Script sous OTLPE, besoin d'aide pour suite
nanard29
-
Malekal_morte- Messages postés 184347 Date d'inscription Statut Modérateur, Contributeur sécurité Dernière intervention -
Malekal_morte- Messages postés 184347 Date d'inscription Statut Modérateur, Contributeur sécurité Dernière intervention -
Bonjour,
virus gendarmerie....accès à rien.....démarrage du pc avec programme REATOGO sur clé USB
voici le sript obtenu en lançant OTLPE.
OTL logfile created on: 2/22/2012 12:43:37 PM - Run
OTLPE by OldTimer - Version 3.1.39.0 Folder = X:\Programs\OTLPE
Microsoft Windows XP Service Pack 3 (Version = 5.1.2600) - Type = SYSTEM
Internet Explorer (Version = 6.0.2900.5512)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy
583.00 Mb Total Physical Memory | 345.00 Mb Available Physical Memory | 59.00% Memory free
530.00 Mb Paging File | 400.00 Mb Available in Paging File | 75.00% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 223.72 Gb Total Space | 139.87 Gb Free Space | 62.52% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
Drive H: | 1.87 Gb Total Space | 1.44 Gb Free Space | 76.88% Space Free | Partition Type: FAT32
Drive I: | 7.60 Gb Total Space | 7.17 Gb Free Space | 94.33% Space Free | Partition Type: FAT32
Drive J: | 9.15 Gb Total Space | 2.52 Gb Free Space | 27.54% Space Free | Partition Type: FAT32
Drive X: | 439.05 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Computer Name: REATOGO
Current User Name: SYSTEM
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
Using ControlSet: ControlSet003
[color=#E56717]========== Win32 Services (SafeList) ==========/color
SRV - [2011/10/24 15:32:00 | 000,055,144 | ---- | M] (Apple Inc.) [Auto] -- C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2011/05/20 04:13:26 | 001,055,872 | ---- | M] (France Telecom SA) [Auto] -- C:\Program Files\Orange\OrangeUpdate\Service\OUCore.exe -- (Orange update Core Service)
SRV - [2010/06/28 15:57:15 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Web Scanner)
SRV - [2010/06/28 15:57:15 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Mail Scanner)
SRV - [2010/06/28 15:57:15 | 000,040,384 | ---- | M] (AVAST Software) [Auto] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2010/05/14 04:00:26 | 000,249,136 | ---- | M] (Microsoft Corporation) [Auto] -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe -- (SeaPort)
SRV - [2010/04/28 00:44:02 | 000,704,872 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\Program Files\Windows Live\Family Safety\fsssvc.exe -- (fsssvc)
SRV - [2009/08/24 05:22:34 | 000,069,632 | ---- | M] (France Telecom SA) [Auto] -- C:\Program Files\Fichiers communs\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe -- (FTRTSVC)
SRV - [2009/07/09 07:27:52 | 001,716,224 | ---- | M] (Textalk AB) [Auto] -- C:\Program Files\Extrafilm Designer FR\EFUploadSrv.exe -- (EFUploadSrv)
SRV - [2003/07/28 13:28:22 | 000,089,136 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
[color=#E56717]========== Driver Services (SafeList) ==========/color
DRV - File not found [Kernel | On_Demand] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand] -- -- (PDCOMP)
DRV - File not found [Kernel | System] -- -- (PCIDump)
DRV - File not found [Kernel | System] -- -- (lbrtfdc)
DRV - File not found [Kernel | System] -- -- (i2omgmt)
DRV - File not found [Kernel | System] -- -- (Changer)
DRV - [2010/06/28 15:37:52 | 000,046,672 | ---- | M] (ALWIL Software) [Kernel | System] -- C:\WINDOWS\system32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2010/06/28 15:37:30 | 000,165,456 | ---- | M] (ALWIL Software) [Kernel | System] -- C:\WINDOWS\system32\drivers\aswSP.sys -- (aswSP)
DRV - [2010/06/28 15:33:13 | 000,023,376 | ---- | M] (ALWIL Software) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2010/06/28 15:32:45 | 000,100,176 | ---- | M] (ALWIL Software) [File_System | Auto] -- C:\WINDOWS\system32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2010/06/28 15:32:33 | 000,017,744 | ---- | M] (ALWIL Software) [File_System | Auto] -- C:\WINDOWS\system32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2010/06/28 15:32:16 | 000,028,880 | ---- | M] (ALWIL Software) [Kernel | System] -- C:\WINDOWS\system32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2009/08/24 05:22:58 | 000,034,688 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand] -- C:\WINDOWS\system32\pcampr5.sys -- (PCAMPR5)
DRV - [2009/08/24 05:22:58 | 000,032,128 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand] -- C:\WINDOWS\system32\pcandis5.sys -- (PCANDIS5)
DRV - [2009/08/05 16:48:42 | 000,054,752 | ---- | M] (Microsoft Corporation) [Kernel | Auto] -- C:\WINDOWS\system32\drivers\fssfltr_tdi.sys -- (fssfltr)
DRV - [2008/04/13 13:56:06 | 000,088,320 | ---- | M] (Microsoft Corporation) [Kernel | Auto] -- C:\WINDOWS\system32\drivers\nwlnkipx.sys -- (NwlnkIpx)
DRV - [2008/04/13 13:45:34 | 000,046,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\irbus.sys -- (IrBus)
DRV - [2004/09/01 11:16:12 | 000,769,536 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2004/08/27 14:28:22 | 000,116,736 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\hcwPP2.sys -- (hcwPP2) Hauppauge WinTV PVR PCI II (26xxx)
DRV - [2004/08/09 22:00:00 | 000,063,232 | ---- | M] (Microsoft Corporation) [Kernel | Auto] -- C:\WINDOWS\system32\drivers\nwlnknb.sys -- (NwlnkNb)
DRV - [2004/08/09 22:00:00 | 000,055,936 | ---- | M] (Microsoft Corporation) [Kernel | Auto] -- C:\WINDOWS\system32\drivers\nwlnkspx.sys -- (NwlnkSpx)
DRV - [2004/08/03 23:29:56 | 001,897,408 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2004/07/19 11:33:14 | 000,218,112 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\sisgrp.sys -- (SiS315)
DRV - [2004/07/16 22:20:34 | 000,012,160 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\srvkp.sys -- (SiSkp)
DRV - [2004/06/29 11:07:18 | 001,268,204 | ---- | M] (Agere Systems) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2004/03/02 03:26:58 | 000,050,007 | ---- | M] (Analog Deivces) [Kernel | Auto] -- C:\WINDOWS\system32\drivers\adildr.sys -- (ADILOADER) General Purpose USB Driver (adildr.sys)
DRV - [2004/03/02 03:24:16 | 000,127,065 | ---- | M] (Analog Devices Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\adiusbaw.sys -- (adiusbaw)
DRV - [2004/02/06 11:37:04 | 000,366,480 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ctaud2k.sys -- (ctaud2k) Creative Audio Driver (WDM)
DRV - [2003/11/13 19:01:52 | 000,145,488 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\emupia2k.sys -- (emupia)
DRV - [2003/11/13 19:01:38 | 000,130,288 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ctsfm2k.sys -- (ctsfm2k)
DRV - [2003/11/13 19:01:10 | 000,006,096 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ctprxy2k.sys -- (ctprxy2k)
DRV - [2003/11/13 19:01:02 | 000,178,672 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ctoss2k.sys -- (ossrv)
DRV - [2003/11/13 18:59:18 | 000,645,360 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ctac32k.sys -- (ctac32k)
DRV - [2003/11/13 18:58:10 | 000,148,432 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\haP16v2k.sys -- (hap16v2k)
DRV - [2003/11/13 18:57:40 | 000,904,496 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ha10kx2k.sys -- (ha10kx2k)
DRV - [2003/11/12 21:11:54 | 000,333,600 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ctdvda2k.sys -- (ctdvda2k)
DRV - [2003/09/18 21:21:00 | 000,084,608 | ---- | M] (Sonic Solutions) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\drvmcdb.sys -- (drvmcdb)
DRV - [2003/07/18 10:58:20 | 000,036,992 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\SISAGPX.SYS -- (SISAGP)
DRV - [2003/07/02 05:42:00 | 000,027,904 | ---- | M] (VIA Technologies, Inc.) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\VIAAGP1.SYS -- (viaagp1)
DRV - [2003/03/05 16:07:46 | 000,015,840 | ---- | M] (Creative Technology Ltd.) [Kernel | Auto] -- C:\WINDOWS\system32\drivers\PFMODNT.SYS -- (PfModNT)
DRV - [2002/10/04 11:04:10 | 000,046,976 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\R8139n51.sys -- (rtl8139)
DRV - [2001/08/17 22:11:06 | 000,066,591 | ---- | M] (3Com Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\el90xbc5.sys -- (EL90XBC)
DRV - [2001/06/04 08:00:00 | 000,014,112 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\PS2.sys -- (Ps2)
[color=#E56717]========== Standard Registry (SafeList) ==========/color
[color=#E56717]========== Internet Explorer ==========/color
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=FR_FR&c=Q404&bd=pavilion&pf=desktop
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=FR_FR&c=Q404&bd=pavilion&pf=desktop
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = ${URL_SEARCHPAGE}
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=FR_FR&c=Q404&bd=pavilion&pf=desktop
IE - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.live.com/sphome.aspx
IE - HKLM\..\URLSearchHook: {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\Administrateur_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\HP_Administrateur_ON_C\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=FR_FR&c=Q404&bd=pavilion&pf=desktop
IE - HKU\HP_Administrateur_ON_C\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=FR_FR&c=Q404&bd=pavilion&pf=desktop
IE - HKU\HP_Administrateur_ON_C\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.live.com
IE - HKU\HP_Administrateur_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = http://mystart.incredimail.com
IE - HKU\HP_Administrateur_ON_C\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
IE - HKU\HP_Administrateur_ON_C\..\URLSearchHook: {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\Orange\Connexion Internet Orange\SearchURLHook\SearchPageURL.dll ()
IE - HKU\HP_Administrateur_ON_C\..\URLSearchHook: {59994074-c06d-4a75-9768-49e5a8c21264} - C:\Program Files\Messenger_Plus_Live_France\tbMes1.dll (Conduit Ltd.)
IE - HKU\HP_Administrateur_ON_C\..\URLSearchHook: {b9e20919-fa55-471f-989b-b107bf8de785} - C:\Program Files\MessengerPlusLive_France_TB\prxtbMes0.dll (Conduit Ltd.)
IE - HKU\HP_Administrateur_ON_C\..\URLSearchHook: {CA3EB689-8F09-4026-AA10-B9534C691CE0} - C:\Program Files\RechercherWeb Toolbar\tbunsc118.tmp\tbhelper.dll ()
IE - HKU\HP_Administrateur_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\Invité_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.wanadoo.fr
IE - HKU\Invité_ON_C\..\URLSearchHook: {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\Orange\Connexion Internet Orange\SearchURLHook\SearchPageURL.dll ()
IE - HKU\Invité_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\Lily_ON_C\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Reg Error: Key error. File not found
IE - HKU\Lily_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\lily_sam_mat_ON_C\..\URLSearchHook: {CA3EB689-8F09-4026-AA10-B9534C691CE0} - C:\Program Files\RechercherWeb Toolbar\tbunsc118.tmp\tbhelper.dll ()
IE - HKU\lily_sam_mat_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
FF - HKLM\software\mozilla\Mozilla Firefox 10.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/02/03 10:16:32 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 10.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/12/16 13:48:15 | 000,000,000 | ---D | M]
[2010/11/29 09:53:32 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2012/02/03 10:16:30 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\browsercomps.dll
[2012/01/03 13:10:19 | 000,001,516 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazon-france.xml
[2012/01/03 13:10:19 | 000,002,252 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\bing.xml
[2012/01/03 13:10:19 | 000,001,822 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\cnrtl-tlfi-fr.xml
[2012/01/03 13:10:19 | 000,001,154 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-france.xml
[2012/01/03 13:10:19 | 000,001,426 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-fr.xml
[2012/01/03 13:10:19 | 000,000,956 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-france.xml
O1 HOSTS File: ([2004/08/10 05:00:00 | 000,000,790 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Winamp Toolbar Loader) - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)
O2 - BHO: (Messenger Plus Live France Toolbar) - {59994074-c06d-4a75-9768-49e5a8c21264} - C:\Program Files\Messenger_Plus_Live_France\tbMes1.dll (Conduit Ltd.)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
O2 - BHO: (Programme d'aide de l'Assistant de connexion Windows Live) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (MessengerPlusLive France TB Toolbar) - {b9e20919-fa55-471f-989b-b107bf8de785} - C:\Program Files\MessengerPlusLive_France_TB\prxtbMes0.dll (Conduit Ltd.)
