Assiste.Forums

[Damien_B]

Bonjour,

J'ai vraisemblablement un virus qui infecte ma machine
Avira a trouvé BOO/Alureon.A, mais j'ai l'impression qu'il ne le supprime pas (ou alors il revient...).
Depuis j'ai parfois des difficulté à me connecté à internet et il arrive que le PC redémarre tout seul.

Ci-dessous le rapport de Malwarebytes' Anti-Malware :

Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Version de la base de données: 5076

Windows 6.0.6001 Service Pack 1
Internet Explorer 7.0.6001.18000

2010-11-08 18:16:17
mbam-log-2010-11-08 (18-16-17).txt

Type d'examen: Examen rapide
Elément(s) analysé(s): 145795
Temps écoulé: 4 minute(s), 33 seconde(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 2

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
C:\$RECYCLE.BIN\S-1-5-21-2362422316-1266326320-2416680866-1000\$R1I9NJB.exe (Trojan.Dropper) -> No action taken.
C:\Users\Famille_Buchet\AppData\Local\Temp\5226.tmp (Trojan.Agent.Gen) -> No action taken.


Les rapports d'OTL suivent.

Merci d'avance à qui pourra m'aider.

Damien

[Damien_B]

OTL logfile created on: 2010-11-08 18:18:57 - Run 1
OTL by OldTimer - Version 3.2.17.3 Folder = C:\Users\Famille_Buchet\Desktop
64bit-Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00000C0C | Country: Canada | Language: FRC | Date Format: yyyy-MM-dd

4,00 Gb Total Physical Memory | 3,00 Gb Available Physical Memory | 64,00% Memory free
8,00 Gb Paging File | 6,00 Gb Available in Paging File | 79,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 285,04 Gb Total Space | 44,13 Gb Free Space | 15,48% Space Free | Partition Type: NTFS
Drive D: | 13,05 Gb Total Space | 2,70 Gb Free Space | 20,73% Space Free | Partition Type: NTFS

Computer Name: PC-BUCHET_D | User Name: Famille_Buchet | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2010-11-08 17:45:50 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Famille_Buchet\Desktop\OTL.exe
PRC - [2010-09-23 06:47:16 | 000,349,616 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
PRC - [2010-08-17 15:39:03 | 000,135,336 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
PRC - [2010-08-17 15:38:55 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
PRC - [2010-08-17 15:38:55 | 000,267,944 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
PRC - [2009-06-17 06:44:11 | 000,085,160 | ---- | M] (Elaborate Bytes AG) -- C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
PRC - [2007-10-24 05:02:16 | 000,358,936 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
PRC - [2007-10-24 05:02:14 | 000,178,712 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe


========== Modules (SafeList) ==========

MOD - [2010-11-08 17:45:50 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Famille_Buchet\Desktop\OTL.exe
MOD - [2010-08-31 10:39:57 | 001,684,480 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18523_none_5cdd65e20837faf2\comctl32.dll
MOD - [2010-05-04 13:39:54 | 000,248,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWOW64\msshsq.dll
MOD - [2008-01-20 21:51:11 | 000,183,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWOW64\duser.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2008-01-20 21:47:32 | 000,383,544 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)
SRV - [2010-10-25 14:47:07 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2010-08-17 15:39:03 | 000,135,336 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2010-08-17 15:38:55 | 000,267,944 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2008-07-27 13:03:13 | 000,069,632 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2007-10-24 05:02:16 | 000,358,936 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel(R)


========== Driver Services (SafeList) ==========

DRV:64bit: - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\SymIM.sys -- (SymIMMP)
DRV:64bit: - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\SymIM.sys -- (SymIM)
DRV:64bit: - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV:64bit: - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV:64bit: - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\ipinip.sys -- (IpInIp)
DRV:64bit: - [2010-08-17 15:39:11 | 000,116,568 | ---- | M] () [Kernel | System | Running] -- C:\Windows\SysNative\DRIVERS\avipbb.sys -- (avipbb)
DRV:64bit: - [2010-08-17 15:39:11 | 000,081,584 | ---- | M] () [File_System | Auto | Running] -- C:\Windows\SysNative\DRIVERS\avgntflt.sys -- (avgntflt)
DRV:64bit: - [2009-12-17 17:25:17 | 000,034,472 | ---- | M] () [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\ElbyCDIO.sys -- (ElbyCDIO)
DRV:64bit: - [2009-10-26 14:36:22 | 001,202,688 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\smserial.sys -- (smserial)
DRV:64bit: - [2009-08-09 16:25:45 | 000,036,352 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\VClone.sys -- (VClone)
DRV:64bit: - [2008-01-20 21:47:28 | 000,046,080 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\wpdusb.sys -- (WpdUsb)
DRV:64bit: - [2008-01-20 21:46:57 | 001,523,712 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\VSTDPV6.SYS -- (HSF_DPV)
DRV:64bit: - [2008-01-20 21:46:57 | 000,724,480 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\VSTCNXT6.SYS -- (winachsf)
DRV:64bit: - [2008-01-20 21:46:57 | 000,286,720 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\VSTAZL6.SYS -- (HSFHWAZL)
DRV:64bit: - [2008-01-20 21:46:55 | 000,111,104 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\sdbus.sys -- (sdbus)
DRV:64bit: - [2008-01-20 21:46:55 | 000,024,064 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\MODEMCSA.sys -- (MODEMCSA)
DRV:64bit: - [2008-01-18 06:31:30 | 000,320,560 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\SynTP.sys -- (SynTP)
DRV:64bit: - [2007-09-29 18:03:32 | 000,384,024 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\DRIVERS\iaStor.sys -- (iaStor)
DRV:64bit: - [2007-09-18 08:12:34 | 000,095,784 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt)
DRV:64bit: - [2007-09-18 08:12:34 | 000,089,128 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio)
DRV:64bit: - [2007-09-18 08:12:34 | 000,019,752 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\btwrchid.sys -- (btwrchid)
DRV:64bit: - [2007-09-17 18:17:46 | 000,135,680 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\Rtlh64.sys -- (RTL8169)
DRV:64bit: - [2007-07-11 12:30:34 | 000,009,088 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\HpqRemHid.sys -- (HpqRemHid)
DRV:64bit: - [2007-06-28 10:09:56 | 003,148,288 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\NETw4v64.sys -- (NETw4v64) Intel(R)
DRV:64bit: - [2007-06-18 19:13:12 | 000,018,432 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\HpqKbFiltr.sys -- (HpqKbFiltr)
DRV:64bit: - [2007-03-26 21:48:24 | 000,055,808 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\DRIVERS\rixdpx64.sys -- (rismxdp)
DRV:64bit: - [2007-03-19 14:09:36 | 000,055,808 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\DRIVERS\rimmpx64.sys -- (rimmptsk)
DRV:64bit: - [2007-02-27 18:10:38 | 000,053,760 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\DRIVERS\rimspx64.sys -- (rimsptsk)
DRV:64bit: - [2006-10-09 21:09:03 | 000,742,696 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\nvm60x64.sys -- (NVENETFD)
DRV:64bit: - [2006-10-06 21:13:22 | 000,550,912 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\bcmwl664.sys -- (BCM43XV)
DRV:64bit: - [2006-09-18 16:36:24 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\Wbem\ntfs.mof -- (Ntfs)

========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE= ... &pf=laptop
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE= ... &pf=laptop
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE= ... &pf=laptop
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE= ... &pf=laptop
IE - HKLM\..\URLSearchHook: {364d4e0c-543f-4b85-abe3-19551139da4f} - C:\Program Files (x86)\Softonic_France\tbSoft.dll (Conduit Ltd.)


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-2362422316-1266326320-2416680866-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE= ... &pf=laptop
IE - HKU\S-1-5-21-2362422316-1266326320-2416680866-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource= ... =CT1351374
IE - HKU\S-1-5-21-2362422316-1266326320-2416680866-1000\..\URLSearchHook: {364d4e0c-543f-4b85-abe3-19551139da4f} - C:\Program Files (x86)\Softonic_France\tbSoft.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-2362422316-1266326320-2416680866-1000\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
IE - HKU\S-1-5-21-2362422316-1266326320-2416680866-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultthis.engineName: "Softonic France Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT1351374&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.startup.homepage: "http://www.google.ca/"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..keyword.URL: "http://search.conduit.com/ResultsExt.aspx?ctid=CT1351374&q="

FF - HKLM\software\mozilla\Mozilla Firefox 3.5.15\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010-10-28 20:43:04 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.15\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2010-11-07 17:14:12 | 000,000,000 | ---D | M]

[2010-10-24 11:36:14 | 000,000,000 | ---D | M] -- C:\Users\Famille_Buchet\AppData\Roaming\mozilla\Extensions
[2010-11-08 09:25:58 | 000,000,000 | ---D | M] -- C:\Users\Famille_Buchet\AppData\Roaming\mozilla\Firefox\Profiles\d9ilr9c9.default\extensions
[2010-10-28 08:18:33 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Famille_Buchet\AppData\Roaming\mozilla\Firefox\Profiles\d9ilr9c9.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010-08-05 20:37:02 | 000,000,933 | ---- | M] () -- C:\Users\Famille_Buchet\AppData\Roaming\Mozilla\FireFox\Profiles\d9ilr9c9.default\searchplugins\conduit.xml
[2010-11-06 07:41:41 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2010-10-24 20:33:38 | 000,000,000 | ---D | M] (Skype extension) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
[2010-11-06 07:41:41 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2010-11-06 07:41:17 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
[2010-10-01 21:19:57 | 000,001,516 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\amazon-france.xml
[2010-10-01 21:19:57 | 000,001,822 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\cnrtl-tlfi-fr.xml
[2010-10-01 21:19:57 | 000,000,757 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\eBay-france.xml
[2010-10-01 21:19:57 | 000,001,426 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\wikipedia-fr.xml
[2010-10-01 21:19:57 | 000,000,652 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\yahoo-france.xml

O1 HOSTS File: ([2006-09-18 16:37:24 | 000,000,761 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (Softonic France Toolbar) - {364d4e0c-543f-4b85-abe3-19551139da4f} - C:\Program Files (x86)\Softonic_France\tbSoft.dll (Conduit Ltd.)
O2 - BHO: (no name) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - No CLSID value found.
O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O3 - HKLM\..\Toolbar: (Softonic France Toolbar) - {364d4e0c-543f-4b85-abe3-19551139da4f} - C:\Program Files (x86)\Softonic_France\tbSoft.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O4:64bit: - HKLM..\Run: [HP Health Check Scheduler] File not found
O4:64bit: - HKLM..\Run: [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [NvCplDaemon] C:\Windows\SysNative\NvCpl.DLL ()
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Windows\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [SMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe (Motorola Inc.)
O4:64bit: - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [UCam_Menu] C:\Program Files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [VirtualCloneDrive] C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe (Elaborate Bytes AG)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\SysWow64\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\SysWow64\oobefldr.dll (Microsoft Corporation)
O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O9:64bit: - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_02)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_22)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O18:64bit: - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\http\oledb {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\https\oledb {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ipp - No CLSID value found
O18:64bit: - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - Reg Error: Key error. File not found
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\1_Personnel\06_Photos\2010\06-2010\Floride\IMG_3226.JPG
O24 - Desktop BackupWallPaper: C:\1_Personnel\06_Photos\2010\06-2010\Floride\IMG_3226.JPG
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2005-09-11 10:18:54 | 000,000,340 | -HS- | M] () - D:\AUTOMODE -- [ NTFS ]
O33 - MountPoints2\{3b4fa3ae-e2bc-11df-8bca-001e6885cc6e}\Shell - "" = AutoRun
O33 - MountPoints2\{3b4fa3ae-e2bc-11df-8bca-001e6885cc6e}\Shell\AutoRun\command - "" = F:\autorun\autorun.exe -- File not found
O33 - MountPoints2\{ea2c71b2-df98-11df-99a5-001e6885cc6e}\Shell - "" = AutoRun
O33 - MountPoints2\{ea2c71b2-df98-11df-99a5-001e6885cc6e}\Shell\AutoRun\command - "" = G:\WD SmartWare.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*


CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2010-11-08 17:58:55 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2010-11-08 17:54:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ERUNT
[2010-11-08 17:49:54 | 000,000,000 | ---D | C] -- C:\Users\Famille_Buchet\AppData\Roaming\Malwarebytes
[2010-11-08 17:49:38 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2010-11-08 17:49:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2010-11-08 17:49:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010-11-08 17:47:35 | 006,153,352 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\Famille_Buchet\Desktop\mbam-setup.exe
[2010-11-08 17:39:56 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Users\Famille_Buchet\Desktop\OTL.exe
[2010-11-07 16:29:37 | 000,000,000 | ---D | C] -- C:\Users\Famille_Buchet\AppData\Roaming\Microsoft Web Folders
[2010-11-06 07:47:51 | 000,000,000 | ---D | C] -- C:\ProgramData\LightScribe
[2010-11-06 07:42:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2010-11-06 07:41:40 | 000,472,808 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\deployJava1.dll
[2010-11-06 07:41:40 | 000,153,376 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe
[2010-11-06 07:41:39 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe
[2010-11-06 07:41:39 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe
[2010-11-03 18:17:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Conduit
[2010-11-03 18:17:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Softonic_France
[2010-11-03 18:16:37 | 000,000,000 | ---D | C] -- C:\Users\Famille_Buchet\AppData\Roaming\vlc
[2010-11-01 11:09:08 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2010-11-01 11:05:25 | 000,000,000 | ---D | C] -- C:\Temp
[2010-10-29 06:43:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Google
[2010-10-28 21:11:01 | 000,000,000 | ---D | C] -- C:\Users\Famille_Buchet\AppData\Roaming\muvee Technologies
[2010-10-28 21:00:11 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP
[2010-10-28 20:58:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Yahoo! Companion
[2010-10-28 20:58:33 | 000,000,000 | ---D | C] -- C:\Users\Famille_Buchet\AppData\Roaming\Yahoo!
[2010-10-28 12:52:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Elaborate Bytes
[2010-10-28 11:28:35 | 000,000,000 | ---D | C] -- C:\Users\Famille_Buchet\AppData\Roaming\CyberLink
[2010-10-28 11:27:10 | 003,356,989 | ---- | C] (Macromedia, Inc.) -- C:\Users\Public\Documents\MobileTV.exe
[2010-10-28 11:27:10 | 003,266,369 | ---- | C] (Macromedia, Inc.) -- C:\Users\Public\Documents\DVD.exe
[2010-10-28 11:27:09 | 003,347,890 | ---- | C] (Macromedia, Inc.) -- C:\Users\Public\Documents\MPV.exe
[2010-10-28 11:27:09 | 002,598,373 | ---- | C] (Macromedia, Inc.) -- C:\Users\Public\Documents\Karaoke.exe
[2010-10-28 11:27:09 | 002,430,849 | ---- | C] (Macromedia, Inc.) -- C:\Users\Public\Documents\Games.exe
[2010-10-28 11:27:09 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\FRA
[2010-10-28 05:35:04 | 001,130,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dfshim.dll
[2010-10-28 05:35:04 | 000,295,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PresentationHost.exe
[2010-10-28 05:35:04 | 000,099,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PresentationHostProxy.dll
[2010-10-28 05:35:04 | 000,049,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netfxperf.dll
[2010-10-27 10:41:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TLC-Edusoft
[2010-10-27 10:41:10 | 000,316,416 | ---- | C] (InstallShield Software Corporation) -- C:\Windows\IsUn040c.exe
[2010-10-27 05:40:37 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netevent.dll
[2010-10-27 05:40:37 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sscore.dll
[2010-10-27 05:39:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSXML 4.0
[2010-10-26 05:46:50 | 000,037,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\infocardcpl.cpl
[2010-10-26 05:46:46 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\icardres.dll
[2010-10-26 05:46:45 | 000,781,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PresentationNative_v0300.dll
[2010-10-26 05:46:44 | 000,622,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\icardagt.exe
[2010-10-26 05:46:44 | 000,097,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\infocardapi.dll
[2010-10-26 05:46:37 | 000,105,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PresentationCFFRasterizerNative_v0300.dll
[2010-10-26 05:38:02 | 000,158,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mscorier.dll
[2010-10-26 05:37:54 | 000,083,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mscories.dll
[2010-10-26 05:34:20 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\nshhttp.dll
[2010-10-26 05:34:18 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\httpapi.dll
[2010-10-25 21:13:47 | 000,000,000 | ---D | C] -- C:\Users\Famille_Buchet\AppData\Local\Microsoft Games
[2010-10-25 20:30:01 | 000,000,000 | ---D | C] -- C:\Program Files\Rosetta Stone
[2010-10-25 15:32:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Rosetta Stone
[2010-10-25 15:32:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Rosetta Stone
[2010-10-25 14:47:22 | 000,000,000 | ---D | C] -- C:\ProgramData\FLEXnet
[2010-10-25 14:47:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Macrovision Shared
[2010-10-25 05:44:40 | 000,000,000 | ---D | C] -- C:\Users\Famille_Buchet\AppData\Roaming\Avira
[2010-10-25 05:38:34 | 012,240,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\NlsLexicons0007.dll
[2010-10-25 05:33:37 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msvfw32.dll
[2010-10-25 05:33:37 | 000,091,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\avifil32.dll
[2010-10-25 05:33:37 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mciavi32.dll
[2010-10-25 05:33:37 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\avicap32.dll
[2010-10-25 05:33:35 | 000,954,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc40.dll
[2010-10-25 05:33:35 | 000,954,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc40u.dll
[2010-10-25 05:33:28 | 000,636,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\localspl.dll
[2010-10-25 05:33:26 | 000,289,792 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll
[2010-10-25 05:33:26 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fontsub.dll
[2010-10-25 05:33:26 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll
[2010-10-25 05:33:26 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dciman32.dll
[2010-10-25 05:32:45 | 000,604,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMSPDMOD.DLL
[2010-10-25 05:32:37 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\kbd106n.dll
[2010-10-25 05:32:04 | 000,443,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\win32spl.dll
[2010-10-25 05:31:56 | 000,157,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\t2embed.dll
[2010-10-25 05:31:51 | 000,281,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\raschap.dll
[2010-10-25 05:31:51 | 000,244,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rastls.dll
[2010-10-25 05:31:46 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\amxread.dll
[2010-10-25 05:31:46 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\apilogen.dll
[2010-10-25 05:31:41 | 000,036,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rtutils.dll
[2010-10-25 05:31:40 | 000,317,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MP4SDECD.DLL
[2010-10-25 05:31:38 | 000,248,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msshsq.dll
[2010-10-25 05:31:37 | 000,081,920 | ---- | C] (Radius Inc.) -- C:\Windows\SysWow64\iccvid.dll
[2010-10-25 05:31:24 | 002,066,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstscax.dll
[2010-10-25 05:31:21 | 000,272,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\polstore.dll
[2010-10-25 05:31:21 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\winipsec.dll
[2010-10-25 05:31:21 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\FwRemoteSvr.dll
[2010-10-25 05:31:12 | 010,624,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmp.dll
[2010-10-25 05:31:08 | 008,147,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmploc.DLL
[2010-10-25 05:30:43 | 000,183,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sdohlp.dll
[2010-10-25 05:30:40 | 000,512,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2010-10-25 05:30:37 | 002,452,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat
[2010-10-25 05:30:32 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2010-10-25 05:30:30 | 000,476,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2010-10-25 05:30:30 | 000,467,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeeds.dll
[2010-10-25 05:30:30 | 000,380,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2010-10-25 05:30:29 | 000,389,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2010-10-25 05:30:29 | 000,230,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieaksie.dll
[2010-10-25 05:30:29 | 000,193,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2010-10-25 05:30:29 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieencode.dll
[2010-10-25 05:30:29 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2010-10-25 05:30:23 | 003,080,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe
[2010-10-25 05:30:23 | 002,927,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\explorer.exe
[2010-10-25 05:30:13 | 002,386,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMVCORE.DLL
[2010-10-25 05:30:12 | 002,868,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mf.dll
[2010-10-25 05:30:02 | 000,303,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmpeffects.dll
[2010-10-25 05:29:59 | 000,180,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\scrobj.dll
[2010-10-25 05:29:59 | 000,172,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\scrrun.dll
[2010-10-25 05:29:59 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wshom.ocx
[2010-10-25 05:29:59 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cscript.exe
[2010-10-25 05:29:59 | 000,090,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wshext.dll
[2010-10-25 05:29:49 | 000,104,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netiohlp.dll
[2010-10-25 05:29:49 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\NETSTAT.EXE
[2010-10-25 05:29:49 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ARP.EXE
[2010-10-25 05:29:49 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ROUTE.EXE
[2010-10-25 05:29:49 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MRINFO.EXE
[2010-10-25 05:29:49 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\finger.exe
[2010-10-25 05:29:49 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\TCPSVCS.EXE
[2010-10-25 05:29:49 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\HOSTNAME.EXE
[2010-10-25 05:28:59 | 000,996,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMNetMgr.dll
[2010-10-25 05:28:59 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\logagent.exe
[2010-10-25 05:28:52 | 001,314,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\quartz.dll
[2010-10-25 05:28:50 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dataclen.dll
[2010-10-25 05:28:48 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wshrm.dll
[2010-10-25 05:28:42 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\traffic.dll
[2010-10-25 05:28:42 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pacerprf.dll
[2010-10-25 05:28:42 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wshqos.dll
[2010-10-25 05:28:34 | 000,562,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msdtcprx.dll
[2010-10-25 05:28:34 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xolehlp.dll
[2010-10-25 05:28:32 | 000,062,464 | ---- | C] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\Windows\SysWow64\l3codeca.acm
[2010-10-25 05:28:18 | 000,313,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmpdxm.dll
[2010-10-25 05:28:17 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\spwmp.dll
[2010-10-25 05:28:17 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msdxm.ocx
[2010-10-25 05:28:17 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dxmasf.dll
[2010-10-25 05:28:15 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msdxm.tlb
[2010-10-25 05:28:15 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\amcompat.tlb
[2010-10-25 05:27:49 | 000,866,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmpmde.dll
[2010-10-25 05:27:46 | 000,302,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wlansec.dll
[2010-10-25 05:27:46 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wlanmsm.dll
[2010-10-25 05:27:46 | 000,127,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\L2SecHC.dll
[2010-10-24 20:34:36 | 000,000,000 | ---D | C] -- C:\Users\Famille_Buchet\AppData\Roaming\skypePM
[2010-10-24 20:33:42 | 000,000,000 | ---D | C] -- C:\Users\Famille_Buchet\AppData\Local\Google
[2010-10-24 20:33:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google
[2010-10-24 20:33:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2010-10-24 20:33:25 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype
[2010-10-24 20:33:25 | 000,000,000 | ---D | C] -- C:\Users\Famille_Buchet\AppData\Roaming\Skype
[2010-10-24 20:33:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype
[2010-10-24 17:24:21 | 000,000,000 | ---D | C] -- C:\coktel
[2010-10-24 15:05:38 | 000,000,000 | ---D | C] -- C:\1_Personnel
[2010-10-24 14:10:49 | 000,171,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wintrust.dll
[2010-10-24 14:10:48 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cabview.dll
[2010-10-24 13:58:45 | 000,000,000 | ---D | C] -- C:\Users\Famille_Buchet\AppData\Roaming\HP
[2010-10-24 13:58:30 | 000,000,000 | ---D | C] -- C:\ProgramData\WEBREG
[2010-10-24 13:49:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Hewlett-Packard
[2010-10-24 13:45:46 | 000,000,000 | -H-D | C] -- C:\Config.Msi
[2010-10-24 13:36:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira
[2010-10-24 13:36:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Avira
[2010-10-24 13:24:06 | 000,000,000 | ---D | C] -- C:\Users\Famille_Buchet\AppData\Roaming\Symantec
[2010-10-24 13:23:42 | 000,000,000 | R--D | C] -- C:\Users\Famille_Buchet\Searches
[2010-10-24 13:23:34 | 000,000,000 | ---D | C] -- C:\Users\Famille_Buchet\AppData\Roaming\Identities
[2010-10-24 13:23:32 | 000,000,000 | R--D | C] -- C:\Users\Famille_Buchet\Contacts
[2010-10-24 13:23:29 | 000,000,000 | ---D | C] -- C:\Users\Famille_Buchet\AppData\Local\VirtualStore
[2010-10-24 13:21:58 | 000,000,000 | ---D | C] -- C:\Users\Famille_Buchet\AppData\Roaming\Macromedia
[2010-10-24 13:21:23 | 000,000,000 | ---D | C] -- C:\Users\Famille_Buchet\AppData\Roaming\Hewlett-Packard
[2010-10-24 13:21:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Yahoo!
[2010-10-24 13:19:05 | 000,000,000 | ---D | C] -- C:\ProgramData\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}
[2010-10-24 13:18:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Activation Assistant for the 2007 Microsoft Office suites
[2010-10-24 13:18:44 | 000,000,000 | ---D | C] -- C:\Users\Famille_Buchet\AppData\Local\Seven Zip
[2010-10-24 13:17:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DESIGNER
[2010-10-24 13:17:24 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH
[2010-10-24 13:17:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft.NET
[2010-10-24 13:16:56 | 000,000,000 | ---D | C] -- C:\2_Professionnel
[2010-10-24 13:15:58 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2010-10-24 13:15:39 | 000,000,000 | ---D | C] -- C:\Users\Famille_Buchet\AppData\Local\Microsoft Help
[2010-10-24 13:15:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help
[2010-10-24 13:15:12 | 000,000,000 | RH-D | C] -- C:\MSOCache
[2010-10-24 13:15:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Viewpoint
[2010-10-24 13:15:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Viewpoint
[2010-10-24 13:14:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Office
[2010-10-24 13:13:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Works
[2010-10-24 13:12:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Electronic Arts
[2010-10-24 13:12:22 | 000,000,000 | ---D | C] -- C:\Users\Famille_Buchet\AppData\Local\Downloaded Installations
[2010-10-24 13:09:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Electronic Arts
[2010-10-24 13:09:06 | 000,236,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_3.dll
[2010-10-24 13:09:05 | 000,062,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_2.dll
[2010-10-24 13:09:03 | 000,230,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_2.dll
[2010-10-24 13:09:02 | 000,062,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_1.dll
[2010-10-24 13:09:01 | 000,229,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_1.dll
[2010-10-24 13:08:56 | 002,388,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_30.dll
[2010-10-24 13:08:54 | 000,230,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_0.dll
[2010-10-24 13:08:54 | 000,014,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\x3daudio1_0.dll
[2010-10-24 13:08:53 | 002,332,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_29.dll
[2010-10-24 13:08:51 | 002,323,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_28.dll
[2010-10-24 13:08:49 | 002,319,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_27.dll
[2010-10-24 13:08:48 | 002,297,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_26.dll
[2010-10-24 13:08:46 | 002,337,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_25.dll
[2010-10-24 13:08:45 | 002,222,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_24.dll
[2010-10-24 13:07:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\HP
[2010-10-24 13:07:31 | 000,000,000 | ---D | C] -- C:\ProgramData\HP
[2010-10-24 13:06:41 | 000,000,000 | ---D | C] -- C:\Users\Famille_Buchet\AppData\Local\Adobe
[2010-10-24 13:06:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2010-10-24 13:05:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\LightScribe
[2010-10-24 13:03:43 | 000,000,000 | -HSD | C] -- C:\Users\Famille_Buchet\Voisinage réseau
[2010-10-24 13:03:43 | 000,000,000 | -HSD | C] -- C:\Users\Famille_Buchet\Voisinage d'impression
[2010-10-24 13:03:43 | 000,000,000 | -HSD | C] -- C:\Users\Famille_Buchet\AppData\Local\Temporary Internet Files
[2010-10-24 13:03:43 | 000,000,000 | -HSD | C] -- C:\Users\Famille_Buchet\SendTo
[2010-10-24 13:03:43 | 000,000,000 | -HSD | C] -- C:\Users\Famille_Buchet\Recent
[2010-10-24 13:03:43 | 000,000,000 | -HSD | C] -- C:\Users\Famille_Buchet\Modèles
[2010-10-24 13:03:43 | 000,000,000 | -HSD | C] -- C:\Users\Famille_Buchet\Documents\Mes vidéos
[2010-10-24 13:03:43 | 000,000,000 | -HSD | C] -- C:\Users\Famille_Buchet\Documents\Mes images
[2010-10-24 13:03:43 | 000,000,000 | -HSD | C] -- C:\Users\Famille_Buchet\Mes documents
[2010-10-24 13:03:43 | 000,000,000 | -HSD | C] -- C:\Users\Famille_Buchet\Menu Démarrer
[2010-10-24 13:03:43 | 000,000,000 | -HSD | C] -- C:\Users\Famille_Buchet\Documents\Ma musique
[2010-10-24 13:03:43 | 000,000,000 | -HSD | C] -- C:\Users\Famille_Buchet\Local Settings
[2010-10-24 13:03:43 | 000,000,000 | -HSD | C] -- C:\Users\Famille_Buchet\AppData\Local\Historique
[2010-10-24 13:03:43 | 000,000,000 | -HSD | C] -- C:\Users\Famille_Buchet\Cookies
[2010-10-24 13:03:43 | 000,000,000 | -HSD | C] -- C:\Users\Famille_Buchet\Application Data
[2010-10-24 13:03:43 | 000,000,000 | -HSD | C] -- C:\Users\Famille_Buchet\AppData\Local\Application Data
[2010-10-24 13:03:42 | 000,000,000 | --SD | C] -- C:\Users\Famille_Buchet\AppData\Roaming\Microsoft
[2010-10-24 13:03:42 | 000,000,000 | R--D | C] -- C:\Users\Famille_Buchet\Videos
[2010-10-24 13:03:42 | 000,000,000 | R--D | C] -- C:\Users\Famille_Buchet\Saved Games
[2010-10-24 13:03:42 | 000,000,000 | R--D | C] -- C:\Users\Famille_Buchet\Pictures
[2010-10-24 13:03:42 | 000,000,000 | R--D | C] -- C:\Users\Famille_Buchet\Music
[2010-10-24 13:03:42 | 000,000,000 | R--D | C] -- C:\Users\Famille_Buchet\Links
[2010-10-24 13:03:42 | 000,000,000 | R--D | C] -- C:\Users\Famille_Buchet\Favorites
[2010-10-24 13:03:42 | 000,000,000 | R--D | C] -- C:\Users\Famille_Buchet\Downloads
[2010-10-24 13:03:42 | 000,000,000 | R--D | C] -- C:\Users\Famille_Buchet\Documents
[2010-10-24 13:03:42 | 000,000,000 | R--D | C] -- C:\Users\Famille_Buchet\Desktop
[2010-10-24 13:03:42 | 000,000,000 | -H-D | C] -- C:\Users\Famille_Buchet\AppData
[2010-10-24 13:03:42 | 000,000,000 | ---D | C] -- C:\Users\Famille_Buchet\AppData\Local\Temp
[2010-10-24 13:03:42 | 000,000,000 | ---D | C] -- C:\Users\Famille_Buchet\AppData\Local\Microsoft
[2010-10-24 13:03:42 | 000,000,000 | ---D | C] -- C:\Users\Famille_Buchet\AppData\Roaming\Media Center Programs
[2010-10-24 12:58:00 | 000,000,000 | -HSD | C] -- C:\ProgramData\Templates
[2010-10-24 12:58:00 | 000,000,000 | -HSD | C] -- C:\ProgramData\Start Menu
[2010-10-24 12:58:00 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\My Videos
[2010-10-24 12:58:00 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\My Pictures
[2010-10-24 12:58:00 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\My Music
[2010-10-24 12:58:00 | 000,000,000 | -HSD | C] -- C:\ProgramData\Favorites
[2010-10-24 12:58:00 | 000,000,000 | -HSD | C] -- C:\Documents and Settings
[2010-10-24 12:58:00 | 000,000,000 | -HSD | C] -- C:\ProgramData\Documents
[2010-10-24 12:58:00 | 000,000,000 | -HSD | C] -- C:\ProgramData\Desktop
[2010-10-24 12:58:00 | 000,000,000 | -HSD | C] -- C:\ProgramData\Application Data
[2010-10-24 12:56:58 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2010-10-24 12:32:07 | 000,000,000 | ---D | C] -- C:\Users\Famille_Buchet\AppData\Roaming\Adobe
[2010-10-24 12:24:40 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee
[2010-10-24 11:39:01 | 000,000,000 | ---D | C] -- C:\Program Files\Motorola
[2010-10-24 11:36:51 | 000,000,000 | ---D | C] -- C:\ProgramData\HP Product Assistant
[2010-10-24 11:36:00 | 000,000,000 | ---D | C] -- C:\Users\Famille_Buchet\AppData\Local\Mozilla
[2010-10-24 11:35:59 | 000,000,000 | ---D | C] -- C:\Users\Famille_Buchet\AppData\Roaming\Mozilla
[2010-10-24 11:25:20 | 000,000,000 | ---D | C] -- C:\ProgramData\AOL
[2010-10-24 11:22:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VideoLAN
[2010-10-24 11:19:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2010-10-24 11:18:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe
[2010-10-24 11:18:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe
[2010-10-24 11:01:32 | 000,575,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuapi.dll
[2010-10-24 11:01:32 | 000,087,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wudriver.dll
[2010-10-24 11:01:32 | 000,035,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wups.dll
[2010-10-24 11:01:23 | 000,171,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuwebv.dll
[2010-10-24 11:01:23 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuapp.exe

