Bonjour a tous.
Je viens ici vous demandez de l'aide car j'ai un très gros problème avec mon pc (window xp).
En effet un soir je l'utilisai normalement puis l'éteins pour me coucher, le lendemain je voulais le rallumer mais au moin 10 min pour afficher la page window xp pour rentrer le mot de passe de ma session.
Par la suite, le mdp passé 20 min pour afficher mon bureau sans même avoir la barre de tache. je ne comprend vraiment pas comment cela c'est produit et suis désemparé devant ce problème.
Autre détail : je ne peux même pas allez sur internet ou autre application/logiciel que ce soit, j'ai voulu regarder mon gestionnaire de taches ctrl+alt+supr mais sans espoir rien de particulier. Mon poste de travail est impossible a ouvrir.
Merci d'avoir lu ce post et espère des réponses.
Il y a actuellement 289 visiteurs
Vendredi 26 Avril 2024
       |
[Urgent]Pc qui bloque
Règles du forum
Pour afficher un rapport d'analyse ou un rapport d'infection (HijackThis, OTL, AdwCleaner etc...), veuillez utiliser le système de fichiers joints interne au forum. Seuls les formats les .txt et .log de moins de 1Mo sont acceptés. Pour obtenir de l'aide pour insérer vos fichiers joints, veuillez consulter ce tutoriel
Pour afficher un rapport d'analyse ou un rapport d'infection (HijackThis, OTL, AdwCleaner etc...), veuillez utiliser le système de fichiers joints interne au forum. Seuls les formats les .txt et .log de moins de 1Mo sont acceptés. Pour obtenir de l'aide pour insérer vos fichiers joints, veuillez consulter ce tutoriel
28 messages
• Page 1 sur 2 • 1, 2
Re: [Urgent]Pc qui bloque
le 26 Mai 2011 19:52
Salut,
As-tu essayé de démarrer ton pc en mode sans échec?
Sinon, tu fais F8 après que le bios ait passé, tu choisis démarrer en mode sans échec.
As-tu essayé de démarrer ton pc en mode sans échec?
Sinon, tu fais F8 après que le bios ait passé, tu choisis démarrer en mode sans échec.
-
etienne2000 - PC-Infopraticien
- Messages: 2158
- Inscription: 14 Avr 2006 18:39
- Localisation: 4E 65 75 63 68 E2 74 65 6C 2F 53 75 69 73 73 65
Re: [Urgent]Pc qui bloque
le 26 Mai 2011 21:27
Oui j'ai essayé le mode sans échec mais quand j'appuie sur F8 ça me met que 2 choix avec des nom bizarre, bref j'ai testé les 2 choix mais aucun des 2 ne ressemble au mode sans echec.
et bios ?
et bios ?
- Florent69
- Visiteur Confirmé
- Messages: 17
- Inscription: 26 Mai 2011 18:21
Re: [Urgent]Pc qui bloque
le 29 Mai 2011 08:34
Oui et je suis totalement désemparé... rien ne marche, le mode sans echec n'arrive pas a se lancer quand j'essai avec executer cela me met que je n'est pas les droit admin alors qu'il n'y a que ma session. J'ai voulu défragmenter mon disque C: mais quand je clik sur defrag ou analyse rien ne se passe.
Merci de bien vouloir m'aider, bonne journée
Merci de bien vouloir m'aider, bonne journée
- Florent69
- Visiteur Confirmé
- Messages: 17
- Inscription: 26 Mai 2011 18:21
Re: [Urgent]Pc qui bloque
le 29 Mai 2011 20:06
Yep!
Je peux t'aider mais à partir de maintenant il va te falloir suivre mes directives à la lettre.
Cela va te parraître compliqué mais prends le temps de bien lire la procédure ci-dessous et tu y arriveras.
Voici ce que tu dois faire :
Depuis un PC sain (celui que tu utilises actuellement) tu vas créer un CD de commandes et l'utiliser sur le PC malade.
Insère un CD (ou un DVD) vierge dans ton graveur...si une fenêtre s'ouvre te demandant ce que tu veux faire, ferme cette fenêtre.
Lorsque le CD est prêt, récupère le et mets le dans le lecteur CD\DVD du PC malade.
Si ton pc ne boot pas automatiquement sur le CD, consulte ce lien : http://forum.malekal.com/booter-sur-dvd-t9447.html
Je peux t'aider mais à partir de maintenant il va te falloir suivre mes directives à la lettre.
Cela va te parraître compliqué mais prends le temps de bien lire la procédure ci-dessous et tu y arriveras.
Voici ce que tu dois faire :
Depuis un PC sain (celui que tu utilises actuellement) tu vas créer un CD de commandes et l'utiliser sur le PC malade.
Insère un CD (ou un DVD) vierge dans ton graveur...si une fenêtre s'ouvre te demandant ce que tu veux faire, ferme cette fenêtre.
- Télécharge OTLPENet.iso sur ton Bureau.
- Insère un CD vierge dans ton graveur, si une fenêtre s'ouvre te demandant ce que tu veux faire, ferme cette fenêtre.
- Fais un double-clic sur l'icône d'OTLPENet.iso et suis les instructions pour graver le CD\DVD automatiquement.
Lorsque le CD est prêt, récupère le et mets le dans le lecteur CD\DVD du PC malade.
- Démarre le PC malade.
Si ton pc ne boot pas automatiquement sur le CD, consulte ce lien : http://forum.malekal.com/booter-sur-dvd-t9447.html
- Une fois le CD lancé Windows se charge (patiente 15 à 20 minutes) tu arriveras sur le Bureau REATOGO-X-PE.
- Double clique sur OTLPE
- Une fenêtre s'ouvre : Do you wish to load the remote registry ; Clique sur YES.
- Ensuite tu obtiendras une nouvelle fenêtre : Do you wish to load remote user profile(s) for scanning ; Clique sur YES.
- Sélectionne ta session.
- Veille à ce que la case "Automatically Load All Remaining Users" soit cochée et clique sur "OK".
- OTL se lancera et tu arriveras sur cette fenêtre :
- Utilise une clé usb pour sauver le contenu du cadre ci dessous dans un fichier bloc notes , afin de le retrouver facilement et de le coller ensuite dans la fenêtre " Custom Scans/Fixes".
NetSvcs
%systemroot%\system32\drivers\*.sys /lockedfiles
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%SYSTEMDRIVE%\*.exe
netsvcs
%SYSTEMDRIVE%\*.exe
/md5start
explorer.exe
userinit.exe
winlogon.exe
tcpip.sys
Sfloppy.sys
Changer.sys
cdrom.sys
disk.sys
ndis.sys
usbscan.sys
usbprint.sys
tdtcp.sys
tdpipe.sys
swmidi.sys
splitter.sys
rdpwd.sys
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
sceclt.dll
ntelogon.dll
logevent.dll
RASACD.SYS
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
nvrd32.sys
/md5stop
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
- Cliques Run Scan pour démarrer le scan.
- Une fois terminé , le fichier se trouve là C:\OTL.txt <--
- Copie\colle le sur ta clef USB et poste son contenu dans ta prochaine réponse.
-
danakil - Expert(e)
- Messages: 1363
- Inscription: 16 Juil 2009 09:47
Re: [Urgent]Pc qui bloque
le 30 Mai 2011 18:19
Salut, dans un premier temps je tien a te remercier de prendre la peine de m'aider j'apprécie vraiment.
Sinon j'ai suivi a la lettre tes explications et le rapport est le suivant (c'est long):
OTL logfile created on: 5/30/2011 8:09:49 PM - Run
OTLPE by OldTimer - Version 3.1.46.0 Folder = X:\Programs\OTLPE
Microsoft Windows XP Service Pack 3 (Version = 5.1.2600) - Type = SYSTEM
Internet Explorer (Version = 6.0.2900.5512)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy
3.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 92.00% Memory free
3.00 Gb Paging File | 3.00 Gb Available in Paging File | 98.00% Paging File free
Paging file location(s): E:\pagefile.sys 0 0 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 463.87 Gb Total Space | 389.88 Gb Free Space | 84.05% Space Free | Partition Type: NTFS
Drive H: | 467.64 Gb Total Space | 464.06 Gb Free Space | 99.23% Space Free | Partition Type: NTFS
Drive I: | 3.79 Gb Total Space | 3.10 Gb Free Space | 81.73% Space Free | Partition Type: FAT32
Drive X: | 436.59 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet001
========== Win32 Services (SafeList) ==========
SRV - File not found [On_Demand] -- -- (AppMgmt)
SRV - [2011/05/18 02:19:19 | 003,275,864 | ---- | M] () [Auto] -- C:\Program Files\Fichiers communs\Akamai\netsession_win_8832f4b.dll -- (Akamai)
SRV - [2011/03/29 11:13:15 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand] -- C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2011/03/28 09:41:12 | 001,242,504 | ---- | M] (LogMeIn Inc.) [Auto] -- C:\Program Files\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)
SRV - [2010/12/16 12:03:08 | 000,008,192 | ---- | M] () [Auto] -- C:\WINDOWS\BackupIP\service.exe -- (sdmBackupIP)
SRV - [2010/07/04 13:07:40 | 000,238,952 | ---- | M] (Teruten) [Auto] -- C:\WINDOWS\system32\FsUsbExService.Exe -- (FsUsbExService)
SRV - [2010/06/24 02:19:50 | 000,109,056 | ---- | M] () [Auto] -- C:\Program Files\ASUS\AsSysCtrlService\1.00.05\AsSysCtrlService.exe -- (AsSysCtrlService)
SRV - [2010/02/25 20:21:50 | 000,126,392 | R--- | M] (Symantec Corporation) [Auto] -- C:\Program Files\Norton Internet Security\Engine\17.8.0.5\ccSvcHst.exe -- (NIS)
SRV - [2010/01/15 08:49:20 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand] -- C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService)
SRV - [2009/10/26 08:16:00 | 000,223,464 | ---- | M] (DeviceVM, Inc.) [Auto] -- C:\Program Files\DeviceVM\Browser Configuration Utility\BCUService.exe -- (BCUService)
SRV - [2009/07/17 10:25:02 | 000,319,488 | ---- | M] (DeviceVM, Inc.) [Auto] -- C:\ASUS.SYS\config\DVMExportService.exe -- (DvmMDES)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand] -- -- (WDICA)
DRV - File not found [Kernel | Boot] -- -- (szkgfs)
DRV - File not found [Kernel | Boot] -- -- (szkg5)
DRV - File not found [Kernel | On_Demand] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand] -- -- (PDCOMP)
DRV - File not found [Kernel | System] -- -- (PCIDump)
DRV - File not found [Kernel | System] -- -- (lbrtfdc)
DRV - File not found [Kernel | Boot] -- -- (is3srv)
DRV - File not found [Kernel | System] -- -- (i2omgmt)
DRV - File not found [Kernel | On_Demand] -- -- (esgiguard)
DRV - File not found [Kernel | System] -- -- (Changer)
DRV - [2011/02/25 17:59:12 | 000,800,376 | ---- | M] (Symantec Corporation) [Kernel | System] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.5.0.127\Definitions\BASHDefs\20110309.001\BHDrvx86.sys -- (BHDrvx86)
DRV - [2010/12/18 03:50:15 | 001,360,760 | ---- | M] (Symantec Corporation) [Kernel | On_Demand] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.5.0.127\Definitions\VirusDefs\20110317.036\NAVEX15.SYS -- (NAVEX15)
DRV - [2010/12/18 03:50:15 | 000,086,008 | ---- | M] (Symantec Corporation) [Kernel | On_Demand] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.5.0.127\Definitions\VirusDefs\20110317.036\NAVENG.SYS -- (NAVENG)
DRV - [2010/12/17 14:33:33 | 000,371,248 | ---- | M] (Symantec Corporation) [Kernel | System] -- C:\Program Files\Fichiers communs\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2010/12/17 14:33:33 | 000,102,448 | ---- | M] (Symantec Corporation) [Kernel | On_Demand] -- C:\Program Files\Fichiers communs\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2010/12/17 14:15:37 | 000,124,976 | ---- | M] (Symantec Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2010/11/30 20:03:34 | 000,341,944 | ---- | M] (Symantec Corporation) [Kernel | On_Demand] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.5.0.127\Definitions\IPSDefs\20110317.002\IDSXpx86.sys -- (IDSxpx86)
DRV - [2010/09/28 22:23:40 | 005,425,152 | -H-- | M] (ATI Technologies Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2010/08/19 06:41:58 | 000,101,904 | RH-- | M] (ATI Technologies, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\AtihdXP3.sys -- (AtiHDAudioService)
DRV - [2010/06/14 03:32:54 | 000,036,608 | ---- | M] () [Kernel | On_Demand] -- C:\WINDOWS\system32\FsUsbExDisk.Sys -- (FsUsbExDisk)
DRV - [2010/05/06 00:01:59 | 000,361,904 | ---- | M] (Symantec Corporation) [Kernel | System] -- C:\WINDOWS\System32\Drivers\NIS\1108000.005\SYMTDI.SYS -- (SYMTDI)
DRV - [2010/04/29 01:03:51 | 000,116,784 | ---- | M] (Symantec Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\NIS\1108000.005\Ironx86.SYS -- (SymIRON)
DRV - [2010/04/26 22:25:20 | 000,132,424 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\sscdmdm.sys -- (sscdmdm)
DRV - [2010/04/26 22:25:20 | 000,104,648 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\sscdbus.sys -- (sscdbus) SAMSUNG USB Composite Device driver (WDM)
DRV - [2010/04/26 22:25:20 | 000,014,920 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\sscdmdfl.sys -- (sscdmdfl)
DRV - [2010/04/21 23:02:20 | 000,173,104 | ---- | M] (Symantec Corporation) [File_System | Boot] -- C:\WINDOWS\system32\drivers\NIS\1108000.005\symefa.sys -- (SymEFA)
DRV - [2010/04/21 22:29:50 | 000,325,680 | ---- | M] (Symantec Corporation) [File_System | On_Demand] -- C:\WINDOWS\System32\Drivers\NIS\1108000.005\SRTSP.SYS -- (SRTSP)
DRV - [2010/04/21 22:29:50 | 000,043,696 | ---- | M] (Symantec Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\NIS\1108000.005\SRTSPX.SYS -- (SRTSPX) Symantec Real Time Storage Protection (PEL)
DRV - [2010/02/25 20:22:57 | 000,501,888 | ---- | M] (Symantec Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\NIS\1108000.005\ccHPx86.sys -- (ccHP)
DRV - [2010/02/03 10:56:56 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\hamachi.sys -- (hamachi)
DRV - [2009/10/18 21:56:10 | 000,099,440 | RH-- | M] (JMicron Technology Corp.) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\jraid.sys -- (JRAID)
DRV - [2009/10/14 23:50:05 | 000,328,752 | R--- | M] (Symantec Corporation) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\NIS\1108000.005\symds.sys -- (SymDS)
DRV - [2009/09/17 07:00:30 | 001,399,680 | RH-- | M] (VIA Technologies, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\viahduaa.sys -- (VIAHdAudAddService)
DRV - [2009/08/03 22:28:18 | 000,011,296 | RH-- | M] () [Kernel | System] -- C:\WINDOWS\system32\drivers\AsIO.sys -- (AsIO)
DRV - [2009/06/05 03:16:32 | 000,142,336 | RH-- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp)
DRV - [2008/04/14 07:00:00 | 000,053,376 | -H-- | M] () [Kernel | Boot] -- C:\WINDOWS\System32\drivers\volsnap.sys -- (VolSnap)
DRV - [2006/07/24 10:05:00 | 000,005,632 | -H-- | M] () [File_System | System] -- C:\WINDOWS\System32\drivers\StarOpen.sys -- (StarOpen)
DRV - [2004/08/12 22:56:20 | 000,005,810 | RH-- | M] () [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ASACPI.sys -- (MTsensor)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com
IE - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.searchqu.com/sidebar.html?src=ssb&sysid=406
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\Administrateur_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\NetworkService_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\user_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.searchqu.com/406
IE - HKU\user_ON_C\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.searchqu.com/sidebar.html?src=ssb&sysid=406
IE - HKU\user_ON_C\..\URLSearchHook: {BC86E1AB-EDA5-4059-938F-CE307B0C6F0A} - C:\Program Files\DeviceVM\Browser Configuration Utility\AddressBarSearch.dll (DeviceVM, Inc.)
IE - HKU\user_ON_C\..\URLSearchHook: {EEE6C35D-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll (SweetIM Technologies Ltd.)