O2 - BHO: (LimeWire Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O2 - BHO: (TBSB01555 Class) - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - C:\Program Files\RechercherWeb Toolbar\tbunsc118.tmp\tbcore3.dll ()
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - - C:\Program Files\Orange\ToolbarFR\ToolbarContainer101000315.dll (Orange)
O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (no name) - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Messenger Plus Live France Toolbar) - {59994074-c06d-4a75-9768-49e5a8c21264} - C:\Program Files\Messenger_Plus_Live_France\tbMes1.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (RechercherWeb Toolbar) - {8FFA7469-654F-423E-84FE-6A583CB1C284} - C:\Program Files\RechercherWeb Toolbar\tbunsc118.tmp\tbcore3.dll ()
O3 - HKLM\..\Toolbar: (Vue HP) - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\HP\Digital Imaging\bin\HPDTLK02.dll (Hewlett-Packard Company)
O3 - HKLM\..\Toolbar: (MessengerPlusLive France TB Toolbar) - {b9e20919-fa55-471f-989b-b107bf8de785} - C:\Program Files\MessengerPlusLive_France_TB\prxtbMes0.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (LimeWire Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (Winamp Toolbar) - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)
O3 - HKU\Administrateur_ON_C\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O3 - HKU\Administrateur_ON_C\..\Toolbar\ShellBrowser: (Vue HP) - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\HP\Digital Imaging\bin\HPDTLK02.dll (Hewlett-Packard Company)
O3 - HKU\Administrateur_ON_C\..\Toolbar\WebBrowser: (Vue HP) - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\HP\Digital Imaging\bin\HPDTLK02.dll (Hewlett-Packard Company)
O3 - HKU\HP_Administrateur_ON_C\..\Toolbar\ShellBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKU\HP_Administrateur_ON_C\..\Toolbar\ShellBrowser: (Messenger Plus Live France Toolbar) - {59994074-C06D-4A75-9768-49E5A8C21264} - C:\Program Files\Messenger_Plus_Live_France\tbMes1.dll (Conduit Ltd.)
O3 - HKU\HP_Administrateur_ON_C\..\Toolbar\ShellBrowser: (Vue HP) - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\HP\Digital Imaging\bin\HPDTLK02.dll (Hewlett-Packard Company)
O3 - HKU\HP_Administrateur_ON_C\..\Toolbar\ShellBrowser: (MessengerPlusLive France TB Toolbar) - {B9E20919-FA55-471F-989B-B107BF8DE785} - C:\Program Files\MessengerPlusLive_France_TB\prxtbMes0.dll (Conduit Ltd.)
O3 - HKU\HP_Administrateur_ON_C\..\Toolbar\ShellBrowser: (LimeWire Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKU\HP_Administrateur_ON_C\..\Toolbar\ShellBrowser: (Winamp Toolbar) - {EBF2BA02-9094-4C5A-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)
O3 - HKU\HP_Administrateur_ON_C\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKU\HP_Administrateur_ON_C\..\Toolbar\WebBrowser: (Messenger Plus Live France Toolbar) - {59994074-C06D-4A75-9768-49E5A8C21264} - C:\Program Files\Messenger_Plus_Live_France\tbMes1.dll (Conduit Ltd.)
O3 - HKU\HP_Administrateur_ON_C\..\Toolbar\WebBrowser: (RechercherWeb Toolbar) - {8FFA7469-654F-423E-84FE-6A583CB1C284} - C:\Program Files\RechercherWeb Toolbar\tbunsc118.tmp\tbcore3.dll ()
O3 - HKU\HP_Administrateur_ON_C\..\Toolbar\WebBrowser: (Vue HP) - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\HP\Digital Imaging\bin\HPDTLK02.dll (Hewlett-Packard Company)
O3 - HKU\HP_Administrateur_ON_C\..\Toolbar\WebBrowser: (MessengerPlusLive France TB Toolbar) - {B9E20919-FA55-471F-989B-B107BF8DE785} - C:\Program Files\MessengerPlusLive_France_TB\prxtbMes0.dll (Conduit Ltd.)
O3 - HKU\HP_Administrateur_ON_C\..\Toolbar\WebBrowser: (LimeWire Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKU\HP_Administrateur_ON_C\..\Toolbar\WebBrowser: (Winamp Toolbar) - {EBF2BA02-9094-4C5A-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)
O3 - HKU\Invité_ON_C\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O3 - HKU\Invité_ON_C\..\Toolbar\ShellBrowser: (Vue HP) - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\HP\Digital Imaging\bin\HPDTLK02.dll (Hewlett-Packard Company)
O3 - HKU\Invité_ON_C\..\Toolbar\WebBrowser: (Vue HP) - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\HP\Digital Imaging\bin\HPDTLK02.dll (Hewlett-Packard Company)
O3 - HKU\Invité_ON_C\..\Toolbar\WebBrowser: (Winamp Toolbar) - {EBF2BA02-9094-4C5A-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)
O3 - HKU\Lily_ON_C\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O3 - HKU\Lily_ON_C\..\Toolbar\ShellBrowser: (Vue HP) - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\HP\Digital Imaging\bin\HPDTLK02.dll (Hewlett-Packard Company)
O3 - HKU\Lily_ON_C\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKU\Lily_ON_C\..\Toolbar\WebBrowser: (Vue HP) - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\HP\Digital Imaging\bin\HPDTLK02.dll (Hewlett-Packard Company)
O3 - HKU\Lily_ON_C\..\Toolbar\WebBrowser: (Winamp Toolbar) - {EBF2BA02-9094-4C5A-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)
O3 - HKU\lily_sam_mat_ON_C\..\Toolbar\ShellBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKU\lily_sam_mat_ON_C\..\Toolbar\ShellBrowser: (Messenger Plus Live France Toolbar) - {59994074-C06D-4A75-9768-49E5A8C21264} - C:\Program Files\Messenger_Plus_Live_France\tbMes1.dll (Conduit Ltd.)
O3 - HKU\lily_sam_mat_ON_C\..\Toolbar\ShellBrowser: (RechercherWeb Toolbar) - {8FFA7469-654F-423E-84FE-6A583CB1C284} - C:\Program Files\RechercherWeb Toolbar\tbunsc118.tmp\tbcore3.dll ()
O3 - HKU\lily_sam_mat_ON_C\..\Toolbar\ShellBrowser: (Vue HP) - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\HP\Digital Imaging\bin\HPDTLK02.dll (Hewlett-Packard Company)
O3 - HKU\lily_sam_mat_ON_C\..\Toolbar\ShellBrowser: (MessengerPlusLive France TB Toolbar) - {B9E20919-FA55-471F-989B-B107BF8DE785} - C:\Program Files\MessengerPlusLive_France_TB\prxtbMes0.dll (Conduit Ltd.)
O3 - HKU\lily_sam_mat_ON_C\..\Toolbar\ShellBrowser: (LimeWire Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKU\lily_sam_mat_ON_C\..\Toolbar\ShellBrowser: (Winamp Toolbar) - {EBF2BA02-9094-4C5A-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)
O3 - HKU\lily_sam_mat_ON_C\..\Toolbar\WebBrowser: (Messenger Plus Live France Toolbar) - {59994074-C06D-4A75-9768-49E5A8C21264} - C:\Program Files\Messenger_Plus_Live_France\tbMes1.dll (Conduit Ltd.)
O3 - HKU\lily_sam_mat_ON_C\..\Toolbar\WebBrowser: (RechercherWeb Toolbar) - {8FFA7469-654F-423E-84FE-6A583CB1C284} - C:\Program Files\RechercherWeb Toolbar\tbunsc118.tmp\tbcore3.dll ()
O3 - HKU\lily_sam_mat_ON_C\..\Toolbar\WebBrowser: (Vue HP) - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\HP\Digital Imaging\bin\HPDTLK02.dll (Hewlett-Packard Company)
O3 - HKU\lily_sam_mat_ON_C\..\Toolbar\WebBrowser: (MessengerPlusLive France TB Toolbar) - {B9E20919-FA55-471F-989B-B107BF8DE785} - C:\Program Files\MessengerPlusLive_France_TB\prxtbMes0.dll (Conduit Ltd.)
O3 - HKU\lily_sam_mat_ON_C\..\Toolbar\WebBrowser: (LimeWire Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKU\lily_sam_mat_ON_C\..\Toolbar\WebBrowser: (Winamp Toolbar) - {EBF2BA02-9094-4C5A-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)
O4 - HKLM..\Run: [adiras] File not found
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Fichiers communs\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [PS2] C:\WINDOWS\system32\ps2.EXE (Hewlett-Packard Company)
O4 - HKLM..\Run: [VTTimer] File not found
O4 - HKLM..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe ()
O4 - HKU\.DEFAULT..\Run: [TojKtinp] C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\lirxjiey\tojktinp.exe (BreakPoint Software, Inc.)
O4 - HKU\Administrateur_ON_C..\Run: [MailNotifier] C:\Program Files\Orange\MailNotifier\MailNotifier.exe ()
O4 - HKU\HP_Administrateur_ON_C..\Run: [EPSON SX510W Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIFIE.EXE (SEIKO EPSON CORPORATION)
O4 - HKU\HP_Administrateur_ON_C..\Run: [TojKtinp] C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\lirxjiey\tojktinp.exe (BreakPoint Software, Inc.)
O4 - HKU\Invité_ON_C..\Run: [MailNotifier] C:\Program Files\Orange\MailNotifier\MailNotifier.exe ()
O4 - HKU\Invité_ON_C..\Run: [WOOKIT] C:\Program Files\Wanadoo\GestMaj.exe EspaceWanadoo.exe File not found
O4 - HKU\Lily_ON_C..\Run: [MailNotifier] C:\Program Files\Orange\MailNotifier\MailNotifier.exe ()
O4 - HKU\lily_sam_mat_ON_C..\Run: [EA Core] C:\Program Files\Electronic Arts\EADM\Core.exe File not found
O4 - HKU\lily_sam_mat_ON_C..\Run: [TojKtinp] C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\lirxjiey\tojktinp.exe (BreakPoint Software, Inc.)
O4 - HKU\HP_Administrateur_ON_C..\RunOnce: [FlashPlayerUpdate] C:\WINDOWS\System32\Macromed\Flash\NPSWF32_FlashUtil.exe (Adobe Systems, Inc.)
O4 - Startup: C:\Documents and Settings\Default User\Menu Démarrer\Programmes\Démarrage\tojktinp.exe (BreakPoint Software, Inc.)
O4 - Startup: C:\Documents and Settings\HP_Administrateur\Menu Démarrer\Programmes\Démarrage\tojktinp.exe (BreakPoint Software, Inc.)
