hiberfil.sys infecté

Question

Bonjour, 

hiberfil.sys est infecté..j'ai fait les demarches que vous avez preconisé avec OTLPE, le scan est terminé et je vous transmet le rapport le voici:  

c'est le drive E qui m'interresse là ou il y a windows... 
le drive D 500 GO est un disque dur externe usb de stockage 




OTL logfile created on: 9/7/2012 7:42:58 PM - Run 
OTLPE by OldTimer - Version 3.1.48.0     Folder = X:\Programs\OTLPE
Microsoft Windows XP Service Pack 3 (Version = 5.1.2600) - Type = SYSTEM
Internet Explorer (Version = 8.0.6001.18702)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy
 
1,023.00 Mb Total Physical Memory | 811.00 Mb Available Physical Memory | 79.00% Memory free
907.00 Mb Paging File | 843.00 Mb Available in Paging File | 93.00% Paging File free
Paging file location(s): D:\pagefile.sys 1536 3072 [binary data]
 
%SystemDrive% = E: | %SystemRoot% = E:\WINDOWS | %ProgramFiles% = E:\Program Files
Drive C: | 7.84 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: NTFS
Drive D: | 465.76 Gb Total Space | 270.95 Gb Free Space | 58.17% Space Free | Partition Type: NTFS
Drive E: | 279.45 Gb Total Space | 135.23 Gb Free Space | 48.39% Space Free | Partition Type: NTFS
Drive X: | 436.59 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
 
Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet001
 
[color=#E56717]========== Win32 Services (SafeList) ==========[/color]
 
SRV - File not found [Disabled] --  -- (HidServ)
SRV - File not found [Disabled] --  -- (avast! Firewall)
SRV - File not found [On_Demand] --  -- (AppMgmt)
SRV - [2012/08/24 13:39:03 | 000,250,568 | ---- | M] (Adobe Systems Incorporated) [On_Demand] -- E:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/08/21 05:12:25 | 000,044,808 | ---- | M] (AVAST Software) [Auto] -- E:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2012/08/04 13:16:20 | 000,311,448 | ---- | M] (CybelSoft) [On_Demand] -- E:\Program Files\ma-config.com\maconfservice.exe -- (maconfservice)
SRV - [2012/07/12 12:32:22 | 001,239,952 | ---- | M] (Lavasoft Limited) [Auto] -- E:\Program Files\Ad-Aware Antivirus\AdAwareService.exe -- (Ad-Aware Service)
SRV - [2012/02/08 13:35:22 | 000,276,704 | ---- | M] () [Auto] -- E:\Program Files\Accelerer PC\PCSUService.exe -- (PCSUService)
SRV - [2011/12/19 07:20:06 | 003,289,032 | ---- | M] (GFI Software) [Auto] -- E:\Program Files\Ad-Aware Antivirus\SBAMSvc.exe -- (SBAMSvc)
SRV - [2011/02/07 03:56:11 | 000,138,192 | ---- | M] () [Auto] -- E:\Program Files\Canon\IJPLM\ijplmsvc.exe -- (IJPLMSVC)
SRV - [2010/10/15 19:40:40 | 000,037,664 | ---- | M] (Apple Inc.) [Auto] -- E:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2010/07/04 13:07:40 | 000,238,952 | ---- | M] (Teruten) [Auto] -- E:\WINDOWS\system32\FsUsbExService.Exe -- (FsUsbExService)
SRV - [2008/04/07 03:17:30 | 000,430,592 | ---- | M] (Nokia.) [On_Demand] -- E:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
 
 
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
 
DRV - File not found [Kernel | On_Demand] --  -- (WDICA)
DRV - File not found [Kernel | On_Demand] --  -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand] --  -- (PDRELI)
DRV - File not found [Kernel | On_Demand] --  -- (PDFRAME)
DRV - File not found [Kernel | On_Demand] --  -- (PDCOMP)
DRV - File not found [Kernel | System] --  -- (PCIDump)
DRV - File not found [Kernel | System] --  -- (lbrtfdc)
DRV - File not found [Kernel | System] --  -- (InCDRm)
DRV - File not found [Kernel | System] --  -- (InCDPass)
DRV - File not found [Kernel | System] --  -- (i2omgmt)
DRV - File not found [Kernel | System] --  -- (Changer)
DRV - [2012/08/21 05:13:15 | 000,729,752 | ---- | M] (AVAST Software) [File_System | System] -- E:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2012/08/21 05:13:15 | 000,355,632 | ---- | M] (AVAST Software) [Kernel | System] -- E:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2012/08/21 05:13:15 | 000,054,232 | ---- | M] (AVAST Software) [Kernel | System] -- E:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2012/08/21 05:13:14 | 000,097,608 | ---- | M] (AVAST Software) [File_System | Auto] -- E:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2012/08/21 05:13:14 | 000,035,928 | ---- | M] (AVAST Software) [Kernel | System] -- E:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2012/08/21 05:13:13 | 000,025,256 | ---- | M] (AVAST Software) [Kernel | System] -- E:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2012/08/21 05:13:13 | 000,021,256 | ---- | M] (AVAST Software) [File_System | Auto] -- E:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2012/03/28 16:11:02 | 000,020,032 | ---- | M] (Devguru Co., Ltd) [Kernel | On_Demand] -- E:\WINDOWS\system32\drivers\dgderdrv.sys -- (dgderdrv)
DRV - [2011/11/29 00:59:52 | 000,077,816 | ---- | M] (GFI Software) [File_System | Auto] -- E:\WINDOWS\system32\drivers\sbapifs.sys -- (sbapifs)
DRV - [2011/11/29 00:59:48 | 000,021,240 | ---- | M] (GFI Software) [Kernel | System] -- E:\WINDOWS\system32\drivers\sbaphd.sys -- (sbaphd)
DRV - [2011/10/26 08:23:40 | 000,101,112 | ---- | M] (GFI Software) [Kernel | System] -- E:\WINDOWS\system32\drivers\SBREDrv.sys -- (SBRE)
DRV - [2011/09/13 14:54:35 | 000,011,232 | ---- | M] () [Kernel | On_Demand] -- E:\WINDOWS\system32\drivers\SWDUMon.sys -- (SWDUMon)
DRV - [2011/07/21 14:55:50 | 000,016,640 | ---- | M] (CybelSoft) [Kernel | On_Demand] -- E:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys -- (driverhardwarev2)
DRV - [2011/03/30 06:16:20 | 001,486,336 | ---- | M] (C-Media Inc) [Kernel | On_Demand] -- E:\WINDOWS\system32\drivers\cmudax3.sys -- (cmuda3)
DRV - [2010/02/25 11:51:02 | 000,025,216 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand] -- E:\WINDOWS\system32\drivers	ap0901.sys -- (tap0901)
DRV - [2009/04/07 03:39:44 | 000,036,608 | ---- | M] () [Kernel | On_Demand] -- E:\WINDOWS\system32\FsUsbExDisk.Sys -- (FsUsbExDisk)
DRV - [2008/09/24 05:40:22 | 004,122,368 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand] -- E:\WINDOWS\system32\drivers\alcxwdm.sys -- (ALCXWDM) Service for Realtek AC97 Audio (WDM)
DRV - [2008/04/13 14:45:29 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- E:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum)
DRV - [2007/09/17 09:53:26 | 000,021,632 | ---- | M] (Nokia) [Kernel | On_Demand] -- E:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2007/08/28 22:04:04 | 000,116,264 | ---- | M] (Silicon Image, Inc) [Kernel | Boot] -- E:\WINDOWS\system32\drivers\SI3112r.sys -- (si3112r)
DRV - [2007/08/28 22:04:04 | 000,019,240 | ---- | M] (Silicon Image, Inc) [Kernel | Boot] -- E:\WINDOWS\system32\drivers\SiWinAcc.sys -- (SiWinAcc)
DRV - [2007/08/28 22:04:04 | 000,019,240 | ---- | M] (Silicon Image, Inc) [Kernel | Boot] -- E:\WINDOWS\system32\drivers\SiWinAcc.sys -- (SiFilter)
DRV - [2006/11/02 01:00:08 | 000,039,368 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- E:\WINDOWS\system32\drivers\winusb.sys -- (WinUSB)
DRV - [2006/02/21 14:46:26 | 001,505,792 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand] -- E:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2005/07/15 09:02:41 | 000,056,960 | ---- | M] (OrangeWare Corporation) [Kernel | On_Demand] -- E:\WINDOWS\system32\drivers\ousb2hub.sys -- (ousb2hub)
DRV - [2005/07/15 09:02:30 | 000,045,696 | ---- | M] (OrangeWare Corporation) [Kernel | Auto] -- E:\WINDOWS\system32\drivers\ousbehci.sys -- (ousbehci)
DRV - [2005/06/02 13:28:38 | 000,171,008 | ---- | M] (Pinnacle Systems GmbH) [Kernel | On_Demand] -- E:\WINDOWS\system32\drivers\MarvinBus.sys -- (MarvinBus)
DRV - [2005/02/09 06:59:00 | 000,014,165 | ---- | M] (Pinnacle Systems GmbH) [Kernel | System] -- E:\WINDOWS\system32\drivers\Pclepci.sys -- (PCLEPCI)
DRV - [2004/06/03 05:40:46 | 000,079,360 | ---- | M] (NVIDIA Corporation) [Kernel | Boot] -- E:\WINDOWS\system32\drivers
vatabus.sys -- (nvatabus)
DRV - [2004/05/25 10:58:04 | 000,396,032 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand] -- E:\WINDOWS\system32\drivers
vapu.sys -- (nvnforce) Service for NVIDIA(R) nForce(TM)
DRV - [2004/05/25 10:58:02 | 000,048,640 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand] -- E:\WINDOWS\system32\drivers
vax.sys -- (nvax) Service for NVIDIA(R) nForce(TM)
DRV - [2004/04/02 10:40:00 | 000,021,760 | ---- | M] (NVIDIA Corporation) [Kernel | Boot] -- E:\WINDOWS\system32\drivers
v_agp.SYS -- (nv_agp)
DRV - [2004/03/10 09:27:18 | 000,011,264 | ---- | M] (Pinnacle Systems GmbH) [Kernel | On_Demand] -- E:\WINDOWS\system32\drivers\asapiW2k.sys -- (ASAPIW2k)
DRV - [2004/01/28 20:45:50 | 000,093,764 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand] -- E:\WINDOWS\system32\drivers\NVENET.sys -- (NVENET)
DRV - [2003/07/30 18:15:54 | 000,077,465 | ---- | M] (3Com Corporation) [Kernel | On_Demand] -- E:\WINDOWS\system32\drivers\el90Xbc5.SYS -- (EL90Xbc)
DRV - [2001/08/17 18:00:04 | 000,002,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- E:\WINDOWS\system32\drivers\msmpu401.sys -- (ms_mpu401)
 
