Infecté par Winupgro + Bagel HELP ! FINDYKILL impuissant !

Thanos · le 3 mars 2010

2To oui ca fait pas mal de données tout ca! Tu as déjà fait un scan avec MalwareBytes à ce que lis:

Poste le contenu du rapport stp >>

Pour cela lance MalwareByte's Anti-Malware, clique sur le Menu Rapports/Logs puis, sous "Eléments", sélectionne le rapport qui correspond à ton dernier scan (il y a la date du jour dans le nom du fichier).

Double-clique dessus > un rapport va s'afficher > copie/colle son contenu dans ton prochain message.

Cabotine · le 3 mars 2010

Bonsoir Thanos,

Voici le résultat de l'analyse RAPIDE de Malwarebytes à jour :

Malwarebytes' Anti-Malware 1.44

Version de la base de données: 3822

Windows 5.1.2600 Service Pack 3

Internet Explorer 8.0.6001.18702

2010-03-03 17:21:42

mbam-log-2010-03-03 (17-21-42).txt

Type de recherche: Examen rapide

Eléments examinés: 127830

Temps écoulé: 3 minute(s), 52 second(s)

Processus mémoire infecté(s): 0

Module(s) mémoire infecté(s): 0

Clé(s) du Registre infectée(s): 0

Valeur(s) du Registre infectée(s): 0

Elément(s) de données du Registre infecté(s): 0

Dossier(s) infecté(s): 0

Fichier(s) infecté(s): 0

Processus mémoire infecté(s):

(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):

(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):

(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):

(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):

(Aucun élément nuisible détecté)

Dossier(s) infecté(s):

(Aucun élément nuisible détecté)

Fichier(s) infecté(s):

(Aucun élément nuisible détecté)

J'attends la suite...

Cabo

PS: je n'ai scanné que le disque C puisque c lui qui contiens Windows... Je suis de mon portable pour le transfert des données sur clef USB

A+++

Modifié le 3 mars 2010 par Cabotine

Thanos · le 3 mars 2010

ok on va tenter un scan stp pour voir si rien ne nous échappe (un rootkit) =>

Télécharge GMER Rootkit Scanner du lien suivant :

http://www.gmer.net/#files

- Clique sur le bouton "Download EXE"

- Sauvegarde-le sur ton Bureau.

- Colle et sauvegarde ces instructions dans un fichier texte ou imprime-les, car tu devras fermer le navigateur.

- Ferme les fenêtres de navigateur ouvertes.

- Lance le fichier téléchargé (le nom comporte 8 chiffres/lettres aléatoires) par double clic ;

- Si l'outil te lance un warning d'activité de rootkit et te demande de faire un scan ; clique "NO"

- Dans la section de droite de la fenêtre de l'outil, décoche les options suivantes :

Sections
**Assure-toi que "Show All" est décoché**

- Clique maintenant sur le bouton "Scan" et patiente (cela peut prendre 10 minutes ou +)

- Lorsque l'analyse sera terminée, clique sur le bouton "Save..." (au bas à droite) ;

- Nomme le fichier"Ark.txt" et sauvegarde-le sur le Bureau ;

- Copie/colle le contenu de ce rapport dans ta réponse.

Thanos · le 3 mars 2010

re!

Si jamais le scan précédent ne fonctionne pas, lance cette recherche =>

Télécharge OTS.exe sur le Bureau, et fais un double clic dessus pourlancer le programme.

Notes :

-Si pendant le téléchargement et/ou l’installation tu reçois une alerte de ton antivirus, ignore-là. Certains composants de OTS peuvent être détectés comme un virus par certains antivirus. Pense aussi à désactiver tes protections résidentes durant la procédure.

-Tu dois avoir ouvert une session avec un compte ayant les droits Administrateur pour exécuter ce programme.

Fais un double clic sur OTS.exe pour lancer le programme
Sous "File Age" en haut, clique sur le menu déroulant et sélectionne "60 days".
Sous "Additional Scans" clique sur le bouton "Extras" puis coche la case située devant les éléments suivants afin de les sélectionner :

Reg - Disabled MS Config Items
Reg - Drivers32
Reg - SafeBoot Minimal
Reg - SafeBoot Network
Reg - Tcpip Persistent Routes
Ensuite, coche la case Scan All Users puis clique sur le bouton Run Scan dans la barre d'outils.
Laisse le programme tourner sans intervenir.
Lorsque l'analyse est terminée le Bloc-notes va s'ouvrir pour afficher le fichier rapport.
Clique sur le menu Format et vérifie que Retour automatique à la ligne n'est pas coché. S'il l'est, clique dessus afin de le décocher.
Poste le rapport obtenu dans ta prochaine réponse: si tu ne le vois pas, tu le trouveras dans le répertoire C:\_OTS\MovedFiles (son nom est la date-heure du jour)

Cabotine · le 4 mars 2010

OK,

Je résume : Je suis en mode débugage car le mode sans échec ne fonctionne pas. Je ne peux télécharger sur mon ordinateur. Les seules choses que je peux télécharger doivent être au format .zip ou .rar sinon un "faux" programme s'ouvre et je ne peux rien enregistrer...

Je suis présentement sur le portable et je transfert les données sur la clef USB. J'ai lancé une 1re fois GMER et l'ordi a gelé ( après une durée X, il gèle..). Je viens de recommencer et c'est très long et l'ordi ralentis considérablement... Je ne scan que le DD C, et j'ai décoché les 2 trucs que tu m'a dit... Je croise les doigts !

Échec.........

Cabotine · le 4 mars 2010

J'essais OTS

Cabotine · le 4 mars 2010

Thanos, Voici le rapport OTS qui est apparu sur mon bureau, je n'ai pas pu faire les commandes suivantes pusique l'ordi a gelé à nouveau... :

# Reg - Tcpip Persistent Routes

# Clique sur le menu Format et vérifie que Retour automatique à la ligne n'est pas coché. S'il l'est, clique dessus afin de le décocher.

# Poste le rapport obtenu dans ta prochaine réponse: si tu ne le vois pas, tu le trouveras dans le répertoire C:\_OTS\MovedFiles (son nom est la date-heure du jour)

Le rapport n'est pas dans le dossier que tu me dit mais sur le bureau.. peut-être pcq ça s'est terminé abruptement ?

Le voici en 2 parties car le forum ne semble pas le prendre...

Modifié le 4 mars 2010 par Cabotine

Cabotine · le 4 mars 2010

Modifié le 4 mars 2010 par Cabotine

Cabotine · le 4 mars 2010

< SafeBoot-Network Settings > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ ->

{36FC9E60-C465-11CF-8056-444553540000} -> Universal Serial Bus controllers

{4D36E965-E325-11CE-BFC1-08002BE10318} -> CD-ROM Drive

{4D36E967-E325-11CE-BFC1-08002BE10318} -> DiskDrive

{4D36E969-E325-11CE-BFC1-08002BE10318} -> Standard floppy disk controller

{4D36E96A-E325-11CE-BFC1-08002BE10318} -> Hdc

{4D36E96B-E325-11CE-BFC1-08002BE10318} -> Keyboard

{4D36E96F-E325-11CE-BFC1-08002BE10318} -> Mouse

{4D36E972-E325-11CE-BFC1-08002BE10318} -> Net

{4D36E973-E325-11CE-BFC1-08002BE10318} -> NetClient

{4D36E974-E325-11CE-BFC1-08002BE10318} -> NetService

{4D36E975-E325-11CE-BFC1-08002BE10318} -> NetTrans

{4D36E977-E325-11CE-BFC1-08002BE10318} -> PCMCIA Adapters

{4D36E97B-E325-11CE-BFC1-08002BE10318} -> SCSIAdapter

{4D36E97D-E325-11CE-BFC1-08002BE10318} -> System

{4D36E980-E325-11CE-BFC1-08002BE10318} -> Floppy disk drive

{71A27CDD-812A-11D0-BEC7-08002BE2092F} -> Volume

{745A17A0-74D3-11D0-B6FE-00A0C90F57DA} -> Human Interface Devices

Base -> Driver Group

Boot Bus Extender -> Driver Group

Boot file system -> Driver Group

File system -> Driver Group

Filter -> Driver Group

NDIS Wrapper -> Driver Group

NetBIOSGroup -> Driver Group

NetDDEGroup -> Driver Group

Network -> Driver Group

NetworkProvider -> Driver Group

PCI Configuration -> Driver Group

PNP Filter -> Driver Group

PNP_TDI -> Driver Group

Primary disk -> Driver Group

SCSI Class -> Driver Group

sermouse.sys -> Driver

Streams Drivers -> Driver Group

System Bus Extender -> Driver Group

TDI -> Driver Group

vga.sys -> Driver

WdfLoadGroup ->

< Security Center Settings > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center ->

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center

\\"FirstRunDisabled" -> [1] -> File not found

\\"AntiVirusDisableNotify" -> [0] -> File not found

\\"FirewallDisableNotify" -> [0] -> File not found

\\"UpdatesDisableNotify" -> [0] -> File not found

\\"AntiVirusOverride" -> [0] -> File not found

\\"FirewallOverride" -> [0] -> File not found

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ -> ->

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus\ -> ->

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus\ -> ->

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus\ -> ->

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus\ -> ->

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall\ -> ->

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus\ -> ->

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall\ -> ->

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus\ -> ->

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus\ -> ->

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall\ -> ->

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall\ -> ->

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus\ -> ->

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall\ -> ->

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall\ -> ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile

\\"EnableFirewall" -> [1] -> File not found

\\"DisableNotifications" -> [0] -> File not found

\\"DoNotAllowExceptions" -> [0] -> File not found

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\ -> ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\ -> ->

< Uninstall List [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ ->

{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C} -> Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148

{00ADFB20-AE75-46F4-AD2C-F48B15AC3100} -> Adobe Color NA Recommended Settings CS4