O4 - Startup: C:\Documents and Settings\Invité\Menu Démarrer\Programmes\Démarrage\OpenOffice.org 3.0.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
O4 - Startup: C:\Documents and Settings\lily sam mat\Menu Démarrer\Programmes\Démarrage\OpenOffice.org 3.0.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
O4 - Startup: C:\Documents and Settings\lily sam mat\Menu Démarrer\Programmes\Démarrage\tojktinp.exe (BreakPoint Software, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallVisualStyle = C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles (Microsoft)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallTheme = C:\WINDOWS\Resources\Themes\Royale.theme ()
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\Administrateur_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\HP_Administrateur_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\Invité_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\Lily_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\lily_sam_mat_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\LocalService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\NetworkService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: &Winamp Search - C:\Documents and Settings\All Users\Application Data\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html ()
O8 - Extra context menu item: ajouter cette page à vos favoris Orange - C:\Documents and Settings\HP_Administrateur\Application Data\Orange\MessengerByOrange\addfavorites.html ()
O8 - Extra context menu item: envoyer le texte sélectionné par sms - C:\Documents and Settings\HP_Administrateur\Application Data\Orange\MessengerByOrange\sendsmsselectedtext.html ()
O8 - Extra context menu item: envoyer par sms - C:\Documents and Settings\HP_Administrateur\Application Data\Orange\MessengerByOrange\sendsms.html ()
O8 - Extra context menu item: envoyer un mail - C:\Documents and Settings\HP_Administrateur\Application Data\Orange\MessengerByOrange\sendmail.html ()
O8 - Extra context menu item: orange.fr - C:\Documents and Settings\HP_Administrateur\Application Data\Orange\MessengerByOrange\orange.html ()
O8 - Extra context menu item: rechercher le texte sélectionné - C:\Documents and Settings\HP_Administrateur\Application Data\Orange\MessengerByOrange\selectedsearch.html ()
O8 - Extra context menu item: traduire la page - C:\Documents and Settings\HP_Administrateur\Application Data\Orange\MessengerByOrange\translate.html ()
O8 - Extra context menu item: traduire le texte sélectionné - C:\Documents and Settings\HP_Administrateur\Application Data\Orange\MessengerByOrange\translateSelectedText.html ()
O9 - Extra Button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab (Checkers Class)
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab (UnoCtrl Class)
O16 - DPF: {83A4D5A6-E2C1-4EDD-AD48-1A1C50BD06EF} http://www.girafoto.fr/uploaders/aurigma_6_5_1_0/ImageUploader6.cab (Image Uploader Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab (MessengerStatsClient Class)
O16 - DPF: {CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA} http://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab (Java Plug-in 1.4.2_03)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Fichiers communs\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Belkin Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\lirxjiey\tojktinp.exe) - C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\lirxjiey\tojktinp.exe (BreakPoint Software, Inc.)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll ()
O20 - Winlogon\Notify\igfxcui: DllName - igfxsrvc.dll - C:\WINDOWS\System32\igfxsrvc.dll (Intel Corporation)
O24 - Desktop Components:0 (Ma page d'accueil) - About:Home
O24 - Desktop WallPaper: B:\Documents and Settings\Default User\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: B:\Documents and Settings\Default User\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O30 - LSA: Authentication Packages - (nwprovau) - C:\WINDOWS\System32\nwprovau.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004/01/01 02:45:30 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2001/07/28 06:07:38 | 000,000,000 | -HS- | M] () - J:\AUTOEXEC.BAT -- [ FAT32 ]
O32 - AutoRun File - [2004/04/30 22:01:14 | 000,000,053 | -HS- | M] () - J:\Autorun.inf -- [ FAT32 ]
O32 - AutoRun File - [2006/03/24 06:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
O33 - MountPoints2\D\Shell - "" = AutoRun
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========/color
[2012/02/22 11:32:30 | 000,000,000 | ---D | C] -- C:\Malwarebytes' Anti-Malware
[2012/01/27 15:35:59 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\HP_Administrateur\Recent
[2004/01/01 03:34:56 | 000,135,168 | ---- | C] ( ) -- C:\WINDOWS\System32\ATIDEMGR.dll
[2003/11/13 18:54:38 | 000,065,536 | ---- | C] ( ) -- C:\WINDOWS\System32\a3d.dll
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\Fonts\*.tmp files -> C:\WINDOWS\Fonts\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[color=#E56717]========== Files - Modified Within 30 Days ==========/color
[2012/02/22 05:04:22 | 000,241,664 | -H-- | M] () -- C:\Documents and Settings\NetworkService\NTUSER.DAT
[2012/02/22 05:04:22 | 000,241,664 | -H-- | M] () -- C:\Documents and Settings\LocalService\NTUSER.DAT
[2012/02/22 05:04:22 | 000,030,888 | ---- | M] () -- C:\WINDOWS\System32\BMXStateBkp-{00000003-00000000-00000004-00001102-00000004-20051102}.rfx
[2012/02/22 05:04:22 | 000,030,888 | ---- | M] () -- C:\WINDOWS\System32\BMXState-{00000003-00000000-00000004-00001102-00000004-20051102}.rfx
[2012/02/22 05:04:22 | 000,029,952 | ---- | M] () -- C:\WINDOWS\System32\BMXCtrlState-{00000003-00000000-00000004-00001102-00000004-20051102}.rfx
[2012/02/22 05:04:22 | 000,029,952 | ---- | M] () -- C:\WINDOWS\System32\BMXBkpCtrlState-{00000003-00000000-00000004-00001102-00000004-20051102}.rfx
[2012/02/22 05:04:22 | 000,001,080 | ---- | M] () -- C:\WINDOWS\System32\settingsbkup.sfm
[2012/02/22 05:04:22 | 000,001,080 | ---- | M] () -- C:\WINDOWS\System32\settings.sfm
[2012/02/22 05:04:22 | 000,000,384 | ---- | M] () -- C:\WINDOWS\System32\DVCStateBkp-{00000003-00000000-00000004-00001102-00000004-20051102}.dat
[2012/02/22 05:04:22 | 000,000,384 | ---- | M] () -- C:\WINDOWS\System32\DVCState-{00000003-00000000-00000004-00001102-00000004-20051102}.dat
[2012/02/22 05:04:21 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012/02/22 05:04:02 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2012/02/22 05:03:54 | 005,767,168 | -H-- | M] () -- C:\Documents and Settings\HP_Administrateur\NTUSER.DAT
[2012/02/22 05:03:54 | 000,000,184 | -HS- | M] () -- C:\Documents and Settings\HP_Administrateur\ntuser.ini
[2012/02/22 05:03:19 | 000,001,074 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2012/02/22 05:03:13 | 000,090,579 | --S- | M] (BreakPoint Software, Inc.) -- C:\Documents and Settings\Default User\Menu Démarrer\Programmes\Démarrage\tojktinp.exe
[2012/02/22 05:03:01 | 1073,074,176 | -HS- | M] () -- C:\hiberfil.sys
[2012/02/21 17:35:44 | 000,090,579 | --S- | M] (BreakPoint Software, Inc.) -- C:\Documents and Settings\HP_Administrateur\Menu Démarrer\Programmes\Démarrage\tojktinp.exe
[2012/02/21 14:01:00 | 000,000,258 | ---- | M] () -- C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
[2012/02/21 12:45:00 | 000,001,078 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2012/02/20 11:31:36 | 001,128,062 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2012/02/20 11:31:36 | 000,512,302 | ---- | M] () -- C:\WINDOWS\System32\perfh00C.dat
[2012/02/20 11:31:36 | 000,442,894 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012/02/20 11:31:36 | 000,085,824 | ---- | M] () -- C:\WINDOWS\System32\perfc00C.dat
[2012/02/20 11:31:36 | 000,072,160 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012/02/15 09:59:53 | 000,017,408 | ---- | M] () -- C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/02/11 15:41:11 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2012/02/06 12:12:41 | 000,000,079 | ---- | M] () -- C:\Documents and Settings\HP_Administrateur\Bureau\httpwww.leboncoin.franimaux283178338.htmca=6_s#.URL
[2012/02/02 10:02:26 | 000,825,866 | -H-- | M] () -- C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\IconCache.db
[2012/01/29 13:37:20 | 000,035,518 | ---- | M] () -- C:\Documents and Settings\HP_Administrateur\Application Data\wklnhst.dat
[2012/01/27 16:43:36 | 000,002,009 | ---- | M] () -- C:\WINDOWS\System32\AUTOEXEC.NT
[2012/01/27 16:43:36 | 000,000,246 | ---- | M] () -- C:\WINDOWS\system.ini
[2012/01/27 04:40:15 | 001,572,864 | -H-- | M] () -- C:\Documents and Settings\lily sam mat\NTUSER.DAT
[2012/01/27 04:40:15 | 000,000,184 | -HS- | M] () -- C:\Documents and Settings\lily sam mat\ntuser.ini
[2012/01/26 13:35:36 | 000,090,579 | --S- | M] (BreakPoint Software, Inc.) -- C:\Documents and Settings\lily sam mat\Menu Démarrer\Programmes\Démarrage\tojktinp.exe
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[color=#E56717]========== Files Created - No Company Name ==========/color
[2012/02/06 12:12:41 | 000,000,079 | ---- | C] () -- C:\Documents and Settings\HP_Administrateur\Bureau\httpwww.leboncoin.franimaux283178338.htmca=6_s#.URL
[2012/01/16 02:06:51 | 000,111,401 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\jbeaxvif.log
[2012/01/16 02:06:51 | 000,001,570 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\hfkglwec.log
[2012/01/16 02:06:48 | 000,003,986 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\nmtpdffd.log
[2012/01/16 02:06:47 | 000,004,011 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\ayhwwajg.log
[2012/01/12 21:14:28 | 000,004,011 | ---- | C] () -- C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\ayhwwajg.log
[2012/01/12 21:10:23 | 000,083,156 | ---- | C] () -- C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\jbeaxvif.log
[2012/01/12 21:10:23 | 000,001,553 | ---- | C] () -- C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\hfkglwec.log
[2012/01/12 21:10:21 | 000,003,913 | ---- | C] () -- C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\nmtpdffd.log
[2012/01/06 04:58:05 | 000,096,631 | ---- | C] () -- C:\Documents and Settings\lily sam mat\Local Settings\Application Data\jbeaxvif.log
[2012/01/06 04:58:05 | 000,001,555 | ---- | C] () -- C:\Documents and Settings\lily sam mat\Local Settings\Application Data\hfkglwec.log
[2012/01/06 04:58:03 | 000,003,265 | ---- | C] () -- C:\Documents and Settings\lily sam mat\Local Settings\Application Data\nmtpdffd.log
[2012/01/06 04:57:47 | 000,004,011 | ---- | C] () -- C:\Documents and Settings\lily sam mat\Local Settings\Application Data\ayhwwajg.log
[2012/01/02 21:06:40 | 000,054,081 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
[2011/12/30 12:32:23 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\lily sam mat\Local Settings\Application Data\pwypntoh.log
[2011/12/24 03:04:57 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\pwypntoh.log
[2011/12/22 16:41:15 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\pwypntoh.log
[2011/12/22 13:35:24 | 000,006,656 | ---- | C] () -- C:\Documents and Settings\lily sam mat\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/12/14 11:44:28 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\lily sam mat\Local Settings\Application Data\sevxgeqb.log
[2011/12/11 13:48:49 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\sevxgeqb.log
[2011/12/11 05:57:45 | 000,147,032 | ---- | C] () -- C:\Documents and Settings\lily sam mat\Local Settings\Application Data\wdgilodc.log
[2011/12/11 05:57:43 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\lily sam mat\Local Settings\Application Data\qplphgsv.log
[2011/12/10 10:52:10 | 000,005,474 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\wdgilodc.log
[2011/12/10 10:52:10 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\qplphgsv.log
[2011/12/10 10:41:00 | 000,000,024 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\upmcrhsl.log
[2011/12/10 10:40:59 | 000,766,448 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\vgqpneal.log
[2011/12/10 03:52:12 | 000,766,448 | ---- | C] () -- C:\Documents and Settings\lily sam mat\Local Settings\Application Data\vgqpneal.log
[2011/12/10 03:52:12 | 000,000,024 | ---- | C] () -- C:\Documents and Settings\lily sam mat\Local Settings\Application Data\upmcrhsl.log
[2011/12/04 04:42:51 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\sevxgeqb.log
[2011/12/03 15:21:53 | 000,330,800 | ---- | C] () -- C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\wdgilodc.log
[2011/12/03 15:21:39 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\qplphgsv.log
[2011/12/03 15:12:55 | 000,000,024 | ---- | C] () -- C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\upmcrhsl.log
[2011/12/03 15:12:54 | 000,766,448 | ---- | C] () -- C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\vgqpneal.log
