Rapport de scan en ligne

[Thanos]

salut

le lien que tu ma donner n'est pas bon j'arrive sur orange page introuvable !

Ceci est dû au fait que tous les noms de domaines pour ceux qui ont crée un site perso chez Orange ont changé.

Tu peux faire le nettoyage comme ceci >

 

Démarre WinPFind3U en double cliquant sur WinPFind3U.exe et copie/colle le texte ci dessous (ne copie pas le mot CODE) dans le Panneau Paste fix here , puis clique sur le bouton Run Fix.

[Files/Folders - Created Within 60 days]
NY -> fixwareout -> %SystemDrive%\fixwareout
NY -> iun6002.exe -> %SystemRoot%\iun6002.exe
NY -> dumphive.exe -> %System32%\dumphive.exe
NY -> SrchSTS.exe -> %System32%\SrchSTS.exe
NY -> swreg.exe -> %System32%\swreg.exe
NY -> swsc.exe -> %System32%\swsc.exe
NY -> swxcacls.exe -> %System32%\swxcacls.exe
NY -> VCCLSID.exe -> %System32%\VCCLSID.exe
NY -> Amee..[JAM-HOT.com].wmv.torrent -> %UserDocuments%\Amee..[JAM-HOT.com].wmv.torrent
NY -> DiagHelp.zip -> %UserDocuments%\DiagHelp.zip
NY -> Fixwareout.exe -> %UserDocuments%\Fixwareout.exe
NY -> Masha..[JAM-HOT.com].avi.torrent -> %UserDocuments%\Masha..[JAM-HOT.com].avi.torrent
NY -> Shoot_Em_Up_French_Ts_Xvid_Vcdfrv_-_{{{-_www.Meganova.org_-}}}.torrent -> %UserDocuments%\Shoot_Em_Up_French_Ts_Xvid_Vcdfrv_-_{{{-_www.Meganova.org_-}}}.torrent
[.www.torsky.org.]Asian.&.Black.Interracial.Creampie.torrent
NY -> [.www.torsky.org.]Asian.&.Black.Interracial.Creampie.torrent -> %UserDocuments%\[.www.torsky.org.]Asian.&.Black.Interracial.Creampie.torrent
NY -> DiagHelp -> %UserDesktop%\DiagHelp
[File String Scan - Non-Microsoft Only]
NY -> abetterinternet.com , web-nex , ad-w-a-r-e.com , -> %SystemDrive%\rapport.txt
[ Extra Files ]
c:\Documents and Settings\DEHFOS\Mes documents\Fixwareout.exe
c:\Documents and Settings\DEHFOS\Bureau\DiagHelp
c:\Documents and Settings\DEHFOS\Bureau\ToolsCleaner2.exe
c:\diff.exe
c:\grep.exe
c:\ToolsCleaner2

Le Fix va se faire rapidement: il se peut qu'il te soit demandé de redémarrer ton pc : accepte en cliquant sur Yes

Elimine ensuite les fichiers WinPFind3U.exe et le dossier du même nom sur ton bureau.

Est ce que tu as installé un programme avant de constater ces ralentissements ?

 

@+

Modifié le 24 septembre 2007 par charles ingals

[zegut]

J'ai bien installé des programmes , j'ai envie de dire comme tout le monde , ce je peux te dire c'est que j'ai les 2 processus explorer.exe et iexplore.exe qui me prennent une quantité énorme de mémoire au point que dès que j'allume le pc maintenant il fais un bruit énorme mais ça depuis un moment on dirai le ventilateur ! une fois que le bureau est affiché ça va a peu près mais c'est vraiment entre le démarrage et l'apparition du bureau que le tps est super long ,j'ai également dans mes logiciel une console de récupération appelé Phoenix Core Managed Environement

et trés souvent celle-ci apparait au demarrage , je doit cliquer dessus pour refaire démarrer le pc et parfois lorsque je clique pour avoir ensuite la session windows j'ai l'écran noir figer et je suis obliger de couper l'alimentation et redemarrer ,j'espère être clair. Merci de m'aider dans mes galères.

Le log obtenuWinPFind3 logfile created on: 25/09/2007 16:32:46

WinPFind3U by OldTimer - Version 1.0.42 Folder = C:\Documents and Settings\DEHFOS\Bureau\WinPFind3u\

Microsoft Windows XP Service Pack 2 (Version = 5.1.2600)

Internet Explorer (Version = 7.0.5730.11)

 

191,48 Mb Total Physical Memory | 55,43 Mb Available Physical Memory | 28,95% Memory free

463,76 Mb Paging File | 230,74 Mb Available in Paging File | 49,75% Paging File free

Paging file location(s): C:\pagefile.sys 0 0;

 

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files

Drive C: | 65,92 Gb Total Space | 58,08 Gb Free Space | 88,11% Space Free

D: Drive not present or media not loaded

E: Drive not present or media not loaded

F: Drive not present or media not loaded

 

Computer Name: VOTRE-324AA4A56

Current User Name: DEHFOS

Logged in as Administrator.

Current Boot Mode: Normal

 

 

[Processes - Non-Microsoft Only]

avgnt.exe -> %ProgramFiles%\AntiVir PersonalEdition Classic\avgnt.exe -> Avira GmbH [Ver = 7.02.00.13 | Size = 249896 bytes | Modified Date = 11/09/2007 20:10:32 | Attr = ]

avguard.exe -> %ProgramFiles%\AntiVir PersonalEdition Classic\avguard.exe -> Avira GmbH [Ver = 7.00.00.81 | Size = 214056 bytes | Modified Date = 24/09/2007 19:47:42 | Attr = ]

hpwuschd2.exe -> %ProgramFiles%\HP\HP Software Update\HPWuSchd2.exe -> Hewlett-Packard Development Company, L.P. [Ver = 70.0.170.000 | Size = 49152 bytes | Modified Date = 19/02/2006 02:41:10 | Attr = ]

jusched.exe -> %ProgramFiles%\Java\jre1.6.0_02\bin\jusched.exe -> Sun Microsystems, Inc. [Ver = 6.0.20.6 | Size = 132496 bytes | Modified Date = 12/07/2007 04:00:36 | Attr = ]

sched.exe -> %ProgramFiles%\AntiVir PersonalEdition Classic\sched.exe -> Avira GmbH [Ver = 7.00.00.62 | Size = 63016 bytes | Modified Date = 11/09/2007 20:10:32 | Attr = ]

winpfind3u.exe -> %UserDesktop%\WinPFind3u\WinPFind3U.exe -> OldTimer Tools [Ver = 1.0.42.0 | Size = 322560 bytes | Modified Date = 04/09/2007 10:47:26 | Attr = ]

 

[Win32 Services - Non-Microsoft Only]

(AntiVirScheduler) AntiVir PersonalEdition Classic Scheduler [Win32_Own | Auto | Running] -> %ProgramFiles%\AntiVir PersonalEdition Classic\sched.exe -> Avira GmbH [Ver = 7.00.00.62 | Size = 63016 bytes | Modified Date = 11/09/2007 20:10:32 | Attr = ]

(AntiVirService) AntiVir PersonalEdition Classic Guard [Win32_Own | Auto | Running] -> %ProgramFiles%\AntiVir PersonalEdition Classic\avguard.exe -> Avira GmbH [Ver = 7.00.00.81 | Size = 214056 bytes | Modified Date = 24/09/2007 19:47:42 | Attr = ]

(dmadmin) Service d'administration du Gestionnaire de disque logique [Win32_Shared | On_Demand | Stopped] -> %System32%\dmadmin.exe -> Microsoft Corp., Veritas Software [Ver = 2600.2180.503.0 | Size = 225280 bytes | Modified Date = 19/08/2004 16:09:52 | Attr = ]

(IDriverT) InstallDriver Table Manager [Win32_Own | Disabled | Stopped] -> %CommonProgramFiles%\InstallShield\Driver\1050\Intel 32\IDriverT.exe -> Macrovision Corporation [Ver = 10.50.125 | Size = 73728 bytes | Modified Date = 22/10/2004 04:24:18 | Attr = ]

(PhnxVCDService) Phoenix VCD Service [Win32_Own | Disabled | Stopped] -> %System32%\PhnxCDSvr.exe -> Phoenix Technologies Ltd. [Ver = 2.1.1.13 | Size = 49152 bytes | Modified Date = 21/07/2005 01:17:30 | Attr = R ]

(Pml Driver HPZ12) Pml Driver HPZ12 [Win32_Own | Unknown | Stopped] -> -> File not found

(WMConnectCDS) Service Windows Media Connect [Win32_Own | Disabled | Stopped] -> %ProgramFiles%\Windows Media Connect 2\wmccds.exe -> File not found

 

[Registry - Non-Microsoft Only]

< Run [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ->

AAWTray -> %ProgramFiles%\Lavasoft\Ad-Aware 2007\AAWTray.exe -> File not found

avgnt -> %ProgramFiles%\AntiVir PersonalEdition Classic\avgnt.exe -> Avira GmbH [Ver = 7.02.00.13 | Size = 249896 bytes | Modified Date = 11/09/2007 20:10:32 | Attr = ]

HP Software Update -> %ProgramFiles%\HP\HP Software Update\HPWuSchd2.exe -> Hewlett-Packard Development Company, L.P. [Ver = 70.0.170.000 | Size = 49152 bytes | Modified Date = 19/02/2006 02:41:10 | Attr = ]

SunJavaUpdateSched -> %ProgramFiles%\Java\jre1.6.0_02\bin\jusched.exe -> Sun Microsystems, Inc. [Ver = 6.0.20.6 | Size = 132496 bytes | Modified Date = 12/07/2007 04:00:36 | Attr = ]

< OptionalComponents [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\ ->

IMAIL -> Installed = 1 ->

MAPI -> Installed = 1 ->

MSFS -> Installed = 1 ->

< Run [HKCU] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ->

ccleaner -> %ProgramFiles%\CCleaner\ccleaner.exe -> Piriform Ltd [Ver = 1.41.0544 | Size = 598656 bytes | Modified Date = 13/07/2007 11:10:18 | Attr = ]

< AppInit_DLLs [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_DLLs ->

< SecurityProviders [HKLM] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\\SecurityProviders ->

< Winlogon settings [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon ->

< Winlogon settings [HKCU] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon ->

< CurrentVersion Policy Settings [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ ->

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> ->

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\ -> ->

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoCDBurning -> 0 ->

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\ -> ->

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{BDEADF00-C265-11D0-BCED-00A0C90AB50F} -> 1 ->

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{6DFD7C5C-2451-11d3-A299-00C04F8EF6AF} -> 1073741857 ->

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{0DF44EAA-FF21-4412-828E-260A8728E7F1} -> 32 ->

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\ -> ->

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\dontdisplaylastusername -> 0 ->

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\legalnoticecaption -> ->

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\legalnoticetext -> ->

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\shutdownwithoutlogon -> 1 ->

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\undockwithoutlogon -> 1 ->

< CurrentVersion Policy Settings [HKCU] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ ->

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> ->

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\ -> ->

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun -> 145 ->

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\ -> ->

< HOSTS File > (23 bytes) -> C:\WINDOWS\System32\drivers\etc\Hosts ->

127.0.0.1 localhost -> ->

< Internet Explorer Settings > -> ->

HKLM: Default_Page_URL -> http://www.microsoft.com/isapi/redir.dll?p...&ar=msnhome ->

HKLM: Main\\Default_Search_URL -> http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch ->

HKLM: Local Page -> C:\windows\system32\blank.htm ->

HKLM: Search Page -> http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch ->

HKLM: Start Page -> http://www.microsoft.com/isapi/redir.dll?p...ER}&ar=home ->

HKLM: CustomizeSearch -> http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm ->

HKLM: Search\\Default_Search_URL -> http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch ->

HKLM: SearchAssistant -> http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm ->

HKCU: Default_Search_URL -> http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch ->

HKCU: Local Page -> C:\windows\system32\blank.htm ->

HKCU: Search Page -> http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch ->

