infesctions trojans et adwares

Sécurité et insécurité. Virus, Trojans, Spywares, Failles etc. …

Modérateur: Modérateurs et Modératrices

Règles du forum
Assiste.com a suspendu l'assistance à la décontamination après presque 15 ans sur l'ancien forum puis celui-ci. Voir :

Procédure de décontamination 1 - Anti-malware
Décontamination anti-malwares

Procédure de décontamination 2 - Anti-malware et antivirus (La Manip)
La Manip - Procédure standard de décontamination

Entretien périodique d'un PC sous Windows
Entretien périodique d'un PC sous Windows

Protection des navigateurs, de la navigation et de la vie privée
Protéger le navigateur, la navigation et la vie privée

infesctions trojans et adwares

Messagede Zok974 » 04 Nov 2010, 15:21

Bonjour!
J'ai fait un scan par Pc tools parce qu'il ramait et rame toujours...
et j'ai eu comme trojan bho kmy et generic... et autres
adwares advertisings...
J'ai fait une copie ecran que je peux envoyer...
Je voudrais donc eliminer tout ce vilain monde..
gratuitement si possible...
Merci d'avance!
Tit pas..Tit pas n'arrivé!(proverbe creole réunionnais)
Zok974
 
Messages: 2
Inscription: 04 Nov 2010, 14:56

Messagede nickW » 05 Nov 2010, 01:06

Bonsoir,

Peux-tu suivre les instructions de ce sujet et envoyer les trois rapports demandés dans ce fil de discussion (ne pas créer de nouveau sujet)?

Salut,
nickW - Image
30/07/2012: Plus de désinfection de PC jusqu'à nouvel ordre.
Pas de demande d'analyse de log en MP (Message Privé)
Mes configs
Avatar de l’utilisateur
nickW
Modérateur
 
Messages: 21698
Inscription: 20 Mai 2004, 17:41
Localisation: Dordogne/Île de France

Rapport OTL

Messagede Zok974 » 06 Nov 2010, 18:14

Salut !
Voila le scan d'OTL... les autres suivront...
Car j'ai des problemes de connexion....C'est grave docteur..
Merci encore !
A BIENTOT!

OTL logfile created on: 06/11/2010 19:57:45 - Run 1
OTL by OldTimer - Version 3.2.17.3 Folder = D:\Mes documents\Téléchargements
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 58,00% Memory free
4,00 Gb Paging File | 3,00 Gb Available in Paging File | 81,00% Paging File free
Paging file location(s): C:\pagefile.sys 2000 2974 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files
Drive C: | 76,68 Gb Total Space | 18,40 Gb Free Space | 23,99% Space Free | Partition Type: NTFS
Drive D: | 149,05 Gb Total Space | 73,41 Gb Free Space | 49,25% Space Free | Partition Type: NTFS
Unable to calculate disk information.

