Sujet Précédent Sujet Suivant

Redirection site via Google

Résolu/Fermé
febryce Messages postés 31 Date d'inscription samedi 16 avril 2005 Statut Membre Dernière intervention 5 mai 2019 - 29 mars 2012 à 17:52
febryce Messages postés 31 Date d'inscription samedi 16 avril 2005 Statut Membre Dernière intervention 5 mai 2019 - 29 mars 2012 à 18:39
Bonjour à tous,

J'ai un soucis avec mon PC. Lors d'une recherche sous google, lorsque je clique sur sur un lien d'un site web, cela me redirige vers des pub et autres site pornos.

Voici un rapport OTL:

OTL logfile created on: 29/03/2012 17:45:00 - Run 1
OTL by OldTimer - Version 3.2.39.2 Folder = C:\Users\Arlette\Documents\BARONNIE\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 0000040c | Country: Belgique | Language: FRB | Date Format: d/MM/yyyy

3,79 Gb Total Physical Memory | 2,32 Gb Available Physical Memory | 61,08% Memory free
9,48 Gb Paging File | 7,88 Gb Available in Paging File | 83,07% Paging File free
Paging file location(s): c:\pagefile.sys 5826 11652 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 115,34 Gb Total Space | 76,98 Gb Free Space | 66,74% Space Free | Partition Type: NTFS
Drive D: | 330,89 Gb Total Space | 330,42 Gb Free Space | 99,86% Space Free | Partition Type: NTFS

Computer Name: ARLETTE-PC | User Name: Arlette | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - [2012/03/29 17:14:38 | 000,593,920 | ---- | M] (OldTimer Tools) -- C:\Users\Arlette\Documents\BARONNIE\Desktop\OTL.exe
PRC - [2012/03/28 18:49:25 | 000,250,528 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashUtil11g_ActiveX.exe
PRC - [2012/01/03 15:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011/10/01 09:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
PRC - [2011/10/01 09:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
PRC - [2011/04/30 00:32:54 | 000,013,592 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2010/02/05 19:05:08 | 000,182,912 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
PRC - [2009/12/15 19:39:38 | 000,096,896 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
PRC - [2009/06/19 19:29:26 | 002,488,888 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
PRC - [2009/06/16 02:30:42 | 000,084,536 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
PRC - [2008/12/23 02:15:34 | 000,174,648 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
PRC - [2007/11/30 20:20:44 | 000,051,768 | ---- | M] () -- C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe


[color=#E56717]========== Modules (No Company Name) ==========[/color]

MOD - [2007/11/30 20:20:44 | 000,051,768 | ---- | M] () -- C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe


[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV:[b]64bit:[/b] - [2011/04/27 17:21:18 | 000,288,272 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe -- (NisSrv)
SRV:[b]64bit:[/b] - [2011/04/27 17:21:18 | 000,012,784 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe -- (MsMpSvc)
SRV:[b]64bit:[/b] - [2009/11/27 05:39:45 | 000,243,712 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_38986e29a8b510a2\stacsv64.exe -- (STacSV)
SRV:[b]64bit:[/b] - [2009/10/16 16:06:40 | 001,039,360 | ---- | M] ( ) [Auto | Running] -- C:\Windows\SysNative\lxducoms.exe -- (lxdu_device)
SRV:[b]64bit:[/b] - [2009/07/14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)
SRV:[b]64bit:[/b] - [2009/07/14 03:41:10 | 000,035,328 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\iprip.dll -- (iprip)
SRV:[b]64bit:[/b] - [2009/07/14 03:39:47 | 000,010,240 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\TCPSVCS.EXE -- (simptcp)
SRV - [2012/01/03 15:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011/10/01 09:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2011/10/01 09:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2011/05/01 10:50:12 | 000,311,744 | ---- | M] (CybelSoft) [On_Demand | Stopped] -- C:\Program Files (x86)\ma-config.com\maconfservice.exe -- (maconfservice)
SRV - [2011/04/30 00:32:54 | 000,013,592 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc) Intel(R)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/12/15 19:39:38 | 000,096,896 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe -- (ATKGFNEXSrv)
SRV - [2009/11/27 05:39:45 | 000,243,712 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_38986e29a8b510a2\STacSV64.exe -- (STacSV)
SRV - [2009/07/14 03:14:42 | 000,009,216 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\TCPSVCS.EXE -- (simptcp)
SRV - [2009/06/16 02:30:42 | 000,084,536 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe -- (ASLDRService)
SRV - [2009/06/10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV:[b]64bit:[/b] - [2012/01/10 22:28:18 | 012,311,904 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:[b]64bit:[/b] - [2011/10/01 09:30:22 | 000,022,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol)
DRV:[b]64bit:[/b] - [2011/10/01 09:30:18 | 000,268,648 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay)
DRV:[b]64bit:[/b] - [2011/10/01 09:30:18 | 000,025,960 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir)
DRV:[b]64bit:[/b] - [2011/10/01 09:30:10 | 000,764,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs)
DRV:[b]64bit:[/b] - [2011/06/27 01:37:00 | 002,753,536 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:[b]64bit:[/b] - [2011/05/18 08:08:32 | 000,047,616 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\dc3d.sys -- (dc3d) MS Hardware Device Detection Driver (USB)
DRV:[b]64bit:[/b] - [2011/04/27 15:25:24 | 000,084,864 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)
DRV:[b]64bit:[/b] - [2011/04/26 11:07:36 | 000,557,848 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:[b]64bit:[/b] - [2011/03/23 10:20:30 | 000,076,912 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1C60x64.sys -- (L1C)
DRV:[b]64bit:[/b] - [2011/03/11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:[b]64bit:[/b] - [2011/03/11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:[b]64bit:[/b] - [2010/11/20 05:33:36 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:[b]64bit:[/b] - [2010/11/20 03:07:06 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:[b]64bit:[/b] - [2010/10/15 01:28:18 | 000,317,440 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud) Son Intel(R)
DRV:[b]64bit:[/b] - [2010/04/28 08:57:50 | 000,061,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:[b]64bit:[/b] - [2010/04/27 16:11:44 | 002,118,176 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\athwx.sys -- (AR5416)
DRV:[b]64bit:[/b] - [2010/04/13 12:15:03 | 000,135,560 | ---- | M] (ELAN Microelectronic Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ETD.sys -- (ETD)
DRV:[b]64bit:[/b] - [2010/02/26 10:32:11 | 000,158,976 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd)
DRV:[b]64bit:[/b] - [2009/11/27 05:39:45 | 000,505,344 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA)
DRV:[b]64bit:[/b] - [2009/09/17 21:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64) Intel(R)
DRV:[b]64bit:[/b] - [2009/08/21 08:48:17 | 000,044,032 | ---- | M] (Alcor Micro, Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AmUStor.sys -- (AmUStor)
DRV:[b]64bit:[/b] - [2009/08/20 04:41:37 | 001,800,192 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\snp2uvc.sys -- (SNP2UVC) USB2.0 PC Camera (SNP2UVC)
DRV:[b]64bit:[/b] - [2009/07/20 11:29:39 | 000,015,416 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kbfiltr.sys -- (kbfiltr)
DRV:[b]64bit:[/b] - [2009/07/14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:[b]64bit:[/b] - [2009/07/14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:[b]64bit:[/b] - [2009/07/14 03:47:48 | 000,023,104 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:[b]64bit:[/b] - [2009/07/14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:[b]64bit:[/b] - [2009/06/10 22:35:57 | 000,056,832 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SiSG664.sys -- (SiSGbeLH)
DRV:[b]64bit:[/b] - [2009/06/10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:[b]64bit:[/b] - [2009/06/10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:[b]64bit:[/b] - [2009/06/10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:[b]64bit:[/b] - [2009/06/10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:[b]64bit:[/b] - [2009/05/13 18:07:20 | 000,015,928 | ---- | M] (ASUS) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ATK64AMD.sys -- (MTsensor)
DRV:[b]64bit:[/b] - [2008/05/23 17:27:28 | 000,154,168 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr)
DRV - [2010/08/30 12:19:54 | 000,015,872 | ---- | M] (CybelSoft) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\ma-config.com\Drivers\driverhardwarev2x64.sys -- (driverhardwarev2x64)
DRV - [2009/07/14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2009/07/03 02:36:14 | 000,015,416 | ---- | M] (ASUS) [Kernel | Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys -- (ASMMAP64)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = https://www.bing.com/?scope=web&mkt=fr-FR{searchTerms}&form=ASUTDF&pc=MAAU&src=IE-SearchBox
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = https://www.google.com/webhp?gws_rd=ssl{searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr?ocid=OIE9HP
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [Binary data over 100 bytes]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = [Binary data over 100 bytes]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr?ocid=OIE9HP
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = https://www.bing.com/?scope=web&mkt=fr-FR{searchTerms}&FORM=IE8SRC