HKCU: Start Page -> http://www.neufportail.fr/ ->

HKCU: ProxyEnable -> 0 ->

< Trusted Sites > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->

msn.com [ - ] -> ->

< BHO's > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ ->

{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} [HKLM] -> %ProgramFiles%\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [Adobe PDF Reader Link Helper] -> Adobe Systems Incorporated [Ver = 7.0.9.2006121800 | Size = 59032 bytes | Modified Date = 18/12/2006 04:16:42 | Attr = ]

{53707962-6F74-2D53-2644-206D7942484F} [HKLM] -> %ProgramFiles%\Spybot - Search & Destroy\SDHelper.dll [] -> Safer Networking Limited [Ver = 1, 4, 0, 0 | Size = 853672 bytes | Modified Date = 31/05/2005 01:04:00 | Attr = ]

{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} [HKLM] -> %ProgramFiles%\Java\jre1.6.0_02\bin\ssv.dll [sSVHelper Class] -> Sun Microsystems, Inc. [Ver = 6.0.20.6 | Size = 501136 bytes | Modified Date = 12/07/2007 04:00:36 | Attr = ]

< Internet Explorer ToolBars [HKCU] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\ ->

ShellBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} [HKLM] -> Reg Data - Key not found [Reg Data - Key not found] -> File not found

WebBrowser\\{965B54B0-71E0-4611-8DE7-F73FA0B20E26} [HKLM] -> Reg Data - Key not found [Reg Data - Key not found] -> File not found

WebBrowser\\{EF99BD32-C1FB-11D2-892F-0090271D4F88} [HKLM] -> Reg Data - Key not found [Yahoo! Toolbar avec bloqueur de fenêtres pop-up] -> File not found

< Internet Explorer Extensions [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\ ->

{08B0E5C0-4FCB-11CF-AAA5-00401C608501} [HKLM] -> %ProgramFiles%\Java\jre1.6.0_02\bin\npjpi160_02.dll [MenuText: Console Java (Sun)] -> Sun Microsystems, Inc. [Ver = 6.0.20.6 | Size = 132496 bytes | Modified Date = 12/07/2007 04:00:36 | Attr = ]

{08B0E5C0-4FCB-11CF-AAA5-00401C608501} [HKCU] -> %ProgramFiles%\Java\jre1.6.0_02\bin\ssv.dll [MenuText: Console Java (Sun)] -> Sun Microsystems, Inc. [Ver = 6.0.20.6 | Size = 501136 bytes | Modified Date = 12/07/2007 04:00:36 | Attr = ]

{85d1f590-48f4-11d9-9669-0800200c9a66} [HKLM] -> Reg Data - Key not found [MenuText: Uninstall BitDefender Online Scanner v8] -> File not found

< Internet Explorer Menu Extensions [HKCU] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\ ->

Add to Windows &Live Favorites -> http:\favorites.live.com\quickadd.asp -> File not found

< DNS Name Servers [HKLM] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\ ->

{88317C58-0B89-4AEE-ACA6-ED4AD09D4599} -> (VIA Rhine II Fast Ethernet Adapter) ->

< Protocol Handlers [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ ->

ipp -> Reg Data - Key not found -> File not found

msdaipp -> Reg Data - Key not found -> File not found

< Downloaded Program Files > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\ ->

{17492023-C23A-453E-A040-C7C580BBF700} -> Windows Genuine Advantage Validation Tool - CodeBase = http://go.microsoft.com/fwlink/?linkid=39204 ->

{512FC5A1-7DE1-43F1-BC0C-371622FCB409} -> TotalScan Installer Class - CodeBase = http://www.nanoscan.com/as/v1/cabs/ascstubie.cab ->

{6414512B-B978-451D-A0D8-FCFDF33E833C} -> WUWebControl Class - CodeBase = http://www.update.microsoft.com/windowsupd...b?1190487864765 ->

{8436FE12-31DB-48BF-83BF-FE682F9160B4} -> NanoInstaller Class - CodeBase = http://www.nanoscan.com/cabs/nanoinst.cab ->

{8AD9C840-044E-11D1-B3E9-00805F499D93} -> Java Plug-in 1.6.0_02 - CodeBase = http://javadl-esd.sun.com/update/1.6.0/jin...ows-i586-jc.cab ->

{D27CDB6E-AE6D-11CF-96B8-444553540000} -> - CodeBase = http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab ->

 

 

[Registry - Additional Scans - Non-Microsoft Only]

< ActiveX StubPath [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\ ->

{2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} -> ->

{22d6f312-b0f6-11d0-94ab-0080c74c7e95} -> ->

{2C7339CF-2B09-4501-B3F3-F3508C9228ED} -> %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll ->

{44BBA840-CC51-11CF-AAFA-00AA00B6015C} -> "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install ->

{44BBA842-CC51-11CF-AAFA-00AA00B6015B} -> rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Remove.PerUser.NT ->

{5945c046-1e7d-11d1-bc44-00c04fd912be} -> rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser ->

{6BF52A52-394A-11d3-B153-00C04F79FAA6} -> rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp10.inf,PerUserStub ->

{7790769C-0471-11d2-AF11-00C04FA35D02} -> "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install ->

{89820200-ECBD-11cf-8B85-00AA005B4340} -> regsvr32.exe /s /n /i:U shell32.dll ->

{89820200-ECBD-11cf-8B85-00AA005B4383} -> C:\WINDOWS\system32\ie4uinit.exe -BaseSettings ->

{89B4C1CD-B018-4511-B0A1-5476DBF70820} -> C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install ->

<{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} -> C:\WINDOWS\system32\ieudinit.exe ->

>{22d6f312-b0f6-11d0-94ab-0080c74c7e95} -> C:\WINDOWS\inf\unregmp2.exe /ShowWMP ->

>{26923b43-4d38-484f-9b9e-de460746276c} -> C:\WINDOWS\system32\ie4uinit.exe -UserIconConfig ->

>{60B49E34-C7CC-11D0-8953-00A0C90347FF} -> RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP ->

>{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS -> RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP ->

>{881dd1c5-3dcf-431b-b061-f3f88e8be88a} -> %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE ->

< File Associations - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>\ ->

.bat [@ = batfile] -> PersistentHandler = {5e941d80-bf96-11cd-b579-08002b30bfeb} ->

.chm [@ = chm.file] -> PersistentHandler = Reg Data - Key not found ->

.cmd [@ = cmdfile] -> PersistentHandler = {5e941d80-bf96-11cd-b579-08002b30bfeb} ->

.com [@ = comfile] -> PersistentHandler = {098f2470-bae0-11cd-b579-08002b30bfeb} ->

.cpl [@ = cplfile] -> PersistentHandler = {098f2470-bae0-11cd-b579-08002b30bfeb} ->

.exe [@ = exefile] -> PersistentHandler = {098f2470-bae0-11cd-b579-08002b30bfeb} ->

.hlp [@ = hlpfile] -> PersistentHandler = Reg Data - Key not found ->

.hta [@ = htafile] -> PersistentHandler = Reg Data - Key not found ->

.html [@ = FirefoxHTML] -> PersistentHandler = {eec97550-47a9-11cf-b952-00aa0051fe20} ->

.inf [@ = inffile] -> PersistentHandler = {5e941d80-bf96-11cd-b579-08002b30bfeb} ->

.ini [@ = inifile] -> PersistentHandler = {5e941d80-bf96-11cd-b579-08002b30bfeb} ->

.url [@ = InternetShortcut] -> PersistentHandler = {5e941d80-bf96-11cd-b579-08002b30bfeb} ->

.js [@ = JSFile] -> PersistentHandler = {5e941d80-bf96-11cd-b579-08002b30bfeb} ->

.jse [@ = JSEFile] -> PersistentHandler = Reg Data - Key not found ->

.pif [@ = piffile] -> PersistentHandler = Reg Data - Key not found ->

.reg [@ = regfile] -> PersistentHandler = {5e941d80-bf96-11cd-b579-08002b30bfeb} ->

.scr [@ = scrfile] -> PersistentHandler = Reg Data - Key not found ->

.txt [@ = txtfile] -> PersistentHandler = {5e941d80-bf96-11cd-b579-08002b30bfeb} ->

.vbe [@ = VBEFile] -> PersistentHandler = Reg Data - Key not found ->

.vbs [@ = VBSFile] -> PersistentHandler = {5e941d80-bf96-11cd-b579-08002b30bfeb} ->

.wsf [@ = WSFFile] -> PersistentHandler = Reg Data - Key not found ->

.wsh [@ = WSHFile] -> PersistentHandler = Reg Data - Key not found ->

< Security Settings > -> ->

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\ -> ->

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\\FirstRunDisabled -> 1 ->

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\\AntiVirusDisableNotify -> 0 ->

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\\FirewallDisableNotify -> 0 ->

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\\UpdatesDisableNotify -> 0 ->

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\\AntiVirusOverride -> 1 ->

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\\FirewallOverride -> 0 ->

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ -> ->

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus\ -> ->

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus\ -> ->

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus\ -> ->

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus\ -> ->

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall\ -> ->

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus\ -> ->

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall\ -> ->

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus\ -> ->

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus\ -> ->

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall\ -> ->

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall\ -> ->

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus\ -> ->

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall\ -> ->

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall\ -> ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\ -> ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\\Type -> 32 ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\\Start -> 2 ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\\ErrorControl -> 1 ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\\ImagePath -> %SystemRoot%\system32\svchost.exe -k netsvcs ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\\DisplayName -> Service de transfert intelligent en arrière-plan ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\\DependOnService -> RpcSs; ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\\DependOnGroup -> ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\\ObjectName -> LocalSystem ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\\Description -> Transfère des données entre les clients et les serveurs en tâche de fond. Si le service BITS est désactivé, les fonctionnalités telles que Windows Update ne fonctionneront pas correctement. ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\\FailureActions ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\Parameters\ -> ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\Parameters\\ServiceDll -> C:\WINDOWS\system32\qmgr.dll ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\Security\ -> ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\Security\\Security ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\Enum\ -> ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\Enum\ -> Root\LEGACY_BITS00 ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\Enum\\Count -> 1 ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\Enum\\NextInstance -> 1 ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\ -> ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\DependOnGroup -> ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\DependOnService -> Netman;WinMgmt; ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\Description -> Assure la traduction d'adresses de réseau, l'adressage, les services de résolution de noms et/ou les services de prévention d'intrusion pour un réseau de petite entreprise ou un réseau domestique. ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\DisplayName -> Pare-feu Windows / Partage de connexion Internet ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\ErrorControl -> 1 ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\ImagePath -> %SystemRoot%\system32\svchost.exe -k netsvcs ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\ObjectName -> LocalSystem ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\Start -> 2 ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\Type -> 32 ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Epoch\ -> ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Epoch\\Epoch -> 1372 ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\ -> ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\\ServiceDll -> %SystemRoot%\System32\ipnathlp.dll ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\ -> ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\ -> ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\ -> ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List\ -> ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List\\%windir%\system32\sessmgr.exe -> %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List\\%windir%\Network Diagnostic\xpnetdiag.exe -> %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\ -> ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List\ -> ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List\\1900:UDP -> 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007 ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List\\2869:TCP -> 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008 ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List\\10280:UDP -> 10280:UDP:LocalSubNet:Enabled:Windows Media Connect ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List\\10281:UDP -> 10281:UDP:LocalSubNet:Enabled:Windows Media Connect ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List\\10282:UDP -> 10282:UDP:LocalSubNet:Enabled:Windows Media Connect ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List\\10283:UDP -> 10283:UDP:LocalSubNet:Enabled:Windows Media Connect ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List\\10284:UDP -> 10284:UDP:LocalSubNet:Enabled:Windows Media Connect ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List\\10243:TCP -> 10243:TCP:LocalSubNet:Enabled:Windows Media Connect ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\ -> ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\\EnableFirewall -> 1 ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\\DoNotAllowExceptions -> 0 ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\\DisableNotifications -> 0 ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\ -> ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\ -> ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\WINDOWS\system32\sessmgr.exe -> C:\WINDOWS\system32\sessmgr.exe:*:Disabled:@xpsp2res.dll,-22019 ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\uTorrent\utorrent.exe -> C:\Program Files\uTorrent\utorrent.exe:*:Enabled:µTorrent ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\VideoLAN\VLC\vlc.exe -> C:\Program Files\VideoLAN\VLC\vlc.exe:*:Enabled:VLC media player ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe -> C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe -> C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe:*:Enabled:hpqscnvw.exe ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe -> C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\%windir%\Network Diagnostic\xpnetdiag.exe -> %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\ -> ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List\ -> ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List\\1900:UDP -> 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007 ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List\\2869:TCP -> 2869:TCP:*:Disabled:@xpsp2res.dll,-22008 ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List\\10280:UDP -> 10280:UDP:LocalSubNet:Enabled:Windows Media Connect ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List\\10281:UDP -> 10281:UDP:LocalSubNet:Enabled:Windows Media Connect ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List\\10282:UDP -> 10282:UDP:LocalSubNet:Enabled:Windows Media Connect ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List\\10283:UDP -> 10283:UDP:LocalSubNet:Enabled:Windows Media Connect ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List\\10284:UDP -> 10284:UDP:LocalSubNet:Enabled:Windows Media Connect ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List\\10243:TCP -> 10243:TCP:LocalSubNet:Enabled:Windows Media Connect ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Setup\ -> ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Setup\\ServiceUpgrade -> 1 ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Setup\InterfacesUnfirewalledAtUpdate\ -> ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Setup\InterfacesUnfirewalledAtUpdate\\All -> 1 ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Enum\ -> ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Enum\ -> Root\LEGACY_SHAREDACCESS00 ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Enum\\Count -> 1 ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Enum\\NextInstance -> 1 ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\ -> ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\\Type -> 32 ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\\Start -> 2 ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\\ErrorControl -> 1 ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\\ImagePath -> %systemroot%\system32\svchost.exe -k netsvcs ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\\DisplayName -> Mises à jour automatiques ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\\ObjectName -> LocalSystem ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\\Description -> Active le téléchargement et l'installation des mises à jour Windows. Si ce service est désactivé, cet ordinateur ne pourra pas utiliser la fonctionnalité des mises à jour automatiques ou le site Windows Update. ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\Parameters\ -> ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\Parameters\\ServiceDll -> C:\WINDOWS\system32\wuauserv.dll ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\Security\ -> ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\Security\\Security ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\Enum\ -> ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\Enum\ -> Root\LEGACY_WUAUSERV00 ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\Enum\\Count -> 1 ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\Enum\\NextInstance -> 1 ->