Computer Name: E...-A08350F5 | User Name: Olivier | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2010/11/06 19:57:17 | 000,575,488 | ---- | M] (OldTimer Tools) -- D:\Mes documents\Téléchargements\OTL.exe
PRC - [2010/11/01 14:48:05 | 000,016,856 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\plugin-container.exe
PRC - [2010/11/01 14:48:03 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2010/10/25 12:27:44 | 001,096,872 | ---- | M] (Auslogics) -- C:\Program Files\Auslogics\Auslogics BoostSpeed\boostspeed.exe
PRC - [2010/10/13 21:01:13 | 000,064,016 | ---- | M] (F-Secure Corporation) -- C:\Program Files\Orange\Antivirus Firewall\ORSP Client\fsorsp.exe
PRC - [2010/08/16 13:27:09 | 000,783,016 | ---- | M] (F-Secure Corporation) -- C:\Program Files\Orange\Antivirus Firewall\Anti-Virus\fssm32.exe
PRC - [2010/08/16 13:27:09 | 000,492,200 | ---- | M] (F-Secure Corporation) -- C:\Program Files\Orange\Antivirus Firewall\Anti-Virus\fsgk32.exe
PRC - [2010/08/14 17:17:17 | 000,365,248 | ---- | M] (F-Secure Corporation) -- C:\Program Files\Orange\Antivirus Firewall\Anti-Virus\fsav32.exe
PRC - [2010/04/23 11:36:00 | 006,200,412 | ---- | M] (DVDVideoSoft.com Limited ) -- C:\Program Files\Fichiers communs\DVDVideoSoft\FreeStudioManager.exe
PRC - [2009/11/18 20:08:32 | 000,201,128 | ---- | M] (F-Secure Corporation) -- C:\Program Files\Orange\Antivirus Firewall\Common\FSM32.EXE
PRC - [2009/11/18 20:08:32 | 000,188,840 | ---- | M] (F-Secure Corporation) -- C:\Program Files\Orange\Antivirus Firewall\Common\FSMA32.EXE
PRC - [2009/11/18 20:08:32 | 000,090,536 | ---- | M] (F-Secure Corporation) -- C:\Program Files\Orange\Antivirus Firewall\Common\FSHDLL32.EXE
PRC - [2009/11/18 20:07:30 | 000,524,712 | ---- | M] (F-Secure Corporation) -- C:\Program Files\Orange\Antivirus Firewall\FWES\program\fsdfwd.exe
PRC - [2009/11/18 20:06:20 | 000,221,608 | ---- | M] (F-Secure Corporation) -- C:\Program Files\Orange\Antivirus Firewall\Anti-Virus\fsgk32st.exe
PRC - [2009/10/12 19:57:32 | 000,692,224 | ---- | M] () -- C:\Program Files\Orange\MailNotifier\MailNotifier.exe
PRC - [2009/08/24 14:22:34 | 000,069,632 | ---- | M] (France Telecom SA) -- C:\Program Files\Fichiers communs\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
PRC - [2009/01/11 14:19:16 | 000,528,384 | ---- | M] () -- C:\Program Files\Greenshot\Greenshot.exe
PRC - [2009/01/09 15:39:54 | 000,649,224 | ---- | M] (Orange) -- C:\Program Files\Controle Parental\bin\optproxy.exe
PRC - [2008/10/20 23:18:26 | 000,071,096 | ---- | M] () -- C:\Program Files\CDBurnerXP\NMSAccessU.exe
PRC - [2008/09/03 11:40:46 | 000,424,608 | ---- | M] (Orange) -- C:\Program Files\Controle Parental\bin\OPTGui.exe
PRC - [2008/06/10 06:27:04 | 000,144,784 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
PRC - [2008/04/14 06:34:03 | 001,037,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/08/09 11:27:52 | 000,073,728 | ---- | M] (HP) -- C:\WINDOWS\system32\HPZipm12.exe
PRC - [2007/07/31 00:08:16 | 000,462,848 | ---- | M] (LED) -- C:\Program Files\LED\LedWallpaper\LedWallpaper.exe
PRC - [2007/04/23 20:27:48 | 000,185,896 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
PRC - [2006/06/16 06:33:02 | 000,053,248 | R--- | M] (S3 Graphics, Inc.) -- C:\WINDOWS\system32\VTTimer.exe
PRC - [2006/03/02 04:22:04 | 000,577,536 | R--- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\soundman.exe