 
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== Internet Explorer ==========[/color]
 
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = www.easysear.ch/
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\colace_ON_E\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\colace_ON_E\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\colace_ON_E\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = local
IE - HKU\colace_ON_E\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = 127.0.0.1:8080
 
IE - HKU\LocalService_ON_E\Software\Microsoft\Internet Explorer\Main,Start Page = www.easysear.ch/
 
IE - HKU\NetworkService_ON_E\Software\Microsoft\Internet Explorer\Main,Start Page = www.easysear.ch/
 
 
[color=#E56717]========== FireFox ==========[/color]
 
FF - prefs.js..browser.search.defaultenginename: "Search the web (Babylon)"
FF - prefs.js..browser.search.defaultthis.engineName: "MyAshampoo Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2475029&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.order.1: "Search the web (Babylon)"
FF - prefs.js..browser.search.selectedEngine: "Search the web (Babylon)"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://search.babylon.com/?affID=113357&tt=060612_8_&babsrc=HP_ss&mntrId=88612f6600000000000000044b808003"
FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:14.0.2
FF - prefs.js..keyword.URL: "http://search.babylon.com/?affID=113357&tt=060612_8_&babsrc=KW_ss&mntrId=88612f6600000000000000044b808003&q="
FF - prefs.js..network.proxy.http: "114.30.47.10"
FF - prefs.js..network.proxy.http_port: 80
FF - prefs.js..network.proxy.type: 4
 
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: E:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_4_402_265.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: E:\Program Files\iTunes\Mozilla Plugins
pitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: E:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: E:\Program Files\Google\Picasa3
pPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_33: E:\WINDOWS\system32
pdeployJava1.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: E:\Program Files\Java\jre6\bin\plugin2
pjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@ma-config.com/HardwareDetection: E:\Program Files\ma-config.com
phardwaredetection.dll (Cybelsoft)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: E:\Program Files\Microsoft Silverlight\5.1.10411.0
pctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: E:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=15.0.2.72: E:\Program Files\Real\RealPlayer\Netscape6
ppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.2.72: E:\Program Files\Real\RealPlayer\Netscape6
prjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.2.72: E:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins
prpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.2.72: E:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins
prphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=15.0.2.72: E:\Program Files\Real\RealPlayer\Netscape6
prpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=:  
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: E:\Program Files\Google\Update\1.3.21.115
pGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: E:\Program Files\Google\Update\1.3.21.115
pGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.3: E:\Program Files\VideoLAN\VLC
pvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: E:\Program Files\Adobe\Reader 10.0\Reader\AIR
ppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: D:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012/03/27 12:46:21 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\wrc@avast.com: D:\Program Files\AVAST Software\Avast\WebRep\FF [2012/09/06 17:42:21 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\Components: D:\Program Files\Mozilla Firefox\components [2012/09/06 06:41:03 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\Plugins: D:\Program Files\Mozilla Firefox\plugins [2012/08/20 09:58:08 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\SeaMonkey\Extensions\mozilla_cc@internetdownloadmanager.com: D:\Documents and Settings\colace\Application Data\IDM\idmmzcc5
 