< Uninstall List > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ ->

{0F9196C6-58B4-445B-B56E-B1200FECC151} -> Microsoft Bootvis ->

{20D4A895-748C-4D88-871C-FDB1695B0169} -> Platform ->

{20F0F67B-CB0F-4C85-B6F2-133D9CB70614} -> Samsung PC Studio ->

{2376813B-2E5A-4641-B7B3-A0D5ADB55229} -> HPPhotoSmartExpress ->

{3248F0A8-6813-11D6-A77B-00B0D0160020} -> Java 6 Update 2 ->

{350C940c-3D7C-4EE8-BAA9-00BCB3D54227} -> WebFldrs XP ->

{4EA684E9-5C81-4033-A696-3019EC57AC3A} -> HPProductAssistant ->

{63569CE9-FA00-469C-AF5C-E5D4D93ACF91} -> Windows Genuine Advantage v1.3.0254.0 ->

{7131646D-CD3C-40F4-97B9-CD9E4E6262EF} -> Microsoft .NET Framework 2.0 ->

{90840409-6000-11D3-8CFE-0150048383C9} -> Microsoft Office Excel Viewer 2003 ->

{9085040C-6000-11D3-8CFE-0150048383C9} -> Microsoft Office Word Viewer 2003 ->

{9541FED0-327F-4DF0-8B96-EF57EF622F19} -> Sonic RecordNow! Plus ->

{97C82B44-D408-4F14-9252-47FC1636D23E}_is1 -> IZArc 3.81 ->

{9B365D9D-C47D-458D-A46F-491A4B33EEAB} -> Phoenix Core Managed Environment (cME) ->

{AC76BA86-7AD7-1036-7B44-A70900000002} -> Adobe Reader 7.0.9 - Français ->

{BB406CEB-6207-4512-9BB2-89950DC9D6B6}_is1 -> ConvertXtoDVD 2.2.0.251 ->

{BB85ED9C-AFC9-43BD-B8DC-258C3C7DF72E} -> HP Software Update ->

{BDBE2F3E-42DB-4d4a-8CB1-19BA765DBC6C} -> HP Photosmart, Officejet and Deskjet 7.0.A ->

{C151CE54-E7EA-4804-854B-F515368B0798} -> Athlon 64 Processor Driver ->

{C4A4722E-79F9-417C-BD72-8D359A090C97} -> Samsung PC Studio ->

{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} -> Microsoft .NET Framework 1.1 ->

{D5ED6AD5-7A70-47EB-BF38-3A8BCDECA713} -> OTB ->

{DBC20735-34E6-4E97-A9E5-2066B66B243D} -> TrayApp ->

{EB21A812-671B-4D08-B974-2A347F0D8F70} -> HP Photosmart Essential ->

{F157460F-720E-482f-8625-AD7843891E5F} -> InstantShareDevicesMFC ->

AntiVir PersonalEdition Classic -> Avira AntiVir PersonalEdition Classic ->

CCleaner -> CCleaner (remove only) ->

HijackThis -> HijackThis 2.0.0 ->

HP Imaging Device Functions -> HP Imaging Device Functions 7.0 ->

HP Solution Center & Imaging Support Tools -> HP Solution Center 7.0 ->

HPExtendedCapabilities -> HP Customer Participation Program 7.0 ->

IDNMitigationAPIs -> Microsoft Internationalized Domain Names Mitigation APIs ->

ie7 -> Windows Internet Explorer 7 ->

InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169} -> VIA Platform Device Manager ->

InstallShield_{9B365D9D-C47D-458D-A46F-491A4B33EEAB} -> Phoenix Core Managed Environment (cME) ->

KB928365.T1_1ToU569_1 -> Security Update pour Microsoft .NET Framework 2.0 (KB928365) ->

KB937143-IE7 -> Mise à jour de sécurité pour Windows Internet Explorer 7 (KB937143) ->

KB938127-IE7 -> Mise à jour de sécurité pour Windows Internet Explorer 7 (KB938127) ->

M928366 -> Microsoft .NET Framework 1.1 Hotfix (KB928366) ->

Microsoft .NET Framework 1.1 (1033) -> Microsoft .NET Framework 1.1 ->

Microsoft .NET Framework 2.0 -> Microsoft .NET Framework 2.0 ->

NanoScan -> Panda NanoScan ->

NLSDownlevelMapping -> Microsoft National Language Support Downlevel APIs ->

S3 -> UniChrome Pro IGP Display Driver and Utilities ->

SAMSUNG CDMA Modem -> SAMSUNG CDMA Modem Driver Set ->

Samsung Mobile phone USB driver -> Samsung Mobile phone USB driver Software ->

SAMSUNG Mobile USB Modem -> SAMSUNG Mobile USB Modem Software ->

SAMSUNG Mobile USB Modem 1.0 -> SAMSUNG Mobile USB Modem 1.0 Software ->

ShockwaveFlash -> Adobe Flash Player 9 ActiveX ->

TotalScan -> Panda TotalScan ->

uTorrent -> µTorrent ->

VIA Vinyl Audio Codecs Driver Setup Program -> VIA Vinyl Audio Codecs Driver Setup Program ->

VLC media player -> VideoLAN VLC media player 0.8.5 ->

VTDisplay -> S3 S3Display ->

VTGamma2 -> S3 S3Gamma2 ->

VTInfo2 -> S3 S3Info2 ->

VTOverlay -> S3 S3Overlay ->

VTTrayPlus -> S3 S3TrayPlus ->

WGA -> Windows Genuine Advantage Validation Tool (KB892130) ->

WgaNotify -> Windows Genuine Advantage Notifications (KB905474) ->

Windows Media Format Runtime -> Windows Media Format Runtime ->

Windows Media Player -> Lecteur Windows Media 10 ->

Xvid_is1 -> Xvid 1.1.2 final uninstall ->

 

[Files/Folders - Created Within 60 days]

31.2.5144 -> %SystemDrive%\31.2.5144 -> [Folder | Created Date = 18/09/2007 18:29:25 | Attr = ]

install.dat -> %SystemDrive%\install.dat -> [Ver = | Size = 164 bytes | Created Date = 18/09/2007 20:00:38 | Attr = ]

mes documents -> %SystemDrive%\mes documents -> [Folder | Created Date = 01/08/2007 14:32:34 | Attr = ]

RECYCLER -> %SystemDrive%\RECYCLER -> [Folder | Created Date = 23/09/2007 22:57:28 | Attr = HS]

ToolsCleaner2 -> %SystemDrive%\ToolsCleaner2 -> [Folder | Created Date = 23/09/2007 22:07:03 | Attr = ]

$NtServicePackUninstallIDNMitigationAPIs$ -> %SystemRoot%\$NtServicePackUninstallIDNMitigationAPIs$ -> [Folder | Created Date = 07/09/2007 18:32:22 | Attr = H ]

$NtServicePackUninstallNLSDownlevelMapping$ -> %SystemRoot%\$NtServicePackUninstallNLSDownlevelMapping$ -> [Folder | Created Date = 07/09/2007 18:31:57 | Attr = H ]

AU_Temp -> %SystemRoot%\AU_Temp -> [Folder | Created Date = 14/09/2007 18:01:06 | Attr = ]

fllib.dll -> %SystemRoot%\fllib.dll -> [Ver = | Size = 20 bytes | Created Date = 16/09/2007 14:14:37 | Attr = ]

hpoins11.dat -> %SystemRoot%\hpoins11.dat -> [Ver = | Size = 129249 bytes | Created Date = 05/08/2007 15:19:54 | Attr = ]

hpoins11.dat.temp -> %SystemRoot%\hpoins11.dat.temp -> [Ver = | Size = 129223 bytes | Created Date = 05/08/2007 15:08:37 | Attr = ]

hpomdl11.dat.temp -> %SystemRoot%\hpomdl11.dat.temp -> [Ver = | Size = 11634 bytes | Created Date = 05/08/2007 15:08:36 | Attr = ]

ie7 -> %SystemRoot%\ie7 -> [Folder | Created Date = 07/09/2007 18:32:47 | Attr = H ]

ie7updates -> %SystemRoot%\ie7updates -> [Folder | Created Date = 09/09/2007 00:45:48 | Attr = ]

iun6002.exe -> %SystemRoot%\iun6002.exe -> Indigo Rose Corporation [Ver = 6.0.1.4 | Size = 737280 bytes | Created Date = 16/09/2007 13:33:26 | Attr = ]

LPT$VPN.719 -> %SystemRoot%\LPT$VPN.719 -> [Ver = | Size = 37121453 bytes | Created Date = 14/09/2007 18:03:13 | Attr = ]

McAfee.com -> %SystemRoot%\McAfee.com -> [Folder | Created Date = 17/09/2007 22:54:19 | Attr = ]

network diagnostic -> %SystemRoot%\network diagnostic -> [Folder | Created Date = 07/09/2007 18:29:43 | Attr = ]

PATCH.EXE -> %SystemRoot%\PATCH.EXE -> Trend Micro Inc. [Ver = 1,81,0,1011 | Size = 286720 bytes | Created Date = 07/09/2007 18:00:14 | Attr = ]

PIF -> %SystemRoot%\PIF -> [Folder | Created Date = 02/08/2007 21:32:55 | Attr = H ]

VPTNFILE.719 -> %SystemRoot%\VPTNFILE.719 -> [Ver = | Size = 37121453 bytes | Created Date = 14/09/2007 18:01:52 | Attr = ]

WBEM -> %SystemRoot%\WBEM -> [Folder | Created Date = 07/09/2007 18:34:17 | Attr = ]

wininit.ini -> %SystemRoot%\wininit.ini -> [Ver = | Size = 94 bytes | Created Date = 03/09/2007 22:03:20 | Attr = ]

Spybot - Search & Destroy - Scheduled Task.job -> %SystemRoot%\tasks\Spybot - Search & Destroy - Scheduled Task.job -> [Ver = | Size = 242 bytes | Created Date = 19/09/2007 15:41:59 | Attr = ]