[2011/10/17 12:11:26 | 000,000,654 | ---- | C] () -- C:\Documents and Settings\lily sam mat\Application Data\wklnhst.dat
[2011/10/12 11:41:12 | 000,000,135 | ---- | C] () -- C:\Documents and Settings\lily sam mat\Local Settings\Application Data\fusioncache.dat
[2011/10/12 11:41:07 | 001,572,864 | -H-- | C] () -- C:\Documents and Settings\lily sam mat\NTUSER.DAT
[2011/10/12 11:41:07 | 000,008,192 | -H-- | C] () -- C:\Documents and Settings\lily sam mat\ntuser.dat.LOG
[2011/10/12 11:41:07 | 000,000,184 | -HS- | C] () -- C:\Documents and Settings\lily sam mat\ntuser.ini
[2011/10/11 11:03:10 | 000,000,000 | ---- | C] () -- C:\WINDOWS\EEventManager.INI
[2011/08/24 15:09:36 | 002,107,563 | ---- | C] () -- C:\Documents and Settings\HP_Administrateur\anniversaire 40 ans
[2011/08/24 15:08:18 | 002,108,124 | ---- | C] () -- C:\Documents and Settings\HP_Administrateur\anniversaire 4
[2010/10/31 03:04:48 | 000,000,571 | ---- | C] () -- C:\WINDOWS\System32\FeMakro.ini
[2010/10/31 03:04:48 | 000,000,497 | ---- | C] () -- C:\WINDOWS\System32\FeAnim.ini
[2010/05/12 19:51:49 | 000,001,052 | R--- | C] () -- \reatogoMenu.ini
[2010/05/12 19:45:13 | 000,000,000 | R--- | C] () -- \WIN51IP.SP2
[2010/05/12 19:45:13 | 000,000,000 | R--- | C] () -- \WIN51IP
[2010/05/06 17:20:47 | 000,128,051 | ---- | C] () -- C:\Documents and Settings\HP_Administrateur\Application Data\mdbu.bin
[2010/03/28 06:13:50 | 000,000,037 | ---- | C] () -- C:\WINDOWS\DeliveryReader.INI
[2010/03/25 12:39:03 | 000,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI
[2010/02/15 07:02:30 | 000,000,127 | ---- | C] () -- C:\Documents and Settings\Lily\Local Settings\Application Data\fusioncache.dat
[2010/02/15 07:02:26 | 000,008,192 | -H-- | C] () -- C:\Documents and Settings\Lily\ntuser.dat.LOG
[2010/02/15 07:02:26 | 000,000,184 | -HS- | C] () -- C:\Documents and Settings\Lily\ntuser.ini
[2010/02/15 07:02:25 | 001,310,720 | -H-- | C] () -- C:\Documents and Settings\Lily\NTUSER.DAT
[2009/12/05 05:04:56 | 000,000,008 | -HS- | C] () -- C:\Documents and Settings\HP_Administrateur\Application Data\.xp070105.dat
[2009/12/05 05:04:56 | 000,000,008 | -HS- | C] () -- C:\Documents and Settings\HP_Administrateur\Application Data\.px050107.dat
[2009/12/05 05:04:56 | 000,000,008 | -HS- | C] () -- C:\Program Files\.ex010705.dat
[2009/12/05 05:04:56 | 000,000,008 | -HS- | C] () -- C:\Program Files\.ex010507.dat
[2009/12/05 05:04:56 | 000,000,008 | -HS- | C] () -- C:\Program Files\.bx050107.dat
[2009/12/05 05:04:56 | 000,000,008 | -HS- | C] () -- C:\Documents and Settings\HP_Administrateur\Application Data\.ax010705.dat
[2009/10/08 12:28:00 | 000,000,008 | -HS- | C] () -- C:\Documents and Settings\HP_Administrateur\Application Data\.drv190904.dat
[2009/10/08 12:28:00 | 000,000,008 | -HS- | C] () -- C:\Program Files\.drv120405.dat
[2009/10/08 12:28:00 | 000,000,008 | -HS- | C] () -- C:\Documents and Settings\HP_Administrateur\Application Data\.drv120205.dat
[2009/10/08 12:28:00 | 000,000,008 | -HS- | C] () -- C:\Program Files\.data211204.dat
[2009/10/08 12:28:00 | 000,000,008 | -HS- | C] () -- C:\Program Files\.data211004.dat
[2009/10/08 12:28:00 | 000,000,008 | -HS- | C] () -- C:\Program Files\.data110704.dat
[2009/10/08 12:28:00 | 000,000,008 | -HS- | C] () -- C:\Documents and Settings\HP_Administrateur\Application Data\.data001.dat
[2009/10/08 12:28:00 | 000,000,008 | -HS- | C] () -- C:\Documents and Settings\HP_Administrateur\Application Data\.data000.dat
[2009/10/08 12:28:00 | 000,000,008 | -HS- | C] () -- C:\Program Files\.dat000002.dat
[2009/10/08 12:28:00 | 000,000,008 | -HS- | C] () -- C:\Program Files\.dat000001.dat
[2009/10/08 12:28:00 | 000,000,008 | -HS- | C] () -- C:\Documents and Settings\HP_Administrateur\Application Data\.app190905.dat
[2009/10/08 12:28:00 | 000,000,008 | -HS- | C] () -- C:\Documents and Settings\HP_Administrateur\Application Data\.addit001.dat
[2009/10/07 12:38:46 | 000,000,032 | ---- | C] () -- C:\WINDOWS\CD-Start.INI
[2009/02/08 05:54:23 | 000,000,894 | ---- | C] () -- C:\Documents and Settings\Invité\Application Data\wklnhst.dat
[2009/02/02 12:30:28 | 000,000,021 | ---- | C] () -- C:\WINDOWS\kit.ini
[2009/02/01 15:00:05 | 000,035,518 | ---- | C] () -- C:\Documents and Settings\HP_Administrateur\Application Data\wklnhst.dat
[2009/01/21 07:21:43 | 000,338,944 | ---- | C] () -- C:\WINDOWS\System32\LFFPX7.DLL
[2009/01/21 07:21:43 | 000,118,784 | ---- | C] () -- C:\WINDOWS\System32\LFKODAK.DLL
[2009/01/19 13:56:42 | 000,006,656 | ---- | C] () -- C:\WINDOWS\System32\CNMVS58.DLL
[2009/01/10 11:19:39 | 000,168,448 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2009/01/10 11:19:35 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2009/01/10 11:19:35 | 000,795,648 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2009/01/10 11:19:35 | 000,130,048 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2009/01/10 11:19:33 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2009/01/10 11:19:33 | 000,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest
[2008/12/29 10:06:12 | 000,017,408 | ---- | C] () -- C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/12/20 12:26:19 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\Iyvu9_32.dll
[2008/12/14 10:31:54 | 000,000,129 | ---- | C] () -- C:\Documents and Settings\Invité\Local Settings\Application Data\fusioncache.dat
[2008/12/14 10:31:48 | 002,097,152 | -H-- | C] () -- C:\Documents and Settings\Invité\NTUSER.DAT
[2008/12/14 10:31:48 | 000,008,192 | -H-- | C] () -- C:\Documents and Settings\Invité\ntuser.dat.LOG
[2008/12/14 10:31:48 | 000,000,184 | -HS- | C] () -- C:\Documents and Settings\Invité\ntuser.ini
[2008/12/14 09:37:25 | 000,126,976 | ---- | C] () -- C:\WINDOWS\System32\coclassfast.dll
[2008/12/14 09:37:25 | 000,046,892 | ---- | C] () -- C:\WINDOWS\System32\adadix16.dll
[2008/12/13 08:57:33 | 000,000,251 | ---- | C] () -- C:\Program Files\wt3d.ini
[2008/12/09 16:53:36 | 000,000,140 | ---- | C] () -- C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\fusioncache.dat
[2008/12/09 16:53:25 | 000,438,272 | -H-- | C] () -- C:\Documents and Settings\HP_Administrateur\ntuser.dat.LOG
[2008/12/09 16:53:25 | 000,000,184 | -HS- | C] () -- C:\Documents and Settings\HP_Administrateur\ntuser.ini
[2008/12/09 16:53:24 | 005,767,168 | -H-- | C] () -- C:\Documents and Settings\HP_Administrateur\NTUSER.DAT
[2008/12/09 16:49:15 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeW7.dll
[2008/12/09 16:49:15 | 000,200,704 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeA6.dll
[2008/12/09 16:49:15 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeP6.dll
[2008/12/09 16:49:15 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeM6.dll
[2008/12/09 16:49:15 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\IVIresizePX.dll
[2008/12/09 16:49:15 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\IVIresize.dll
[2008/10/03 15:33:07 | 000,000,518 | ---- | C] () -- C:\WINDOWS\Viewer.INI
[2008/10/03 15:18:16 | 000,000,000 | ---- | C] () -- C:\WINDOWS\PrintMaster.INI
[2008/07/14 13:45:24 | 000,000,413 | ---- | C] () -- C:\WINDOWS\MyHeritage.INI
[2008/03/07 15:31:31 | 000,000,010 | ---- | C] () -- C:\WINDOWS\WININIT.INI
[2007/05/09 07:15:11 | 000,000,031 | ---- | C] () -- C:\WINDOWS\bewin32.INI
[2006/03/24 06:06:41 | 000,000,053 | R--- | C] () -- \AUTORUN.INF
[2006/03/12 07:00:41 | 000,000,154 | ---- | C] () -- C:\WINDOWS\adidsl.ini
[2006/03/12 07:00:41 | 000,000,021 | ---- | C] () -- C:\WINDOWS\Fast800.ini
[2006/03/12 07:00:36 | 000,000,342 | ---- | C] () -- C:\WINDOWS\adiras.ini
[2006/01/07 13:34:24 | 000,036,363 | ---- | C] () -- C:\WINDOWS\CSTBox.INI
[2005/11/02 04:10:38 | 000,000,000 | ---- | C] () -- C:\WINDOWS\SETUP32.INI
[2005/07/16 16:36:50 | 000,240,128 | R--- | C] () -- \reatogoMenu.exe
[2005/01/03 14:01:46 | 000,001,371 | ---- | C] () -- C:\WINDOWS\disney.ini
[2004/12/29 14:06:53 | 000,000,040 | ---- | C] () -- C:\WINDOWS\NAVIGMA.INI
[2004/12/29 11:03:23 | 000,000,488 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2004/12/25 16:19:46 | 000,000,075 | ---- | C] () -- C:\WINDOWS\SBWIN.INI
[2004/12/25 16:19:44 | 000,000,231 | ---- | C] () -- C:\WINDOWS\AC3API.INI
[2004/06/28 23:58:50 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2004/04/05 22:10:00 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\besched.dll
[2004/01/13 13:02:58 | 000,014,658 | ---- | C] () -- C:\WINDOWS\System32\aud2_hp.ini
[2004/01/01 10:30:52 | 000,000,640 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2004/01/01 04:46:04 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\JAWTAccessBridge.dll
[2004/01/01 04:45:38 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\PcdrKernelModeServices.dll
[2004/01/01 04:45:38 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\ProgressTrace.dll
[2004/01/01 04:40:50 | 000,167,936 | ---- | C] () -- C:\WINDOWS\System32\PCDrJNI_1_1.dll
[2004/01/01 04:39:40 | 000,026,387 | ---- | C] () -- C:\WINDOWS\System32\CHODDI.SYS
[2004/01/01 04:39:02 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\hpreg.dll
[2004/01/01 03:47:08 | 000,003,712 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2004/01/01 03:43:20 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\hcwXDS.dll
[2004/01/01 03:34:56 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\ati2evxx.dll
[2004/01/01 03:20:10 | 000,000,137 | ---- | C] () -- C:\Documents and Settings\Administrateur\Local Settings\Application Data\fusioncache.dat
[2004/01/01 03:09:12 | 000,299,073 | ---- | C] () -- C:\WINDOWS\System32\PythonCOM22.dll
[2004/01/01 03:09:12 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\PyWinTypes22.dll
[2004/01/01 03:08:55 | 000,016,896 | ---- | C] () -- C:\WINDOWS\System32\bcbmm.dll
[2004/01/01 02:49:47 | 000,000,813 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2004/01/01 02:49:15 | 000,000,184 | -HS- | C] () -- C:\Documents and Settings\Administrateur\ntuser.ini
[2004/01/01 02:49:14 | 000,008,192 | -H-- | C] () -- C:\Documents and Settings\Administrateur\ntuser.dat.LOG
[2004/01/01 02:49:12 | 001,048,576 | -H-- | C] () -- C:\Documents and Settings\Administrateur\NTUSER.DAT
[2004/01/01 02:48:42 | 000,241,664 | -H-- | C] () -- C:\Documents and Settings\LocalService\NTUSER.DAT
[2004/01/01 02:48:42 | 000,008,192 | -H-- | C] () -- C:\Documents and Settings\LocalService\ntuser.dat.LOG
[2004/01/01 02:48:42 | 000,000,020 | -HS- | C] () -- C:\Documents and Settings\LocalService\ntuser.ini
[2004/01/01 02:48:41 | 000,241,664 | -H-- | C] () -- C:\Documents and Settings\NetworkService\NTUSER.DAT
[2004/01/01 02:48:41 | 000,008,192 | -H-- | C] () -- C:\Documents and Settings\NetworkService\ntuser.dat.LOG
[2004/01/01 02:48:41 | 000,000,020 | -HS- | C] () -- C:\Documents and Settings\NetworkService\ntuser.ini
[2004/01/01 02:34:43 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2004/01/01 02:03:01 | 000,100,530 | ---- | C] () -- C:\WINDOWS\System32\VGAunistlog.ini
[2004/01/01 02:03:00 | 000,105,873 | ---- | C] () -- C:\WINDOWS\VGAsetup.ini
[2003/11/14 10:58:10 | 000,000,029 | ---- | C] () -- C:\WINDOWS\System32\ctzapxx.ini
[2003/11/13 18:54:06 | 000,053,312 | ---- | C] () -- C:\WINDOWS\System32\upddrv9x.dll
[2003/09/24 19:00:00 | 000,208,896 | ---- | C] () -- C:\WINDOWS\System32\lockout.dll
[2003/09/24 19:00:00 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\lockres.dll
[2003/03/21 18:56:12 | 000,000,194 | ---- | C] () -- C:\WINDOWS\System32\KILL.INI
[2003/03/06 16:53:18 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\hpnvr82.dll
[color=#E56717]========== LOP Check ==========/color
[2004/01/01 04:59:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrateur\Application Data\SampleView
[2009/01/19 11:59:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Invité\Application Data\OpenOffice.org
[2004/01/01 04:59:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Invité\Application Data\SampleView
[2004/01/01 04:59:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lily\Application Data\SampleView
[2011/10/12 11:43:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\lily sam mat\Application Data\AskToolbar
[2011/12/23 07:08:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\lily sam mat\Application Data\OpenOffice.org
[2011/12/16 15:45:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\lily sam mat\Application Data\PriceGong
[2004/01/01 04:59:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\lily sam mat\Application Data\SampleView
[2011/10/12 11:42:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\lily sam mat\Application Data\Toolbar4
[2012/02/21 14:01:00 | 000,000,258 | ---- | M] () -- C:\WINDOWS\Tasks\Scheduled Update for Ask Toolbar.job
[color=#E56717]========== Purity Check ==========/color
< End of report >
quelqu'un peut-il m'orienter pour la suite ? je sèche...
virus gendarmerie....accès à rien.....démarrage du pc avec programme REATOGO sur clé USB
voici le sript obtenu en lançant OTLPE.
