Rogue, ms tool removal
Fermé
jejedu59000
Messages postés
30
Date d'inscription
dimanche 26 septembre 2010
Statut
Membre
Dernière intervention
15 décembre 2011
-
3 avril 2011 à 12:24
Malekal_morte- Messages postés 180304 Date d'inscription mercredi 17 mai 2006 Statut Modérateur, Contributeur sécurité Dernière intervention 15 décembre 2020 - 3 avril 2011 à 23:37
Malekal_morte- Messages postés 180304 Date d'inscription mercredi 17 mai 2006 Statut Modérateur, Contributeur sécurité Dernière intervention 15 décembre 2020 - 3 avril 2011 à 23:37
A voir également:
- Rogue, ms tool removal
- Media creation tool - Télécharger - Systèmes d'exploitation
- Hp format tool - Télécharger - Stockage
- Junkware removal tool - Télécharger - Sécurité
- Daemon tool - Télécharger - Émulation & Virtualisation
- Microsoft office removal tool - Télécharger - Nettoyage
10 réponses
Malekal_morte-
Messages postés
180304
Date d'inscription
mercredi 17 mai 2006
Statut
Modérateur, Contributeur sécurité
Dernière intervention
15 décembre 2020
24 629
3 avril 2011 à 12:25
3 avril 2011 à 12:25
Salut,
Télécharge RogueKiller et renomme le en winlogon
vois si ça se lance.
Télécharge RogueKiller et renomme le en winlogon
vois si ça se lance.
jejedu59000
Messages postés
30
Date d'inscription
dimanche 26 septembre 2010
Statut
Membre
Dernière intervention
15 décembre 2011
1
3 avril 2011 à 12:35
3 avril 2011 à 12:35
pour mettre sur le bureau je fais
clic droit ==> envoyez vers le bureau (en raccourci)...
Mais je tente tout... Rien ne se passe
clic droit ==> envoyez vers le bureau (en raccourci)...
Mais je tente tout... Rien ne se passe
Malekal_morte-
Messages postés
180304
Date d'inscription
mercredi 17 mai 2006
Statut
Modérateur, Contributeur sécurité
Dernière intervention
15 décembre 2020
24 629
3 avril 2011 à 12:37
3 avril 2011 à 12:37
bha c'est pas bon.... car tu renommes le raccourci....
Tu vas là : https://www.luanagames.com/index.fr.html
Tu clics sur le lien de téléchargement et tu vas sur le bureau.
Comme nom en bas tu mets winlogon
et tu le lances.
Tu vas là : https://www.luanagames.com/index.fr.html
Tu clics sur le lien de téléchargement et tu vas sur le bureau.
Comme nom en bas tu mets winlogon
et tu le lances.
Malekal_morte-
Messages postés
180304
Date d'inscription
mercredi 17 mai 2006
Statut
Modérateur, Contributeur sécurité
Dernière intervention
15 décembre 2020
24 629
3 avril 2011 à 23:37
3 avril 2011 à 23:37
Merci de créer vos sujets pour obtenir de l'aide.
jejedu59000
Messages postés
30
Date d'inscription
dimanche 26 septembre 2010
Statut
Membre
Dernière intervention
15 décembre 2011
1
3 avril 2011 à 12:31
3 avril 2011 à 12:31
je l'avais bien fait comme spécifié sur la vidéo ms tool removal contre roguekiller... Malheureusement, il le bloque également...
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
Malekal_morte-
Messages postés
180304
Date d'inscription
mercredi 17 mai 2006
Statut
Modérateur, Contributeur sécurité
Dernière intervention
15 décembre 2020
24 629
3 avril 2011 à 12:33
3 avril 2011 à 12:33
tu le mets bien sur ton bureau ?
et en le renommant en iexplore ?
et en le renommant en iexplore ?
jejedu59000
Messages postés
30
Date d'inscription
dimanche 26 septembre 2010
Statut
Membre
Dernière intervention
15 décembre 2011
1
3 avril 2011 à 12:54
3 avril 2011 à 12:54
ok, je vous en remercie !
Je lance actuellement malware bytes, je vous posterai le rapport final !
Je lance actuellement malware bytes, je vous posterai le rapport final !
Malekal_morte-
Messages postés
180304
Date d'inscription
mercredi 17 mai 2006
Statut
Modérateur, Contributeur sécurité
Dernière intervention
15 décembre 2020
24 629
3 avril 2011 à 13:00
3 avril 2011 à 13:00
heu et tu as pu faire RogueKiller le rapport est où ?
jejedu59000
Messages postés
30
Date d'inscription
dimanche 26 septembre 2010
Statut
Membre
Dernière intervention
15 décembre 2011
1
3 avril 2011 à 13:17
3 avril 2011 à 13:17
Oublie de ma part ^^"
tenez:
RogueKiller V4.3.6 par Tigzy
contact sur https://www.luanagames.com/index.fr.html
mail: tigzyRK<at>gmail<dot>com
Remontees: https://www.luanagames.com/index.fr.html
Systeme d'exploitation: Windows XP (5.1.2600 Service Pack 2) 32 bits version
Demarrage : Mode normal
Utilisateur: Dell 600 [Droits d'admin]
Mode: Suppression -- Date : 03/04/2011 12:47:40
Processus malicieux: 9
[APPDT/TMP/DESKTOP] oKf31001jFhKl31001.exe -- c:\documents and settings\all users\application data\okf31001jfhkl31001\okf31001jfhkl31001.exe -> KILLED
[RESIDUE] svchost.exe -- c:\windows\system32\svchost.exe -> KILLED
[RESIDUE] svchost.exe -- c:\windows\system32\svchost.exe -> KILLED
[RESIDUE] svchost.exe -- c:\windows\system32\svchost.exe -> KILLED
[RESIDUE] svchost.exe -- c:\windows\system32\svchost.exe -> KILLED
[RESIDUE] svchost.exe -- c:\windows\system32\svchost.exe -> KILLED
[RESIDUE] svchost.exe -- c:\windows\system32\svchost.exe -> KILLED
[RESIDUE] svchost.exe -- c:\windows\system32\svchost.exe -> KILLED
[RESIDUE] svchost.exe -- c:\windows\system32\svchost.exe -> KILLED
Entrees de registre: 5
[APPDT/TMP/DESKTOP] HKCU\[...]\RunOnce : oKf31001jFhKl31001 (C:\Documents and Settings\All Users\Application Data\oKf31001jFhKl31001\oKf31001jFhKl31001.exe) -> DELETED
[BLACKLIST] HKLM\[...]\services : SSHNAS (%SystemRoot%\system32\svchost.exe -k netsvcs) -> DELETED
[BLACKLIST] HKLM\[...]\Root : LEGACY_SSHNAS () -> DELETED
[APPDT/TMP/DESKTOP] Notification de cadeaux MSN.lnk : C:\Documents and Settings\Dell 600\Application Data\Microsoft\Notification de cadeaux MSN\lsnfier.exe -> DELETED
[HJ] HKLM\[...]\SystemRestore : DisableSR (1) -> REPLACED (0)
Fichier HOSTS:
127.0.0.1 localhost
Termine : << RKreport[1].txt >>
RKreport[1].txt
tenez:
RogueKiller V4.3.6 par Tigzy
contact sur https://www.luanagames.com/index.fr.html
mail: tigzyRK<at>gmail<dot>com
Remontees: https://www.luanagames.com/index.fr.html
Systeme d'exploitation: Windows XP (5.1.2600 Service Pack 2) 32 bits version
Demarrage : Mode normal
Utilisateur: Dell 600 [Droits d'admin]
Mode: Suppression -- Date : 03/04/2011 12:47:40
Processus malicieux: 9
[APPDT/TMP/DESKTOP] oKf31001jFhKl31001.exe -- c:\documents and settings\all users\application data\okf31001jfhkl31001\okf31001jfhkl31001.exe -> KILLED
[RESIDUE] svchost.exe -- c:\windows\system32\svchost.exe -> KILLED
[RESIDUE] svchost.exe -- c:\windows\system32\svchost.exe -> KILLED
[RESIDUE] svchost.exe -- c:\windows\system32\svchost.exe -> KILLED
[RESIDUE] svchost.exe -- c:\windows\system32\svchost.exe -> KILLED
[RESIDUE] svchost.exe -- c:\windows\system32\svchost.exe -> KILLED
[RESIDUE] svchost.exe -- c:\windows\system32\svchost.exe -> KILLED
[RESIDUE] svchost.exe -- c:\windows\system32\svchost.exe -> KILLED
[RESIDUE] svchost.exe -- c:\windows\system32\svchost.exe -> KILLED
Entrees de registre: 5
[APPDT/TMP/DESKTOP] HKCU\[...]\RunOnce : oKf31001jFhKl31001 (C:\Documents and Settings\All Users\Application Data\oKf31001jFhKl31001\oKf31001jFhKl31001.exe) -> DELETED
[BLACKLIST] HKLM\[...]\services : SSHNAS (%SystemRoot%\system32\svchost.exe -k netsvcs) -> DELETED
[BLACKLIST] HKLM\[...]\Root : LEGACY_SSHNAS () -> DELETED
[APPDT/TMP/DESKTOP] Notification de cadeaux MSN.lnk : C:\Documents and Settings\Dell 600\Application Data\Microsoft\Notification de cadeaux MSN\lsnfier.exe -> DELETED
[HJ] HKLM\[...]\SystemRestore : DisableSR (1) -> REPLACED (0)
Fichier HOSTS:
127.0.0.1 localhost
Termine : << RKreport[1].txt >>
RKreport[1].txt
Malekal_morte-
Messages postés
180304
Date d'inscription
mercredi 17 mai 2006
Statut
Modérateur, Contributeur sécurité
Dernière intervention
15 décembre 2020
24 629
3 avril 2011 à 13:35
3 avril 2011 à 13:35
OK pour malwarebyte, poste le rapport ici quand il a fini de scanner et ensuite :
* Télécharge http://www.geekstogo.com/forum/files/file/398-otl-oldtimers-list-it/ sur ton bureau.
(Sous Vista/Win7, il faut cliquer droit sur OTL et choisir Exécuter en tant qu'administrateur)
* Lance OTL
* Sous Peronnalisation, copie-colle ce qu'il y a dans le cadre ci-dessous :
netsvcs
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%temp%\.exe /s
%SYSTEMDRIVE%\*.exe
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
/md5start
explorer.exe
winlogon.exe
wininit.exe
/md5stop
CREATERESTOREPOINT
nslookup www.google.fr /c
* Clique sur le bouton Analyse.
* Quand le scan est fini, utilise le site http://pjjoint.malekal.com/ pour envoyer les rapports.
Donnes le liens pjjoint ici ensuite pour pouvoir être consultés.
* Télécharge http://www.geekstogo.com/forum/files/file/398-otl-oldtimers-list-it/ sur ton bureau.
(Sous Vista/Win7, il faut cliquer droit sur OTL et choisir Exécuter en tant qu'administrateur)
* Lance OTL
* Sous Peronnalisation, copie-colle ce qu'il y a dans le cadre ci-dessous :
netsvcs
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%temp%\.exe /s
%SYSTEMDRIVE%\*.exe
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
/md5start
explorer.exe
winlogon.exe
wininit.exe
/md5stop
CREATERESTOREPOINT
nslookup www.google.fr /c
* Clique sur le bouton Analyse.
* Quand le scan est fini, utilise le site http://pjjoint.malekal.com/ pour envoyer les rapports.
Donnes le liens pjjoint ici ensuite pour pouvoir être consultés.
jejedu59000
Messages postés
30
Date d'inscription
dimanche 26 septembre 2010
Statut
Membre
Dernière intervention
15 décembre 2011
1
3 avril 2011 à 13:51
3 avril 2011 à 13:51
Voici le rapport de malware bytes, j'ai supprimer les 2 infections de la quarantaine
Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org
Version de la base de données: 6253
Windows 5.1.2600 Service Pack 2
Internet Explorer 8.0.6001.18702
03/04/2011 13:37:19
mbam-log-2011-04-03 (13-37-19).txt
Type d'examen: Examen complet (C:\|)
Elément(s) analysé(s): 189367
Temps écoulé: 35 minute(s), 10 seconde(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 2
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
(Aucun élément nuisible détecté)
Fichier(s) infecté(s):
c:\documents and settings\all users\application data\okf31001jfhkl31001\okf31001jfhkl31001.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\documents and settings\Dell 600\mes documents\rk_quarantine\okf31001jfhkl31001.exe.vir (Trojan.Downloader) -> Quarantined and deleted successfully.
Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org
Version de la base de données: 6253
Windows 5.1.2600 Service Pack 2
Internet Explorer 8.0.6001.18702
03/04/2011 13:37:19
mbam-log-2011-04-03 (13-37-19).txt
Type d'examen: Examen complet (C:\|)
Elément(s) analysé(s): 189367
Temps écoulé: 35 minute(s), 10 seconde(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 2
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
(Aucun élément nuisible détecté)
Fichier(s) infecté(s):
c:\documents and settings\all users\application data\okf31001jfhkl31001\okf31001jfhkl31001.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\documents and settings\Dell 600\mes documents\rk_quarantine\okf31001jfhkl31001.exe.vir (Trojan.Downloader) -> Quarantined and deleted successfully.
jejedu59000
Messages postés
30
Date d'inscription
dimanche 26 septembre 2010
Statut
Membre
Dernière intervention
15 décembre 2011
1
3 avril 2011 à 14:10
3 avril 2011 à 14:10
voici le lien OTL:
https://pjjoint.malekal.com/files.php?read=q12i9u12b12s13y13z15u6s8
https://pjjoint.malekal.com/files.php?read=q12i9u12b12s13y13z15u6s8
Malekal_morte-
Messages postés
180304
Date d'inscription
mercredi 17 mai 2006
Statut
Modérateur, Contributeur sécurité
Dernière intervention
15 décembre 2020
24 629
3 avril 2011 à 14:12
3 avril 2011 à 14:12
ça c'est extra.txt
manque OTL.txt
manque OTL.txt
jejedu59000
Messages postés
30
Date d'inscription
dimanche 26 septembre 2010
Statut
Membre
Dernière intervention
15 décembre 2011
1
3 avril 2011 à 14:28
3 avril 2011 à 14:28
Il y a un problème, lorsque je mets le rapport, le lien ne se charge pas....
jejedu59000
Messages postés
30
Date d'inscription
dimanche 26 septembre 2010
Statut
Membre
Dernière intervention
15 décembre 2011
1
3 avril 2011 à 14:57
3 avril 2011 à 14:57
Bon... Sa n'arrive pas, je mets donc copier - coller
OTL logfile created on: 03/04/2011 13:52:57 - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Documents and Settings\Dell 600\Mes documents
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy
511,00 Mb Total Physical Memory | 71,00 Mb Available Physical Memory | 14,00% Memory free
1,00 Gb Paging File | 1,00 Gb Available in Paging File | 59,00% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 37,26 Gb Total Space | 26,32 Gb Free Space | 70,65% Space Free | Partition Type: NTFS
Drive E: | 491,55 Mb Total Space | 315,88 Mb Free Space | 64,26% Space Free | Partition Type: FAT
Computer Name: DELL-97FAC938B0 | User Name: Dell 600 | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
[color=#E56717]========== Processes (SafeList) ==========[/color]
PRC - [2011/04/03 13:52:01 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Dell 600\Mes documents\OTL.exe
PRC - [2011/04/01 23:20:19 | 000,943,472 | ---- | M] (Opera Software) -- C:\Program Files\Opera\opera.exe
PRC - [2011/03/28 15:41:14 | 001,910,152 | ---- | M] (LogMeIn Inc.) -- C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe
PRC - [2011/03/28 15:41:12 | 001,242,504 | ---- | M] (LogMeIn Inc.) -- C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
PRC - [2010/12/20 19:08:46 | 000,963,976 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
PRC - [2010/11/09 11:32:46 | 000,297,752 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgwdsvc.exe
PRC - [2010/05/14 12:44:46 | 000,248,552 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe
PRC - [2010/02/02 00:15:44 | 007,418,368 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\soffice.bin
PRC - [2010/02/02 00:15:40 | 007,424,000 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\soffice.exe
PRC - [2009/07/14 00:18:12 | 000,071,096 | ---- | M] () -- C:\Program Files\CDBurnerXP\NMSAccessU.exe
PRC - [2006/10/29 18:17:20 | 000,557,056 | ---- | M] (Motorola Inc.) -- C:\WINDOWS\sm56hlpr.exe
PRC - [2006/06/29 13:13:32 | 001,032,192 | ---- | M] (Dell Inc) -- C:\Program Files\Dell\QuickSet\quickset.exe
PRC - [2006/06/29 13:12:34 | 000,376,832 | ---- | M] (Dell Inc.) -- C:\Program Files\Dell\QuickSet\NicConfigSvc.exe
PRC - [2005/02/12 22:29:07 | 002,938,552 | ---- | M] () -- C:\Program Files\Pando Networks\Media Booster\PMB.exe
PRC - [2004/08/05 12:00:00 | 001,036,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2002/01/23 07:19:26 | 001,744,896 | ---- | M] () -- C:\ScanPanel\ScnPanel.exe
[color=#E56717]========== Modules (SafeList) ==========[/color]
MOD - [2011/04/03 13:52:01 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Dell 600\Mes documents\OTL.exe
MOD - [2006/06/29 13:13:50 | 000,073,728 | ---- | M] () -- C:\Program Files\Dell\QuickSet\dadkeyb.dll
MOD - [2004/08/05 12:00:00 | 001,050,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll
[color=#E56717]========== Win32 Services (SafeList) ==========[/color]
SRV - File not found [Disabled | Stopped] -- -- (HidServ)
SRV - [2011/03/28 15:41:12 | 001,242,504 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- C:\Program Files\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)
SRV - [2010/11/09 11:32:46 | 000,297,752 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG8\avgwdsvc.exe -- (avg8wd)
SRV - [2010/11/09 11:32:23 | 000,908,056 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Stopped] -- C:\Program Files\AVG\AVG8\avgemc.exe -- (avg8emc)
SRV - [2009/07/14 00:18:12 | 000,071,096 | ---- | M] () [Auto | Running] -- C:\Program Files\CDBurnerXP\NMSAccessU.exe -- (NMSAccessU)
SRV - [2006/06/29 13:12:34 | 000,376,832 | ---- | M] (Dell Inc.) [Auto | Running] -- C:\Program Files\Dell\QuickSet\NicConfigSvc.exe -- (NICCONFIGSVC)
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
DRV - [2010/11/09 11:33:17 | 000,027,784 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\WINDOWS\System32\Drivers\avgmfx86.sys -- (AvgMfx86)
DRV - [2010/11/09 11:33:16 | 000,335,240 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\avgldx86.sys -- (AvgLdx86)
DRV - [2010/11/09 11:33:07 | 000,108,552 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\avgtdix.sys -- (AvgTdiX)
DRV - [2010/11/09 11:32:22 | 000,012,552 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS\System32\Drivers\avgrkx86.sys -- (AvgRkx86)
DRV - [2010/02/03 15:56:56 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hamachi.sys -- (hamachi)
DRV - [2009/08/05 22:48:42 | 000,054,752 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\fssfltr_tdi.sys -- (fssfltr)
DRV - [2007/10/02 04:06:40 | 000,451,968 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\rt73.sys -- (RT73)
DRV - [2007/02/08 15:51:16 | 002,209,408 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\w29n51.sys -- (w29n51) Pilote de carte de connexion réseau Intel(R)
DRV - [2006/10/29 18:17:22 | 000,922,148 | ---- | M] (Motorola Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\smserial.sys -- (smserial)
DRV - [2006/10/12 10:28:42 | 000,604,928 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\BCMWL5.SYS -- (BCM43XX)
DRV - [2006/04/01 17:33:32 | 000,020,579 | ---- | M] (O2Micro) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ozscr.sys -- (O2SCBUS)
DRV - [2006/04/01 17:33:16 | 000,134,272 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\b57xp32.sys -- (b57w2k)
DRV - [2005/11/10 23:49:24 | 001,406,464 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2005/08/12 18:50:46 | 000,016,128 | ---- | M] (Dell Inc) [Kernel | System | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\APPDRV.SYS -- (APPDRV)
DRV - [2004/11/15 16:37:52 | 000,264,440 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\stac97.sys -- (STAC97) Audio Driver (WDM)
DRV - [2003/09/19 15:45:48 | 000,021,248 | ---- | M] (Padus, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pfc.sys -- (pfc)
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
[color=#E56717]========== Internet Explorer ==========[/color]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?gws_rd=ssl
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.google.com/?gws_rd=ssl
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://ww12.cherche.us
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = cherche.us
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://ww12.cherche.us{searchTerms}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = fr
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = D0 A4 C7 F2 98 EE CA 01 [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page_bak = https://www.google.com/?gws_rd=ssl
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
[color=#E56717]========== FireFox ==========[/color]
FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Ask.com"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "Bing"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "https://www.msn.com/fr-fr"
FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:2.1.1.20091029021655
FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:5.0.0.6778
FF - prefs.js..extensions.enabledItems: {3f963a5b-e555-4543-90e2-c3908898db71}:8.5.0.429
FF - prefs.js..extensions.enabledItems: {1d5287d1-8a92-0001-1f31-1cec198018d8}:2.0.20080718
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..oldKeyword: "data:text/plain,keyword.URL=https://fr.search.yahoo.com/web?fr=yff35awe"
FF - HKLM\software\mozilla\Firefox\Extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\Program Files\AVG\AVG8\Firefox [2010/11/10 14:06:21 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{1d5287d1-8a92-0001-1f31-1cec198018d8}: C:\Program Files\AVG\AVG8\ToolbarFF [2010/11/08 22:06:05 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/04/02 12:50:07 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/04/02 12:50:00 | 000,000,000 | ---D | M]
[2003/12/15 22:02:57 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Dell 600\Application Data\Mozilla\Extensions
[2011/04/02 12:52:21 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Dell 600\Application Data\Mozilla\Firefox\Profiles\vdp2bp6a.default\extensions
[2011/02/26 12:53:05 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Dell 600\Application Data\Mozilla\Firefox\Profiles\vdp2bp6a.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011/04/02 12:52:21 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Documents and Settings\Dell 600\Application Data\Mozilla\Firefox\Profiles\vdp2bp6a.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2011/03/13 21:17:14 | 000,002,650 | ---- | M] () -- C:\Documents and Settings\Dell 600\Application Data\Mozilla\Firefox\Profiles\vdp2bp6a.default\searchplugins\bing.xml
[2010/07/25 13:43:06 | 000,001,575 | ---- | M] () -- C:\Documents and Settings\Dell 600\Application Data\Mozilla\Firefox\Profiles\vdp2bp6a.default\searchplugins\cherche.xml
[2011/04/02 12:50:06 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011/04/02 12:50:00 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2010/12/10 11:57:47 | 000,000,000 | ---D | M] (Skype extension) -- C:\Program Files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
[2011/02/19 03:23:06 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2011/04/02 12:50:06 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\distribution\extensions
[2011/04/02 12:50:06 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Program Files\Mozilla Firefox\distribution\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
File not found (No name found) --
[2011/02/19 03:22:38 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2010/01/01 10:00:00 | 000,135,168 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\browsercomps.dll
[2011/02/19 03:22:38 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2003/12/15 21:07:12 | 000,072,960 | ---- | M] (Foxit Software Company) -- C:\Program Files\Mozilla Firefox\plugins\npFoxitReaderPlugin.dll
[2010/01/01 10:00:00 | 000,001,516 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazon-france.xml
[2010/01/01 10:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\bing.xml
[2010/01/01 10:00:00 | 000,001,822 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\cnrtl-tlfi-fr.xml
[2010/01/01 10:00:00 | 000,001,154 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-france.xml
[2005/02/13 04:09:28 | 000,000,615 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\pucuy.xml
[2010/01/01 10:00:00 | 000,001,426 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-fr.xml
[2010/01/01 10:00:00 | 000,000,956 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-france.xml
O1 HOSTS File: ([2010/10/11 23:17:19 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Programme d'aide de l'Assistant de connexion Windows Live) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (AVG Security Toolbar) - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\Program Files\AVG\AVG8\avgtoolbar.dll (AVG, Technologies CZ, s.r.o )
O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O3 - HKLM\..\Toolbar: (Easy-WebPrint) - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll ()
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\Program Files\AVG\AVG8\avgtoolbar.dll (AVG, Technologies CZ, s.r.o )
O3 - HKCU\..\Toolbar\WebBrowser: (AVG Security Toolbar) - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\Program Files\AVG\AVG8\avgtoolbar.dll (AVG, Technologies CZ, s.r.o )
O4 - HKLM..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe (Dell Inc)
O4 - HKLM..\Run: [Easy-PrintToolBox] C:\Program Files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE (CANON INC.)
O4 - HKLM..\Run: [KernelFaultCheck] File not found
O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
O4 - HKLM..\Run: [SMSERIAL] C:\WINDOWS\sm56hlpr.exe (Motorola Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
O4 - HKCU..\Run: [Pando Media Booster] C:\Program Files\Pando Networks\Media Booster\PMB.exe ()
O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\ScanPanel.lnk = C:\ScanPanel\ScnPanel.exe ()
O4 - Startup: C:\Documents and Settings\Dell 600\Menu Démarrer\Programmes\Démarrage\OpenOffice.org 3.2.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Easy-WebPrint Ajouter à la liste d'impressions - C:\Program Files\Canon\Easy-WebPrint\Resource.dll ()
O8 - Extra context menu item: Easy-WebPrint Impression rapide - C:\Program Files\Canon\Easy-WebPrint\Resource.dll ()
O8 - Extra context menu item: Easy-WebPrint Imprimer - C:\Program Files\Canon\Easy-WebPrint\Resource.dll ()
O8 - Extra context menu item: Easy-WebPrint Prévisualiser - C:\Program Files\Canon\Easy-WebPrint\Resource.dll ()
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O15 - HKCU\..Trusted Domains: chat-land.org ([]* in Trusted sites)
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab (Checkers Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab (MessengerStatsClient Class)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Fichiers communs\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O20 - Winlogon\Notify\avgrsstarter: DllName - avgrsstx.dll - C:\WINDOWS\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
O24 - Desktop Components:0 (Ma page d'accueil) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Dell 600\Application Data\Microsoft\Internet Explorer\Internet Explorer Wallpaper.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Dell 600\Application Data\Microsoft\Internet Explorer\Internet Explorer Wallpaper.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2003/12/15 20:45:06 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
NetSvcs: 6to4 - File not found
NetSvcs: HidServ - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found
MsConfig - StartUpReg: [b]AVG8_TRAY[/b] - hkey= - key= - C:\Program Files\AVG\AVG8\avgtray.exe (AVG Technologies CZ, s.r.o.)
