix Online, a division of Citrix Systems, Inc. - C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - C:\PROGRA~1\COMMON~1\McAfee\McProxy\McProxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\McAfee\MSK\MskSrver.exe
O23 - Service: SupportSoft Sprocket Service (DellSupportCenter) (sprtsvc_DellSupportCenter) - SupportSoft, Inc. - C:\Program Files\Dell Support Center\bin\sprtsvc.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\Windows\System32\WLTRYSVC.EXE

--
End of file - 10568 bytes

pouvez vous m'aidez s'il vous plait, merci.