========== Modules (SafeList) ==========

MOD - [2010/11/06 19:57:17 | 000,575,488 | ---- | M] (OldTimer Tools) -- D:\Mes documents\Téléchargements\OTL.exe
MOD - [2010/08/23 20:12:39 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
MOD - [2010/08/14 18:27:02 | 000,435,760 | ---- | M] (F-Secure Corporation) -- C:\Program Files\Orange\Antivirus Firewall\ExploitShield\fseshook.dll
MOD - [2009/11/18 20:08:30 | 000,176,552 | ---- | M] (F-Secure Corporation) -- c:\Program Files\Orange\Antivirus Firewall\Common\FSPMAPI.DLL
MOD - [2009/11/18 20:08:30 | 000,148,904 | ---- | M] (F-Secure Corporation) -- c:\Program Files\Orange\Antivirus Firewall\Common\FSMA32.DLL
MOD - [2009/11/18 20:08:18 | 000,332,200 | ---- | M] (F-Secure Corporation) -- c:\Program Files\Orange\Antivirus Firewall\HIPS\fshook32.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- C:\windows\System32\appmgmts.dll -- (AppMgmt)
SRV - [2010/10/13 21:01:13 | 000,064,016 | ---- | M] (F-Secure Corporation) [On_Demand | Running] -- C:\Program Files\Orange\Antivirus Firewall\ORSP Client\fsorsp.exe -- (FSORSPClient)
SRV - [2009/11/18 20:08:32 | 000,188,840 | ---- | M] (F-Secure Corporation) [Auto | Running] -- C:\Program Files\Orange\Antivirus Firewall\Common\FSMA32.EXE -- (FSMA)
SRV - [2009/11/18 20:07:30 | 000,524,712 | ---- | M] (F-Secure Corporation) [On_Demand | Running] -- C:\Program Files\Orange\Antivirus Firewall\FWES\Program\fsdfwd.exe -- (FSDFWD)
SRV - [2009/11/18 20:06:20 | 000,221,608 | ---- | M] (F-Secure Corporation) [Auto | Running] -- C:\Program Files\Orange\Antivirus Firewall\Anti-Virus\fsgk32st.exe -- (F-Secure Gatekeeper Handler Starter)
SRV - [2009/08/24 14:22:34 | 000,069,632 | ---- | M] (France Telecom SA) [Auto | Running] -- C:\Program Files\Fichiers communs\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe -- (FTRTSVC)
SRV - [2009/01/09 15:39:54 | 000,649,224 | ---- | M] (Orange) [Auto | Running] -- C:\Program Files\Controle Parental\bin\optproxy.exe -- (OPTENET_FILTER)
SRV - [2008/10/20 23:18:26 | 000,071,096 | ---- | M] () [Auto | Running] -- C:\Program Files\CDBurnerXP\NMSAccessU.exe -- (NMSAccessU)
SRV - [2007/08/09 11:27:52 | 000,073,728 | ---- | M] (HP) [Auto | Running] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12)
SRV - [2006/11/24 21:56:54 | 000,123,064 | ---- | M] (SiSoftware) [On_Demand | Stopped] -- C:\Program Files\SiSoftware\SiSoftware Sandra Lite XIb\Win32\RpcDataSrv.exe -- (SandraDataSrv)
SRV - [2006/11/24 21:56:28 | 001,138,880 | ---- | M] (SiSoftware) [On_Demand | Stopped] -- C:\Program Files\SiSoftware\SiSoftware Sandra Lite XIb\RpcSandraSrv.exe -- (SandraTheSrv)
SRV - [2005/04/04 02:41:10 | 000,069,632 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe -- (IDriverT)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | Auto | Stopped] -- C:\windows\System32\drivers\A4SII300.SYS -- (A4SII300)
DRV - [2010/09/01 19:11:31 | 000,041,624 | ---- | M] () [Kernel | Boot | Running] -- C:\windows\system32\Drivers\fsbts.sys -- (fsbts)
DRV - [2010/08/14 17:17:05 | 000,124,072 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Program Files\Orange\Antivirus Firewall\Anti-Virus\minifilter\fsgk.sys -- (F-Secure Gatekeeper)