ActiveScan -> %System32%\ActiveScan -> [Folder | Created Date = 17/09/2007 21:53:29 | Attr = ]

dumphive.exe -> %System32%\dumphive.exe -> [Ver = | Size = 51200 bytes | Created Date = 19/09/2007 19:41:37 | Attr = ]

fr-fr -> %System32%\fr-fr -> [Folder | Created Date = 07/09/2007 18:34:16 | Attr = ]

inetsrv -> %System32%\inetsrv -> [Folder | Created Date = 20/09/2007 17:04:45 | Attr = ]

java.exe -> %System32%\java.exe -> Sun Microsystems, Inc. [Ver = 6.0.20.6 | Size = 135168 bytes | Created Date = 17/09/2007 22:09:02 | Attr = ]

javacpl.cpl -> %System32%\javacpl.cpl -> Sun Microsystems, Inc. [Ver = 6.0.20.6 | Size = 69632 bytes | Created Date = 17/09/2007 22:09:02 | Attr = ]

javaw.exe -> %System32%\javaw.exe -> Sun Microsystems, Inc. [Ver = 6.0.20.6 | Size = 135168 bytes | Created Date = 17/09/2007 22:09:02 | Attr = ]

javaws.exe -> %System32%\javaws.exe -> Sun Microsystems, Inc. [Ver = 6.0.20.6 | Size = 139264 bytes | Created Date = 17/09/2007 22:09:02 | Attr = ]

LogFiles -> %System32%\LogFiles -> [Folder | Created Date = 09/09/2007 22:20:17 | Attr = ]

NtmsData -> %System32%\NtmsData -> [Folder | Created Date = 24/09/2007 14:30:27 | Attr = ]

pavas.ico -> %System32%\pavas.ico -> [Ver = | Size = 30590 bytes | Created Date = 17/09/2007 21:53:32 | Attr = ]

Process.exe -> %System32%\Process.exe -> http://www.beyondlogic.org [Ver = 2, 0, 0, 0 | Size = 53248 bytes | Created Date = 19/09/2007 19:41:37 | Attr = ]

Samsung_USB_Drivers -> %System32%\Samsung_USB_Drivers -> [Folder | Created Date = 03/09/2007 18:10:51 | Attr = ]

SrchSTS.exe -> %System32%\SrchSTS.exe -> S!Ri [Ver = | Size = 288417 bytes | Created Date = 19/09/2007 19:41:37 | Attr = ]

swreg.exe -> %System32%\swreg.exe -> SteelWerX [Ver = 2.0.1.0 | Size = 135168 bytes | Created Date = 19/09/2007 19:41:37 | Attr = ]

swsc.exe -> %System32%\swsc.exe -> [Ver = | Size = 40960 bytes | Created Date = 19/09/2007 19:41:37 | Attr = ]

swxcacls.exe -> %System32%\swxcacls.exe -> SteelWerX [Ver = 1.0.1.1 | Size = 79360 bytes | Created Date = 19/09/2007 19:41:37 | Attr = ]

tmp.reg -> %System32%\tmp.reg -> [Ver = | Size = 2238 bytes | Created Date = 19/09/2007 19:43:11 | Attr = ]

VCCLSID.exe -> %System32%\VCCLSID.exe -> S!Ri [Ver = | Size = 289144 bytes | Created Date = 19/09/2007 19:41:37 | Attr = ]

avgntdd.sys -> %System32%\drivers\avgntdd.sys -> AVIRA GmbH [Ver = 6.38.00.01 | Size = 40000 bytes | Created Date = 11/09/2007 18:14:20 | Attr = ]

avgntmgr.sys -> %System32%\drivers\avgntmgr.sys -> AVIRA GmbH [Ver = 6.37.01.01 | Size = 14848 bytes | Created Date = 11/09/2007 18:14:20 | Attr = ]

avipbb.sys -> %System32%\drivers\avipbb.sys -> AVIRA GmbH [Ver = 1.00.02.11 | Size = 62016 bytes | Created Date = 11/09/2007 18:14:17 | Attr = ]

fidbox.dat -> %System32%\drivers\fidbox.dat -> [Ver = | Size = 66336 bytes | Created Date = 06/09/2007 11:31:04 | Attr = HS]

fidbox.idx -> %System32%\drivers\fidbox.idx -> [Ver = | Size = 1220 bytes | Created Date = 06/09/2007 11:31:04 | Attr = HS]

fidbox2.dat -> %System32%\drivers\fidbox2.dat -> [Ver = | Size = 1824 bytes | Created Date = 06/09/2007 11:31:04 | Attr = HS]

fidbox2.idx -> %System32%\drivers\fidbox2.idx -> [Ver = | Size = 1172 bytes | Created Date = 06/09/2007 11:31:04 | Attr = HS]

ssmdrv.sys -> %System32%\drivers\ssmdrv.sys -> Avira GmbH [Ver = 7.0.1.1 | Size = 28352 bytes | Created Date = 11/09/2007 18:14:19 | Attr = ]

ssm_bus.sys -> %System32%\drivers\ssm_bus.sys -> MCCI [Ver = V4.34 | Size = 58320 bytes | Created Date = 03/09/2007 18:11:08 | Attr = ]

ssm_cm.sys -> %System32%\drivers\ssm_cm.sys -> MCCI [Ver = V4.34 | Size = 6176 bytes | Created Date = 03/09/2007 18:11:08 | Attr = ]

ssm_cmnt.sys -> %System32%\drivers\ssm_cmnt.sys -> MCCI [Ver = V4.34 | Size = 6176 bytes | Created Date = 03/09/2007 18:11:08 | Attr = ]

ssm_mdfl.sys -> %System32%\drivers\ssm_mdfl.sys -> MCCI [Ver = V4.34 | Size = 8336 bytes | Created Date = 03/09/2007 18:11:08 | Attr = ]

ssm_mdm.sys -> %System32%\drivers\ssm_mdm.sys -> MCCI [Ver = V4.34 | Size = 94000 bytes | Created Date = 03/09/2007 18:11:08 | Attr = ]

ssm_wh.sys -> %System32%\drivers\ssm_wh.sys -> MCCI [Ver = V4.34 | Size = 5840 bytes | Created Date = 03/09/2007 18:11:08 | Attr = ]

ssm_whnt.sys -> %System32%\drivers\ssm_whnt.sys -> MCCI [Ver = V4.34 | Size = 5840 bytes | Created Date = 03/09/2007 18:11:08 | Attr = ]

StarOpen.sys -> %System32%\drivers\StarOpen.sys -> [Ver = | Size = 5632 bytes | Created Date = 03/09/2007 18:10:16 | Attr = ]

hosts.20070919-162720.backup -> %System32%\drivers\etc\hosts.20070919-162720.backup -> [Ver = | Size = 734 bytes | Created Date = 19/09/2007 15:27:20 | Attr = ]

AntiVir PersonalEdition Classic -> %AllUsersAppData%\AntiVir PersonalEdition Classic -> [Folder | Created Date = 11/09/2007 18:14:14 | Attr = ]

Grisoft -> %AllUsersAppData%\Grisoft -> [Folder | Created Date = 04/09/2007 22:07:31 | Attr = ]

Kaspersky Lab -> %AllUsersAppData%\Kaspersky Lab -> [Folder | Created Date = 17/09/2007 23:33:21 | Attr = ]

Kaspersky Lab Setup Files -> %AllUsersAppData%\Kaspersky Lab Setup Files -> [Folder | Created Date = 06/09/2007 11:24:13 | Attr = ]

LauncherAccess.dt -> %AllUsersAppData%\LauncherAccess.dt -> [Ver = | Size = 0 bytes | Created Date = 03/09/2007 18:30:00 | Attr = ]

Grisoft -> %UserAppData%\Grisoft -> [Folder | Created Date = 04/09/2007 22:08:18 | Attr = ]

Samsung -> %UserAppData%\Samsung -> [Folder | Created Date = 03/09/2007 18:31:52 | Attr = ]

Uniblue -> %UserAppData%\Uniblue -> [Folder | Created Date = 10/09/2007 18:54:44 | Attr = ]

vlc -> %UserAppData%\vlc -> [Folder | Created Date = 03/08/2007 18:44:39 | Attr = ]

{AC84089A-4614-4D65-9C7F-C70274C17586} -> %LocalAppData%\{AC84089A-4614-4D65-9C7F-C70274C17586} -> [Folder | Created Date = 05/09/2007 19:23:16 | Attr = ]

Nouveau dossier -> %AllUsersDocuments%\Nouveau dossier -> [Folder | Created Date = 08/09/2007 23:44:39 | Attr = ]

10000.jpg -> %UserDocuments%\10000.jpg -> [Ver = | Size = 43530 bytes | Created Date = 03/09/2007 19:26:49 | Attr = ]

ad-aware_ad-aware_2007_7.0.2.2_anglais_12797.exe -> %UserDocuments%\ad-aware_ad-aware_2007_7.0.2.2_anglais_12797.exe -> [Ver = | Size = 19142000 bytes | Created Date = 19/09/2007 14:44:29 | Attr = ]

@Alternate Data Stream - 26 bytes -> %UserDocuments%\ad-aware_ad-aware_2007_7.0.2.2_anglais_12797.exe:Zone.Identifier ->

Amee..[JAM-HOT.com].wmv.torrent -> %UserDocuments%\Amee..[JAM-HOT.com].wmv.torrent -> [Ver = | Size = 17139 bytes | Created Date = 21/09/2007 22:09:12 | Attr = ]

@Alternate Data Stream - 26 bytes -> %UserDocuments%\Amee..[JAM-HOT.com].wmv.torrent:Zone.Identifier ->

Babylon6_setup_eng_eng_oxford.exe -> %UserDocuments%\Babylon6_setup_eng_eng_oxford.exe -> [Ver = | Size = 13584608 bytes | Created Date = 19/09/2007 11:52:56 | Attr = ]

@Alternate Data Stream - 26 bytes -> %UserDocuments%\Babylon6_setup_eng_eng_oxford.exe:Zone.Identifier ->

cv conseiller insertion Pro.rtf -> %UserDocuments%\cv conseiller insertion Pro.rtf -> [Ver = | Size = 3102 bytes | Created Date = 20/09/2007 12:21:23 | Attr = ]

DSPP_CIP.doc -> %UserDocuments%\DSPP_CIP.doc -> [Ver = | Size = 144384 bytes | Created Date = 20/09/2007 18:23:56 | Attr = ]

@Alternate Data Stream - 26 bytes -> %UserDocuments%\DSPP_CIP.doc:Zone.Identifier ->

formations_crp.pdf -> %UserDocuments%\formations_crp.pdf -> [Ver = | Size = 179530 bytes | Created Date = 16/09/2007 18:08:39 | Attr = ]

funrecent.fmp -> %UserDocuments%\funrecent.fmp -> [Ver = | Size = 20 bytes | Created Date = 03/09/2007 18:43:29 | Attr = ]

HiJackThis_v2.exe -> %UserDocuments%\HiJackThis_v2.exe -> Trend Micro Inc. [Ver = 2.00 | Size = 1308216 bytes | Created Date = 21/09/2007 20:47:52 | Attr = ]

@Alternate Data Stream - 26 bytes -> %UserDocuments%\HiJackThis_v2.exe:Zone.Identifier ->

lettre conseil général.rtf -> %UserDocuments%\lettre conseil général.rtf -> [Ver = | Size = 1721 bytes | Created Date = 13/09/2007 17:09:35 | Attr = ]

Masha..[JAM-HOT.com].avi.torrent -> %UserDocuments%\Masha..[JAM-HOT.com].avi.torrent -> [Ver = | Size = 15239 bytes | Created Date = 21/09/2007 22:08:15 | Attr = ]

@Alternate Data Stream - 26 bytes -> %UserDocuments%\Masha..[JAM-HOT.com].avi.torrent:Zone.Identifier ->

MenuBorderTR.gif -> %UserDocuments%\MenuBorderTR.gif -> [Ver = | Size = 113 bytes | Created Date = 09/09/2007 13:42:11 | Attr = ]

My Art -> %UserDocuments%\My Art -> [Folder | Created Date = 25/09/2007 12:25:51 | Attr = ]

Samsung PC Studio -> %UserDocuments%\Samsung PC Studio -> [Folder | Created Date = 03/09/2007 18:08:44 | Attr = ]

