Virus Hadopi sur windows XP
paikilana
Messages postés
58
Statut
Membre
-
Utilisateur anonyme -
Utilisateur anonyme -
Bonjour,
J'ai donc le virus hadopi, sur mon autre ordinateur. Je suis allé faire le tour sur d'autres forums mais je n'ai pas réussi à mettre en application ce qui était expliqué. Quand je fais "F8" lors du demarrage de l'ordinateur infecté, celui ne me propose pas de mode sans echec mais 3 propositions en anglais : Removable / Hard disk / CDrom
Que dois-je faire ?
Merci d'avance,
Cordialement,
J'ai donc le virus hadopi, sur mon autre ordinateur. Je suis allé faire le tour sur d'autres forums mais je n'ai pas réussi à mettre en application ce qui était expliqué. Quand je fais "F8" lors du demarrage de l'ordinateur infecté, celui ne me propose pas de mode sans echec mais 3 propositions en anglais : Removable / Hard disk / CDrom
Que dois-je faire ?
Merci d'avance,
Cordialement,
A voir également:
- Virus Hadopi sur windows XP
- Cle windows xp - Guide
- Montage video gratuit windows - Guide
- Telecharger windows xp - Télécharger - Systèmes d'exploitation
- Windows movie maker - Télécharger - Montage & Édition
- Windows ne démarre pas - Guide
7 réponses
bonjour,
aide toi de cette page pour passer par un Cd live :
https://www.malekal.com/malekal-live-cd-reparer-depanner-pc-windows/
aide toi de cette page pour passer par un Cd live :
https://www.malekal.com/malekal-live-cd-reparer-depanner-pc-windows/
J'ai tout fait comme expliqué sur le site que vous m'avez indiqué, le problème c'est qu'une fois que je veux lancer la "désinfection" par le biais de pjjoint malekal à l'aide du rapport que j'ai récupéré, celui ci me dit "référence inconnue" et s'arrête là.
Pourquoi ? que dois-je faire ?
Merci d'avance
PS : quand je fais par contre analyse du rapport là tout fonctionne et ilme donne les "endroits" de l'ordianteurs infectés
Pourquoi ? que dois-je faire ?
Merci d'avance
PS : quand je fais par contre analyse du rapport là tout fonctionne et ilme donne les "endroits" de l'ordianteurs infectés
est ce que tu as pu démarrer sur le Cd live ?
as tu configuré la connexion internat, comme expliqué sur la page ?
si oui, lance une recherche avec Roguekiller,
copie et colle son rapport sur ton prochain message !
as tu configuré la connexion internat, comme expliqué sur la page ?
si oui, lance une recherche avec Roguekiller,
copie et colle son rapport sur ton prochain message !
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
ok,
j'attends le rapport
mais je pense que tu peux lancer Roguekiller en mode suppression comme ça, tu peux démarre le pc normalement, on le nettoie après
j'attends le rapport
mais je pense que tu peux lancer Roguekiller en mode suppression comme ça, tu peux démarre le pc normalement, on le nettoie après
OTL logfile created on: 6/20/2013 4:56:10 PM - Run
OTLPE by OldTimer - Version 3.1.48.0 Folder = X:\Programs\OTLPE
Microsoft Windows XP Service Pack 3 (Version = 5.1.2600) - Type = SYSTEM
Internet Explorer (Version = 8.0.6001.18702)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy
1,022.00 Mb Total Physical Memory | 573.00 Mb Available Physical Memory | 56.00% Memory free
906.00 Mb Paging File | 647.00 Mb Available in Paging File | 71.00% Paging File free
Paging file location(s): [Binary data over 100 bytes]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74.53 Gb Total Space | 3.44 Gb Free Space | 4.61% Space Free | Partition Type: NTFS
Drive D: | 72.08 Gb Total Space | 13.47 Gb Free Space | 18.69% Space Free | Partition Type: NTFS
Drive E: | 2.44 Gb Total Space | 0.12 Gb Free Space | 4.79% Space Free | Partition Type: FAT32
Drive I: | 7.27 Gb Total Space | 7.27 Gb Free Space | 99.99% Space Free | Partition Type: FAT32
Drive X: | 436.59 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet001
[color=#E56717]========== Win32 Services (SafeList) ==========[/color]
SRV - File not found [On_Demand] -- -- (Boonty Games)
SRV - File not found [On_Demand] -- -- (AppMgmt)
SRV - [2013/06/19 08:56:47 | 000,148,992 | ---- | M] (Microsoft Corporation) [Auto] -- C:\Documents and Settings\All Users\Application Data\lfhd.dat -- (winmgmt)
SRV - [2013/04/15 21:07:06 | 000,039,056 | ---- | M] () [Auto] -- C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe -- (RealNetworks Downloader Resolver Service)
SRV - [2013/03/01 06:11:32 | 000,161,384 | R--- | M] (Skype Technologies) [Auto] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/10/02 07:13:44 | 003,064,000 | ---- | M] (Skype Technologies S.A.) [Auto] -- C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2012/05/08 07:25:21 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2012/05/08 07:25:20 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2010/03/29 12:13:26 | 000,602,624 | ---- | M] (Hauppauge Computer Works) [Auto] -- C:\Program Files\WinTV\TVServer\HauppaugeTVServer.exe -- (HauppaugeTVServer)
SRV - [2009/04/06 05:35:44 | 001,002,016 | ---- | M] (Packard Bell Services) [Auto] -- C:\Program Files\Packard Bell\Software Suite\PowerSave\PSPBSSS.exe -- (PowerSave)
SRV - [2006/10/26 13:49:34 | 000,441,136 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv)
SRV - [2006/10/26 08:03:08 | 000,145,184 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
SRV - [2005/06/16 10:22:38 | 000,110,687 | ---- | M] () [Auto] -- C:\Program Files\Home Cinema\PowerCinema\Kernel\TV\CLSched.exe -- (CLSched) CyberLink Task Scheduler (CTS)
SRV - [2005/06/16 10:22:36 | 000,221,281 | ---- | M] () [Auto] -- C:\Program Files\Home Cinema\PowerCinema\Kernel\TV\CLCapSvc.exe -- (CLCapSvc) CyberLink Background Capture Service (CBCS)
SRV - [2005/06/07 09:48:34 | 000,061,440 | ---- | M] (Cyberlink) [Auto] -- C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe -- (CyberLink Media Library Service)
SRV - [2005/04/03 19:41:10 | 000,069,632 | ---- | M] (Macrovision Corporation) [On_Demand] -- C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe -- (IDriverT)
SRV - [2001/11/12 07:31:48 | 000,020,480 | ---- | M] (X10) [On_Demand] -- C:\Program Files\Common Files\X10\Common\X10NETS.EXE -- (x10nets)
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
DRV - File not found [Kernel | On_Demand] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand] -- -- (wanatw) WAN Miniport (ATW)
DRV - File not found [Kernel | On_Demand] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand] -- -- (PDCOMP)
DRV - File not found [Kernel | System] -- -- (PCIDump)
DRV - File not found [Kernel | System] -- -- (lbrtfdc)
DRV - File not found [Kernel | System] -- -- (i2omgmt)
DRV - File not found [Kernel | System] -- -- (Changer)
DRV - [2013/06/19 16:41:14 | 000,017,408 | ---- | M] (ICSI Technology Ltd.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\USBCRFT.SYS -- (CardReaderFilter)
DRV - [2012/05/08 07:25:22 | 000,137,928 | ---- | M] (Avira GmbH) [Kernel | System] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)
DRV - [2012/05/08 07:25:21 | 000,083,392 | ---- | M] (Avira GmbH) [File_System | Auto] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2011/09/16 10:09:17 | 000,036,000 | ---- | M] (Avira GmbH) [Kernel | System] -- C:\WINDOWS\system32\drivers\avkmgr.sys -- (avkmgr)
DRV - [2010/06/17 08:27:22 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2009/07/06 10:33:40 | 000,015,616 | R--- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\hcw95rc.sys -- (hcw95rc)
DRV - [2009/07/06 10:30:58 | 000,573,440 | R--- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\hcw95bda.sys -- (hcw95bda)
DRV - [2008/04/13 14:53:09 | 000,040,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\nmnt.sys -- (nm)
DRV - [2008/04/13 14:46:22 | 000,015,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\mpe.sys -- (MPE)
DRV - [2007/11/02 04:47:38 | 000,109,992 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\s916mdm.sys -- (s916mdm)
DRV - [2007/11/02 04:47:38 | 000,083,496 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\s916bus.sys -- (s916bus) Sony Ericsson Device 916 driver (WDM)
DRV - [2007/11/02 04:47:38 | 000,015,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\s916mdfl.sys -- (s916mdfl)
DRV - [2006/06/13 00:20:00 | 000,094,460 | ---- | M] (Sonic Solutions) [File_System | Auto] -- C:\WINDOWS\system32\DLA\DLAUDFAM.SYS -- (DLAUDFAM)
DRV - [2006/06/13 00:20:00 | 000,088,476 | ---- | M] (Sonic Solutions) [File_System | Auto] -- C:\WINDOWS\system32\DLA\DLAUDF_M.SYS -- (DLAUDF_M)
DRV - [2006/06/13 00:20:00 | 000,086,844 | ---- | M] (Sonic Solutions) [File_System | Auto] -- C:\WINDOWS\system32\DLA\DLAIFS_M.SYS -- (DLAIFS_M)
DRV - [2006/06/13 00:20:00 | 000,025,724 | ---- | M] (Sonic Solutions) [File_System | Auto] -- C:\WINDOWS\system32\DLA\DLABOIOM.SYS -- (DLABOIOM)
DRV - [2006/06/13 00:20:00 | 000,014,716 | ---- | M] (Sonic Solutions) [File_System | Auto] -- C:\WINDOWS\system32\DLA\DLAOPIOM.SYS -- (DLAOPIOM)
DRV - [2006/06/13 00:20:00 | 000,006,364 | ---- | M] (Sonic Solutions) [File_System | Auto] -- C:\WINDOWS\system32\DLA\DLAPoolM.SYS -- (DLAPoolM)
DRV - [2006/06/13 00:20:00 | 000,002,496 | ---- | M] (Sonic Solutions) [File_System | Auto] -- C:\WINDOWS\system32\DLA\DLADResN.SYS -- (DLADResN)
DRV - [2006/03/17 03:35:24 | 000,005,660 | ---- | M] (Sonic Solutions) [File_System | System] -- C:\WINDOWS\system32\drivers\DLACDBHM.SYS -- (DLACDBHM)
DRV - [2006/03/17 03:34:46 | 000,022,684 | ---- | M] (Sonic Solutions) [File_System | System] -- C:\WINDOWS\system32\drivers\DLARTL_N.SYS -- (DLARTL_N)
DRV - [2005/08/17 07:18:58 | 000,005,888 | ---- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\etScan.sys -- (ScanUSBET)
DRV - [2005/08/17 07:12:40 | 000,094,336 | ---- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\etDevice.sys -- (DCamUSBET)
DRV - [2005/07/05 15:28:34 | 000,102,912 | ---- | M] (eMPIA Technology Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\etFilter.sys -- (FiltUSBET)
DRV - [2005/06/07 21:35:08 | 000,799,744 | ---- | M] (Philips Semiconductors GmbH) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\3xHybrid.sys -- (3xHybrid)
DRV - [2005/06/07 16:44:36 | 001,235,968 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2005/05/12 08:39:56 | 001,287,296 | ---- | M] (C-Media Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\cmudax.sys -- (cmudax)
DRV - [2004/11/22 18:36:39 | 000,018,003 | ---- | M] (Motive, Inc.) [Kernel | On_Demand] -- C:\Program Files\Common Files\Motive\MRENDIS5.sys -- (MRENDIS5)
DRV - [2004/03/17 10:10:40 | 000,113,664 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\Hdaudio.sys -- (HdAudAddService)
DRV - [2004/01/16 07:02:58 | 000,017,408 | ---- | M] (X10 Wireless Technology, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\x10ufx2.sys -- (XUIF)
DRV - [2001/08/17 16:11:06 | 000,066,591 | ---- | M] (3Com Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\el90xbc5.sys -- (EL90XBC)
DRV - [1999/09/10 07:06:00 | 000,025,244 | ---- | M] (Adaptec) [Kernel | Auto] -- C:\WINDOWS\System32\drivers\Aspi32.sys -- (Aspi32)
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
[color=#E56717]========== Internet Explorer ==========[/color]
IE - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/toolbar/ie8/sidebar.html
IE - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/toolbar/ie8/sidebar.html
IE - HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?redirfallthru=http%3a%2f%2fwww.msn.fr%2fdajo%3f
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = 127.0.0.1;*.local
IE - HKU\Florence_ON_C\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/?gws_rd=ssl
IE - HKU\Florence_ON_C\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKU\Florence_ON_C\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = https://www.google.com/webhp?gws_rd=ssl{searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
IE - HKU\Florence_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = https://actus.sfr.fr
IE - HKU\Florence_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = https://www.msn.com/fr-fr?ocid=iehp
IE - HKU\Florence_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = fr
IE - HKU\Florence_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = BA B1 B6 84 2D 1B CD 01 [binary data]
IE - HKU\Florence_ON_C\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/toolbar/ie8/sidebar.html
IE - HKU\Florence_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\Florence_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = 127.0.0.1
IE - HKU\LocalService_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?redirfallthru=http%3a%2f%2fwww.msn.fr%2fdajo%3f
IE - HKU\NetworkService_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?redirfallthru=http%3a%2f%2fwww.msn.fr%2fdajo%3f
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: File not found
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa2,version=2.0.0: File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pack.google.com/Google Updater;version=14: C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll (Google)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=16.0.2.32: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/npracplug;version=1.0.0.0: File not found
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlchromebrowserrecordext;version=1.3.2: C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlhtml5videoshim;version=1.3.2: C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlpepperflashvideoshim;version=1.3.2: C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=16.0.2.32: C:\Program Files\Real\RealPlayer\Netscape6\nprpplugin.dll (RealPlayer)
FF - HKLM\Software\MozillaPlugins\@realnetworks.com/npdlplugin;version=1: C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.1: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@zylom.com/ZylomGamesPlayer: C:\Documents and Settings\All Users\Application Data\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll (Zylom)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Documents and Settings\Florence\Local Settings\Application Data\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{FCE04E1F-9378-4f39-96F6-5689A9159E45}: C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ [2013/06/09 06:10:18 | 000,000,000 | ---D | M]
[2013/06/09 06:06:48 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
O1 HOSTS File: ([2004/08/05 08:00:00 | 000,000,790 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (RealNetworks Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (DriveLetterAccess) - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\DLA\DLASHX_W.DLL (Sonic Solutions)
O2 - BHO: (Programme d'aide de l'Assistant de connexion Windows Live) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.8313.1002\swg.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Easy-WebPrint) - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll ()
O3 - HKU\Florence_ON_C\..\Toolbar\WebBrowser: (no name) - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - No CLSID value found.
