Ecran bleu et redemarrage apres chargement xp
djodjo57
-
djodjo57 -
djodjo57 -
Bonjour,
J'ai réparé le pc d'un amis en lui installant des logiciels via ma clé USB. Mais problème, lorsque j'ai mis cette clé USB dans mon pc, Antivir détecte un virus puis XP se bloque totalement, impossible de faire quoi que ce soit... Pas grave je fais un reset mais la plus moyen de démarrer, j'ai un écran bleu après l'écran de chargement. Impossible de voir ce qu'il y a écris car ca redémarre aussitôt. Et le plus gros soucis c'est que cet écran bleu apparait aussi en "mode sans échec" et "dernière bonne configuration"... Bref impossible de démarrer même en faisait une réparation avec le cd d'XP.
Connaissez vous un moyen pour démarrer et ainsi passer un coup d'antivirus ?
J'ai réparé le pc d'un amis en lui installant des logiciels via ma clé USB. Mais problème, lorsque j'ai mis cette clé USB dans mon pc, Antivir détecte un virus puis XP se bloque totalement, impossible de faire quoi que ce soit... Pas grave je fais un reset mais la plus moyen de démarrer, j'ai un écran bleu après l'écran de chargement. Impossible de voir ce qu'il y a écris car ca redémarre aussitôt. Et le plus gros soucis c'est que cet écran bleu apparait aussi en "mode sans échec" et "dernière bonne configuration"... Bref impossible de démarrer même en faisait une réparation avec le cd d'XP.
Connaissez vous un moyen pour démarrer et ainsi passer un coup d'antivirus ?
23 réponses
- 1
- 2
Suivant
-
Salut djodjo57
On va créer un LiveCD permettant de supprimer les Malwares ou autres, empêchant le démarrage d'un système.
Procédure a effectuer sur un PC fonctionnel :
Télécharge OTLPEnet sur ton Bureau :
http://oldtimer.geekstogo.com/OTLPENet.exe
* Quand le téléchargement sera fini, Double Clic sur OTLPENet.exe et assures-toi d'avoir insérer un CD-R vierge dans ton graveur CD/DVD. Une fenêtre va s'ouvrir pour te demander si tu souhaites graver Le CD, clique sur le bouton Oui.
* Patiente le temps de la décompression et de la gravure du CD.
Faut maintenant insérer le CD créer dans le lecteur du PC malade et redémarrer l'ordinateur sur le CD :
https://forum.malekal.com/viewtopic.php?t=9447&start=
* En fonction de votre type de connexion Internet, tu dois être en mesure d'accéder au Net, si bien que tu peux accéder à ce sujet plus facilement.
* une fois le bureau de reatogo chargé , tu lances OTLPE , l'icone jaune
* Double-click sur l'icone OTLPE
* Quand demandé "Do you wish to load the remote registry", select Yes
* Quand demandé "Do you wish to load remote user profile(s) for scanning", select Yes
* Vérifier que "Automatically Load All Remaining Users" est sélectionné et press OK
* Sous Custom Scan box copie_colle le contenu en gras ci dessous:
netsvcs
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%SYSTEMDRIVE%\*.*
%SYSTEMDRIVE%\*.exe
%PROGRAMFILES%\*.*
%PROGRAMFILES%\*.
/md5start
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
sceclt.dll
ntelogon.dll
logevent.dll
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
explorer.exe
svchost.exe
userinit.exe
qmgr.dll
ws2_32.dll
proquota.exe
imm32.dll
kernel32.dll
ndis.sys
autochk.exe
spoolsv.exe
xmlprov.dll
ntmssvc.dll
mswsock.dll
Beep.SYS
ntfs.sys
termsrv.dll
sfcfiles.dll
st3shark.sys
/md5stop
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
c:\$recycle.bin\*.* /s
* clic Run Scan pour démarrer le scan.
* une fois terminé , le fichier se trouve là C:\OTL.txt
* copie_colle le contenu dans ta prochaine réponse
@++ :) -
slt, moi je pense que tu a choppé une saleté de virus et comme ta poste n'arrive pas à afficher, il faut faire netoyer ton disque dur sur un autre poste. ça c'est ma pensée
-
non djodjo ne fais pas cette betise !!
utilise plutot ceci c'est plus raisonnable :
http://consultaide.e-monsite.com/rubrique,cd-live-dr-web-cureit-super,245887.html -
-
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question -
Computer Name: REATOGO
Current User Name: SYSTEM
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 7 Days
Output = Standard
Using ControlSet: ControlSet005
[color=#E56717]========== Win32 Services (SafeList) ==========/color
SRV - [2010/06/16 02:32:24 | 001,352,832 | ---- | M] (Lavasoft) [Auto] -- C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe -- (aawservice)
SRV - [2010/05/05 14:42:54 | 000,435,016 | ---- | M] (TuneUp Software) [On_Demand] -- C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe -- (TuneUp.Defrag)
SRV - [2010/05/01 07:58:06 | 000,271,728 | ---- | M] (CybelSoft) [On_Demand] -- C:\Program Files\ma-config.com\maconfservice.exe -- (maconfservice)
SRV - [2010/04/20 10:38:04 | 001,050,440 | ---- | M] (TuneUp Software) [Auto] -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe -- (TuneUp.UtilitiesSvc)
SRV - [2010/04/20 10:35:04 | 000,030,024 | ---- | M] (TuneUp Software) [Auto] -- C:\WINDOWS\system32\uxtuneup.dll -- (UxTuneUp)
SRV - [2009/11/13 07:31:14 | 000,092,008 | ---- | M] (TomTom) [Auto] -- C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe -- (TomTomHOMEService)
SRV - [2009/09/04 10:22:22 | 000,098,304 | ---- | M] (WDC) [Auto] -- C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe -- (WDDMService)
SRV - [2009/08/18 12:10:32 | 000,185,089 | ---- | M] (Avira GmbH) [Auto] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2009/07/13 06:16:47 | 000,108,289 | ---- | M] (Avira GmbH) [Auto] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2009/06/16 04:58:08 | 000,020,480 | ---- | M] (Memeo) [Auto] -- C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe -- (WDSmartWareBackgroundService)
SRV - [2009/04/07 04:39:44 | 000,233,472 | ---- | M] (Teruten) [Auto] -- C:\WINDOWS\system32\FsUsbExService.Exe -- (FsUsbExService)
SRV - [2008/11/03 20:06:28 | 000,441,712 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv)
SRV - [2008/08/12 15:14:00 | 000,024,576 | ---- | M] (Atribune.org) [On_Demand] -- C:\WINDOWS\System32\VundoFixSVC.exe -- (VundoFixSvc)
SRV - [2008/07/10 03:47:18 | 000,116,040 | ---- | M] (Apple Inc.) [Auto] -- C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2008/06/09 04:21:58 | 000,073,728 | ---- | M] (Hewlett-Packard Company) [Auto] -- C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe -- (LightScribeService)
SRV - [2008/05/01 20:42:06 | 000,121,360 | ---- | M] (Logitech, Inc.) [On_Demand] -- C:\Program Files\Fichiers communs\Logitech\Bluetooth\LBTServ.exe -- (LBTServ)
SRV - [2008/04/07 04:17:30 | 000,430,592 | ---- | M] (Nokia.) [On_Demand] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2007/11/05 12:48:00 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand] -- C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2007/10/25 09:27:54 | 000,266,240 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\Program Files\Windows Live\installer\WLSetupSvc.exe -- (WLSetupSvc)
SRV - [2007/09/20 09:35:38 | 000,382,248 | ---- | M] (Nero AG) [On_Demand] -- C:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe -- (NMIndexingService)
SRV - [2007/07/24 06:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) [Auto] -- C:\Program Files\Fichiers communs\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2)
SRV - [2007/01/04 14:48:52 | 000,112,152 | R--- | M] (InterVideo) [Auto] -- C:\Program Files\Fichiers communs\InterVideo\RegMgr\iviRegMgr.exe -- (IviRegMgr)
SRV - [2006/10/26 09:03:08 | 000,145,184 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
SRV - [2005/04/03 18:41:10 | 000,069,632 | ---- | M] (Macrovision Corporation) [On_Demand] -- C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe -- (IDriverT) -
OTL logfile created on: 6/17/2010 11:08:40 AM - Run
OTLPE by OldTimer - Version 3.1.39.0 Folder = X:\Programs\OTLPE
Microsoft Windows XP Service Pack 2 (Version = 5.1.2600) - Type = SYSTEM
Internet Explorer (Version = 8.0.6001.18702)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy
2.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 77.00% Memory free
2.00 Gb Paging File | 2.00 Gb Available in Paging File | 88.00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 29.29 Gb Total Space | 2.29 Gb Free Space | 7.83% Space Free | Partition Type: NTFS
Drive D: | 76.33 Gb Total Space | 0.50 Gb Free Space | 0.65% Space Free | Partition Type: NTFS
Drive E: | 152.66 Gb Total Space | 5.37 Gb Free Space | 3.52% Space Free | Partition Type: NTFS
Drive F: | 465.70 Gb Total Space | 0.13 Gb Free Space | 0.03% Space Free | Partition Type: FAT32
Drive G: | 119.75 Gb Total Space | 0.27 Gb Free Space | 0.22% Space Free | Partition Type: NTFS
H: Drive not present or media not loaded
[color=#E56717]========== Driver Services (SafeList) ==========/color
DRV - File not found [Kernel | On_Demand] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand] -- -- (PDCOMP)
DRV - File not found [Kernel | System] -- -- (PCIDump)
DRV - File not found [Kernel | System] -- -- (lbrtfdc)
DRV - File not found [Kernel | System] -- -- (i2omgmt)
DRV - File not found [Kernel | System] -- -- (Changer)
DRV - File not found [Kernel | On_Demand] -- -- (Ad-Watch Registry Filter)
DRV - File not found [Kernel | On_Demand] -- -- (Ad-Watch Real-Time Scanner)
DRV - File not found [Kernel | On_Demand] -- -- (Ad-Watch Connect Filter)
DRV - [2010/06/16 17:28:21 | 000,741,376 | ---- | M] () [Kernel | Boot] -- C:\WINDOWS\system32\drivers\wuznwy.sys -- (wuznwy)
DRV - [2010/06/16 17:28:18 | 000,574,464 | ---- | M] () [Kernel | Boot] -- C:\WINDOWS\system32\drivers\fjxdtyfi.sys -- (fjxdtyfi)
DRV - [2010/06/12 18:50:44 | 000,064,288 | ---- | M] (Lavasoft AB) [File_System | Boot] -- C:\WINDOWS\system32\drivers\Lbd.sys -- (Lbd)
DRV - [2010/05/01 08:05:04 | 000,014,336 | ---- | M] (CybelSoft) [Kernel | On_Demand] -- C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys -- (driverhardwarev2)
DRV - [2010/04/29 09:39:38 | 000,038,224 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy)
DRV - [2010/04/06 22:42:04 | 004,687,872 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2010/03/26 10:35:18 | 000,721,904 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\sptd.sys.sys -- (sptd)
DRV - [2010/03/13 06:58:52 | 000,087,536 | ---- | M] (CyberLink Corp.) [2010/05/12 16:42:54] [Kernel | Auto] -- C:\Program Files\CyberLink\PowerDVD10\NavFilter\000.fcl -- ({1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC})
DRV - [2009/12/10 13:07:55 | 000,056,816 | ---- | M] (Avira GmbH) [File_System | Auto] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2009/10/14 01:24:44 | 000,010,064 | ---- | M] (TuneUp Software) [Kernel | On_Demand] -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys -- (TuneUpUtilitiesDrv)
DRV - [2009/09/11 07:48:04 | 000,066,056 | ---- | M] (Logitech Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\WmXlCore.sys -- (WmXlCore)
DRV - [2009/09/11 07:47:54 | 000,014,984 | ---- | M] (Logitech Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\WmVirHid.sys -- (WmVirHid)
DRV - [2009/09/11 07:47:32 | 000,035,592 | ---- | M] (Logitech Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\WmFilter.sys -- (WmFilter)
DRV - [2009/09/11 07:47:22 | 000,022,792 | ---- | M] (Logitech Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\WmBEnum.sys -- (WmBEnum)
DRV - [2009/07/13 06:16:47 | 000,028,520 | ---- | M] () [Kernel | System] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2009/05/17 15:51:40 | 000,048,928 | ---- | M] () [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\Tetris.sys -- (Tetris)
DRV - [2009/05/17 15:49:27 | 000,162,432 | ---- | M] () [Kernel | Auto] -- C:\WINDOWS\system32\drivers\ithsgt.sys -- (ithsgt)
DRV - [2009/05/17 15:49:25 | 000,012,032 | ---- | M] () [Kernel | Auto] -- C:\WINDOWS\system32\drivers\lilsgt.sys -- (lilsgt)
DRV - [2009/04/07 04:39:44 | 000,036,608 | ---- | M] () [Kernel | On_Demand] -- C:\WINDOWS\system32\FsUsbExDisk.Sys -- (FsUsbExDisk)
DRV - [2009/03/30 04:32:47 | 000,096,104 | ---- | M] (Avira GmbH) [Kernel | System] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)
DRV - [2009/03/20 05:01:26 | 000,121,856 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ss_bmdm.sys -- (ss_bmdm)
DRV - [2009/03/20 05:01:26 | 000,090,112 | ---- | M] (MCCI) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ss_bbus.sys -- (ss_bbus) SAMSUNG USB Mobile Device (WDM)
DRV - [2009/03/20 05:01:26 | 000,014,976 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ss_bmdfl.sys -- (ss_bmdfl) SAMSUNG USB Mobile Modem (Filter)
DRV - [2009/02/13 07:02:52 | 000,011,520 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\wdcsam.sys -- (WDC_SAM)
DRV - [2009/02/13 06:34:33 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System] -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys -- (avgio)
DRV - [2008/06/13 11:11:16 | 004,754,944 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2008/02/28 21:13:24 | 000,036,880 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\LMouFilt.Sys -- (LMouFilt)
DRV - [2008/02/28 21:13:16 | 000,035,344 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\LHidFilt.Sys -- (LHidFilt)
DRV - [2008/02/28 21:12:48 | 000,020,240 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\L8042Kbd.sys -- (L8042Kbd)
DRV - [2007/11/12 15:39:49 | 000,278,728 | ---- | M] () [Kernel | Auto] -- C:\WINDOWS\system32\drivers\atksgt.sys -- (atksgt)
DRV - [2007/11/12 15:39:49 | 000,025,416 | ---- | M] () [Kernel | Auto] -- C:\WINDOWS\system32\drivers\lirsgt.sys -- (lirsgt)
DRV - [2007/09/19 16:37:48 | 000,041,456 | ---- | M] (Cyberlink Corp.) [Kernel | Auto] -- C:\Program Files\CyberLink\PowerDVD\000.fcl -- ({95808DC4-FA4A-4C74-92FE-5B863F82066B})
DRV - [2007/09/17 10:53:26 | 000,021,632 | ---- | M] (Nokia) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2007/06/19 04:56:57 | 000,282,624 | R--- | M] (Marvell Semiconductor, Inc) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\Mrvw125.sys -- (W8335XP)
DRV - [2007/06/04 12:25:14 | 000,016,048 | ---- | M] (Cyberlink Co.,Ltd.) [Kernel | System] -- C:\WINDOWS\system32\drivers\CLBStor.sys -- (CLBStor)
DRV - [2007/06/04 12:25:12 | 000,162,096 | ---- | M] (CyberLink Corporation.) [File_System | Auto] -- C:\WINDOWS\system32\drivers\CLBUDF.sys -- (CLBUDF)
DRV - [2007/04/17 15:09:28 | 000,011,032 | ---- | M] (InterVideo) [Kernel | Auto] -- C:\WINDOWS\system32\drivers\regi.sys -- (regi)
DRV - [2007/03/24 05:20:24 | 000,046,208 | ---- | M] (JMicron Technology Corp.) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\jraid.sys -- (JRAID)
DRV - [2007/03/15 10:12:02 | 000,038,656 | R--- | M] (Attansic Technology corporation.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\atl01_xp.sys -- (AtcL001)
DRV - [2006/10/18 15:12:16 | 000,012,664 | R--- | M] () [Kernel | System] -- C:\WINDOWS\system32\drivers\AsIO.sys -- (AsIO)
DRV - [2006/02/24 18:04:05 | 000,019,200 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\AnyDVD.sys -- (AnyDVD)
DRV - [2006/02/07 13:52:58 | 000,006,912 | ---- | M] (JMicron ) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\JGOGO.sys -- (JGOGO)
DRV - [2006/01/19 15:41:52 | 000,010,368 | R--- | M] (Padus, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\pfc.sys -- (pfc)
DRV - [2005/09/29 13:01:51 | 000,066,048 | ---- | M] (Protection Technology) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\sfvfs02.sys -- (sfvfs02) StarForce Protection VFS Driver (version 2.x)
DRV - [2005/09/20 12:27:20 | 000,010,368 | ---- | M] (InterVideo, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\iviaspi.sys -- (Iviaspi)
DRV - [2005/08/10 10:06:28 | 000,019,968 | ---- | M] (Protection Technology) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\sfsync02.sys -- (sfsync02) StarForce Protection Synchronization Driver (version 2.x)
DRV - [2005/08/10 08:44:04 | 000,050,688 | ---- | M] () [Kernel | Boot] -- C:\WINDOWS\system32\drivers\sfdrv01.sys -- (sfdrv01) StarForce Protection Environment Driver (version 1.x)
DRV - [2005/06/07 08:21:18 | 000,541,568 | ---- | M] () [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\phc700.sys -- (phc700) USB PC Camera (phc710)
DRV - [2005/05/27 03:31:28 | 000,022,016 | ---- | M] (Logitech Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\LVUSBSta.sys -- (LVUSBSta)
DRV - [2005/05/16 09:20:39 | 000,006,656 | ---- | M] (Protection Technology) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\sfhlp02.sys -- (sfhlp02) StarForce Protection Helper Driver (version 2.x)
DRV - [2005/04/21 07:40:36 | 000,010,624 | ---- | M] (Elaborate Bytes AG) [Kernel | Auto] -- C:\WINDOWS\system32\drivers\ElbyCDIO.sys -- (ElbyCDIO)
DRV - [2005/01/31 05:13:24 | 000,163,328 | ---- | M] () [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\LV532AV.SYS -- (PID_0920) Logitech QuickCam Express(PID_0920)
DRV - [2005/01/07 11:07:18 | 000,138,752 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\Hdaudbus.sys -- (HDAudBus)
DRV - [2004/08/13 14:56:20 | 000,005,810 | R--- | M] () [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ASACPI.sys -- (MTsensor)
DRV - [2004/08/03 17:07:56 | 000,059,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\USBAUDIO.sys -- (usbaudio) Pilote USB audio (WDM)