========== Files - Modified Within 30 Days ==========

[2010-11-08 18:01:23 | 000,191,328 | ---- | M] () -- C:\Users\Famille_Buchet\Desktop\00-PAD-nickW.pdf
[2010-11-08 17:54:59 | 000,000,723 | ---- | M] () -- C:\Users\Famille_Buchet\Desktop\NTREGOPT.lnk
[2010-11-08 17:54:59 | 000,000,704 | ---- | M] () -- C:\Users\Famille_Buchet\Desktop\ERUNT.lnk
[2010-11-08 17:49:40 | 000,000,808 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010-11-08 17:47:38 | 006,153,352 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\Famille_Buchet\Desktop\mbam-setup.exe
[2010-11-08 17:45:50 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Famille_Buchet\Desktop\OTL.exe
[2010-11-08 17:39:57 | 000,003,216 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010-11-08 17:39:57 | 000,003,216 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010-11-08 17:28:06 | 000,032,726 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2010-11-08 17:28:06 | 000,032,726 | ---- | M] () -- C:\ProgramData\nvModes.001
[2010-11-08 17:28:01 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010-11-08 14:48:55 | 001,470,822 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2010-11-08 14:48:55 | 000,669,578 | ---- | M] () -- C:\Windows\SysNative\perfh00C.dat
[2010-11-08 14:48:55 | 000,587,178 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2010-11-08 14:48:55 | 000,123,556 | ---- | M] () -- C:\Windows\SysNative\perfc00C.dat
[2010-11-08 14:48:55 | 000,101,250 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2010-11-08 14:42:30 | 000,300,320 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2010-11-08 14:42:11 | 4293,304,320 | -HS- | M] () -- C:\hiberfil.sys
[2010-11-08 14:40:53 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2010-11-08 13:35:53 | 615,986,397 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2010-11-07 17:02:33 | 000,001,699 | ---- | M] () -- C:\Users\Famille_Buchet\Application Data\Microsoft\Internet Explorer\Quick Launch\Notepad.lnk
[2010-11-07 16:38:27 | 000,000,990 | ---- | M] () -- C:\Users\Famille_Buchet\Application Data\Microsoft\Internet Explorer\Quick Launch\WINWORD - Raccourci.lnk
[2010-11-07 16:38:22 | 000,000,978 | ---- | M] () -- C:\Users\Famille_Buchet\Application Data\Microsoft\Internet Explorer\Quick Launch\EXCEL - Raccourci.lnk
[2010-11-07 16:33:24 | 000,000,376 | ---- | M] () -- C:\Windows\ODBC.INI
[2010-11-07 16:32:59 | 000,001,871 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office.lnk
[2010-11-06 14:27:37 | 000,080,896 | ---- | M] () -- C:\Users\Famille_Buchet\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010-11-06 07:41:16 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\deployJava1.dll
[2010-11-06 07:41:16 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe
[2010-11-06 07:41:16 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe
[2010-11-06 07:41:16 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe
[2010-11-02 18:43:41 | 000,002,609 | ---- | M] () -- C:\Users\Famille_Buchet\Application Data\Microsoft\Internet Explorer\Quick Launch\Rosetta Stone Version 3.lnk
[2010-10-31 13:57:32 | 000,691,852 | ---- | M] () -- C:\Users\Famille_Buchet\Documents\images expo.docx
[2010-10-28 19:37:54 | 000,000,680 | ---- | M] () -- C:\Users\Famille_Buchet\AppData\Local\d3d9caps.dat
[2010-10-28 19:37:11 | 003,266,369 | ---- | M] (Macromedia, Inc.) -- C:\Users\Public\Documents\DVD.exe
[2010-10-28 17:30:59 | 000,000,257 | ---- | M] () -- C:\Users\Public\Documents\hpqp.ini
[2010-10-28 13:00:36 | 000,001,561 | ---- | M] () -- C:\Windows\SysWow64\Adiboud'chou.lnk
[2010-10-28 11:27:10 | 003,356,989 | ---- | M] (Macromedia, Inc.) -- C:\Users\Public\Documents\MobileTV.exe
[2010-10-28 11:27:09 | 003,347,890 | ---- | M] (Macromedia, Inc.) -- C:\Users\Public\Documents\MPV.exe
[2010-10-28 11:27:09 | 002,598,373 | ---- | M] (Macromedia, Inc.) -- C:\Users\Public\Documents\Karaoke.exe
[2010-10-28 11:27:09 | 002,430,849 | ---- | M] (Macromedia, Inc.) -- C:\Users\Public\Documents\Games.exe
[2010-10-27 20:05:44 | 000,008,244 | ---- | M] () -- C:\Users\Famille_Buchet\Documents\virement du 27 octobre 2010.png
[2010-10-27 20:03:30 | 000,001,637 | ---- | M] () -- C:\Users\Famille_Buchet\Application Data\Microsoft\Internet Explorer\Quick Launch\Paint.lnk
[2010-10-27 12:20:43 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_00_00.Wdf
[2010-10-27 10:41:08 | 000,000,000 | ---- | M] () -- C:\Windows\setup32.INI
[2010-10-25 12:39:23 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_00_00.Wdf
[2010-10-24 20:34:52 | 000,000,056 | -H-- | M] () -- C:\ProgramData\ezsidmv.dat
[2010-10-24 13:58:21 | 000,178,005 | ---- | M] () -- C:\Windows\hpoins28.dat
[2010-10-24 13:50:27 | 000,002,002 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
[2010-10-24 13:23:25 | 000,000,081 | ---- | M] () -- C:\Windows\SysNative\LOG
[2010-10-24 13:23:23 | 000,000,044 | ---- | M] () -- C:\Windows\System\hpsysdrv.dat
[2010-10-24 13:15:06 | 000,000,375 | -H-- | M] () -- C:\IPH.PH
[2010-10-24 13:08:07 | 000,110,399 | ---- | M] () -- C:\Windows\hpqins13.dat
[2010-10-24 13:04:36 | 000,000,000 | RHS- | M] () -- C:\Windows\SysWow64\drivers\103C_HP_cNB_Pavilion dv9700 Notebook PC_Y5335KV_0U_QCNF830371B_E480831-121_4A_I30CB_SQuanta_V79.2E_F.58_T080616_WV3-1_L40C_M4094_J320_7Intel_86FD_92.00_#101024_N10EC8168;80864229_(FE782UA#ABC)_XMOBILE_CN10_Z.MRK
[2010-10-24 13:04:36 | 000,000,000 | RHS- | M] () -- C:\Windows\SysNative\drivers\103C_HP_cNB_Pavilion dv9700 Notebook PC_Y5335KV_0U_QCNF830371B_E480831-121_4A_I30CB_SQuanta_V79.2E_F.58_T080616_WV3-1_L40C_M4094_J320_7Intel_86FD_92.00_#101024_N10EC8168;80864229_(FE782UA#ABC)_XMOBILE_CN10_Z.MRK
[2010-10-24 12:54:05 | 000,065,328 | ---- | M] () -- C:\Windows\SysNative\license.rtf
[2010-10-24 11:27:06 | 001,079,496 | ---- | M] () -- C:\ProgramData\LuUninstall.LiveUpdate
[2010-10-24 11:23:48 | 000,001,453 | ---- | M] () -- C:\Users\Famille_Buchet\Application Data\Microsoft\Internet Explorer\Quick Launch\explorer - Raccourci.lnk
[2010-10-24 11:19:58 | 000,001,802 | ---- | M] () -- C:\Users\Famille_Buchet\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2010-10-18 09:31:10 | 000,026,910 | ---- | M] () -- C:\Users\Famille_Buchet\Documents\Courrier_MAIF_17082010_1.pdf

========== Files Created - No Company Name ==========

[2010-11-08 18:01:18 | 000,191,328 | ---- | C] () -- C:\Users\Famille_Buchet\Desktop\00-PAD-nickW.pdf
[2010-11-08 17:54:59 | 000,000,723 | ---- | C] () -- C:\Users\Famille_Buchet\Desktop\NTREGOPT.lnk
[2010-11-08 17:54:59 | 000,000,704 | ---- | C] () -- C:\Users\Famille_Buchet\Desktop\ERUNT.lnk
[2010-11-08 17:49:40 | 000,000,808 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010-11-08 17:49:36 | 000,024,664 | ---- | C] () -- C:\Windows\SysNative\drivers\mbam.sys
[2010-11-07 17:02:33 | 000,001,699 | ---- | C] () -- C:\Users\Famille_Buchet\Application Data\Microsoft\Internet Explorer\Quick Launch\Notepad.lnk
[2010-11-07 16:33:24 | 000,000,376 | ---- | C] () -- C:\Windows\ODBC.INI
[2010-11-07 16:32:59 | 000,001,871 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office.lnk
[2010-11-01 11:07:54 | 615,986,397 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2010-10-31 13:42:43 | 000,691,852 | ---- | C] () -- C:\Users\Famille_Buchet\Documents\images expo.docx
[2010-10-31 07:44:51 | 000,002,609 | ---- | C] () -- C:\Users\Famille_Buchet\Application Data\Microsoft\Internet Explorer\Quick Launch\Rosetta Stone Version 3.lnk
[2010-10-28 19:37:54 | 000,000,680 | ---- | C] () -- C:\Users\Famille_Buchet\AppData\Local\d3d9caps.dat
[2010-10-28 05:35:04 | 001,942,856 | ---- | C] () -- C:\Windows\SysNative\dfshim.dll
[2010-10-28 05:35:04 | 000,444,752 | ---- | C] () -- C:\Windows\SysNative\mscoree.dll
[2010-10-28 05:35:04 | 000,320,352 | ---- | C] () -- C:\Windows\SysNative\PresentationHost.exe
[2010-10-28 05:35:04 | 000,109,912 | ---- | C] () -- C:\Windows\SysNative\PresentationHostProxy.dll
[2010-10-28 05:35:04 | 000,048,960 | ---- | C] () -- C:\Windows\SysNative\netfxperf.dll
[2010-10-27 20:05:44 | 000,008,244 | ---- | C] () -- C:\Users\Famille_Buchet\Documents\virement du 27 octobre 2010.png
[2010-10-27 20:03:30 | 000,001,637 | ---- | C] () -- C:\Users\Famille_Buchet\Application Data\Microsoft\Internet Explorer\Quick Launch\Paint.lnk
[2010-10-27 12:20:43 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_00_00.Wdf
[2010-10-27 10:41:08 | 000,000,000 | ---- | C] () -- C:\Windows\setup32.INI
[2010-10-27 05:41:14 | 000,442,368 | ---- | C] () -- C:\Windows\SysNative\winhttp.dll
[2010-10-27 05:40:38 | 000,461,824 | ---- | C] () -- C:\Windows\SysNative\drivers\srv.sys
[2010-10-27 05:40:38 | 000,179,712 | ---- | C] () -- C:\Windows\SysNative\srvsvc.dll
[2010-10-27 05:40:38 | 000,144,896 | ---- | C] () -- C:\Windows\SysNative\drivers\srvnet.sys
[2010-10-27 05:40:37 | 000,175,104 | ---- | C] () -- C:\Windows\SysNative\drivers\srv2.sys
[2010-10-27 05:40:37 | 000,017,920 | ---- | C] () -- C:\Windows\SysNative\netevent.dll
[2010-10-27 05:40:37 | 000,012,288 | ---- | C] () -- C:\Windows\SysNative\sscore.dll
[2010-10-27 05:40:33 | 000,975,360 | ---- | C] () -- C:\Windows\SysNative\inetcomm.dll
[2010-10-26 05:46:50 | 000,049,160 | ---- | C] () -- C:\Windows\SysNative\infocardcpl.cpl
[2010-10-26 05:46:47 | 000,011,264 | ---- | C] () -- C:\Windows\SysNative\icardres.dll
[2010-10-26 05:46:45 | 001,168,928 | ---- | C] () -- C:\Windows\SysNative\PresentationNative_v0300.dll
[2010-10-26 05:46:45 | 000,167,432 | ---- | C] () -- C:\Windows\SysNative\infocardapi.dll
[2010-10-26 05:46:44 | 001,383,936 | ---- | C] () -- C:\Windows\SysNative\icardagt.exe
[2010-10-26 05:46:37 | 000,126,520 | ---- | C] () -- C:\Windows\SysNative\PresentationCFFRasterizerNative_v0300.dll
[2010-10-26 05:38:02 | 000,158,208 | ---- | C] () -- C:\Windows\SysNative\mscorier.dll
[2010-10-26 05:37:57 | 000,076,288 | ---- | C] () -- C:\Windows\SysNative\mscories.dll
[2010-10-26 05:34:20 | 000,032,768 | ---- | C] () -- C:\Windows\SysNative\nshhttp.dll
[2010-10-26 05:34:18 | 000,610,304 | ---- | C] () -- C:\Windows\SysNative\drivers\http.sys
[2010-10-26 05:34:18 | 000,033,792 | ---- | C] () -- C:\Windows\SysNative\httpapi.dll
[2010-10-26 05:31:20 | 002,960,422 | ---- | C] () -- C:\Users\Famille_Buchet\Documents\Mouse and a Mousetrap.wmv
[2010-10-26 05:29:17 | 000,961,635 | ---- | C] () -- C:\Users\Famille_Buchet\Documents\_CATEGORIE.pdf
[2010-10-26 05:29:17 | 000,067,008 | ---- | C] () -- C:\Users\Famille_Buchet\Documents\Coordonees_Bancaires_Desjardins.PDF
[2010-10-26 05:29:17 | 000,045,568 | ---- | C] () -- C:\Users\Famille_Buchet\Documents\Billets Noël 2010 --.doc
[2010-10-26 05:29:17 | 000,027,136 | ---- | C] () -- C:\Users\Famille_Buchet\Documents\Adresses &Téléphones.xls
[2010-10-26 05:29:16 | 000,149,707 | ---- | C] () -- C:\Users\Famille_Buchet\Documents\Informations Location Jean Légaré.pdf
[2010-10-26 05:29:16 | 000,026,910 | ---- | C] () -- C:\Users\Famille_Buchet\Documents\Courrier_MAIF_17082010_1.pdf
[2010-10-26 05:29:16 | 000,026,624 | ---- | C] () -- C:\Users\Famille_Buchet\Documents\procedure transfert 2010.doc
[2010-10-25 12:39:23 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_00_00.Wdf
[2010-10-25 05:38:33 | 012,240,896 | ---- | C] () -- C:\Windows\SysNative\NlsLexicons0007.dll
[2010-10-25 05:38:31 | 002,644,480 | ---- | C] () -- C:\Windows\SysNative\NlsLexicons0009.dll
[2010-10-25 05:38:14 | 001,361,920 | ---- | C] () -- C:\Windows\SysNative\NaturalLanguage6.dll
[2010-10-25 05:33:45 | 001,420,176 | ---- | C] () -- C:\Windows\SysNative\drivers\tcpip.sys
[2010-10-25 05:33:43 | 001,923,584 | ---- | C] () -- C:\Windows\SysNative\ole32.dll
[2010-10-25 05:33:39 | 000,093,184 | ---- | C] () -- C:\Windows\SysNative\mciavi32.dll
[2010-10-25 05:33:39 | 000,054,272 | ---- | C] () -- C:\Windows\SysNative\iyuv_32.dll
[2010-10-25 05:33:39 | 000,038,400 | ---- | C] () -- C:\Windows\SysNative\msvidc32.dll
[2010-10-25 05:33:39 | 000,025,600 | ---- | C] () -- C:\Windows\SysNative\msyuv.dll
[2010-10-25 05:33:39 | 000,015,872 | ---- | C] () -- C:\Windows\SysNative\msrle32.dll
[2010-10-25 05:33:39 | 000,013,824 | ---- | C] () -- C:\Windows\SysNative\tsbyuv.dll
[2010-10-25 05:33:38 | 000,108,544 | ---- | C] () -- C:\Windows\SysNative\avifil32.dll
[2010-10-25 05:33:38 | 000,076,800 | ---- | C] () -- C:\Windows\SysNative\avicap32.dll
[2010-10-25 05:33:37 | 000,143,360 | ---- | C] () -- C:\Windows\SysNative\msvfw32.dll
[2010-10-25 05:33:29 | 000,791,552 | ---- | C] () -- C:\Windows\SysNative\localspl.dll
[2010-10-25 05:33:26 | 000,366,080 | ---- | C] () -- C:\Windows\SysNative\atmfd.dll
[2010-10-25 05:33:26 | 000,096,256 | ---- | C] () -- C:\Windows\SysNative\fontsub.dll
[2010-10-25 05:33:26 | 000,048,128 | ---- | C] () -- C:\Windows\SysNative\atmlib.dll
[2010-10-25 05:33:24 | 001,280,512 | ---- | C] () -- C:\Windows\SysNative\rpcrt4.dll
[2010-10-25 05:33:19 | 000,002,048 | ---- | C] () -- C:\Windows\SysNative\tzres.dll
[2010-10-25 05:32:52 | 000,656,384 | ---- | C] () -- C:\Windows\SysNative\kerberos.dll
[2010-10-25 05:32:47 | 000,437,248 | ---- | C] () -- C:\Windows\SysNative\WSDApi.dll
[2010-10-25 05:32:44 | 000,818,688 | ---- | C] () -- C:\Windows\SysNative\WMSPDMOD.DLL
[2010-10-25 05:32:40 | 001,078,840 | ---- | C] () -- C:\Windows\SysNative\winload.efi
[2010-10-25 05:32:40 | 001,066,040 | ---- | C] () -- C:\Windows\SysNative\winload.exe
[2010-10-25 05:32:40 | 000,382,008 | ---- | C] () -- C:\Windows\SysNative\ci.dll
[2010-10-25 05:32:39 | 000,993,336 | ---- | C] () -- C:\Windows\SysNative\winresume.efi
[2010-10-25 05:32:39 | 000,982,584 | ---- | C] () -- C:\Windows\SysNative\winresume.exe
[2010-10-25 05:32:39 | 000,022,072 | ---- | C] () -- C:\Windows\SysNative\kd1394.dll
[2010-10-25 05:32:38 | 000,474,624 | ---- | C] () -- C:\Windows\SysNative\srcore.dll
[2010-10-25 05:32:38 | 000,058,368 | ---- | C] () -- C:\Windows\SysNative\setbcdlocale.dll
[2010-10-25 05:32:37 | 000,339,968 | ---- | C] () -- C:\Windows\SysNative\rstrui.exe
[2010-10-25 05:32:37 | 000,046,592 | ---- | C] () -- C:\Windows\SysNative\srclient.dll
[2010-10-25 05:32:37 | 000,018,944 | ---- | C] () -- C:\Windows\SysNative\srdelayed.exe
[2010-10-25 05:32:37 | 000,007,680 | ---- | C] () -- C:\Windows\SysNative\kbd106n.dll
[2010-10-25 05:32:08 | 012,898,304 | ---- | C] () -- C:\Win