IE - HKU\user_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.sweetim.com/search.asp?src=2&q="
FF - prefs.js..browser.search.order.1: "Web Search"
FF - prefs.js..browser.search.selectedEngine: "Web Search"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.google.com/webhp?hl=fr"
FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:5.0.0.6906
FF - prefs.js..extensions.enabledItems: anycolor.pavlos256@gmail.com:0.3.3
FF - prefs.js..extensions.enabledItems: toolbar@ask.com:3.11.3.15590
FF - prefs.js..extensions.enabledItems: {2D3F3651-74B9-4795-BDEC-6DA2F431CB62}:4.6
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:2.1.3.20100310105313
FF - prefs.js..extensions.enabledItems: offerboxffx@offerbox.com:2.1.3304.104
FF - prefs.js..extensions.enabledItems: {8A9386B4-E958-4c4c-ADF4-8F26DB3E4829}:2.1.0
FF - prefs.js..extensions.enabledItems: {1266764D-FC4F-4FA7-B63B-884D53B1680F}:3.6.5
FF - prefs.js..extensions.enabledItems: vinceturk@gmail.com:2.7.0.803
FF - prefs.js..extensions.enabledItems: {D9ADB0A8-7BFB-498D-9880-EE78A81CCFA0}:1.0
FF - prefs.js..extensions.enabledItems: ClickPotatoLite@ClickPotatoLite.com:10.0.659.0
FF - prefs.js..extensions.enabledItems: {EEE6C361-6118-11DC-9C72-001320C79847}:1.1.0.2
FF - prefs.js..extensions.enabledItems: widestream6@spointer.com:3.4.1545.153
FF - prefs.js..sweetim.toolbar.previous.browser.search.defaultenginename: "Ask.com"
FF - prefs.js..sweetim.toolbar.previous.browser.search.selectedEngine: "Ask.com"
FF - prefs.js..browser.startup.homepage: "http://www.google.com/webhp?hl=fr"
FF - HKLM\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.5.0.127\IPSFFPlgn\ [2010/12/19 12:08:39 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.5.0.127\coFFPlgn\ [2010/12/17 14:15:45 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\offerboxffx@offerbox.com: C:\Program Files\OfferBox\offerboxffx@offerbox.com [2010/12/29 19:53:33 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\ShopperReports@ShopperReports.com: C:\Program Files\ShopperReports3\bin\3.1.22.0\firefox\firefoxtoolbar\extensions [2011/01/30 11:46:00 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\ClickPotatoLite@ClickPotatoLite.com: C:\Program Files\ClickPotatoLite\bin\10.0.659.0\firefox\extensions [2011/01/30 11:46:06 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\widestream6@spointer.com: C:\Program Files\Widestream6\spointer\extensions\widestream6@spointer.com [2011/02/01 15:35:39 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/05/06 07:33:06 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/05/06 07:33:06 | 000,000,000 | ---D | M]
[2011/05/14 02:33:59 | 000,000,000 | -H-D | M] (No name found) -- C:\Documents and Settings\user\Application Data\Mozilla\Extensions
[2011/02/05 06:35:59 | 000,000,000 | -H-D | M] (No name found) -- C:\Documents and Settings\user\Application Data\Mozilla\Extensions\mozswing@mozswing.org
[2011/05/14 02:37:18 | 000,000,000 | -H-D | M] (No name found) -- C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\g3bcftbs.default\extensions
[2010/12/22 09:32:20 | 000,000,000 | -H-D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\g3bcftbs.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011/03/07 15:29:00 | 000,000,000 | -H-D | M] (Yahoo! Toolbar) -- C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\g3bcftbs.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2010/12/17 14:21:31 | 000,000,000 | -H-D | M] (AnyColor) -- C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\g3bcftbs.default\extensions\anycolor.pavlos256@gmail.com
[2011/05/06 07:34:13 | 000,002,333 | ---- | M] () -- C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\g3bcftbs.default\searchplugins\askcom-1.xml
[2011/04/21 14:54:23 | 000,002,396 | -H-- | M] () -- C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\g3bcftbs.default\searchplugins\askcom.xml
[2011/03/23 08:24:21 | 000,005,529 | ---- | M] () -- C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\g3bcftbs.default\searchplugins\SearchquWebSearch.xml
[2011/02/01 15:35:07 | 000,003,915 | -H-- | M] () -- C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\g3bcftbs.default\searchplugins\sweetim.xml
[2011/05/14 02:33:59 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010/12/17 14:52:50 | 000,000,000 | ---D | M] (Skype extension) -- C:\Program Files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
[2011/01/30 11:46:15 | 000,000,000 | ---D | M] (QuestBrowse) -- C:\Program Files\Mozilla Firefox\extensions\{D9ADB0A8-7BFB-498D-9880-EE78A81CCFA0}
File not found (No name found) --
() (No name found) -- C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\G3BCFTBS.DEFAULT\EXTENSIONS\{EEE6C361-6118-11DC-9C72-001320C79847}.XPI
[2010/12/29 19:53:30 | 000,000,000 | -H-D | M] (Freeze.com NetAssistant) -- C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\NETASSISTANT
[2011/01/30 11:46:06 | 000,000,000 | ---D | M] (ClickPotatoLite Component) -- C:\PROGRAM FILES\CLICKPOTATOLITE\BIN\10.0.659.0\FIREFOX\EXTENSIONS
[2010/12/17 14:49:34 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2010/12/29 19:53:21 | 000,000,000 | ---D | M] (PriceGong) -- C:\PROGRAM FILES\PRICEGONG\2.1.0\FF
[2011/05/06 07:32:44 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\browsercomps.dll
[2011/05/06 07:32:56 | 000,001,516 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazon-france.xml
[2011/05/06 07:32:56 | 000,002,252 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\bing.xml
[2011/05/06 07:32:56 | 000,001,822 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\cnrtl-tlfi-fr.xml
[2011/05/06 07:32:56 | 000,001,154 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-france.xml
[2011/03/23 08:24:21 | 000,005,529 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\SearchquWebSearch.xml
[2011/05/06 07:32:56 | 000,001,426 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-fr.xml
[2011/05/06 07:32:56 | 000,000,956 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-france.xml
O1 HOSTS File: ([2011/04/22 12:33:03 | 000,000,804 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (PriceGongBHO Class) - {1631550F-191D-4826-B069-D9439253D926} - C:\Program Files\PriceGong\2.1.0\PriceGongIE.dll (PriceGong)
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (Interest recogniser for Widestream6 (powered by Spointer)) - {2BEFBCCE-46A6-4950-BCB5-7062EAC6C9C9} - C:\Program Files\Widestream6\spointer\extensions\widestream6_air_ie.dll (Widestream6)
O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\17.8.0.5\coieplg.dll (Symantec Corporation)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\17.8.0.5\ipsbho.dll (Symantec Corporation)
O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (SweetIM Toolbar Helper) - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O2 - BHO: (OfferBox) - {FC0D62C2-9640-4AEB-A5D5-CF25DF11FA8C} - C:\Program Files\OfferBox\OfferBoxBHO.dll (Secure Digital Services Limited)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\17.8.0.5\coieplg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (SweetIM Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKU\user_ON_C\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\17.8.0.5\coieplg.dll (Symantec Corporation)
O3 - HKU\user_ON_C\..\Toolbar\WebBrowser: (SweetIM Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O4 - HKLM..\Run: [Adobe ARM] C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [BCU] C:\Program Files\DeviceVM\Browser Configuration Utility\BCU.exe (DeviceVM, Inc.)
O4 - HKLM..\Run: [installer] C:\Program Files\Installer\lnetworker.exe ()
O4 - HKLM..\Run: [JMB36X IDE Setup] C:\WINDOWS\RaidTool\xInsIDE.exe ()
O4 - HKLM..\Run: [NPSStartup] File not found
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [SweetIM] C:\Program Files\SweetIM\Messenger\SweetIM.exe (SweetIM Technologies Ltd.)
O4 - HKU\NetworkService_ON_C..\Run: [5Z3U4G4I5X6G3F7JXBZOJQSGFEOCE] C:\newdnswatch\newdnswatch.exe ()
O4 - HKU\user_ON_C..\Run: [5Z3U4G4I5X6G3F7JXBZOJQSGFEOCE] C:\newdnswatch\newdnswatch.exe ()
O4 - HKU\user_ON_C..\Run: [AutoStartNPSAgent] C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe (Samsung Electronics Co., Ltd.)
O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Launch Whitesmoke Translator.lnk = C:\Program Files\Whitesmoke Translator\WSTrayDictMode.exe ()
O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\LOLRecorder.lnk = C:\Program Files\LOLReplay\LOLRecorder.exe ()
O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe (McAfee, Inc.)
O4 - Startup: C:\Documents and Settings\user\Menu Démarrer\Programmes\Démarrage\OpenOffice.org 3.3.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\control panel present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Recovery present
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\restrictions present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 149
O7 - HKU\Administrateur_ON_C\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKU\Administrateur_ON_C\Software\Policies\Microsoft\Internet Explorer\Recovery present
O7 - HKU\Administrateur_ON_C\Software\Policies\Microsoft\Internet Explorer\restrictions present
O7 - HKU\Administrateur_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\LocalService_ON_C\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKU\LocalService_ON_C\Software\Policies\Microsoft\Internet Explorer\Recovery present
O7 - HKU\LocalService_ON_C\Software\Policies\Microsoft\Internet Explorer\restrictions present
O7 - HKU\LocalService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 149
O7 - HKU\NetworkService_ON_C\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKU\NetworkService_ON_C\Software\Policies\Microsoft\Internet Explorer\Recovery present
O7 - HKU\NetworkService_ON_C\Software\Policies\Microsoft\Internet Explorer\restrictions present
O7 - HKU\NetworkService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 149
O7 - HKU\systemprofile_ON_C\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKU\systemprofile_ON_C\Software\Policies\Microsoft\Internet Explorer\Recovery present
O7 - HKU\systemprofile_ON_C\Software\Policies\Microsoft\Internet Explorer\restrictions present
O7 - HKU\user_ON_C\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKU\user_ON_C\Software\Policies\Microsoft\Internet Explorer\Recovery present
O7 - HKU\user_ON_C\Software\Policies\Microsoft\Internet Explorer\restrictions present
O7 - HKU\user_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 149
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_18)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Fichiers communs\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\Antiwpa: DllName - antiwpa.dll - C:\WINDOWS\System32\antiwpa.dll ()
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O20 - Winlogon\Notify\TPSvc: DllName - TPSvc.dll - File not found
O24 - Desktop Components:0 (Ma page d'accueil) - About:Home
O24 - Desktop WallPaper: B:\Documents and Settings\Default User\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: B:\Documents and Settings\Default User\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010/12/01 10:39:33 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2006/03/24 07:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
NetSvcs: 6to4 - File not found
NetSvcs: AppMgmt - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found
MsConfig - State: "system.ini" - 0
MsConfig - State: "win.ini" - 0
MsConfig - State: "bootini" - 2
MsConfig - State: "services" - 0
MsConfig - State: "startup" - 0
SafeBootMin: AppMgmt - File not found
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: sermouse.sys - Driver
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vga.sys - Driver
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: AppMgmt - File not found
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: Hamachi2Svc - C:\Program Files\LogMeIn Hamachi\hamachi-2.exe (LogMeIn Inc.)
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: sermouse.sys - Driver
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vga.sys - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
ActiveX: {0398B33C-67BD-B404-4FF9-76190C9AAC06} - Java (Sun)
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Rendu VML (Vector Graphics Rendering)
ActiveX: {19FC50E0-180A-DE85-C891-200EC073587E} - DirectAnimation
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4
ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Liaison de données Dynamic HTML pour Java
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Logiciel de navigation hors connexion
ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe
ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Création avancée
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Aide sur Internet Explorer
ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - Classes Java DirectAnimation
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.7
ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser
ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Outils d'installation Internet Explorer
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Améliorations pour la navigation
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - Accès au site MSN
ActiveX: {7131646D-CD3C-40F4-97B9-CD9E4E6262EF} - .NET Framework
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - %SystemRoot%\system32\ie4uinit.exe
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Liaison de données Dynamic HTML
ActiveX: {ACC563BC-4266-43f0-B6ED-9D38C4202C7E} -
ActiveX: {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} - .NET Framework
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Polices de base Internet Explorer
ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Planificateur de tâches
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - Aide HTML
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigIE
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: vidc.tscc - C:\WINDOWS\System32\tsccvid.dll (TechSmith Corporation)
NetSvcs: 6to4 - File not found
NetSvcs: AppMgmt - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found
========== Files/Folders - Created Within 30 Days ==========
[2011/05/28 08:01:42 | 000,000,000 | R--D | C] -- C:\Documents and Settings\user\Menu Démarrer\Programmes\Outils d'administration
[2011/05/26 14:37:44 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\user\Recent
[2011/05/24 13:32:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Google
[2011/05/24 13:29:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\CCleaner
[2011/05/24 13:28:58 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2011/05/24 13:28:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Google Chrome
[2011/05/24 13:28:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Google
[2011/05/24 13:27:41 | 000,000,000 | ---D | C] -- C:\Program Files\Google
[2011/05/24 13:27:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Local Settings\Application Data\Google
[2011/05/24 06:26:27 | 000,404,640 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2011/05/22 06:38:55 | 000,527,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_7.dll
[2011/05/22 06:38:55 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_5.dll
[2011/05/22 06:38:54 | 000,239,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_7.dll
[2011/05/22 06:38:53 | 002,106,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_43.dll
[2011/05/22 06:38:52 | 001,868,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dcsx_43.dll
[2011/05/22 06:38:52 | 000,248,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx11_43.dll
[2011/05/22 06:38:51 | 000,470,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_43.dll
[2011/05/22 06:38:50 | 001,998,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_43.dll
[2011/05/22 06:38:49 | 000,528,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_6.dll
[2011/05/22 06:38:49 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_4.dll
[2011/05/22 06:38:47 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_6.dll
[2011/05/22 06:38:47 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_7.dll
[2011/05/22 06:38:45 | 000,515,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_5.dll
[2011/05/22 06:38:45 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_5.dll
[2011/05/22 06:38:44 | 001,974,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_42.dll
[2011/05/22 06:38:43 | 005,501,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dcsx_42.dll
[2011/05/22 06:38:42 | 000,235,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx11_42.dll
[2011/05/22 06:38:41 | 001,892,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_42.dll
[2011/05/22 06:38:41 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_42.dll
[2011/05/22 06:38:39 | 001,846,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_41.dll
[2011/05/22 06:38:39 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_41.dll
[2011/05/22 06:38:38 | 004,178,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_41.dll
[2011/05/22 06:38:37 | 000,517,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_4.dll
[2011/05/22 06:38:37 | 000,235,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_4.dll
[2011/05/22 06:38:37 | 000,069,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_3.dll
[2011/05/22 06:38:36 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_6.dll
[2011/05/22 06:38:35 | 002,036,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_40.dll
[2011/05/22 06:38:35 | 000,452,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_40.dll
[2011/05/22 06:38:34 | 004,379,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_40.dll
[2011/05/22 06:38:33 | 000,514,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_3.dll
[2011/05/22 06:38:33 | 000,070,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_2.dll
[2011/05/22 06:38:32 | 000,235,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_3.dll
[2011/05/22 06:38:32 | 000,023,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_5.dll
[2011/05/22 06:38:31 | 000,507,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_1.dll
[2011/05/22 06:38:31 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_2.dll
[2011/05/22 06:38:31 | 000,065,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_0.dll
[2011/05/22 06:38:30 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_1.dll
[2011/05/22 06:38:29 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_4.dll
[2011/05/22 06:38:28 | 003,850,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_38.dll
[2011/05/22 06:38:28 | 001,491,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_38.dll
[2011/05/22 06:38:28 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_38.dll
[2011/05/22 06:38:27 | 000,479,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_0.dll
[2011/05/22 06:38:26 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_0.dll
[2011/05/22 06:38:25 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_3.dll
[2011/05/22 06:38:23 | 001,420,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_37.dll
[2011/05/22 06:38:23 | 000,462,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_37.dll
[2011/05/22 06:38:22 | 003,786,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_37.dll
[2011/05/22 06:38:22 | 000,267,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_10.dll
[2011/05/22 06:38:21 | 001,374,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_36.dll
[2011/05/22 06:38:21 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_36.dll
[2011/05/22 06:38:20 | 003,734,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_36.dll
[2011/05/22 06:38:19 | 001,358,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_35.dll
[2011/05/22 06:38:19 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_35.dll
[2011/05/22 06:38:19 | 000,267,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_9.dll
[2011/05/22 06:38:18 | 003,727,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_35.dll
[2011/05/22 06:38:17 | 000,266,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_8.dll
[2011/05/22 06:38:17 | 000,017,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_2.dll
[2011/05/22 06:38:16 | 001,124,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_34.dll
[2011/05/22 06:38:16 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_34.dll
[2011/05/22 06:38:15 | 003,497,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_34.dll