DRV - [2004/05/13 09:00:04 | 000,111,808 | ---- | M] (Protection Technology) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\prohlp02.sys -- (prohlp02)
DRV - [2004/05/13 07:19:36 | 000,079,488 | ---- | M] (Protection Technology) [Kernel | System] -- C:\WINDOWS\System32\drivers\prodrv06.sys -- (prodrv06)
DRV - [2004/04/30 03:37:02 | 000,160,640 | ---- | M] ( ) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\a347bus.sys -- (a347bus)
DRV - [2004/04/30 03:33:00 | 000,005,248 | ---- | M] ( ) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\a347scsi.sys -- (a347scsi)
DRV - [2004/04/14 05:08:00 | 000,014,432 | ---- | M] (Logitech Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\WmHidLo.sys -- (WmHidLo)
DRV - [2003/12/01 11:20:52 | 000,004,832 | ---- | M] (Protection Technology) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\sfhlp01.sys -- (sfhlp01)
DRV - [2003/09/06 08:22:08 | 000,006,944 | ---- | M] (Protection Technology) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\prosync1.sys -- (prosync1)
DRV - [2002/07/17 05:53:02 | 000,016,877 | ---- | M] (Adaptec) [Kernel | Auto] -- C:\WINDOWS\system32\drivers\ASPI32.SYS -- (Aspi32) -
[color=#E56717]========== Standard Registry (SafeList) ==========/color
[color=#E56717]========== Internet Explorer ==========/color
IE - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\Administrateur_ON_C\Software\Microsoft\Internet Explorer\Main,Search Page =
IE - HKU\Administrateur_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
IE - HKU\Administrateur_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\Administrateur_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
IE - HKU\LocalService_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\NetworkService_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
[color=#E56717]========== FireFox ==========/color
FF - prefs.js..browser.startup.homepage: "www.google.fr"
FF - prefs.js..extensions.enabledItems: fr@dictionaries.addons.mozilla.org:3.5
FF - prefs.js..extensions.enabledItems: firebug@software.joehewitt.com:1.5.4
FF - prefs.js..extensions.enabledItems: {DB9127A2-3381-41ec-82B3-1B6ED4C6F29A}:1.0
FF - prefs.js..extensions.enabledItems: {19503e42-ca3c-4c27-b1e2-9cdb2170ee34}:1.2.1.23
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:2.1.2.20100119091315
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.2
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/05/09 12:05:46 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/05/09 12:05:46 | 000,000,000 | ---D | M]
[2010/02/19 08:59:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Extensions
[2010/02/19 08:59:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Extensions\home2@tomtom.com
[2010/06/16 12:08:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\wxch7019.default\extensions
[2010/06/04 05:53:59 | 000,000,000 | ---D | M] (FlashGot) -- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\wxch7019.default\extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}
[2010/04/27 17:13:33 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\wxch7019.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/02/20 09:09:26 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\wxch7019.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2010/05/09 18:15:13 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\wxch7019.default\extensions\{bb628310-0ab7-11db-9cd8-0800200c9a66}
[2009/07/14 00:53:46 | 000,000,000 | ---D | M] (Web Developer) -- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\wxch7019.default\extensions\{c45c406e-ab73-11d8-be73-000a95be3b12}
[2010/05/03 07:48:15 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\wxch7019.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2010/01/21 05:21:23 | 000,000,000 | ---D | M] (flashget3 Extension) -- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\wxch7019.default\extensions\{DB9127A2-3381-41ec-82B3-1B6ED4C6F29A}
[2010/05/08 13:37:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\wxch7019.default\extensions\firebug@software.joehewitt.com
[2010/02/08 05:20:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\wxch7019.default\extensions\fr@dictionaries.addons.mozilla.org
[2009/12/12 11:02:29 | 000,002,055 | ---- | M] () -- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\wxch7019.default\searchplugins\daemon-search.xml
[2010/06/16 12:08:32 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2006/08/09 06:16:08 | 000,030,408 | ---- | M] ( ) -- C:\Program Files\Mozilla Firefox\plugins\npWebLaunch.dll
[2010/03/16 14:45:41 | 000,001,516 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazon-france.xml
[2010/03/16 14:45:41 | 000,001,822 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\cnrtl-tlfi-fr.xml
[2010/03/16 14:45:41 | 000,000,757 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-france.xml
[2010/03/16 14:45:41 | 000,001,426 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-fr.xml
[2010/03/16 14:45:41 | 000,000,956 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-france.xml -
O1 HOSTS File: ([2008/01/07 15:22:24 | 000,222,531 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 1001-search.info
O1 - Hosts: 127.0.0.1 www.1001-search.info
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 123topsearch.com
O1 - Hosts: 127.0.0.1 www.123topsearch.com
O1 - Hosts: 127.0.0.1 132.com
O1 - Hosts: 127.0.0.1 www.132.com
O1 - Hosts: 127.0.0.1 136136.net
O1 - Hosts: 127.0.0.1 www.136136.net
O1 - Hosts: 7808 more lines...
O2 - BHO: (Aide pour le lien d'Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (FGCatchUrl) - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Program Files\FlashGet\jccatch.dll (www.flashget.com)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Programme d'aide de l'Assistant de connexion Windows Live) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (FlashGet GetFlash Class) - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Program Files\FlashGet\getflash.dll (www.flashget.com)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - No CLSID value found.
O3 - HKU\Administrateur_ON_C\..\Toolbar\ShellBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKU\Administrateur_ON_C\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4 - HKLM..\Run: [\\PATRICK\EPSON Stylus Photo R240 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAHE.EXE (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [36X Raid Configurer] C:\WINDOWS\System32\xRaidSetup.exe (JMicron Technology Corp.)
O4 - HKLM..\Run: [Ai Nap] C:\Program Files\ASUS\Ai Suite\AiNap\AiNap.exe ()
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [AnyDVD] C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe (SlySoft, Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [BDRegion] C:\Program Files\CyberLink\Shared Files\brs.exe (cyberlink)
O4 - HKLM..\Run: [Flashget] C:\Program Files\FlashGet\flashget.exe (FlashGet.com)
O4 - HKLM..\Run: [InstantBurn] C:\Program Files\CyberLink\InstantBurn\Win2K\IBurn.exe (CyberLink Corporation.)
O4 - HKLM..\Run: [JMB36X IDE Setup] C:\WINDOWS\RaidTool\xInsIDE.exe ()
O4 - HKLM..\Run: [Kernel and Hardware Abstraction Layer] C:\WINDOWS\KHALMNPR.Exe (Logitech, Inc.)
O4 - HKLM..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE (Logitech Inc.)
O4 - HKLM..\Run: [NBKeyScan] C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe (Nero AG)
O4 - HKLM..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Nero\Lib\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [phc710] C:\WINDOWS\vphc700.exe (Sonix)
O4 - HKLM..\Run: [RemoteControl10] C:\Program Files\CyberLink\PowerDVD10\PDVD10Serv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [Start WingMan Profiler] C:\Program Files\Logitech\Gaming Software\LWEMon.exe (Logitech Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [WinSys2] C:\WINDOWS\system32\winsys2.exe ()
O4 - HKU\Administrateur_ON_C..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O4 - HKU\Administrateur_ON_C..\Run: [TomTomHOME.exe] C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe (TomTom)
O4 - HKU\Administrateur_ON_C..\Run: [Wallpaper] C:\Program Files\Wallpaper\Wallpaper.exe ()
O4 - Startup: C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\Démarrage\Outlook 2007.lnk = C:\WINDOWS\Installer\{90120000-0011-0000-0000-0000000FF1CE}\outicon.exe ()
O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AdobeCollabSync.exe ()
O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Lancement rapide d'Adobe Acrobat.lnk = C:\WINDOWS\Installer\{AC76BA86-1033-F400-7760-000000000003}\_SC_Acrobat.exe ()
O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe (Logitech Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe (Logitech, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\WDDMStatus.lnk = C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe (WDC)
O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\WDSmartWare.lnk = C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe (Western Digital)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\Administrateur_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\Administrateur_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O7 - HKU\LocalService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\NetworkService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: &Télécharger avec FlashGet - C:\Program Files\FlashGet\JC_LINK.HTM ()
O8 - Extra context menu item: &Tout télécharger avec FlashGet - C:\Program Files\FlashGet\JC_ALL.HTM ()
O8 - Extra context menu item: Ajouter au fichier PDF existant - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convertir en Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convertir la cible du lien en Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convertir la cible du lien en un fichier PDF existant - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convertir la sélection en Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convertir la sélection en un fichier PDF existant - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convertir les liens sélectionnés en fichier Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convertir les liens sélectionnés en un fichier PDF existant - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: E&xporter vers Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\flashget.exe (FlashGet.com)
O9 - Extra 'Tools' menuitem : FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\flashget.exe (FlashGet.com)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} http://www.zebulon.fr/scan8/oscan8.cab (BDSCANONLINE Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-0014-0002-0005-ABCDEFFEDCBA} https://www.oracle.com/java/technologies/ (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O18 - Protocol\Handler\bwfile-8876480 {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll (Logitech Inc.)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\vnd.ms.radio {3DA2AA3B-3D96-11D2-9BD2-204C4F4F5020} - C:\WINDOWS\system32\msdxm.ocx (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\bd66dd0b.exe) - C:\WINDOWS\System32\bd66dd0b.exe File not found
O20 - HKLM Winlogon: UserInit - (\\?\globalroot\systemroot\) - \\?\globalroot\systemroot\ File not found
O20 - HKLM Winlogon: UserInit - (\\?\globalroot\systemroot\system32\gGnzWWL.exe) - File not found
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O20 - Winlogon\Notify\LBTWlgn: DllName - c:\program files\fichiers communs\logitech\bluetooth\LBTWlgn.dll - c:\Program Files\Fichiers communs\Logitech\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O20 - Winlogon\Notify\mljkkhh: DllName - mljkkhh.dll - File not found
O20 - Winlogon\Notify\WgaLogon: DllName - WgaLogon.dll - File not found
O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - CLSID or File not found.
O24 - Desktop Components:0 (Ma page d'accueil) - About:Home
O24 - Desktop WallPaper: B:\Documents and Settings\Default User\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: B:\Documents and Settings\Default User\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (C:\WINDOWS\system32\mllmn) - File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007/10/25 20:18:31 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2006/03/24 07:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
O33 - MountPoints2\{55c1ed7c-0731-11df-80c0-00160a0f20e5}\Shell - "" = AutoRun
O33 - MountPoints2\{55c1ed7c-0731-11df-80c0-00160a0f20e5}\Shell\AutoRun\command - "" = P:\WD SmartWare.exe -- File not found
O33 - MountPoints2\{57c7762b-eb2e-11de-8096-001d60a5c5ca}\Shell\AutoRun\command - "" = O:\InstallTomTomHOME.exe -- File not found
O33 - MountPoints2\{c18fcfc0-08f9-11de-beba-00160a0f20e5}\Shell - "" = AutoRun
O33 - MountPoints2\D\Shell - "" = AutoRun
O33 - MountPoints2\D\Shell\AutoRun\command - "" = D:\setup.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (lsdelete) - C:\WINDOWS\System32\lsdelete.exe ()
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %* -
NetSvcs: 6to4 - File not found
NetSvcs: Ias - C:\WINDOWS\system32\ias [2007/10/25 22:07:39 | 000,000,000 | ---D | M]
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: UxTuneUp - C:\WINDOWS\system32\uxtuneup.dll (TuneUp Software)
NetSvcs: WmdmPmSp - File not found
MsConfig - State: "system.ini" - 0
MsConfig - State: "win.ini" - 0
MsConfig - State: "bootini" - 2
MsConfig - State: "services" - 0
MsConfig - State: "startup" - 0
SafeBootMin: aawservice - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe (Lavasoft)
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: Lavasoft Ad-Aware Service - Service
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: sermouse.sys - Driver
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vga.sys - Driver
SafeBootMin: WdfLoadGroup -
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: aawservice - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe (Lavasoft)
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: Lavasoft Ad-Aware Service - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: sermouse.sys - Driver
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vga.sys - Driver
SafeBootNet: WdfLoadGroup -
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices -
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Microsoft VM
ActiveX: {0BB5B6AE-87E7-4C16-4AC0-240BDD322811} - Internet Explorer
ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Rendu VML (Vector Graphics Rendering)
ActiveX: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "C:\Program Files\Fichiers communs\LightScribe\LSRunOnce.exe"
ActiveX: {12322000-FC00-BC00-0000-123220000001} - Free - Kit de connexion
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - Microsoft NetShow Player
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4
ActiveX: {233C1507-6A77-46A4-9443-F871F945D258} - Adobe Shockwave Director 10.2
ActiveX: {2431C9D0-46D1-FE9F-E6FC-BCA49EEE89BE} - Mise à jour de la version d'Internet Explorer
ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation
ActiveX: {2A202491-F00D-11cf-87CC-0020AFEECF20} - Adobe Shockwave Director 10.2
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Liaison de données Dynamic HTML pour Java
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe
ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Création avancée
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - Classes Java DirectAnimation
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5056b317-8d4c-43ee-8543-b9d1e234b8f4} - Mise à jour de sécurité pour Windows XP (KB923789)
ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7131646D-CD3C-40F4-97B9-CD9E4E6262EF} - .NET Framework
ActiveX: {73fa19d0-2d75-11d2-995d-00c04f98bbc9} - Web Folders
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {98DA425B-BEA8-001C-7DC3-AF0C397DCFFA} - Microsoft VM
ActiveX: {ACC563BC-4266-43f0-B6ED-9D38C4202C7E} -
ActiveX: {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} - .NET Framework
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Planificateur de tâches
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.0
ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {F196AC50-7C95-42E1-9947-BDAB18BF3C8C} - .NET Framework
ActiveX: <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exe
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\WINDOWS\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE
ActiveX: WriteRegStr -
Drivers32: msacm.ac3acm - C:\WINDOWS\System32\ac3acm.acm (fccHandler)
Drivers32: msacm.clmp3enc - C:\Program Files\CyberLink\Power2Go\CLMP3Enc.ACM (CyberLink Corp.)
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\System32\l3codecp.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.lameacm - C:\WINDOWS\System32\lameACM.acm (http://www.mp3dev.org/
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: MSVideo - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\WINDOWS\System32\DivX.dll (DivX, Inc.)