O3 - HKU\Florence_ON_C\..\Toolbar\WebBrowser: (no name) - {E67C74F4-A00A-4F2C-9FEC-FD9DC004A67F} - No CLSID value found.
O4 - HKLM..\Run: [Adobe ARM] C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AntivirusRegistration] C:\Program Files\CA\Etrust Antivirus\Register.exe ()
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [BabyGoCP] File not found
O4 - HKLM..\Run: [Cmaudio] File not found
O4 - HKLM..\Run: [ContentTransferWMDetector.exe] C:\Program Files\Sony\Content Transfer\ContentTransferWMDetector.exe (Sony Corporation)
O4 - HKLM..\Run: [Dit] C:\WINDOWS\Dit.exe (ICSI Technology Ltd.)
O4 - HKLM..\Run: [DLA] C:\WINDOWS\system32\DLA\DLACTRLW.EXE (Sonic Solutions)
O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh)
O4 - HKLM..\Run: [OpwareSE2] C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe (ScanSoft, Inc.)
O4 - HKLM..\Run: [PCMService] C:\Program Files\Home Cinema\PowerCinema\PCMService.exe (CyberLink Corp.)
O4 - HKLM..\Run: [StandardInstall] File not found
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Real\RealPlayer\update\realsched.exe (RealNetworks, Inc.)
O4 - HKU\Florence_ON_C..\Run: [cewyy] File not found
O4 - HKU\Florence_ON_C..\Run: [comiuya] File not found
O4 - HKU\Florence_ON_C..\Run: [ctfmon32.exe] C:\Documents and Settings\All Users\Application Data\lfhd.dat (Microsoft Corporation)
O4 - HKU\Florence_ON_C..\Run: [EA Core] File not found
O4 - HKU\Florence_ON_C..\Run: [esgkc] File not found
O4 - HKU\Florence_ON_C..\Run: [Facebook Update] C:\Documents and Settings\Florence\Local Settings\Application Data\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
O4 - HKU\Florence_ON_C..\Run: [keymk] File not found
O4 - HKU\Florence_ON_C..\Run: [messengerskinner] File not found
O4 - HKU\Florence_ON_C..\Run: [NBJ] C:\Program Files\Ahead\Nero BackItUp\NBJ.exe (Ahead Software AG)
O4 - HKU\Florence_ON_C..\Run: [OM2_Monitor] File not found
O4 - HKU\Florence_ON_C..\Run: [ouuiaks] File not found
O4 - HKU\Florence_ON_C..\Run: [Packard Bell Software Suite] C:\Program Files\Packard Bell\Software Suite\PBSoftSuite.exe (Acer Incorporated)
O4 - HKU\Florence_ON_C..\Run: [qcuyw] File not found
O4 - HKU\Florence_ON_C..\Run: [qgiwmgu] File not found
O4 - HKU\Florence_ON_C..\Run: [qyooy] File not found
O4 - HKU\Florence_ON_C..\Run: [updateMgr] File not found
O4 - HKU\Florence_ON_C..\Run: [wggmgss] File not found
O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\WinTV Recording Status..lnk = C:\Program Files\WinTV\WinTV7\WinTVTray.exe (Hauppauge Computer Works, Inc.)
O4 - Startup: C:\Documents and Settings\Florence\Menu Démarrer\Programmes\Démarrage\regmonstd.lnk = X:\I386\SYSTEM32\RUNDLL32.EXE (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\Florence_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\LocalService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\NetworkService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Easy-WebPrint Ajouter à la liste d'impressions - C:\Program Files\Canon\Easy-WebPrint\Resource.dll ()
O8 - Extra context menu item: Easy-WebPrint Impression rapide - C:\Program Files\Canon\Easy-WebPrint\Resource.dll ()
O8 - Extra context menu item: Easy-WebPrint Imprimer - C:\Program Files\Canon\Easy-WebPrint\Resource.dll ()
O8 - Extra context menu item: Easy-WebPrint Prévisualiser - C:\Program Files\Canon\Easy-WebPrint\Resource.dll ()
O9 - Extra 'Tools' menuitem : Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\NPJPI150_04.dll (Sun Microsystems, Inc.)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O16 - DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} file:///C:/Program%20Files/Turbo%20Pizza/Images/stg_drm.ocx (SpinTop DRM Control)
O16 - DPF: {15B782AF-55D8-11D1-B477-006097098764} http://fpdownload.macromedia.com/get/shockwave/cabs/authorware/awswaxd.cab (Macromedia Authorware Web Player Control)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://fpdownload.macromedia.com/get/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/8/b/d/8bd77752-5704-4d68-a152-f7252adaa4f2/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {34DC6011-88B5-4EA9-BA7A-DC7B4F4437FE} http://photoservice.fujicolor.de/ips-opdata/objects/jordan.cab (JordanUploader Class)
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab (Solitaire Showdown Class)
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab (UnoCtrl Class)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1119456806656 (WUWebControl Class)
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} http://download.divx.com/player/DivXBrowserPlugin.cab (DivXBrowserPlugin Object)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1121082381687 (MUWebControl Class)
O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} http://express.foto.com/Newuploader/ImageUploader4.cab (Image Uploader Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.5.0/jinstall-1_5_0_04-windows-i586.cab (Java Plug-in 1.5.0_04)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab (MessengerStatsClient Class)
O16 - DPF: {CAFEEFAC-0015-0000-0004-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_04-windows-i586.cab (Java Plug-in 1.5.0_04)
O16 - DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} file:///C:/Program%20Files/Turbo%20Pizza/Images/armhelper.ocx (ArmHelper Control)
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} http://gamenextfr.oberon-media.com/Gameshell/GameHost/1.0/OberonGameHost.cab (Oberon Flash Game Host)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {D4323BF2-006A-4440-A2F5-27E3E7AB25F8} http://3dlifeplayer.dl.3dvia.com/player/install/installer.exe (Reg Error: Key error.)
O16 - DPF: {DEB21AD3-FDA4-42F6-B57D-EE696A675EE8} http://asp07.photoprintit.de/microsite/8463//defaults/activex/IPSUploader.cab (IPSUploader Control)
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} http://www.gamenext.fr/online/online2/peggle/popcaploader_v10_en.cab (PopCapLoader Object)
O16 - DPF: {F8C5C0F1-D884-43EB-A5A0-9E1C4A102FA8} https://secure.gopetslive.com/dev/GoPetsWeb.cab (GoPetsWeb Control)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - File not found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - File not found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Fichiers communs\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O20 - Winlogon\Notify\WgaLogon: DllName - Reg Error: Value error. - Reg Error: Value error. File not found
O24 - Desktop Components:0 (Ma page d'accueil) - About:Home
O24 - Desktop WallPaper: B:\Documents and Settings\Default User\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: B:\Documents and Settings\Default User\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2005/06/22 09:23:45 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2006/03/24 07:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
O33 - MountPoints2\{c4530c92-518c-11dd-840c-0013d34e19f1}\Shell\Auto\command - "" = G:\tel.xls.exe
O33 - MountPoints2\{c4530c92-518c-11dd-840c-0013d34e19f1}\Shell\AutoRun\command - "" = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL tel.xls.exe
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
[2013/06/19 08:56:47 | 000,148,992 | ---- | C] (Microsoft Corporation) -- C:\Documents and Settings\All Users\Application Data\lfhd.dat
[2013/06/19 08:56:47 | 000,148,992 | ---- | C] (Microsoft Corporation) -- C:\Documents and Settings\All Users\Application Data\bjeqewi.dat
[2013/06/19 08:56:47 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Documents and Settings\All Users\Application Data\rundll32.exe
[2013/06/09 06:10:18 | 000,000,000 | ---D | C] -- C:\Program Files\RealNetworks
[2013/06/09 06:10:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\RealNetworks
[2013/06/09 06:09:56 | 000,000,000 | ---D | C] -- C:\Program Files\Fichiers communs\xing shared
[2013/06/09 06:09:39 | 000,201,872 | ---- | C] (RealNetworks, Inc.) -- C:\WINDOWS\System32\rmoc3260.dll
[2013/06/09 06:09:18 | 000,006,656 | ---- | C] (RealNetworks, Inc.) -- C:\WINDOWS\System32\pndx5016.dll
[2013/06/09 06:09:18 | 000,005,632 | ---- | C] (RealNetworks, Inc.) -- C:\WINDOWS\System32\pndx5032.dll
[2013/06/09 06:09:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\RealNetworks
[2013/06/09 06:09:15 | 000,272,896 | ---- | C] (Progressive Networks) -- C:\WINDOWS\System32\pncrt.dll
[2013/06/09 06:09:06 | 000,000,000 | ---D | C] -- C:\Program Files\Real
[2013/06/09 06:07:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\searchplugins
[2013/06/09 06:07:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Extensions
[2013/06/09 06:06:48 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2013/06/09 06:06:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Babylon
[2013/06/09 06:06:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Florence\Application Data\Babylon
[2013/06/09 04:54:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Florence\Application Data\MSNInstaller
[2007/10/13 12:30:00 | 000,774,144 | ---- | C] (RealNetworks, Inc.) -- C:\Program Files\RngInterstitial.dll
[4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[3 C:\Documents and Settings\Florence\Mes documents\*.tmp files -> C:\Documents and Settings\Florence\Mes documents\*.tmp -> ]
[15 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
[2013/06/20 06:15:07 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013/06/20 06:14:06 | 1072,156,672 | -HS- | M] () -- C:\hiberfil.sys
[2013/06/19 16:41:14 | 000,017,408 | ---- | M] (ICSI Technology Ltd.) -- C:\WINDOWS\System32\drivers\USBCRFT.SYS
[2013/06/19 16:41:10 | 000,001,052 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2013/06/19 16:41:09 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-418652575-719143438-3371274390-1006.job
[2013/06/19 16:41:09 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-418652575-719143438-3371274390-1006.job
[2013/06/19 16:41:07 | 000,000,306 | ---- | M] () -- C:\WINDOWS\tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-418652575-719143438-3371274390-1006.job
[2013/06/19 16:41:04 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\PCConfidential.job
[2013/06/19 13:57:18 | 095,023,320 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\dhfl.pad
[2013/06/19 13:50:31 | 000,000,314 | ---- | M] () -- C:\WINDOWS\tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-418652575-719143438-3371274390-1006.job
[2013/06/19 11:01:44 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2013/06/19 10:14:00 | 000,001,056 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2013/06/19 08:57:27 | 000,000,796 | ---- | M] () -- C:\Documents and Settings\Florence\Menu Démarrer\Programmes\Démarrage\regmonstd.lnk
[2013/06/19 08:57:05 | 095,023,320 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\iweqejb.pad
[2013/06/19 08:57:05 | 000,003,049 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\dhfl.js
[2013/06/19 08:56:47 | 000,148,992 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\All Users\Application Data\lfhd.dat
[2013/06/19 08:56:47 | 000,148,992 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\All Users\Application Data\bjeqewi.dat
[2013/06/19 08:56:47 | 000,033,792 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\All Users\Application Data\rundll32.exe
[2013/06/19 08:37:00 | 000,001,000 | ---- | M] () -- C:\WINDOWS\tasks\Google Software Updater.job
[2013/06/19 08:24:01 | 000,001,178 | ---- | M] () -- C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-418652575-719143438-3371274390-1006UA.job
[2013/06/18 14:24:00 | 000,001,156 | ---- | M] () -- C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-418652575-719143438-3371274390-1006Core.job
[2013/06/18 13:07:56 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2013/06/17 13:56:37 | 000,000,020 | -H-- | M] () -- C:\Documents and Settings\All Users\Application Data\PKP_DLdw.DAT
[2013/06/17 13:54:05 | 000,000,020 | -H-- | M] () -- C:\Documents and Settings\All Users\Application Data\PKP_DLdu.DAT