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-3463008773-1094569369-3876015736-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = https://www.google.fr/?gws_rd=ssl
IE - HKU\S-1-5-21-3463008773-1094569369-3876015736-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-3463008773-1094569369-3876015736-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
IE - HKU\S-1-5-21-3463008773-1094569369-3876015736-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = https://www.msn.com/fr-be?cobrand=asus.msn.com&ocid=ASUDHP&pc=ASU2
IE - HKU\S-1-5-21-3463008773-1094569369-3876015736-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = fr-BE
IE - HKU\S-1-5-21-3463008773-1094569369-3876015736-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/toolbar/ie8/sidebar.html
IE - HKU\S-1-5-21-3463008773-1094569369-3876015736-1000\..\SearchScopes,DefaultScope = {4CDDA2C9-0572-479E-88F3-9B2FC0EBD2BF}
IE - HKU\S-1-5-21-3463008773-1094569369-3876015736-1000\..\SearchScopes\{4CDDA2C9-0572-479E-88F3-9B2FC0EBD2BF}: "URL" = https://www.bing.com/?scope=web&mkt=fr-FR{searchTerms}&form=BIE9DF&pc=BIE9&src=IE-SearchBox
IE - HKU\S-1-5-21-3463008773-1094569369-3876015736-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.startup.homepage: "https://www.google.be/?gws_rd=ssl"*/*/*/
FF - prefs.js..network.proxy.type: 0
FF - user.js - File not found

FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_1_102.dll File not found
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@ma-config.com/HardwareDetection: C:\Program Files (x86)\ma-config.com\nphardwaredetection.dll (Cybelsoft)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/03/29 14:19:31 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins

[2012/03/29 14:20:12 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Arlette\AppData\Roaming\mozilla\Extensions
[2012/03/29 14:19:31 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2012/03/13 06:38:06 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012/03/13 07:43:04 | 000,001,516 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazon-france.xml
[2012/03/13 07:33:26 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012/03/13 07:43:04 | 000,001,822 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\cnrtl-tlfi-fr.xml
[2012/03/13 07:43:04 | 000,001,154 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-france.xml
[2012/03/13 07:43:04 | 000,001,426 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-fr.xml
[2012/03/13 07:43:04 | 000,000,956 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-france.xml