MsConfig - StartUpReg: [b]DivXUpdate[/b] - hkey= - key= - C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
MsConfig - StartUpReg: [b]msnmsgr[/b] - hkey= - key= - C:\Program Files\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation)
MsConfig - StartUpReg: [b]Skype[/b] - hkey= - key= - C:\Program Files\Skype\Phone\Skype.exe (Skype Technologies S.A.)
MsConfig - StartUpReg: [b]UpdateMyDrivers[/b] - hkey= - key= - C:\Program Files\SmartTweak Software\UpdateMyDrivers\UpdateMyDrivers.exe ()
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: sermouse.sys - Driver
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vga.sys - Driver
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: Hamachi2Svc - C:\Program Files\LogMeIn Hamachi\hamachi-2.exe (LogMeIn Inc.)
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: sermouse.sys - Driver
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vga.sys - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Rendu VML (Vector Graphics Rendering)
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4
ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Liaison de données Dynamic HTML pour Java
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe
ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Création avancée
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - Classes Java DirectAnimation
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.8
ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser
ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7131646D-CD3C-40F4-97B9-CD9E4E6262EF} - .NET Framework
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - c:\WINDOWS\system32\Rundll32.exe c:\WINDOWS\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {ACC563BC-4266-43f0-B6ED-9D38C4202C7E} -
ActiveX: {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} - .NET Framework
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Planificateur de tâches
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exe
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\WINDOWS\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE
ActiveX: >{DFB17AA8-042A-429D-987C-26CE244A4189} - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
Drivers32: msacm.ac3acm - C:\WINDOWS\System32\ac3acm.acm (fccHandler)
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.lameacm - C:\WINDOWS\System32\lameACM.acm (http://www.mp3dev.org/
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\WINDOWS\System32\DivX.dll (DivX, Inc.)
Drivers32: VIDC.FFDS - C:\WINDOWS\System32\ff_vfw.dll ()
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: VIDC.XVID - C:\WINDOWS\System32\xvidvfw.dll ()
Drivers32: VIDC.YV12 - C:\WINDOWS\System32\DivX.dll (DivX, Inc.)
Unable to start service SrService!
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
[2011/04/03 13:52:01 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Dell 600\Mes documents\OTL.exe
[2011/04/03 12:47:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dell 600\Mes documents\RK_Quarantine
[2011/04/03 10:13:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\oKf31001jFhKl31001
[2011/04/03 01:35:49 | 000,000,000 | ---D | C] -- C:\Program Files\LogMeIn Hamachi
[2011/04/03 01:35:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\LogMeIn Hamachi
[2011/03/28 19:37:25 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Dell 600\Recent
[2011/03/13 21:17:15 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Dell 600\Bureau\Services Windows Live
[2011/03/13 21:16:58 | 001,794,920 | ---- | C] (Microsoft Corporation) -- C:\Documents and Settings\Dell 600\Mes documents\Installation_WLMessenger2009.exe
[2011/03/13 20:10:33 | 001,243,496 | ---- | C] (Microsoft Corporation) -- C:\Documents and Settings\Dell 600\Mes documents\wlsetup-web.exe
[2010/08/11 13:08:01 | 000,018,120 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\ArtecPro.sys
[2010/05/08 09:17:40 | 000,018,944 | ---- | C] ( ) -- C:\WINDOWS\System32\implode.DLL
[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\Documents and Settings\Dell 600\*.tmp files -> C:\Documents and Settings\Dell 600\*.tmp -> ]
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
[2011/04/03 13:52:01 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Dell 600\Mes documents\OTL.exe
[2011/04/03 13:41:16 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/04/03 13:40:24 | 000,001,198 | ---- | M] () -- C:\WINDOWS\ScnPanel.ini
[2011/04/03 13:40:06 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/04/03 12:47:17 | 001,058,816 | ---- | M] () -- C:\Documents and Settings\Dell 600\Mes documents\winlogon.exe
[2011/04/03 12:45:42 | 001,058,816 | ---- | M] () -- C:\Documents and Settings\Dell 600\Bureau\winlogon.exe.exe
[2011/04/03 12:40:56 | 001,228,854 | ---- | M] () -- C:\fsqwr.bmp
[2011/04/02 19:29:42 | 000,002,265 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Skype.lnk
[2011/04/02 12:50:09 | 000,000,742 | ---- | M] () -- C:\Documents and Settings\Dell 600\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2011/04/02 12:50:09 | 000,000,724 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Mozilla Firefox.lnk
[2011/04/01 23:35:35 | 000,000,858 | ---- | M] () -- C:\Documents and Settings\Dell 600\Bureau\Raccourci vers tw_focus_ok.user.lnk
[2011/04/01 23:20:58 | 000,001,510 | ---- | M] () -- C:\Documents and Settings\Dell 600\Application Data\Microsoft\Internet Explorer\Quick Launch\Opera.lnk
[2011/04/01 23:20:57 | 000,001,492 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Opera.lnk
[2011/04/01 23:14:54 | 000,000,331 | ---- | M] () -- C:\Documents and Settings\Dell 600\Mes documents\tw_focus_ok.user.js
[2011/03/31 22:18:38 | 000,297,726 | ---- | M] () -- C:\Documents and Settings\Dell 600\Mes documents\Sans nom 1.odt
[2011/03/28 15:40:12 | 000,007,808 | ---- | M] () -- C:\Documents and Settings\Dell 600\Mes documents\Zeus-greek-mythology-god-of-the-gods.jpg
[2011/03/22 12:37:36 | 000,023,904 | ---- | M] () -- C:\Documents and Settings\Dell 600\Mes documents\1902AU02032011.PDF
[2011/03/22 11:45:31 | 000,023,881 | ---- | M] () -- C:\Documents and Settings\Dell 600\Mes documents\12AU17032011.PDF
[2011/03/20 07:55:34 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011/03/19 09:22:21 | 000,000,412 | ---- | M] () -- C:\Documents and Settings\Dell 600\Mes documents\spider.sav
[2011/03/18 10:01:35 | 000,023,891 | ---- | M] () -- C:\Documents and Settings\Dell 600\Mes documents\SECU03AU11032011.PDF
[2011/03/14 20:32:07 | 000,412,062 | ---- | M] () -- C:\Documents and Settings\Dell 600\Mes documents\rapport de stage, roman.odt
[2011/03/14 18:38:49 | 000,003,199 | ---- | M] () -- C:\WINDOWS\Ausba5.ini
[2011/03/14 14:48:19 | 000,114,894 | ---- | M] () -- C:\Documents and Settings\Dell 600\Mes documents\OXYMETAL.BMP
[2011/03/14 14:44:56 | 000,000,569 | ---- | M] () -- C:\WINDOWS\ULEAD32.INI
[2011/03/13 21:17:16 | 000,001,194 | ---- | M] () -- C:\Documents and Settings\Dell 600\Bureau\Aller sur MSN.fr.lnk
[2011/03/13 21:17:07 | 001,794,920 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\Dell 600\Mes documents\Installation_WLMessenger2009.exe
[2011/03/13 20:10:42 | 001,243,496 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\Dell 600\Mes documents\wlsetup-web.exe
[2011/03/10 11:26:12 | 000,023,904 | ---- | M] () -- C:\Documents and Settings\Dell 600\Mes documents\SECU1902AU02032011.PDF
[2011/03/10 11:24:27 | 000,024,539 | ---- | M] () -- C:\Documents and Settings\Dell 600\Mes documents\SECU DU 07 AU 180211.PDF
[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\Documents and Settings\Dell 600\*.tmp files -> C:\Documents and Settings\Dell 600\*.tmp -> ]
[color=#E56717]========== Files Created - No Company Name ==========[/color]
[2011/04/03 12:47:17 | 001,058,816 | ---- | C] () -- C:\Documents and Settings\Dell 600\Mes documents\winlogon.exe
[2011/04/03 12:40:44 | 001,058,816 | ---- | C] () -- C:\Documents and Settings\Dell 600\Bureau\winlogon.exe.exe
[2011/04/03 10:50:04 | 001,228,854 | ---- | C] () -- C:\fsqwr.bmp
[2011/04/02 12:50:09 | 000,000,730 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Mozilla Firefox.lnk
[2011/04/01 23:35:35 | 000,000,858 | ---- | C] () -- C:\Documents and Settings\Dell 600\Bureau\Raccourci vers tw_focus_ok.user.lnk
[2011/04/01 23:20:58 | 000,001,510 | ---- | C] () -- C:\Documents and Settings\Dell 600\Application Data\Microsoft\Internet Explorer\Quick Launch\Opera.lnk
[2011/04/01 23:20:57 | 000,001,498 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Opera.lnk
[2011/04/01 23:20:57 | 000,001,492 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Opera.lnk
[2011/04/01 23:14:52 | 000,000,331 | ---- | C] () -- C:\Documents and Settings\Dell 600\Mes documents\tw_focus_ok.user.js
[2011/03/31 22:13:14 | 000,297,726 | ---- | C] () -- C:\Documents and Settings\Dell 600\Mes documents\Sans nom 1.odt
[2011/03/28 15:38:49 | 000,007,808 | ---- | C] () -- C:\Documents and Settings\Dell 600\Mes documents\Zeus-greek-mythology-god-of-the-gods.jpg
[2011/03/22 12:37:55 | 000,023,904 | ---- | C] () -- C:\Documents and Settings\Dell 600\Mes documents\1902AU02032011.PDF
[2011/03/22 11:45:48 | 000,023,881 | ---- | C] () -- C:\Documents and Settings\Dell 600\Mes documents\12AU17032011.PDF
[2011/03/18 10:02:08 | 000,023,891 | ---- | C] () -- C:\Documents and Settings\Dell 600\Mes documents\SECU03AU11032011.PDF
[2011/03/14 14:48:19 | 000,114,894 | ---- | C] () -- C:\Documents and Settings\Dell 600\Mes documents\OXYMETAL.BMP
[2011/03/13 21:17:16 | 000,001,194 | ---- | C] () -- C:\Documents and Settings\Dell 600\Bureau\Aller sur MSN.fr.lnk
[2011/03/10 11:26:40 | 000,023,904 | ---- | C] () -- C:\Documents and Settings\Dell 600\Mes documents\SECU1902AU02032011.PDF
[2011/03/10 11:25:27 | 000,024,539 | ---- | C] () -- C:\Documents and Settings\Dell 600\Mes documents\SECU DU 07 AU 180211.PDF
[2011/02/20 18:06:02 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010/10/11 20:48:59 | 000,000,048 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2010/08/11 09:01:44 | 001,802,240 | ---- | C] () -- C:\WINDOWS\System32\beconvlib.dll
[2010/08/11 09:01:44 | 000,282,624 | ---- | C] () -- C:\WINDOWS\System32\bprgcomm.dll
[2010/08/11 09:01:44 | 000,131,072 | ---- | C] () -- C:\WINDOWS\System32\CSVSpecialProcessing.dll
[2010/08/11 09:01:43 | 000,221,184 | ---- | C] () -- C:\WINDOWS\System32\SII_PDF.dll
[2010/08/11 09:01:43 | 000,098,304 | ---- | C] () -- C:\WINDOWS\System32\DVM.dll
[2010/08/11 09:01:43 | 000,000,530 | ---- | C] () -- C:\WINDOWS\System32\tx151ic.ini
[2010/08/11 09:01:42 | 000,102,400 | ---- | C] () -- C:\WINDOWS\System32\SARzilla.dll
[2010/08/11 09:01:42 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\RegisterExe.exe
[2010/07/24 12:44:29 | 000,000,000 | ---- | C] () -- C:\WINDOWS\OpPrintServer.INI
[2010/07/24 12:35:57 | 000,007,680 | ---- | C] () -- C:\WINDOWS\System32\CNMVS5y.DLL
[2010/07/11 19:02:01 | 000,045,056 | R--- | C] () -- C:\WINDOWS\GetKey5.dll
[2010/07/11 19:02:00 | 000,167,936 | R--- | C] () -- C:\WINDOWS\A5.dll
[2010/06/22 16:39:13 | 000,005,632 | ---- | C] () -- C:\Documents and Settings\Dell 600\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/06/05 09:36:35 | 000,087,552 | ---- | C] () -- C:\WINDOWS\System32\cpwmon2k.dll
[2010/05/30 15:10:52 | 000,061,440 | ---- | C] () -- C:\WINDOWS\1200White.dat
[2010/05/30 15:10:47 | 000,061,440 | ---- | C] () -- C:\WINDOWS\1200Dark.dat
[2010/05/30 15:10:41 | 000,000,006 | ---- | C] () -- C:\WINDOWS\1200Expou.dat
[2010/05/30 15:10:41 | 000,000,003 | ---- | C] () -- C:\WINDOWS\1200Offsetu.dat
[2010/05/30 15:10:41 | 000,000,003 | ---- | C] () -- C:\WINDOWS\1200Gain6.dat
[2010/05/30 14:27:43 | 000,011,612 | ---- | C] () -- C:\WINDOWS\Dusb5ar.ini
[2010/05/30 14:27:43 | 000,003,199 | ---- | C] () -- C:\WINDOWS\Ausba5.ini
[2010/05/30 14:27:43 | 000,001,198 | ---- | C] () -- C:\WINDOWS\ScnPanel.ini
[2010/05/30 14:27:24 | 000,167,936 | ---- | C] () -- C:\WINDOWS\Ausba5.dll
[2010/05/30 14:27:20 | 000,001,608 | ---- | C] () -- C:\WINDOWS\ePro300.ini
[2010/05/08 09:18:57 | 000,014,058 | ---- | C] () -- C:\WINDOWS\System32\SXHODL.DLL
[2010/05/08 09:18:57 | 000,011,322 | ---- | C] () -- C:\WINDOWS\System32\TTFOX32.DLL
[2010/05/08 09:18:56 | 000,009,744 | ---- | C] () -- C:\WINDOWS\System32\SSTBS32.DLL
[2010/05/08 09:18:56 | 000,000,045 | ---- | C] () -- C:\WINDOWS\System32\QDVARV6.INI
[2010/05/08 09:17:50 | 000,000,073 | ---- | C] () -- C:\WINDOWS\QD-INSTALL.INI
[2010/05/08 09:17:43 | 000,000,301 | ---- | C] () -- C:\WINDOWS\System32\QdwinV6.INI
[2010/05/08 09:17:41 | 000,243,712 | ---- | C] () -- C:\WINDOWS\System32\Tx32.dll
[2010/05/08 09:17:40 | 000,000,034 | ---- | C] () -- C:\WINDOWS\System32\QDSCRIBE.INI
[2010/05/08 09:17:39 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\Sklnk32.dll
[2009/08/22 15:39:45 | 000,069,632 | ---- | C] () -- C:\WINDOWS\sm56spn.dll
[2009/08/22 15:39:45 | 000,069,632 | ---- | C] () -- C:\WINDOWS\sm56itl.dll
[2009/08/22 15:39:45 | 000,061,440 | ---- | C] () -- C:\WINDOWS\sm56ger.dll
[2009/08/22 15:39:45 | 000,053,248 | ---- | C] () -- C:\WINDOWS\sm56jpn.dll