[2011/11/18 16:11:07 | 000,000,000 | ---D | M] (No name found) -- E:\Documents and Settings\colace\Application Data\Mozilla\Extensions
[2012/09/06 06:40:49 | 000,000,000 | ---D | M] (No name found) -- E:\Documents and Settings\colace\Application Data\Mozilla\Firefox\Profiles\u6w0k5mb.default\extensions
[2010/12/05 16:27:36 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- E:\Documents and Settings\colace\Application Data\Mozilla\Firefox\Profiles\u6w0k5mb.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2012/09/06 06:40:53 | 000,000,000 | ---D | M] (Ad-Aware Security Toolbar) -- E:\Documents and Settings\colace\Application Data\Mozilla\Firefox\Profiles\u6w0k5mb.default\extensions\{87934c42-161d-45bc-8cef-ef18abe2a30c}
[2012/06/04 14:42:46 | 000,000,000 | ---D | M] (DownloadHelper) -- E:\Documents and Settings\colace\Application Data\Mozilla\Firefox\Profiles\u6w0k5mb.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2012/07/15 09:16:38 | 000,000,000 | ---D | M] (IMinent Toolbar) -- E:\Documents and Settings\colace\Application Data\Mozilla\Firefox\Profiles\u6w0k5mb.default\extensions\{C9B68337-E93A-44EA-94DC-CB300EC06444}
[2012/09/01 09:45:51 | 000,000,000 | ---D | M] ("Giant Savings") -- E:\Documents and Settings\colace\Application Data\Mozilla\Firefox\Profiles\u6w0k5mb.default\extensions\crossriderapp4479@crossrider.com
[2011/09/13 15:22:32 | 000,000,000 | ---D | M] (Conduit Engine) -- E:\Documents and Settings\colace\Application Data\Mozilla\Firefox\Profiles\u6w0k5mb.default\extensions\engine@conduit.com
[2011/10/11 13:09:59 | 000,000,000 | ---D | M] (Dictionnaire franÃ§ais Â«ModerneÂ») -- E:\Documents and Settings\colace\Application Data\Mozilla\Firefox\Profiles\u6w0k5mb.default\extensions\fr-moderne@dictionaries.addons.mozilla.org
[2012/06/28 06:44:59 | 000,000,000 | ---D | M] (Lavasoft Search Plugin) -- E:\Documents and Settings\colace\Application Data\Mozilla\Firefox\Profiles\u6w0k5mb.default\extensions\jid1-yZwVFzbsyfMrqQ@jetpack
[2011/08/29 11:48:18 | 000,000,923 | ---- | M] () -- E:\Documents and Settings\colace\Application Data\Mozilla\Firefox\Profiles\u6w0k5mb.default\searchplugins\conduit.xml
[2011/11/11 16:03:18 | 000,002,520 | ---- | M] () -- E:\Documents and Settings\colace\Application Data\Mozilla\Firefox\Profiles\u6w0k5mb.default\searchplugins\SearchResults.xml
[2011/06/06 19:50:36 | 000,000,855 | ---- | M] () -- E:\Documents and Settings\colace\Application Data\Mozilla\Firefox\Profiles\u6w0k5mb.default\searchplugins\yahoo-.xml
[2012/09/01 09:45:38 | 000,000,000 | ---D | M] (No name found) -- E:\Program Files\Mozilla Firefox\extensions
[2012/07/04 04:03:29 | 000,000,000 | ---D | M] (Java Console) -- E:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
File not found (No name found) -- 
[2012/03/13 00:38:06 | 000,097,208 | ---- | M] (Mozilla Foundation) -- E:\Program Files\mozilla firefox\components\browsercomps.dll
[2011/03/21 02:22:04 | 001,680,272 | ---- | M] (Caminova, Inc.) -- E:\Program Files\mozilla firefox\plugins
pdjvu.dll
[2012/03/13 01:43:04 | 000,001,516 | ---- | M] () -- E:\Program Files\mozilla firefox\searchplugins\amazon-france.xml
[2012/07/14 09:26:22 | 000,002,352 | ---- | M] () -- E:\Program Files\mozilla firefox\searchplugins\babylon.xml
[2012/03/13 01:33:26 | 000,002,252 | ---- | M] () -- E:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012/03/13 01:43:04 | 000,001,822 | ---- | M] () -- E:\Program Files\mozilla firefox\searchplugins\cnrtl-tlfi-fr.xml
[2012/03/13 01:43:04 | 000,001,154 | ---- | M] () -- E:\Program Files\mozilla firefox\searchplugins\eBay-france.xml
[2011/11/11 16:03:18 | 000,002,520 | ---- | M] () -- E:\Program Files\mozilla firefox\searchplugins\SearchResults.xml
[2012/03/13 01:43:04 | 000,001,426 | ---- | M] () -- E:\Program Files\mozilla firefox\searchplugins\wikipedia-fr.xml
[2012/03/13 01:43:04 | 000,000,956 | ---- | M] () -- E:\Program Files\mozilla firefox\searchplugins\yahoo-france.xml
 
O1 HOSTS File: ([2004/08/05 08:00:00 | 000,000,790 | ---- | M]) - E:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - E:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - E:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IEpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Canon Easy-WebPrint EX BHO) - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - E:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - E:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (TBSB01620 Class) - {58124A0B-DC32-4180-9BFF-E0E21AE34026} - E:\Program Files\IMinent Toolbar	bcore3.dll ()
O2 - BHO: (Ad-Aware Security Toolbar) - {6c97a91e-4524-4019-86af-2aa2d567bf5c} - E:\Program Files\adawaretb\adawareDx.dll ()
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - E:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - E:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (Ad-Aware Security Toolbar) - {6c97a91e-4524-4019-86af-2aa2d567bf5c} - E:\Program Files\adawaretb\adawareDx.dll ()
O3 - HKLM\..\Toolbar: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - E:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - E:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (IMinent Toolbar) - {977AE9CC-AF83-45E8-9E03-E2798216E2D5} - E:\Program Files\IMinent Toolbar	bcore3.dll ()
O3 - HKLM\..\Toolbar: (no name) - {99079a25-328f-4bd4-be04-00955acaa0a7} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKU\colace_ON_E\..\Toolbar\WebBrowser: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - E:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O3 - HKU\colace_ON_E\..\Toolbar\WebBrowser: (IMinent Toolbar) - {977AE9CC-AF83-45E8-9E03-E2798216E2D5} - E:\Program Files\IMinent Toolbar	bcore3.dll ()
O4 - HKLM..\Run: [Ad-Aware Antivirus] E:\Program Files\Ad-Aware Antivirus\AdAwareLauncher.exe (Lavasoft Limited)
O4 - HKLM..\Run: [Ad-Aware Browsing Protection] E:\Documents and Settings\All Users\Application Data\Ad-Aware Browsing Protection\adawarebp.exe (Lavasoft)
O4 - HKLM..\Run: [Adobe ARM] E:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avast] E:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [CmPCIaudio]  File not found
O4 - HKLM..\Run: [KernelFaultCheck]  File not found
O4 - HKLM..\Run: [SoundMan] E:\WINDOWS\soundman.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [SunJavaUpdateSched] E:\Program Files\Fichiers communs\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [TkBellExe] E:\Program Files\Real\RealPlayer\updateealsched.exe (RealNetworks, Inc.)
O4 - HKU\colace_ON_E..\Run: [AutoStartNPSAgent] E:\Program Files\SAMSUNG\Samsung New PC Studio\NPSAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKU\colace_ON_E..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] E:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe (Nero AG)
O4 - HKU\colace_ON_E..\Run: [MsgCenterExe] E:\Program Files\Real\RealPlayer\update\RealOneMessageCenter.exe (RealNetworks, Inc.)
O4 - HKU\colace_ON_E..\Run: [PCSpeedUp] E:\Program Files\Accelerer PC\PCSUNotifier.exe ()
O4 - HKU\.DEFAULT..\RunOnce: [adaware]  File not found
O4 - HKU\.DEFAULT..\RunOnce: [adaware_XP]  File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\colace_ON_E\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\LocalService_ON_E\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\NetworkService_ON_E\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Add to Google Photos Screensa&ver - E:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - E:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} -  File not found
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} http://www.ma-config.com/plugins/MaConfig_6_0_1_1.cab ("Ma-Config.com control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab (Java Plug-in 1.6.0_33)
O16 - DPF: {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab (Java Plug-in 1.6.0_33)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab (Java Plug-in 1.6.0_33)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - E:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - E:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - E:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - E:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - E:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - E:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - E:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - E:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - E:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop Components:0 (Ma page d'accueil) - About:Home
O24 - Desktop WallPaper: B:\Documents and Settings\Default User\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: B:\Documents and Settings\Default User\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - E:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011/06/05 15:10:17 | 000,000,095 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - File not found -  -- [ NTFS ]
O32 - AutoRun File - File not found -  -- [ NTFS ]
O32 - AutoRun File - [2006/03/24 07:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
O33 - MountPoints2\{44786ca8-8648-11e0-bb4a-00265415b834}\Shell - "" = AutoRun
O33 - MountPoints2\{44786ca8-8648-11e0-bb4a-00265415b834}\Shell\AutoRun\command - "" = G:\LaunchU3.exe
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
 