O1 HOSTS File: ([2009/06/10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:[b]64bit:[/b] - BHO: (Windows Live Family Safety Browser Helper Class) - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll (Microsoft Corporation)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O3:[b]64bit:[/b] - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKU\S-1-5-21-3463008773-1094569369-3876015736-1000\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKU\S-1-5-21-3463008773-1094569369-3876015736-1000\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O13[b]64bit:[/b] - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} http://fichiers.touslesdrivers.com/maconfig/MaConfig_5_1_2_3.cab ("Ma-Config.com control)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{243239E4-7D51-4891-9F07-2FED15EB3126}: DhcpNameServer = 192.168.2.1
O18:[b]64bit:[/b] - Protocol\Handler\livecall - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\msnim - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\wlmailhtml - No CLSID value found
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:[b]64bit:[/b] - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %*
O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2012/03/29 17:14:35 | 000,593,920 | ---- | C] (OldTimer Tools) -- C:\Users\Arlette\Documents\BARONNIE\Desktop\OTL.exe
[2012/03/29 16:48:40 | 036,967,728 | ---- | C] (Microsoft Corporation) -- C:\Users\Arlette\Documents\BARONNIE\Desktop\IE9 x64.exe
[2012/03/29 16:31:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft.NET
[2012/03/29 15:38:19 | 000,000,000 | ---D | C] -- C:\ZHP
[2012/03/29 15:38:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP
[2012/03/29 15:38:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ZHPDiag
[2012/03/29 15:36:10 | 000,000,000 | ---D | C] -- C:\TDSSKiller_Quarantine
[2012/03/29 14:19:39 | 000,000,000 | ---D | C] -- C:\Users\Arlette\AppData\Roaming\Mozilla
[2012/03/29 14:19:39 | 000,000,000 | ---D | C] -- C:\Users\Arlette\AppData\Local\Mozilla
[2012/03/29 14:19:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2012/03/29 05:10:19 | 000,000,000 | ---D | C] -- C:\Windows\Microsoft Antimalware
[2012/03/28 16:43:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Security Client
[2012/03/28 16:42:56 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Client
[2012/03/24 10:12:09 | 000,000,000 | ---D | C] -- C:\Users\Arlette\Documents\habit commandeur
[2012/03/20 14:26:01 | 000,000,000 | ---D | C] -- C:\Users\Arlette\véranda Bonnechère-Linssen
[2012/03/16 10:44:44 | 001,031,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcore.dll
[2012/03/16 10:44:43 | 000,826,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rdpcore.dll
[2012/03/15 10:18:01 | 000,000,000 | ---D | C] -- C:\Users\Arlette\Documents\Mail LUMINUS pour panneaux photovolt
[2012/03/14 12:47:59 | 005,559,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2012/03/14 12:47:59 | 003,968,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2012/03/14 12:47:58 | 003,913,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2012/03/14 12:45:19 | 000,000,000 | ---D | C] -- C:\Users\Arlette\Documents\CWAPE
[2012/03/14 11:41:28 | 001,544,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll
[2012/03/14 11:41:27 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorekmts.dll
[2012/03/14 11:41:27 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdrmemptylst.exe
[2012/03/14 11:41:26 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpwsx.dll
[2012/03/08 14:54:57 | 000,000,000 | ---D | C] -- C:\Users\Arlette\AppData\Local\Unity
[2012/03/08 14:54:23 | 000,000,000 | ---D | C] -- C:\Users\Arlette\AppData\Local\Deployment
[2012/03/08 14:54:23 | 000,000,000 | ---D | C] -- C:\Users\Arlette\AppData\Local\Apps
[1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2012/03/29 17:41:00 | 000,001,082 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/03/29 17:14:38 | 000,593,920 | ---- | M] (OldTimer Tools) -- C:\Users\Arlette\Documents\BARONNIE\Desktop\OTL.exe
[2012/03/29 16:57:13 | 000,019,056 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/03/29 16:57:13 | 000,019,056 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/03/29 16:54:06 | 001,558,136 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/03/29 16:54:06 | 000,707,294 | ---- | M] () -- C:\Windows\SysNative\perfh00C.dat
[2012/03/29 16:54:06 | 000,618,822 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/03/29 16:54:06 | 000,132,210 | ---- | M] () -- C:\Windows\SysNative\perfc00C.dat
[2012/03/29 16:54:06 | 000,107,844 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/03/29 16:50:20 | 000,001,078 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/03/29 16:49:56 | 000,000,320 | ---- | M] () -- C:\Windows\tasks\ljnqwtdxf.job
[2012/03/29 16:49:36 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/03/29 16:49:30 | 3054,931,968 | -HS- | M] () -- C:\hiberfil.sys
[2012/03/29 16:36:34 | 000,002,127 | ---- | M] () -- C:\Windows\epplauncher.mif
[2012/03/29 15:38:10 | 000,001,004 | ---- | M] () -- C:\Users\Public\Desktop\MBRCheck.lnk
[2012/03/29 14:19:31 | 000,001,136 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012/03/28 18:49:25 | 000,414,368 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012/03/28 18:40:35 | 000,276,240 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012/03/28 16:43:01 | 001,580,526 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012/03/28 15:00:03 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_dc3d_01009.Wdf
[2012/03/28 14:52:38 | 000,001,899 | ---- | M] () -- C:\Users\Arlette\Documents\BARONNIE\Desktop\Microsoft Security Essentials.lnk
[2012/03/25 17:14:43 | 000,000,453 | ---- | M] () -- C:\Users\Arlette\Documents\BARONNIE\Desktop\Home'Bank.website
[2012/03/24 13:42:36 | 000,001,115 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/03/18 21:33:26 | 000,126,976 | RHS- | M] () -- C:\Windows\SysWow64\logagent9.dll
[2012/03/08 11:15:07 | 000,000,172 | ---- | M] () -- C:\Users\Arlette\Documents\BARONNIE\Desktop\'raphaela LIZIERO'.vcf
[2012/03/08 11:15:07 | 000,000,163 | ---- | M] () -- C:\Users\Arlette\Documents\BARONNIE\Desktop\alain_decortis@gmail_com.vcf
[2012/03/08 11:15:07 | 000,000,136 | ---- | M] () -- C:\Users\Arlette\Documents\BARONNIE\Desktop\Marc Minguet.vcf
[2012/03/08 11:15:07 | 000,000,122 | ---- | M] () -- C:\Users\Arlette\Documents\BARONNIE\Desktop\FiFi (1).vcf
[2012/03/08 11:15:06 | 000,000,228 | ---- | M] () -- C:\Users\Arlette\Documents\BARONNIE\Desktop\André LINSSEN.vcf
[2012/03/08 11:15:06 | 000,000,181 | ---- | M] () -- C:\Users\Arlette\Documents\BARONNIE\Desktop\philippe_huberty@teledisnet_be.vcf
[2012/03/08 11:15:06 | 000,000,178 | ---- | M] () -- C:\Users\Arlette\Documents\BARONNIE\Desktop\menuiserie_keppenne@skynet_be.vcf
[2012/03/08 11:15:06 | 000,000,172 | ---- | M] () -- C:\Users\Arlette\Documents\BARONNIE\Desktop\julie_dobbelstein@gmail_com.vcf
[2012/03/08 11:15:06 | 000,000,169 | ---- | M] () -- C:\Users\Arlette\Documents\BARONNIE\Desktop\antichi_sapori@hotmail_com.vcf