[Damien_B]

OTL Extras logfile created on: 2010-11-08 18:18:57 - Run 1
OTL by OldTimer - Version 3.2.17.3 Folder = C:\Users\Famille_Buchet\Desktop
64bit-Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00000C0C | Country: Canada | Language: FRC | Date Format: yyyy-MM-dd

4,00 Gb Total Physical Memory | 3,00 Gb Available Physical Memory | 64,00% Memory free
8,00 Gb Paging File | 6,00 Gb Available in Paging File | 79,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 285,04 Gb Total Space | 44,13 Gb Free Space | 15,48% Space Free | Partition Type: NTFS
Drive D: | 13,05 Gb Total Space | 2,70 Gb Free Space | 20,73% Space Free | Partition Type: NTFS

Computer Name: PC-BUCHET_D | User Name: Famille_Buchet | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = ChromeHTML] -- Reg Error: Key error. File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

[HKEY_USERS\S-1-5-21-2362422316-1266326320-2416680866-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" File not found
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" File not found
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" ()
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l ()
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" File not found
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" File not found
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"UacDisableNotify" = 0
"InternetSettingsDisableNotify" = 0
"AutoUpdateDisableNotify" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = 9F 9E 16 8C DC 5B C8 01 [binary data]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"oobe_av" = 1

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{33104DF3-BDC8-4B11-8EE8-B5008AFB94AD}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\aol\loader\aolload.exe |
"{5CB5B24B-7518-4F6E-ADFA-E5CC5D176BE7}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{88149E35-E3D3-4CE3-94F9-0A2B9B3815E6}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{96EB4D32-E5DB-49FA-9F3B-8E5EB1E468C0}" = dir=in | app=c:\program files (x86)\cyberlink\powerdirector\pdr.exe |
"{A04E1A26-2E08-4012-AF71-1A72D7E562ED}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\aol\loader\aolload.exe |
"{F1383BC7-084D-4752-AEB1-F1024AD2AE37}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{03D1988F-469F-4843-8E6E-E5FE9D17889D}" = HP Integrated Module with Bluetooth wireless technology 6.0.1.5500
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{209CDA54-D390-46A2-A97C-7BF61734418D}" = WeatherBug Gadget
"{3D3E663D-4E7E-4577-A560-7ECDDD45548A}" = PVSonyDll
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-040C-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (French) 2007
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{90B5B05F-AFDA-4922-A153-45B14200BA77}" = SPBBC 64bit
"{9F560BEB-021F-43AC-825F-AA60442D8DE4}" = 64 Bit HP CIO Components Installer
"{A348C751-0EFF-4B9D-8065-B5339BEFBE27}" = HP Help and Support
"{AE9A67F9-ADF1-4a44-BAB5-C1DB302B37A2}" = HP Deskjet F4200 All-In-One Driver Software 10.0 Rel .3
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"HP Imaging Device Functions" = HP Imaging Device Functions 10.0
"HP Photosmart Essential" = HP Photosmart Essential 2.5
"HP Solution Center & Imaging Support Tools" = HP Solution Center 10.0
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"NVIDIA Drivers" = NVIDIA Drivers
"SMSERIAL" = Motorola SM56 Speakerphone Modem
"SynTPDeinstKey" = Synaptics Pointing Device Driver

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001040C-78E1-11D2-B60F-006097C998E7}" = Microsoft Office 2000 Professional
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"{06E74B9B-631F-4378-BF3A-40D868450C05}" = HPPhotoSmartPhotobookHolidayPack1
"{082702D5-5DD8-4600-BCE5-48B15174687F}" = HP Doc Viewer
"{0F7C2E47-089E-4d23-B9F7-39BE00100776}" = Toolbox
"{11BB336F-0E58-4977-B866-F24FA334616B}" = HP Active Support Library
"{12A76360-388E-4B27-ABEB-D5FC5378DD2A}" = HPPhotoSmartPhotobookWebPack1
"{172AEB5E-CBB2-4CDD-A4CF-388600825839}" = HPPhotoSmartPhotobookPlayfulPack1
"{18669FF9-C8FE-407a-9F70-E674896B1DB4}" = GPBaseService
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = DVD Suite
"{254C37AA-6B72-4300-84F6-98A82419187E}" = Hewlett-Packard Active Check
"{26A24AE4-039D-4CA4-87B4-2F83216022FF}" = Java(TM) 6 Update 22
"{3248F0A8-6813-11D6-A77B-00B0D0160020}" = Java(TM) 6 Update 2
"{34BFB099-07B2-4E95-A673-7362D60866A2}" = PSSWCORE
"{36FDBE6E-6684-462b-AE98-9A39A1B200CC}" = HPProductAssistant
"{3B160861-7250-451E-B5EE-8B92BF30A710}" = Microsoft Works
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CACFCD9-F71B-413A-8DF5-1A6419D5CDC6}" = Cards_Calendar_OrderGift_DoMorePlugout
"{4D9C7DA3-D532-432D-A556-5F6CD186B0A5}" = DJ_AIO_03_F4200_ProductContext
"{52A69E11-7CEB-4a7d-9607-68BA4F39A89B}" = DeviceDiscovery
"{59F6A514-9813-47A3-948C-8A155460CC2A}" = RICOH R5C83x/84x Flash Media Controller Driver Ver.3.51.01
"{5ACE69F0-A3E8-44eb-88C1-0A841E700180}" = TrayApp
"{62653245-3DC5-4019-AF6B-4E62D6150D9E}" = F4200_Help
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{669D4A35-146B-4314-89F1-1AC3D7B88367}" = Hewlett-Packard Asset Agent for Health Check
"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder
"{67DFCE0D-BBA9-43AC-90B3-548390ECE522}" = F4200
"{687FEF8A-8597-40b4-832C-297EA3F35817}" = BufferChm
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{8347A7A5-4AB8-433F-82AA-496B0D189A9B}" = HP User Guides 0088
"{84359478-0A6D-11DE-A363-BA3056D89593}" = Rosetta Stone Version 3
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8169 PCI, 8168 and 8101E PCIe Ethernet Network Card Driver for Windows Vista
"{89E052B2-5CA5-4B7A-AF0C-28CA2836B030}" = HPPhotoSmartPhotobookModernPack1
"{8A85DEAD-7C1F-4368-881C-72AC74CB2E91}" = UnloadSupport
"{90120000-0016-040C-0000-0000000FF1CE}" = Microsoft Office Excel MUI (French) 2007
"{90120000-0018-040C-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (French) 2007
"{90120000-001B-040C-0000-0000000FF1CE}" = Microsoft Office Word MUI (French) 2007
"{90120000-001F-0401-0000-0000000FF1CE}" = Microsoft Office Proof (Arabic) 2007
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-0413-0000-0000000FF1CE}" = Microsoft Office Proof (Dutch) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-0020-040C-0000-0000000FF1CE}" = Module de compatibilité pour Microsoft Office System 2007
"{90120000-002C-040C-0000-0000000FF1CE}" = Microsoft Office Proofing (French) 2007
"{90120000-006E-040C-0000-0000000FF1CE}" = Microsoft Office Shared MUI (French) 2007
"{90120000-00A1-040C-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (French) 2007
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{95120000-00AF-040C-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (French)
"{9885A11E-60E4-417C-B58B-8B31B21C0B8A}" = HP Easy Setup - Frontend
"{9DBCE8C7-FE94-4D8F-9FF0-38EF3D8BC99E}" = DJ_AIO_03_F4200_Software
"{A07840FC-CE63-4CB8-8030-EF4B9805925A}" = HPPhotoSmartDiscLabel_PaperLabel
"{A0B9F8DF-C949-45ed-9808-7DC5C0C19C81}" = Status
"{A11409F1-CD33-4076-85CB-4EE4A8439BFE}" = Scan
"{A5AB9D5E-52E2-440e-A3ED-9512E253C81A}" = SolutionCenter
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{AC76BA86-7AD7-1036-7B44-A94000000001}" = Adobe Reader 9.4.0 - Français
"{AC95121F-1576-45B8-82F7-3911D27882E6}" = HPPhotoSmartPhotobookScrapbookPack1
"{ADFB9653-F44C-460C-BF58-189CC552DFFE}" = hpphotosmartdisclabelplugin
"{B29B526D-F027-4122-BC7A-D9E5BC86CC40}" = DJ_AIO_03_F4200_Software_Min
"{B4E91E95-A5BA-4E50-A465-DB7EFEB176E8}" = HPPhotoSmartDiscLabel_PrintOnDisc
"{BAD0FA60-09CF-4411-AE6A-C2844C8812FA}" = HP Photosmart Essential 2.5
"{BD0E2B92-3814-46F0-893B-4612EA010C7E}" = HP Customer Experience Enhancements
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"{CBAE4F50-9FC9-4557-AB36-9826DF3C103C}" = HP Wireless Assistant
"{CC4A73BF-938E-4C19-A553-853C035C9BA1}" = LightScribe System Software 1.10.13.1
"{CCB9B81A-167F-4832-B305-D2A0430840B3}" = WebReg
"{CD95D125-2992-4858-B3EF-5F6FB52FBAD6}" = Skype Toolbars
"{D063F201-FAC4-4D5C-B10B-615058ADE5A7}" = HP Update
"{D99A8E3A-AE5A-4692-8B19-6F16D454E240}" = Destination Component
"{DD3C88A0-C53C-41D0-A21B-6D021981D23E}" = HPPhotoSmartDiscLabelContent1
"{E08DC77E-D09A-4e36-8067-D6DBBCC5F8DC}" = VideoToolkit01
"{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.0
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F42CD69D-E393-47c8-B2CD-B139C4ADA9A8}" = Copy
"{F5577101-33CC-4711-8235-3A95BCD49DB0}" = EA Link
"{F636EE9A-F9EC-4606-BCFA-77DD0E210788}" = HPPhotoSmartDiscLabel_Tattoo
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"ADIBOUd'CHOU V.1.00 on C" = ADIBOUd'CHOU V.1.00 on C
"Adobe Flash Player ActiveX" = Adobe Flash Player ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"ERUNT_is1" = ERUNT 1.1j
"Hauppauge MCE2005 Software Encoder" = Hauppauge MCE XP/Vista Software Encoder (2.0.25149)
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"InstallShield_{F5577101-33CC-4711-8235-3A95BCD49DB0}" = EA Link
"Lapin Malin Maternelle 1 v2" = Lapin Malin Maternelle 1 v2
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Mozilla Firefox (3.5.15)" = Mozilla Firefox (3.5.15)
"Softonic_France Toolbar" = Softonic France Toolbar
"ViewpointMediaPlayer" = Viewpoint Media Player
"VirtualCloneDrive" = VirtualCloneDrive
"VLC media player" = VLC media player 1.1.4
"Yahoo! Companion" = Yahoo! Toolbar
"Yahoo! Toolbar" = Yahoo! Toolbar

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 2010-10-30 09:00:55 | Computer Name = PC-Buchet_D | Source = WinMgmt | ID = 10
Description =

Error - 2010-10-30 18:43:02 | Computer Name = PC-Buchet_D | Source = WinMgmt | ID = 10
Description =

Error - 2010-11-01 06:46:20 | Computer Name = PC-Buchet_D | Source = WinMgmt | ID = 10
Description =

Error - 2010-11-01 12:09:35 | Computer Name = PC-Buchet_D | Source = WinMgmt | ID = 10
Description =

Error - 2010-11-02 06:10:00 | Computer Name = PC-Buchet_D | Source = WinMgmt | ID = 10
Description =

Error - 2010-11-03 09:02:14 | Computer Name = PC-Buchet_D | Source = WinMgmt | ID = 10
Description =

Error - 2010-11-04 07:03:42 | Computer Name = PC-Buchet_D | Source = WinMgmt | ID = 10
Description =

Error - 2010-11-05 06:22:22 | Computer Name = PC-Buchet_D | Source = WinMgmt | ID = 10
Description =

Error - 2010-11-06 09:02:40 | Computer Name = PC-Buchet_D | Source = WinMgmt | ID = 10
Description =

Error - 2010-11-07 08:17:55 | Computer Name = PC-Buchet_D | Source = WinMgmt | ID = 10
Description =

[ System Events ]
Error - 2010-10-24 12:02:51 | Computer Name = PC-Buchet_D | Source = Microsoft-Windows-Servicing | ID = 4375
Description =

Error - 2010-10-24 12:02:51 | Computer Name = PC-Buchet_D | Source = Microsoft-Windows-Servicing | ID = 4385
Description =

Error - 2010-10-24 12:02:51 | Computer Name = PC-Buchet_D | Source = Microsoft-Windows-Servicing | ID = 4385
Description =

Error - 2010-10-24 12:02:51 | Computer Name = PC-Buchet_D | Source = Microsoft-Windows-Servicing | ID = 4375
Description =