[2012/09/06 06:42:36 | 000,000,000 | ---D | C] -- E:\Documents and Settings\colace\Local Settings\Application Data\adaware
[2012/09/06 06:42:23 | 000,077,816 | ---- | C] (GFI Software) -- E:\WINDOWS\System32\drivers\sbapifs.sys
[2012/09/06 06:42:23 | 000,000,000 | ---D | C] -- E:\Documents and Settings\All Users\Menu Démarrer\Programmes\Ad-Aware Antivirus
[2012/09/06 06:42:22 | 000,021,240 | ---- | C] (GFI Software) -- E:\WINDOWS\System32\drivers\sbaphd.sys
[2012/09/06 06:42:12 | 000,000,000 | ---D | C] -- E:\WINDOWS\System32\drivers\VDD
[2012/09/06 06:41:03 | 000,000,000 | ---D | C] -- E:\Documents and Settings\colace\Local Settings\Application Data\adawarebp
[2012/09/06 06:41:01 | 000,000,000 | ---D | C] -- E:\Documents and Settings\All Users\Application Data\Ad-Aware Browsing Protection
[2012/09/06 06:40:55 | 000,000,000 | ---D | C] -- E:\Program Files\Toolbar Cleaner
[2012/09/06 06:40:48 | 000,000,000 | ---D | C] -- E:\Documents and Settings\colace\Application Data\adawaretb
[2012/09/06 06:40:46 | 000,000,000 | ---D | C] -- E:\Program Files\adawaretb
[2012/09/06 04:23:38 | 000,000,000 | ---D | C] -- E:\Documents and Settings\colace\Mes documents\listing Sainclair
[2012/09/01 09:34:57 | 000,000,000 | RH-D | C] -- E:\Documents and Settings\colace\Recent
[2012/09/01 09:34:16 | 000,000,000 | ---D | C] -- E:\Documents and Settings\All Users\Menu Démarrer\Programmes\ma-config.com
[2012/09/01 08:02:34 | 017,953,232 | ---- | C] (Mozilla) -- E:\Program Files\Firefox Setup 15.0.exe
[2012/08/28 12:53:28 | 000,000,000 | ---D | C] -- E:\Documents and Settings\All Users\Menu Démarrer\Programmes\VideoLAN
[2012/08/11 11:29:34 | 000,000,000 | ---D | C] -- E:\Documents and Settings\colace\Application Data\vghd
[2011/11/21 14:50:39 | 000,477,182 | ---- | C] (Mozilla) -- E:\Program Files\Firefox Setup 8.0.exe
[2011/06/27 15:24:51 | 019,402,320 | ---- | C] (SAMSUNG Electronics Co., Ltd.) -- E:\Program Files\SAMSUNG_USB.exe
[2010/12/02 16:11:45 | 008,627,256 | ---- | C] (Mozilla) -- E:\Program Files\Firefox Setup 3.6.12.exe
[5 E:\WINDOWS\*.tmp files -> E:\WINDOWS\*.tmp -> ]
[10 E:\WINDOWS\System32\*.tmp files -> E:\WINDOWS\System32\*.tmp -> ]
[1 E:\Documents and Settings\colace\Local Settings\Application Data\*.tmp files -> E:\Documents and Settings\colace\Local Settings\Application Data\*.tmp -> ]
 
