Petit problème d'espionnage

[titecharlooh]

Voilà, tout est fait.

 

Voici le résultat d'OTL.

 

OTL logfile created on: 06/03/2011 16:28:46 - Run 2

OTL by OldTimer - Version 3.2.22.2 Folder = c:\Users\Charline\Downloads

Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation

Internet Explorer (Version = 7.0.6001.18000)

Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy

 

2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 55,00% Memory free

4,00 Gb Paging File | 3,00 Gb Available in Paging File | 67,00% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files

Drive C: | 149,05 Gb Total Space | 14,44 Gb Free Space | 9,69% Space Free | Partition Type: NTFS

Drive E: | 3,72 Gb Total Space | 3,62 Gb Free Space | 97,39% Space Free | Partition Type: FAT32

Drive F: | 3,72 Gb Total Space | 3,62 Gb Free Space | 97,39% Space Free | Partition Type: FAT32

 

Computer Name: CHARLINE-PC | User Name: Charline | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: All users

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

 

========== Processes (SafeList) ==========

 

PRC - c:\Users\Charline\Downloads\OTL.exe (OldTimer Tools)

PRC - C:\Program Files\Alwil Software\Avast5\AvastUI.exe (AVAST Software)

PRC - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)

PRC - C:\Program Files\Spotify\spotify.exe (Spotify Ltd)

PRC - C:\Program Files\Megaupload\Mega Manager\MegaManager.exe (Megaupload Limited)

PRC - C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()

PRC - C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)

PRC - C:\Windows\explorer.exe (Microsoft Corporation)

PRC - C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)

 

 

========== Modules (SafeList) ==========

 

MOD - c:\Users\Charline\Downloads\OTL.exe (OldTimer Tools)

MOD - C:\Program Files\Alwil Software\Avast5\snxhk.dll (AVAST Software)

MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18523_none_5cdd65e20837faf2\comctl32.dll (Microsoft Corporation)

 

 

========== Win32 Services (SafeList) ==========

 

SRV - (avast! Antivirus) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)

SRV - (npggsvc) -- C:\Windows\System32\GameMon.des (INCA Internet Co., Ltd.)

SRV - (WinHttpAutoProxySvc) -- winhttp.dll (Microsoft Corporation)

SRV - (maconfservice) -- C:\Program Files\ma-config.com\maconfservice.exe (CybelSoft)

SRV - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)

 

 

========== Driver Services (SafeList) ==========

 

DRV - (aswSP) -- C:\Windows\System32\drivers\aswSP.sys (AVAST Software)

DRV - (aswTdi) -- C:\Windows\System32\drivers\aswTdi.sys (AVAST Software)

DRV - (aswRdr) -- C:\Windows\System32\drivers\aswRdr.sys (AVAST Software)

DRV - (aswMonFlt) -- C:\Windows\System32\drivers\aswMonFlt.sys (AVAST Software)

DRV - (aswFsBlk) -- C:\Windows\System32\drivers\aswFsBlk.sys (AVAST Software)

DRV - (TS_AR5416) -- C:\Windows\System32\drivers\ts_athw.sys (TamoSoft)

DRV - (avshws) -- C:\Windows\System32\drivers\youup.sys (Windows ® Codename Longhorn DDK provider)

DRV - (RTL8023xp) -- C:\Windows\System32\drivers\Rtnicxp.sys (Realtek Semiconductor Corporation )

DRV - (driverhardwarev2) -- C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys (CybelSoft)

DRV - (athr) -- C:\Windows\System32\drivers\athr.sys (Atheros Communications, Inc.)

DRV - (CnxtHdAudService) -- C:\Windows\System32\drivers\CHDRT32.sys (Conexant Systems Inc.)

DRV - (ApfiltrService) -- C:\Windows\System32\drivers\Apfiltr.sys (Alps Electric Co., Ltd.)

DRV - (NPPTNT2) -- C:\Windows\System32\npptNT2.sys (INCA Internet Co., Ltd.)

 

 

========== Standard Registry (SafeList) ==========

 

 

========== Internet Explorer ==========

 

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =

 

 

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

 

 

IE - HKU\S-1-5-21-143578939-2761823476-559813491-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL =

IE - HKU\S-1-5-21-143578939-2761823476-559813491-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =

IE - HKU\S-1-5-21-143578939-2761823476-559813491-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName =

IE - HKU\S-1-5-21-143578939-2761823476-559813491-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL =

IE - HKU\S-1-5-21-143578939-2761823476-559813491-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =

IE - HKU\S-1-5-21-143578939-2761823476-559813491-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1

IE - HKU\S-1-5-21-143578939-2761823476-559813491-1000\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =

IE - HKU\S-1-5-21-143578939-2761823476-559813491-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-143578939-2761823476-559813491-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

 

========== FireFox ==========

 

FF - prefs.js..browser.search.defaultenginename: ""

FF - prefs.js..browser.search.defaulturl: ""

FF - prefs.js..browser.search.selectedEngine: "Google"

FF - prefs.js..browser.startup.homepage: "http://www.univ-tlse2.fr/"

FF - prefs.js..extensions.enabledItems: {a7c6cf7f-112c-4500-a7ea-39801a327e5f}:1.0.10

FF - prefs.js..extensions.enabledItems: {19503e42-ca3c-4c27-b1e2-9cdb2170ee34}:1.2.8.4

FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:5.0.0.6906

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23

FF - prefs.js..extensions.enabledItems: SQLiteManager@mrinalkant.blogspot.com:0.6.8

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24

FF - prefs.js..keyword.URL: "http://redirecterror.sfr.fr/?q="'>http://redirecterror.sfr.fr/?q="

 

FF - user.js..keyword.URL: "http://redirecterror.sfr.fr/?q="

 

FF - HKLM\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010/05/22 20:25:50 | 000,000,000 | ---D | M]

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.7\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/12/29 20:19:06 | 000,000,000 | ---D | M]

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.7\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/12/29 20:19:06 | 000,000,000 | ---D | M]

 

[2009/09/02 11:52:14 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Charline\AppData\Roaming\Mozilla\Extensions

[2011/03/06 13:57:49 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Charline\AppData\Roaming\Mozilla\Firefox\Profiles\x362zn3c.default\extensions

[2011/03/04 20:21:22 | 000,000,000 | ---D | M] (FlashGot) -- C:\Users\Charline\AppData\Roaming\Mozilla\Firefox\Profiles\x362zn3c.default\extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}

[2011/03/06 13:57:49 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Charline\AppData\Roaming\Mozilla\Firefox\Profiles\x362zn3c.default\extensions\{364d4e0c-543f-4b85-abe3-19551139da4f}

[2011/01/14 15:21:00 | 000,000,000 | ---D | M] (FireFTP) -- C:\Users\Charline\AppData\Roaming\Mozilla\Firefox\Profiles\x362zn3c.default\extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f}

[2010/03/18 21:43:21 | 000,000,000 | ---D | M] (Illimitux) -- C:\Users\Charline\AppData\Roaming\Mozilla\Firefox\Profiles\x362zn3c.default\extensions\illimitux@illimitux.net

[2011/02/19 11:00:51 | 000,000,000 | ---D | M] (SQLite Manager) -- C:\Users\Charline\AppData\Roaming\Mozilla\Firefox\Profiles\x362zn3c.default\extensions\SQLiteManager@mrinalkant.blogspot.com

[2009/12/13 13:06:35 | 000,002,321 | ---- | M] () -- C:\Users\Charline\AppData\Roaming\Mozilla\Firefox\Profiles\x362zn3c.default\searchplugins\durable.xml

[2011/03/06 00:23:15 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions

[2011/01/18 23:59:08 | 000,000,000 | ---D | M] (Skype extension) -- C:\Program Files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}

[2010/12/27 17:59:04 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}

[2011/02/23 19:22:11 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}

[2011/02/02 21:40:24 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll

[2010/03/13 19:30:40 | 000,001,516 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazon-france.xml

[2010/03/13 19:30:40 | 000,001,822 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\cnrtl-tlfi-fr.xml

[2010/03/13 19:30:40 | 000,000,757 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-france.xml

[2010/03/13 19:30:40 | 000,001,426 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-fr.xml

[2010/03/23 23:21:12 | 000,000,956 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-france.xml

 

O1 HOSTS File: ([2006/09/18 22:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts

O1 - Hosts: 127.0.0.1 localhost

O1 - Hosts: ::1 localhost

O2 - BHO: (Objet d'aide à la navigation SFR) - {0F6E720A-1A6B-40E1-A294-1D4D19F156C8} - C:\Program Files\SFR\Kit\SFRNavErrorHelper.dll (SFR)

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.