[2012/03/08 11:15:06 | 000,000,166 | ---- | M] () -- C:\Users\Arlette\Documents\BARONNIE\Desktop\brasseur_rp@teledisnet_be.vcf
[2012/03/08 11:15:06 | 000,000,157 | ---- | M] () -- C:\Users\Arlette\Documents\BARONNIE\Desktop\franco_cipro@skynet_be.vcf
[2012/03/08 11:15:06 | 000,000,157 | ---- | M] () -- C:\Users\Arlette\Documents\BARONNIE\Desktop\dewinnedavid44@msn_com.vcf
[2012/03/08 11:15:06 | 000,000,151 | ---- | M] () -- C:\Users\Arlette\Documents\BARONNIE\Desktop\freddy_tilman@ing_be.vcf
[2012/03/08 11:15:06 | 000,000,151 | ---- | M] () -- C:\Users\Arlette\Documents\BARONNIE\Desktop\andre_houbeau@ing_be.vcf
[2012/03/08 11:15:06 | 000,000,148 | ---- | M] () -- C:\Users\Arlette\Documents\BARONNIE\Desktop\vip@autosecurite_be.vcf
[2012/03/08 11:15:06 | 000,000,148 | ---- | M] () -- C:\Users\Arlette\Documents\BARONNIE\Desktop\stephane@20sur20_be.vcf
[2012/03/08 11:15:06 | 000,000,142 | ---- | M] () -- C:\Users\Arlette\Documents\BARONNIE\Desktop\drevdp@scarlet_be.vcf
[2012/03/08 11:15:06 | 000,000,139 | ---- | M] () -- C:\Users\Arlette\Documents\BARONNIE\Desktop\info@vitronet_be.vcf
[2012/03/08 11:15:06 | 000,000,138 | ---- | M] () -- C:\Users\Arlette\Documents\BARONNIE\Desktop\Martine LINSSEN.vcf
[2012/03/08 11:15:06 | 000,000,135 | ---- | M] () -- C:\Users\Arlette\Documents\BARONNIE\Desktop\Pypops Michel.vcf
[2012/03/08 11:15:05 | 000,000,223 | ---- | M] () -- C:\Users\Arlette\Documents\BARONNIE\Desktop\Cops André.vcf
[2012/03/08 11:15:05 | 000,000,202 | ---- | M] () -- C:\Users\Arlette\Documents\BARONNIE\Desktop\Syndicat AOC Vacqueyras.vcf
[2012/03/08 11:15:05 | 000,000,178 | ---- | M] () -- C:\Users\Arlette\Documents\BARONNIE\Desktop\nicole_plantevin@aliceadsl_fr.vcf
[2012/03/08 11:15:05 | 000,000,178 | ---- | M] () -- C:\Users\Arlette\Documents\BARONNIE\Desktop\Alain_HOUTAIN@spw_wallonie_be.vcf
[2012/03/08 11:15:05 | 000,000,169 | ---- | M] () -- C:\Users\Arlette\Documents\BARONNIE\Desktop\georges_dechamps@gmail_com.vcf
[2012/03/08 11:15:05 | 000,000,166 | ---- | M] () -- C:\Users\Arlette\Documents\BARONNIE\Desktop\mauricewilkin@hotmail_com.vcf
[2012/03/08 11:15:05 | 000,000,166 | ---- | M] () -- C:\Users\Arlette\Documents\BARONNIE\Desktop\lassineacasaril@skynet_be.vcf
[2012/03/08 11:15:05 | 000,000,166 | ---- | M] () -- C:\Users\Arlette\Documents\BARONNIE\Desktop\lassineacasaril@gmail_com.vcf
[2012/03/08 11:15:05 | 000,000,166 | ---- | M] () -- C:\Users\Arlette\Documents\BARONNIE\Desktop\crevillon@inter-rhone_com.vcf
[2012/03/08 11:15:05 | 000,000,163 | ---- | M] () -- C:\Users\Arlette\Documents\BARONNIE\Desktop\michel_dupont@be_ibm_com.vcf
[2012/03/08 11:15:05 | 000,000,160 | ---- | M] () -- C:\Users\Arlette\Documents\BARONNIE\Desktop\s_berger@cide-socran_be.vcf
[2012/03/08 11:15:05 | 000,000,160 | ---- | M] () -- C:\Users\Arlette\Documents\BARONNIE\Desktop\paul_leclercq@skynet_be.vcf
[2012/03/08 11:15:05 | 000,000,160 | ---- | M] () -- C:\Users\Arlette\Documents\BARONNIE\Desktop\Dominique Fourmarier.vcf
[2012/03/08 11:15:05 | 000,000,160 | ---- | M] () -- C:\Users\Arlette\Documents\BARONNIE\Desktop\alainviseur@hotmail_com.vcf
[2012/03/08 11:15:05 | 000,000,157 | ---- | M] () -- C:\Users\Arlette\Documents\BARONNIE\Desktop\Philippe_Bal@skynet_be.vcf
[2012/03/08 11:15:05 | 000,000,157 | ---- | M] () -- C:\Users\Arlette\Documents\BARONNIE\Desktop\nicole_genot@skynet_be.vcf
[2012/03/08 11:15:05 | 000,000,154 | ---- | M] () -- C:\Users\Arlette\Documents\BARONNIE\Desktop\s_luthers@hotmail_com.vcf
[2012/03/08 11:15:05 | 000,000,154 | ---- | M] () -- C:\Users\Arlette\Documents\BARONNIE\Desktop\J_Mareschal@skynet_be.vcf
[2012/03/08 11:15:05 | 000,000,151 | ---- | M] () -- C:\Users\Arlette\Documents\BARONNIE\Desktop\Ludovic_Finet@ing_be.vcf
[2012/03/08 11:15:05 | 000,000,149 | ---- | M] () -- C:\Users\Arlette\Documents\BARONNIE\Desktop\Jean Marie Broka.vcf
[2012/03/08 11:15:05 | 000,000,148 | ---- | M] () -- C:\Users\Arlette\Documents\BARONNIE\Desktop\r_liziero@skynet_be.vcf
[2012/03/08 11:15:05 | 000,000,146 | ---- | M] () -- C:\Users\Arlette\Documents\BARONNIE\Desktop\David Vignobles.vcf
[2012/03/08 11:15:05 | 000,000,146 | ---- | M] () -- C:\Users\Arlette\Documents\BARONNIE\Desktop\Bernadette SAUVEUR.vcf
[2012/03/08 11:15:05 | 000,000,145 | ---- | M] () -- C:\Users\Arlette\Documents\BARONNIE\Desktop\fb920814@skynet_be.vcf
[2012/03/08 11:15:05 | 000,000,145 | ---- | M] () -- C:\Users\Arlette\Documents\BARONNIE\Desktop\ahoutain@skynet_be.vcf
[2012/03/08 11:15:05 | 000,000,143 | ---- | M] () -- C:\Users\Arlette\Documents\BARONNIE\Desktop\Vieux Cellier.vcf
[2012/03/08 11:15:05 | 000,000,142 | ---- | M] () -- C:\Users\Arlette\Documents\BARONNIE\Desktop\j_benoit@helmo_be.vcf
[2012/03/08 11:15:05 | 000,000,139 | ---- | M] () -- C:\Users\Arlette\Documents\BARONNIE\Desktop\Yvan Vins.vcf
[2012/03/08 11:15:05 | 000,000,139 | ---- | M] () -- C:\Users\Arlette\Documents\BARONNIE\Desktop\atelec@skynet_be.vcf
[2012/03/08 11:15:04 | 000,000,386 | ---- | M] () -- C:\Users\Arlette\Documents\BARONNIE\Desktop\Alain Coutelier.vcf
[2012/03/08 11:15:04 | 000,000,321 | ---- | M] () -- C:\Users\Arlette\Documents\BARONNIE\Desktop\Michel Luc.vcf
[2012/03/08 11:15:04 | 000,000,314 | ---- | M] () -- C:\Users\Arlette\Documents\BARONNIE\Desktop\Philippe DEBATY.vcf
[2012/03/08 11:15:04 | 000,000,248 | ---- | M] () -- C:\Users\Arlette\Documents\BARONNIE\Desktop\Sandra Bonafé Chavanne.vcf
[2012/03/08 11:15:04 | 000,000,199 | ---- | M] () -- C:\Users\Arlette\Documents\BARONNIE\Desktop\Danielle_Courtois@provincedeliege_be.vcf
[2012/03/08 11:15:04 | 000,000,173 | ---- | M] () -- C:\Users\Arlette\Documents\BARONNIE\Desktop\Verdenne Alain.vcf
[2012/03/08 11:15:04 | 000,000,172 | ---- | M] () -- C:\Users\Arlette\Documents\BARONNIE\Desktop\Jeanlouis_Vanesch@skynet_be.vcf
[2012/03/08 11:15:04 | 000,000,172 | ---- | M] () -- C:\Users\Arlette\Documents\BARONNIE\Desktop\ethias_assistance@ethias_be.vcf
[2012/03/08 11:15:04 | 000,000,169 | ---- | M] () -- C:\Users\Arlette\Documents\BARONNIE\Desktop\rosaliescholzen@scarlet_be.vcf
[2012/03/08 11:15:04 | 000,000,166 | ---- | M] () -- C:\Users\Arlette\Documents\BARONNIE\Desktop\yvescouturier@hotmail_com.vcf
[2012/03/08 11:15:04 | 000,000,166 | ---- | M] () -- C:\Users\Arlette\Documents\BARONNIE\Desktop\nullens_marcel@scarlet_be.vcf
[2012/03/08 11:15:04 | 000,000,166 | ---- | M] () -- C:\Users\Arlette\Documents\BARONNIE\Desktop\bernard_collin9@gmail_com.vcf
[2012/03/08 11:15:04 | 000,000,163 | ---- | M] () -- C:\Users\Arlette\Documents\BARONNIE\Desktop\vannitsen_f@belgacom_net.vcf
[2012/03/08 11:15:04 | 000,000,162 | ---- | M] () -- C:\Users\Arlette\Documents\BARONNIE\Desktop\JEAN YVES XHENSEVAL.vcf
[2012/03/08 11:15:04 | 000,000,160 | ---- | M] () -- C:\Users\Arlette\Documents\BARONNIE\Desktop\maurice_jadot@skynet_be.vcf
[2012/03/08 11:15:04 | 000,000,157 | ---- | M] () -- C:\Users\Arlette\Documents\BARONNIE\Desktop\vandegaar@vandegaar_be.vcf
[2012/03/08 11:15:04 | 000,000,151 | ---- | M] () -- C:\Users\Arlette\Documents\BARONNIE\Desktop\el_pirotte@skynet_be.vcf