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
 
[2012/09/07 12:24:02 | 000,001,615 | ---- | M] () -- E:\Documents and Settings\All Users\Bureau\Ad-Aware Antivirus.lnk
[2012/09/07 12:23:57 | 000,000,280 | ---- | M] () -- E:\WINDOWS	asks\RealUpgradeLogonTaskS-1-5-21-1935655697-2111687655-725345543-1004.job
[2012/09/07 12:23:55 | 000,001,052 | ---- | M] () -- E:\WINDOWS	asks\GoogleUpdateTaskMachineCore.job
[2012/09/07 12:23:50 | 000,000,316 | -H-- | M] () -- E:\WINDOWS	asks\avast! Emergency Update.job
[2012/09/07 12:23:43 | 000,002,048 | --S- | M] () -- E:\WINDOWS\bootstat.dat
[2012/09/07 12:23:41 | 1073,270,784 | -HS- | M] () -- E:\hiberfil.sys
[2012/09/07 12:17:01 | 000,001,002 | ---- | M] () -- E:\WINDOWS	asks\Adobe Flash Player Updater.job
[2012/09/07 11:28:00 | 000,001,056 | ---- | M] () -- E:\WINDOWS	asks\GoogleUpdateTaskMachineUA.job
[2012/09/06 17:42:24 | 000,003,120 | ---- | M] () -- E:\WINDOWS\System32\CONFIG.NT
[2012/09/06 16:14:19 | 000,000,116 | ---- | M] () -- E:\WINDOWS\NeroDigital.ini
[2012/09/06 16:13:36 | 000,142,336 | ---- | M] () -- E:\Documents and Settings\colace\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/09/06 13:55:50 | 000,013,646 | ---- | M] () -- E:\WINDOWS\System32\wpa.dbl
[2012/09/06 06:52:48 | 000,001,086 | ---- | M] () -- E:\WINDOWS	asks\Ad-Aware Antivirus Scheduled Scan.job
[2012/09/06 06:42:23 | 000,000,000 | ---D | M] -- E:\Documents and Settings\All Users\Menu Démarrer\Programmes\Ad-Aware Antivirus
[2012/09/06 05:43:45 | 000,040,359 | ---- | M] () -- E:\Documents and Settings\colace\Mes documents\SONOGRAPH 14 SEPT 2012.jpg
[2012/09/05 03:37:07 | 000,001,813 | ---- | M] () -- E:\Documents and Settings\All Users\Bureau\Google Chrome.lnk
[2012/09/04 14:03:21 | 000,667,305 | ---- | M] () -- E:\Documents and Settings\colace\Mes documents\FLYER LIBNA.odg
[2012/09/04 13:57:21 | 000,705,164 | ---- | M] () -- E:\Documents and Settings\colace\Mes documents\FLYER LIBNA salsa de mon pays.jpg
[2012/09/04 05:01:45 | 000,000,288 | ---- | M] () -- E:\WINDOWS	asks\RealUpgradeScheduledTaskS-1-5-21-1935655697-2111687655-725345543-1004.job
[2012/09/04 03:18:22 | 000,012,671 | ---- | M] () -- E:\Documents and Settings\colace\Mes documents	ina casciani.odt
[2012/09/01 09:45:40 | 000,000,742 | ---- | M] () -- E:\Documents and Settings\colace\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2012/09/01 09:45:40 | 000,000,730 | ---- | M] () -- E:\Documents and Settings\All Users\Menu Démarrer\Programmes\Mozilla Firefox.lnk
[2012/09/01 09:45:40 | 000,000,724 | ---- | M] () -- E:\Documents and Settings\All Users\Bureau\Mozilla Firefox.lnk
[2012/09/01 09:34:16 | 000,000,738 | ---- | M] () -- E:\Documents and Settings\All Users\Bureau\Démarrer la détection.lnk
[2012/09/01 09:34:16 | 000,000,000 | ---D | M] -- E:\Documents and Settings\All Users\Menu Démarrer\Programmes\ma-config.com
[2012/09/01 08:02:48 | 017,953,232 | ---- | M] (Mozilla) -- E:\Program Files\Firefox Setup 15.0.exe
[2012/09/01 07:59:50 | 000,033,293 | ---- | M] () -- E:\WINDOWS\wininit.ini
[2012/08/28 14:15:06 | 000,024,122 | ---- | M] () -- E:\Documents and Settings\colace\Mes documents\Questionnaire sur la 1° choré.odt
[2012/08/28 13:54:34 | 000,024,116 | ---- | M] () -- E:\Documents and Settings\colace\Mes documents\Questionnaire sur la 2° choré.odt
[2012/08/28 12:53:35 | 000,000,719 | ---- | M] () -- E:\Documents and Settings\All Users\Bureau\VLC media player.lnk
[2012/08/28 12:53:35 | 000,000,000 | ---D | M] -- E:\Documents and Settings\All Users\Menu Démarrer\Programmes\VideoLAN
[2012/08/27 14:52:49 | 000,004,096 | ---- | M] () -- E:\WINDOWS\System32\crash
[2012/08/25 16:42:00 | 000,000,486 | ---- | M] () -- E:\WINDOWS	asks\Ad-Aware Update (Weekly).job
[2012/08/24 13:39:03 | 000,696,520 | ---- | M] (Adobe Systems Incorporated) -- E:\WINDOWS\System32\FlashPlayerApp.exe
[2012/08/24 13:39:03 | 000,073,416 | ---- | M] (Adobe Systems Incorporated) -- E:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2012/08/24 13:35:30 | 000,197,658 | ---- | M] () -- E:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat
[2012/08/24 09:15:51 | 000,808,580 | ---- | M] () -- E:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-21-1935655697-2111687655-725345543-1004-0.dat
[2012/08/21 13:54:17 | 000,340,665 | ---- | M] () -- E:\Documents and Settings\colace\Mes documents\écoute la musique 1.odg
[2012/08/21 13:53:48 | 000,104,897 | ---- | M] () -- E:\Documents and Settings\colace\Mes documents\écoute la musique 2.odg
[2012/08/21 13:53:02 | 000,371,420 | ---- | M] () -- E:\Documents and Settings\colace\Mes documents\écoute la musique 3.odg
[2012/08/21 13:52:31 | 000,483,820 | ---- | M] () -- E:\Documents and Settings\colace\Mes documents\ecoutez la musique 4.odg
[2012/08/21 05:13:15 | 000,729,752 | ---- | M] (AVAST Software) -- E:\WINDOWS\System32\drivers\aswSnx.sys
[2012/08/21 05:13:15 | 000,355,632 | ---- | M] (AVAST Software) -- E:\WINDOWS\System32\drivers\aswSP.sys
[2012/08/21 05:13:15 | 000,054,232 | ---- | M] (AVAST Software) -- E:\WINDOWS\System32\drivers\aswTdi.sys
[2012/08/21 05:13:14 | 000,097,608 | ---- | M] (AVAST Software) -- E:\WINDOWS\System32\drivers\aswmon2.sys
[2012/08/21 05:13:14 | 000,089,624 | ---- | M] (AVAST Software) -- E:\WINDOWS\System32\drivers\aswmon.sys
[2012/08/21 05:13:14 | 000,035,928 | ---- | M] (AVAST Software) -- E:\WINDOWS\System32\drivers\aswRdr.sys
[2012/08/21 05:13:13 | 000,025,256 | ---- | M] (AVAST Software) -- E:\WINDOWS\System32\drivers\aavmker4.sys
[2012/08/21 05:13:13 | 000,021,256 | ---- | M] (AVAST Software) -- E:\WINDOWS\System32\drivers\aswFsBlk.sys
[2012/08/21 05:12:33 | 000,041,224 | ---- | M] (AVAST Software) -- E:\WINDOWS\avastSS.scr
[2012/08/21 05:12:23 | 000,227,648 | ---- | M] (AVAST Software) -- E:\WINDOWS\System32\aswBoot.exe
[2012/08/20 09:58:10 | 000,002,347 | ---- | M] () -- E:\Documents and Settings\All Users\Menu Démarrer\Programmes\Adobe Reader X.lnk
[2012/08/20 09:49:39 | 000,199,857 | ---- | M] () -- E:\Documents and Settings\colace\Mes documents\FLYER LIBNA pdf 01.pdf
[2012/08/20 09:48:23 | 000,270,262 | ---- | M] () -- E:\Documents and Settings\colace\Mes documents\FLYER LIBNA pdf.pdf
[2012/08/20 09:47:43 | 000,270,262 | ---- | M] () -- E:\Documents and Settings\colace\Mes documents\FLYER LIBNA.pdf
[2012/08/20 09:24:18 | 000,680,165 | ---- | M] () -- E:\Documents and Settings\colace\Mes documents\FLYER LIBNA  004.jpg
[2012/08/19 18:08:07 | 000,667,085 | ---- | M] () -- E:\Documents and Settings\colace\Mes documents\FLYER LIBNA 003.jpg