[2009/08/22 15:39:44 | 000,069,632 | ---- | C] () -- C:\WINDOWS\sm56eng.dll
[2009/08/22 15:39:44 | 000,069,632 | ---- | C] () -- C:\WINDOWS\sm56brz.dll
[2009/08/22 15:39:44 | 000,061,440 | ---- | C] () -- C:\WINDOWS\sm56fra.dll
[2009/08/22 15:39:44 | 000,049,152 | ---- | C] () -- C:\WINDOWS\sm56cht.dll
[2009/08/22 15:39:44 | 000,049,152 | ---- | C] () -- C:\WINDOWS\sm56chs.dll
[2009/08/22 15:37:35 | 000,233,472 | ---- | C] () -- C:\WINDOWS\System32\cmirmdrv.exe
[2009/08/22 15:37:35 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\cmirmdrv.dll
[2005/03/29 01:22:59 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2005/03/29 01:22:59 | 000,004,627 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2005/02/13 04:59:52 | 000,000,569 | ---- | C] () -- C:\WINDOWS\ULEAD32.INI
[2004/08/05 12:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2004/08/05 12:00:00 | 000,501,470 | ---- | C] () -- C:\WINDOWS\System32\perfh00C.dat
[2004/08/05 12:00:00 | 000,433,004 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2004/08/05 12:00:00 | 000,322,810 | ---- | C] () -- C:\WINDOWS\System32\perfi00C.dat
[2004/08/05 12:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2004/08/05 12:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2004/08/05 12:00:00 | 000,081,294 | ---- | C] () -- C:\WINDOWS\System32\perfc00C.dat
[2004/08/05 12:00:00 | 000,067,960 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2004/08/05 12:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2004/08/05 12:00:00 | 000,034,108 | ---- | C] () -- C:\WINDOWS\System32\perfd00C.dat
[2004/08/05 12:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2004/08/05 12:00:00 | 000,027,440 | ---- | C] () -- C:\WINDOWS\System32\drivers\secdrv.sys
[2004/08/05 12:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004/08/05 12:00:00 | 000,001,788 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin
[2004/08/05 12:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2003/12/15 22:17:45 | 000,104,376 | ---- | C] () -- C:\WINDOWS\System32\atiicdxx.dat
[2003/12/15 22:02:49 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2003/12/15 22:01:53 | 000,000,004 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\QSLLPSVCShare
[2003/12/15 21:35:36 | 000,004,205 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2003/12/15 21:34:22 | 000,200,936 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2003/12/15 21:07:47 | 000,168,448 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2003/12/15 21:07:46 | 000,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini
[2003/12/15 21:07:44 | 000,881,664 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2003/12/15 21:07:44 | 000,205,824 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2003/12/15 21:07:43 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2003/12/15 21:07:42 | 000,085,504 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2003/12/15 20:48:55 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2003/12/15 20:41:32 | 000,021,892 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[1997/06/14 12:56:08 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\iyvu9_32.dll
[1996/04/03 21:33:26 | 000,005,248 | ---- | C] () -- C:\WINDOWS\System32\giveio.sys
[color=#E56717]========== Custom Scans ==========[/color]
[color=#A23BEC]< %ALLUSERSPROFILE%\Application Data\*. >[/color]
[2010/05/08 20:36:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\2DBoy
[2011/02/16 11:15:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\avg7
[2011/02/09 11:01:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\avg8
[2010/06/22 13:08:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DivX
[2010/05/13 08:51:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Driver Whiz
[2010/11/22 20:43:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Google
[2010/09/26 21:34:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2010/10/07 23:03:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\McAfee
[2010/06/05 06:47:40 | 000,000,000 | --SD | M] -- C:\Documents and Settings\All Users\Application Data\Microsoft
[2011/04/03 13:37:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\oKf31001jFhKl31001
[2005/02/12 22:29:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PMB Files
[2010/12/10 11:55:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Skype
[2010/06/07 11:44:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sun
[2010/05/09 11:51:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2010/10/12 16:16:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Trymedia
[2010/05/15 08:25:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
[2010/06/08 20:31:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WinZip
[2010/11/22 19:47:55 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\~0
[color=#A23BEC]< %ALLUSERSPROFILE%\Application Data\*.exe /s >[/color]
[2010/05/07 15:47:34 | 002,833,085 | ---- | M] (SmartTweak Software ) -- C:\Documents and Settings\All Users\Application Data\~0\UpdateMyDrivers.exe
[2010/06/22 13:05:21 | 000,056,969 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\ASPEncoder\Uninstaller.exe
[2010/06/22 13:05:52 | 000,057,409 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\ControlPanel\Uninstaller.exe
[2010/06/22 13:06:12 | 000,054,128 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\Converter\Uninstaller.exe
[2010/06/22 13:06:14 | 000,054,153 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\DFXPlugin\Uninstaller.exe
[2010/06/22 13:06:16 | 000,056,458 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\DivXDecoderShortcut\Uninstaller.exe
[2010/06/22 13:07:47 | 000,056,765 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\DivXPlusShortcuts\Uninstaller.exe
[2010/06/22 13:06:16 | 000,054,174 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\DSAACDecoder\Uninstaller.exe
[2010/06/22 13:06:19 | 000,057,532 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\DSASPDecoder\Uninstaller.exe
[2010/06/22 13:06:20 | 000,054,166 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\DSAVCDecoder\Uninstaller.exe
[2010/06/22 13:06:22 | 000,057,054 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\DSDesktopComponents\Uninstaller.exe
[2010/06/22 13:05:53 | 000,054,101 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\MPEG2Plugin\Uninstaller.exe
[2010/06/22 13:05:50 | 000,052,963 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\MSVC80CRTRedist\Uninstaller.exe
[2010/06/22 13:07:36 | 000,057,715 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\Player\Uninstaller.exe
[2010/06/22 13:05:31 | 000,054,073 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\Qt4.5\Uninstaller.exe
[2010/06/22 12:59:20 | 000,895,256 | ---- | M] (DivX, Inc. ) -- C:\Documents and Settings\All Users\Application Data\DivX\Setup\DivXSetup.exe
[2010/06/22 13:06:09 | 000,054,644 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\TranscodeEngine\Uninstaller.exe
[2010/06/22 13:06:36 | 000,084,062 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\TransferWizard\Uninstaller.exe
[2010/06/22 13:07:37 | 000,053,600 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\Update\Uninstaller.exe
[2010/06/22 13:07:46 | 000,056,997 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\WebPlayer\Uninstaller.exe
[color=#A23BEC]< %APPDATA%\*. >[/color]
[2003/12/15 22:03:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dell 600\Application Data\Adobe
[2010/11/22 09:55:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dell 600\Application Data\AVGTOOLBAR
[2010/05/08 10:00:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dell 600\Application Data\Canneverbe_Limited
[2010/09/11 08:34:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dell 600\Application Data\DF Express
[2011/01/19 15:38:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dell 600\Application Data\DivX
[2010/09/19 14:46:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dell 600\Application Data\dvdcss
[2003/12/15 21:07:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dell 600\Application Data\Foxit
[2011/01/09 22:42:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dell 600\Application Data\gtk-2.0
[2010/08/03 10:26:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dell 600\Application Data\Help
[2003/12/15 20:51:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dell 600\Application Data\Identities
[2003/12/15 22:03:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dell 600\Application Data\Macromedia
[2010/09/26 21:34:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dell 600\Application Data\Malwarebytes
[2010/10/13 11:21:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dell 600\Application Data\Media Player Classic
[2011/03/13 21:17:14 | 000,000,000 | --SD | M] -- C:\Documents and Settings\Dell 600\Application Data\Microsoft
[2003/12/15 22:02:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dell 600\Application Data\Mozilla
[2005/02/13 04:03:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dell 600\Application Data\MSNInstaller
[2010/06/07 11:51:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dell 600\Application Data\OpenOffice.org
[2010/08/09 22:34:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dell 600\Application Data\Opera
[2010/06/08 20:35:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dell 600\Application Data\PeaZip
[2010/05/08 09:58:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dell 600\Application Data\Quick Devis
[2010/05/05 07:25:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dell 600\Application Data\Real
[2011/04/03 01:32:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dell 600\Application Data\Skype
[2011/04/03 00:00:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dell 600\Application Data\skypePM
[2010/05/08 16:51:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dell 600\Application Data\Sun
[2011/02/19 03:24:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dell 600\Application Data\SystemRequirementsLab
[2011/01/09 23:14:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dell 600\Application Data\TS3Client
[2010/09/19 16:20:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dell 600\Application Data\vlc
[color=#A23BEC]< %APPDATA%\*.exe /s >[/color]
[2011/03/13 21:17:14 | 000,135,680 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\Dell 600\Application Data\Microsoft\Notification de cadeaux MSN\lsnfier.exe
[2011/03/13 21:17:15 | 000,086,576 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\Dell 600\Application Data\Microsoft\Services Windows Live\Raccourci Galerie de Photos Windows Live.exe
[2011/03/13 21:17:15 | 000,132,672 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\Dell 600\Application Data\Microsoft\Services Windows Live\Raccourci Windows Live Messenger.exe
[2005/02/13 04:03:33 | 000,826,856 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\Dell 600\Application Data\MSNInstaller\msnauins.exe
[color=#A23BEC]< %temp%\.exe /s >[/color]
[color=#A23BEC]< %SYSTEMDRIVE%\*.exe >[/color]
[2010/05/13 09:58:04 | 004,245,448 | ---- | M] (SmartTweak Software ) -- C:\Artec.exe
[2010/08/11 09:00:48 | 008,580,264 | ---- | M] (Softinterface, Inc. ) -- C:\CONVERTION.EXE
[2010/06/05 09:35:52 | 003,479,328 | ---- | M] (Acro Software Inc. ) -- C:\CuteWriter.exe
[2010/09/26 18:36:00 | 001,514,728 | ---- | M] (LULU Software) -- C:\FIXIO_PC_Cleaner_2010_Installer.exe
[2011/02/07 11:15:41 | 008,358,545 | ---- | M] (GVAO Software) -- C:\Gestion Commerciale.exe
[2011/02/07 12:15:27 | 000,669,637 | ---- | M] () -- C:\Gestion Flandrealliage.exe
[2010/06/06 18:02:23 | 001,794,920 | ---- | M] (Microsoft Corporation) -- C:\Installation_WLMessenger2009.exe
[2010/05/22 09:00:01 | 022,484,672 | ---- | M] (Macrovision Corporation) -- C:\JawsPDFCreatorFr.exe
[2010/09/26 11:51:03 | 005,741,512 | ---- | M] (SPAMfighter ApS) -- C:\spywarefighter.exe
[2010/05/13 09:24:29 | 004,245,448 | ---- | M] (SmartTweak Software ) -- C:\UpdateMyDrivers.exe
[2010/06/12 11:00:56 | 397,305,761 | ---- | M] (Framakey.org) -- C:\Word.exe
[2010/06/12 10:08:27 | 025,746,416 | ---- | M] (Microsoft Corporation) -- C:\wordview_fr-fr.exe
[color=#A23BEC]< %systemroot%\*. /mp /s >[/color]
[color=#A23BEC]< %systemroot%\system32\*.dll /lockedfiles >[/color]
[color=#A23BEC]< %systemroot%\Tasks\*.job /lockedfiles >[/color]
[color=#A23BEC]< %systemroot%\system32\drivers\*.sys /lockedfiles >[/color]
[color=#A23BEC]< %systemroot%\System32\config\*.sav >[/color]
[2003/12/15 21:33:26 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2003/12/15 21:33:26 | 000,663,552 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2003/12/15 21:33:26 | 000,434,176 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav
[color=#A23BEC]< MD5 for: EXPLORER.EXE >[/color]
[2004/08/05 12:00:00 | 001,036,288 | ---- | M] (Microsoft Corporation) MD5=4C33E5B9A6197B6ED215F6CFBA0A2DAA -- C:\WINDOWS\ERDNT\cache\explorer.exe
[2004/08/05 12:00:00 | 001,036,288 | ---- | M] (Microsoft Corporation) MD5=4C33E5B9A6197B6ED215F6CFBA0A2DAA -- C:\WINDOWS\explorer.exe