Drivers32: VIDC.FFDS - C:\WINDOWS\System32\ff_vfw.dll ()
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: VIDC.XVID - C:\WINDOWS\System32\xvidvfw.dll ()
Drivers32: vidc.yv12 - C:\WINDOWS\System32\DivX.dll (DivX, Inc.) -
[color=#E56717]========== Files/Folders - Created Within 7 Days ==========/color
[2010/06/16 17:27:09 | 000,077,824 | ---- | C] (xiaMRhfW) -- C:\Documents and Settings\Administrateur\kuisi.exe
[2010/06/16 11:34:31 | 000,077,824 | ---- | C] (uuzSVadB) -- C:\Documents and Settings\Administrateur\luimuu.exe
[2010/06/16 11:29:39 | 000,301,478 | ---- | C] (Oleg N. Scherbakov) -- C:\Documents and Settings\Administrateur\firefox.exe
[2010/06/16 11:29:16 | 000,077,824 | RHS- | C] (KKAPOUTn) -- C:\Documents and Settings\Administrateur\nuotik.exe
[2008/06/07 08:48:46 | 000,061,440 | ---- | C] ( ) -- C:\WINDOWS\System32\cphc700.dll
[2004/05/07 12:40:18 | 000,327,680 | ---- | C] ( ) -- C:\WINDOWS\System32\drvc.dll
[2004/04/30 03:37:02 | 000,160,640 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\a347bus.sys
[2004/04/30 03:33:00 | 000,005,248 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\a347scsi.sys
[2004/02/14 09:49:52 | 000,049,152 | ---- | C] ( ) -- C:\WINDOWS\System32\rv40.dll
[2004/01/30 09:48:22 | 000,241,723 | ---- | C] ( ) -- C:\WINDOWS\System32\hxltcolor.dll
[2004/01/30 09:48:22 | 000,176,195 | ---- | C] ( ) -- C:\WINDOWS\System32\drv2.dll
[2004/01/30 09:48:22 | 000,057,411 | ---- | C] ( ) -- C:\WINDOWS\System32\rv20.dll
[2004/01/30 09:48:22 | 000,049,221 | ---- | C] ( ) -- C:\WINDOWS\System32\rv30.dll
[2004/01/30 09:48:20 | 000,106,561 | ---- | C] ( ) -- C:\WINDOWS\System32\sipr.dll
[2004/01/30 09:32:44 | 000,065,602 | ---- | C] ( ) -- C:\WINDOWS\System32\cook.dll
[7 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[2 C:\WINDOWS\System32\drivers\*.tmp files -> C:\WINDOWS\System32\drivers\*.tmp -> ]
[color=#E56717]========== Files - Modified Within 7 Days ==========/color
[2010/06/17 11:08:17 | 000,262,144 | ---- | M] () -- C:\WINDOWS\system32\config\systemprofile\NtUser.dat
[2010/06/17 03:01:59 | 016,515,072 | ---- | M] () -- C:\Documents and Settings\Administrateur\NTUSER.DAT
[2010/06/16 17:28:21 | 000,741,376 | ---- | M] () -- C:\WINDOWS\System32\drivers\wuznwy.sys
[2010/06/16 17:28:18 | 000,574,464 | ---- | M] () -- C:\WINDOWS\System32\drivers\fjxdtyfi.sys
[2010/06/16 17:28:15 | 000,301,478 | ---- | M] (Oleg N. Scherbakov) -- C:\Documents and Settings\Administrateur\firefox.exe
[2010/06/16 17:27:09 | 000,077,824 | ---- | M] (xiaMRhfW) -- C:\Documents and Settings\Administrateur\kuisi.exe
[2010/06/16 17:23:22 | 000,000,450 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{B5BE38DE-BA0C-4660-B59F-08D00D13CB09}.job
[2010/06/16 16:40:00 | 000,001,182 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-2000478354-1770027372-839522115-500UA.job
[2010/06/16 15:17:58 | 000,000,492 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2010/06/16 15:16:02 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/06/16 15:15:55 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/06/16 15:02:17 | 000,000,000 | ---- | M] () -- C:\WINDOWS\MEMORY.DMP
[2010/06/16 14:52:43 | 000,099,840 | ---- | M] () -- C:\Documents and Settings\Administrateur\a.exe
[2010/06/16 12:28:04 | 000,002,631 | ---- | M] () -- C:\Documents and Settings\Administrateur\Bureau\Outlook 2007.lnk
[2010/06/16 12:17:48 | 001,572,864 | ---- | M] () -- C:\Documents and Settings\NetworkService\NTUSER.DAT
[2010/06/16 12:17:48 | 001,572,864 | ---- | M] () -- C:\Documents and Settings\LocalService\NTUSER.DAT
[2010/06/16 12:17:30 | 000,000,184 | -HS- | M] () -- C:\Documents and Settings\Administrateur\ntuser.ini
[2010/06/16 11:34:31 | 000,077,824 | ---- | M] (uuzSVadB) -- C:\Documents and Settings\Administrateur\luimuu.exe
[2010/06/16 11:29:16 | 000,077,824 | RHS- | M] (KKAPOUTn) -- C:\Documents and Settings\Administrateur\nuotik.exe
[2010/06/16 10:41:23 | 000,012,288 | ---- | M] () -- C:\Documents and Settings\Administrateur\x.exe
[2010/06/16 07:47:56 | 000,156,160 | ---- | M] () -- C:\Documents and Settings\Administrateur\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/06/16 04:04:50 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2010/06/15 17:40:00 | 000,001,130 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-2000478354-1770027372-839522115-500Core.job
[2010/06/14 09:54:01 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2010/06/13 18:05:49 | 000,002,278 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/06/12 18:50:44 | 000,064,288 | ---- | M] (Lavasoft AB) -- C:\WINDOWS\System32\drivers\Lbd.sys
[2010/06/11 08:43:59 | 001,134,830 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010/06/11 08:43:59 | 000,526,160 | ---- | M] () -- C:\WINDOWS\System32\perfh00C.dat
[2010/06/11 08:43:59 | 000,435,396 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/06/11 08:43:59 | 000,090,508 | ---- | M] () -- C:\WINDOWS\System32\perfc00C.dat
[2010/06/11 08:43:59 | 000,068,292 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[7 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[2 C:\WINDOWS\System32\drivers\*.tmp files -> C:\WINDOWS\System32\drivers\*.tmp -> ]
[color=#E56717]========== Files Created - No Company Name ==========/color
[2010/06/16 17:28:20 | 000,012,288 | ---- | C] () -- C:\Documents and Settings\Administrateur\x.exe
[2010/06/16 11:29:39 | 000,099,840 | ---- | C] () -- C:\Documents and Settings\Administrateur\a.exe
[2010/05/12 09:43:13 | 000,352,256 | ---- | C] () -- C:\Documents and Settings\Administrateur\Application Data\chrtmp
[2010/05/09 18:23:24 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll
[2010/05/08 13:50:45 | 000,001,769 | ---- | C] () -- C:\WINDOWS\Language_trs.ini
[2010/05/05 09:52:16 | 000,000,016 | ---- | C] () -- C:\WINDOWS\system32\config\systemprofile\Application Data\qvjsge.dat
[2010/05/05 04:03:23 | 000,000,016 | ---- | C] () -- C:\Documents and Settings\LocalService\Application Data\qvjsge.dat
[2010/04/30 07:58:05 | 000,574,464 | ---- | C] () -- C:\WINDOWS\System32\drivers\fjxdtyfi.sys
[2010/04/26 05:09:27 | 000,011,663 | ---- | C] () -- C:\Documents and Settings\Administrateur\hs_err_pid1068.log
[2010/04/18 08:09:33 | 000,011,665 | ---- | C] () -- C:\Documents and Settings\Administrateur\hs_err_pid3340.log
[2010/04/10 18:09:33 | 000,011,545 | ---- | C] () -- C:\Documents and Settings\Administrateur\hs_err_pid4940.log
[2010/04/03 18:09:10 | 000,011,548 | ---- | C] () -- C:\Documents and Settings\Administrateur\hs_err_pid916.log
[2010/03/29 05:09:32 | 000,011,665 | ---- | C] () -- C:\Documents and Settings\Administrateur\hs_err_pid2204.log
[2010/03/22 04:07:12 | 000,013,750 | -HS- | C] () -- C:\Documents and Settings\Administrateur\Local Settings\Application Data\wo588q8Gd1tnB
[2010/03/22 04:04:22 | 000,000,008 | ---- | C] () -- C:\Documents and Settings\LocalService\Application Data\jasltw.dat
[2010/03/21 19:37:49 | 000,741,376 | ---- | C] () -- C:\WINDOWS\System32\drivers\wuznwy.sys
[2010/03/21 19:37:30 | 000,000,008 | ---- | C] () -- C:\Documents and Settings\NetworkService\Application Data\jasltw.dat
[2010/03/21 16:09:07 | 000,011,659 | ---- | C] () -- C:\Documents and Settings\Administrateur\hs_err_pid2852.log
[2010/03/11 22:00:55 | 000,000,127 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
[2010/01/21 05:20:40 | 000,000,025 | ---- | C] () -- C:\WINDOWS\libem.INI
[2009/11/28 12:11:24 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\FsUsbExDevice.Dll
[2009/11/28 12:11:24 | 000,036,608 | ---- | C] () -- C:\WINDOWS\System32\FsUsbExDisk.Sys
[2009/11/28 12:11:15 | 000,002,528 | ---- | C] () -- C:\Documents and Settings\Administrateur\Application Data\$_hpcst$.hpc
[2009/11/06 05:58:04 | 000,178,975 | ---- | C] () -- C:\WINDOWS\System32\xlive.dll.cat
[2009/08/28 15:43:30 | 000,000,065 | ---- | C] () -- C:\WINDOWS\poolemup.ini
[2009/07/26 18:36:28 | 000,000,010 | ---- | C] () -- C:\WINDOWS\WININIT.INI
[2009/06/19 15:06:22 | 000,197,912 | ---- | C] () -- C:\WINDOWS\System32\physxcudart_20.dll
[2009/06/19 15:06:22 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll
[2009/06/19 15:06:22 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll
[2009/06/19 15:06:22 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll
[2009/06/19 15:06:22 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll
[2009/06/19 15:06:22 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll
[2009/06/19 15:06:22 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll
[2009/06/19 15:06:22 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll
[2009/06/19 15:06:22 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll
[2009/06/19 15:06:22 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll
[2009/05/17 15:50:56 | 000,048,928 | ---- | C] () -- C:\WINDOWS\System32\drivers\Tetris.sys
[2009/05/17 15:49:27 | 000,162,432 | ---- | C] () -- C:\WINDOWS\System32\drivers\ithsgt.sys
[2009/05/17 15:49:25 | 000,012,032 | ---- | C] () -- C:\WINDOWS\System32\drivers\lilsgt.sys
[2008/11/20 14:06:07 | 000,000,109 | ---- | C] () -- C:\WINDOWS\disney.ini
[2008/08/12 14:56:31 | 000,000,000 | -H-- | C] () -- C:\Documents and Settings\Administrateur\NTUSER.DAT_TU_37543.LOG
[2008/08/12 14:56:30 | 000,000,000 | -H-- | C] () -- C:\Documents and Settings\LocalService\NTUSER.DAT_TU_85901.LOG
[2008/08/12 14:56:30 | 000,000,000 | -H-- | C] () -- C:\Documents and Settings\NetworkService\NTUSER.DAT_TU_83022.LOG
[2008/08/01 16:41:50 | 000,000,000 | ---- | C] () -- C:\WINDOWS\lgfwup.ini
[2008/07/30 01:22:09 | 000,000,000 | ---- | C] () -- C:\WINDOWS\pcfriend.INI
[2008/07/16 11:57:57 | 000,018,608 | ---- | C] () -- C:\Documents and Settings\Administrateur\default.pls
[2008/06/07 08:48:46 | 000,541,568 | ---- | C] () -- C:\WINDOWS\System32\drivers\phc700.sys
[2008/06/07 08:48:46 | 000,015,488 | ---- | C] () -- C:\WINDOWS\phc700.ini
[2008/06/07 08:42:22 | 000,000,427 | ---- | C] () -- C:\Documents and Settings\Administrateur\Installer.log
[2008/05/26 17:23:32 | 000,016,698 | ---- | C] () -- C:\WINDOWS\System32\gthrctr.ini
[2008/05/26 17:23:30 | 000,021,596 | ---- | C] () -- C:\WINDOWS\System32\idxcntrs.ini
[2008/05/26 17:23:28 | 000,016,036 | ---- | C] () -- C:\WINDOWS\System32\gsrvctr.ini
[2008/05/12 21:53:16 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2008/05/12 21:50:16 | 000,000,416 | ---- | C] () -- C:\WINDOWS\System32\dtu100.dll.manifest
[2008/05/12 21:50:16 | 000,000,416 | ---- | C] () -- C:\WINDOWS\System32\dpl100.dll.manifest
[2008/05/12 21:50:08 | 000,831,488 | ---- | C] () -- C:\WINDOWS\System32\divx_xx0a.dll
[2008/05/12 21:49:02 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\DivXWMPExtType.dll
[2008/03/16 10:08:35 | 000,000,022 | ---- | C] () -- C:\Documents and Settings\Administrateur\Local Settings\Application Data\kodakpcd.ini
[2008/01/23 17:04:05 | 000,022,328 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2008/01/23 17:04:04 | 000,022,328 | ---- | C] () -- C:\Documents and Settings\Administrateur\Application Data\PnkBstrK.sys
[2008/01/13 06:20:04 | 000,028,520 | ---- | C] () -- C:\WINDOWS\System32\drivers\ssmdrv.sys
[2008/01/07 16:11:21 | 000,262,144 | ---- | C] () -- C:\WINDOWS\system32\config\systemprofile\NtUser.dat
[2008/01/07 16:11:21 | 000,008,192 | -H-- | C] () -- C:\WINDOWS\system32\config\systemprofile\NtUser.dat.LOG
[2007/12/07 19:43:51 | 000,000,305 | ---- | C] () -- C:\WINDOWS\game.ini
[2007/12/06 15:27:29 | 000,120,200 | ---- | C] () -- C:\WINDOWS\System32\DLLDEV32i.dll
[2007/12/06 15:27:11 | 000,006,651 | ---- | C] () -- C:\WINDOWS\mgxoschk.ini
[2007/11/23 16:58:53 | 000,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.INI
[2007/11/12 15:39:49 | 000,278,728 | ---- | C] () -- C:\WINDOWS\System32\drivers\atksgt.sys
[2007/11/12 15:39:49 | 000,025,416 | ---- | C] () -- C:\WINDOWS\System32\drivers\lirsgt.sys
[2007/11/10 13:29:04 | 000,164,352 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2007/11/10 13:29:03 | 001,559,040 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2007/11/10 13:29:03 | 000,282,624 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2007/11/10 13:29:02 | 000,007,680 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2007/11/10 13:29:02 | 000,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest
[2007/11/10 12:51:56 | 000,000,023 | ---- | C] () -- C:\WINDOWS\BlendSettings.ini
[2007/11/05 12:55:21 | 002,463,976 | ---- | C] () -- C:\WINDOWS\System32\NPSWF32.dll
[2007/11/03 13:32:21 | 000,001,056 | -HS- | C] () -- C:\WINDOWS\System32\KGyGaAvL.sys
[2007/11/03 13:32:21 | 000,000,008 | RHS- | C] () -- C:\WINDOWS\System32\835A5A482B.sys
[2007/10/28 05:48:33 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2007/10/26 20:42:00 | 000,009,255 | ---- | C] () -- C:\WINDOWS\System32\lvcoinst.ini
[2007/10/26 20:41:59 | 000,163,328 | ---- | C] () -- C:\WINDOWS\System32\drivers\LV532AV.SYS
[2007/10/26 20:15:50 | 000,156,160 | ---- | C] () -- C:\Documents and Settings\Administrateur\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007/10/26 17:26:14 | 000,001,015 | ---- | C] () -- C:\WINDOWS\CDPLAYER.INI
[2007/10/26 17:21:06 | 000,009,728 | ---- | C] () -- C:\WINDOWS\System32\BASSMOD.dll
[2007/10/26 17:18:45 | 000,000,125 | -HS- | C] () -- C:\Documents and Settings\Administrateur\Application Data\.zreglib
[2007/10/26 17:05:10 | 000,000,855 | ---- | C] () -- C:\WINDOWS\Ulead32.ini
[2007/10/25 23:36:10 | 000,003,972 | ---- | C] () -- C:\WINDOWS\System32\drivers\PciBus.sys
[2007/10/25 22:32:14 | 000,024,576 | R--- | C] () -- C:\WINDOWS\System32\AsIO.dll
[2007/10/25 22:32:14 | 000,012,664 | R--- | C] () -- C:\WINDOWS\System32\drivers\AsIO.sys
[2007/10/25 22:32:12 | 000,012,096 | ---- | C] () -- C:\WINDOWS\System32\drivers\AsInsHelp64.sys
[2007/10/25 22:32:12 | 000,010,304 | ---- | C] () -- C:\WINDOWS\System32\drivers\AsInsHelp32.sys
[2007/10/25 21:54:39 | 000,015,918 | ---- | C] () -- C:\WINDOWS\Ascd_log.ini
[2007/10/25 21:53:52 | 000,005,810 | R--- | C] () -- C:\WINDOWS\System32\drivers\ASACPI.sys
[2007/10/25 21:53:50 | 000,013,414 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini
[2007/10/25 21:53:40 | 000,010,288 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS
[2007/10/25 21:51:52 | 000,000,000 | ---- | C] () -- C:\WINDOWS\msicpl.ini
[2007/10/25 21:36:22 | 000,131,072 | R--- | C] () -- C:\WINDOWS\System32\smdll.dll
[2007/10/25 21:36:20 | 000,266,240 | R--- | C] () -- C:\WINDOWS\System32\HookShield.dll
[2007/10/25 21:36:20 | 000,262,144 | R--- | C] () -- C:\WINDOWS\System32\HookMAp.dll
[2007/10/25 21:36:20 | 000,032,768 | R--- | C] () -- C:\WINDOWS\System32\Auxiliary.dll
[2007/10/25 21:36:19 | 000,009,728 | R--- | C] () -- C:\WINDOWS\System32\sysinfoX64.sys
[2007/10/25 21:36:19 | 000,008,192 | R--- | C] () -- C:\WINDOWS\System32\sysinfo.sys
[2007/10/25 20:20:53 | 000,016,384 | -H-- | C] () -- C:\Documents and Settings\Administrateur\ntuser.dat.LOG
[2007/10/25 20:20:53 | 000,000,184 | -HS- | C] () -- C:\Documents and Settings\Administrateur\ntuser.ini