[2012/08/19 18:06:50 | 000,667,344 | ---- | M] () -- E:\Documents and Settings\colace\Mes documents\FLYER LIBNA   002.jpg
[2012/08/18 14:29:41 | 000,021,497 | ---- | M] () -- E:\Documents and Settings\colace\Mes documents\SON PAR ERIC TURRO.odt
[2012/08/17 13:01:41 | 000,216,461 | ---- | M] () -- E:\Documents and Settings\colace\Mes documents\DANSER LE SON A TIEMPO Y A CONTRATIEMPO.jpg.odg
[2012/08/17 12:32:05 | 000,419,305 | ---- | M] () -- E:\Documents and Settings\colace\Mes documents\DANSER LE SON A TIEMPO Y A CONTRATIEMPO.jpg
[2012/08/16 12:46:48 | 000,169,896 | ---- | M] () -- E:\WINDOWS\System32\FNTCACHE.DAT
[2012/08/12 09:41:36 | 000,624,608 | ---- | M] () -- E:\Documents and Settings\colace\Mes documents\FLYER LIBNA.jpg
[2012/08/11 11:31:08 | 000,000,003 | ---- | M] () -- E:\WINDOWS	reeskp.sys
[2012/08/11 11:31:08 | 000,000,003 | ---- | M] () -- E:\WINDOWS\sbacknt.bin
[5 E:\WINDOWS\*.tmp files -> E:\WINDOWS\*.tmp -> ]
[10 E:\WINDOWS\System32\*.tmp files -> E:\WINDOWS\System32\*.tmp -> ]
[1 E:\Documents and Settings\colace\Local Settings\Application Data\*.tmp files -> E:\Documents and Settings\colace\Local Settings\Application Data\*.tmp -> ]
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
[2012/09/06 06:42:24 | 000,001,615 | ---- | C] () -- E:\Documents and Settings\All Users\Bureau\Ad-Aware Antivirus.lnk
[2012/09/06 05:43:09 | 000,040,359 | ---- | C] () -- E:\Documents and Settings\colace\Mes documents\SONOGRAPH 14 SEPT 2012.jpg
[2012/09/04 13:57:18 | 000,705,164 | ---- | C] () -- E:\Documents and Settings\colace\Mes documents\FLYER LIBNA salsa de mon pays.jpg
[2012/09/04 03:18:19 | 000,012,671 | ---- | C] () -- E:\Documents and Settings\colace\Mes documents	ina casciani.odt
[2012/09/01 09:45:40 | 000,000,742 | ---- | C] () -- E:\Documents and Settings\colace\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2012/09/01 09:45:40 | 000,000,730 | ---- | C] () -- E:\Documents and Settings\All Users\Menu Démarrer\Programmes\Mozilla Firefox.lnk
[2012/09/01 09:45:40 | 000,000,724 | ---- | C] () -- E:\Documents and Settings\All Users\Bureau\Mozilla Firefox.lnk
[2012/09/01 09:27:04 | 1073,270,784 | -HS- | C] () -- E:\hiberfil.sys
[2012/08/28 14:15:06 | 000,024,122 | ---- | C] () -- E:\Documents and Settings\colace\Mes documents\Questionnaire sur la 1° choré.odt
[2012/08/28 13:54:32 | 000,024,116 | ---- | C] () -- E:\Documents and Settings\colace\Mes documents\Questionnaire sur la 2° choré.odt
[2012/08/28 12:53:35 | 000,000,719 | ---- | C] () -- E:\Documents and Settings\All Users\Bureau\VLC media player.lnk
[2012/08/21 13:54:17 | 000,340,665 | ---- | C] () -- E:\Documents and Settings\colace\Mes documents\écoute la musique 1.odg
[2012/08/21 13:53:48 | 000,104,897 | ---- | C] () -- E:\Documents and Settings\colace\Mes documents\écoute la musique 2.odg
[2012/08/21 13:53:01 | 000,371,420 | ---- | C] () -- E:\Documents and Settings\colace\Mes documents\écoute la musique 3.odg
[2012/08/21 13:52:30 | 000,483,820 | ---- | C] () -- E:\Documents and Settings\colace\Mes documents\ecoutez la musique 4.odg
[2012/08/20 09:49:39 | 000,199,857 | ---- | C] () -- E:\Documents and Settings\colace\Mes documents\FLYER LIBNA pdf 01.pdf
[2012/08/20 09:48:23 | 000,270,262 | ---- | C] () -- E:\Documents and Settings\colace\Mes documents\FLYER LIBNA pdf.pdf
[2012/08/20 09:47:42 | 000,270,262 | ---- | C] () -- E:\Documents and Settings\colace\Mes documents\FLYER LIBNA.pdf
[2012/08/20 09:24:15 | 000,680,165 | ---- | C] () -- E:\Documents and Settings\colace\Mes documents\FLYER LIBNA  004.jpg
[2012/08/19 18:08:04 | 000,667,085 | ---- | C] () -- E:\Documents and Settings\colace\Mes documents\FLYER LIBNA 003.jpg
[2012/08/19 18:06:46 | 000,667,344 | ---- | C] () -- E:\Documents and Settings\colace\Mes documents\FLYER LIBNA   002.jpg
[2012/08/18 12:56:37 | 000,021,497 | ---- | C] () -- E:\Documents and Settings\colace\Mes documents\SON PAR ERIC TURRO.odt
[2012/08/17 13:01:41 | 000,216,461 | ---- | C] () -- E:\Documents and Settings\colace\Mes documents\DANSER LE SON A TIEMPO Y A CONTRATIEMPO.jpg.odg
[2012/08/17 12:32:02 | 000,419,305 | ---- | C] () -- E:\Documents and Settings\colace\Mes documents\DANSER LE SON A TIEMPO Y A CONTRATIEMPO.jpg
[2012/08/12 09:41:33 | 000,624,608 | ---- | C] () -- E:\Documents and Settings\colace\Mes documents\FLYER LIBNA.jpg
[2012/08/11 11:29:34 | 000,000,003 | ---- | C] () -- E:\WINDOWS	reeskp.sys
[2012/08/11 11:29:34 | 000,000,003 | ---- | C] () -- E:\WINDOWS\sbacknt.bin
[2012/08/11 06:54:02 | 000,667,305 | ---- | C] () -- E:\Documents and Settings\colace\Mes documents\FLYER LIBNA.odg
[2012/06/22 06:20:47 | 000,363,008 | ---- | C] () -- E:\WINDOWS\System32\CNMNPPM.DLL
[2012/03/07 17:44:37 | 000,000,064 | ---- | C] () -- E:\WINDOWS\System32p_stats.dat
[2012/03/07 17:44:37 | 000,000,044 | ---- | C] () -- E:\WINDOWS\System32p_rules.dat
[2012/02/23 19:07:49 | 000,003,072 | ---- | C] () -- E:\WINDOWS\System32\iacenc.dll
[2011/12/04 06:49:47 | 021,073,936 | ---- | C] () -- E:\Program Files\vlc-1.1.11-win32.exe
[2011/11/11 15:35:42 | 000,180,224 | ---- | C] () -- E:\WINDOWS\System32\xvidvfw.dll
[2011/09/05 14:27:46 | 000,011,232 | ---- | C] () -- E:\WINDOWS\System32\drivers\SWDUMon.sys
[2011/08/16 08:53:20 | 000,000,000 | ---- | C] () -- E:\Documents and Settings\colace\Local Settings\Application Data\{BEE8CB68-EF11-45A4-8304-3998A5F54F7E}
[2011/07/15 09:44:21 | 000,001,583 | ---- | C] () -- E:\Documents and Settings\colace\.recently-used.xbel
[2011/07/01 14:09:29 | 000,808,580 | ---- | C] () -- E:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-21-1935655697-2111687655-725345543-1004-0.dat
[2011/07/01 14:09:27 | 000,197,658 | ---- | C] () -- E:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat
[2011/06/27 16:02:54 | 000,036,608 | ---- | C] () -- E:\WINDOWS\System32\FsUsbExDisk.Sys
[2011/06/27 16:02:53 | 000,110,592 | ---- | C] () -- E:\WINDOWS\System32\FsUsbExDevice.Dll
[2011/06/27 16:02:43 | 000,002,528 | ---- | C] () -- E:\Documents and Settings\colace\Application Data\$_hpcst$.hpc
[2011/06/20 14:07:06 | 000,000,144 | ---- | C] () -- E:\WINDOWS\Perscopy.INI
[2011/06/20 12:16:25 | 000,001,019 | ---- | C] () -- E:\WINDOWS\EPSONEM.INI
[2011/06/20 12:09:41 | 000,000,000 | ---- | C] () -- E:\WINDOWS\prestopm.INI
[2011/06/20 12:06:11 | 000,000,029 | ---- | C] () -- E:\WINDOWS\DEBUGSM.INI
[2011/06/17 16:30:44 | 000,000,060 | ---- | C] () -- E:\WINDOWS\NAVIGMA.INI
[2011/06/16 03:54:58 | 000,000,038 | ---- | C] () -- E:\WINDOWS\AviSplitter.INI
