Aller au contenu

  • Pas encore inscrit ?

    Pourquoi ne pas vous inscrire ? C'est simple, rapide et gratuit.
    Pour en savoir plus, lisez Les avantages de l'inscription... et la Charte de Zébulon.
    De plus, les messages que vous postez en tant qu'invité restent invisibles tant qu'un modérateur ne les a pas validés. Inscrivez-vous, ce sera un gain de temps pour tout le monde, vous, les helpeurs et les modérateurs ! :wink:

RESOLU - pages de pub s'ouvrant seules

sio

Par sio
dans Analyses et éradication malwares

 Partager

Messages recommandés

sio Member

sio

Posté(e)
Posté(e) (modifié)

bonsoir,

depuis quelques temps des pages de pub s'ouvrent seules. Elles sont marquées "kdo.com" et "100%gratuit". Elles s'ouvrent toutes seules (même l'ordi en veille toute la nuit).

 

J'ai stoppé AVAST et installé ANTIVIR : rien trouvé.

 

voici le rapport HIJACKTHIS

----------------------------------------------------

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 22:34:00, on 11/01/2011

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v8.00 (8.00.6001.18702)

Boot mode: Normal

 

Running processes:

C:\windows\System32\smss.exe

C:\windows\system32\winlogon.exe

C:\windows\system32\services.exe

C:\windows\system32\lsass.exe

C:\Program Files\Emsisoft Anti-Malware\a2service.exe

C:\windows\system32\Ati2evxx.exe

C:\windows\system32\svchost.exe

C:\windows\System32\svchost.exe

C:\windows\system32\Ati2evxx.exe

C:\windows\system32\svchost.exe

C:\Program Files\Alwil Software\Avast5\AvastSvc.exe

C:\windows\system32\spoolsv.exe

C:\WINDOWS\system32\drivers\CDAC11BA.EXE

C:\WINDOWS\System32\FTRTSVC.exe

C:\Program Files\Java\jre6\bin\jqs.exe

C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe

C:\windows\system32\lxdecoms.exe

C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE

C:\Program Files\NDAS\System\ndassvc.exe

C:\windows\BackupIP\service.exe

C:\windows\Explorer.EXE

C:\windows\System32\svchost.exe

C:\Program Files\Alwil Software\Avast5\avastUI.exe

C:\program files\real\realplayer\update\realsched.exe

C:\windows\Dit.exe

C:\Program Files\HACE\Mmm\Mmm.exe

C:\windows\system32\ctfmon.exe

C:\Program Files\sTabLauncher\sTabLauncher.exe

C:\Program Files\cacaoweb\cacaoweb.exe

C:\PROGRA~1\Wanadoo\GestionnaireInternet.exe

C:\PROGRA~1\Wanadoo\ComComp.exe

C:\PROGRA~1\Wanadoo\Toaster.exe

C:\PROGRA~1\Wanadoo\Inactivity.exe

C:\PROGRA~1\Wanadoo\PollingModule.exe

C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE

C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe

C:\PROGRA~1\Wanadoo\Watch.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Program Files\Mozilla Firefox\plugin-container.exe

C:\Documents and Settings\franhemapau\Mes documents\Téléchargements\avira_antivir_personal_free(2).exe

C:\DOCUME~1\FRANHE~1\LOCALS~1\Temp\RarSFX0\presetup.exe

C:\DOCUME~1\FRANHE~1\LOCALS~1\Temp\RarSFX0\setup.exe

C:\Program Files\Avira\AntiVir Desktop\avguard.exe

C:\Program Files\Avira\AntiVir Desktop\avshadow.exe

C:\Program Files\Avira\AntiVir Desktop\sched.exe

C:\Program Files\Avira\AntiVir Desktop\avgnt.exe

C:\Program Files\Avira\AntiVir Desktop\avconfig.exe

C:\Program Files\Avira\AntiVir Desktop\avcenter.exe

c:\program files\avira\antivir desktop\avscan.exe

C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN : Hotmail, Messenger, Bing, Actualité et Sport

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN : Hotmail, Messenger, Bing, Actualité et Sport

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Orange

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens

R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll

O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

O4 - HKLM\..\Run: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [TkBellExe] "C:\program files\real\realplayer\update\realsched.exe" -osboot

O4 - HKLM\..\Run: [a-squared] "C:\PROGRAM FILES\EMSISOFT ANTI-MALWARE\a2guard.exe" /d=60

O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min

O4 - HKCU\..\Run: [Mmm] "C:\Program Files\HACE\Mmm\Mmm.exe"

O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|PARAM= cnx

O4 - HKCU\..\Run: [ctfmon.exe] C:\windows\system32\ctfmon.exe

O4 - HKCU\..\Run: [sTabLauncher] C:\Program Files\sTabLauncher\sTabLauncher.exe

O4 - HKCU\..\Run: [cacaoweb] "C:\Program Files\cacaoweb\cacaoweb.exe" -noplayer

O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\S-1-5-18\..\RunOnce: [WUAppSetup] C:\Program Files\Fichiers communs\logishrd\WUApp32.exe -v 0x046d -p 0x08d9 -f video -m logitech -d 11.80.1048.0 (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')

O4 - HKUS\.DEFAULT\..\RunOnce: [WUAppSetup] C:\Program Files\Fichiers communs\logishrd\WUApp32.exe -v 0x046d -p 0x08d9 -f video -m logitech -d 11.80.1048.0 (User 'Default user')

O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\windows\system32\GPhotos.scr/200

O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000

O8 - Extra context menu item: Ouvrir le cadre dans une nouvelle fenêtre - C:\WINDOWS\web\OpenFrame.htm

O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL

O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\windows\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\windows\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll

O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll

O16 - DPF: {474F00F5-3853-492C-AC3A-476512BBC336} (UploadListView Class) - http://picasaweb.google.com/s/v/25.20/uploader2.cab

O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} (Image Uploader Control) - http://www.mypix.com/fr/fr/fw_model/domain/library/aurigma/ImageUploader5.cab

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1155907452812

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553542500} - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

O16 - DPF: {EDFCB7CB-942C-4822-AF14-F0B687409848} (Image Uploader Control) - http://www.mypix.fr/fr/fr/importer/ImageUploader4.cab

O23 - Service: Emsisoft Anti-Malware 5.0 - Service (a2AntiMalware) - Emsi Software GmbH - C:\Program Files\Emsisoft Anti-Malware\a2service.exe

O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe

O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe

O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\windows\system32\Ati2evxx.exe

O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe

O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe

O23 - Service: avast! Mail Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe

O23 - Service: avast! Web Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe

O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE

O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe

O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe

O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe

O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe

O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\SrvLnch\SrvLnch.exe

O23 - Service: lxdeCATSCustConnectService - Lexmark International, Inc. - C:\windows\System32\spool\DRIVERS\W32X86\3\\lxdeserv.exe

O23 - Service: lxde_device - - C:\windows\system32\lxdecoms.exe

O23 - Service: NDAS Service (ndassvc) - XIMETA, Inc. - C:\Program Files\NDAS\System\ndassvc.exe

O23 - Service: NMIndexingService - Unknown owner - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe (file missing)

O23 - Service: Backup IP Network (sdmBackupIP) - Unknown owner - C:\windows\BackupIP\service.exe

 

--

End of file - 10564 bytes

 

 

d'avance merci à vous ! :super:

Modifié par sio

jeanmimigab Extrem Member

jeanmimigab

Posté(e)
Posté(e)

Bonsoir et bienvenu sur Zébulon...

 

Fais cela stp...

 

* Télécharge >> OTL <<sur ton bureau.

 

* Fait un double-clic sur l'icône d'OTL pour le lancer

 

* Assure toi d'avoir fermé toutes les applications en court de fonctionnement.

 

* Quand la fenêtre d'OTL apparaît, assure toi que dans la section "Rapport" (en haut à droite) la case "rapport minimal " soit cochée.

 

* Coches les case situées devant "Tous les utilisateurs", " Recherche LOP" et "Recherche Purity".

 

* Copier et colle le contenue de cette citation dans la partie inférieure d'OTL "personnalisation"

 

NetSvcs

%systemroot%\system32\drivers\*.sys /lockedfiles

msconfig

safebootminimal

safebootnetwork

activex

drivers32

%ALLUSERSPROFILE%\Application Data\*.

%ALLUSERSPROFILE%\Application Data\*.exe /s

%APPDATA%\*.

%APPDATA%\*.exe /s

%SYSTEMDRIVE%\*.exe

netsvcs

%SYSTEMDRIVE%\*.exe

/md5start

explorer.exe

userinit.exe

winlogon.exe

wininit.exe

tcpip.sys

Sfloppy.sys

Changer.sys

cdrom.sys

disk.sys

ndis.sys

usbscan.sys

usbprint.sys

tdtcp.sys

tdpipe.sys

swmidi.sys

splitter.sys

rdpwd.sys

eventlog.dll

scecli.dll

netlogon.dll

cngaudit.dll

sceclt.dll

ntelogon.dll

logevent.dll

RASACD.SYS

iaStor.sys

nvstor.sys

atapi.sys

IdeChnDr.sys

viasraid.sys

AGP440.sys

vaxscsi.sys

nvatabus.sys

viamraid.sys

nvata.sys

nvgts.sys

iastorv.sys

ViPrt.sys

eNetHook.dll

ahcix86.sys

KR10N.sys

nvstor32.sys

ahcix86s.sys

nvrd32.sys

/md5stop

%systemroot%\*. /mp /s

%systemroot%\system32\*.dll /lockedfiles

%systemroot%\Tasks\*.job /lockedfiles

 

* Cliques sur l'icône "Analyse" (en haut à gauche) .

* Laisse le scan aller à son terme sans te servir du PC

* A la fin du scan deux rapports vont s'ouvrir "OTL.Txt" et ( ou ) "Extras.Txt"( réduit dans la barre des taches).

* Copie et colle les rapports dans ta réponse stp...

* Au cas où, tu peux les retrouver dans le dossier C:\OTL

sio Member

sio

Posté(e)
  • Auteur
Posté(e)

OTL logfile created on: 11/01/2011 22:42:34 - Run 1

OTL by OldTimer - Version 3.2.20.1 Folder = C:\Documents and Settings\franhemapau\Bureau

Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 8.0.6001.18702)

Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

 

2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 67,00% Memory free

3,00 Gb Paging File | 3,00 Gb Available in Paging File | 80,00% Paging File free

Paging file location(s): C:\pagefile.sys 1536 1536 [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files

Drive C: | 55,89 Gb Total Space | 4,74 Gb Free Space | 8,49% Space Free | Partition Type: NTFS

Drive D: | 55,90 Gb Total Space | 48,80 Gb Free Space | 87,30% Space Free | Partition Type: NTFS

Drive E: | 232,88 Gb Total Space | 66,04 Gb Free Space | 28,36% Space Free | Partition Type: NTFS

Drive F: | 634,76 Gb Total Space | 92,28 Gb Free Space | 14,54% Space Free | Partition Type: NTFS

Drive G: | 195,31 Gb Total Space | 28,82 Gb Free Space | 14,76% Space Free | Partition Type: NTFS

Drive H: | 48,83 Gb Total Space | 15,11 Gb Free Space | 30,94% Space Free | Partition Type: NTFS

Drive I: | 52,61 Gb Total Space | 10,95 Gb Free Space | 20,81% Space Free | Partition Type: NTFS

 

Computer Name: SALON | User Name: franhemapau | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: All users

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

 

========== Processes (SafeList) ==========

 

PRC - C:\Documents and Settings\franhemapau\Bureau\OTL.exe (OldTimer Tools)

PRC - C:\Program Files\Emsisoft Anti-Malware\a2service.exe (Emsi Software GmbH)

PRC - C:\Program Files\cacaoweb\cacaoweb.exe ()

PRC - C:\WINDOWS\BackupIP\service.exe ()

PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

PRC - C:\Program Files\Real\RealPlayer\Update\realsched.exe (RealNetworks, Inc.)

PRC - C:\Program Files\Alwil Software\Avast5\AvastUI.exe (AVAST Software)

PRC - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)

PRC - C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH)

PRC - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)

PRC - C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)

PRC - C:\Program Files\Avira\AntiVir Desktop\avshadow.exe (Avira GmbH)

PRC - C:\Program Files\HACE\Mmm\Mmm.exe ()

PRC - C:\Program Files\NDAS\System\ndassvc.exe (XIMETA, Inc.)

PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)

PRC - C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe (Logitech Inc.)

PRC - C:\WINDOWS\system32\lxdecoms.exe ( )

PRC - C:\WINDOWS\system32\drivers\CDAC11BA.EXE (Macrovision)

PRC - C:\Program Files\sTabLauncher\sTabLauncher.exe (Sergio Santos)

PRC - C:\Program Files\Wanadoo\GestionnaireInternet.exe (France Télécom R&D)

PRC - C:\Program Files\Wanadoo\ComComp.exe (France Télécom R&D)

PRC - C:\Program Files\Wanadoo\Toaster.exe (France Telecom R&D)

PRC - C:\Program Files\Wanadoo\Inactivity.exe ()

PRC - C:\Program Files\Wanadoo\PollingModule.exe ()

PRC - C:\WINDOWS\system32\AlertModule\AlertModule.exe ()

PRC - C:\WINDOWS\system32\FTRTSVC.exe (France Telecom)

PRC - C:\Program Files\Wanadoo\Watch.exe (France Télécom R&D)

PRC - C:\WINDOWS\Dit.exe (ICSI Technology Ltd.)

PRC - C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE (Microsoft Corporation)

 

 

========== Modules (SafeList) ==========

 

MOD - C:\Documents and Settings\franhemapau\Bureau\OTL.exe (OldTimer Tools)

MOD - C:\Program Files\Emsisoft Anti-Malware\a2hooks32.dll (Emsi Software GmbH)

MOD - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Chrome\Hook\rpchromebrowserrecordhelper.dll (RealNetworks, Inc.)

MOD - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll (Microsoft Corporation)

MOD - C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcr90.dll (Microsoft Corporation)

MOD - C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcp90.dll (Microsoft Corporation)

MOD - C:\Program Files\Wanadoo\Inactivity.dll ()

 

 

========== Win32 Services (SafeList) ==========

 

SRV - (Planificateur LiveUpdate automatique) -- C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe File not found

SRV - (NMIndexingService) -- C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe File not found

SRV - (HidServ) -- C:\windows\System32\hidserv.dll File not found

SRV - (a2AntiMalware) -- C:\Program Files\Emsisoft Anti-Malware\a2service.exe (Emsi Software GmbH)

SRV - (sdmBackupIP) -- C:\WINDOWS\BackupIP\service.exe ()

SRV - (avast! Web Scanner) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)

SRV - (avast! Mail Scanner) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)

SRV - (avast! Antivirus) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)

SRV - (AntiVirSchedulerService) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH)

SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)

SRV - (LVSrvLauncher) -- C:\Program Files\Fichiers communs\LogiShrd\SrvLnch\SrvLnch.exe (Logitech Inc.)

SRV - (Boonty Games) -- C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe (BOONTY)

SRV - (ndassvc) -- C:\Program Files\NDAS\System\ndassvc.exe (XIMETA, Inc.)

SRV - (LVPrcSrv) -- C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe (Logitech Inc.)

SRV - (LVCOMSer) -- C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe (Logitech Inc.)

SRV - (lxde_device) -- C:\windows\System32\lxdecoms.exe ( )

SRV - (lxdeCATSCustConnectService) -- C:\windows\System32\spool\DRIVERS\W32X86\3\\lxdeserv.exe ()

SRV - (C-DillaCdaC11BA) -- C:\WINDOWS\system32\drivers\CDAC11BA.EXE (Macrovision)

SRV - (Symantec Core LC) -- C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe (Symantec Corporation)

SRV - (IDriverT) -- C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe (Macrovision Corporation)

SRV - (FTRTSVC) -- C:\WINDOWS\system32\FTRTSVC.exe (France Telecom)

SRV - (InCDsrv) -- C:\Program Files\Ahead\InCD\incdsrv.exe (Ahead Software AG)

SRV - (ose) -- C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)

SRV - (MDM) -- C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE (Microsoft Corporation)

 

 

========== Driver Services (SafeList) ==========

 

DRV - (ZDPSp50) -- C:\windows\System32\Drivers\ZDPSp50.sys File not found

DRV - (ZDCndis5) -- C:\windows\System32\ZDCndis5.SYS File not found

DRV - (rtl8139) Pilote NT de carte Realtek PCI Fast Ethernet à base RTL8139(A/B/C) -- C:\windows\System32\DRIVERS\RTL8139.SYS File not found

DRV - (PCAMPR5) -- C:\windows\System32\PCAMPR5.SYS File not found

DRV - (ddxgb) -- C:\DOCUME~1\FRANHE~1\LOCALS~1\Temp\ddxgb.sys File not found

DRV - (CardReaderFilter) -- C:\WINDOWS\system32\drivers\USBCRFT.SYS (ICSI Technology Ltd.)

DRV - (a2acc) -- C:\Program Files\Emsisoft Anti-Malware\a2accx86.sys (Emsi Software GmbH)

DRV - (aswTdi) -- C:\windows\System32\drivers\aswTdi.sys (AVAST Software)

DRV - (aswSP) -- C:\windows\System32\drivers\aswSP.sys (AVAST Software)

DRV - (aswRdr) -- C:\windows\System32\drivers\aswRdr.sys (AVAST Software)

DRV - (aswMon2) -- C:\windows\System32\drivers\aswmon2.sys (AVAST Software)

DRV - (aswFsBlk) -- C:\windows\System32\drivers\aswFsBlk.sys (AVAST Software)

DRV - (Aavmker4) -- C:\windows\System32\drivers\aavmker4.sys (AVAST Software)

DRV - (a2injectiondriver) -- C:\Program Files\Emsisoft Anti-Malware\a2dix86.sys (Emsi Software GmbH)

DRV - (avipbb) -- C:\WINDOWS\system32\drivers\avipbb.sys (Avira GmbH)

DRV - (avgntflt) -- C:\WINDOWS\system32\drivers\avgntflt.sys (Avira GmbH)

DRV - (ssmdrv) -- C:\WINDOWS\system32\drivers\ssmdrv.sys (Avira GmbH)

DRV - (avgio) -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys (Avira GmbH)

DRV - (a2util) -- C:\Program Files\Emsisoft Anti-Malware\a2util32.sys (Emsi Software GmbH)

DRV - (cpuz132) -- C:\WINDOWS\system32\drivers\cpuz132_x32.sys (Windows ® Codename Longhorn DDK provider)

DRV - (USBModem) -- C:\WINDOWS\system32\drivers\lgusbmodem.sys (LG Electronics Inc.)

DRV - (UsbDiag) -- C:\WINDOWS\system32\drivers\lgusbdiag.sys (LG Electronics Inc.)

DRV - (usbbus) -- C:\WINDOWS\system32\drivers\lgusbbus.sys (LG Electronics Inc.)

DRV - (ati2mtag) -- C:\WINDOWS\system32\drivers\ati2mtag.sys (ATI Technologies Inc.)

DRV - (LVUSBSta) -- C:\WINDOWS\system32\drivers\LVUSBSta.sys (Logitech Inc.)

DRV - (LVRS) -- C:\WINDOWS\system32\drivers\lvrs.sys (Logitech Inc.)

DRV - (PID_PEPI) Logitech QuickCam IM(PID_PEPI) -- C:\WINDOWS\system32\drivers\LV302V32.SYS (Logitech Inc.)

DRV - (pepifilter) -- C:\WINDOWS\system32\drivers\lv302af.sys (Logitech Inc.)

DRV - (ndasrofs) -- C:\WINDOWS\system32\drivers\ndasrofs.sys (Windows ® Codename Longhorn DDK provider)

DRV - (ndasfat) -- C:\WINDOWS\system32\drivers\ndasfat.sys (XIMETA, Inc.)

DRV - (ndasfs) -- C:\windows\system32\DRIVERS\ndasfs.sys (XIMETA, Inc.)

DRV - (lfsfilt) -- C:\windows\system32\DRIVERS\lfsfilt.sys (XIMETA, Inc.)

DRV - (ndasscsi) -- C:\WINDOWS\system32\drivers\ndasscsi.sys (XIMETA, Inc.)

DRV - (ndasbus) -- C:\WINDOWS\system32\drivers\ndasbus.sys (XIMETA, Inc.)

DRV - (lpx) -- C:\windows\system32\DRIVERS\lpx.sys (XIMETA, Inc.)

DRV - (usbaudio) Pilote USB audio (WDM) -- C:\WINDOWS\system32\drivers\USBAUDIO.sys (Microsoft Corporation)

DRV - (USB_RNDIS) -- C:\WINDOWS\system32\drivers\usb8023.sys (Microsoft Corporation)

DRV - (NwlnkIpx) -- C:\WINDOWS\system32\drivers\nwlnkipx.sys (Microsoft Corporation)

DRV - (nm) -- C:\WINDOWS\system32\drivers\nmnt.sys (Microsoft Corporation)

DRV - (LVcKap) -- C:\WINDOWS\system32\drivers\Lvckap.sys (Logitech Inc.)

DRV - (LVMVDrv) -- C:\WINDOWS\system32\drivers\LVMVdrv.sys (Logitech Inc.)

DRV - (oreans32) -- C:\WINDOWS\system32\drivers\oreans32.sys ()

DRV - (CdaC15BA) -- C:\WINDOWS\system32\drivers\CdaC15BA.SYS (Macrovision Europe Ltd)

DRV - (StMp3Rec) -- C:\WINDOWS\system32\drivers\StMp3Rec.sys (Generic)

DRV - (sfvfs02) StarForce Protection VFS Driver (version 2.x) -- C:\windows\System32\drivers\sfvfs02.sys (Protection Technology (StarForce))

DRV - (symlcbrd) -- C:\WINDOWS\system32\drivers\symlcbrd.sys (Symantec Corporation)

DRV - (AX88772) -- C:\WINDOWS\system32\drivers\ax88772.sys (ASIX Electronics Corp.)

DRV - (sfsync02) StarForce Protection Synchronization Driver (version 2.x) -- C:\windows\System32\drivers\sfsync02.sys (Protection Technology)

DRV - (sfdrv01a) StarForce Protection Environment Driver (version 1.x.a) -- C:\windows\System32\drivers\sfdrv01a.sys (Protection Technology (StarForce))

DRV - (sfhlp02) StarForce Protection Helper Driver (version 2.x) -- C:\windows\System32\drivers\sfhlp02.sys (Protection Technology (StarForce))

DRV - (LVPrcMon) -- C:\WINDOWS\system32\drivers\LVPrcMon.sys ()

DRV - (PID_08A0) QuickCam IM(PID_08A0) -- C:\WINDOWS\system32\drivers\LV302AV.SYS (Logitech Inc.)

DRV - (SaiNtBus) -- C:\WINDOWS\system32\drivers\SaiBus.sys (Saitek)

DRV - (SaiMini) -- C:\WINDOWS\system32\drivers\SaiMini.sys (Saitek)

DRV - (SaiU040B) -- C:\WINDOWS\system32\drivers\SaiU040B.sys (Saitek)

DRV - (SaiH040B) -- C:\WINDOWS\system32\drivers\SaiH040B.sys (Saitek)

DRV - (SQTECH905C) -- C:\WINDOWS\system32\drivers\Capt905c.sys (Service & Quality Technology.)

DRV - (Cap713x) -- C:\WINDOWS\system32\drivers\Cap713x.sys (Philips Semiconductors)

DRV - (prohlp02) -- C:\windows\System32\drivers\prohlp02.sys (Protection Technology)

DRV - (prodrv06) -- C:\windows\System32\drivers\prodrv06.sys (Protection Technology)

DRV - (prosync1) -- C:\windows\System32\drivers\prosync1.sys (Protection Technology)

DRV - (InCDPass) -- C:\WINDOWS\system32\drivers\incdpass.sys (Ahead Software AG)

DRV - (InCDfs) -- C:\windows\System32\drivers\incdfs.sys (Ahead Software AG)

DRV - (sfhlp01) -- C:\windows\System32\drivers\sfhlp01.sys (Protection Technology)

DRV - (alcan5wn) SpeedTouch USB ADSL PPP Networking Driver (NDISWAN) -- C:\WINDOWS\system32\drivers\alcan5wn.sys (THOMSON)

DRV - (alcaudsl) -- C:\WINDOWS\system32\drivers\alcaudsl.sys (THOMSON)

DRV - (ALCXWDM) Service for Realtek AC97 Audio (WDM) -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS (Realtek Semiconductor Corp.)