[2007/10/25 20:20:52 | 016,515,072 | ---- | C] () -- C:\Documents and Settings\Administrateur\NTUSER.DAT
[2007/10/25 20:20:52 | 009,175,040 | -H-- | C] () -- C:\Documents and Settings\Administrateur\NTUSER.DAT_BAK_37543
[2007/10/25 20:20:45 | 001,572,864 | -H-- | C] () -- C:\Documents and Settings\LocalService\NTUSER.DAT_BAK_85901
[2007/10/25 20:20:45 | 001,572,864 | ---- | C] () -- C:\Documents and Settings\LocalService\NTUSER.DAT
[2007/10/25 20:20:45 | 000,008,192 | -H-- | C] () -- C:\Documents and Settings\LocalService\ntuser.dat.LOG
[2007/10/25 20:20:45 | 000,000,020 | -HS- | C] () -- C:\Documents and Settings\LocalService\ntuser.ini
[2007/10/25 20:20:42 | 000,008,192 | -H-- | C] () -- C:\Documents and Settings\NetworkService\ntuser.dat.LOG
[2007/10/25 20:20:42 | 000,000,184 | -HS- | C] () -- C:\Documents and Settings\NetworkService\ntuser.ini
[2007/10/25 20:20:41 | 001,572,864 | -H-- | C] () -- C:\Documents and Settings\NetworkService\NTUSER.DAT_BAK_83022
[2007/10/25 20:20:41 | 001,572,864 | ---- | C] () -- C:\Documents and Settings\NetworkService\NTUSER.DAT
[2007/10/25 12:26:10 | 000,005,632 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys
[2005/08/10 08:44:04 | 000,050,688 | ---- | C] () -- C:\WINDOWS\System32\drivers\sfdrv01.sys
[2005/03/14 09:38:28 | 000,000,469 | ---- | C] () -- C:\WINDOWS\bdoscandellang.ini
[2004/08/25 15:44:27 | 003,375,104 | ---- | C] () -- C:\WINDOWS\System32\qt-mt331.dll
[2004/08/25 09:31:11 | 000,004,322 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2004/08/08 08:15:28 | 000,616,448 | ---- | C] () -- C:\WINDOWS\System32\libmplayer.dll
[2004/08/08 08:12:54 | 002,583,040 | ---- | C] () -- C:\WINDOWS\System32\libavcodec.dll
[2003/05/23 06:08:52 | 000,107,008 | ---- | C] () -- C:\WINDOWS\System32\vorbis.dll
[2003/05/23 06:08:52 | 000,020,992 | ---- | C] () -- C:\WINDOWS\System32\ogg.dll
[1998/10/10 18:07:38 | 000,088,576 | ---- | C] () -- C:\WINDOWS\System32\Iticheck.dll
[1996/04/03 15:33:26 | 000,005,248 | ---- | C] () -- C:\WINDOWS\System32\giveio.sys
[1995/08/14 18:00:00 | 000,046,080 | ---- | C] () -- C:\WINDOWS\System32\OC25FRA.dll -
[color=#E56717]========== LOP Check ==========[/color]
[2009/11/08 13:57:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrateur\Application Data\Astro Gemini Software
[2007/12/02 17:56:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrateur\Application Data\Bioshock
[2010/03/19 21:05:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrateur\Application Data\Bioshock2
[2010/01/21 05:35:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrateur\Application Data\BITS
[2008/05/04 04:20:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrateur\Application Data\Command & Conquer 3 Les guerres du Tiberium
[2009/10/16 09:26:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrateur\Application Data\Copernic
[2009/06/11 13:43:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrateur\Application Data\DAEMON Tools
[2009/06/11 12:55:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrateur\Application Data\DAEMON Tools Lite
[2008/08/16 08:18:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrateur\Application Data\DAEMON Tools Pro
[2007/10/26 17:19:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrateur\Application Data\Elaborate Bytes
[2008/11/27 16:17:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrateur\Application Data\FFSJ
[2010/04/26 08:02:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrateur\Application Data\FileZilla
[2010/01/21 05:20:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrateur\Application Data\FlashGet
[2010/01/21 05:20:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrateur\Application Data\FlashGetBHO
[2007/12/06 15:29:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrateur\Application Data\MAGIX
[2009/11/28 12:13:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrateur\Application Data\PC Suite
[2007/11/02 16:12:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrateur\Application Data\Poser 7
[2009/08/18 01:28:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrateur\Application Data\RegClean
[2009/11/28 12:11:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrateur\Application Data\Samsung
[2007/10/28 07:04:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrateur\Application Data\SlySoft
[2010/04/13 17:50:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrateur\Application Data\Steinberg
[2008/09/08 17:56:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrateur\Application Data\Taito Legends 2
[2007/12/27 15:39:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrateur\Application Data\thriXXX
[2010/02/19 08:59:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrateur\Application Data\TomTom
[2007/10/26 17:15:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrateur\Application Data\TuneUp Software
[2010/03/13 06:55:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrateur\Application Data\Ubisoft
[2008/01/13 08:11:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrateur\Application Data\Wallpaper
[2010/01/16 10:56:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrateur\Application Data\Windows Desktop Search
[2010/01/16 10:56:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrateur\Application Data\Windows Search
[2010/06/16 15:17:58 | 000,000,492 | ---- | M] () -- C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job
[2010/06/16 17:23:22 | 000,000,450 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{B5BE38DE-BA0C-4660-B59F-08D00D13CB09}.job
[color=#E56717]========== Purity Check ==========[/color]
[color=#E56717]========== Custom Scans ==========[/color]
Invalid Environment Variable: %ALLUSERSPROFILE%\Application Data\*.
Invalid Environment Variable: %ALLUSERSPROFILE%\Application Data\*.exe
Invalid Environment Variable: %APPDATA%\*.
Invalid Environment Variable: %APPDATA%\*.exe
[color=#A23BEC]< %SYSTEMDRIVE%\*.* >[/color]
[2010/06/16 15:15:46 | 000,015,232 | ---- | M] () -- C:\aaw7boot.log
[2007/10/25 20:18:31 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2010/04/13 17:04:17 | 000,000,526 | RHS- | M] () -- C:\boot.ini
[2001/08/24 10:00:00 | 000,004,952 | RHS- | M] () -- C:\Bootfont.bin
[2009/11/08 13:50:42 | 000,004,032 | ---- | M] () -- C:\butterfly_log.html
[2007/10/25 20:18:31 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2010/02/01 06:21:17 | 000,003,532 | ---- | M] () -- C:\drmHeader.bin
[2007/10/25 20:18:31 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2008/08/01 16:22:28 | 000,000,177 | ---- | M] () -- C:\ITB.log
[2008/06/10 17:19:51 | 000,002,788 | ---- | M] () -- C:\LGSInst.Log
[2008/07/25 20:55:27 | 000,101,589 | ---- | M] () -- C:\logfile
[2010/06/16 12:08:19 | 000,000,127 | ---- | M] () -- C:\mbam-error.txt
[2007/10/25 20:18:31 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2004/08/03 18:38:34 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2004/08/03 18:59:44 | 000,251,712 | RHS- | M] () -- C:\ntldr
[2010/06/17 11:07:55 | 000,227,372 | ---- | M] () -- C:\OTL.Txt
[2007/10/25 22:25:58 | 000,000,575 | ---- | M] () -- C:\RHDSetup.log
[2010/01/19 18:14:34 | 000,000,002 | ---- | M] () -- C:\SMPCount.txt
[2008/08/12 14:24:33 | 000,000,111 | ---- | M] () -- C:\trace.txt
[2008/08/06 17:16:33 | 000,000,007 | ---- | M] () -- C:\tw0001.dat
[2008/08/12 15:13:58 | 000,000,202 | ---- | M] () -- C:\VundoFix.txt
[color=#A23BEC]< %SYSTEMDRIVE%\*.exe >[/color]
[color=#A23BEC]< %PROGRAMFILES%\*.* >[/color] -
[color=#A23BEC]< %PROGRAMFILES%\*. >[/color]
[2010/01/22 20:11:29 | 000,000,000 | ---D | M] -- C:\Program Files\7-Zip
[2010/01/27 11:12:57 | 000,000,000 | ---D | M] -- C:\Program Files\Adobe
[2010/04/10 18:46:37 | 000,000,000 | ---D | M] -- C:\Program Files\AGEIA Technologies
[2007/11/01 06:50:47 | 000,000,000 | ---D | M] -- C:\Program Files\Ahead
[2007/10/25 23:07:49 | 000,000,000 | ---D | M] -- C:\Program Files\Alwil Software
[2009/05/13 01:13:36 | 000,000,000 | ---D | M] -- C:\Program Files\Apple Software Update
[2010/05/08 17:29:29 | 000,000,000 | ---D | M] -- C:\Program Files\AsfTools 3.1
[2010/05/08 17:29:40 | 000,000,000 | ---D | M] -- C:\Program Files\Astro Gemini Software
[2007/10/25 22:32:33 | 000,000,000 | ---D | M] -- C:\Program Files\ASUS
[2010/05/08 17:53:54 | 000,000,000 | ---D | M] -- C:\Program Files\ATI
[2010/05/08 17:53:19 | 000,000,000 | ---D | M] -- C:\Program Files\ATI Technologies
[2007/10/25 22:28:18 | 000,000,000 | ---D | M] -- C:\Program Files\Attansic
[2009/05/01 17:51:41 | 000,000,000 | ---D | M] -- C:\Program Files\AVI MPEG RM WMV Splitter
[2009/06/08 14:11:32 | 000,000,000 | ---D | M] -- C:\Program Files\Avira
[2008/08/04 18:05:53 | 000,000,000 | ---D | M] -- C:\Program Files\Azureus
[2009/05/01 17:46:23 | 000,000,000 | ---D | M] -- C:\Program Files\Boilsoft Video Joiner
[2009/05/01 17:52:08 | 000,000,000 | ---D | M] -- C:\Program Files\Boilsoft Video Splitter
[2008/08/12 14:11:52 | 000,000,000 | ---D | M] -- C:\Program Files\Bonjour
[2007/10/26 17:07:58 | 000,000,000 | ---D | M] -- C:\Program Files\CCleaner
[2010/04/07 16:35:41 | 000,000,000 | ---D | M] -- C:\Program Files\Common Files
[2009/09/27 10:44:10 | 000,000,000 | ---D | M] -- C:\Program Files\Corel
[2010/05/12 10:41:40 | 000,000,000 | ---D | M] -- C:\Program Files\CyberLink
[2009/12/14 02:16:43 | 000,000,000 | ---D | M] -- C:\Program Files\DAEMON Tools Lite
[2010/03/23 18:43:44 | 000,000,000 | ---D | M] -- C:\Program Files\DAEMON Tools Toolbar
[2010/05/08 17:30:18 | 000,000,000 | ---D | M] -- C:\Program Files\Deep Space 3D Screensaver
[2009/11/28 12:11:46 | 000,000,000 | ---D | M] -- C:\Program Files\DIFX
[2008/06/23 06:34:07 | 000,000,000 | ---D | M] -- C:\Program Files\DivX
[2010/01/03 14:44:45 | 000,000,000 | ---D | M] -- C:\Program Files\DonkeyDoctor
[2007/12/29 23:53:18 | 000,000,000 | ---D | M] -- C:\Program Files\DoubleB
[2010/05/12 15:01:14 | 000,000,000 | ---D | M] -- C:\Program Files\DVD Shrink
[2010/05/08 17:30:32 | 000,000,000 | ---D | M] -- C:\Program Files\DVDShrink 2008
[2007/10/25 21:39:16 | 000,000,000 | ---D | M] -- C:\Program Files\E-Color
[2008/06/23 06:34:07 | 000,000,000 | ---D | M] -- C:\Program Files\Easy CD-DA Extractor 9
[2010/05/08 14:18:38 | 000,000,000 | ---D | M] -- C:\Program Files\EasyPHP1-8
[2010/06/12 04:49:34 | 000,000,000 | ---D | M] -- C:\Program Files\Elaborate Bytes
[2009/06/11 14:34:04 | 000,000,000 | ---D | M] -- C:\Program Files\Electronic Arts
[2009/05/10 12:12:02 | 000,000,000 | ---D | M] -- C:\Program Files\eMule
[2008/02/15 15:27:09 | 000,000,000 | ---D | M] -- C:\Program Files\EPSON
[2007/11/10 13:26:06 | 000,000,000 | ---D | M] -- C:\Program Files\ffdshow
[2010/05/12 10:42:47 | 000,000,000 | ---D | M] -- C:\Program Files\Fichiers communs
[2010/06/16 17:27:10 | 000,000,000 | ---D | M] -- C:\Program Files\FlashGet
[2010/01/21 05:20:21 | 000,000,000 | ---D | M] -- C:\Program Files\FlashGet Network
[2007/10/25 22:59:16 | 000,000,000 | ---D | M] -- C:\Program Files\Free.fr
[2009/11/08 13:46:52 | 000,000,000 | ---D | M] -- C:\Program Files\Freeze.com
[2007/10/28 11:22:48 | 000,000,000 | ---D | M] -- C:\Program Files\Futuremark
[2007/11/01 18:50:01 | 000,000,000 | ---D | M] -- C:\Program Files\Grisoft
[2008/07/28 13:52:47 | 000,000,000 | ---D | M] -- C:\Program Files\GuiltyPLUS
[2008/08/11 13:19:53 | 000,000,000 | ---D | M] -- C:\Program Files\HHD Software
[2010/03/16 18:59:34 | 000,000,000 | ---D | M] -- C:\Program Files\Ice Clock 3D Screensaver
[2010/05/12 10:42:47 | 000,000,000 | -H-D | M] -- C:\Program Files\InstallShield Installation Information
[2007/10/25 21:55:07 | 000,000,000 | ---D | M] -- C:\Program Files\Intel
[2010/06/09 20:21:50 | 000,000,000 | ---D | M] -- C:\Program Files\Internet Explorer
[2010/01/19 17:59:43 | 000,000,000 | ---D | M] -- C:\Program Files\InterVideo
[2010/02/17 09:25:12 | 000,000,000 | ---D | M] -- C:\Program Files\Java
[2009/08/02 07:30:33 | 000,000,000 | ---D | M] -- C:\Program Files\JoyToKey
[2007/11/10 13:29:02 | 000,000,000 | ---D | M] -- C:\Program Files\K-Lite Codec Pack
[2008/07/25 20:58:49 | 000,000,000 | ---D | M] -- C:\Program Files\Kodak
[2007/10/26 16:49:37 | 000,000,000 | ---D | M] -- C:\Program Files\Lavalys
[2010/05/08 18:13:50 | 000,000,000 | ---D | M] -- C:\Program Files\Lavasoft
[2008/08/01 16:21:47 | 000,000,000 | ---D | M] -- C:\Program Files\LightScribeODK
[2010/03/15 09:12:49 | 000,000,000 | ---D | M] -- C:\Program Files\Logitech
[2010/05/09 18:15:11 | 000,000,000 | ---D | M] -- C:\Program Files\ma-config.com
[2007/12/06 15:28:24 | 000,000,000 | ---D | M] -- C:\Program Files\MAGIX
[2010/06/16 12:08:18 | 000,000,000 | ---D | M] -- C:\Program Files\Malwarebytes' Anti-Malware
[2009/11/28 12:10:59 | 000,000,000 | ---D | M] -- C:\Program Files\MarkAny
[2007/10/30 14:00:55 | 000,000,000 | ---D | M] -- C:\Program Files\MetMedic
[2010/01/27 05:48:33 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft
[2007/10/29 18:41:51 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft CAPICOM 2.1.0.2
[2007/10/25 20:18:50 | 000,000,000 | ---D | M] -- C:\Program Files\microsoft frontpage
[2009/07/29 11:59:35 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Games for Windows - LIVE
[2007/10/28 12:51:23 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Office
[2010/06/06 12:20:38 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Silverlight
[2007/10/28 12:51:21 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Visual Studio
[2009/11/02 18:32:09 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Works
[2005/09/12 15:05:49 | 000,000,000 | ---D | M] -- C:\Program Files\ModPlug Tracker v1.16
[2008/09/07 17:51:46 | 000,000,000 | ---D | M] -- C:\Program Files\Movie Joiner
[2010/04/10 18:46:39 | 000,000,000 | ---D | M] -- C:\Program Files\movie maker
[2007/10/25 20:26:44 | 000,000,000 | ---D | M] -- C:\Program Files\mozilla
[2010/04/02 19:35:13 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox
[2007/10/26 17:41:42 | 000,000,000 | ---D | M] -- C:\Program Files\mp3DirectCut
[2008/12/24 06:00:26 | 000,000,000 | ---D | M] -- C:\Program Files\MP3Gain
[2009/07/29 12:05:03 | 000,000,000 | ---D | M] -- C:\Program Files\MSBuild
[2007/10/25 20:18:50 | 000,000,000 | ---D | M] -- C:\Program Files\msn gaming zone
[2008/06/23 04:39:25 | 000,000,000 | ---D | M] -- C:\Program Files\MSN Messenger
[2007/11/01 19:31:03 | 000,000,000 | ---D | M] -- C:\Program Files\MSXML 4.0
[2009/07/30 17:51:53 | 000,000,000 | ---D | M] -- C:\Program Files\MSXML 6.0
[2007/11/01 06:59:00 | 000,000,000 | ---D | M] -- C:\Program Files\Nero
[2007/10/25 20:17:13 | 000,000,000 | ---D | M] -- C:\Program Files\NetMeeting
[2009/08/28 13:22:42 | 000,000,000 | ---D | M] -- C:\Program Files\NVIDIA Corporation
[2008/08/12 14:13:40 | 000,000,000 | ---D | M] -- C:\Program Files\Ontrack
[2010/05/13 20:54:17 | 000,000,000 | ---D | M] -- C:\Program Files\Outlook Express
[2010/04/16 12:18:12 | 000,000,000 | ---D | M] -- C:\Program Files\Oxin's Style!