Error - 2010-10-24 12:02:51 | Computer Name = PC-Buchet_D | Source = Microsoft-Windows-Servicing | ID = 4385
Description =

Error - 2010-10-24 12:02:51 | Computer Name = PC-Buchet_D | Source = Microsoft-Windows-Servicing | ID = 4375
Description =

Error - 2010-10-24 12:02:51 | Computer Name = PC-Buchet_D | Source = Microsoft-Windows-Servicing | ID = 4385
Description =

Error - 2010-10-24 12:02:51 | Computer Name = PC-Buchet_D | Source = Microsoft-Windows-Servicing | ID = 4375
Description =

Error - 2010-10-24 12:02:51 | Computer Name = PC-Buchet_D | Source = Microsoft-Windows-Servicing | ID = 4385
Description =

Error - 2010-10-24 12:02:51 | Computer Name = PC-Buchet_D | Source = Microsoft-Windows-Servicing | ID = 4385
Description =


<End>

[Damien_B]

========== Files Created - No Company Name ==========

[2010-11-08 18:01:18 | 000,191,328 | ---- | C] () -- C:\Users\Famille_Buchet\Desktop\00-PAD-nickW.pdf
[2010-11-08 17:54:59 | 000,000,723 | ---- | C] () -- C:\Users\Famille_Buchet\Desktop\NTREGOPT.lnk
[2010-11-08 17:54:59 | 000,000,704 | ---- | C] () -- C:\Users\Famille_Buchet\Desktop\ERUNT.lnk
[2010-11-08 17:49:40 | 000,000,808 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010-11-08 17:49:36 | 000,024,664 | ---- | C] () -- C:\Windows\SysNative\drivers\mbam.sys
[2010-11-07 17:02:33 | 000,001,699 | ---- | C] () -- C:\Users\Famille_Buchet\Application Data\Microsoft\Internet Explorer\Quick Launch\Notepad.lnk
[2010-11-07 16:33:24 | 000,000,376 | ---- | C] () -- C:\Windows\ODBC.INI
[2010-11-07 16:32:59 | 000,001,871 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office.lnk
[2010-11-01 11:07:54 | 615,986,397 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2010-10-31 13:42:43 | 000,691,852 | ---- | C] () -- C:\Users\Famille_Buchet\Documents\images expo.docx
[2010-10-31 07:44:51 | 000,002,609 | ---- | C] () -- C:\Users\Famille_Buchet\Application Data\Microsoft\Internet Explorer\Quick Launch\Rosetta Stone Version 3.lnk
[2010-10-28 19:37:54 | 000,000,680 | ---- | C] () -- C:\Users\Famille_Buchet\AppData\Local\d3d9caps.dat
[2010-10-28 05:35:04 | 001,942,856 | ---- | C] () -- C:\Windows\SysNative\dfshim.dll
[2010-10-28 05:35:04 | 000,444,752 | ---- | C] () -- C:\Windows\SysNative\mscoree.dll
[2010-10-28 05:35:04 | 000,320,352 | ---- | C] () -- C:\Windows\SysNative\PresentationHost.exe
[2010-10-28 05:35:04 | 000,109,912 | ---- | C] () -- C:\Windows\SysNative\PresentationHostProxy.dll
[2010-10-28 05:35:04 | 000,048,960 | ---- | C] () -- C:\Windows\SysNative\netfxperf.dll
[2010-10-27 20:05:44 | 000,008,244 | ---- | C] () -- C:\Users\Famille_Buchet\Documents\virement du 27 octobre 2010.png
[2010-10-27 20:03:30 | 000,001,637 | ---- | C] () -- C:\Users\Famille_Buchet\Application Data\Microsoft\Internet Explorer\Quick Launch\Paint.lnk
[2010-10-27 12:20:43 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_00_00.Wdf
[2010-10-27 10:41:08 | 000,000,000 | ---- | C] () -- C:\Windows\setup32.INI
[2010-10-27 05:41:14 | 000,442,368 | ---- | C] () -- C:\Windows\SysNative\winhttp.dll
[2010-10-27 05:40:38 | 000,461,824 | ---- | C] () -- C:\Windows\SysNative\drivers\srv.sys
[2010-10-27 05:40:38 | 000,179,712 | ---- | C] () -- C:\Windows\SysNative\srvsvc.dll
[2010-10-27 05:40:38 | 000,144,896 | ---- | C] () -- C:\Windows\SysNative\drivers\srvnet.sys
[2010-10-27 05:40:37 | 000,175,104 | ---- | C] () -- C:\Windows\SysNative\drivers\srv2.sys
[2010-10-27 05:40:37 | 000,017,920 | ---- | C] () -- C:\Windows\SysNative\netevent.dll
[2010-10-27 05:40:37 | 000,012,288 | ---- | C] () -- C:\Windows\SysNative\sscore.dll
[2010-10-27 05:40:33 | 000,975,360 | ---- | C] () -- C:\Windows\SysNative\inetcomm.dll
[2010-10-26 05:46:50 | 000,049,160 | ---- | C] () -- C:\Windows\SysNative\infocardcpl.cpl
[2010-10-26 05:46:47 | 000,011,264 | ---- | C] () -- C:\Windows\SysNative\icardres.dll
[2010-10-26 05:46:45 | 001,168,928 | ---- | C] () -- C:\Windows\SysNative\PresentationNative_v0300.dll
[2010-10-26 05:46:45 | 000,167,432 | ---- | C] () -- C:\Windows\SysNative\infocardapi.dll
[2010-10-26 05:46:44 | 001,383,936 | ---- | C] () -- C:\Windows\SysNative\icardagt.exe
[2010-10-26 05:46:37 | 000,126,520 | ---- | C] () -- C:\Windows\SysNative\PresentationCFFRasterizerNative_v0300.dll
[2010-10-26 05:38:02 | 000,158,208 | ---- | C] () -- C:\Windows\SysNative\mscorier.dll
[2010-10-26 05:37:57 | 000,076,288 | ---- | C] () -- C:\Windows\SysNative\mscories.dll
[2010-10-26 05:34:20 | 000,032,768 | ---- | C] () -- C:\Windows\SysNative\nshhttp.dll
[2010-10-26 05:34:18 | 000,610,304 | ---- | C] () -- C:\Windows\SysNative\drivers\http.sys
[2010-10-26 05:34:18 | 000,033,792 | ---- | C] () -- C:\Windows\SysNative\httpapi.dll
[2010-10-26 05:31:20 | 002,960,422 | ---- | C] () -- C:\Users\Famille_Buchet\Documents\Mouse and a Mousetrap.wmv
[2010-10-26 05:29:17 | 000,961,635 | ---- | C] () -- C:\Users\Famille_Buchet\Documents\_CATEGORIE.pdf
[2010-10-26 05:29:17 | 000,067,008 | ---- | C] () -- C:\Users\Famille_Buchet\Documents\Coordonees_Bancaires_Desjardins.PDF
[2010-10-26 05:29:17 | 000,045,568 | ---- | C] () -- C:\Users\Famille_Buchet\Documents\Billets Noël 2010 --.doc
[2010-10-26 05:29:17 | 000,027,136 | ---- | C] () -- C:\Users\Famille_Buchet\Documents\Adresses &Téléphones.xls
[2010-10-26 05:29:16 | 000,149,707 | ---- | C] () -- C:\Users\Famille_Buchet\Documents\Informations Location Jean Légaré.pdf
[2010-10-26 05:29:16 | 000,026,910 | ---- | C] () -- C:\Users\Famille_Buchet\Documents\Courrier_MAIF_17082010_1.pdf
[2010-10-26 05:29:16 | 000,026,624 | ---- | C] () -- C:\Users\Famille_Buchet\Documents\procedure transfert 2010.doc
[2010-10-25 12:39:23 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_00_00.Wdf
[2010-10-25 05:38:33 | 012,240,896 | ---- | C] () -- C:\Windows\SysNative\NlsLexicons0007.dll
[2010-10-25 05:38:31 | 002,644,480 | ---- | C] () -- C:\Windows\SysNative\NlsLexicons0009.dll
[2010-10-25 05:38:14 | 001,361,920 | ---- | C] () -- C:\Windows\SysNative\NaturalLanguage6.dll
[2010-10-25 05:33:45 | 001,420,176 | ---- | C] () -- C:\Windows\SysNative\drivers\tcpip.sys
[2010-10-25 05:33:43 | 001,923,584 | ---- | C] () -- C:\Windows\SysNative\ole32.dll
[2010-10-25 05:33:39 | 000,093,184 | ---- | C] () -- C:\Windows\SysNative\mciavi32.dll
[2010-10-25 05:33:39 | 000,054,272 | ---- | C] () -- C:\Windows\SysNative\iyuv_32.dll
[2010-10-25 05:33:39 | 000,038,400 | ---- | C] () -- C:\Windows\SysNative\msvidc32.dll
[2010-10-25 05:33:39 | 000,025,600 | ---- | C] () -- C:\Windows\SysNative\msyuv.dll
[2010-10-25 05:33:39 | 000,015,872 | ---- | C] () -- C:\Windows\SysNative\msrle32.dll
[2010-10-25 05:33:39 | 000,013,824 | ---- | C] () -- C:\Windows\SysNative\tsbyuv.dll
[2010-10-25 05:33:38 | 000,108,544 | ---- | C] () -- C:\Windows\SysNative\avifil32.dll
[2010-10-25 05:33:38 | 000,076,800 | ---- | C] () -- C:\Windows\SysNative\avicap32.dll
[2010-10-25 05:33:37 | 000,143,360 | ---- | C] () -- C:\Windows\SysNative\msvfw32.dll
[2010-10-25 05:33:29 | 000,791,552 | ---- | C] () -- C:\Windows\SysNative\localspl.dll
[2010-10-25 05:33:26 | 000,366,080 | ---- | C] () -- C:\Windows\SysNative\atmfd.dll
[2010-10-25 05:33:26 | 000,096,256 | ---- | C] () -- C:\Windows\SysNative\fontsub.dll
[2010-10-25 05:33:26 | 000,048,128 | ---- | C] () -- C:\Windows\SysNative\atmlib.dll
[2010-10-25 05:33:24 | 001,280,512 | ---- | C] () -- C:\Windows\SysNative\rpcrt4.dll
[2010-10-25 05:33:19 | 000,002,048 | ---- | C] () -- C:\Windows\SysNative\tzres.dll
[2010-10-25 05:32:52 | 000,656,384 | ---- | C] () -- C:\Windows\SysNative\kerberos.dll
[2010-10-25 05:32:47 | 000,437,248 | ---- | C] () -- C:\Windows\SysNative\WSDApi.dll
[2010-10-25 05:32:44 | 000,818,688 | ---- | C] () -- C:\Windows\SysNative\WMSPDMOD.DLL
[2010-10-25 05:32:40 | 001,078,840 | ---- | C] () -- C:\Windows\SysNative\winload.efi
[2010-10-25 05:32:40 | 001,066,040 | ---- | C] () -- C:\Windows\SysNative\winload.exe
[2010-10-25 05:32:40 | 000,382,008 | ---- | C] () -- C:\Windows\SysNative\ci.dll
[2010-10-25 05:32:39 | 000,993,336 | ---- | C] () -- C:\Windows\SysNative\winresume.efi
[2010-10-25 05:32:39 | 000,982,584 | ---- | C] () -- C:\Windows\SysNative\winresume.exe
[2010-10-25 05:32:39 | 000,022,072 | ---- | C] () -- C:\Windows\SysNative\kd1394.dll
[2010-10-25 05:32:38 | 000,474,624 | ---- | C] () -- C:\Windows\SysNative\srcore.dll
[2010-10-25 05:32:38 | 000,058,368 | ---- | C] () -- C:\Windows\SysNative\setbcdlocale.dll
[2010-10-25 05:32:37 | 000,339,968 | ---- | C] () -- C:\Windows\SysNative\rstrui.exe
[2010-10-25 05:32:37 | 000,046,592 | ---- | C] () -- C:\Windows\SysNative\srclient.dll
[2010-10-25 05:32:37 | 000,018,944 | ---- | C] () -- C:\Windows\SysNative\srdelayed.exe
[2010-10-25 05:32:37 | 000,007,680 | ---- | C] () -- C:\Windows\SysNative\kbd106n.dll
[2010-10-25 05:32:08 | 012,898,304 | ---- | C] () -- C:\Windows\SysNative\shell32.dll
[2010-10-25 05:32:05 | 000,660,480 | ---- | C] () -- C:\Windows\SysNative\win32spl.dll
[2010-10-25 05:32:03 | 000,084,480 | ---- | C] () -- C:\Windows\SysNative\asycfilt.dll
[2010-10-25 05:31:59 | 000,273,920 | ---- | C] () -- C:\Windows\SysNative\drivers\mrxsmb10.sys
[2010-10-25 05:31:59 | 000,135,168 | ---- | C] () -- C:\Windows\SysNative\drivers\mrxsmb.sys
[2010-10-25 05:31:59 | 000,105,472 | ---- | C] () -- C:\Windows\SysNative\drivers\mrxsmb20.sys
[2010-10-25 05:31:56 | 000,189,952 | ---- | C] () -- C:\Windows\SysNative\t2embed.dll
[2010-10-25 05:31:53 | 000,633,856 | ---- | C] () -- C:\Windows\SysNative\comctl32.dll
[2010-10-25 05:31:51 | 000,295,936 | ---- | C] () -- C:\Windows\SysNative\raschap.dll
[2010-10-25 05:31:51 | 000,280,576 | ---- | C] () -- C:\Windows\SysNative\rastls.dll
[2010-10-25 05:31:48 | 001,208,832 | ---- | C] () -- C:\Windows\SysNative\kernel32.dll
[2010-10-25 05:31:46 | 000,025,600 | ---- | C] () -- C:\Windows\SysNative\amxread.dll
[2010-10-25 05:31:46 | 000,015,872 | ---- | C] () -- C:\Windows\SysNative\apilogen.dll
[2010-10-25 05:31:44 | 000,388,608 | ---- | C] () -- C:\Windows\SysNative\gdi32.dll
[2010-10-25 05:31:41 | 000,050,688 | ---- | C] () -- C:\Windows\SysNative\rtutils.dll
[2010-10-25 05:31:40 | 000,295,424 | ---- | C] () -- C:\Windows\SysNative\MP4SDECD.DLL
[2010-10-25 05:31:39 | 000,267,776 | ---- | C] () -- C:\Windows\SysNative\spoolsv.exe
[2010-10-25 05:31:38 | 000,345,088 | ---- | C] () -- C:\Windows\SysNative\msshsq.dll
[2010-10-25 05:31:36 | 001,729,024 | ---- | C] () -- C:\Windows\SysNative\msxml6.dll
[2010-10-25 05:31:33 | 002,751,488 | ---- | C] () -- C:\Windows\SysNative\win32k.sys
[2010-10-25 05:31:27 | 004,690,832 | ---- | C] () -- C:\Windows\SysNative\ntoskrnl.exe
[2010-10-25 05:31:26 | 000,361,984 | ---- | C] () -- C:\Windows\SysNative\es.dll
[2010-10-25 05:31:24 | 002,423,296 | ---- | C] () -- C:\Windows\SysNative\mstscax.dll
[2010-10-25 05:31:21 | 000,531,456 | ---- | C] () -- C:\Windows\SysNative\IPSECSVC.DLL
[2010-10-25 05:31:14 | 013,425,152 | ---- | C] () -- C:\Windows\SysNative\wmp.dll
[2010-10-25 05:31:08 | 008,147,968 | ---- | C] () -- C:\Windows\SysNative\wmploc.DLL
[2010-10-25 05:30:45 | 001,030,656 | ---- | C] () -- C:\Windows\SysNative\printfilterpipelinesvc.exe
[2010-10-25 05:30:45 | 000,718,336 | ---- | C] () -- C:\Windows\SysNative\rpcss.dll
[2010-10-25 05:30:44 | 000,036,352 | ---- | C] () -- C:\Windows\SysNative\printfilterpipelineprxy.dll
[2010-10-25 05:30:43 | 000,231,424 | ---- | C] () -- C:\Windows\SysNative\sdohlp.dll
[2010-10-25 05:30:43 | 000,163,840 | ---- | C] () -- C:\Windows\SysNative\iasrecst.dll
[2010-10-25 05:30:43 | 000,075,776 | ---- | C] () -- C:\Windows\SysNative\iasads.dll
[2010-10-25 05:30:43 | 000,061,440 | ---- | C] () -- C:\Windows\SysNative\iasdatastore.dll
[2010-10-25 05:30:43 | 000,024,576 | ---- | C] () -- C:\Windows\SysNative\iashost.exe
[2010-10-25 05:30:40 | 000,753,152 | ---- | C] () -- C:\Windows\SysNative\jscript.dll
[2010-10-25 05:30:37 | 002,452,872 | ---- | C] () -- C:\Windows\SysNative\ieapfltr.dat
[2010-10-25 05:30:35 | 005,692,928 | ---- | C] () -- C:\Windows\SysNative\mshtml.dll
[2010-10-25 05:30:34 | 007,015,424 | ---- | C] () -- C:\Windows\SysNative\ieframe.dll
[2010-10-25 05:30:32 | 001,426,944 | ---- | C] () -- C:\Windows\SysNative\urlmon.dll
[2010-10-25 05:30:32 | 001,032,704 | ---- | C] () -- C:\Windows\SysNative\wininet.dll
[2010-10-25 05:30:31 | 000,590,848 | ---- | C] () -- C:\Windows\SysNative\msfeeds.dll
[2010-10-25 05:30:31 | 000,208,896 | ---- | C] () -- C:\Windows\SysNative\occache.dll
[2010-10-25 05:30:30 | 000,758,784 | ---- | C] () -- C:\Windows\SysNative\mshtmled.dll
[2010-10-25 05:30:30 | 000,480,256 | ---- | C] () -- C:\Windows\SysNative\iedkcs32.dll
[2010-10-25 05:30:30 | 000,422,400 | ---- | C] () -- C:\Windows\SysNative\ieapfltr.dll
[2010-10-25 05:30:30 | 000,375,296 | ---- | C] () -- C:\Windows\SysNative\iertutil.dll
[2010-10-25 05:30:30 | 000,249,856 | ---- | C] () -- C:\Windows\SysNative\iepeers.dll