{01501EBA-EC35-4F9F-8889-3BE346E5DA13} -> MSXML4 Parser

{05308C4E-7285-4066-BAE3-6B50DA6ED755} -> Adobe Update Manager CS4

{054EFA56-2AC1-48F4-A883-0AB89874B972} -> Adobe Extension Manager CS4

{098727E1-775A-4450-B573-3F441F1CA243} -> kuler

{09CF6AF5-9206-4FD7-9B08-BA6819FB47E3} -> Anno 1404

{0C34B801-6AEC-4667-B053-03A67E2D0415} -> Apple Application Support

{0C826C5B-B131-423A-A229-C71B3CACCD6A} -> CDDRV_Installer

{0D6013AB-A0C7-41DC-973C-E93129C9A29F} -> Adobe Color JA Extra Settings CS4

{0F723FC1-7606-4867-866C-CE80AD292DAF} -> Adobe CSI CS4

{1618734A-3957-4ADD-8199-F973763109A8} -> Adobe Anchor Service CS4

{16E16F01-2E2D-4248-A42F-76261C147B6C} -> Adobe Drive CS4

{16E6D2C1-7C90-4309-8EC4-D2212690AAA4} -> AdobeColorCommonSetRGB

{18455581-E099-4BA8-BC6B-F34B2F06600C} -> Google Toolbar for Internet Explorer

{18754BA4-4F0C-4E6E-888B-9496AFA05F43} -> Ma-Config.com

{1a413f37-ed88-4fec-9666-5c48dc4b7bb7} -> YouTube Downloader 2.5.1

{1F1C2DFC-2D24-3E06-BCB8-725134ADF989} -> Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

{1F63ED0B-EDD2-4037-B6AB-1358C624AF48} -> Scan

{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79} -> DVD Suite

{205C6BDD-7B73-42DE-8505-9A093F35A238} -> Outil de téléchargement Windows Live

{2075CB0A-D26F-4DAA-B424-5079296B43BA} -> Windows Live FolderShare

{21E75254-410E-49C4-8981-2E1A2A2221F2} -> HP Diagnostic Assistant

{22B775E7-6C42-4FC5-8E10-9A5E3257BD94} -> MSVCRT

{2318C2B1-4965-11d4-9B18-009027A5CD4F} -> Google Toolbar for Internet Explorer

{236BB7C4-4419-42FD-040C-1E257A25E34D} -> Adobe Photoshop CS2

{2405665A-16C9-4D3A-B70E-F006220E1472} -> Overland

{267868CE-6DFF-40F7-9C58-C01119B7B117} -> Fax

{26A24AE4-039D-4CA4-87B4-2F83216014FF} -> Java 6 Update 14

{2BBC9458-07CA-4843-848B-5C8146E5EFA8} -> CreativeProjects

{2F71F2BA-B513-4113-969C-18A84D238E27} -> 1310

{3101CB58-3482-4D21-AF1A-7057FC935355} -> KhalInstallWrapper

{310BC5E2-31AF-49BB-904D-E71EB93645DC} -> AI Suite

{34A59AC3-6C5C-4A09-A7F5-369A37176C8A} -> AiOSoftware

{350C940c-3D7C-4EE8-BAA9-00BCB3D54227} -> WebFldrs XP

{35D94F92-1D3A-43C5-8605-EA268B1A7BD9} -> PDF Settings CS4

{36C97B5B-5593-45B8-B50E-DAD87036BD9D} -> Microsoft LifeCam

{39F6E2B4-CFE8-C30A-66E8-489651F0F34C} -> Adobe Media Player

{3A4E8896-C2E7-4084-A4A4-B8FD1894E739} -> Adobe XMP Panels CS4

{3AE681E0-4E8D-453F-950A-48534D3C0724} -> Copy

{3B4E636E-9D65-4D67-BA61-189800823F52} -> Windows Live Communications Platform

{3CF78481-FB7B-4B51-99A2-D5E0CD0B3AAF} -> HPSystemDiagnostics

{3D9CF3CA-3AB0-4A82-9853-D7C43FD1D775} -> ANNO 1404

{3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF} -> Adobe WinSoft Linguistics Plugin

{3F7924B9-D148-3141-87B1-68F36043A940} -> Microsoft .NET Framework 2.0 Service Pack 1 Language Pack - FRA

{41254D7B-EADF-4078-AE4A-BD73B300EE86} -> Unload

{457791C5-D702-4143-A7B2-2744BE9573F2} -> HP Software Update

{4634B21A-CC07-4396-890C-2B8168661FEA} -> Windows Live Writer

{46ABBC54-1872-4AA3-95E2-F2C063A63F31} -> Installation Windows Live

{4943EFF5-229F-435D-BEA9-BE3CAEA783A7} -> Adobe Service Manager Extension

{4CBA3D4C-8F51-4D60-B27E-F6B641C571E7} -> Microsoft Search Enhancement Pack

{5570C7F0-43D0-4916-8A9E-AEDD52FA86F4} -> Adobe Color EU Extra Settings CS4

{56C049BE-79E9-4502-BEA7-9754A3E60F9B} -> neroxml

{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC} -> Microsoft Office Live Add-in 1.3

{597D73A8-5FDB-4bc1-9893-40B54459F1BC} -> ProductContext

{5DD76286-9BE7-4894-A990-E905E91AC818} -> Windows Live Mail

{6530EB5E-F2BE-45D3-906B-E4AFFF2D1588} -> Gestionnaire de périphériques de Windows Live

{67F0E67A-8E93-4C2C-B29D-47C48262738A} -> Adobe Device Central CS4

{68243FF8-83CA-466B-B2B8-9F99DA5479C4} -> AdobeColorCommonSetCMYK

{6956856F-B6B3-4BE0-BA0B-8F495BE32033} -> Apple Software Update

{7299052b-02a4-4627-81f2-1818da5d550d} -> Microsoft Visual C++ 2005 Redistributable

{767CC44C-9BBC-438D-BAD3-FD4595DD148B} -> VC80CRTRedist - 8.0.50727.762

{770657D0-A123-3C07-8E44-1C83EC895118} -> Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

{770F1BEC-2871-4E70-B837-FB8525FFA3B1} -> Windows Live Messenger

{786C5747-0C40-4930-9AFE-113BCE553101} -> Adobe Stock Photos 1.0

{787414B3-146E-E8C9-55AD-1DC5C1171033} -> Nero 7 Ultra Edition

{80413011-029C-4D6B-B3AD-725DDE60B81C} -> 1310Trb

{820D3F45-F6EE-4AAF-81EF-CE21FF21D230} -> Adobe Type Support CS4

{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41} -> Windows Live Call

{83877DB1-8B77-45BC-AB43-2BAC22E093E0} -> Adobe Bridge CS4

{842B4B72-9E8F-4962-B3C1-1C422A5C4434} -> Suite Shared Configuration CS4

{87532CAB-7932-4F84-8937-823337622807} -> Adobe Illustrator CS4

{8777AC6D-89F9-4793-8266-DE406F343E89} -> QFolder

{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00} -> Microsoft Silverlight

{8A74E887-8F0F-4017-AF53-CBA42211AAA5} -> Microsoft Sync Framework Runtime Native v1.0 (x86)

{8CE08C3C-8FF4-45D9-925E-4F3CE2D7FA7D} -> Adobe Setup

{8EDBA74D-0686-4C99-BFDD-F894678E5101} -> Adobe Common File Installer

{90120000-0010-040C-0000-0000000FF1CE} -> Microsoft Software Update for Web Folders (French) 12

{90120000-0011-0000-0000-0000000FF1CE} -> Microsoft Office Professional Plus 2007

{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B} -> Microsoft Office 2007 Service Pack 2 (SP2)

{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{3D019598-7B59-447A-80AE-815B703B84FF} -> Security Update for Microsoft Office system 2007 (972581)

{90120000-0015-040C-0000-0000000FF1CE} -> Microsoft Office Access MUI (French) 2007

{90120000-0015-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C} -> Microsoft Office 2007 Service Pack 2 (SP2)

{90120000-0016-040C-0000-0000000FF1CE} -> Microsoft Office Excel MUI (French) 2007

{90120000-0016-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C} -> Microsoft Office 2007 Service Pack 2 (SP2)

{90120000-0018-040C-0000-0000000FF1CE} -> Microsoft Office PowerPoint MUI (French) 2007

{90120000-0018-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C} -> Microsoft Office 2007 Service Pack 2 (SP2)

{90120000-0019-040C-0000-0000000FF1CE} -> Microsoft Office Publisher MUI (French) 2007

{90120000-0019-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C} -> Microsoft Office 2007 Service Pack 2 (SP2)

{90120000-001A-040C-0000-0000000FF1CE} -> Microsoft Office Outlook MUI (French) 2007

{90120000-001A-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C} -> Microsoft Office 2007 Service Pack 2 (SP2)

{90120000-001B-040C-0000-0000000FF1CE} -> Microsoft Office Word MUI (French) 2007

{90120000-001B-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C} -> Microsoft Office 2007 Service Pack 2 (SP2)

{90120000-001F-0401-0000-0000000FF1CE} -> Microsoft Office Proof (Arabic) 2007

{90120000-001F-0401-0000-0000000FF1CE}_PROPLUS_{14809F99-C601-4D4A-9391-F1E8FAA964C5} -> Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

{90120000-001F-0407-0000-0000000FF1CE} -> Microsoft Office Proof (German) 2007

{90120000-001F-0407-0000-0000000FF1CE}_PROPLUS_{A0516415-ED61-419A-981D-93596DA74165} -> Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

{90120000-001F-0409-0000-0000000FF1CE} -> Microsoft Office Proof (English) 2007

{90120000-001F-0409-0000-0000000FF1CE}_PROPLUS_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045} -> Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

{90120000-001F-040C-0000-0000000FF1CE} -> Microsoft Office Proof (French) 2007

{90120000-001F-040C-0000-0000000FF1CE}_PROPLUS_{F580DDD5-8D37-4998-968E-EBB76BB86787} -> Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

{90120000-001F-0413-0000-0000000FF1CE} -> Microsoft Office Proof (Dutch) 2007

{90120000-001F-0413-0000-0000000FF1CE}_PROPLUS_{D66D5A44-E480-4BA4-B4F2-C554F6B30EBB} -> Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

{90120000-001F-0C0A-0000-0000000FF1CE} -> Microsoft Office Proof (Spanish) 2007

{90120000-001F-0C0A-0000-0000000FF1CE}_PROPLUS_{187308AB-5FA7-4F14-9AB9-D290383A10D9} -> Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

{90120000-002C-040C-0000-0000000FF1CE} -> Microsoft Office Proofing (French) 2007

{90120000-0044-040C-0000-0000000FF1CE} -> Microsoft Office InfoPath MUI (French) 2007

{90120000-0044-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C} -> Microsoft Office 2007 Service Pack 2 (SP2)

{90120000-006E-040C-0000-0000000FF1CE} -> Microsoft Office Shared MUI (French) 2007

{90120000-006E-040C-0000-0000000FF1CE}_PROPLUS_{B165D3C2-40AE-4D39-86F7-E5C87C4264C0} -> Microsoft Office 2007 Service Pack 2 (SP2)