O2 - BHO: (IeMonitorBho Class) - {bf00e119-21a3-4fd1-b178-3b8537e75c92} - C:\Program Files\Megaupload\Mega Manager\MegaIEMn.dll (Megaupload Limited)

O3 - HKLM\..\Toolbar: (WalterShop) - {9ec204df-0e48-4c32-816e-2e928a4fd9c2} - mscoree.dll (Microsoft Corporation)

O4 - HKLM..\Run: [] File not found

O4 - HKLM..\Run: [[webwiz]] File not found

O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software)

O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()

O4 - HKLM..\Run: [Malwarebytes' Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)

O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)

O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)

O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)

O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)

O4 - HKU\S-1-5-21-143578939-2761823476-559813491-1000..\Run: [EA Core] File not found

O4 - HKU\S-1-5-21-143578939-2761823476-559813491-1000..\Run: [Mega Manager] C:\Program Files\Megaupload\Mega Manager\MegaManager.exe (Megaupload Limited)

O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)

O13 - gopher Prefix: missing

O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} http://messenger.zone.msn.com/MessengerGamesContent/GameContent/fr/uno1/GAME_UNO1.cab (UnoCtrl Class)

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)

O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab (MessengerStatsClient Class)

O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1

O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)

O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)

O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)

O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)

O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)

O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - igfxdev.dll (Intel Corporation)

O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img18.jpg

O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img18.jpg

O29 - HKLM SecurityProviders - (credssp.dll) - credssp.dll (Microsoft Corporation)

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2006/09/18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]

O32 - AutoRun File - [2010/04/14 22:54:30 | 000,000,166 | ---- | M] () - E:\autorun.inf -- [ FAT32 ]

O32 - AutoRun File - [2010/04/14 22:54:30 | 000,000,166 | ---- | M] () - F:\autorun.inf -- [ FAT32 ]

O33 - MountPoints2\{22e38730-e2c4-11df-bb3e-001eec7c5122}\Shell\AutoRun\command - "" = wdsync.exe

O33 - MountPoints2\{46404091-434f-11e0-add4-001eec7c5122}\Shell\AutoRun\command - "" = E:\urDrive.exe -- [2010/08/19 21:34:36 | 001,894,400 | ---- | M] (FUHU, Inc.)

O33 - MountPoints2\{5b363646-3d89-11e0-8d3e-001eec7c5122}\Shell\AutoRun\command - "" = F:\Toshiba\Launcher\start.exe

O33 - MountPoints2\{776370e1-9a43-11df-849b-001fe2cf0a56}\Shell\AutoRun\command - "" = E:\Toshiba\more4youa.exe

O33 - MountPoints2\{b56d2b76-477f-11e0-8c0a-001eec7c5122}\Shell\AutoRun\command - "" = E:\urDrive.exe -- [2010/08/19 21:34:36 | 001,894,400 | ---- | M] (FUHU, Inc.)

O33 - MountPoints2\{b56d2b7c-477f-11e0-8c0a-001eec7c5122}\Shell\AutoRun\command - "" = F:\urDrive.exe -- [2010/08/19 21:34:36 | 001,894,400 | ---- | M] (FUHU, Inc.)

O33 - MountPoints2\E\Shell\AutoRun\command - "" = E:\Toshiba\more4youa.exe

O34 - HKLM BootExecute: (autocheck autochk *) - File not found

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

 

NetSvcs: FastUserSwitchingCompatibility - File not found

NetSvcs: Ias - File not found

NetSvcs: Nla - File not found

NetSvcs: Ntmssvc - File not found

NetSvcs: NWCWorkstation - File not found

NetSvcs: Nwsapagent - File not found

NetSvcs: SRService - File not found

NetSvcs: WmdmPmSp - File not found

NetSvcs: LogonHours - File not found

NetSvcs: PCAudit - File not found

NetSvcs: helpsvc - File not found

NetSvcs: uploadmgr - File not found

 

 

SafeBootMin: AppMgmt - Service

SafeBootMin: Base - Driver Group

SafeBootMin: Boot Bus Extender - Driver Group

SafeBootMin: Boot file system - Driver Group

SafeBootMin: File system - Driver Group

SafeBootMin: Filter - Driver Group

SafeBootMin: HelpSvc - Service

SafeBootMin: NTDS - File not found

SafeBootMin: PCI Configuration - Driver Group

SafeBootMin: PNP Filter - Driver Group

SafeBootMin: Primary disk - Driver Group

SafeBootMin: sacsvr - Service

SafeBootMin: SCSI Class - Driver Group

SafeBootMin: System Bus Extender - Driver Group

SafeBootMin: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)

SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers

SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive

SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive

SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller

SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc

SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard

SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse

SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters

SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter

SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System

SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive

SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy

SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers

SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume

SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices

SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

 

SafeBootNet: AppMgmt - Service

SafeBootNet: Base - Driver Group

SafeBootNet: Boot Bus Extender - Driver Group

SafeBootNet: Boot file system - Driver Group

SafeBootNet: File system - Driver Group

SafeBootNet: Filter - Driver Group

SafeBootNet: HelpSvc - Service

SafeBootNet: Messenger - Service

SafeBootNet: NDIS Wrapper - Driver Group

SafeBootNet: NetBIOSGroup - Driver Group

SafeBootNet: NetDDEGroup - Driver Group

SafeBootNet: Network - Driver Group

SafeBootNet: NetworkProvider - Driver Group

SafeBootNet: NTDS - File not found

SafeBootNet: PCI Configuration - Driver Group

SafeBootNet: PNP Filter - Driver Group

SafeBootNet: PNP_TDI - Driver Group

SafeBootNet: Primary disk - Driver Group

SafeBootNet: rdsessmgr - Service

SafeBootNet: sacsvr - Service

SafeBootNet: SCSI Class - Driver Group

SafeBootNet: Streams Drivers - Driver Group

SafeBootNet: System Bus Extender - Driver Group

SafeBootNet: TDI - Driver Group

SafeBootNet: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)

SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers

SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive

SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive

SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller

SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc

SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard

SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse

SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net

SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient

SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService

SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans

SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters

SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter

SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System

SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive

SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers

SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy

SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers

SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume

SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices

SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

 

ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)

ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} -

ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\System32\Microsoft

ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll

ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack

ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE

ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} -

ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx

ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help

ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6

ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools

ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements

ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - C:\Windows\System32\Microsoft

ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access

ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7

ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework

ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll

ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\system32\ie4uinit.exe -BaseSettings

ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install

ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding

ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts

ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1

ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player

ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help

ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface

ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP

ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\system32\ie4uinit.exe -UserIconConfig

ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP

 

Drivers32: aux - wdmaud.drv (Microsoft Corporation)

Drivers32: midi - wdmaud.drv (Microsoft Corporation)

Drivers32: midimapper - midimap.dll (Microsoft Corporation)

Drivers32: mixer - wdmaud.drv (Microsoft Corporation)

Drivers32: msacm.imaadpcm - imaadp32.acm (Microsoft Corporation)

Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)

Drivers32: msacm.msadpcm - msadp32.acm (Microsoft Corporation)

Drivers32: msacm.msg711 - msg711.acm (Microsoft Corporation)

Drivers32: msacm.msgsm610 - msgsm32.acm (Microsoft Corporation)

Drivers32: msacm.siren - sirenacm.dll (Microsoft Corporation)

Drivers32: MSVideo8 - VfWWDM32.dll (Microsoft Corporation)

Drivers32: vidc.cvid - iccvid.dll (Radius Inc.)