[2012/03/08 11:15:04 | 000,000,151 | ---- | M] () -- C:\Users\Arlette\Documents\BARONNIE\Desktop\ascheffers@skynet_be.vcf
[2012/03/08 11:15:04 | 000,000,146 | ---- | M] () -- C:\Users\Arlette\Documents\BARONNIE\Desktop\DETHIER Claudy.vcf
[2012/03/08 11:15:04 | 000,000,145 | ---- | M] () -- C:\Users\Arlette\Documents\BARONNIE\Desktop\lina_aresta@ing_be.vcf
[2012/03/08 11:15:04 | 000,000,140 | ---- | M] () -- C:\Users\Arlette\Documents\BARONNIE\Desktop\Michel Dachelrt.vcf
[2012/03/08 11:15:04 | 000,000,140 | ---- | M] () -- C:\Users\Arlette\Documents\BARONNIE\Desktop\ALAIN Casaril.vcf
[2012/03/08 11:15:04 | 000,000,136 | ---- | M] () -- C:\Users\Arlette\Documents\BARONNIE\Desktop\henserge@voo_be.vcf
[2012/03/08 11:15:04 | 000,000,134 | ---- | M] () -- C:\Users\Arlette\Documents\BARONNIE\Desktop\Vicomte.vcf
[2012/03/08 11:15:04 | 000,000,133 | ---- | M] () -- C:\Users\Arlette\Documents\BARONNIE\Desktop\SORNIN ERIC.vcf
[2012/03/08 11:15:04 | 000,000,133 | ---- | M] () -- C:\Users\Arlette\Documents\BARONNIE\Desktop\AVRIL Jacques.vcf
[2012/03/08 11:15:04 | 000,000,131 | ---- | M] () -- C:\Users\Arlette\Documents\BARONNIE\Desktop\Eddy Borsu.vcf
[2012/03/08 11:15:04 | 000,000,126 | ---- | M] () -- C:\Users\Arlette\Documents\BARONNIE\Desktop\YANNICK.vcf
[2012/03/08 11:15:04 | 000,000,126 | ---- | M] () -- C:\Users\Arlette\Documents\BARONNIE\Desktop\Xavier Lantin.vcf
[2012/03/08 11:15:04 | 000,000,124 | ---- | M] () -- C:\Users\Arlette\Documents\BARONNIE\Desktop\jh@enjeu_be.vcf
[2012/03/08 11:15:03 | 000,000,401 | ---- | M] () -- C:\Users\Arlette\Documents\BARONNIE\Desktop\pierre_graff@hotmail_com.vcf
[2012/03/08 11:15:03 | 000,000,376 | ---- | M] () -- C:\Users\Arlette\Documents\BARONNIE\Desktop\Pierrot Wouters.vcf
[2012/03/08 11:15:03 | 000,000,296 | ---- | M] () -- C:\Users\Arlette\Documents\BARONNIE\Desktop\Gérard RAYMOND.vcf
[2012/03/08 11:15:03 | 000,000,267 | ---- | M] () -- C:\Users\Arlette\Documents\BARONNIE\Desktop\chateau@universite-du-vin_com.vcf
[2012/03/08 11:15:03 | 000,000,220 | ---- | M] () -- C:\Users\Arlette\Documents\BARONNIE\Desktop\Raick Léon.vcf
[2012/03/08 11:15:03 | 000,000,217 | ---- | M] () -- C:\Users\Arlette\Documents\BARONNIE\Desktop\Léon Raick.vcf
[2012/03/08 11:15:03 | 000,000,184 | ---- | M] () -- C:\Users\Arlette\Documents\BARONNIE\Desktop\vignerons@beaumes-de-venise_com.vcf
[2012/03/08 11:15:03 | 000,000,178 | ---- | M] () -- C:\Users\Arlette\Documents\BARONNIE\Desktop\philippe-plantevin@wanadoo_fr.vcf
[2012/03/08 11:15:03 | 000,000,172 | ---- | M] () -- C:\Users\Arlette\Documents\BARONNIE\Desktop\michel_moeremans@telenet_be.vcf
[2012/03/08 11:15:03 | 000,000,169 | ---- | M] () -- C:\Users\Arlette\Documents\BARONNIE\Desktop\romain_corbin@lepreneuf_be.vcf
[2012/03/08 11:15:03 | 000,000,169 | ---- | M] () -- C:\Users\Arlette\Documents\BARONNIE\Desktop\gnikelma@techspace-aero_be.vcf
[2012/03/08 11:15:03 | 000,000,166 | ---- | M] () -- C:\Users\Arlette\Documents\BARONNIE\Desktop\jacques_wolfs@federale_be.vcf
[2012/03/08 11:15:03 | 000,000,166 | ---- | M] () -- C:\Users\Arlette\Documents\BARONNIE\Desktop\info@advisory_ryanair_com.vcf
[2012/03/08 11:15:03 | 000,000,163 | ---- | M] () -- C:\Users\Arlette\Documents\BARONNIE\Desktop\laurentespinasse@free_fr.vcf
[2012/03/08 11:15:03 | 000,000,160 | ---- | M] () -- C:\Users\Arlette\Documents\BARONNIE\Desktop\robert_romanelli@ing_be.vcf
[2012/03/08 11:15:03 | 000,000,157 | ---- | M] () -- C:\Users\Arlette\Documents\BARONNIE\Desktop\benoit_nihon@gmail_com.vcf
[2012/03/08 11:15:03 | 000,000,151 | ---- | M] () -- C:\Users\Arlette\Documents\BARONNIE\Desktop\collishop@colruyt_be.vcf
[2012/03/08 11:15:03 | 000,000,144 | ---- | M] () -- C:\Users\Arlette\Documents\BARONNIE\Desktop\Marc LATOUR.vcf
[2012/03/08 11:15:03 | 000,000,144 | ---- | M] () -- C:\Users\Arlette\Documents\BARONNIE\Desktop\Jean-Claude Mardaga.vcf
[2012/03/08 11:15:03 | 000,000,139 | ---- | M] () -- C:\Users\Arlette\Documents\BARONNIE\Desktop\rondupont@voo_be.vcf
[2012/03/08 11:15:03 | 000,000,135 | ---- | M] () -- C:\Users\Arlette\Documents\BARONNIE\Desktop\PIRLOT Roger.vcf
[2012/03/08 11:15:03 | 000,000,114 | ---- | M] () -- C:\Users\Arlette\Documents\BARONNIE\Desktop\FIFI.vcf
[2012/03/08 11:15:02 | 000,000,494 | ---- | M] () -- C:\Users\Arlette\Documents\BARONNIE\Desktop\Stéphanie et Jacques KANEKO.vcf
[2012/03/08 11:15:02 | 000,000,157 | ---- | M] () -- C:\Users\Arlette\Documents\BARONNIE\Desktop\ayanadelhaes@gmail_com.vcf
[2012/03/08 11:15:02 | 000,000,154 | ---- | M] () -- C:\Users\Arlette\Documents\BARONNIE\Desktop\Alain Grandjean.vcf
[2012/03/08 11:15:02 | 000,000,151 | ---- | M] () -- C:\Users\Arlette\Documents\BARONNIE\Desktop\emilestraeten@voo_be.vcf
[2012/03/08 11:15:02 | 000,000,145 | ---- | M] () -- C:\Users\Arlette\Documents\BARONNIE\Desktop\Philipe Thimister.vcf
[2012/03/08 11:15:02 | 000,000,144 | ---- | M] () -- C:\Users\Arlette\Documents\BARONNIE\Desktop\Xavier Crutzen.vcf
[2012/03/08 11:15:02 | 000,000,142 | ---- | M] () -- C:\Users\Arlette\Documents\BARONNIE\Desktop\auweray@yahoo_com.vcf
[2012/03/08 11:15:02 | 000,000,141 | ---- | M] () -- C:\Users\Arlette\Documents\BARONNIE\Desktop\Goldenhorse Luc.vcf
[2012/03/08 11:15:02 | 000,000,139 | ---- | M] () -- C:\Users\Arlette\Documents\BARONNIE\Desktop\PATRICE ANDRE.vcf
[2012/03/08 11:15:02 | 000,000,137 | ---- | M] () -- C:\Users\Arlette\Documents\BARONNIE\Desktop\GERARD GRANGER.vcf
[2012/03/08 11:15:02 | 000,000,126 | ---- | M] () -- C:\Users\Arlette\Documents\BARONNIE\Desktop\JF Wolfs.vcf
[2012/03/08 11:15:02 | 000,000,124 | ---- | M] () -- C:\Users\Arlette\Documents\BARONNIE\Desktop\MIGUEL.vcf
[2012/03/08 11:15:02 | 000,000,123 | ---- | M] () -- C:\Users\Arlette\Documents\BARONNIE\Desktop\Mimi.vcf
[2012/03/08 11:15:02 | 000,000,100 | ---- | M] () -- C:\Users\Arlette\Documents\BARONNIE\Desktop\Pierrot Beauprez.vcf
[1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2012/03/29 15:38:10 | 000,001,004 | ---- | C] () -- C:\Users\Public\Desktop\MBRCheck.lnk
[2012/03/29 14:19:31 | 000,001,148 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2012/03/29 14:19:31 | 000,001,136 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012/03/28 16:42:58 | 000,001,899 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
[2012/03/28 15:00:03 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_dc3d_01009.Wdf
[2012/03/28 14:52:38 | 000,001,899 | ---- | C] () -- C:\Users\Arlette\Documents\BARONNIE\Desktop\Microsoft Security Essentials.lnk
[2012/03/24 13:42:36 | 000,001,115 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/03/20 14:29:37 | 003,706,558 | ---- | C] () -- C:\Users\Arlette\RIMG0023.JPG
[2012/03/20 14:29:37 | 003,149,645 | ---- | C] () -- C:\Users\Arlette\RIMG0022.JPG
[2012/03/20 14:29:37 | 003,138,089 | ---- | C] () -- C:\Users\Arlette\RIMG0021.JPG
[2012/03/18 21:33:26 | 000,126,976 | RHS- | C] () -- C:\Windows\SysWow64\logagent9.dll
[2012/03/18 21:33:26 | 000,000,320 | ---- | C] () -- C:\Windows\tasks\ljnqwtdxf.job
[2012/03/08 11:15:07 | 000,000,172 | ---- | C] () -- C:\Users\Arlette\Documents\BARONNIE\Desktop\'raphaela LIZIERO'.vcf