{931AB7EA-3656-4BB7-864D-022B09E3DD67} -> Adobe Linguistics CS4

{94D398EB-D2FD-4FD1-B8C4-592635E8A191} -> Adobe CMaps CS4

{95120000-00B9-0409-0000-0000000FF1CE} -> Microsoft Application Error Reporting

{95120000-0122-040C-0000-0000000FF1CE} -> Microsoft Office Outlook Connector

{981FB376-8418-4EA8-BBED-9DE5AA63E7D5} -> SkinsHP1

{9901E703-D169-7139-1EA3-11AA788D09E6} -> EA Download Manager UI

{9A25302D-30C0-39D9-BD6F-21E6EC160475} -> Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

{9A394342-4A68-4EBA-85A6-55B559F4E700} -> Microsoft .NET Framework 1.1 French Language Pack

{9CB2512B-3EC4-43DF-8002-46BDAB5EDD1B} -> QuickProjects

{9EEBF8D5-8712-4D1D-88F4-4CDC2D270BC3} -> PrintScreen

{A1062847-0846-427A-92A1-BB8251A91E91} -> HP PSC & OfficeJet 4.2

{A1DCC235-DACC-4E1F-8D11-D630634B4AEF} -> PhotoGallery

{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7} -> Segoe UI

{A2500497-FD32-493e-B8E5-28D6728DBEF5} -> Readme

{A2BCA9F1-566C-4805-97D1-7FDC93386723} -> Adobe AIR

{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7} -> Microsoft .NET Framework 3.0 Service Pack 2

{A429C2AE-EBF1-4F81-A221-1C115CAADDAD} -> QuickTime

{A4EA3AB4-E78C-4286-96DF-26035507CE55} -> AiO_Scan

{A92A4DB0-CD37-42D1-BE1D-603D53C24328} -> Utilitaire d'identification du processeur Intel®

{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} -> Google Update Helper

{AADEA55D-C834-4BCB-98A3-4B8D1C18F4EE} -> Apple Mobile Device Support

{AC76BA86-1033-F400-7760-000000000002} -> Adobe Acrobat 7.0 Professional - English, Français, Deutsch

{B131E59D-202C-43C6-84C9-68F0C37541F1} -> Galerie de photos Windows Live

{B29AD377-CC12-490A-A480-1452337C618D} -> Connect

{B32C75F2-7495-4D01-9431-C11E97D66F8C} -> DocProc

{B3BC9DB1-0B0A-48B0-B86B-EA77CAA7F800} -> Microsoft Corporation

{B3D5D4E0-E965-41C4-ABFD-A7B1AD0663C2} -> Director

{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1 -> Spybot - Search & Destroy

{B45D9FEE-1AF4-46F3-9A83-2545F81547F5} -> CreativeProjectsTemplates

{B56D5B09-C4FB-4EA0-8EAD-7BC3E2715A2D} -> DocumentViewer

{B7050CBDB2504B34BC2A9CA0A692CC29} -> DivX Web Player

{B74D4E10-6884-0000-0000-000000000103} -> Adobe Bridge 1.0

{BB4E33EC-8181-4685-96F7-8554293DEC6A} -> Adobe Output Module

{BCC992E5-5C81-4066-9B55-03DC10B24D21} -> InstantShare

{BD64AF4A-8C80-4152-AD77-FCDDF05208AB} -> Microsoft Sync Framework Services Native v1.0 (x86)

{BF018D2F-C788-4AB1-AB95-1280EAB8F13E} -> TrayApp

{C05D8CDB-417D-4335-A38C-A0659EDFD6B8} -> Les Sims™ 3

{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} -> Microsoft .NET Framework 2.0 Service Pack 2

{C52E3EC1-048C-45E1-8D53-10B0C6509683} -> Adobe Default Language CS4

{C5C1C0F0-D62F-4DBF-81D4-D7EF397C228B} -> NVIDIA PhysX

{CADDE354-C78C-46CB-A006-E2B178EFC271} -> Rise Of Legends

{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} -> Microsoft .NET Framework 1.1

{CC75AB5C-2110-4A7F-AF52-708680D22FE8} -> Photoshop Camera Raw

{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA} -> SUPERAntiSpyware Free Edition

{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} -> Microsoft .NET Framework 3.5 SP1

{D103C4BA-F905-437A-8049-DB24763BBE36} -> Skype™ 4.1

{D5D81435-B8DE-4CAF-867F-7998F2B92CFC} -> Windows Live Contrôle parental

{D7E7EC5E-4349-4E40-B37C-4342188B86EC} -> Monopoly

{DA34FE93-5DC5-48E0-ACC8-A5389E05BB51} -> iTunes

{DCE8CD14-FBF5-4464-B9A4-E18E473546C7} -> Assistant de connexion Windows Live

{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1 -> Auslogics Disk Defrag

{E21658D0-8C83-4ADD-937B-6ED07F335ABA} -> 1310Tour

{E280923D-C5D9-4728-8C79-AC9A0DC75875} -> BioShock

{E2DFE069-083E-4631-9B6C-43C48E991DE5} -> Junk Mail filter update

{E3E71D07-CD27-46CB-8448-16D4FB29AA13} -> Microsoft WSE 3.0 Runtime

{E90BEB5B-CFA0-418E-9ABB-4C4A7B0D9483} -> 1310_Help

{E9787678-119F-4D52-B551-6739B2B22101} -> Adobe Help Center 1.0

{E9F81423-211E-46B6-9AE0-38568BC5CF6F} -> Alcohol 120%

{EC8673DA-F96B-497E-B2DB-BC7B029FD680} -> BufferChm

{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8} -> Microsoft SQL Server 2005 Compact Edition [ENU]

{F0E12BBA-AD66-4022-A453-A1C8A0C4D570} -> Microsoft Choice Guard

{F0E64E2E-3A60-40D8-A55D-92F6831875DA} -> Adobe Search for Help

{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC} -> Realtek High Definition Audio Driver

{F29B21BD-CAA6-445F-8EF7-A7E2B9D8B14E} -> Logitech SetPoint

{F4F47155-5B4D-42AA-97F8-490BC52EA7F3} -> Destinations

{F65787F3-B356-45EC-8DD0-0E6758EDBCEE} -> WebReg

{F7D27C70-90F5-49B9-B188-0A133C0CE353} -> Windows Live Toolbar

{F8EF2B3F-C345-4F20-8FE4-791A20333CD5} -> Adobe ExtendScript Toolkit CS4

{F93C84A6-0DC6-42AF-89FA-776F7C377353} -> Adobe PDF Library Files CS4

{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794} -> Adobe Fonts All

{FF26F7EA-BCEE-478C-9A1B-6B4F88717D73} -> CueTour

3Planesoft Screensaver Manager_is1 -> 3Planesoft Screensaver Manager 1.1

Adobe Acrobat 7.0 Professional - EFG -> Adobe Acrobat 7.1.0 Professional - English, Français, Deutsch

Adobe AIR -> Adobe AIR

Adobe Flash Player ActiveX -> Adobe Flash Player 10 ActiveX

Adobe Flash Player Plugin -> Adobe Flash Player 10 Plugin

Adobe Photoshop CS2 - {236BB7C4-4419-42FD-040C-1E257A25E34D} -> Adobe Photoshop CS2

Adobe_2a31ae7a5c43ff52d8577782dd34e04 -> Adobe Illustrator CS4

Ancient Castle 3D Screensaver_is1 -> Ancient Castle 3D Screensaver 1.1

avast5 -> avast! Free Antivirus

AVGantiRootkit -> AVG Anti-Rootkit Free

Avira AntiVir Desktop -> Avira AntiVir Personal - Free Antivirus

CCleaner -> CCleaner

Christmas 3D Screensaver_is1 -> Christmas 3D Screensaver 1.0

com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1 -> Adobe Media Player

com.ea.Vault.919CACB699904AC5D41B606703500DD39747C02D.1 -> EA Download Manager UI

CopyTrans Suite -> CopyTrans Suite désinstallation uniquement

Discovery 3D Screensaver_is1 -> Discovery 3D Screensaver 1.1

DVDFab (Platinum/Gold/HD Decrypter) (Option: Mobile) 5_is1 -> DVDFab (Platinum/Gold/HD Decrypter) (Option: Mobile) 5.1.2.2

EA Download Manager -> EA Download Manager

ElectriCalm 3D Screensaver_is1 -> ElectriCalm 3D Screensaver 2.52

eMule -> eMule

Fantastic Flame Screensaver -> Fantastic Flame Screensaver

Fantasy Moon 3D Screensaver_is1 -> Fantasy Moon 3D Screensaver 1.3

Fireplace 3D Screensaver_is1 -> Fireplace 3D Screensaver 1.0

FormatFactory -> FormatFactory 2.20

Free Mp3 Wma Converter_is1 -> Free Mp3 Wma Converter V 1.81

Halloween 3D Screensaver_is1 -> Halloween 3D Screensaver 1.1

HP Photo & Imaging -> HP Image Zone 4.2

IDNMitigationAPIs -> Microsoft Internationalized Domain Names Mitigation APIs

ie8 -> Windows Internet Explorer 8

InstallShield_{CADDE354-C78C-46CB-A006-E2B178EFC271} -> Rise Of Legends

IrfanView -> IrfanView (remove only)

Koi Fish 3D Screensaver_is1 -> Koi Fish 3D Screensaver 1.0

Lagoon 3D Screensaver_is1 -> Lagoon 3D Screensaver 1.0

LimeWire -> LimeWire 5.2.13

Malwarebytes' Anti-Malware_is1 -> Malwarebytes' Anti-Malware

Marvell Miniport Driver -> Marvell Miniport Driver

Messenger Plus! Live -> Messenger Plus! Live

Microsoft .NET Framework 1.1 (1033) -> Microsoft .NET Framework 1.1

Microsoft .NET Framework 3.5 SP1 -> Microsoft .NET Framework 3.5 SP1

Mozilla Firefox (3.5. -> Mozilla Firefox (3.5.