DRV - (ALCXSENS) -- C:\WINDOWS\system32\drivers\ALCXSENS.SYS (Sensaura Ltd)

DRV - (RTL8023) -- C:\WINDOWS\system32\drivers\Rtlnic51.sys (Realtek Semiconductor Corporation )

DRV - (PCANDIS5) -- C:\WINDOWS\system32\PCANDIS5.SYS (Printing Communications Assoc., Inc. (PCAUSA))

DRV - (NwlnkNb) -- C:\WINDOWS\system32\drivers\nwlnknb.sys (Microsoft Corporation)

DRV - (NwlnkSpx) -- C:\WINDOWS\system32\drivers\nwlnkspx.sys (Microsoft Corporation)

DRV - (ASPI32) -- C:\WINDOWS\system32\drivers\aspi32.sys (Adaptec)

DRV - (HIDSwvd) -- C:\WINDOWS\system32\drivers\HIDSwvd.sys (Microsoft Corporation)

 

 

========== Standard Registry (SafeList) ==========

 

 

========== Internet Explorer ==========

 

 

 

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

IE - HKU\S-1-5-21-1935655697-484061587-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = Google Toolbar

IE - HKU\S-1-5-21-1935655697-484061587-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = Google

IE - HKU\S-1-5-21-1935655697-484061587-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Google

IE - HKU\S-1-5-21-1935655697-484061587-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = Google Toolbar

IE - HKU\S-1-5-21-1935655697-484061587-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = Google Toolbar

IE - HKU\S-1-5-21-1935655697-484061587-839522115-1003\..\URLSearchHook: {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\Wanadoo\SearchPageURL.dll ()

IE - HKU\S-1-5-21-1935655697-484061587-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

========== FireFox ==========

 

FF - prefs.js..extensions.enabledItems: cacaoweb@cacaoweb.org:1.0.8

FF - prefs.js..extensions.enabledItems: firefox@ghostery.com:2.4.2

FF - prefs.js..extensions.enabledItems: {c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}:4.0

FF - prefs.js..extensions.enabledItems: youtube2mp3@mondayx.de:1.0.7

FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:14.0.1

FF - prefs.js..extensions.enabledItems: collector@broceliand.fr:5.2.4

FF - prefs.js..extensions.enabledItems: {e001c731-5e37-4538-a5cb-8168736a2360}:0.9.9.52

 

FF - HKLM\software\mozilla\Firefox\Extensions\\m3ffxtbr@mywebsearch.com: C:\Program Files\MyWebSearch\bar\3.bin File not found

FF - HKLM\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2010/12/08 07:12:30 | 000,000,000 | ---D | M]

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/12/13 06:42:56 | 000,000,000 | ---D | M]

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/12/11 20:23:17 | 000,000,000 | ---D | M]

 

[2009/12/05 14:07:10 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\franhemapau\Application Data\Mozilla\Extensions

[2011/01/11 20:11:51 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\franhemapau\Application Data\Mozilla\Firefox\Profiles\f2er97tf.default\extensions

[2010/07/22 13:36:37 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\franhemapau\Application Data\Mozilla\Firefox\Profiles\f2er97tf.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}

[2010/12/12 18:38:32 | 000,000,000 | ---D | M] (Easy Youtube Video Downloader) -- C:\Documents and Settings\franhemapau\Application Data\Mozilla\Firefox\Profiles\f2er97tf.default\extensions\{c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}

[2011/01/11 20:11:46 | 000,000,000 | ---D | M] ("BitDefender QuickScan") -- C:\Documents and Settings\franhemapau\Application Data\Mozilla\Firefox\Profiles\f2er97tf.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}

[2010/09/24 18:14:29 | 000,000,000 | ---D | M] (cacaoweb) -- C:\Documents and Settings\franhemapau\Application Data\Mozilla\Firefox\Profiles\f2er97tf.default\extensions\cacaoweb@cacaoweb.org

[2011/01/04 17:58:53 | 000,000,000 | ---D | M] ("pearltrees") -- C:\Documents and Settings\franhemapau\Application Data\Mozilla\Firefox\Profiles\f2er97tf.default\extensions\collector@broceliand.fr

[2010/11/21 05:22:12 | 000,000,000 | ---D | M] (Ghostery) -- C:\Documents and Settings\franhemapau\Application Data\Mozilla\Firefox\Profiles\f2er97tf.default\extensions\firefox@ghostery.com

[2010/11/07 09:52:48 | 000,000,000 | ---D | M] (YouTube to MP3) -- C:\Documents and Settings\franhemapau\Application Data\Mozilla\Firefox\Profiles\f2er97tf.default\extensions\youtube2mp3@mondayx.de

[2009/12/05 14:06:42 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions

[2010/12/08 07:12:30 | 000,000,000 | ---D | M] (RealPlayer Browser Record Plugin) -- C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\REAL\REALPLAYER\BROWSERRECORDPLUGIN\FIREFOX\EXT

[2007/03/10 00:16:44 | 000,189,496 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npyaxmpb.dll

[2010/12/11 20:23:08 | 000,001,516 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazon-france.xml

[2010/12/11 20:23:08 | 000,001,822 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\cnrtl-tlfi-fr.xml

[2010/12/11 20:23:08 | 000,000,757 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-france.xml

[2010/12/11 20:23:08 | 000,001,426 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-fr.xml

[2010/12/11 20:23:08 | 000,000,956 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-france.xml

 

O1 HOSTS File: ([2009/10/25 23:51:56 | 000,347,207 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\hosts

O1 - Hosts: 127.0.0.1 localhost

O1 - Hosts: 127.0.0.1 www.007guard.com

O1 - Hosts: 127.0.0.1 007guard.com

O1 - Hosts: 127.0.0.1 008i.com

O1 - Hosts: 127.0.0.1 www.008k.com

O1 - Hosts: 127.0.0.1 008k.com

O1 - Hosts: 127.0.0.1 www.00hq.com

O1 - Hosts: 127.0.0.1 00hq.com

O1 - Hosts: 127.0.0.1 010402.com

O1 - Hosts: 127.0.0.1 www.032439.com

O1 - Hosts: 127.0.0.1 032439.com

O1 - Hosts: 127.0.0.1 www.0scan.com

O1 - Hosts: 127.0.0.1 0scan.com

O1 - Hosts: 127.0.0.1 www.1000gratisproben.com

O1 - Hosts: 127.0.0.1 1000gratisproben.com

O1 - Hosts: 127.0.0.1 www.1001namen.com

O1 - Hosts: 127.0.0.1 1001namen.com

O1 - Hosts: 127.0.0.1 100888290cs.com

O1 - Hosts: 127.0.0.1 www.100888290cs.com

O1 - Hosts: 127.0.0.1 100sexlinks.com

O1 - Hosts: 127.0.0.1 www.100sexlinks.com

O1 - Hosts: 127.0.0.1 10sek.com

O1 - Hosts: 127.0.0.1 www.10sek.com

O1 - Hosts: 127.0.0.1 www.1-2005-search.com

O1 - Hosts: 127.0.0.1 1-2005-search.com

O1 - Hosts: 11904 more lines...

O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)

O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)

O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)

O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - No CLSID value found.

O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.

O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - No CLSID value found.

O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.

O3 - HKU\S-1-5-21-1935655697-484061587-839522115-1003\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.

O3 - HKU\S-1-5-21-1935655697-484061587-839522115-1003\..\Toolbar\WebBrowser: (no name) - {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - No CLSID value found.

O3 - HKU\S-1-5-21-1935655697-484061587-839522115-1003\..\Toolbar\WebBrowser: (no name) - {C4069E3A-68F1-403E-B40E-20066696354B} - No CLSID value found.

O4 - HKLM..\Run: [Adobe ARM] C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)

O4 - HKLM..\Run: [a-squared] C:\PROGRAM FILES\EMSISOFT ANTI-MALWARE\a2guard.exe (Emsi Software GmbH)

O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software)

O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)

O4 - HKLM..\Run: [TkBellExe] C:\program files\real\realplayer\update\realsched.exe (RealNetworks, Inc.)

O4 - HKU\.DEFAULT..\Run: [ALUAlert] C:\Program Files\Symantec\LiveUpdate\ALUNotify.exe File not found

O4 - HKU\.DEFAULT..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe File not found

O4 - HKU\S-1-5-18..\Run: [ALUAlert] C:\Program Files\Symantec\LiveUpdate\ALUNotify.exe File not found

O4 - HKU\S-1-5-18..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe File not found

O4 - HKU\S-1-5-21-1935655697-484061587-839522115-1003..\Run: [cacaoweb] C:\Program Files\cacaoweb\cacaoweb.exe ()

O4 - HKU\S-1-5-21-1935655697-484061587-839522115-1003..\Run: [Mmm] C:\Program Files\HACE\Mmm\Mmm.exe ()

O4 - HKU\S-1-5-21-1935655697-484061587-839522115-1003..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)

O4 - HKU\S-1-5-21-1935655697-484061587-839522115-1003..\Run: [sTabLauncher] C:\Program Files\sTabLauncher\sTabLauncher.exe (Sergio Santos)

O4 - HKU\S-1-5-21-1935655697-484061587-839522115-1003..\Run: [WOOKIT] C:\Program Files\Wanadoo\Shell.exe ()

O4 - HKU\.DEFAULT..\RunOnce: [WUAppSetup] C:\Program Files\Fichiers communs\logishrd\WUApp32.exe ()

O4 - HKU\S-1-5-18..\RunOnce: [WUAppSetup] C:\Program Files\Fichiers communs\logishrd\WUApp32.exe ()

O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1

O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Restrictions present

O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Restrictions present

O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Restrictions present

O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Restrictions present

O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\S-1-5-21-1935655697-484061587-839522115-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKU\S-1-5-21-1935655697-484061587-839522115-1003\Software\Policies\Microsoft\Internet Explorer\Restrictions present

O7 - HKU\S-1-5-21-1935655697-484061587-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\windows\System32\GPhotos.scr (Google Inc.)

O8 - Extra context menu item: Ouvrir le cadre dans une nouvelle fenêtre - C:\WINDOWS\Web\OpenFrame.htm ()

O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation)

O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)

O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/3/9/8/398422c0-8d3e-40e1-a617-af65a72a0465/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool)

O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\Yinsthelper.dll (Installation Support)

O16 - DPF: {474F00F5-3853-492C-AC3A-476512BBC336} http://picasaweb.google.com/s/v/25.20/uploader2.cab (UploadListView Class)

O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} http://www.mypix.com/fr/fr/fw_model/domain/library/aurigma/ImageUploader5.cab (Image Uploader Control)

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1155907452812 (MUWebControl Class)

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)

O16 - DPF: {CAFEEFAC-0015-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_05-windows-i586.cab (Reg Error: Key error.)

O16 - DPF: {CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_09-windows-i586.cab (Reg Error: Key error.)

O16 - DPF: {CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_10-windows-i586.cab (Reg Error: Key error.)

O16 - DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab (Reg Error: Key error.)

O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab (Reg Error: Key error.)

O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab (Reg Error: Key error.)

O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Reg Error: Key error.)

O16 - DPF: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab (Reg Error: Key error.)

O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553542500} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Reg Error: Key error.)

O16 - DPF: {EDFCB7CB-942C-4822-AF14-F0B687409848} http://www.mypix.fr/fr/fr/importer/ImageUploader4.cab (Image Uploader Control)

O16 - DPF: Microsoft XML Parser for Java file:///C:/WINDOWS/Java/classes/xmldso.cab (Reg Error: Key error.)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1

O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Fichiers communs\Microsoft Shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation)

O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files\Fichiers communs\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)

O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Fichiers communs\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)

O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)

O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)

O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\windows\System32\ati2evxx.dll (ATI Technologies Inc.)

O24 - Desktop Components:0 (Ma page d'accueil) - About:Home

O24 - Desktop WallPaper: C:\Documents and Settings\franhemapau\Local Settings\Application Data\Microsoft\Wallpaper1.bmp

O24 - Desktop BackupWallPaper: C:\Documents and Settings\franhemapau\Local Settings\Application Data\Microsoft\Wallpaper1.bmp

O30 - LSA: Authentication Packages - (nwprovau) - C:\windows\System32\nwprovau.dll (Microsoft Corporation)

O32 - HKLM CDRom: AutoRun - 1

O33 - MountPoints2\{af2dc4f2-ad0f-11df-b44b-0040ca8013fe}\Shell\AutoRun\command - "" = WD_Windows_Tools\Setup.exe

O33 - MountPoints2\H\Shell\AutoRun\command - "" = H:\DmailerSync_v9_0_15109.exe -- File not found

O34 - HKLM BootExecute: (autocheck autochk *) - File not found

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

 

NetSvcs: 6to4 - File not found

NetSvcs: HidServ - C:\windows\System32\hidserv.dll File not found

NetSvcs: Ias - File not found

NetSvcs: Iprip - C:\windows\System32\iprip.dll (Microsoft Corporation)

NetSvcs: Irmon - File not found

NetSvcs: Nwsapagent - File not found

NetSvcs: WmdmPmSp - File not found

 

MsConfig - Services: "RichVideo"

MsConfig - Services: "InCDsrv"

MsConfig - Services: "Boonty Games"

MsConfig - StartUpFolder: C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Lancement rapide d'Adobe Reader.lnk - C:\PROGRA~1\Adobe\ACROBA~1.0\Reader\READER~1.EXE - File not found

MsConfig - StartUpFolder: C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Logitech Desktop Messenger.lnk - C:\PROGRA~1\Logitech\DESKTO~1\8876480\Program\LOGITE~1.EXE - File not found

MsConfig - StartUpFolder: C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^NDAS Device Management.lnk - C:\Program Files\NDAS\System\ndasmgmt.exe - (XIMETA, Inc.)

MsConfig - StartUpFolder: C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^sTabLauncher.lnk - C:\WINDOWS\Installer\{462E5968-A02C-4C0A-9F74-1C4DA758CD80}\_424294B8CE29243E7198A4.exe - ()

MsConfig - StartUpFolder: C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^WinKey.lnk - C:\Program Files\WinKey\WinKey.exe - ()

MsConfig - StartUpReg: Aim6 - hkey= - key= - C:\Program Files\AIM6\aim6.exe File not found

MsConfig - StartUpReg: ATIPTA - hkey= - key= - C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe (ATI Technologies, Inc.)

MsConfig - StartUpReg: avgnt - hkey= - key= - C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe File not found

MsConfig - StartUpReg: ccleaner - hkey= - key= - C:\Program Files\CCleaner\ccleaner.exe (Piriform Ltd)

MsConfig - StartUpReg: Easy TM Forever - hkey= - key= - C:\Program Files\Easy TM Forever\EasyTM.exe (NazguL)

MsConfig - StartUpReg: FaxCenterServer - hkey= - key= - C:\Program Files\Lexmark Fax Solutions\fm3032.exe File not found

MsConfig - StartUpReg: InCD - hkey= - key= - C:\Program Files\Ahead\InCD\InCD.exe (Ahead Software AG)

MsConfig - StartUpReg: LDM - hkey= - key= - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe File not found

MsConfig - StartUpReg: LogitechCommunicationsManager - hkey= - key= - C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe ()

MsConfig - StartUpReg: LogitechQuickCamRibbon - hkey= - key= - C:\Program Files\Logitech\QuickCam\Quickcam.exe ()

MsConfig - StartUpReg: lxdeamon - hkey= - key= - C:\Program Files\Lexmark 4800 Series\lxdeamon.exe ()

MsConfig - StartUpReg: lxdemon.exe - hkey= - key= - C:\Program Files\Lexmark 4800 Series\lxdemon.exe ()

MsConfig - StartUpReg: MigrationAnalyzer - hkey= - key= - C:\Program Files\FT_Migration\MigrationAnalyzer\MigrationAnalyzer.exe (France Telecom SA)

MsConfig - StartUpReg: MyWebSearch Email Plugin - hkey= - key= - C:\PROGRA~1\MYWEBS~1\bar\3.bin\mwsoemon.exe File not found

MsConfig - StartUpReg: NBKeyScan - hkey= - key= - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBKeyScan.exe File not found

MsConfig - StartUpReg: NeroFilterCheck - hkey= - key= - File not found

MsConfig - StartUpReg: Profiler - hkey= - key= - C:\Program Files\Saitek\Software\ProfilerU.exe (Saitek)

MsConfig - StartUpReg: QuickTime Task - hkey= - key= - C:\Program Files\QuickTime\qttask.exe (Apple Computer, Inc.)

MsConfig - StartUpReg: RemoteControl - hkey= - key= - C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe (Cyberlink Corp.)

MsConfig - StartUpReg: SaiMfd - hkey= - key= - C:\Program Files\Saitek\Software\SaiMfd.exe (Saitek)

MsConfig - StartUpReg: Shockwave Updater - hkey= - key= - File not found

MsConfig - StartUpReg: StartCCC - hkey= - key= - C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)

MsConfig - StartUpReg: SunJavaUpdateSched - hkey= - key= - C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)

MsConfig - StartUpReg: TkBellExe - hkey= - key= - C:\program files\real\realplayer\update\realsched.exe (RealNetworks, Inc.)

MsConfig - StartUpReg: WOOTASKBARICON - hkey= - key= - C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe File not found

MsConfig - State: "system.ini" - 0

MsConfig - State: "win.ini" - 0

MsConfig - State: "services" - 2

MsConfig - State: "startup" - 2

 

SafeBootMin: Base - Driver Group

SafeBootMin: Boot Bus Extender - Driver Group

SafeBootMin: Boot file system - Driver Group

SafeBootMin: File system - Driver Group

SafeBootMin: Filter - Driver Group

SafeBootMin: PCI Configuration - Driver Group

SafeBootMin: PNP Filter - Driver Group

SafeBootMin: Primary disk - Driver Group

SafeBootMin: SCSI Class - Driver Group

SafeBootMin: sermouse.sys - Driver

SafeBootMin: System Bus Extender - Driver Group

SafeBootMin: vds - Service

SafeBootMin: vga.sys - Driver

SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers

SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive

SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive

SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller

SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc

SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard

SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse

SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters

SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter

SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System

SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive

SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy

SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume

SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

 

SafeBootNet: Base - Driver Group

SafeBootNet: Boot Bus Extender - Driver Group

SafeBootNet: Boot file system - Driver Group

SafeBootNet: File system - Driver Group

SafeBootNet: Filter - Driver Group

SafeBootNet: NDIS Wrapper - Driver Group

SafeBootNet: NetBIOSGroup - Driver Group

SafeBootNet: NetDDEGroup - Driver Group

SafeBootNet: Network - Driver Group

SafeBootNet: NetworkProvider - Driver Group

SafeBootNet: nm - C:\WINDOWS\system32\drivers\nmnt.sys (Microsoft Corporation)

SafeBootNet: nm.sys - C:\WINDOWS\system32\drivers\nmnt.sys (Microsoft Corporation)

SafeBootNet: PCI Configuration - Driver Group

SafeBootNet: PNP Filter - Driver Group

SafeBootNet: PNP_TDI - Driver Group

SafeBootNet: Primary disk - Driver Group

SafeBootNet: SCSI Class - Driver Group

SafeBootNet: sermouse.sys - Driver

SafeBootNet: Streams Drivers - Driver Group

SafeBootNet: System Bus Extender - Driver Group

SafeBootNet: TDI - Driver Group

SafeBootNet: UploadMgr - Service

SafeBootNet: vga.sys - Driver

SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers

SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive

SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive

SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller

SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc

SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard

SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse

SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net

SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient

SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService

SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans

SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters

SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter

SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System

SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive

SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume

SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

 

ActiveX: {0291E591-EA41-4c82-8106-3DC6CE7F7664} - Reg Error: Value error.

ActiveX: {03F998B2-0E00-11D3-A498-00104B6EB52E} - Viewpoint Media Player

ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Microsoft VM

ActiveX: {0fde1f56-0d59-4fd7-9624-e3df6b419d0f} - IEEX

ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Rendu VML (Vector Graphics Rendering)

ActiveX: {166B1BCA-3F9C-11CF-8075-444553540000} - Macromedia Shockwave Director 10.1

ActiveX: {1B00725B-C455-4DE6-BFB6-AD540AD427CD} - Viewpoint Media Player

ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow

ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4

ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation

ActiveX: {2A202491-F00D-11cf-87CC-0020AFEECF20} - Macromedia Shockwave Director 10.1

ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll

ActiveX: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} - Reg Error: Value error.

ActiveX: {347B0667-C7ED-429B-BDE3-CC8D3BACAA31} - Reg Error: Value error.

ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Liaison de données Dynamic HTML pour Java

ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack

ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe

ActiveX: {3e7bb08a-a7a3-4692-8eac-ac5e7895755b} - KB834707

ActiveX: {3F28C128-FB64-F062-6AA8-C32441EA3631} - Lecteur Windows Media

ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Création avancée

ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install

ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT

ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow

ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015C} - Microsoft DirectX

ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx

ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help

ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - Classes Java DirectAnimation

ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6

ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser

ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW

ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools

ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements

ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player

ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access

ActiveX: {7131646D-CD3C-40F4-97B9-CD9E4E6262EF} - .NET Framework

ActiveX: {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - Dossiers Web

ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install

ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll

ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\windows\system32\ie4uinit.exe -BaseSettings

ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\windows\system32\Rundll32.exe C:\windows\system32\mscories.dll,Install

ActiveX: {8AFDCF8E-C144-C46D-6F0F-BF6BC6949A48} - Microsoft Windows Media Player 6.4

ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding

ActiveX: {B508B3F1-A24A-32C0-B310-85786919EF28} - .NET Framework

ActiveX: {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} - .NET Framework

ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts

ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Planificateur de tâches

ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1

ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Macromedia Shockwave Flash

ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help

ActiveX: {E517A643-2CDB-1B74-776F-D4BABCCAA016} - Macromedia Shockwave Director 10.1

ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface

ActiveX: <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\windows\system32\ieudinit.exe

ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\windows\inf\unregmp2.exe /ShowWMP

ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\windows\system32\ie4uinit.exe -UserIconConfig

ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\windows\system32\rundll32.exe" "C:\windows\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP

ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP

ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE

 

Drivers32: msacm.ac3acm - C:\windows\System32\ac3acm.acm (fccHandler)

Drivers32: msacm.ac3filter - C:\windows\System32\ac3filter.acm ()

Drivers32: msacm.alf2cd - C:\windows\System32\alf2cd.acm (NCT Company)

Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)

Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)

Drivers32: msacm.scg726 - C:\windows\System32\Scg726.acm (SHARP Corporation)

Drivers32: msacm.sl_anet - C:\windows\System32\sl_anet.acm (Sipro Lab Telecom Inc.)

Drivers32: msacm.trspch - C:\windows\System32\tssoft32.acm (DSP GROUP, INC.)

Drivers32: MSVideo - C:\windows\System32\vfwwdm32.dll (Microsoft Corporation)

Drivers32: MSVideo8 - C:\windows\System32\vfwwdm32.dll (Microsoft Corporation)

Drivers32: vidc.cvid - C:\windows\System32\iccvid.dll (Radius Inc.)

Drivers32: vidc.DIVX - C:\windows\System32\divx.dll (DivX, Inc.)

Drivers32: vidc.dvsd - C:\windows\System32\mcdvd_32.dll (MainConcept)

Drivers32: VIDC.FFDS - C:\windows\System32\ffdshow.ax ()

Drivers32: VIDC.I420 - C:\windows\System32\lvcodec2.dll (Logitech Inc.)

