Virus windows anytime upgrade

om13123 Messages postés 4 Statut Membre -  
Malekal_morte- Messages postés 184347 Date d'inscription   Statut Modérateur, Contributeur sécurité Dernière intervention   -
Bonjour, Je suis nouveau et je vais vous exposer mon problème .
Alors mon ordinateur (xp) a était atteint par un virus ce disant etre 'windows anytime upgrade ' et me demande 100€ pour actualiser la liscence .
J'ai donc essayer de l'enlever mais je n'y arrive pas . J'ai fais une analyse que voici :



OTL logfile created on: 8/7/2012 4:40:23 PM - Run
OTLPE by OldTimer - Version 3.1.39.0 Folder = X:\Programs\OTLPE
Microsoft Windows XP Service Pack 3 (Version = 5.1.2600) - Type = SYSTEM
Internet Explorer (Version = 6.0.2900.5512)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 84.00% Memory free
1.00 Gb Paging File | 1.00 Gb Available in Paging File | 96.00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 226.06 Gb Total Space | 148.06 Gb Free Space | 65.50% Space Free | Partition Type: NTFS
Drive D: | 3.61 Gb Total Space | 3.18 Gb Free Space | 88.05% Space Free | Partition Type: FAT32
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
Drive I: | 6.81 Gb Total Space | 1.15 Gb Free Space | 16.95% Space Free | Partition Type: FAT32
Drive X: | 439.05 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: REATOGO
Current User Name: SYSTEM
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
Using ControlSet: ControlSet001

[color=#E56717]========== Win32 Services (SafeList) ==========/color

SRV - [2012/07/09 21:22:56 | 000,935,008 | ---- | M] () [Auto] -- C:\Program Files\Fichiers communs\AVG Secure Search\vToolbarUpdater\11.2.0\ToolbarUpdater.exe -- (vToolbarUpdater11.2.0)
SRV - [2012/02/26 18:15:42 | 000,055,144 | ---- | M] (Apple Inc.) [Auto] -- C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2010/09/09 03:44:50 | 000,095,568 | ---- | M] (Devguru Co., Ltd.) [Auto] -- C:\WINDOWS\system32\dgdersvc.exe -- (dgdersvc)
SRV - [2010/09/09 03:43:20 | 000,217,088 | ---- | M] (Teruten) [Auto] -- C:\WINDOWS\system32\FsUsbExService.Exe -- (FsUsbExService)
SRV - [2010/03/18 08:16:28 | 000,753,504 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe -- (WPFFontCache_v0400)
SRV - [2010/03/18 08:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/08/27 11:09:10 | 001,253,376 | ---- | M] (MAGIX AG) [Auto] -- C:\Program Files\Fichiers communs\MAGIX Services\Database\bin\FABS.exe -- (Fabs)
SRV - [2008/08/07 05:10:02 | 003,276,800 | ---- | M] (MAGIX®) [On_Demand] -- C:\Program Files\Fichiers communs\MAGIX Services\Database\bin\fbserver.exe -- (FirebirdServerMAGIXInstance)
SRV - [2006/07/06 09:14:30 | 000,090,112 | ---- | M] (Intel Corporation) [Auto] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel(R)
SRV - [2006/06/20 23:08:48 | 000,049,152 | ---- | M] (Hewlett-Packard Company) [Auto] -- C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe -- (LightScribeService)
SRV - [2006/06/01 18:25:00 | 000,180,224 | ---- | M] (Intel Corporation) [Auto] -- C:\Program Files\Intel\IntelDH\Intel(R) Quick Resume Technology Drivers\ELService.exe -- (ELService) Intel(R)
SRV - [2004/10/22 05:24:18 | 000,073,728 | ---- | M] (Macrovision Corporation) [On_Demand] -- C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe -- (IDriverT)
SRV - [2004/09/29 06:14:36 | 000,069,632 | ---- | M] (HP) [Auto] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12)


[color=#E56717]========== Driver Services (SafeList) ==========/color

DRV - File not found [Kernel | On_Demand] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand] -- -- (PDCOMP)
DRV - File not found [Kernel | System] -- -- (PCIDump)
DRV - File not found [Kernel | System] -- -- (lbrtfdc)
DRV - File not found [Kernel | System] -- -- (i2omgmt)
DRV - File not found [Kernel | System] -- -- (Changer)
DRV - [2010/09/09 03:44:50 | 000,018,120 | ---- | M] (Devguru Co., Ltd) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\dgderdrv.sys -- (dgderdrv)
DRV - [2010/09/09 03:43:20 | 000,036,640 | ---- | M] () [Kernel | On_Demand] -- C:\WINDOWS\system32\FsUsbExDisk.Sys -- (FsUsbExDisk)
DRV - [2010/04/26 22:25:16 | 000,123,648 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ss_bmdm.sys -- (ss_bmdm)
DRV - [2010/04/26 22:25:16 | 000,100,224 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ss_bserd.sys -- (ss_bserd)
DRV - [2010/04/26 22:25:16 | 000,098,432 | ---- | M] (MCCI) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ss_bbus.sys -- (ss_bbus) SAMSUNG USB Mobile Device (WDM)
DRV - [2010/04/26 22:25:16 | 000,014,848 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ss_bmdfl.sys -- (ss_bmdfl) SAMSUNG USB Mobile Modem (Filter)
DRV - [2008/04/13 05:46:24 | 000,015,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\mpe.sys -- (MPE)
DRV - [2008/04/13 03:36:06 | 000,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2006/07/24 19:15:04 | 004,353,024 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2006/07/06 09:59:42 | 000,246,784 | ---- | M] (Intel Corporation) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\iaStor.sys -- (iaStor)
DRV - [2006/06/20 20:06:00 | 003,927,136 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2006/05/16 14:37:50 | 000,229,376 | ---- | M] (Intel Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\e1e5132.sys -- (e1express) Intel(R)
DRV - [2006/05/09 17:36:44 | 000,009,728 | ---- | M] (Intel Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ELacpi.sys -- (ELacpi)
DRV - [2006/05/09 17:36:42 | 000,007,040 | ---- | M] (Intel Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\Elmon.sys -- (ELmon)
DRV - [2006/05/09 17:36:22 | 000,006,912 | ---- | M] (Intel Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\Elkbd.sys -- (ELkbd)
DRV - [2006/05/09 17:36:20 | 000,006,400 | ---- | M] (Intel Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\Elmou.sys -- (ELmou)
DRV - [2006/05/09 17:36:18 | 000,010,112 | ---- | M] (Intel Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\Elhid.sys -- (ELhid)
DRV - [2006/04/11 23:36:56 | 002,829,696 | ---- | M] (ASUSTek) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\3xHybrid.sys -- (3xHybrid)
DRV - [2005/12/12 20:27:00 | 000,019,072 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\PS2.sys -- (Ps2)
DRV - [2005/10/05 13:44:06 | 000,468,768 | ---- | M] (Liteon Technology Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\wn5301.sys -- (WN5301)
DRV - [2005/06/29 11:03:18 | 000,175,104 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\ftsata2.sys -- (ftsata2)
DRV - [2004/08/03 17:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139) Pilote NT de carte Realtek PCI Fast Ethernet à base RTL8139(A/B/C)
DRV - [2003/11/05 01:45:12 | 000,017,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\bb-run.sys -- (bb-run)