[2011/05/22 06:38:15 | 000,081,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xinput1_3.dll
[2011/05/22 06:38:11 | 000,261,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_7.dll
[2011/05/22 06:38:10 | 001,123,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_33.dll
[2011/05/22 06:38:10 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_33.dll
[2011/05/22 06:38:07 | 003,495,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_33.dll
[2011/05/22 06:38:06 | 000,255,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_6.dll
[2011/05/22 06:38:04 | 003,426,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_32.dll
[2011/05/22 06:38:04 | 000,251,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_5.dll
[2011/05/22 06:38:03 | 000,237,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_4.dll
[2011/05/22 06:38:02 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_31.dll
[2011/05/22 06:38:02 | 000,015,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\x3daudio1_1.dll
[2011/05/22 06:38:01 | 000,236,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_3.dll
[2011/05/22 06:38:00 | 000,062,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xinput1_2.dll
[2011/05/22 06:37:59 | 000,230,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_2.dll
[2011/05/22 06:37:58 | 000,062,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xinput1_1.dll
[2011/05/22 06:37:56 | 000,229,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_1.dll
[2011/05/22 06:37:51 | 002,388,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_30.dll
[2011/05/22 06:37:50 | 000,230,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_0.dll
[2011/05/22 06:37:50 | 000,014,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\x3daudio1_0.dll
[2011/05/22 06:37:49 | 002,332,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_29.dll
[2011/05/22 06:37:49 | 002,323,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_28.dll
[2011/05/22 06:37:49 | 000,061,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xinput9_1_0.dll
[2011/05/22 06:37:47 | 002,319,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_27.dll
[2011/05/22 06:37:46 | 002,337,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_25.dll
[2011/05/22 06:37:46 | 002,297,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_26.dll
[2011/05/22 06:37:44 | 002,222,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_24.dll
[2011/05/22 06:33:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Application Data\RIFT
[2011/05/22 06:33:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\RIFT
[2011/05/22 06:33:24 | 000,000,000 | ---D | C] -- C:\Program Files\RIFT Game
[2011/05/20 07:07:39 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\NetworkService\SendTo
[2011/05/20 07:07:38 | 000,000,000 | R--D | C] -- C:\Documents and Settings\NetworkService\Menu Démarrer\Programmes\Accessoires
[2011/05/20 07:07:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Identities
[2011/05/20 07:07:31 | 000,000,000 | R--D | C] -- C:\Documents and Settings\NetworkService\Mes documents\Mes images
[2011/05/20 07:07:31 | 000,000,000 | R--D | C] -- C:\Documents and Settings\NetworkService\Mes documents
[2011/05/20 07:07:31 | 000,000,000 | R--D | C] -- C:\Documents and Settings\NetworkService\Mes documents\Ma musique
[2011/05/20 07:07:31 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\NetworkService\Voisinage réseau
[2011/05/20 07:07:30 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\NetworkService\Recent
[2011/05/20 07:07:30 | 000,000,000 | R--D | C] -- C:\Documents and Settings\NetworkService\Favoris
[2011/05/20 07:07:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Menu Démarrer
[2011/05/20 07:07:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Menu Démarrer\Programmes\Démarrage
[2011/05/20 07:07:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Bureau
[2011/05/16 12:58:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\Minidump
[2011/05/13 16:42:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Local Settings\Application Data\Ilivid Player
[2011/05/13 16:40:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Local Settings\Application Data\PackageAware
[2011/05/02 15:43:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Local Settings\Application Data\Identities
[2011/05/02 14:45:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Menu Démarrer\Programmes\StarCraft II
[2011/05/02 14:28:31 | 000,000,000 | ---D | C] -- C:\Program Files\StarCraft II
[2011/05/02 14:28:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\StarCraft II
[5 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2011/05/29 07:46:38 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/05/29 05:11:55 | 000,002,278 | -H-- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/05/24 15:55:22 | 000,000,177 | -H-- | M] () -- C:\dvmexp.idx
[2011/05/24 15:32:00 | 000,001,050 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011/05/24 13:32:01 | 000,001,046 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011/05/24 13:29:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\CCleaner
[2011/05/24 13:29:00 | 000,000,682 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\CCleaner.lnk
[2011/05/24 13:28:56 | 000,001,813 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Google Chrome.lnk
[2011/05/24 13:28:56 | 000,001,791 | ---- | M] () -- C:\Documents and Settings\user\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2011/05/24 13:28:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Google Chrome
[2011/05/24 06:26:27 | 000,404,640 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2011/05/23 12:52:49 | 000,002,265 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Skype.lnk
[2011/05/22 06:36:50 | 000,001,594 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Jouer à RIFT.lnk
[2011/05/22 06:33:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\RIFT
[2011/05/20 07:07:40 | 000,000,779 | ---- | M] () -- C:\Documents and Settings\NetworkService\Application Data\Microsoft\Internet Explorer\Quick Launch\Démarrer Internet Explorer.lnk
[2011/05/20 07:07:39 | 000,000,079 | ---- | M] () -- C:\Documents and Settings\NetworkService\Application Data\Microsoft\Internet Explorer\Quick Launch\Bureau.scf
[2011/05/18 07:21:50 | 000,027,648 | -H-- | M] () -- C:\Documents and Settings\user\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/05/14 02:34:11 | 000,000,248 | ---- | M] () -- C:\WINDOWS\System32\drivers\kgpcpy.cfg
[2011/05/06 07:33:09 | 000,000,730 | ---- | M] () -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Mozilla Firefox.lnk
[2011/05/06 04:01:41 | 000,001,630 | ---- | M] () -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\LOLRecorder.lnk
[2011/05/06 04:01:40 | 000,001,564 | ---- | M] () -- C:\Documents and Settings\user\Bureau\LOL Recorder.lnk
[2011/05/02 15:47:10 | 000,880,708 | ---- | M] () -- C:\Documents and Settings\user\Bureau\abstract-wallpaper-backgrounds-iaym.jpg
[2011/05/02 15:44:13 | 000,267,999 | ---- | M] () -- C:\Documents and Settings\user\Bureau\fond-d-ecran-du-film-robin-des-bois-avec-russell-crowe-1280x800.jpg
[2011/05/02 14:44:43 | 000,000,774 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\StarCraft II.lnk
[2011/05/02 14:44:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\StarCraft II
[2011/05/02 07:19:47 | 000,058,337 | ---- | M] () -- C:\Documents and Settings\user\Bureau\TEST 6-02.jpg
[2011/05/02 07:18:55 | 002,509,696 | ---- | M] () -- C:\Documents and Settings\user\Bureau\TEST 6-02.psd
[5 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
========== Files Created - No Company Name ==========
[2011/05/24 13:29:00 | 000,000,682 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\CCleaner.lnk
[2011/05/24 13:28:56 | 000,001,791 | ---- | C] () -- C:\Documents and Settings\user\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2011/05/24 13:28:54 | 000,001,813 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Google Chrome.lnk
[2011/05/24 13:27:52 | 000,001,050 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011/05/24 13:27:51 | 000,001,046 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011/05/22 06:36:50 | 000,001,594 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Jouer à RIFT.lnk
[2011/05/20 07:07:39 | 000,000,079 | ---- | C] () -- C:\Documents and Settings\NetworkService\Application Data\Microsoft\Internet Explorer\Quick Launch\Bureau.scf
[2011/05/20 07:07:38 | 000,000,788 | ---- | C] () -- C:\Documents and Settings\NetworkService\Menu Démarrer\Programmes\Windows Media Player.lnk
[2011/05/20 07:07:36 | 000,000,738 | ---- | C] () -- C:\Documents and Settings\NetworkService\Menu Démarrer\Programmes\Outlook Express.lnk
[2011/05/20 07:07:34 | 000,000,767 | ---- | C] () -- C:\Documents and Settings\NetworkService\Menu Démarrer\Programmes\Internet Explorer.lnk
[2011/05/20 07:07:33 | 000,000,779 | ---- | C] () -- C:\Documents and Settings\NetworkService\Application Data\Microsoft\Internet Explorer\Quick Launch\Démarrer Internet Explorer.lnk
[2011/05/14 02:34:11 | 000,000,248 | ---- | C] () -- C:\WINDOWS\System32\drivers\kgpcpy.cfg
[2011/05/06 07:33:09 | 000,000,730 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Mozilla Firefox.lnk
[2011/05/02 15:47:09 | 000,880,708 | ---- | C] () -- C:\Documents and Settings\user\Bureau\abstract-wallpaper-backgrounds-iaym.jpg
[2011/05/02 15:44:12 | 000,267,999 | ---- | C] () -- C:\Documents and Settings\user\Bureau\fond-d-ecran-du-film-robin-des-bois-avec-russell-crowe-1280x800.jpg
[2011/05/02 14:28:31 | 000,000,774 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\StarCraft II.lnk
[2011/05/02 07:19:44 | 000,058,337 | ---- | C] () -- C:\Documents and Settings\user\Bureau\TEST 6-02.jpg
[2011/05/02 07:18:53 | 002,509,696 | ---- | C] () -- C:\Documents and Settings\user\Bureau\TEST 6-02.psd
[2011/04/27 11:04:03 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\FsUsbExDevice.Dll
[2011/04/27 11:04:03 | 000,036,608 | ---- | C] () -- C:\WINDOWS\System32\FsUsbExDisk.Sys
[2011/04/27 11:03:55 | 000,002,528 | ---- | C] () -- C:\Documents and Settings\user\Application Data\$_hpcst$.hpc
[2011/04/22 10:01:06 | 000,000,176 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\~17358644
[2011/04/22 10:01:06 | 000,000,152 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\~17358644r
[2011/04/22 10:01:05 | 000,000,344 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\17358644
[2011/04/22 10:01:03 | 000,487,424 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\17358644.exe
[2011/04/20 10:30:31 | 000,025,248 | ---- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2011/04/17 03:59:21 | 000,000,000 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\LauncherAccess.dt
[2011/04/17 03:57:11 | 000,005,632 | -H-- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys
[2011/01/16 11:17:13 | 000,000,056 | ---- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2010/12/30 16:53:43 | 000,060,416 | ---- | C] () -- C:\WINDOWS\System32\antiwpa.dll
[2010/12/29 19:32:12 | 000,011,264 | ---- | C] () -- C:\WINDOWS\System32\Utils.dll
[2010/12/17 19:09:09 | 000,027,648 | -H-- | C] () -- C:\Documents and Settings\user\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/12/17 14:19:49 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2010/12/02 04:37:10 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ativpsrm.bin
[2010/12/02 04:37:06 | 000,887,724 | ---- | C] () -- C:\WINDOWS\System32\ativva6x.dat
[2010/12/02 04:37:06 | 000,224,342 | ---- | C] () -- C:\WINDOWS\System32\atiicdxx.dat
[2010/12/02 04:37:06 | 000,000,003 | ---- | C] () -- C:\WINDOWS\System32\ativva5x.dat
[2010/12/02 04:19:34 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\AsIO.dll
[2010/12/02 04:19:34 | 000,011,296 | RH-- | C] () -- C:\WINDOWS\System32\drivers\AsIO.sys
[2010/12/02 04:18:04 | 000,073,728 | ---- | C] () -- C:\WINDOWS\System32\RtNicProp32.dll
[2010/12/02 04:14:06 | 000,043,123 | -H-- | C] () -- C:\WINDOWS\Ascd_log.ini
[2010/12/02 04:13:45 | 000,005,810 | RH-- | C] () -- C:\WINDOWS\System32\drivers\ASACPI.sys
[2010/12/02 04:13:41 | 000,001,769 | -H-- | C] () -- C:\WINDOWS\Language_trs.ini
[2010/12/02 04:13:38 | 000,029,650 | -H-- | C] () -- C:\WINDOWS\Ascd_tmp.ini
[2010/12/02 04:13:38 | 000,010,296 | -H-- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS
[2010/12/01 11:29:45 | 000,004,205 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2010/12/01 11:28:47 | 002,051,480 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/12/01 10:40:35 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2010/12/01 10:37:29 | 000,021,892 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2008/12/01 13:32:32 | 000,362,029 | ---- | C] () -- C:\WINDOWS\System32\sqlite3.dll
[2008/04/14 07:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2008/04/14 07:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2008/04/14 07:00:00 | 000,501,696 | ---- | C] () -- C:\WINDOWS\System32\perfh00C.dat
[2008/04/14 07:00:00 | 000,432,936 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2008/04/14 07:00:00 | 000,322,810 | ---- | C] () -- C:\WINDOWS\System32\perfi00C.dat
[2008/04/14 07:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2008/04/14 07:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2008/04/14 07:00:00 | 000,081,136 | ---- | C] () -- C:\WINDOWS\System32\perfc00C.dat
[2008/04/14 07:00:00 | 000,067,700 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2008/04/14 07:00:00 | 000,053,376 | -H-- | C] () -- C:\WINDOWS\System32\drivers\volsnap.sys
[2008/04/14 07:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2008/04/14 07:00:00 | 000,034,108 | ---- | C] () -- C:\WINDOWS\System32\perfd00C.dat
[2008/04/14 07:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2008/04/14 07:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2008/04/14 07:00:00 | 000,004,461 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2008/04/14 07:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin
[2008/04/14 07:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
========== LOP Check ==========
[2011/03/30 12:26:59 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\user\Application Data\.minecraft
[2011/04/22 17:53:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\Audacity
[2011/01/30 11:46:05 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\user\Application Data\ClickPotatoLite
[2011/02/06 04:48:40 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\user\Application Data\LimeWire
[2010/12/22 09:34:58 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\user\Application Data\LolClient
[2011/05/24 13:36:55 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\user\Application Data\Mumble
[2010/12/29 19:53:30 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\user\Application Data\NetAssistant
[2011/05/18 06:27:52 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\user\Application Data\OfferBox
[2011/04/06 11:37:40 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\user\Application Data\OpenOffice.org
[2011/03/28 15:59:33 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\user\Application Data\pokerth
[2011/05/24 13:37:55 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\user\Application Data\PriceGong
[2011/05/22 08:44:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\RIFT
[2011/04/27 11:03:33 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\user\Application Data\Samsung
[2011/02/07 13:21:38 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\user\Application Data\ShopperReports3
[2011/05/26 13:54:15 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\user\Application Data\TS3Client
[2011/02/19 04:58:48 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\user\Application Data\WhiteSmokeTranslator
[2011/02/01 15:35:53 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\user\Application Data\widestream
[2011/01/30 11:46:06 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\2ACA5CC3-0F83-453D-A079-1076FE1A8B65
[2010/12/02 04:31:56 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\ASUS OC Profiles
[2011/02/08 07:18:16 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\ClickPotatoLiteSA
[2010/12/02 04:31:56 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\EPU
[2011/05/24 14:08:55 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\PMB Files
[2011/02/03 03:55:46 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\QuestBrwSearch
[2011/04/27 11:04:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Samsung
[2011/05/14 02:41:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\STOPzilla!
[2011/02/01 15:35:22 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\SweetIM
[2011/03/29 15:43:18 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\TechSmith
========== Purity Check ==========
========== Custom Scans ==========
< %systemroot%\system32\drivers\*.sys /lockedfiles >
Invalid Environment Variable: %ALLUSERSPROFILE%\Application Data\*.
Invalid Environment Variable: %ALLUSERSPROFILE%\Application Data\*.exe
Invalid Environment Variable: %APPDATA%\*.
Invalid Environment Variable: %APPDATA%\*.exe
< %SYSTEMDRIVE%\*.exe >
< %SYSTEMDRIVE%\*.exe >
< MD5 for: AGP440.SYS >
[2008/04/14 07:00:00 | 020,102,028 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
< MD5 for: ATAPI.SYS >
[2008/04/14 07:00:00 | 020,102,028 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008/04/13 06:40:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\dllcache\atapi.sys
[2008/04/13 06:40:32 | 000,096,512 | -H-- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2008/04/14 07:00:00 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\ReinstallBackups\0008\DriverFiles\i386\atapi.sys
[2008/04/13 06:40:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\ReinstallBackups\0009\DriverFiles\i386\atapi.sys
< MD5 for: CDROM.SYS >
[2008/04/14 07:00:00 | 020,102,028 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2008/04/14 07:00:00 | 000,062,976 | -H-- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys
< MD5 for: CHANGER.SYS >
[2008/04/14 07:00:00 | 020,102,028 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:Changer.sys
< MD5 for: DISK.SYS >
[2008/04/14 07:00:00 | 020,102,028 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:disk.sys
[2008/04/14 07:00:00 | 000,036,352 | -H-- | M] (Microsoft Corporation) MD5=044452051F3E02E7963599FC8F4F3E25 -- C:\WINDOWS\system32\drivers\disk.sys
< MD5 for: EVENTLOG.DLL >
[2008/04/14 07:00:00 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=4EC800BDF80521B0207BD2301DFC7D14 -- C:\WINDOWS\system32\dllcache\eventlog.dll
[2008/04/14 07:00:00 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=4EC800BDF80521B0207BD2301DFC7D14 -- C:\WINDOWS\system32\eventlog.dll
< MD5 for: EXPLORER.EXE >
[2008/04/14 07:00:00 | 001,037,824 | ---- | M] (Microsoft Corporation) MD5=F2317622D29F9FF0F88AEECD5F60F0DD -- C:\WINDOWS\explorer.exe
[2008/04/14 07:00:00 | 001,037,824 | ---- | M] (Microsoft Corporation) MD5=F2317622D29F9FF0F88AEECD5F60F0DD -- C:\WINDOWS\system32\dllcache\explorer.exe
< MD5 for: NDIS.SYS >
[2008/04/14 07:00:00 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\dllcache\ndis.sys
[2008/04/14 07:00:00 | 000,182,656 | -H-- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys
< MD5 for: NETLOGON.DLL >
[2008/04/14 07:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=04821179C3171554C1BD1F9888A113E2 -- C:\WINDOWS\system32\dllcache\netlogon.dll
[2008/04/14 07:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=04821179C3171554C1BD1F9888A113E2 -- C:\WINDOWS\system32\netlogon.dll
< MD5 for: RASACD.SYS >
[2008/04/14 07:00:00 | 000,008,832 | ---- | M] (Microsoft Corporation) MD5=FE0D99D6F31E4FAD8159F690D68DED9C -- C:\WINDOWS\system32\dllcache\rasacd.sys
[2008/04/14 07:00:00 | 000,008,832 | -H-- | M] (Microsoft Corporation) MD5=FE0D99D6F31E4FAD8159F690D68DED9C -- C:\WINDOWS\system32\drivers\rasacd.sys
< MD5 for: RDPWD.SYS >
[2008/04/14 07:00:00 | 000,139,656 | ---- | M] (Microsoft Corporation) MD5=6728E45B66F93C08F11DE2E316FC70DD -- C:\WINDOWS\system32\dllcache\rdpwd.sys
[2008/04/14 07:00:00 | 000,139,656 | -H-- | M] (Microsoft Corporation) MD5=6728E45B66F93C08F11DE2E316FC70DD -- C:\WINDOWS\system32\drivers\rdpwd.sys
< MD5 for: SCECLI.DLL >
[2008/04/14 07:00:00 | 000,187,392 | ---- | M] (Microsoft Corporation) MD5=973B36634C544948C663E8269AA1B3A3 -- C:\WINDOWS\system32\dllcache\scecli.dll