[2004/08/05 12:00:00 | 001,036,288 | ---- | M] (Microsoft Corporation) MD5=4C33E5B9A6197B6ED215F6CFBA0A2DAA -- C:\WINDOWS\system32\dllcache\explorer.exe
[2008/04/14 04:34:03 | 001,037,824 | ---- | M] (Microsoft Corporation) MD5=F2317622D29F9FF0F88AEECD5F60F0DD -- C:\WINDOWS\SoftwareDistribution\Download\327771f7f3830b5acec68906a2aac4ab\explorer.exe
[color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color]
[2004/08/05 12:00:00 | 000,506,368 | ---- | M] (Microsoft Corporation) MD5=D2DE785AEAB0BB8CA4C14A8A199DBE4E -- C:\WINDOWS\ERDNT\cache\winlogon.exe
[2004/08/05 12:00:00 | 000,506,368 | ---- | M] (Microsoft Corporation) MD5=D2DE785AEAB0BB8CA4C14A8A199DBE4E -- C:\WINDOWS\system32\dllcache\winlogon.exe
[2004/08/05 12:00:00 | 000,506,368 | ---- | M] (Microsoft Corporation) MD5=D2DE785AEAB0BB8CA4C14A8A199DBE4E -- C:\WINDOWS\system32\winlogon.exe
[2011/04/03 12:47:17 | 001,058,816 | ---- | M] () MD5=D8B187463605230E899977F633645715 -- C:\Documents and Settings\Dell 600\Mes documents\winlogon.exe
[2008/04/14 04:34:28 | 000,512,000 | ---- | M] (Microsoft Corporation) MD5=DD73D6B9F6B4CB630CF35B438B540174 -- C:\WINDOWS\SoftwareDistribution\Download\327771f7f3830b5acec68906a2aac4ab\winlogon.exe
[color=#A23BEC]< nslookup www.google.fr /c >[/color]
Serveur : UnKnown
Address: 192.168.1.1
Nom : www.l.google.com
Addresses: 209.85.229.99, 209.85.229.104, 209.85.229.147
Aliases: WWW.GOOGLE.FR, www.google.com
[color=#E56717]========== Alternate Data Streams ==========[/color]
@Alternate Data Stream - 97 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:50DD4118
< End of report >
OTL logfile created on: 03/04/2011 13:52:57 - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Documents and Settings\Dell 600\Mes documents
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy
511,00 Mb Total Physical Memory | 71,00 Mb Available Physical Memory | 14,00% Memory free
1,00 Gb Paging File | 1,00 Gb Available in Paging File | 59,00% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 37,26 Gb Total Space | 26,32 Gb Free Space | 70,65% Space Free | Partition Type: NTFS
Drive E: | 491,55 Mb Total Space | 315,88 Mb Free Space | 64,26% Space Free | Partition Type: FAT
Computer Name: DELL-97FAC938B0 | User Name: Dell 600 | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
[color=#E56717]========== Processes (SafeList) ==========[/color]
PRC - [2011/04/03 13:52:01 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Dell 600\Mes documents\OTL.exe
PRC - [2011/04/01 23:20:19 | 000,943,472 | ---- | M] (Opera Software) -- C:\Program Files\Opera\opera.exe
PRC - [2011/03/28 15:41:14 | 001,910,152 | ---- | M] (LogMeIn Inc.) -- C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe
PRC - [2011/03/28 15:41:12 | 001,242,504 | ---- | M] (LogMeIn Inc.) -- C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
PRC - [2010/12/20 19:08:46 | 000,963,976 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
PRC - [2010/11/09 11:32:46 | 000,297,752 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgwdsvc.exe
PRC - [2010/05/14 12:44:46 | 000,248,552 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe
PRC - [2010/02/02 00:15:44 | 007,418,368 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\soffice.bin
PRC - [2010/02/02 00:15:40 | 007,424,000 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\soffice.exe
PRC - [2009/07/14 00:18:12 | 000,071,096 | ---- | M] () -- C:\Program Files\CDBurnerXP\NMSAccessU.exe
PRC - [2006/10/29 18:17:20 | 000,557,056 | ---- | M] (Motorola Inc.) -- C:\WINDOWS\sm56hlpr.exe
PRC - [2006/06/29 13:13:32 | 001,032,192 | ---- | M] (Dell Inc) -- C:\Program Files\Dell\QuickSet\quickset.exe
PRC - [2006/06/29 13:12:34 | 000,376,832 | ---- | M] (Dell Inc.) -- C:\Program Files\Dell\QuickSet\NicConfigSvc.exe
PRC - [2005/02/12 22:29:07 | 002,938,552 | ---- | M] () -- C:\Program Files\Pando Networks\Media Booster\PMB.exe
PRC - [2004/08/05 12:00:00 | 001,036,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2002/01/23 07:19:26 | 001,744,896 | ---- | M] () -- C:\ScanPanel\ScnPanel.exe
[color=#E56717]========== Modules (SafeList) ==========[/color]
MOD - [2011/04/03 13:52:01 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Dell 600\Mes documents\OTL.exe
MOD - [2006/06/29 13:13:50 | 000,073,728 | ---- | M] () -- C:\Program Files\Dell\QuickSet\dadkeyb.dll
MOD - [2004/08/05 12:00:00 | 001,050,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll
[color=#E56717]========== Win32 Services (SafeList) ==========[/color]
SRV - File not found [Disabled | Stopped] -- -- (HidServ)
SRV - [2011/03/28 15:41:12 | 001,242,504 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- C:\Program Files\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)
SRV - [2010/11/09 11:32:46 | 000,297,752 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG8\avgwdsvc.exe -- (avg8wd)
SRV - [2010/11/09 11:32:23 | 000,908,056 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Stopped] -- C:\Program Files\AVG\AVG8\avgemc.exe -- (avg8emc)
SRV - [2009/07/14 00:18:12 | 000,071,096 | ---- | M] () [Auto | Running] -- C:\Program Files\CDBurnerXP\NMSAccessU.exe -- (NMSAccessU)
SRV - [2006/06/29 13:12:34 | 000,376,832 | ---- | M] (Dell Inc.) [Auto | Running] -- C:\Program Files\Dell\QuickSet\NicConfigSvc.exe -- (NICCONFIGSVC)
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
DRV - [2010/11/09 11:33:17 | 000,027,784 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\WINDOWS\System32\Drivers\avgmfx86.sys -- (AvgMfx86)
DRV - [2010/11/09 11:33:16 | 000,335,240 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\avgldx86.sys -- (AvgLdx86)
DRV - [2010/11/09 11:33:07 | 000,108,552 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\avgtdix.sys -- (AvgTdiX)
DRV - [2010/11/09 11:32:22 | 000,012,552 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS\System32\Drivers\avgrkx86.sys -- (AvgRkx86)
DRV - [2010/02/03 15:56:56 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hamachi.sys -- (hamachi)
DRV - [2009/08/05 22:48:42 | 000,054,752 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\fssfltr_tdi.sys -- (fssfltr)
DRV - [2007/10/02 04:06:40 | 000,451,968 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\rt73.sys -- (RT73)
DRV - [2007/02/08 15:51:16 | 002,209,408 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\w29n51.sys -- (w29n51) Pilote de carte de connexion réseau Intel(R)
DRV - [2006/10/29 18:17:22 | 000,922,148 | ---- | M] (Motorola Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\smserial.sys -- (smserial)
DRV - [2006/10/12 10:28:42 | 000,604,928 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\BCMWL5.SYS -- (BCM43XX)
DRV - [2006/04/01 17:33:32 | 000,020,579 | ---- | M] (O2Micro) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ozscr.sys -- (O2SCBUS)
DRV - [2006/04/01 17:33:16 | 000,134,272 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\b57xp32.sys -- (b57w2k)
DRV - [2005/11/10 23:49:24 | 001,406,464 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2005/08/12 18:50:46 | 000,016,128 | ---- | M] (Dell Inc) [Kernel | System | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\APPDRV.SYS -- (APPDRV)
DRV - [2004/11/15 16:37:52 | 000,264,440 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\stac97.sys -- (STAC97) Audio Driver (WDM)
DRV - [2003/09/19 15:45:48 | 000,021,248 | ---- | M] (Padus, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pfc.sys -- (pfc)
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
[color=#E56717]========== Internet Explorer ==========[/color]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?gws_rd=ssl
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.google.com/?gws_rd=ssl
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://ww12.cherche.us
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = cherche.us
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://ww12.cherche.us{searchTerms}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = fr
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = D0 A4 C7 F2 98 EE CA 01 [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page_bak = https://www.google.com/?gws_rd=ssl
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
[color=#E56717]========== FireFox ==========[/color]
FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Ask.com"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "Bing"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "https://www.msn.com/fr-fr"
FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:2.1.1.20091029021655
FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:5.0.0.6778
FF - prefs.js..extensions.enabledItems: {3f963a5b-e555-4543-90e2-c3908898db71}:8.5.0.429
FF - prefs.js..extensions.enabledItems: {1d5287d1-8a92-0001-1f31-1cec198018d8}:2.0.20080718
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..oldKeyword: "data:text/plain,keyword.URL=https://fr.search.yahoo.com/web?fr=yff35awe"
FF - HKLM\software\mozilla\Firefox\Extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\Program Files\AVG\AVG8\Firefox [2010/11/10 14:06:21 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{1d5287d1-8a92-0001-1f31-1cec198018d8}: C:\Program Files\AVG\AVG8\ToolbarFF [2010/11/08 22:06:05 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/04/02 12:50:07 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/04/02 12:50:00 | 000,000,000 | ---D | M]
[2003/12/15 22:02:57 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Dell 600\Application Data\Mozilla\Extensions
[2011/04/02 12:52:21 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Dell 600\Application Data\Mozilla\Firefox\Profiles\vdp2bp6a.default\extensions
[2011/02/26 12:53:05 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Dell 600\Application Data\Mozilla\Firefox\Profiles\vdp2bp6a.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011/04/02 12:52:21 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Documents and Settings\Dell 600\Application Data\Mozilla\Firefox\Profiles\vdp2bp6a.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2011/03/13 21:17:14 | 000,002,650 | ---- | M] () -- C:\Documents and Settings\Dell 600\Application Data\Mozilla\Firefox\Profiles\vdp2bp6a.default\searchplugins\bing.xml
[2010/07/25 13:43:06 | 000,001,575 | ---- | M] () -- C:\Documents and Settings\Dell 600\Application Data\Mozilla\Firefox\Profiles\vdp2bp6a.default\searchplugins\cherche.xml
[2011/04/02 12:50:06 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011/04/02 12:50:00 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2010/12/10 11:57:47 | 000,000,000 | ---D | M] (Skype extension) -- C:\Program Files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
[2011/02/19 03:23:06 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2011/04/02 12:50:06 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\distribution\extensions
[2011/04/02 12:50:06 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Program Files\Mozilla Firefox\distribution\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
File not found (No name found) --
[2011/02/19 03:22:38 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2010/01/01 10:00:00 | 000,135,168 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\browsercomps.dll
[2011/02/19 03:22:38 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2003/12/15 21:07:12 | 000,072,960 | ---- | M] (Foxit Software Company) -- C:\Program Files\Mozilla Firefox\plugins\npFoxitReaderPlugin.dll
[2010/01/01 10:00:00 | 000,001,516 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazon-france.xml
[2010/01/01 10:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\bing.xml
[2010/01/01 10:00:00 | 000,001,822 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\cnrtl-tlfi-fr.xml
[2010/01/01 10:00:00 | 000,001,154 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-france.xml
[2005/02/13 04:09:28 | 000,000,615 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\pucuy.xml
[2010/01/01 10:00:00 | 000,001,426 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-fr.xml
[2010/01/01 10:00:00 | 000,000,956 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-france.xml
O1 HOSTS File: ([2010/10/11 23:17:19 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Programme d'aide de l'Assistant de connexion Windows Live) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (AVG Security Toolbar) - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\Program Files\AVG\AVG8\avgtoolbar.dll (AVG, Technologies CZ, s.r.o )
O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O3 - HKLM\..\Toolbar: (Easy-WebPrint) - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll ()
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\Program Files\AVG\AVG8\avgtoolbar.dll (AVG, Technologies CZ, s.r.o )
O3 - HKCU\..\Toolbar\WebBrowser: (AVG Security Toolbar) - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\Program Files\AVG\AVG8\avgtoolbar.dll (AVG, Technologies CZ, s.r.o )
O4 - HKLM..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe (Dell Inc)
O4 - HKLM..\Run: [Easy-PrintToolBox] C:\Program Files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE (CANON INC.)