[color=#E56717]========== Standard Registry (SafeList) ==========/color


[color=#E56717]========== Internet Explorer ==========/color

IE - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr?cobrand=hp-desktop.msn.com&ocid=HPDHP&pc=HPDTDF
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://fr.search.yahoo.com/?fr=cb-hp06
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://fr.search.yahoo.com/?fr=cb-hp06
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr?cobrand=hp-desktop.msn.com&ocid=HPDHP&pc=HPDTDF
IE - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www1.search-results.com/web?l=dis&q=&o=APN10649&apn_dtid=%5EBND423%5EYY%5EFR&shad=s_0043&gct=ds&apn_ptnrs=%5EAGA&d=423-0&lang=en&atb=sysid%3D423%3Auid%3D3b94e24ee9c5d563%3Asrc%3Dieb%3Ao%3DAPN10649%3Atg%3D&p2=%5EAGA%5EBND423%5EYY%5EFR{searchTerms}


IE - HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr?cobrand=hp-desktop.msn.com&ocid=HPDHP&pc=HPDTDF
IE - HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://fr.search.yahoo.com/?fr=cb-hp06
IE - HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = https://fr.search.yahoo.com/?fr=cb-hp06
IE - HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr?cobrand=hp-desktop.msn.com&ocid=HPDHP&pc=HPDTDF
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\Administrateur_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\HP_Administrateur_ON_C\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr?cobrand=hp-desktop.msn.com&ocid=HPDHP&pc=HPDTDF
IE - HKU\HP_Administrateur_ON_C\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://fr.search.yahoo.com/?fr=cb-hp06
IE - HKU\HP_Administrateur_ON_C\Software\Microsoft\Internet Explorer\Main,Search Page = https://fr.search.yahoo.com/?fr=cb-hp06
IE - HKU\HP_Administrateur_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = http://s1.bubbledock.com/store/fr_fr/?utm_source=nsis&utm_medium=1000000100130010&utm_campaign=noq
IE - HKU\HP_Administrateur_ON_C\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www1.search-results.com/web?l=dis&q=&o=APN10649&apn_dtid=%5EBND423%5EYY%5EFR&shad=s_0043&gct=ds&apn_ptnrs=%5EAGA&d=423-0&lang=en&atb=sysid%3D423%3Auid%3D3b94e24ee9c5d563%3Asrc%3Dieb%3Ao%3DAPN10649%3Atg%3D&p2=%5EAGA%5EBND423%5EYY%5EFR{searchTerms}
IE - HKU\HP_Administrateur_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\HP_Administrateur_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local




FF - HKLM\software\mozilla\Firefox\Extensions\\mrext@rentabiliweb.net: C:\Program Files\Mailocash\Resources\Extensions\mrext@rentabiliweb.net.xpi [2012/03/26 23:37:08 | 000,004,525 | ---- | M] ()
FF - HKLM\software\mozilla\Firefox\Extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087}: C:\Program Files\Web Assistant\Firefox
FF - HKLM\software\mozilla\Firefox\Extensions\\avg@toolbar: C:\Documents and Settings\All Users\Application Data\AVG Secure Search\11.1.0.12\ [2012/07/09 21:23:02 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\bubbledock@nosibay.com: C:\Program Files\Nosibay\Bubble Dock\extensions\FFSurfMatch [2012/06/12 11:01:31 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/07/20 06:53:58 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins

[2012/08/05 21:49:35 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2012/05/18 10:55:57 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\ffxtlbr@babylon.com
[2012/07/20 06:53:58 | 000,136,672 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\browsercomps.dll
[2012/06/14 20:27:03 | 000,001,516 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazon-france.xml
[2012/07/09 21:22:51 | 000,003,769 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\avg-secure-search.xml
[2011/10/21 11:51:00 | 000,002,288 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\babylon.xml
[2012/06/14 20:27:03 | 000,002,252 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\bing.xml
[2012/06/14 20:27:03 | 000,001,822 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\cnrtl-tlfi-fr.xml
[2012/06/14 20:27:03 | 000,001,154 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-france.xml
[2012/05/31 10:50:29 | 000,002,515 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\Search_Results.xml
[2012/06/14 20:27:03 | 000,001,426 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-fr.xml
[2012/06/14 20:27:03 | 000,000,956 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-france.xml