OTL logfile created on: 2/22/2012 12:43:37 PM - Run
OTLPE by OldTimer - Version 3.1.39.0 Folder = X:\Programs\OTLPE
Microsoft Windows XP Service Pack 3 (Version = 5.1.2600) - Type = SYSTEM
Internet Explorer (Version = 6.0.2900.5512)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy
583.00 Mb Total Physical Memory | 345.00 Mb Available Physical Memory | 59.00% Memory free
530.00 Mb Paging File | 400.00 Mb Available in Paging File | 75.00% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 223.72 Gb Total Space | 139.87 Gb Free Space | 62.52% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
Drive H: | 1.87 Gb Total Space | 1.44 Gb Free Space | 76.88% Space Free | Partition Type: FAT32
Drive I: | 7.60 Gb Total Space | 7.17 Gb Free Space | 94.33% Space Free | Partition Type: FAT32
Drive J: | 9.15 Gb Total Space | 2.52 Gb Free Space | 27.54% Space Free | Partition Type: FAT32
Drive X: | 439.05 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Computer Name: REATOGO
Current User Name: SYSTEM
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
Using ControlSet: ControlSet003
[color=#E56717]========== Win32 Services (SafeList) ==========/color
SRV - [2011/10/24 15:32:00 | 000,055,144 | ---- | M] (Apple Inc.) [Auto] -- C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2011/05/20 04:13:26 | 001,055,872 | ---- | M] (France Telecom SA) [Auto] -- C:\Program Files\Orange\OrangeUpdate\Service\OUCore.exe -- (Orange update Core Service)
SRV - [2010/06/28 15:57:15 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Web Scanner)
SRV - [2010/06/28 15:57:15 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Mail Scanner)
SRV - [2010/06/28 15:57:15 | 000,040,384 | ---- | M] (AVAST Software) [Auto] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2010/05/14 04:00:26 | 000,249,136 | ---- | M] (Microsoft Corporation) [Auto] -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe -- (SeaPort)
SRV - [2010/04/28 00:44:02 | 000,704,872 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\Program Files\Windows Live\Family Safety\fsssvc.exe -- (fsssvc)
SRV - [2009/08/24 05:22:34 | 000,069,632 | ---- | M] (France Telecom SA) [Auto] -- C:\Program Files\Fichiers communs\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe -- (FTRTSVC)
SRV - [2009/07/09 07:27:52 | 001,716,224 | ---- | M] (Textalk AB) [Auto] -- C:\Program Files\Extrafilm Designer FR\EFUploadSrv.exe -- (EFUploadSrv)
SRV - [2003/07/28 13:28:22 | 000,089,136 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
[color=#E56717]========== Driver Services (SafeList) ==========/color
DRV - File not found [Kernel | On_Demand] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand] -- -- (PDCOMP)
DRV - File not found [Kernel | System] -- -- (PCIDump)
DRV - File not found [Kernel | System] -- -- (lbrtfdc)
DRV - File not found [Kernel | System] -- -- (i2omgmt)
DRV - File not found [Kernel | System] -- -- (Changer)
DRV - [2010/06/28 15:37:52 | 000,046,672 | ---- | M] (ALWIL Software) [Kernel | System] -- C:\WINDOWS\system32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2010/06/28 15:37:30 | 000,165,456 | ---- | M] (ALWIL Software) [Kernel | System] -- C:\WINDOWS\system32\drivers\aswSP.sys -- (aswSP)
DRV - [2010/06/28 15:33:13 | 000,023,376 | ---- | M] (ALWIL Software) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2010/06/28 15:32:45 | 000,100,176 | ---- | M] (ALWIL Software) [File_System | Auto] -- C:\WINDOWS\system32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2010/06/28 15:32:33 | 000,017,744 | ---- | M] (ALWIL Software) [File_System | Auto] -- C:\WINDOWS\system32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2010/06/28 15:32:16 | 000,028,880 | ---- | M] (ALWIL Software) [Kernel | System] -- C:\WINDOWS\system32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2009/08/24 05:22:58 | 000,034,688 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand] -- C:\WINDOWS\system32\pcampr5.sys -- (PCAMPR5)
DRV - [2009/08/24 05:22:58 | 000,032,128 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand] -- C:\WINDOWS\system32\pcandis5.sys -- (PCANDIS5)
DRV - [2009/08/05 16:48:42 | 000,054,752 | ---- | M] (Microsoft Corporation) [Kernel | Auto] -- C:\WINDOWS\system32\drivers\fssfltr_tdi.sys -- (fssfltr)
DRV - [2008/04/13 13:56:06 | 000,088,320 | ---- | M] (Microsoft Corporation) [Kernel | Auto] -- C:\WINDOWS\system32\drivers\nwlnkipx.sys -- (NwlnkIpx)
DRV - [2008/04/13 13:45:34 | 000,046,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\irbus.sys -- (IrBus)
DRV - [2004/09/01 11:16:12 | 000,769,536 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2004/08/27 14:28:22 | 000,116,736 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\hcwPP2.sys -- (hcwPP2) Hauppauge WinTV PVR PCI II (26xxx)
DRV - [2004/08/09 22:00:00 | 000,063,232 | ---- | M] (Microsoft Corporation) [Kernel | Auto] -- C:\WINDOWS\system32\drivers\nwlnknb.sys -- (NwlnkNb)
DRV - [2004/08/09 22:00:00 | 000,055,936 | ---- | M] (Microsoft Corporation) [Kernel | Auto] -- C:\WINDOWS\system32\drivers\nwlnkspx.sys -- (NwlnkSpx)
DRV - [2004/08/03 23:29:56 | 001,897,408 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2004/07/19 11:33:14 | 000,218,112 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\sisgrp.sys -- (SiS315)
DRV - [2004/07/16 22:20:34 | 000,012,160 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\srvkp.sys -- (SiSkp)
DRV - [2004/06/29 11:07:18 | 001,268,204 | ---- | M] (Agere Systems) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2004/03/02 03:26:58 | 000,050,007 | ---- | M] (Analog Deivces) [Kernel | Auto] -- C:\WINDOWS\system32\drivers\adildr.sys -- (ADILOADER) General Purpose USB Driver (adildr.sys)
DRV - [2004/03/02 03:24:16 | 000,127,065 | ---- | M] (Analog Devices Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\adiusbaw.sys -- (adiusbaw)
DRV - [2004/02/06 11:37:04 | 000,366,480 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ctaud2k.sys -- (ctaud2k) Creative Audio Driver (WDM)
DRV - [2003/11/13 19:01:52 | 000,145,488 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\emupia2k.sys -- (emupia)
DRV - [2003/11/13 19:01:38 | 000,130,288 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ctsfm2k.sys -- (ctsfm2k)
DRV - [2003/11/13 19:01:10 | 000,006,096 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ctprxy2k.sys -- (ctprxy2k)
DRV - [2003/11/13 19:01:02 | 000,178,672 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ctoss2k.sys -- (ossrv)
DRV - [2003/11/13 18:59:18 | 000,645,360 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ctac32k.sys -- (ctac32k)
DRV - [2003/11/13 18:58:10 | 000,148,432 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\haP16v2k.sys -- (hap16v2k)
DRV - [2003/11/13 18:57:40 | 000,904,496 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ha10kx2k.sys -- (ha10kx2k)
DRV - [2003/11/12 21:11:54 | 000,333,600 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ctdvda2k.sys -- (ctdvda2k)
DRV - [2003/09/18 21:21:00 | 000,084,608 | ---- | M] (Sonic Solutions) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\drvmcdb.sys -- (drvmcdb)
DRV - [2003/07/18 10:58:20 | 000,036,992 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\SISAGPX.SYS -- (SISAGP)
DRV - [2003/07/02 05:42:00 | 000,027,904 | ---- | M] (VIA Technologies, Inc.) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\VIAAGP1.SYS -- (viaagp1)
DRV - [2003/03/05 16:07:46 | 000,015,840 | ---- | M] (Creative Technology Ltd.) [Kernel | Auto] -- C:\WINDOWS\system32\drivers\PFMODNT.SYS -- (PfModNT)
DRV - [2002/10/04 11:04:10 | 000,046,976 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\R8139n51.sys -- (rtl8139)
DRV - [2001/08/17 22:11:06 | 000,066,591 | ---- | M] (3Com Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\el90xbc5.sys -- (EL90XBC)
DRV - [2001/06/04 08:00:00 | 000,014,112 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\PS2.sys -- (Ps2)
[color=#E56717]========== Standard Registry (SafeList) ==========/color
[color=#E56717]========== Internet Explorer ==========/color
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=FR_FR&c=Q404&bd=pavilion&pf=desktop
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=FR_FR&c=Q404&bd=pavilion&pf=desktop
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = ${URL_SEARCHPAGE}
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=FR_FR&c=Q404&bd=pavilion&pf=desktop
IE - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.live.com/sphome.aspx
IE - HKLM\..\URLSearchHook: {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\Administrateur_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\HP_Administrateur_ON_C\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=FR_FR&c=Q404&bd=pavilion&pf=desktop
IE - HKU\HP_Administrateur_ON_C\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=FR_FR&c=Q404&bd=pavilion&pf=desktop
IE - HKU\HP_Administrateur_ON_C\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.live.com
IE - HKU\HP_Administrateur_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = http://mystart.incredimail.com
IE - HKU\HP_Administrateur_ON_C\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
IE - HKU\HP_Administrateur_ON_C\..\URLSearchHook: {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\Orange\Connexion Internet Orange\SearchURLHook\SearchPageURL.dll ()
IE - HKU\HP_Administrateur_ON_C\..\URLSearchHook: {59994074-c06d-4a75-9768-49e5a8c21264} - C:\Program Files\Messenger_Plus_Live_France\tbMes1.dll (Conduit Ltd.)
IE - HKU\HP_Administrateur_ON_C\..\URLSearchHook: {b9e20919-fa55-471f-989b-b107bf8de785} - C:\Program Files\MessengerPlusLive_France_TB\prxtbMes0.dll (Conduit Ltd.)
IE - HKU\HP_Administrateur_ON_C\..\URLSearchHook: {CA3EB689-8F09-4026-AA10-B9534C691CE0} - C:\Program Files\RechercherWeb Toolbar\tbunsc118.tmp\tbhelper.dll ()
IE - HKU\HP_Administrateur_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\Invité_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.wanadoo.fr
IE - HKU\Invité_ON_C\..\URLSearchHook: {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\Orange\Connexion Internet Orange\SearchURLHook\SearchPageURL.dll ()
IE - HKU\Invité_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\Lily_ON_C\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Reg Error: Key error. File not found
IE - HKU\Lily_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\lily_sam_mat_ON_C\..\URLSearchHook: {CA3EB689-8F09-4026-AA10-B9534C691CE0} - C:\Program Files\RechercherWeb Toolbar\tbunsc118.tmp\tbhelper.dll ()
IE - HKU\lily_sam_mat_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
FF - HKLM\software\mozilla\Mozilla Firefox 10.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/02/03 10:16:32 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 10.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/12/16 13:48:15 | 000,000,000 | ---D | M]
[2010/11/29 09:53:32 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2012/02/03 10:16:30 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\browsercomps.dll
[2012/01/03 13:10:19 | 000,001,516 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazon-france.xml
[2012/01/03 13:10:19 | 000,002,252 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\bing.xml
[2012/01/03 13:10:19 | 000,001,822 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\cnrtl-tlfi-fr.xml
[2012/01/03 13:10:19 | 000,001,154 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-france.xml
[2012/01/03 13:10:19 | 000,001,426 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-fr.xml
[2012/01/03 13:10:19 | 000,000,956 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-france.xml
O1 HOSTS File: ([2004/08/10 05:00:00 | 000,000,790 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Winamp Toolbar Loader) - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)
O2 - BHO: (Messenger Plus Live France Toolbar) - {59994074-c06d-4a75-9768-49e5a8c21264} - C:\Program Files\Messenger_Plus_Live_France\tbMes1.dll (Conduit Ltd.)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
O2 - BHO: (Programme d'aide de l'Assistant de connexion Windows Live) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (MessengerPlusLive France TB Toolbar) - {b9e20919-fa55-471f-989b-b107bf8de785} - C:\Program Files\MessengerPlusLive_France_TB\prxtbMes0.dll (Conduit Ltd.)
O2 - BHO: (LimeWire Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O2 - BHO: (TBSB01555 Class) - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - C:\Program Files\RechercherWeb Toolbar\tbunsc118.tmp\tbcore3.dll ()
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - - C:\Program Files\Orange\ToolbarFR\ToolbarContainer101000315.dll (Orange)
O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (no name) - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Messenger Plus Live France Toolbar) - {59994074-c06d-4a75-9768-49e5a8c21264} - C:\Program Files\Messenger_Plus_Live_France\tbMes1.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (RechercherWeb Toolbar) - {8FFA7469-654F-423E-84FE-6A583CB1C284} - C:\Program Files\RechercherWeb Toolbar\tbunsc118.tmp\tbcore3.dll ()
O3 - HKLM\..\Toolbar: (Vue HP) - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\HP\Digital Imaging\bin\HPDTLK02.dll (Hewlett-Packard Company)
O3 - HKLM\..\Toolbar: (MessengerPlusLive France TB Toolbar) - {b9e20919-fa55-471f-989b-b107bf8de785} - C:\Program Files\MessengerPlusLive_France_TB\prxtbMes0.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (LimeWire Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (Winamp Toolbar) - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)
O3 - HKU\Administrateur_ON_C\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O3 - HKU\Administrateur_ON_C\..\Toolbar\ShellBrowser: (Vue HP) - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\HP\Digital Imaging\bin\HPDTLK02.dll (Hewlett-Packard Company)
O3 - HKU\Administrateur_ON_C\..\Toolbar\WebBrowser: (Vue HP) - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\HP\Digital Imaging\bin\HPDTLK02.dll (Hewlett-Packard Company)
O3 - HKU\HP_Administrateur_ON_C\..\Toolbar\ShellBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKU\HP_Administrateur_ON_C\..\Toolbar\ShellBrowser: (Messenger Plus Live France Toolbar) - {59994074-C06D-4A75-9768-49E5A8C21264} - C:\Program Files\Messenger_Plus_Live_France\tbMes1.dll (Conduit Ltd.)
O3 - HKU\HP_Administrateur_ON_C\..\Toolbar\ShellBrowser: (Vue HP) - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\HP\Digital Imaging\bin\HPDTLK02.dll (Hewlett-Packard Company)
O3 - HKU\HP_Administrateur_ON_C\..\Toolbar\ShellBrowser: (MessengerPlusLive France TB Toolbar) - {B9E20919-FA55-471F-989B-B107BF8DE785} - C:\Program Files\MessengerPlusLive_France_TB\prxtbMes0.dll (Conduit Ltd.)
O3 - HKU\HP_Administrateur_ON_C\..\Toolbar\ShellBrowser: (LimeWire Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKU\HP_Administrateur_ON_C\..\Toolbar\ShellBrowser: (Winamp Toolbar) - {EBF2BA02-9094-4C5A-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)
O3 - HKU\HP_Administrateur_ON_C\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKU\HP_Administrateur_ON_C\..\Toolbar\WebBrowser: (Messenger Plus Live France Toolbar) - {59994074-C06D-4A75-9768-49E5A8C21264} - C:\Program Files\Messenger_Plus_Live_France\tbMes1.dll (Conduit Ltd.)
O3 - HKU\HP_Administrateur_ON_C\..\Toolbar\WebBrowser: (RechercherWeb Toolbar) - {8FFA7469-654F-423E-84FE-6A583CB1C284} - C:\Program Files\RechercherWeb Toolbar\tbunsc118.tmp\tbcore3.dll ()
O3 - HKU\HP_Administrateur_ON_C\..\Toolbar\WebBrowser: (Vue HP) - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\HP\Digital Imaging\bin\HPDTLK02.dll (Hewlett-Packard Company)
O3 - HKU\HP_Administrateur_ON_C\..\Toolbar\WebBrowser: (MessengerPlusLive France TB Toolbar) - {B9E20919-FA55-471F-989B-B107BF8DE785} - C:\Program Files\MessengerPlusLive_France_TB\prxtbMes0.dll (Conduit Ltd.)