O4 - HKLM..\Run: [KernelFaultCheck] File not found
O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
O4 - HKLM..\Run: [SMSERIAL] C:\WINDOWS\sm56hlpr.exe (Motorola Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
O4 - HKCU..\Run: [Pando Media Booster] C:\Program Files\Pando Networks\Media Booster\PMB.exe ()
O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\ScanPanel.lnk = C:\ScanPanel\ScnPanel.exe ()
O4 - Startup: C:\Documents and Settings\Dell 600\Menu Démarrer\Programmes\Démarrage\OpenOffice.org 3.2.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Easy-WebPrint Ajouter à la liste d'impressions - C:\Program Files\Canon\Easy-WebPrint\Resource.dll ()
O8 - Extra context menu item: Easy-WebPrint Impression rapide - C:\Program Files\Canon\Easy-WebPrint\Resource.dll ()
O8 - Extra context menu item: Easy-WebPrint Imprimer - C:\Program Files\Canon\Easy-WebPrint\Resource.dll ()
O8 - Extra context menu item: Easy-WebPrint Prévisualiser - C:\Program Files\Canon\Easy-WebPrint\Resource.dll ()
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O15 - HKCU\..Trusted Domains: chat-land.org ([]* in Trusted sites)
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab (Checkers Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab (MessengerStatsClient Class)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Fichiers communs\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O20 - Winlogon\Notify\avgrsstarter: DllName - avgrsstx.dll - C:\WINDOWS\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
O24 - Desktop Components:0 (Ma page d'accueil) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Dell 600\Application Data\Microsoft\Internet Explorer\Internet Explorer Wallpaper.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Dell 600\Application Data\Microsoft\Internet Explorer\Internet Explorer Wallpaper.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2003/12/15 20:45:06 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
NetSvcs: 6to4 - File not found
NetSvcs: HidServ - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found
MsConfig - StartUpReg: [b]AVG8_TRAY[/b] - hkey= - key= - C:\Program Files\AVG\AVG8\avgtray.exe (AVG Technologies CZ, s.r.o.)
MsConfig - StartUpReg: [b]DivXUpdate[/b] - hkey= - key= - C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
MsConfig - StartUpReg: [b]msnmsgr[/b] - hkey= - key= - C:\Program Files\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation)
MsConfig - StartUpReg: [b]Skype[/b] - hkey= - key= - C:\Program Files\Skype\Phone\Skype.exe (Skype Technologies S.A.)
MsConfig - StartUpReg: [b]UpdateMyDrivers[/b] - hkey= - key= - C:\Program Files\SmartTweak Software\UpdateMyDrivers\UpdateMyDrivers.exe ()
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: sermouse.sys - Driver
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vga.sys - Driver
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: Hamachi2Svc - C:\Program Files\LogMeIn Hamachi\hamachi-2.exe (LogMeIn Inc.)
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: sermouse.sys - Driver
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vga.sys - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Rendu VML (Vector Graphics Rendering)
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4
ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Liaison de données Dynamic HTML pour Java
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe
ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Création avancée
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - Classes Java DirectAnimation
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.8
ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser
ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7131646D-CD3C-40F4-97B9-CD9E4E6262EF} - .NET Framework
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - c:\WINDOWS\system32\Rundll32.exe c:\WINDOWS\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {ACC563BC-4266-43f0-B6ED-9D38C4202C7E} -
ActiveX: {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} - .NET Framework
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Planificateur de tâches
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exe
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\WINDOWS\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE
ActiveX: >{DFB17AA8-042A-429D-987C-26CE244A4189} - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
Drivers32: msacm.ac3acm - C:\WINDOWS\System32\ac3acm.acm (fccHandler)
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.lameacm - C:\WINDOWS\System32\lameACM.acm (http://www.mp3dev.org/
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\WINDOWS\System32\DivX.dll (DivX, Inc.)
Drivers32: VIDC.FFDS - C:\WINDOWS\System32\ff_vfw.dll ()
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: VIDC.XVID - C:\WINDOWS\System32\xvidvfw.dll ()
Drivers32: VIDC.YV12 - C:\WINDOWS\System32\DivX.dll (DivX, Inc.)
Unable to start service SrService!
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
[2011/04/03 13:52:01 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Dell 600\Mes documents\OTL.exe
[2011/04/03 12:47:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dell 600\Mes documents\RK_Quarantine
[2011/04/03 10:13:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\oKf31001jFhKl31001
[2011/04/03 01:35:49 | 000,000,000 | ---D | C] -- C:\Program Files\LogMeIn Hamachi
[2011/04/03 01:35:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\LogMeIn Hamachi
[2011/03/28 19:37:25 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Dell 600\Recent
[2011/03/13 21:17:15 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Dell 600\Bureau\Services Windows Live
[2011/03/13 21:16:58 | 001,794,920 | ---- | C] (Microsoft Corporation) -- C:\Documents and Settings\Dell 600\Mes documents\Installation_WLMessenger2009.exe
[2011/03/13 20:10:33 | 001,243,496 | ---- | C] (Microsoft Corporation) -- C:\Documents and Settings\Dell 600\Mes documents\wlsetup-web.exe
[2010/08/11 13:08:01 | 000,018,120 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\ArtecPro.sys
[2010/05/08 09:17:40 | 000,018,944 | ---- | C] ( ) -- C:\WINDOWS\System32\implode.DLL
[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\Documents and Settings\Dell 600\*.tmp files -> C:\Documents and Settings\Dell 600\*.tmp -> ]
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
[2011/04/03 13:52:01 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Dell 600\Mes documents\OTL.exe
[2011/04/03 13:41:16 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/04/03 13:40:24 | 000,001,198 | ---- | M] () -- C:\WINDOWS\ScnPanel.ini
[2011/04/03 13:40:06 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/04/03 12:47:17 | 001,058,816 | ---- | M] () -- C:\Documents and Settings\Dell 600\Mes documents\winlogon.exe
[2011/04/03 12:45:42 | 001,058,816 | ---- | M] () -- C:\Documents and Settings\Dell 600\Bureau\winlogon.exe.exe
[2011/04/03 12:40:56 | 001,228,854 | ---- | M] () -- C:\fsqwr.bmp
[2011/04/02 19:29:42 | 000,002,265 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Skype.lnk
[2011/04/02 12:50:09 | 000,000,742 | ---- | M] () -- C:\Documents and Settings\Dell 600\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2011/04/02 12:50:09 | 000,000,724 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Mozilla Firefox.lnk
[2011/04/01 23:35:35 | 000,000,858 | ---- | M] () -- C:\Documents and Settings\Dell 600\Bureau\Raccourci vers tw_focus_ok.user.lnk
[2011/04/01 23:20:58 | 000,001,510 | ---- | M] () -- C:\Documents and Settings\Dell 600\Application Data\Microsoft\Internet Explorer\Quick Launch\Opera.lnk
[2011/04/01 23:20:57 | 000,001,492 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Opera.lnk
[2011/04/01 23:14:54 | 000,000,331 | ---- | M] () -- C:\Documents and Settings\Dell 600\Mes documents\tw_focus_ok.user.js
[2011/03/31 22:18:38 | 000,297,726 | ---- | M] () -- C:\Documents and Settings\Dell 600\Mes documents\Sans nom 1.odt
[2011/03/28 15:40:12 | 000,007,808 | ---- | M] () -- C:\Documents and Settings\Dell 600\Mes documents\Zeus-greek-mythology-god-of-the-gods.jpg
[2011/03/22 12:37:36 | 000,023,904 | ---- | M] () -- C:\Documents and Settings\Dell 600\Mes documents\1902AU02032011.PDF
[2011/03/22 11:45:31 | 000,023,881 | ---- | M] () -- C:\Documents and Settings\Dell 600\Mes documents\12AU17032011.PDF
[2011/03/20 07:55:34 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011/03/19 09:22:21 | 000,000,412 | ---- | M] () -- C:\Documents and Settings\Dell 600\Mes documents\spider.sav
[2011/03/18 10:01:35 | 000,023,891 | ---- | M] () -- C:\Documents and Settings\Dell 600\Mes documents\SECU03AU11032011.PDF
[2011/03/14 20:32:07 | 000,412,062 | ---- | M] () -- C:\Documents and Settings\Dell 600\Mes documents\rapport de stage, roman.odt
[2011/03/14 18:38:49 | 000,003,199 | ---- | M] () -- C:\WINDOWS\Ausba5.ini
[2011/03/14 14:48:19 | 000,114,894 | ---- | M] () -- C:\Documents and Settings\Dell 600\Mes documents\OXYMETAL.BMP
[2011/03/14 14:44:56 | 000,000,569 | ---- | M] () -- C:\WINDOWS\ULEAD32.INI
[2011/03/13 21:17:16 | 000,001,194 | ---- | M] () -- C:\Documents and Settings\Dell 600\Bureau\Aller sur MSN.fr.lnk
[2011/03/13 21:17:07 | 001,794,920 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\Dell 600\Mes documents\Installation_WLMessenger2009.exe
[2011/03/13 20:10:42 | 001,243,496 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\Dell 600\Mes documents\wlsetup-web.exe
[2011/03/10 11:26:12 | 000,023,904 | ---- | M] () -- C:\Documents and Settings\Dell 600\Mes documents\SECU1902AU02032011.PDF
[2011/03/10 11:24:27 | 000,024,539 | ---- | M] () -- C:\Documents and Settings\Dell 600\Mes documents\SECU DU 07 AU 180211.PDF
[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\Documents and Settings\Dell 600\*.tmp files -> C:\Documents and Settings\Dell 600\*.tmp -> ]
[color=#E56717]========== Files Created - No Company Name ==========[/color]
[2011/04/03 12:47:17 | 001,058,816 | ---- | C] () -- C:\Documents and Settings\Dell 600\Mes documents\winlogon.exe
[2011/04/03 12:40:44 | 001,058,816 | ---- | C] () -- C:\Documents and Settings\Dell 600\Bureau\winlogon.exe.exe
[2011/04/03 10:50:04 | 001,228,854 | ---- | C] () -- C:\fsqwr.bmp
[2011/04/02 12:50:09 | 000,000,730 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Mozilla Firefox.lnk
[2011/04/01 23:35:35 | 000,000,858 | ---- | C] () -- C:\Documents and Settings\Dell 600\Bureau\Raccourci vers tw_focus_ok.user.lnk
[2011/04/01 23:20:58 | 000,001,510 | ---- | C] () -- C:\Documents and Settings\Dell 600\Application Data\Microsoft\Internet Explorer\Quick Launch\Opera.lnk
[2011/04/01 23:20:57 | 000,001,498 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Opera.lnk
[2011/04/01 23:20:57 | 000,001,492 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Opera.lnk
[2011/04/01 23:14:52 | 000,000,331 | ---- | C] () -- C:\Documents and Settings\Dell 600\Mes documents\tw_focus_ok.user.js
[2011/03/31 22:13:14 | 000,297,726 | ---- | C] () -- C:\Documents and Settings\Dell 600\Mes documents\Sans nom 1.odt
[2011/03/28 15:38:49 | 000,007,808 | ---- | C] () -- C:\Documents and Settings\Dell 600\Mes documents\Zeus-greek-mythology-god-of-the-gods.jpg
[2011/03/22 12:37:55 | 000,023,904 | ---- | C] () -- C:\Documents and Settings\Dell 600\Mes documents\1902AU02032011.PDF
[2011/03/22 11:45:48 | 000,023,881 | ---- | C] () -- C:\Documents and Settings\Dell 600\Mes documents\12AU17032011.PDF
[2011/03/18 10:02:08 | 000,023,891 | ---- | C] () -- C:\Documents and Settings\Dell 600\Mes documents\SECU03AU11032011.PDF
[2011/03/14 14:48:19 | 000,114,894 | ---- | C] () -- C:\Documents and Settings\Dell 600\Mes documents\OXYMETAL.BMP
[2011/03/13 21:17:16 | 000,001,194 | ---- | C] () -- C:\Documents and Settings\Dell 600\Bureau\Aller sur MSN.fr.lnk
[2011/03/10 11:26:40 | 000,023,904 | ---- | C] () -- C:\Documents and Settings\Dell 600\Mes documents\SECU1902AU02032011.PDF
[2011/03/10 11:25:27 | 000,024,539 | ---- | C] () -- C:\Documents and Settings\Dell 600\Mes documents\SECU DU 07 AU 180211.PDF
[2011/02/20 18:06:02 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010/10/11 20:48:59 | 000,000,048 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2010/08/11 09:01:44 | 001,802,240 | ---- | C] () -- C:\WINDOWS\System32\beconvlib.dll