Drivers32: vidc.iv31 - C:\windows\System32\ir32_32.dll ()

Drivers32: vidc.iv32 - C:\windows\System32\ir32_32.dll ()

Drivers32: vidc.iv41 - C:\windows\System32\ir41_32.ax (Intel Corporation)

Drivers32: vidc.iv50 - C:\windows\System32\ir50_32.dll (Intel Corporation)

Drivers32: VIDC.wmv3 - C:\windows\System32\wmv9vcm.dll (Microsoft Corporation)

Drivers32: vidc.xvid - C:\windows\System32\xvidvfw.dll ()

Drivers32: vidc.yv12 - C:\windows\System32\yv12vfw.dll (www.helixcommunity.org)

 

NetSvcs: 6to4 - File not found

NetSvcs: HidServ - C:\windows\System32\hidserv.dll File not found

NetSvcs: Ias - File not found

NetSvcs: Iprip - C:\windows\System32\iprip.dll (Microsoft Corporation)

NetSvcs: Irmon - File not found

NetSvcs: Nwsapagent - File not found

NetSvcs: WmdmPmSp - File not found

 

========== Files/Folders - Created Within 30 Days ==========

 

[2011/01/11 22:37:54 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\franhemapau\Bureau\OTL.exe

[2011/01/11 22:21:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Avira

[2011/01/11 22:20:37 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\windows\System32\drivers\ssmdrv.sys

[2011/01/11 22:20:32 | 000,126,856 | ---- | C] (Avira GmbH) -- C:\windows\System32\drivers\avipbb.sys

[2011/01/11 22:20:31 | 000,060,936 | ---- | C] (Avira GmbH) -- C:\windows\System32\drivers\avgntflt.sys

[2011/01/11 22:20:31 | 000,045,416 | ---- | C] (Avira GmbH) -- C:\windows\System32\drivers\avgntdd.sys

[2011/01/11 22:20:31 | 000,022,360 | ---- | C] (Avira GmbH) -- C:\windows\System32\drivers\avgntmgr.sys

[2011/01/11 22:20:28 | 000,000,000 | ---D | C] -- C:\Program Files\Avira

[2011/01/11 22:20:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Avira

[2011/01/11 20:27:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Emsisoft Anti-Malware

[2011/01/11 20:27:23 | 000,000,000 | ---D | C] -- C:\Program Files\Emsisoft Anti-Malware

[2011/01/11 20:27:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\franhemapau\Mes documents\Anti-Malware

[2011/01/11 20:16:32 | 000,000,000 | ---D | C] -- C:\Navilog1

[2011/01/11 20:16:30 | 000,000,000 | ---D | C] -- C:\Program Files\Navilog1

[2011/01/11 20:11:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\franhemapau\Application Data\QuickScan

[2011/01/10 18:19:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Spybot - Search & Destroy

[2011/01/10 18:15:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\TEMP

[2011/01/10 18:14:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\PC Tools

[2011/01/09 12:35:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\NDAS Software

[2011/01/09 12:35:33 | 000,000,000 | ---D | C] -- C:\Program Files\NDAS

[2011/01/09 12:35:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\CyberLink PowerDirector Express

[2011/01/09 12:34:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\CyberLink PowerProducer

[2011/01/09 12:34:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Converio 2.0

[2011/01/09 12:34:54 | 000,000,000 | ---D | C] -- C:\Program Files\Converio 2.0

[2011/01/09 12:33:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\ATI

[2011/01/09 12:33:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Catalyst Control Center

[2011/01/09 12:33:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Vidéo - convertisseur SUPER

[2011/01/09 12:33:08 | 000,000,000 | ---D | C] -- C:\Program Files\MailNavigator

[2011/01/09 12:33:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis

[2011/01/09 12:33:05 | 000,000,000 | ---D | C] -- C:\Program Files\DVD Decrypter

[2011/01/09 12:33:00 | 000,000,000 | ---D | C] -- C:\windows\OPTIONS

[2011/01/09 12:32:43 | 000,000,000 | ---D | C] -- C:\Program Files\Fichiers communs\ATI Technologies

[2011/01/09 12:32:40 | 000,000,000 | ---D | C] -- C:\Program Files\RegCleaner

[2011/01/09 12:32:35 | 000,000,000 | ---D | C] -- C:\Program Files\CPUID

[2011/01/09 12:32:35 | 000,000,000 | ---D | C] -- C:\Program Files\ConvertHelper

[2011/01/09 12:32:34 | 000,000,000 | ---D | C] -- C:\Program Files\Winamp

[2011/01/09 12:32:34 | 000,000,000 | ---D | C] -- C:\Program Files\viewsonic

[2011/01/09 12:32:34 | 000,000,000 | ---D | C] -- C:\Program Files\TubeMaster++

[2011/01/09 12:32:34 | 000,000,000 | ---D | C] -- C:\Program Files\Seagate

[2011/01/09 12:32:34 | 000,000,000 | ---D | C] -- C:\Program Files\ScreenMates

[2011/01/09 12:32:34 | 000,000,000 | ---D | C] -- C:\Program Files\ReflexiveArcade

[2011/01/09 12:32:34 | 000,000,000 | ---D | C] -- C:\Program Files\PDF-Creator and PDF-Editor 2

[2011/01/09 12:32:34 | 000,000,000 | ---D | C] -- C:\Program Files\Pando Networks

[2011/01/09 12:32:34 | 000,000,000 | ---D | C] -- C:\Program Files\NirSoft

[2011/01/09 12:32:34 | 000,000,000 | ---D | C] -- C:\My Music

[2011/01/09 12:32:34 | 000,000,000 | ---D | C] -- C:\Program Files\metagenia

[2011/01/09 12:32:34 | 000,000,000 | ---D | C] -- C:\Program Files\MediaMonkey

[2011/01/09 12:32:34 | 000,000,000 | ---D | C] -- C:\Program Files\Kellogg's Asie

[2011/01/09 12:32:34 | 000,000,000 | ---D | C] -- C:\Garmin

[2011/01/09 12:32:34 | 000,000,000 | ---D | C] -- C:\Program Files\Fluendo

[2011/01/09 12:32:34 | 000,000,000 | ---D | C] -- C:\Program Files\eMule

[2011/01/09 12:32:34 | 000,000,000 | ---D | C] -- C:\Program Files\EACom

[2011/01/09 12:32:34 | 000,000,000 | ---D | C] -- C:\Program Files\DivX

[2011/01/09 12:32:33 | 000,000,000 | ---D | C] -- C:\Program Files\RozetUtil

[2011/01/09 12:08:16 | 000,000,000 | -HSD | C] -- C:\Config.Msi

[2011/01/09 09:46:09 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\franhemapau\Recent

[2011/01/09 09:26:30 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro

[2011/01/09 09:05:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\franhemapau\Application Data\Malwarebytes

[2011/01/09 09:05:26 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\windows\System32\drivers\mbamswissarmy.sys

[2011/01/09 09:05:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Malwarebytes' Anti-Malware

[2011/01/09 09:05:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes

[2011/01/09 09:05:18 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\windows\System32\drivers\mbam.sys

[2011/01/09 09:05:18 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware

[2011/01/06 18:14:05 | 000,000,000 | ---D | C] -- C:\Program Files\Mindscape

[2011/01/06 18:14:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Mindscape

[2011/01/05 15:23:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\franhemapau\Mes documents\MOBICLIC

[2011/01/01 15:55:52 | 000,191,488 | ---- | C] (ScreenTime Media) -- C:\windows\CB1300SF.scr

[2011/01/01 15:55:41 | 000,545,280 | ---- | C] (Microsoft Corporation) -- C:\windows\flashax.exe

[2011/01/01 15:55:41 | 000,000,000 | ---D | C] -- C:\windows\CB1300SF dir

[2010/12/31 12:57:00 | 000,000,000 | ---D | C] -- C:\Program Files\Installer

[2010/12/30 07:54:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\franhemapau\Local Settings\Application Data\networker

[2010/12/30 07:53:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\franhemapau\Local Settings\Application Data\assembly

[2010/12/30 07:51:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\assembly

[2010/12/29 21:32:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\franhemapau\Menu Démarrer\Programmes\Electronic Arts

[2010/12/29 21:29:46 | 000,000,000 | ---D | C] -- C:\Program Files\7-Zip

[2010/12/29 21:29:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\7-Zip

[2010/12/29 21:29:25 | 000,000,000 | ---D | C] -- C:\windows\BackupIP

[2010/12/29 21:29:21 | 000,197,632 | ---- | C] (Dino Chiesa) -- C:\windows\System32\Ionic.Zip.Reduced.dll

[2010/12/28 22:10:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\franhemapau\Application Data\widestream

[2010/12/28 22:10:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\franhemapau\Local Settings\Application Data\widestream6 Air

[2010/12/28 16:44:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\coverJuke

[2010/12/28 16:44:27 | 000,000,000 | ---D | C] -- C:\Program Files\coverJuke

[2010/12/28 14:19:19 | 000,014,640 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\spmsg.dll

[2010/12/28 12:58:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\franhemapau\Application Data\Incredible Ink

[2010/12/27 23:02:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\franhemapau\Application Data\gtk-2.0

[2010/12/19 22:46:28 | 001,843,200 | ---- | C] (NCT Company Ltd.) -- C:\windows\System32\NCTAudioFile2.dll

[2010/12/19 22:46:28 | 000,335,872 | ---- | C] (NCT Company Ltd.) -- C:\windows\System32\NCTAudioVisualization2.dll

[2010/12/19 22:46:28 | 000,311,296 | ---- | C] (NCT Company Ltd.) -- C:\windows\System32\NCTAudioRecord2.dll

[2010/12/19 22:46:28 | 000,000,000 | ---D | C] -- C:\Program Files\Free MP3 Sound Recorder

[2010/12/19 22:46:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Free MP3 Sound Recorder

[2010/12/15 14:52:09 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\dllcache\ndproxy.sys

[2010/12/15 14:51:36 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\dllcache\wab.exe

[2009/02/08 12:25:31 | 000,434,176 | ---- | C] ( ) -- C:\windows\System32\lxdehcp.dll

[2009/02/06 18:20:58 | 000,356,352 | ---- | C] ( ) -- C:\windows\System32\lxdeinpa(2).dll

[2007/05/17 19:08:58 | 000,647,168 | ---- | C] ( ) -- C:\windows\System32\lxdepmui.dll

[2007/05/17 19:06:39 | 001,200,128 | ---- | C] ( ) -- C:\windows\System32\lxdeserv.dll

[2007/05/17 19:00:32 | 000,565,248 | ---- | C] ( ) -- C:\windows\System32\lxdelmpm.dll

[2007/05/17 19:00:32 | 000,364,544 | ---- | C] ( ) -- C:\windows\System32\lxdecomm.dll

[2007/05/17 19:00:32 | 000,356,352 | ---- | C] ( ) -- C:\windows\System32\lxdeinpa.dll

[2007/05/17 18:59:33 | 000,663,552 | ---- | C] ( ) -- C:\windows\System32\lxdehbn3.dll

[2007/05/17 18:57:52 | 000,950,272 | ---- | C] ( ) -- C:\windows\System32\lxdeusb1.dll

[2007/05/17 18:56:55 | 000,860,160 | ---- | C] ( ) -- C:\windows\System32\lxdecomc.dll

[2007/05/17 18:52:56 | 000,339,968 | ---- | C] ( ) -- C:\windows\System32\lxdeiesc.dll

[2007/05/17 18:51:29 | 000,053,248 | ---- | C] ( ) -- C:\windows\System32\lxdeprox.dll

[2006/12/16 17:34:23 | 000,047,360 | ---- | C] (VSO Software) -- C:\Documents and Settings\franhemapau\Application Data\pcouffin.sys

[2004/11/26 22:16:28 | 000,347,648 | ---- | C] (Microsoft Corporation) -- C:\Program Files\mspaint.exe

[2004/11/24 19:25:52 | 000,335,872 | ---- | C] ( ) -- C:\windows\System32\drvc.dll

[9 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]

[15 C:\windows\System32\*.tmp files -> C:\windows\System32\*.tmp -> ]

 

========== Files - Modified Within 30 Days ==========

 

[2011/01/11 22:38:04 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\franhemapau\Bureau\OTL.exe

[2011/01/11 22:37:58 | 000,000,290 | ---- | M] () -- C:\windows\tasks\RealUpgradeLogonTaskS-1-5-21-1935655697-484061587-839522115-1003.job

[2011/01/11 22:37:57 | 000,000,298 | ---- | M] () -- C:\windows\tasks\RealUpgradeScheduledTaskS-1-5-21-1935655697-484061587-839522115-1003.job

[2011/01/11 22:21:03 | 000,001,719 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Avira AntiVir Control Center.lnk

[2011/01/11 22:00:24 | 000,040,616 | ---- | M] () -- C:\Documents and Settings\franhemapau\Mes documents\cc_20110111_220014.reg

[2011/01/11 21:43:08 | 000,002,623 | ---- | M] () -- C:\Documents and Settings\franhemapau\Bureau\Outlook.lnk

[2011/01/11 21:01:30 | 000,002,422 | ---- | M] () -- C:\windows\System32\wpa.dbl

[2011/01/11 21:00:06 | 000,017,408 | ---- | M] (ICSI Technology Ltd.) -- C:\windows\System32\drivers\USBCRFT.SYS

[2011/01/11 20:59:00 | 000,002,048 | --S- | M] () -- C:\windows\bootstat.dat

[2011/01/11 20:58:58 | 000,000,000 | ---- | M] () -- C:\windows\System32\ativvaxx.cap

[2011/01/11 20:27:53 | 000,000,700 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Emsisoft Anti-Malware.lnk

[2011/01/11 19:30:31 | 000,003,878 | ---- | M] () -- C:\Documents and Settings\franhemapau\intlname.ols

[2011/01/11 06:41:41 | 000,000,279 | ---- | M] () -- C:\Documents and Settings\franhemapau\Bureau\JoeBarTeam.url

[2011/01/11 06:41:26 | 000,000,273 | ---- | M] () -- C:\Documents and Settings\franhemapau\Bureau\encens.url

[2011/01/11 06:39:47 | 000,000,223 | ---- | M] () -- C:\Documents and Settings\franhemapau\Bureau\AFPA messagerie.url

[2011/01/10 18:19:39 | 000,000,963 | ---- | M] () -- C:\Documents and Settings\franhemapau\Application Data\Microsoft\Internet Explorer\Quick Launch\Spybot - Search & Destroy.lnk

[2011/01/10 18:19:39 | 000,000,945 | ---- | M] () -- C:\Documents and Settings\franhemapau\Bureau\Spybot - Search & Destroy.lnk

[2011/01/10 17:36:47 | 000,041,675 | ---- | M] () -- C:\Documents and Settings\All Users\lxde

[2011/01/09 22:48:29 | 000,089,233 | ---- | M] () -- C:\Documents and Settings\franhemapau\Mes documents\ei 1992.jpg

[2011/01/09 22:36:34 | 000,074,006 | ---- | M] () -- C:\Documents and Settings\franhemapau\Mes documents\ce1 sacre coeur 1975.jpg

[2011/01/09 22:34:13 | 000,074,047 | ---- | M] () -- C:\Documents and Settings\franhemapau\Mes documents\cp melle leguyader 1974.jpg

[2011/01/09 22:21:04 | 000,091,176 | ---- | M] () -- C:\Documents and Settings\franhemapau\Mes documents\1ereG sainte therese 1987.jpg

[2011/01/09 21:38:43 | 000,063,876 | ---- | M] () -- C:\Documents and Settings\franhemapau\Mes documents\47811902.jpg

[2011/01/09 21:38:36 | 000,072,323 | ---- | M] () -- C:\Documents and Settings\franhemapau\Mes documents\47811950.jpg

[2011/01/09 21:38:22 | 000,065,651 | ---- | M] () -- C:\Documents and Settings\franhemapau\Mes documents\47811937.jpg

[2011/01/09 21:18:25 | 000,040,052 | ---- | M] () -- C:\Documents and Settings\franhemapau\Mes documents\boite-encens.jpg

[2011/01/09 17:39:25 | 000,104,261 | ---- | M] () -- C:\Documents and Settings\franhemapau\Mes documents\photo-ptf8s5.jpg

[2011/01/09 14:53:51 | 000,058,629 | ---- | M] () -- C:\Documents and Settings\franhemapau\Mes documents\ecran-de-fumee.jpg

[2011/01/09 12:37:52 | 000,000,000 | ---- | M] () -- C:\windows\System32\atiicdxx.dat

[2011/01/09 12:21:40 | 000,069,026 | ---- | M] () -- C:\Documents and Settings\franhemapau\Mes documents\cc_20110109_122134.reg

[2011/01/09 12:04:02 | 000,054,156 | -H-- | M] () -- C:\windows\QTFont.qfn

[2011/01/09 12:04:02 | 000,001,409 | ---- | M] () -- C:\windows\QTFont.for

[2011/01/09 09:46:55 | 000,029,540 | ---- | M] () -- C:\Documents and Settings\franhemapau\Mes documents\cc_20110109_094650.reg

[2011/01/09 09:26:31 | 000,001,746 | ---- | M] () -- C:\Documents and Settings\franhemapau\Bureau\HijackThis.lnk

[2011/01/09 09:05:26 | 000,000,796 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Malwarebytes' Anti-Malware.lnk

[2011/01/08 19:13:11 | 000,353,856 | ---- | M] () -- C:\Documents and Settings\franhemapau\Mes documents\cc_20110108_191305.reg

[2011/01/08 19:02:15 | 000,214,497 | ---- | M] () -- C:\Documents and Settings\franhemapau\Mes documents\encens3.jpg

[2011/01/08 19:00:56 | 000,148,533 | ---- | M] () -- C:\Documents and Settings\franhemapau\Mes documents\encen2.jpg

[2011/01/08 18:57:19 | 000,138,816 | ---- | M] () -- C:\Documents and Settings\franhemapau\Mes documents\4444901025_96eabd485a_b.jpg

[2011/01/08 18:55:11 | 001,861,022 | ---- | M] () -- C:\Documents and Settings\franhemapau\Mes documents\5065448377_68cbc7ebd1_o.jpg

[2011/01/08 09:54:09 | 000,184,320 | ---- | M] () -- C:\Documents and Settings\franhemapau\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2011/01/08 09:52:06 | 007,966,666 | ---- | M] () -- C:\Documents and Settings\franhemapau\Mes documents\acces1.PDF

[2011/01/08 09:50:14 | 000,056,746 | ---- | M] () -- C:\Documents and Settings\franhemapau\Mes documents\MailDu07012011.pdf

[2011/01/07 22:57:00 | 003,458,560 | ---- | M] () -- C:\Documents and Settings\franhemapau\Mes documents\Zizanie.pps

[2011/01/06 20:39:05 | 000,056,128 | ---- | M] () -- C:\Documents and Settings\franhemapau\Mes documents\BZH_Flag.gif

[2011/01/06 20:38:53 | 000,020,335 | ---- | M] () -- C:\Documents and Settings\franhemapau\Mes documents\drapeau_breton_m.jpg

[2011/01/06 20:38:47 | 000,042,192 | ---- | M] () -- C:\Documents and Settings\franhemapau\Mes documents\carte-finist%E8re.jpg

[2011/01/06 20:38:39 | 000,015,133 | ---- | M] () -- C:\Documents and Settings\franhemapau\Mes documents\bzh.jpg

[2011/01/06 20:28:08 | 000,017,533 | ---- | M] () -- C:\Documents and Settings\franhemapau\Mes documents\capitainehadock.jpg

[2011/01/05 23:53:44 | 000,160,339 | ---- | M] () -- C:\Documents and Settings\franhemapau\Mes documents\tshirtzebikesio.jpg

[2011/01/05 22:37:22 | 000,741,339 | ---- | M] () -- C:\Documents and Settings\franhemapau\Mes documents\initiation-1024-72dpi.jpg

[2011/01/05 22:36:09 | 000,763,528 | ---- | M] () -- C:\Documents and Settings\franhemapau\Mes documents\lumieres.jpg

[2011/01/04 22:01:53 | 000,234,725 | ---- | M] () -- C:\Documents and Settings\franhemapau\Mes documents\guideencens.jpg

[2011/01/04 21:57:56 | 000,270,324 | ---- | M] () -- C:\Documents and Settings\franhemapau\Mes documents\600_____DSCN1255_662.jpg

[2011/01/04 19:21:29 | 002,123,902 | ---- | M] () -- C:\Documents and Settings\franhemapau\Mes documents\welcometodirt2.bmp

[2011/01/04 19:21:18 | 001,497,078 | ---- | M] () -- C:\Documents and Settings\franhemapau\Mes documents\welcometodirt.bmp

[2011/01/02 22:19:22 | 000,626,176 | ---- | M] () -- C:\Documents and Settings\franhemapau\Mes documents\Encens.doc

[2011/01/02 21:40:52 | 000,029,249 | ---- | M] () -- C:\Documents and Settings\franhemapau\Mes documents\encens-nag-champa-15_1.png

[2011/01/02 21:39:16 | 000,027,881 | ---- | M] () -- C:\Documents and Settings\franhemapau\Mes documents\encens-frankincense.png

[2011/01/02 21:38:24 | 000,026,266 | ---- | M] () -- C:\Documents and Settings\franhemapau\Mes documents\encens-auroville-oliban.png

[2011/01/02 21:37:23 | 000,034,624 | ---- | M] () -- C:\Documents and Settings\franhemapau\Mes documents\encens-aromatherapie-oliban_1.png

[2011/01/02 21:37:16 | 000,024,548 | ---- | M] () -- C:\Documents and Settings\franhemapau\Mes documents\encens-aromatherapie-frankincense.png

[2011/01/02 21:36:44 | 000,025,745 | ---- | M] () -- C:\Documents and Settings\franhemapau\Mes documents\encens-indien-myrrhe.png

[2011/01/02 21:36:33 | 000,025,984 | ---- | M] () -- C:\Documents and Settings\franhemapau\Mes documents\encens-indien-vetiver.png

[2011/01/02 21:36:22 | 000,035,656 | ---- | M] () -- C:\Documents and Settings\franhemapau\Mes documents\resine-rois-mages.png

[2011/01/02 21:36:08 | 000,037,026 | ---- | M] () -- C:\Documents and Settings\franhemapau\Mes documents\resine-oliban-somalie.png

[2011/01/02 21:36:02 | 000,026,263 | ---- | M] () -- C:\Documents and Settings\franhemapau\Mes documents\encens-indien-oliban.png

[2011/01/02 21:35:56 | 000,047,111 | ---- | M] () -- C:\Documents and Settings\franhemapau\Mes documents\encens-oliban-cones.png

[2011/01/02 21:35:29 | 000,025,100 | ---- | M] () -- C:\Documents and Settings\franhemapau\Mes documents\encens-feng-shui-feu.png

[2011/01/02 21:34:24 | 000,033,452 | ---- | M] () -- C:\Documents and Settings\franhemapau\Mes documents\encens-tibetain-oliban.png

[2011/01/02 21:33:47 | 000,039,387 | ---- | M] () -- C:\Documents and Settings\franhemapau\Mes documents\resine-naturelle-rois-mages.png

[2011/01/02 21:33:27 | 000,024,718 | ---- | M] () -- C:\Documents and Settings\franhemapau\Mes documents\encens-indien-oliban_1.png

[2011/01/02 21:33:16 | 000,035,207 | ---- | M] () -- C:\Documents and Settings\franhemapau\Mes documents\resine-naturelle-frankincense.png

[2011/01/02 21:33:10 | 000,025,145 | ---- | M] () -- C:\Documents and Settings\franhemapau\Mes documents\encens-indien-frankincense.png

[2011/01/02 21:33:01 | 000,041,448 | ---- | M] () -- C:\Documents and Settings\franhemapau\Mes documents\encens-indien-frankincense_1.png

[2011/01/02 12:04:19 | 000,000,202 | ---- | M] () -- C:\windows\NeroDigital.ini

[2011/01/02 07:58:48 | 000,047,776 | ---- | M] () -- C:\Documents and Settings\franhemapau\Mes documents\CLASSIQUE.XLS

[2011/01/01 15:55:52 | 000,191,488 | ---- | M] (ScreenTime Media) -- C:\windows\CB1300SF.scr

[2011/01/01 15:55:41 | 000,545,280 | ---- | M] (Microsoft Corporation) -- C:\windows\flashax.exe

[2011/01/01 15:55:41 | 000,012,288 | ---- | M] () -- C:\windows\impborl.dll

[2010/12/31 10:04:25 | 000,000,038 | ---- | M] () -- C:\windows\AviSplitter.INI

[2010/12/30 12:25:11 | 000,210,498 | ---- | M] () -- C:\Documents and Settings\franhemapau\Mes documents\big one breizh.bmp

[2010/12/30 07:50:06 | 000,434,960 | ---- | M] () -- C:\windows\System32\FNTCACHE.DAT

[2010/12/28 17:25:41 | 000,050,230 | ---- | M] () -- C:\Documents and Settings\franhemapau\Mes documents\sio.bmp

[2010/12/28 16:45:11 | 000,000,218 | ---- | M] () -- C:\Documents and Settings\franhemapau\.recently-used.xbel

[2010/12/28 16:44:36 | 000,001,576 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\coverJuke.lnk

[2010/12/28 14:21:05 | 000,000,812 | ---- | M] () -- C:\Documents and Settings\franhemapau\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk

[2010/12/28 14:17:52 | 000,023,392 | ---- | M] () -- C:\windows\System32\nscompat.tlb

[2010/12/28 14:17:52 | 000,016,832 | ---- | M] () -- C:\windows\System32\amcompat.tlb

[2010/12/28 13:55:16 | 000,503,758 | ---- | M] () -- C:\windows\System32\perfh00C.dat