O3 - HKU\HP_Administrateur_ON_C\..\Toolbar\WebBrowser: (LimeWire Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKU\HP_Administrateur_ON_C\..\Toolbar\WebBrowser: (Winamp Toolbar) - {EBF2BA02-9094-4C5A-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)
O3 - HKU\Invité_ON_C\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O3 - HKU\Invité_ON_C\..\Toolbar\ShellBrowser: (Vue HP) - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\HP\Digital Imaging\bin\HPDTLK02.dll (Hewlett-Packard Company)
O3 - HKU\Invité_ON_C\..\Toolbar\WebBrowser: (Vue HP) - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\HP\Digital Imaging\bin\HPDTLK02.dll (Hewlett-Packard Company)
O3 - HKU\Invité_ON_C\..\Toolbar\WebBrowser: (Winamp Toolbar) - {EBF2BA02-9094-4C5A-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)
O3 - HKU\Lily_ON_C\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O3 - HKU\Lily_ON_C\..\Toolbar\ShellBrowser: (Vue HP) - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\HP\Digital Imaging\bin\HPDTLK02.dll (Hewlett-Packard Company)
O3 - HKU\Lily_ON_C\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKU\Lily_ON_C\..\Toolbar\WebBrowser: (Vue HP) - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\HP\Digital Imaging\bin\HPDTLK02.dll (Hewlett-Packard Company)
O3 - HKU\Lily_ON_C\..\Toolbar\WebBrowser: (Winamp Toolbar) - {EBF2BA02-9094-4C5A-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)
O3 - HKU\lily_sam_mat_ON_C\..\Toolbar\ShellBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKU\lily_sam_mat_ON_C\..\Toolbar\ShellBrowser: (Messenger Plus Live France Toolbar) - {59994074-C06D-4A75-9768-49E5A8C21264} - C:\Program Files\Messenger_Plus_Live_France\tbMes1.dll (Conduit Ltd.)
O3 - HKU\lily_sam_mat_ON_C\..\Toolbar\ShellBrowser: (RechercherWeb Toolbar) - {8FFA7469-654F-423E-84FE-6A583CB1C284} - C:\Program Files\RechercherWeb Toolbar\tbunsc118.tmp\tbcore3.dll ()
O3 - HKU\lily_sam_mat_ON_C\..\Toolbar\ShellBrowser: (Vue HP) - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\HP\Digital Imaging\bin\HPDTLK02.dll (Hewlett-Packard Company)
O3 - HKU\lily_sam_mat_ON_C\..\Toolbar\ShellBrowser: (MessengerPlusLive France TB Toolbar) - {B9E20919-FA55-471F-989B-B107BF8DE785} - C:\Program Files\MessengerPlusLive_France_TB\prxtbMes0.dll (Conduit Ltd.)
O3 - HKU\lily_sam_mat_ON_C\..\Toolbar\ShellBrowser: (LimeWire Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKU\lily_sam_mat_ON_C\..\Toolbar\ShellBrowser: (Winamp Toolbar) - {EBF2BA02-9094-4C5A-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)
O3 - HKU\lily_sam_mat_ON_C\..\Toolbar\WebBrowser: (Messenger Plus Live France Toolbar) - {59994074-C06D-4A75-9768-49E5A8C21264} - C:\Program Files\Messenger_Plus_Live_France\tbMes1.dll (Conduit Ltd.)
O3 - HKU\lily_sam_mat_ON_C\..\Toolbar\WebBrowser: (RechercherWeb Toolbar) - {8FFA7469-654F-423E-84FE-6A583CB1C284} - C:\Program Files\RechercherWeb Toolbar\tbunsc118.tmp\tbcore3.dll ()
O3 - HKU\lily_sam_mat_ON_C\..\Toolbar\WebBrowser: (Vue HP) - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\HP\Digital Imaging\bin\HPDTLK02.dll (Hewlett-Packard Company)
O3 - HKU\lily_sam_mat_ON_C\..\Toolbar\WebBrowser: (MessengerPlusLive France TB Toolbar) - {B9E20919-FA55-471F-989B-B107BF8DE785} - C:\Program Files\MessengerPlusLive_France_TB\prxtbMes0.dll (Conduit Ltd.)
O3 - HKU\lily_sam_mat_ON_C\..\Toolbar\WebBrowser: (LimeWire Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKU\lily_sam_mat_ON_C\..\Toolbar\WebBrowser: (Winamp Toolbar) - {EBF2BA02-9094-4C5A-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)
O4 - HKLM..\Run: [adiras] File not found
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Fichiers communs\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [PS2] C:\WINDOWS\system32\ps2.EXE (Hewlett-Packard Company)
O4 - HKLM..\Run: [VTTimer] File not found
O4 - HKLM..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe ()
O4 - HKU\.DEFAULT..\Run: [TojKtinp] C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\lirxjiey\tojktinp.exe (BreakPoint Software, Inc.)
O4 - HKU\Administrateur_ON_C..\Run: [MailNotifier] C:\Program Files\Orange\MailNotifier\MailNotifier.exe ()
O4 - HKU\HP_Administrateur_ON_C..\Run: [EPSON SX510W Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIFIE.EXE (SEIKO EPSON CORPORATION)
O4 - HKU\HP_Administrateur_ON_C..\Run: [TojKtinp] C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\lirxjiey\tojktinp.exe (BreakPoint Software, Inc.)
O4 - HKU\Invité_ON_C..\Run: [MailNotifier] C:\Program Files\Orange\MailNotifier\MailNotifier.exe ()
O4 - HKU\Invité_ON_C..\Run: [WOOKIT] C:\Program Files\Wanadoo\GestMaj.exe EspaceWanadoo.exe File not found
O4 - HKU\Lily_ON_C..\Run: [MailNotifier] C:\Program Files\Orange\MailNotifier\MailNotifier.exe ()
O4 - HKU\lily_sam_mat_ON_C..\Run: [EA Core] C:\Program Files\Electronic Arts\EADM\Core.exe File not found
O4 - HKU\lily_sam_mat_ON_C..\Run: [TojKtinp] C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\lirxjiey\tojktinp.exe (BreakPoint Software, Inc.)
O4 - HKU\HP_Administrateur_ON_C..\RunOnce: [FlashPlayerUpdate] C:\WINDOWS\System32\Macromed\Flash\NPSWF32_FlashUtil.exe (Adobe Systems, Inc.)
O4 - Startup: C:\Documents and Settings\Default User\Menu Démarrer\Programmes\Démarrage\tojktinp.exe (BreakPoint Software, Inc.)
O4 - Startup: C:\Documents and Settings\HP_Administrateur\Menu Démarrer\Programmes\Démarrage\tojktinp.exe (BreakPoint Software, Inc.)
O4 - Startup: C:\Documents and Settings\Invité\Menu Démarrer\Programmes\Démarrage\OpenOffice.org 3.0.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
O4 - Startup: C:\Documents and Settings\lily sam mat\Menu Démarrer\Programmes\Démarrage\OpenOffice.org 3.0.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
O4 - Startup: C:\Documents and Settings\lily sam mat\Menu Démarrer\Programmes\Démarrage\tojktinp.exe (BreakPoint Software, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallVisualStyle = C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles (Microsoft)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallTheme = C:\WINDOWS\Resources\Themes\Royale.theme ()
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\Administrateur_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\HP_Administrateur_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\Invité_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\Lily_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\lily_sam_mat_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\LocalService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\NetworkService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: &Winamp Search - C:\Documents and Settings\All Users\Application Data\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html ()
O8 - Extra context menu item: ajouter cette page à vos favoris Orange - C:\Documents and Settings\HP_Administrateur\Application Data\Orange\MessengerByOrange\addfavorites.html ()
O8 - Extra context menu item: envoyer le texte sélectionné par sms - C:\Documents and Settings\HP_Administrateur\Application Data\Orange\MessengerByOrange\sendsmsselectedtext.html ()
O8 - Extra context menu item: envoyer par sms - C:\Documents and Settings\HP_Administrateur\Application Data\Orange\MessengerByOrange\sendsms.html ()
O8 - Extra context menu item: envoyer un mail - C:\Documents and Settings\HP_Administrateur\Application Data\Orange\MessengerByOrange\sendmail.html ()
O8 - Extra context menu item: orange.fr - C:\Documents and Settings\HP_Administrateur\Application Data\Orange\MessengerByOrange\orange.html ()
O8 - Extra context menu item: rechercher le texte sélectionné - C:\Documents and Settings\HP_Administrateur\Application Data\Orange\MessengerByOrange\selectedsearch.html ()
O8 - Extra context menu item: traduire la page - C:\Documents and Settings\HP_Administrateur\Application Data\Orange\MessengerByOrange\translate.html ()
O8 - Extra context menu item: traduire le texte sélectionné - C:\Documents and Settings\HP_Administrateur\Application Data\Orange\MessengerByOrange\translateSelectedText.html ()
O9 - Extra Button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab (Checkers Class)
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab (UnoCtrl Class)
O16 - DPF: {83A4D5A6-E2C1-4EDD-AD48-1A1C50BD06EF} http://www.girafoto.fr/uploaders/aurigma_6_5_1_0/ImageUploader6.cab (Image Uploader Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab (MessengerStatsClient Class)
O16 - DPF: {CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA} http://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab (Java Plug-in 1.4.2_03)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Fichiers communs\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Belkin Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\lirxjiey\tojktinp.exe) - C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\lirxjiey\tojktinp.exe (BreakPoint Software, Inc.)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll ()
O20 - Winlogon\Notify\igfxcui: DllName - igfxsrvc.dll - C:\WINDOWS\System32\igfxsrvc.dll (Intel Corporation)
O24 - Desktop Components:0 (Ma page d'accueil) - About:Home
O24 - Desktop WallPaper: B:\Documents and Settings\Default User\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: B:\Documents and Settings\Default User\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O30 - LSA: Authentication Packages - (nwprovau) - C:\WINDOWS\System32\nwprovau.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004/01/01 02:45:30 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2001/07/28 06:07:38 | 000,000,000 | -HS- | M] () - J:\AUTOEXEC.BAT -- [ FAT32 ]
O32 - AutoRun File - [2004/04/30 22:01:14 | 000,000,053 | -HS- | M] () - J:\Autorun.inf -- [ FAT32 ]
O32 - AutoRun File - [2006/03/24 06:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
O33 - MountPoints2\D\Shell - "" = AutoRun
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========/color
[2012/02/22 11:32:30 | 000,000,000 | ---D | C] -- C:\Malwarebytes' Anti-Malware
[2012/01/27 15:35:59 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\HP_Administrateur\Recent
[2004/01/01 03:34:56 | 000,135,168 | ---- | C] ( ) -- C:\WINDOWS\System32\ATIDEMGR.dll
[2003/11/13 18:54:38 | 000,065,536 | ---- | C] ( ) -- C:\WINDOWS\System32\a3d.dll
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\Fonts\*.tmp files -> C:\WINDOWS\Fonts\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[color=#E56717]========== Files - Modified Within 30 Days ==========/color
[2012/02/22 05:04:22 | 000,241,664 | -H-- | M] () -- C:\Documents and Settings\NetworkService\NTUSER.DAT
[2012/02/22 05:04:22 | 000,241,664 | -H-- | M] () -- C:\Documents and Settings\LocalService\NTUSER.DAT
[2012/02/22 05:04:22 | 000,030,888 | ---- | M] () -- C:\WINDOWS\System32\BMXStateBkp-{00000003-00000000-00000004-00001102-00000004-20051102}.rfx
[2012/02/22 05:04:22 | 000,030,888 | ---- | M] () -- C:\WINDOWS\System32\BMXState-{00000003-00000000-00000004-00001102-00000004-20051102}.rfx
[2012/02/22 05:04:22 | 000,029,952 | ---- | M] () -- C:\WINDOWS\System32\BMXCtrlState-{00000003-00000000-00000004-00001102-00000004-20051102}.rfx
[2012/02/22 05:04:22 | 000,029,952 | ---- | M] () -- C:\WINDOWS\System32\BMXBkpCtrlState-{00000003-00000000-00000004-00001102-00000004-20051102}.rfx
[2012/02/22 05:04:22 | 000,001,080 | ---- | M] () -- C:\WINDOWS\System32\settingsbkup.sfm
[2012/02/22 05:04:22 | 000,001,080 | ---- | M] () -- C:\WINDOWS\System32\settings.sfm
[2012/02/22 05:04:22 | 000,000,384 | ---- | M] () -- C:\WINDOWS\System32\DVCStateBkp-{00000003-00000000-00000004-00001102-00000004-20051102}.dat
[2012/02/22 05:04:22 | 000,000,384 | ---- | M] () -- C:\WINDOWS\System32\DVCState-{00000003-00000000-00000004-00001102-00000004-20051102}.dat
[2012/02/22 05:04:21 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012/02/22 05:04:02 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2012/02/22 05:03:54 | 005,767,168 | -H-- | M] () -- C:\Documents and Settings\HP_Administrateur\NTUSER.DAT
[2012/02/22 05:03:54 | 000,000,184 | -HS- | M] () -- C:\Documents and Settings\HP_Administrateur\ntuser.ini
[2012/02/22 05:03:19 | 000,001,074 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2012/02/22 05:03:13 | 000,090,579 | --S- | M] (BreakPoint Software, Inc.) -- C:\Documents and Settings\Default User\Menu Démarrer\Programmes\Démarrage\tojktinp.exe