Shoot_Em_Up_French_Ts_Xvid_Vcdfrv_-_{{{-_www.Meganova.org_-}}}.torrent -> %UserDocuments%\Shoot_Em_Up_French_Ts_Xvid_Vcdfrv_-_{{{-_www.Meganova.org_-}}}.torrent -> [Ver = | Size = 14333 bytes | Created Date = 22/09/2007 20:53:16 | Attr = ]

@Alternate Data Stream - 26 bytes -> %UserDocuments%\Shoot_Em_Up_French_Ts_Xvid_Vcdfrv_-_{{{-_www.Meganova.org_-}}}.torrent:Zone.Identifier ->

SP_A0163.jpg -> %UserDocuments%\SP_A0163.jpg -> [Ver = | Size = 17950 bytes | Created Date = 03/09/2007 19:34:37 | Attr = ]

SP_A0164.jpg -> %UserDocuments%\SP_A0164.jpg -> [Ver = | Size = 16338 bytes | Created Date = 03/09/2007 19:34:47 | Attr = ]

SP_A0166.jpg -> %UserDocuments%\SP_A0166.jpg -> [Ver = | Size = 17230 bytes | Created Date = 03/09/2007 19:31:21 | Attr = ]

supp-dll-mémoire.reg -> %UserDocuments%\supp-dll-mémoire.reg -> [Ver = | Size = 115 bytes | Created Date = 17/09/2007 16:53:02 | Attr = ]

Track 01.bin -> %UserDocuments%\Track 01.bin -> [Ver = | Size = 529849152 bytes | Created Date = 02/09/2007 14:26:45 | Attr = ]

tweak-xp-pro_tweak_xp_pro_4.0.8_multi-langues_10772.exe -> %UserDocuments%\tweak-xp-pro_tweak_xp_pro_4.0.8_multi-langues_10772.exe -> [Ver = 6.0.1.4 | Size = 6376978 bytes | Created Date = 16/09/2007 14:04:10 | Attr = ]

@Alternate Data Stream - 26 bytes -> %UserDocuments%\tweak-xp-pro_tweak_xp_pro_4.0.8_multi-langues_10772.exe:Zone.Identifier ->

txp4trial.exe -> %UserDocuments%\txp4trial.exe -> [Ver = 6.0.1.4 | Size = 6367757 bytes | Created Date = 16/09/2007 13:31:46 | Attr = ]

@Alternate Data Stream - 26 bytes -> %UserDocuments%\txp4trial.exe:Zone.Identifier ->

[.www.torsky.org.]Asian.&.Black.Interracial.Creampie.torrent -> %UserDocuments%\[.www.torsky.org.]Asian.&.Black.Interracial.Creampie.torrent -> [Ver = | Size = 15141 bytes | Created Date = 21/09/2007 22:08:47 | Attr = ]

@Alternate Data Stream - 26 bytes -> %UserDocuments%\[.www.torsky.org.]Asian.&.Black.Interracial.Creampie.torrent:Zone.Identifier ->

HP Photosmart Essential.lnk -> %AllUsersDesktop%\HP Photosmart Essential.lnk -> [Ver = | Size = 1887 bytes | Created Date = 17/09/2007 16:33:42 | Attr = ]

Multimedia manager.lnk -> %AllUsersDesktop%\Multimedia manager.lnk -> [Ver = | Size = 1805 bytes | Created Date = 03/09/2007 18:11:50 | Attr = ]

Multimedia player.lnk -> %AllUsersDesktop%\Multimedia player.lnk -> [Ver = | Size = 1828 bytes | Created Date = 03/09/2007 18:11:50 | Attr = ]

Samsung PC Studio 3.lnk -> %AllUsersDesktop%\Samsung PC Studio 3.lnk -> [Ver = | Size = 1765 bytes | Created Date = 03/09/2007 18:11:50 | Attr = ]

20070112093709031_Samsung_PC_Studio.exe -> %UserDesktop%\20070112093709031_Samsung_PC_Studio.exe -> [Ver = | Size = 57273968 bytes | Created Date = 03/09/2007 18:07:21 | Attr = ]

@Alternate Data Stream - 26 bytes -> %UserDesktop%\20070112093709031_Samsung_PC_Studio.exe:Zone.Identifier ->

antivir-personal-edition-7_antivir_personal_edition_classic_7_7.00.04.15_anglais_10821.exe -> %UserDesktop%\antivir-personal-edition-7_antivir_personal_edition_classic_7_7.00.04.15_anglais_10821.exe -> [Ver = | Size = 17180760 bytes | Created Date = 11/09/2007 18:13:13 | Attr = ]

@Alternate Data Stream - 26 bytes -> %UserDesktop%\antivir-personal-edition-7_antivir_personal_edition_classic_7_7.00.04.15_anglais_10821.exe:Zone.Identifier ->

ATF-Cleaner.exe -> %UserDesktop%\ATF-Cleaner.exe -> Atribune.org [Ver = 3.00.0002 | Size = 50688 bytes | Created Date = 21/09/2007 19:23:23 | Attr = ]

@Alternate Data Stream - 26 bytes -> %UserDesktop%\ATF-Cleaner.exe:Zone.Identifier ->

CCleaner.lnk -> %UserDesktop%\CCleaner.lnk -> [Ver = | Size = 1548 bytes | Created Date = 15/09/2007 11:59:58 | Attr = ]

ccleaner_ccleaner_1.41.544_francais_14492.exe -> %UserDesktop%\ccleaner_ccleaner_1.41.544_francais_14492.exe -> Piriform Ltd [Ver = 1.41.0.544 | Size = 2720456 bytes | Created Date = 15/09/2007 11:59:15 | Attr = ]

@Alternate Data Stream - 26 bytes -> %UserDesktop%\ccleaner_ccleaner_1.41.544_francais_14492.exe:Zone.Identifier ->

Diskeeper2007-Home.exe -> %UserDesktop%\Diskeeper2007-Home.exe -> Diskeeper Corporation [Ver = 11.0.709t | Size = 15087208 bytes | Created Date = 09/09/2007 18:34:53 | Attr = ]

@Alternate Data Stream - 26 bytes -> %UserDesktop%\Diskeeper2007-Home.exe:Zone.Identifier ->

inland.empire.fr.dvdrip.torrent -> %UserDesktop%\inland.empire.fr.dvdrip.torrent -> [Ver = | Size = 38264 bytes | Created Date = 01/09/2007 13:13:12 | Attr = ]

@Alternate Data Stream - 26 bytes -> %UserDesktop%\inland.empire.fr.dvdrip.torrent:Zone.Identifier ->

IZArc_Setup.exe -> %UserDesktop%\IZArc_Setup.exe -> IZSoftware [Ver = 3.81 Build 1550 | Size = 3723454 bytes | Created Date = 01/08/2007 14:16:39 | Attr = ]

@Alternate Data Stream - 26 bytes -> %UserDesktop%\IZArc_Setup.exe:Zone.Identifier ->

La Môme.torrent -> %UserDesktop%\La Môme.torrent -> [Ver = | Size = 14246 bytes | Created Date = 17/08/2007 14:40:30 | Attr = ]

@Alternate Data Stream - 26 bytes -> %UserDesktop%\La Môme.torrent:Zone.Identifier ->

Samsung_PC_Studio_311_FKB.exe -> %UserDesktop%\Samsung_PC_Studio_311_FKB.exe -> Macrovision Corporation [Ver = 10.50.132 | Size = 58032562 bytes | Created Date = 03/09/2007 18:07:55 | Attr = ]

WinPFind3u -> %UserDesktop%\WinPFind3u -> [Folder | Created Date = 25/09/2007 15:30:36 | Attr = ]

winpfind3u.exe -> %UserDesktop%\winpfind3u.exe -> [Ver = | Size = 356045 bytes | Created Date = 25/09/2007 15:29:32 | Attr = ]

@Alternate Data Stream - 26 bytes -> %UserDesktop%\winpfind3u.exe:Zone.Identifier ->

X86 -> %UserDesktop%\X86 -> [Folder | Created Date = 09/09/2007 18:35:15 | Attr = ]

µTorrent.lnk -> %UserDesktop%\µTorrent.lnk -> [Ver = | Size = 630 bytes | Created Date = 12/08/2007 16:07:41 | Attr = ]

HP -> %CommonProgramFiles%\HP -> [Folder | Created Date = 05/08/2007 15:27:48 | Attr = ]

 

[Files/Folders - Modified Within 60 days]

31.2.5144 -> %SystemDrive%\31.2.5144 -> [Folder | Modified Date = 18/09/2007 19:29:26 | Attr = ]

boot.ini -> %SystemDrive%\boot.ini -> [Ver = | Size = 216 bytes | Modified Date = 20/09/2007 18:12:26 | Attr = HS]

Documents and Settings -> %SystemDrive%\Documents and Settings -> [Folder | Modified Date = 19/09/2007 15:53:30 | Attr = ]

install.dat -> %SystemDrive%\install.dat -> [Ver = | Size = 164 bytes | Modified Date = 18/09/2007 21:00:42 | Attr = ]

mes documents -> %SystemDrive%\mes documents -> [Folder | Modified Date = 09/09/2007 00:56:20 | Attr = ]

Program Files -> %ProgramFiles% -> [Folder | Modified Date = 24/09/2007 20:39:36 | Attr = R ]

RECYCLER -> %SystemDrive%\RECYCLER -> [Folder | Modified Date = 23/09/2007 23:57:30 | Attr = HS]

System Volume Information -> %SystemDrive%\System Volume Information -> [Folder | Modified Date = 23/09/2007 23:46:14 | Attr = HS]

ToolsCleaner2 -> %SystemDrive%\ToolsCleaner2 -> [Folder | Modified Date = 23/09/2007 23:59:46 | Attr = ]

WINDOWS -> %SystemRoot% -> [Folder | Modified Date = 25/09/2007 16:06:32 | Attr = ]

$hf_mig$ -> %SystemRoot%\$hf_mig$ -> [Folder | Modified Date = 08/09/2007 22:33:40 | Attr = H ]

$NtServicePackUninstallIDNMitigationAPIs$ -> %SystemRoot%\$NtServicePackUninstallIDNMitigationAPIs$ -> [Folder | Modified Date = 07/09/2007 19:32:24 | Attr = H ]

$NtServicePackUninstallNLSDownlevelMapping$ -> %SystemRoot%\$NtServicePackUninstallNLSDownlevelMapping$ -> [Folder | Modified Date = 07/09/2007 19:31:58 | Attr = H ]

AppPatch -> %SystemRoot%\AppPatch -> [Folder | Modified Date = 07/08/2007 21:38:08 | Attr = ]

assembly -> %SystemRoot%\assembly -> [Folder | Modified Date = 16/09/2007 15:08:54 | Attr = R S]

AU_Backup -> %SystemRoot%\AU_Backup -> [Folder | Modified Date = 07/09/2007 19:04:46 | Attr = ]

AU_Temp -> %SystemRoot%\AU_Temp -> [Folder | Modified Date = 14/09/2007 19:02:08 | Attr = ]

bootstat.dat -> %SystemRoot%\bootstat.dat -> [Ver = | Size = 2048 bytes | Modified Date = 25/09/2007 16:05:04 | Attr = S]

BPMNT.dll -> %SystemRoot%\BPMNT.dll -> Trend Micro Inc. [Ver = 8.000-1001 | Size = 86094 bytes | Modified Date = 14/09/2007 19:02:04 | Attr = ]

Debug -> %SystemRoot%\Debug -> [Folder | Modified Date = 25/09/2007 16:06:32 | Attr = ]

Downloaded Installations -> %SystemRoot%\Downloaded Installations -> [Folder | Modified Date = 20/09/2007 17:06:16 | Attr = ]

Downloaded Program Files -> %SystemRoot%\Downloaded Program Files -> [Folder | Modified Date = 23/09/2007 20:54:32 | Attr = S]

fllib.dll -> %SystemRoot%\fllib.dll -> [Ver = | Size = 20 bytes | Modified Date = 16/09/2007 15:14:38 | Attr = ]