[2011/06/15 17:14:36 | 000,000,028 | ---- | C] () -- E:\WINDOWS\MotionDVSTUDIO.INI
[2011/06/10 18:17:16 | 000,000,178 | ---- | C] () -- E:\WINDOWS\Cmicnfg3.ini.cfl
[2011/06/10 18:16:31 | 000,001,480 | ---- | C] () -- E:\WINDOWS\Cmicnfg3.ini.cfg
[2011/06/10 17:39:00 | 000,033,293 | ---- | C] () -- E:\WINDOWS\wininit.ini
[2011/06/09 11:34:53 | 000,274,432 | ---- | C] () -- E:\WINDOWS\System32\P_MPEG4.dll
[2011/06/07 05:13:38 | 000,974,848 | ---- | C] () -- E:\WINDOWS\System32\cis-2.4.dll
[2011/06/07 05:13:38 | 000,081,920 | ---- | C] () -- E:\WINDOWS\System32\issacapi_bs-2.3.dll
[2011/06/07 05:13:38 | 000,065,536 | ---- | C] () -- E:\WINDOWS\System32\issacapi_pe-2.3.dll
[2011/06/07 05:13:38 | 000,057,344 | ---- | C] () -- E:\WINDOWS\System32\issacapi_se-2.3.dll
[2011/06/07 05:13:38 | 000,030,568 | ---- | C] () -- E:\WINDOWS\MusiccityDownload.exe
[2011/06/05 20:12:47 | 000,000,017 | ---- | C] () -- E:\WINDOWS\MovingPicture.ini
[2011/06/05 14:49:57 | 000,001,182 | ---- | C] () -- E:\WINDOWS\VFO.INI
[2011/06/05 14:49:55 | 000,196,096 | ---- | C] () -- E:\WINDOWS\System32\macd32.dll
[2011/06/05 14:49:55 | 000,138,752 | ---- | C] () -- E:\WINDOWS\System32\mase32.dll
[2011/06/05 14:49:55 | 000,136,192 | ---- | C] () -- E:\WINDOWS\System32\mamc32.dll
[2011/06/05 14:49:55 | 000,057,856 | ---- | C] () -- E:\WINDOWS\System32\masd32.dll
[2011/06/05 14:49:55 | 000,027,648 | ---- | C] () -- E:\WINDOWS\System32\ma32.dll
[2011/06/05 08:57:29 | 000,974,848 | ---- | C] () -- E:\WINDOWS\System32\MFC70.DLL
[2011/06/03 17:26:49 | 000,049,152 | ---- | C] () -- E:\WINDOWS\System32\ChCfg.exe
[2011/06/03 17:25:18 | 000,147,456 | ---- | C] () -- E:\WINDOWS\System32\RtlCPAPI.dll
[2011/05/21 10:23:12 | 000,046,416 | ---- | C] () -- E:\Documents and Settings\colace\Configuration.mc
[2011/05/19 04:02:32 | 000,000,151 | ---- | C] () -- E:\WINDOWS\PhotoSnapViewer.INI
[2011/04/03 18:50:28 | 000,000,109 | ---- | C] () -- E:\Documents and Settings\colace\default.pls
[2011/04/03 18:46:30 | 000,000,116 | ---- | C] () -- E:\WINDOWS\NeroDigital.ini
[2011/03/31 16:52:36 | 000,025,116 | -H-- | C] () -- E:\WINDOWS\System32\mlfcache.dat
[2011/03/17 04:37:18 | 000,004,012 | ---- | C] () -- E:\Documents and Settings\colace\Local Settings\Application Data\iforex.config
[2011/01/27 17:05:25 | 000,503,808 | ---- | C] () -- E:\WINDOWS\System32\Cmeaupci.exe
[2011/01/27 17:04:39 | 000,241,664 | R--- | C] () -- E:\WINDOWS\System32\cmrmdrv3.exe
[2011/01/27 17:04:39 | 000,028,672 | R--- | C] () -- E:\WINDOWS\System32\cmrmdrv3.dll
[2011/01/27 17:04:27 | 000,258,048 | ---- | C] () -- E:\WINDOWS\System32\CmiInstallResAll.dll
[2011/01/27 17:04:27 | 000,000,228 | ---- | C] () -- E:\WINDOWS\Cmicnfg3.ini.imi
[2011/01/27 17:04:24 | 000,003,011 | ---- | C] () -- E:\WINDOWS\cmudax3.ini
[2011/01/06 08:05:00 | 000,000,068 | ---- | C] () -- E:\WINDOWS\MyProg.ini
[2010/12/05 20:24:11 | 000,142,336 | ---- | C] () -- E:\Documents and Settings\colace\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/12/02 18:49:24 | 000,000,129 | ---- | C] () -- E:\Documents and Settings\colace\Local Settings\Application Data\fusioncache.dat
[2010/12/02 17:59:34 | 000,000,664 | ---- | C] () -- E:\WINDOWS\System32\d3d9caps.dat
[2010/12/02 16:12:45 | 000,000,000 | ---- | C] () -- E:\WINDOWS
sreg.dat
[2010/12/02 16:07:51 | 000,001,024 | R--- | C] () -- E:\WINDOWS\System32\drivers\jedih2rx.bin
[2010/12/02 16:07:51 | 000,000,122 | R--- | C] () -- E:\WINDOWS\System32\driversamsed.bin
[2010/12/02 15:37:03 | 000,004,205 | ---- | C] () -- E:\WINDOWS\ODBCINST.INI
[2010/12/02 15:16:31 | 000,002,048 | --S- | C] () -- E:\WINDOWS\bootstat.dat
[2010/12/02 15:11:17 | 000,021,892 | ---- | C] () -- E:\WINDOWS\System32\emptyregdb.dat
[2010/12/02 15:09:43 | 000,169,896 | ---- | C] () -- E:\WINDOWS\System32\FNTCACHE.DAT
[2009/10/06 03:16:00 | 000,819,200 | ---- | C] () -- E:\WINDOWS\System32\xvidcore.dll
[2008/05/26 17:23:32 | 000,016,698 | ---- | C] () -- E:\WINDOWS\System32\gthrctr.ini
[2008/05/26 17:23:30 | 000,021,596 | ---- | C] () -- E:\WINDOWS\System32\idxcntrs.ini
[2008/05/26 17:23:28 | 000,016,036 | ---- | C] () -- E:\WINDOWS\System32\gsrvctr.ini
[2008/05/26 16:59:42 | 000,018,904 | ---- | C] () -- E:\WINDOWS\System32\structuredqueryschematrivial.bin
[2008/05/26 16:59:40 | 000,106,605 | ---- | C] () -- E:\WINDOWS\System32\structuredqueryschema.bin
[2007/10/25 11:26:10 | 000,005,632 | ---- | C] () -- E:\WINDOWS\System32\drivers\StarOpen.sys
[2006/04/28 16:05:14 | 000,121,995 | ---- | C] () -- E:\WINDOWS\System32\atiicdxx.dat
[2004/12/20 12:24:03 | 001,663,068 | ---- | C] () -- E:\WINDOWS\System32\libmmd.dll
[2004/08/05 08:00:00 | 013,107,200 | ---- | C] () -- E:\WINDOWS\System32\oembios.bin
[2004/08/05 08:00:00 | 000,860,160 | ---- | C] () -- E:\WINDOWS\System32	api3.dll
[2004/08/05 08:00:00 | 000,673,088 | ---- | C] () -- E:\WINDOWS\System32\mlang.dat
[2004/08/05 08:00:00 | 000,597,534 | ---- | C] () -- E:\WINDOWS\System32\perfh00C.dat
[2004/08/05 08:00:00 | 000,501,626 | ---- | C] () -- E:\WINDOWS\System32\perfh009.dat
[2004/08/05 08:00:00 | 000,322,810 | ---- | C] () -- E:\WINDOWS\System32\perfi00C.dat
[2004/08/05 08:00:00 | 000,272,128 | ---- | C] () -- E:\WINDOWS\System32\perfi009.dat
[2004/08/05 08:00:00 | 000,218,003 | ---- | C] () -- E:\WINDOWS\System32\dssec.dat
[2004/08/05 08:00:00 | 000,113,396 | ---- | C] () -- E:\WINDOWS\System32\perfc00C.dat
[2004/08/05 08:00:00 | 000,087,636 | ---- | C] () -- E:\WINDOWS\System32\perfc009.dat
[2004/08/05 08:00:00 | 000,046,592 | ---- | C] () -- E:\WINDOWS\System32	cpmon.dll
[2004/08/05 08:00:00 | 000,046,258 | ---- | C] () -- E:\WINDOWS\System32\mib.bin
[2004/08/05 08:00:00 | 000,034,108 | ---- | C] () -- E:\WINDOWS\System32\perfd00C.dat
[2004/08/05 08:00:00 | 000,028,626 | ---- | C] () -- E:\WINDOWS\System32\perfd009.dat
[2004/08/05 08:00:00 | 000,022,016 | ---- | C] () -- E:\WINDOWS\System32\lpk.dll
[2004/08/05 08:00:00 | 000,016,896 | ---- | C] () -- E:\WINDOWS\System32\usbmon.dll
[2004/08/05 08:00:00 | 000,011,776 | ---- | C] () -- E:\WINDOWS\System32
etrap.dll
[2004/08/05 08:00:00 | 000,004,569 | ---- | C] () -- E:\WINDOWS\System32\secupd.dat
[2004/08/05 08:00:00 | 000,004,461 | ---- | C] () -- E:\WINDOWS\System32\oembios.dat
[2004/08/05 08:00:00 | 000,001,804 | ---- | C] () -- E:\WINDOWS\System32\dcache.bin
[2004/08/05 08:00:00 | 000,000,741 | ---- | C] () -- E:\WINDOWS\System32
oise.dat
[2001/11/29 15:34:34 | 000,000,176 | ---- | C] () -- E:\Documents and Settings\colace\hpsfx.ini
 