MSCompPackV1 -> Microsoft Compression Client Pack 1.0 for Windows XP

mv61xxDriver -> marvell 61xx

Nature 3D Screensaver_is1 -> Nature 3D Screensaver 1.1

NLSDownlevelMapping -> Microsoft National Language Support Downlevel APIs

NVIDIA Drivers -> NVIDIA Drivers

NVIDIA nView Desktop Manager -> NVIDIA nView Desktop Manager

Photo To Sketch_is1 -> Photo To Sketch 3.51

PROPLUS -> Microsoft Office Professional Plus 2007

SeaStorm 3D Screensaver_is1 -> SeaStorm 3D Screensaver 1.5

Spirit of Fire 3D Screensaver_is1 -> Spirit of Fire 3D Screensaver 2.4

UltraISO_is1 -> UltraISO V7.65 ME

Vérification Internet -> Vérification Internet

VLC media player -> VLC media player 1.0.3

Watermill 3D Screensaver_is1 -> Watermill 3D Screensaver 2.0

Wdf01005 -> Microsoft Kernel-Mode Driver Framework Feature Pack 1.5

Windows Media Format Runtime -> Windows Media Format 11 runtime

Windows Media Player -> Lecteur Windows Media 11

WinGimp-2.0_is1 -> GIMP 2.6.6

WinLiveSuite_Wave3 -> Installation Windows Live

WinRAR archiver -> Archiveur WinRAR

WMFDist11 -> Windows Media Format 11 runtime

wmp11 -> Windows Media Player 11

Wudf01000 -> Microsoft User-Mode Driver Framework Feature Pack 1.0

XpsEPSC -> XML Paper Specification Shared Components Pack 1.0

< Uninstall List [HKEY_USERS\S-1-5-21-790525478-789336058-682003330-1003\] > -> HKEY_USERS\S-1-5-21-790525478-789336058-682003330-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ ->

< EventViewer Logs - Last 10 Errors > -> Event Information -> Description

Application [ Error ] 2009-10-07 20:40:44 Computer Name = NATHALIE | Source = Application Error | ID = 1000 -> Description = Application défaillante iexplore.exe, version 8.0.6001.18702, module défaillant flash10c.ocx, version 10.0.32.18, adresse de défaillance 0x001e1ba6.

OSession [ Error ] 2009-08-14 14:05:40 Computer Name = NATHALIE | Source = Microsoft Office 12 Sessions | ID = 7001 -> Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6504.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 13989 seconds with 540 seconds of active time. This session ended with a crash.

OSession [ Error ] 2009-11-19 17:36:42 Computer Name = NATHALIE | Source = Microsoft Office 12 Sessions | ID = 7001 -> Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 566 seconds with 180 seconds of active time. This session ended with a crash.

OSession [ Error ] 2009-11-19 18:55:10 Computer Name = NATHALIE | Source = Microsoft Office 12 Sessions | ID = 7001 -> Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 750 seconds with 240 seconds of active time. This session ended with a crash.

OSession [ Error ] 2010-02-04 11:22:15 Computer Name = NATHALIE | Source = Microsoft Office 12 Sessions | ID = 7001 -> Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 11 seconds with 0 seconds of active time. This session ended with a crash.

OSession [ Error ] 2010-02-10 19:55:33 Computer Name = NATHALIE | Source = Microsoft Office 12 Sessions | ID = 7001 -> Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 18 seconds with 0 seconds of active time. This session ended with a crash.

OSession [ Error ] 2010-02-15 10:26:25 Computer Name = NATHALIE | Source = Microsoft Office 12 Sessions | ID = 7001 -> Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 10 seconds with 0 seconds of active time. This session ended with a crash.

OSession [ Error ] 2010-02-15 10:26:38 Computer Name = NATHALIE | Source = Microsoft Office 12 Sessions | ID = 7001 -> Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 9 seconds with 0 seconds of active time. This session ended with a crash.

OSession [ Error ] 2010-02-15 20:51:51 Computer Name = NATHALIE | Source = Microsoft Office 12 Sessions | ID = 7001 -> Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 9 seconds with 0 seconds of active time. This session ended with a crash.

OSession [ Error ] 2010-02-16 11:19:53 Computer Name = NATHALIE | Source = Microsoft Office 12 Sessions | ID = 7001 -> Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 8 seconds with 0 seconds of active time. This session ended with a crash.

System [ Error ] 2010-03-03 18:03:40 Computer Name = NATHALIE | Source = Service Control Manager | ID = 7022 -> Description = Le service MSCamSvc est en attente de démarrage.

System [ Error ] 2010-03-03 18:03:40 Computer Name = NATHALIE | Source = Service Control Manager | ID = 7026 -> Description = Le pilote de démarrage système ou d'amorçage suivant n'a pas pu se charger : sptd

System [ Error ] 2010-03-03 18:47:26 Computer Name = NATHALIE | Source = sptd | ID = 262148 -> Description = Le pilote a détecté une erreur interne dans ses structures de données pour .

System [ Error ] 2010-03-03 18:48:23 Computer Name = NATHALIE | Source = PlugPlayManager | ID = 12 -> Description = Le périphérique 'HL-DT-ST DVD-RAM GH22NS30' (IDE\CdRomHL-DT-ST_DVD-RAM_GH22NS30_______________1.00____\5&1c8e9bfe&0&0.0.0) a disparu du système sans que sa suppression ait tout d'abord été préparée.

System [ Error ] 2010-03-03 18:48:35 Computer Name = NATHALIE | Source = Service Control Manager | ID = 7022 -> Description = Le service MSCamSvc est en attente de démarrage.

System [ Error ] 2010-03-03 18:48:35 Computer Name = NATHALIE | Source = Service Control Manager | ID = 7026 -> Description = Le pilote de démarrage système ou d'amorçage suivant n'a pas pu se charger : sptd

System [ Error ] 2010-03-03 20:35:13 Computer Name = NATHALIE | Source = Service Control Manager | ID = 7011 -> Description = Délai (30000 millisecondes) d'attente pour une réponse du service AntiVirSchedulerService à une transaction.

System [ Error ] 2010-03-03 20:36:55 Computer Name = NATHALIE | Source = sptd | ID = 262148 -> Description = Le pilote a détecté une erreur interne dans ses structures de données pour .

System [ Error ] 2010-03-03 20:38:51 Computer Name = NATHALIE | Source = Service Control Manager | ID = 7022 -> Description = Le service MSCamSvc est en attente de démarrage.

System [ Error ] 2010-03-03 20:38:51 Computer Name = NATHALIE | Source = Service Control Manager | ID = 7026 -> Description = Le pilote de démarrage système ou d'amorçage suivant n'a pas pu se charger : sptd

[Files/Folders - Created Within 60 Days]

OTS.exe -> C:\Documents and Settings\MicroC\Bureau\OTS.exe -> [2010-03-03 19:38:37 | 000,634,368 | ---- | C] (OldTimer Tools)

RECYCLER -> C:\RECYCLER -> [2010-02-21 01:41:24 | 000,000,000 | -HSD | C]

ayoye.exe -> C:\Documents and Settings\MicroC\Bureau\ayoye.exe -> [2010-02-21 00:42:41 | 000,218,112 | ---- | C] (Soeperman Enterprises Ltd.)

mise jour -> C:\Documents and Settings\MicroC\Bureau\mise jour -> [2010-02-21 00:11:18 | 000,000,000 | ---D | C]

rsit -> C:\rsit -> [2010-02-20 14:09:33 | 000,000,000 | ---D | C]

avipbb.sys -> C:\WINDOWS\System32\drivers\avipbb.sys -> [2010-02-20 13:23:17 | 000,096,104 | ---- | C] (Avira GmbH)

avgntdd.sys -> C:\WINDOWS\System32\drivers\avgntdd.sys -> [2010-02-20 13:23:17 | 000,045,416 | ---- | C] (Avira GmbH)

avgntmgr.sys -> C:\WINDOWS\System32\drivers\avgntmgr.sys -> [2010-02-20 13:23:17 | 000,022,360 | ---- | C] (Avira GmbH)

ssmdrv.sys -> C:\WINDOWS\System32\drivers\ssmdrv.sys -> [2010-02-20 13:23:16 | 000,028,520 | ---- | C] (Avira GmbH)

Avira -> C:\Program Files\Avira -> [2010-02-20 13:23:15 | 000,000,000 | ---D | C]

Avira -> C:\Documents and Settings\All Users\Application Data\Avira -> [2010-02-20 13:23:15 | 000,000,000 | ---D | C]

Nogash22840N -> C:\Nogash22840N -> [2010-02-20 12:10:18 | 000,000,000 | ---D | C]

FyK -> C:\FyK -> [2010-02-20 10:57:42 | 000,000,000 | ---D | C]

AvgArCln.sys -> C:\WINDOWS\System32\drivers\AvgArCln.sys -> [2010-02-19 21:13:52 | 000,003,968 | ---- | C] (GRISOFT, s.r.o.)

GRISOFT -> C:\Program Files\GRISOFT -> [2010-02-19 21:13:51 | 000,000,000 | ---D | C]

CA3222A28ED77778283ED6F386E44AE1 -> C:\Documents and Settings\MicroC\Application Data\CA3222A28ED77778283ED6F386E44AE1 -> [2010-02-19 20:09:15 | 000,000,000 | ---D | C]

Adobe AIR -> C:\Program Files\Fichiers communs\Adobe AIR -> [2010-02-19 12:32:17 | 000,000,000 | ---D | C]

directx -> C:\Program Files\directx -> [2010-02-17 19:05:17 | 000,000,000 | ---D | C]

Infogrames -> C:\Program Files\Infogrames -> [2010-02-17 19:04:38 | 000,000,000 | ---D | C]

DAEMON Tools Toolbar -> C:\Program Files\DAEMON Tools Toolbar -> [2010-02-17 18:59:46 | 000,000,000 | ---D | C]

DAEMON Tools Lite -> C:\Program Files\DAEMON Tools Lite -> [2010-02-17 18:59:37 | 000,000,000 | ---D | C]

Conduit -> C:\Program Files\Conduit -> [2010-02-17 16:53:29 | 000,000,000 | ---D | C]

Conduit -> C:\Documents and Settings\MicroC\Local Settings\Application Data\Conduit -> [2010-02-17 16:53:29 | 000,000,000 | ---D | C]

IVCsoft -> C:\Program Files\IVCsoft -> [2010-02-17 16:37:12 | 000,000,000 | ---D | C]

FLV to AVI MPEG WMV 3GP MP4 iPod Converter -> C:\Program Files\FLV to AVI MPEG WMV 3GP MP4 iPod Converter -> [2010-02-17 16:30:51 | 000,000,000 | ---D | C]

vlc -> C:\Documents and Settings\MicroC\Application Data\vlc -> [2010-02-06 14:17:02 | 000,000,000 | ---D | C]

xtremsplit_xtremsplit_1.2_francais_14862.exe -> C:\Documents and Settings\MicroC\Bureau\xtremsplit_xtremsplit_1.2_francais_14862.exe -> [2010-02-06 11:39:20 | 000,305,664 | ---- | C] (Inekman)