Drivers32: vidc.i420 - iyuv_32.dll (Microsoft Corporation)

Drivers32: VIDC.IYUV - iyuv_32.dll (Microsoft Corporation)

Drivers32: vidc.mrle - msrle32.dll (Microsoft Corporation)

Drivers32: vidc.msvc - msvidc32.dll (Microsoft Corporation)

Drivers32: VIDC.UYVY - msyuv.dll (Microsoft Corporation)

Drivers32: vidc.VP60 - C:\Windows\System32\vp6vfw.dll (On2.com)

Drivers32: vidc.VP61 - C:\Windows\System32\vp6vfw.dll (On2.com)

Drivers32: VIDC.YUY2 - msyuv.dll (Microsoft Corporation)

Drivers32: VIDC.YVU9 - tsbyuv.dll (Microsoft Corporation)

Drivers32: VIDC.YVYU - msyuv.dll (Microsoft Corporation)

Drivers32: wave - wdmaud.drv (Microsoft Corporation)

Drivers32: wavemapper - msacm32.drv (Microsoft Corporation)

 

NetSvcs: FastUserSwitchingCompatibility - File not found

NetSvcs: Ias - File not found

NetSvcs: Nla - File not found

NetSvcs: Ntmssvc - File not found

NetSvcs: NWCWorkstation - File not found

NetSvcs: Nwsapagent - File not found

NetSvcs: SRService - File not found

NetSvcs: WmdmPmSp - File not found

NetSvcs: LogonHours - File not found

NetSvcs: PCAudit - File not found

NetSvcs: helpsvc - File not found

NetSvcs: uploadmgr - File not found

 

========== Files/Folders - Created Within 30 Days ==========

 

[2011/03/06 15:29:03 | 001,374,808 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\Charline\Desktop\TDSSKiller.exe

[2011/03/06 13:44:35 | 000,000,000 | ---D | C] -- C:\_OTL

[2011/03/06 00:15:31 | 000,000,000 | ---D | C] -- C:\Users\Charline\AppData\Roaming\Malwarebytes

[2011/03/06 00:15:15 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys

[2011/03/06 00:15:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware

[2011/03/06 00:15:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes

[2011/03/06 00:15:11 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys

[2011/03/06 00:15:10 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware

[2011/03/05 12:47:16 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\browserchoice.exe

[2011/03/05 12:44:12 | 000,295,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHost.exe

[2011/03/05 12:44:12 | 000,099,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHostProxy.dll

[2011/03/05 12:44:12 | 000,049,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netfxperf.dll

[2011/03/05 12:42:20 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nshhttp.dll

[2011/03/05 12:42:17 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\httpapi.dll

[2011/03/05 12:41:46 | 000,000,000 | ---D | C] -- C:\Program Files\MSXML 4.0

[2011/03/05 12:38:21 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll

[2011/03/05 12:36:43 | 000,671,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll

[2011/03/05 12:36:43 | 000,467,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll

[2011/03/05 12:36:42 | 000,389,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll

[2011/03/05 12:36:42 | 000,380,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll

[2011/03/05 12:36:41 | 000,389,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec

[2011/03/05 12:36:41 | 000,230,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll

[2011/03/05 12:36:41 | 000,193,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll

[2011/03/05 12:36:41 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe

[2011/03/05 12:36:40 | 001,383,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb

[2011/03/05 12:36:40 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieencode.dll

[2011/03/05 12:36:40 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll

[2011/03/05 12:35:07 | 000,292,352 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll

[2011/03/05 12:35:06 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fontsub.dll

[2011/03/05 12:35:06 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll

[2011/03/05 12:35:03 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dataclen.dll

[2011/03/05 12:35:02 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cdd.dll

[2011/03/05 12:34:53 | 000,430,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vbscript.dll

[2011/03/05 12:34:53 | 000,180,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scrobj.dll

[2011/03/05 12:34:53 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wshom.ocx

[2011/03/05 12:34:53 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cscript.exe

[2011/03/05 12:34:30 | 000,281,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\raschap.dll

[2011/03/05 12:34:30 | 000,244,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rastls.dll

[2011/03/05 12:34:28 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\consent.exe

[2011/03/05 12:18:51 | 001,314,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\quartz.dll

[2011/03/05 12:18:49 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mciavi32.dll

[2011/03/05 12:18:49 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\avicap32.dll

[2011/03/05 12:18:48 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msvfw32.dll

[2011/03/05 12:18:47 | 000,091,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\avifil32.dll

[2011/02/27 11:22:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picasa 3

[2011/02/27 11:22:43 | 000,000,000 | ---D | C] -- C:\Users\Charline\AppData\Local\Google

[2011/02/27 11:22:20 | 000,000,000 | ---D | C] -- C:\Program Files\Google

[2011/02/25 19:12:34 | 000,000,000 | ---D | C] -- C:\Users\Charline\Documents\Mes fichiers reçus

[2011/02/25 18:01:02 | 000,000,000 | ---D | C] -- C:\Users\Charline\Documents\Mes Historiques de Conversation

[2011/02/23 19:22:31 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java

[2011/02/23 19:22:09 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe

[2011/02/23 19:22:09 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe

[2011/02/23 19:22:09 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe

[2011/02/18 15:48:16 | 003,426,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_32.dll

 

========== Files - Modified Within 30 Days ==========

 

[2011/03/06 15:55:00 | 000,003,664 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0

[2011/03/06 15:55:00 | 000,003,664 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0

[2011/03/06 15:27:46 | 001,261,440 | ---- | M] () -- C:\Users\Charline\Desktop\tdsskiller.zip

[2011/03/06 15:02:13 | 000,000,320 | ---- | M] () -- C:\Windows\tasks\WebReg HP Photosmart C4500 series.job

[2011/03/06 14:01:15 | 000,587,178 | ---- | M] () -- C:\Windows\System32\perfh009.dat

[2011/03/06 14:01:15 | 000,101,250 | ---- | M] () -- C:\Windows\System32\perfc009.dat

[2011/03/06 13:54:56 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat

[2011/03/06 13:54:52 | 2137,014,272 | -HS- | M] () -- C:\hiberfil.sys

[2011/03/06 00:15:15 | 000,000,906 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk

[2011/03/05 22:30:06 | 000,253,944 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT

[2011/03/05 10:44:19 | 000,047,616 | ---- | M] () -- C:\Users\Charline\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2011/03/02 10:45:38 | 001,374,808 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\Charline\Desktop\TDSSKiller.exe

[2011/03/01 22:38:57 | 000,116,437 | ---- | M] () -- C:\Users\Charline\Documents\joie et deception_0010.png

[2011/03/01 22:38:56 | 000,115,366 | ---- | M] () -- C:\Users\Charline\Documents\joie et deception_0009.png

[2011/03/01 22:38:55 | 000,115,568 | ---- | M] () -- C:\Users\Charline\Documents\joie et deception_0008.png

[2011/03/01 22:38:55 | 000,115,450 | ---- | M] () -- C:\Users\Charline\Documents\joie et deception_0007.png

[2011/03/01 22:38:54 | 000,117,238 | ---- | M] () -- C:\Users\Charline\Documents\joie et deception_0006.png

[2011/03/01 22:38:53 | 000,116,913 | ---- | M] () -- C:\Users\Charline\Documents\joie et deception_0005.png

[2011/03/01 22:38:52 | 000,116,699 | ---- | M] () -- C:\Users\Charline\Documents\joie et deception_0003.png

[2011/03/01 22:38:52 | 000,115,629 | ---- | M] () -- C:\Users\Charline\Documents\joie et deception_0004.png

[2011/03/01 22:38:50 | 000,115,823 | ---- | M] () -- C:\Users\Charline\Documents\joie et deception_0002.png

[2011/03/01 22:38:47 | 000,116,863 | ---- | M] () -- C:\Users\Charline\Documents\joie et deception_0001.png

[2011/02/27 11:23:47 | 000,000,899 | ---- | M] () -- C:\Users\Public\Desktop\Picasa 3.lnk

[2011/02/13 22:46:04 | 000,000,329 | ---- | M] () -- C:\Users\Charline\Desktop\Outils de diagnostic d'imprimante HP.url

[2011/02/13 12:33:49 | 000,167,409 | ---- | M] () -- C:\Windows\hpoins30.dat

[2011/02/06 21:33:01 | 097,238,820 | ---- | M] () -- C:\Windows\MEMORY.DMP

 

========== Files Created - No Company Name ==========

 

[2011/03/06 15:27:33 | 001,261,440 | ---- | C] () -- C:\Users\Charline\Desktop\tdsskiller.zip

[2011/03/06 00:15:15 | 000,000,906 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk

[2011/03/01 22:38:57 | 000,116,437 | ---- | C] () -- C:\Users\Charline\Documents\joie et deception_0010.png

[2011/03/01 22:38:56 | 000,115,366 | ---- | C] () -- C:\Users\Charline\Documents\joie et deception_0009.png

[2011/03/01 22:38:55 | 000,115,568 | ---- | C] () -- C:\Users\Charline\Documents\joie et deception_0008.png

[2011/03/01 22:38:54 | 000,117,238 | ---- | C] () -- C:\Users\Charline\Documents\joie et deception_0006.png

[2011/03/01 22:38:54 | 000,115,450 | ---- | C] () -- C:\Users\Charline\Documents\joie et deception_0007.png