[2010/12/28 13:55:16 | 000,435,780 | ---- | M] () -- C:\windows\System32\perfh009.dat

[2010/12/28 13:55:16 | 000,081,906 | ---- | M] () -- C:\windows\System32\perfc00C.dat

[2010/12/28 13:55:16 | 000,068,676 | ---- | M] () -- C:\windows\System32\perfc009.dat

[2010/12/28 12:47:52 | 000,000,029 | ---- | M] () -- C:\windows\popcinfo.dat

[2010/12/28 09:34:09 | 000,132,638 | ---- | M] () -- C:\Documents and Settings\franhemapau\Mes documents\cc_20101228_093402.reg

[2010/12/27 22:17:00 | 001,546,451 | ---- | M] () -- C:\Documents and Settings\franhemapau\Mes documents\49858-Raffaele-De-Rosa-15.wmv

[2010/12/21 23:59:50 | 000,037,879 | ---- | M] () -- C:\Documents and Settings\franhemapau\Mes documents\drapeau breton.jpg

[2010/12/21 23:59:43 | 000,032,762 | ---- | M] () -- C:\Documents and Settings\franhemapau\Mes documents\chapeau-breton.jpg

[2010/12/21 23:55:11 | 000,016,309 | ---- | M] () -- C:\Documents and Settings\franhemapau\Mes documents\emotions_colere_clr.jpg

[2010/12/21 23:55:05 | 000,040,545 | ---- | M] () -- C:\Documents and Settings\franhemapau\Mes documents\dyn005_original_376_400_pjpeg_2534793_82dc486e8a780b11145d2bcbfd5ded6e.jpg

[2010/12/20 18:09:00 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\windows\System32\drivers\mbamswissarmy.sys

[2010/12/20 18:08:40 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\windows\System32\drivers\mbam.sys

[2010/12/19 17:06:48 | 000,003,121 | ---- | M] () -- C:\windows\System32\CONFIG.NT

[2010/12/17 21:26:44 | 000,006,369 | ---- | M] () -- C:\Documents and Settings\franhemapau\Mes documents\map2.XLS

[2010/12/16 17:03:08 | 000,011,264 | ---- | M] () -- C:\windows\System32\Utils.dll

[2010/12/15 20:26:13 | 000,000,804 | ---- | M] () -- C:\Documents and Settings\franhemapau\Application Data\Microsoft\Internet Explorer\Quick Launch\Démarrer Microsoft Office Outlook.lnk

[2010/12/14 22:49:30 | 000,029,821 | ---- | M] () -- C:\Documents and Settings\franhemapau\Mes documents\CD Spindle Earring Holder.jpg

[2010/12/13 22:01:19 | 000,281,922 | ---- | M] () -- C:\Documents and Settings\franhemapau\Mes documents\cc_20101213_220107.reg

[2010/12/13 00:07:58 | 000,009,062 | ---- | M] () -- C:\Documents and Settings\franhemapau\Mes documents\tm_map_list_12dec2010.XLS

[9 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]

[15 C:\windows\System32\*.tmp files -> C:\windows\System32\*.tmp -> ]

 

========== Files Created - No Company Name ==========

 

[2011/01/11 22:21:03 | 000,001,719 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Avira AntiVir Control Center.lnk

[2011/01/11 22:00:17 | 000,040,616 | ---- | C] () -- C:\Documents and Settings\franhemapau\Mes documents\cc_20110111_220014.reg

[2011/01/11 20:27:53 | 000,000,700 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Emsisoft Anti-Malware.lnk

[2011/01/11 06:40:53 | 000,000,279 | ---- | C] () -- C:\Documents and Settings\franhemapau\Bureau\JoeBarTeam.url

[2011/01/11 06:40:20 | 000,000,273 | ---- | C] () -- C:\Documents and Settings\franhemapau\Bureau\encens.url

[2011/01/10 18:19:39 | 000,000,963 | ---- | C] () -- C:\Documents and Settings\franhemapau\Application Data\Microsoft\Internet Explorer\Quick Launch\Spybot - Search & Destroy.lnk

[2011/01/10 18:19:39 | 000,000,945 | ---- | C] () -- C:\Documents and Settings\franhemapau\Bureau\Spybot - Search & Destroy.lnk

[2011/01/09 22:48:29 | 000,089,233 | ---- | C] () -- C:\Documents and Settings\franhemapau\Mes documents\ei 1992.jpg

[2011/01/09 22:36:34 | 000,074,006 | ---- | C] () -- C:\Documents and Settings\franhemapau\Mes documents\ce1 sacre coeur 1975.jpg

[2011/01/09 22:34:13 | 000,074,047 | ---- | C] () -- C:\Documents and Settings\franhemapau\Mes documents\cp melle leguyader 1974.jpg

[2011/01/09 22:21:04 | 000,091,176 | ---- | C] () -- C:\Documents and Settings\franhemapau\Mes documents\1ereG sainte therese 1987.jpg

[2011/01/09 21:38:43 | 000,063,876 | ---- | C] () -- C:\Documents and Settings\franhemapau\Mes documents\47811902.jpg

[2011/01/09 21:38:36 | 000,072,323 | ---- | C] () -- C:\Documents and Settings\franhemapau\Mes documents\47811950.jpg

[2011/01/09 21:38:22 | 000,065,651 | ---- | C] () -- C:\Documents and Settings\franhemapau\Mes documents\47811937.jpg

[2011/01/09 21:18:23 | 000,040,052 | ---- | C] () -- C:\Documents and Settings\franhemapau\Mes documents\boite-encens.jpg

[2011/01/09 17:39:23 | 000,104,261 | ---- | C] () -- C:\Documents and Settings\franhemapau\Mes documents\photo-ptf8s5.jpg

[2011/01/09 14:53:49 | 000,058,629 | ---- | C] () -- C:\Documents and Settings\franhemapau\Mes documents\ecran-de-fumee.jpg

[2011/01/09 12:37:53 | 000,000,000 | ---- | C] () -- C:\windows\System32\ativvaxx.cap

[2011/01/09 12:37:52 | 000,000,000 | ---- | C] () -- C:\windows\System32\atiicdxx.dat

[2011/01/09 12:21:36 | 000,069,026 | ---- | C] () -- C:\Documents and Settings\franhemapau\Mes documents\cc_20110109_122134.reg

[2011/01/09 12:04:02 | 000,054,156 | -H-- | C] () -- C:\windows\QTFont.qfn

[2011/01/09 12:04:02 | 000,001,409 | ---- | C] () -- C:\windows\QTFont.for

[2011/01/09 09:46:52 | 000,029,540 | ---- | C] () -- C:\Documents and Settings\franhemapau\Mes documents\cc_20110109_094650.reg

[2011/01/09 09:26:31 | 000,001,746 | ---- | C] () -- C:\Documents and Settings\franhemapau\Bureau\HijackThis.lnk

[2011/01/09 09:05:26 | 000,000,796 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Malwarebytes' Anti-Malware.lnk

[2011/01/08 19:13:07 | 000,353,856 | ---- | C] () -- C:\Documents and Settings\franhemapau\Mes documents\cc_20110108_191305.reg

[2011/01/08 19:02:12 | 000,214,497 | ---- | C] () -- C:\Documents and Settings\franhemapau\Mes documents\encens3.jpg

[2011/01/08 19:00:53 | 000,148,533 | ---- | C] () -- C:\Documents and Settings\franhemapau\Mes documents\encen2.jpg

[2011/01/08 18:57:19 | 000,138,816 | ---- | C] () -- C:\Documents and Settings\franhemapau\Mes documents\4444901025_96eabd485a_b.jpg

[2011/01/08 18:55:10 | 001,861,022 | ---- | C] () -- C:\Documents and Settings\franhemapau\Mes documents\5065448377_68cbc7ebd1_o.jpg

[2011/01/08 09:52:34 | 007,966,666 | ---- | C] () -- C:\Documents and Settings\franhemapau\Mes documents\acces1.PDF

[2011/01/08 09:50:11 | 000,056,746 | ---- | C] () -- C:\Documents and Settings\franhemapau\Mes documents\MailDu07012011.pdf

[2011/01/07 22:57:00 | 003,458,560 | ---- | C] () -- C:\Documents and Settings\franhemapau\Mes documents\Zizanie.pps

[2011/01/06 20:39:04 | 000,056,128 | ---- | C] () -- C:\Documents and Settings\franhemapau\Mes documents\BZH_Flag.gif

[2011/01/06 20:38:53 | 000,020,335 | ---- | C] () -- C:\Documents and Settings\franhemapau\Mes documents\drapeau_breton_m.jpg

[2011/01/06 20:38:46 | 000,042,192 | ---- | C] () -- C:\Documents and Settings\franhemapau\Mes documents\carte-finist%E8re.jpg

[2011/01/06 20:38:38 | 000,015,133 | ---- | C] () -- C:\Documents and Settings\franhemapau\Mes documents\bzh.jpg

[2011/01/06 20:28:07 | 000,017,533 | ---- | C] () -- C:\Documents and Settings\franhemapau\Mes documents\capitainehadock.jpg

[2011/01/05 23:53:41 | 000,160,339 | ---- | C] () -- C:\Documents and Settings\franhemapau\Mes documents\tshirtzebikesio.jpg

[2011/01/05 22:37:21 | 000,741,339 | ---- | C] () -- C:\Documents and Settings\franhemapau\Mes documents\initiation-1024-72dpi.jpg

[2011/01/05 22:36:08 | 000,763,528 | ---- | C] () -- C:\Documents and Settings\franhemapau\Mes documents\lumieres.jpg

[2011/01/04 22:01:50 | 000,234,725 | ---- | C] () -- C:\Documents and Settings\franhemapau\Mes documents\guideencens.jpg

[2011/01/04 21:57:55 | 000,270,324 | ---- | C] () -- C:\Documents and Settings\franhemapau\Mes documents\600_____DSCN1255_662.jpg

[2011/01/04 19:21:29 | 002,123,902 | ---- | C] () -- C:\Documents and Settings\franhemapau\Mes documents\welcometodirt2.bmp

[2011/01/04 19:21:17 | 001,497,078 | ---- | C] () -- C:\Documents and Settings\franhemapau\Mes documents\welcometodirt.bmp

[2011/01/02 22:19:21 | 000,626,176 | ---- | C] () -- C:\Documents and Settings\franhemapau\Mes documents\Encens.doc

[2011/01/02 21:40:52 | 000,029,249 | ---- | C] () -- C:\Documents and Settings\franhemapau\Mes documents\encens-nag-champa-15_1.png

[2011/01/02 21:39:16 | 000,027,881 | ---- | C] () -- C:\Documents and Settings\franhemapau\Mes documents\encens-frankincense.png

[2011/01/02 21:38:24 | 000,026,266 | ---- | C] () -- C:\Documents and Settings\franhemapau\Mes documents\encens-auroville-oliban.png

[2011/01/02 21:37:23 | 000,034,624 | ---- | C] () -- C:\Documents and Settings\franhemapau\Mes documents\encens-aromatherapie-oliban_1.png

[2011/01/02 21:37:16 | 000,024,548 | ---- | C] () -- C:\Documents and Settings\franhemapau\Mes documents\encens-aromatherapie-frankincense.png

[2011/01/02 21:36:44 | 000,025,745 | ---- | C] () -- C:\Documents and Settings\franhemapau\Mes documents\encens-indien-myrrhe.png

[2011/01/02 21:36:33 | 000,025,984 | ---- | C] () -- C:\Documents and Settings\franhemapau\Mes documents\encens-indien-vetiver.png

[2011/01/02 21:36:21 | 000,035,656 | ---- | C] () -- C:\Documents and Settings\franhemapau\Mes documents\resine-rois-mages.png

[2011/01/02 21:36:07 | 000,037,026 | ---- | C] () -- C:\Documents and Settings\franhemapau\Mes documents\resine-oliban-somalie.png

[2011/01/02 21:36:01 | 000,026,263 | ---- | C] () -- C:\Documents and Settings\franhemapau\Mes documents\encens-indien-oliban.png

[2011/01/02 21:35:56 | 000,047,111 | ---- | C] () -- C:\Documents and Settings\franhemapau\Mes documents\encens-oliban-cones.png

[2011/01/02 21:35:28 | 000,025,100 | ---- | C] () -- C:\Documents and Settings\franhemapau\Mes documents\encens-feng-shui-feu.png

[2011/01/02 21:34:24 | 000,033,452 | ---- | C] () -- C:\Documents and Settings\franhemapau\Mes documents\encens-tibetain-oliban.png

[2011/01/02 21:33:46 | 000,039,387 | ---- | C] () -- C:\Documents and Settings\franhemapau\Mes documents\resine-naturelle-rois-mages.png

[2011/01/02 21:33:27 | 000,024,718 | ---- | C] () -- C:\Documents and Settings\franhemapau\Mes documents\encens-indien-oliban_1.png

[2011/01/02 21:33:15 | 000,035,207 | ---- | C] () -- C:\Documents and Settings\franhemapau\Mes documents\resine-naturelle-frankincense.png

[2011/01/02 21:33:09 | 000,025,145 | ---- | C] () -- C:\Documents and Settings\franhemapau\Mes documents\encens-indien-frankincense.png

[2011/01/02 21:33:01 | 000,041,448 | ---- | C] () -- C:\Documents and Settings\franhemapau\Mes documents\encens-indien-frankincense_1.png

[2011/01/01 15:55:41 | 000,012,288 | ---- | C] () -- C:\windows\impborl.dll

[2010/12/31 12:03:13 | 000,047,776 | ---- | C] () -- C:\Documents and Settings\franhemapau\Mes documents\CLASSIQUE.XLS

[2010/12/30 12:25:11 | 000,210,498 | ---- | C] () -- C:\Documents and Settings\franhemapau\Mes documents\big one breizh.bmp

[2010/12/29 21:29:21 | 000,011,264 | ---- | C] () -- C:\windows\System32\Utils.dll

[2010/12/28 17:25:41 | 000,050,230 | ---- | C] () -- C:\Documents and Settings\franhemapau\Mes documents\sio.bmp

[2010/12/28 16:45:11 | 000,000,218 | ---- | C] () -- C:\Documents and Settings\franhemapau\.recently-used.xbel

[2010/12/28 16:44:36 | 000,001,576 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\coverJuke.lnk

[2010/12/28 14:21:05 | 000,000,812 | ---- | C] () -- C:\Documents and Settings\franhemapau\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk

[2010/12/28 09:34:04 | 000,132,638 | ---- | C] () -- C:\Documents and Settings\franhemapau\Mes documents\cc_20101228_093402.reg

[2010/12/27 22:17:00 | 001,546,451 | ---- | C] () -- C:\Documents and Settings\franhemapau\Mes documents\49858-Raffaele-De-Rosa-15.wmv

[2010/12/21 23:59:49 | 000,037,879 | ---- | C] () -- C:\Documents and Settings\franhemapau\Mes documents\drapeau breton.jpg

[2010/12/21 23:59:43 | 000,032,762 | ---- | C] () -- C:\Documents and Settings\franhemapau\Mes documents\chapeau-breton.jpg

[2010/12/21 23:55:11 | 000,016,309 | ---- | C] () -- C:\Documents and Settings\franhemapau\Mes documents\emotions_colere_clr.jpg

[2010/12/21 23:55:05 | 000,040,545 | ---- | C] () -- C:\Documents and Settings\franhemapau\Mes documents\dyn005_original_376_400_pjpeg_2534793_82dc486e8a780b11145d2bcbfd5ded6e.jpg

[2010/12/14 22:49:30 | 000,029,821 | ---- | C] () -- C:\Documents and Settings\franhemapau\Mes documents\CD Spindle Earring Holder.jpg

[2010/12/13 22:01:09 | 000,281,922 | ---- | C] () -- C:\Documents and Settings\franhemapau\Mes documents\cc_20101213_220107.reg

[2010/06/06 10:14:23 | 000,038,492 | ---- | C] () -- C:\Documents and Settings\franhemapau\Application Data\Microsoft Excel.ADR

[2010/04/13 12:26:43 | 000,000,273 | ---- | C] () -- C:\windows\Dit.INI

[2010/01/01 21:34:43 | 000,000,094 | -H-- | C] () -- C:\windows\System32\spv1_WCssg.ini

[2009/12/19 10:35:44 | 000,000,179 | ---- | C] () -- C:\Documents and Settings\franhemapau\Application Data\setup.log

[2009/12/19 10:35:39 | 000,000,760 | ---- | C] () -- C:\Documents and Settings\franhemapau\Application Data\setup_ldm.iss

[2009/11/14 21:03:35 | 000,000,030 | ---- | C] () -- C:\windows\System32\drivers\Rev98HDD.ini

[2009/10/31 07:53:14 | 000,000,000 | ---- | C] () -- C:\windows\Pool.INI

[2009/10/27 17:48:28 | 000,000,703 | ---- | C] () -- C:\windows\wininit.ini

[2009/09/19 20:02:15 | 000,000,038 | ---- | C] () -- C:\windows\AviSplitter.INI

[2009/08/16 11:13:06 | 000,000,152 | ---- | C] () -- C:\windows\isp.ini

[2009/08/16 11:12:15 | 000,000,155 | ---- | C] () -- C:\windows\QTW.INI

[2009/08/03 14:07:42 | 000,403,816 | ---- | C] () -- C:\windows\System32\OGACheckControl.dll

[2009/03/21 20:20:11 | 000,007,207 | R--- | C] () -- C:\windows\Disktool.INI

[2009/03/21 20:20:11 | 000,006,399 | R--- | C] () -- C:\windows\fwupgrade.ini

[2009/03/21 20:20:11 | 000,003,677 | R--- | C] () -- C:\windows\PlaySnd.INI

[2009/02/27 21:06:44 | 000,000,101 | ---- | C] () -- C:\windows\VSWizard.ini

[2009/02/08 12:28:45 | 000,012,288 | ---- | C] () -- C:\windows\System32\LXF3PMRC.DLL

[2009/02/08 12:25:37 | 000,000,060 | -H-- | C] () -- C:\windows\System32\lxderwrd.ini

[2009/02/08 12:25:32 | 000,348,160 | ---- | C] () -- C:\windows\System32\lxdeinst.dll

[2009/02/08 12:23:34 | 000,348,160 | R--- | C] () -- C:\windows\System32\lxdecoin.dll

[2008/12/19 15:15:58 | 004,338,246 | ---- | C] () -- C:\windows\System32\libavcodec.dll

[2008/12/17 17:41:18 | 000,884,237 | ---- | C] () -- C:\windows\System32\ff_x264.dll

[2008/12/17 17:22:58 | 000,093,184 | ---- | C] () -- C:\windows\System32\ff_wmv9.dll

[2008/12/17 17:22:48 | 000,057,344 | ---- | C] () -- C:\windows\System32\ff_vfw.dll

[2008/12/17 17:17:34 | 000,239,247 | ---- | C] () -- C:\windows\System32\ff_theora.dll

[2008/12/17 16:59:54 | 000,560,802 | ---- | C] () -- C:\windows\System32\libmplayer.dll

[2008/10/01 17:22:10 | 000,000,368 | ---- | C] () -- C:\windows\hegames.ini

[2008/08/10 14:02:10 | 000,000,058 | ---- | C] () -- C:\windows\DeskToppers.ini

[2008/08/10 13:48:35 | 000,000,018 | ---- | C] () -- C:\windows\gfact.ini

[2008/07/24 21:59:20 | 000,043,520 | ---- | C] () -- C:\windows\System32\CmdLineExt03.dll

[2008/07/18 09:06:02 | 000,000,040 | ---- | C] () -- C:\windows\Epscan2.INI

[2008/07/11 17:40:00 | 000,000,085 | ---- | C] () -- C:\windows\fdmc.ini

[2008/02/09 12:54:53 | 000,027,228 | ---- | C] () -- C:\Documents and Settings\franhemapau\Application Data\Carnet d'adresses personnel.ADR

[2008/01/04 16:29:36 | 000,000,008 | ---- | C] () -- C:\Program Files\rdt.dat

[2008/01/04 16:29:36 | 000,000,008 | ---- | C] () -- C:\Program Files\Fichiers communs\rdt.dat

[2007/10/24 20:56:32 | 000,116,224 | ---- | C] () -- C:\windows\System32\pdfcmnnt.dll

[2007/10/11 18:59:24 | 000,025,624 | ---- | C] () -- C:\windows\System32\drivers\LVPr2Mon.sys

[2007/08/10 17:59:48 | 000,000,130 | ---- | C] () -- C:\windows\ka.ini

[2007/05/30 16:25:20 | 000,000,000 | ---- | C] () -- C:\windows\SETUP32.INI

[2007/05/28 11:54:44 | 000,208,896 | ---- | C] () -- C:\windows\System32\lxdegrd.dll

[2007/05/24 21:24:25 | 000,692,224 | ---- | C] () -- C:\windows\System32\lxdedrs.dll

[2007/05/22 15:09:42 | 000,065,536 | ---- | C] () -- C:\windows\System32\lxdecaps.dll

[2007/05/15 19:47:00 | 000,001,689 | ---- | C] () -- C:\windows\mp3-explorer.ini

[2007/04/28 20:32:59 | 003,596,288 | ---- | C] () -- C:\windows\System32\qt-dx331.dll

[2007/04/17 15:17:05 | 000,069,632 | ---- | C] () -- C:\windows\System32\lxdecnv4.dll

[2007/04/07 08:10:29 | 000,033,920 | ---- | C] () -- C:\windows\System32\drivers\oreans32.sys

[2007/04/07 08:08:49 | 000,765,952 | ---- | C] () -- C:\windows\System32\xvidcore.dll

[2007/04/07 08:08:49 | 000,180,224 | ---- | C] () -- C:\windows\System32\xvidvfw.dll

[2007/04/07 06:24:43 | 000,027,648 | ---- | C] () -- C:\windows\System32\AVSredirect.dll

[2007/04/07 06:24:42 | 000,471,552 | ---- | C] () -- C:\windows\System32\Smab.dll

[2007/03/02 00:19:47 | 000,000,119 | ---- | C] () -- C:\windows\SIERRA.INI

[2006/12/27 22:19:18 | 000,066,482 | ---- | C] () -- C:\windows\System32\lvcoinst.ini

[2006/12/27 22:08:47 | 000,000,719 | R--- | C] () -- C:\windows\System32\InstExec.ini

[2006/12/26 05:59:40 | 000,001,208 | ---- | C] () -- C:\windows\Radio_Fr.ini

[2006/12/16 17:56:28 | 000,013,146 | -HS- | C] () -- C:\windows\System32\KGyGaAvL.sys

[2006/12/16 17:52:31 | 000,000,056 | RHS- | C] () -- C:\windows\System32\E74B5DB51B.sys

[2006/12/16 17:34:32 | 000,000,055 | ---- | C] () -- C:\Documents and Settings\franhemapau\Application Data\pcouffin.log

[2006/12/16 17:34:23 | 000,087,608 | ---- | C] () -- C:\Documents and Settings\franhemapau\Application Data\ezpinst.exe

[2006/12/16 17:34:23 | 000,007,824 | ---- | C] () -- C:\Documents and Settings\franhemapau\Application Data\pcouffin.cat

[2006/12/16 17:34:23 | 000,001,144 | ---- | C] () -- C:\Documents and Settings\franhemapau\Application Data\pcouffin.inf

[2006/08/01 06:53:18 | 000,040,960 | ---- | C] () -- C:\windows\System32\lxdevs.dll

[2006/07/07 20:15:41 | 000,114,688 | ---- | C] () -- C:\windows\System32\WLANUTL.dll

[2005/12/10 11:48:48 | 000,000,253 | ---- | C] () -- C:\windows\WSHORTEN.INI

[2005/12/09 15:37:42 | 000,016,768 | ---- | C] () -- C:\windows\System32\drivers\LVPrcMon.sys

[2005/11/12 18:44:57 | 000,056,832 | ---- | C] () -- C:\windows\System32\Iyvu9_32.dll

[2005/11/05 12:31:53 | 000,000,132 | ---- | C] () -- C:\windows\winamp.ini

[2005/10/01 12:47:02 | 000,000,061 | ---- | C] () -- C:\windows\HFREP.INI

[2005/10/01 12:46:59 | 000,000,000 | ---- | C] () -- C:\windows\WD.INI

[2005/09/09 14:25:27 | 000,000,527 | ---- | C] () -- C:\Program Files\Raccourci vers codec_video.lnk

[2005/07/29 19:25:01 | 000,000,158 | ---- | C] () -- C:\windows\CDPLAYER.INI

[2005/05/14 15:46:05 | 000,210,944 | ---- | C] () -- C:\windows\System32\MSVCRT10.DLL