[2010-10-25 05:30:29 | 001,383,424 | ---- | C] () -- C:\Windows\SysNative\mshtml.tlb
[2010-10-25 05:30:29 | 001,129,984 | ---- | C] () -- C:\Windows\SysNative\mstime.dll
[2010-10-25 05:30:29 | 000,485,376 | ---- | C] () -- C:\Windows\SysNative\html.iec
[2010-10-25 05:30:29 | 000,267,776 | ---- | C] () -- C:\Windows\SysNative\ieaksie.dll
[2010-10-25 05:30:29 | 000,086,528 | ---- | C] () -- C:\Windows\SysNative\ieencode.dll
[2010-10-25 05:30:29 | 000,032,768 | ---- | C] () -- C:\Windows\SysNative\ieUnatt.exe
[2010-10-25 05:30:29 | 000,032,256 | ---- | C] () -- C:\Windows\SysNative\jsproxy.dll
[2010-10-25 05:30:18 | 000,603,648 | ---- | C] () -- C:\Windows\SysNative\vbscript.dll
[2010-10-25 05:30:14 | 002,900,480 | ---- | C] () -- C:\Windows\SysNative\WMVCORE.DLL
[2010-10-25 05:30:13 | 003,547,136 | ---- | C] () -- C:\Windows\SysNative\mf.dll
[2010-10-25 05:30:06 | 001,692,160 | ---- | C] () -- C:\Windows\SysNative\lsasrv.dll
[2010-10-25 05:30:06 | 000,268,800 | ---- | C] () -- C:\Windows\SysNative\msv1_0.dll
[2010-10-25 05:30:05 | 000,515,656 | ---- | C] () -- C:\Windows\SysNative\drivers\ksecdd.sys
[2010-10-25 05:30:05 | 000,205,312 | ---- | C] () -- C:\Windows\SysNative\wdigest.dll
[2010-10-25 05:30:05 | 000,094,720 | ---- | C] () -- C:\Windows\SysNative\secur32.dll
[2010-10-25 05:30:05 | 000,011,264 | ---- | C] () -- C:\Windows\SysNative\lsass.exe
[2010-10-25 05:30:03 | 000,088,576 | ---- | C] () -- C:\Windows\SysNative\atl.dll
[2010-10-25 05:30:02 | 000,557,056 | ---- | C] () -- C:\Windows\SysNative\wmpeffects.dll
[2010-10-25 05:29:59 | 000,227,328 | ---- | C] () -- C:\Windows\SysNative\scrobj.dll
[2010-10-25 05:29:59 | 000,197,632 | ---- | C] () -- C:\Windows\SysNative\scrrun.dll
[2010-10-25 05:29:59 | 000,166,912 | ---- | C] () -- C:\Windows\SysNative\wscript.exe
[2010-10-25 05:29:59 | 000,147,968 | ---- | C] () -- C:\Windows\SysNative\cscript.exe
[2010-10-25 05:29:59 | 000,144,384 | ---- | C] () -- C:\Windows\SysNative\wshom.ocx
[2010-10-25 05:29:59 | 000,101,888 | ---- | C] () -- C:\Windows\SysNative\wshext.dll
[2010-10-25 05:29:49 | 000,141,312 | ---- | C] () -- C:\Windows\SysNative\netiohlp.dll
[2010-10-25 05:29:49 | 000,032,256 | ---- | C] () -- C:\Windows\SysNative\NETSTAT.EXE
[2010-10-25 05:29:49 | 000,023,040 | ---- | C] () -- C:\Windows\SysNative\ARP.EXE
[2010-10-25 05:29:49 | 000,021,504 | ---- | C] () -- C:\Windows\SysNative\ROUTE.EXE
[2010-10-25 05:29:49 | 000,012,800 | ---- | C] () -- C:\Windows\SysNative\MRINFO.EXE
[2010-10-25 05:29:49 | 000,011,264 | ---- | C] () -- C:\Windows\SysNative\finger.exe
[2010-10-25 05:29:49 | 000,010,752 | ---- | C] () -- C:\Windows\SysNative\TCPSVCS.EXE
[2010-10-25 05:29:49 | 000,010,240 | ---- | C] () -- C:\Windows\SysNative\HOSTNAME.EXE
[2010-10-25 05:28:59 | 001,245,184 | ---- | C] () -- C:\Windows\SysNative\WMNetMgr.dll
[2010-10-25 05:28:59 | 000,112,640 | ---- | C] () -- C:\Windows\SysNative\logagent.exe
[2010-10-25 05:28:56 | 001,875,456 | ---- | C] () -- C:\Windows\SysNative\msxml3.dll
[2010-10-25 05:28:52 | 001,570,816 | ---- | C] () -- C:\Windows\SysNative\quartz.dll
[2010-10-25 05:28:50 | 000,883,200 | ---- | C] () -- C:\Windows\SysNative\drivers\dxgkrnl.sys
[2010-10-25 05:28:50 | 000,399,872 | ---- | C] () -- C:\Windows\SysNative\emdmgmt.dll
[2010-10-25 05:28:50 | 000,187,392 | ---- | C] () -- C:\Windows\SysNative\drivers\nwifi.sys
[2010-10-25 05:28:50 | 000,048,640 | ---- | C] () -- C:\Windows\SysNative\dataclen.dll
[2010-10-25 05:28:50 | 000,047,104 | ---- | C] () -- C:\Windows\SysNative\cdd.dll
[2010-10-25 05:28:48 | 000,140,288 | ---- | C] () -- C:\Windows\SysNative\drivers\rmcast.sys
[2010-10-25 05:28:48 | 000,017,408 | ---- | C] () -- C:\Windows\SysNative\wshrm.dll
[2010-10-25 05:28:46 | 000,082,944 | ---- | C] () -- C:\Windows\SysNative\msasn1.dll
[2010-10-25 05:28:42 | 000,094,208 | ---- | C] () -- C:\Windows\SysNative\drivers\pacer.sys
[2010-10-25 05:28:42 | 000,039,424 | ---- | C] () -- C:\Windows\SysNative\traffic.dll
[2010-10-25 05:28:42 | 000,017,920 | ---- | C] () -- C:\Windows\SysNative\pacerprf.dll
[2010-10-25 05:28:42 | 000,016,896 | ---- | C] () -- C:\Windows\SysNative\wshqos.dll
[2010-10-25 05:28:39 | 000,202,752 | ---- | C] () -- C:\Windows\SysNative\wkssvc.dll
[2010-10-25 05:28:34 | 000,730,112 | ---- | C] () -- C:\Windows\SysNative\msdtcprx.dll
[2010-10-25 05:28:34 | 000,048,640 | ---- | C] () -- C:\Windows\SysNative\xolehlp.dll
[2010-10-25 05:28:32 | 000,072,192 | ---- | C] () -- C:\Windows\SysNative\l3codeca.acm
[2010-10-25 05:28:29 | 000,622,080 | ---- | C] () -- C:\Windows\SysNative\usp10.dll
[2010-10-25 05:28:18 | 000,368,128 | ---- | C] () -- C:\Windows\SysNative\wmpdxm.dll
[2010-10-25 05:28:17 | 000,009,216 | ---- | C] () -- C:\Windows\SysNative\spwmp.dll
[2010-10-25 05:28:17 | 000,005,120 | ---- | C] () -- C:\Windows\SysNative\msdxm.ocx
[2010-10-25 05:28:17 | 000,005,120 | ---- | C] () -- C:\Windows\SysNative\dxmasf.dll
[2010-10-25 05:28:15 | 000,043,520 | ---- | C] () -- C:\Windows\SysNative\msdxm.tlb
[2010-10-25 05:28:15 | 000,018,432 | ---- | C] () -- C:\Windows\SysNative\amcompat.tlb
[2010-10-25 05:28:13 | 000,276,480 | ---- | C] () -- C:\Windows\SysNative\drivers\bthport.sys
[2010-10-25 05:28:13 | 000,187,904 | ---- | C] () -- C:\Windows\SysNative\fsquirt.exe
[2010-10-25 05:28:12 | 000,034,304 | ---- | C] () -- C:\Windows\SysNative\drivers\BTHUSB.SYS
[2010-10-25 05:28:11 | 000,343,040 | ---- | C] () -- C:\Windows\SysNative\schannel.dll
[2010-10-25 05:27:49 | 001,090,048 | ---- | C] () -- C:\Windows\SysNative\wmpmde.dll
[2010-10-25 05:27:47 | 002,608,803 | ---- | C] () -- C:\Windows\SysNative\wlan.tmf
[2010-10-25 05:27:46 | 000,615,936 | ---- | C] () -- C:\Windows\SysNative\wlansvc.dll
[2010-10-25 05:27:46 | 000,376,832 | ---- | C] () -- C:\Windows\SysNative\wlansec.dll
[2010-10-25 05:27:46 | 000,353,280 | ---- | C] () -- C:\Windows\SysNative\wlanmsm.dll
[2010-10-25 05:27:46 | 000,157,184 | ---- | C] () -- C:\Windows\SysNative\L2SecHC.dll
[2010-10-25 05:27:46 | 000,097,792 | ---- | C] () -- C:\Windows\SysNative\wlanhlp.dll
[2010-10-25 05:27:46 | 000,086,528 | ---- | C] () -- C:\Windows\SysNative\wlanapi.dll
[2010-10-25 05:27:42 | 000,648,704 | ---- | C] () -- C:\Windows\SysNative\netapi32.dll
[2010-10-25 05:23:39 | 000,270,720 | ---- | C] () -- C:\Windows\SysNative\MpSigStub.exe
[2010-10-24 20:34:52 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010-10-24 20:19:09 | 000,000,990 | ---- | C] () -- C:\Users\Famille_Buchet\Application Data\Microsoft\Internet Explorer\Quick Launch\WINWORD - Raccourci.lnk
[2010-10-24 20:18:54 | 000,000,978 | ---- | C] () -- C:\Users\Famille_Buchet\Application Data\Microsoft\Internet Explorer\Quick Launch\EXCEL - Raccourci.lnk
[2010-10-24 18:36:33 | 000,032,726 | ---- | C] () -- C:\ProgramData\nvModes.001
[2010-10-24 18:36:17 | 000,032,726 | ---- | C] () -- C:\ProgramData\nvModes.dat
[2010-10-24 17:24:52 | 000,001,561 | ---- | C] () -- C:\Windows\SysWow64\Adiboud'chou.lnk
[2010-10-24 14:10:49 | 000,218,112 | ---- | C] () -- C:\Windows\SysNative\wintrust.dll
[2010-10-24 14:10:48 | 000,104,960 | ---- | C] () -- C:\Windows\SysNative\cabview.dll
[2010-10-24 13:50:27 | 000,002,002 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
[2010-10-24 13:46:57 | 000,359,256 | ---- | C] () -- C:\Windows\SysNative\hpzids40.dll
[2010-10-24 13:46:52 | 000,235,008 | ---- | C] () -- C:\Windows\SysNative\hpzc35mu.dll
[2010-10-24 13:46:52 | 000,130,560 | ---- | C] () -- C:\Windows\SysNative\hpz3l5mu.dll
[2010-10-24 13:46:51 | 000,671,816 | ---- | C] () -- C:\Windows\SysNative\hpcdmc32.dll
[2010-10-24 13:46:44 | 000,938,496 | ---- | C] () -- C:\Windows\SysNative\hpowiax7.dll
[2010-10-24 13:46:44 | 000,740,864 | ---- | C] () -- C:\Windows\SysNative\hpotscl6.dll
[2010-10-24 13:46:44 | 000,551,424 | ---- | C] () -- C:\Windows\SysNative\hppldcoi.dll
[2010-10-24 13:46:44 | 000,508,928 | ---- | C] () -- C:\Windows\SysNative\difxapi.dll
[2010-10-24 13:46:44 | 000,505,344 | ---- | C] () -- C:\Windows\SysNative\hpovst15.dll
[2010-10-24 13:41:02 | 000,178,005 | ---- | C] () -- C:\Windows\hpoins28.dat
[2010-10-24 13:36:13 | 000,116,568 | ---- | C] () -- C:\Windows\SysNative\drivers\avipbb.sys
[2010-10-24 13:36:12 | 000,081,584 | ---- | C] () -- C:\Windows\SysNative\drivers\avgntflt.sys
[2010-10-24 13:32:17 | 000,424,044 | ---- | C] () -- C:\Users\Famille_Buchet\AppData\Local\dd_vcredistMSI3DC7.txt
[2010-10-24 13:32:17 | 000,016,018 | ---- | C] () -- C:\Users\Famille_Buchet\AppData\Local\dd_vcredistUI3DC7.txt
[2010-10-24 13:30:25 | 000,080,896 | ---- | C] () -- C:\Users\Famille_Buchet\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010-10-24 13:23:58 | 000,000,000 | ---- | C] () -- C:\Users\Famille_Buchet\AppData\Local\QSwitch.txt
[2010-10-24 13:23:58 | 000,000,000 | ---- | C] () -- C:\Users\Famille_Buchet\AppData\Local\DSwitch.txt
[2010-10-24 13:23:58 | 000,000,000 | ---- | C] () -- C:\Users\Famille_Buchet\AppData\Local\AtStart.txt
[2010-10-24 13:23:25 | 000,000,081 | ---- | C] () -- C:\Windows\SysNative\LOG
[2010-10-24 13:23:23 | 000,000,044 | ---- | C] () -- C:\Windows\System\hpsysdrv.dat
[2010-10-24 13:19:58 | 000,065,328 | ---- | C] () -- C:\Windows\SysWow64\license.rtf
[2010-10-24 13:14:43 | 000,000,375 | -H-- | C] () -- C:\IPH.PH
[2010-10-24 13:09:06 | 000,363,288 | ---- | C] () -- C:\Windows\SysNative\xactengine2_3.dll
[2010-10-24 13:09:05 | 000,083,736 | ---- | C] () -- C:\Windows\SysNative\xinput1_2.dll
[2010-10-24 13:09:03 | 000,354,072 | ---- | C] () -- C:\Windows\SysNative\xactengine2_2.dll
[2010-10-24 13:09:02 | 000,083,664 | ---- | C] () -- C:\Windows\SysNative\xinput1_1.dll
[2010-10-24 13:09:01 | 000,352,464 | ---- | C] () -- C:\Windows\SysNative\xactengine2_1.dll
[2010-10-24 13:08:56 | 003,927,248 | ---- | C] () -- C:\Windows\SysNative\d3dx9_30.dll
[2010-10-24 13:08:54 | 000,355,536 | ---- | C] () -- C:\Windows\SysNative\xactengine2_0.dll
[2010-10-24 13:08:54 | 000,016,592 | ---- | C] () -- C:\Windows\SysNative\x3daudio1_0.dll
[2010-10-24 13:08:53 | 003,830,992 | ---- | C] () -- C:\Windows\SysNative\d3dx9_29.dll
[2010-10-24 13:08:51 | 003,815,120 | ---- | C] () -- C:\Windows\SysNative\d3dx9_28.dll
[2010-10-24 13:08:49 | 003,807,440 | ---- | C] () -- C:\Windows\SysNative\d3dx9_27.dll
[2010-10-24 13:08:48 | 003,767,504 | ---- | C] () -- C:\Windows\SysNative\d3dx9_26.dll
[2010-10-24 13:08:46 | 003,823,312 | ---- | C] () -- C:\Windows\SysNative\d3dx9_25.dll
[2010-10-24 13:08:45 | 003,544,272 | ---- | C] () -- C:\Windows\SysNative\d3dx9_24.dll
[2010-10-24 13:07:32 | 000,110,399 | ---- | C] () -- C:\Windows\hpqins13.dat
[2010-10-24 13:07:32 | 000,001,551 | ---- | C] () -- C:\ProgramData\hpzinstall.log
[2010-10-24 13:04:36 | 000,000,000 | RHS- | C] () -- C:\Windows\SysWow64\drivers\103C_HP_cNB_Pavilion dv9700 Notebook PC_Y5335KV_0U_QCNF830371B_E480831-121_4A_I30CB_SQuanta_V79.2E_F.58_T080616_WV3-1_L40C_M4094_J320_7Intel_86FD_92.00_#101024_N10EC8168;80864229_(FE782UA#ABC)_XMOBILE_CN10_Z.MRK
[2010-10-24 13:04:36 | 000,000,000 | RHS- | C] () -- C:\Windows\SysNative\drivers\103C_HP_cNB_Pavilion dv9700 Notebook PC_Y5335KV_0U_QCNF830371B_E480831-121_4A_I30CB_SQuanta_V79.2E_F.58_T080616_WV3-1_L40C_M4094_J320_7Intel_86FD_92.00_#101024_N10EC8168;80864229_(FE782UA#ABC)_XMOBILE_CN10_Z.MRK
[2010-10-24 13:03:43 | 000,000,258 | ---- | C] () -- C:\Users\Famille_Buchet\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2010-10-24 12:52:11 | 4293,304,320 | -HS- | C] () -- C:\hiberfil.sys
[2010-10-24 11:26:19 | 001,079,496 | ---- | C] () -- C:\ProgramData\LuUninstall.LiveUpdate
[2010-10-24 11:23:29 | 000,001,453 | ---- | C] () -- C:\Users\Famille_Buchet\Application Data\Microsoft\Internet Explorer\Quick Launch\explorer - Raccourci.lnk
[2010-10-24 11:19:58 | 000,001,802 | ---- | C] () -- C:\Users\Famille_Buchet\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2010-10-24 11:01:47 | 002,621,440 | ---- | C] () -- C:\Windows\SysNative\wucltux.dll
[2010-10-24 11:01:47 | 002,424,024 | ---- | C] () -- C:\Windows\SysNative\wuaueng.dll
[2010-10-24 11:01:47 | 000,057,560 | ---- | C] () -- C:\Windows\SysNative\wuauclt.exe
[2010-10-24 11:01:47 | 000,043,744 | ---- | C] () -- C:\Windows\SysNative\wups2.dll
[2010-10-24 11:01:32 | 000,700,640 | ---- | C] () -- C:\Windows\SysNative\wuapi.dll
[2010-10-24 11:01:32 | 000,098,816 | ---- | C] () -- C:\Windows\SysNative\wudriver.dll
[2010-10-24 11:01:32 | 000,038,112 | ---- | C] () -- C:\Windows\SysNative\wups.dll
[2010-10-24 11:01:23 | 000,185,416 | ---- | C] () -- C:\Windows\SysNative\wuwebv.dll
[2010-10-24 11:01:23 | 000,036,864 | ---- | C] () -- C:\Windows\SysNative\wuapp.exe
[2008-01-20 21:50:05 | 000,060,124 | ---- | C] () -- C:\Windows\SysWow64\tcpmon.ini
[2008-01-20 21:49:49 | 000,368,640 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[1999-09-27 10:04:24 | 000,065,536 | ---- | C] () -- C:\Windows\SysWow64\MSRTEDIT.DLL