[2008/01/07 14:56:25 | 000,000,000 | ---D | M] -- C:\Program Files\Panda Security
[2009/11/28 12:11:42 | 000,000,000 | ---D | M] -- C:\Program Files\PC Connectivity Solution
[2008/06/07 08:48:46 | 000,000,000 | ---D | M] -- C:\Program Files\Philips
[2009/08/28 15:43:53 | 000,000,000 | ---D | M] -- C:\Program Files\Pool
[2009/08/28 14:15:40 | 000,000,000 | ---D | M] -- C:\Program Files\PopCap Games
[2009/10/24 05:12:05 | 000,000,000 | ---D | M] -- C:\Program Files\Ray Adams
[2007/10/26 17:57:57 | 000,000,000 | ---D | M] -- C:\Program Files\Real
[2008/06/21 09:29:29 | 000,000,000 | ---D | M] -- C:\Program Files\Realtek
[2010/05/09 18:22:29 | 000,000,000 | ---D | M] -- C:\Program Files\Realtek AC97
[2009/07/29 12:02:43 | 000,000,000 | ---D | M] -- C:\Program Files\Reference Assemblies
[2010/03/22 12:30:35 | 000,000,000 | ---D | M] -- C:\Program Files\Safari
[2009/11/28 12:11:49 | 000,000,000 | ---D | M] -- C:\Program Files\Samsung
[2009/07/25 14:24:28 | 000,000,000 | ---D | M] -- C:\Program Files\SereneScreen
[2007/10/25 20:17:40 | 000,000,000 | ---D | M] -- C:\Program Files\Services en ligne
[2009/08/07 17:56:33 | 000,000,000 | ---D | M] -- C:\Program Files\SF4
[2008/04/20 07:07:22 | 000,000,000 | ---D | M] -- C:\Program Files\SlySoft
[2009/11/12 17:24:14 | 000,000,000 | ---D | M] -- C:\Program Files\SpeedFan
[2010/05/08 18:10:52 | 000,000,000 | ---D | M] -- C:\Program Files\Spybot - Search & Destroy
[2008/06/23 06:34:08 | 000,000,000 | ---D | M] -- C:\Program Files\StuffPlug3
[2009/12/17 13:47:56 | 000,000,000 | ---D | M] -- C:\Program Files\TomTom DesktopSuite
[2010/02/19 08:58:56 | 000,000,000 | ---D | M] -- C:\Program Files\TomTom HOME 2
[2010/02/19 08:59:06 | 000,000,000 | ---D | M] -- C:\Program Files\TomTom International B.V
[2007/11/03 13:42:19 | 000,000,000 | ---D | M] -- C:\Program Files\Tsunami_Filter_Pack_Mini
[2010/05/05 14:43:01 | 000,000,000 | ---D | M] -- C:\Program Files\TuneUp Utilities 2010
[2010/03/13 06:51:45 | 000,000,000 | ---D | M] -- C:\Program Files\Ubisoft
[2007/10/25 20:28:06 | 000,000,000 | -H-D | M] -- C:\Program Files\Uninstall Information
[2007/10/26 17:35:03 | 000,000,000 | ---D | M] -- C:\Program Files\VideoLAN
[2007/10/26 18:22:47 | 000,000,000 | ---D | M] -- C:\Program Files\Virtual Dub
[2008/06/23 06:34:08 | 000,000,000 | ---D | M] -- C:\Program Files\Wallpaper
[2010/01/16 15:26:54 | 000,000,000 | ---D | M] -- C:\Program Files\WBFS
[2010/01/22 14:44:58 | 000,000,000 | ---D | M] -- C:\Program Files\Western Digital
[2008/01/13 08:13:54 | 000,000,000 | ---D | M] -- C:\Program Files\Winamp
[2010/01/21 18:28:56 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Desktop Search
[2010/01/27 05:46:56 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Live
[2010/01/27 05:47:18 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Live SkyDrive
[2008/06/23 06:34:09 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Media Connect 2
[2007/11/02 14:09:36 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Media Player
[2007/10/25 20:18:50 | 000,000,000 | ---D | M] -- C:\Program Files\Windows NT
[2007/10/25 20:17:43 | 000,000,000 | -H-D | M] -- C:\Program Files\WindowsUpdate
[2009/11/08 14:44:11 | 000,000,000 | ---D | M] -- C:\Program Files\Winferno
[2010/04/14 02:57:14 | 000,000,000 | ---D | M] -- C:\Program Files\WinRAR
[2007/10/25 20:18:50 | 000,000,000 | ---D | M] -- C:\Program Files\xerox
[2009/08/07 17:47:45 | 000,000,000 | ---D | M] -- C:\Program Files\XVI32
[2008/07/25 21:01:07 | 000,000,000 | ---D | M] -- C:\Program Files\Yahoo! -
[color=#A23BEC]< MD5 for: AGP440.SYS >[/color]
[2004/08/03 21:05:42 | 018,779,217 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[color=#A23BEC]< MD5 for: ATAPI.SYS >[/color]
[2004/08/03 21:05:42 | 018,779,217 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2004/08/03 16:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\drivers\atapi.sys
[color=#A23BEC]< MD5 for: AUTOCHK.EXE >[/color]
[2004/08/03 20:54:50 | 000,625,152 | ---- | M] (Microsoft Corporation) MD5=D22586E6D84FD19D02410C17060666AF -- C:\WINDOWS\system32\autochk.exe
[2004/08/03 20:54:50 | 000,625,152 | ---- | M] (Microsoft Corporation) MD5=D22586E6D84FD19D02410C17060666AF -- C:\WINDOWS\system32\dllcache\autochk.exe
[color=#A23BEC]< MD5 for: BEEP.SYS >[/color]
[2001/08/24 10:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\dllcache\beep.sys
[2001/08/24 10:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\drivers\beep.sys
[color=#A23BEC]< MD5 for: EVENTLOG.DLL >[/color]
[2004/08/03 20:54:26 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=21E83876A6287F15538EF187D286FE11 -- C:\WINDOWS\system32\dllcache\eventlog.dll
[2004/08/03 20:54:26 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=21E83876A6287F15538EF187D286FE11 -- C:\WINDOWS\system32\eventlog.dll
[color=#A23BEC]< MD5 for: EXPLORER.EXE >[/color]
[2007/06/13 09:10:53 | 001,037,312 | ---- | M] (Microsoft Corporation) MD5=B795475444D6D57A572C14B9E1A29839 -- C:\WINDOWS\$hf_mig$\KB938828\SP2QFE\explorer.exe
[2009/12/14 12:56:27 | 001,037,312 | ---- | M] (Microsoft Corporation) MD5=D0288319660EDCFED07C7E74C4EA38A5 -- C:\WINDOWS\explorer.exe
[2009/12/14 12:56:27 | 001,037,312 | ---- | M] (Microsoft Corporation) MD5=D0288319660EDCFED07C7E74C4EA38A5 -- C:\WINDOWS\system32\dllcache\explorer.exe
[color=#A23BEC]< MD5 for: IMM32.DLL >[/color]
[2004/08/03 20:54:30 | 000,110,080 | ---- | M] (Microsoft Corporation) MD5=39EE5FAF56260EBB8D77A08F525EBBB4 -- C:\WINDOWS\system32\dllcache\imm32.dll
[2004/08/03 20:54:30 | 000,110,080 | ---- | M] (Microsoft Corporation) MD5=39EE5FAF56260EBB8D77A08F525EBBB4 -- C:\WINDOWS\system32\imm32.dll
[color=#A23BEC]< MD5 for: KERNEL32.DLL >[/color]
[2009/03/21 09:58:25 | 001,054,208 | ---- | M] (Microsoft Corporation) MD5=2087E2764822A8D93A4CA7FA0FED35E8 -- C:\WINDOWS\$hf_mig$\KB959426\SP2QFE\kernel32.dll
[2009/03/21 10:20:10 | 001,051,136 | ---- | M] (Microsoft Corporation) MD5=534040750B9E70B156A98F5D0E8F6D2A -- C:\WINDOWS\system32\dllcache\kernel32.dll
[2009/03/21 10:20:10 | 001,051,136 | ---- | M] (Microsoft Corporation) MD5=534040750B9E70B156A98F5D0E8F6D2A -- C:\WINDOWS\system32\kernel32.dll
[2007/04/16 12:11:08 | 001,051,136 | ---- | M] (Microsoft Corporation) MD5=62E3F0E9ABFCBCEE62C51546F622C455 -- C:\WINDOWS\$hf_mig$\KB935839\SP2QFE\kernel32.dll
[2009/03/21 10:07:58 | 001,054,720 | ---- | M] (Microsoft Corporation) MD5=98F08549604D090B6B2514AF845F329F -- C:\WINDOWS\$hf_mig$\KB959426\SP3GDR\kernel32.dll
[2009/03/21 10:00:17 | 001,056,768 | ---- | M] (Microsoft Corporation) MD5=C3AF0EEE26B59484E674673E3016AAB7 -- C:\WINDOWS\$hf_mig$\KB959426\SP3QFE\kernel32.dll
[color=#A23BEC]< MD5 for: MSWSOCK.DLL >[/color]
[2008/06/20 13:37:01 | 000,247,808 | ---- | M] (Microsoft Corporation) MD5=4138FBDEDBC6FEAD215BB4C4B102F7DE -- C:\WINDOWS\$hf_mig$\KB951748\SP2QFE\mswsock.dll
[2008/06/20 13:47:22 | 000,247,808 | ---- | M] (Microsoft Corporation) MD5=58AF8498C62E1E1DAB5AE59C6E08C180 -- C:\WINDOWS\$hf_mig$\KB951748\SP3GDR\mswsock.dll
[2008/06/20 13:41:06 | 000,247,808 | ---- | M] (Microsoft Corporation) MD5=8A52DE10680A40ECD04FA2C0FBC34190 -- C:\WINDOWS\system32\dllcache\mswsock.dll
[2008/06/20 13:41:06 | 000,247,808 | ---- | M] (Microsoft Corporation) MD5=8A52DE10680A40ECD04FA2C0FBC34190 -- C:\WINDOWS\system32\mswsock.dll
[2008/06/20 13:44:02 | 000,247,808 | ---- | M] (Microsoft Corporation) MD5=C759B3790D3BA760C52E218EF4886DAC -- C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\mswsock.dll
[color=#A23BEC]< MD5 for: NDIS.SYS >[/color]
[2004/08/03 19:14:30 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\system32\dllcache\ndis.sys
[2004/08/03 19:14:30 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\system32\drivers\ndis.sys
[color=#A23BEC]< MD5 for: NETLOGON.DLL >[/color]
[2009/02/06 14:46:49 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=ECD7791E0E9246CA5F218A19F3911EB9 -- C:\WINDOWS\$hf_mig$\KB968389\SP2QFE\netlogon.dll
[2009/02/06 14:46:49 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=ECD7791E0E9246CA5F218A19F3911EB9 -- C:\WINDOWS\$hf_mig$\KB975467\SP2QFE\netlogon.dll
[2004/08/03 20:54:36 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=FAF07FDCDE76000621A28D19F8E2E8EB -- C:\WINDOWS\system32\dllcache\netlogon.dll
[2004/08/03 20:54:36 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=FAF07FDCDE76000621A28D19F8E2E8EB -- C:\WINDOWS\system32\netlogon.dll
[color=#A23BEC]< MD5 for: NTFS.SYS >[/color]
[2007/02/09 07:23:36 | 000,574,976 | ---- | M] (Microsoft Corporation) MD5=05AB81909514BFD69CBB1F2C147CF6B9 -- C:\WINDOWS\$hf_mig$\KB930916\SP2QFE\ntfs.sys
[2007/02/09 07:10:35 | 000,574,464 | ---- | M] (Microsoft Corporation) MD5=19A811EF5F1ED5C926A028CE107FF1AF -- C:\WINDOWS\system32\dllcache\ntfs.sys
[2007/02/09 07:10:35 | 000,574,464 | ---- | M] (Microsoft Corporation) MD5=19A811EF5F1ED5C926A028CE107FF1AF -- C:\WINDOWS\system32\drivers\ntfs.sys
[color=#A23BEC]< MD5 for: NTMSSVC.DLL >[/color]
[2004/08/03 20:54:36 | 000,438,272 | ---- | M] (Microsoft Corporation) MD5=3F82A4226289510DF300813B9B87F0E5 -- C:\WINDOWS\system32\dllcache\ntmssvc.dll
[2004/08/03 20:54:36 | 000,438,272 | ---- | M] (Microsoft Corporation) MD5=3F82A4226289510DF300813B9B87F0E5 -- C:\WINDOWS\system32\ntmssvc.dll
[color=#A23BEC]< MD5 for: PROQUOTA.EXE >[/color]
[2004/08/03 20:55:02 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=B016A243838BF7DA762807D88470D046 -- C:\WINDOWS\system32\dllcache\proquota.exe
[2004/08/03 20:55:02 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=B016A243838BF7DA762807D88470D046 -- C:\WINDOWS\system32\proquota.exe
[color=#A23BEC]< MD5 for: QMGR.DLL >[/color]
[2004/08/03 20:54:38 | 000,382,464 | ---- | M] (Microsoft Corporation) MD5=87424817F82CF6A7F55DAC01A20111A3 -- C:\WINDOWS\system32\dllcache\qmgr.dll
[2004/08/03 20:54:38 | 000,382,464 | ---- | M] (Microsoft Corporation) MD5=87424817F82CF6A7F55DAC01A20111A3 -- C:\WINDOWS\system32\qmgr.dll
[color=#A23BEC]< MD5 for: SCECLI.DLL >[/color]
[2004/08/03 20:54:38 | 000,186,368 | ---- | M] (Microsoft Corporation) MD5=DEC0397F35D027874804EC72979D03CC -- C:\WINDOWS\system32\dllcache\scecli.dll
[2004/08/03 20:54:38 | 000,186,368 | ---- | M] (Microsoft Corporation) MD5=DEC0397F35D027874804EC72979D03CC -- C:\WINDOWS\system32\scecli.dll
[color=#A23BEC]< MD5 for: SFCFILES.DLL >[/color]
[2004/08/03 20:54:40 | 001,548,288 | ---- | M] (Microsoft Corporation) MD5=ACF04FB3448D2C2CD3A851C138EC8AB6 -- C:\WINDOWS\system32\dllcache\sfcfiles.dll
[2004/08/03 20:54:40 | 001,548,288 | ---- | M] (Microsoft Corporation) MD5=ACF04FB3448D2C2CD3A851C138EC8AB6 -- C:\WINDOWS\system32\sfcfiles.dll
[color=#A23BEC]< MD5 for: SPOOLSV.EXE >[/color]
[2005/06/10 20:17:13 | 000,057,856 | ---- | M] (Microsoft Corporation) MD5=AD3D9D191AEA7B5445FE1D82FFBB4788 -- C:\WINDOWS\$hf_mig$\KB896423\SP2QFE\spoolsv.exe
[2005/06/10 19:53:32 | 000,057,856 | ---- | M] (Microsoft Corporation) MD5=DA81EC57ACD4CDC3D4C51CF3D409AF9F -- C:\WINDOWS\system32\dllcache\spoolsv.exe
[2005/06/10 19:53:32 | 000,057,856 | ---- | M] (Microsoft Corporation) MD5=DA81EC57ACD4CDC3D4C51CF3D409AF9F -- C:\WINDOWS\system32\spoolsv.exe
[color=#A23BEC]< MD5 for: SVCHOST.EXE >[/color]
[2004/08/03 20:55:02 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=1BD6C2F707A275CB7C16FD99FE0F31CA -- C:\WINDOWS\system32\dllcache\svchost.exe
[2004/08/03 20:55:02 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=1BD6C2F707A275CB7C16FD99FE0F31CA -- C:\WINDOWS\system32\svchost.exe
[color=#A23BEC]< MD5 for: TERMSRV.DLL >[/color]
[2004/08/03 20:54:44 | 000,297,984 | ---- | M] (Microsoft Corporation) MD5=7D521B8CF926459E270D18C559323815 -- C:\WINDOWS\system32\dllcache\termsrv.dll
[2004/08/03 20:54:44 | 000,297,984 | ---- | M] (Microsoft Corporation) MD5=7D521B8CF926459E270D18C559323815 -- C:\WINDOWS\system32\termsrv.dll
[color=#A23BEC]< MD5 for: USERINIT.EXE >[/color]
[2004/08/03 20:55:02 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=D6D65EA32B190401B57EDB6706F29669 -- C:\WINDOWS\system32\dllcache\userinit.exe
[2004/08/03 20:55:02 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=D6D65EA32B190401B57EDB6706F29669 -- C:\WINDOWS\system32\userinit.exe
[color=#A23BEC]< MD5 for: WS2_32.DLL >[/color]
[2004/08/03 20:54:48 | 000,082,944 | ---- | M] (Microsoft Corporation) MD5=BC41F51A39D3B255805FDB759B7814AE -- C:\WINDOWS\system32\dllcache\ws2_32.dll
[2004/08/03 20:54:48 | 000,082,944 | ---- | M] (Microsoft Corporation) MD5=BC41F51A39D3B255805FDB759B7814AE -- C:\WINDOWS\system32\ws2_32.dll
[color=#A23BEC]< MD5 for: XMLPROV.DLL >[/color]
[2004/08/03 20:54:48 | 000,129,536 | ---- | M] (Microsoft Corporation) MD5=21056AEF44322C3E2DD5391B6AEFA75A -- C:\WINDOWS\system32\dllcache\xmlprov.dll
[2004/08/03 20:54:48 | 000,129,536 | ---- | M] (Microsoft Corporation) MD5=21056AEF44322C3E2DD5391B6AEFA75A -- C:\WINDOWS\system32\xmlprov.dll
[color=#A23BEC]< %systemroot%\*. /mp /s >[/color] -
[color=#A23BEC]< %systemroot%\system32\*.dll /lockedfiles >[/color]
[2004/08/03 20:54:24 | 000,025,088 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\WINDOWS\system32\davclnt.dll