[2008/04/14 07:00:00 | 000,187,392 | ---- | M] (Microsoft Corporation) MD5=973B36634C544948C663E8269AA1B3A3 -- C:\WINDOWS\system32\scecli.dll
< MD5 for: SFLOPPY.SYS >
[2008/04/14 07:00:00 | 020,102,028 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:Sfloppy.sys
[2008/04/14 07:00:00 | 000,011,392 | -H-- | M] (Microsoft Corporation) MD5=8E6B8C671615D126FDC553D1E2DE5562 -- C:\WINDOWS\system32\drivers\sfloppy.sys
< MD5 for: SPLITTER.SYS >
[2008/04/14 07:00:00 | 020,102,028 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:splitter.sys
[2008/04/13 06:45:08 | 000,006,272 | ---- | M] (Microsoft Corporation) MD5=AB8B92451ECB048A4D1DE7C3FFCB4A9F -- C:\WINDOWS\system32\dllcache\splitter.sys
[2008/04/13 06:45:08 | 000,006,272 | -H-- | M] (Microsoft Corporation) MD5=AB8B92451ECB048A4D1DE7C3FFCB4A9F -- C:\WINDOWS\system32\drivers\splitter.sys
< MD5 for: SWMIDI.SYS >
[2008/04/14 07:00:00 | 020,102,028 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:swmidi.sys
[2008/04/13 06:45:10 | 000,056,576 | ---- | M] (Microsoft Corporation) MD5=8CE882BCC6CF8A62F2B2323D95CB3D01 -- C:\WINDOWS\system32\dllcache\swmidi.sys
[2008/04/13 06:45:10 | 000,056,576 | -H-- | M] (Microsoft Corporation) MD5=8CE882BCC6CF8A62F2B2323D95CB3D01 -- C:\WINDOWS\system32\drivers\swmidi.sys
< MD5 for: TCPIP.SYS >
[2008/04/14 07:00:00 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\$NtUninstallKB951748$\tcpip.sys
[2008/06/20 07:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\dllcache\tcpip.sys
[2008/06/20 07:51:12 | 000,361,600 | -H-- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\drivers\tcpip.sys
[2008/06/20 07:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB2509553\SP3QFE\tcpip.sys
[2008/06/20 07:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip.sys
< MD5 for: TDPIPE.SYS >
[2008/04/14 07:00:00 | 000,012,040 | ---- | M] (Microsoft Corporation) MD5=6471A66807F5E104E4885F5B67349397 -- C:\WINDOWS\system32\dllcache\tdpipe.sys
[2008/04/14 07:00:00 | 000,012,040 | -H-- | M] (Microsoft Corporation) MD5=6471A66807F5E104E4885F5B67349397 -- C:\WINDOWS\system32\drivers\tdpipe.sys
< MD5 for: TDTCP.SYS >
[2008/04/14 07:00:00 | 000,021,896 | ---- | M] (Microsoft Corporation) MD5=C56B6D0402371CF3700EB322EF3AAF61 -- C:\WINDOWS\system32\dllcache\tdtcp.sys
[2008/04/14 07:00:00 | 000,021,896 | -H-- | M] (Microsoft Corporation) MD5=C56B6D0402371CF3700EB322EF3AAF61 -- C:\WINDOWS\system32\drivers\tdtcp.sys
< MD5 for: USBPRINT.SYS >
[2008/04/14 07:00:00 | 020,102,028 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:usbprint.sys
< MD5 for: USBSCAN.SYS >
[2008/04/14 07:00:00 | 020,102,028 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:usbscan.sys
[2008/04/13 06:45:36 | 000,015,104 | ---- | M] (Microsoft Corporation) MD5=A0B8CF9DEB1184FBDD20784A58FA75D4 -- C:\WINDOWS\system32\dllcache\usbscan.sys
[2008/04/13 06:45:36 | 000,015,104 | -H-- | M] (Microsoft Corporation) MD5=A0B8CF9DEB1184FBDD20784A58FA75D4 -- C:\WINDOWS\system32\drivers\usbscan.sys
< MD5 for: USERINIT.EXE >
[2008/04/14 07:00:00 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=E74DDB12188C2FF57A78624DBF7332FC -- C:\WINDOWS\system32\dllcache\userinit.exe
[2008/04/14 07:00:00 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=E74DDB12188C2FF57A78624DBF7332FC -- C:\WINDOWS\system32\userinit.exe
[color=#A23B瑺䭞䄼䵗剏䍎煋嚀吵佡汐媁筲潷潫捧属遻婬䡗幎䱟佊䙌呇䕌乓啌奙慣䡖呇䙆㵁䅈䀺䱉䕇䭄摖噠南坙剐慙楫潩占当䡒幓歩恚䡝䌿婋敪䅏住䝈偈噖敠䭞橍敹䑃䵈捓偩䥆䭉䙁乑䡌呈卜㩇䰾䥑䑆䈽幓九归塙扡屖彠彠婙浟幯啗佑之䍍䐽㱄ⰴ㬰㥃〱⬬〰ㄭ〴㴷佀穭扨単偙䕃䕋䍂䡇乄䭔偌塓乙䡌㵅偈䑐㠶伽㙕〰䄺卄呣䱉卌南䙉恐剐摚婥䕏㜾䐶协乞㹀䡆幋屠剗彔婞敤坟灥佨㤺䔿㹀㼹䱍㭃㰻佄剑摜筳湩讋恹䥎䙉䥌ㄼ〯㐲ⴲ䈱䍇䉅㸻㸼㭀㴷䅅ㄻ‖ℙᔢᘖᔕဒဒऋ夺ᬙ⌙Ḥ᨞ᨗᤖⴞ⬳嘫⍍ᴤᘘἚᨖ“ᬢ䌫⩊ᜡᐓᔖ脻Ḳᘗ᜕ᨙᘖᐒ᠖ᐗሒᜒ᠗ጙᄑᄐሓጔጒᘘఋഏఊሏᐒ༔ဍဒഐऊଊଋఋᔑ㠢ᘦሑฑဎထ༏ᐑᘗᘗᔖᄔ᠓⌜ᠣᬙᴟḟ㤨ᨧᤜᬘᴝᰜ℠⨧ᐘ┛ᤡጙሒᘓጒḘ⠩ഗഌ༑ሐဏᄏᘔᨗᬙ⼣ᘝ㠟⠷☱ᨚ☗⌳ጔထᜒ☘ᔱḔἣᰛᘖ᠖ጟဌᤗᔓጓᤗᤕ”ᨛⰥḠ⤧␣┢‥ᴙᔛᔖḗᠠᐙᨘᤜሑᨕℝ㜪圾屰㜴㐻⸳┦⠧Ἔㄞᰥᬥᴝḟ∝朲뷒⭖⌦⠨•㌙≆“댪ᭃᤡᔙᤙᨙ㌤ḭᬞℜ㐥┟䙁〳ᴪ†⨢⤱氯扢㌹㬿扇䤹㽄呔䭂㱃䜷歖銒炀給㩦㴷䩌㸸杏佖奊呙㱉㤹ꜷ㌽ぎ㠲鑀菏㙁昿覒乳㠹㩀牠偨ⰱ㸯ἷ☥㌭桄兪⌧㠮☴ᬚ⬢戺☻㜷坋ᬲ☭⼰椪宓斥ℬ∡✥㌬䔴⹊Ⱝℝㄨ㔮䔾㽚㝇䅁䀭噑㑈㔯匽⠺䌭剏㽅䭏坒䅄兑存⥈朳ㅖㄴ⤵⌡㸰ᨢ⸣㐯䀵㡃䑩㐶⬴✩먩䙽㹗㈶㸵䤽䅄덞呼摹扑㹎㈱㰴䍏⬵䐽㼹㡀ㄹ䨡侅䰷㡊㌱㴼ⰵㄭ䴻恖潝均䉷„✢商⤪⸴㼺‥⬤㜶∰㘑ሯᘊᐥ⌒⩩㴣㑒⌕⨦ᰰḚἚ␢㐪協⠲䀶䅒䌰㔻㸴橛腥啢㹽㴷㰼䑇䬾㵞┩㰬㝁㨷⤭✬刺䕔䨾敠㕅穜費㹂酞敻㹈㨹㘷∣㠧乢䤵䙅䡚뉙冗䁂䀽㰼䵃啚偌佚㹊伶你慔恔恦孕籪钙肟偡䄿㭊㘩㜺㐻┡⨮䀭蝛箔晪偡削슙敲噙南瑙ꖍ抈偋婒捴鶃佭婂㽐䭅签꒐붹鶯涊屬葞鞧꺡螐芈瑲衽鎃敺䑍剆躈ꂽ啡扜兣䥆㹆㴹塇楞呩䀾〷䜺䵉㽓㜱䐷䭓佋兓䱃契䭛㽇䈿佈乒䬿坞䩓㌻䕄㨽㼸㩂䠺湢ⱌ⼩㤲䝁䀽䕃啌捔兞低䱐䉅慃兗契兓䕎䄾婒捛硫蒀疁桱幝坣体摌鞄蒖卫㬿啑卌奜坡䉇呅獩穳葾橱慭穰晰敟湥捳協絰晶嵚偐幡祥窂潭楲橮橩獾南幝筞辟摱偟桎穱剦橘摧橨摠筭禒浵嵚祫纈腽纆幨塛譖疲牧鍷隻蝱䙝䕄䝆祏咃䑈䍂㥄㰴㡀㐮䱈䝇乑乏䡌䍈䝄煗剠摉ꂏ屬䵗幒䑙屍䥞䐿剋坔䵑䜿䝋啑佗䕅呋捚煩健嵒畨扫晟彠塣塖噚桚婣좑敵鱰賊統恣灨潪赭絿龛梇剪慢噘䙀汣桮晣孬恎ꚍ捼彡婍灨祺齽榻浡腩皏潱躂坝捪嵕煵婩卐奔孞佒剒偏䭉晐鮛癯祹敪塟摞単葩噶䱑杤浟睻桫癲呦䝐䍄쭱䎻腲坝籲的낌銾ꚉ璕ⵒ䔲㰹慌噤䙁㱆㐰〺簺㹛䭋䍂孍幟䡏䑈㘵孇坛偌婗䵊噟䵖兇乑㨹䵇偅啗㙉䀵䘾䡃兏嵖癖彵䱏噇桢婠坣䭊䙆㤽充㹛䨯坑䝒㭂㠻䐸久䡐汒幭䱘偋䝌噎削幞乗剋䁒畸晞晪扥䵑恟彟孜⹃㴷㹀㤿㴽〺伻穫坞桚敭屚楥履坔浩彠灪桨鲍潺呪幑散摝絲肬婆羇扔橩敻剔䵋婓煪剨剔乌幚季䭐幗佋乏镱䝠佁嵖畵汥皀籷筹摩潥粀卜䕑歚啨幒乖橘彭兖塗摘捫䝘䥋兏婒䡘䡂䭌䍈乄䩎半塛幟䥏啋恠筮幩歠剤恏楮嵘恚佘嵒捭啗䱍䱍坎癦桺兙浐犒䑅偏剏坖坓䅐䀾升単剑䩒㵄䭄乌久䁇噇佝婗奖幢䡌噑卓嵚捚䥖䝃䡑䝁㭈㨸㠹㘴䀺㹉✰⤦⤯㔬㠻䌽㱇敂兟㵊㰽克䝍佇䍐佁䝓恌扤䉏剈䍏䵂䥙㜿䌵㕆㐯䩁剎塕䥓佁䵝䱆奒幞恝奦㹎㤻伽慙䭚㩂䝀奎婛敛彤屘楧婝湪乞䉁兆㭋䤺啝㹋䌹偎䵐彔牤祥鎜恹䑐㤸幇䅒㘸䐽䡂䝅䝄㙄⼱䐲䵑㬽䙂㘽⌜┭ᰖᠤᬗᄕᄐऍⰔ—℧᨞ᐔᘓ⨝䤯᨞᨟Ἔᴜᤚ∛ᬠ䌬が᠖ᐘ舯ᔕᔖᔖဏᔑᔕᔓᐓ᜔ᄒᄑጒ༏ᄑᔓᔘပฌฐऊਈጎᄒฐ༎ฐᄎ
Sinon j'ai suivi a la lettre tes explications et le rapport est le suivant (c'est long):
OTL logfile created on: 5/30/2011 8:09:49 PM - Run
OTLPE by OldTimer - Version 3.1.46.0 Folder = X:\Programs\OTLPE
Microsoft Windows XP Service Pack 3 (Version = 5.1.2600) - Type = SYSTEM
Internet Explorer (Version = 6.0.2900.5512)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy
3.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 92.00% Memory free
3.00 Gb Paging File | 3.00 Gb Available in Paging File | 98.00% Paging File free
Paging file location(s): E:\pagefile.sys 0 0 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 463.87 Gb Total Space | 389.88 Gb Free Space | 84.05% Space Free | Partition Type: NTFS
Drive H: | 467.64 Gb Total Space | 464.06 Gb Free Space | 99.23% Space Free | Partition Type: NTFS
Drive I: | 3.79 Gb Total Space | 3.10 Gb Free Space | 81.73% Space Free | Partition Type: FAT32
Drive X: | 436.59 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet001
========== Win32 Services (SafeList) ==========
SRV - File not found [On_Demand] -- -- (AppMgmt)
SRV - [2011/05/18 02:19:19 | 003,275,864 | ---- | M] () [Auto] -- C:\Program Files\Fichiers communs\Akamai\netsession_win_8832f4b.dll -- (Akamai)
SRV - [2011/03/29 11:13:15 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand] -- C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2011/03/28 09:41:12 | 001,242,504 | ---- | M] (LogMeIn Inc.) [Auto] -- C:\Program Files\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)
SRV - [2010/12/16 12:03:08 | 000,008,192 | ---- | M] () [Auto] -- C:\WINDOWS\BackupIP\service.exe -- (sdmBackupIP)
SRV - [2010/07/04 13:07:40 | 000,238,952 | ---- | M] (Teruten) [Auto] -- C:\WINDOWS\system32\FsUsbExService.Exe -- (FsUsbExService)
SRV - [2010/06/24 02:19:50 | 000,109,056 | ---- | M] () [Auto] -- C:\Program Files\ASUS\AsSysCtrlService\1.00.05\AsSysCtrlService.exe -- (AsSysCtrlService)
SRV - [2010/02/25 20:21:50 | 000,126,392 | R--- | M] (Symantec Corporation) [Auto] -- C:\Program Files\Norton Internet Security\Engine\17.8.0.5\ccSvcHst.exe -- (NIS)
SRV - [2010/01/15 08:49:20 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand] -- C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService)
SRV - [2009/10/26 08:16:00 | 000,223,464 | ---- | M] (DeviceVM, Inc.) [Auto] -- C:\Program Files\DeviceVM\Browser Configuration Utility\BCUService.exe -- (BCUService)
SRV - [2009/07/17 10:25:02 | 000,319,488 | ---- | M] (DeviceVM, Inc.) [Auto] -- C:\ASUS.SYS\config\DVMExportService.exe -- (DvmMDES)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand] -- -- (WDICA)
DRV - File not found [Kernel | Boot] -- -- (szkgfs)
DRV - File not found [Kernel | Boot] -- -- (szkg5)
DRV - File not found [Kernel | On_Demand] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand] -- -- (PDCOMP)
DRV - File not found [Kernel | System] -- -- (PCIDump)
DRV - File not found [Kernel | System] -- -- (lbrtfdc)
DRV - File not found [Kernel | Boot] -- -- (is3srv)
DRV - File not found [Kernel | System] -- -- (i2omgmt)
DRV - File not found [Kernel | On_Demand] -- -- (esgiguard)
DRV - File not found [Kernel | System] -- -- (Changer)
DRV - [2011/02/25 17:59:12 | 000,800,376 | ---- | M] (Symantec Corporation) [Kernel | System] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.5.0.127\Definitions\BASHDefs\20110309.001\BHDrvx86.sys -- (BHDrvx86)
DRV - [2010/12/18 03:50:15 | 001,360,760 | ---- | M] (Symantec Corporation) [Kernel | On_Demand] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.5.0.127\Definitions\VirusDefs\20110317.036\NAVEX15.SYS -- (NAVEX15)
DRV - [2010/12/18 03:50:15 | 000,086,008 | ---- | M] (Symantec Corporation) [Kernel | On_Demand] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.5.0.127\Definitions\VirusDefs\20110317.036\NAVENG.SYS -- (NAVENG)
DRV - [2010/12/17 14:33:33 | 000,371,248 | ---- | M] (Symantec Corporation) [Kernel | System] -- C:\Program Files\Fichiers communs\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2010/12/17 14:33:33 | 000,102,448 | ---- | M] (Symantec Corporation) [Kernel | On_Demand] -- C:\Program Files\Fichiers communs\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2010/12/17 14:15:37 | 000,124,976 | ---- | M] (Symantec Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2010/11/30 20:03:34 | 000,341,944 | ---- | M] (Symantec Corporation) [Kernel | On_Demand] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.5.0.127\Definitions\IPSDefs\20110317.002\IDSXpx86.sys -- (IDSxpx86)
DRV - [2010/09/28 22:23:40 | 005,425,152 | -H-- | M] (ATI Technologies Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2010/08/19 06:41:58 | 000,101,904 | RH-- | M] (ATI Technologies, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\AtihdXP3.sys -- (AtiHDAudioService)
DRV - [2010/06/14 03:32:54 | 000,036,608 | ---- | M] () [Kernel | On_Demand] -- C:\WINDOWS\system32\FsUsbExDisk.Sys -- (FsUsbExDisk)
DRV - [2010/05/06 00:01:59 | 000,361,904 | ---- | M] (Symantec Corporation) [Kernel | System] -- C:\WINDOWS\System32\Drivers\NIS\1108000.005\SYMTDI.SYS -- (SYMTDI)
DRV - [2010/04/29 01:03:51 | 000,116,784 | ---- | M] (Symantec Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\NIS\1108000.005\Ironx86.SYS -- (SymIRON)
DRV - [2010/04/26 22:25:20 | 000,132,424 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\sscdmdm.sys -- (sscdmdm)
DRV - [2010/04/26 22:25:20 | 000,104,648 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\sscdbus.sys -- (sscdbus) SAMSUNG USB Composite Device driver (WDM)
DRV - [2010/04/26 22:25:20 | 000,014,920 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\sscdmdfl.sys -- (sscdmdfl)
DRV - [2010/04/21 23:02:20 | 000,173,104 | ---- | M] (Symantec Corporation) [File_System | Boot] -- C:\WINDOWS\system32\drivers\NIS\1108000.005\symefa.sys -- (SymEFA)
DRV - [2010/04/21 22:29:50 | 000,325,680 | ---- | M] (Symantec Corporation) [File_System | On_Demand] -- C:\WINDOWS\System32\Drivers\NIS\1108000.005\SRTSP.SYS -- (SRTSP)
DRV - [2010/04/21 22:29:50 | 000,043,696 | ---- | M] (Symantec Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\NIS\1108000.005\SRTSPX.SYS -- (SRTSPX) Symantec Real Time Storage Protection (PEL)
DRV - [2010/02/25 20:22:57 | 000,501,888 | ---- | M] (Symantec Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\NIS\1108000.005\ccHPx86.sys -- (ccHP)
DRV - [2010/02/03 10:56:56 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\hamachi.sys -- (hamachi)
DRV - [2009/10/18 21:56:10 | 000,099,440 | RH-- | M] (JMicron Technology Corp.) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\jraid.sys -- (JRAID)
DRV - [2009/10/14 23:50:05 | 000,328,752 | R--- | M] (Symantec Corporation) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\NIS\1108000.005\symds.sys -- (SymDS)
DRV - [2009/09/17 07:00:30 | 001,399,680 | RH-- | M] (VIA Technologies, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\viahduaa.sys -- (VIAHdAudAddService)
DRV - [2009/08/03 22:28:18 | 000,011,296 | RH-- | M] () [Kernel | System] -- C:\WINDOWS\system32\drivers\AsIO.sys -- (AsIO)
DRV - [2009/06/05 03:16:32 | 000,142,336 | RH-- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp)
DRV - [2008/04/14 07:00:00 | 000,053,376 | -H-- | M] () [Kernel | Boot] -- C:\WINDOWS\System32\drivers\volsnap.sys -- (VolSnap)
DRV - [2006/07/24 10:05:00 | 000,005,632 | -H-- | M] () [File_System | System] -- C:\WINDOWS\System32\drivers\StarOpen.sys -- (StarOpen)
DRV - [2004/08/12 22:56:20 | 000,005,810 | RH-- | M] () [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ASACPI.sys -- (MTsensor)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com
IE - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.searchqu.com/sidebar.html?src=ssb&sysid=406
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\Administrateur_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\NetworkService_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\user_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.searchqu.com/406
IE - HKU\user_ON_C\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.searchqu.com/sidebar.html?src=ssb&sysid=406
IE - HKU\user_ON_C\..\URLSearchHook: {BC86E1AB-EDA5-4059-938F-CE307B0C6F0A} - C:\Program Files\DeviceVM\Browser Configuration Utility\AddressBarSearch.dll (DeviceVM, Inc.)
IE - HKU\user_ON_C\..\URLSearchHook: {EEE6C35D-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll (SweetIM Technologies Ltd.)
IE - HKU\user_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.sweetim.com/search.asp?src=2&q="
FF - prefs.js..browser.search.order.1: "Web Search"
FF - prefs.js..browser.search.selectedEngine: "Web Search"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.google.com/webhp?hl=fr"
FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:5.0.0.6906
FF - prefs.js..extensions.enabledItems: anycolor.pavlos256@gmail.com:0.3.3
FF - prefs.js..extensions.enabledItems: toolbar@ask.com:3.11.3.15590
FF - prefs.js..extensions.enabledItems: {2D3F3651-74B9-4795-BDEC-6DA2F431CB62}:4.6
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:2.1.3.20100310105313
FF - prefs.js..extensions.enabledItems: offerboxffx@offerbox.com:2.1.3304.104
FF - prefs.js..extensions.enabledItems: {8A9386B4-E958-4c4c-ADF4-8F26DB3E4829}:2.1.0
FF - prefs.js..extensions.enabledItems: {1266764D-FC4F-4FA7-B63B-884D53B1680F}:3.6.5
FF - prefs.js..extensions.enabledItems: vinceturk@gmail.com:2.7.0.803
FF - prefs.js..extensions.enabledItems: {D9ADB0A8-7BFB-498D-9880-EE78A81CCFA0}:1.0
FF - prefs.js..extensions.enabledItems: ClickPotatoLite@ClickPotatoLite.com:10.0.659.0
FF - prefs.js..extensions.enabledItems: {EEE6C361-6118-11DC-9C72-001320C79847}:1.1.0.2
FF - prefs.js..extensions.enabledItems: widestream6@spointer.com:3.4.1545.153
FF - prefs.js..sweetim.toolbar.previous.browser.search.defaultenginename: "Ask.com"
FF - prefs.js..sweetim.toolbar.previous.browser.search.selectedEngine: "Ask.com"
FF - prefs.js..browser.startup.homepage: "http://www.google.com/webhp?hl=fr"
FF - HKLM\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.5.0.127\IPSFFPlgn\ [2010/12/19 12:08:39 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.5.0.127\coFFPlgn\ [2010/12/17 14:15:45 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\offerboxffx@offerbox.com: C:\Program Files\OfferBox\offerboxffx@offerbox.com [2010/12/29 19:53:33 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\ShopperReports@ShopperReports.com: C:\Program Files\ShopperReports3\bin\3.1.22.0\firefox\firefoxtoolbar\extensions [2011/01/30 11:46:00 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\ClickPotatoLite@ClickPotatoLite.com: C:\Program Files\ClickPotatoLite\bin\10.0.659.0\firefox\extensions [2011/01/30 11:46:06 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\widestream6@spointer.com: C:\Program Files\Widestream6\spointer\extensions\widestream6@spointer.com [2011/02/01 15:35:39 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/05/06 07:33:06 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/05/06 07:33:06 | 000,000,000 | ---D | M]
[2011/05/14 02:33:59 | 000,000,000 | -H-D | M] (No name found) -- C:\Documents and Settings\user\Application Data\Mozilla\Extensions
[2011/02/05 06:35:59 | 000,000,000 | -H-D | M] (No name found) -- C:\Documents and Settings\user\Application Data\Mozilla\Extensions\mozswing@mozswing.org
[2011/05/14 02:37:18 | 000,000,000 | -H-D | M] (No name found) -- C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\g3bcftbs.default\extensions
[2010/12/22 09:32:20 | 000,000,000 | -H-D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\g3bcftbs.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011/03/07 15:29:00 | 000,000,000 | -H-D | M] (Yahoo! Toolbar) -- C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\g3bcftbs.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2010/12/17 14:21:31 | 000,000,000 | -H-D | M] (AnyColor) -- C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\g3bcftbs.default\extensions\anycolor.pavlos256@gmail.com
[2011/05/06 07:34:13 | 000,002,333 | ---- | M] () -- C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\g3bcftbs.default\searchplugins\askcom-1.xml
[2011/04/21 14:54:23 | 000,002,396 | -H-- | M] () -- C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\g3bcftbs.default\searchplugins\askcom.xml
[2011/03/23 08:24:21 | 000,005,529 | ---- | M] () -- C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\g3bcftbs.default\searchplugins\SearchquWebSearch.xml
[2011/02/01 15:35:07 | 000,003,915 | -H-- | M] () -- C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\g3bcftbs.default\searchplugins\sweetim.xml
[2011/05/14 02:33:59 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010/12/17 14:52:50 | 000,000,000 | ---D | M] (Skype extension) -- C:\Program Files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
[2011/01/30 11:46:15 | 000,000,000 | ---D | M] (QuestBrowse) -- C:\Program Files\Mozilla Firefox\extensions\{D9ADB0A8-7BFB-498D-9880-EE78A81CCFA0}
File not found (No name found) --
() (No name found) -- C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\G3BCFTBS.DEFAULT\EXTENSIONS\{EEE6C361-6118-11DC-9C72-001320C79847}.XPI
[2010/12/29 19:53:30 | 000,000,000 | -H-D | M] (Freeze.com NetAssistant) -- C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\NETASSISTANT
[2011/01/30 11:46:06 | 000,000,000 | ---D | M] (ClickPotatoLite Component) -- C:\PROGRAM FILES\CLICKPOTATOLITE\BIN\10.0.659.0\FIREFOX\EXTENSIONS
[2010/12/17 14:49:34 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2010/12/29 19:53:21 | 000,000,000 | ---D | M] (PriceGong) -- C:\PROGRAM FILES\PRICEGONG\2.1.0\FF
[2011/05/06 07:32:44 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\browsercomps.dll
[2011/05/06 07:32:56 | 000,001,516 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazon-france.xml
[2011/05/06 07:32:56 | 000,002,252 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\bing.xml
[2011/05/06 07:32:56 | 000,001,822 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\cnrtl-tlfi-fr.xml
[2011/05/06 07:32:56 | 000,001,154 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-france.xml
[2011/03/23 08:24:21 | 000,005,529 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\SearchquWebSearch.xml
[2011/05/06 07:32:56 | 000,001,426 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-fr.xml
[2011/05/06 07:32:56 | 000,000,956 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-france.xml
O1 HOSTS File: ([2011/04/22 12:33:03 | 000,000,804 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (PriceGongBHO Class) - {1631550F-191D-4826-B069-D9439253D926} - C:\Program Files\PriceGong\2.1.0\PriceGongIE.dll (PriceGong)
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (Interest recogniser for Widestream6 (powered by Spointer)) - {2BEFBCCE-46A6-4950-BCB5-7062EAC6C9C9} - C:\Program Files\Widestream6\spointer\extensions\widestream6_air_ie.dll (Widestream6)
O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\17.8.0.5\coieplg.dll (Symantec Corporation)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\17.8.0.5\ipsbho.dll (Symantec Corporation)
O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (SweetIM Toolbar Helper) - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O2 - BHO: (OfferBox) - {FC0D62C2-9640-4AEB-A5D5-CF25DF11FA8C} - C:\Program Files\OfferBox\OfferBoxBHO.dll (Secure Digital Services Limited)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\17.8.0.5\coieplg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (SweetIM Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKU\user_ON_C\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\17.8.0.5\coieplg.dll (Symantec Corporation)
O3 - HKU\user_ON_C\..\Toolbar\WebBrowser: (SweetIM Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O4 - HKLM..\Run: [Adobe ARM] C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [BCU] C:\Program Files\DeviceVM\Browser Configuration Utility\BCU.exe (DeviceVM, Inc.)