[2012/02/22 05:03:01 | 1073,074,176 | -HS- | M] () -- C:\hiberfil.sys
[2012/02/21 17:35:44 | 000,090,579 | --S- | M] (BreakPoint Software, Inc.) -- C:\Documents and Settings\HP_Administrateur\Menu Démarrer\Programmes\Démarrage\tojktinp.exe
[2012/02/21 14:01:00 | 000,000,258 | ---- | M] () -- C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
[2012/02/21 12:45:00 | 000,001,078 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2012/02/20 11:31:36 | 001,128,062 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2012/02/20 11:31:36 | 000,512,302 | ---- | M] () -- C:\WINDOWS\System32\perfh00C.dat
[2012/02/20 11:31:36 | 000,442,894 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012/02/20 11:31:36 | 000,085,824 | ---- | M] () -- C:\WINDOWS\System32\perfc00C.dat
[2012/02/20 11:31:36 | 000,072,160 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012/02/15 09:59:53 | 000,017,408 | ---- | M] () -- C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/02/11 15:41:11 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2012/02/06 12:12:41 | 000,000,079 | ---- | M] () -- C:\Documents and Settings\HP_Administrateur\Bureau\httpwww.leboncoin.franimaux283178338.htmca=6_s#.URL
[2012/02/02 10:02:26 | 000,825,866 | -H-- | M] () -- C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\IconCache.db
[2012/01/29 13:37:20 | 000,035,518 | ---- | M] () -- C:\Documents and Settings\HP_Administrateur\Application Data\wklnhst.dat
[2012/01/27 16:43:36 | 000,002,009 | ---- | M] () -- C:\WINDOWS\System32\AUTOEXEC.NT
[2012/01/27 16:43:36 | 000,000,246 | ---- | M] () -- C:\WINDOWS\system.ini
[2012/01/27 04:40:15 | 001,572,864 | -H-- | M] () -- C:\Documents and Settings\lily sam mat\NTUSER.DAT
[2012/01/27 04:40:15 | 000,000,184 | -HS- | M] () -- C:\Documents and Settings\lily sam mat\ntuser.ini
[2012/01/26 13:35:36 | 000,090,579 | --S- | M] (BreakPoint Software, Inc.) -- C:\Documents and Settings\lily sam mat\Menu Démarrer\Programmes\Démarrage\tojktinp.exe
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[color=#E56717]========== Files Created - No Company Name ==========/color
[2012/02/06 12:12:41 | 000,000,079 | ---- | C] () -- C:\Documents and Settings\HP_Administrateur\Bureau\httpwww.leboncoin.franimaux283178338.htmca=6_s#.URL
[2012/01/16 02:06:51 | 000,111,401 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\jbeaxvif.log
[2012/01/16 02:06:51 | 000,001,570 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\hfkglwec.log
[2012/01/16 02:06:48 | 000,003,986 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\nmtpdffd.log
[2012/01/16 02:06:47 | 000,004,011 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\ayhwwajg.log
[2012/01/12 21:14:28 | 000,004,011 | ---- | C] () -- C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\ayhwwajg.log
[2012/01/12 21:10:23 | 000,083,156 | ---- | C] () -- C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\jbeaxvif.log
[2012/01/12 21:10:23 | 000,001,553 | ---- | C] () -- C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\hfkglwec.log
[2012/01/12 21:10:21 | 000,003,913 | ---- | C] () -- C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\nmtpdffd.log
[2012/01/06 04:58:05 | 000,096,631 | ---- | C] () -- C:\Documents and Settings\lily sam mat\Local Settings\Application Data\jbeaxvif.log
[2012/01/06 04:58:05 | 000,001,555 | ---- | C] () -- C:\Documents and Settings\lily sam mat\Local Settings\Application Data\hfkglwec.log
[2012/01/06 04:58:03 | 000,003,265 | ---- | C] () -- C:\Documents and Settings\lily sam mat\Local Settings\Application Data\nmtpdffd.log
[2012/01/06 04:57:47 | 000,004,011 | ---- | C] () -- C:\Documents and Settings\lily sam mat\Local Settings\Application Data\ayhwwajg.log
[2012/01/02 21:06:40 | 000,054,081 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
[2011/12/30 12:32:23 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\lily sam mat\Local Settings\Application Data\pwypntoh.log
[2011/12/24 03:04:57 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\pwypntoh.log
[2011/12/22 16:41:15 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\pwypntoh.log
[2011/12/22 13:35:24 | 000,006,656 | ---- | C] () -- C:\Documents and Settings\lily sam mat\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/12/14 11:44:28 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\lily sam mat\Local Settings\Application Data\sevxgeqb.log
[2011/12/11 13:48:49 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\sevxgeqb.log
[2011/12/11 05:57:45 | 000,147,032 | ---- | C] () -- C:\Documents and Settings\lily sam mat\Local Settings\Application Data\wdgilodc.log
[2011/12/11 05:57:43 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\lily sam mat\Local Settings\Application Data\qplphgsv.log
[2011/12/10 10:52:10 | 000,005,474 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\wdgilodc.log
[2011/12/10 10:52:10 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\qplphgsv.log
[2011/12/10 10:41:00 | 000,000,024 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\upmcrhsl.log
[2011/12/10 10:40:59 | 000,766,448 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\vgqpneal.log
[2011/12/10 03:52:12 | 000,766,448 | ---- | C] () -- C:\Documents and Settings\lily sam mat\Local Settings\Application Data\vgqpneal.log
[2011/12/10 03:52:12 | 000,000,024 | ---- | C] () -- C:\Documents and Settings\lily sam mat\Local Settings\Application Data\upmcrhsl.log
[2011/12/04 04:42:51 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\sevxgeqb.log
[2011/12/03 15:21:53 | 000,330,800 | ---- | C] () -- C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\wdgilodc.log
[2011/12/03 15:21:39 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\qplphgsv.log
[2011/12/03 15:12:55 | 000,000,024 | ---- | C] () -- C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\upmcrhsl.log
[2011/12/03 15:12:54 | 000,766,448 | ---- | C] () -- C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\vgqpneal.log
[2011/10/17 12:11:26 | 000,000,654 | ---- | C] () -- C:\Documents and Settings\lily sam mat\Application Data\wklnhst.dat
[2011/10/12 11:41:12 | 000,000,135 | ---- | C] () -- C:\Documents and Settings\lily sam mat\Local Settings\Application Data\fusioncache.dat
[2011/10/12 11:41:07 | 001,572,864 | -H-- | C] () -- C:\Documents and Settings\lily sam mat\NTUSER.DAT
[2011/10/12 11:41:07 | 000,008,192 | -H-- | C] () -- C:\Documents and Settings\lily sam mat\ntuser.dat.LOG
[2011/10/12 11:41:07 | 000,000,184 | -HS- | C] () -- C:\Documents and Settings\lily sam mat\ntuser.ini
[2011/10/11 11:03:10 | 000,000,000 | ---- | C] () -- C:\WINDOWS\EEventManager.INI
[2011/08/24 15:09:36 | 002,107,563 | ---- | C] () -- C:\Documents and Settings\HP_Administrateur\anniversaire 40 ans
[2011/08/24 15:08:18 | 002,108,124 | ---- | C] () -- C:\Documents and Settings\HP_Administrateur\anniversaire 4
[2010/10/31 03:04:48 | 000,000,571 | ---- | C] () -- C:\WINDOWS\System32\FeMakro.ini
[2010/10/31 03:04:48 | 000,000,497 | ---- | C] () -- C:\WINDOWS\System32\FeAnim.ini
[2010/05/12 19:51:49 | 000,001,052 | R--- | C] () -- \reatogoMenu.ini
[2010/05/12 19:45:13 | 000,000,000 | R--- | C] () -- \WIN51IP.SP2
[2010/05/12 19:45:13 | 000,000,000 | R--- | C] () -- \WIN51IP
[2010/05/06 17:20:47 | 000,128,051 | ---- | C] () -- C:\Documents and Settings\HP_Administrateur\Application Data\mdbu.bin
[2010/03/28 06:13:50 | 000,000,037 | ---- | C] () -- C:\WINDOWS\DeliveryReader.INI
[2010/03/25 12:39:03 | 000,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI
[2010/02/15 07:02:30 | 000,000,127 | ---- | C] () -- C:\Documents and Settings\Lily\Local Settings\Application Data\fusioncache.dat
[2010/02/15 07:02:26 | 000,008,192 | -H-- | C] () -- C:\Documents and Settings\Lily\ntuser.dat.LOG
[2010/02/15 07:02:26 | 000,000,184 | -HS- | C] () -- C:\Documents and Settings\Lily\ntuser.ini
[2010/02/15 07:02:25 | 001,310,720 | -H-- | C] () -- C:\Documents and Settings\Lily\NTUSER.DAT
[2009/12/05 05:04:56 | 000,000,008 | -HS- | C] () -- C:\Documents and Settings\HP_Administrateur\Application Data\.xp070105.dat
[2009/12/05 05:04:56 | 000,000,008 | -HS- | C] () -- C:\Documents and Settings\HP_Administrateur\Application Data\.px050107.dat
[2009/12/05 05:04:56 | 000,000,008 | -HS- | C] () -- C:\Program Files\.ex010705.dat
[2009/12/05 05:04:56 | 000,000,008 | -HS- | C] () -- C:\Program Files\.ex010507.dat
[2009/12/05 05:04:56 | 000,000,008 | -HS- | C] () -- C:\Program Files\.bx050107.dat
[2009/12/05 05:04:56 | 000,000,008 | -HS- | C] () -- C:\Documents and Settings\HP_Administrateur\Application Data\.ax010705.dat
[2009/10/08 12:28:00 | 000,000,008 | -HS- | C] () -- C:\Documents and Settings\HP_Administrateur\Application Data\.drv190904.dat
[2009/10/08 12:28:00 | 000,000,008 | -HS- | C] () -- C:\Program Files\.drv120405.dat
[2009/10/08 12:28:00 | 000,000,008 | -HS- | C] () -- C:\Documents and Settings\HP_Administrateur\Application Data\.drv120205.dat
[2009/10/08 12:28:00 | 000,000,008 | -HS- | C] () -- C:\Program Files\.data211204.dat
[2009/10/08 12:28:00 | 000,000,008 | -HS- | C] () -- C:\Program Files\.data211004.dat
[2009/10/08 12:28:00 | 000,000,008 | -HS- | C] () -- C:\Program Files\.data110704.dat
[2009/10/08 12:28:00 | 000,000,008 | -HS- | C] () -- C:\Documents and Settings\HP_Administrateur\Application Data\.data001.dat
[2009/10/08 12:28:00 | 000,000,008 | -HS- | C] () -- C:\Documents and Settings\HP_Administrateur\Application Data\.data000.dat
[2009/10/08 12:28:00 | 000,000,008 | -HS- | C] () -- C:\Program Files\.dat000002.dat
[2009/10/08 12:28:00 | 000,000,008 | -HS- | C] () -- C:\Program Files\.dat000001.dat
[2009/10/08 12:28:00 | 000,000,008 | -HS- | C] () -- C:\Documents and Settings\HP_Administrateur\Application Data\.app190905.dat
[2009/10/08 12:28:00 | 000,000,008 | -HS- | C] () -- C:\Documents and Settings\HP_Administrateur\Application Data\.addit001.dat
[2009/10/07 12:38:46 | 000,000,032 | ---- | C] () -- C:\WINDOWS\CD-Start.INI
[2009/02/08 05:54:23 | 000,000,894 | ---- | C] () -- C:\Documents and Settings\Invité\Application Data\wklnhst.dat
[2009/02/02 12:30:28 | 000,000,021 | ---- | C] () -- C:\WINDOWS\kit.ini
[2009/02/01 15:00:05 | 000,035,518 | ---- | C] () -- C:\Documents and Settings\HP_Administrateur\Application Data\wklnhst.dat
[2009/01/21 07:21:43 | 000,338,944 | ---- | C] () -- C:\WINDOWS\System32\LFFPX7.DLL
[2009/01/21 07:21:43 | 000,118,784 | ---- | C] () -- C:\WINDOWS\System32\LFKODAK.DLL
[2009/01/19 13:56:42 | 000,006,656 | ---- | C] () -- C:\WINDOWS\System32\CNMVS58.DLL
[2009/01/10 11:19:39 | 000,168,448 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2009/01/10 11:19:35 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2009/01/10 11:19:35 | 000,795,648 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2009/01/10 11:19:35 | 000,130,048 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2009/01/10 11:19:33 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2009/01/10 11:19:33 | 000,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest
[2008/12/29 10:06:12 | 000,017,408 | ---- | C] () -- C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/12/20 12:26:19 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\Iyvu9_32.dll
[2008/12/14 10:31:54 | 000,000,129 | ---- | C] () -- C:\Documents and Settings\Invité\Local Settings\Application Data\fusioncache.dat
[2008/12/14 10:31:48 | 002,097,152 | -H-- | C] () -- C:\Documents and Settings\Invité\NTUSER.DAT
[2008/12/14 10:31:48 | 000,008,192 | -H-- | C] () -- C:\Documents and Settings\Invité\ntuser.dat.LOG
[2008/12/14 10:31:48 | 000,000,184 | -HS- | C] () -- C:\Documents and Settings\Invité\ntuser.ini
[2008/12/14 09:37:25 | 000,126,976 | ---- | C] () -- C:\WINDOWS\System32\coclassfast.dll
[2008/12/14 09:37:25 | 000,046,892 | ---- | C] () -- C:\WINDOWS\System32\adadix16.dll
[2008/12/13 08:57:33 | 000,000,251 | ---- | C] () -- C:\Program Files\wt3d.ini
[2008/12/09 16:53:36 | 000,000,140 | ---- | C] () -- C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\fusioncache.dat
[2008/12/09 16:53:25 | 000,438,272 | -H-- | C] () -- C:\Documents and Settings\HP_Administrateur\ntuser.dat.LOG
[2008/12/09 16:53:25 | 000,000,184 | -HS- | C] () -- C:\Documents and Settings\HP_Administrateur\ntuser.ini
[2008/12/09 16:53:24 | 005,767,168 | -H-- | C] () -- C:\Documents and Settings\HP_Administrateur\NTUSER.DAT
[2008/12/09 16:49:15 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeW7.dll