[2012/03/08 11:15:07 | 000,000,163 | ---- | C] () -- C:\Users\Arlette\Documents\BARONNIE\Desktop\alain_decortis@gmail_com.vcf
[2012/03/08 11:15:07 | 000,000,136 | ---- | C] () -- C:\Users\Arlette\Documents\BARONNIE\Desktop\Marc Minguet.vcf
[2012/03/08 11:15:07 | 000,000,122 | ---- | C] () -- C:\Users\Arlette\Documents\BARONNIE\Desktop\FiFi (1).vcf
[2012/03/08 11:15:06 | 000,000,228 | ---- | C] () -- C:\Users\Arlette\Documents\BARONNIE\Desktop\André LINSSEN.vcf
[2012/03/08 11:15:06 | 000,000,181 | ---- | C] () -- C:\Users\Arlette\Documents\BARONNIE\Desktop\philippe_huberty@teledisnet_be.vcf
[2012/03/08 11:15:06 | 000,000,178 | ---- | C] () -- C:\Users\Arlette\Documents\BARONNIE\Desktop\menuiserie_keppenne@skynet_be.vcf
[2012/03/08 11:15:06 | 000,000,172 | ---- | C] () -- C:\Users\Arlette\Documents\BARONNIE\Desktop\julie_dobbelstein@gmail_com.vcf
[2012/03/08 11:15:06 | 000,000,169 | ---- | C] () -- C:\Users\Arlette\Documents\BARONNIE\Desktop\antichi_sapori@hotmail_com.vcf
[2012/03/08 11:15:06 | 000,000,166 | ---- | C] () -- C:\Users\Arlette\Documents\BARONNIE\Desktop\brasseur_rp@teledisnet_be.vcf
[2012/03/08 11:15:06 | 000,000,157 | ---- | C] () -- C:\Users\Arlette\Documents\BARONNIE\Desktop\franco_cipro@skynet_be.vcf
[2012/03/08 11:15:06 | 000,000,157 | ---- | C] () -- C:\Users\Arlette\Documents\BARONNIE\Desktop\dewinnedavid44@msn_com.vcf
[2012/03/08 11:15:06 | 000,000,151 | ---- | C] () -- C:\Users\Arlette\Documents\BARONNIE\Desktop\freddy_tilman@ing_be.vcf
[2012/03/08 11:15:06 | 000,000,151 | ---- | C] () -- C:\Users\Arlette\Documents\BARONNIE\Desktop\andre_houbeau@ing_be.vcf
[2012/03/08 11:15:06 | 000,000,148 | ---- | C] () -- C:\Users\Arlette\Documents\BARONNIE\Desktop\vip@autosecurite_be.vcf
[2012/03/08 11:15:06 | 000,000,148 | ---- | C] () -- C:\Users\Arlette\Documents\BARONNIE\Desktop\stephane@20sur20_be.vcf
[2012/03/08 11:15:06 | 000,000,142 | ---- | C] () -- C:\Users\Arlette\Documents\BARONNIE\Desktop\drevdp@scarlet_be.vcf
[2012/03/08 11:15:06 | 000,000,139 | ---- | C] () -- C:\Users\Arlette\Documents\BARONNIE\Desktop\info@vitronet_be.vcf
[2012/03/08 11:15:06 | 000,000,138 | ---- | C] () -- C:\Users\Arlette\Documents\BARONNIE\Desktop\Martine LINSSEN.vcf
[2012/03/08 11:15:06 | 000,000,135 | ---- | C] () -- C:\Users\Arlette\Documents\BARONNIE\Desktop\Pypops Michel.vcf
[2012/03/08 11:15:05 | 000,000,223 | ---- | C] () -- C:\Users\Arlette\Documents\BARONNIE\Desktop\Cops André.vcf
[2012/03/08 11:15:05 | 000,000,202 | ---- | C] () -- C:\Users\Arlette\Documents\BARONNIE\Desktop\Syndicat AOC Vacqueyras.vcf
[2012/03/08 11:15:05 | 000,000,178 | ---- | C] () -- C:\Users\Arlette\Documents\BARONNIE\Desktop\nicole_plantevin@aliceadsl_fr.vcf
[2012/03/08 11:15:05 | 000,000,178 | ---- | C] () -- C:\Users\Arlette\Documents\BARONNIE\Desktop\Alain_HOUTAIN@spw_wallonie_be.vcf
[2012/03/08 11:15:05 | 000,000,169 | ---- | C] () -- C:\Users\Arlette\Documents\BARONNIE\Desktop\georges_dechamps@gmail_com.vcf
[2012/03/08 11:15:05 | 000,000,166 | ---- | C] () -- C:\Users\Arlette\Documents\BARONNIE\Desktop\mauricewilkin@hotmail_com.vcf
[2012/03/08 11:15:05 | 000,000,166 | ---- | C] () -- C:\Users\Arlette\Documents\BARONNIE\Desktop\lassineacasaril@skynet_be.vcf
[2012/03/08 11:15:05 | 000,000,166 | ---- | C] () -- C:\Users\Arlette\Documents\BARONNIE\Desktop\lassineacasaril@gmail_com.vcf
[2012/03/08 11:15:05 | 000,000,166 | ---- | C] () -- C:\Users\Arlette\Documents\BARONNIE\Desktop\crevillon@inter-rhone_com.vcf
[2012/03/08 11:15:05 | 000,000,163 | ---- | C] () -- C:\Users\Arlette\Documents\BARONNIE\Desktop\michel_dupont@be_ibm_com.vcf
[2012/03/08 11:15:05 | 000,000,160 | ---- | C] () -- C:\Users\Arlette\Documents\BARONNIE\Desktop\s_berger@cide-socran_be.vcf
[2012/03/08 11:15:05 | 000,000,160 | ---- | C] () -- C:\Users\Arlette\Documents\BARONNIE\Desktop\paul_leclercq@skynet_be.vcf
[2012/03/08 11:15:05 | 000,000,160 | ---- | C] () -- C:\Users\Arlette\Documents\BARONNIE\Desktop\Dominique Fourmarier.vcf
[2012/03/08 11:15:05 | 000,000,160 | ---- | C] () -- C:\Users\Arlette\Documents\BARONNIE\Desktop\alainviseur@hotmail_com.vcf
[2012/03/08 11:15:05 | 000,000,157 | ---- | C] () -- C:\Users\Arlette\Documents\BARONNIE\Desktop\Philippe_Bal@skynet_be.vcf
[2012/03/08 11:15:05 | 000,000,157 | ---- | C] () -- C:\Users\Arlette\Documents\BARONNIE\Desktop\nicole_genot@skynet_be.vcf
[2012/03/08 11:15:05 | 000,000,154 | ---- | C] () -- C:\Users\Arlette\Documents\BARONNIE\Desktop\s_luthers@hotmail_com.vcf
[2012/03/08 11:15:05 | 000,000,154 | ---- | C] () -- C:\Users\Arlette\Documents\BARONNIE\Desktop\J_Mareschal@skynet_be.vcf
[2012/03/08 11:15:05 | 000,000,151 | ---- | C] () -- C:\Users\Arlette\Documents\BARONNIE\Desktop\Ludovic_Finet@ing_be.vcf
[2012/03/08 11:15:05 | 000,000,149 | ---- | C] () -- C:\Users\Arlette\Documents\BARONNIE\Desktop\Jean Marie Broka.vcf
[2012/03/08 11:15:05 | 000,000,148 | ---- | C] () -- C:\Users\Arlette\Documents\BARONNIE\Desktop\r_liziero@skynet_be.vcf
[2012/03/08 11:15:05 | 000,000,146 | ---- | C] () -- C:\Users\Arlette\Documents\BARONNIE\Desktop\David Vignobles.vcf
[2012/03/08 11:15:05 | 000,000,146 | ---- | C] () -- C:\Users\Arlette\Documents\BARONNIE\Desktop\Bernadette SAUVEUR.vcf
[2012/03/08 11:15:05 | 000,000,145 | ---- | C] () -- C:\Users\Arlette\Documents\BARONNIE\Desktop\fb920814@skynet_be.vcf
[2012/03/08 11:15:05 | 000,000,145 | ---- | C] () -- C:\Users\Arlette\Documents\BARONNIE\Desktop\ahoutain@skynet_be.vcf
[2012/03/08 11:15:05 | 000,000,143 | ---- | C] () -- C:\Users\Arlette\Documents\BARONNIE\Desktop\Vieux Cellier.vcf
[2012/03/08 11:15:05 | 000,000,142 | ---- | C] () -- C:\Users\Arlette\Documents\BARONNIE\Desktop\j_benoit@helmo_be.vcf
[2012/03/08 11:15:05 | 000,000,139 | ---- | C] () -- C:\Users\Arlette\Documents\BARONNIE\Desktop\Yvan Vins.vcf
[2012/03/08 11:15:05 | 000,000,139 | ---- | C] () -- C:\Users\Arlette\Documents\BARONNIE\Desktop\atelec@skynet_be.vcf
[2012/03/08 11:15:04 | 000,000,386 | ---- | C] () -- C:\Users\Arlette\Documents\BARONNIE\Desktop\Alain Coutelier.vcf
[2012/03/08 11:15:04 | 000,000,321 | ---- | C] () -- C:\Users\Arlette\Documents\BARONNIE\Desktop\Michel Luc.vcf
[2012/03/08 11:15:04 | 000,000,314 | ---- | C] () -- C:\Users\Arlette\Documents\BARONNIE\Desktop\Philippe DEBATY.vcf
[2012/03/08 11:15:04 | 000,000,248 | ---- | C] () -- C:\Users\Arlette\Documents\BARONNIE\Desktop\Sandra Bonafé Chavanne.vcf
[2012/03/08 11:15:04 | 000,000,199 | ---- | C] () -- C:\Users\Arlette\Documents\BARONNIE\Desktop\Danielle_Courtois@provincedeliege_be.vcf
[2012/03/08 11:15:04 | 000,000,173 | ---- | C] () -- C:\Users\Arlette\Documents\BARONNIE\Desktop\Verdenne Alain.vcf
[2012/03/08 11:15:04 | 000,000,172 | ---- | C] () -- C:\Users\Arlette\Documents\BARONNIE\Desktop\Jeanlouis_Vanesch@skynet_be.vcf
[2012/03/08 11:15:04 | 000,000,172 | ---- | C] () -- C:\Users\Arlette\Documents\BARONNIE\Desktop\ethias_assistance@ethias_be.vcf
[2012/03/08 11:15:04 | 000,000,169 | ---- | C] () -- C:\Users\Arlette\Documents\BARONNIE\Desktop\rosaliescholzen@scarlet_be.vcf