========== LOP Check ==========

[2010-10-28 21:11:08 | 000,000,000 | ---D | M] -- C:\Users\Famille_Buchet\AppData\Roaming\muvee Technologies
[2010-11-08 14:40:53 | 000,020,758 | ---- | M] () -- C:\WINDOWS\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Custom Scans ==========


<SYSTEMDRIVE>


<MD5>
[2008-01-20 21:46:51 | 000,064,568 | ---- | M] (Microsoft Corporation) MD5=F6F6793B7F17B550ECFDBD3B229173F7 -- C:\WINDOWS\winsxs\amd64_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_163188bf770e4ab0\AGP440.sys
[2008-01-20 21:46:51 | 000,064,568 | ---- | M] (Microsoft Corporation) MD5=F6F6793B7F17B550ECFDBD3B229173F7 -- C:\WINDOWS\winsxs\amd64_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_181d01cb743015fc\AGP440.sys

<MD5>
[2008-01-20 21:46:50 | 000,022,584 | ---- | M] (Microsoft Corporation) MD5=1898FAE8E07D97F2F6C2D5326C633FAC -- C:\WINDOWS\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_3956c39dd9e73fd2\atapi.sys
[2009-04-11 02:15:00 | 000,020,952 | ---- | M] (Microsoft Corporation) MD5=E68D9B3A3905619732F7FE039466A623 -- C:\WINDOWS\SoftwareDistribution\Download\fce438afafdfd7622141fad99a8dd451\amd64_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_3b423ca9d7090b1e\atapi.sys

<MD5>
[2006-11-02 06:16:48 | 000,014,848 | ---- | M] (Microsoft Corporation) MD5=21322B1A2AD337C579F4A65EA0D25193 -- C:\WINDOWS\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_424bc4aceb06de1c\cngaudit.dll
[2006-11-02 04:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\WINDOWS\SysWOW64\cngaudit.dll
[2006-11-02 04:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\WINDOWS\SysWOW64\cngaudit.dll
[2006-11-02 04:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\WINDOWS\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll

<MD5>
[2007-01-13 01:30:08 | 000,007,216 | ---- | M] () MD5=C2A279A458A06DE2C83D842AA042B5A8 -- C:\Program Files (x86)\CyberLink\PowerDirector\EventLog.dll

<MD5>
[2007-09-29 18:03:32 | 000,384,024 | ---- | M] (Intel Corporation) MD5=16A4671255CFB842225F0FDB6DBDB414 -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\driver64\IaStor.sys
[2007-09-29 18:03:32 | 000,384,024 | ---- | M] (Intel Corporation) MD5=16A4671255CFB842225F0FDB6DBDB414 -- C:\SWSetup\Drivers\ITM\Winall\Driver64\IaStor.sys
[2007-09-29 18:03:12 | 000,308,248 | ---- | M] (Intel Corporation) MD5=E5A0034847537EAEE3C00349D5C34C5F -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\driver\IaStor.sys
[2007-09-29 18:03:12 | 000,308,248 | ---- | M] (Intel Corporation) MD5=E5A0034847537EAEE3C00349D5C34C5F -- C:\SWSetup\Drivers\ITM\Winall\Driver\IaStor.sys

<MD5>
[2008-01-20 21:46:59 | 000,290,872 | ---- | M] (Intel Corporation) MD5=3E3BF3627D886736D0B4E90054F929F6 -- C:\WINDOWS\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_0b2fedfc40256bc5\iaStorV.sys

<MD5>
[2008-01-20 21:51:03 | 000,716,800 | ---- | M] (Microsoft Corporation) MD5=5D0A4891F8CD0E9E64FF57A6A34044F5 -- C:\WINDOWS\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_59d652c6f057598d\netlogon.dll
[2009-04-11 01:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\WINDOWS\SoftwareDistribution\Download\fce438afafdfd7622141fad99a8dd451\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_6616762521d9e6d4\netlogon.dll
[2009-04-11 02:11:16 | 000,717,312 | ---- | M] (Microsoft Corporation) MD5=A3F1B171702CA04744EE514243B45BFB -- C:\WINDOWS\SoftwareDistribution\Download\fce438afafdfd7622141fad99a8dd451\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_5bc1cbd2ed7924d9\netlogon.dll
[2008-01-20 21:48:28 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\WINDOWS\SysWOW64\netlogon.dll
[2008-01-20 21:48:28 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\WINDOWS\SysWOW64\netlogon.dll
[2008-01-20 21:48:28 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\WINDOWS\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_642afd1924b81b88\netlogon.dll

<MD5>
[2008-01-20 21:46:54 | 000,054,328 | ---- | M] (NVIDIA Corporation) MD5=F7EA0FE82842D05EDA3EFDD376DBFDBA -- C:\WINDOWS\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_95f95eab775c159d\nvstor.sys

<MD5>
[2008-01-20 21:50:28 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\WINDOWS\SysWOW64\scecli.dll
[2008-01-20 21:50:28 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\WINDOWS\SysWOW64\scecli.dll
[2008-01-20 21:50:28 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\WINDOWS\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_9e812831c5d9a243\scecli.dll
[2008-01-20 21:49:49 | 000,235,520 | ---- | M] (Microsoft Corporation) MD5=35F1DD99F9903BC267C2AF16B09F9BF7 -- C:\WINDOWS\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_942c7ddf9178e048\scecli.dll
[2009-04-11 01:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\WINDOWS\SoftwareDistribution\Download\fce438afafdfd7622141fad99a8dd451\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_a06ca13dc2fb6d8f\scecli.dll
[2009-04-11 02:11:23 | 000,235,520 | ---- | M] (Microsoft Corporation) MD5=9922ADB6DCA8F0F5EA038BEFF339C08B -- C:\WINDOWS\SoftwareDistribution\Download\fce438afafdfd7622141fad99a8dd451\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_9617f6eb8e9aab94\scecli.dll

<systemroot>

<systemroot>
[2008-01-20 21:49:43 | 000,347,136 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\SysWOW64\dxtmsft.dll
[2008-01-20 21:49:43 | 000,214,528 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\SysWOW64\dxtrans.dll
[2010-09-08 12:23:42 | 000,193,024 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\SysWOW64\iepeers.dll

<systemroot>

<End>

[nickW]

Bonsoir,

Création d'un autre rapport d'analyse:


Étape 1: MBRCheck (de a_d_13), téléchargement
Télécharger MBRCheck.exe depuis l'un des liens ci-dessous:
http://ad13.geekstogo.com/MBRCheck.exe
http://download.bleepingcomputer.com/ro ... RCheck.exe
http://www.kernelmode.info/MBRCheck.exe

Enregistrer ce fichier sur le Bureau.


Étape 2: MBRCheck (de a_d_13), analyse

Faire un double clic sur MBRCheck.exe pour lancer l'outil.
Une petite fenêtre à fond noir va s'ouvrir.
Laisser l'outil travailler sans l'interrompre.
Si le programme affiche
...........Found non-standard or infected MBR.
...........Enter 'Y' and hit ENTER for more options, or 'N' to exit
appuyer sur la touche N puis sur la touche Entrée

En fin d'exécution, s'affiche le message
...........Done!
...........Press ENTER to exit ...

Appuyer sur la touche Entrée pour fermer le programme.


Étape 3: Résultats
Envoyer en réponse:
*- le rapport d'analyse de MBRCheck (contenu du fichier MBRCheck_**.**.**_**.**.**.txt (les ** sont des chiffres représentant la date [mois.jour.année] et l'heure [heures.minutes.secondes]) qui se trouve sur le Bureau.

A suivre,

[Damien_B]

MBRCheck, version 1.2.3
(c) 2010, AD

Command-line:
Windows Version: Windows Vista Home Premium Edition
Windows Information: Service Pack 1 (build 6001), 64-bit
Base Board Manufacturer: Quanta
BIOS Manufacturer: Hewlett-Packard
System Manufacturer: Hewlett-Packard
System Product Name: HP Pavilion dv9700 Notebook PC
Logical Drives Mask: 0x0000003c