[2013/06/16 03:33:00 | 000,000,292 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-418652575-719143438-3371274390-1006.job
[2013/06/16 03:03:47 | 000,154,112 | ---- | M] () -- C:\Documents and Settings\Florence\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013/06/13 15:04:59 | 000,000,229 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2013/06/13 13:20:42 | 000,002,519 | ---- | M] () -- C:\Documents and Settings\Florence\Bureau\OpenOffice.org Calc.lnk
[2013/06/13 12:57:47 | 000,099,046 | ---- | M] () -- C:\Documents and Settings\Florence\Bureau\cf christophe[1].JPG
[2013/06/11 16:32:19 | 000,000,292 | ---- | M] () -- C:\WINDOWS\tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-418652575-719143438-3371274390-1006.job
[2013/06/11 16:27:59 | 000,000,332 | ---- | M] () -- C:\WINDOWS\tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-418652575-719143438-3371274390-1006.job
[2013/06/11 12:57:46 | 001,132,502 | ---- | M] () -- C:\Documents and Settings\Florence\Bureau\220513_211059_3TePBap3.pdf
[2013/06/09 06:10:31 | 000,000,987 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\RealPlayer.lnk
[2013/06/09 06:10:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\RealNetworks
[2013/06/09 06:09:39 | 000,201,872 | ---- | M] (RealNetworks, Inc.) -- C:\WINDOWS\System32\rmoc3260.dll
[2013/06/09 06:09:18 | 000,006,656 | ---- | M] (RealNetworks, Inc.) -- C:\WINDOWS\System32\pndx5016.dll
[2013/06/09 06:09:18 | 000,005,632 | ---- | M] (RealNetworks, Inc.) -- C:\WINDOWS\System32\pndx5032.dll
[2013/06/09 06:09:15 | 000,272,896 | ---- | M] (Progressive Networks) -- C:\WINDOWS\System32\pncrt.dll
[2013/06/09 06:06:58 | 000,000,278 | ---- | M] () -- C:\WINDOWS\tasks\EPUpdater.job
[2013/05/29 09:21:06 | 000,000,868 | ---- | M] () -- C:\Documents and Settings\Florence\Bureau\Raccourci vers responsabilite en matiere de sante et d'environnement.odp.lnk
[2013/05/29 09:20:55 | 001,423,064 | ---- | M] () -- C:\Documents and Settings\Florence\Bureau\ordonnance IRM.jpg
[2013/05/24 07:04:11 | 000,221,007 | ---- | M] () -- C:\Certificat de Scolarité AUGER Adeline.pdf
[2013/05/24 07:03:35 | 000,275,991 | ---- | M] () -- C:\auger valentin.pdf
[4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[3 C:\Documents and Settings\Florence\Mes documents\*.tmp files -> C:\Documents and Settings\Florence\Mes documents\*.tmp -> ]
[15 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[color=#E56717]========== Files Created - No Company Name ==========[/color]
[2013/06/19 08:57:27 | 000,000,796 | ---- | C] () -- C:\Documents and Settings\Florence\Menu Démarrer\Programmes\Démarrage\regmonstd.lnk
[2013/06/19 08:57:05 | 000,003,049 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\dhfl.js
[2013/06/19 08:57:02 | 095,023,320 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\iweqejb.pad
[2013/06/19 08:56:55 | 095,023,320 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\dhfl.pad
[2013/06/13 13:07:09 | 000,099,046 | ---- | C] () -- C:\Documents and Settings\Florence\Bureau\cf christophe[1].JPG
[2013/06/11 16:28:06 | 000,000,306 | ---- | C] () -- C:\WINDOWS\tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-418652575-719143438-3371274390-1006.job
[2013/06/11 16:28:05 | 000,000,314 | ---- | C] () -- C:\WINDOWS\tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-418652575-719143438-3371274390-1006.job
[2013/06/11 16:27:58 | 000,000,332 | ---- | C] () -- C:\WINDOWS\tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-418652575-719143438-3371274390-1006.job
[2013/06/11 12:57:46 | 001,132,502 | ---- | C] () -- C:\Documents and Settings\Florence\Bureau\220513_211059_3TePBap3.pdf
[2013/06/09 06:11:16 | 000,000,284 | ---- | C] () -- C:\WINDOWS\tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-418652575-719143438-3371274390-1006.job
[2013/06/09 06:11:14 | 000,000,292 | ---- | C] () -- C:\WINDOWS\tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-418652575-719143438-3371274390-1006.job
[2013/06/09 06:10:31 | 000,000,987 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\RealPlayer.lnk
[2013/06/09 06:06:53 | 000,000,278 | ---- | C] () -- C:\WINDOWS\tasks\EPUpdater.job
[2013/05/29 09:20:55 | 001,423,064 | ---- | C] () -- C:\Documents and Settings\Florence\Bureau\ordonnance IRM.jpg
[2013/05/24 07:04:11 | 000,221,007 | ---- | C] () -- C:\Certificat de Scolarité AUGER Adeline.pdf
[2013/05/24 07:03:35 | 000,275,991 | ---- | C] () -- C:\auger valentin.pdf
[2013/01/30 17:56:42 | 000,109,064 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2013/01/29 14:21:34 | 000,000,288 | ---- | C] () -- C:\Documents and Settings\Florence\Application Data\.backup.dm
[2012/11/09 12:48:06 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2012/03/11 16:18:24 | 000,000,041 | -H-- | C] () -- C:\WINDOWS\System32\swk.ini
[2012/02/15 14:39:38 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2012/02/14 03:44:02 | 000,193,776 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/12/05 10:30:05 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ViewNX.INI
[2010/12/05 10:25:09 | 000,000,268 | RH-- | C] () -- C:\Documents and Settings\All Users\Application Data\Metadata Importer
[2010/12/05 10:25:09 | 000,000,268 | RH-- | C] () -- C:\Documents and Settings\Florence\Application Data\Mail
[2010/12/05 10:25:09 | 000,000,020 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\PKP_DLdw.DAT
[2010/12/05 10:25:09 | 000,000,012 | RH-- | C] () -- C:\Documents and Settings\All Users\Application Data\Overdrive
[2010/12/05 10:23:37 | 000,000,268 | RH-- | C] () -- C:\Documents and Settings\Florence\Application Data\MIDI Patch Names
[2010/12/05 10:23:37 | 000,000,268 | RH-- | C] () -- C:\Documents and Settings\All Users\Application Data\Master
[2010/12/05 10:23:37 | 000,000,020 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\PKP_DLdu.DAT
[2010/12/05 10:23:37 | 000,000,012 | RH-- | C] () -- C:\Documents and Settings\All Users\Application Data\NetServices
[2010/11/06 12:52:53 | 000,000,050 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2010/10/31 09:55:38 | 000,034,708 | ---- | C] () -- C:\WINDOWS\Irremote.ini
[2010/10/31 09:54:17 | 000,142,337 | ---- | C] () -- C:\WINDOWS\System32\Wait.exe
[2010/10/31 09:52:34 | 000,008,205 | ---- | C] () -- C:\WINDOWS\HCWPNP.INI
[2009/12/24 13:46:09 | 000,001,710 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2009/12/21 08:43:02 | 000,085,504 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2009/12/21 08:31:56 | 000,032,256 | ---- | C] () -- C:\WINDOWS\avsredirect.dll
[2009/07/17 08:01:30 | 000,000,066 | ---- | C] () -- C:\WINDOWS\entpack.ini
[2009/06/28 06:17:19 | 000,000,020 | ---- | C] () -- C:\WINDOWS\mafosav.INI
[2009/06/12 07:28:41 | 000,372,247 | ---- | C] () -- C:\WINDOWS\System32\keymk_nav.dat
[2009/06/12 07:28:41 | 000,002,818 | ---- | C] () -- C:\WINDOWS\System32\keymk.dat
[2009/06/12 07:28:41 | 000,001,909 | ---- | C] () -- C:\WINDOWS\System32\keymk_navps.dat
[2009/06/11 11:18:25 | 000,405,602 | ---- | C] () -- C:\WINDOWS\System32\wggmgss_nav.dat
[2009/06/11 11:18:25 | 000,002,839 | ---- | C] () -- C:\WINDOWS\System32\wggmgss.dat
[2009/06/11 11:18:25 | 000,002,820 | ---- | C] () -- C:\WINDOWS\System32\wggmgss_navps.dat
[2009/03/27 06:38:27 | 000,352,754 | ---- | C] () -- C:\WINDOWS\System32\qgiwmgu_nav.dat
[2009/03/27 06:38:27 | 000,002,975 | ---- | C] () -- C:\WINDOWS\System32\qgiwmgu.dat
[2009/03/27 06:38:27 | 000,000,433 | ---- | C] () -- C:\WINDOWS\System32\qgiwmgu_navps.dat
[2009/03/26 12:08:36 | 000,002,230 | ---- | C] () -- C:\WINDOWS\System32\qcuyw_navps.dat
[2009/03/26 12:08:35 | 000,352,754 | ---- | C] () -- C:\WINDOWS\System32\qcuyw_nav.dat
[2009/03/26 12:08:35 | 000,002,930 | ---- | C] () -- C:\WINDOWS\System32\qcuyw.dat
[2009/03/26 09:09:45 | 000,352,754 | ---- | C] () -- C:\WINDOWS\System32\cewyy_nav.dat
[2009/03/26 09:09:45 | 000,004,406 | ---- | C] () -- C:\WINDOWS\System32\cewyy_navps.dat
[2009/03/26 09:09:45 | 000,002,872 | ---- | C] () -- C:\WINDOWS\System32\cewyy.dat
[2009/03/24 14:00:09 | 000,338,966 | ---- | C] () -- C:\WINDOWS\System32\ouuiaks_nav.dat
[2009/03/24 14:00:09 | 000,002,870 | ---- | C] () -- C:\WINDOWS\System32\ouuiaks.dat
[2009/03/24 14:00:09 | 000,000,976 | ---- | C] () -- C:\WINDOWS\System32\ouuiaks_navps.dat
[2009/03/22 04:57:49 | 000,345,892 | ---- | C] () -- C:\WINDOWS\System32\esgkc_nav.dat
[2009/03/22 04:57:49 | 000,002,864 | ---- | C] () -- C:\WINDOWS\System32\esgkc.dat
[2009/03/22 04:57:49 | 000,001,288 | ---- | C] () -- C:\WINDOWS\System32\esgkc_navps.dat
[2009/03/20 15:33:06 | 000,346,143 | ---- | C] () -- C:\WINDOWS\System32\qyooy_nav.dat
[2009/03/20 15:33:06 | 000,003,174 | ---- | C] () -- C:\WINDOWS\System32\qyooy.dat
[2009/03/20 15:33:06 | 000,002,889 | ---- | C] () -- C:\WINDOWS\System32\qyooy_navps.dat
[2009/03/15 05:14:40 | 000,345,892 | ---- | C] () -- C:\WINDOWS\System32\comiuya_nav.dat
[2009/03/15 05:14:40 | 000,002,905 | ---- | C] () -- C:\WINDOWS\System32\comiuya.dat
[2009/03/15 05:14:40 | 000,002,221 | ---- | C] () -- C:\WINDOWS\System32\comiuya_navps.dat
[2008/12/29 12:18:07 | 000,000,000 | ---- | C] () -- C:\WINDOWS\iPlayer.INI
[2008/12/26 09:28:21 | 000,240,128 | ---- | C] () -- C:\WINDOWS\System32\x.264.exe
[2008/12/26 09:28:21 | 000,066,560 | ---- | C] () -- C:\WINDOWS\MOTA113.exe
[2008/12/26 09:28:21 | 000,027,648 | ---- | C] () -- C:\WINDOWS\System32\AVSredirect.dll
[2008/12/26 09:28:20 | 000,502,784 | ---- | C] () -- C:\WINDOWS\x2.64.exe
[2008/12/26 09:28:20 | 000,217,073 | ---- | C] () -- C:\WINDOWS\meta4.exe
[2008/10/01 14:49:52 | 000,184,266 | ---- | C] () -- C:\WINDOWS\System32\yagks.exe
[2008/09/23 15:40:25 | 000,000,033 | ---- | C] () -- C:\WINDOWS\iltwain.ini
[2008/07/05 07:20:37 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2008/03/13 04:27:18 | 000,000,032 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\ezsid.dat
[2008/03/09 10:27:36 | 000,001,033 | ---- | C] () -- C:\WINDOWS\eReg.dat
[2008/03/01 13:08:26 | 000,003,654 | ---- | C] () -- C:\WINDOWS\System32\drivers\Sonyhcp.dll
[2008/02/03 12:10:13 | 000,004,538 | ---- | C] () -- C:\Documents and Settings\Florence\default.pls
[2008/01/29 12:17:45 | 000,231,424 | ---- | C] () -- C:\WINDOWS\System32\pezzcdfbzd.exe
[2007/11/26 07:31:41 | 000,026,077 | ---- | C] () -- C:\WINDOWS\System32\pzvsxl.exe
[2007/08/12 09:29:45 | 000,004,096 | ---- | C] () -- C:\WINDOWS\d3dx.dat
[2007/07/06 16:34:16 | 000,000,016 | ---- | C] () -- C:\WINDOWS\popcinfo.dat
[2007/06/17 13:39:11 | 000,001,353 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2007/06/07 02:48:34 | 000,034,152 | ---- | C] () -- C:\WINDOWS\System32\drivers\OxUSBTIMOUT.sys
[2007/03/31 09:05:35 | 000,000,037 | ---- | C] () -- C:\WINDOWS\3D Text Factory.INI
[2007/02/14 10:47:15 | 000,000,041 | -H-- | C] () -- C:\WINDOWS\dboo1090.dat
[2006/07/03 11:08:09 | 000,154,112 | ---- | C] () -- C:\Documents and Settings\Florence\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2006/04/07 15:43:19 | 000,006,048 | ---- | C] () -- C:\WINDOWS\System32\MCC16.dll
[2006/04/07 15:17:42 | 000,006,550 | ---- | C] () -- C:\WINDOWS\jautoexp.dat
[2006/02/26 10:55:16 | 000,000,000 | ---- | C] () -- C:\WINDOWS\OpPrintServer.INI
[2006/02/01 09:31:52 | 000,000,112 | ---- | C] () -- C:\WINDOWS\ActiveSkin.INI
[2005/12/23 13:55:22 | 000,045,056 | R--- | C] () -- C:\WINDOWS\System32\TGBBOBNotif.dll
[2005/12/23 13:55:22 | 000,024,576 | R--- | C] () -- C:\WINDOWS\System32\tgbstarter.exe
[2005/12/18 13:57:26 | 000,000,162 | ---- | C] () -- C:\WINDOWS\QTW.INI
[2005/12/04 12:22:33 | 000,000,487 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2005/12/04 11:34:35 | 000,000,102 | ---- | C] () -- C:\WINDOWS\ka.ini
[2005/11/30 11:14:28 | 000,007,680 | ---- | C] () -- C:\WINDOWS\System32\CNMVS6s.DLL
[2005/11/30 11:12:05 | 000,000,532 | ---- | C] () -- C:\WINDOWS\MAXLINK.INI
[2005/11/30 10:10:52 | 000,000,131 | ---- | C] () -- C:\Documents and Settings\Florence\Local Settings\Application Data\fusioncache.dat