NeroVision -> C:\Documents and Settings\MicroC\Mes documents\NeroVision -> [2010-02-01 18:01:03 | 000,000,000 | ---D | C]

truetransparency-crystalxp.net-fr-5139 -> C:\Documents and Settings\MicroC\Bureau\truetransparency-crystalxp.net-fr-5139 -> [2010-01-31 22:32:54 | 000,000,000 | ---D | C]

Recent -> C:\Documents and Settings\MicroC\Recent -> [2010-01-31 20:08:58 | 000,000,000 | -HSD | C]

Macromedia -> C:\Documents and Settings\NetworkService\Application Data\Macromedia -> [2010-01-31 16:52:07 | 000,000,000 | ---D | M]

Adobe -> C:\Documents and Settings\NetworkService\Application Data\Adobe -> [2010-01-31 16:51:19 | 000,000,000 | ---D | M]

Microsoft -> C:\Documents and Settings\NetworkService\Application Data\Microsoft -> [2010-01-31 16:50:09 | 000,000,000 | --SD | M]

Anno 1404 -> C:\Documents and Settings\MicroC\Mes documents\Anno 1404 -> [2010-01-23 13:36:45 | 000,000,000 | ---D | C]

TEMP -> C:\Documents and Settings\All Users\Application Data\TEMP -> [2010-01-22 08:12:53 | 000,000,000 | ---D | C]

SUPERAntiSpyware.com -> C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com -> [2010-01-21 16:20:10 | 000,000,000 | ---D | C]

SUPERAntiSpyware.com -> C:\Documents and Settings\MicroC\Application Data\SUPERAntiSpyware.com -> [2010-01-21 16:20:05 | 000,000,000 | ---D | C]

SUPERAntiSpyware -> C:\Program Files\SUPERAntiSpyware -> [2010-01-21 16:20:05 | 000,000,000 | ---D | C]

Spybot - Search & Destroy -> C:\Program Files\Spybot - Search & Destroy -> [2010-01-21 13:50:42 | 000,000,000 | ---D | C]

Spybot - Search & Destroy -> C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy -> [2010-01-21 13:50:42 | 000,000,000 | ---D | C]

MSNCleaner -> C:\MSNCleaner -> [2010-01-21 13:47:36 | 000,000,000 | ---D | C]

MSNFix -> C:\Program Files\MSNFix -> [2010-01-21 13:30:08 | 000,000,000 | ---D | C]

Trend Micro -> C:\Program Files\Trend Micro -> [2010-01-21 13:07:09 | 000,000,000 | ---D | C]

CSC -> C:\WINDOWS\CSC -> [2010-01-21 08:40:19 | 000,000,000 | ---D | C]

Microsoft -> C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft -> [2010-01-21 03:00:30 | 000,000,000 | ---D | M]

Alwil Software -> C:\Documents and Settings\All Users\Application Data\Alwil Software -> [2010-01-20 09:58:10 | 000,000,000 | ---D | C]

Downloads -> C:\Documents and Settings\MicroC\Mes documents\Downloads -> [2010-01-17 22:56:40 | 000,000,000 | ---D | C]

skypePM -> C:\Documents and Settings\MicroC\Application Data\skypePM -> [2010-01-17 22:56:23 | 000,000,000 | ---D | C]

Skype -> C:\Documents and Settings\MicroC\Application Data\Skype -> [2010-01-17 22:50:51 | 000,000,000 | ---D | C]

Skype -> C:\Program Files\Fichiers communs\Skype -> [2010-01-17 22:50:25 | 000,000,000 | ---D | C]

Skype -> C:\Program Files\Skype -> [2010-01-17 22:50:22 | 000,000,000 | R--D | C]

Skype -> C:\Documents and Settings\All Users\Application Data\Skype -> [2010-01-17 22:50:05 | 000,000,000 | ---D | C]

DAEMON Tools Lite -> C:\Documents and Settings\MicroC\Application Data\DAEMON Tools Lite -> [2010-01-17 18:55:35 | 000,000,000 | ---D | C]

DAEMON Tools Lite -> C:\Documents and Settings\All Users\Application Data\DAEMON Tools Lite -> [2010-01-17 00:39:47 | 000,000,000 | ---D | C]

fssfltr_tdi.sys -> C:\WINDOWS\System32\drivers\fssfltr_tdi.sys -> [2010-01-13 16:41:08 | 000,054,752 | ---- | C] (Microsoft Corporation)

Microsoft -> C:\Documents and Settings\LocalService\Application Data\Microsoft -> [2010-01-06 21:21:43 | 000,000,000 | --SD | M]

Adobe -> C:\Documents and Settings\LocalService\Application Data\Adobe -> [2010-01-06 21:21:09 | 000,000,000 | ---D | M]

Malwarebytes -> C:\Documents and Settings\MicroC\Application Data\Malwarebytes -> [2010-01-06 21:11:25 | 000,000,000 | ---D | C]

cmdcons -> C:\cmdcons -> [2010-01-06 20:42:28 | 000,000,000 | RHSD | C]

SWXCACLS.exe -> C:\WINDOWS\SWXCACLS.exe -> [2010-01-06 20:41:03 | 000,212,480 | ---- | C] (SteelWerX)

SWREG.exe -> C:\WINDOWS\SWREG.exe -> [2010-01-06 20:41:03 | 000,161,792 | ---- | C] (SteelWerX)

SWSC.exe -> C:\WINDOWS\SWSC.exe -> [2010-01-06 20:41:03 | 000,136,704 | ---- | C] (SteelWerX)

NIRCMD.exe -> C:\WINDOWS\NIRCMD.exe -> [2010-01-06 20:41:03 | 000,031,232 | ---- | C] (NirSoft)

ERDNT -> C:\WINDOWS\ERDNT -> [2010-01-06 20:40:51 | 000,000,000 | ---D | C]

Nogash -> C:\Nogash -> [2010-01-06 20:37:55 | 000,000,000 | ---D | C]

Qoobox -> C:\Qoobox -> [2010-01-06 20:37:38 | 000,000,000 | ---D | C]

avgntflt.sys -> C:\WINDOWS\System32\drivers\avgntflt.sys -> [2010-01-06 20:23:00 | 000,056,816 | ---- | C] (Avira GmbH)

mbamswissarmy.sys -> C:\WINDOWS\System32\drivers\mbamswissarmy.sys -> [2010-01-06 20:19:33 | 000,038,224 | ---- | C] (Malwarebytes Corporation)

mbam.sys -> C:\WINDOWS\System32\drivers\mbam.sys -> [2010-01-06 20:19:32 | 000,019,160 | ---- | C] (Malwarebytes Corporation)

Malwarebytes' Anti-Malware -> C:\Program Files\Malwarebytes' Anti-Malware -> [2010-01-06 20:19:32 | 000,000,000 | ---D | C]

Malwarebytes -> C:\Documents and Settings\All Users\Application Data\Malwarebytes -> [2010-01-06 20:19:32 | 000,000,000 | ---D | C]

Druide -> C:\Documents and Settings\MicroC\Application Data\Druide -> [2010-01-06 15:38:03 | 000,000,000 | ---D | C]

Druide -> C:\Program Files\Druide -> [2010-01-06 15:37:36 | 000,000,000 | ---D | C]

Google -> C:\Documents and Settings\NetworkService\Local Settings\Application Data\Google -> [2009-07-22 11:34:10 | 000,000,000 | ---D | M]

Google -> C:\Documents and Settings\LocalService\Local Settings\Application Data\Google -> [2009-07-20 21:56:47 | 000,000,000 | ---D | M]

a347bus.sys -> C:\WINDOWS\System32\drivers\a347bus.sys -> [2009-01-20 20:56:10 | 000,160,640 | ---- | C] ( )

a347scsi.sys -> C:\WINDOWS\System32\drivers\a347scsi.sys -> [2009-01-20 20:56:10 | 000,005,248 | ---- | C] ( )

Microsoft -> C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft -> [2008-10-04 06:22:37 | 000,000,000 | ---D | M]

8 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp ->

1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp ->

[Files/Folders - Modified Within 60 Days]

wpa.dbl -> C:\WINDOWS\System32\wpa.dbl -> [2010-03-03 19:38:51 | 000,013,646 | ---- | M] ()

NvApps.xml -> C:\WINDOWS\System32\NvApps.xml -> [2010-03-03 19:37:23 | 000,272,291 | ---- | M] ()

GoogleUpdateTaskMachineCore.job -> C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job -> [2010-03-03 19:37:11 | 000,001,050 | ---- | M] ()

GoogleUpdateTaskMachineUA.job -> C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job -> [2010-03-03 19:37:02 | 000,001,054 | ---- | M] ()

SA.DAT -> C:\WINDOWS\tasks\SA.DAT -> [2010-03-03 19:37:02 | 000,000,006 | -H-- | M] ()

bootstat.dat -> C:\WINDOWS\bootstat.dat -> [2010-03-03 19:36:54 | 000,002,048 | --S- | M] ()

OTS.exe -> C:\Documents and Settings\MicroC\Bureau\OTS.exe -> [2010-03-03 19:31:04 | 000,634,368 | ---- | M] (OldTimer Tools)

User_Feed_Synchronization-{8927F947-F6BD-4135-8544-6D7C02CB2EAB}.job -> C:\WINDOWS\tasks\User_Feed_Synchronization-{8927F947-F6BD-4135-8544-6D7C02CB2EAB}.job -> [2010-03-03 17:30:15 | 000,000,434 | -H-- | M] ()

gmer.zip -> C:\Documents and Settings\MicroC\Bureau\gmer.zip -> [2010-03-03 17:25:22 | 000,284,915 | ---- | M] ()

NTUSER.DAT -> C:\Documents and Settings\MicroC\NTUSER.DAT -> [2010-03-03 16:58:00 | 021,233,664 | -H-- | M] ()

system.ini -> C:\WINDOWS\system.ini -> [2010-02-21 01:32:34 | 000,000,227 | ---- | M] ()

Avira AntiVir Control Center.lnk -> C:\Documents and Settings\All Users\Bureau\Avira AntiVir Control Center.lnk -> [2010-02-21 00:08:17 | 000,001,707 | ---- | M] ()

Nogash.exe -> C:\Documents and Settings\MicroC\Bureau\Nogash.exe -> [2010-02-20 13:31:44 | 003,866,210 | R--- | M] ()

personal_fr.exe -> C:\Documents and Settings\MicroC\Bureau\personal_fr.exe -> [2010-02-20 13:13:40 | 030,991,480 | ---- | M] ()