[2012/03/08 11:15:04 | 000,000,166 | ---- | C] () -- C:\Users\Arlette\Documents\BARONNIE\Desktop\yvescouturier@hotmail_com.vcf
[2012/03/08 11:15:04 | 000,000,166 | ---- | C] () -- C:\Users\Arlette\Documents\BARONNIE\Desktop\nullens_marcel@scarlet_be.vcf
[2012/03/08 11:15:04 | 000,000,166 | ---- | C] () -- C:\Users\Arlette\Documents\BARONNIE\Desktop\bernard_collin9@gmail_com.vcf
[2012/03/08 11:15:04 | 000,000,163 | ---- | C] () -- C:\Users\Arlette\Documents\BARONNIE\Desktop\vannitsen_f@belgacom_net.vcf
[2012/03/08 11:15:04 | 000,000,162 | ---- | C] () -- C:\Users\Arlette\Documents\BARONNIE\Desktop\JEAN YVES XHENSEVAL.vcf
[2012/03/08 11:15:04 | 000,000,160 | ---- | C] () -- C:\Users\Arlette\Documents\BARONNIE\Desktop\maurice_jadot@skynet_be.vcf
[2012/03/08 11:15:04 | 000,000,151 | ---- | C] () -- C:\Users\Arlette\Documents\BARONNIE\Desktop\el_pirotte@skynet_be.vcf
[2012/03/08 11:15:04 | 000,000,151 | ---- | C] () -- C:\Users\Arlette\Documents\BARONNIE\Desktop\ascheffers@skynet_be.vcf
[2012/03/08 11:15:04 | 000,000,146 | ---- | C] () -- C:\Users\Arlette\Documents\BARONNIE\Desktop\DETHIER Claudy.vcf
[2012/03/08 11:15:04 | 000,000,145 | ---- | C] () -- C:\Users\Arlette\Documents\BARONNIE\Desktop\lina_aresta@ing_be.vcf
[2012/03/08 11:15:04 | 000,000,140 | ---- | C] () -- C:\Users\Arlette\Documents\BARONNIE\Desktop\Michel Dachelrt.vcf
[2012/03/08 11:15:04 | 000,000,140 | ---- | C] () -- C:\Users\Arlette\Documents\BARONNIE\Desktop\ALAIN Casaril.vcf
[2012/03/08 11:15:04 | 000,000,136 | ---- | C] () -- C:\Users\Arlette\Documents\BARONNIE\Desktop\henserge@voo_be.vcf
[2012/03/08 11:15:04 | 000,000,134 | ---- | C] () -- C:\Users\Arlette\Documents\BARONNIE\Desktop\Vicomte.vcf
[2012/03/08 11:15:04 | 000,000,133 | ---- | C] () -- C:\Users\Arlette\Documents\BARONNIE\Desktop\SORNIN ERIC.vcf
[2012/03/08 11:15:04 | 000,000,133 | ---- | C] () -- C:\Users\Arlette\Documents\BARONNIE\Desktop\AVRIL Jacques.vcf
[2012/03/08 11:15:04 | 000,000,131 | ---- | C] () -- C:\Users\Arlette\Documents\BARONNIE\Desktop\Eddy Borsu.vcf
[2012/03/08 11:15:04 | 000,000,126 | ---- | C] () -- C:\Users\Arlette\Documents\BARONNIE\Desktop\YANNICK.vcf
[2012/03/08 11:15:04 | 000,000,126 | ---- | C] () -- C:\Users\Arlette\Documents\BARONNIE\Desktop\Xavier Lantin.vcf
[2012/03/08 11:15:04 | 000,000,124 | ---- | C] () -- C:\Users\Arlette\Documents\BARONNIE\Desktop\jh@enjeu_be.vcf
[2012/03/08 11:15:03 | 000,000,401 | ---- | C] () -- C:\Users\Arlette\Documents\BARONNIE\Desktop\pierre_graff@hotmail_com.vcf
[2012/03/08 11:15:03 | 000,000,376 | ---- | C] () -- C:\Users\Arlette\Documents\BARONNIE\Desktop\Pierrot Wouters.vcf
[2012/03/08 11:15:03 | 000,000,296 | ---- | C] () -- C:\Users\Arlette\Documents\BARONNIE\Desktop\Gérard RAYMOND.vcf
[2012/03/08 11:15:03 | 000,000,267 | ---- | C] () -- C:\Users\Arlette\Documents\BARONNIE\Desktop\chateau@universite-du-vin_com.vcf
[2012/03/08 11:15:03 | 000,000,220 | ---- | C] () -- C:\Users\Arlette\Documents\BARONNIE\Desktop\Raick Léon.vcf
[2012/03/08 11:15:03 | 000,000,217 | ---- | C] () -- C:\Users\Arlette\Documents\BARONNIE\Desktop\Léon Raick.vcf
[2012/03/08 11:15:03 | 000,000,184 | ---- | C] () -- C:\Users\Arlette\Documents\BARONNIE\Desktop\vignerons@beaumes-de-venise_com.vcf
[2012/03/08 11:15:03 | 000,000,178 | ---- | C] () -- C:\Users\Arlette\Documents\BARONNIE\Desktop\philippe-plantevin@wanadoo_fr.vcf
[2012/03/08 11:15:03 | 000,000,172 | ---- | C] () -- C:\Users\Arlette\Documents\BARONNIE\Desktop\michel_moeremans@telenet_be.vcf
[2012/03/08 11:15:03 | 000,000,169 | ---- | C] () -- C:\Users\Arlette\Documents\BARONNIE\Desktop\romain_corbin@lepreneuf_be.vcf
[2012/03/08 11:15:03 | 000,000,169 | ---- | C] () -- C:\Users\Arlette\Documents\BARONNIE\Desktop\gnikelma@techspace-aero_be.vcf
[2012/03/08 11:15:03 | 000,000,166 | ---- | C] () -- C:\Users\Arlette\Documents\BARONNIE\Desktop\jacques_wolfs@federale_be.vcf
[2012/03/08 11:15:03 | 000,000,166 | ---- | C] () -- C:\Users\Arlette\Documents\BARONNIE\Desktop\info@advisory_ryanair_com.vcf
[2012/03/08 11:15:03 | 000,000,163 | ---- | C] () -- C:\Users\Arlette\Documents\BARONNIE\Desktop\laurentespinasse@free_fr.vcf
[2012/03/08 11:15:03 | 000,000,160 | ---- | C] () -- C:\Users\Arlette\Documents\BARONNIE\Desktop\robert_romanelli@ing_be.vcf
[2012/03/08 11:15:03 | 000,000,157 | ---- | C] () -- C:\Users\Arlette\Documents\BARONNIE\Desktop\vandegaar@vandegaar_be.vcf
[2012/03/08 11:15:03 | 000,000,157 | ---- | C] () -- C:\Users\Arlette\Documents\BARONNIE\Desktop\benoit_nihon@gmail_com.vcf
[2012/03/08 11:15:03 | 000,000,151 | ---- | C] () -- C:\Users\Arlette\Documents\BARONNIE\Desktop\collishop@colruyt_be.vcf
[2012/03/08 11:15:03 | 000,000,144 | ---- | C] () -- C:\Users\Arlette\Documents\BARONNIE\Desktop\Marc LATOUR.vcf
[2012/03/08 11:15:03 | 000,000,144 | ---- | C] () -- C:\Users\Arlette\Documents\BARONNIE\Desktop\Jean-Claude Mardaga.vcf
[2012/03/08 11:15:03 | 000,000,139 | ---- | C] () -- C:\Users\Arlette\Documents\BARONNIE\Desktop\rondupont@voo_be.vcf
[2012/03/08 11:15:03 | 000,000,135 | ---- | C] () -- C:\Users\Arlette\Documents\BARONNIE\Desktop\PIRLOT Roger.vcf
[2012/03/08 11:15:03 | 000,000,114 | ---- | C] () -- C:\Users\Arlette\Documents\BARONNIE\Desktop\FIFI.vcf
[2012/03/08 11:15:02 | 000,000,494 | ---- | C] () -- C:\Users\Arlette\Documents\BARONNIE\Desktop\Stéphanie et Jacques KANEKO.vcf
[2012/03/08 11:15:02 | 000,000,157 | ---- | C] () -- C:\Users\Arlette\Documents\BARONNIE\Desktop\ayanadelhaes@gmail_com.vcf
[2012/03/08 11:15:02 | 000,000,154 | ---- | C] () -- C:\Users\Arlette\Documents\BARONNIE\Desktop\Alain Grandjean.vcf
[2012/03/08 11:15:02 | 000,000,151 | ---- | C] () -- C:\Users\Arlette\Documents\BARONNIE\Desktop\emilestraeten@voo_be.vcf
[2012/03/08 11:15:02 | 000,000,145 | ---- | C] () -- C:\Users\Arlette\Documents\BARONNIE\Desktop\Philipe Thimister.vcf
[2012/03/08 11:15:02 | 000,000,144 | ---- | C] () -- C:\Users\Arlette\Documents\BARONNIE\Desktop\Xavier Crutzen.vcf
[2012/03/08 11:15:02 | 000,000,142 | ---- | C] () -- C:\Users\Arlette\Documents\BARONNIE\Desktop\auweray@yahoo_com.vcf
[2012/03/08 11:15:02 | 000,000,141 | ---- | C] () -- C:\Users\Arlette\Documents\BARONNIE\Desktop\Goldenhorse Luc.vcf
[2012/03/08 11:15:02 | 000,000,139 | ---- | C] () -- C:\Users\Arlette\Documents\BARONNIE\Desktop\PATRICE ANDRE.vcf
[2012/03/08 11:15:02 | 000,000,137 | ---- | C] () -- C:\Users\Arlette\Documents\BARONNIE\Desktop\GERARD GRANGER.vcf
[2012/03/08 11:15:02 | 000,000,126 | ---- | C] () -- C:\Users\Arlette\Documents\BARONNIE\Desktop\JF Wolfs.vcf
[2012/03/08 11:15:02 | 000,000,124 | ---- | C] () -- C:\Users\Arlette\Documents\BARONNIE\Desktop\MIGUEL.vcf
[2012/03/08 11:15:02 | 000,000,123 | ---- | C] () -- C:\Users\Arlette\Documents\BARONNIE\Desktop\Mimi.vcf
[2012/03/08 11:15:02 | 000,000,100 | ---- | C] () -- C:\Users\Arlette\Documents\BARONNIE\Desktop\Pierrot Beauprez.vcf
[2012/01/10 21:29:54 | 013,904,384 | ---- | C] () -- C:\Windows\SysWow64\ig4icd32.dll
[2011/06/09 17:38:46 | 001,036,288 | ---- | C] () -- C:\Windows\SysWow64\lxdudrs.dll
[2011/06/09 17:38:46 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\lxducaps
A voir également:

7 réponses

Réponse 1 / 7
Malekal_morte- Messages postés 180304 Date d'inscription mercredi 17 mai 2006 Statut Modérateur, Contributeur sécurité Dernière intervention 15 décembre 2020 24 628
29 mars 2012 à 17:55
Salut,

Rapport incomplet.
Envoie le rapport sur http://pjjoint.malekal.com
Donne le lien du rapport ici.
0
Réponse 2 / 7
febryce Messages postés 31 Date d'inscription samedi 16 avril 2005 Statut Membre Dernière intervention 5 mai 2019 3
29 mars 2012 à 18:13
Salut

Rapport OTL: https://pjjoint.malekal.com/files.php?id=20120329_t9t5x9b11x12

Rapport EXTRA: https://pjjoint.malekal.com/files.php?id=20120329_y9r14b12u8j11

Merci à toi!
0
Réponse 3 / 7
Malekal_morte- Messages postés 180304 Date d'inscription mercredi 17 mai 2006 Statut Modérateur, Contributeur sécurité Dernière intervention 15 décembre 2020 24 628
29 mars 2012 à 18:29
Relance OTL.
o sous Personnalisation (Custom Scan), copie_colle le contenu du cadre ci dessous (bien prendre :OTL en début).
Clic Correction (Fix), un rapport apparraitra, copie/colle le contenu ici:

:OTL
[2012/03/29 16:49:56 | 000,000,320 | ---- | M] () -- C:\Windows\tasks\ljnqwtdxf.job
[2012/03/18 21:33:26 | 000,126,976 | RHS- | M] () -- C:\Windows\SysWow64\logagent9.dll

* redemarre le pc sous windows et poste le rapport ici


0
Réponse 4 / 7
febryce Messages postés 31 Date d'inscription samedi 16 avril 2005 Statut Membre Dernière intervention 5 mai 2019 3
29 mars 2012 à 18:30
Voila:

========== OTL ==========
C:\Windows\Tasks\ljnqwtdxf.job moved successfully.
C:\Windows\SysWOW64\logagent9.dll moved successfully.

OTL by OldTimer - Version 3.2.39.2 log created on 03292012_183021



Je redémarre !
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 7
febryce Messages postés 31 Date d'inscription samedi 16 avril 2005 Statut Membre Dernière intervention 5 mai 2019 3
29 mars 2012 à 18:34
Super j'ai plus de soucis !



Un tout grand merci à toi !!
0
Réponse 6 / 7
Malekal_morte- Messages postés 180304 Date d'inscription mercredi 17 mai 2006 Statut Modérateur, Contributeur sécurité Dernière intervention 15 décembre 2020 24 628
29 mars 2012 à 18:34
Maintiens tes logiciels à jour c'est important, utilise ce programme : /faq/13362-mettre-a-jour-son-pc-contre-les-failles-de-securite
Absolument à faire.


Des logiciels non à jour possèdent des vulnérabilités qui permettent l'infection de ton PC par la simple visite d'un site hacké.

Les antivirus ne font pas tout en ce qui concerne la sécurité de ta machine (mettre à jour ses logiciels etc etc)
La meilleur protection reste de connaître les infections pour pouvoir les éviter et avoir de bonne habitude.
Donc faut se documenter.

Si tu utilises Avast! ou AVG - regle le pour détecter les LPIs - voir : https://www.malekal.com/adwares-pup-protection/

Un peu de lecture pour éviter les infections :
- connaitre et éviter les infections : https://www.malekal.com/fichiers/projetantimalwares/ProjetAntiMalware-courte.pdf
- sécuriser son PC : http://forum.malekal.com/comment-securiser-son-ordinateur.html et https://www.commentcamarche.net/faq/8934-securisation-de-son-pc
- Si tu utilises Avast! ou AVG, pense à activer les détections PUPs/LPIs : https://www.commentcamarche.net/faq/32913-avast-et-avg-activer-la-detection-des-pups-lpis
- lire : http://www.commentcamarche.net/faq/27128-malwares-quels-enjeux-version-synthese

Ce qu'il ne faut pas faire :
Je télécharge n'importe quoi - je m'infecte - evite les programmes par publicités ou sur les liens commerciaux des moteurs de recherche - ce sont des arnaques ::
Les PUPs/LPIs : https://www.malekal.com/adwares-pup-protection/
Exemple de ce qu'il ne faut pas faire :
https://forums.commentcamarche.net/forum/affich-19719198-onglets-pub-intempestifs#14
https://forums.commentcamarche.net/forum/affich-18347759-le-nouveau-avast-sonne-trop-souvent#9
Je télécharge depuis n'importe où - je m'infecte : https://forums.commentcamarche.net/forum/affich-19916973-clickpotato-vlc-virus#6
Recommandations sur la sécurité : https://forums.commentcamarche.net/forum/affich-18680013-windows-7-et-antispyware#1

Fonctionnement de quelques catégories de malwares :
https://forums.commentcamarche.net/forum/affich-17725521-virus-programme-troyen
https://forums.commentcamarche.net/forum/affich-17746390-concernant-la-propagation-des-virus

Si tu as des questions sur le fonctionement des malwares.
N'hésite pas.
0
Réponse 7 / 7
febryce Messages postés 31 Date d'inscription samedi 16 avril 2005 Statut Membre Dernière intervention 5 mai 2019 3
29 mars 2012 à 18:39
Merci pour ce petit cours :) !
0

Discussions similaires

'Votre colis est dans le site de livraison qui dessert votre adresse' que faire
relakztek82 -
Unemeuf -

25 réponses
Colis en cours de transport vers votre site de livraison ?
Ninan_5568 -
senda -

8 réponses
Prélèvement Google Ireland Limited
jaffa1961 -
gill34051 -

32 réponses