[2005/09/05 08:13:58 | 000,000,269 | ---- | C] () -- C:\WINDOWS\Dit.INI
[2005/08/29 10:57:28 | 000,003,712 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2005/08/29 10:48:24 | 000,011,690 | -HS- | C] () -- C:\WINDOWS\System32\KGyGaAvL.sys
[2005/08/29 10:48:24 | 000,000,056 | RHS- | C] () -- C:\WINDOWS\System32\A32AC634D4.sys
[2005/08/29 08:56:31 | 000,094,574 | ---- | C] () -- C:\WINDOWS\System32\atiicdxx.dat
[2005/08/29 07:16:20 | 000,000,002 | ---- | C] () -- C:\WINDOWS\msoffice.ini
[2005/07/11 07:39:07 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\PsisDecd.dll
[2005/07/01 11:53:14 | 000,000,229 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2005/07/01 10:54:53 | 000,000,335 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2005/07/01 10:36:56 | 000,127,184 | ---- | C] () -- C:\WINDOWS\Unwise.exe
[2005/07/01 10:36:43 | 000,198,144 | ---- | C] () -- C:\WINDOWS\System32\_psisdecd.dll
[2005/07/01 05:00:58 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\34CoInstaller.dll
[2005/06/22 11:17:44 | 000,004,205 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2005/06/22 11:11:26 | 000,001,176 | ---- | C] () -- C:\WINDOWS\ImpTable.bin
[2005/06/22 11:11:25 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\cmirmdrv.exe
[2005/06/22 11:11:25 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\cmirmdrv.dll
[2005/06/22 09:35:19 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2005/06/22 09:32:13 | 000,000,843 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2005/06/22 09:25:18 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2005/06/22 09:21:52 | 000,021,892 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2005/06/22 09:11:50 | 000,000,886 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2005/06/22 09:11:42 | 000,543,470 | ---- | C] () -- C:\WINDOWS\System32\perfh00C.dat
[2005/06/22 09:11:42 | 000,322,810 | ---- | C] () -- C:\WINDOWS\System32\perfi00C.dat
[2005/06/22 09:11:42 | 000,100,352 | ---- | C] () -- C:\WINDOWS\System32\perfc00C.dat
[2005/06/22 09:11:42 | 000,034,108 | ---- | C] () -- C:\WINDOWS\System32\perfd00C.dat
[2005/06/22 09:11:34 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2005/06/22 09:11:32 | 000,469,368 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2005/06/22 09:11:32 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2005/06/22 09:11:32 | 000,083,476 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2005/06/22 09:11:32 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2005/06/22 09:11:32 | 000,004,518 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2005/06/22 09:11:31 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2005/06/22 09:11:30 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2005/06/22 09:11:28 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2005/06/22 09:11:28 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2005/06/22 09:11:25 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2005/06/22 09:11:21 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2004/09/28 17:54:30 | 003,375,104 | ---- | C] () -- C:\WINDOWS\System32\qt-mt331.dll
[2002/03/16 20:00:00 | 000,007,420 | ---- | C] () -- C:\WINDOWS\UA000082.DLL
[1997/08/28 19:00:00 | 000,022,016 | ---- | C] () -- C:\WINDOWS\System32\DOCOBJ.DLL
[1997/08/28 19:00:00 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\HLINKPRX.DLL
[color=#E56717]========== LOP Check ==========[/color]
[2007/11/09 15:54:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Application Data\X10 Commander
[2012/02/08 14:35:43 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\Florence\Application Data\.#
[2011/12/03 08:43:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Florence\Application Data\.minecraft
[2013/06/09 06:06:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Florence\Application Data\Babylon
[2007/09/04 08:03:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Florence\Application Data\Big Fish Games
[2009/02/21 07:23:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Florence\Application Data\Canneverbe_Limited
[2013/06/13 01:56:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Florence\Application Data\Canon
[2009/12/21 08:33:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Florence\Application Data\CoyoteReplay
[2009/02/24 07:13:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Florence\Application Data\Dr. DivX 2.0 OSS
[2007/01/26 16:10:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Florence\Application Data\DriveCleaner 2006 Free
[2008/07/19 12:04:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Florence\Application Data\Flood Light Games
[2007/08/25 12:52:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Florence\Application Data\FloodLightGames
[2008/10/27 09:06:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Florence\Application Data\Friday's games
[2008/03/02 10:04:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Florence\Application Data\Gamelab
[2008/09/02 08:09:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Florence\Application Data\Go-Go Gourmet Chef of the Year
[2007/11/02 11:18:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Florence\Application Data\Jane s Hotel
[2006/12/14 14:20:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Florence\Application Data\MessengerSkinner
[2010/11/07 07:23:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Florence\Application Data\MP-Manager
[2013/06/09 04:54:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Florence\Application Data\MSNInstaller
[2005/07/01 10:38:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Florence\Application Data\Musicmatch
[2007/08/11 10:00:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Florence\Application Data\My Games
[2010/12/05 10:30:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Florence\Application Data\Nikon
[2008/07/17 08:35:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Florence\Application Data\PlayFirst
[2012/04/11 14:11:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Florence\Application Data\PriceGong
[2005/11/30 11:12:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Florence\Application Data\ScanSoft
[2008/01/19 10:34:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Florence\Application Data\Shareaza
[2008/12/27 11:40:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Florence\Application Data\Sony
[2008/12/27 11:35:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Florence\Application Data\Sony Setup
[2007/08/23 07:50:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Florence\Application Data\SpinTop
[2008/04/19 07:39:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Florence\Application Data\TheScruffs
[2008/02/19 09:37:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Florence\Application Data\Total Eclipse
[2008/10/24 13:01:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Florence\Application Data\Ulead Systems
[2008/07/04 14:59:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Florence\Application Data\Valusoft
[2008/07/19 10:54:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Florence\Application Data\ViquaSoft
[2009/01/24 08:19:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Florence\Application Data\Zylom
[2005/07/01 10:39:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\X10 Commander
[2012/09/02 09:03:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\036E18DDD65B4036027AD52E7B07D329
[2012/10/11 13:43:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\1266F773EBABCFB2007D12667ADD9F64
[2012/10/26 14:21:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\7C9C60DE2191CFB200007C9BE447D54A
[2013/05/01 10:00:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\albumphoto
[2008/07/19 11:34:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Astar Games
[2012/11/30 07:14:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVAST Software
[2013/06/09 06:06:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Babylon
[2007/09/25 12:15:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\BOONTY
[2008/03/03 08:57:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\EA
[2012/07/07 12:20:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Electronic Arts
[2010/12/05 10:25:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\EnterNHelp
[2008/07/19 12:04:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Flood Light Games
[2007/08/25 12:52:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\FloodLightGames
[2009/02/27 11:30:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Fugazo
[2007/11/03 09:20:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\HipSoft
[2010/08/26 01:58:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\IM
[2010/08/26 01:57:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\IncrediMail
[2007/11/02 10:11:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\JollyBear
[2007/10/06 11:15:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Legacy Interactive
[2007/08/23 09:16:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NannyMania
[2010/12/05 10:24:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Nikon
[2007/08/07 12:52:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Oberon Games
[2008/07/17 08:35:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PlayFirst
[2007/11/10 12:57:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PopCap
[2008/10/10 08:13:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sandlot Games
[2006/02/24 16:18:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ScanSoft
[2009/01/11 11:45:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Skyline
[2008/12/27 11:40:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sony
[2011/06/13 12:20:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SSScanAppDataDir
[2005/11/30 11:12:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SSScanWizard
[2009/02/23 13:17:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2011/06/13 09:34:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ulead Systems
[2010/12/05 10:25:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ultima_T15
[2008/07/04 14:59:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Valusoft
[2009/01/11 09:59:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Winferno
[2007/04/14 08:37:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Zylom
[2013/06/09 06:06:58 | 000,000,278 | ---- | M] () -- C:\WINDOWS\Tasks\EPUpdater.job
[2013/06/18 14:24:00 | 000,001,156 | ---- | M] () -- C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-418652575-719143438-3371274390-1006Core.job
[2013/06/19 08:24:01 | 000,001,178 | ---- | M] () -- C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-418652575-719143438-3371274390-1006UA.job
[2013/06/19 16:41:04 | 000,000,416 | ---- | M] () -- C:\WINDOWS\Tasks\PCConfidential.job
[color=#E56717]========== Purity Check ==========[/color]
[color=#E56717]========== Custom Scans ==========[/color]
[color=#A23BEC]< %SYSTEMDRIVE%\*.exe >[/color]
[2001/05/24 07:59:30 | 000,162,304 | ---- | M] () -- C:\UNWISE.EXE
[color=#A23BEC]< MD5 for: ACPI.SYS >[/color]
[2004/08/05 08:00:00 | 018,779,217 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:acpi.sys
[2008/09/12 07:41:21 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:acpi.sys
[2004/08/05 08:00:00 | 018,779,217 | ---- | M] () .cab file -- C:\WINDOWS\I386\sp2.cab:acpi.sys
[2008/09/12 07:41:21 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:acpi.sys
[2004/08/05 08:00:00 | 000,188,672 | ---- | M] (Microsoft Corporation) MD5=0BD94FBFC14EA3606CD6CA4C0255BAA3 -- C:\WINDOWS\$NtServicePackUninstall$\acpi.sys
[2008/04/13 21:52:42 | 000,188,672 | ---- | M] (Microsoft Corporation) MD5=E5E6DBFC41EA8AAD005CB9A57A96B43B -- C:\WINDOWS\ServicePackFiles\i386\acpi.sys
[2008/04/13 21:52:42 | 000,188,672 | ---- | M] (Microsoft Co
OTLPE by OldTimer - Version 3.1.48.0 Folder = X:\Programs\OTLPE
Microsoft Windows XP Service Pack 3 (Version = 5.1.2600) - Type = SYSTEM