Cabo1R2S3I4T.exe -> C:\Documents and Settings\MicroC\Bureau\Cabo1R2S3I4T.exe -> [2010-02-20 12:06:02 | 000,781,909 | ---- | M] ()

CONFIG.NT -> C:\WINDOWS\System32\CONFIG.NT -> [2010-02-20 11:41:42 | 000,003,072 | ---- | M] ()

ntuser.ini -> C:\Documents and Settings\MicroC\ntuser.ini -> [2010-02-20 11:17:27 | 000,000,184 | -HS- | M] ()

lsrslt.ini -> C:\WINDOWS\lsrslt.ini -> [2010-02-20 11:17:13 | 000,002,816 | ---- | M] ()

Setup.exe -> C:\Documents and Settings\MicroC\Bureau\Setup.exe -> [2010-02-20 10:57:34 | 001,376,066 | ---- | M] ()

AVG Anti-Rootkit Free.lnk -> C:\Documents and Settings\All Users\Bureau\AVG Anti-Rootkit Free.lnk -> [2010-02-19 21:13:53 | 000,000,828 | ---- | M] ()

mosaique sur mesh.flv -> C:\Documents and Settings\MicroC\Bureau\mosaique sur mesh.flv -> [2010-02-19 19:12:35 | 023,751,453 | ---- | M] ()

Mosaique.flv -> C:\Documents and Settings\MicroC\Bureau\Mosaique.flv -> [2010-02-19 17:08:44 | 009,984,703 | ---- | M] ()

EA Download Manager.lnk -> C:\Documents and Settings\All Users\Bureau\EA Download Manager.lnk -> [2010-02-19 12:33:04 | 000,001,907 | ---- | M] ()

_MSRSTRT.EXE -> C:\WINDOWS\_MSRSTRT.EXE -> [2010-02-19 12:27:29 | 000,002,560 | ---- | M] ()

d3d9caps.dat -> C:\WINDOWS\System32\d3d9caps.dat -> [2010-02-18 17:29:15 | 000,000,664 | ---- | M] ()

iTunes.lnk -> C:\Documents and Settings\All Users\Bureau\iTunes.lnk -> [2010-02-18 17:06:43 | 000,002,137 | ---- | M] ()

Monopoly.lnk -> C:\Documents and Settings\All Users\Bureau\Monopoly.lnk -> [2010-02-17 19:04:38 | 000,001,507 | ---- | M] ()

sptd.sys -> C:\WINDOWS\System32\drivers\sptd.sys -> [2010-02-17 18:59:39 | 000,691,696 | ---- | M] (Duplex Secure Ltd.)

DAEMON Tools Lite.lnk -> C:\Documents and Settings\All Users\Bureau\DAEMON Tools Lite.lnk -> [2010-02-17 18:59:39 | 000,001,613 | ---- | M] ()

Format Factory.lnk -> C:\Documents and Settings\MicroC\Bureau\Format Factory.lnk -> [2010-02-17 16:52:58 | 000,000,851 | ---- | M] ()

2- Nouvel ordre Mondial.mp4 -> C:\Documents and Settings\MicroC\Bureau\2- Nouvel ordre Mondial.mp4 -> [2010-02-17 16:49:23 | 011,729,636 | ---- | M] ()

Internet Video Converter 2.50 fr.lnk -> C:\Documents and Settings\MicroC\Bureau\Internet Video Converter 2.50 fr.lnk -> [2010-02-17 16:37:17 | 000,001,119 | ---- | M] ()

1- Nouvel ordre Mondial.mp4 -> C:\Documents and Settings\MicroC\Bureau\1- Nouvel ordre Mondial.mp4 -> [2010-02-17 16:32:05 | 009,834,696 | ---- | M] ()

5 - Porté par les anges.mp4 -> C:\Documents and Settings\MicroC\Bureau\5 - Porté par les anges.mp4 -> [2010-02-17 16:31:20 | 052,002,694 | ---- | M] ()

4 - Porté par les anges.mp4 -> C:\Documents and Settings\MicroC\Bureau\4 - Porté par les anges.mp4 -> [2010-02-17 16:28:21 | 049,229,541 | ---- | M] ()

Walk-in - Questions.mpeg -> C:\Documents and Settings\MicroC\Bureau\Walk-in - Questions.mpeg -> [2010-02-17 16:23:13 | 023,228,421 | ---- | M] ()

le peuple animal - Question.mpeg -> C:\Documents and Settings\MicroC\Bureau\le peuple animal - Question.mpeg -> [2010-02-17 16:20:56 | 020,469,820 | ---- | M] ()

3 - Rupture de contrat.mp4 -> C:\Documents and Settings\MicroC\Bureau\3 - Rupture de contrat.mp4 -> [2010-02-17 16:15:08 | 019,354,556 | ---- | M] ()

3 - Porté par les anges.mp4 -> C:\Documents and Settings\MicroC\Bureau\3 - Porté par les anges.mp4 -> [2010-02-17 16:14:43 | 055,912,315 | ---- | M] ()

1 - Rupture de contrat.mp4 -> C:\Documents and Settings\MicroC\Bureau\1 - Rupture de contrat.mp4 -> [2010-02-17 16:12:20 | 031,337,446 | ---- | M] ()

2 - Rupture de contrat.mp4 -> C:\Documents and Settings\MicroC\Bureau\2 - Rupture de contrat.mp4 -> [2010-02-17 16:08:40 | 018,296,143 | ---- | M] ()

2 - Porté par les anges.mp4 -> C:\Documents and Settings\MicroC\Bureau\2 - Porté par les anges.mp4 -> [2010-02-17 15:59:17 | 049,817,243 | ---- | M] ()

1 - Porté par les anges.mp4 -> C:\Documents and Settings\MicroC\Bureau\1 - Porté par les anges.mp4 -> [2010-02-17 15:42:52 | 046,712,904 | ---- | M] ()

imsins.BAK -> C:\WINDOWS\imsins.BAK -> [2010-02-10 03:02:47 | 000,001,374 | ---- | M] ()

5498-50.pdf -> C:\Documents and Settings\MicroC\Bureau\5498-50.pdf -> [2010-02-09 18:24:04 | 000,219,223 | ---- | M] ()

4951-2338-Procurat.pdf -> C:\Documents and Settings\MicroC\Bureau\4951-2338-Procurat.pdf -> [2010-02-09 18:14:25 | 000,003,554 | ---- | M] ()

Walk-in.mpeg -> C:\Documents and Settings\MicroC\Bureau\Walk-in.mpeg -> [2010-02-08 20:06:24 | 024,238,537 | ---- | M] ()

Le peuple animal.mpeg -> C:\Documents and Settings\MicroC\Bureau\Le peuple animal.mpeg -> [2010-02-08 19:40:33 | 027,149,415 | ---- | M] ()

vlc-1.0.5-win32.exe -> C:\Documents and Settings\MicroC\Mes documents\vlc-1.0.5-win32.exe -> [2010-02-06 14:35:23 | 018,499,623 | ---- | M] ()

VLC media player.lnk -> C:\Documents and Settings\All Users\Bureau\VLC media player.lnk -> [2010-02-06 14:16:32 | 000,000,719 | ---- | M] ()

NeroDigital.ini -> C:\WINDOWS\NeroDigital.ini -> [2010-02-06 14:13:15 | 000,000,116 | ---- | M] ()

xtremsplit_xtremsplit_1.2_francais_14862.exe -> C:\Documents and Settings\MicroC\Bureau\xtremsplit_xtremsplit_1.2_francais_14862.exe -> [2010-02-06 11:39:26 | 000,305,664 | ---- | M] (Inekman)

Les Sims™ 3.lnk -> C:\Documents and Settings\All Users\Bureau\Les Sims™ 3.lnk -> [2010-02-05 12:26:33 | 000,001,723 | ---- | M] ()

FNTCACHE.DAT -> C:\WINDOWS\System32\FNTCACHE.DAT -> [2010-02-01 10:34:33 | 002,140,192 | ---- | M] ()

Adobe Illustrator CS4.lnk -> C:\Documents and Settings\MicroC\Bureau\Adobe Illustrator CS4.lnk -> [2010-01-31 22:14:39 | 000,001,233 | ---- | M] ()

BricoPackUninst.cmd -> C:\WINDOWS\BricoPackUninst.cmd -> [2010-01-31 21:56:16 | 000,071,326 | ---- | M] ()

BricoPackFoldersDelete.cmd -> C:\WINDOWS\BricoPackFoldersDelete.cmd -> [2010-01-31 21:56:16 | 000,005,317 | ---- | M] ()

BricoPack Wallpaper.bmp -> C:\WINDOWS\BricoPack Wallpaper.bmp -> [2010-01-31 21:56:12 | 006,912,054 | ---- | M] ()

Raccourci vers super.exe.lnk -> C:\Documents and Settings\MicroC\Bureau\Raccourci vers super.exe.lnk -> [2010-01-31 21:25:51 | 000,000,719 | ---- | M] ()

hosts -> C:\WINDOWS\System32\drivers\etc\hosts -> [2010-01-31 21:12:34 | 000,000,027 | ---- | M] ()

ghana.pdf -> C:\Documents and Settings\MicroC\Mes documents\ghana.pdf -> [2010-01-24 10:46:37 | 000,112,150 | ---- | M] ()

download.pdf -> C:\Documents and Settings\MicroC\Mes documents\download.pdf -> [2010-01-24 10:46:26 | 000,112,150 | ---- | M] ()

CCleaner.lnk -> C:\Documents and Settings\MicroC\Bureau\CCleaner.lnk -> [2010-01-21 15:03:01 | 000,001,548 | ---- | M] ()

win.ini -> C:\WINDOWS\win.ini -> [2010-01-21 13:39:52 | 000,000,637 | ---- | M] ()

boot.ini -> C:\boot.ini -> [2010-01-21 13:39:52 | 000,000,282 | RHS- | M] ()

tmp.MSNFix -> C:\WINDOWS\System32\tmp.MSNFix -> [2010-01-21 09:02:09 | 000,000,000 | ---- | M] ()

hosts.20100121-140209.backup -> C:\WINDOWS\System32\drivers\etc\hosts.20100121-140209.backup -> [2010-01-21 09:02:07 | 000,000,027 | ---- | M] ()

d3d8caps.dat -> C:\WINDOWS\System32\d3d8caps.dat -> [2010-01-21 08:53:41 | 000,000,552 | ---- | M] ()

ezsidmv.dat -> C:\WINDOWS\System32\ezsidmv.dat -> [2010-01-17 22:56:24 | 000,000,056 | -H-- | M] ()