[2010/08/11 09:01:44 | 000,282,624 | ---- | C] () -- C:\WINDOWS\System32\bprgcomm.dll
[2010/08/11 09:01:44 | 000,131,072 | ---- | C] () -- C:\WINDOWS\System32\CSVSpecialProcessing.dll
[2010/08/11 09:01:43 | 000,221,184 | ---- | C] () -- C:\WINDOWS\System32\SII_PDF.dll
[2010/08/11 09:01:43 | 000,098,304 | ---- | C] () -- C:\WINDOWS\System32\DVM.dll
[2010/08/11 09:01:43 | 000,000,530 | ---- | C] () -- C:\WINDOWS\System32\tx151ic.ini
[2010/08/11 09:01:42 | 000,102,400 | ---- | C] () -- C:\WINDOWS\System32\SARzilla.dll
[2010/08/11 09:01:42 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\RegisterExe.exe
[2010/07/24 12:44:29 | 000,000,000 | ---- | C] () -- C:\WINDOWS\OpPrintServer.INI
[2010/07/24 12:35:57 | 000,007,680 | ---- | C] () -- C:\WINDOWS\System32\CNMVS5y.DLL
[2010/07/11 19:02:01 | 000,045,056 | R--- | C] () -- C:\WINDOWS\GetKey5.dll
[2010/07/11 19:02:00 | 000,167,936 | R--- | C] () -- C:\WINDOWS\A5.dll
[2010/06/22 16:39:13 | 000,005,632 | ---- | C] () -- C:\Documents and Settings\Dell 600\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/06/05 09:36:35 | 000,087,552 | ---- | C] () -- C:\WINDOWS\System32\cpwmon2k.dll
[2010/05/30 15:10:52 | 000,061,440 | ---- | C] () -- C:\WINDOWS\1200White.dat
[2010/05/30 15:10:47 | 000,061,440 | ---- | C] () -- C:\WINDOWS\1200Dark.dat
[2010/05/30 15:10:41 | 000,000,006 | ---- | C] () -- C:\WINDOWS\1200Expou.dat
[2010/05/30 15:10:41 | 000,000,003 | ---- | C] () -- C:\WINDOWS\1200Offsetu.dat
[2010/05/30 15:10:41 | 000,000,003 | ---- | C] () -- C:\WINDOWS\1200Gain6.dat
[2010/05/30 14:27:43 | 000,011,612 | ---- | C] () -- C:\WINDOWS\Dusb5ar.ini
[2010/05/30 14:27:43 | 000,003,199 | ---- | C] () -- C:\WINDOWS\Ausba5.ini
[2010/05/30 14:27:43 | 000,001,198 | ---- | C] () -- C:\WINDOWS\ScnPanel.ini
[2010/05/30 14:27:24 | 000,167,936 | ---- | C] () -- C:\WINDOWS\Ausba5.dll
[2010/05/30 14:27:20 | 000,001,608 | ---- | C] () -- C:\WINDOWS\ePro300.ini
[2010/05/08 09:18:57 | 000,014,058 | ---- | C] () -- C:\WINDOWS\System32\SXHODL.DLL
[2010/05/08 09:18:57 | 000,011,322 | ---- | C] () -- C:\WINDOWS\System32\TTFOX32.DLL
[2010/05/08 09:18:56 | 000,009,744 | ---- | C] () -- C:\WINDOWS\System32\SSTBS32.DLL
[2010/05/08 09:18:56 | 000,000,045 | ---- | C] () -- C:\WINDOWS\System32\QDVARV6.INI
[2010/05/08 09:17:50 | 000,000,073 | ---- | C] () -- C:\WINDOWS\QD-INSTALL.INI
[2010/05/08 09:17:43 | 000,000,301 | ---- | C] () -- C:\WINDOWS\System32\QdwinV6.INI
[2010/05/08 09:17:41 | 000,243,712 | ---- | C] () -- C:\WINDOWS\System32\Tx32.dll
[2010/05/08 09:17:40 | 000,000,034 | ---- | C] () -- C:\WINDOWS\System32\QDSCRIBE.INI
[2010/05/08 09:17:39 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\Sklnk32.dll
[2009/08/22 15:39:45 | 000,069,632 | ---- | C] () -- C:\WINDOWS\sm56spn.dll
[2009/08/22 15:39:45 | 000,069,632 | ---- | C] () -- C:\WINDOWS\sm56itl.dll
[2009/08/22 15:39:45 | 000,061,440 | ---- | C] () -- C:\WINDOWS\sm56ger.dll
[2009/08/22 15:39:45 | 000,053,248 | ---- | C] () -- C:\WINDOWS\sm56jpn.dll
[2009/08/22 15:39:44 | 000,069,632 | ---- | C] () -- C:\WINDOWS\sm56eng.dll
[2009/08/22 15:39:44 | 000,069,632 | ---- | C] () -- C:\WINDOWS\sm56brz.dll
[2009/08/22 15:39:44 | 000,061,440 | ---- | C] () -- C:\WINDOWS\sm56fra.dll
[2009/08/22 15:39:44 | 000,049,152 | ---- | C] () -- C:\WINDOWS\sm56cht.dll
[2009/08/22 15:39:44 | 000,049,152 | ---- | C] () -- C:\WINDOWS\sm56chs.dll
[2009/08/22 15:37:35 | 000,233,472 | ---- | C] () -- C:\WINDOWS\System32\cmirmdrv.exe
[2009/08/22 15:37:35 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\cmirmdrv.dll
[2005/03/29 01:22:59 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2005/03/29 01:22:59 | 000,004,627 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2005/02/13 04:59:52 | 000,000,569 | ---- | C] () -- C:\WINDOWS\ULEAD32.INI
[2004/08/05 12:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2004/08/05 12:00:00 | 000,501,470 | ---- | C] () -- C:\WINDOWS\System32\perfh00C.dat
[2004/08/05 12:00:00 | 000,433,004 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2004/08/05 12:00:00 | 000,322,810 | ---- | C] () -- C:\WINDOWS\System32\perfi00C.dat
[2004/08/05 12:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2004/08/05 12:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2004/08/05 12:00:00 | 000,081,294 | ---- | C] () -- C:\WINDOWS\System32\perfc00C.dat
[2004/08/05 12:00:00 | 000,067,960 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2004/08/05 12:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2004/08/05 12:00:00 | 000,034,108 | ---- | C] () -- C:\WINDOWS\System32\perfd00C.dat
[2004/08/05 12:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2004/08/05 12:00:00 | 000,027,440 | ---- | C] () -- C:\WINDOWS\System32\drivers\secdrv.sys
[2004/08/05 12:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004/08/05 12:00:00 | 000,001,788 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin
[2004/08/05 12:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2003/12/15 22:17:45 | 000,104,376 | ---- | C] () -- C:\WINDOWS\System32\atiicdxx.dat
[2003/12/15 22:02:49 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2003/12/15 22:01:53 | 000,000,004 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\QSLLPSVCShare
[2003/12/15 21:35:36 | 000,004,205 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2003/12/15 21:34:22 | 000,200,936 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2003/12/15 21:07:47 | 000,168,448 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2003/12/15 21:07:46 | 000,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini
[2003/12/15 21:07:44 | 000,881,664 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2003/12/15 21:07:44 | 000,205,824 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2003/12/15 21:07:43 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2003/12/15 21:07:42 | 000,085,504 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2003/12/15 20:48:55 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2003/12/15 20:41:32 | 000,021,892 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[1997/06/14 12:56:08 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\iyvu9_32.dll
[1996/04/03 21:33:26 | 000,005,248 | ---- | C] () -- C:\WINDOWS\System32\giveio.sys
[color=#E56717]========== Custom Scans ==========[/color]
[color=#A23BEC]< %ALLUSERSPROFILE%\Application Data\*. >[/color]
[2010/05/08 20:36:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\2DBoy
[2011/02/16 11:15:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\avg7
[2011/02/09 11:01:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\avg8
[2010/06/22 13:08:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DivX
[2010/05/13 08:51:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Driver Whiz
[2010/11/22 20:43:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Google
[2010/09/26 21:34:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2010/10/07 23:03:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\McAfee
[2010/06/05 06:47:40 | 000,000,000 | --SD | M] -- C:\Documents and Settings\All Users\Application Data\Microsoft
[2011/04/03 13:37:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\oKf31001jFhKl31001
[2005/02/12 22:29:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PMB Files
[2010/12/10 11:55:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Skype
[2010/06/07 11:44:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sun
[2010/05/09 11:51:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2010/10/12 16:16:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Trymedia
[2010/05/15 08:25:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
[2010/06/08 20:31:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WinZip
[2010/11/22 19:47:55 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\~0
[color=#A23BEC]< %ALLUSERSPROFILE%\Application Data\*.exe /s >[/color]
[2010/05/07 15:47:34 | 002,833,085 | ---- | M] (SmartTweak Software ) -- C:\Documents and Settings\All Users\Application Data\~0\UpdateMyDrivers.exe
[2010/06/22 13:05:21 | 000,056,969 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\ASPEncoder\Uninstaller.exe
[2010/06/22 13:05:52 | 000,057,409 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\ControlPanel\Uninstaller.exe
[2010/06/22 13:06:12 | 000,054,128 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\Converter\Uninstaller.exe
[2010/06/22 13:06:14 | 000,054,153 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\DFXPlugin\Uninstaller.exe
[2010/06/22 13:06:16 | 000,056,458 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\DivXDecoderShortcut\Uninstaller.exe
[2010/06/22 13:07:47 | 000,056,765 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\DivXPlusShortcuts\Uninstaller.exe
[2010/06/22 13:06:16 | 000,054,174 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\DSAACDecoder\Uninstaller.exe
[2010/06/22 13:06:19 | 000,057,532 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\DSASPDecoder\Uninstaller.exe
[2010/06/22 13:06:20 | 000,054,166 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\DSAVCDecoder\Uninstaller.exe
[2010/06/22 13:06:22 | 000,057,054 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\DSDesktopComponents\Uninstaller.exe
[2010/06/22 13:05:53 | 000,054,101 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\MPEG2Plugin\Uninstaller.exe
[2010/06/22 13:05:50 | 000,052,963 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\MSVC80CRTRedist\Uninstaller.exe
[2010/06/22 13:07:36 | 000,057,715 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\Player\Uninstaller.exe
[2010/06/22 13:05:31 | 000,054,073 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\Qt4.5\Uninstaller.exe
[2010/06/22 12:59:20 | 000,895,256 | ---- | M] (DivX, Inc. ) -- C:\Documents and Settings\All Users\Application Data\DivX\Setup\DivXSetup.exe
[2010/06/22 13:06:09 | 000,054,644 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\TranscodeEngine\Uninstaller.exe
[2010/06/22 13:06:36 | 000,084,062 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\TransferWizard\Uninstaller.exe
[2010/06/22 13:07:37 | 000,053,600 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\Update\Uninstaller.exe
[2010/06/22 13:07:46 | 000,056,997 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\WebPlayer\Uninstaller.exe
[color=#A23BEC]< %APPDATA%\*. >[/color]
[2003/12/15 22:03:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dell 600\Application Data\Adobe
[2010/11/22 09:55:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dell 600\Application Data\AVGTOOLBAR
[2010/05/08 10:00:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dell 600\Application Data\Canneverbe_Limited
[2010/09/11 08:34:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dell 600\Application Data\DF Express
[2011/01/19 15:38:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dell 600\Application Data\DivX
[2010/09/19 14:46:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dell 600\Application Data\dvdcss
[2003/12/15 21:07:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dell 600\Application Data\Foxit
[2011/01/09 22:42:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dell 600\Application Data\gtk-2.0
[2010/08/03 10:26:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dell 600\Application Data\Help
[2003/12/15 20:51:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dell 600\Application Data\Identities
[2003/12/15 22:03:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dell 600\Application Data\Macromedia
[2010/09/26 21:34:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dell 600\Application Data\Malwarebytes
[2010/10/13 11:21:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dell 600\Application Data\Media Player Classic
[2011/03/13 21:17:14 | 000,000,000 | --SD | M] -- C:\Documents and Settings\Dell 600\Application Data\Microsoft
[2003/12/15 22:02:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dell 600\Application Data\Mozilla
[2005/02/13 04:03:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dell 600\Application Data\MSNInstaller
[2010/06/07 11:51:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dell 600\Application Data\OpenOffice.org
[2010/08/09 22:34:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dell 600\Application Data\Opera
[2010/06/08 20:35:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dell 600\Application Data\PeaZip