Internet Explorer (Version = 8.0.6001.18702)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy
1,022.00 Mb Total Physical Memory | 573.00 Mb Available Physical Memory | 56.00% Memory free
906.00 Mb Paging File | 647.00 Mb Available in Paging File | 71.00% Paging File free
Paging file location(s): [Binary data over 100 bytes]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74.53 Gb Total Space | 3.44 Gb Free Space | 4.61% Space Free | Partition Type: NTFS
Drive D: | 72.08 Gb Total Space | 13.47 Gb Free Space | 18.69% Space Free | Partition Type: NTFS
Drive E: | 2.44 Gb Total Space | 0.12 Gb Free Space | 4.79% Space Free | Partition Type: FAT32
Drive I: | 7.27 Gb Total Space | 7.27 Gb Free Space | 99.99% Space Free | Partition Type: FAT32
Drive X: | 436.59 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet001
[color=#E56717]========== Win32 Services (SafeList) ==========[/color]
SRV - File not found [On_Demand] -- -- (Boonty Games)
SRV - File not found [On_Demand] -- -- (AppMgmt)
SRV - [2013/06/19 08:56:47 | 000,148,992 | ---- | M] (Microsoft Corporation) [Auto] -- C:\Documents and Settings\All Users\Application Data\lfhd.dat -- (winmgmt)
SRV - [2013/04/15 21:07:06 | 000,039,056 | ---- | M] () [Auto] -- C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe -- (RealNetworks Downloader Resolver Service)
SRV - [2013/03/01 06:11:32 | 000,161,384 | R--- | M] (Skype Technologies) [Auto] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/10/02 07:13:44 | 003,064,000 | ---- | M] (Skype Technologies S.A.) [Auto] -- C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2012/05/08 07:25:21 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2012/05/08 07:25:20 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2010/03/29 12:13:26 | 000,602,624 | ---- | M] (Hauppauge Computer Works) [Auto] -- C:\Program Files\WinTV\TVServer\HauppaugeTVServer.exe -- (HauppaugeTVServer)
SRV - [2009/04/06 05:35:44 | 001,002,016 | ---- | M] (Packard Bell Services) [Auto] -- C:\Program Files\Packard Bell\Software Suite\PowerSave\PSPBSSS.exe -- (PowerSave)
SRV - [2006/10/26 13:49:34 | 000,441,136 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv)
SRV - [2006/10/26 08:03:08 | 000,145,184 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
SRV - [2005/06/16 10:22:38 | 000,110,687 | ---- | M] () [Auto] -- C:\Program Files\Home Cinema\PowerCinema\Kernel\TV\CLSched.exe -- (CLSched) CyberLink Task Scheduler (CTS)
SRV - [2005/06/16 10:22:36 | 000,221,281 | ---- | M] () [Auto] -- C:\Program Files\Home Cinema\PowerCinema\Kernel\TV\CLCapSvc.exe -- (CLCapSvc) CyberLink Background Capture Service (CBCS)
SRV - [2005/06/07 09:48:34 | 000,061,440 | ---- | M] (Cyberlink) [Auto] -- C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe -- (CyberLink Media Library Service)
SRV - [2005/04/03 19:41:10 | 000,069,632 | ---- | M] (Macrovision Corporation) [On_Demand] -- C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe -- (IDriverT)
SRV - [2001/11/12 07:31:48 | 000,020,480 | ---- | M] (X10) [On_Demand] -- C:\Program Files\Common Files\X10\Common\X10NETS.EXE -- (x10nets)
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
DRV - File not found [Kernel | On_Demand] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand] -- -- (wanatw) WAN Miniport (ATW)
DRV - File not found [Kernel | On_Demand] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand] -- -- (PDCOMP)
DRV - File not found [Kernel | System] -- -- (PCIDump)
DRV - File not found [Kernel | System] -- -- (lbrtfdc)
DRV - File not found [Kernel | System] -- -- (i2omgmt)
DRV - File not found [Kernel | System] -- -- (Changer)
DRV - [2013/06/19 16:41:14 | 000,017,408 | ---- | M] (ICSI Technology Ltd.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\USBCRFT.SYS -- (CardReaderFilter)
DRV - [2012/05/08 07:25:22 | 000,137,928 | ---- | M] (Avira GmbH) [Kernel | System] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)
DRV - [2012/05/08 07:25:21 | 000,083,392 | ---- | M] (Avira GmbH) [File_System | Auto] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2011/09/16 10:09:17 | 000,036,000 | ---- | M] (Avira GmbH) [Kernel | System] -- C:\WINDOWS\system32\drivers\avkmgr.sys -- (avkmgr)
DRV - [2010/06/17 08:27:22 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2009/07/06 10:33:40 | 000,015,616 | R--- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\hcw95rc.sys -- (hcw95rc)
DRV - [2009/07/06 10:30:58 | 000,573,440 | R--- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\hcw95bda.sys -- (hcw95bda)
DRV - [2008/04/13 14:53:09 | 000,040,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\nmnt.sys -- (nm)
DRV - [2008/04/13 14:46:22 | 000,015,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\mpe.sys -- (MPE)
DRV - [2007/11/02 04:47:38 | 000,109,992 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\s916mdm.sys -- (s916mdm)
DRV - [2007/11/02 04:47:38 | 000,083,496 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\s916bus.sys -- (s916bus) Sony Ericsson Device 916 driver (WDM)
DRV - [2007/11/02 04:47:38 | 000,015,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\s916mdfl.sys -- (s916mdfl)
DRV - [2006/06/13 00:20:00 | 000,094,460 | ---- | M] (Sonic Solutions) [File_System | Auto] -- C:\WINDOWS\system32\DLA\DLAUDFAM.SYS -- (DLAUDFAM)
DRV - [2006/06/13 00:20:00 | 000,088,476 | ---- | M] (Sonic Solutions) [File_System | Auto] -- C:\WINDOWS\system32\DLA\DLAUDF_M.SYS -- (DLAUDF_M)
DRV - [2006/06/13 00:20:00 | 000,086,844 | ---- | M] (Sonic Solutions) [File_System | Auto] -- C:\WINDOWS\system32\DLA\DLAIFS_M.SYS -- (DLAIFS_M)
DRV - [2006/06/13 00:20:00 | 000,025,724 | ---- | M] (Sonic Solutions) [File_System | Auto] -- C:\WINDOWS\system32\DLA\DLABOIOM.SYS -- (DLABOIOM)
DRV - [2006/06/13 00:20:00 | 000,014,716 | ---- | M] (Sonic Solutions) [File_System | Auto] -- C:\WINDOWS\system32\DLA\DLAOPIOM.SYS -- (DLAOPIOM)
DRV - [2006/06/13 00:20:00 | 000,006,364 | ---- | M] (Sonic Solutions) [File_System | Auto] -- C:\WINDOWS\system32\DLA\DLAPoolM.SYS -- (DLAPoolM)
DRV - [2006/06/13 00:20:00 | 000,002,496 | ---- | M] (Sonic Solutions) [File_System | Auto] -- C:\WINDOWS\system32\DLA\DLADResN.SYS -- (DLADResN)
DRV - [2006/03/17 03:35:24 | 000,005,660 | ---- | M] (Sonic Solutions) [File_System | System] -- C:\WINDOWS\system32\drivers\DLACDBHM.SYS -- (DLACDBHM)
DRV - [2006/03/17 03:34:46 | 000,022,684 | ---- | M] (Sonic Solutions) [File_System | System] -- C:\WINDOWS\system32\drivers\DLARTL_N.SYS -- (DLARTL_N)
DRV - [2005/08/17 07:18:58 | 000,005,888 | ---- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\etScan.sys -- (ScanUSBET)
DRV - [2005/08/17 07:12:40 | 000,094,336 | ---- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\etDevice.sys -- (DCamUSBET)
DRV - [2005/07/05 15:28:34 | 000,102,912 | ---- | M] (eMPIA Technology Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\etFilter.sys -- (FiltUSBET)
DRV - [2005/06/07 21:35:08 | 000,799,744 | ---- | M] (Philips Semiconductors GmbH) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\3xHybrid.sys -- (3xHybrid)
DRV - [2005/06/07 16:44:36 | 001,235,968 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2005/05/12 08:39:56 | 001,287,296 | ---- | M] (C-Media Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\cmudax.sys -- (cmudax)
DRV - [2004/11/22 18:36:39 | 000,018,003 | ---- | M] (Motive, Inc.) [Kernel | On_Demand] -- C:\Program Files\Common Files\Motive\MRENDIS5.sys -- (MRENDIS5)
DRV - [2004/03/17 10:10:40 | 000,113,664 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\Hdaudio.sys -- (HdAudAddService)
DRV - [2004/01/16 07:02:58 | 000,017,408 | ---- | M] (X10 Wireless Technology, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\x10ufx2.sys -- (XUIF)
DRV - [2001/08/17 16:11:06 | 000,066,591 | ---- | M] (3Com Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\el90xbc5.sys -- (EL90XBC)
DRV - [1999/09/10 07:06:00 | 000,025,244 | ---- | M] (Adaptec) [Kernel | Auto] -- C:\WINDOWS\System32\drivers\Aspi32.sys -- (Aspi32)
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
[color=#E56717]========== Internet Explorer ==========[/color]
IE - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/toolbar/ie8/sidebar.html
IE - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/toolbar/ie8/sidebar.html
IE - HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?redirfallthru=http%3a%2f%2fwww.msn.fr%2fdajo%3f
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = 127.0.0.1;*.local
IE - HKU\Florence_ON_C\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/?gws_rd=ssl
IE - HKU\Florence_ON_C\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKU\Florence_ON_C\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = https://www.google.com/webhp?gws_rd=ssl{searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
IE - HKU\Florence_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = https://actus.sfr.fr
IE - HKU\Florence_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = https://www.msn.com/fr-fr?ocid=iehp
IE - HKU\Florence_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = fr
IE - HKU\Florence_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = BA B1 B6 84 2D 1B CD 01 [binary data]
IE - HKU\Florence_ON_C\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/toolbar/ie8/sidebar.html
IE - HKU\Florence_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\Florence_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = 127.0.0.1
IE - HKU\LocalService_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?redirfallthru=http%3a%2f%2fwww.msn.fr%2fdajo%3f
IE - HKU\NetworkService_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?redirfallthru=http%3a%2f%2fwww.msn.fr%2fdajo%3f
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: File not found
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa2,version=2.0.0: File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pack.google.com/Google Updater;version=14: C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll (Google)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=16.0.2.32: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/npracplug;version=1.0.0.0: File not found
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlchromebrowserrecordext;version=1.3.2: C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlhtml5videoshim;version=1.3.2: C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlpepperflashvideoshim;version=1.3.2: C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=16.0.2.32: C:\Program Files\Real\RealPlayer\Netscape6\nprpplugin.dll (RealPlayer)
FF - HKLM\Software\MozillaPlugins\@realnetworks.com/npdlplugin;version=1: C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.1: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@zylom.com/ZylomGamesPlayer: C:\Documents and Settings\All Users\Application Data\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll (Zylom)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Documents and Settings\Florence\Local Settings\Application Data\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{FCE04E1F-9378-4f39-96F6-5689A9159E45}: C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ [2013/06/09 06:10:18 | 000,000,000 | ---D | M]
[2013/06/09 06:06:48 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
O1 HOSTS File: ([2004/08/05 08:00:00 | 000,000,790 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (RealNetworks Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (DriveLetterAccess) - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\DLA\DLASHX_W.DLL (Sonic Solutions)
O2 - BHO: (Programme d'aide de l'Assistant de connexion Windows Live) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.8313.1002\swg.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Easy-WebPrint) - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll ()
O3 - HKU\Florence_ON_C\..\Toolbar\WebBrowser: (no name) - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - No CLSID value found.