GetServer.ini -> %SystemRoot%\GetServer.ini -> [Ver = | Size = 170 bytes | Modified Date = 14/09/2007 19:01:08 | Attr = ]

hcextoutput.dll -> %SystemRoot%\hcextoutput.dll -> [Ver = | Size = 71749 bytes | Modified Date = 14/09/2007 19:02:06 | Attr = ]

Help -> %SystemRoot%\Help -> [Folder | Modified Date = 10/09/2007 20:13:00 | Attr = ]

hpoins11.dat -> %SystemRoot%\hpoins11.dat -> [Ver = | Size = 129249 bytes | Modified Date = 05/08/2007 16:32:24 | Attr = ]

ie7 -> %SystemRoot%\ie7 -> [Folder | Modified Date = 07/09/2007 19:33:54 | Attr = H ]

ie7updates -> %SystemRoot%\ie7updates -> [Folder | Modified Date = 09/09/2007 01:45:50 | Attr = ]

inf -> %SystemRoot%\inf -> [Folder | Modified Date = 24/09/2007 21:26:06 | Attr = H ]

Installer -> %SystemRoot%\Installer -> [Folder | Modified Date = 24/09/2007 21:26:10 | Attr = HS]

iun6002.exe -> %SystemRoot%\iun6002.exe -> Indigo Rose Corporation [Ver = 6.0.1.4 | Size = 737280 bytes | Modified Date = 16/09/2007 15:04:24 | Attr = ]

LPT$VPN.719 -> %SystemRoot%\LPT$VPN.719 -> [Ver = | Size = 37121453 bytes | Modified Date = 14/09/2007 19:02:04 | Attr = ]

McAfee.com -> %SystemRoot%\McAfee.com -> [Folder | Modified Date = 17/09/2007 23:54:20 | Attr = ]

Media -> %SystemRoot%\Media -> [Folder | Modified Date = 07/09/2007 19:34:10 | Attr = ]

Microsoft.NET -> %SystemRoot%\Microsoft.NET -> [Folder | Modified Date = 09/09/2007 19:52:24 | Attr = ]

msagent -> %SystemRoot%\msagent -> [Folder | Modified Date = 03/08/2007 14:20:52 | Attr = ]

network diagnostic -> %SystemRoot%\network diagnostic -> [Folder | Modified Date = 07/09/2007 19:29:44 | Attr = ]

PATCH.EXE -> %SystemRoot%\PATCH.EXE -> Trend Micro Inc. [Ver = 1,81,0,1011 | Size = 286720 bytes | Modified Date = 14/09/2007 19:00:36 | Attr = ]

PIF -> %SystemRoot%\PIF -> [Folder | Modified Date = 02/08/2007 22:32:56 | Attr = H ]

Prefetch -> %SystemRoot%\Prefetch -> [Folder | Modified Date = 25/09/2007 16:25:10 | Attr = ]

pss -> %SystemRoot%\pss -> [Folder | Modified Date = 09/09/2007 23:54:04 | Attr = ]

repair -> %SystemRoot%\repair -> [Folder | Modified Date = 03/08/2007 17:32:56 | Attr = ]

report -> %SystemRoot%\report -> [Folder | Modified Date = 14/09/2007 19:03:52 | Attr = ]

SoftwareDistribution -> %SystemRoot%\SoftwareDistribution -> [Folder | Modified Date = 07/08/2007 21:46:02 | Attr = ]

system -> %SystemRoot%\system -> [Folder | Modified Date = 03/08/2007 14:23:00 | Attr = ]

system.ini -> %SystemRoot%\system.ini -> [Ver = | Size = 237 bytes | Modified Date = 20/09/2007 18:12:26 | Attr = ]

system32 -> %System32% -> [Folder | Modified Date = 25/09/2007 16:14:36 | Attr = ]

Tasks -> %SystemRoot%\Tasks -> [Folder | Modified Date = 19/09/2007 16:42:00 | Attr = S]

Temp -> %SystemRoot%\Temp -> [Folder | Modified Date = 25/09/2007 16:18:16 | Attr = ]

TMUPDATE.DLL -> %SystemRoot%\TMUPDATE.DLL -> Trend Micro Inc. [Ver = 1,81,0,1011 | Size = 507904 bytes | Modified Date = 14/09/2007 19:00:38 | Attr = ]

tsc.exe -> %SystemRoot%\tsc.exe -> Trend Micro Inc. [Ver = 5.3.0.1103 | Size = 267845 bytes | Modified Date = 14/09/2007 19:02:08 | Attr = ]

tsc.ini -> %SystemRoot%\tsc.ini -> [Ver = | Size = 823 bytes | Modified Date = 14/09/2007 20:16:04 | Attr = ]

tsc.ptn -> %SystemRoot%\tsc.ptn -> [Ver = | Size = 1871245 bytes | Modified Date = 14/09/2007 19:02:08 | Attr = ]

twain_32 -> %SystemRoot%\twain_32 -> [Folder | Modified Date = 16/09/2007 15:31:56 | Attr = ]

UNZIP.DLL -> %SystemRoot%\UNZIP.DLL -> Trend Micro Inc. [Ver = 1.32.0.1000 | Size = 69689 bytes | Modified Date = 14/09/2007 19:00:36 | Attr = ]

VPTNFILE.719 -> %SystemRoot%\VPTNFILE.719 -> [Ver = | Size = 37121453 bytes | Modified Date = 14/09/2007 19:02:04 | Attr = ]

vsapi32.dll -> %SystemRoot%\vsapi32.dll -> Trend Micro Inc. [Ver = 8.500-1002 | Size = 1163344 bytes | Modified Date = 14/09/2007 19:02:06 | Attr = ]

WBEM -> %SystemRoot%\WBEM -> [Folder | Modified Date = 07/09/2007 19:34:18 | Attr = ]

win.ini -> %SystemRoot%\win.ini -> [Ver = | Size = 992 bytes | Modified Date = 20/09/2007 18:12:26 | Attr = ]

wininit.ini -> %SystemRoot%\wininit.ini -> [Ver = | Size = 94 bytes | Modified Date = 03/09/2007 23:03:22 | Attr = ]

WinSxS -> %SystemRoot%\WinSxS -> [Folder | Modified Date = 09/09/2007 19:12:16 | Attr = ]

SA.DAT -> %SystemRoot%\tasks\SA.DAT -> [Ver = | Size = 6 bytes | Modified Date = 25/09/2007 16:05:10 | Attr = H ]

Spybot - Search & Destroy - Scheduled Task.job -> %SystemRoot%\tasks\Spybot - Search & Destroy - Scheduled Task.job -> [Ver = | Size = 242 bytes | Modified Date = 19/09/2007 16:42:28 | Attr = ]

ActiveScan -> %System32%\ActiveScan -> [Folder | Modified Date = 20/09/2007 17:14:04 | Attr = ]

CatRoot -> %System32%\CatRoot -> [Folder | Modified Date = 07/09/2007 19:31:28 | Attr = ]

CatRoot2 -> %System32%\CatRoot2 -> [Folder | Modified Date = 24/09/2007 00:00:44 | Attr = ]

config -> %System32%\config -> [Folder | Modified Date = 07/09/2007 19:34:28 | Attr = ]

dllcache -> %System32%\dllcache -> [Folder | Modified Date = 24/09/2007 00:02:26 | Attr = RHS]

drivers -> %System32%\drivers -> [Folder | Modified Date = 24/09/2007 21:25:58 | Attr = ]

fr-fr -> %System32%\fr-fr -> [Folder | Modified Date = 09/09/2007 01:47:12 | Attr = ]

Help.ico -> %System32%\Help.ico -> [Ver = | Size = 1406 bytes | Modified Date = 17/09/2007 22:55:06 | Attr = ]

imon1.dat -> %System32%\imon1.dat -> [Ver = | Size = 184 bytes | Modified Date = 22/08/2007 22:36:46 | Attr = ]

inetsrv -> %System32%\inetsrv -> [Folder | Modified Date = 20/09/2007 18:04:46 | Attr = ]

LogFiles -> %System32%\LogFiles -> [Folder | Modified Date = 09/09/2007 23:20:20 | Attr = ]

Macromed -> %System32%\Macromed -> [Folder | Modified Date = 20/09/2007 17:17:02 | Attr = ]

mui -> %System32%\mui -> [Folder | Modified Date = 16/09/2007 15:08:46 | Attr = ]

NtmsData -> %System32%\NtmsData -> [Folder | Modified Date = 24/09/2007 15:31:06 | Attr = ]

pavas.ico -> %System32%\pavas.ico -> [Ver = | Size = 30590 bytes | Modified Date = 17/09/2007 22:55:06 | Attr = ]

perfc009.dat -> %System32%\perfc009.dat -> [Ver = | Size = 62344 bytes | Modified Date = 09/09/2007 19:13:36 | Attr = ]

perfc00C.dat -> %System32%\perfc00C.dat -> [Ver = | Size = 75266 bytes | Modified Date = 09/09/2007 19:13:36 | Attr = ]

perfh009.dat -> %System32%\perfh009.dat -> [Ver = | Size = 401064 bytes | Modified Date = 09/09/2007 19:13:36 | Attr = ]

perfh00C.dat -> %System32%\perfh00C.dat -> [Ver = | Size = 468072 bytes | Modified Date = 09/09/2007 19:13:36 | Attr = ]

PerfStringBackup.INI -> %System32%\PerfStringBackup.INI -> [Ver = | Size = 980254 bytes | Modified Date = 09/09/2007 19:13:36 | Attr = ]

Restore -> %System32%\Restore -> [Folder | Modified Date = 23/09/2007 23:46:14 | Attr = ]

Samsung_USB_Drivers -> %System32%\Samsung_USB_Drivers -> [Folder | Modified Date = 03/09/2007 19:11:16 | Attr = ]

tmp.reg -> %System32%\tmp.reg -> [Ver = | Size = 2238 bytes | Modified Date = 19/09/2007 21:00:52 | Attr = ]

Uninstall.ico -> %System32%\Uninstall.ico -> [Ver = | Size = 2550 bytes | Modified Date = 17/09/2007 22:55:06 | Attr = ]

VCCLSID.exe -> %System32%\VCCLSID.exe -> S!Ri [Ver = | Size = 289144 bytes | Modified Date = 06/09/2007 00:22:24 | Attr = ]

wbem -> %System32%\wbem -> [Folder | Modified Date = 07/08/2007 21:50:10 | Attr = ]

wpa.dbl -> %System32%\wpa.dbl -> [Ver = | Size = 1374 bytes | Modified Date = 25/09/2007 16:06:36 | Attr = ]

avipbb.sys -> %System32%\drivers\avipbb.sys -> AVIRA GmbH [Ver = 1.00.02.11 | Size = 62016 bytes | Modified Date = 11/09/2007 20:10:42 | Attr = ]

etc -> %System32%\drivers\etc -> [Folder | Modified Date = 19/09/2007 16:27:22 | Attr = ]

fidbox.dat -> %System32%\drivers\fidbox.dat -> [Ver = | Size = 66336 bytes | Modified Date = 06/09/2007 12:49:00 | Attr = HS]

fidbox.idx -> %System32%\drivers\fidbox.idx -> [Ver = | Size = 1220 bytes | Modified Date = 06/09/2007 12:40:06 | Attr = HS]

fidbox2.dat -> %System32%\drivers\fidbox2.dat -> [Ver = | Size = 1824 bytes | Modified Date = 06/09/2007 12:47:32 | Attr = HS]

fidbox2.idx -> %System32%\drivers\fidbox2.idx -> [Ver = | Size = 1172 bytes | Modified Date = 06/09/2007 12:40:06 | Attr = HS]

sptd.sys -> %System32%\drivers\sptd.sys -> [Ver = | Size = 685816 bytes | Modified Date = 02/09/2007 15:11:20 | Attr = ]

hosts.20070919-162720.backup -> %System32%\drivers\etc\hosts.20070919-162720.backup -> [Ver = | Size = 734 bytes | Modified Date = 18/09/2007 22:05:36 | Attr = ]

AntiVir PersonalEdition Classic -> %AllUsersAppData%\AntiVir PersonalEdition Classic -> [Folder | Modified Date = 12/09/2007 19:14:46 | Attr = ]

Google -> %AllUsersAppData%\Google -> [Folder | Modified Date = 07/09/2007 19:08:30 | Attr = ]