[2011/03/01 22:38:53 | 000,116,913 | ---- | C] () -- C:\Users\Charline\Documents\joie et deception_0005.png

[2011/03/01 22:38:52 | 000,115,629 | ---- | C] () -- C:\Users\Charline\Documents\joie et deception_0004.png

[2011/03/01 22:38:51 | 000,116,699 | ---- | C] () -- C:\Users\Charline\Documents\joie et deception_0003.png

[2011/03/01 22:38:50 | 000,115,823 | ---- | C] () -- C:\Users\Charline\Documents\joie et deception_0002.png

[2011/03/01 22:38:47 | 000,116,863 | ---- | C] () -- C:\Users\Charline\Documents\joie et deception_0001.png

[2011/02/27 15:02:08 | 000,000,320 | ---- | C] () -- C:\Windows\tasks\WebReg HP Photosmart C4500 series.job

[2011/02/27 11:23:47 | 000,000,899 | ---- | C] () -- C:\Users\Public\Desktop\Picasa 3.lnk

[2011/02/13 22:46:04 | 000,000,329 | ---- | C] () -- C:\Users\Charline\Desktop\Outils de diagnostic d'imprimante HP.url

[2010/05/22 20:25:07 | 000,023,802 | ---- | C] () -- C:\Windows\hpqins15.dat

[2010/05/22 20:18:21 | 000,078,339 | ---- | C] () -- C:\Windows\hpqins05.dat

[2010/05/06 18:23:53 | 000,167,409 | ---- | C] () -- C:\Windows\hpoins30.dat

[2010/02/20 14:24:01 | 000,001,041 | ---- | C] () -- C:\Users\Charline\AppData\Roaming\vso_ts_preview.xml

[2010/02/08 12:35:44 | 000,002,560 | ---- | C] () -- C:\Windows\_MSRSTRT.EXE

[2010/02/07 17:36:21 | 000,000,130 | ---- | C] () -- C:\Windows\ODBC.INI

[2010/02/07 17:36:05 | 000,000,209 | ---- | C] () -- C:\Windows\ODBCINST.INI

[2010/02/05 01:04:42 | 000,009,728 | ---- | C] () -- C:\Windows\System32\BASSMOD.dll

[2009/11/10 21:21:51 | 000,100,043 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin

[2009/10/08 19:44:43 | 000,047,616 | ---- | C] () -- C:\Users\Charline\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2009/09/02 11:15:18 | 000,001,356 | ---- | C] () -- C:\Users\Charline\AppData\Local\d3d9caps.dat

[2008/12/05 03:52:59 | 000,000,547 | ---- | C] () -- C:\Windows\hpomdl30.dat

[2007/08/20 19:25:00 | 000,910,720 | ---- | C] () -- C:\Windows\System32\igmedkrn.dll

[2007/08/20 19:10:18 | 000,249,856 | ---- | C] () -- C:\Windows\System32\igfxTMM.dll

[2006/11/02 13:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat

[2006/11/02 13:47:37 | 000,253,944 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT

[2006/11/02 13:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll

[2006/11/02 11:33:01 | 000,587,178 | ---- | C] () -- C:\Windows\System32\perfh009.dat

[2006/11/02 11:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat

[2006/11/02 11:33:01 | 000,101,250 | ---- | C] () -- C:\Windows\System32\perfc009.dat

[2006/11/02 11:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat

[2006/11/02 11:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat

[2006/11/02 09:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin

[2006/11/02 09:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT

[2006/11/02 08:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini

[2006/11/02 08:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat

[2006/11/02 08:22:43 | 000,018,271 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin

 

========== LOP Check ==========

 

[2009/10/10 23:31:48 | 000,000,000 | ---D | M] -- C:\Users\Charline\AppData\Roaming\DeepBurner

[2011/02/17 11:58:42 | 000,000,000 | ---D | M] -- C:\Users\Charline\AppData\Roaming\DiskAid

[2009/11/23 15:08:38 | 000,000,000 | ---D | M] -- C:\Users\Charline\AppData\Roaming\El Conjugador

[2009/09/02 13:47:12 | 000,000,000 | ---D | M] -- C:\Users\Charline\AppData\Roaming\Foxit

[2010/11/21 02:47:49 | 000,000,000 | ---D | M] -- C:\Users\Charline\AppData\Roaming\LolClient

[2010/02/07 17:20:28 | 000,000,000 | ---D | M] -- C:\Users\Charline\AppData\Roaming\ManyCam

[2010/10/21 20:53:41 | 000,000,000 | ---D | M] -- C:\Users\Charline\AppData\Roaming\Megaupload

[2010/02/09 22:52:42 | 000,000,000 | ---D | M] -- C:\Users\Charline\AppData\Roaming\MonkeyJam

[2009/09/08 10:56:16 | 000,000,000 | ---D | M] -- C:\Users\Charline\AppData\Roaming\OpenOffice.org

[2010/07/30 21:28:02 | 000,000,000 | ---D | M] -- C:\Users\Charline\AppData\Roaming\PlayFirst

[2011/03/06 14:59:51 | 000,000,000 | ---D | M] -- C:\Users\Charline\AppData\Roaming\Spotify

[2010/01/19 18:19:50 | 000,000,000 | ---D | M] -- C:\Users\Charline\AppData\Roaming\TeamViewer

[2010/12/13 19:50:54 | 000,000,000 | ---D | M] -- C:\Users\Charline\AppData\Roaming\Total Immersion

[2010/03/05 09:24:01 | 000,000,000 | ---D | M] -- C:\Users\Charline\AppData\Roaming\Vso

[2010/06/17 15:44:06 | 000,000,000 | ---D | M] -- C:\Users\Charline\AppData\Roaming\Zylom

[2011/03/06 13:53:54 | 000,032,552 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

 

========== Purity Check ==========

 

 

 

========== Custom Scans ==========

 

 

< %systemroot%\system32\drivers\*.sys /lockedfiles >

 

< %ALLUSERSPROFILE%\Application Data\*. >

 

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

 

< %APPDATA%\*. >

[2011/01/07 22:55:59 | 000,000,000 | ---D | M] -- C:\Users\Charline\AppData\Roaming\Adobe

[2010/07/26 00:52:36 | 000,000,000 | ---D | M] -- C:\Users\Charline\AppData\Roaming\Apple Computer

[2009/10/04 10:53:50 | 000,000,000 | ---D | M] -- C:\Users\Charline\AppData\Roaming\CyberLink

[2009/10/10 23:31:48 | 000,000,000 | ---D | M] -- C:\Users\Charline\AppData\Roaming\DeepBurner

[2011/02/17 11:58:42 | 000,000,000 | ---D | M] -- C:\Users\Charline\AppData\Roaming\DiskAid

[2011/02/19 13:09:43 | 000,000,000 | ---D | M] -- C:\Users\Charline\AppData\Roaming\dvdcss

[2009/11/23 15:08:38 | 000,000,000 | ---D | M] -- C:\Users\Charline\AppData\Roaming\El Conjugador

[2009/09/02 13:47:12 | 000,000,000 | ---D | M] -- C:\Users\Charline\AppData\Roaming\Foxit

[2011/02/13 13:16:16 | 000,000,000 | ---D | M] -- C:\Users\Charline\AppData\Roaming\HP

[2011/02/13 13:17:21 | 000,000,000 | ---D | M] -- C:\Users\Charline\AppData\Roaming\HPAppData

[2011/02/20 22:59:39 | 000,000,000 | ---D | M] -- C:\Users\Charline\AppData\Roaming\HpUpdate

[2010/06/17 15:44:06 | 000,000,000 | ---D | M] -- C:\Users\Charline\AppData\Roaming\Identities

[2009/09/02 11:57:17 | 000,000,000 | ---D | M] -- C:\Users\Charline\AppData\Roaming\InstallShield

[2010/11/21 02:47:49 | 000,000,000 | ---D | M] -- C:\Users\Charline\AppData\Roaming\LolClient

[2010/06/19 22:10:34 | 000,000,000 | ---D | M] -- C:\Users\Charline\AppData\Roaming\Macromedia

[2011/03/06 00:15:31 | 000,000,000 | ---D | M] -- C:\Users\Charline\AppData\Roaming\Malwarebytes

[2010/02/07 17:20:28 | 000,000,000 | ---D | M] -- C:\Users\Charline\AppData\Roaming\ManyCam

[2006/11/02 13:37:34 | 000,000,000 | ---D | M] -- C:\Users\Charline\AppData\Roaming\Media Center Programs