[2005/05/01 18:19:16 | 000,000,157 | ---- | C] () -- C:\windows\kodakpcd.franhemapau.ini

[2005/04/03 11:06:53 | 000,000,035 | ---- | C] () -- C:\windows\A6W.INI

[2005/02/18 16:20:07 | 000,000,000 | ---- | C] () -- C:\windows\LiveBilliards.INI

[2005/02/18 15:42:35 | 000,000,301 | ---- | C] () -- C:\windows\NAVIGMA.INI

[2004/12/05 10:48:45 | 000,021,840 | ---- | C] () -- C:\windows\System32\SIntfNT.dll

[2004/12/05 10:48:45 | 000,017,212 | ---- | C] () -- C:\windows\System32\SIntf32.dll

[2004/12/05 10:48:45 | 000,012,067 | ---- | C] () -- C:\windows\System32\SIntf16.dll

[2004/11/26 21:51:50 | 000,000,132 | ---- | C] () -- C:\windows\picture-shark.INI

[2004/11/11 17:58:25 | 000,184,320 | ---- | C] () -- C:\Documents and Settings\franhemapau\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2004/11/11 16:54:08 | 000,000,202 | ---- | C] () -- C:\windows\NeroDigital.ini

[2004/11/11 16:51:55 | 000,000,204 | ---- | C] () -- C:\windows\RtlRack.ini

[2004/11/11 16:46:10 | 000,000,164 | ---- | C] () -- C:\windows\avrack.ini

[2004/11/11 15:15:50 | 000,005,607 | ---- | C] () -- C:\windows\System32\stci.dll

[2004/11/11 15:15:03 | 000,000,000 | ---- | C] () -- C:\windows\System32\rnaph.dll

[2004/11/11 14:59:41 | 000,363,520 | ---- | C] () -- C:\windows\System32\psisdecd.dll

[2004/11/11 14:54:54 | 000,000,000 | ---- | C] () -- C:\windows\OpPrintServer.INI

[2004/11/11 14:22:05 | 000,000,385 | ---- | C] () -- C:\windows\ODBC.INI

[2004/11/11 13:55:20 | 000,004,207 | ---- | C] () -- C:\windows\ODBCINST.INI

[2004/10/03 17:50:54 | 000,129,024 | ---- | C] () -- C:\windows\System32\ff_mpeg2enc.dll

[2003/04/01 10:58:02 | 000,005,260 | ---- | C] () -- C:\windows\System32\OUTLPERF.INI

[1999/01/27 13:39:06 | 000,065,024 | ---- | C] () -- C:\windows\System32\indounin.dll

 

========== LOP Check ==========

 

[2009/04/25 18:36:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AlbumCollection

[2010/05/15 08:54:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Alwil Software

[2009/09/06 14:51:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Azureus

[2010/01/01 10:12:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\GameBlend

[2010/04/11 15:52:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\LxThumbs

[2010/11/25 23:20:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MediaMan

[2004/11/28 10:36:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MSScanAppDataDir

[2010/10/09 18:00:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\n7-89-o9-3r-4t-r9

[2009/12/15 08:29:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sandlot Games

[2010/11/25 23:22:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SlimSUF

[2011/01/10 18:15:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP

[2010/01/03 11:46:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TmForever

[2010/12/13 23:14:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TrackMania

[2006/12/15 21:53:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\VadeRetro

[2009/12/15 21:49:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint

[2008/01/20 13:19:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Watermark Factory

[2005/12/19 21:32:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WhiteCap (Holiday Edition)

[2008/05/27 19:13:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\franhemapau\Application Data\1&1

[2006/08/12 13:16:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\franhemapau\Application Data\ActiveState

[2009/05/31 08:24:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\franhemapau\Application Data\avidemux

[2011/01/04 19:12:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\franhemapau\Application Data\Azureus

[2011/01/11 07:12:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\franhemapau\Application Data\cacaoweb

[2009/08/23 08:28:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\franhemapau\Application Data\COWON

[2009/01/11 16:37:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\franhemapau\Application Data\Crae Interactives

[2010/11/26 14:59:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\franhemapau\Application Data\Filmotech_prefs

[2011/01/09 09:40:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\franhemapau\Application Data\FMZilla

[2010/04/25 11:50:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\franhemapau\Application Data\FreeAudioPack

[2008/01/04 16:00:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\franhemapau\Application Data\Gaijin Ent

[2010/01/01 10:12:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\franhemapau\Application Data\GameBlend

[2010/10/11 18:10:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\franhemapau\Application Data\GameHouse

[2009/12/02 21:28:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\franhemapau\Application Data\GARMIN

[2010/10/13 18:16:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\franhemapau\Application Data\GetRightToGo

[2009/09/13 14:17:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\franhemapau\Application Data\GoodSync

[2010/12/28 16:45:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\franhemapau\Application Data\gtk-2.0

[2010/12/28 12:58:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\franhemapau\Application Data\Incredible Ink

[2008/11/25 07:32:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\franhemapau\Application Data\Leadertech

[2009/02/15 08:20:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\franhemapau\Application Data\Lexmark Productivity Studio

[2010/04/28 18:31:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\franhemapau\Application Data\LG Electronics

[2010/11/25 23:24:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\franhemapau\Application Data\MediaMan

[2010/10/29 16:11:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\franhemapau\Application Data\moovida-1

[2009/02/21 16:18:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\franhemapau\Application Data\OnlineStorage

[2011/01/11 21:17:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\franhemapau\Application Data\QuickScan

[2010/08/15 08:14:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\franhemapau\Application Data\RayV

[2008/08/17 10:11:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\franhemapau\Application Data\Skinux

[2009/03/28 16:04:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\franhemapau\Application Data\TeamViewer

[2010/05/02 16:36:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\franhemapau\Application Data\Uniblue

[2009/04/05 11:40:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\franhemapau\Application Data\uTorrent

[2010/12/28 22:10:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\franhemapau\Application Data\widestream

[2010/01/01 19:18:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\franhemapau\Application Data\Wildfire

[2008/10/03 20:53:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\franhemapau\Application Data\XnView

 

========== Purity Check ==========

 

 

 

========== Custom Scans ==========

 

 

< %systemroot%\system32\drivers\*.sys /lockedfiles >

 

< %ALLUSERSPROFILE%\Application Data\*. >

[2010/10/12 06:13:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Adobe

[2009/09/03 23:08:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ahead

[2009/04/25 18:36:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AlbumCollection

[2010/05/15 08:54:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Alwil Software

[2010/05/16 06:38:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AOL

[2009/12/15 21:48:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AOL Downloads

[2009/12/15 21:50:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AOL OCP

[2011/01/09 12:33:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ATI

[2011/01/11 22:20:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Avira

[2009/09/06 14:51:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Azureus

[2009/02/21 18:28:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\CyberLink

[2010/09/24 20:30:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DivX

[2009/04/12 17:13:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DVD Shrink

[2009/02/06 18:24:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\FaxCtr

[2010/01/01 10:12:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\GameBlend

[2009/08/04 10:38:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Google

[2009/12/19 10:31:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\LogiShrd

[2009/12/19 10:31:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Logitech

[2010/04/11 15:52:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\LxThumbs

[2011/01/09 09:05:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes

[2010/11/25 23:20:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MediaMan

[2010/06/13 12:12:44 | 000,000,000 | --SD | M] -- C:\Documents and Settings\All Users\Application Data\Microsoft

[2004/11/28 10:36:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MSScanAppDataDir

[2010/10/09 18:00:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\n7-89-o9-3r-4t-r9

[2010/06/24 19:24:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NOS

[2009/10/09 06:38:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Office Genuine Advantage

[2011/01/10 18:14:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Tools

[2005/03/10 17:35:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\QuickTime

[2010/04/19 23:05:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Real

[2009/12/15 08:29:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sandlot Games

[2010/11/25 23:22:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SlimSUF

[2011/01/10 19:03:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy

[2011/01/10 18:15:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP

[2010/01/03 11:46:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TmForever

[2010/12/13 23:14:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TrackMania

[2006/12/15 21:53:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\VadeRetro

[2009/12/15 21:49:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint

[2008/01/20 13:19:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Watermark Factory

[2005/12/19 21:32:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WhiteCap (Holiday Edition)

[2006/08/06 15:16:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage

[2006/12/15 15:28:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Yahoo!

 

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

[2009/12/15 21:47:35 | 001,273,224 | ---- | M] (AOL) -- C:\Documents and Settings\All Users\Application Data\AOL Downloads\triton_fr\6.1.31.1\AIMinst.exe

[2009/12/15 21:47:20 | 000,481,016 | ---- | M] (AOL LLC) -- C:\Documents and Settings\All Users\Application Data\AOL Downloads\triton_fr\6.1.31.1\AIMLang.exe

[2009/12/15 21:47:45 | 000,492,032 | ---- | M] (AOL) -- C:\Documents and Settings\All Users\Application Data\AOL Downloads\triton_fr\6.1.31.1\aimlang_fr.exe

[2009/12/15 21:47:51 | 000,141,944 | ---- | M] (AOL LLC) -- C:\Documents and Settings\All Users\Application Data\AOL Downloads\triton_fr\6.1.31.1\alsetup.exe

[2009/12/15 21:47:08 | 000,120,368 | ---- | M] (AOL LLC) -- C:\Documents and Settings\All Users\Application Data\AOL Downloads\triton_fr\6.1.31.1\aoldlmgr.exe

[2009/12/15 21:47:12 | 000,228,704 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\AOL Downloads\triton_fr\6.1.31.1\migrator.exe

[2009/12/15 21:48:42 | 005,357,344 | ---- | M] (AOL) -- C:\Documents and Settings\All Users\Application Data\AOL Downloads\triton_fr\6.1.31.1\ocpinst.exe

[2009/12/15 21:48:48 | 000,035,888 | ---- | M] (AOL LLC.) -- C:\Documents and Settings\All Users\Application Data\AOL Downloads\triton_fr\6.1.31.1\postproc.exe

[2009/12/15 21:47:16 | 000,169,520 | ---- | M] (AOL LLC.) -- C:\Documents and Settings\All Users\Application Data\AOL Downloads\triton_fr\6.1.31.1\setup.exe

[2009/12/15 21:48:46 | 000,357,776 | ---- | M] (AOL LLC) -- C:\Documents and Settings\All Users\Application Data\AOL Downloads\triton_fr\6.1.31.1\tbsetup.exe

[2009/12/15 21:48:16 | 000,376,568 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\AOL Downloads\triton_fr\6.1.31.1\unagi3.exe

[2009/12/15 21:48:10 | 003,858,056 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\AOL Downloads\triton_fr\6.1.31.1\Vwpt.exe

[2010/09/24 20:33:19 | 000,144,696 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\DivX\RunAsUser\RUNASUSERPROCESS.exe

[2011/01/10 18:15:18 | 065,317,024 | ---- | M] (PC Tools ) -- C:\Documents and Settings\All Users\Application Data\PC Tools\DownloadManager\Spyware Doctor8.0\sdsetup_dl.exe

 

< %APPDATA%\*. >

[2008/05/27 19:13:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\franhemapau\Application Data\1&1

[2006/08/12 13:16:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\franhemapau\Application Data\ActiveState

[2009/05/23 10:22:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\franhemapau\Application Data\Adobe

[2008/05/09 07:23:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\franhemapau\Application Data\AdobeUM

[2009/09/03 23:09:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\franhemapau\Application Data\Ahead

[2005/10/09 12:22:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\franhemapau\Application Data\Apple Computer

[2005/06/15 16:55:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\franhemapau\Application Data\ArcSoft

[2008/07/15 14:42:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\franhemapau\Application Data\ATI

[2009/05/31 08:24:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\franhemapau\Application Data\avidemux

[2011/01/04 19:12:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\franhemapau\Application Data\Azureus

[2011/01/11 07:12:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\franhemapau\Application Data\cacaoweb

[2009/08/23 08:28:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\franhemapau\Application Data\COWON

[2009/01/11 16:37:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\franhemapau\Application Data\Crae Interactives

[2008/01/02 18:04:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\franhemapau\Application Data\CyberLink

[2007/01/25 23:51:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\franhemapau\Application Data\DivX

[2010/10/10 20:40:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\franhemapau\Application Data\dvdcss

[2008/01/22 22:19:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\franhemapau\Application Data\FastStone

[2009/02/15 08:24:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\franhemapau\Application Data\FaxCtr

[2010/11/26 14:59:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\franhemapau\Application Data\Filmotech_prefs

[2011/01/09 09:40:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\franhemapau\Application Data\FMZilla

[2010/04/25 11:50:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\franhemapau\Application Data\FreeAudioPack

[2008/01/04 16:00:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\franhemapau\Application Data\Gaijin Ent

[2010/01/01 10:12:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\franhemapau\Application Data\GameBlend

[2010/10/11 18:10:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\franhemapau\Application Data\GameHouse

[2009/12/02 21:28:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\franhemapau\Application Data\GARMIN

[2010/10/13 18:16:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\franhemapau\Application Data\GetRightToGo

[2009/09/13 14:17:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\franhemapau\Application Data\GoodSync

[2007/07/13 15:43:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\franhemapau\Application Data\Google

[2010/12/28 16:45:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\franhemapau\Application Data\gtk-2.0

[2004/11/11 14:44:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\franhemapau\Application Data\Help

[2004/11/11 14:16:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\franhemapau\Application Data\Identities

[2010/12/28 12:58:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\franhemapau\Application Data\Incredible Ink

[2007/06/23 16:33:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\franhemapau\Application Data\InstallShield

[2008/11/25 07:32:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\franhemapau\Application Data\Leadertech

[2009/02/15 08:20:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\franhemapau\Application Data\Lexmark Productivity Studio

[2010/04/28 18:31:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\franhemapau\Application Data\LG Electronics

[2009/11/08 17:24:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\franhemapau\Application Data\Macromedia

[2011/01/09 09:05:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\franhemapau\Application Data\Malwarebytes

[2007/04/28 20:35:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\franhemapau\Application Data\Media Player Classic

[2010/11/25 23:24:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\franhemapau\Application Data\MediaMan

[2008/09/28 07:50:42 | 000,000,000 | --SD | M] -- C:\Documents and Settings\franhemapau\Application Data\Microsoft

[2010/10/29 16:11:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\franhemapau\Application Data\moovida-1

[2009/12/15 21:48:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\franhemapau\Application Data\Mozilla

[2009/10/09 06:37:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\franhemapau\Application Data\Office Genuine Advantage

[2009/02/21 16:18:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\franhemapau\Application Data\OnlineStorage

[2011/01/11 21:17:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\franhemapau\Application Data\QuickScan

[2010/08/15 08:14:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\franhemapau\Application Data\RayV

[2010/12/08 07:13:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\franhemapau\Application Data\Real

[2008/08/17 10:11:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\franhemapau\Application Data\Skinux

[2006/08/06 22:46:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\franhemapau\Application Data\SmartFTP

[2005/02/06 22:07:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\franhemapau\Application Data\Sun

[2006/12/15 16:09:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\franhemapau\Application Data\Symantec

[2009/03/28 16:04:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\franhemapau\Application Data\TeamViewer

[2010/05/02 16:36:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\franhemapau\Application Data\Uniblue

[2009/04/05 11:40:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\franhemapau\Application Data\uTorrent

[2010/12/28 22:10:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\franhemapau\Application Data\widestream

[2010/01/01 19:18:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\franhemapau\Application Data\Wildfire

[2008/04/06 09:59:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\franhemapau\Application Data\WinRAR

[2008/10/03 20:53:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\franhemapau\Application Data\XnView

 

< %APPDATA%\*.exe /s >

[2006/12/16 19:08:12 | 000,087,608 | ---- | M] () -- C:\Documents and Settings\franhemapau\Application Data\ezpinst.exe

[2007/01/14 15:48:46 | 023,489,040 | ---- | M] ( ) -- C:\Documents and Settings\franhemapau\Application Data\Adobe\Acrobat\7.0\Updater\AdbeRdr709_fr_FR.exe

[2008/05/08 20:43:46 | 022,023,120 | ---- | M] ( ) -- C:\Documents and Settings\franhemapau\Application Data\Adobe\Acrobat\7.0\Updater\AdbeRdr710_fr_FR.exe

[2009/09/19 22:11:57 | 010,686,001 | ---- | M] () -- C:\Documents and Settings\franhemapau\Application Data\Azureus\plugins\azump\mplayer.exe

[2010/12/29 17:07:06 | 000,310,208 | ---- | M] (Georgia Institute of Technology) -- C:\Documents and Settings\franhemapau\Application Data\Azureus\plugins\mlab\ShaperProbeC.exe

[2010/10/29 16:08:23 | 000,102,400 | R--- | M] (Acresso Software Inc.) -- C:\Documents and Settings\franhemapau\Application Data\Microsoft\Installer\{6084C211-01A1-464E-97A0-09772E122B50}\NewShortcut3_BCB4A930B9F04A2480525A437423D92B.exe

[2010/10/29 16:08:23 | 000,102,400 | R--- | M] (Acresso Software Inc.) -- C:\Documents and Settings\franhemapau\Application Data\Microsoft\Installer\{6084C211-01A1-464E-97A0-09772E122B50}\NewShortcut4_A414E067513C43BA8786F3DC788BC961.exe

[2010/10/29 16:08:24 | 000,102,400 | R--- | M] (Acresso Software Inc.) -- C:\Documents and Settings\franhemapau\Application Data\Microsoft\Installer\{6084C211-01A1-464E-97A0-09772E122B50}\NewShortcut5_F4EE65F1A6CD4124B059E9FA9A98EBF7.exe

[2010/10/29 16:08:24 | 000,102,400 | R--- | M] (Acresso Software Inc.) -- C:\Documents and Settings\franhemapau\Application Data\Microsoft\Installer\{6084C211-01A1-464E-97A0-09772E122B50}\NewShortcut6_206049A8CD534D8B87D5F66190F05AB3.exe

[2009/05/08 11:38:41 | 000,009,158 | R--- | M] () -- C:\Documents and Settings\franhemapau\Application Data\Microsoft\Installer\{89DE67AD-08B8-4699-A55D-CA5C0AF82BF3}\ARPPRODUCTICON.exe

 

< %SYSTEMDRIVE%\*.exe >

 

< %SYSTEMDRIVE%\*.exe >

 

 

< MD5 for: AGP440.SYS >

[2004/08/19 15:20:54 | 018,782,711 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys

[2008/09/04 19:24:02 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys

[2004/08/19 15:20:54 | 018,782,711 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:AGP440.sys

[2008/09/04 19:24:02 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys

[2008/04/13 19:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys

[2008/04/13 19:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys

[2004/08/03 22:07:42 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\WINDOWS\$NtServicePackUninstall$\agp440.sys

 

< MD5 for: ATAPI.SYS >

[2003/04/24 13:00:00 | 010,179,564 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp1.cab:atapi.sys

[2004/08/19 15:20:54 | 018,782,711 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys

[2008/09/04 19:24:02 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys

[2004/08/19 15:20:54 | 018,782,711 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:atapi.sys

[2008/09/04 19:24:02 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys

[2008/04/13 19:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys

[2008/04/13 19:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys

[2004/08/03 21:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys

 

< MD5 for: CDROM.SYS >

[2003/04/24 13:00:00 | 010,179,564 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp1.cab:cdrom.sys

[2004/08/19 15:20:54 | 018,782,711 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys

[2008/09/04 19:24:02 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys

[2004/08/19 15:20:54 | 018,782,711 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:cdrom.sys

[2008/09/04 19:24:02 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:cdrom.sys

[2008/04/13 19:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\ServicePackFiles\i386\cdrom.sys

[2008/04/13 19:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys

[2009/12/22 19:39:20 | 000,062,592 | ---- | M] (Microsoft Corporation) MD5=7B53584D94E9D8716B2DE91D5F1CB42D -- C:\WINDOWS\system32\dllcache\cdrom.sys

[2004/08/03 21:59:54 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\$NtServicePackUninstall$\cdrom.sys

 

< MD5 for: CHANGER.SYS >

[2004/08/19 15:20:54 | 018,782,711 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:Changer.sys

[2008/09/04 19:24:02 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:Changer.sys

[2004/08/19 15:20:54 | 018,782,711 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:Changer.sys

[2008/09/04 19:24:02 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:Changer.sys

[2008/04/13 19:40:58 | 000,008,192 | ---- | M] (Microsoft Corporation) MD5=2A5815CA6FFF24B688C01F828B96819C -- C:\WINDOWS\ServicePackFiles\i386\changer.sys

[2004/08/03 22:00:14 | 000,008,192 | ---- | M] (Microsoft Corporation) MD5=DAF1A8193B6CAF0FB858CADCC5C4AF4A -- C:\WINDOWS\$NtServicePackUninstall$\changer.sys

 

< MD5 for: DISK.SYS >

[2003/04/24 13:00:00 | 010,179,564 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp1.cab:disk.sys

[2004/08/19 15:20:54 | 018,782,711 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:disk.sys

[2008/09/04 19:24:02 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:disk.sys

[2004/08/19 15:20:54 | 018,782,711 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:disk.sys

[2008/09/04 19:24:02 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:disk.sys

[2004/08/03 21:59:56 | 000,036,352 | ---- | M] (Microsoft Corporation) MD5=00CA44E4534865F8A3B64F7C0984BFF0 -- C:\WINDOWS\$NtServicePackUninstall$\disk.sys

[2008/04/13 19:40:47 | 000,036,352 | ---- | M] (Microsoft Corporation) MD5=044452051F3E02E7963599FC8F4F3E25 -- C:\WINDOWS\ServicePackFiles\i386\disk.sys

[2008/04/13 19:40:47 | 000,036,352 | ---- | M] (Microsoft Corporation) MD5=044452051F3E02E7963599FC8F4F3E25 -- C:\WINDOWS\system32\drivers\disk.sys

 

< MD5 for: EVENTLOG.DLL >

[2004/08/19 15:09:26 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=49B1376885340BF9EA0D99F71557B59A -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll

[2008/04/14 03:33:24 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=4EC800BDF80521B0207BD2301DFC7D14 -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll

[2008/04/14 03:33:24 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=4EC800BDF80521B0207BD2301DFC7D14 -- C:\WINDOWS\system32\eventlog.dll

 

< MD5 for: EXPLORER.EXE >

[2007/06/13 14:10:53 | 001,037,312 | ---- | M] (Microsoft Corporation) MD5=B795475444D6D57A572C14B9E1A29839 -- C:\WINDOWS\$hf_mig$\KB938828\SP2QFE\explorer.exe

[2007/06/13 14:22:28 | 001,037,312 | ---- | M] (Microsoft Corporation) MD5=D0288319660EDCFED07C7E74C4EA38A5 -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe

[2008/04/14 03:34:03 | 001,037,824 | ---- | M] (Microsoft Corporation) MD5=F2317622D29F9FF0F88AEECD5F60F0DD -- C:\WINDOWS\explorer.exe

[2008/04/14 03:34:03 | 001,037,824 | ---- | M] (Microsoft Corporation) MD5=F2317622D29F9FF0F88AEECD5F60F0DD -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe

 

< MD5 for: NDIS.SYS >

[2008/04/13 20:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\ServicePackFiles\i386\ndis.sys

[2008/04/13 20:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys

[2004/08/03 22:14:30 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\$NtServicePackUninstall$\ndis.sys

 

< MD5 for: NETLOGON.DLL >

[2008/04/14 03:33:34 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=04821179C3171554C1BD1F9888A113E2 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll

[2008/04/14 03:33:34 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=04821179C3171554C1BD1F9888A113E2 -- C:\WINDOWS\system32\netlogon.dll

[2004/08/19 15:09:38 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=D4CFAC76926C24E32B7F25A35C31BC6E -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll

 

< MD5 for: RASACD.SYS >

[2003/04/24 13:00:00 | 000,008,832 | ---- | M] (Microsoft Corporation) MD5=FE0D99D6F31E4FAD8159F690D68DED9C -- C:\WINDOWS\system32\dllcache\rasacd.sys

[2003/04/24 13:00:00 | 000,008,832 | ---- | M] (Microsoft Corporation) MD5=FE0D99D6F31E4FAD8159F690D68DED9C -- C:\WINDOWS\system32\drivers\rasacd.sys

 

< MD5 for: RDPWD.SYS >

[2005/06/10 05:06:01 | 000,139,528 | ---- | M] (Microsoft Corporation) MD5=047BEA21274C8A4A233674A76C958C2C -- C:\WINDOWS\$hf_mig$\KB899591\SP2QFE\rdpwd.sys