O1 HOSTS File: ([2004/08/10 07:00:00 | 000,000,790 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (AC-Pro) - {0FB6A909-6086-458F-BD92-1F8EE10042A0} - C:\Program Files\AutocompletePro\AutocompletePro.dll (SimplyGen)
O2 - BHO: (Bubble Dock SurfMatch) - {23AF19F7-1D5B-442c-B14C-3D1081953C94} - C:\Program Files\Nosibay\Bubble Dock\extensions\axSurfMatch.dll (Nosibay)
O2 - BHO: (Mailocash Information) - {5C3FF33E-6686-49f1-B4DB-8D24CD1FCF6F} - C:\Program Files\Mailocash\Resources\Extensions\MailoramaBHO_Win32.dll (Rentabiliweb)
O2 - BHO: (Incredibar.com Helper Object) - {6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99} - C:\Program Files\Incredibar.com\incredibar\1.5.11.14\bh\incredibar.dll (Montera Technologeis LTD)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\11.1.0.12\AVG Secure Search_toolbar.dll ()
O2 - BHO: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~1\SEARCH~1\Datamngr\ToolBar\searchqudtx.dll File not found
O2 - BHO: (DataMngr) - {9D717F81-9148-4f12-8568-69135F087DB0} - C:\PROGRA~1\SEARCH~1\Datamngr\BROWSE~1.DLL File not found
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
O2 - BHO: (Yontoo) - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files\Yontoo\YontooIEClient.dll (Yontoo LLC)
O3 - HKLM\..\Toolbar: (&Google) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\11.1.0.12\AVG Secure Search_toolbar.dll ()
O3 - HKLM\..\Toolbar: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~1\SEARCH~1\Datamngr\ToolBar\searchqudtx.dll File not found
O3 - HKLM\..\Toolbar: (Incredibar Toolbar) - {F9639E4A-801B-4843-AEE3-03D9DA199E77} - C:\Program Files\Incredibar.com\incredibar\1.5.11.14\incredibarTlbr.dll (Montera Technologeis LTD)
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKU\Administrateur_ON_C\..\Toolbar\WebBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
O3 - HKU\HP_Administrateur_ON_C\..\Toolbar\WebBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Fichiers communs\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [DMAScheduler] c:\Program Files\HP DigitalMedia Archive\DMAScheduler.exe (Sonic Solutions)
O4 - HKLM..\Run: [ftutil2] C:\WINDOWS\System32\ftutil2.dll (Promise Technology, Inc.)
O4 - HKLM..\Run: [HF_G_Jul] C:\Program Files\AVG Secure Search\HF_G_Jul.exe ()
O4 - HKLM..\Run: [HKLM] C:\Program Files\install\server.exe ()
O4 - HKLM..\Run: [HPBootOp] C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [PCDrProfiler] File not found
O4 - HKLM..\Run: [Recguard] C:\WINDOWS\SMINST\Recguard.exe ()
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [vProt] C:\Program Files\AVG Secure Search\vprot.exe ()
O4 - HKU\HP_Administrateur_ON_C..\Run: [2447281F] C:\Documents and Settings\HP_Administrateur\Application Data\Nmsd\D18244352447281F1739.exe ()
O4 - HKU\HP_Administrateur_ON_C..\Run: [Bubble Dock] C:\Documents and Settings\HP_Administrateur\Application Data\Nosibay\Bubble Dock\LBubble Dock.exe (Nosibay)
O4 - HKU\HP_Administrateur_ON_C..\Run: [csrss] C:\WINDOWS\csrss.exe ()
O4 - HKU\HP_Administrateur_ON_C..\Run: [HKCU] C:\Program Files\install\server.exe ()
O4 - HKU\HP_Administrateur_ON_C..\Run: [KiesTrayAgent] C:\Program Files\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
O4 - Startup: C:\Documents and Settings\Default User\Menu Démarrer\Programmes\Démarrage\Pin.lnk = C:\hp\bin\CLOAKER.EXE File not found
O4 - Startup: C:\Documents and Settings\Default User\Menu Démarrer\Programmes\Démarrage\PinMcLnk.lnk = C:\hp\bin\cloaker.exe File not found
O4 - Startup: C:\Documents and Settings\HP_Administrateur\Menu Démarrer\Programmes\Démarrage\Mailocash.lnk = C:\Program Files\Mailocash\MRNotif.exe (Rentabiliweb)
O4 - Startup: C:\Documents and Settings\HP_Administrateur\Menu Démarrer\Programmes\Démarrage\OpenOffice.org 3.3.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run: Policies = C:\WINDOWS\system32\Windows\Security.exe (Security Scan)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallVisualStyle = C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles (Microsoft)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallTheme = C:\WINDOWS\Resources\Themes\Royale.theme ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegedit = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\Administrateur_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\HP_Administrateur_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\HP_Administrateur_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run: Policies = C:\WINDOWS\system32\Windows\Security.exe (Security Scan)
O7 - HKU\HP_Administrateur_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 1
O7 - HKU\HP_Administrateur_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegedit = 1
O7 - HKU\LocalService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\NetworkService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: &Traduire à partir de l'anglais - C:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
O8 - Extra context menu item: Pages liées - C:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
O8 - Extra context menu item: Pages similaires - C:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
O8 - Extra context menu item: Recherche &Google - C:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - C:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
O9 - Extra 'Tools' menuitem : Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\NPJPI150_06.dll (Sun Microsystems, Inc.)
O9 - Extra Button: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm ()
O9 - Extra 'Tools' menuitem : Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab (Java Plug-in 1.5.0_06)
O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab (Java Plug-in 1.5.0_06)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab (Java Plug-in 1.5.0_06)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - c:\Program Files\Fichiers communs\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Fichiers communs\AVG Secure Search\ViProtocolInstaller\11.2.0\ViProtocol.dll ()
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\F90BF8EA2447281F29FE.exe) - C:\WINDOWS\system32\F90BF8EA2447281F29FE.exe ()
O24 - Desktop Components:0 (Ma page d'accueil) - About:Home
O24 - Desktop WallPaper: B:\Documents and Settings\Default User\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: B:\Documents and Settings\Default User\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O27 - HKLM IFEO\msconfig.exe: Debugger - P9KDMF.EXE File not found
O27 - HKLM IFEO\regedit.exe: Debugger - P9KDMF.EXE File not found
O27 - HKLM IFEO\taskmgr.exe: Debugger - P9KDMF.EXE File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/01/03 01:14:38 | 000,000,100 | -H-- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2001/07/27 15:07:38 | 000,000,000 | -HS- | M] () - I:\Autoexec.bat -- [ FAT32 ]
O32 - AutoRun File - [2004/04/30 07:01:14 | 000,000,053 | -HS- | M] () - I:\Autorun.inf -- [ FAT32 ]
O32 - AutoRun File - [2006/03/24 07:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
O33 - MountPoints2\{268a32e1-44df-11e1-a9cf-00c0a8c80fbe}\Shell - "" = AutoRun
O33 - MountPoints2\{268a32e1-44df-11e1-a9cf-00c0a8c80fbe}\Shell\Open\command - "" = J:\RECYCLER\S-1-5-21-1482476501-3352491937-682996330-1013\Security.exe -- File not found
O33 - MountPoints2\{268a32e6-44df-11e1-a9cf-00c0a8c80fbe}\Shell - "" = AutoRun
O33 - MountPoints2\{268a32e6-44df-11e1-a9cf-00c0a8c80fbe}\Shell\Open\command - "" = K:\RECYCLER\S-1-5-21-1482476501-3352491937-682996330-1013\Security.exe -- File not found
O33 - MountPoints2\{2f5c3bad-9cff-11e1-aa02-00c0a8c80fbe}\Shell - "" = AutoRun
O33 - MountPoints2\{2f5c3bad-9cff-11e1-aa02-00c0a8c80fbe}\Shell\Open\command - "" = F:\RECYCLER\S-1-5-21-1482476501-3352491937-682996330-1013\Security.exe -- File not found
O33 - MountPoints2\{3fe63bfb-80a1-11e1-a9f8-00c0a8c80fbe}\Shell - "" = AutoRun
O33 - MountPoints2\{3fe63bfb-80a1-11e1-a9f8-00c0a8c80fbe}\Shell\Open\command - "" = F:\RECYCLER\S-1-5-21-1482476501-3352491937-682996330-1013\Security.exe -- File not found
O33 - MountPoints2\{92785567-6f5f-11e1-a9ea-00c0a8c80fbe}\Shell - "" = AutoRun
O33 - MountPoints2\{92785567-6f5f-11e1-a9ea-00c0a8c80fbe}\Shell\Open\command - "" = J:\RECYCLER\S-1-5-21-1482476501-3352491937-682996330-1013\Security.exe -- File not found
O33 - MountPoints2\{f8d78787-c325-11e1-aa0d-00c0a8c80fbe}\Shell - "" = AutoRun
O33 - MountPoints2\{f8d78787-c325-11e1-aa0d-00c0a8c80fbe}\Shell\Open\command - "" = F:\RECYCLER\S-1-5-21-1482476501-3352491937-682996330-1013\Security.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: Ias - C:\WINDOWS\system32\ias [2005/11/14 23:10:06 | 000,000,000 | ---D | M]
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found