DRV - [2010/07/10 02:38:00 | 010,604,128 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2010/06/28 22:36:17 | 000,094,208 | ---- | M] (VSO Software) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ezplay.sys -- (ezplay)
DRV - [2010/06/26 22:54:43 | 000,717,296 | ---- | M] () [Kernel | Boot | Running] -- C:\windows\System32\Drivers\sptd.sys -- (sptd)
DRV - [2009/11/18 20:08:18 | 000,069,928 | ---- | M] (F-Secure Corporation) [Kernel | System | Running] -- C:\Program Files\Orange\Antivirus Firewall\HIPS\drivers\fshs.sys -- (F-Secure HIPS)
DRV - [2009/11/18 20:07:30 | 000,081,864 | ---- | M] (F-Secure Corporation) [Kernel | Boot | Running] -- C:\windows\System32\drivers\fsdfw.sys -- (FSFW)
DRV - [2009/11/18 20:06:22 | 000,041,640 | ---- | M] () [Kernel | Disabled | Stopped] -- C:\Program Files\Orange\Antivirus Firewall\Anti-Virus\win2k\fsfilter.sys -- (F-Secure Filter)
DRV - [2009/11/18 20:06:22 | 000,027,048 | ---- | M] () [Kernel | Disabled | Stopped] -- C:\Program Files\Orange\Antivirus Firewall\Anti-Virus\win2k\fsrec.sys -- (F-Secure Recognizer)
DRV - [2009/06/12 16:35:20 | 000,453,120 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\WLANUHN.sys -- (NBXN720)
DRV - [2009/02/03 18:08:08 | 000,034,688 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\pcampr5.sys -- (PCAMPR5)
DRV - [2009/02/03 18:08:08 | 000,032,128 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\pcandis5.sys -- (PCANDIS5)
DRV - [2008/04/13 22:56:06 | 000,088,320 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\nwlnkipx.sys -- (NwlnkIpx)
DRV - [2008/04/13 13:45:14 | 000,060,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbaudio.sys -- (usbaudio) Pilote USB audio (WDM)
DRV - [2006/07/19 14:13:34 | 000,171,136 | R--- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\emDevice.sys -- (DCamUSBEMPIA)
DRV - [2006/07/19 14:13:22 | 000,005,120 | R--- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\emScan.sys -- (ScanUSBEMPIA)
DRV - [2006/06/22 22:23:52 | 000,808,448 | R--- | M] (S3 Graphics Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\S3gIGPm.sys -- (S3GIGP)
DRV - [2006/03/21 02:45:52 | 003,960,000 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\alcxwdm.sys -- (ALCXWDM) Service for Realtek AC97 Audio (WDM)
DRV - [2006/03/02 16:00:00 | 000,063,232 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnknb.sys -- (NwlnkNb)
DRV - [2006/03/02 16:00:00 | 000,055,936 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkspx.sys -- (NwlnkSpx)
DRV - [2005/03/30 06:19:58 | 000,025,984 | R--- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\emFilter.sys -- (FiltUSBEMPIA)
DRV - [2004/08/04 02:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139) Pilote NT de carte Realtek PCI Fast Ethernet à base RTL8139(A/B/C)
DRV - [2004/03/08 13:55:50 | 000,013,567 | ---- | M] (B.H.A Corporation) [Kernel | System | Running] -- C:\windows\System32\drivers\CDRBSDRV.SYS -- (cdrbsdrv)
DRV - [2002/10/15 23:41:06 | 000,102,220 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sonypvs1.sys -- (sonypvs1)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========


IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.orange.fr
IE - HKCU\..\URLSearchHook: {08C06D61-F1F3-4799-86F8-BE1A89362C85} - Reg Error: Key error. File not found
IE - HKCU\..\URLSearchHook: {AEEC3B59-CA98-4EBA-A140-57B94E283583} - Reg Error: Key error. File not found
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://www.orange.fr/"
FF - prefs.js..extensions.enabledItems: litmus-ff@f-secure.com:1.10
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..network.proxy.type: 0

FF - HKLM\software\mozilla\Firefox\Extensions\\litmus-ff@f-secure.com: C:\Program Files\Orange\Antivirus Firewall\NRS\litmus-ff@f-secure.com [2010/09/07 17:52:23 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/11/01 14:48:17 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/11/01 14:48:17 | 000,000,000 | ---D | M]

[2010/08/17 22:31:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Olivier\Application Data\Mozilla\Extensions
[2010/11/01 13:51:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Olivier\Application Data\Mozilla\Firefox\Profiles\h4r6i9tq.default\extensions
[2010/09/19 13:41:18 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Olivier\Application Data\Mozilla\Firefox\Profiles\h4r6i9tq.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/10/18 21:13:40 | 000,000,000 | ---D | M] (Softonic_France Toolbar) -- C:\Documents and Settings\Olivier\Application Data\Mozilla\Firefox\Profiles\h4r6i9tq.default\extensions\{364d4e0c-543f-4b85-abe3-19551139da4f}
[2010/09/19 12:59:42 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Olivier\Application Data\Mozilla\Firefox\Profiles\h4r6i9tq.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2010/11/01 13:51:28 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010/08/23 20:11:01 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010/10/23 14:23:18 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2010/10/23 14:22:46 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2010/10/11 20:33:04 | 000,001,516 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazon-france.xml
[2010/10/11 20:33:04 | 000,001,822 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\cnrtl-tlfi-fr.xml
[2010/10/11 20:33:04 | 000,000,757 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-france.xml
[2010/10/11 20:33:04 | 000,001,426 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-fr.xml
[2010/10/11 20:33:04 | 000,000,956 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-france.xml