O3 - HKU\Florence_ON_C\..\Toolbar\WebBrowser: (no name) - {E67C74F4-A00A-4F2C-9FEC-FD9DC004A67F} - No CLSID value found.
O4 - HKLM..\Run: [Adobe ARM] C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AntivirusRegistration] C:\Program Files\CA\Etrust Antivirus\Register.exe ()
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [BabyGoCP] File not found
O4 - HKLM..\Run: [Cmaudio] File not found
O4 - HKLM..\Run: [ContentTransferWMDetector.exe] C:\Program Files\Sony\Content Transfer\ContentTransferWMDetector.exe (Sony Corporation)
O4 - HKLM..\Run: [Dit] C:\WINDOWS\Dit.exe (ICSI Technology Ltd.)
O4 - HKLM..\Run: [DLA] C:\WINDOWS\system32\DLA\DLACTRLW.EXE (Sonic Solutions)
O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh)
O4 - HKLM..\Run: [OpwareSE2] C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe (ScanSoft, Inc.)
O4 - HKLM..\Run: [PCMService] C:\Program Files\Home Cinema\PowerCinema\PCMService.exe (CyberLink Corp.)
O4 - HKLM..\Run: [StandardInstall] File not found
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Real\RealPlayer\update\realsched.exe (RealNetworks, Inc.)
O4 - HKU\Florence_ON_C..\Run: [cewyy] File not found
O4 - HKU\Florence_ON_C..\Run: [comiuya] File not found
O4 - HKU\Florence_ON_C..\Run: [ctfmon32.exe] C:\Documents and Settings\All Users\Application Data\lfhd.dat (Microsoft Corporation)
O4 - HKU\Florence_ON_C..\Run: [EA Core] File not found
O4 - HKU\Florence_ON_C..\Run: [esgkc] File not found
O4 - HKU\Florence_ON_C..\Run: [Facebook Update] C:\Documents and Settings\Florence\Local Settings\Application Data\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
O4 - HKU\Florence_ON_C..\Run: [keymk] File not found
O4 - HKU\Florence_ON_C..\Run: [messengerskinner] File not found
O4 - HKU\Florence_ON_C..\Run: [NBJ] C:\Program Files\Ahead\Nero BackItUp\NBJ.exe (Ahead Software AG)
O4 - HKU\Florence_ON_C..\Run: [OM2_Monitor] File not found
O4 - HKU\Florence_ON_C..\Run: [ouuiaks] File not found
O4 - HKU\Florence_ON_C..\Run: [Packard Bell Software Suite] C:\Program Files\Packard Bell\Software Suite\PBSoftSuite.exe (Acer Incorporated)
O4 - HKU\Florence_ON_C..\Run: [qcuyw] File not found
O4 - HKU\Florence_ON_C..\Run: [qgiwmgu] File not found
O4 - HKU\Florence_ON_C..\Run: [qyooy] File not found
O4 - HKU\Florence_ON_C..\Run: [updateMgr] File not found
O4 - HKU\Florence_ON_C..\Run: [wggmgss] File not found
O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\WinTV Recording Status..lnk = C:\Program Files\WinTV\WinTV7\WinTVTray.exe (Hauppauge Computer Works, Inc.)
O4 - Startup: C:\Documents and Settings\Florence\Menu Démarrer\Programmes\Démarrage\regmonstd.lnk = X:\I386\SYSTEM32\RUNDLL32.EXE (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\Florence_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\LocalService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\NetworkService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Easy-WebPrint Ajouter à la liste d'impressions - C:\Program Files\Canon\Easy-WebPrint\Resource.dll ()
O8 - Extra context menu item: Easy-WebPrint Impression rapide - C:\Program Files\Canon\Easy-WebPrint\Resource.dll ()
O8 - Extra context menu item: Easy-WebPrint Imprimer - C:\Program Files\Canon\Easy-WebPrint\Resource.dll ()
O8 - Extra context menu item: Easy-WebPrint Prévisualiser - C:\Program Files\Canon\Easy-WebPrint\Resource.dll ()
O9 - Extra 'Tools' menuitem : Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\NPJPI150_04.dll (Sun Microsystems, Inc.)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O16 - DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} file:///C:/Program%20Files/Turbo%20Pizza/Images/stg_drm.ocx (SpinTop DRM Control)
O16 - DPF: {15B782AF-55D8-11D1-B477-006097098764} http://fpdownload.macromedia.com/get/shockwave/cabs/authorware/awswaxd.cab (Macromedia Authorware Web Player Control)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://fpdownload.macromedia.com/get/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/8/b/d/8bd77752-5704-4d68-a152-f7252adaa4f2/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {34DC6011-88B5-4EA9-BA7A-DC7B4F4437FE} http://photoservice.fujicolor.de/ips-opdata/objects/jordan.cab (JordanUploader Class)
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab (Solitaire Showdown Class)
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab (UnoCtrl Class)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1119456806656 (WUWebControl Class)
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} http://download.divx.com/player/DivXBrowserPlugin.cab (DivXBrowserPlugin Object)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1121082381687 (MUWebControl Class)
O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} http://express.foto.com/Newuploader/ImageUploader4.cab (Image Uploader Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.5.0/jinstall-1_5_0_04-windows-i586.cab (Java Plug-in 1.5.0_04)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab (MessengerStatsClient Class)
O16 - DPF: {CAFEEFAC-0015-0000-0004-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_04-windows-i586.cab (Java Plug-in 1.5.0_04)
O16 - DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} file:///C:/Program%20Files/Turbo%20Pizza/Images/armhelper.ocx (ArmHelper Control)
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} http://gamenextfr.oberon-media.com/Gameshell/GameHost/1.0/OberonGameHost.cab (Oberon Flash Game Host)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {D4323BF2-006A-4440-A2F5-27E3E7AB25F8} http://3dlifeplayer.dl.3dvia.com/player/install/installer.exe (Reg Error: Key error.)
O16 - DPF: {DEB21AD3-FDA4-42F6-B57D-EE696A675EE8} http://asp07.photoprintit.de/microsite/8463//defaults/activex/IPSUploader.cab (IPSUploader Control)
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} http://www.gamenext.fr/online/online2/peggle/popcaploader_v10_en.cab (PopCapLoader Object)
O16 - DPF: {F8C5C0F1-D884-43EB-A5A0-9E1C4A102FA8} https://secure.gopetslive.com/dev/GoPetsWeb.cab (GoPetsWeb Control)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - File not found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - File not found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Fichiers communs\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O20 - Winlogon\Notify\WgaLogon: DllName - Reg Error: Value error. - Reg Error: Value error. File not found
O24 - Desktop Components:0 (Ma page d'accueil) - About:Home
O24 - Desktop WallPaper: B:\Documents and Settings\Default User\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: B:\Documents and Settings\Default User\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2005/06/22 09:23:45 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2006/03/24 07:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
O33 - MountPoints2\{c4530c92-518c-11dd-840c-0013d34e19f1}\Shell\Auto\command - "" = G:\tel.xls.exe
O33 - MountPoints2\{c4530c92-518c-11dd-840c-0013d34e19f1}\Shell\AutoRun\command - "" = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL tel.xls.exe
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
[2013/06/19 08:56:47 | 000,148,992 | ---- | C] (Microsoft Corporation) -- C:\Documents and Settings\All Users\Application Data\lfhd.dat
[2013/06/19 08:56:47 | 000,148,992 | ---- | C] (Microsoft Corporation) -- C:\Documents and Settings\All Users\Application Data\bjeqewi.dat
[2013/06/19 08:56:47 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Documents and Settings\All Users\Application Data\rundll32.exe
[2013/06/09 06:10:18 | 000,000,000 | ---D | C] -- C:\Program Files\RealNetworks
[2013/06/09 06:10:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\RealNetworks
[2013/06/09 06:09:56 | 000,000,000 | ---D | C] -- C:\Program Files\Fichiers communs\xing shared
[2013/06/09 06:09:39 | 000,201,872 | ---- | C] (RealNetworks, Inc.) -- C:\WINDOWS\System32\rmoc3260.dll
[2013/06/09 06:09:18 | 000,006,656 | ---- | C] (RealNetworks, Inc.) -- C:\WINDOWS\System32\pndx5016.dll
[2013/06/09 06:09:18 | 000,005,632 | ---- | C] (RealNetworks, Inc.) -- C:\WINDOWS\System32\pndx5032.dll
[2013/06/09 06:09:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\RealNetworks
[2013/06/09 06:09:15 | 000,272,896 | ---- | C] (Progressive Networks) -- C:\WINDOWS\System32\pncrt.dll
[2013/06/09 06:09:06 | 000,000,000 | ---D | C] -- C:\Program Files\Real
[2013/06/09 06:07:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\searchplugins
[2013/06/09 06:07:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Extensions
[2013/06/09 06:06:48 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2013/06/09 06:06:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Babylon
[2013/06/09 06:06:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Florence\Application Data\Babylon
[2013/06/09 04:54:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Florence\Application Data\MSNInstaller
[2007/10/13 12:30:00 | 000,774,144 | ---- | C] (RealNetworks, Inc.) -- C:\Program Files\RngInterstitial.dll
[4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[3 C:\Documents and Settings\Florence\Mes documents\*.tmp files -> C:\Documents and Settings\Florence\Mes documents\*.tmp -> ]
[15 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
[2013/06/20 06:15:07 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013/06/20 06:14:06 | 1072,156,672 | -HS- | M] () -- C:\hiberfil.sys
[2013/06/19 16:41:14 | 000,017,408 | ---- | M] (ICSI Technology Ltd.) -- C:\WINDOWS\System32\drivers\USBCRFT.SYS
[2013/06/19 16:41:10 | 000,001,052 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2013/06/19 16:41:09 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-418652575-719143438-3371274390-1006.job
[2013/06/19 16:41:09 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-418652575-719143438-3371274390-1006.job
[2013/06/19 16:41:07 | 000,000,306 | ---- | M] () -- C:\WINDOWS\tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-418652575-719143438-3371274390-1006.job
[2013/06/19 16:41:04 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\PCConfidential.job
[2013/06/19 13:57:18 | 095,023,320 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\dhfl.pad
[2013/06/19 13:50:31 | 000,000,314 | ---- | M] () -- C:\WINDOWS\tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-418652575-719143438-3371274390-1006.job
[2013/06/19 11:01:44 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2013/06/19 10:14:00 | 000,001,056 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2013/06/19 08:57:27 | 000,000,796 | ---- | M] () -- C:\Documents and Settings\Florence\Menu Démarrer\Programmes\Démarrage\regmonstd.lnk
[2013/06/19 08:57:05 | 095,023,320 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\iweqejb.pad
[2013/06/19 08:57:05 | 000,003,049 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\dhfl.js
[2013/06/19 08:56:47 | 000,148,992 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\All Users\Application Data\lfhd.dat
[2013/06/19 08:56:47 | 000,148,992 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\All Users\Application Data\bjeqewi.dat
[2013/06/19 08:56:47 | 000,033,792 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\All Users\Application Data\rundll32.exe
[2013/06/19 08:37:00 | 000,001,000 | ---- | M] () -- C:\WINDOWS\tasks\Google Software Updater.job
[2013/06/19 08:24:01 | 000,001,178 | ---- | M] () -- C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-418652575-719143438-3371274390-1006UA.job
[2013/06/18 14:24:00 | 000,001,156 | ---- | M] () -- C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-418652575-719143438-3371274390-1006Core.job
[2013/06/18 13:07:56 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2013/06/17 13:56:37 | 000,000,020 | -H-- | M] () -- C:\Documents and Settings\All Users\Application Data\PKP_DLdw.DAT
[2013/06/17 13:54:05 | 000,000,020 | -H-- | M] () -- C:\Documents and Settings\All Users\Application Data\PKP_DLdu.DAT