[2010/10/21 20:53:41 | 000,000,000 | ---D | M] -- C:\Users\Charline\AppData\Roaming\Megaupload

[2010/07/28 18:51:52 | 000,000,000 | --SD | M] -- C:\Users\Charline\AppData\Roaming\Microsoft

[2010/02/09 22:52:42 | 000,000,000 | ---D | M] -- C:\Users\Charline\AppData\Roaming\MonkeyJam

[2009/09/02 11:52:14 | 000,000,000 | ---D | M] -- C:\Users\Charline\AppData\Roaming\Mozilla

[2009/09/08 10:56:16 | 000,000,000 | ---D | M] -- C:\Users\Charline\AppData\Roaming\OpenOffice.org

[2010/07/30 21:28:02 | 000,000,000 | ---D | M] -- C:\Users\Charline\AppData\Roaming\PlayFirst

[2010/03/08 10:55:54 | 000,000,000 | ---D | M] -- C:\Users\Charline\AppData\Roaming\Real

[2011/03/02 21:55:34 | 000,000,000 | ---D | M] -- C:\Users\Charline\AppData\Roaming\Skype

[2011/03/02 16:08:22 | 000,000,000 | ---D | M] -- C:\Users\Charline\AppData\Roaming\skypePM

[2011/03/06 14:59:51 | 000,000,000 | ---D | M] -- C:\Users\Charline\AppData\Roaming\Spotify

[2010/01/19 18:19:50 | 000,000,000 | ---D | M] -- C:\Users\Charline\AppData\Roaming\TeamViewer

[2010/12/13 19:50:54 | 000,000,000 | ---D | M] -- C:\Users\Charline\AppData\Roaming\Total Immersion

[2011/03/04 16:40:55 | 000,000,000 | ---D | M] -- C:\Users\Charline\AppData\Roaming\vlc

[2010/03/05 09:24:01 | 000,000,000 | ---D | M] -- C:\Users\Charline\AppData\Roaming\Vso

[2009/10/10 22:55:35 | 000,000,000 | ---D | M] -- C:\Users\Charline\AppData\Roaming\WinRAR

[2010/06/17 15:44:06 | 000,000,000 | ---D | M] -- C:\Users\Charline\AppData\Roaming\Zylom

 

< %APPDATA%\*.exe /s >

[2009/10/04 14:48:36 | 000,010,134 | R--- | M] () -- C:\Users\Charline\AppData\Roaming\Microsoft\Installer\{54A2CFDE-DC70-46E0-92AC-DC88F6303D39}\ARPPRODUCTICON.exe

[2009/10/04 14:48:37 | 000,045,056 | R--- | M] (InstallShield Software Corp.) -- C:\Users\Charline\AppData\Roaming\Microsoft\Installer\{54A2CFDE-DC70-46E0-92AC-DC88F6303D39}\NewShortcut31_491CED7A0F134BE6957A59DCA69E8271.exe

[2009/10/04 14:48:37 | 000,045,056 | R--- | M] (InstallShield Software Corp.) -- C:\Users\Charline\AppData\Roaming\Microsoft\Installer\{54A2CFDE-DC70-46E0-92AC-DC88F6303D39}\NewShortcut3_07FB580BF187437F9CBB930D0129A475.exe

[2011/02/13 22:45:59 | 000,010,134 | R--- | M] () -- C:\Users\Charline\AppData\Roaming\Microsoft\Installer\{846B5DED-DC8C-4E1A-B5B4-9F5B39A0CACE}\ARPPRODUCTICON.exe

[2010/01/10 02:57:48 | 000,010,134 | R--- | M] () -- C:\Users\Charline\AppData\Roaming\Microsoft\Installer\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}\ARPPRODUCTICON.exe

[1998/10/28 16:50:38 | 000,269,824 | ---- | M] () -- C:\Users\Charline\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\COKTEL\Configuration 3D.exe

[1998/07/16 10:28:30 | 000,370,176 | ---- | M] () -- C:\Users\Charline\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\COKTEL\Désinstalleur Coktel.exe

[2011/03/06 13:57:55 | 000,188,152 | ---- | M] () -- C:\Users\Charline\AppData\Roaming\Mozilla\Firefox\Profiles\x362zn3c.default\FlashGot.exe

[2007/12/30 05:01:18 | 000,307,200 | ---- | M] (Simon Tatham) -- C:\Users\Charline\AppData\Roaming\Mozilla\Firefox\Profiles\x362zn3c.default\extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f}\platform\WINNT_x86-msvc\psftp.exe

[2007/12/30 05:01:18 | 000,172,032 | ---- | M] (Simon Tatham) -- C:\Users\Charline\AppData\Roaming\Mozilla\Firefox\Profiles\x362zn3c.default\extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f}\platform\WINNT_x86-msvc\puttygen.exe

[2010/03/28 21:50:42 | 000,443,912 | ---- | M] (RealNetworks, Inc.) -- C:\Users\Charline\AppData\Roaming\Real\Update\setup3.10\setup.exe

 

< %SYSTEMDRIVE%\*.exe >

 

< %SYSTEMDRIVE%\*.exe >

 

 

< MD5 for: AGP440.SYS >

[2008/01/18 23:42:26 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\AGP440.sys

[2008/01/18 23:42:26 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys

[2006/11/02 10:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\drivers\AGP440.sys

[2006/11/02 10:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys

 

< MD5 for: ATAPI.SYS >

[2008/01/18 23:41:32 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\drivers\atapi.sys

[2008/01/18 23:41:32 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys

[2008/01/18 23:41:32 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys

[2006/11/02 10:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys

 

< MD5 for: CDROM.SYS >

[2008/01/18 21:49:52 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=1EC25CEA0DE6AC4718BF89F9E1778B57 -- C:\Windows\System32\drivers\cdrom.sys

[2008/01/18 21:49:52 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=1EC25CEA0DE6AC4718BF89F9E1778B57 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_a29e71c6\cdrom.sys

[2008/01/18 21:49:52 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=1EC25CEA0DE6AC4718BF89F9E1778B57 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.0.6001.18000_none_5fa95be2a3c76a4a\cdrom.sys

[2006/11/02 09:51:44 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=8D1866E61AF096AE8B582454F5E4D303 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_e487f727\cdrom.sys

 

< MD5 for: CNGAUDIT.DLL >

[2006/11/02 10:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\System32\cngaudit.dll

[2006/11/02 10:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll

 

< MD5 for: DISK.SYS >

[2008/01/18 23:42:22 | 000,055,352 | ---- | M] (Microsoft Corporation) MD5=64109E623ABD6955C8FB110B592E68B7 -- C:\Windows\System32\drivers\disk.sys

[2008/01/18 23:42:22 | 000,055,352 | ---- | M] (Microsoft Corporation) MD5=64109E623ABD6955C8FB110B592E68B7 -- C:\Windows\System32\DriverStore\FileRepository\disk.inf_90722180\disk.sys

[2008/01/18 23:42:22 | 000,055,352 | ---- | M] (Microsoft Corporation) MD5=64109E623ABD6955C8FB110B592E68B7 -- C:\Windows\winsxs\x86_disk.inf_31bf3856ad364e35_6.0.6001.18000_none_f9c681e4742c835a\disk.sys

[2006/11/02 10:49:51 | 000,052,840 | ---- | M] (Microsoft Corporation) MD5=841AF4C4D41D3E3B2F244E976B0F7963 -- C:\Windows\System32\DriverStore\FileRepository\disk.inf_e0b0b355\disk.sys

 

< MD5 for: EXPLORER.EXE >

[2009/09/03 03:03:55 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_4f83bb287ccdb7e3\explorer.exe

[2009/09/03 03:03:54 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\explorer.exe

[2009/09/03 03:03:54 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_5177ca9879e978e8\explorer.exe

[2009/09/03 03:03:54 | 002,927,616 | ---- | M] (Microsoft Corporation) MD5=50BA5850147410CDE89C523AD3BC606E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_51e4f8c7931bd1e1\explorer.exe

[2009/09/03 03:03:54 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=E7156B0B74762D9DE0E66BDCDE06E5FB -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_5033cb5995cd990b\explorer.exe

[2006/11/02 10:45:07 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=FD8C53FB002217F6F888BCF6F5D7084D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16386_none_4f7de5167cd15deb\explorer.exe

[2008/01/18 23:33:12 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=FFA764631CB70A30065C12EF8E174F9F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_51b4a71279bc6ebf\explorer.exe

 

< MD5 for: IASTORV.SYS >

[2008/01/18 23:42:52 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_c9df7691\iaStorV.sys