O1 HOSTS File: ([2006/03/02 16:00:00 | 000,000,790 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Aide pour le lien d'Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (no name) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No CLSID value found.
O2 - BHO: (no name) - {A057A204-BACC-4D26-9990-79A187E2698E} - No CLSID value found.
O2 - BHO: (Browsing Protection Class) - {C6867EB7-8350-4856-877F-93CF8AE3DC9C} - C:\Program Files\Orange\Antivirus Firewall\NRS\iescript\baselitmus.dll (F-Secure Corporation)
O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
O3 - HKLM\..\Toolbar: (Browsing Protection Toolbar) - {265EEE8E-3228-44D3-AEA5-F7FDF5860049} - C:\Program Files\Orange\Antivirus Firewall\NRS\iescript\baselitmus.dll (F-Secure Corporation)
O3 - HKLM\..\Toolbar: (no name) - {A057A204-BACC-4D26-9990-79A187E2698E} - No CLSID value found.
O3 - HKLM\..\Toolbar: (barre d'outils Orange) - {D3028143-6145-4318-99D3-3EDCE54A95A9} - C:\Program Files\Orange\ToolbarFR\ToolbarContainer101000315.dll (Orange)
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {4F11ACBB-393F-4C86-A214-FF3D0D155CC3} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {A057A204-BACC-4D26-9990-79A187E2698E} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (barre d'outils Orange) - {D3028143-6145-4318-99D3-3EDCE54A95A9} - C:\Program Files\Orange\ToolbarFR\ToolbarContainer101000315.dll (Orange)
O3 - HKCU\..\Toolbar\WebBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [F-Secure Manager] C:\Program Files\Orange\Antivirus Firewall\Common\FSM32.EXE (F-Secure Corporation)
O4 - HKLM..\Run: [F-Secure TNB] C:\Program Files\Orange\Antivirus Firewall\FSGUI\TNBUtil.exe (F-Secure Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\windows\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\windows\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [OPTENET_GUI] C:\Program Files\Controle Parental\bin\OPTGui.exe (Orange)
O4 - HKLM..\Run: [S3Trayp] C:\windows\System32\S3Trayp.exe (S3 Graphics Co., Ltd.)
O4 - HKLM..\Run: [SoundMan] C:\windows\soundman.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [VTTimer] C:\windows\System32\VTTimer.exe (S3 Graphics, Inc.)
O4 - HKCU..\Run: [MailNotifier] C:\Program Files\Orange\MailNotifier\MailNotifier.exe ()
O4 - Startup: C:\Documents and Settings\Olivier\Menu Démarrer\Programmes\Démarrage\Greenshot.lnk = C:\Program Files\Greenshot\Greenshot.exe ()
O4 - Startup: C:\Documents and Settings\Olivier\Menu Démarrer\Programmes\Démarrage\LedWallpaper.lnk = C:\Program Files\LED\LedWallpaper\LedWallpaper.exe (LED)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Ajouter à Change Mon Ecran - c:\WINDOWS\CmeIE.htm ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\Orange\Antivirus Firewall\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\Orange\Antivirus Firewall\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\Orange\Antivirus Firewall\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files\Orange\Antivirus Firewall\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files\Controle Parental\bin\lsp.dll ()
O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - C:\Program Files\Orange\Antivirus Firewall\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O12 - Plugin for: .spop - C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll File not found
O15 - HKCU\..Trusted Domains: mappy.com ([]http in Trusted sites)
O15 - HKCU\..Trusted Domains: orange.fr ([]http in Trusted sites)
O15 - HKCU\..Trusted Domains: voila.fr ([rw.search.ke] http in Trusted sites)
O15 - HKCU\..Trusted Domains: weborama.fr ([orange] http in Trusted sites)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.microsoft.com/microsoftup ... 9108556125 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinsta ... s-i586.cab (Java Plug-in 1.5.0_06)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_22)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - Reg Error: Key error. File not found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Ma page d'accueil) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Olivier\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Olivier\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/05/01 02:00:00 | 000,051,508 | ---- | M] () - D:\AUTOCONT.SYS -- [ NTFS ]
O33 - MountPoints2\{54176d5b-a702-11db-9c43-806d6172696f}\Shell\AudioCDJob\Command - "" = C:\Program Files\Roxio\RecordNow!\RecordNow.exe -- [2005/05/03 08:30:00 | 001,957,888 | ---- | M] ()
O33 - MountPoints2\{5c80f709-ab10-11db-bc40-0018f3e8ec6d}\Shell - "" = AutoRun
O33 - MountPoints2\{eee5d79d-527c-11de-b881-0018f3e8ec6d}\Shell - "" = AutoRun
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010/11/06 20:00:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Olivier\Application Data\FreeCDRipper
[2010/10/29 20:33:44 | 000,000,000 | ---D | C] -- C:\windows\Sun