Grisoft -> %AllUsersAppData%\Grisoft -> [Folder | Modified Date = 04/09/2007 23:07:32 | Attr = ]

Kaspersky Lab -> %AllUsersAppData%\Kaspersky Lab -> [Folder | Modified Date = 18/09/2007 00:33:22 | Attr = ]

Kaspersky Lab Setup Files -> %AllUsersAppData%\Kaspersky Lab Setup Files -> [Folder | Modified Date = 06/09/2007 12:24:14 | Attr = ]

LauncherAccess.dt -> %AllUsersAppData%\LauncherAccess.dt -> [Ver = | Size = 0 bytes | Modified Date = 25/09/2007 13:25:34 | Attr = ]

Lavasoft -> %AllUsersAppData%\Lavasoft -> [Folder | Modified Date = 02/08/2007 22:35:18 | Attr = ]

Microsoft -> %AllUsersAppData%\Microsoft -> [Folder | Modified Date = 10/09/2007 20:11:54 | Attr = S]

Spybot - Search & Destroy -> %AllUsersAppData%\Spybot - Search & Destroy -> [Folder | Modified Date = 19/09/2007 17:04:00 | Attr = ]

dvdcss -> %UserAppData%\dvdcss -> [Folder | Modified Date = 12/08/2007 21:09:58 | Attr = ]

Grisoft -> %UserAppData%\Grisoft -> [Folder | Modified Date = 04/09/2007 23:08:20 | Attr = ]

Image Zone Express -> %UserAppData%\Image Zone Express -> [Folder | Modified Date = 04/08/2007 14:16:44 | Attr = ]

Microsoft -> %UserAppData%\Microsoft -> [Folder | Modified Date = 24/09/2007 20:39:38 | Attr = S]

Samsung -> %UserAppData%\Samsung -> [Folder | Modified Date = 03/09/2007 19:31:54 | Attr = ]

Uniblue -> %UserAppData%\Uniblue -> [Folder | Modified Date = 10/09/2007 19:54:46 | Attr = ]

uTorrent -> %UserAppData%\uTorrent -> [Folder | Modified Date = 24/09/2007 02:05:26 | Attr = ]

vlc -> %UserAppData%\vlc -> [Folder | Modified Date = 03/08/2007 19:44:40 | Attr = ]

Vso -> %UserAppData%\Vso -> [Folder | Modified Date = 02/09/2007 16:24:02 | Attr = ]

DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> %LocalAppData%\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> [Ver = | Size = 162304 bytes | Modified Date = 24/09/2007 02:01:24 | Attr = ]

IconCache.db -> %LocalAppData%\IconCache.db -> [Ver = | Size = 6946184 bytes | Modified Date = 25/09/2007 14:24:18 | Attr = H ]

Microsoft -> %LocalAppData%\Microsoft -> [Folder | Modified Date = 18/09/2007 18:25:08 | Attr = ]

{AC84089A-4614-4D65-9C7F-C70274C17586} -> %LocalAppData%\{AC84089A-4614-4D65-9C7F-C70274C17586} -> [Folder | Modified Date = 05/09/2007 20:23:18 | Attr = ]

Nouveau dossier -> %AllUsersDocuments%\Nouveau dossier -> [Folder | Modified Date = 09/09/2007 00:44:40 | Attr = ]

ad-aware_ad-aware_2007_7.0.2.2_anglais_12797.exe -> %UserDocuments%\ad-aware_ad-aware_2007_7.0.2.2_anglais_12797.exe -> [Ver = | Size = 19142000 bytes | Modified Date = 19/09/2007 15:44:40 | Attr = ]

@Alternate Data Stream - 26 bytes -> %UserDocuments%\ad-aware_ad-aware_2007_7.0.2.2_anglais_12797.exe:Zone.Identifier ->

Amee..[JAM-HOT.com].wmv.torrent -> %UserDocuments%\Amee..[JAM-HOT.com].wmv.torrent -> [Ver = | Size = 17139 bytes | Modified Date = 21/09/2007 23:09:14 | Attr = ]

@Alternate Data Stream - 26 bytes -> %UserDocuments%\Amee..[JAM-HOT.com].wmv.torrent:Zone.Identifier ->

Babylon6_setup_eng_eng_oxford.exe -> %UserDocuments%\Babylon6_setup_eng_eng_oxford.exe -> [Ver = | Size = 13584608 bytes | Modified Date = 19/09/2007 12:53:10 | Attr = ]

@Alternate Data Stream - 26 bytes -> %UserDocuments%\Babylon6_setup_eng_eng_oxford.exe:Zone.Identifier ->

ConvertXtoDVD -> %UserDocuments%\ConvertXtoDVD -> [Folder | Modified Date = 29/08/2007 19:08:58 | Attr = ]

cv conseiller insertion Pro.rtf -> %UserDocuments%\cv conseiller insertion Pro.rtf -> [Ver = | Size = 3102 bytes | Modified Date = 25/09/2007 12:53:04 | Attr = ]

desktop.ini -> %UserDocuments%\desktop.ini -> [Ver = | Size = 138 bytes | Modified Date = 07/09/2007 19:41:18 | Attr = HS]

DSPP_CIP.doc -> %UserDocuments%\DSPP_CIP.doc -> [Ver = | Size = 144384 bytes | Modified Date = 20/09/2007 19:23:58 | Attr = ]

@Alternate Data Stream - 26 bytes -> %UserDocuments%\DSPP_CIP.doc:Zone.Identifier ->

formations_crp.pdf -> %UserDocuments%\formations_crp.pdf -> [Ver = | Size = 179530 bytes | Modified Date = 16/09/2007 19:08:40 | Attr = ]

funrecent.fmp -> %UserDocuments%\funrecent.fmp -> [Ver = | Size = 20 bytes | Modified Date = 03/09/2007 19:43:30 | Attr = ]

HiJackThis_v2.exe -> %UserDocuments%\HiJackThis_v2.exe -> Trend Micro Inc. [Ver = 2.00 | Size = 1308216 bytes | Modified Date = 21/09/2007 21:48:16 | Attr = ]

@Alternate Data Stream - 26 bytes -> %UserDocuments%\HiJackThis_v2.exe:Zone.Identifier ->

lettre conseil général.rtf -> %UserDocuments%\lettre conseil général.rtf -> [Ver = | Size = 1721 bytes | Modified Date = 13/09/2007 18:09:36 | Attr = ]

lettre conseiller.doc.rtf -> %UserDocuments%\lettre conseiller.doc.rtf -> [Ver = | Size = 2311 bytes | Modified Date = 25/09/2007 14:11:32 | Attr = ]

Ma musique -> %UserDocuments%\Ma musique -> [Folder | Modified Date = 07/09/2007 19:41:20 | Attr = R ]

Masha..[JAM-HOT.com].avi.torrent -> %UserDocuments%\Masha..[JAM-HOT.com].avi.torrent -> [Ver = | Size = 15239 bytes | Modified Date = 21/09/2007 23:08:18 | Attr = ]

@Alternate Data Stream - 26 bytes -> %UserDocuments%\Masha..[JAM-HOT.com].avi.torrent:Zone.Identifier ->

MenuBorderTR.gif -> %UserDocuments%\MenuBorderTR.gif -> [Ver = | Size = 113 bytes | Modified Date = 09/09/2007 14:39:52 | Attr = ]

Mes images -> %UserDocuments%\Mes images -> [Folder | Modified Date = 11/09/2007 17:39:42 | Attr = R ]

Mes vidéos -> %UserDocuments%\Mes vidéos -> [Folder | Modified Date = 24/09/2007 02:00:52 | Attr = ]

My Art -> %UserDocuments%\My Art -> [Folder | Modified Date = 25/09/2007 13:25:52 | Attr = ]

papier entête anglis.rtf -> %UserDocuments%\papier entête anglis.rtf -> [Ver = | Size = 2555 bytes | Modified Date = 11/08/2007 23:34:04 | Attr = ]

Samsung PC Studio -> %UserDocuments%\Samsung PC Studio -> [Folder | Modified Date = 16/09/2007 15:25:16 | Attr = ]

sandraCV.rtf -> %UserDocuments%\sandraCV.rtf -> [Ver = | Size = 3537 bytes | Modified Date = 10/08/2007 13:13:48 | Attr = ]

Shoot_Em_Up_French_Ts_Xvid_Vcdfrv_-_{{{-_www.Meganova.org_-}}}.torrent -> %UserDocuments%\Shoot_Em_Up_French_Ts_Xvid_Vcdfrv_-_{{{-_www.Meganova.org_-}}}.torrent -> [Ver = | Size = 14333 bytes | Modified Date = 22/09/2007 21:53:18 | Attr = ]

@Alternate Data Stream - 26 bytes -> %UserDocuments%\Shoot_Em_Up_French_Ts_Xvid_Vcdfrv_-_{{{-_www.Meganova.org_-}}}.torrent:Zone.Identifier ->

SP_A0163.jpg -> %UserDocuments%\SP_A0163.jpg -> [Ver = | Size = 17950 bytes | Modified Date = 03/09/2007 20:32:46 | Attr = ]

SP_A0164.jpg -> %UserDocuments%\SP_A0164.jpg -> [Ver = | Size = 16338 bytes | Modified Date = 03/09/2007 20:32:34 | Attr = ]

SP_A0166.jpg -> %UserDocuments%\SP_A0166.jpg -> [Ver = | Size = 17230 bytes | Modified Date = 03/09/2007 20:31:06 | Attr = ]

supp-dll-mémoire.reg -> %UserDocuments%\supp-dll-mémoire.reg -> [Ver = | Size = 115 bytes | Modified Date = 17/09/2007 17:53:04 | Attr = ]

Track 01.bin -> %UserDocuments%\Track 01.bin -> [Ver = | Size = 529849152 bytes | Modified Date = 02/09/2007 15:28:22 | Attr = ]

tweak-xp-pro_tweak_xp_pro_4.0.8_multi-langues_10772.exe -> %UserDocuments%\tweak-xp-pro_tweak_xp_pro_4.0.8_multi-langues_10772.exe -> [Ver = 6.0.1.4 | Size = 6376978 bytes | Modified Date = 16/09/2007 15:04:24 | Attr = ]

@Alternate Data Stream - 26 bytes -> %UserDocuments%\tweak-xp-pro_tweak_xp_pro_4.0.8_multi-langues_10772.exe:Zone.Identifier ->

txp4trial.exe -> %UserDocuments%\txp4trial.exe -> [Ver = 6.0.1.4 | Size = 6367757 bytes | Modified Date = 16/09/2007 14:32:14 | Attr = ]

@Alternate Data Stream - 26 bytes -> %UserDocuments%\txp4trial.exe:Zone.Identifier ->

[.www.torsky.org.]Asian.&.Black.Interracial.Creampie.torrent -> %UserDocuments%\[.www.torsky.org.]Asian.&.Black.Interracial.Creampie.torrent -> [Ver = | Size = 15141 bytes | Modified Date = 21/09/2007 23:08:48 | Attr = ]

@Alternate Data Stream - 26 bytes -> %UserDocuments%\[.www.torsky.org.]Asian.&.Black.Interracial.Creampie.torrent:Zone.Identifier ->

HP Photosmart Essential.lnk -> %AllUsersDesktop%\HP Photosmart Essential.lnk -> [Ver = | Size = 1887 bytes | Modified Date = 17/09/2007 17:34:12 | Attr = ]

Multimedia manager.lnk -> %AllUsersDesktop%\Multimedia manager.lnk -> [Ver = | Size = 1805 bytes | Modified Date = 03/09/2007 19:11:52 | Attr = ]

Multimedia player.lnk -> %AllUsersDesktop%\Multimedia player.lnk -> [Ver = | Size = 1828 bytes | Modified Date = 03/09/2007 19:11:52 | Attr = ]

Samsung PC Studio 3.lnk -> %AllUsersDesktop%\Samsung PC Studio 3.lnk -> [Ver = | Size = 1765 bytes | Modified Date = 03/09/2007 19:11:52 | Attr = ]

20070112093709031_Samsung_PC_Studio.exe -> %UserDesktop%\20070112093709031_Samsung_PC_Studio.exe -> [Ver = | Size = 57273968 bytes | Modified Date = 03/09/2007 19:07:42 | Attr = ]