SafeBootMin: vds - Service
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy


ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Rendu VML (Vector Graphics Rendering)
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Lecteur Windows Media Microsoft 6.4
ActiveX: {2815JLM0-6JHB-FX4K-4A6X-2SP4ILLXASLU} - C:\Program Files\install\server.exe
ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Liaison de données Dynamic HTML pour Java
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Logiciel de navigation hors connexion
ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe
ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework
ActiveX: {407408d4-94ed-4d86-ab69-a7f649d112ee} - %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection QuickLaunchShortcut 640 %systemroot%\inf\mcdftreg.inf
ActiveX: {411EDCF7-755D-414E-A74B-3DCD6583F589} - Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)
ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Création avancée
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Aide sur Internet Explorer
ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - Classes Java DirectAnimation
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser
ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Outils d'installation Internet Explorer
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Améliorations pour la navigation
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - Accès au site MSN
ActiveX: {7131646D-CD3C-40F4-97B9-CD9E4E6262EF} - .NET Framework
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - %SystemRoot%\system32\ie4uinit.exe
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install
ActiveX: {8b15971b-5355-4c82-8c07-7e181ea07608} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\fxsocm.inf,Fax.Install.PerUser
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Liaison de données Dynamic HTML
ActiveX: {94de52c8-2d59-4f1b-883e-79663d2d9a8c} - Fax Provider
ActiveX: {9A394342-4A68-4EBA-85A6-55B559F4E700} - .NET Framework
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Polices de base Internet Explorer
ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework
ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Planificateur de tâches
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Macromedia Shockwave Flash
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - Aide HTML
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {EA29D410-CE41-4953-A862-2DE706A1DAD7} - Microsoft .NET Framework 1.0 Service Pack 3
ActiveX: {FDC11A6F-17D1-48f9-9EA3-9051954BAA24} - .NET Framework
ActiveX: {SV28YW4E-VII6-M67B-2UKE-U73615IV3E4O} - C:\WINDOWS\system32\Windows\Security.exe
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigIE
ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE

Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: msacm.vorbis - C:\WINDOWS\System32\vorbis.acm (HMS http://hp.vector.co.jp/authors/VA012897/)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\WINDOWS\System32\DivX.dll (DivXNetworks, Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: vidc.LEAD - LCODCCMP.DLL File not found