[color=#E56717]========== LOP Check ==========[/color]
 
[2012/09/07 11:18:17 | 000,000,000 | ---D | M] -- E:\Documents and Settings\All Users\Application Data\Ad-Aware Browsing Protection
[2010/12/02 16:50:13 | 000,000,000 | ---D | M] -- E:\Documents and Settings\All Users\Application Data\Alwil Software
[2012/01/17 14:18:08 | 000,000,000 | ---D | M] -- E:\Documents and Settings\All Users\Application Data\AVAST Software
[2011/11/12 03:28:38 | 000,000,000 | ---D | M] -- E:\Documents and Settings\All Users\Application Data\boost_interprocess
[2012/05/29 14:54:00 | 000,000,000 | -H-D | M] -- E:\Documents and Settings\All Users\Application Data\CanonBJ
[2012/06/22 06:37:36 | 000,000,000 | -H-D | M] -- E:\Documents and Settings\All Users\Application Data\CanonEPP
[2012/06/22 06:50:46 | 000,000,000 | ---D | M] -- E:\Documents and Settings\All Users\Application Data\CanonIJ
[2012/06/22 07:23:29 | 000,000,000 | -H-D | M] -- E:\Documents and Settings\All Users\Application Data\CanonIJEPPEX
[2012/06/22 06:37:36 | 000,000,000 | -H-D | M] -- E:\Documents and Settings\All Users\Application Data\CanonIJEPPEX2
[2012/06/22 06:36:07 | 000,000,000 | -H-D | M] -- E:\Documents and Settings\All Users\Application Data\CanonIJMyPrinter
[2012/09/04 03:38:59 | 000,000,000 | ---D | M] -- E:\Documents and Settings\All Users\Application Data\CanonIJPLM
[2012/06/22 06:49:23 | 000,000,000 | -H-D | M] -- E:\Documents and Settings\All Users\Application Data\CanonIJScan
[2012/06/22 06:39:31 | 000,000,000 | -H-D | M] -- E:\Documents and Settings\All Users\Application Data\CanonIJSolutionMenuEX
[2012/06/22 06:27:36 | 000,000,000 | ---D | M] -- E:\Documents and Settings\All Users\Application Data\CanonIJWSpt
[2012/02/04 17:10:32 | 000,000,000 | ---D | M] -- E:\Documents and Settings\All Users\Application Data\DriverGenius
[2012/07/04 14:18:47 | 000,000,000 | ---D | M] -- E:\Documents and Settings\All Users\Application Data\GFI Software
[2012/09/01 09:34:15 | 000,000,000 | ---D | M] -- E:\Documents and Settings\All Users\Application Data\ma-config.com
[2011/06/15 16:26:46 | 000,000,000 | ---D | M] -- E:\Documents and Settings\All Users\Application Data\Panasonic
[2012/07/14 09:14:01 | 000,000,000 | ---D | M] -- E:\Documents and Settings\All Users\Application Data\PC Suite
[2011/06/05 20:09:30 | 000,000,000 | ---D | M] -- E:\Documents and Settings\All Users\Application Data\Pinnacle
[2011/06/05 14:47:36 | 000,000,000 | ---D | M] -- E:\Documents and Settings\All Users\Application Data\Pinnacle Studio
[2012/07/14 09:40:27 | 000,000,000 | ---D | M] -- E:\Documents and Settings\All Users\Application Data\Samsung
[2012/06/17 10:39:17 | 000,000,000 | ---D | M] -- E:\Documents and Settings\All Users\Application Data\SmartSound Software Inc
[2010/12/05 18:31:26 | 000,000,000 | ---D | M] -- E:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2012/09/06 06:52:48 | 000,001,086 | ---- | M] () -- E:\WINDOWS\Tasks\Ad-Aware Antivirus Scheduled Scan.job
[2012/08/25 16:42:00 | 000,000,486 | ---- | M] () -- E:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job
[2012/09/07 12:23:50 | 000,000,316 | -H-- | M] () -- E:\WINDOWS\Tasks\avast! Emergency Update.job
 
[color=#E56717]========== Purity Check ==========[/color]
 
 
 
[color=#E56717]========== Files - Unicode (All) ==========[/color]
[2012/07/29 06:28:25 | 000,000,000 | ---- | M] ()(E:\Documents and Settings\colace\??????c) -- E:\Documents and Settings\colace\???????
[2012/07/29 06:28:25 | 000,000,000 | ---- | C] ()(E:\Documents and Settings\colace\??????c) -- E:\Documents and Settings\colace\???????
 
[color=#E56717]========== Alternate Data Streams ==========[/color]
 
@Alternate Data Stream - 88 bytes -> E:\WINDOWS\System32\HAL.DLL:SummaryInformation
< End of report >

jacques.gache · Answer

bonjour, tu passes adwcleaner  , et puis tu fais un examen complet avec malwarebytes , et tu postes un zhpdiag de contrôle , merci 

1) passes adwcleaner mode SUPPRESSION

Télécharge AdwCleaner ( d'Xplode ) sur ton bureau.
Lance le, clique sur [Suppression] puis patiente le temps du scan.
Une fois le scan fini, un rapport s'ouvrira. Poste moi son contenu dans ta prochaine réponse.

Note : Le rapport est également sauvegardé sous C:\AdwCleaner[S1].txt




2) fais un examen complet de ton pc avec malwarebytes



 !! ATTENTION !!! près de 2 heures de scan !!!

Télécharge Malwarebytes' Anti-Malware: http://www.malwarebytes.org/mbam/program/mbam-setup.exe

si problème essais avec celui ci : https://www.commentcamarche.net/telecharger/securite/14361-malwarebytes-anti-malware/

(NB : Si tu as un message d'erreur t'indiquant qu'il te manque "COMCTL32.OCX" lors de l'installation, alors télécharge le ici :COMCTL32.OCX 

. enregistres le sur le bureau
. Double cliques sur le fichier téléchargé pour lancer le processus d'installation.
. si le pare-feu demande l'autorisation  de se connecter pour malwarebytes, acceptes
. Dans l'onglet "mise à jour", cliques sur le bouton Recherche de mise à jour
. Une fois la mise à jour terminée
. rend-toi dans l'onglet, Recherche
. Sélectionnes  Exécuter un examen complet
. Sélectionnes tous les disques si proposés
. Cliques sur Rechercher
. Le scan démarre.
. A la fin de l'analyse, un message s'affiche : L'examen s'est terminé normalement. Cliquez sur 'Afficher les résultats' pour afficher tous les objets trouvés.
. Cliques sur Ok pour poursuivre.
. Si des malwares ont été détectés, cliques sur Afficher les résultats
. Sélectionnes tout (ou laisses cochés) et cliques sur Supprimer la sélection Malwarebytes va détruire les fichiers et clés de registre et en mettre une copie dans la quarantaine.
. Malwarebytes va ouvrir le bloc-notes et y copier le rapport d'analyse.
. redemarre le pc si il le fait pas lui même
. une fois redémarré  double-cliques sur malwarebytes
. rends toi dans l'onglet rapport/log
. tu cliques dessus pour l'afficher une fois affiché
. tu cliques sur edition en haut du boc notes,et puis sur sélectionner tous
. tu recliques sur edition et puis sur copier et tu reviens sur le forum et dans ta réponse
. tu cliques droit dans le cadre de la reponse et coller


Si tu as besoin d'aide regarde ce tutoriel :
https://www.malekal.com/tutoriel-malwarebyte-anti-malware/




3) postes un zhpdiag de contrôle 


Ouvre ce lien et télécharge ZHPDiag : 

https://www.zebulon.fr/telechargements/securite/systeme/zhpdiag.html

cliques sur télécharger "celui du bas" 

ou directement ici: ftp://zebulon.fr/ZHPDiag2.exe



Enregistres le sur ton Bureau. 

Une fois le téléchargement achevé

pour XP, double-clique sur ZHPDiag 

pour Vista,et seven tu  fais un clic droit sur l'icône et exécute en tant qu'administrateur. 

N'oublies pas de cocher la case qui permet de mettre un raccourci sur le Bureau. 

/|\ l'outil a créé 2 icônes ZHPDiag et ZHPFix. 

Double cliques sur le raccourci ZHPDiag sur ton Bureau pour XP sinon clique droit et en tant que administrateur !! 

Cliques sur la loupe pour lancer l'analyse. 

 si tu as un message te demandant la validation pour SIGCHECK acceptes avec OK cela est pour nous faire  un rapport plus complet et pouvoir en faire une lecture plus approfondis 

Laisses l'outil travailler, il peut être assez long 

A la fin de l'analyse,clique sur l'appareil photo et enregistre le rapport sur ton Bureau. 


Fermes ZHPDiag en fin d'analyse. 


Pour me le transmettre clique sur ce lien : 

https://www.cjoint.com/ 


Clique sur Parcourir et cherche le fichier C:\Documents and settings\le_nom_de_ta_session\bureau\.ZHPDiag.txt

ou directement en choisissant bureau et  ZHPDiag.txt clique dessus 

Clique sur Ouvrir. 

Clique sur "Cliquez ici pour déposer le fichier". 

Un lien de cette forme : 

http://www.cijoint.fr/cjlink.php?file=cj200905/cib7SU.txt 

est ajouté dans la page. 

Copie ce lien dans ta réponse. 


et si problème passe par celui ci :  http://threat-rc.com/
ou
  http://pjjoint.malekal.com/

Hiberfil.sys infecté

1 réponse

Votre réponse

Discussions similaires

Newsletters