[2008/01/18 23:42:52 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_af11527887c7fa8f\iaStorV.sys

[2006/11/02 10:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\drivers\iaStorV.sys

[2006/11/02 10:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_37cdafa4\iaStorV.sys

 

< MD5 for: NDIS.SYS >

[2006/11/02 10:51:42 | 000,500,840 | ---- | M] (Microsoft Corporation) MD5=227C11E1E7CF6EF8AFB2A238D209760C -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6000.16386_none_a59069cb1f23fc44\ndis.sys

[2008/01/18 23:43:32 | 000,529,464 | ---- | M] (Microsoft Corporation) MD5=9BDC71790FA08F0A0B5F10462B1BD0B1 -- C:\Windows\System32\drivers\ndis.sys

[2008/01/18 23:43:32 | 000,529,464 | ---- | M] (Microsoft Corporation) MD5=9BDC71790FA08F0A0B5F10462B1BD0B1 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6001.18000_none_a7c72bc71c0f0d18\ndis.sys

 

< MD5 for: NETLOGON.DLL >

[2006/11/02 10:46:11 | 000,559,616 | ---- | M] (Microsoft Corporation) MD5=889A2C9F2AACCD8F64EF50AC0B3D553B -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6000.16386_none_fb80f5473b0ed783\netlogon.dll

[2008/01/18 23:35:38 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\System32\netlogon.dll

[2008/01/18 23:35:38 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7b74337f9e857\netlogon.dll

 

< MD5 for: NVSTOR.SYS >

[2006/11/02 10:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\drivers\nvstor.sys

[2006/11/02 10:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys

[2008/01/18 23:42:10 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvstor.sys

[2008/01/18 23:42:10 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvstor.sys

 

< MD5 for: RASACD.SYS >

[2008/01/18 21:56:32 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=147D7F9C556D259924351FEB0DE606C3 -- C:\Windows\System32\drivers\rasacd.sys

[2008/01/18 21:56:32 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=147D7F9C556D259924351FEB0DE606C3 -- C:\Windows\winsxs\x86_microsoft-windows-rasautodial_31bf3856ad364e35_6.0.6001.18000_none_0fd9feb665531f63\rasacd.sys

[2006/11/02 09:58:13 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=BD7B30F55B3649506DD8B3D38F571D2A -- C:\Windows\winsxs\x86_microsoft-windows-rasautodial_31bf3856ad364e35_6.0.6000.16386_none_0da33cba68680e8f\rasacd.sys

 

< MD5 for: RDPWD.SYS >

[2006/11/02 10:02:15 | 000,160,256 | ---- | M] (Microsoft Corporation) MD5=8830E790A74A96605FABA74F9665BB3C -- C:\Windows\winsxs\x86_microsoft-windows-t..dp-winstationdriver_31bf3856ad364e35_6.0.6000.16386_none_493ec64bd8177786\rdpwd.sys

[2008/01/18 22:01:22 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=E1C18F4097A5ABCEC941DC4B2F99DB7E -- C:\Windows\System32\drivers\rdpwd.sys

[2008/01/18 22:01:22 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=E1C18F4097A5ABCEC941DC4B2F99DB7E -- C:\Windows\winsxs\x86_microsoft-windows-t..dp-winstationdriver_31bf3856ad364e35_6.0.6001.18000_none_4b758847d502885a\rdpwd.sys

 

< MD5 for: SCECLI.DLL >

[2008/01/18 23:36:20 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\System32\scecli.dll

[2008/01/18 23:36:20 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll

[2006/11/02 10:46:12 | 000,176,640 | ---- | M] (Microsoft Corporation) MD5=80E2839D05CA5970A86D7BE2A08BFF61 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6000.16386_none_35d7205fdc305e3e\scecli.dll

 

< MD5 for: SFLOPPY.SYS >

[2006/11/02 09:51:40 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=46ED8E91793B2E6F848015445A0AC188 -- C:\Windows\System32\drivers\sfloppy.sys

[2006/11/02 09:51:40 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=46ED8E91793B2E6F848015445A0AC188 -- C:\Windows\System32\DriverStore\FileRepository\flpydisk.inf_7a4ca8e4\sfloppy.sys

[2008/01/18 21:49:50 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=C33BFBD6E9E41FCD9FFEF9729E9FAED6 -- C:\Windows\System32\DriverStore\FileRepository\flpydisk.inf_36da1340\sfloppy.sys

[2008/01/18 21:49:50 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=C33BFBD6E9E41FCD9FFEF9729E9FAED6 -- C:\Windows\winsxs\x86_flpydisk.inf_31bf3856ad364e35_6.0.6001.18000_none_e70a102d7a7bbf43\sfloppy.sys

 

< MD5 for: TCPIP.SYS >

[2008/04/26 09:08:16 | 000,891,448 | ---- | M] (Microsoft Corporation) MD5=01EC1E92595F839BEE70D439C46796E3 -- C:\Windows\SoftwareDistribution\Download\e96ddab89324864a3f629877ea55d924\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22167_none_b36dd19b7fae39c7\tcpip.sys

[2009/11/10 19:50:04 | 000,816,640 | ---- | M] (Microsoft Corporation) MD5=2512B4D1353370D6688B1AF1F5AFA1CF -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21108_none_6030d425ab49af00\tcpip.sys

[2009/11/10 19:50:01 | 000,900,168 | ---- | M] (Microsoft Corporation) MD5=2608E71AAD54564647D4BB984E1925AA -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22497_none_b34d67897fc6850f\tcpip.sys

[2009/11/10 19:50:04 | 000,813,568 | ---- | M] (Microsoft Corporation) MD5=300208927321066EA53761FDC98747C6 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16908_none_5fa75f38922bdbf4\tcpip.sys

[2009/09/03 02:59:40 | 000,806,400 | ---- | M] (Microsoft Corporation) MD5=52A8BD6294F7D1443C6184C67AE13AF4 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.20752_none_5ff4e4f9ab7777f4\tcpip.sys

[2009/09/03 02:59:41 | 000,803,328 | ---- | M] (Microsoft Corporation) MD5=5DF77458AA92FDB36FCE79C60F74AB5D -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16627_none_5f90b964923d030a\tcpip.sys

[2010/06/16 16:55:58 | 000,902,032 | ---- | M] (Microsoft Corporation) MD5=6216A954ED7045B62880A92D6C9B9FC7 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22713_none_b39feb737f8937a0\tcpip.sys

[2009/11/10 19:50:02 | 000,904,776 | ---- | M] (Microsoft Corporation) MD5=65877AA1B6A7CB797488E831698973E9 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18091_none_b4a43aea63d4a25f\tcpip.sys

[2010/06/16 17:39:32 | 000,912,776 | ---- | M] (Microsoft Corporation) MD5=6A10AFCE0B38371064BE41C1FBFD3C6B -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22425_none_b57d8e037cb5db63\tcpip.sys

[2010/06/16 16:59:54 | 000,898,952 | ---- | M] (Microsoft Corporation) MD5=782568AB6A43160A159B6215B70BCCE9 -- C:\Windows\System32\drivers\tcpip.sys

[2010/06/16 16:59:54 | 000,898,952 | ---- | M] (Microsoft Corporation) MD5=782568AB6A43160A159B6215B70BCCE9 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18493_none_b2bfcb7c66ac7d10\tcpip.sys

[2008/04/26 09:26:49 | 000,891,448 | ---- | M] (Microsoft Corporation) MD5=82E266BEE5F0167E41C6ECFDD2A79C02 -- C:\Windows\SoftwareDistribution\Download\e96ddab89324864a3f629877ea55d924\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18063_none_b2e033a8669434a1\tcpip.sys

[2009/11/10 19:50:01 | 000,897,608 | ---- | M] (Microsoft Corporation) MD5=8A7AD2A214233F684242F289ED83EBC3 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18311_none_b3144862666d6db3\tcpip.sys

[2010/06/16 17:04:57 | 000,905,088 | ---- | M] (Microsoft Corporation) MD5=A474879AFA4A596B3A531F3E69730DBF -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18272_none_b4baded863c37e22\tcpip.sys

[2006/11/02 09:58:38 | 000,802,816 | ---- | M] (Microsoft Corporation) MD5=D944522B048A5FEB7700B5170D3D9423 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16386_none_5f4ed3e0926e99e4\tcpip.sys

[2008/01/18 23:43:40 | 000,891,448 | ---- | M] (Microsoft Corporation) MD5=FC6E2835D667774D409C7C7021EAF9C4 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18000_none_b31e1252666640f6\tcpip.sys