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========/color

[2012/08/07 09:20:31 | 000,000,000 | -HSD | C] -- C:\found.000
[2012/08/05 21:46:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\appmgmt
[2012/08/05 12:06:24 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2012/08/05 11:53:59 | 001,306,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msxml6.dll
[2012/08/05 11:53:59 | 000,093,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msxml6r.dll
[2012/08/05 11:53:58 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\smtpapi.dll
[2012/08/05 11:53:58 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rwnh.dll
[2012/08/05 11:53:58 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comsdupd.exe
[2012/08/05 11:53:57 | 001,888,992 | ---- | C] (ATI Technologies Inc. ) -- C:\WINDOWS\System32\ati3duag.dll
[2012/08/05 11:53:57 | 000,870,784 | ---- | C] (ATI Technologies Inc. ) -- C:\WINDOWS\System32\ati3d1ag.dll
[2012/08/05 11:53:57 | 000,516,768 | ---- | C] (ATI Technologies Inc. ) -- C:\WINDOWS\System32\ativvaxx.dll
[2012/08/05 11:53:57 | 000,377,984 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ati2dvaa.dll
[2012/08/05 11:53:57 | 000,233,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\azroles.dll
[2012/08/05 11:53:57 | 000,229,376 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ati2cqag.dll
[2012/08/05 11:53:57 | 000,201,728 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ati2dvag.dll
[2012/08/05 11:53:57 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\aaclient.dll
[2012/08/05 11:53:57 | 000,060,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3cfg.dll
[2012/08/05 11:53:57 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3msm.dll
[2012/08/05 11:53:57 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dhcpqec.dll
[2012/08/05 11:53:57 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3gpclnt.dll
[2012/08/05 11:53:57 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dimsroam.dll
[2012/08/05 11:53:57 | 000,032,768 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ativtmxx.dll
[2012/08/05 11:53:57 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3api.dll
[2012/08/05 11:53:57 | 000,023,040 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ativmvxx.ax
[2012/08/05 11:53:57 | 000,009,728 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ativdaxx.ax
[2012/08/05 11:53:57 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3dlg.dll
[2012/08/05 11:53:57 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bitsprx4.dll
[2012/08/05 11:53:56 | 000,651,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3ui.dll
[2012/08/05 11:53:56 | 000,184,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapp3hst.dll
[2012/08/05 11:53:56 | 000,180,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapphost.dll
[2012/08/05 11:53:56 | 000,126,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eappcfg.dll
[2012/08/05 11:53:56 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eappgnui.dll
[2012/08/05 11:53:56 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapqec.dll
[2012/08/05 11:53:56 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eappprxy.dll
[2012/08/05 11:53:56 | 000,032,285 | ---- | C] (Conexant Systems, Inc.) -- C:\WINDOWS\System32\hsfcisp2.dll
[2012/08/05 11:53:56 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapolqec.dll
[2012/08/05 11:53:56 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdiultn.dll
[2012/08/05 11:53:56 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdbhc.dll
[2012/08/05 11:53:55 | 001,737,856 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\mtxparhd.dll
[2012/08/05 11:53:55 | 000,397,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmcex.dll
[2012/08/05 11:53:55 | 000,200,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\napmontr.dll
[2012/08/05 11:53:55 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\microsoft.managementconsole.dll
[2012/08/05 11:53:55 | 000,177,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\napstat.exe
[2012/08/05 11:53:55 | 000,155,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mssha.dll
[2012/08/05 11:53:55 | 000,144,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\onex.dll
[2012/08/05 11:53:55 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmcfxcommon.dll
[2012/08/05 11:53:55 | 000,086,016 | ---- | C] (Conexant) -- C:\WINDOWS\System32\mdmxsdk.dll
[2012/08/05 11:53:55 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msshavmsg.dll
[2012/08/05 11:53:55 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\l2gpstore.dll
[2012/08/05 11:53:55 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmcperf.exe
[2012/08/05 11:53:55 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\napipsec.dll
[2012/08/05 11:53:55 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdpash.dll
[2012/08/05 11:53:55 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdnepr.dll
[2012/08/05 11:53:54 | 000,397,056 | ---- | C] (S3 Graphics, Inc.) -- C:\WINDOWS\System32\s3gnb.dll
[2012/08/05 11:53:54 | 000,290,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rhttpaa.dll
[2012/08/05 11:53:54 | 000,286,792 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\slextspk.dll
[2012/08/05 11:53:54 | 000,188,508 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\slgen.dll
[2012/08/05 11:53:54 | 000,151,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qagent.dll
[2012/08/05 11:53:54 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qutil.dll
[2012/08/05 11:53:54 | 000,073,832 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\slcoinst.dll
[2012/08/05 11:53:54 | 000,073,796 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\slserv.exe
[2012/08/05 11:53:54 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qcliprov.dll
[2012/08/05 11:53:54 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rasqec.dll
[2012/08/05 11:53:54 | 000,032,866 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\slrundll.exe
[2012/08/05 11:53:54 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\setupn.exe
[2012/08/05 11:53:53 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wlanapi.dll
[2012/08/05 11:53:53 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tsgqec.dll
[2012/08/05 11:53:52 | 000,032,866 | ---- | C] (Smart Link) -- C:\WINDOWS\slrundll.exe
[2012/08/05 11:53:52 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\fr-fr
[2012/08/05 11:53:52 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\fr
[2012/08/05 11:53:52 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\bits
[2012/08/05 11:52:21 | 000,000,000 | ---D | C] -- C:\WINDOWS\ServicePackFiles
[2012/08/05 11:50:59 | 000,701,440 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati2mtag.sys
[2012/08/05 11:50:59 | 000,327,168 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati2mtaa.sys
[2012/08/05 11:50:59 | 000,063,663 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1rvxx.sys
[2012/08/05 11:50:59 | 000,057,856 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinbtxx.sys
[2012/08/05 11:50:59 | 000,056,623 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1btxx.sys
[2012/08/05 11:50:59 | 000,043,008 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\WINDOWS\System32\drivers\amdagp.sys
[2012/08/05 11:50:59 | 000,036,463 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1tuxx.sys
[2012/08/05 11:50:59 | 000,034,735 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1xsxx.sys
[2012/08/05 11:50:59 | 000,030,671 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1raxx.sys
[2012/08/05 11:50:59 | 000,029,455 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1xbxx.sys
[2012/08/05 11:50:59 | 000,026,367 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1snxx.sys
[2012/08/05 11:50:59 | 000,021,343 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1ttxx.sys
[2012/08/05 11:50:59 | 000,012,047 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1pdxx.sys
[2012/08/05 11:50:59 | 000,011,615 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1mdxx.sys
[2012/08/05 11:50:59 | 000,004,255 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\adv01nt5.dll
[2012/08/05 11:50:59 | 000,003,967 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\adv02nt5.dll
[2012/08/05 11:50:59 | 000,003,775 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\adv11nt5.dll
[2012/08/05 11:50:59 | 000,003,711 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\adv09nt5.dll
[2012/08/05 11:50:59 | 000,003,647 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\adv07nt5.dll
[2012/08/05 11:50:59 | 000,003,615 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\adv05nt5.dll
[2012/08/05 11:50:59 | 000,003,135 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\adv08nt5.dll
[2012/08/05 11:50:59 | 000,000,000 | ---D | C] -- C:\WINDOWS\network diagnostic
[2012/08/05 11:50:58 | 000,104,960 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinrvxx.sys
[2012/08/05 11:50:58 | 000,073,216 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atintuxx.sys
[2012/08/05 11:50:58 | 000,063,488 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinxsxx.sys
[2012/08/05 11:50:58 | 000,052,224 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinraxx.sys
[2012/08/05 11:50:58 | 000,036,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\bthprint.sys
[2012/08/05 11:50:58 | 000,031,744 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinxbxx.sys
[2012/08/05 11:50:58 | 000,028,672 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinsnxx.sys
[2012/08/05 11:50:58 | 000,025,471 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\atv04nt5.dll
[2012/08/05 11:50:58 | 000,021,183 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\atv01nt5.dll
[2012/08/05 11:50:58 | 000,017,279 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\atv10nt5.dll
[2012/08/05 11:50:58 | 000,015,423 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\ch7xxnt5.dll
[2012/08/05 11:50:58 | 000,014,336 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinpdxx.sys
[2012/08/05 11:50:58 | 000,014,143 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\atv06nt5.dll
[2012/08/05 11:50:58 | 000,013,824 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinttxx.sys
[2012/08/05 11:50:58 | 000,013,824 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinmdxx.sys
[2012/08/05 11:50:58 | 000,011,359 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\atv02nt5.dll
[2012/08/05 11:50:57 | 001,309,184 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\mtlstrm.sys
[2012/08/05 11:50:57 | 000,452,736 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\drivers\mtxparhm.sys
[2012/08/05 11:50:57 | 000,180,360 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\ntmtlfax.sys
[2012/08/05 11:50:57 | 000,126,686 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\mtlmnt5.sys
[2012/08/05 11:50:57 | 000,012,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\mutohpen.sys
[2012/08/05 11:50:56 | 000,404,990 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\slntamr.sys
[2012/08/05 11:50:56 | 000,166,912 | ---- | C] (S3 Graphics, Inc.) -- C:\WINDOWS\System32\drivers\s3gnbm.sys
[2012/08/05 11:50:56 | 000,129,535 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\slnt7554.sys
[2012/08/05 11:50:56 | 000,095,424 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\slnthal.sys
[2012/08/05 11:50:56 | 000,040,960 | ---- | C] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\System32\drivers\sisagp.sys
[2012/08/05 11:50:56 | 000,030,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\rndismpx.sys
[2012/08/05 11:50:56 | 000,013,776 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\recagent.sys
[2012/08/05 11:50:56 | 000,013,240 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\slwdmsup.sys
[2012/08/05 11:50:56 | 000,005,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\smbali.sys
[2012/08/05 11:50:56 | 000,003,901 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\siint5.dll
[2012/08/05 11:50:55 | 000,025,471 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\watv10nt.sys
[2012/08/05 11:50:55 | 000,022,271 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\watv06nt.sys
[2012/08/05 11:50:55 | 000,011,935 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\wadv11nt.sys
[2012/08/05 11:50:55 | 000,011,871 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\wadv09nt.sys
[2012/08/05 11:50:55 | 000,011,807 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\wadv07nt.sys
[2012/08/05 11:50:55 | 000,011,325 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\vchnt5.dll
[2012/08/05 11:50:55 | 000,011,295 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\wadv08nt.sys
[2012/08/05 11:48:09 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$NtServicePackUninstall$
[2012/08/02 09:51:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrateur\Application Data\Nmsd
[2012/07/31 22:47:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrateur\Bureau\photo scoot
[2012/07/09 21:22:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\cache
[2011/11/16 08:30:02 | 000,047,360 | ---- | C] (VSO Software) -- C:\Documents and Settings\HP_Administrateur\Application Data\pcouffin.sys
[2006/02/19 05:28:56 | 000,012,288 | ---- | C] (Hewlett-Packard Development Company, L.P.) -- C:\WINDOWS\Fonts\RandFont.dll
[7 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