O4 - HKLM..\Run: [installer] C:\Program Files\Installer\lnetworker.exe ()
O4 - HKLM..\Run: [JMB36X IDE Setup] C:\WINDOWS\RaidTool\xInsIDE.exe ()
O4 - HKLM..\Run: [NPSStartup] File not found
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [SweetIM] C:\Program Files\SweetIM\Messenger\SweetIM.exe (SweetIM Technologies Ltd.)
O4 - HKU\NetworkService_ON_C..\Run: [5Z3U4G4I5X6G3F7JXBZOJQSGFEOCE] C:\newdnswatch\newdnswatch.exe ()
O4 - HKU\user_ON_C..\Run: [5Z3U4G4I5X6G3F7JXBZOJQSGFEOCE] C:\newdnswatch\newdnswatch.exe ()
O4 - HKU\user_ON_C..\Run: [AutoStartNPSAgent] C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe (Samsung Electronics Co., Ltd.)
O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Launch Whitesmoke Translator.lnk = C:\Program Files\Whitesmoke Translator\WSTrayDictMode.exe ()
O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\LOLRecorder.lnk = C:\Program Files\LOLReplay\LOLRecorder.exe ()
O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe (McAfee, Inc.)
O4 - Startup: C:\Documents and Settings\user\Menu Démarrer\Programmes\Démarrage\OpenOffice.org 3.3.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\control panel present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Recovery present
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\restrictions present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 149
O7 - HKU\Administrateur_ON_C\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKU\Administrateur_ON_C\Software\Policies\Microsoft\Internet Explorer\Recovery present
O7 - HKU\Administrateur_ON_C\Software\Policies\Microsoft\Internet Explorer\restrictions present
O7 - HKU\Administrateur_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\LocalService_ON_C\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKU\LocalService_ON_C\Software\Policies\Microsoft\Internet Explorer\Recovery present
O7 - HKU\LocalService_ON_C\Software\Policies\Microsoft\Internet Explorer\restrictions present
O7 - HKU\LocalService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 149
O7 - HKU\NetworkService_ON_C\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKU\NetworkService_ON_C\Software\Policies\Microsoft\Internet Explorer\Recovery present
O7 - HKU\NetworkService_ON_C\Software\Policies\Microsoft\Internet Explorer\restrictions present
O7 - HKU\NetworkService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 149
O7 - HKU\systemprofile_ON_C\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKU\systemprofile_ON_C\Software\Policies\Microsoft\Internet Explorer\Recovery present
O7 - HKU\systemprofile_ON_C\Software\Policies\Microsoft\Internet Explorer\restrictions present
O7 - HKU\user_ON_C\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKU\user_ON_C\Software\Policies\Microsoft\Internet Explorer\Recovery present
O7 - HKU\user_ON_C\Software\Policies\Microsoft\Internet Explorer\restrictions present
O7 - HKU\user_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 149
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_18)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Fichiers communs\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\Antiwpa: DllName - antiwpa.dll - C:\WINDOWS\System32\antiwpa.dll ()
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O20 - Winlogon\Notify\TPSvc: DllName - TPSvc.dll - File not found
O24 - Desktop Components:0 (Ma page d'accueil) - About:Home
O24 - Desktop WallPaper: B:\Documents and Settings\Default User\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: B:\Documents and Settings\Default User\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010/12/01 10:39:33 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2006/03/24 07:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
NetSvcs: 6to4 - File not found
NetSvcs: AppMgmt - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found
MsConfig - State: "system.ini" - 0
MsConfig - State: "win.ini" - 0
MsConfig - State: "bootini" - 2
MsConfig - State: "services" - 0
MsConfig - State: "startup" - 0
SafeBootMin: AppMgmt - File not found
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: sermouse.sys - Driver
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vga.sys - Driver
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: AppMgmt - File not found
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: Hamachi2Svc - C:\Program Files\LogMeIn Hamachi\hamachi-2.exe (LogMeIn Inc.)
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: sermouse.sys - Driver
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vga.sys - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
ActiveX: {0398B33C-67BD-B404-4FF9-76190C9AAC06} - Java (Sun)
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Rendu VML (Vector Graphics Rendering)
ActiveX: {19FC50E0-180A-DE85-C891-200EC073587E} - DirectAnimation
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4
ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Liaison de données Dynamic HTML pour Java
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Logiciel de navigation hors connexion
ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe
ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Création avancée
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Aide sur Internet Explorer
ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - Classes Java DirectAnimation
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.7
ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser
ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Outils d'installation Internet Explorer
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Améliorations pour la navigation
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - Accès au site MSN
ActiveX: {7131646D-CD3C-40F4-97B9-CD9E4E6262EF} - .NET Framework
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - %SystemRoot%\system32\ie4uinit.exe
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Liaison de données Dynamic HTML
ActiveX: {ACC563BC-4266-43f0-B6ED-9D38C4202C7E} -
ActiveX: {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} - .NET Framework
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Polices de base Internet Explorer
ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Planificateur de tâches
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - Aide HTML
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigIE
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: vidc.tscc - C:\WINDOWS\System32\tsccvid.dll (TechSmith Corporation)
NetSvcs: 6to4 - File not found
NetSvcs: AppMgmt - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found
========== Files/Folders - Created Within 30 Days ==========
[2011/05/28 08:01:42 | 000,000,000 | R--D | C] -- C:\Documents and Settings\user\Menu Démarrer\Programmes\Outils d'administration
[2011/05/26 14:37:44 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\user\Recent
[2011/05/24 13:32:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Google
[2011/05/24 13:29:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\CCleaner
[2011/05/24 13:28:58 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2011/05/24 13:28:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Google Chrome
[2011/05/24 13:28:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Google
[2011/05/24 13:27:41 | 000,000,000 | ---D | C] -- C:\Program Files\Google
[2011/05/24 13:27:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Local Settings\Application Data\Google
[2011/05/24 06:26:27 | 000,404,640 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2011/05/22 06:38:55 | 000,527,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_7.dll
[2011/05/22 06:38:55 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_5.dll
[2011/05/22 06:38:54 | 000,239,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_7.dll
[2011/05/22 06:38:53 | 002,106,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_43.dll
[2011/05/22 06:38:52 | 001,868,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dcsx_43.dll
[2011/05/22 06:38:52 | 000,248,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx11_43.dll
[2011/05/22 06:38:51 | 000,470,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_43.dll
[2011/05/22 06:38:50 | 001,998,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_43.dll
[2011/05/22 06:38:49 | 000,528,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_6.dll
[2011/05/22 06:38:49 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_4.dll
[2011/05/22 06:38:47 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_6.dll
[2011/05/22 06:38:47 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_7.dll
[2011/05/22 06:38:45 | 000,515,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_5.dll
[2011/05/22 06:38:45 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_5.dll
[2011/05/22 06:38:44 | 001,974,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_42.dll
[2011/05/22 06:38:43 | 005,501,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dcsx_42.dll
[2011/05/22 06:38:42 | 000,235,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx11_42.dll
[2011/05/22 06:38:41 | 001,892,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_42.dll
[2011/05/22 06:38:41 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_42.dll
[2011/05/22 06:38:39 | 001,846,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_41.dll
[2011/05/22 06:38:39 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_41.dll
[2011/05/22 06:38:38 | 004,178,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_41.dll
[2011/05/22 06:38:37 | 000,517,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_4.dll
[2011/05/22 06:38:37 | 000,235,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_4.dll
[2011/05/22 06:38:37 | 000,069,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_3.dll
[2011/05/22 06:38:36 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_6.dll
[2011/05/22 06:38:35 | 002,036,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_40.dll
[2011/05/22 06:38:35 | 000,452,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_40.dll
[2011/05/22 06:38:34 | 004,379,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_40.dll
[2011/05/22 06:38:33 | 000,514,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_3.dll
[2011/05/22 06:38:33 | 000,070,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_2.dll
[2011/05/22 06:38:32 | 000,235,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_3.dll
[2011/05/22 06:38:32 | 000,023,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_5.dll
[2011/05/22 06:38:31 | 000,507,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_1.dll
[2011/05/22 06:38:31 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_2.dll
[2011/05/22 06:38:31 | 000,065,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_0.dll
[2011/05/22 06:38:30 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_1.dll
[2011/05/22 06:38:29 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_4.dll
[2011/05/22 06:38:28 | 003,850,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_38.dll
[2011/05/22 06:38:28 | 001,491,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_38.dll
[2011/05/22 06:38:28 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_38.dll
[2011/05/22 06:38:27 | 000,479,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_0.dll
[2011/05/22 06:38:26 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_0.dll
[2011/05/22 06:38:25 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_3.dll
[2011/05/22 06:38:23 | 001,420,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_37.dll
[2011/05/22 06:38:23 | 000,462,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_37.dll
[2011/05/22 06:38:22 | 003,786,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_37.dll
[2011/05/22 06:38:22 | 000,267,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_10.dll
[2011/05/22 06:38:21 | 001,374,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_36.dll
[2011/05/22 06:38:21 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_36.dll
[2011/05/22 06:38:20 | 003,734,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_36.dll
[2011/05/22 06:38:19 | 001,358,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_35.dll
[2011/05/22 06:38:19 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_35.dll
[2011/05/22 06:38:19 | 000,267,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_9.dll
[2011/05/22 06:38:18 | 003,727,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_35.dll
[2011/05/22 06:38:17 | 000,266,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_8.dll
[2011/05/22 06:38:17 | 000,017,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_2.dll
[2011/05/22 06:38:16 | 001,124,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_34.dll
[2011/05/22 06:38:16 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_34.dll
[2011/05/22 06:38:15 | 003,497,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_34.dll
[2011/05/22 06:38:15 | 000,081,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xinput1_3.dll
[2011/05/22 06:38:11 | 000,261,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_7.dll
[2011/05/22 06:38:10 | 001,123,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_33.dll
[2011/05/22 06:38:10 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_33.dll
[2011/05/22 06:38:07 | 003,495,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_33.dll
[2011/05/22 06:38:06 | 000,255,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_6.dll
[2011/05/22 06:38:04 | 003,426,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_32.dll
[2011/05/22 06:38:04 | 000,251,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_5.dll
[2011/05/22 06:38:03 | 000,237,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_4.dll
[2011/05/22 06:38:02 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_31.dll
[2011/05/22 06:38:02 | 000,015,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\x3daudio1_1.dll
[2011/05/22 06:38:01 | 000,236,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_3.dll
[2011/05/22 06:38:00 | 000,062,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xinput1_2.dll
[2011/05/22 06:37:59 | 000,230,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_2.dll
[2011/05/22 06:37:58 | 000,062,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xinput1_1.dll
[2011/05/22 06:37:56 | 000,229,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_1.dll
[2011/05/22 06:37:51 | 002,388,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_30.dll
[2011/05/22 06:37:50 | 000,230,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_0.dll
[2011/05/22 06:37:50 | 000,014,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\x3daudio1_0.dll
[2011/05/22 06:37:49 | 002,332,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_29.dll
[2011/05/22 06:37:49 | 002,323,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_28.dll
[2011/05/22 06:37:49 | 000,061,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xinput9_1_0.dll
[2011/05/22 06:37:47 | 002,319,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_27.dll
[2011/05/22 06:37:46 | 002,337,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_25.dll
[2011/05/22 06:37:46 | 002,297,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_26.dll
[2011/05/22 06:37:44 | 002,222,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_24.dll
[2011/05/22 06:33:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Application Data\RIFT
[2011/05/22 06:33:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\RIFT
[2011/05/22 06:33:24 | 000,000,000 | ---D | C] -- C:\Program Files\RIFT Game
[2011/05/20 07:07:39 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\NetworkService\SendTo
[2011/05/20 07:07:38 | 000,000,000 | R--D | C] -- C:\Documents and Settings\NetworkService\Menu Démarrer\Programmes\Accessoires
[2011/05/20 07:07:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Identities
[2011/05/20 07:07:31 | 000,000,000 | R--D | C] -- C:\Documents and Settings\NetworkService\Mes documents\Mes images
[2011/05/20 07:07:31 | 000,000,000 | R--D | C] -- C:\Documents and Settings\NetworkService\Mes documents
[2011/05/20 07:07:31 | 000,000,000 | R--D | C] -- C:\Documents and Settings\NetworkService\Mes documents\Ma musique
[2011/05/20 07:07:31 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\NetworkService\Voisinage réseau
[2011/05/20 07:07:30 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\NetworkService\Recent
[2011/05/20 07:07:30 | 000,000,000 | R--D | C] -- C:\Documents and Settings\NetworkService\Favoris
[2011/05/20 07:07:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Menu Démarrer
[2011/05/20 07:07:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Menu Démarrer\Programmes\Démarrage
[2011/05/20 07:07:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Bureau
[2011/05/16 12:58:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\Minidump
[2011/05/13 16:42:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Local Settings\Application Data\Ilivid Player
[2011/05/13 16:40:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Local Settings\Application Data\PackageAware
[2011/05/02 15:43:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Local Settings\Application Data\Identities
[2011/05/02 14:45:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Menu Démarrer\Programmes\StarCraft II
[2011/05/02 14:28:31 | 000,000,000 | ---D | C] -- C:\Program Files\StarCraft II
[2011/05/02 14:28:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\StarCraft II
[5 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2011/05/29 07:46:38 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/05/29 05:11:55 | 000,002,278 | -H-- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/05/24 15:55:22 | 000,000,177 | -H-- | M] () -- C:\dvmexp.idx
[2011/05/24 15:32:00 | 000,001,050 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011/05/24 13:32:01 | 000,001,046 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011/05/24 13:29:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\CCleaner
[2011/05/24 13:29:00 | 000,000,682 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\CCleaner.lnk
[2011/05/24 13:28:56 | 000,001,813 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Google Chrome.lnk
[2011/05/24 13:28:56 | 000,001,791 | ---- | M] () -- C:\Documents and Settings\user\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2011/05/24 13:28:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Google Chrome
[2011/05/24 06:26:27 | 000,404,640 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2011/05/23 12:52:49 | 000,002,265 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Skype.lnk
[2011/05/22 06:36:50 | 000,001,594 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Jouer à RIFT.lnk
[2011/05/22 06:33:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\RIFT
[2011/05/20 07:07:40 | 000,000,779 | ---- | M] () -- C:\Documents and Settings\NetworkService\Application Data\Microsoft\Internet Explorer\Quick Launch\Démarrer Internet Explorer.lnk
[2011/05/20 07:07:39 | 000,000,079 | ---- | M] () -- C:\Documents and Settings\NetworkService\Application Data\Microsoft\Internet Explorer\Quick Launch\Bureau.scf
[2011/05/18 07:21:50 | 000,027,648 | -H-- | M] () -- C:\Documents and Settings\user\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/05/14 02:34:11 | 000,000,248 | ---- | M] () -- C:\WINDOWS\System32\drivers\kgpcpy.cfg
[2011/05/06 07:33:09 | 000,000,730 | ---- | M] () -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Mozilla Firefox.lnk
[2011/05/06 04:01:41 | 000,001,630 | ---- | M] () -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\LOLRecorder.lnk
[2011/05/06 04:01:40 | 000,001,564 | ---- | M] () -- C:\Documents and Settings\user\Bureau\LOL Recorder.lnk
[2011/05/02 15:47:10 | 000,880,708 | ---- | M] () -- C:\Documents and Settings\user\Bureau\abstract-wallpaper-backgrounds-iaym.jpg
[2011/05/02 15:44:13 | 000,267,999 | ---- | M] () -- C:\Documents and Settings\user\Bureau\fond-d-ecran-du-film-robin-des-bois-avec-russell-crowe-1280x800.jpg
[2011/05/02 14:44:43 | 000,000,774 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\StarCraft II.lnk
[2011/05/02 14:44:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\StarCraft II
[2011/05/02 07:19:47 | 000,058,337 | ---- | M] () -- C:\Documents and Settings\user\Bureau\TEST 6-02.jpg
[2011/05/02 07:18:55 | 002,509,696 | ---- | M] () -- C:\Documents and Settings\user\Bureau\TEST 6-02.psd
[5 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
========== Files Created - No Company Name ==========
[2011/05/24 13:29:00 | 000,000,682 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\CCleaner.lnk
[2011/05/24 13:28:56 | 000,001,791 | ---- | C] () -- C:\Documents and Settings\user\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2011/05/24 13:28:54 | 000,001,813 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Google Chrome.lnk
[2011/05/24 13:27:52 | 000,001,050 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011/05/24 13:27:51 | 000,001,046 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011/05/22 06:36:50 | 000,001,594 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Jouer à RIFT.lnk
[2011/05/20 07:07:39 | 000,000,079 | ---- | C] () -- C:\Documents and Settings\NetworkService\Application Data\Microsoft\Internet Explorer\Quick Launch\Bureau.scf
[2011/05/20 07:07:38 | 000,000,788 | ---- | C] () -- C:\Documents and Settings\NetworkService\Menu Démarrer\Programmes\Windows Media Player.lnk
[2011/05/20 07:07:36 | 000,000,738 | ---- | C] () -- C:\Documents and Settings\NetworkService\Menu Démarrer\Programmes\Outlook Express.lnk
[2011/05/20 07:07:34 | 000,000,767 | ---- | C] () -- C:\Documents and Settings\NetworkService\Menu Démarrer\Programmes\Internet Explorer.lnk
[2011/05/20 07:07:33 | 000,000,779 | ---- | C] () -- C:\Documents and Settings\NetworkService\Application Data\Microsoft\Internet Explorer\Quick Launch\Démarrer Internet Explorer.lnk
[2011/05/14 02:34:11 | 000,000,248 | ---- | C] () -- C:\WINDOWS\System32\drivers\kgpcpy.cfg
[2011/05/06 07:33:09 | 000,000,730 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Mozilla Firefox.lnk
[2011/05/02 15:47:09 | 000,880,708 | ---- | C] () -- C:\Documents and Settings\user\Bureau\abstract-wallpaper-backgrounds-iaym.jpg
[2011/05/02 15:44:12 | 000,267,999 | ---- | C] () -- C:\Documents and Settings\user\Bureau\fond-d-ecran-du-film-robin-des-bois-avec-russell-crowe-1280x800.jpg
[2011/05/02 14:28:31 | 000,000,774 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\StarCraft II.lnk
[2011/05/02 07:19:44 | 000,058,337 | ---- | C] () -- C:\Documents and Settings\user\Bureau\TEST 6-02.jpg
[2011/05/02 07:18:53 | 002,509,696 | ---- | C] () -- C:\Documents and Settings\user\Bureau\TEST 6-02.psd
[2011/04/27 11:04:03 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\FsUsbExDevice.Dll
[2011/04/27 11:04:03 | 000,036,608 | ---- | C] () -- C:\WINDOWS\System32\FsUsbExDisk.Sys
[2011/04/27 11:03:55 | 000,002,528 | ---- | C] () -- C:\Documents and Settings\user\Application Data\$_hpcst$.hpc
[2011/04/22 10:01:06 | 000,000,176 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\~17358644
[2011/04/22 10:01:06 | 000,000,152 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\~17358644r
[2011/04/22 10:01:05 | 000,000,344 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\17358644
[2011/04/22 10:01:03 | 000,487,424 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\17358644.exe
[2011/04/20 10:30:31 | 000,025,248 | ---- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2011/04/17 03:59:21 | 000,000,000 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\LauncherAccess.dt
[2011/04/17 03:57:11 | 000,005,632 | -H-- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys
[2011/01/16 11:17:13 | 000,000,056 | ---- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2010/12/30 16:53:43 | 000,060,416 | ---- | C] () -- C:\WINDOWS\System32\antiwpa.dll
[2010/12/29 19:32:12 | 000,011,264 | ---- | C] () -- C:\WINDOWS\System32\Utils.dll
[2010/12/17 19:09:09 | 000,027,648 | -H-- | C] () -- C:\Documents and Settings\user\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/12/17 14:19:49 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2010/12/02 04:37:10 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ativpsrm.bin
[2010/12/02 04:37:06 | 000,887,724 | ---- | C] () -- C:\WINDOWS\System32\ativva6x.dat
[2010/12/02 04:37:06 | 000,224,342 | ---- | C] () -- C:\WINDOWS\System32\atiicdxx.dat
[2010/12/02 04:37:06 | 000,000,003 | ---- | C] () -- C:\WINDOWS\System32\ativva5x.dat
[2010/12/02 04:19:34 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\AsIO.dll
[2010/12/02 04:19:34 | 000,011,296 | RH-- | C] () -- C:\WINDOWS\System32\drivers\AsIO.sys
[2010/12/02 04:18:04 | 000,073,728 | ---- | C] () -- C:\WINDOWS\System32\RtNicProp32.dll
[2010/12/02 04:14:06 | 000,043,123 | -H-- | C] () -- C:\WINDOWS\Ascd_log.ini
[2010/12/02 04:13:45 | 000,005,810 | RH-- | C] () -- C:\WINDOWS\System32\drivers\ASACPI.sys
[2010/12/02 04:13:41 | 000,001,769 | -H-- | C] () -- C:\WINDOWS\Language_trs.ini
[2010/12/02 04:13:38 | 000,029,650 | -H-- | C] () -- C:\WINDOWS\Ascd_tmp.ini
[2010/12/02 04:13:38 | 000,010,296 | -H-- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS
[2010/12/01 11:29:45 | 000,004,205 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2010/12/01 11:28:47 | 002,051,480 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/12/01 10:40:35 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2010/12/01 10:37:29 | 000,021,892 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2008/12/01 13:32:32 | 000,362,029 | ---- | C] () -- C:\WINDOWS\System32\sqlite3.dll
[2008/04/14 07:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2008/04/14 07:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2008/04/14 07:00:00 | 000,501,696 | ---- | C] () -- C:\WINDOWS\System32\perfh00C.dat
[2008/04/14 07:00:00 | 000,432,936 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2008/04/14 07:00:00 | 000,322,810 | ---- | C] () -- C:\WINDOWS\System32\perfi00C.dat
[2008/04/14 07:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2008/04/14 07:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2008/04/14 07:00:00 | 000,081,136 | ---- | C] () -- C:\WINDOWS\System32\perfc00C.dat
[2008/04/14 07:00:00 | 000,067,700 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2008/04/14 07:00:00 | 000,053,376 | -H-- | C] () -- C:\WINDOWS\System32\drivers\volsnap.sys
[2008/04/14 07:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2008/04/14 07:00:00 | 000,034,108 | ---- | C] () -- C:\WINDOWS\System32\perfd00C.dat
[2008/04/14 07:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2008/04/14 07:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2008/04/14 07:00:00 | 000,004,461 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2008/04/14 07:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin
[2008/04/14 07:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
========== LOP Check ==========
[2011/03/30 12:26:59 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\user\Application Data\.minecraft
[2011/04/22 17:53:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\Audacity
[2011/01/30 11:46:05 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\user\Application Data\ClickPotatoLite
[2011/02/06 04:48:40 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\user\Application Data\LimeWire
[2010/12/22 09:34:58 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\user\Application Data\LolClient
[2011/05/24 13:36:55 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\user\Application Data\Mumble
[2010/12/29 19:53:30 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\user\Application Data\NetAssistant
[2011/05/18 06:27:52 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\user\Application Data\OfferBox
[2011/04/06 11:37:40 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\user\Application Data\OpenOffice.org
[2011/03/28 15:59:33 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\user\Application Data\pokerth
[2011/05/24 13:37:55 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\user\Application Data\PriceGong
[2011/05/22 08:44:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\RIFT
[2011/04/27 11:03:33 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\user\Application Data\Samsung
[2011/02/07 13:21:38 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\user\Application Data\ShopperReports3
[2011/05/26 13:54:15 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\user\Application Data\TS3Client
[2011/02/19 04:58:48 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\user\Application Data\WhiteSmokeTranslator
[2011/02/01 15:35:53 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\user\Application Data\widestream
[2011/01/30 11:46:06 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\2ACA5CC3-0F83-453D-A079-1076FE1A8B65
[2010/12/02 04:31:56 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\ASUS OC Profiles
[2011/02/08 07:18:16 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\ClickPotatoLiteSA
[2010/12/02 04:31:56 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\EPU
[2011/05/24 14:08:55 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\PMB Files
[2011/02/03 03:55:46 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\QuestBrwSearch
[2011/04/27 11:04:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Samsung
[2011/05/14 02:41:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\STOPzilla!