[2008/06/20 13:41:06 | 000,148,992 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\WINDOWS\system32\dnsapi.dll
[2004/08/03 20:54:24 | 000,014,336 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\WINDOWS\system32\drprov.dll
[2010/05/06 06:33:36 | 011,076,096 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\WINDOWS\system32\ieframe.dll
[2010/05/06 06:33:38 | 001,985,536 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\WINDOWS\system32\iertutil.dll
[2004/08/03 20:54:36 | 000,281,600 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\WINDOWS\system32\mstask.dll
[2004/08/03 20:54:36 | 000,012,288 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\WINDOWS\system32\netrap.dll
[2004/08/03 20:54:36 | 000,083,456 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\WINDOWS\system32\netui0.dll
[2004/08/03 20:54:36 | 000,245,760 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\WINDOWS\system32\netui1.dll
[2004/08/03 20:54:36 | 000,067,072 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\WINDOWS\system32\ntdsapi.dll
[2004/08/03 20:54:36 | 000,043,520 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\WINDOWS\system32\ntlanman.dll
[2007/10/25 12:56:24 | 008,510,976 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\WINDOWS\system32\shell32.dll
[7 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
[color=#A23BEC]< %systemroot%\Tasks\*.job /lockedfiles >[/color]
[color=#A23BEC]< %systemroot%\system32\drivers\*.sys /lockedfiles >[/color]
[2 C:\WINDOWS\system32\drivers\*.tmp files -> C:\WINDOWS\system32\drivers\*.tmp -> ]
[color=#A23BEC]< %systemroot%\System32\config\*.sav >[/color]
[2007/10/25 22:09:51 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2007/10/25 22:09:51 | 000,663,552 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2007/10/25 22:09:51 | 000,454,656 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav
[color=#A23BEC]< c:\$recycle.bin\*.* /s >[/color]
[color=#E56717]========== Files - Unicode (All) ==========[/color]
[2007/11/01 07:24:48 | 000,000,000 | ---D | M](C:\Documents and Settings\Administrateur\Application Data\?asks) -- C:\Documents and Settings\Administrateur\Application Data\?asks
[2007/11/01 07:24:48 | 000,000,000 | ---D | M](C:\Documents and Settings\Administrateur\Application Data\?asks) -- C:\Documents and Settings\Administrateur\Application Data\?asks
[2007/11/01 07:17:02 | 000,000,000 | ---D | M](C:\WINDOWS\System32\?ppPatch) -- C:\WINDOWS\System32\?ppPatch
[2007/11/01 07:17:02 | 000,000,000 | ---D | C](C:\WINDOWS\System32\?ppPatch) -- C:\WINDOWS\System32\?ppPatch
[2007/11/01 07:13:03 | 000,000,000 | ---D | M](C:\Documents and Settings\Administrateur\Application Data\?ppPatch) -- C:\Documents and Settings\Administrateur\Application Data\?ppPatch
[2007/11/01 07:13:03 | 000,000,000 | ---D | M](C:\Documents and Settings\Administrateur\Application Data\?ppPatch) -- C:\Documents and Settings\Administrateur\Application Data\?ppPatch
[2007/11/01 07:11:15 | 000,000,000 | ---D | M](C:\WINDOWS\System32\??sks) -- C:\WINDOWS\System32\??sks
[2007/11/01 07:11:15 | 000,000,000 | ---D | C](C:\WINDOWS\System32\??sks) -- C:\WINDOWS\System32\??sks
[2007/11/01 07:11:08 | 000,000,000 | ---D | M](C:\WINDOWS\System32\??pPatch) -- C:\WINDOWS\System32\??pPatch
[2007/11/01 07:11:08 | 000,000,000 | ---D | C](C:\WINDOWS\System32\??pPatch) -- C:\WINDOWS\System32\??pPatch
[2007/11/01 07:10:35 | 000,000,000 | ---D | M](C:\Documents and Settings\Administrateur\Application Data\a?sembly) -- C:\Documents and Settings\Administrateur\Application Data\a?sembly
[2007/11/01 07:10:35 | 000,000,000 | ---D | M](C:\Documents and Settings\Administrateur\Application Data\a?sembly) -- C:\Documents and Settings\Administrateur\Application Data\a?sembly
[2007/11/01 07:10:30 | 000,000,000 | ---D | M](C:\Documents and Settings\Administrateur\Application Data\?ppPatch) -- C:\Documents and Settings\Administrateur\Application Data\?ppPatch
[2007/11/01 07:10:30 | 000,000,000 | ---D | M](C:\Documents and Settings\Administrateur\Application Data\?ppPatch) -- C:\Documents and Settings\Administrateur\Application Data\?ppPatch
[2007/11/01 07:10:25 | 000,000,000 | ---D | M](C:\Documents and Settings\Administrateur\Application Data\?icrosoft) -- C:\Documents and Settings\Administrateur\Application Data\?icrosoft
[2007/11/01 07:10:25 | 000,000,000 | ---D | M](C:\Documents and Settings\Administrateur\Application Data\?icrosoft) -- C:\Documents and Settings\Administrateur\Application Data\?icrosoft
[2007/11/01 07:10:07 | 000,000,000 | ---D | M](C:\WINDOWS\System32\??crosoft.NET) -- C:\WINDOWS\System32\??crosoft.NET
[2007/11/01 07:10:07 | 000,000,000 | ---D | C](C:\WINDOWS\System32\??crosoft.NET) -- C:\WINDOWS\System32\??crosoft.NET
[2007/11/01 07:08:51 | 000,000,000 | ---D | M](C:\WINDOWS\System32\M?crosoft.NET) -- C:\WINDOWS\System32\M?crosoft.NET
[2007/11/01 07:08:51 | 000,000,000 | ---D | C](C:\WINDOWS\System32\M?crosoft.NET) -- C:\WINDOWS\System32\M?crosoft.NET
[2007/11/01 07:08:50 | 000,000,000 | ---D | M](C:\WINDOWS\System32\T?sks) -- C:\WINDOWS\System32\T?sks
[2007/11/01 07:08:50 | 000,000,000 | ---D | C](C:\WINDOWS\System32\T?sks) -- C:\WINDOWS\System32\T?sks
[2007/11/01 07:08:16 | 000,000,000 | ---D | M](C:\Documents and Settings\Administrateur\Application Data\A?pPatch) -- C:\Documents and Settings\Administrateur\Application Data\A?pPatch
[2007/11/01 07:08:16 | 000,000,000 | ---D | M](C:\Documents and Settings\Administrateur\Application Data\A?pPatch) -- C:\Documents and Settings\Administrateur\Application Data\A?pPatch
[2007/11/01 07:08:09 | 000,000,000 | ---D | M](C:\Documents and Settings\Administrateur\Application Data\??sks) -- C:\Documents and Settings\Administrateur\Application Data\??sks
[2007/11/01 07:08:09 | 000,000,000 | ---D | M](C:\Documents and Settings\Administrateur\Application Data\??sks) -- C:\Documents and Settings\Administrateur\Application Data\??sks
[2007/11/01 07:07:52 | 000,000,000 | ---D | M](C:\WINDOWS\System32\s?mbols) -- C:\WINDOWS\System32\s?mbols
[2007/11/01 07:07:52 | 000,000,000 | ---D | C](C:\WINDOWS\System32\s?mbols) -- C:\WINDOWS\System32\s?mbols
[2007/11/01 07:07:33 | 000,000,000 | ---D | M](C:\WINDOWS\System32\?icrosoft.NET) -- C:\WINDOWS\System32\?icrosoft.NET
[2007/11/01 07:07:33 | 000,000,000 | ---D | C](C:\WINDOWS\System32\?icrosoft.NET) -- C:\WINDOWS\System32\?icrosoft.NET
[2007/11/01 07:07:30 | 000,000,000 | ---D | M](C:\Documents and Settings\Administrateur\Application Data\F?nts) -- C:\Documents and Settings\Administrateur\Application Data\F?nts
[2007/11/01 07:07:30 | 000,000,000 | ---D | M](C:\Documents and Settings\Administrateur\Application Data\F?nts) -- C:\Documents and Settings\Administrateur\Application Data\F?nts
[2007/11/01 07:07:02 | 000,000,000 | ---D | M](C:\Documents and Settings\Administrateur\Application Data\??crosoft) -- C:\Documents and Settings\Administrateur\Application Data\??crosoft
[2007/11/01 07:07:02 | 000,000,000 | ---D | M](C:\Documents and Settings\Administrateur\Application Data\??crosoft) -- C:\Documents and Settings\Administrateur\Application Data\??crosoft
[2007/11/01 07:06:50 | 000,000,000 | ---D | M](C:\Documents and Settings\Administrateur\Application Data\s?stem32) -- C:\Documents and Settings\Administrateur\Application Data\s?stem32
[2007/11/01 07:06:50 | 000,000,000 | ---D | M](C:\Documents and Settings\Administrateur\Application Data\s?stem32) -- C:\Documents and Settings\Administrateur\Application Data\s?stem32
[2007/11/01 07:01:50 | 000,000,000 | ---D | M](C:\Documents and Settings\Administrateur\Application Data\?dobe) -- C:\Documents and Settings\Administrateur\Application Data\?dobe
[2007/11/01 07:01:50 | 000,000,000 | ---D | M](C:\Documents and Settings\Administrateur\Application Data\?dobe) -- C:\Documents and Settings\Administrateur\Application Data\?dobe
[2007/11/01 07:01:46 | 000,000,000 | ---D | M](C:\Documents and Settings\Administrateur\Application Data\??sembly) -- C:\Documents and Settings\Administrateur\Application Data\??sembly
[2007/11/01 07:01:46 | 000,000,000 | ---D | M](C:\Documents and Settings\Administrateur\Application Data\??sembly) -- C:\Documents and Settings\Administrateur\Application Data\??sembly
[2007/11/01 07:01:37 | 000,000,000 | ---D | M](C:\Documents and Settings\Administrateur\Application Data\??mbols) -- C:\Documents and Settings\Administrateur\Application Data\??mbols
[2007/11/01 07:01:37 | 000,000,000 | ---D | M](C:\Documents and Settings\Administrateur\Application Data\??mbols) -- C:\Documents and Settings\Administrateur\Application Data\??mbols
[2007/11/01 07:01:35 | 000,000,000 | ---D | M](C:\WINDOWS\System32\?racle) -- C:\WINDOWS\System32\?racle
[2007/11/01 07:01:35 | 000,000,000 | ---D | C](C:\WINDOWS\System32\?racle) -- C:\WINDOWS\System32\?racle
[2007/11/01 07:01:34 | 000,000,000 | ---D | M](C:\WINDOWS\System32\?icrosoft) -- C:\WINDOWS\System32\?icrosoft
[2007/11/01 07:01:34 | 000,000,000 | ---D | C](C:\WINDOWS\System32\?icrosoft) -- C:\WINDOWS\System32\?icrosoft
[2007/11/01 07:01:04 | 000,000,000 | ---D | M](C:\WINDOWS\System32\??pPatch) -- C:\WINDOWS\System32\??pPatch
[2007/11/01 07:01:04 | 000,000,000 | ---D | C](C:\WINDOWS\System32\??pPatch) -- C:\WINDOWS\System32\??pPatch
[2007/11/01 07:01:03 | 000,000,000 | ---D | M](C:\Documents and Settings\Administrateur\Application Data\?dobe) -- C:\Documents and Settings\Administrateur\Application Data\?dobe
[2007/11/01 07:01:03 | 000,000,000 | ---D | M](C:\Documents and Settings\Administrateur\Application Data\?dobe) -- C:\Documents and Settings\Administrateur\Application Data\?dobe
[2007/11/01 07:00:50 | 000,000,000 | ---D | M](C:\WINDOWS\System32\s?curity) -- C:\WINDOWS\System32\s?curity
[2007/11/01 07:00:50 | 000,000,000 | ---D | C](C:\WINDOWS\System32\s?curity) -- C:\WINDOWS\System32\s?curity
[2007/11/01 07:00:46 | 000,000,000 | ---D | M](C:\Documents and Settings\Administrateur\Application Data\?asks) -- C:\Documents and Settings\Administrateur\Application Data\?asks
[2007/11/01 07:00:46 | 000,000,000 | ---D | M](C:\Documents and Settings\Administrateur\Application Data\?asks) -- C:\Documents and Settings\Administrateur\Application Data\?asks
[2007/11/01 07:00:41 | 000,000,000 | ---D | M](C:\Documents and Settings\Administrateur\Application Data\W?nSxS) -- C:\Documents and Settings\Administrateur\Application Data\W?nSxS
[2007/11/01 07:00:41 | 000,000,000 | ---D | M](C:\Documents and Settings\Administrateur\Application Data\W?nSxS) -- C:\Documents and Settings\Administrateur\Application Data\W?nSxS
[2007/11/01 07:00:40 | 000,000,000 | ---D | M](C:\Documents and Settings\Administrateur\Application Data\s?mbols) -- C:\Documents and Settings\Administrateur\Application Data\s?mbols
[2007/11/01 07:00:40 | 000,000,000 | ---D | M](C:\Documents and Settings\Administrateur\Application Data\s?mbols) -- C:\Documents and Settings\Administrateur\Application Data\s?mbols
[2007/11/01 07:00:35 | 000,000,000 | ---D | M](C:\Documents and Settings\Administrateur\Application Data\?ymbols) -- C:\Documents and Settings\Administrateur\Application Data\?ymbols
[2007/11/01 07:00:35 | 000,000,000 | ---D | M](C:\Documents and Settings\Administrateur\Application Data\?ymbols) -- C:\Documents and Settings\Administrateur\Application Data\?ymbols
[2007/11/01 07:00:33 | 000,000,000 | ---D | M](C:\WINDOWS\System32\?ssembly) -- C:\WINDOWS\System32\?ssembly
[2007/11/01 07:00:33 | 000,000,000 | ---D | C](C:\WINDOWS\System32\?ssembly) -- C:\WINDOWS\System32\?ssembly
[2007/11/01 07:00:25 | 000,000,000 | ---D | M](C:\WINDOWS\System32\s?stem32) -- C:\WINDOWS\System32\s?stem32
[2007/11/01 07:00:25 | 000,000,000 | ---D | C](C:\WINDOWS\System32\s?stem32) -- C:\WINDOWS\System32\s?stem32
[2007/11/01 07:00:09 | 000,000,000 | ---D | M](C:\Documents and Settings\Administrateur\Application Data\?ystem) -- C:\Documents and Settings\Administrateur\Application Data\?ystem
[2007/11/01 07:00:09 | 000,000,000 | ---D | M](C:\Documents and Settings\Administrateur\Application Data\?ystem) -- C:\Documents and Settings\Administrateur\Application Data\?ystem
[2007/11/01 07:00:08 | 000,000,000 | ---D | M](C:\Documents and Settings\Administrateur\Application Data\?icrosoft.NET) -- C:\Documents and Settings\Administrateur\Application Data\?icrosoft.NET
[2007/11/01 07:00:08 | 000,000,000 | ---D | M](C:\Documents and Settings\Administrateur\Application Data\?icrosoft.NET) -- C:\Documents and Settings\Administrateur\Application Data\?icrosoft.NET
[2007/11/01 07:00:03 | 000,000,000 | ---D | M](C:\Documents and Settings\Administrateur\Application Data\??curity) -- C:\Documents and Settings\Administrateur\Application Data\??curity
[2007/11/01 07:00:03 | 000,000,000 | ---D | M](C:\Documents and Settings\Administrateur\Application Data\??curity) -- C:\Documents and Settings\Administrateur\Application Data\??curity
[2007/11/01 07:00:02 | 000,000,000 | ---D | M](C:\WINDOWS\System32\??sembly) -- C:\WINDOWS\System32\??sembly
[2007/11/01 07:00:02 | 000,000,000 | ---D | C](C:\WINDOWS\System32\??sembly) -- C:\WINDOWS\System32\??sembly