[2010/05/08 09:58:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dell 600\Application Data\Quick Devis
[2010/05/05 07:25:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dell 600\Application Data\Real
[2011/04/03 01:32:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dell 600\Application Data\Skype
[2011/04/03 00:00:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dell 600\Application Data\skypePM
[2010/05/08 16:51:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dell 600\Application Data\Sun
[2011/02/19 03:24:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dell 600\Application Data\SystemRequirementsLab
[2011/01/09 23:14:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dell 600\Application Data\TS3Client
[2010/09/19 16:20:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dell 600\Application Data\vlc
[color=#A23BEC]< %APPDATA%\*.exe /s >[/color]
[2011/03/13 21:17:14 | 000,135,680 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\Dell 600\Application Data\Microsoft\Notification de cadeaux MSN\lsnfier.exe
[2011/03/13 21:17:15 | 000,086,576 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\Dell 600\Application Data\Microsoft\Services Windows Live\Raccourci Galerie de Photos Windows Live.exe
[2011/03/13 21:17:15 | 000,132,672 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\Dell 600\Application Data\Microsoft\Services Windows Live\Raccourci Windows Live Messenger.exe
[2005/02/13 04:03:33 | 000,826,856 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\Dell 600\Application Data\MSNInstaller\msnauins.exe
[color=#A23BEC]< %temp%\.exe /s >[/color]
[color=#A23BEC]< %SYSTEMDRIVE%\*.exe >[/color]
[2010/05/13 09:58:04 | 004,245,448 | ---- | M] (SmartTweak Software ) -- C:\Artec.exe
[2010/08/11 09:00:48 | 008,580,264 | ---- | M] (Softinterface, Inc. ) -- C:\CONVERTION.EXE
[2010/06/05 09:35:52 | 003,479,328 | ---- | M] (Acro Software Inc. ) -- C:\CuteWriter.exe
[2010/09/26 18:36:00 | 001,514,728 | ---- | M] (LULU Software) -- C:\FIXIO_PC_Cleaner_2010_Installer.exe
[2011/02/07 11:15:41 | 008,358,545 | ---- | M] (GVAO Software) -- C:\Gestion Commerciale.exe
[2011/02/07 12:15:27 | 000,669,637 | ---- | M] () -- C:\Gestion Flandrealliage.exe
[2010/06/06 18:02:23 | 001,794,920 | ---- | M] (Microsoft Corporation) -- C:\Installation_WLMessenger2009.exe
[2010/05/22 09:00:01 | 022,484,672 | ---- | M] (Macrovision Corporation) -- C:\JawsPDFCreatorFr.exe
[2010/09/26 11:51:03 | 005,741,512 | ---- | M] (SPAMfighter ApS) -- C:\spywarefighter.exe
[2010/05/13 09:24:29 | 004,245,448 | ---- | M] (SmartTweak Software ) -- C:\UpdateMyDrivers.exe
[2010/06/12 11:00:56 | 397,305,761 | ---- | M] (Framakey.org) -- C:\Word.exe
[2010/06/12 10:08:27 | 025,746,416 | ---- | M] (Microsoft Corporation) -- C:\wordview_fr-fr.exe
[color=#A23BEC]< %systemroot%\*. /mp /s >[/color]
[color=#A23BEC]< %systemroot%\system32\*.dll /lockedfiles >[/color]
[color=#A23BEC]< %systemroot%\Tasks\*.job /lockedfiles >[/color]
[color=#A23BEC]< %systemroot%\system32\drivers\*.sys /lockedfiles >[/color]
[color=#A23BEC]< %systemroot%\System32\config\*.sav >[/color]
[2003/12/15 21:33:26 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2003/12/15 21:33:26 | 000,663,552 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2003/12/15 21:33:26 | 000,434,176 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav
[color=#A23BEC]< MD5 for: EXPLORER.EXE >[/color]
[2004/08/05 12:00:00 | 001,036,288 | ---- | M] (Microsoft Corporation) MD5=4C33E5B9A6197B6ED215F6CFBA0A2DAA -- C:\WINDOWS\ERDNT\cache\explorer.exe
[2004/08/05 12:00:00 | 001,036,288 | ---- | M] (Microsoft Corporation) MD5=4C33E5B9A6197B6ED215F6CFBA0A2DAA -- C:\WINDOWS\explorer.exe
[2004/08/05 12:00:00 | 001,036,288 | ---- | M] (Microsoft Corporation) MD5=4C33E5B9A6197B6ED215F6CFBA0A2DAA -- C:\WINDOWS\system32\dllcache\explorer.exe
[2008/04/14 04:34:03 | 001,037,824 | ---- | M] (Microsoft Corporation) MD5=F2317622D29F9FF0F88AEECD5F60F0DD -- C:\WINDOWS\SoftwareDistribution\Download\327771f7f3830b5acec68906a2aac4ab\explorer.exe
[color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color]
[2004/08/05 12:00:00 | 000,506,368 | ---- | M] (Microsoft Corporation) MD5=D2DE785AEAB0BB8CA4C14A8A199DBE4E -- C:\WINDOWS\ERDNT\cache\winlogon.exe
[2004/08/05 12:00:00 | 000,506,368 | ---- | M] (Microsoft Corporation) MD5=D2DE785AEAB0BB8CA4C14A8A199DBE4E -- C:\WINDOWS\system32\dllcache\winlogon.exe
[2004/08/05 12:00:00 | 000,506,368 | ---- | M] (Microsoft Corporation) MD5=D2DE785AEAB0BB8CA4C14A8A199DBE4E -- C:\WINDOWS\system32\winlogon.exe
[2011/04/03 12:47:17 | 001,058,816 | ---- | M] () MD5=D8B187463605230E899977F633645715 -- C:\Documents and Settings\Dell 600\Mes documents\winlogon.exe
[2008/04/14 04:34:28 | 000,512,000 | ---- | M] (Microsoft Corporation) MD5=DD73D6B9F6B4CB630CF35B438B540174 -- C:\WINDOWS\SoftwareDistribution\Download\327771f7f3830b5acec68906a2aac4ab\winlogon.exe
[color=#A23BEC]< nslookup www.google.fr /c >[/color]
Serveur : UnKnown
Address: 192.168.1.1
Nom : www.l.google.com
Addresses: 209.85.229.99, 209.85.229.104, 209.85.229.147
Aliases: WWW.GOOGLE.FR, www.google.com
[color=#E56717]========== Alternate Data Streams ==========[/color]
@Alternate Data Stream - 97 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:50DD4118
< End of report >
Malekal_morte-
Messages postés
180304
Date d'inscription
mercredi 17 mai 2006
Statut
Modérateur, Contributeur sécurité
Dernière intervention
15 décembre 2020
24 629
3 avril 2011 à 15:32
3 avril 2011 à 15:32
Ca semble correct.
Fais plus attention à l'avenir....
Maintiens tes logiciel à jour c'est important, utilise ce programme : /faq/13362-mettre-a-jour-son-pc-contre-les-failles-de-securite
Absolument à faire.
Les antivirus ne font pas tout en ce qui concerne la sécurité de ta machine (mettre à jour ses logiciels etc etc)
La meilleur protection reste de connaître les infections pour pouvoir les éviter et avoir de bonne habitude.
Donc faut se documenter.
Un peu de lecture pour éviter les infections :
- connaitre et éviter les infections : https://www.malekal.com/fichiers/projetantimalwares/ProjetAntiMalware-courte.pdf
- sécuriser son PC : http://forum.malekal.com/comment-securiser-son-ordinateur.html
- lire : http://www.commentcamarche.net/faq/27128-malwares-quels-enjeux-version-synthese
Ce qu'il ne faut pas faire :
Je télécharge n'importe quoi - je m'infecte :
https://forums.commentcamarche.net/forum/affich-19719198-onglets-pub-intempestifs#14
https://forums.commentcamarche.net/forum/affich-18347759-le-nouveau-avast-sonne-trop-souvent#9
Je télécharge depuis n'importe où - je m'infecte : https://forums.commentcamarche.net/forum/affich-19916973-clickpotato-vlc-virus#6
Recommandations sur la sécurité : https://forums.commentcamarche.net/forum/affich-18680013-windows-7-et-antispyware#1
Fonctionnement de quelques catégories de malwares :
https://forums.commentcamarche.net/forum/affich-17725521-virus-programme-troyen
https://forums.commentcamarche.net/forum/affich-17746390-concernant-la-propagation-des-virus
Si tu as des questions sur le fonctionement des malwares.
N'hésite pas.
Fais plus attention à l'avenir....
Maintiens tes logiciel à jour c'est important, utilise ce programme : /faq/13362-mettre-a-jour-son-pc-contre-les-failles-de-securite
Absolument à faire.
Les antivirus ne font pas tout en ce qui concerne la sécurité de ta machine (mettre à jour ses logiciels etc etc)
La meilleur protection reste de connaître les infections pour pouvoir les éviter et avoir de bonne habitude.
Donc faut se documenter.
Un peu de lecture pour éviter les infections :
- connaitre et éviter les infections : https://www.malekal.com/fichiers/projetantimalwares/ProjetAntiMalware-courte.pdf
- sécuriser son PC : http://forum.malekal.com/comment-securiser-son-ordinateur.html
- lire : http://www.commentcamarche.net/faq/27128-malwares-quels-enjeux-version-synthese
Ce qu'il ne faut pas faire :
Je télécharge n'importe quoi - je m'infecte :
https://forums.commentcamarche.net/forum/affich-19719198-onglets-pub-intempestifs#14
https://forums.commentcamarche.net/forum/affich-18347759-le-nouveau-avast-sonne-trop-souvent#9
Je télécharge depuis n'importe où - je m'infecte : https://forums.commentcamarche.net/forum/affich-19916973-clickpotato-vlc-virus#6
Recommandations sur la sécurité : https://forums.commentcamarche.net/forum/affich-18680013-windows-7-et-antispyware#1
Fonctionnement de quelques catégories de malwares :
https://forums.commentcamarche.net/forum/affich-17725521-virus-programme-troyen
https://forums.commentcamarche.net/forum/affich-17746390-concernant-la-propagation-des-virus
Si tu as des questions sur le fonctionement des malwares.
N'hésite pas.
Bonjour,
j'avais ce foutu logiciel ms removal, et je vous confirme qu'avec rogue killer (RK) on peut le supprimer, du moins sur Windows Vista Basic, avec un pc qui rame à mort.
-Télécharger RK
-Renommer en Winlogon
-Double-clic + éxecuter
-Un page s'ouvre, attendre le scannage, taper 2 + entrée
-Vous réjouir de voir votre ordi refonctionner.
Merci aux développeurs de RK !
PS : voilà le "RKreport" de RK après la suppression (bloc note) :
RogueKiller V4.3.6 par Tigzy
contact sur http://www.sur-la-toile.com
mail: tigzyRK<at>gmail<dot>com
Remontees: http://www.sur-la-toile.com/discussion-193725-1-BRogueKillerD-Remontees.html
Systeme d'exploitation: Windows Vista (6.0.6000 ) 32 bits version
Demarrage : Mode normal
Utilisateur: Lili [Droits d'admin]
Mode: Suppression -- Date : 03/04/2011 15:52:00
Processus malicieux: 1
[APPDT/TMP/DESKTOP] fCn31001pAhIl31001.exe -- c:\programdata\fcn31001pahil31001\fcn31001pahil31001.exe -> KILLED
Entrees de registre: 6
[APPDT/TMP/DESKTOP] HKCU\[...]\Run : xewwqxf (c:\users\lili\appdata\local\xewwqxf.exe xewwqxf) -> DELETED
[APPDT/TMP/DESKTOP] HKCU\[...]\Run : namelive ("C:\ProgramData\forboldbold.xr9wm") -> DELETED
[APPDT/TMP/DESKTOP] HKCU\[...]\Run : ROAD ITCH AMOK PING ("C:\ProgramData\Dog Owns Cash.oeqgcj7") -> DELETED
[APPDT/TMP/DESKTOP] HKCU\[...]\Run : eesmk ("c:\users\lili\appdata\local\eesmk.exe" eesmk) -> DELETED
[APPDT/TMP/DESKTOP] HKCU\[...]\RunOnce : fCn31001pAhIl31001 (C:\ProgramData\fCn31001pAhIl31001\fCn31001pAhIl31001.exe) -> DELETED
[HJ] HKLM\[...]\System : EnableLUA (0) -> REPLACED (1)
Fichier HOSTS:
127.0.0.1 localhost
::1 localhost
Termine : << RKreport[1].txt >>
RKreport[1].txt
j'avais ce foutu logiciel ms removal, et je vous confirme qu'avec rogue killer (RK) on peut le supprimer, du moins sur Windows Vista Basic, avec un pc qui rame à mort.
-Télécharger RK
-Renommer en Winlogon
-Double-clic + éxecuter
-Un page s'ouvre, attendre le scannage, taper 2 + entrée
-Vous réjouir de voir votre ordi refonctionner.
Merci aux développeurs de RK !
PS : voilà le "RKreport" de RK après la suppression (bloc note) :
RogueKiller V4.3.6 par Tigzy
contact sur http://www.sur-la-toile.com
mail: tigzyRK<at>gmail<dot>com
Remontees: http://www.sur-la-toile.com/discussion-193725-1-BRogueKillerD-Remontees.html
Systeme d'exploitation: Windows Vista (6.0.6000 ) 32 bits version
Demarrage : Mode normal
Utilisateur: Lili [Droits d'admin]
Mode: Suppression -- Date : 03/04/2011 15:52:00
Processus malicieux: 1
[APPDT/TMP/DESKTOP] fCn31001pAhIl31001.exe -- c:\programdata\fcn31001pahil31001\fcn31001pahil31001.exe -> KILLED
Entrees de registre: 6
[APPDT/TMP/DESKTOP] HKCU\[...]\Run : xewwqxf (c:\users\lili\appdata\local\xewwqxf.exe xewwqxf) -> DELETED
[APPDT/TMP/DESKTOP] HKCU\[...]\Run : namelive ("C:\ProgramData\forboldbold.xr9wm") -> DELETED
[APPDT/TMP/DESKTOP] HKCU\[...]\Run : ROAD ITCH AMOK PING ("C:\ProgramData\Dog Owns Cash.oeqgcj7") -> DELETED
[APPDT/TMP/DESKTOP] HKCU\[...]\Run : eesmk ("c:\users\lili\appdata\local\eesmk.exe" eesmk) -> DELETED
[APPDT/TMP/DESKTOP] HKCU\[...]\RunOnce : fCn31001pAhIl31001 (C:\ProgramData\fCn31001pAhIl31001\fCn31001pAhIl31001.exe) -> DELETED
[HJ] HKLM\[...]\System : EnableLUA (0) -> REPLACED (1)
Fichier HOSTS:
127.0.0.1 localhost
::1 localhost
Termine : << RKreport[1].txt >>
RKreport[1].txt
jejedu59000
Messages postés
30
Date d'inscription
dimanche 26 septembre 2010
Statut
Membre
Dernière intervention
15 décembre 2011
1
3 avril 2011 à 15:47
3 avril 2011 à 15:47
Je vous remercie pour cette aide rapide et je ferai en sorte de bien faire attention la prochaine fois :)