Kernel Drivers (total 151):
0x01E1F000 \SystemRoot\system32\ntoskrnl.exe
0x02337000 \SystemRoot\system32\hal.dll
0x0060B000 \SystemRoot\system32\kdcom.dll
0x0060E000 \SystemRoot\system32\mcupdate_GenuineIntel.dll
0x0063B000 \SystemRoot\system32\PSHED.dll
0x0064F000 \SystemRoot\system32\CLFS.SYS
0x006AC000 \SystemRoot\system32\CI.dll
0x00805000 \SystemRoot\system32\drivers\Wdf01000.sys
0x008DF000 \SystemRoot\system32\drivers\WDFLDR.SYS
0x008ED000 \SystemRoot\system32\drivers\acpi.sys
0x00943000 \SystemRoot\system32\drivers\WMILIB.SYS
0x0094C000 \SystemRoot\system32\drivers\msisadrv.sys
0x00956000 \SystemRoot\system32\drivers\pci.sys
0x00986000 \SystemRoot\System32\drivers\partmgr.sys
0x0099B000 \SystemRoot\system32\DRIVERS\compbatt.sys
0x0099F000 \SystemRoot\system32\DRIVERS\BATTC.SYS
0x009AB000 \SystemRoot\system32\drivers\volmgr.sys
0x0075E000 \SystemRoot\System32\drivers\volmgrx.sys
0x009BF000 \SystemRoot\system32\drivers\intelide.sys
0x009C7000 \SystemRoot\system32\drivers\PCIIDEX.SYS
0x009D7000 \SystemRoot\System32\drivers\mountmgr.sys
0x00A01000 \SystemRoot\system32\DRIVERS\iaStor.sys
0x00B05000 \SystemRoot\system32\drivers\atapi.sys
0x00B0D000 \SystemRoot\system32\drivers\ataport.SYS
0x00B31000 \SystemRoot\system32\drivers\msahci.sys
0x00B3B000 \SystemRoot\system32\drivers\fltmgr.sys
0x00B81000 \SystemRoot\system32\drivers\fileinfo.sys
0x00C03000 \SystemRoot\System32\Drivers\ksecdd.sys
0x00E06000 \SystemRoot\system32\drivers\ndis.sys
0x00C8A000 \SystemRoot\system32\drivers\msrpc.sys
0x00CDA000 \SystemRoot\system32\drivers\NETIO.SYS
0x01008000 \SystemRoot\System32\drivers\tcpip.sys
0x0117C000 \SystemRoot\System32\drivers\fwpkclnt.sys
0x0120E000 \SystemRoot\System32\Drivers\Ntfs.sys
0x01392000 \SystemRoot\system32\drivers\volsnap.sys
0x013D6000 \SystemRoot\System32\Drivers\spldr.sys
0x013DE000 \SystemRoot\System32\Drivers\mup.sys
0x011A8000 \SystemRoot\System32\drivers\ecache.sys
0x011D4000 \SystemRoot\system32\drivers\disk.sys
0x00FC9000 \SystemRoot\system32\drivers\CLASSPNP.SYS
0x013F0000 \SystemRoot\system32\drivers\crcdisk.sys
0x0230A000 \SystemRoot\system32\DRIVERS\tunnel.sys
0x02316000 \SystemRoot\system32\DRIVERS\tunmp.sys
0x0231F000 \SystemRoot\system32\DRIVERS\CmBatt.sys
0x02324000 \SystemRoot\system32\DRIVERS\wmiacpi.sys
0x0232D000 \SystemRoot\system32\DRIVERS\intelppm.sys
0x02606000 \SystemRoot\system32\DRIVERS\nvlddmkm.sys
0x0312A000 \SystemRoot\system32\DRIVERS\nvBridge.kmd
0x0320B000 \SystemRoot\System32\drivers\dxgkrnl.sys
0x032EA000 \SystemRoot\System32\drivers\watchdog.sys
0x032F9000 \SystemRoot\system32\DRIVERS\usbuhci.sys
0x03305000 \SystemRoot\system32\DRIVERS\USBPORT.SYS
0x0334B000 \SystemRoot\system32\DRIVERS\usbehci.sys
0x0335C000 \SystemRoot\system32\DRIVERS\HDAudBus.sys
0x0340F000 \SystemRoot\system32\DRIVERS\NETw4v64.sys
0x03719000 \SystemRoot\system32\DRIVERS\Rtlh64.sys
0x0373E000 \SystemRoot\system32\DRIVERS\ohci1394.sys
0x03750000 \SystemRoot\system32\DRIVERS\1394BUS.SYS
0x03760000 \SystemRoot\system32\DRIVERS\sdbus.sys
0x03780000 \SystemRoot\system32\DRIVERS\rimmpx64.sys
0x03794000 \SystemRoot\system32\DRIVERS\rimspx64.sys
0x0336F000 \SystemRoot\system32\DRIVERS\rixdpx64.sys
0x037AB000 \SystemRoot\system32\DRIVERS\HpqRemHid.sys
0x037AE000 \SystemRoot\system32\DRIVERS\HIDCLASS.SYS
0x037C0000 \SystemRoot\system32\DRIVERS\HIDPARSE.SYS
0x037C8000 \SystemRoot\system32\DRIVERS\i8042prt.sys
0x037DE000 \SystemRoot\system32\DRIVERS\kbdclass.sys
0x0312C000 \SystemRoot\system32\DRIVERS\SynTP.sys
0x037EC000 \SystemRoot\system32\DRIVERS\USBD.SYS
0x037EE000 \SystemRoot\system32\DRIVERS\mouclass.sys
0x033C6000 \SystemRoot\system32\DRIVERS\cdrom.sys
0x03181000 \SystemRoot\system32\DRIVERS\msiscsi.sys
0x02340000 \SystemRoot\system32\DRIVERS\storport.sys
0x03400000 \SystemRoot\system32\DRIVERS\TDI.SYS
0x031B9000 \SystemRoot\system32\DRIVERS\rasl2tp.sys
0x033E2000 \SystemRoot\system32\DRIVERS\ndistapi.sys
0x0239D000 \SystemRoot\system32\DRIVERS\ndiswan.sys
0x033EE000 \SystemRoot\system32\DRIVERS\raspppoe.sys
0x031DC000 \SystemRoot\system32\DRIVERS\raspptp.sys
0x023CE000 \SystemRoot\system32\DRIVERS\rassstp.sys
0x023E6000 \SystemRoot\system32\DRIVERS\termdd.sys
0x011E8000 \SystemRoot\system32\DRIVERS\VClone.sys
0x00D32000 \SystemRoot\system32\DRIVERS\SCSIPORT.SYS
0x0340D000 \SystemRoot\system32\DRIVERS\swenum.sys
0x00D60000 \SystemRoot\system32\DRIVERS\ks.sys
0x03200000 \SystemRoot\system32\DRIVERS\mssmbios.sys
0x00D94000 \SystemRoot\system32\DRIVERS\umbus.sys
0x00DA4000 \SystemRoot\system32\DRIVERS\usbhub.sys
0x00FF5000 \SystemRoot\system32\DRIVERS\kbdhid.sys
0x00DEB000 \SystemRoot\System32\Drivers\NDProxy.SYS
0x0680C000 \SystemRoot\system32\drivers\RTKVHD64.sys
0x06938000 \SystemRoot\system32\drivers\portcls.sys
0x06973000 \SystemRoot\system32\drivers\drmk.sys
0x06996000 \SystemRoot\system32\drivers\ksthunk.sys
0x06A03000 \SystemRoot\system32\DRIVERS\smserial.sys
0x06B37000 \SystemRoot\system32\drivers\modem.sys
0x06B46000 \SystemRoot\system32\drivers\MODEMCSA.sys
0x06B53000 \SystemRoot\System32\Drivers\Fs_Rec.SYS
0x06B5D000 \SystemRoot\System32\Drivers\Null.SYS
0x06B66000 \SystemRoot\System32\drivers\vga.sys
0x06B74000 \SystemRoot\System32\drivers\VIDEOPRT.SYS
0x06B99000 \SystemRoot\System32\DRIVERS\RDPCDD.sys
0x06BA2000 \SystemRoot\system32\drivers\rdpencdd.sys
0x06BAB000 \SystemRoot\System32\Drivers\Msfs.SYS
0x06BB6000 \SystemRoot\System32\Drivers\Npfs.SYS
0x06BC7000 \SystemRoot\System32\DRIVERS\rasacd.sys
0x06BD0000 \SystemRoot\system32\DRIVERS\tdx.sys
0x0699C000 \SystemRoot\system32\DRIVERS\smb.sys
0x0660E000 \SystemRoot\system32\drivers\afd.sys
0x0667B000 \SystemRoot\System32\DRIVERS\netbt.sys
0x066BF000 \SystemRoot\system32\DRIVERS\pacer.sys
0x066DD000 \SystemRoot\system32\DRIVERS\netbios.sys
0x066EC000 \SystemRoot\system32\DRIVERS\wanarp.sys
0x06707000 \SystemRoot\system32\DRIVERS\rdbss.sys
0x06755000 \SystemRoot\system32\drivers\nsiproxy.sys
0x06761000 \SystemRoot\System32\Drivers\ElbyCDIO.sys
0x0676C000 \SystemRoot\System32\Drivers\dfsc.sys
0x06789000 \SystemRoot\system32\DRIVERS\avipbb.sys
0x067AB000 \SystemRoot\system32\DRIVERS\usbccgp.sys
0x067C7000 \SystemRoot\System32\Drivers\usbvideo.sys
0x067F1000 \SystemRoot\system32\DRIVERS\hidusb.sys
0x06600000 \SystemRoot\system32\DRIVERS\mouhid.sys
0x06BED000 \SystemRoot\System32\Drivers\crashdmp.sys
0x02200000 \SystemRoot\System32\Drivers\dump_iaStor.sys
0x00030000 \SystemRoot\System32\win32k.sys
0x069B7000 \SystemRoot\System32\drivers\Dxapi.sys
0x069C3000 \SystemRoot\system32\DRIVERS\monitor.sys
0x004F0000 \SystemRoot\System32\TSDDD.dll
0x00690000 \SystemRoot\System32\cdd.dll
0x069D6000 \SystemRoot\system32\drivers\luafv.sys
0x00B95000 \SystemRoot\system32\DRIVERS\avgntflt.sys
0x0AC03000 \SystemRoot\system32\drivers\spsys.sys
0x0AC9D000 \SystemRoot\system32\DRIVERS\lltdio.sys
0x0ACB1000 \SystemRoot\system32\DRIVERS\nwifi.sys
0x0ACE5000 \SystemRoot\system32\DRIVERS\ndisuio.sys
0x0ACF0000 \SystemRoot\system32\DRIVERS\rspndr.sys
0x0AD08000 \SystemRoot\system32\drivers\HTTP.sys
0x0ADA7000 \SystemRoot\System32\DRIVERS\srvnet.sys
0x0ADD0000 \SystemRoot\system32\DRIVERS\bowser.sys
0x00BB2000 \SystemRoot\System32\drivers\mpsdrv.sys
0x00BCC000 \SystemRoot\system32\drivers\mrxdav.sys
0x007C4000 \SystemRoot\system32\DRIVERS\mrxsmb.sys
0x0B000000 \SystemRoot\system32\DRIVERS\mrxsmb10.sys
0x0B049000 \SystemRoot\system32\DRIVERS\mrxsmb20.sys
0x0B068000 \SystemRoot\System32\DRIVERS\srv2.sys
0x0B09A000 \SystemRoot\System32\DRIVERS\srv.sys
0x0B130000 \SystemRoot\system32\drivers\peauth.sys
0x0B1E6000 \SystemRoot\System32\Drivers\secdrv.SYS
0x0B1F1000 \SystemRoot\System32\drivers\tcpipreg.sys
0x0C403000 \SystemRoot\system32\DRIVERS\cdfs.sys
0x77900000 \WINDOWS\System32\ntdll.dll

Processes (total 73):
0 System Idle Process
4 System
548 C:\WINDOWS\System32\smss.exe
680 csrss.exe
724 C:\WINDOWS\System32\wininit.exe
740 csrss.exe
788 C:\WINDOWS\System32\services.exe
816 C:\WINDOWS\System32\lsass.exe
824 C:\WINDOWS\System32\lsm.exe
224 C:\WINDOWS\System32\svchost.exe
308 C:\WINDOWS\System32\winlogon.exe
640 C:\WINDOWS\System32\nvvsvc.exe
840 C:\WINDOWS\System32\svchost.exe
732 C:\WINDOWS\System32\svchost.exe
1052 C:\WINDOWS\System32\svchost.exe
1084 C:\WINDOWS\System32\svchost.exe
1112 C:\WINDOWS\System32\svchost.exe
1180 C:\WINDOWS\System32\audiodg.exe
1256 C:\WINDOWS\System32\SLsvc.exe
1308 C:\WINDOWS\System32\svchost.exe
1424 C:\WINDOWS\System32\svchost.exe
1632 C:\WINDOWS\System32\spoolsv.exe
1640 C:\WINDOWS\System32\taskeng.exe
1688 C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
1712 C:\WINDOWS\System32\svchost.exe
1992 C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
2028 C:\WINDOWS\System32\svchost.exe
860 C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
1012 C:\WINDOWS\SysWOW64\svchost.exe
1336 C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
1880 C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
648 C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
2092 C:\WINDOWS\System32\svchost.exe
2124 C:\Program Files (x86)\CyberLink\Shared Files\RichVideo.exe
2156 C:\WINDOWS\System32\svchost.exe
2212 C:\WINDOWS\System32\svchost.exe
2276 C:\WINDOWS\System32\SearchIndexer.exe
2400 C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
2708 C:\WINDOWS\System32\nvvsvc.exe
3016 C:\WINDOWS\System32\taskeng.exe
2372 C:\WINDOWS\System32\dwm.exe
2428 C:\WINDOWS\explorer.exe
3976 C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
4000 C:\WINDOWS\RAVCpl64.exe
4012 C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
4028 C:\Program Files\Windows Defender\MSASCui.exe
3076 C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
2720 C:\Program Files\Windows Sidebar\sidebar.exe
1288 C:\Program Files (x86)\Skype\Phone\Skype.exe
2552 C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
2676 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
1776 C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
376 C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
896 C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
2304 C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe
2644 C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
3288 C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
2472 WmiPrvSE.exe
2044 C:\Program Files (x86)\Hewlett-Packard\Shared\HpqToaster.exe
3124 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
2588 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
2948 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
1896 C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
2748 C:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Service.exe
1248 C:\WINDOWS\System32\wuauclt.exe
616 C:\WINDOWS\System32\svchost.exe
3792 C:\Program Files (x86)\Mozilla Firefox\firefox.exe
1156 C:\WINDOWS\System32\SearchProtocolHost.exe
3700 C:\WINDOWS\System32\SearchFilterHost.exe
172 dllhost.exe
3660 dllhost.exe
1732 C:\Users\Famille_Buchet\Desktop\MBRCheck.exe
1728 C:\WINDOWS\SysWOW64\conime.exe

\\.\C: --> \\.\PhysicalDrive0 at offset 0x00000000`00007e00 (NTFS)
\\.\D: --> \\.\PhysicalDrive0 at offset 0x00000047`42c1b400 (NTFS)

PhysicalDrive0 Model Number: WDCWD3200BEVT-60ZCT0, Rev: 12.01A12

Size Device Name MBR Status
--------------------------------------------
298 GB \\.\PhysicalDrive0 MBR Code Faked!
SHA1: 00086C8A49BE075162F0D84CFA30ABA43645A295


Found non-standard or infected MBR.
Enter 'Y' and hit ENTER for more options, or 'N' to exit:

Done!

[nickW]

Bonsoir,

Sauvegarde du MBR (Master Boot Record).


MBRCheck (de a_d_13), sauvegarde

Démarrer---->Tous les programmes---->Accessoires---->Exécuter, taper exactement (ou copier/coller) la ligne ci-dessous:

%userprofile%\Bureau\MBRCheck -s 0 -d dump.dat

puis appuyer sur la touche Entrée pour lancer l'exécution de l'outil.
Une petite fenêtre à fond noir va s'ouvrir.
Laisser l'outil travailler sans l'interrompre.
En fin d'exécution, s'affiche le message
...........Dumped successfully!

...........Done!
...........Press ENTER to exit ...

Appuyer sur la touche Entrée pour fermer le programme.

Très important:
Copier le fichier dump.dat (qui se trouve sur le Bureau) sur un support externe, comme une clè USB.

A suivre,

[Damien_B]

Merci pour ton aide, je vais faire ça de suite.
Y a t'il un ''risque'' a connecter un disque dure externe à mon PC?

[Damien_B]

Bonsoir,

Curieusement, je n'ai pas réussi à lancer MRBCheck depuis le bureau...
Mais je l'ai mis sur C:\temp et il a pu tourner. J'ai donc maintenant le fichier dump.dat

[nickW]

Bonsoir,

Il est indispensable de copier le fichier dump.dat sur un support externe (clé USB par exemple). L'as-tu fait?


Utilisation d'un autre outil:


Étape 1: TDSSKiller (de Kaspersky), installation
Télécharger tdsskiller.zip depuis le lien ci-dessous:
http://support.kaspersky.com/downloads/ ... killer.zip

Extraire de l'archive téléchargée le fichier TDSSKiller.exe et le placer sur le Bureau.


Étape 2: TDSSKiller (de Kaspersky), exécution
Faire un double clic sur TDSSKiller.exe pour le lancer.

L'écran de TDSSKiller s'affiche:


Cliquer sur Start scan pour lancer l'analyse.

Lorsque l'outil a terminé son travail d'inspection,

Si des nuisibles ("Malicious objects") ont été détectés, le programme sélectionne automatiquement l'action à effectuer:
*- soit Cure
*- soit Skip. Dans ce cas, cliquer sur la petite flèche vers le bas située à coté de Skip afin d'ouvrir la liste des options disponibles. Si Cure est présent, il faut le sélectionner, mais il ne faut pas choisir Delete ni Quarantine


Si des objects suspects ("Suspicious objects") ont été détectés, sur l'écran de demande de confirmation, modifier l'action à entreprendre et indiquer Quarantine (au lieu de Skip).

Puis cliquer sur le bouton (Continue),

Attendre l'affichage du fichier rapport.

Si l'outil a besoin d'un redémarrage pour finaliser le nettoyage, cliquer sur le bouton (Reboot computer)

Dans tous les cas, faire redémarrer le PC.


Étape 3: Malwarebytes' Anti-Malware, recherche
Fermer toutes les fenêtres de programme ouvertes.
Lancer Malwarebytes' Anti-Malware via le Menu Démarrer.
Dans l'onglet Paramètres, vérifier que toutes les cases sont cochées sauf "Créer une option dans le menu contextuel pour analyser des fichiers (clic droit)".
Dans l'onglet Mise à jour, cliquer sur le bouton Recherche de mise à jour et installer toutes les mises à jour trouvées.
Dans l'onglet Recherche, cocher le bouton radio situé devant "Exécuter un examen rapide" puis cliquer sur le bouton Rechercher, comme ceci:



Attendre sans rien faire d'autre la fin de la recherche; dans la fenêtre annonçant la fin de l'analyse, cliquer sur OK; puis cliquer sur le bouton "Afficher les résultats":


Cliquer sur le bouton "Enregistrer le rapport", valider la sauvegarde, puis cliquer sur le bouton "Quitter"


Étape 4: Résultats
Envoyer en réponse:
*- le rapport de TDSSKiller (contenu du fichier %SystemDrive%\TDSSKiller.Version_Date_Heure_log.txt)
[%SystemDrive% représente la partition sur laquelle est installé le système, généralement C:]
*- le rapport de Malwarebytes' Anti-Malware (contenu du fichier mbam-log-****-**-** (**-**-**).txt situé dans le dossier %SystemDrive%\Users\<tonprofil>\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Logs où ****-**-** (**-**-**) représente la date [année-mois-jour] et l'heure [hh-mn-ss])
[%SystemDrive% représente la partition sur laquelle est installé le système, généralement C:]


Dans ta réponse, n'oublie pas de donner le plus d'informations possible sur l'état du PC: amélioration / disparition / aggravation des symptômes d'infection.

A suivre,