[2008/12/09 16:49:15 | 000,200,704 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeA6.dll
[2008/12/09 16:49:15 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeP6.dll
[2008/12/09 16:49:15 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeM6.dll
[2008/12/09 16:49:15 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\IVIresizePX.dll
[2008/12/09 16:49:15 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\IVIresize.dll
[2008/10/03 15:33:07 | 000,000,518 | ---- | C] () -- C:\WINDOWS\Viewer.INI
[2008/10/03 15:18:16 | 000,000,000 | ---- | C] () -- C:\WINDOWS\PrintMaster.INI
[2008/07/14 13:45:24 | 000,000,413 | ---- | C] () -- C:\WINDOWS\MyHeritage.INI
[2008/03/07 15:31:31 | 000,000,010 | ---- | C] () -- C:\WINDOWS\WININIT.INI
[2007/05/09 07:15:11 | 000,000,031 | ---- | C] () -- C:\WINDOWS\bewin32.INI
[2006/03/24 06:06:41 | 000,000,053 | R--- | C] () -- \AUTORUN.INF
[2006/03/12 07:00:41 | 000,000,154 | ---- | C] () -- C:\WINDOWS\adidsl.ini
[2006/03/12 07:00:41 | 000,000,021 | ---- | C] () -- C:\WINDOWS\Fast800.ini
[2006/03/12 07:00:36 | 000,000,342 | ---- | C] () -- C:\WINDOWS\adiras.ini
[2006/01/07 13:34:24 | 000,036,363 | ---- | C] () -- C:\WINDOWS\CSTBox.INI
[2005/11/02 04:10:38 | 000,000,000 | ---- | C] () -- C:\WINDOWS\SETUP32.INI
[2005/07/16 16:36:50 | 000,240,128 | R--- | C] () -- \reatogoMenu.exe
[2005/01/03 14:01:46 | 000,001,371 | ---- | C] () -- C:\WINDOWS\disney.ini
[2004/12/29 14:06:53 | 000,000,040 | ---- | C] () -- C:\WINDOWS\NAVIGMA.INI
[2004/12/29 11:03:23 | 000,000,488 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2004/12/25 16:19:46 | 000,000,075 | ---- | C] () -- C:\WINDOWS\SBWIN.INI
[2004/12/25 16:19:44 | 000,000,231 | ---- | C] () -- C:\WINDOWS\AC3API.INI
[2004/06/28 23:58:50 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2004/04/05 22:10:00 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\besched.dll
[2004/01/13 13:02:58 | 000,014,658 | ---- | C] () -- C:\WINDOWS\System32\aud2_hp.ini
[2004/01/01 10:30:52 | 000,000,640 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2004/01/01 04:46:04 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\JAWTAccessBridge.dll
[2004/01/01 04:45:38 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\PcdrKernelModeServices.dll
[2004/01/01 04:45:38 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\ProgressTrace.dll
[2004/01/01 04:40:50 | 000,167,936 | ---- | C] () -- C:\WINDOWS\System32\PCDrJNI_1_1.dll
[2004/01/01 04:39:40 | 000,026,387 | ---- | C] () -- C:\WINDOWS\System32\CHODDI.SYS
[2004/01/01 04:39:02 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\hpreg.dll
[2004/01/01 03:47:08 | 000,003,712 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2004/01/01 03:43:20 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\hcwXDS.dll
[2004/01/01 03:34:56 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\ati2evxx.dll
[2004/01/01 03:20:10 | 000,000,137 | ---- | C] () -- C:\Documents and Settings\Administrateur\Local Settings\Application Data\fusioncache.dat
[2004/01/01 03:09:12 | 000,299,073 | ---- | C] () -- C:\WINDOWS\System32\PythonCOM22.dll
[2004/01/01 03:09:12 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\PyWinTypes22.dll
[2004/01/01 03:08:55 | 000,016,896 | ---- | C] () -- C:\WINDOWS\System32\bcbmm.dll
[2004/01/01 02:49:47 | 000,000,813 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2004/01/01 02:49:15 | 000,000,184 | -HS- | C] () -- C:\Documents and Settings\Administrateur\ntuser.ini
[2004/01/01 02:49:14 | 000,008,192 | -H-- | C] () -- C:\Documents and Settings\Administrateur\ntuser.dat.LOG
[2004/01/01 02:49:12 | 001,048,576 | -H-- | C] () -- C:\Documents and Settings\Administrateur\NTUSER.DAT
[2004/01/01 02:48:42 | 000,241,664 | -H-- | C] () -- C:\Documents and Settings\LocalService\NTUSER.DAT
[2004/01/01 02:48:42 | 000,008,192 | -H-- | C] () -- C:\Documents and Settings\LocalService\ntuser.dat.LOG
[2004/01/01 02:48:42 | 000,000,020 | -HS- | C] () -- C:\Documents and Settings\LocalService\ntuser.ini
[2004/01/01 02:48:41 | 000,241,664 | -H-- | C] () -- C:\Documents and Settings\NetworkService\NTUSER.DAT
[2004/01/01 02:48:41 | 000,008,192 | -H-- | C] () -- C:\Documents and Settings\NetworkService\ntuser.dat.LOG
[2004/01/01 02:48:41 | 000,000,020 | -HS- | C] () -- C:\Documents and Settings\NetworkService\ntuser.ini
[2004/01/01 02:34:43 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2004/01/01 02:03:01 | 000,100,530 | ---- | C] () -- C:\WINDOWS\System32\VGAunistlog.ini
[2004/01/01 02:03:00 | 000,105,873 | ---- | C] () -- C:\WINDOWS\VGAsetup.ini
[2003/11/14 10:58:10 | 000,000,029 | ---- | C] () -- C:\WINDOWS\System32\ctzapxx.ini
[2003/11/13 18:54:06 | 000,053,312 | ---- | C] () -- C:\WINDOWS\System32\upddrv9x.dll
[2003/09/24 19:00:00 | 000,208,896 | ---- | C] () -- C:\WINDOWS\System32\lockout.dll
[2003/09/24 19:00:00 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\lockres.dll
[2003/03/21 18:56:12 | 000,000,194 | ---- | C] () -- C:\WINDOWS\System32\KILL.INI
[2003/03/06 16:53:18 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\hpnvr82.dll
[color=#E56717]========== LOP Check ==========/color
[2004/01/01 04:59:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrateur\Application Data\SampleView
[2009/01/19 11:59:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Invité\Application Data\OpenOffice.org
[2004/01/01 04:59:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Invité\Application Data\SampleView
[2004/01/01 04:59:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lily\Application Data\SampleView
[2011/10/12 11:43:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\lily sam mat\Application Data\AskToolbar
[2011/12/23 07:08:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\lily sam mat\Application Data\OpenOffice.org
[2011/12/16 15:45:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\lily sam mat\Application Data\PriceGong
[2004/01/01 04:59:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\lily sam mat\Application Data\SampleView
[2011/10/12 11:42:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\lily sam mat\Application Data\Toolbar4
[2012/02/21 14:01:00 | 000,000,258 | ---- | M] () -- C:\WINDOWS\Tasks\Scheduled Update for Ask Toolbar.job
[color=#E56717]========== Purity Check ==========/color
< End of report >
quelqu'un peut-il m'orienter pour la suite ? je sèche...
A voir également:
- Script sous OTLPE, besoin d'aide pour suite
- Script vidéo youtube - Guide
- Ghost script - Télécharger - Polices de caractères
- Mas script - Accueil - Windows
- Script cmd - Guide
- Script download - Télécharger - Édition & Programmation
8 réponses
Salut,
Tu peux héberger le rapport sur http://pjjoint.malekal.com stp
Et donner le lien, ça sera plus lisible.
Tu peux héberger le rapport sur http://pjjoint.malekal.com stp
Et donner le lien, ça sera plus lisible.
Le lien pour visualiser le fichier est :
http://pjjoint.malekal.com/files.php?id=20120309_k8r9n9r14s7
Merci de l'aide que vous pourrez m'apporter
http://pjjoint.malekal.com/files.php?id=20120309_k8r9n9r14s7
Merci de l'aide que vous pourrez m'apporter
Relance OTL.
o sous Personnalisation (Custom Scan), copie_colle le contenu du cadre ci dessous (bien prendre :OTL en début).
Clic Correction (Fix), un rapport apparraitra, copie/colle le contenu ici:
:OTL
O4 - HKU\.DEFAULT..\Run: [TojKtinp] C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\lirxjiey\tojktinp.exe (BreakPoint Software, Inc.)
O4 - HKU\HP_Administrateur_ON_C..\Run: [TojKtinp] C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\lirxjiey\tojktinp.exe (BreakPoint Software, Inc.)
O4 - HKU\lily_sam_mat_ON_C..\Run: [TojKtinp] C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\lirxjiey\tojktinp.exe (BreakPoint Software, Inc.)
O20 - HKLM Winlogon: UserInit - (C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\lirxjiey\tojktinp.exe) - C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\lirxjiey\tojktinp.exe (BreakPoint Software, Inc.)
:files
C:\WINDOWS\explorer.exe|C:\WINDOWS\ServicePackFiles\i386\explorer.exe /replace
* redemarre le pc sous windows et poste le rapport ici
Like the angel you are, you laugh creating a lightness in my chest,
Your eyes they penetrate me,
(Your answer's always 'maybe')
That's when I got up and left
o sous Personnalisation (Custom Scan), copie_colle le contenu du cadre ci dessous (bien prendre :OTL en début).
Clic Correction (Fix), un rapport apparraitra, copie/colle le contenu ici:
:OTL
O4 - HKU\.DEFAULT..\Run: [TojKtinp] C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\lirxjiey\tojktinp.exe (BreakPoint Software, Inc.)
O4 - HKU\HP_Administrateur_ON_C..\Run: [TojKtinp] C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\lirxjiey\tojktinp.exe (BreakPoint Software, Inc.)
O4 - HKU\lily_sam_mat_ON_C..\Run: [TojKtinp] C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\lirxjiey\tojktinp.exe (BreakPoint Software, Inc.)
O20 - HKLM Winlogon: UserInit - (C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\lirxjiey\tojktinp.exe) - C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\lirxjiey\tojktinp.exe (BreakPoint Software, Inc.)
:files
C:\WINDOWS\explorer.exe|C:\WINDOWS\ServicePackFiles\i386\explorer.exe /replace
* redemarre le pc sous windows et poste le rapport ici
Like the angel you are, you laugh creating a lightness in my chest,
Your eyes they penetrate me,
(Your answer's always 'maybe')
That's when I got up and left
voici le rapport sachant que mon fixe lorsque je démarre sous windows me mets la page du bureau vide...avec accès uniquement au gestionnaire des tâches. je vous envoie les scripts avec un portable.
========== OTL ==========
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\TojKtinp deleted successfully.
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\lirxjiey\tojktinp.exe moved successfully.
Registry value HKEY_USERS\HP_Administrateur_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\TojKtinp deleted successfully.
File C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\lirxjiey\tojktinp.exe not found.
Registry value HKEY_USERS\lily_sam_mat_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\TojKtinp deleted successfully.
File C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\lirxjiey\tojktinp.exe not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\UserInit:C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\lirxjiey\tojktinp.exe deleted successfully.
OTLPE by OldTimer - Version 3.1.39.0 log created on 03092012_180219
========== OTL ==========
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\TojKtinp deleted successfully.
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\lirxjiey\tojktinp.exe moved successfully.
Registry value HKEY_USERS\HP_Administrateur_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\TojKtinp deleted successfully.
File C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\lirxjiey\tojktinp.exe not found.
Registry value HKEY_USERS\lily_sam_mat_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\TojKtinp deleted successfully.
File C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\lirxjiey\tojktinp.exe not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\UserInit:C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\lirxjiey\tojktinp.exe deleted successfully.
OTLPE by OldTimer - Version 3.1.39.0 log created on 03092012_180219
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
oki, sur OTLPE (ou en mode normal si tu sais lancer iexplore.exe et que internet fonctionne).
Télécharge cet explorer.exe : https://www.malekal.com/fichiers_systeme/file/explorer_XP_SP3.exe
Renomme le fichier pour avoir explorer.exe dans C:\Windows
Au final, tu dois avoir un nouveau explorer.exe dans C:\Windows
Redémarre l'ordinateur et vois ce que cela donne.
Télécharge cet explorer.exe : https://www.malekal.com/fichiers_systeme/file/explorer_XP_SP3.exe
Renomme le fichier pour avoir explorer.exe dans C:\Windows
Au final, tu dois avoir un nouveau explorer.exe dans C:\Windows
Redémarre l'ordinateur et vois ce que cela donne.
visiblement, j'ai récupérer l'écran du bureau, je remet à jour adobe et je fouille sur la mise à jour d'autres programmes...Merci beaucoup pour l'aide apportée.Je dois m'absenter, si il y a d'autres vérif à faire pour s'assurer que le virus est bien éradiqué, merci de me donner les liens, je le ferais demain matin.
Encore merci pour votre aide.
Encore merci pour votre aide.