[2009/11/10 19:50:02 | 000,905,784 | ---- | M] (Microsoft Corporation) MD5=FF71856BD4CD6D4367F9FD84BE79A874 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22200_none_b58e289d7caa2a80\tcpip.sys

 

< MD5 for: TDPIPE.SYS >

[2008/01/18 22:01:08 | 000,017,920 | ---- | M] (Microsoft Corporation) MD5=5DCF5E267BE67A1AE926F2DF77FBCC56 -- C:\Windows\System32\drivers\tdpipe.sys

[2008/01/18 22:01:08 | 000,017,920 | ---- | M] (Microsoft Corporation) MD5=5DCF5E267BE67A1AE926F2DF77FBCC56 -- C:\Windows\winsxs\x86_microsoft-windows-t..es-transportdrivers_31bf3856ad364e35_6.0.6001.18000_none_dbac376c44b742d7\tdpipe.sys

[2006/11/02 10:02:01 | 000,017,920 | ---- | M] (Microsoft Corporation) MD5=964248AEF49C31FA6A93201A73FFAF50 -- C:\Windows\winsxs\x86_microsoft-windows-t..es-transportdrivers_31bf3856ad364e35_6.0.6000.16386_none_d975757047cc3203\tdpipe.sys

 

< MD5 for: TDTCP.SYS >

[2008/01/18 22:01:10 | 000,029,184 | ---- | M] (Microsoft Corporation) MD5=389C63E32B3CEFED425B61ED92D3F021 -- C:\Windows\System32\drivers\tdtcp.sys

[2008/01/18 22:01:10 | 000,029,184 | ---- | M] (Microsoft Corporation) MD5=389C63E32B3CEFED425B61ED92D3F021 -- C:\Windows\winsxs\x86_microsoft-windows-t..es-transportdrivers_31bf3856ad364e35_6.0.6001.18000_none_dbac376c44b742d7\tdtcp.sys

[2006/11/02 10:02:01 | 000,028,672 | ---- | M] (Microsoft Corporation) MD5=7D2C1AE1648A60FCE4AA0F7982E419D3 -- C:\Windows\winsxs\x86_microsoft-windows-t..es-transportdrivers_31bf3856ad364e35_6.0.6000.16386_none_d975757047cc3203\tdtcp.sys

 

< MD5 for: USBPRINT.SYS >

[2006/11/02 10:14:58 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=B51E52ACF758BE00EF3A58EA452FE360 -- C:\Windows\System32\DriverStore\FileRepository\usbprint.inf_35521f61\usbprint.sys

[2008/01/18 22:14:42 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=E75C4B5269091D15A2E7DC0B6D35F2F5 -- C:\Windows\System32\drivers\usbprint.sys

[2008/01/18 22:14:42 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=E75C4B5269091D15A2E7DC0B6D35F2F5 -- C:\Windows\System32\DriverStore\FileRepository\usbprint.inf_29f90369\usbprint.sys

[2008/01/18 22:14:42 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=E75C4B5269091D15A2E7DC0B6D35F2F5 -- C:\Windows\winsxs\x86_usbprint.inf_31bf3856ad364e35_6.0.6001.18000_none_32f9c26ac169fb1e\usbprint.sys

 

< MD5 for: USBSCAN.SYS >

[2008/01/18 22:14:10 | 000,035,328 | ---- | M] (Microsoft Corporation) MD5=A508C9BD8724980512136B039BBA65E9 -- C:\Windows\System32\drivers\usbscan.sys

[2008/01/18 22:14:10 | 000,035,328 | ---- | M] (Microsoft Corporation) MD5=A508C9BD8724980512136B039BBA65E9 -- C:\Windows\System32\DriverStore\FileRepository\sti.inf_67b3f94c\usbscan.sys

[2008/01/18 22:14:10 | 000,035,328 | ---- | M] (Microsoft Corporation) MD5=A508C9BD8724980512136B039BBA65E9 -- C:\Windows\winsxs\x86_sti.inf_31bf3856ad364e35_6.0.6001.18000_none_59ded168e0c6a0d3\usbscan.sys

[2006/11/02 10:14:17 | 000,035,328 | ---- | M] (Microsoft Corporation) MD5=B1F95285C08DDFE00C0B955462637EC7 -- C:\Windows\System32\DriverStore\FileRepository\sti.inf_727905e0\usbscan.sys

 

< MD5 for: USERINIT.EXE >

[2008/01/18 23:33:34 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\System32\userinit.exe

[2008/01/18 23:33:34 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe

[2006/11/02 10:45:50 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=22027835939F86C3E47AD8E3FBDE3D11 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6000.16386_none_d9f1f819d4c4e737\userinit.exe

 

< MD5 for: WININIT.EXE >

[2008/01/18 23:33:38 | 000,096,768 | ---- | M] (Microsoft Corporation) MD5=101BA3EA053480BB5D957EF37C06B5ED -- C:\Windows\System32\wininit.exe

[2008/01/18 23:33:38 | 000,096,768 | ---- | M] (Microsoft Corporation) MD5=101BA3EA053480BB5D957EF37C06B5ED -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.0.6001.18000_none_30f2b8cf0450a6a2\wininit.exe

[2006/11/02 10:45:57 | 000,095,744 | ---- | M] (Microsoft Corporation) MD5=D4385B03E8CCCEE6F0EE249F827C1F3E -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.0.6000.16386_none_2ebbf6d3076595ce\wininit.exe

 

< MD5 for: WINLOGON.EXE >

[2006/11/02 10:45:57 | 000,308,224 | ---- | M] (Microsoft Corporation) MD5=9F75392B9128A91ABAFB044EA350BAAD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6000.16386_none_6d8c3f1ad8066b21\winlogon.exe

[2008/01/18 23:33:38 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\System32\winlogon.exe

[2008/01/18 23:33:38 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe

 

< %systemroot%\*. /mp /s >

 

< %systemroot%\system32\*.dll /lockedfiles >

[2008/01/18 23:34:10 | 000,347,136 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\dxtmsft.dll

[2008/01/18 23:34:10 | 000,214,528 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\dxtrans.dll

[2006/11/02 10:46:04 | 000,380,957 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\expsrv.dll

 

< %systemroot%\Tasks\*.job /lockedfiles >

 

< End of report >

 

 

Merci encore pour ton aide.

 

@++

[jeanmimigab]

yop,

 

je doit vérifier le contenu de deux fichier.inf...

 

Laisse toutes tes clefs USB branchées et fait un nouveau scanne OTL en procédant comme cela stp...

 

* Fais un double-clic sur l'icône d'OTL pour le lancer

/!\ pour Vista/Seven fais un clic-droit sur l'icône d'OTL et choisis "Exécuter en tant qu'administrateur"

 

* Assure toi d'avoir fermé toutes les applications en court de fonctionnement.

 

* Quand la fenêtre d'OTL apparaît, assure toi que dans la section "Rapport" (en haut à droite) la case "Rapport minimal" soit cochée.

 

* Copies et colles le contenue de cette citation dans la partie inférieure d'OTL

 

type E:\autorun.inf /c

type F:\autorun.inf /c

 

Clique sur "Aucuns" (en dessous de "Analyse rapide" ), puis cliques sur "Analyse"

 

poste le petit rapport qui s'ouvre stp...

Modifié le 6 mars 2011 par jeanmimigab

[titecharlooh]

Voici le résultat.

 

OTL logfile created on: 06/03/2011 18:01:41 - Run 3

OTL by OldTimer - Version 3.2.22.2 Folder = c:\Users\Charline\Downloads

Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation

Internet Explorer (Version = 7.0.6001.18000)

Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy

 

2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 57,00% Memory free

4,00 Gb Paging File | 3,00 Gb Available in Paging File | 68,00% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files

Drive C: | 149,05 Gb Total Space | 14,48 Gb Free Space | 9,71% Space Free | Partition Type: NTFS

Drive E: | 3,72 Gb Total Space | 3,62 Gb Free Space | 97,39% Space Free | Partition Type: FAT32

Drive F: | 3,72 Gb Total Space | 3,62 Gb Free Space | 97,39% Space Free | Partition Type: FAT32

 

Computer Name: CHARLINE-PC | User Name: Charline | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: Off | File Age = 30 Days

 

========== Custom Scans ==========

 

 

< type E:\autorun.inf /c >

[AutoRun]

OPEN=urDrive.exe

ICON=urDrive.exe,0

ACTION=Start urDrive

LABEL=KINGSTON urDrive

 

< type F:\autorun.inf /c >

[AutoRun]

OPEN=urDrive.exe

ICON=urDrive.exe,0

ACTION=Start urDrive

LABEL=KINGSTON urDrive

 

< End of report >

[jeanmimigab]

Ok, ils sont sain...