[2008/04/14 03:34:54 | 000,139,656 | ---- | M] (Microsoft Corporation) MD5=6728E45B66F93C08F11DE2E316FC70DD -- C:\WINDOWS\ServicePackFiles\i386\rdpwd.sys

[2008/04/14 03:34:54 | 000,139,656 | ---- | M] (Microsoft Corporation) MD5=6728E45B66F93C08F11DE2E316FC70DD -- C:\WINDOWS\system32\drivers\rdpwd.sys

[2005/06/10 05:11:22 | 000,139,528 | ---- | M] (Microsoft Corporation) MD5=B54CD38A9EBFBF2B3561426E3FE26F62 -- C:\WINDOWS\$NtServicePackUninstall$\rdpwd.sys

 

< MD5 for: SCECLI.DLL >

[2004/08/19 15:09:40 | 000,186,368 | ---- | M] (Microsoft Corporation) MD5=58D439F6EF73A2D9288B204E819F4BBD -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll

[2008/04/14 03:33:40 | 000,187,392 | ---- | M] (Microsoft Corporation) MD5=973B36634C544948C663E8269AA1B3A3 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll

[2008/04/14 03:33:40 | 000,187,392 | ---- | M] (Microsoft Corporation) MD5=973B36634C544948C663E8269AA1B3A3 -- C:\WINDOWS\system32\scecli.dll

 

< MD5 for: SFLOPPY.SYS >

[2003/04/24 13:00:00 | 010,179,564 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp1.cab:Sfloppy.sys

[2004/08/19 15:20:54 | 018,782,711 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:Sfloppy.sys

[2008/09/04 19:24:02 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:Sfloppy.sys

[2004/08/19 15:20:54 | 018,782,711 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:Sfloppy.sys

[2008/09/04 19:24:02 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:Sfloppy.sys

[2004/08/03 21:59:56 | 000,011,392 | ---- | M] (Microsoft Corporation) MD5=0D13B6DF6E9E101013A7AFB0CE629FE0 -- C:\WINDOWS\$NtServicePackUninstall$\sfloppy.sys

[2008/04/13 19:40:48 | 000,011,392 | ---- | M] (Microsoft Corporation) MD5=8E6B8C671615D126FDC553D1E2DE5562 -- C:\WINDOWS\ServicePackFiles\i386\sfloppy.sys

[2008/04/13 19:40:48 | 000,011,392 | ---- | M] (Microsoft Corporation) MD5=8E6B8C671615D126FDC553D1E2DE5562 -- C:\WINDOWS\system32\drivers\sfloppy.sys

 

< MD5 for: SPLITTER.SYS >

[2003/04/24 13:00:00 | 010,179,564 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp1.cab:splitter.sys

[2004/08/19 15:20:54 | 018,782,711 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:splitter.sys

[2008/09/04 19:24:02 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:splitter.sys

[2004/08/19 15:20:54 | 018,782,711 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:splitter.sys

[2008/09/04 19:24:02 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:splitter.sys

[2006/06/14 09:47:46 | 000,006,400 | ---- | M] (Microsoft Corporation) MD5=0CE218578FFF5F4F7E4201539C45C78F -- C:\WINDOWS\$NtServicePackUninstall$\splitter.sys

[2006/06/14 09:50:19 | 000,006,272 | ---- | M] (Microsoft Corporation) MD5=9BB1DD670CB7505A90FC4E61D4AA8227 -- C:\WINDOWS\$hf_mig$\KB920872\SP2QFE\splitter.sys

[2008/04/13 19:45:07 | 000,006,272 | ---- | M] (Microsoft Corporation) MD5=AB8B92451ECB048A4D1DE7C3FFCB4A9F -- C:\WINDOWS\ServicePackFiles\i386\splitter.sys

[2008/04/13 19:45:07 | 000,006,272 | ---- | M] (Microsoft Corporation) MD5=AB8B92451ECB048A4D1DE7C3FFCB4A9F -- C:\WINDOWS\system32\drivers\splitter.sys

 

< MD5 for: SWMIDI.SYS >

[2008/09/04 19:24:02 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:swmidi.sys

[2008/09/04 19:24:02 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:swmidi.sys

[2008/04/13 19:45:09 | 000,056,576 | ---- | M] (Microsoft Corporation) MD5=8CE882BCC6CF8A62F2B2323D95CB3D01 -- C:\WINDOWS\ServicePackFiles\i386\swmidi.sys

[2008/04/13 19:45:09 | 000,056,576 | ---- | M] (Microsoft Corporation) MD5=8CE882BCC6CF8A62F2B2323D95CB3D01 -- C:\WINDOWS\system32\drivers\swmidi.sys

[2003/04/24 13:00:00 | 000,054,272 | ---- | M] (Microsoft Corporation) MD5=94ABC808FC4B6D7D2BBF42B85E25BB4D -- C:\WINDOWS\$NtServicePackUninstall$\swmidi.sys

 

< MD5 for: TCPIP.SYS >

[2008/06/20 11:45:13 | 000,360,320 | ---- | M] (Microsoft Corporation) MD5=2A5554FC5B1E04E131230E3CE035C3F9 -- C:\WINDOWS\$NtServicePackUninstall$\tcpip.sys

[2006/01/13 18:07:08 | 000,360,448 | ---- | M] (Microsoft Corporation) MD5=5562CC0A47B2AEF06D3417B733F3C195 -- C:\WINDOWS\$hf_mig$\KB913446\SP2QFE\tcpip.sys

[2005/05/25 20:07:12 | 000,359,936 | ---- | M] (Microsoft Corporation) MD5=63FDFEA54EB53DE2D863EE454937CE1E -- C:\WINDOWS\$hf_mig$\KB893066\SP2QFE\tcpip.sys

[2007/10/30 17:53:32 | 000,360,832 | ---- | M] (Microsoft Corporation) MD5=64798ECFA43D78C7178375FCDD16D8C8 -- C:\WINDOWS\$hf_mig$\KB941644\SP2QFE\tcpip.sys

[2008/06/20 11:44:42 | 000,360,960 | ---- | M] (Microsoft Corporation) MD5=744E57C99232201AE98C49168B918F48 -- C:\WINDOWS\$hf_mig$\KB951748\SP2QFE\tcpip.sys

[2008/04/13 20:20:16 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\ServicePackFiles\i386\tcpip.sys

[2008/06/20 12:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\$hf_mig$\KB951748\SP3GDR\tcpip.sys

[2008/06/20 12:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\dllcache\tcpip.sys

[2008/06/20 12:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\drivers\tcpip.sys

[2008/06/20 12:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip.sys

[2006/04/20 13:18:35 | 000,360,576 | ---- | M] (Microsoft Corporation) MD5=B2220C618B42A2212A59D91EBD6FC4B4 -- C:\WINDOWS\$hf_mig$\KB917953\SP2QFE\tcpip.sys

 

< MD5 for: TDPIPE.SYS >

[2004/08/19 15:10:20 | 000,012,040 | ---- | M] (Microsoft Corporation) MD5=38D437CF2D98965F239B0ABCD66DCB0F -- C:\WINDOWS\$NtServicePackUninstall$\tdpipe.sys

[2008/04/14 03:34:52 | 000,012,040 | ---- | M] (Microsoft Corporation) MD5=6471A66807F5E104E4885F5B67349397 -- C:\WINDOWS\ServicePackFiles\i386\tdpipe.sys

[2008/04/14 03:34:52 | 000,012,040 | ---- | M] (Microsoft Corporation) MD5=6471A66807F5E104E4885F5B67349397 -- C:\WINDOWS\system32\drivers\tdpipe.sys

 

< MD5 for: TDTCP.SYS >

[2008/04/14 03:34:53 | 000,021,896 | ---- | M] (Microsoft Corporation) MD5=C56B6D0402371CF3700EB322EF3AAF61 -- C:\WINDOWS\ServicePackFiles\i386\tdtcp.sys

[2008/04/14 03:34:53 | 000,021,896 | ---- | M] (Microsoft Corporation) MD5=C56B6D0402371CF3700EB322EF3AAF61 -- C:\WINDOWS\system32\drivers\tdtcp.sys

[2004/08/19 15:10:20 | 000,021,896 | ---- | M] (Microsoft Corporation) MD5=ED0580AF02502D00AD8C4C066B156BE9 -- C:\WINDOWS\$NtServicePackUninstall$\tdtcp.sys

 

< MD5 for: USBPRINT.SYS >

[2003/04/24 13:00:00 | 010,179,564 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp1.cab:usbprint.sys

[2004/08/19 15:20:54 | 018,782,711 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:usbprint.sys

[2008/09/04 19:24:02 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:usbprint.sys

[2004/08/19 15:20:54 | 018,782,711 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:usbprint.sys

[2008/09/04 19:24:02 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:usbprint.sys

[2004/08/03 22:01:26 | 000,025,856 | ---- | M] (Microsoft Corporation) MD5=A42369B7CD8886CD7C70F33DA6FCBCF5 -- C:\WINDOWS\$NtServicePackUninstall$\usbprint.sys

[2008/04/13 19:47:37 | 000,025,856 | ---- | M] (Microsoft Corporation) MD5=A717C8721046828520C9EDF31288FC00 -- C:\WINDOWS\ServicePackFiles\i386\usbprint.sys

[2008/04/13 19:47:37 | 000,025,856 | ---- | M] (Microsoft Corporation) MD5=A717C8721046828520C9EDF31288FC00 -- C:\WINDOWS\system32\drivers\usbprint.sys

 

< MD5 for: USBSCAN.SYS >

[2003/04/24 13:00:00 | 010,179,564 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp1.cab:usbscan.sys

[2004/08/19 15:20:54 | 018,782,711 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:usbscan.sys

[2008/09/04 19:24:02 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:usbscan.sys

[2004/08/19 15:20:54 | 018,782,711 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:usbscan.sys

[2008/09/04 19:24:02 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:usbscan.sys

[2008/04/13 19:45:34 | 000,015,104 | ---- | M] (Microsoft Corporation) MD5=A0B8CF9DEB1184FBDD20784A58FA75D4 -- C:\WINDOWS\ServicePackFiles\i386\usbscan.sys

[2008/04/13 20:45:34 | 000,015,104 | ---- | M] (Microsoft Corporation) MD5=A0B8CF9DEB1184FBDD20784A58FA75D4 -- C:\WINDOWS\system32\dllcache\usbscan.sys

[2008/04/13 20:45:34 | 000,015,104 | ---- | M] (Microsoft Corporation) MD5=A0B8CF9DEB1184FBDD20784A58FA75D4 -- C:\WINDOWS\system32\drivers\usbscan.sys

[2004/08/03 21:58:46 | 000,015,104 | ---- | M] (Microsoft Corporation) MD5=A6BC71402F4F7DD5B77FD7F4A8DDBA85 -- C:\WINDOWS\$NtServicePackUninstall$\usbscan.sys

 

< MD5 for: USERINIT.EXE >

[2004/08/19 15:10:04 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=84717891F0734C611721F56C60B5FBC3 -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe

[2008/04/14 03:34:26 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=E74DDB12188C2FF57A78624DBF7332FC -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe

[2008/04/14 03:34:26 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=E74DDB12188C2FF57A78624DBF7332FC -- C:\WINDOWS\system32\userinit.exe

 

< MD5 for: WINLOGON.EXE >

[2004/08/19 15:10:06 | 000,506,368 | ---- | M] (Microsoft Corporation) MD5=123EEA158F74D0F67A51DCDF065D1091 -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe

[2008/04/14 03:34:28 | 000,512,000 | ---- | M] (Microsoft Corporation) MD5=DD73D6B9F6B4CB630CF35B438B540174 -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe

[2008/04/14 03:34:28 | 000,512,000 | ---- | M] (Microsoft Corporation) MD5=DD73D6B9F6B4CB630CF35B438B540174 -- C:\WINDOWS\system32\winlogon.exe

 

< %systemroot%\*. /mp /s >

 

< %systemroot%\system32\*.dll /lockedfiles >

[15 C:\windows\system32\*.tmp files -> C:\windows\system32\*.tmp -> ]

 

< %systemroot%\Tasks\*.job /lockedfiles >

 

========== Alternate Data Streams ==========

 

@Alternate Data Stream - 170 bytes -> C:\windows\SK@J:C=e.ini

 

< End of report >

 

 

et le second rapport EXTRAS.TXT:

 

OTL Extras logfile created on: 11/01/2011 22:42:34 - Run 1

OTL by OldTimer - Version 3.2.20.1 Folder = C:\Documents and Settings\franhemapau\Bureau

Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 8.0.6001.18702)

Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

 

2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 67,00% Memory free

3,00 Gb Paging File | 3,00 Gb Available in Paging File | 80,00% Paging File free

Paging file location(s): C:\pagefile.sys 1536 1536 [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files

Drive C: | 55,89 Gb Total Space | 4,74 Gb Free Space | 8,49% Space Free | Partition Type: NTFS

Drive D: | 55,90 Gb Total Space | 48,80 Gb Free Space | 87,30% Space Free | Partition Type: NTFS

Drive E: | 232,88 Gb Total Space | 66,04 Gb Free Space | 28,36% Space Free | Partition Type: NTFS

Drive F: | 634,76 Gb Total Space | 92,28 Gb Free Space | 14,54% Space Free | Partition Type: NTFS

Drive G: | 195,31 Gb Total Space | 28,82 Gb Free Space | 14,76% Space Free | Partition Type: NTFS

Drive H: | 48,83 Gb Total Space | 15,11 Gb Free Space | 30,94% Space Free | Partition Type: NTFS

Drive I: | 52,61 Gb Total Space | 10,95 Gb Free Space | 20,81% Space Free | Partition Type: NTFS

 

Computer Name: SALON | User Name: franhemapau | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: All users

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

 

========== Extra Registry (SafeList) ==========

 

 

========== File Associations ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

 

[HKEY_USERS\S-1-5-21-1935655697-484061587-839522115-1003\SOFTWARE\Classes\<extension>]

.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

 

========== Shell Spawning ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

exefile [open] -- "%1" %*

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Directory [lister_un_fichier] -- command.com /c tree /F /A > j:\Listingmusique.txt %1 ()

Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)

Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

 

========== Security Center Settings ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"AntiVirusDisableNotify" = 0

"FirewallDisableNotify" = 0

"UpdatesDisableNotify" = 0

"AntiVirusOverride" = 1

"FirewallOverride" = 0

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

"DisableMonitoring" = 1

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

"DisableMonitoring" = 1

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

 

========== System Restore Settings ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]

"DisableSR" = 0

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]

"Start" = 0

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]

"Start" = 2

 

========== Firewall Settings ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004

"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005

"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001

"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002

"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007

"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

"EnableFirewall" = 1

"DisableNotifications" = 0

"DoNotAllowExceptions" = 0

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004

"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005

"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001

"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002

"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007

"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008

"4662:TCP" = 4662:TCP:*:Disabled:emule4662

"4672:UDP" = 4672:UDP:*:Disabled:emule4672

"5432:TCP" = 5432:TCP:*:Enabled:etcp

"5442:UDP" = 5442:UDP:*:Enabled:eudp

"6543:TCP" = 6543:TCP:*:Enabled:tcp2

"6542:TCP" = 6542:TCP:*:Enabled:udp2

"53951:TCP" = 53951:TCP:*:Enabled:tpc2

"12224:TCP" = 12224:TCP:*:Enabled:udp2

"2350:TCP" = 2350:TCP:*:Enabled:tm

"2350:UDP" = 2350:UDP:*:Enabled:tm

"3450:TCP" = 3450:TCP:*:Enabled:tm

"3450:UDP" = 3450:UDP:*:Enabled:tm

 

========== Authorized Applications List ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

"C:\Program Files\MSN Messenger\msnmsgr.exe" = C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.0 -- File not found

"C:\Program Files\MSN Messenger\msncall.exe" = C:\Program Files\MSN Messenger\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone) -- File not found

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

"C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" = C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger -- File not found

"C:\Program Files\SmartFTP Client 2.0\SmartFTP.exe" = C:\Program Files\SmartFTP Client 2.0\SmartFTP.exe:*:Enabled:SmartFTP Client 2.0 -- File not found

"C:\Program Files\LeechFTP\Leechftp.exe" = C:\Program Files\LeechFTP\Leechftp.exe:*:Enabled:LeechFTP -- (jan debis)

"C:\Program Files\mswt kart 2004\MSWorldTour.exe" = C:\Program Files\mswt kart 2004\MSWorldTour.exe:*:Enabled:MSWorldTour -- File not found

"C:\Program Files\Skype\Phone\Skype.exe" = C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype -- File not found

"C:\Program Files\TmNationsForever\TmForever.exe" = C:\Program Files\TmNationsForever\TmForever.exe:*:Enabled:TmForever -- ()

"C:\Program Files\TrackMania Sunrise\TmSunrise.exe" = C:\Program Files\TrackMania Sunrise\TmSunrise.exe:*:Enabled:TmSunrise -- File not found

"C:\Program Files\TmUnitedForever\TmForever.exe" = C:\Program Files\TmUnitedForever\TmForever.exe:*:Enabled:TmForever -- ()

"C:\Program Files\TRACKMANIA\TmUnitedForever\TmForever.exe" = C:\Program Files\TRACKMANIA\TmUnitedForever\TmForever.exe:*:Enabled:TmForever -- File not found

"C:\Program Files\TRACKMANIA\TmNationsForever\TmForever.exe" = C:\Program Files\TRACKMANIA\TmNationsForever\TmForever.exe:*:Enabled:TmForever -- File not found

"C:\Program Files\GOST Publishing\Marie La Cavalière\Bin\Marie La Cavalière.exe" = C:\Program Files\GOST Publishing\Marie La Cavalière\Bin\Marie La Cavalière.exe:*:Enabled:Marie La Cavalière -- File not found

"C:\WINDOWS\system32\dpnsvr.exe" = C:\WINDOWS\system32\dpnsvr.exe:*:Disabled:Microsoft DirectPlay8 Server -- (Microsoft Corporation)

"C:\WINDOWS\system32\lxdecoms.exe" = C:\WINDOWS\system32\lxdecoms.exe:*:Enabled:4800 Series Server -- ( )

"C:\Program Files\Lexmark 4800 Series\lxdemon.exe" = C:\Program Files\Lexmark 4800 Series\lxdemon.exe:*:Enabled:Printer Device Monitor -- ()

"C:\WINDOWS\system32\spool\drivers\w32x86\3\lxdepswx.exe" = C:\WINDOWS\system32\spool\drivers\w32x86\3\lxdepswx.exe:*:Enabled:Printer Status Window Interface -- ()

"C:\WINDOWS\system32\spool\drivers\w32x86\3\lxdetime.exe" = C:\WINDOWS\system32\spool\drivers\w32x86\3\lxdetime.exe:*:Enabled:Lexmark Connect Time Executable -- (Lexmark International, Inc.)

"C:\WINDOWS\system32\spool\drivers\w32x86\3\lxdejswx.exe" = C:\WINDOWS\system32\spool\drivers\w32x86\3\lxdejswx.exe:*:Enabled:Job Status Window Interface -- ()

"C:\Program Files\TRACKMANIA\TmNationsForever\TmNationsForever\TmForever.exe" = C:\Program Files\TRACKMANIA\TmNationsForever\TmNationsForever\TmForever.exe:*:Enabled:TmForever -- File not found

"C:\Program Files\Vuze\Azureus.exe" = C:\Program Files\Vuze\Azureus.exe:*:Disabled:Azureus -- (Vuze Inc.)

"C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe" = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe:*:Disabled:EasyShare -- File not found

"C:\Program Files\MSN Messenger\msnmsgr.exe" = C:\Program Files\MSN Messenger\msnmsgr.exe:*:Disabled:Windows Live Messenger 8.0 -- File not found

"C:\Program Files\MSN Messenger\msncall.exe" = C:\Program Files\MSN Messenger\msncall.exe:*:Disabled:Windows Live Messenger 8.0 (Phone) -- File not found

"C:\Program Files\Yahoo!\Messenger\YServer.exe" = C:\Program Files\Yahoo!\Messenger\YServer.exe:*:Disabled:Yahoo! FT Server -- File not found

"C:\WINDOWS\system32\spool\drivers\w32x86\3\lxdewbgw.exe" = C:\WINDOWS\system32\spool\drivers\w32x86\3\lxdewbgw.exe:*:Enabled:Lexmark Web Gateway -- ()

"C:\Program Files\RealVNC\VNC4\vncviewer.exe" = C:\Program Files\RealVNC\VNC4\vncviewer.exe:*:Enabled:VNC Viewer Free Edition for Win32 -- File not found

"C:\Program Files\TeamViewer\Version4\TeamViewer.exe" = C:\Program Files\TeamViewer\Version4\TeamViewer.exe:*:Enabled:Application de pilotage à distance TeamViewer -- (TeamViewer GmbH)

"C:\Program Files\Java\jre6\bin\java.exe" = C:\Program Files\Java\jre6\bin\java.exe:*:Enabled:Java Platform SE binary -- (Sun Microsystems, Inc.)

"C:\Program Files\eMule\emule.exe" = C:\Program Files\eMule\emule.exe:*:Enabled:eMule -- File not found

"C:\Program Files\Lexmark 4800 Series\frun.exe" = C:\Program Files\Lexmark 4800 Series\frun.exe:*:Enabled:Printing Application -- ()

"C:\Program Files\Truck_Racing_By_Renault_Trucks\Bin\RTR.exe" = C:\Program Files\Truck_Racing_By_Renault_Trucks\Bin\RTR.exe:*:Enabled:Truck Racing by Renault Trucks -- File not found

"C:\Program Files\Fichiers communs\AOL\Loader\aolload.exe" = C:\Program Files\Fichiers communs\AOL\Loader\aolload.exe:*:Enabled:AOL Loader -- File not found

"C:\Program Files\AIM6\aim6.exe" = C:\Program Files\AIM6\aim6.exe:*:Enabled:AIM -- File not found

"C:\Program Files\GameHouse Games Collection\Wheel of Fortune\Wheel of Fortune.exe" = C:\Program Files\GameHouse Games Collection\Wheel of Fortune\Wheel of Fortune.exe:*:Disabled:Wheel of Fortune -- File not found

"C:\Program Files\Real\RealPlayer\realplay.exe" = C:\Program Files\Real\RealPlayer\realplay.exe:*:Enabled:RealPlayer -- (RealNetworks, Inc.)