@Alternate Data Stream - 26 bytes -> %UserDesktop%\20070112093709031_Samsung_PC_Studio.exe:Zone.Identifier ->

antivir-personal-edition-7_antivir_personal_edition_classic_7_7.00.04.15_anglais_10821.exe -> %UserDesktop%\antivir-personal-edition-7_antivir_personal_edition_classic_7_7.00.04.15_anglais_10821.exe -> [Ver = | Size = 17180760 bytes | Modified Date = 11/09/2007 19:13:32 | Attr = ]

@Alternate Data Stream - 26 bytes -> %UserDesktop%\antivir-personal-edition-7_antivir_personal_edition_classic_7_7.00.04.15_anglais_10821.exe:Zone.Identifier ->

ATF-Cleaner.exe -> %UserDesktop%\ATF-Cleaner.exe -> Atribune.org [Ver = 3.00.0002 | Size = 50688 bytes | Modified Date = 21/09/2007 20:23:24 | Attr = ]

@Alternate Data Stream - 26 bytes -> %UserDesktop%\ATF-Cleaner.exe:Zone.Identifier ->

CCleaner.lnk -> %UserDesktop%\CCleaner.lnk -> [Ver = | Size = 1548 bytes | Modified Date = 15/09/2007 13:00:00 | Attr = ]

ccleaner_ccleaner_1.41.544_francais_14492.exe -> %UserDesktop%\ccleaner_ccleaner_1.41.544_francais_14492.exe -> Piriform Ltd [Ver = 1.41.0.544 | Size = 2720456 bytes | Modified Date = 15/09/2007 12:59:30 | Attr = ]

@Alternate Data Stream - 26 bytes -> %UserDesktop%\ccleaner_ccleaner_1.41.544_francais_14492.exe:Zone.Identifier ->

Diskeeper2007-Home.exe -> %UserDesktop%\Diskeeper2007-Home.exe -> Diskeeper Corporation [Ver = 11.0.709t | Size = 15087208 bytes | Modified Date = 09/09/2007 19:35:08 | Attr = ]

@Alternate Data Stream - 26 bytes -> %UserDesktop%\Diskeeper2007-Home.exe:Zone.Identifier ->

inland.empire.fr.dvdrip.torrent -> %UserDesktop%\inland.empire.fr.dvdrip.torrent -> [Ver = | Size = 38264 bytes | Modified Date = 01/09/2007 14:13:14 | Attr = ]

@Alternate Data Stream - 26 bytes -> %UserDesktop%\inland.empire.fr.dvdrip.torrent:Zone.Identifier ->

installer -> %UserDesktop%\installer -> [Folder | Modified Date = 21/09/2007 22:46:02 | Attr = ]

IZArc_Setup.exe -> %UserDesktop%\IZArc_Setup.exe -> IZSoftware [Ver = 3.81 Build 1550 | Size = 3723454 bytes | Modified Date = 01/08/2007 15:16:46 | Attr = ]

@Alternate Data Stream - 26 bytes -> %UserDesktop%\IZArc_Setup.exe:Zone.Identifier ->

La Môme.torrent -> %UserDesktop%\La Môme.torrent -> [Ver = | Size = 14246 bytes | Modified Date = 17/08/2007 15:40:32 | Attr = ]

@Alternate Data Stream - 26 bytes -> %UserDesktop%\La Môme.torrent:Zone.Identifier ->

WinPFind3u -> %UserDesktop%\WinPFind3u -> [Folder | Modified Date = 25/09/2007 16:30:38 | Attr = ]

winpfind3u.exe -> %UserDesktop%\winpfind3u.exe -> [Ver = | Size = 356045 bytes | Modified Date = 25/09/2007 16:29:34 | Attr = ]

@Alternate Data Stream - 26 bytes -> %UserDesktop%\winpfind3u.exe:Zone.Identifier ->

X86 -> %UserDesktop%\X86 -> [Folder | Modified Date = 09/09/2007 19:35:16 | Attr = ]

µTorrent.lnk -> %UserDesktop%\µTorrent.lnk -> [Ver = | Size = 630 bytes | Modified Date = 12/08/2007 17:07:42 | Attr = ]

HP -> %CommonProgramFiles%\HP -> [Folder | Modified Date = 17/09/2007 17:33:42 | Attr = ]

SureThing Shared -> %CommonProgramFiles%\SureThing Shared -> [Folder | Modified Date = 03/08/2007 14:22:14 | Attr = ]

System -> %CommonProgramFiles%\System -> [Folder | Modified Date = 03/08/2007 14:20:34 | Attr = ]

 

[File String Scan - Non-Microsoft Only]

UPX! , UPX0 , -> %SystemRoot%\tsc.exe -> Trend Micro Inc. [Ver = 5.3.0.1103 | Size = 267845 bytes | Modified Date = 14/09/2007 19:02:08 | Attr = ]

UPX! , aspack , -> %SystemRoot%\vsapi32.dll -> Trend Micro Inc. [Ver = 8.500-1002 | Size = 1163344 bytes | Modified Date = 14/09/2007 19:02:06 | Attr = ]

PEC2 , -> %System32%\dfrg.msc -> [Ver = | Size = 41131 bytes | Modified Date = 24/04/2003 13:00:00 | Attr = ]

UPX! , UPX0 , -> %System32%\SrchSTS.exe -> S!Ri [Ver = | Size = 288417 bytes | Modified Date = 27/04/2006 17:49:30 | Attr = ]

UPX! , UPX0 , -> %System32%\swreg.exe -> SteelWerX [Ver = 2.0.1.0 | Size = 135168 bytes | Modified Date = 29/08/2006 19:43:54 | Attr = ]

UPX! , UPX0 , -> %System32%\swsc.exe -> [Ver = | Size = 40960 bytes | Modified Date = 09/01/2006 10:36:06 | Attr = ]

UPX! , UPX0 , -> %System32%\swxcacls.exe -> SteelWerX [Ver = 1.0.1.1 | Size = 79360 bytes | Modified Date = 01/12/2006 06:20:34 | Attr = ]

UPX! , UPX0 , -> %System32%\VCCLSID.exe -> S!Ri [Ver = | Size = 289144 bytes | Modified Date = 06/09/2007 00:22:24 | Attr = ]

winsync , -> %System32%\wbdbase.deu -> [Ver = | Size = 1309184 bytes | Modified Date = 24/04/2003 13:00:00 | Attr = ]

WSUD , UPX0 , -> %System32%\dllcache\hwxjpn.dll -> [Ver = | Size = 13463552 bytes | Modified Date = 24/04/2003 14:00:00 | Attr = ]

UPX0 , -> %System32%\dllcache\NT5IIS.CAT -> [Ver = | Size = 809394 bytes | Modified Date = 24/04/2003 14:00:00 | Attr = ]

@Alternate Data Stream - 140 bytes -> %AllUsersAppData%\TEMP:DFC5A2B2 ->

@Alternate Data Stream - 26 bytes -> %UserDocuments%\ad-aware_ad-aware_2007_7.0.2.2_anglais_12797.exe:Zone.Identifier ->

@Alternate Data Stream - 26 bytes -> %UserDocuments%\Amee..[JAM-HOT.com].wmv.torrent:Zone.Identifier ->

@Alternate Data Stream - 26 bytes -> %UserDocuments%\Babylon6_setup_eng_eng_oxford.exe:Zone.Identifier ->

Thawte Consulting , -> %UserDocuments%\Babylon6_setup_eng_eng_oxford.exe -> [Ver = | Size = 13584608 bytes | Modified Date = 19/09/2007 12:53:10 | Attr = ]

@Alternate Data Stream - 26 bytes -> %UserDocuments%\DSPP_CIP.doc:Zone.Identifier ->

@Alternate Data Stream - 26 bytes -> %UserDocuments%\HiJackThis_v2.exe:Zone.Identifier ->

@Alternate Data Stream - 26 bytes -> %UserDocuments%\Masha..[JAM-HOT.com].avi.torrent:Zone.Identifier ->

@Alternate Data Stream - 26 bytes -> %UserDocuments%\Shoot_Em_Up_French_Ts_Xvid_Vcdfrv_-_{{{-_www.Meganova.org_-}}}.torrent:Zone.Identifier ->

File scan skipped for file %UserDocuments%\Track 01.bin -> File size too big (529849152 bytes) ->

@Alternate Data Stream - 26 bytes -> %UserDocuments%\tweak-xp-pro_tweak_xp_pro_4.0.8_multi-langues_10772.exe:Zone.Identifier ->

UPX! , UPX0 , -> %UserDocuments%\tweak-xp-pro_tweak_xp_pro_4.0.8_multi-langues_10772.exe -> [Ver = 6.0.1.4 | Size = 6376978 bytes | Modified Date = 16/09/2007 15:04:24 | Attr = ]

@Alternate Data Stream - 26 bytes -> %UserDocuments%\txp4trial.exe:Zone.Identifier ->

UPX! , UPX0 , -> %UserDocuments%\txp4trial.exe -> [Ver = 6.0.1.4 | Size = 6367757 bytes | Modified Date = 16/09/2007 14:32:14 | Attr = ]

@Alternate Data Stream - 26 bytes -> %UserDocuments%\[.www.torsky.org.]Asian.&.Black.Interracial.Creampie.torrent:Zone.Identifier ->

@Alternate Data Stream - 26 bytes -> %UserDesktop%\1408:Zone.Identifier ->

@Alternate Data Stream - 26 bytes -> %UserDesktop%\20070112093709031_Samsung_PC_Studio.exe:Zone.Identifier ->

@Alternate Data Stream - 26 bytes -> %UserDesktop%\antivir-personal-edition-7_antivir_personal_edition_classic_7_7.00.04.15_anglais_10821.exe:Zone.Identifier ->

@Alternate Data Stream - 26 bytes -> %UserDesktop%\ATF-Cleaner.exe:Zone.Identifier ->

UPX! , UPX0 , -> %UserDesktop%\ATF-Cleaner.exe -> Atribune.org [Ver = 3.00.0002 | Size = 50688 bytes | Modified Date = 21/09/2007 20:23:24 | Attr = ]

@Alternate Data Stream - 26 bytes -> %UserDesktop%\ccleaner_ccleaner_1.41.544_francais_14492.exe:Zone.Identifier ->

Thawte Consulting , -> %UserDesktop%\ccleaner_ccleaner_1.41.544_francais_14492.exe -> Piriform Ltd [Ver = 1.41.0.544 | Size = 2720456 bytes | Modified Date = 15/09/2007 12:59:30 | Attr = ]

@Alternate Data Stream - 26 bytes -> %UserDesktop%\Diskeeper2007-Home.exe:Zone.Identifier ->

@Alternate Data Stream - 26 bytes -> %UserDesktop%\inland.empire.fr.dvdrip.torrent:Zone.Identifier ->

@Alternate Data Stream - 26 bytes -> %UserDesktop%\invisible:Zone.Identifier ->

@Alternate Data Stream - 26 bytes -> %UserDesktop%\IZArc_Setup.exe:Zone.Identifier ->

@Alternate Data Stream - 26 bytes -> %UserDesktop%\La Môme.torrent:Zone.Identifier ->

@Alternate Data Stream - 26 bytes -> %UserDesktop%\laidcv.rtf:Zone.Identifier ->

@Alternate Data Stream - 26 bytes -> %UserDesktop%\MBSASetup-FR.msi:Zone.Identifier ->

@Alternate Data Stream - 26 bytes -> %UserDesktop%\Mr Brooks:Zone.Identifier ->

Thawte Consulting , -> %UserDesktop%\Samsung_PC_Studio_311_FKB.exe -> Macrovision Corporation [Ver = 10.50.132 | Size = 58032562 bytes | Modified Date = 11/01/2007 15:07:18 | Attr = ]

FSG! , -> %UserDesktop%\uTorrent-1.6.1-install.exe -> [Ver = 1.6.1 | Size = 697492 bytes | Modified Date = 09/06/2007 15:07:30 | Attr = ]

@Alternate Data Stream - 26 bytes -> %UserDesktop%\winpfind3u.exe:Zone.Identifier ->

 

< End of report >

e ?