[2013/06/16 03:33:00 | 000,000,292 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-418652575-719143438-3371274390-1006.job
[2013/06/16 03:03:47 | 000,154,112 | ---- | M] () -- C:\Documents and Settings\Florence\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013/06/13 15:04:59 | 000,000,229 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2013/06/13 13:20:42 | 000,002,519 | ---- | M] () -- C:\Documents and Settings\Florence\Bureau\OpenOffice.org Calc.lnk
[2013/06/13 12:57:47 | 000,099,046 | ---- | M] () -- C:\Documents and Settings\Florence\Bureau\cf christophe[1].JPG
[2013/06/11 16:32:19 | 000,000,292 | ---- | M] () -- C:\WINDOWS\tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-418652575-719143438-3371274390-1006.job
[2013/06/11 16:27:59 | 000,000,332 | ---- | M] () -- C:\WINDOWS\tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-418652575-719143438-3371274390-1006.job
[2013/06/11 12:57:46 | 001,132,502 | ---- | M] () -- C:\Documents and Settings\Florence\Bureau\220513_211059_3TePBap3.pdf
[2013/06/09 06:10:31 | 000,000,987 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\RealPlayer.lnk
[2013/06/09 06:10:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\RealNetworks
[2013/06/09 06:09:39 | 000,201,872 | ---- | M] (RealNetworks, Inc.) -- C:\WINDOWS\System32\rmoc3260.dll
[2013/06/09 06:09:18 | 000,006,656 | ---- | M] (RealNetworks, Inc.) -- C:\WINDOWS\System32\pndx5016.dll
[2013/06/09 06:09:18 | 000,005,632 | ---- | M] (RealNetworks, Inc.) -- C:\WINDOWS\System32\pndx5032.dll
[2013/06/09 06:09:15 | 000,272,896 | ---- | M] (Progressive Networks) -- C:\WINDOWS\System32\pncrt.dll
[2013/06/09 06:06:58 | 000,000,278 | ---- | M] () -- C:\WINDOWS\tasks\EPUpdater.job
[2013/05/29 09:21:06 | 000,000,868 | ---- | M] () -- C:\Documents and Settings\Florence\Bureau\Raccourci vers responsabilite en matiere de sante et d'environnement.odp.lnk
[2013/05/29 09:20:55 | 001,423,064 | ---- | M] () -- C:\Documents and Settings\Florence\Bureau\ordonnance IRM.jpg
[2013/05/24 07:04:11 | 000,221,007 | ---- | M] () -- C:\Certificat de Scolarité AUGER Adeline.pdf
[2013/05/24 07:03:35 | 000,275,991 | ---- | M] () -- C:\auger valentin.pdf
[4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[3 C:\Documents and Settings\Florence\Mes documents\*.tmp files -> C:\Documents and Settings\Florence\Mes documents\*.tmp -> ]
[15 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[color=#E56717]========== Files Created - No Company Name ==========[/color]
[2013/06/19 08:57:27 | 000,000,796 | ---- | C] () -- C:\Documents and Settings\Florence\Menu Démarrer\Programmes\Démarrage\regmonstd.lnk
[2013/06/19 08:57:05 | 000,003,049 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\dhfl.js
[2013/06/19 08:57:02 | 095,023,320 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\iweqejb.pad
[2013/06/19 08:56:55 | 095,023,320 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\dhfl.pad
[2013/06/13 13:07:09 | 000,099,046 | ---- | C] () -- C:\Documents and Settings\Florence\Bureau\cf christophe[1].JPG
[2013/06/11 16:28:06 | 000,000,306 | ---- | C] () -- C:\WINDOWS\tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-418652575-719143438-3371274390-1006.job
[2013/06/11 16:28:05 | 000,000,314 | ---- | C] () -- C:\WINDOWS\tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-418652575-719143438-3371274390-1006.job
[2013/06/11 16:27:58 | 000,000,332 | ---- | C] () -- C:\WINDOWS\tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-418652575-719143438-3371274390-1006.job
[2013/06/11 12:57:46 | 001,132,502 | ---- | C] () -- C:\Documents and Settings\Florence\Bureau\220513_211059_3TePBap3.pdf
[2013/06/09 06:11:16 | 000,000,284 | ---- | C] () -- C:\WINDOWS\tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-418652575-719143438-3371274390-1006.job
[2013/06/09 06:11:14 | 000,000,292 | ---- | C] () -- C:\WINDOWS\tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-418652575-719143438-3371274390-1006.job
[2013/06/09 06:10:31 | 000,000,987 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\RealPlayer.lnk
[2013/06/09 06:06:53 | 000,000,278 | ---- | C] () -- C:\WINDOWS\tasks\EPUpdater.job
[2013/05/29 09:20:55 | 001,423,064 | ---- | C] () -- C:\Documents and Settings\Florence\Bureau\ordonnance IRM.jpg
[2013/05/24 07:04:11 | 000,221,007 | ---- | C] () -- C:\Certificat de Scolarité AUGER Adeline.pdf
[2013/05/24 07:03:35 | 000,275,991 | ---- | C] () -- C:\auger valentin.pdf
[2013/01/30 17:56:42 | 000,109,064 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2013/01/29 14:21:34 | 000,000,288 | ---- | C] () -- C:\Documents and Settings\Florence\Application Data\.backup.dm
[2012/11/09 12:48:06 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2012/03/11 16:18:24 | 000,000,041 | -H-- | C] () -- C:\WINDOWS\System32\swk.ini
[2012/02/15 14:39:38 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2012/02/14 03:44:02 | 000,193,776 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/12/05 10:30:05 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ViewNX.INI
[2010/12/05 10:25:09 | 000,000,268 | RH-- | C] () -- C:\Documents and Settings\All Users\Application Data\Metadata Importer
[2010/12/05 10:25:09 | 000,000,268 | RH-- | C] () -- C:\Documents and Settings\Florence\Application Data\Mail
[2010/12/05 10:25:09 | 000,000,020 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\PKP_DLdw.DAT
[2010/12/05 10:25:09 | 000,000,012 | RH-- | C] () -- C:\Documents and Settings\All Users\Application Data\Overdrive
[2010/12/05 10:23:37 | 000,000,268 | RH-- | C] () -- C:\Documents and Settings\Florence\Application Data\MIDI Patch Names
[2010/12/05 10:23:37 | 000,000,268 | RH-- | C] () -- C:\Documents and Settings\All Users\Application Data\Master
[2010/12/05 10:23:37 | 000,000,020 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\PKP_DLdu.DAT
[2010/12/05 10:23:37 | 000,000,012 | RH-- | C] () -- C:\Documents and Settings\All Users\Application Data\NetServices
[2010/11/06 12:52:53 | 000,000,050 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2010/10/31 09:55:38 | 000,034,708 | ---- | C] () -- C:\WINDOWS\Irremote.ini
[2010/10/31 09:54:17 | 000,142,337 | ---- | C] () -- C:\WINDOWS\System32\Wait.exe
[2010/10/31 09:52:34 | 000,008,205 | ---- | C] () -- C:\WINDOWS\HCWPNP.INI
[2009/12/24 13:46:09 | 000,001,710 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2009/12/21 08:43:02 | 000,085,504 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2009/12/21 08:31:56 | 000,032,256 | ---- | C] () -- C:\WINDOWS\avsredirect.dll
[2009/07/17 08:01:30 | 000,000,066 | ---- | C] () -- C:\WINDOWS\entpack.ini
[2009/06/28 06:17:19 | 000,000,020 | ---- | C] () -- C:\WINDOWS\mafosav.INI
[2009/06/12 07:28:41 | 000,372,247 | ---- | C] () -- C:\WINDOWS\System32\keymk_nav.dat
[2009/06/12 07:28:41 | 000,002,818 | ---- | C] () -- C:\WINDOWS\System32\keymk.dat
[2009/06/12 07:28:41 | 000,001,909 | ---- | C] () -- C:\WINDOWS\System32\keymk_navps.dat
[2009/06/11 11:18:25 | 000,405,602 | ---- | C] () -- C:\WINDOWS\System32\wggmgss_nav.dat
[2009/06/11 11:18:25 | 000,002,839 | ---- | C] () -- C:\WINDOWS\System32\wggmgss.dat
[2009/06/11 11:18:25 | 000,002,820 | ---- | C] () -- C:\WINDOWS\System32\wggmgss_navps.dat
[2009/03/27 06:38:27 | 000,352,754 | ---- | C] () -- C:\WINDOWS\System32\qgiwmgu_nav.dat
[2009/03/27 06:38:27 | 000,002,975 | ---- | C] () -- C:\WINDOWS\System32\qgiwmgu.dat
[2009/03/27 06:38:27 | 000,000,433 | ---- | C] () -- C:\WINDOWS\System32\qgiwmgu_navps.dat
[2009/03/26 12:08:36 | 000,002,230 | ---- | C] () -- C:\WINDOWS\System32\qcuyw_navps.dat
[2009/03/26 12:08:35 | 000,352,754 | ---- | C] () -- C:\WINDOWS\System32\qcuyw_nav.dat
[2009/03/26 12:08:35 | 000,002,930 | ---- | C] () -- C:\WINDOWS\System32\qcuyw.dat
[2009/03/26 09:09:45 | 000,352,754 | ---- | C] () -- C:\WINDOWS\System32\cewyy_nav.dat
[2009/03/26 09:09:45 | 000,004,406 | ---- | C] () -- C:\WINDOWS\System32\cewyy_navps.dat
[2009/03/26 09:09:45 | 000,002,872 | ---- | C] () -- C:\WINDOWS\System32\cewyy.dat
[2009/03/24 14:00:09 | 000,338,966 | ---- | C] () -- C:\WINDOWS\System32\ouuiaks_nav.dat
[2009/03/24 14:00:09 | 000,002,870 | ---- | C] () -- C:\WINDOWS\System32\ouuiaks.dat
[2009/03/24 14:00:09 | 000,000,976 | ---- | C] () -- C:\WINDOWS\System32\ouuiaks_navps.dat
[2009/03/22 04:57:49 | 000,345,892 | ---- | C] () -- C:\WINDOWS\System32\esgkc_nav.dat
[2009/03/22 04:57:49 | 000,002,864 | ---- | C] () -- C:\WINDOWS\System32\esgkc.dat
[2009/03/22 04:57:49 | 000,001,288 | ---- | C] () -- C:\WINDOWS\System32\esgkc_navps.dat
[2009/03/20 15:33:06 | 000,346,143 | ---- | C] () -- C:\WINDOWS\System32\qyooy_nav.dat
[2009/03/20 15:33:06 | 000,003,174 | ---- | C] () -- C:\WINDOWS\System32\qyooy.dat
[2009/03/20 15:33:06 | 000,002,889 | ---- | C] () -- C:\WINDOWS\System32\qyooy_navps.dat
[2009/03/15 05:14:40 | 000,345,892 | ---- | C] () -- C:\WINDOWS\System32\comiuya_nav.dat
[2009/03/15 05:14:40 | 000,002,905 | ---- | C] () -- C:\WINDOWS\System32\comiuya.dat
[2009/03/15 05:14:40 | 000,002,221 | ---- | C] () -- C:\WINDOWS\System32\comiuya_navps.dat
[2008/12/29 12:18:07 | 000,000,000 | ---- | C] () -- C:\WINDOWS\iPlayer.INI
[2008/12/26 09:28:21 | 000,240,128 | ---- | C] () -- C:\WINDOWS\System32\x.264.exe
[2008/12/26 09:28:21 | 000,066,560 | ---- | C] () -- C:\WINDOWS\MOTA113.exe
[2008/12/26 09:28:21 | 000,027,648 | ---- | C] () -- C:\WINDOWS\System32\AVSredirect.dll
[2008/12/26 09:28:20 | 000,502,784 | ---- | C] () -- C:\WINDOWS\x2.64.exe
[2008/12/26 09:28:20 | 000,217,073 | ---- | C] () -- C:\WINDOWS\meta4.exe
[2008/10/01 14:49:52 | 000,184,266 | ---- | C] () -- C:\WINDOWS\System32\yagks.exe
[2008/09/23 15:40:25 | 000,000,033 | ---- | C] () -- C:\WINDOWS\iltwain.ini
[2008/07/05 07:20:37 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2008/03/13 04:27:18 | 000,000,032 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\ezsid.dat
[2008/03/09 10:27:36 | 000,001,033 | ---- | C] () -- C:\WINDOWS\eReg.dat
[2008/03/01 13:08:26 | 000,003,654 | ---- | C] () -- C:\WINDOWS\System32\drivers\Sonyhcp.dll
[2008/02/03 12:10:13 | 000,004,538 | ---- | C] () -- C:\Documents and Settings\Florence\default.pls
[2008/01/29 12:17:45 | 000,231,424 | ---- | C] () -- C:\WINDOWS\System32\pezzcdfbzd.exe
[2007/11/26 07:31:41 | 000,026,077 | ---- | C] () -- C:\WINDOWS\System32\pzvsxl.exe
[2007/08/12 09:29:45 | 000,004,096 | ---- | C] () -- C:\WINDOWS\d3dx.dat
[2007/07/06 16:34:16 | 000,000,016 | ---- | C] () -- C:\WINDOWS\popcinfo.dat
[2007/06/17 13:39:11 | 000,001,353 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2007/06/07 02:48:34 | 000,034,152 | ---- | C] () -- C:\WINDOWS\System32\drivers\OxUSBTIMOUT.sys
[2007/03/31 09:05:35 | 000,000,037 | ---- | C] () -- C:\WINDOWS\3D Text Factory.INI
[2007/02/14 10:47:15 | 000,000,041 | -H-- | C] () -- C:\WINDOWS\dboo1090.dat
[2006/07/03 11:08:09 | 000,154,112 | ---- | C] () -- C:\Documents and Settings\Florence\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2006/04/07 15:43:19 | 000,006,048 | ---- | C] () -- C:\WINDOWS\System32\MCC16.dll
[2006/04/07 15:17:42 | 000,006,550 | ---- | C] () -- C:\WINDOWS\jautoexp.dat
[2006/02/26 10:55:16 | 000,000,000 | ---- | C] () -- C:\WINDOWS\OpPrintServer.INI
[2006/02/01 09:31:52 | 000,000,112 | ---- | C] () -- C:\WINDOWS\ActiveSkin.INI
[2005/12/23 13:55:22 | 000,045,056 | R--- | C] () -- C:\WINDOWS\System32\TGBBOBNotif.dll
[2005/12/23 13:55:22 | 000,024,576 | R--- | C] () -- C:\WINDOWS\System32\tgbstarter.exe
[2005/12/18 13:57:26 | 000,000,162 | ---- | C] () -- C:\WINDOWS\QTW.INI
[2005/12/04 12:22:33 | 000,000,487 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2005/12/04 11:34:35 | 000,000,102 | ---- | C] () -- C:\WINDOWS\ka.ini
[2005/11/30 11:14:28 | 000,007,680 | ---- | C] () -- C:\WINDOWS\System32\CNMVS6s.DLL
[2005/11/30 11:12:05 | 000,000,532 | ---- | C] () -- C:\WINDOWS\MAXLINK.INI
[2005/11/30 10:10:52 | 000,000,131 | ---- | C] () -- C:\Documents and Settings\Florence\Local Settings\Application Data\fusioncache.dat
[2005/09/05 08:13:58 | 000,000,269 | ---- | C] () -- C:\WINDOWS\Dit.INI