"C:\Program Files\RayV\RayV\RayV.exe" = C:\Program Files\RayV\RayV\RayV.exe:*:Enabled:RayV -- File not found

"C:\Program Files\RayV\RayV\RayV.dll" = C:\Program Files\RayV\RayV\RayV.dll:*:Enabled:RayV -- File not found

"C:\Program Files\cacaoweb\cacaoweb.exe" = C:\Program Files\cacaoweb\cacaoweb.exe:*:Enabled:cacaoweb -- ()

"C:\Program Files\Mozilla Firefox\firefox.exe" = C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox -- (Mozilla Corporation)

"C:\Program Files\SopCast\SopCast.exe" = C:\Program Files\SopCast\SopCast.exe:*:Enabled:SopCast Main Application -- (www.sopcast.com)

"C:\Program Files\SopCast\adv\SopAdver.exe" = C:\Program Files\SopCast\adv\SopAdver.exe:*:Disabled:SopCast Adver -- (www.sopcast.com)

"C:\Program Files\Spotify\spotify.exe" = C:\Program Files\Spotify\spotify.exe:*:Enabled:Spotify -- File not found

 

 

========== HKEY_LOCAL_MACHINE Uninstall List ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator

"{022C4B5F-4A59-48DD-08A6-6EC5832DBFFE}" = Catalyst Control Center Localization Chinese Standard

"{055EE59D-217B-43A7-ABFF-507B966405D8}" = ATI Catalyst Control Center

"{0BEDBD4E-2D34-47B5-9973-57E62B29307C}" = ATI Control Panel

"{0DD140D3-9563-481E-AA75-BA457CBDAEF2}" = PC Inspector File Recovery

"{1148CE6F-6956-6ED3-1DBF-0A0046427A3E}" = CCC Help Swedish

"{1350E13C-A031-6574-961B-367DE4721E86}" = Catalyst Control Center Graphics Light

"{14A776EF-3904-3C55-508F-BB093954391E}" = Catalyst Control Center Localization Dutch

"{172423F9-522A-483A-AD65-03600CE4CA4F}" = Microsoft Works 6-9 Converter

"{17342E3B-0818-4A6F-BFF8-99476605ADD6}" = Livebox

"{19762EA5-8279-8FA8-5F16-7DEEF571E5D6}" = CCC Help Russian

"{1A90FD8B-8A64-8B83-D486-E507AEC997EF}" = Catalyst Control Center Graphics Full Existing

"{1D4C0096-98D0-5290-A5F7-AAA05121FA0A}" = CCC Help Danish

"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

"{2205B8AE-490E-43F2-AB43-C13C2BEC86A7}" = DDS Thumbnail Viewer

"{23F79416-CAD1-41BF-99A3-040F6C814AAA}" = NVIDIA Photoshop Plug-ins

"{26A24AE4-039D-4CA4-87B4-2F83216010FF}" = Java 6 Update 17

"{26A24AE4-039D-4CA4-87B4-2F83216014F0}" = Java 6 Update 14

"{278FDAF8-DEB0-4EBC-8192-E101A4835A3C}" = Totally Spies, Attaque des zombies

"{27CC6AB1-E72B-4179-AF1A-EAE507EBAF51}_is1" = ConvertHelper 2.2

"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1

"{2C3CE8F0-F4AD-4D54-A520-975309C617E2}" = LG PC Suite III

"{2E73FAB9-7713-D109-24DB-28339CB7A3CC}" = Catalyst Control Center Localization Norwegian

"{30517D85-B2C9-5920-77B2-6034DDC90B7C}" = CCC Help Czech

"{31A57C3E-30DD-421F-B5C7-974DACB0D05F}" = Canon Camera WIA Driver

"{3248F0A8-6813-11D6-A77B-00B0D0150010}" = J2SE Runtime Environment 5.0 Update 1

"{3248F0A8-6813-11D6-A77B-00B0D0150050}" = J2SE Runtime Environment 5.0 Update 5

"{3248F0A8-6813-11D6-A77B-00B0D0150090}" = J2SE Runtime Environment 5.0 Update 9

"{3248F0A8-6813-11D6-A77B-00B0D0150100}" = J2SE Runtime Environment 5.0 Update 10

"{3248F0A8-6813-11D6-A77B-00B0D0160020}" = Java 6 Update 2

"{3248F0A8-6813-11D6-A77B-00B0D0160030}" = Java 6 Update 3

"{3248F0A8-6813-11D6-A77B-00B0D0160050}" = Java 6 Update 5

"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java 6 Update 7

"{350C940c-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP

"{35A6DE92-DE2E-9FBB-C919-B9CA5079116D}" = Catalyst Control Center Localization Turkish

"{36CDA33B-909B-4719-97D1-C4B99309BDC7}" = ATI Parental Control & Encoder

"{39C1585C-1004-5091-180A-5AFCA3D505C2}" = Catalyst Control Center Localization Thai

"{3C6BD212-5680-4758-83ED-21171BCCBEB7}" = ASIX AX88772 WinXP_2K 32Bit Driver

"{3EA9D975-BFDC-4E8E-B88B-0446FBC8CA66}" = ATI HYDRAVISION

"{41269776-CF11-AADD-A1A9-6E1701877F88}" = CCC Help Norwegian

"{455B46A4-17C2-DDDA-F695-7F157E2C6160}" = Catalyst Control Center Localization Danish

"{462E5968-A02C-4C0A-9F74-1C4DA758CD80}" = sTabLauncher

"{4E10FFCA-5C09-6E8E-4DA4-B71FFC58C435}" = CCC Help Korean

"{4E568350-98BF-A31B-4E90-B23428023916}" = Catalyst Control Center Localization Spanish

"{53735ECE-E461-4FD0-B742-23A352436D3A}" = Logitech Updater

"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml

"{5827D56B-9A4D-6858-95C9-28B2D46F56EB}" = CCC Help German

"{5954C9DD-80C5-27FB-67FA-1DF0B5E2565A}" = Catalyst Control Center Localization Portuguese

"{5B6844F3-8C27-C589-E519-9AAE0AC87407}" = CCC Help Dutch

"{5DA6F06A-B389-407B-BF8C-1548767914D8}" = ATI Problem Report Wizard

"{5DC1DF0D-8B08-30D9-5F5F-857ADC69201A}" = Catalyst Control Center Graphics Full New

"{5DDBDE45-EB70-DC65-6D06-6D25906E7797}" = CCC Help Japanese

"{5E075172-D826-3CFC-51F4-C9E6CF6D0690}" = CCC Help Spanish

"{618EB4D7-7D67-9126-7D63-CA39F93673DE}" = Catalyst Control Center Graphics Previews Common

"{67F5A666-181F-8AA1-0D4E-BAD64AD43B42}" = CCC Help Chinese Standard

"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD

"{69640730-B830-4C24-BB5C-222DA1260548}" = Turbo Lister 2

"{69FB4970-45D2-1EA4-F131-A95EB60FFDDF}" = CCC Help Italian

"{6A053172-1F36-0307-4CA0-6AA9317EBCC1}" = CCC Help Turkish

"{6B6F61D0-BBD0-E91F-8639-6EF30206ABD2}" = Catalyst Control Center Localization Japanese

"{71389CB1-6B6D-6FC2-0B74-0357D1ADC41E}" = CCC Help Finnish

"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable

"{736D005A-96E3-3B70-836C-14C80A137862}" = CCC Help French

"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime

"{77FA0593-9D54-4CB0-9FE0-18D6EC218841}" = Barbie au Bal des 12 princesses

"{8124C5F0-D59A-DEFE-C3F7-02697D9BE53E}" = CCC Help Thai

"{82357963-7536-629A-F921-A3E72A5E124C}" = Catalyst Control Center Localization Korean

"{83F3EED2-DDE2-4434-8FBE-9D2A1E7C2BC9}" = Hama CardReader

"{8625D3E5-2159-3FA4-3A74-AB306360E63E}" = Catalyst Control Center Localization Russian

"{887EF08A-011E-477C-B6CB-01E540538ADB}" = Rep-Listing

"{888FAC3D-87CB-AB4C-EC2C-D17E0C4418E7}" = Catalyst Control Center Localization French

"{89DE67AD-08B8-4699-A55D-CA5C0AF82BF3}" = ATI AVIVO Codecs

"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight

"{89FF3A82-A88F-4035-9E95-6E03B7BA9D9B}" = Catalyst Control Center Localization Swedish

"{8E5EDE0A-6B13-A0E2-7F00-5C2660C9F771}" = Catalyst Control Center Localization Hungarian

"{8EE7E7B0-CEA9-E3FD-A63F-B27F49E9EC42}" = CCC Help Portuguese

"{90120000-0020-040C-0000-0000000FF1CE}" = Module de compatibilité pour Microsoft Office System 2007

"{9111040C-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003

"{9418FEE4-28B4-96FD-C398-42654B956376}" = Skins

"{945AC98B-3DC8-45BE-BAE0-22CEEE37A103}" = Logitech QuickCam

"{94AF0F78-E983-BD4B-1A26-80F2FBD5487C}" = Catalyst Control Center Localization Czech

"{94FB906A-CF42-4128-A509-D353026A607E}" = REALTEK Gigabit and Fast Ethernet NIC Driver

"{967FB80D-56BD-42EF-A942-9E8C78F984A4}" = Saitek SST Programming Software

"{9749C770-90C4-EE5A-D3BB-287F53622104}" = Catalyst Control Center Core Implementation

"{99FC30C1-60A7-205F-1A00-367506E756F2}" = Catalyst Control Center Localization Greek

"{9F36EDCC-81A8-5D37-9EB1-8BF6D96CAA23}" = Catalyst Control Center Localization Finnish

"{A0100CB5-E6CE-F516-59C1-28CF0195A875}" = ccc-core-preinstall

"{A29EA741-24F7-4C07-9B2C-06CB6491BE4A}" = Camera Window

"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2

"{A336E48B-A46E-81B5-936E-5A9A8D7FE3D8}" = CCC Help Hungarian

"{A4CCE9FD-4A40-5669-97B3-262672CD6C38}" = CCC Help Greek

"{AB3F9E62-1C4A-45DA-96E4-BFEB26C73F18}" = SPIF205 USB to ATA Bridge 98 Driver Installer

"{AC76BA86-7AD7-1036-7B44-A94000000001}" = Adobe Reader 9.4.1 - Français

"{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}" = ABBYY FineReader 6.0 Sprint

"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0

"{B325EFE1-1301-5BC4-8788-B1C7D3702ED1}" = CCC Help Polish

"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy

"{B4FEA924-630D-11D4-B78E-005004566E4D}" = ViewSonic Monitor Drivers

"{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = PowerProducer

"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2

"{C0E18DC4-C74A-4889-AE3A-933471023787}" = LG PC Suite III

"{C8430789-D948-0314-C36B-A7D78AB67013}" = ccc-core-static

"{CB2FFEB2-AC62-8DE2-8806-7C263437F132}" = CCC Help English

"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1

"{CE84C180-E0A7-4B64-A661-4C397E11F03E}" = NDAS Software 3.30.1602-r11613

"{D0F69BED-0B44-8D65-5834-6A74D8F83805}" = Catalyst Control Center Localization Chinese Traditional

"{DD45D741-53D9-80CF-D097-31131DD9C0B0}" = CCC Help Chinese Traditional

"{DE5730BC-81FB-633F-039D-5D8C8F787EDF}" = Catalyst Control Center Localization German

"{E5FEB4A0-1480-F22B-9822-B56BA6172421}" = ccc-utility

"{EDE721EC-870A-11D8-9D75-000129760D75}" = PowerDirector Express

"{EFF1802C-C1F1-03EC-F3E0-51048DF0009F}" = Catalyst Control Center Localization Italian

"{F11A403B-0DE9-4953-B790-7A2F014FBB2B}" = PhotoStitch

"{F9C22FF2-639F-1016-7926-9A1B06CDD516}" = Catalyst Control Center Localization Polish

"{FA02ACAC-9E14-4878-A257-92A22A647C2C}" = LG USB Modem Drivers

"{FA3A247D-437A-455E-A88F-7EB6E5F9E799}" = Catalyst Control Center - Branding

"{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio

"7-Zip" = 7-Zip 4.65

"8461-7759-5462-8226" = Vuze

"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX

"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin

"Adobe Photoshop Elements 2.0" = Adobe Photoshop Elements 2.0

"Adobe Shockwave Player" = Adobe Shockwave Player 11.5

"All ATI Software" = ATI - Utilitaire de désinstallation du logiciel

"Ant Renamer 2_is1" = Ant Renamer

"Anti-Twin 2007-10-25 21.57.33" = Anti-Twin (Installation 03.01.2010)

"ATI Display Driver" = ATI Display Driver

"Audacity_is1" = Audacity 1.2.3

"avast5" = avast! Free Antivirus

"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus

"AviSynth" = AviSynth 2.5

"Barbie dans Coeur de Princesse" = Barbie dans Coeur de Princesse

"CB1300SF" = CB1300SF?????????

"CCleaner" = CCleaner (remove only)

"CdaC13Ba" = SafeCast Shared Components

"Converio_is1" = Converio

"CoreWavPack DirectShow Filters" = CoreWavPack DirectShow Filters (remove only)

"coverJuke_is1" = coverJuke v1.56

"CPUID CPU-Z_is1" = CPUID CPU-Z 1.52.2

"drmtool.inf" = Personal License Update Wizard for Windows Media Player

"DVD Decrypter 3.5.1.1 Fr" = DVD Decrypter 3.5.1.1 Fr

"DVD Shrink_is1" = DVD Shrink 3.2

"Easy TM Forever" = Easy TM Forever 3.0.3

"Emsisoft Anti-Malware_is1" = Emsisoft Anti-Malware 5.0

"FormatFactory" = FormatFactory 2.20

"Free MP3 Sound Recorder_is1" = Free MP3 Sound Recorder v1.9

"GestionnaireInternet.exe" = Gestionnaire Internet

"HijackThis" = HijackThis 2.0.2

"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs

"ie7" = Windows Internet Explorer 7

"ie8" = Windows Internet Explorer 8

"InCD!UninstallKey" = InCD

"Indeo® software" = Indeo® software

"InstallShield_{31A57C3E-30DD-421F-B5C7-974DACB0D05F}" = Canon EOS Kiss REBEL 300D Pilote WIA

"InstallShield_{3C6BD212-5680-4758-83ED-21171BCCBEB7}" = ASIX AX88772 WinXP_2K 32Bit Driver

"InstallShield_{69640730-B830-4C24-BB5C-222DA1260548}" = Turbo Lister 2

"InstallShield_{A29EA741-24F7-4C07-9B2C-06CB6491BE4A}" = Canon Camera Window for ZoomBrowser EX

"InstallShield_{F11A403B-0DE9-4953-B790-7A2F014FBB2B}" = Canon Utilities PhotoStitch 3.1

"IsoBuster_is1" = IsoBuster 2.2

"KLiteCodecPack_is1" = K-Lite Mega Codec Pack 2.01

"LeechFTP" = LeechFTP

"legacyqcam_10.50" = Coffret de pilotes Logitech Legacy USB Camera

"Lexmark 4800 Series" = Lexmark 4800 Series

"lvdrivers_11.50" = Coffret de pilotes Logitech QuickCam

"Macromedia Dreamweaver 3 Fr" = Macromedia Dreamweaver 3 Fr

"MailNavigator v.1.11" = MailNavigator v.1.11

"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware

"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1

"MigrationAnalyzer" = MigrationAnalyzer

"Mozilla Firefox (3.6.13)" = Mozilla Firefox (3.6.13)

"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP

"Nero - Burning Rom!UninstallKey" = Nero OEM

"NeroVision!UninstallKey" = NeroVision Express 2 SE

"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs

"OpenAL" = OpenAL

"PhotoFiltre" = PhotoFiltre

"Picasa 3" = Picasa 3

"QuickTime" = QuickTime

"RADVideo" = RAD Video Tools

"RealPlayer 12.0" = RealPlayer

"Sandlot Games Client Services_is1" = Sandlot Games Client Services

"SopCast" = SopCast 3.2.9

"Synchronizer" = Synchronizer

"TeamViewer 4" = TeamViewer 4

"TmNationsForever_is1" = TmNationsForever_Fix_2009_10_09

"TMShootBox" = TMShootBox v1.2

"TmUnitedForever - UVME_is1" = TmUnitedForever - UVME v3.0

"TmUnitedForever_is1" = TmUnitedForever Update 2010-03-15

"Veetle TV" = Veetle TV 0.9.18

"ViewpointMediaPlayer" = Viewpoint Media Player

"WIC" = Windows Imaging Component

"WinAce Archiver" = WinAce Archiver

"Windows Media Format Runtime" = Windows Media Format 11 runtime

"Windows Media Player" = Lecteur Windows Media 11

"Windows XP Service" = Windows XP Service Pack 3

"WinKey" = WinKey

"winscp3_is1" = WinSCP 4.0.6

"WMFDist11" = Windows Media Format 11 runtime

"wmp11" = Windows Media Player 11

"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0

"XP Codec Pack" = XP Codec Pack

 

========== HKEY_USERS Uninstall List ==========

 

[HKEY_USERS\S-1-5-21-1935655697-484061587-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"Mmm" = Mmm

 

========== Last 10 Event Log Errors ==========

 

[ Antivirus Events ]

Error - 07/11/2009 15:54:34 | Computer Name = SALON | Source = avast! | ID = 33554522

Description =

 

Error - 08/11/2009 15:06:03 | Computer Name = SALON | Source = avast! | ID = 33554522

Description =

 

Error - 14/11/2009 16:34:16 | Computer Name = SALON | Source = avast! | ID = 33554522

Description =

 

Error - 14/11/2009 16:59:18 | Computer Name = SALON | Source = avast! | ID = 33554522

Description =

 

Error - 14/11/2009 16:59:18 | Computer Name = SALON | Source = avast! | ID = 33554522

Description =

 

Error - 14/11/2009 16:59:18 | Computer Name = SALON | Source = avast! | ID = 33554522

Description =

 

Error - 14/11/2009 16:59:18 | Computer Name = SALON | Source = avast! | ID = 33554522

Description =

 

Error - 14/11/2009 16:59:18 | Computer Name = SALON | Source = avast! | ID = 33554522

Description =

 

Error - 14/11/2009 16:59:18 | Computer Name = SALON | Source = avast! | ID = 33554522

Description =

 

Error - 11/02/2010 14:17:09 | Computer Name = SALON | Source = avast! | ID = 33554522

Description =

 

[ Application Events ]

Error - 05/12/2006 19:08:14 | Computer Name = PC1 | Source = Application Error | ID = 1000

Description = Application défaillante yahoomessenger.exe, version 7.5.0.819, module

défaillant unknown, version 0.0.0.0, adresse de défaillance 0x051c2d70.

 

Error - 08/12/2006 09:56:35 | Computer Name = PC1 | Source = Application Hang | ID = 1002

Description = Application bloquée wmplayer.exe, version 10.0.0.3802, module bloqué

hungapp, version 0.0.0.0, adresse de blocage 0x00000000.

 

Error - 08/12/2006 11:05:57 | Computer Name = PC1 | Source = Application Hang | ID = 1002

Description = Application bloquée nero.exe, version 6.6.0.3, module bloqué hungapp,

version 0.0.0.0, adresse de blocage 0x00000000.

 

Error - 14/12/2006 17:25:48 | Computer Name = PC1 | Source = Application Hang | ID = 1002

Description = Application bloquée msimn.exe, version 6.0.2900.2180, module bloqué

hungapp, version 0.0.0.0, adresse de blocage 0x00000000.

 

Error - 14/12/2006 17:55:41 | Computer Name = PC1 | Source = Application Hang | ID = 1002

Description = Application bloquée msimn.exe, version 6.0.2900.2180, module bloqué

hungapp, version 0.0.0.0, adresse de blocage 0x00000000.

 

Error - 14/12/2006 17:57:24 | Computer Name = PC1 | Source = Application Hang | ID = 1002

Description = Application bloquée msimn.exe, version 6.0.2900.2180, module bloqué

hungapp, version 0.0.0.0, adresse de blocage 0x00000000.

 

Error - 14/12/2006 18:17:00 | Computer Name = PC1 | Source = ESENT | ID = 494

Description = wuauclt (3096) La récupération de la base de données a échoué en raison

de l'erreur -1216 car elle a rencontré des références à une base de données, 'C:\WINDOWS\SoftwareDistribution\DataStore\DataStore.edb',

qui n'est plus présente. La base de données ne présentait pas un état cohérent

avant d'être supprimée (ou déplacée et renommée). Le moteur de base de données ne

permettra pas d'effectuer la récupération pour cette instance tant que la base

de données manquante ne sera pas réinstallée. Si la base de données n'est plus disponible

ni nécessaire, contactez le Support technique pour obtenir des instructions concernant

les étapes à suivre pour permettre la récupération sans cette base de données.

 

Error - 14/12/2006 18:17:00 | Computer Name = PC1 | Source = ESENT | ID = 454

Description = wuauclt (3096) La récupération/restauration de la base de données

a échoué en raison d'une erreur inattendue -1216.

 

Error - 14/12/2006 18:37:48 | Computer Name = PC1 | Source = Application Hang | ID = 1002

Description = Application bloquée msimn.exe, version 6.0.2900.2180, module bloqué

hungapp, version 0.0.0.0, adresse de blocage 0x00000000.

 

Error - 14/12/2006 18:39:12 | Computer Name = PC1 | Source = Application Hang | ID = 1001

Description = Détecteur d'erreurs 126906962.

 

[ System Events ]

Error - 15/09/2006 13:32:19 | Computer Name = PC1 | Source = IPRIP | ID = 29053

Description = IPRIP n'a pas pu joindre le groupe multidiffusion 224.0.0.9 sur l'interface

locale avec l'adresse IP 169.254.253.190. Les données sont dans le code d'erreur.

 

Error - 24/09/2006 08:10:29 | Computer Name = PC1 | Source = Dhcp | ID = 1001

Description = Le réseau n'a attribué aucune adresse à votre ordinateur (par le serveur

DHCP)

pour la carte réseau avec l'adresse réseau 6216A399E163. Il s'est produit l'erreur

suivante : %%121. Votre ordinateur va continuer à essayer d'obtenir sa propre adresse

auprès du serveur d'adresse réseau (DHCP).

 

Error - 24/09/2006 08:15:07 | Computer Name = PC1 | Source = IPRIP | ID = 29053

Description = IPRIP n'a pas pu joindre le groupe multidiffusion 224.0.0.9 sur l'interface

locale avec l'adresse IP 169.254.253.190. Les données sont dans le code d'erreur.

 

Error - 24/09/2006 11:43:09 | Computer Name = PC1 | Source = IPRIP | ID = 29053

Description = IPRIP n'a pas pu joindre le groupe multidiffusion 224.0.0.9 sur l'interface

locale avec l'adresse IP 169.254.253.190. Les données sont dans le code d'erreur.

 

Error - 24/09/2006 12:01:33 | Computer Name = PC1 | Source = IPRIP | ID = 29053

Description = IPRIP n'a pas pu joindre le groupe multidiffusion 224.0.0.9 sur l'interface

locale avec l'adresse IP 169.254.253.190. Les données sont dans le code d'erreur.

 

Error - 24/09/2006 12:02:58 | Computer Name = PC1 | Source = IPRIP | ID = 29053

Description = IPRIP n'a pas pu joindre le groupe multidiffusion 224.0.0.9 sur l'interface

locale avec l'adresse IP 169.254.253.190. Les données sont dans le code d'erreur.

 

Error - 24/09/2006 12:08:44 | Computer Name = PC1 | Source = IPRIP | ID = 29053

Description = IPRIP n'a pas pu joindre le groupe multidiffusion 224.0.0.9 sur l'interface

locale avec l'adresse IP 169.254.253.190. Les données sont dans le code d'erreur.

 

Error - 24/09/2006 12:08:44 | Computer Name = PC1 | Source = ipnathlp | ID = 32003

Description = Le traducteur d'adresses réseau (NAT) n'a pas pu demander une opération

du

module de traduction en mode noyau. Ceci peut indiquer une configuration incorrecte,

des ressources insuffisantes ou une erreur interne. La donnée est le code de l'erreur.

 

Error - 13/10/2006 11:25:42 | Computer Name = PC1 | Source = Service Control Manager | ID = 7024

Description = Le service Symantec Network Proxy s'est arrêté avec l'erreur service

particulière 4294967295 (0xFFFFFFFF).

 

Error - 13/10/2006 11:32:09 | Computer Name = PC1 | Source = Service Control Manager | ID = 7024

Description = Le service Symantec Network Proxy s'est arrêté avec l'erreur service

particulière 4294967295 (0xFFFFFFFF).

 

 

< End of report >

jeanmimigab Extrem Member

jeanmimigab

Posté(e)
Posté(e)

hello,

 

Fais cela stp...

 

Tu as deux Anti virus installés sur ton PC ( Avast et Antivir ), tu dois impérativement en désinstaller un des deux.

Je te conseille de désinstaller Avast et de garder Antivir sur ton PC

 

Ensuite...

 

* Fais un double-clic sur l'icône d'OTL pour le lancer

* Assure toi d'avoir fermé toutes les applications en court de fonctionnement.

* Quand la fenêtre d'OTL apparaît, assure toi que dans la section "Rapport" (en haut à droite) la case "Rapport minimal" soit cochée.

* Copies et colles le contenue de cette citation dans la partie inférieure d'OTL "Personnalisation"

 

:Files

C:\Program Files\cacaoweb

C:\WINDOWS\BackupIP

C:\Program Files\Fichiers communs\BOONTY Shared

C:\DOCUME~1\FRANHE~1\LOCALS~1\Temp\ddxgb.sys

C:\Program Files\MyWebSearch

C:\Documents and Settings\franhemapau\Application Data\Mozilla\Firefox\Profiles\f2er97tf.default\extensions\cacaoweb@cacaoweb.org

C:\Documents and Settings\franhemapau\Application Data\cacaoweb

 

:OTL

PRC - C:\Program Files\cacaoweb\cacaoweb.exe ()

PRC - C:\WINDOWS\BackupIP\service.exe ()

SRV - (sdmBackupIP) -- C:\WINDOWS\BackupIP\service.exe ()

SRV - (Boonty Games) -- C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe (BOONTY)

DRV - (ddxgb) -- C:\DOCUME~1\FRANHE~1\LOCALS~1\Temp\ddxgb.sys File not found

FF - prefs.js..extensions.enabledItems: cacaoweb@cacaoweb.org:1.0.8

FF - HKLM\software\mozilla\Firefox\Extensions\\m3ffxtbr@mywebsearch.com: C:\Program Files\MyWebSearch\bar\3.bin File not found

[2010/09/24 18:14:29 | 000,000,000 | ---D | M] (cacaoweb) -- C:\Documents and Settings\franhemapau\Application Data\Mozilla\Firefox\Profiles\f2er97tf.default\extensions\cacaoweb@cacaoweb.org

O4 - HKU\S-1-5-21-1935655697-484061587-839522115-1003..\Run: [cacaoweb] C:\Program Files\cacaoweb\cacaoweb.exe ()

O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present

O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Restrictions present

O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Restrictions present

O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Restrictions present

O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Restrictions present

O7 - HKU\S-1-5-21-1935655697-484061587-839522115-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKU\S-1-5-21-1935655697-484061587-839522115-1003\Software\Policies\Microsoft\Internet Explorer\Restrictions present

O16 - DPF: {EDFCB7CB-942C-4822-AF14-F0B687409848} http://www.mypix.fr/...geUploader4.cab (Image Uploader Control)

O16 - DPF: Microsoft XML Parser for Java file:///C:/WINDOWS/Java/classes/xmldso.cab (Reg Error: Key error.)