 

Pour le prochain cycle de correction que nous allons faire avec OTL, assure toi que Firefox ne soit pas en route avant de cliquer sur " correction", c'est important...

 

* Fais un double-clic sur l'icône d'OTL pour le lancer

/!\ pour Vista/Seven fais un clic-droit sur l'icône d'OTL et choisis "Exécuter en tant qu'administrateur"

 

* Assure toi d'avoir fermé toutes les applications en court de fonctionnement (surtout les navigateurs Webs ).

 

* Quand la fenêtre d'OTL apparaît, assure toi que dans la section "Rapport" (en haut à droite) la case "Rapport minimal" soit cochée.

 

* Copies et colles le contenue de cette citation dans la partie inférieure d'OTL "Personnalisation"

 

 

:Files

C:\Users\Charline\AppData\Roaming\Mozilla\Firefox\Profiles\x362zn3c.default\extensions\{364d4e0c-543f-4b85-abe3-19551139da4f}

C:\Users\Charline\Desktop\TDSSKiller.exe

C:\Users\Charline\Desktop\tdsskiller.zip

C:\TDSSKiller_Quarantine

 

:OTL

O3 - HKLM\..\Toolbar: (WalterShop) - {9ec204df-0e48-4c32-816e-2e928a4fd9c2} - mscoree.dll (Microsoft Corporation)

O4 - HKLM\..\Run: [] File not found

O4 - HKLM\..\Run: [[webwiz]] File not found

 

:Commands

[emptytemp]

[EMPTYFLASH]

 

* Cliques sur l'icône "Correction" (en haut à gauche) .

* Laisse le scan aller à son terme sans te servir du PC

* A la fin du scan un rapport va s'ouvrir "OTL.Txt"

* Copie et colle le rapports dans ta réponse stp...

* Au cas où, tu peux les retrouver dans le dossier C:\OTL

 

@++

[titecharlooh]

Voilà le résultat.

 

C'était pour faire quoi le dernier? Excuse ma curiosité mais j'aimerai en sortir moins bête

 

All processes killed

========== FILES ==========

C:\Users\Charline\AppData\Roaming\Mozilla\Firefox\Profiles\x362zn3c.default\extensions\{364d4e0c-543f-4b85-abe3-19551139da4f} folder moved successfully.

C:\Users\Charline\Desktop\TDSSKiller.exe moved successfully.

C:\Users\Charline\Desktop\tdsskiller.zip moved successfully.

File\Folder C:\TDSSKiller_Quarantine not found.

========== OTL ==========

Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{9ec204df-0e48-4c32-816e-2e928a4fd9c2} deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9ec204df-0e48-4c32-816e-2e928a4fd9c2}\ deleted successfully.

File move failed. mscoree.dll scheduled to be moved on reboot.

Registry key HKEY_LOCAL_MACHINE\\Software\Microsoft\Windows\CurrentVersion\Run not found.

Registry key HKEY_LOCAL_MACHINE\\Software\Microsoft\Windows\CurrentVersion\Run not found.

========== COMMANDS ==========

 

[EMPTYTEMP]

 

User: All Users

 

User: Charline

->Temp folder emptied: 627030 bytes

->Temporary Internet Files folder emptied: 396411 bytes

->Java cache emptied: 0 bytes

->FireFox cache emptied: 95849358 bytes

->Flash cache emptied: 2021 bytes

 

User: Default

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 0 bytes

 

User: Default User

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 0 bytes

 

User: Public

 

%systemdrive% .tmp files removed: 0 bytes

%systemroot% .tmp files removed: 0 bytes

%systemroot%\System32 .tmp files removed: 0 bytes

%systemroot%\System32\drivers .tmp files removed: 0 bytes

Windows Temp folder emptied: 21793 bytes

%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes

RecycleBin emptied: 0 bytes

 

Total Files Cleaned = 92,00 mb

 

 

[EMPTYFLASH]

 

User: All Users

 

User: Charline

->Flash cache emptied: 0 bytes

 

User: Default

 

User: Default User

 

User: Public

 

Total Flash Files Cleaned = 0,00 mb

 

 

OTL by OldTimer - Version 3.2.22.2 log created on 03062011_190245

 

Files\Folders moved on Reboot...

File move failed. mscoree.dll scheduled to be moved on reboot.

File move failed. C:\Windows\temp\_avast5_\Webshlock.txt scheduled to be moved on reboot.

 

Registry entries deleted on Reboot...

 

Merci encore pour ton attention.

[jeanmimigab]

re,

 

C'était pour faire quoi le dernier?

 

Il y a une CLSID qui n'avait pas sauter tout à l'heure (peut être à cause d'un processus actif)...puis j'en ai profité pour supprimer TDSSKiller qui ne nous sert plus...

 

 

 

Ton PC est clean maintenant, tu t'es bien débrouillé

 

Pour désinstaller OTL, lance-le et clique sur purge outil...accepte le redémarrage du PC si demander.

 

ensuite il faut créer un point de restauration propre et supprimer ceux infecté en purgeant la restauration système, pour cela utilise OneClick2RP de Laddy

Téléchargement et tuto ici

 

Puis c'est derniers conseils pour maintenir ton PC propre et à jour.

 

Si tu as d'autres questions, n'hésites pas

Pour nettoyer les fichiers temporaires,souvent source de problèmes divers et nettoyer la base de registre Windows fais cela...

 

 

• Télécharge et installe Ccleaner en te rendant sur >> cette page <<
  
• Clique en haut à droite de la page sur "Download Lastest Version" pour lancer le téléchargement.
  
• Installe le et lance le...
  
• Dans la barre d'outil à gauche, clique sur "Nettoyer" (en bas à droite)
  
• Recommence cette opération jusqu'à ce que le message "0 octets supprimés" apparaisse dans la fenêtre de résultat.
  
• Pour info ce nettoyage peu aussi s'effectuer de manière transparente collant Ccleaner /auto dans la commande "Exécuter" du menu démarrer.
   
  Nettoyer aussi ton registre en cliquant sur "Registre" dans la barre d'outils à gauche.
  
• Clique ensuite sur "chercher des erreurs" en bas de la fenêtre, puis clique sur "corriger les erreurs sélectionnées".
  
• Accepte la sauvegarde du registre proposée et suis les instructions de Ccleaner.
  
• Pour info tu peux ouvrir Ccleaner directement à la rubrique "Registre" en collant Ccleaner /registry dans la fenêtre de commande "Exécuter" du menu démarrer.
   
  
• Si tu as besoin tu as un tutoriel >> ici <<

 

=====================================================================================================

 

Pense à mettre à jours Windows:

 

• La méthode la plus simple et l'utilisation de "Windows Update" qui se trouve dans ton menu démarrer

 

 

Pense à mettre à jours Java:

 

• La méthode la plus simple et l'utilisation de >> JavaRa <<

 

Pense à mettre à jour Acrobat reader si il est installé sur ton PC de cette manière:

 

• Ouvre Acrobat reader, clique sur "aide" et choisis "rechercher des mises à jours..."

 

========================================================================================================

Procède à une Défragmentation afin d'optimiser les temps d'accès du disque dur lors de la lecture des :

 

• Pour lancer une défragmentation, double-clique sur Poste de Travail,clic-droit sur le disque à défragmenter puis sur Propriétés.
  
• Choisis l'onglet Outils puis clique sur défragmenter maintenant .
  
• Cette opération est à renouveler régulièrement ( Environs une fois par mois ).

 

 

=====================================================================================================

 

 

 

 

 

un peu de lecture sur la manière de protéger ton surf et ton ordinateur:

 

• un Compte Utilisateur limité accroît la sécurité de l'ordinateur.
   
  
• Quelques mesures préventives pour surfer couvert.
   
  
• Comment éviter les imprudences d'installation.
   
  
• Reconnaitre et éviter les infections Msn.
   
  
• Si tu utilises "Face Book", lis >> cet article << afin de ne pas te faire piéger

[titecharlooh]

Je ne sais comment te remercier!

 

Je vais lire ça dès que possible et à tête reposée.

 

Merci pour ton aide et tes conseils et oui peut-être que je me permettrais de t'embêter à nouveau si j'ai quelques questions.

 

Je te souhaite une très bonne soirée.

 

Charline

[jeanmimigab]

De rien, c'était un plaisir