[color=#E56717]========== Files - Modified Within 30 Days ==========/color

[2012/08/07 09:25:40 | 001,920,682 | -H-- | M] () -- C:\Documents and Settings\HP_Administrateur\Application Data\logs.dat
[2012/08/07 09:25:32 | 003,145,728 | ---- | M] () -- C:\Documents and Settings\HP_Administrateur\NTUSER.DAT
[2012/08/07 09:25:18 | 000,068,694 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2012/08/07 09:24:54 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2012/08/07 09:24:53 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012/08/07 09:24:51 | 2145,857,536 | -HS- | M] () -- C:\hiberfil.sys
[2012/08/06 08:50:15 | 000,000,245 | ---- | M] () -- C:\WINDOWS\System\hpsysdrv.dat
[2012/08/05 21:52:20 | 000,094,552 | ---- | M] () -- C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2012/08/05 21:50:43 | 000,295,664 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012/08/05 12:11:16 | 001,124,682 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2012/08/05 12:11:16 | 000,511,642 | ---- | M] () -- C:\WINDOWS\System32\perfh00C.dat
[2012/08/05 12:11:16 | 000,442,418 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012/08/05 12:11:16 | 000,085,652 | ---- | M] () -- C:\WINDOWS\System32\perfc00C.dat
[2012/08/05 12:11:16 | 000,071,166 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012/08/05 12:10:47 | 000,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx
[2012/08/05 12:08:42 | 000,786,432 | -H-- | M] () -- C:\Documents and Settings\Administrateur\NTUSER.DAT
[2012/08/05 12:06:43 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012/08/05 12:04:50 | 000,241,664 | -H-- | M] () -- C:\Documents and Settings\NetworkService\NTUSER.DAT
[2012/08/05 12:04:49 | 000,241,664 | -H-- | M] () -- C:\Documents and Settings\LocalService\NTUSER.DAT
[2012/08/05 12:04:40 | 000,000,184 | -HS- | M] () -- C:\Documents and Settings\HP_Administrateur\ntuser.ini
[2012/08/05 11:50:45 | 000,252,240 | RHS- | M] () -- C:\ntldr
[2012/08/05 10:07:01 | 010,860,717 | ---- | M] () -- C:\Documents and Settings\HP_Administrateur\Bureau\JDG & JayyFresh - Swagger vs Mumbai (TJR mashup) 4clubbers.pl.mp3
[2012/08/05 09:58:41 | 015,845,022 | ---- | M] () -- C:\Documents and Settings\HP_Administrateur\Bureau\Sandro+Silva+&+Quintino+-+Epic+(Temptz+Bootleg).mp3
[2012/08/03 14:19:07 | 010,891,057 | ---- | M] () -- C:\Documents and Settings\HP_Administrateur\Bureau\Bart B More - Traction (Tai Remix) 4clubbers.pl.mp3
[2012/08/03 13:36:37 | 015,200,256 | ---- | M] () -- C:\Documents and Settings\HP_Administrateur\Bureau\Boyz n the Hood (The Mash-Up King Atom Remix).mp3
[2012/08/03 13:27:58 | 008,017,292 | ---- | M] () -- C:\Documents and Settings\HP_Administrateur\Bureau\Autoerotique feat. Marissa Jack - Roll The Drums (Clockwork Remix) www.SuriMusic.do.am .mp3
[2012/08/03 13:21:04 | 013,708,618 | ---- | M] () -- C:\Documents and Settings\HP_Administrateur\Bureau\Sebastien Drums & Whelan & Di Scala vs Kaskade - Here I Come Down The Longest Road (eSQUIRE Mashup)[ElectroShock.pl].mp3
[2012/08/03 13:16:49 | 016,988,904 | ---- | M] () -- C:\Documents and Settings\HP_Administrateur\Bureau\Chris Lake & Lazy Rich Feat. Jareth - Stand Alone (Federico Scavo Remix) www.whatdjplays.com.mp3
[2012/08/03 13:11:27 | 010,337,169 | ---- | M] () -- C:\Documents and Settings\HP_Administrateur\Bureau\Nicky Romero & Zedd - Human (Original Mix)www.muzyka-klubowa.com (by ShakD).mp3
[2012/08/03 13:10:05 | 012,384,802 | ---- | M] () -- C:\Documents and Settings\HP_Administrateur\Bureau\Zedd Ft. Matthew Koma - Spectrum (A-Trak & Clockwork Remix) [www.Live4Music.lt].mp3
[2012/08/03 12:59:27 | 015,752,053 | ---- | M] () -- C:\Documents and Settings\HP_Administrateur\Bureau\Emma Hewitt - Rewind (Dabruck & Klein Remix).mp3
[2012/08/03 12:58:12 | 016,654,713 | ---- | M] () -- C:\Documents and Settings\HP_Administrateur\Bureau\Richard Dinsdale, Henri Leo Thiesen, Robbie Senza - Shake What Ya Mama Gave Ya (Dmitry KO Remix).mp3
[2012/08/03 12:53:51 | 015,420,821 | ---- | M] () -- C:\Documents and Settings\HP_Administrateur\Bureau\David Jones & Total Sound feat. Devonne - Incredible (Virgo) (Cherry Coke Remix).mp3
[2012/08/03 12:51:40 | 000,166,400 | -H-- | M] () -- C:\WINDOWS\csrss.exe
[2012/08/03 12:51:02 | 014,005,755 | ---- | M] () -- C:\Documents and Settings\HP_Administrateur\Bureau\21street ft. Benny Benassi - Love is Gonna Save Us (2012 Club Remix)_www.centrummp3.eu.mp3
[2012/08/03 12:00:46 | 000,002,383 | ---- | M] () -- C:\Documents and Settings\HP_Administrateur\Bureau\Google Chrome.lnk
[2012/08/03 09:52:40 | 014,109,814 | ---- | M] () -- C:\Documents and Settings\HP_Administrateur\Bureau\Mark Norman - Phantom Manor (Marlo Remix) www.downsong.com.mp3
[2012/08/02 10:28:27 | 002,120,886 | -H-- | M] () -- C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\IconCache.db
[2012/08/02 10:21:03 | 015,859,174 | ---- | M] () -- C:\Documents and Settings\HP_Administrateur\Bureau\David Jones & Total Sound feat. Devonne - Incredible (Virgo) (Blinders Remix).mp3
[2012/08/02 10:16:04 | 013,089,034 | ---- | M] () -- C:\Documents and Settings\HP_Administrateur\Bureau\Hardwell & Showtek - How We Do (Original Mix).mp3
[2012/08/02 10:03:18 | 000,000,043 | ---- | M] () -- C:\locked-END.pctp
[2012/08/02 10:03:03 | 021,073,936 | ---- | M] () -- C:\Documents and Settings\HP_Administrateur\Mes documents\locked-vlc-1.1.11-win32.exe.lklr
[2012/08/02 09:58:46 | 000,305,152 | ---- | M] () -- C:\Documents and Settings\HP_Administrateur\Mes documents\locked-Thumbs.db.rgpu
[2012/08/02 09:58:45 | 000,087,040 | ---- | M] () -- C:\Documents and Settings\HP_Administrateur\Mes documents\locked-photothumb.db.lieg
[2012/08/02 09:56:45 | 002,701,141 | ---- | M] () -- C:\Documents and Settings\HP_Administrateur\Mes documents\locked-DSCN2644.jpg.tzis