[2007/11/01 07:00:01 | 000,000,000 | ---D | M](C:\WINDOWS\System32\S?mantec) -- C:\WINDOWS\System32\S?mantec
[2007/11/01 07:00:01 | 000,000,000 | ---D | C](C:\WINDOWS\System32\S?mantec) -- C:\WINDOWS\System32\S?mantec -
[2007/11/01 07:00:00 | 000,000,000 | ---D | M](C:\Documents and Settings\Administrateur\Application Data\?ystem32) -- C:\Documents and Settings\Administrateur\Application Data\?ystem32
[2007/11/01 07:00:00 | 000,000,000 | ---D | M](C:\Documents and Settings\Administrateur\Application Data\?ystem32) -- C:\Documents and Settings\Administrateur\Application Data\?ystem32
[2007/11/01 06:59:55 | 000,000,000 | ---D | M](C:\WINDOWS\System32\?icrosoft.NET) -- C:\WINDOWS\System32\?icrosoft.NET
[2007/11/01 06:59:55 | 000,000,000 | ---D | M](C:\Documents and Settings\Administrateur\Application Data\?icrosoft.NET) -- C:\Documents and Settings\Administrateur\Application Data\?icrosoft.NET
[2007/11/01 06:59:55 | 000,000,000 | ---D | M](C:\Documents and Settings\Administrateur\Application Data\?icrosoft.NET) -- C:\Documents and Settings\Administrateur\Application Data\?icrosoft.NET
[2007/11/01 06:59:55 | 000,000,000 | ---D | C](C:\WINDOWS\System32\?icrosoft.NET) -- C:\WINDOWS\System32\?icrosoft.NET
[2007/11/01 06:59:54 | 000,000,000 | ---D | M](C:\WINDOWS\System32\??sks) -- C:\WINDOWS\System32\??sks
[2007/11/01 06:59:54 | 000,000,000 | ---D | C](C:\WINDOWS\System32\??sks) -- C:\WINDOWS\System32\??sks
[2007/11/01 06:59:53 | 000,000,000 | ---D | M](C:\WINDOWS\System32\??mbols) -- C:\WINDOWS\System32\??mbols
[2007/11/01 06:59:53 | 000,000,000 | ---D | C](C:\WINDOWS\System32\??mbols) -- C:\WINDOWS\System32\??mbols
[2007/11/01 06:59:50 | 000,000,000 | ---D | M](C:\WINDOWS\System32\M?crosoft) -- C:\WINDOWS\System32\M?crosoft
[2007/11/01 06:59:50 | 000,000,000 | ---D | C](C:\WINDOWS\System32\M?crosoft) -- C:\WINDOWS\System32\M?crosoft
[2007/11/01 06:59:41 | 000,000,000 | ---D | M](C:\WINDOWS\System32\a?sembly) -- C:\WINDOWS\System32\a?sembly
[2007/11/01 06:59:41 | 000,000,000 | ---D | C](C:\WINDOWS\System32\a?sembly) -- C:\WINDOWS\System32\a?sembly
[2007/11/01 06:59:40 | 000,000,000 | ---D | M](C:\WINDOWS\System32\?dobe) -- C:\WINDOWS\System32\?dobe
[2007/11/01 06:59:40 | 000,000,000 | ---D | C](C:\WINDOWS\System32\?dobe) -- C:\WINDOWS\System32\?dobe
[2007/11/01 06:59:39 | 000,000,000 | ---D | M](C:\Documents and Settings\Administrateur\Application Data\??pPatch) -- C:\Documents and Settings\Administrateur\Application Data\??pPatch
[2007/11/01 06:59:39 | 000,000,000 | ---D | M](C:\Documents and Settings\Administrateur\Application Data\??pPatch) -- C:\Documents and Settings\Administrateur\Application Data\??pPatch
[2007/11/01 06:59:38 | 000,000,000 | ---D | M](C:\Documents and Settings\Administrateur\Application Data\??stem32) -- C:\Documents and Settings\Administrateur\Application Data\??stem32
[2007/11/01 06:59:38 | 000,000,000 | ---D | M](C:\Documents and Settings\Administrateur\Application Data\??stem32) -- C:\Documents and Settings\Administrateur\Application Data\??stem32
[2007/11/01 06:59:32 | 000,000,000 | ---D | M](C:\WINDOWS\System32\?ymantec) -- C:\WINDOWS\System32\?ymantec
[2007/11/01 06:59:32 | 000,000,000 | ---D | C](C:\WINDOWS\System32\?ymantec) -- C:\WINDOWS\System32\?ymantec
[2007/11/01 06:59:24 | 000,000,000 | ---D | M](C:\Documents and Settings\Administrateur\Application Data\??crosoft.NET) -- C:\Documents and Settings\Administrateur\Application Data\??crosoft.NET
[2007/11/01 06:59:24 | 000,000,000 | ---D | M](C:\Documents and Settings\Administrateur\Application Data\??crosoft.NET) -- C:\Documents and Settings\Administrateur\Application Data\??crosoft.NET
[2007/11/01 06:59:21 | 000,000,000 | ---D | M](C:\WINDOWS\System32\?racle) -- C:\WINDOWS\System32\?racle
[2007/11/01 06:59:21 | 000,000,000 | ---D | C](C:\WINDOWS\System32\?racle) -- C:\WINDOWS\System32\?racle
[2007/11/01 06:59:20 | 000,000,000 | ---D | M](C:\WINDOWS\System32\?ppPatch) -- C:\WINDOWS\System32\?ppPatch
[2007/11/01 06:59:20 | 000,000,000 | ---D | C](C:\WINDOWS\System32\?ppPatch) -- C:\WINDOWS\System32\?ppPatch
[2007/11/01 06:59:19 | 000,000,000 | ---D | M](C:\WINDOWS\System32\?dobe) -- C:\WINDOWS\System32\?dobe
[2007/11/01 06:59:19 | 000,000,000 | ---D | C](C:\WINDOWS\System32\?dobe) -- C:\WINDOWS\System32\?dobe
[2007/11/01 06:59:18 | 000,000,000 | ---D | M](C:\WINDOWS\System32\?ymbols) -- C:\WINDOWS\System32\?ymbols
[2007/11/01 06:59:18 | 000,000,000 | ---D | C](C:\WINDOWS\System32\?ymbols) -- C:\WINDOWS\System32\?ymbols
[2007/11/01 06:59:17 | 000,000,000 | ---D | M](C:\Documents and Settings\Administrateur\Application Data\s?stem) -- C:\Documents and Settings\Administrateur\Application Data\s?stem
[2007/11/01 06:59:17 | 000,000,000 | ---D | M](C:\Documents and Settings\Administrateur\Application Data\s?stem) -- C:\Documents and Settings\Administrateur\Application Data\s?stem
[2007/11/01 06:59:16 | 000,000,000 | ---D | M](C:\Documents and Settings\Administrateur\Application Data\M?crosoft.NET) -- C:\Documents and Settings\Administrateur\Application Data\M?crosoft.NET
[2007/11/01 06:59:16 | 000,000,000 | ---D | M](C:\Documents and Settings\Administrateur\Application Data\M?crosoft.NET) -- C:\Documents and Settings\Administrateur\Application Data\M?crosoft.NET
[2007/11/01 06:59:07 | 000,000,000 | ---D | M](C:\Documents and Settings\Administrateur\Application Data\??sks) -- C:\Documents and Settings\Administrateur\Application Data\??sks
[2007/11/01 06:59:07 | 000,000,000 | ---D | M](C:\Documents and Settings\Administrateur\Application Data\??sks) -- C:\Documents and Settings\Administrateur\Application Data\??sks
[2007/11/01 06:59:06 | 000,000,000 | ---D | M](C:\Documents and Settings\Administrateur\Application Data\s?curity) -- C:\Documents and Settings\Administrateur\Application Data\s?curity
[2007/11/01 06:59:06 | 000,000,000 | ---D | M](C:\Documents and Settings\Administrateur\Application Data\s?curity) -- C:\Documents and Settings\Administrateur\Application Data\s?curity
[2007/11/01 06:59:03 | 000,000,000 | ---D | M](C:\Documents and Settings\Administrateur\Application Data\M?crosoft) -- C:\Documents and Settings\Administrateur\Application Data\M?crosoft
[2007/11/01 06:59:03 | 000,000,000 | ---D | M](C:\Documents and Settings\Administrateur\Application Data\M?crosoft) -- C:\Documents and Settings\Administrateur\Application Data\M?crosoft
[2007/11/01 06:59:02 | 000,000,000 | ---D | M](C:\WINDOWS\System32\??stem) -- C:\WINDOWS\System32\??stem
[2007/11/01 06:59:02 | 000,000,000 | ---D | M](C:\Documents and Settings\Administrateur\Application Data\??stem) -- C:\Documents and Settings\Administrateur\Application Data\??stem
[2007/11/01 06:59:02 | 000,000,000 | ---D | M](C:\Documents and Settings\Administrateur\Application Data\??stem) -- C:\Documents and Settings\Administrateur\Application Data\??stem
[2007/11/01 06:59:02 | 000,000,000 | ---D | C](C:\WINDOWS\System32\??stem) -- C:\WINDOWS\System32\??stem
[2007/11/01 06:59:01 | 000,000,000 | ---D | M](C:\WINDOWS\System32\??mantec) -- C:\WINDOWS\System32\??mantec
[2007/11/01 06:59:01 | 000,000,000 | ---D | M](C:\Documents and Settings\Administrateur\Application Data\??mantec) -- C:\Documents and Settings\Administrateur\Application Data\??mantec
[2007/11/01 06:59:01 | 000,000,000 | ---D | M](C:\Documents and Settings\Administrateur\Application Data\??mantec) -- C:\Documents and Settings\Administrateur\Application Data\??mantec
[2007/11/01 06:59:01 | 000,000,000 | ---D | C](C:\WINDOWS\System32\??mantec) -- C:\WINDOWS\System32\??mantec
[2007/11/01 06:58:56 | 000,000,000 | ---D | M](C:\WINDOWS\System32\s?stem) -- C:\WINDOWS\System32\s?stem
[2007/11/01 06:58:56 | 000,000,000 | ---D | C](C:\WINDOWS\System32\s?stem) -- C:\WINDOWS\System32\s?stem
[2007/11/01 06:58:55 | 000,000,000 | ---D | M](C:\Documents and Settings\Administrateur\Application Data\?ssembly) -- C:\Documents and Settings\Administrateur\Application Data\?ssembly
[2007/11/01 06:58:55 | 000,000,000 | ---D | M](C:\Documents and Settings\Administrateur\Application Data\?ssembly) -- C:\Documents and Settings\Administrateur\Application Data\?ssembly
[2007/11/01 06:58:54 | 000,000,000 | ---D | M](C:\Documents and Settings\Administrateur\Application Data\??pPatch) -- C:\Documents and Settings\Administrateur\Application Data\??pPatch
[2007/11/01 06:58:54 | 000,000,000 | ---D | M](C:\Documents and Settings\Administrateur\Application Data\??pPatch) -- C:\Documents and Settings\Administrateur\Application Data\??pPatch
[2007/11/01 06:58:53 | 000,000,000 | ---D | M](C:\Documents and Settings\Administrateur\Application Data\T?sks) -- C:\Documents and Settings\Administrateur\Application Data\T?sks
[2007/11/01 06:58:53 | 000,000,000 | ---D | M](C:\Documents and Settings\Administrateur\Application Data\T?sks) -- C:\Documents and Settings\Administrateur\Application Data\T?sks
[2007/11/01 06:58:48 | 000,000,000 | ---D | M](C:\Documents and Settings\Administrateur\Application Data\?ymantec) -- C:\Documents and Settings\Administrateur\Application Data\?ymantec
[2007/11/01 06:58:48 | 000,000,000 | ---D | M](C:\Documents and Settings\Administrateur\Application Data\?ymantec) -- C:\Documents and Settings\Administrateur\Application Data\?ymantec
[2007/11/01 06:58:46 | 000,000,000 | ---D | M](C:\WINDOWS\System32\F?nts) -- C:\WINDOWS\System32\F?nts
[2007/11/01 06:58:46 | 000,000,000 | ---D | C](C:\WINDOWS\System32\F?nts) -- C:\WINDOWS\System32\F?nts
[2007/11/01 06:58:45 | 000,000,000 | ---D | M](C:\WINDOWS\System32\?ecurity) -- C:\WINDOWS\System32\?ecurity
[2007/11/01 06:58:45 | 000,000,000 | ---D | M](C:\Documents and Settings\Administrateur\Application Data\?ecurity) -- C:\Documents and Settings\Administrateur\Application Data\?ecurity
[2007/11/01 06:58:45 | 000,000,000 | ---D | M](C:\Documents and Settings\Administrateur\Application Data\?ecurity) -- C:\Documents and Settings\Administrateur\Application Data\?ecurity
[2007/11/01 06:58:45 | 000,000,000 | ---D | C](C:\WINDOWS\System32\?ecurity) -- C:\WINDOWS\System32\?ecurity
[2007/11/01 06:58:37 | 000,000,000 | ---D | M](C:\WINDOWS\System32\?icrosoft) -- C:\WINDOWS\System32\?icrosoft
[2007/11/01 06:58:37 | 000,000,000 | ---D | M](C:\Documents and Settings\Administrateur\Application Data\?icrosoft) -- C:\Documents and Settings\Administrateur\Application Data\?icrosoft
[2007/11/01 06:58:37 | 000,000,000 | ---D | M](C:\Documents and Settings\Administrateur\Application Data\?icrosoft) -- C:\Documents and Settings\Administrateur\Application Data\?icrosoft
[2007/11/01 06:58:37 | 000,000,000 | ---D | C](C:\WINDOWS\System32\?icrosoft) -- C:\WINDOWS\System32\?icrosoft
[2007/11/01 06:58:36 | 000,000,000 | ---D | M](C:\WINDOWS\System32\?asks) -- C:\WINDOWS\System32\?asks
[2007/11/01 06:58:36 | 000,000,000 | ---D | C](C:\WINDOWS\System32\?asks) -- C:\WINDOWS\System32\?asks
[2007/11/01 06:58:32 | 000,000,000 | ---D | M](C:\WINDOWS\System32\??crosoft) -- C:\WINDOWS\System32\??crosoft
[2007/11/01 06:58:32 | 000,000,000 | ---D | M](C:\Documents and Settings\Administrateur\Application Data\??crosoft) -- C:\Documents and Settings\Administrateur\Application Data\??crosoft
[2007/11/01 06:58:32 | 000,000,000 | ---D | M](C:\Documents and Settings\Administrateur\Application Data\??crosoft) -- C:\Documents and Settings\Administrateur\Application Data\??crosoft
[2007/11/01 06:58:32 | 000,000,000 | ---D | C](C:\WINDOWS\System32\??crosoft) -- C:\WINDOWS\System32\??crosoft
[2007/11/01 06:58:31 | 000,000,000 | ---D | M](C:\WINDOWS\System32\W?nSxS) -- C:\WINDOWS\System32\W?nSxS
[2007/11/01 06:58:31 | 000,000,000 | ---D | C](C:\WINDOWS\System32\W?nSxS) -- C:\WINDOWS\System32\W?nSxS
[2007/11/01 06:58:28 | 000,000,000 | ---D | M](C:\WINDOWS\System32\A?pPatch) -- C:\WINDOWS\System32\A?pPatch
[2007/11/01 06:58:28 | 000,000,000 | ---D | C](C:\WINDOWS\System32\A?pPatch) -- C:\WINDOWS\System32\A?pPatch
[2007/11/01 06:58:26 | 000,000,000 | ---D | M](C:\WINDOWS\System32\?asks) -- C:\WINDOWS\System32\?asks
[2007/11/01 06:58:26 | 000,000,000 | ---D | C](C:\WINDOWS\System32\?asks) -- C:\WINDOWS\System32\?asks
[2007/11/01 06:58:25 | 000,000,000 | ---D | M](C:\WINDOWS\System32\?ystem32) -- C:\WINDOWS\System32\?ystem32
[2007/11/01 06:58:25 | 000,000,000 | ---D | C](C:\WINDOWS\System32\?ystem32) -- C:\WINDOWS\System32\?ystem32
[2007/11/01 06:58:23 | 000,000,000 | ---D | M](C:\Documents and Settings\Administrateur\Application Data\F?nts) -- C:\Documents and Settings\Administrateur\Application Data\F?nts
[2007/11/01 06:58:23 | 000,000,000 | ---D | M](C:\Documents and Settings\Administrateur\Application Data\F?nts) -- C:\Documents and Settings\Administrateur\Application Data\F?nts
[2007/11/01 06:58:22 | 000,000,000 | ---D | M](C:\WINDOWS\System32\??crosoft) -- C:\WINDOWS\System32\??crosoft
[2007/11/01 06:58:22 | 000,000,000 | ---D | C](C:\WINDOWS\System32\??crosoft) -- C:\WINDOWS\System32\??crosoft -
[2007/11/01 06:58:20 | 000,000,000 | ---D | M](C:\WINDOWS\System32\??stem32) -- C:\WINDOWS\System32\??stem32
[2007/11/01 06:58:20 | 000,000,000 | ---D | C](C:\WINDOWS\System32\??stem32) -- C:\WINDOWS\System32\??stem32