[2011/02/01 15:35:22 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\SweetIM
[2011/03/29 15:43:18 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\TechSmith
========== Purity Check ==========
========== Custom Scans ==========
< %systemroot%\system32\drivers\*.sys /lockedfiles >
Invalid Environment Variable: %ALLUSERSPROFILE%\Application Data\*.
Invalid Environment Variable: %ALLUSERSPROFILE%\Application Data\*.exe
Invalid Environment Variable: %APPDATA%\*.
Invalid Environment Variable: %APPDATA%\*.exe
< %SYSTEMDRIVE%\*.exe >
< %SYSTEMDRIVE%\*.exe >
< MD5 for: AGP440.SYS >
[2008/04/14 07:00:00 | 020,102,028 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
< MD5 for: ATAPI.SYS >
[2008/04/14 07:00:00 | 020,102,028 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008/04/13 06:40:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\dllcache\atapi.sys
[2008/04/13 06:40:32 | 000,096,512 | -H-- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2008/04/14 07:00:00 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\ReinstallBackups\0008\DriverFiles\i386\atapi.sys
[2008/04/13 06:40:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\ReinstallBackups\0009\DriverFiles\i386\atapi.sys
< MD5 for: CDROM.SYS >
[2008/04/14 07:00:00 | 020,102,028 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2008/04/14 07:00:00 | 000,062,976 | -H-- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys
< MD5 for: CHANGER.SYS >
[2008/04/14 07:00:00 | 020,102,028 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:Changer.sys
< MD5 for: DISK.SYS >
[2008/04/14 07:00:00 | 020,102,028 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:disk.sys
[2008/04/14 07:00:00 | 000,036,352 | -H-- | M] (Microsoft Corporation) MD5=044452051F3E02E7963599FC8F4F3E25 -- C:\WINDOWS\system32\drivers\disk.sys
< MD5 for: EVENTLOG.DLL >
[2008/04/14 07:00:00 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=4EC800BDF80521B0207BD2301DFC7D14 -- C:\WINDOWS\system32\dllcache\eventlog.dll
[2008/04/14 07:00:00 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=4EC800BDF80521B0207BD2301DFC7D14 -- C:\WINDOWS\system32\eventlog.dll
< MD5 for: EXPLORER.EXE >
[2008/04/14 07:00:00 | 001,037,824 | ---- | M] (Microsoft Corporation) MD5=F2317622D29F9FF0F88AEECD5F60F0DD -- C:\WINDOWS\explorer.exe
[2008/04/14 07:00:00 | 001,037,824 | ---- | M] (Microsoft Corporation) MD5=F2317622D29F9FF0F88AEECD5F60F0DD -- C:\WINDOWS\system32\dllcache\explorer.exe
< MD5 for: NDIS.SYS >
[2008/04/14 07:00:00 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\dllcache\ndis.sys
[2008/04/14 07:00:00 | 000,182,656 | -H-- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys
< MD5 for: NETLOGON.DLL >
[2008/04/14 07:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=04821179C3171554C1BD1F9888A113E2 -- C:\WINDOWS\system32\dllcache\netlogon.dll
[2008/04/14 07:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=04821179C3171554C1BD1F9888A113E2 -- C:\WINDOWS\system32\netlogon.dll
< MD5 for: RASACD.SYS >
[2008/04/14 07:00:00 | 000,008,832 | ---- | M] (Microsoft Corporation) MD5=FE0D99D6F31E4FAD8159F690D68DED9C -- C:\WINDOWS\system32\dllcache\rasacd.sys
[2008/04/14 07:00:00 | 000,008,832 | -H-- | M] (Microsoft Corporation) MD5=FE0D99D6F31E4FAD8159F690D68DED9C -- C:\WINDOWS\system32\drivers\rasacd.sys
< MD5 for: RDPWD.SYS >
[2008/04/14 07:00:00 | 000,139,656 | ---- | M] (Microsoft Corporation) MD5=6728E45B66F93C08F11DE2E316FC70DD -- C:\WINDOWS\system32\dllcache\rdpwd.sys
[2008/04/14 07:00:00 | 000,139,656 | -H-- | M] (Microsoft Corporation) MD5=6728E45B66F93C08F11DE2E316FC70DD -- C:\WINDOWS\system32\drivers\rdpwd.sys
< MD5 for: SCECLI.DLL >
[2008/04/14 07:00:00 | 000,187,392 | ---- | M] (Microsoft Corporation) MD5=973B36634C544948C663E8269AA1B3A3 -- C:\WINDOWS\system32\dllcache\scecli.dll
[2008/04/14 07:00:00 | 000,187,392 | ---- | M] (Microsoft Corporation) MD5=973B36634C544948C663E8269AA1B3A3 -- C:\WINDOWS\system32\scecli.dll
< MD5 for: SFLOPPY.SYS >
[2008/04/14 07:00:00 | 020,102,028 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:Sfloppy.sys
[2008/04/14 07:00:00 | 000,011,392 | -H-- | M] (Microsoft Corporation) MD5=8E6B8C671615D126FDC553D1E2DE5562 -- C:\WINDOWS\system32\drivers\sfloppy.sys
< MD5 for: SPLITTER.SYS >
[2008/04/14 07:00:00 | 020,102,028 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:splitter.sys
[2008/04/13 06:45:08 | 000,006,272 | ---- | M] (Microsoft Corporation) MD5=AB8B92451ECB048A4D1DE7C3FFCB4A9F -- C:\WINDOWS\system32\dllcache\splitter.sys
[2008/04/13 06:45:08 | 000,006,272 | -H-- | M] (Microsoft Corporation) MD5=AB8B92451ECB048A4D1DE7C3FFCB4A9F -- C:\WINDOWS\system32\drivers\splitter.sys
< MD5 for: SWMIDI.SYS >
[2008/04/14 07:00:00 | 020,102,028 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:swmidi.sys
[2008/04/13 06:45:10 | 000,056,576 | ---- | M] (Microsoft Corporation) MD5=8CE882BCC6CF8A62F2B2323D95CB3D01 -- C:\WINDOWS\system32\dllcache\swmidi.sys
[2008/04/13 06:45:10 | 000,056,576 | -H-- | M] (Microsoft Corporation) MD5=8CE882BCC6CF8A62F2B2323D95CB3D01 -- C:\WINDOWS\system32\drivers\swmidi.sys
< MD5 for: TCPIP.SYS >
[2008/04/14 07:00:00 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\$NtUninstallKB951748$\tcpip.sys
[2008/06/20 07:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\dllcache\tcpip.sys
[2008/06/20 07:51:12 | 000,361,600 | -H-- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\drivers\tcpip.sys
[2008/06/20 07:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB2509553\SP3QFE\tcpip.sys
[2008/06/20 07:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip.sys
< MD5 for: TDPIPE.SYS >
[2008/04/14 07:00:00 | 000,012,040 | ---- | M] (Microsoft Corporation) MD5=6471A66807F5E104E4885F5B67349397 -- C:\WINDOWS\system32\dllcache\tdpipe.sys
[2008/04/14 07:00:00 | 000,012,040 | -H-- | M] (Microsoft Corporation) MD5=6471A66807F5E104E4885F5B67349397 -- C:\WINDOWS\system32\drivers\tdpipe.sys
< MD5 for: TDTCP.SYS >
[2008/04/14 07:00:00 | 000,021,896 | ---- | M] (Microsoft Corporation) MD5=C56B6D0402371CF3700EB322EF3AAF61 -- C:\WINDOWS\system32\dllcache\tdtcp.sys
[2008/04/14 07:00:00 | 000,021,896 | -H-- | M] (Microsoft Corporation) MD5=C56B6D0402371CF3700EB322EF3AAF61 -- C:\WINDOWS\system32\drivers\tdtcp.sys
< MD5 for: USBPRINT.SYS >
[2008/04/14 07:00:00 | 020,102,028 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:usbprint.sys
< MD5 for: USBSCAN.SYS >
[2008/04/14 07:00:00 | 020,102,028 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:usbscan.sys
[2008/04/13 06:45:36 | 000,015,104 | ---- | M] (Microsoft Corporation) MD5=A0B8CF9DEB1184FBDD20784A58FA75D4 -- C:\WINDOWS\system32\dllcache\usbscan.sys
[2008/04/13 06:45:36 | 000,015,104 | -H-- | M] (Microsoft Corporation) MD5=A0B8CF9DEB1184FBDD20784A58FA75D4 -- C:\WINDOWS\system32\drivers\usbscan.sys
< MD5 for: USERINIT.EXE >
[2008/04/14 07:00:00 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=E74DDB12188C2FF57A78624DBF7332FC -- C:\WINDOWS\system32\dllcache\userinit.exe
[2008/04/14 07:00:00 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=E74DDB12188C2FF57A78624DBF7332FC -- C:\WINDOWS\system32\userinit.exe
[color=#A23B瑺䭞䄼䵗剏䍎煋嚀吵佡汐媁筲潷潫捧属遻婬䡗幎䱟佊䙌呇䕌乓啌奙慣䡖呇䙆㵁䅈䀺䱉䕇䭄摖噠南坙剐慙楫潩占当䡒幓歩恚䡝䌿婋敪䅏住䝈偈噖敠䭞橍敹䑃䵈捓偩䥆䭉䙁乑䡌呈卜㩇䰾䥑䑆䈽幓九归塙扡屖彠彠婙浟幯啗佑之䍍䐽㱄ⰴ㬰㥃〱⬬〰ㄭ〴㴷佀穭扨単偙䕃䕋䍂䡇乄䭔偌塓乙䡌㵅偈䑐㠶伽㙕〰䄺卄呣䱉卌南䙉恐剐摚婥䕏㜾䐶协乞㹀䡆幋屠剗彔婞敤坟灥佨㤺䔿㹀㼹䱍㭃㰻佄剑摜筳湩讋恹䥎䙉䥌ㄼ〯㐲ⴲ䈱䍇䉅㸻㸼㭀㴷䅅ㄻ‖ℙᔢᘖᔕဒဒऋ夺ᬙ⌙Ḥ᨞ᨗᤖⴞ⬳嘫⍍ᴤᘘἚᨖ“ᬢ䌫⩊ᜡᐓᔖ脻Ḳᘗ᜕ᨙᘖᐒ᠖ᐗሒᜒ᠗ጙᄑᄐሓጔጒᘘఋഏఊሏᐒ༔ဍဒഐऊଊଋఋᔑ㠢ᘦሑฑဎထ༏ᐑᘗᘗᔖᄔ᠓⌜ᠣᬙᴟḟ㤨ᨧᤜᬘᴝᰜ℠⨧ᐘ┛ᤡጙሒᘓጒḘ⠩ഗഌ༑ሐဏᄏᘔᨗᬙ⼣ᘝ㠟⠷☱ᨚ☗⌳ጔထᜒ☘ᔱḔἣᰛᘖ᠖ጟဌᤗᔓጓᤗᤕ”ᨛⰥḠ⤧␣┢‥ᴙᔛᔖḗᠠᐙᨘᤜሑᨕℝ㜪圾屰㜴㐻⸳┦⠧Ἔㄞᰥᬥᴝḟ∝朲뷒⭖⌦⠨•㌙≆“댪ᭃᤡᔙᤙᨙ㌤ḭᬞℜ㐥┟䙁〳ᴪ†⨢⤱氯扢㌹㬿扇䤹㽄呔䭂㱃䜷歖銒炀給㩦㴷䩌㸸杏佖奊呙㱉㤹ꜷ㌽ぎ㠲鑀菏㙁昿覒乳㠹㩀牠偨ⰱ㸯ἷ☥㌭桄兪⌧㠮☴ᬚ⬢戺☻㜷坋ᬲ☭⼰椪宓斥ℬ∡✥㌬䔴⹊Ⱝℝㄨ㔮䔾㽚㝇䅁䀭噑㑈㔯匽⠺䌭剏㽅䭏坒䅄兑存⥈朳ㅖㄴ⤵⌡㸰ᨢ⸣㐯䀵㡃䑩㐶⬴✩먩䙽㹗㈶㸵䤽䅄덞呼摹扑㹎㈱㰴䍏⬵䐽㼹㡀ㄹ䨡侅䰷㡊㌱㴼ⰵㄭ䴻恖潝均䉷„✢商⤪⸴㼺‥⬤㜶∰㘑ሯᘊᐥ⌒⩩㴣㑒⌕⨦ᰰḚἚ␢㐪協⠲䀶䅒䌰㔻㸴橛腥啢㹽㴷㰼䑇䬾㵞┩㰬㝁㨷⤭✬刺䕔䨾敠㕅穜費㹂酞敻㹈㨹㘷∣㠧乢䤵䙅䡚뉙冗䁂䀽㰼䵃啚偌佚㹊伶你慔恔恦孕籪钙肟偡䄿㭊㘩㜺㐻┡⨮䀭蝛箔晪偡削슙敲噙南瑙ꖍ抈偋婒捴鶃佭婂㽐䭅签꒐붹鶯涊屬葞鞧꺡螐芈瑲衽鎃敺䑍剆躈ꂽ啡扜兣䥆㹆㴹塇楞呩䀾〷䜺䵉㽓㜱䐷䭓佋兓䱃契䭛㽇䈿佈乒䬿坞䩓㌻䕄㨽㼸㩂䠺湢ⱌ⼩㤲䝁䀽䕃啌捔兞低䱐䉅慃兗契兓䕎䄾婒捛硫蒀疁桱幝坣体摌鞄蒖卫㬿啑卌奜坡䉇呅獩穳葾橱慭穰晰敟湥捳協絰晶嵚偐幡祥窂潭楲橮橩獾南幝筞辟摱偟桎穱剦橘摧橨摠筭禒浵嵚祫纈腽纆幨塛譖疲牧鍷隻蝱䙝䕄䝆祏咃䑈䍂㥄㰴㡀㐮䱈䝇乑乏䡌䍈䝄煗剠摉ꂏ屬䵗幒䑙屍䥞䐿剋坔䵑䜿䝋啑佗䕅呋捚煩健嵒畨扫晟彠塣塖噚桚婣좑敵鱰賊統恣灨潪赭絿龛梇剪慢噘䙀汣桮晣孬恎ꚍ捼彡婍灨祺齽榻浡腩皏潱躂坝捪嵕煵婩卐奔孞佒剒偏䭉晐鮛癯祹敪塟摞単葩噶䱑杤浟睻桫癲呦䝐䍄쭱䎻腲坝籲的낌銾ꚉ璕ⵒ䔲㰹慌噤䙁㱆㐰〺簺㹛䭋䍂孍幟䡏䑈㘵孇坛偌婗䵊噟䵖兇乑㨹䵇偅啗㙉䀵䘾䡃兏嵖癖彵䱏噇桢婠坣䭊䙆㤽充㹛䨯坑䝒㭂㠻䐸久䡐汒幭䱘偋䝌噎削幞乗剋䁒畸晞晪扥䵑恟彟孜⹃㴷㹀㤿㴽〺伻穫坞桚敭屚楥履坔浩彠灪桨鲍潺呪幑散摝絲肬婆羇扔橩敻剔䵋婓煪剨剔乌幚季䭐幗佋乏镱䝠佁嵖畵汥皀籷筹摩潥粀卜䕑歚啨幒乖橘彭兖塗摘捫䝘䥋兏婒䡘䡂䭌䍈乄䩎半塛幟䥏啋恠筮幩歠剤恏楮嵘恚佘嵒捭啗䱍䱍坎癦桺兙浐犒䑅偏剏坖坓䅐䀾升単剑䩒㵄䭄乌久䁇噇佝婗奖幢䡌噑卓嵚捚䥖䝃䡑䝁㭈㨸㠹㘴䀺㹉✰⤦⤯㔬㠻䌽㱇敂兟㵊㰽克䝍佇䍐佁䝓恌扤䉏剈䍏䵂䥙㜿䌵㕆㐯䩁剎塕䥓佁䵝䱆奒幞恝奦㹎㤻伽慙䭚㩂䝀奎婛敛彤屘楧婝湪乞䉁兆㭋䤺啝㹋䌹偎䵐彔牤祥鎜恹䑐㤸幇䅒㘸䐽䡂䝅䝄㙄⼱䐲䵑㬽䙂㘽⌜┭ᰖᠤᬗᄕᄐऍⰔ—℧᨞ᐔᘓ⨝䤯᨞᨟Ἔᴜᤚ∛ᬠ䌬が᠖ᐘ舯ᔕᔖᔖဏᔑᔕᔓᐓ᜔ᄒᄑጒ༏ᄑᔓᔘပฌฐऊਈጎᄒฐ༎ฐᄎ
- Florent69
- Visiteur Confirmé
- Messages: 17
- Inscription: 26 Mai 2011 18:21
Re: [Urgent]Pc qui bloque
le 31 Mai 2011 06:10
Salut!