[2012/08/02 09:56:45 | 002,637,909 | ---- | M] () -- C:\Documents and Settings\HP_Administrateur\Mes documents\locked-DSCN2642.jpg.fglu
[2012/08/02 09:56:45 | 002,597,027 | ---- | M] () -- C:\Documents and Settings\HP_Administrateur\Mes documents\locked-DSCN2643.jpg.qhzi
[2012/08/02 09:56:45 | 002,592,374 | ---- | M] () -- C:\Documents and Settings\HP_Administrateur\Mes documents\locked-DSCN2640.jpg.lrnf
[2012/08/02 09:56:45 | 002,582,830 | ---- | M] () -- C:\Documents and Settings\HP_Administrateur\Mes documents\locked-DSCN2641.jpg.rtnf
[2012/08/02 09:56:45 | 002,459,814 | ---- | M] () -- C:\Documents and Settings\HP_Administrateur\Mes documents\locked-DSCN2639.jpg.gqxn
[2012/08/02 09:56:44 | 002,782,276 | ---- | M] () -- C:\Documents and Settings\HP_Administrateur\Mes documents\locked-DSCN2631.jpg.fgeu
[2012/08/02 09:56:44 | 002,676,260 | ---- | M] () -- C:\Documents and Settings\HP_Administrateur\Mes documents\locked-DSCN2638.jpg.vagr
[2012/08/02 09:56:44 | 002,667,592 | ---- | M] () -- C:\Documents and Settings\HP_Administrateur\Mes documents\locked-DSCN2633.jpg.qwcm
[2012/08/02 09:56:44 | 002,655,497 | ---- | M] () -- C:\Documents and Settings\HP_Administrateur\Mes documents\locked-DSCN2611.jpg.uisq
[2012/08/02 09:56:44 | 002,601,552 | ---- | M] () -- C:\Documents and Settings\HP_Administrateur\Mes documents\locked-DSCN2610.jpg.lvsh
[2012/08/02 09:56:44 | 002,490,800 | ---- | M] () -- C:\Documents and Settings\HP_Administrateur\Mes documents\locked-DSCN2634.jpg.lrmy
[2012/08/02 09:56:43 | 002,659,603 | ---- | M] () -- C:\Documents and Settings\HP_Administrateur\Mes documents\locked-DSCN2609.jpg.uisn
[2012/08/02 09:56:43 | 002,623,754 | ---- | M] () -- C:\Documents and Settings\HP_Administrateur\Mes documents\locked-DSCN2608.jpg.ilhz
[2012/08/02 09:56:43 | 002,487,652 | ---- | M] () -- C:\Documents and Settings\HP_Administrateur\Mes documents\locked-DSCN2607.jpg.bvlr
[2012/08/02 09:56:42 | 002,759,535 | ---- | M] () -- C:\Documents and Settings\HP_Administrateur\Mes documents\locked-DSCN2598.jpg.lkym
[2012/08/02 09:56:42 | 002,695,117 | ---- | M] () -- C:\Documents and Settings\HP_Administrateur\Mes documents\locked-DSCN2605.jpg.ytqd
[2012/08/02 09:56:42 | 002,658,861 | ---- | M] () -- C:\Documents and Settings\HP_Administrateur\Mes documents\locked-DSCN2604.jpg.xzhl
[2012/08/02 09:56:42 | 002,583,306 | ---- | M] () -- C:\Documents and Settings\HP_Administrateur\Mes documents\locked-DSCN2595.jpg.trns
[2012/08/02 09:56:42 | 002,575,316 | ---- | M] () -- C:\Documents and Settings\HP_Administrateur\Mes documents\locked-DSCN2603.jpg.pmcw
[2012/08/02 09:56:42 | 002,419,449 | ---- | M] () -- C:\Documents and Settings\HP_Administrateur\Mes documents\locked-DSCN2606.jpg.oieg
[2012/08/02 09:56:41 | 002,771,602 | ---- | M] () -- C:\Documents and Settings\HP_Administrateur\Mes documents\locked-DSCN2565.jpg.zlgp
[2012/08/02 09:56:41 | 002,748,496 | ---- | M] () -- C:\Documents and Settings\HP_Administrateur\Mes documents\locked-DSCN2588.jpg.otjs
[2012/08/02 09:56:41 | 002,731,235 | ---- | M] () -- C:\Documents and Settings\HP_Administrateur\Mes documents\locked-DSCN2577.jpg.ifbr
[2012/08/02 09:56:41 | 002,717,758 | ---- | M] () -- C:\Documents and Settings\HP_Administrateur\Mes documents\locked-DSCN2575.jpg.trhs
[2012/08/02 09:56:41 | 002,621,474 | ---- | M] () -- C:\Documents and Settings\HP_Administrateur\Mes documents\locked-DSCN2589.jpg.rhau
[2012/08/02 09:56:41 | 002,592,897 | ---- | M] () -- C:\Documents and Settings\HP_Administrateur\Mes documents\locked-DSCN2590.jpg.oxjl
[2012/08/02 09:56:41 | 002,592,457 | ---- | M] () -- C:\Documents and Settings\HP_Administrateur\Mes documents\locked-DSCN2593.jpg.yxqf
[2012/08/02 09:56:41 | 002,396,967 | ---- | M] () -- C:\Documents and Settings\HP_Administrateur\Mes documents\locked-DSCN2591.jpg.rfmx
[2012/08/02 09:56:40 | 002,722,306 | ---- | M] () -- C:\Documents and Settings\HP_Administrateur\Mes documents\locked-DSCN2559.jpg.nsij
[2012/08/02 09:56:40 | 002,674,735 | ---- | M] () -- C:\Documents and Settings\HP_Administrateur\Mes documents\locked-DSCN2563.jpg.mdiv
[2012/08/02 09:56:40 | 002,663,417 | ---- | M] () -- C:\Documents and Settings\HP_Administrateur\Mes documents\locked-DSCN2561.jpg.uzhd
[2012/08/02 09:56:40 | 002,651,413 | ---- | M] () -- C:\Documents and Settings\HP_Administrateur\Mes documents\locked-DSCN2562.jpg.virh
[2012/08/02 09:56:40 | 002,518,504 | ---- | M] () -- C:\Documents and Settings\HP_Administrateur\Mes documents\locked-DSCN2564.jpg.tqdi
[2012/08/02 09:56:40 | 002,454,724 | ---- | M] () -- C:\Documents and Settings\HP_Administrateur\Mes documents\locked-DSCN2560.jpg.gavr
[2012/08/02 09:56:39 | 002,811,472 | ---- | M] () -- C:\Documents and Settings\HP_Administrateur\Mes documents\locked-DSCN2557.jpg.virf
[2012/08/02 09:56:39 | 002,728,978 | ---- | M] () -- C:\Documents and Settings\HP_Administrateur\Mes documents\locked-DSCN2539.jpg.keri
[2012/08/02 09:56:39 | 002,715,084 | ---- | M] () -- C:\Documents and Settings\HP_Administrateur\Mes documents\locked-DSCN2549.jpg.ykfa
[2012/08/02 09:56:39 | 002,618,266 | ---- | M] () -- C:\Documents and Settings\HP_Administrateur\Mes documents\locked-DSCN2548.jpg.virh
[2012/08/02 09:56:39 | 002,426,431 | ---- | M] () -- C:\Documents and Settings\HP_Administrateur\Mes documents\locked-DSCN2555.jpg.lrns
[2012/08/02 09:56:38 | 002,803,540 | ---- | M] () -- C:\Documents and Settings\HP_Administrateur\Mes documents\locked-DSCN2538.jpg.intf
[2012/08/02 09:56:38 | 002,760,960 | ---- | M] () -- C:\Documents and Settings\HP_Administrateur\Mes documents\locked-DSCN2535.jpg.xzhl
[2012/08/02 09:56:38 | 002,707,320 | ---- | M] () -- C:\Documents and Settings\HP_Administrateur\Mes documents\locked-DSCN2536.jpg.zjfn
[2012/08/02 09:56:38 | 002,670,157 | ---- | M] () -- C:\Documents and Settings\HP_Administrateur\Mes documents\locked-DSCN2
A voir également:

7 réponses

Réponse 1 / 7
Malekal_morte- Messages postés 184347 Date d'inscription   Statut Modérateur, Contributeur sécurité Dernière intervention   24 689
 
Salut,

Le rapport est tronqué.
Envoie sur http://pjjoint.malekal.com et donne le lien du rapport ici.
0
Réponse 2 / 7
om13123 Messages postés 4 Statut Membre
 
Jai envoyee exactement la meme chose sur ton site et le lien est celui-ci
https://pjjoint.malekal.com/files.php?id=20120808_f7m8c6i13f5
0
Réponse 3 / 7
Malekal_morte- Messages postés 184347 Date d'inscription   Statut Modérateur, Contributeur sécurité Dernière intervention   24 689
 
Affiche les extensions de fichiers : https://www.commentcamarche.net/informatique/windows/185-afficher-les-extensions-et-les-fichiers-caches-sous-windows/

Envoie C:\WINDOWS\System32\F90BF8EA2447281F29FE.exe sur http://upload.malekal.com à partir du bouton parcourir.
0
Réponse 4 / 7
Malekal_morte- Messages postés 184347 Date d'inscription   Statut Modérateur, Contributeur sécurité Dernière intervention   24 689
 
Relance OTL.
o sous Personnalisation (Custom Scan), copie_colle le contenu du cadre ci dessous (bien prendre :OTL en début).
Clic Correction (Fix), un rapport apparraitra, copie/colle le contenu ici:

:OTL
O4 - HKLM..\Run: [HKLM] C:\Program Files\install\server.exe ()
O4 - HKU\HP_Administrateur_ON_C..\Run: [csrss] C:\WINDOWS\csrss.exe ()
O4 - HKU\HP_Administrateur_ON_C..\Run: [HKCU] C:\Program Files\install\server.exe ()
ActiveX: {SV28YW4E-VII6-M67B-2UKE-U73615IV3E4O} - C:\WINDOWS\system32\Windows\Security.exe
ActiveX: {2815JLM0-6JHB-FX4K-4A6X-2SP4ILLXASLU} - C:\Program Files\install\server.exe
[2012/08/03 12:51:43 | 000,166,400 | -H-- | C] () -- C:\WINDOWS\csrss.exe
[2012/08/02 09:50:22 | 000,129,024 | -H-- | M] () -- C:\WINDOWS\System32\F90BF8EA2447281F29FE.exe
[2012/07/31 22:14:04 | 000,960,056 | ---- | M] () -- C:\WINDOWS\System32\winsh320
[2012/07/31 22:13:52 | 000,960,056 | ---- | M] () -- C:\WINDOWS\System32\winsh321
[2012/07/31 22:13:44 | 000,960,056 | ---- | M] () -- C:\WINDOWS\System32\winsh322
[2012/07/31 22:13:32 | 000,960,056 | ---- | M] () -- C:\WINDOWS\System32\winsh323
[2012/07/31 22:13:20 | 000,960,056 | ---- | M] () -- C:\WINDOWS\System32\winsh324
[2012/07/31 22:13:06 | 000,960,056 | ---- | M] () -- C:\WINDOWS\System32\winsh325
[2012/08/02 09:50:22 | 000,129,024 | -H-- | C] () -- C:\WINDOWS\System32\F90BF8EA2447281F29FE.exe

* redemarre le pc sous windows et poste le rapport ici


~~

Tu as plein de programmes parasites.

Télécharge http://general-changelog-team.fr/telechargements/logiciels/viewdownload/75-outils-de-xplode/28-adwcleaner AdwCleaner ( d'Xplode ) sur ton bureau.
Lance le, clique sur [Suppression] puis patiente le temps du scan.
Une fois le scan fini, un rapport s'ouvrira. Poste moi son contenu dans ta prochaine réponse.

Note : Le rapport est également sauvegardé sous C:\AdwCleaner[S1].txt



~~


Pour la récupération des documents utilise le programme de Dr.WEB ou Kaspersky (RannohDecryptor) : https://www.malekal.com/votre-ordinateur-est-bloque-en-raison-du-delit-de-la-loi-france/


Like the angel you are, you laugh creating a lightness in my chest,
Your eyes they penetrate me,
(Your answer's always 'maybe')
That's when I got up and left
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 7
om13123 Messages postés 4 Statut Membre
 
Alors je comprends ce que je dois faire mais le probleme cest que je suis sur mon pc grace a une cle usb car je nest pas dautre pc .
Donc je ne trouve pas poste de travail etc ... pour les extensions de fichiers...
Je suis sur reatogo OTLPEUSB . Desole je ny connais rien en ordinnateur . Merci
0
Réponse 6 / 7
Malekal_morte- Messages postés 184347 Date d'inscription   Statut Modérateur, Contributeur sécurité Dernière intervention   24 689
 
La manip OTL marche sur OTLPE.
0
Réponse 7 / 7
om13123 Messages postés 4 Statut Membre
 
Alors,J'ai effectuais les manipulations et mon ordi a l'air de ne plus ce bloqué , mais pour la récuperations de mes documents et impossible car on me demande toujours le fichier original que je n'est jamais ou qui est lui aussi crypté .
cdt
0
Malekal_morte- Messages postés 184347 Date d'inscription   Statut Modérateur, Contributeur sécurité Dernière intervention   24 689
 
il te faut juste un original et son équivalent crypté pour décrypter le reste.
0