MsConfig - Services: "Boonty Games"

MsConfig - StartUpFolder: C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^NDAS Device Management.lnk - C:\Program Files\NDAS\System\ndasmgmt.exe - (XIMETA, Inc.)

MsConfig - StartUpFolder: C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^sTabLauncher.lnk - C:\WINDOWS\Installer\{462E5968-A02C-4C0A-9F74-1C4DA758CD80}\_424294B8CE29243E7198A4.exe - ()

MsConfig - StartUpFolder: C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^WinKey.lnk - C:\Program Files\WinKey\WinKey.exe - ()

MsConfig - StartUpReg: MyWebSearch Email Plugin - hkey= - key= - C:\PROGRA~1\MYWEBS~1\bar\3.bin\mwsoemon.exe File not found

ActiveX: {03F998B2-0E00-11D3-A498-00104B6EB52E} - Viewpoint Media Player

ActiveX: {1B00725B-C455-4DE6-BFB6-AD540AD427CD} - Viewpoint Media Player

ActiveX: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} - Reg Error: Value error.

ActiveX: {347B0667-C7ED-429B-BDE3-CC8D3BACAA31} - Reg Error: Value error.

[9 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]

[15 C:\windows\System32\*.tmp files -> C:\windows\System32\*.tmp -> ]

 

:REG

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

"C:\Program Files\cacaoweb\cacaoweb.exe" =-

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"ViewpointMediaPlayer" =-

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

"DisableMonitoring" ="0"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

"DisableMonitoring" ="0"

 

 

:Commands

[emptytemp]

[EMPTYFLASH]

[PURITY]

* Cliques sur l'icône "Correction" (en haut à gauche) .

* Laisse le scan aller à son terme sans te servir du PC

* A la fin du scan un rapport va s'ouvrir "OTL.Txt"

* Copie et colle le rapports dans ta réponse stp...

* Au cas où, tu peux les retrouver dans le dossier C:\OTL ou sur ton bureau en fonction des cas rencontrés

 

 

ensuite...

 

Ouvre le poste de travail,puis clique sur outil > options des dossiers > choisie l'onglet "affichage"

  • Coche "Afficher les Fichiers et dossiers cachés"
  • Décoche "Masquer les fichiers protégés du système d'exploitation (recommandé)"
  • Décoche "Masquer les extensions dont le type est connu"
  • Clique sur "Appliquer" et "Ok" pour valider les changements.

 

Ensuite...

 

 

Rend toi sur Virus Total

une fois sur la page d'accueil....


  •  
  • 1:Clique sur "Parcourir" > dans la fenêtre d'explorateur qui s'ouvre choisie le fichier a analyser et cliques sur "Ouvrir".

 

Pour toi,c'est C:\windows\System32\E74B5DB51B.sys

  • 2:Le chemin complet du fichier a analyser doit apparaitre dans la fenêtre
  • 3:Cliques sur "Envoyer le fichier"
  • ensuite patiente le temps du scan et poste un copier/coller du rapport qui apparait à l'écran

 

100220013536644162.png

 

 

ensuite fait la même manipulation avec >> C:\windows\SK@J

 

@++ ;)

sio Member

sio

Posté(e)
  • Auteur
Posté(e)

merci d'avance pour le temps que tu consacres à mon souci ...

 

rapport OLT :

All processes killed

========== FILES ==========

C:\Program Files\cacaoweb folder moved successfully.

C:\WINDOWS\BackupIP folder moved successfully.

C:\Program Files\Fichiers communs\BOONTY Shared\Service folder moved successfully.

C:\Program Files\Fichiers communs\BOONTY Shared folder moved successfully.

File\Folder C:\DOCUME~1\FRANHE~1\LOCALS~1\Temp\ddxgb.sys not found.

File\Folder C:\Program Files\MyWebSearch not found.

C:\Documents and Settings\franhemapau\Application Data\Mozilla\Firefox\Profiles\f2er97tf.default\extensions\cacaoweb@cacaoweb.org\defaults\preferences folder moved successfully.

C:\Documents and Settings\franhemapau\Application Data\Mozilla\Firefox\Profiles\f2er97tf.default\extensions\cacaoweb@cacaoweb.org\defaults folder moved successfully.

C:\Documents and Settings\franhemapau\Application Data\Mozilla\Firefox\Profiles\f2er97tf.default\extensions\cacaoweb@cacaoweb.org\chrome\skin folder moved successfully.

C:\Documents and Settings\franhemapau\Application Data\Mozilla\Firefox\Profiles\f2er97tf.default\extensions\cacaoweb@cacaoweb.org\chrome\locale\fr-FR folder moved successfully.

C:\Documents and Settings\franhemapau\Application Data\Mozilla\Firefox\Profiles\f2er97tf.default\extensions\cacaoweb@cacaoweb.org\chrome\locale\es-ES folder moved successfully.

C:\Documents and Settings\franhemapau\Application Data\Mozilla\Firefox\Profiles\f2er97tf.default\extensions\cacaoweb@cacaoweb.org\chrome\locale\en-US folder moved successfully.

C:\Documents and Settings\franhemapau\Application Data\Mozilla\Firefox\Profiles\f2er97tf.default\extensions\cacaoweb@cacaoweb.org\chrome\locale\de-DE folder moved successfully.

C:\Documents and Settings\franhemapau\Application Data\Mozilla\Firefox\Profiles\f2er97tf.default\extensions\cacaoweb@cacaoweb.org\chrome\locale folder moved successfully.

C:\Documents and Settings\franhemapau\Application Data\Mozilla\Firefox\Profiles\f2er97tf.default\extensions\cacaoweb@cacaoweb.org\chrome\content folder moved successfully.

C:\Documents and Settings\franhemapau\Application Data\Mozilla\Firefox\Profiles\f2er97tf.default\extensions\cacaoweb@cacaoweb.org\chrome folder moved successfully.

C:\Documents and Settings\franhemapau\Application Data\Mozilla\Firefox\Profiles\f2er97tf.default\extensions\cacaoweb@cacaoweb.org folder moved successfully.

C:\Documents and Settings\franhemapau\Application Data\cacaoweb folder moved successfully.

========== OTL ==========

No active process named cacaoweb.exe was found!

No active process named service.exe was found!

Service sdmBackupIP stopped successfully!

Service sdmBackupIP deleted successfully!

File C:\WINDOWS\BackupIP\service.exe not found.

Service Boonty Games stopped successfully!

Service Boonty Games deleted successfully!

File C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe not found.

Service ddxgb stopped successfully!

Service ddxgb deleted successfully!

File C:\DOCUME~1\FRANHE~1\LOCALS~1\Temp\ddxgb.sys File not found not found.

Prefs.js: cacaoweb@cacaoweb.org:1.0.8 removed from extensions.enabledItems

Registry value HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\m3ffxtbr@mywebsearch.com deleted successfully.

Folder C:\Documents and Settings\franhemapau\Application Data\Mozilla\Firefox\Profiles\f2er97tf.default\extensions\cacaoweb@cacaoweb.org\ not found.

Registry value HKEY_USERS\S-1-5-21-1935655697-484061587-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Run\\cacaoweb deleted successfully.

File C:\Program Files\cacaoweb\cacaoweb.exe not found.

Registry key HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Restrictions\ deleted successfully.

Registry key HKEY_USERS\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel\ not found.

Registry key HKEY_USERS\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Restrictions\ not found.

Registry key HKEY_USERS\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel\ not found.

Registry key HKEY_USERS\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Restrictions\ not found.

Registry key HKEY_USERS\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel\ not found.

Registry key HKEY_USERS\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Restrictions\ not found.

Registry key HKEY_USERS\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel\ not found.

Registry key HKEY_USERS\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Restrictions\ not found.

Registry key HKEY_USERS\S-1-5-21-1935655697-484061587-839522115-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel\ deleted successfully.

Registry key HKEY_USERS\S-1-5-21-1935655697-484061587-839522115-1003\Software\Policies\Microsoft\Internet Explorer\Restrictions\ deleted successfully.

Starting removal of ActiveX control {EDFCB7CB-942C-4822-AF14-F0B687409848}

C:\windows\Downloaded Program Files\ImageUploader4.inf moved successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{EDFCB7CB-942C-4822-AF14-F0B687409848}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EDFCB7CB-942C-4822-AF14-F0B687409848}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{EDFCB7CB-942C-4822-AF14-F0B687409848}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EDFCB7CB-942C-4822-AF14-F0B687409848}\ not found.

File oft XML Parser for Java file:///C:/WINDOWS/Java/classes/xmldso.cab not found.

Starting removal of ActiveX control Microsoft XML Parser for Java

Registry error reading value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\Microsoft XML Parser for Java\DownloadInformation\\INF .

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\Microsoft XML Parser for Java\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\Microsoft XML Parser for Java\ not found.

Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\\Boonty Games deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\StartUpFolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^NDAS Device Management.lnk\ deleted successfully.

C:\windows\pss\NDAS Device Management.lnkCommon Startup moved successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\StartUpFolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^sTabLauncher.lnk\ deleted successfully.

C:\windows\pss\sTabLauncher.lnkCommon Startup moved successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\StartUpFolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^WinKey.lnk\ deleted successfully.

C:\windows\pss\WinKey.lnkCommon Startup moved successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\StartUpReg\MyWebSearch Email Plugin\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{03F998B2-0E00-11D3-A498-00104B6EB52E}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{03F998B2-0E00-11D3-A498-00104B6EB52E}\ deleted successfully.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Active Setup\Installed Components\{03F998B2-0E00-11D3-A498-00104B6EB52E}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{03F998B2-0E00-11D3-A498-00104B6EB52E}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}\ deleted successfully.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Active Setup\Installed Components\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{30528230-99F7-4BB4-88D8-FA1D4F56A2AB}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{30528230-99F7-4BB4-88D8-FA1D4F56A2AB}\ deleted successfully.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Active Setup\Installed Components\{30528230-99F7-4BB4-88D8-FA1D4F56A2AB}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{30528230-99F7-4BB4-88D8-FA1D4F56A2AB}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{347B0667-C7ED-429B-BDE3-CC8D3BACAA31}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{347B0667-C7ED-429B-BDE3-CC8D3BACAA31}\ deleted successfully.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Active Setup\Installed Components\{347B0667-C7ED-429B-BDE3-CC8D3BACAA31}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{347B0667-C7ED-429B-BDE3-CC8D3BACAA31}\ not found.

C:\windows\000001_.tmp deleted successfully.

C:\windows\002426_.tmp deleted successfully.

C:\windows\002450_.tmp deleted successfully.

C:\windows\005867_.tmp deleted successfully.

C:\windows\SET3.tmp deleted successfully.

C:\windows\SET7.tmp deleted successfully.

C:\windows\SET8C.tmp deleted successfully.

C:\windows\SET98.tmp deleted successfully.

C:\windows\~ACROBAT.TMP deleted successfully.

C:\windows\System32\CONFIG.TMP deleted successfully.

C:\windows\System32\fxsapi.dll.tmp deleted successfully.

C:\windows\System32\fxsst.dll.tmp deleted successfully.

C:\windows\System32\iprip.dll.tmp deleted successfully.

C:\windows\System32\SET127.tmp deleted successfully.

C:\windows\System32\SET12A.tmp deleted successfully.

C:\windows\System32\SET136.tmp deleted successfully.

C:\windows\System32\SET138.tmp deleted successfully.

C:\windows\System32\SET17C.tmp deleted successfully.

C:\windows\System32\SET1B.tmp deleted successfully.

C:\windows\System32\SET22F.tmp deleted successfully.

C:\windows\System32\SET231.tmp deleted successfully.

C:\windows\System32\SET23F.tmp deleted successfully.

C:\windows\System32\SET33.tmp deleted successfully.

C:\windows\System32\SET4C.tmp deleted successfully.

========== REGISTRY ==========

Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\cacaoweb\cacaoweb.exe deleted successfully.

Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\\ViewpointMediaPlayer not found.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus\\"DisableMonitoring" |"0" /E : value set successfully!

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall\\"DisableMonitoring" |"0" /E : value set successfully!

========== COMMANDS ==========

 

[EMPTYTEMP]

 

User: All Users

 

User: Default User

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 33170 bytes

 

User: franhemapau

->Temp folder emptied: 3976425 bytes

->Temporary Internet Files folder emptied: 4445559 bytes

->Java cache emptied: 49175454 bytes

->FireFox cache emptied: 108019493 bytes

->Google Chrome cache emptied: 77161943 bytes

->Flash cache emptied: 3887 bytes

 

User: LocalService

->Temp folder emptied: 66016 bytes

->Temporary Internet Files folder emptied: 579728 bytes

 

User: NetworkService

->Temp folder emptied: 8654 bytes

->Temporary Internet Files folder emptied: 84505 bytes

 

%systemdrive% .tmp files removed: 0 bytes

%systemroot% .tmp files removed: 0 bytes

%systemroot%\System32 .tmp files removed: 0 bytes

%systemroot%\System32\dllcache .tmp files removed: 0 bytes

%systemroot%\System32\drivers .tmp files removed: 0 bytes

Windows Temp folder emptied: 397827 bytes

%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes

RecycleBin emptied: 0 bytes

 

Total Files Cleaned = 233,00 mb

 

 

[EMPTYFLASH]

 

User: All Users

 

User: Default User

 

User: franhemapau

->Flash cache emptied: 0 bytes

 

User: LocalService

 

User: NetworkService

 

Total Flash Files Cleaned = 0,00 mb

 

 

OTL by OldTimer - Version 3.2.20.1 log created on 01122011_180824

 

Files\Folders moved on Reboot...

 

Registry entries deleted on Reboot...

 

 

 

rapport TOTAL VIRUS

Antivirus Version Last update Result

 

AhnLab-V3 2011.01.12.01 2011.01.12 -

 

AntiVir 7.11.1.110 2011.01.12 -

 

Antiy-AVL 2.0.3.7 2011.01.12 -

 

Avast 4.8.1351.0 2011.01.12 -

 

Avast5 5.0.677.0 2011.01.12 -

 

BitDefender 7.2 2011.01.12 -

 

CAT-QuickHeal 11.00 2011.01.12 -

 

ClamAV 0.96.4.0 2011.01.12 -

 

Command 5.2.11.5 2011.01.12 -

 

Comodo 7372 2011.01.12 -

 

DrWeb 5.0.2.03300 2011.01.12 -

 

Emsisoft 5.1.0.1 2011.01.12 -

 

eSafe 7.0.17.0 2011.01.12 -

 

eTrust-Vet 36.1.8095 2011.01.12 -

 

F-Prot 4.6.2.117 2011.01.11 -

 

F-Secure 9.0.16160.0 2011.01.12 -

 

Fortinet 4.2.254.0 2011.01.10 -

 

GData 21 2011.01.12 -

 

Ikarus T3.1.1.97.0 2011.01.12 -

 

Jiangmin 13.0.900 2011.01.12 -

 

K7AntiVirus 9.75.3523 2011.01.12 -

 

Kaspersky 7.0.0.125 2011.01.12 -

 

McAfee 5.400.0.1158 2011.01.12 -

 

McAfee-GW-Edition 2010.1C 2011.01.12 -

 

Microsoft 1.6402 2011.01.12 -

 

NOD32 5782 2011.01.12 -

 

Norman 6.06.12 2011.01.12 -

 

nProtect 2011-01-12.01 2011.01.12 -

 

Panda 10.0.2.7 2011.01.12 -

 

PCTools 7.0.3.5 2011.01.12 -

 

Prevx 3.0 2011.01.12 -

 

Rising 22.82.02.03 2011.01.12 -

 

Sophos 4.61.0 2011.01.12 -

 

SUPERAntiSpyware 4.40.0.1006 2011.01.12 -

 

Symantec 20101.3.0.103 2011.01.12 -

 

TheHacker 6.7.0.1.113 2011.01.11 -

 

TrendMicro 9.120.0.1004 2011.01.12 -

 

TrendMicro-HouseCall 9.120.0.1004 2011.01.12 -

 

VBA32 3.12.14.2 2011.01.12 -

 

VIPRE 8053 2011.01.12 -

 

ViRobot 2011.1.12.4249 2011.01.12 -

 

VirusBuster 13.6.142.2 2011.01.12 -

 

MD5: 3a91ecee2ba6fc9ed09ce0ae0002f9bb

 

SHA1: 08ab490d3296c510502b342f33bb4652109ded17

 

SHA256: f110edb6d8d6b20a0fea8238968be3e6123212df74caa60eb589f2c2ca4e7b8b

 

File size: 56 bytes

 

Scan date: 2011-01-12 17:31:11 (UTC)

 

 

 

 

:-? :-? :-? :-? :-?

 

ensuite fait la même manipulation avec >> C:\windows\SK@J

 

:-? :-? :-? :-? :-? :-?

 

il ne fait rien VIRUS TOTAL avec ce fichier ....

jeanmimigab Extrem Member

jeanmimigab

Posté(e)
Posté(e)

hello,

 

T'inquiète pas, tu te débrouille bien, je m'en doutais un peu pour le second fichier ;)

 

J'ai un doute sur l'utilité/dangereusité de ce fichier, je demande leurs avis aux collègues et te tient au courant.

 

En attendant fais cela stp...

 

 

 

  • télécharge Malwarebytes et installe le.
  • Après avoir effectué la mise à jour, Choisis "exécuter un examen rapide", à la fin du scanne, coches tous les éléments trouvés,et clique sur supprimer la sélection.
  • Poste moi le rapport stp.

sio Member

sio

Posté(e)
  • Auteur
Posté(e) (modifié)

en allant voir AVIRA ANTIVIR sur les évènements de la journée, voilà ce que j'ai trouvé :

 

Dans le fichier 'C:\System Volume Information\_restore{95F405FE-6904-4BE8-9394-709C851504BC}\RP1539\A0271694.exe'

un virus ou un programme indésirable 'TR/PSW.Magania.eeft.1' [trojan] a été détecté.

Action exécutée : Refuser l'accès

 

ce fichier à tenté de s'ouvrir toute les heures à 15h03 puis 16h03 puis 17h03 ... ce doit être cela les pubs, ma femme n'a rien vu sur apparaitre l'ordi aujourd'hui

 

 

Malwarebytes' Anti-Malware 1.50.1.1100

www.malwarebytes.org

 

Version de la base de données: 5486

 

Windows 5.1.2600 Service Pack 3

Internet Explorer 8.0.6001.18702

 

12/01/2011 19:03:08

mbam-log-2011-01-12 (19-03-08).txt

 

Type d'examen: Examen rapide

Elément(s) analysé(s): 132737

Temps écoulé: 6 minute(s), 27 seconde(s)

 

Processus mémoire infecté(s): 0

Module(s) mémoire infecté(s): 0

Clé(s) du Registre infectée(s): 0

Valeur(s) du Registre infectée(s): 0

Elément(s) de données du Registre infecté(s): 0

Dossier(s) infecté(s): 0

Fichier(s) infecté(s): 0

 

Processus mémoire infecté(s):

(Aucun élément nuisible détecté)

 

Module(s) mémoire infecté(s):

(Aucun élément nuisible détecté)

 

Clé(s) du Registre infectée(s):

(Aucun élément nuisible détecté)

 

Valeur(s) du Registre infectée(s):

(Aucun élément nuisible détecté)

 

Elément(s) de données du Registre infecté(s):

(Aucun élément nuisible détecté)

 

Dossier(s) infecté(s):

(Aucun élément nuisible détecté)

 

Fichier(s) infecté(s):

(Aucun élément nuisible détecté)

Modifié par sio
sio Member

sio

Posté(e)
  • Auteur
Posté(e)

Malwarebytes' Anti-Malware 1.50.1.1100

www.malwarebytes.org

 

Version de la base de données: 5486

 

Windows 5.1.2600 Service Pack 3

Internet Explorer 8.0.6001.18702

 

12/01/2011 19:03:08

mbam-log-2011-01-12 (19-03-08).txt

 

Type d'examen: Examen rapide

Elément(s) analysé(s): 132737

Temps écoulé: 6 minute(s), 27 seconde(s)

 

Processus mémoire infecté(s): 0

Module(s) mémoire infecté(s): 0

Clé(s) du Registre infectée(s): 0

Valeur(s) du Registre infectée(s): 0

Elément(s) de données du Registre infecté(s): 0

Dossier(s) infecté(s): 0

Fichier(s) infecté(s): 0

 

Processus mémoire infecté(s):

(Aucun élément nuisible détecté)

 

Module(s) mémoire infecté(s):

(Aucun élément nuisible détecté)

 

Clé(s) du Registre infectée(s):

(Aucun élément nuisible détecté)

 

Valeur(s) du Registre infectée(s):

(Aucun élément nuisible détecté)

 

Elément(s) de données du Registre infecté(s):

(Aucun élément nuisible détecté)

 

Dossier(s) infecté(s):

(Aucun élément nuisible détecté)

 

Fichier(s) infecté(s):

(Aucun élément nuisible détecté)

jeanmimigab Extrem Member

jeanmimigab

Posté(e)
Posté(e)

yop,

Je vais fouiller un peu dans les rapports car on a sûrement une tache planifiée qui tente de relancer l'infection, pour l'instant fais cela...

 

Tu dois désactiver et réactiver ta restauration système

 

Désactiver la Restauration du système comme cela:

 


  •  
  • Dans la barre des tâches de Windows, cliquez sur "Démarrer".
  • Cliquez avec le bouton droit de la souris sur "Poste de travail" puis cliquez sur "Propriétés".
  • Dans l'onglet "Restauration du système", sélectionnez "Désactiver la Restauration du système" ou "Désactiver la Restauration du système sur tous les lecteurs".
  • Si vous ne voyez pas l'onglet "Restauration du système", vous n’êtes pas connecté sous Windows comme Administrateur.
  • Cliquez sur "Appliquer".
  • Lorsque le message de confirmation apparaît, cliquez sur "Oui".
  • Cliquez sur "OK".
     

 

Ré-activer la Restauration du système comme cela:

 


  •  
  • Dans la barre des tâches de Windows, cliquez sur "Démarrer".
  • Cliquez avec le bouton droit de la souris sur "Poste de travail" puis cliquez sur "Propriétés"
  • Dans l'onglet Restauration du système, décochez "Désactiver la Restauration du système" ou "Désactiver la Restauration du système sur tous les lecteurs".
  • Si vous ne voyez pas l'onglet "Restauration du système", vous n’êtes pas connecté sous Windows comme Administrateur.
  • Cliquez sur "Appliquer".
  • Lorsque le message de confirmation apparaît, cliquez sur "Oui".
  • Cliquez sur "OK".

 

Dit moi si tout c'est bien passé et si tu as toujours des soucis ;)

Rejoindre la conversation

Vous pouvez publier maintenant et vous inscrire plus tard. Si vous avez un compte, connectez-vous maintenant pour publier avec votre compte.
Remarque : votre message nécessitera l’approbation d’un modérateur avant de pouvoir être visible.

Invité
Répondre à ce sujet…

×   Collé en tant que texte enrichi.   Coller en tant que texte brut à la place

  Seulement 75 émoticônes maximum sont autorisées.

×   Votre lien a été automatiquement intégré.   Afficher plutôt comme un lien

×   Votre contenu précédent a été rétabli.   Vider l’éditeur

×   Vous ne pouvez pas directement coller des images. Envoyez-les depuis votre ordinateur ou insérez-les depuis une URL.

×
 Partager
Aller sur la liste des sujets

  • En ligne récemment   0 membre est en ligne

    • Aucun utilisateur enregistré regarde cette page.
×
×
  • Créer...