Tu te rends comptes que ce PC est vérolé jusqu'au moindre octet - il va te falloir changer ton comportement en naviguant sur tes sites favoris. Cela te fait certainement râler que je te le dise ... (ouvre la fenêtre et pousse ta gueu....llante).
Maintenant que cela va mieux je peux te dire que tu as passé (ton PC) une des étapes les plus difficiles et que l'on va pouvoir peut-être sauver ce PC.
Ce que je voudrais que tu comprennes maintenant :
La désinfection demande l'utilisation d'outils et de procédures plus ou moins complexes, sensibles et potentiellement dangereux.
Je m'efforçerai donc de traduire cela le plus clairement possible, néanmoins, il convient de respecter quelques conseils pour son bon déroulement :
• Le PC infecté doit être utilisé le moins possible, mis à part pour les procédures et communiquer sur le forum.
• Lis toujours l'intégralité des procédures avant de les entamer, ou sauvegarde-les (impression/ fichier texte).
(En effet certaines circonstances pourraient t'empêcher de poursuivre la lecture, redémarrage de pc par exemple)
• Réalise entièrement, précisément et dans l'ordre donné, les procédures demandées, sans cela tu risques de créer plus de problèmes que tu n'en résoudrais.
Ne tente rien par toi-même sans m'en faire part avant !
• N'hésite pas à poser toute question avant d'entamer les procédures, et rapporte immédiatement les problèmes rencontrés lors de celles-ci.
Enfin, sâche que la désinfection ne sera terminée que lorsque je te l'aurais dit.
La disparition des symptômes ne signifie pas obligatoirement la disparition de l'infection !
De plus, malgré toutes ces précautions, un plantage du PC est toujours possible, pense à sauvegarder le maximum de tes documents !
En fin de désinfection (si tout ce passe bien), je t'autorise à me dire 'edreM' de t'avoir bousculé comme cela!
On y va ...
Effectue ceci dans l'ordre :
1/
Depuis un PC sain enregistre dans un document texte la citation complète ci-dessous et transfert ce document sur une clé USB.
Nomme ce document ---)> nettoyage.txt
2/
Redémarre le PC malade en utilisant le CD Live (OTLPE).
Aux demandes :
Do you wish to load the remote registry > Clique Yes
Do you wish to load remote user profile(s) for scanning > Clique Yes
Automatically Load All Remaining Users (assure toi que la case soit cochée) > Puis clique OK
3/
Branche ta clé USB et transfère le document --> nettoyage.txt sur le PC malade.
Retire la clé du PC.
4/
Lance OTLPE
Copie et colle le contenu de 'nettoyage.txt' dans la fenêtre 'Custom Scan/Fixes'.
Clique sur le bouton 'Run Fix'
Ne touche plus à rien et laisse le PC t'informer qu'il devra redémarrer le PC pour confirmer les corrections
> Retire le CD Live
> Accepte le redémarrage ou alors redémarre toi-même le PC.
5/
Si le PC a redémarrer normalement :
Sur le Bureau tu auras le rapport '05312011_xxxxxx.log' d'OTL > Poste le moi.
Si le PC ne veut pas redémarrer :
Utilise le CD Live > Récupére ce rapport et poste le moi depuis un PC sain.
Tu te rends comptes que ce PC est vérolé jusqu'au moindre octet - il va te falloir changer ton comportement en naviguant sur tes sites favoris. Cela te fait certainement râler que je te le dise ... (ouvre la fenêtre et pousse ta gueu....llante).
Maintenant que cela va mieux je peux te dire que tu as passé (ton PC) une des étapes les plus difficiles et que l'on va pouvoir peut-être sauver ce PC.
Ce que je voudrais que tu comprennes maintenant :
La désinfection demande l'utilisation d'outils et de procédures plus ou moins complexes, sensibles et potentiellement dangereux.
Je m'efforçerai donc de traduire cela le plus clairement possible, néanmoins, il convient de respecter quelques conseils pour son bon déroulement :
• Le PC infecté doit être utilisé le moins possible, mis à part pour les procédures et communiquer sur le forum.
• Lis toujours l'intégralité des procédures avant de les entamer, ou sauvegarde-les (impression/ fichier texte).
(En effet certaines circonstances pourraient t'empêcher de poursuivre la lecture, redémarrage de pc par exemple)
• Réalise entièrement, précisément et dans l'ordre donné, les procédures demandées, sans cela tu risques de créer plus de problèmes que tu n'en résoudrais.
Ne tente rien par toi-même sans m'en faire part avant !
• N'hésite pas à poser toute question avant d'entamer les procédures, et rapporte immédiatement les problèmes rencontrés lors de celles-ci.
Enfin, sâche que la désinfection ne sera terminée que lorsque je te l'aurais dit.
La disparition des symptômes ne signifie pas obligatoirement la disparition de l'infection !
De plus, malgré toutes ces précautions, un plantage du PC est toujours possible, pense à sauvegarder le maximum de tes documents !
En fin de désinfection (si tout ce passe bien), je t'autorise à me dire 'edreM' de t'avoir bousculé comme cela!
On y va ...
Effectue ceci dans l'ordre :
1/
Depuis un PC sain enregistre dans un document texte la citation complète ci-dessous et transfert ce document sur une clé USB.
Nomme ce document ---)> nettoyage.txt
:reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1631550F-191D-4826-B069-D9439253D926}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1631550F-191D-4826-B069-D9439253D926}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2BEFBCCE-46A6-4950-BCB5-7062EAC6C9C9}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2BEFBCCE-46A6-4950-BCB5-7062EAC6C9C9}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FC0D62C2-9640-4AEB-A5D5-CF25DF11FA8C}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FC0D62C2-9640-4AEB-A5D5-CF25DF11FA8C}]
:Otl
SRV - [2010/12/16 12:03:08 | 000,008,192 | ---- | M] () [Auto] -- C:\WINDOWS\BackupIP\service.exe -- (sdmBackupIP)
IE - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.searchqu.com/sidebar.html?src=ssb&sysid=406
IE - HKU\user_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.searchqu.com/406
IE - HKU\user_ON_C\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.searchqu.com/sidebar.html?src=ssb&sysid=406
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com
IE - HKU\user_ON_C\..\URLSearchHook: {EEE6C35D-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll (SweetIM Technologies Ltd.)
FF - prefs.js..extensions.enabledItems: {EEE6C361-6118-11DC-9C72-001320C79847}:1.1.0.2
FF - prefs.js..extensions.enabledItems: {8A9386B4-E958-4c4c-ADF4-8F26DB3E4829}:2.1.0
FF - prefs.js..extensions.enabledItems: {D9ADB0A8-7BFB-498D-9880-EE78A81CCFA0}:1.0
FF - HKLM\software\mozilla\Firefox\Extensions\\offerboxffx@offerbox.com: C:\Program Files\OfferBox\offerboxffx@offerbox.com [2010/12/29 19:53:33 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\ShopperReports@ShopperReports.com: C:\Program Files\ShopperReports3\bin\3.1.22.0\firefox\firefoxtoolbar\extensions [2011/01/30 11:46:00 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\ClickPotatoLite@ClickPotatoLite.com: C:\Program Files\ClickPotatoLite\bin\10.0.659.0\firefox\extensions [2011/01/30 11:46:06 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\widestream6@spointer.com: C:\Program Files\Widestream6\spointer\extensions\widestream6@spointer.com [2011/02/01 15:35:39 | 000,000,000 | ---D | M]
FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..extensions.enabledItems: toolbar@ask.com:3.11.3.15590
FF - prefs.js..sweetim.toolbar.previous.browser.search.defaultenginename: "Ask.com"
FF - prefs.js..sweetim.toolbar.previous.browser.search.selectedEngine: "Ask.com"
FF - prefs.js..extensions.enabledItems: ClickPotatoLite@ClickPotatoLite.com:10.0.659.0
FF - HKLM\software\mozilla\Firefox\Extensions\\ClickPotatoLite@ClickPotatoLite.com: C:\Program Files\ClickPotatoLite\bin\10.0.659.0\firefox\extensions [2011/01/30 11:46:06 | 000,000,000 | ---D | M]
FF - prefs.js..extensions.enabledItems: offerboxffx@offerbox.com:2.1.3304.104
FF - HKLM\software\mozilla\Firefox\Extensions\\offerboxffx@offerbox.com: C:\Program Files\OfferBox\offerboxffx@offerbox.com [2010/12/29 19:53:33 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\ShopperReports@ShopperReports.com: C:\Program Files\ShopperReports3\bin\3.1.22.0\firefox\firefoxtoolbar\extensions [2011/01/30 11:46:00 | 000,000,000 | ---D | M]
FF - prefs.js..browser.search.defaulturl: "http://search.sweetim.com/search.asp?src=2&q="
FF - prefs.js..sweetim.toolbar.previous.browser.search.defaultenginename: "Ask.com"
FF - prefs.js..sweetim.toolbar.previous.browser.search.selectedEngine: "Ask.com"
O2 - BHO: (Interest recogniser for Widestream6 (powered by Spointer)) - {2BEFBCCE-46A6-4950-BCB5-7062EAC6C9C9} - C:\Program Files\Widestream6\spointer\extensions\widestream6_air_ie.dll (Widestream6)
O2 - BHO: (OfferBox) - {FC0D62C2-9640-4AEB-A5D5-CF25DF11FA8C} - C:\Program Files\OfferBox\OfferBoxBHO.dll (Secure Digital Services Limited)
O2 - BHO: (PriceGongBHO Class) - {1631550F-191D-4826-B069-D9439253D926} - C:\Program Files\PriceGong\2.1.0\PriceGongIE.dll (PriceGong)
O2 - BHO: (SweetIM Toolbar Helper) - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O3 - HKLM\..\Toolbar: (SweetIM Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O3 - HKU\user_ON_C\..\Toolbar\WebBrowser: (SweetIM Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O4 - HKLM..\Run: [SweetIM] C:\Program Files\SweetIM\Messenger\SweetIM.exe (SweetIM Technologies Ltd.)
O4 - HKLM..\Run: [installer] C:\Program Files\Installer\lnetworker.exe ()
O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Launch Whitesmoke Translator.lnk = C:\Program Files\Whitesmoke Translator\WSTrayDictMode.exe ()
O20 - Winlogon\Notify\Antiwpa: DllName - antiwpa.dll - C:\WINDOWS\System32\antiwpa.dll ()
[2011/02/01 15:35:22 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\SweetIM
[2011/04/22 10:01:05 | 000,000,344 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\17358644
[2010/12/30 16:53:43 | 000,060,416 | ---- | C] () -- C:\WINDOWS\System32\antiwpa.dll
[2010/12/29 19:32:12 | 000,011,264 | ---- | C] () -- C:\WINDOWS\System32\Utils.dll
[2011/02/19 04:58:48 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\user\Application Data\WhiteSmokeTranslator
[2011/02/01 15:35:53 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\user\Application Data\widestream
[2011/01/30 11:46:06 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\2ACA5CC3-0F83-453D-A079-1076FE1A8B65
[2011/02/03 03:55:46 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\QuestBrwSearch
[2011/04/21 14:54:23 | 000,002,396 | -H-- | M] () -- C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\g3bcftbs.default\searchplugins\askcom.xml
[2011/03/23 08:24:21 | 000,005,529 | ---- | M] () -- C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\g3bcftbs.default\searchplugins\SearchquWebSearch.xml
[2011/03/23 08:24:21 | 000,005,529 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\SearchquWebSearch.xml
[2011/05/06 07:34:13 | 000,002,333 | ---- | M] () -- C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\g3bcftbs.default\searchplugins\askcom-1.xml
[2011/04/21 14:54:23 | 000,002,396 | -H-- | M] () -- C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\g3bcftbs.default\searchplugins\askcom.xml
[2011/05/24 13:37:55 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\user\Application Data\PriceGong
[2011/01/30 11:46:15 | 000,000,000 | ---D | M] (QuestBrowse) -- C:\Program Files\Mozilla Firefox\extensions\{D9ADB0A8-7BFB-498D-9880-EE78A81CCFA0}
[2011/02/07 13:21:38 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\user\Application Data\ShopperReports3
[2011/02/01 15:35:07 | 000,003,915 | -H-- | M] () -- C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\g3bcftbs.default\searchplugins\sweetim.xml
[2011/02/01 15:35:22 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\SweetIM
[2011/01/30 11:46:06 | 000,000,000 | ---D | M] (ClickPotatoLite Component) -- C:\PROGRAM FILES\CLICKPOTATOLITE\BIN\10.0.659.0\FIREFOX\EXTENSIONS
[2011/01/30 11:46:05 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\user\Application Data\ClickPotatoLite
[2011/02/08 07:18:16 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\ClickPotatoLiteSA
[2011/05/18 06:27:52 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\user\Application Data\OfferBox
[2011/02/01 15:35:07 | 000,003,915 | -H-- | M] () -- C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\g3bcftbs.default\searchplugins\sweetim.xml
() (No name found) -- C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\G3BCFTBS.DEFAULT\EXTENSIONS\{EEE6C361-6118-11DC-9C72-001320C79847}.XPI
[2010/12/29 19:53:21 | 000,000,000 | ---D | M] (PriceGong) -- C:\PROGRAM FILES\PRICEGONG\2.1.0\FF
[2008/04/14 07:00:00 | 000,081,136 | ---- | C] () -- C:\WINDOWS\System32\perfc00C.dat
[2008/04/14 07:00:00 | 000,067,700 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2008/04/14 07:00:00 | 000,034,108 | ---- | C] () -- C:\WINDOWS\System32\perfd00C.dat
[2008/04/14 07:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2008/04/14 07:00:00 | 000,501,696 | ---- | C] () -- C:\WINDOWS\System32\perfh00C.dat
[2008/04/14 07:00:00 | 000,432,936 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2008/04/14 07:00:00 | 000,322,810 | ---- | C] () -- C:\WINDOWS\System32\perfi00C.dat
[2008/04/14 07:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
:files
c:\windows\backupip\service.exe
c:\program files\pricegong\2.1.0\pricegongie.dll
c:\program files\widestream6\spointer\extensions\widestream6_air_ie.dll
c:\program files\offerbox\offerboxbho.dll
c:\program files\installer\lnetworker.exe
c:\program files\whitesmoke translator\wstraydictmode.exe
c:\windows\system32\antiwpa.dll
c:\windows\system32\utils.dll
:Commands
[emptytemp]
[emptyflash]
[resethosts]
[reboot]
2/
Redémarre le PC malade en utilisant le CD Live (OTLPE).
Aux demandes :
Do you wish to load the remote registry > Clique Yes
Do you wish to load remote user profile(s) for scanning > Clique Yes
Automatically Load All Remaining Users (assure toi que la case soit cochée) > Puis clique OK
3/
Branche ta clé USB et transfère le document --> nettoyage.txt sur le PC malade.
Retire la clé du PC.
4/
Lance OTLPE
Copie et colle le contenu de 'nettoyage.txt' dans la fenêtre 'Custom Scan/Fixes'.
Clique sur le bouton 'Run Fix'
Ne touche plus à rien et laisse le PC t'informer qu'il devra redémarrer le PC pour confirmer les corrections
> Retire le CD Live
> Accepte le redémarrage ou alors redémarre toi-même le PC.
5/
Si le PC a redémarrer normalement :
Sur le Bureau tu auras le rapport '05312011_xxxxxx.log' d'OTL > Poste le moi.
Si le PC ne veut pas redémarrer :
Utilise le CD Live > Récupére ce rapport et poste le moi depuis un PC sain.
-
danakil - Expert(e)
- Messages: 1363
- Inscription: 16 Juil 2009 09:47
Re: [Urgent]Pc qui bloque
le 31 Mai 2011 12:56
Bonjour, j'ai un soucis...
En effet j'a suivis a la lettre tes explications sauf que a la fin quand j'ai reboot mon pc il y a toujours mon écran, donc comme tu l'a ecrit j'ai donc utiliser le cd mais aucun rapport a apparu sur le bureau.
Florent.
En effet j'a suivis a la lettre tes explications sauf que a la fin quand j'ai reboot mon pc il y a toujours mon écran, donc comme tu l'a ecrit j'ai donc utiliser le cd mais aucun rapport a apparu sur le bureau.
Florent.
- Florent69
- Visiteur Confirmé
- Messages: 17
- Inscription: 26 Mai 2011 18:21
Re: [Urgent]Pc qui bloque
le 31 Mai 2011 13:07
Autant pour moi javais mal vu, le voilà:
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1631550F-191D-4826-B069-D9439253D926}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1631550F-191D-4826-B069-D9439253D926}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1631550F-191D-4826-B069-D9439253D926}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1631550F-191D-4826-B069-D9439253D926}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2BEFBCCE-46A6-4950-BCB5-7062EAC6C9C9}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2BEFBCCE-46A6-4950-BCB5-7062EAC6C9C9}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2BEFBCCE-46A6-4950-BCB5-7062EAC6C9C9}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2BEFBCCE-46A6-4950-BCB5-7062EAC6C9C9}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FC0D62C2-9640-4AEB-A5D5-CF25DF11FA8C}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FC0D62C2-9640-4AEB-A5D5-CF25DF11FA8C}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FC0D62C2-9640-4AEB-A5D5-CF25DF11FA8C}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FC0D62C2-9640-4AEB-A5D5-CF25DF11FA8C}\ not found.