Google Chrome.lnk -> C:\Documents and Settings\All Users\Bureau\Google Chrome.lnk -> [2010-01-17 22:51:18 | 000,001,813 | ---- | M] ()

Skype.lnk -> C:\Documents and Settings\All Users\Bureau\Skype.lnk -> [2010-01-17 22:50:26 | 000,001,878 | ---- | M] ()

Nathalie.xml -> C:\Documents and Settings\MicroC\Mes documents\Nathalie.xml -> [2010-01-17 19:36:22 | 000,142,364 | ---- | M] ()

Gym !.xml -> C:\Documents and Settings\MicroC\Mes documents\Gym !.xml -> [2010-01-17 19:36:11 | 000,100,213 | ---- | M] ()

perfh00C.dat -> C:\WINDOWS\System32\perfh00C.dat -> [2010-01-17 18:54:53 | 000,515,912 | ---- | M] ()

perfh009.dat -> C:\WINDOWS\System32\perfh009.dat -> [2010-01-17 18:54:53 | 000,445,804 | ---- | M] ()

perfc00C.dat -> C:\WINDOWS\System32\perfc00C.dat -> [2010-01-17 18:54:53 | 000,086,812 | ---- | M] ()

perfc009.dat -> C:\WINDOWS\System32\perfc009.dat -> [2010-01-17 18:54:53 | 000,072,912 | ---- | M] ()

Contacts de pensives (hotmail).ctt -> C:\Documents and Settings\MicroC\Mes documents\Contacts de pensives (hotmail).ctt -> [2010-01-13 16:23:58 | 000,002,006 | ---- | M] ()

mbamswissarmy.sys -> C:\WINDOWS\System32\drivers\mbamswissarmy.sys -> [2010-01-07 16:07:14 | 000,038,224 | ---- | M] (Malwarebytes Corporation)

mbam.sys -> C:\WINDOWS\System32\drivers\mbam.sys -> [2010-01-07 16:07:04 | 000,019,160 | ---- | M] (Malwarebytes Corporation)

MalwareBytes.lnk -> C:\Documents and Settings\MicroC\Bureau\MalwareBytes.lnk -> [2010-01-06 20:26:06 | 000,000,784 | ---- | M] ()

Antidote7.ini -> C:\WINDOWS\Antidote7.ini -> [2010-01-06 15:40:37 | 000,000,108 | ---- | M] ()

mlfcache.dat -> C:\WINDOWS\System32\mlfcache.dat -> [2010-01-06 00:51:25 | 000,049,828 | -H-- | M] ()

8 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp ->

1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp ->

[Files - No Company Name]

gmer.zip -> C:\Documents and Settings\MicroC\Bureau\gmer.zip -> [2010-03-03 17:48:29 | 000,284,915 | ---- | C] ()

gmer.exe -> C:\Documents and Settings\MicroC\Bureau\gmer.exe -> [2010-03-03 17:31:12 | 000,293,376 | ---- | C] ()

Avira AntiVir Control Center.lnk -> C:\Documents and Settings\All Users\Bureau\Avira AntiVir Control Center.lnk -> [2010-02-20 13:23:28 | 000,001,707 | ---- | C] ()

personal_fr.exe -> C:\Documents and Settings\MicroC\Bureau\personal_fr.exe -> [2010-02-20 13:21:00 | 030,991,480 | ---- | C] ()

Nogash.exe -> C:\Documents and Settings\MicroC\Bureau\Nogash.exe -> [2010-02-20 13:20:59 | 003,866,210 | R--- | C] ()

Cabo1R2S3I4T.exe -> C:\Documents and Settings\MicroC\Bureau\Cabo1R2S3I4T.exe -> [2010-02-20 13:20:59 | 000,781,909 | ---- | C] ()

lsrslt.ini -> C:\WINDOWS\lsrslt.ini -> [2010-02-20 11:00:41 | 000,002,816 | ---- | C] ()

Setup.exe -> C:\Documents and Settings\MicroC\Bureau\Setup.exe -> [2010-02-20 10:57:31 | 001,376,066 | ---- | C] ()

AVG Anti-Rootkit Free.lnk -> C:\Documents and Settings\All Users\Bureau\AVG Anti-Rootkit Free.lnk -> [2010-02-19 21:13:53 | 000,000,828 | ---- | C] ()

mosaique sur mesh.flv -> C:\Documents and Settings\MicroC\Bureau\mosaique sur mesh.flv -> [2010-02-19 19:12:34 | 023,751,453 | ---- | C] ()

Mosaique.flv -> C:\Documents and Settings\MicroC\Bureau\Mosaique.flv -> [2010-02-19 17:08:43 | 009,984,703 | ---- | C] ()

EA Download Manager.lnk -> C:\Documents and Settings\All Users\Bureau\EA Download Manager.lnk -> [2010-02-19 12:33:04 | 000,001,907 | ---- | C] ()

_MSRSTRT.EXE -> C:\WINDOWS\_MSRSTRT.EXE -> [2010-02-19 12:27:28 | 000,002,560 | ---- | C] ()

Monopoly.lnk -> C:\Documents and Settings\All Users\Bureau\Monopoly.lnk -> [2010-02-17 19:04:38 | 000,001,507 | ---- | C] ()

DAEMON Tools Lite.lnk -> C:\Documents and Settings\All Users\Bureau\DAEMON Tools Lite.lnk -> [2010-02-17 18:59:39 | 000,001,613 | ---- | C] ()

Format Factory.lnk -> C:\Documents and Settings\MicroC\Bureau\Format Factory.lnk -> [2010-02-17 16:52:58 | 000,000,851 | ---- | C] ()

2- Nouvel ordre Mondial.mp4 -> C:\Documents and Settings\MicroC\Bureau\2- Nouvel ordre Mondial.mp4 -> [2010-02-17 16:50:11 | 011,729,636 | ---- | C] ()

Internet Video Converter 2.50 fr.lnk -> C:\Documents and Settings\MicroC\Bureau\Internet Video Converter 2.50 fr.lnk -> [2010-02-17 16:37:17 | 000,001,119 | ---- | C] ()

5 - Porté par les anges.mp4 -> C:\Documents and Settings\MicroC\Bureau\5 - Porté par les anges.mp4 -> [2010-02-17 16:34:01 | 052,002,694 | ---- | C] ()

4 - Porté par les anges.mp4 -> C:\Documents and Settings\MicroC\Bureau\4 - Porté par les anges.mp4 -> [2010-02-17 16:34:01 | 049,229,541 | ---- | C] ()

1- Nouvel ordre Mondial.mp4 -> C:\Documents and Settings\MicroC\Bureau\1- Nouvel ordre Mondial.mp4 -> [2010-02-17 16:34:00 | 009,834,696 | ---- | C] ()

Walk-in - Questions.mpeg -> C:\Documents and Settings\MicroC\Bureau\Walk-in - Questions.mpeg -> [2010-02-17 16:24:01 | 023,228,421 | ---- | C] ()

le peuple animal - Question.mpeg -> C:\Documents and Settings\MicroC\Bureau\le peuple animal - Question.mpeg -> [2010-02-17 16:21:49 | 020,469,820 | ---- | C] ()

3 - Rupture de contrat.mp4 -> C:\Documents and Settings\MicroC\Bureau\3 - Rupture de contrat.mp4 -> [2010-02-17 16:15:40 | 019,354,556 | ---- | C] ()

3 - Porté par les anges.mp4 -> C:\Documents and Settings\MicroC\Bureau\3 - Porté par les anges.mp4 -> [2010-02-17 16:14:56 | 055,912,315 | ---- | C] ()

1 - Rupture de contrat.mp4 -> C:\Documents and Settings\MicroC\Bureau\1 - Rupture de contrat.mp4 -> [2010-02-17 16:12:36 | 031,337,446 | ---- | C] ()

2 - Rupture de contrat.mp4 -> C:\Documents and Settings\MicroC\Bureau\2 - Rupture de contrat.mp4 -> [2010-02-17 16:09:03 | 018,296,143 | ---- | C] ()

2 - Porté par les anges.mp4 -> C:\Documents and Settings\MicroC\Bureau\2 - Porté par les anges.mp4 -> [2010-02-17 15:59:35 | 049,817,243 | ---- | C] ()

1 - Porté par les anges.mp4 -> C:\Documents and Settings\MicroC\Bureau\1 - Porté par les anges.mp4 -> [2010-02-17 15:45:35 | 046,712,904 | ---- | C] ()

imsins.BAK -> C:\WINDOWS\imsins.BAK -> [2010-02-10 03:00:18 | 000,001,374 | ---- | C] ()

5498-50.pdf -> C:\Documents and Settings\MicroC\Bureau\5498-50.pdf -> [2010-02-09 18:24:04 | 000,219,223 | ---- | C] ()

4951-2338-Procurat.pdf -> C:\Documents and Settings\MicroC\Bureau\4951-2338-Procurat.pdf -> [2010-02-09 18:14:25 | 000,003,554 | ---- | C] ()

Walk-in.mpeg -> C:\Documents and Settings\MicroC\Bureau\Walk-in.mpeg -> [2010-02-08 20:07:33 | 024,238,537 | ---- | C] ()

Le peuple animal.mpeg -> C:\Documents and Settings\MicroC\Bureau\Le peuple animal.mpeg -> [2010-02-08 20:01:07 | 027,149,415 | ---- | C] ()

vlc-1.0.5-win32.exe -> C:\Documents and Settings\MicroC\Mes documents\vlc-1.0.5-win32.exe -> [2010-02-06 14:18:13 | 018,499,623 | ---- | C] ()

Les Sims™ 3.lnk -> C:\Documents and Settings\All Users\Bureau\Les Sims™ 3.lnk -> [2010-02-05 12:26:33 | 000,001,723 | ---- | C] ()

Adobe Illustrator CS4.lnk -> C:\Documents and Settings\MicroC\Bureau\Adobe Illustrator CS4.lnk -> [2010-01-31 22:14:39 | 000,001,233 | ---- | C] ()

BricoPackFoldersDelete.cmd -> C:\WINDOWS\BricoPackFoldersDelete.cmd -> [2010-01-31 21:55:14 | 000,005,317 | ---- | C] ()