[2007/11/01 06:58:19 | 000,000,000 | ---D | M](C:\WINDOWS\System32\??curity) -- C:\WINDOWS\System32\??curity
[2007/11/01 06:58:19 | 000,000,000 | ---D | C](C:\WINDOWS\System32\??curity) -- C:\WINDOWS\System32\??curity
[2007/11/01 06:58:18 | 000,000,000 | ---D | M](C:\WINDOWS\System32\F?nts) -- C:\WINDOWS\System32\F?nts
[2007/11/01 06:58:18 | 000,000,000 | ---D | C](C:\WINDOWS\System32\F?nts) -- C:\WINDOWS\System32\F?nts
[2007/11/01 06:58:17 | 000,000,000 | ---D | M](C:\Documents and Settings\Administrateur\Application Data\S?mantec) -- C:\Documents and Settings\Administrateur\Application Data\S?mantec
[2007/11/01 06:58:17 | 000,000,000 | ---D | M](C:\Documents and Settings\Administrateur\Application Data\S?mantec) -- C:\Documents and Settings\Administrateur\Application Data\S?mantec
[2007/11/01 06:58:16 | 000,000,000 | ---D | M](C:\WINDOWS\System32\??crosoft.NET) -- C:\WINDOWS\System32\??crosoft.NET
[2007/11/01 06:58:16 | 000,000,000 | ---D | M](C:\Documents and Settings\Administrateur\Application Data\??crosoft.NET) -- C:\Documents and Settings\Administrateur\Application Data\??crosoft.NET
[2007/11/01 06:58:16 | 000,000,000 | ---D | M](C:\Documents and Settings\Administrateur\Application Data\??crosoft.NET) -- C:\Documents and Settings\Administrateur\Application Data\??crosoft.NET
[2007/11/01 06:58:16 | 000,000,000 | ---D | C](C:\WINDOWS\System32\??crosoft.NET) -- C:\WINDOWS\System32\??crosoft.NET
[2007/11/01 06:58:15 | 000,000,000 | ---D | M](C:\WINDOWS\System32\?ystem) -- C:\WINDOWS\System32\?ystem
[2007/11/01 06:58:15 | 000,000,000 | ---D | C](C:\WINDOWS\System32\?ystem) -- C:\WINDOWS\System32\?ystem
[2007/11/01 06:58:13 | 000,000,000 | ---D | M](C:\Documents and Settings\Administrateur\Application Data\?racle) -- C:\Documents and Settings\Administrateur\Application Data\?racle
[2007/11/01 06:58:13 | 000,000,000 | ---D | M](C:\Documents and Settings\Administrateur\Application Data\?racle) -- C:\Documents and Settings\Administrateur\Application Data\?racle
[2007/11/01 06:58:12 | 000,000,000 | ---D | M](C:\Documents and Settings\Administrateur\Application Data\?racle) -- C:\Documents and Settings\Administrateur\Application Data\?racle
[2007/11/01 06:58:12 | 000,000,000 | ---D | M](C:\Documents and Settings\Administrateur\Application Data\?racle) -- C:\Documents and Settings\Administrateur\Application Data\?racle
(C:\Documents and Settings\Administrateur\Application Data\W?nSxS) -- C:\Documents and Settings\Administrateur\Application Data\W?nSxS
(C:\Documents and Settings\Administrateur\Application Data\T?sks) -- C:\Documents and Settings\Administrateur\Application Data\T?sks
(C:\Documents and Settings\Administrateur\Application Data\s?stem32) -- C:\Documents and Settings\Administrateur\Application Data\s?stem32
(C:\Documents and Settings\Administrateur\Application Data\s?stem) -- C:\Documents and Settings\Administrateur\Application Data\s?stem
(C:\Documents and Settings\Administrateur\Application Data\s?mbols) -- C:\Documents and Settings\Administrateur\Application Data\s?mbols
(C:\Documents and Settings\Administrateur\Application Data\S?mantec) -- C:\Documents and Settings\Administrateur\Application Data\S?mantec
(C:\Documents and Settings\Administrateur\Application Data\s?curity) -- C:\Documents and Settings\Administrateur\Application Data\s?curity
(C:\Documents and Settings\Administrateur\Application Data\M?crosoft.NET) -- C:\Documents and Settings\Administrateur\Application Data\M?crosoft.NET
(C:\Documents and Settings\Administrateur\Application Data\M?crosoft) -- C:\Documents and Settings\Administrateur\Application Data\M?crosoft
(C:\Documents and Settings\Administrateur\Application Data\F?nts) -- C:\Documents and Settings\Administrateur\Application Data\F?nts
(C:\Documents and Settings\Administrateur\Application Data\F?nts) -- C:\Documents and Settings\Administrateur\Application Data\F?nts
(C:\Documents and Settings\Administrateur\Application Data\a?sembly) -- C:\Documents and Settings\Administrateur\Application Data\a?sembly
(C:\Documents and Settings\Administrateur\Application Data\A?pPatch) -- C:\Documents and Settings\Administrateur\Application Data\A?pPatch
(C:\Documents and Settings\Administrateur\Application Data\?ystem32) -- C:\Documents and Settings\Administrateur\Application Data\?ystem32
(C:\Documents and Settings\Administrateur\Application Data\?ystem) -- C:\Documents and Settings\Administrateur\Application Data\?ystem
(C:\Documents and Settings\Administrateur\Application Data\?ymbols) -- C:\Documents and Settings\Administrateur\Application Data\?ymbols
(C:\Documents and Settings\Administrateur\Application Data\?ymantec) -- C:\Documents and Settings\Administrateur\Application Data\?ymantec
(C:\Documents and Settings\Administrateur\Application Data\?ssembly) -- C:\Documents and Settings\Administrateur\Application Data\?ssembly
(C:\Documents and Settings\Administrateur\Application Data\?racle) -- C:\Documents and Settings\Administrateur\Application Data\?racle
(C:\Documents and Settings\Administrateur\Application Data\?racle) -- C:\Documents and Settings\Administrateur\Application Data\?racle
(C:\Documents and Settings\Administrateur\Application Data\?ppPatch) -- C:\Documents and Settings\Administrateur\Application Data\?ppPatch
(C:\Documents and Settings\Administrateur\Application Data\?ppPatch) -- C:\Documents and Settings\Administrateur\Application Data\?ppPatch
(C:\Documents and Settings\Administrateur\Application Data\?icrosoft.NET) -- C:\Documents and Settings\Administrateur\Application Data\?icrosoft.NET
(C:\Documents and Settings\Administrateur\Application Data\?icrosoft.NET) -- C:\Documents and Settings\Administrateur\Application Data\?icrosoft.NET
(C:\Documents and Settings\Administrateur\Application Data\?icrosoft) -- C:\Documents and Settings\Administrateur\Application Data\?icrosoft
(C:\Documents and Settings\Administrateur\Application Data\?icrosoft) -- C:\Documents and Settings\Administrateur\Application Data\?icrosoft
(C:\Documents and Settings\Administrateur\Application Data\?ecurity) -- C:\Documents and Settings\Administrateur\Application Data\?ecurity
(C:\Documents and Settings\Administrateur\Application Data\?dobe) -- C:\Documents and Settings\Administrateur\Application Data\?dobe
(C:\Documents and Settings\Administrateur\Application Data\?dobe) -- C:\Documents and Settings\Administrateur\Application Data\?dobe
(C:\Documents and Settings\Administrateur\Application Data\?asks) -- C:\Documents and Settings\Administrateur\Application Data\?asks
(C:\Documents and Settings\Administrateur\Application Data\?asks) -- C:\Documents and Settings\Administrateur\Application Data\?asks
(C:\Documents and Settings\Administrateur\Application Data\??stem32) -- C:\Documents and Settings\Administrateur\Application Data\??stem32
(C:\Documents and Settings\Administrateur\Application Data\??stem) -- C:\Documents and Settings\Administrateur\Application Data\??stem
(C:\Documents and Settings\Administrateur\Application Data\??sks) -- C:\Documents and Settings\Administrateur\Application Data\??sks
(C:\Documents and Settings\Administrateur\Application Data\??sks) -- C:\Documents and Settings\Administrateur\Application Data\??sks
(C:\Documents and Settings\Administrateur\Application Data\??sembly) -- C:\Documents and Settings\Administrateur\Application Data\??sembly
(C:\Documents and Settings\Administrateur\Application Data\??pPatch) -- C:\Documents and Settings\Administrateur\Application Data\??pPatch
(C:\Documents and Settings\Administrateur\Application Data\??pPatch) -- C:\Documents and Settings\Administrateur\Application Data\??pPatch
(C:\Documents and Settings\Administrateur\Application Data\??mbols) -- C:\Documents and Settings\Administrateur\Application Data\??mbols
(C:\Documents and Settings\Administrateur\Application Data\??mantec) -- C:\Documents and Settings\Administrateur\Application Data\??mantec
(C:\Documents and Settings\Administrateur\Application Data\??curity) -- C:\Documents and Settings\Administrateur\Application Data\??curity
(C:\Documents and Settings\Administrateur\Application Data\??crosoft.NET) -- C:\Documents and Settings\Administrateur\Application Data\??crosoft.NET
(C:\Documents and Settings\Administrateur\Application Data\??crosoft.NET) -- C:\Documents and Settings\Administrateur\Application Data\??crosoft.NET
(C:\Documents and Settings\Administrateur\Application Data\??crosoft) -- C:\Documents and Settings\Administrateur\Application Data\??crosoft
(C:\Documents and Settings\Administrateur\Application Data\??crosoft) -- C:\Documents and Settings\Administrateur\Application Data\??crosoft
< End of report > -
Salut djodjo57
J'ai regardé vite, plusieurs infections et clé de registre modifier dont UserInit qui empêche le démarrage du PC :
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\bd66dd0b.exe) - C:\WINDOWS\System32\bd66dd0b.exe File not found
O20 - HKLM Winlogon: UserInit - (\\?\globalroot\systemroot\) - \\?\globalroot\systemroot\ File not found
O20 - HKLM Winlogon: UserInit - (\\?\globalroot\systemroot\system32\gGnzWWL.exe) - File not found
Là je doit quitter pour le boulot, ce soir je te prépare un script pour réglé le problème.
Bonne journée
@++ :) -
Salut djodjo57
Relance le PC sur le CD, et une fois le bureau de reatogo chargé , tu lances OTLPE , l'icône jaune
* Copie la liste qui se trouve en gras ci-dessous, et colle-la dans la zone sous " Custom Scan ":
<gras>:services
fjxdtyfi
wuznwy
:OTL
DRV - [2010/06/16 17:28:21 | 000,741,376 | ---- | M] () [Kernel | Boot] -- C:\WINDOWS\system32\drivers\wuznwy.sys -- (wuznwy)
DRV - [2010/06/16 17:28:18 | 000,574,464 | ---- | M] () [Kernel | Boot] -- C:\WINDOWS\system32\drivers\fjxdtyfi.sys -- (fjxdtyfi)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\bd66dd0b.exe) - C:\WINDOWS\System32\bd66dd0b.exe File not found
O20 - HKLM Winlogon: UserInit - (\\?\globalroot\systemroot\) - \\?\globalroot\systemroot\ File not found
O20 - HKLM Winlogon: UserInit - (\\?\globalroot\systemroot\system32\gGnzWWL.exe) - File not found
O20 - Winlogon\Notify\mljkkhh: DllName - mljkkhh.dll - File not found
O20 - Winlogon\Notify\WgaLogon: DllName - WgaLogon.dll - File not found
O30 - LSA: Authentication Packages - (C:\WINDOWS\system32\mllmn) - File not found
:Files
C:\WINDOWS\system32\drivers\wuznwy.sys
C:\WINDOWS\system32\drivers\fjxdtyfi.sys
C:\Documents and Settings\Administrateur\kuisi.exe
C:\Documents and Settings\Administrateur\luimuu.exe
C:\Documents and Settings\Administrateur\nuotik.exe
C:\Documents and Settings\Administrateur\a.exe
C:\Documents and Settings\Administrateur\x.exe
C:\WINDOWS\system32\config\systemprofile\Application Data\qvjsge.dat
C:\Documents and Settings\LocalService\Application Data\qvjsge.dat
C:\Documents and Settings\Administrateur\Local Settings\Application Data\wo588q8Gd1tnB
C:\Documents and Settings\LocalService\Application Data\jasltw.dat
C:\Documents and Settings\NetworkService\Application Data\jasltw.dat
* Clique sur " RUNFIX " pour lancer la suppression.
*Poste le rapport généré par OTL
Enlève le CD et redémarre ton PC
@++ :) -
voila le resultqt, je redemarre
========== SERVICES/DRIVERS ==========
Registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet005\Services\fjxdtyfi deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet005\Services\wuznwy deleted successfully.
========== OTL ==========
Service\Driver key wuznwy not found.
C:\WINDOWS\system32\drivers\wuznwy.sys moved successfully.
Service\Driver key fjxdtyfi not found.
C:\WINDOWS\system32\drivers\fjxdtyfi.sys moved successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\UserInit:C:\WINDOWS\system32\bd66dd0b.exe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\UserInit:\\?\globalroot\systemroot\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\UserInit:\\?\globalroot\systemroot\system32\gGnzWWL.exe deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\mljkkhh\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\ControlSet005\Control\Lsa\\Authentication Packages:C:\WINDOWS\system32\mllmn deleted successfully.
========== FILES ==========
File\Folder C:\WINDOWS\system32\drivers\wuznwy.sys not found.
File\Folder C:\WINDOWS\system32\drivers\fjxdtyfi.sys not found.
File\Folder C:\Documents and Settings\Administrateur\kuisi.exe not found.
File\Folder C:\Documents and Settings\Administrateur\luimuu.exe not found.
File\Folder C:\Documents and Settings\Administrateur\nuotik.exe not found.
File\Folder C:\Documents and Settings\Administrateur\a.exe not found.
C:\Documents and Settings\Administrateur\x.exe moved successfully.
C:\WINDOWS\system32\config\systemprofile\Application Data\qvjsge.dat moved successfully.
C:\Documents and Settings\LocalService\Application Data\qvjsge.dat moved successfully.
C:\Documents and Settings\Administrateur\Local Settings\Application Data\wo588q8Gd1tnB moved successfully.
C:\Documents and Settings\LocalService\Application Data\jasltw.dat moved successfully.
C:\Documents and Settings\NetworkService\Application Data\jasltw.dat moved successfully.
OTLPE by OldTimer - Version 3.1.39.0 log created on 06182010_121757
- 1
- 2
Suivant