========== OTL ==========
Registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\sdmBackupIP deleted successfully.
File C:\WINDOWS\BackupIP\service.exe not found.
HKLM\Software\Microsoft\Internet Explorer\Search\\SearchAssistant| /E : value set successfully!
HKU\user_ON_C\Software\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
HKU\user_ON_C\Software\Microsoft\Internet Explorer\Search\\SearchAssistant| /E : value set successfully!
HKLM\Software\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
Registry value HKEY_USERS\user_ON_C\Software\Microsoft\Internet Explorer\URLSearchHooks\\{EEE6C35D-6118-11DC-9C72-001320C79847} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EEE6C35D-6118-11DC-9C72-001320C79847}\ deleted successfully.
File C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll not found.
Registry value HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\offerboxffx@offerbox.com deleted successfully.
File C:\Program Files\OfferBox\offerboxffx@offerbox.com not found.
Registry value HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\ShopperReports@ShopperReports.com deleted successfully.
File C:\Program Files\ShopperReports3\bin\3.1.22.0\firefox\firefoxtoolbar\extensions not found.
Registry value HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\ClickPotatoLite@ClickPotatoLite.com deleted successfully.
File C:\Program Files\ClickPotatoLite\bin\10.0.659.0\firefox\extensions not found.
Registry value HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\widestream6@spointer.com deleted successfully.
File C:\Program Files\Widestream6\spointer\extensions\widestream6@spointer.com not found.
Registry value HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\ClickPotatoLite@ClickPotatoLite.com not found.
File C:\Program Files\ClickPotatoLite\bin\10.0.659.0\firefox\extensions not found.
Registry value HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\offerboxffx@offerbox.com not found.
File C:\Program Files\OfferBox\offerboxffx@offerbox.com not found.
Registry value HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\ShopperReports@ShopperReports.com not found.
File C:\Program Files\ShopperReports3\bin\3.1.22.0\firefox\firefoxtoolbar\extensions not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2BEFBCCE-46A6-4950-BCB5-7062EAC6C9C9}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2BEFBCCE-46A6-4950-BCB5-7062EAC6C9C9}\ not found.
File C:\Program Files\Widestream6\spointer\extensions\widestream6_air_ie.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FC0D62C2-9640-4AEB-A5D5-CF25DF11FA8C}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FC0D62C2-9640-4AEB-A5D5-CF25DF11FA8C}\ not found.
File C:\Program Files\OfferBox\OfferBoxBHO.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1631550F-191D-4826-B069-D9439253D926}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1631550F-191D-4826-B069-D9439253D926}\ not found.
File C:\Program Files\PriceGong\2.1.0\PriceGongIE.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EEE6C35C-6118-11DC-9C72-001320C79847}\ deleted successfully.
File C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{EEE6C35B-6118-11DC-9C72-001320C79847} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EEE6C35B-6118-11DC-9C72-001320C79847}\ deleted successfully.
File C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll not found.
Registry value HKEY_USERS\user_ON_C\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{EEE6C35B-6118-11DC-9C72-001320C79847} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EEE6C35B-6118-11DC-9C72-001320C79847}\ not found.
File C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\SweetIM deleted successfully.
File C:\Program Files\SweetIM\Messenger\SweetIM.exe not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\installer deleted successfully.
File C:\Program Files\Installer\lnetworker.exe not found.
File move failed. C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Launch Whitesmoke Translator.lnk scheduled to be moved on reboot.
File C:\Program Files\Whitesmoke Translator\WSTrayDictMode.exe not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Antiwpa\ deleted successfully.
File C:\WINDOWS\System32\antiwpa.dll not found.
Folder C:\Documents and Settings\All Users\Application Data\SweetIM\ not found.
File C:\Documents and Settings\All Users\Application Data\17358644 not found.
File C:\WINDOWS\System32\antiwpa.dll not found.
File C:\WINDOWS\System32\Utils.dll not found.
Folder C:\Documents and Settings\user\Application Data\WhiteSmokeTranslator\ not found.
Folder C:\Documents and Settings\user\Application Data\widestream\ not found.
Folder C:\Documents and Settings\All Users\Application Data\2ACA5CC3-0F83-453D-A079-1076FE1A8B65\ not found.
Folder C:\Documents and Settings\All Users\Application Data\QuestBrwSearch\ not found.
File C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\g3bcftbs.default\searchplugins\askcom.xml not found.
File C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\g3bcftbs.default\searchplugins\SearchquWebSearch.xml not found.
File C:\Program Files\Mozilla Firefox\searchplugins\SearchquWebSearch.xml not found.
File C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\g3bcftbs.default\searchplugins\askcom-1.xml not found.
File C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\g3bcftbs.default\searchplugins\askcom.xml not found.
Folder C:\Documents and Settings\user\Application Data\PriceGong\ not found.
Folder C:\Program Files\Mozilla Firefox\extensions\{D9ADB0A8-7BFB-498D-9880-EE78A81CCFA0}\ not found.
Folder C:\Documents and Settings\user\Application Data\ShopperReports3\ not found.
File C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\g3bcftbs.default\searchplugins\sweetim.xml not found.
Folder C:\Documents and Settings\All Users\Application Data\SweetIM\ not found.
Folder C:\PROGRAM FILES\CLICKPOTATOLITE\BIN\10.0.659.0\FIREFOX\EXTENSIONS\ not found.
Folder C:\Documents and Settings\user\Application Data\ClickPotatoLite\ not found.
Folder C:\Documents and Settings\All Users\Application Data\ClickPotatoLiteSA\ not found.
Folder C:\Documents and Settings\user\Application Data\OfferBox\ not found.
File C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\g3bcftbs.default\searchplugins\sweetim.xml not found.
Folder C:\PROGRAM FILES\PRICEGONG\2.1.0\FF\ not found.
File C:\WINDOWS\System32\perfc00C.dat not found.
File C:\WINDOWS\System32\perfc009.dat not found.
File C:\WINDOWS\System32\perfd00C.dat not found.
File C:\WINDOWS\System32\perfd009.dat not found.
File C:\WINDOWS\System32\perfh00C.dat not found.
File C:\WINDOWS\System32\perfh009.dat not found.
File C:\WINDOWS\System32\perfi00C.dat not found.
File C:\WINDOWS\System32\perfi009.dat not found.
========== FILES ==========
File\Folder c:\windows\backupip\service.exe not found.
File\Folder c:\program files\pricegong\2.1.0\pricegongie.dll not found.
File\Folder c:\program files\widestream6\spointer\extensions\widestream6_air_ie.dll not found.
File\Folder c:\program files\offerbox\offerboxbho.dll not found.
File\Folder c:\program files\installer\lnetworker.exe not found.
File\Folder c:\program files\whitesmoke translator\wstraydictmode.exe not found.
File\Folder c:\windows\system32\antiwpa.dll not found.
File\Folder c:\windows\system32\utils.dll not found.
========== COMMANDS ==========
[EMPTYTEMP]
User: Administrateur
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: All Users
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: user
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 0 bytes
->Flash cache emptied: 0 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
Total Files Cleaned = 0.00 mb
[EMPTYFLASH]
User: Administrateur
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: All Users
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: user
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 0 bytes
->Flash cache emptied: 0 bytes
Total Flash Files Cleaned = 0.00 mb
C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
OTLPE by OldTimer - Version 3.1.46.0 log created on 05312011_175019
Files\Folders moved on Reboot...
File\Folder C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\LauncmwaVUYe[LILHGBEevj^T`ntn`]~ÂÒŸ¤ÉÁÁ¸“xl]as`irznXQPZmmkR.cij_l¡tjƒ––™˜ucUV~_F>9IL
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1631550F-191D-4826-B069-D9439253D926}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1631550F-191D-4826-B069-D9439253D926}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1631550F-191D-4826-B069-D9439253D926}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1631550F-191D-4826-B069-D9439253D926}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2BEFBCCE-46A6-4950-BCB5-7062EAC6C9C9}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2BEFBCCE-46A6-4950-BCB5-7062EAC6C9C9}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2BEFBCCE-46A6-4950-BCB5-7062EAC6C9C9}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2BEFBCCE-46A6-4950-BCB5-7062EAC6C9C9}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FC0D62C2-9640-4AEB-A5D5-CF25DF11FA8C}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FC0D62C2-9640-4AEB-A5D5-CF25DF11FA8C}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FC0D62C2-9640-4AEB-A5D5-CF25DF11FA8C}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FC0D62C2-9640-4AEB-A5D5-CF25DF11FA8C}\ not found.
========== OTL ==========
Registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\sdmBackupIP deleted successfully.
File C:\WINDOWS\BackupIP\service.exe not found.
HKLM\Software\Microsoft\Internet Explorer\Search\\SearchAssistant| /E : value set successfully!
HKU\user_ON_C\Software\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
HKU\user_ON_C\Software\Microsoft\Internet Explorer\Search\\SearchAssistant| /E : value set successfully!
HKLM\Software\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
Registry value HKEY_USERS\user_ON_C\Software\Microsoft\Internet Explorer\URLSearchHooks\\{EEE6C35D-6118-11DC-9C72-001320C79847} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EEE6C35D-6118-11DC-9C72-001320C79847}\ deleted successfully.
File C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll not found.
Registry value HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\offerboxffx@offerbox.com deleted successfully.
File C:\Program Files\OfferBox\offerboxffx@offerbox.com not found.
Registry value HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\ShopperReports@ShopperReports.com deleted successfully.
File C:\Program Files\ShopperReports3\bin\3.1.22.0\firefox\firefoxtoolbar\extensions not found.
Registry value HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\ClickPotatoLite@ClickPotatoLite.com deleted successfully.
File C:\Program Files\ClickPotatoLite\bin\10.0.659.0\firefox\extensions not found.
Registry value HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\widestream6@spointer.com deleted successfully.
File C:\Program Files\Widestream6\spointer\extensions\widestream6@spointer.com not found.
Registry value HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\ClickPotatoLite@ClickPotatoLite.com not found.
File C:\Program Files\ClickPotatoLite\bin\10.0.659.0\firefox\extensions not found.
Registry value HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\offerboxffx@offerbox.com not found.
File C:\Program Files\OfferBox\offerboxffx@offerbox.com not found.
Registry value HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\ShopperReports@ShopperReports.com not found.
File C:\Program Files\ShopperReports3\bin\3.1.22.0\firefox\firefoxtoolbar\extensions not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2BEFBCCE-46A6-4950-BCB5-7062EAC6C9C9}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2BEFBCCE-46A6-4950-BCB5-7062EAC6C9C9}\ not found.
File C:\Program Files\Widestream6\spointer\extensions\widestream6_air_ie.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FC0D62C2-9640-4AEB-A5D5-CF25DF11FA8C}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FC0D62C2-9640-4AEB-A5D5-CF25DF11FA8C}\ not found.
File C:\Program Files\OfferBox\OfferBoxBHO.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1631550F-191D-4826-B069-D9439253D926}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1631550F-191D-4826-B069-D9439253D926}\ not found.
File C:\Program Files\PriceGong\2.1.0\PriceGongIE.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EEE6C35C-6118-11DC-9C72-001320C79847}\ deleted successfully.
File C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{EEE6C35B-6118-11DC-9C72-001320C79847} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EEE6C35B-6118-11DC-9C72-001320C79847}\ deleted successfully.
File C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll not found.
Registry value HKEY_USERS\user_ON_C\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{EEE6C35B-6118-11DC-9C72-001320C79847} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EEE6C35B-6118-11DC-9C72-001320C79847}\ not found.
File C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\SweetIM deleted successfully.
File C:\Program Files\SweetIM\Messenger\SweetIM.exe not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\installer deleted successfully.
File C:\Program Files\Installer\lnetworker.exe not found.
File move failed. C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Launch Whitesmoke Translator.lnk scheduled to be moved on reboot.
File C:\Program Files\Whitesmoke Translator\WSTrayDictMode.exe not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Antiwpa\ deleted successfully.
File C:\WINDOWS\System32\antiwpa.dll not found.
Folder C:\Documents and Settings\All Users\Application Data\SweetIM\ not found.
File C:\Documents and Settings\All Users\Application Data\17358644 not found.
File C:\WINDOWS\System32\antiwpa.dll not found.
File C:\WINDOWS\System32\Utils.dll not found.
Folder C:\Documents and Settings\user\Application Data\WhiteSmokeTranslator\ not found.
Folder C:\Documents and Settings\user\Application Data\widestream\ not found.
Folder C:\Documents and Settings\All Users\Application Data\2ACA5CC3-0F83-453D-A079-1076FE1A8B65\ not found.
Folder C:\Documents and Settings\All Users\Application Data\QuestBrwSearch\ not found.
File C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\g3bcftbs.default\searchplugins\askcom.xml not found.
File C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\g3bcftbs.default\searchplugins\SearchquWebSearch.xml not found.
File C:\Program Files\Mozilla Firefox\searchplugins\SearchquWebSearch.xml not found.
File C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\g3bcftbs.default\searchplugins\askcom-1.xml not found.
File C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\g3bcftbs.default\searchplugins\askcom.xml not found.
Folder C:\Documents and Settings\user\Application Data\PriceGong\ not found.
Folder C:\Program Files\Mozilla Firefox\extensions\{D9ADB0A8-7BFB-498D-9880-EE78A81CCFA0}\ not found.
Folder C:\Documents and Settings\user\Application Data\ShopperReports3\ not found.
File C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\g3bcftbs.default\searchplugins\sweetim.xml not found.
Folder C:\Documents and Settings\All Users\Application Data\SweetIM\ not found.
Folder C:\PROGRAM FILES\CLICKPOTATOLITE\BIN\10.0.659.0\FIREFOX\EXTENSIONS\ not found.
Folder C:\Documents and Settings\user\Application Data\ClickPotatoLite\ not found.
Folder C:\Documents and Settings\All Users\Application Data\ClickPotatoLiteSA\ not found.
Folder C:\Documents and Settings\user\Application Data\OfferBox\ not found.
File C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\g3bcftbs.default\searchplugins\sweetim.xml not found.
Folder C:\PROGRAM FILES\PRICEGONG\2.1.0\FF\ not found.
File C:\WINDOWS\System32\perfc00C.dat not found.
File C:\WINDOWS\System32\perfc009.dat not found.
File C:\WINDOWS\System32\perfd00C.dat not found.
File C:\WINDOWS\System32\perfd009.dat not found.
File C:\WINDOWS\System32\perfh00C.dat not found.
File C:\WINDOWS\System32\perfh009.dat not found.
File C:\WINDOWS\System32\perfi00C.dat not found.
File C:\WINDOWS\System32\perfi009.dat not found.
========== FILES ==========
File\Folder c:\windows\backupip\service.exe not found.
File\Folder c:\program files\pricegong\2.1.0\pricegongie.dll not found.
File\Folder c:\program files\widestream6\spointer\extensions\widestream6_air_ie.dll not found.
File\Folder c:\program files\offerbox\offerboxbho.dll not found.
File\Folder c:\program files\installer\lnetworker.exe not found.
File\Folder c:\program files\whitesmoke translator\wstraydictmode.exe not found.
File\Folder c:\windows\system32\antiwpa.dll not found.
File\Folder c:\windows\system32\utils.dll not found.
========== COMMANDS ==========
[EMPTYTEMP]
User: Administrateur
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: All Users
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: user
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 0 bytes
->Flash cache emptied: 0 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
Total Files Cleaned = 0.00 mb
[EMPTYFLASH]
User: Administrateur
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: All Users
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: user
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 0 bytes
->Flash cache emptied: 0 bytes
Total Flash Files Cleaned = 0.00 mb
C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
OTLPE by OldTimer - Version 3.1.46.0 log created on 05312011_175019
Files\Folders moved on Reboot...
File\Folder C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\LauncmwaVUYe[LILHGBEevj^T`ntn`]~ÂÒŸ¤ÉÁÁ¸“xl]as`irznXQPZmmkR.cij_l¡tjƒ––™˜ucUV~_F>9IL
- Florent69
- Visiteur Confirmé
- Messages: 17
- Inscription: 26 Mai 2011 18:21
Re: [Urgent]Pc qui bloque
le 31 Mai 2011 13:27
Trés bien!
On n'a pas tout choppé au premier passage mais on a déjà bien secoué la 'bestiole'.
En plus on connait maintenant le nom du 'RootKit' qui bloque le démarrage de ce PC :
Eteins maintenant ce PC car je ne donnerai de procédure que ce soir, maintenant je dois aller travailler.
On n'a pas tout choppé au premier passage mais on a déjà bien secoué la 'bestiole'.
En plus on connait maintenant le nom du 'RootKit' qui bloque le démarrage de ce PC :
File\Folder C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\LauncmwaVUYe[LILHGBEevj^T`ntn`]~ÂÒŸ¤ÉÁÁ¸“xl]as`irznXQPZmmkR.cij_l¡tjƒ––™˜ucUV~_F>9IL
Eteins maintenant ce PC car je ne donnerai de procédure que ce soir, maintenant je dois aller travailler.
-
danakil - Expert(e)
- Messages: 1363
- Inscription: 16 Juil 2009 09:47
28 messages
• Page 1 sur 2 • - 1, 2
Sujets similaires
Demande de désinfection URGENT SVP !!!BonjourJe pense avoir été infecté par un RAT (Remote Access Tool) et peut-être même autre chose. J'ai besoin de l'aide d'une ou plusieurs âmes charitables pour nettoyer mon post de ces intrus. J'ai fais des recherches sur Internet et suis tombé sur cette page : https://lesvirus.fr/remote-administra ...
Réponses: 1
PC bloqué sur écran démarrage carte mère (RÉSOLU)Bonjour à tous,J'ai hésité entre cette catégorie du forum et celle dédiée aux composants, mais je pense que celle-ci est plus appropriée pour les raisons suivantes.Aujourd'hui au démarrage de mon PC, juste après avoir saisi mon mot de passe windows, je me suis retrouvé avec un écran noir. Après avoi ...
Réponses: 1
Problème de baisse de FPS sur Fortnite, besoin d'aide urgentBonjour à tous,Je suis nouveau sur ce forum et j'ai besoin de votre aide. J'ai récemment commencé à jouer à Fortnite sur mon PC, mais j'ai des problèmes de performance assez frustrants. Ma configuration PC n'est pas la plus récente, mais je pense qu'elle devrait être suffisante pour faire tourner le ...
Réponses: 1
Pc bloqué de façon aléatoireBonjour,Ton Bios est bien le 2103 car il est tout récent il est ici , puis il y a pas mal de pilotes qui sont aussi récent.Pour connaitre ta version de pilote tu tapes msinfo32 dans ta recherche et tu auras une page d'information sur ton PC dont la version du bios et sa date d'installation.Les bloca ...
Réponses: 16
Ordinateur bloqué sur les options avancées de la réparationBonjour. J'ai un problème mon ordinateur reste bloqué sur les options de réparation de windows. J'ai essayé toutes les options, rien n'a fonctionné. Merci de m'aider.
Réponses: 1
pc acer bloqué sur le logo au démarrageBonjour,Pourriez-vous m'aider à résoudre un problème sur un pc de bureau "Acer modèle T 180" qui reste bloqué à l'écran sur le logo " Acer" et impossible de cliquer sur Dell ou F12 comme indiqué sur l'écranJ'ai l'impression que l'usb ne fonctionne pas car j'ai essayé de brancher ...
Réponses: 9
souris qui bloque des foisbonjour quand je navigue la souris des fois reste figé, j'ai passer ZHPCleaner hier et aujourdhui j'ai fait FRST64 y a un moment que j'ai pas ouvert pour nettoyage .
Réponses: 2
Qui est en ligne
Utilisateurs parcourant ce forum: Aucun utilisateur enregistré et 12 invités
|
.: Nous contacter :: Flux RSS :: Données personnelles :. |