Raccourci vers super.exe.lnk -> C:\Documents and Settings\MicroC\Bureau\Raccourci vers super.exe.lnk -> [2010-01-31 21:25:51 | 000,000,719 | ---- | C] ()

ghana.pdf -> C:\Documents and Settings\MicroC\Mes documents\ghana.pdf -> [2010-01-24 10:46:37 | 000,112,150 | ---- | C] ()

download.pdf -> C:\Documents and Settings\MicroC\Mes documents\download.pdf -> [2010-01-24 10:46:26 | 000,112,150 | ---- | C] ()

d3d8caps.dat -> C:\WINDOWS\System32\d3d8caps.dat -> [2010-01-21 08:53:41 | 000,000,552 | ---- | C] ()

ezsidmv.dat -> C:\WINDOWS\System32\ezsidmv.dat -> [2010-01-17 22:56:24 | 000,000,056 | -H-- | C] ()

Google Chrome.lnk -> C:\Documents and Settings\All Users\Bureau\Google Chrome.lnk -> [2010-01-17 22:51:18 | 000,001,813 | ---- | C] ()

Skype.lnk -> C:\Documents and Settings\All Users\Bureau\Skype.lnk -> [2010-01-17 22:50:26 | 000,001,878 | ---- | C] ()

Nathalie.xml -> C:\Documents and Settings\MicroC\Mes documents\Nathalie.xml -> [2010-01-17 19:36:11 | 000,142,364 | ---- | C] ()

Gym !.xml -> C:\Documents and Settings\MicroC\Mes documents\Gym !.xml -> [2010-01-17 19:36:11 | 000,100,213 | ---- | C] ()

Contacts de pensives (hotmail).ctt -> C:\Documents and Settings\MicroC\Mes documents\Contacts de pensives (hotmail).ctt -> [2010-01-13 16:23:58 | 000,002,006 | ---- | C] ()

Boot.bak -> C:\Boot.bak -> [2010-01-06 20:42:38 | 000,000,212 | ---- | C] ()

cmldr -> C:\cmldr -> [2010-01-06 20:42:29 | 000,263,488 | ---- | C] ()

PEV.exe -> C:\WINDOWS\PEV.exe -> [2010-01-06 20:41:03 | 000,261,632 | ---- | C] ()

sed.exe -> C:\WINDOWS\sed.exe -> [2010-01-06 20:41:03 | 000,098,816 | ---- | C] ()

grep.exe -> C:\WINDOWS\grep.exe -> [2010-01-06 20:41:03 | 000,080,412 | ---- | C] ()

MBR.exe -> C:\WINDOWS\MBR.exe -> [2010-01-06 20:41:03 | 000,077,312 | ---- | C] ()

zip.exe -> C:\WINDOWS\zip.exe -> [2010-01-06 20:41:03 | 000,068,096 | ---- | C] ()

MalwareBytes.lnk -> C:\Documents and Settings\MicroC\Bureau\MalwareBytes.lnk -> [2010-01-06 20:26:06 | 000,000,784 | ---- | C] ()

tmp.MSNFix -> C:\WINDOWS\System32\tmp.MSNFix -> [2010-01-06 20:10:54 | 000,000,000 | ---- | C] ()

Antidote7.ini -> C:\WINDOWS\Antidote7.ini -> [2010-01-06 15:38:26 | 000,000,108 | ---- | C] ()

MegaManager.INI -> C:\WINDOWS\MegaManager.INI -> [2009-11-28 22:34:06 | 000,000,050 | ---- | C] ()

FontCache3.0.0.0.dat -> C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat -> [2009-11-07 11:33:00 | 000,269,488 | ---- | C] ()

lame_enc.dll -> C:\WINDOWS\System32\lame_enc.dll -> [2009-09-27 09:45:36 | 000,484,352 | ---- | C] ()

physxcudart_20.dll -> C:\WINDOWS\System32\physxcudart_20.dll -> [2009-08-03 00:21:54 | 000,197,912 | ---- | C] ()

AgCPanelTraditionalChinese.dll -> C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll -> [2009-08-03 00:21:54 | 000,058,648 | ---- | C] ()

AgCPanelSwedish.dll -> C:\WINDOWS\System32\AgCPanelSwedish.dll -> [2009-08-03 00:21:54 | 000,058,648 | ---- | C] ()

AgCPanelSpanish.dll -> C:\WINDOWS\System32\AgCPanelSpanish.dll -> [2009-08-03 00:21:54 | 000,058,648 | ---- | C] ()

AgCPanelSimplifiedChinese.dll -> C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll -> [2009-08-03 00:21:54 | 000,058,648 | ---- | C] ()

AgCPanelPortugese.dll -> C:\WINDOWS\System32\AgCPanelPortugese.dll -> [2009-08-03 00:21:54 | 000,058,648 | ---- | C] ()

AgCPanelKorean.dll -> C:\WINDOWS\System32\AgCPanelKorean.dll -> [2009-08-03 00:21:54 | 000,058,648 | ---- | C] ()

AgCPanelJapanese.dll -> C:\WINDOWS\System32\AgCPanelJapanese.dll -> [2009-08-03 00:21:54 | 000,058,648 | ---- | C] ()

AgCPanelGerman.dll -> C:\WINDOWS\System32\AgCPanelGerman.dll -> [2009-08-03 00:21:52 | 000,058,648 | ---- | C] ()

AgCPanelFrench.dll -> C:\WINDOWS\System32\AgCPanelFrench.dll -> [2009-08-03 00:21:52 | 000,058,648 | ---- | C] ()

VX3000.ini -> C:\WINDOWS\VX3000.ini -> [2009-06-26 16:21:02 | 000,015,498 | ---- | C] ()

winsusrm.dll -> C:\WINDOWS\System32\winsusrm.dll -> [2009-02-18 19:20:36 | 000,000,264 | ---- | C] ()

winsusrx.dll -> C:\WINDOWS\System32\winsusrx.dll -> [2009-02-18 19:20:36 | 000,000,120 | ---- | C] ()

Tracer.dll -> C:\WINDOWS\System32\Tracer.dll -> [2009-02-18 19:20:24 | 000,151,552 | ---- | C] ()

SheriffNet.dll -> C:\WINDOWS\System32\SheriffNet.dll -> [2009-02-18 19:20:24 | 000,118,784 | ---- | C] ()

atksgt.sys -> C:\WINDOWS\System32\drivers\atksgt.sys -> [2009-01-23 18:47:45 | 000,281,760 | ---- | C] ()

lirsgt.sys -> C:\WINDOWS\System32\drivers\lirsgt.sys -> [2009-01-23 18:47:44 | 000,025,888 | ---- | C] ()

PhotoSnapViewer.INI -> C:\WINDOWS\PhotoSnapViewer.INI -> [2008-12-21 18:25:55 | 000,000,151 | ---- | C] ()

NeroDigital.ini -> C:\WINDOWS\NeroDigital.ini -> [2008-12-09 20:50:47 | 000,000,116 | ---- | C] ()

psisdecd.dll -> C:\WINDOWS\System32\psisdecd.dll -> [2008-10-17 19:20:22 | 000,354,816 | ---- | C] ()

Fantastic Flame Screensaver.ini -> C:\WINDOWS\Fantastic Flame Screensaver.ini -> [2008-10-04 19:13:08 | 000,000,580 | ---- | C] ()

BASSMOD.dll -> C:\WINDOWS\System32\BASSMOD.dll -> [2008-10-03 17:04:10 | 000,009,728 | ---- | C] ()

AsIO.dll -> C:\WINDOWS\System32\AsIO.dll -> [2008-09-30 22:32:55 | 000,024,576 | R--- | C] ()

AsIO.sys -> C:\WINDOWS\System32\drivers\AsIO.sys -> [2008-09-30 22:32:55 | 000,012,400 | R--- | C] ()

AsInsHelp64.sys -> C:\WINDOWS\System32\drivers\AsInsHelp64.sys -> [2008-09-30 22:32:53 | 000,011,832 | ---- | C] ()

AsInsHelp32.sys -> C:\WINDOWS\System32\drivers\AsInsHelp32.sys -> [2008-09-30 22:32:53 | 000,010,216 | ---- | C] ()

Ascd_log.ini -> C:\WINDOWS\Ascd_log.ini -> [2008-09-30 22:22:19 | 000,031,291 | ---- | C] ()

Ascd_tmp.ini -> C:\WINDOWS\Ascd_tmp.ini -> [2008-09-30 22:22:09 | 000,030,985 | ---- | C] ()

ASACPI.sys -> C:\WINDOWS\System32\drivers\ASACPI.sys -> [2008-09-30 22:22:08 | 000,005,810 | R--- | C] ()

ASUSHWIO.SYS -> C:\WINDOWS\System32\drivers\ASUSHWIO.SYS -> [2008-09-30 22:22:01 | 000,012,536 | ---- | C] ()

lgfwup.ini -> C:\WINDOWS\lgfwup.ini -> [2008-09-30 12:03:30 | 000,000,000 | ---- | C] ()

nvnt4cpl.dll-nv2734 -> C:\WINDOWS\System32\nvnt4cpl.dll-nv2734 -> [2008-01-03 09:26:00 | 000,286,720 | ---- | C] ()

yk51x86.sys -> C:\WINDOWS\System32\drivers\yk51x86.sys -> [2007-08-15 03:22:00 | 000,298,752 | ---- | C] ()

GlobalUserInterface.CompositeFont -> C:\WINDOWS\Fonts\GlobalUserInterface.CompositeFont -> [2006-06-29 13:58:52 | 000,030,808 | ---- | C] ()

GlobalSansSerif.CompositeFont -> C:\WINDOWS\Fonts\GlobalSansSerif.CompositeFont -> [2006-06-29 13:53:56 | 000,026,489 | ---- | C] ()

GlobalSerif.CompositeFont -> C:\WINDOWS\Fonts\GlobalSerif.CompositeFont -> [2006-04-18 14:39:28 | 000,029,779 | ---- | C] ()

GlobalMonospace.CompositeFont -> C:\WINDOWS\Fonts\GlobalMonospace.CompositeFont -> [2006-04-18 14:39:28 | 000,026,040 | ---- | C] ()

fgexec.dll -> C:\WINDOWS\fgexec.dll -> [2005-02-05 15:46:00 | 000,004,608 | ---- | C] ()

[Alternate Data Streams]

@Alternate Data Stream - 115 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:A8ADE5D8

@Alternate Data Stream - 138 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2

@Alternate Data Stream - 16 bytes -> C:\Documents and Settings\MicroC\Mes documents\Shareaza Downloads:Shareaza.GUID

< End of report >

[/code]