[2005/08/29 10:57:28 | 000,003,712 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2005/08/29 10:48:24 | 000,011,690 | -HS- | C] () -- C:\WINDOWS\System32\KGyGaAvL.sys
[2005/08/29 10:48:24 | 000,000,056 | RHS- | C] () -- C:\WINDOWS\System32\A32AC634D4.sys
[2005/08/29 08:56:31 | 000,094,574 | ---- | C] () -- C:\WINDOWS\System32\atiicdxx.dat
[2005/08/29 07:16:20 | 000,000,002 | ---- | C] () -- C:\WINDOWS\msoffice.ini
[2005/07/11 07:39:07 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\PsisDecd.dll
[2005/07/01 11:53:14 | 000,000,229 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2005/07/01 10:54:53 | 000,000,335 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2005/07/01 10:36:56 | 000,127,184 | ---- | C] () -- C:\WINDOWS\Unwise.exe
[2005/07/01 10:36:43 | 000,198,144 | ---- | C] () -- C:\WINDOWS\System32\_psisdecd.dll
[2005/07/01 05:00:58 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\34CoInstaller.dll
[2005/06/22 11:17:44 | 000,004,205 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2005/06/22 11:11:26 | 000,001,176 | ---- | C] () -- C:\WINDOWS\ImpTable.bin
[2005/06/22 11:11:25 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\cmirmdrv.exe
[2005/06/22 11:11:25 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\cmirmdrv.dll
[2005/06/22 09:35:19 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2005/06/22 09:32:13 | 000,000,843 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2005/06/22 09:25:18 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2005/06/22 09:21:52 | 000,021,892 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2005/06/22 09:11:50 | 000,000,886 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2005/06/22 09:11:42 | 000,543,470 | ---- | C] () -- C:\WINDOWS\System32\perfh00C.dat
[2005/06/22 09:11:42 | 000,322,810 | ---- | C] () -- C:\WINDOWS\System32\perfi00C.dat
[2005/06/22 09:11:42 | 000,100,352 | ---- | C] () -- C:\WINDOWS\System32\perfc00C.dat
[2005/06/22 09:11:42 | 000,034,108 | ---- | C] () -- C:\WINDOWS\System32\perfd00C.dat
[2005/06/22 09:11:34 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2005/06/22 09:11:32 | 000,469,368 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2005/06/22 09:11:32 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2005/06/22 09:11:32 | 000,083,476 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2005/06/22 09:11:32 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2005/06/22 09:11:32 | 000,004,518 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2005/06/22 09:11:31 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2005/06/22 09:11:30 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2005/06/22 09:11:28 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2005/06/22 09:11:28 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2005/06/22 09:11:25 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2005/06/22 09:11:21 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2004/09/28 17:54:30 | 003,375,104 | ---- | C] () -- C:\WINDOWS\System32\qt-mt331.dll
[2002/03/16 20:00:00 | 000,007,420 | ---- | C] () -- C:\WINDOWS\UA000082.DLL
[1997/08/28 19:00:00 | 000,022,016 | ---- | C] () -- C:\WINDOWS\System32\DOCOBJ.DLL
[1997/08/28 19:00:00 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\HLINKPRX.DLL
[color=#E56717]========== LOP Check ==========[/color]
[2007/11/09 15:54:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Application Data\X10 Commander
[2012/02/08 14:35:43 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\Florence\Application Data\.#
[2011/12/03 08:43:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Florence\Application Data\.minecraft
[2013/06/09 06:06:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Florence\Application Data\Babylon
[2007/09/04 08:03:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Florence\Application Data\Big Fish Games
[2009/02/21 07:23:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Florence\Application Data\Canneverbe_Limited
[2013/06/13 01:56:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Florence\Application Data\Canon
[2009/12/21 08:33:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Florence\Application Data\CoyoteReplay
[2009/02/24 07:13:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Florence\Application Data\Dr. DivX 2.0 OSS
[2007/01/26 16:10:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Florence\Application Data\DriveCleaner 2006 Free
[2008/07/19 12:04:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Florence\Application Data\Flood Light Games
[2007/08/25 12:52:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Florence\Application Data\FloodLightGames
[2008/10/27 09:06:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Florence\Application Data\Friday's games
[2008/03/02 10:04:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Florence\Application Data\Gamelab
[2008/09/02 08:09:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Florence\Application Data\Go-Go Gourmet Chef of the Year
[2007/11/02 11:18:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Florence\Application Data\Jane s Hotel
[2006/12/14 14:20:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Florence\Application Data\MessengerSkinner
[2010/11/07 07:23:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Florence\Application Data\MP-Manager
[2013/06/09 04:54:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Florence\Application Data\MSNInstaller
[2005/07/01 10:38:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Florence\Application Data\Musicmatch
[2007/08/11 10:00:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Florence\Application Data\My Games
[2010/12/05 10:30:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Florence\Application Data\Nikon
[2008/07/17 08:35:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Florence\Application Data\PlayFirst
[2012/04/11 14:11:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Florence\Application Data\PriceGong
[2005/11/30 11:12:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Florence\Application Data\ScanSoft
[2008/01/19 10:34:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Florence\Application Data\Shareaza
[2008/12/27 11:40:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Florence\Application Data\Sony
[2008/12/27 11:35:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Florence\Application Data\Sony Setup
[2007/08/23 07:50:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Florence\Application Data\SpinTop
[2008/04/19 07:39:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Florence\Application Data\TheScruffs
[2008/02/19 09:37:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Florence\Application Data\Total Eclipse
[2008/10/24 13:01:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Florence\Application Data\Ulead Systems
[2008/07/04 14:59:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Florence\Application Data\Valusoft
[2008/07/19 10:54:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Florence\Application Data\ViquaSoft
[2009/01/24 08:19:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Florence\Application Data\Zylom
[2005/07/01 10:39:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\X10 Commander
[2012/09/02 09:03:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\036E18DDD65B4036027AD52E7B07D329
[2012/10/11 13:43:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\1266F773EBABCFB2007D12667ADD9F64
[2012/10/26 14:21:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\7C9C60DE2191CFB200007C9BE447D54A
[2013/05/01 10:00:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\albumphoto
[2008/07/19 11:34:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Astar Games
[2012/11/30 07:14:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVAST Software
[2013/06/09 06:06:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Babylon
[2007/09/25 12:15:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\BOONTY
[2008/03/03 08:57:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\EA
[2012/07/07 12:20:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Electronic Arts
[2010/12/05 10:25:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\EnterNHelp
[2008/07/19 12:04:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Flood Light Games
[2007/08/25 12:52:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\FloodLightGames
[2009/02/27 11:30:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Fugazo
[2007/11/03 09:20:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\HipSoft
[2010/08/26 01:58:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\IM
[2010/08/26 01:57:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\IncrediMail
[2007/11/02 10:11:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\JollyBear
[2007/10/06 11:15:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Legacy Interactive
[2007/08/23 09:16:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NannyMania
[2010/12/05 10:24:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Nikon
[2007/08/07 12:52:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Oberon Games
[2008/07/17 08:35:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PlayFirst
[2007/11/10 12:57:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PopCap
[2008/10/10 08:13:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sandlot Games
[2006/02/24 16:18:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ScanSoft
[2009/01/11 11:45:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Skyline
[2008/12/27 11:40:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sony
[2011/06/13 12:20:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SSScanAppDataDir
[2005/11/30 11:12:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SSScanWizard
[2009/02/23 13:17:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2011/06/13 09:34:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ulead Systems
[2010/12/05 10:25:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ultima_T15
[2008/07/04 14:59:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Valusoft
[2009/01/11 09:59:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Winferno
[2007/04/14 08:37:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Zylom
[2013/06/09 06:06:58 | 000,000,278 | ---- | M] () -- C:\WINDOWS\Tasks\EPUpdater.job
[2013/06/18 14:24:00 | 000,001,156 | ---- | M] () -- C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-418652575-719143438-3371274390-1006Core.job
[2013/06/19 08:24:01 | 000,001,178 | ---- | M] () -- C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-418652575-719143438-3371274390-1006UA.job
[2013/06/19 16:41:04 | 000,000,416 | ---- | M] () -- C:\WINDOWS\Tasks\PCConfidential.job
[color=#E56717]========== Purity Check ==========[/color]
[color=#E56717]========== Custom Scans ==========[/color]
[color=#A23BEC]< %SYSTEMDRIVE%\*.exe >[/color]
[2001/05/24 07:59:30 | 000,162,304 | ---- | M] () -- C:\UNWISE.EXE
[color=#A23BEC]< MD5 for: ACPI.SYS >[/color]
[2004/08/05 08:00:00 | 018,779,217 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:acpi.sys
[2008/09/12 07:41:21 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:acpi.sys
[2004/08/05 08:00:00 | 018,779,217 | ---- | M] () .cab file -- C:\WINDOWS\I386\sp2.cab:acpi.sys
[2008/09/12 07:41:21 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:acpi.sys
[2004/08/05 08:00:00 | 000,188,672 | ---- | M] (Microsoft Corporation) MD5=0BD94FBFC14EA3606CD6CA4C0255BAA3 -- C:\WINDOWS\$NtServicePackUninstall$\acpi.sys
[2008/04/13 21:52:42 | 000,188,672 | ---- | M] (Microsoft Corporation) MD5=E5E6DBFC41EA8AAD005CB9A57A96B43B -- C:\WINDOWS\ServicePackFiles\i386\acpi.sys
[2008/04/13 21:52:42 | 000,188,672 | ---- | M] (Microsoft Co
est ce que tu peux lancer Roguekiller en mode suppression ?
https://forums.commentcamarche.net/forum/affich-28059248-virus-hadopi-sur-windows-xp#6
https://forums.commentcamarche.net/forum/affich-28059248-virus-hadopi-sur-windows-xp#6