[2010/10/28 18:16:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Olivier\Application Data\Auslogics
[2010/10/28 18:16:00 | 000,000,000 | ---D | C] -- C:\Program Files\Auslogics
[2010/10/28 18:13:17 | 004,546,688 | ---- | C] (Auslogics Software Pty Ltd ) -- C:\Documents and Settings\Olivier\Bureau\disk-defrag-setup.exe
[2010/10/28 18:04:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Olivier\Bureau\JkDefragGUI105
[2010/10/28 18:00:10 | 004,141,792 | ---- | C] (Tangysoft Ltd. ) -- C:\Documents and Settings\Olivier\Bureau\UseNeXT_freetrial_416582w[1].exe
[2010/10/28 15:13:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Mozilla
[2010/10/28 15:13:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Mozilla
[2010/10/25 20:39:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2010/10/23 14:23:16 | 000,153,376 | ---- | C] (Sun Microsystems, Inc.) -- C:\windows\System32\javaws.exe
[2010/10/23 14:23:16 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\windows\System32\javaw.exe
[2010/10/23 14:23:16 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\windows\System32\java.exe
[2010/10/23 13:33:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Temp
[2010/10/18 21:14:30 | 000,181,704 | ---- | C] (Soluto LTD.) -- C:\windows\System32\drivers\PCGenFAM.sys
[2010/10/18 21:14:24 | 000,000,000 | ---D | C] -- C:\Program Files\Soluto
[2010/10/18 21:13:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Olivier\Local Settings\Application Data\Softonic_France
[2010/10/18 21:13:47 | 000,000,000 | ---D | C] -- C:\Program Files\Softonic_France
[2010/10/18 21:12:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Soluto
[2010/10/18 21:12:21 | 000,928,816 | ---- | C] (Soluto Inc) -- C:\Documents and Settings\Olivier\Bureau\solutoinstaller.exe
[2010/10/11 20:24:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Olivier\Bureau\JEUX ENFANTS
[2010/10/09 22:16:49 | 000,000,000 | ---D | C] -- D:\Mes documents\Any Audio Converter
[2010/10/09 22:16:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Olivier\Application Data\AnvSoft
[2010/06/28 22:36:17 | 000,094,208 | ---- | C] (VSO Software) -- C:\Documents and Settings\Olivier\Application Data\ezplay.sys
[2008/06/02 22:30:39 | 000,047,360 | ---- | C] (VSO Software) -- C:\Documents and Settings\Olivier\Application Data\pcouffin.sys
[7 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]
[1 C:\*.tmp files -> C:\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010/11/06 20:01:01 | 000,000,238 | ---- | M] () -- C:\windows\tasks\Scheduled Update for Ask Toolbar.job
[2010/11/06 19:40:14 | 000,001,056 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
[2010/11/06 19:26:11 | 000,000,316 | ---- | M] () -- C:\windows\tasks\GlaryInitialize.job
[2010/11/06 19:25:58 | 000,001,052 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
[2010/11/06 19:25:52 | 000,000,458 | ---- | M] () -- C:\windows\tasks\Auslogics BoostSpeed Integrator Start On Windows Logon.job
[2010/11/06 19:25:48 | 000,000,268 | ---- | M] () -- C:\windows\tasks\RegistryBooster.job
[2010/11/06 19:23:19 | 000,013,646 | ---- | M] () -- C:\windows\System32\wpa.dbl
[2010/11/06 19:23:17 | 000,002,048 | --S- | M] () -- C:\windows\bootstat.dat
[2010/11/04 20:25:39 | 000,001,036 | ---- | M] () -- C:\windows\ACROREAD.INI
[2010/11/04 20:25:38 | 000,000,127 | ---- | M] () -- C:\windows\WEBLINK.INI
[2010/11/04 20:11:24 | 000,002,274 | ---- | M] () -- C:\Documents and Settings\Olivier\Bureau\Nouveau Classeur OpenDocument.ods
[2010/11/04 20:10:25 | 000,002,417 | ---- | M] () -- C:\Documents and Settings\Olivier\Bureau\Nouveau Dessin OpenDocument.odg
[2010/11/04 20:07:10 | 000,002,440 | ---- | M] () -- C:\Documents and Settings\Olivier\Bureau\Nouveau Texte OpenDocument (2).odt
[2010/11/01 14:17:06 | 000,098,959 | ---- | M] () -- C:\Documents and Settings\Olivier\Bureau\Problemes ordinateur.jpg
[2010/11/01 13:57:56 | 000,000,904 | ---- | M] () -- C:\Documents and Settings\Olivier\Bureau\Auslogics BoostSpeed.lnk
[2010/10/28 18:16:24 | 000,000,813 | ---- | M] () -- C:\Documents and Settings\Olivier\Bureau\Auslogics Disk Defrag.lnk
[2010/10/28 18:13:52 | 004,546,688 | ---- | M] (Auslogics Software Pty Ltd ) -- C:\Documents and Settings\Olivier\Bureau\disk-defrag-setup.exe
[2010/10/28 18:01:48 | 000,001,532 | ---- | M] () -- C:\Documents and Settings\Olivier\Bureau\UseNeXT.lnk
[2010/10/28 18:00:53 | 004,141,792 | ---- | M] (Tangysoft Ltd. ) -- C:\Documents and Settings\Olivier\Bureau\UseNeXT_freetrial_416582w[1].exe
[2010/10/28 17:58:43 | 003,654,042 | ---- | M] () -- C:\Documents and Settings\Olivier\Bureau\JkDefragGUI105.zip
[2010/10/25 21:02:00 | 000,066,404 | ---- | M] () -- C:\Documents and Settings\Olivier\Bureau\Infections.jpg
[2010/10/23 14:22:43 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\windows\System32\javaws.exe
[2010/10/23 14:22:43 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\windows\System32\javaw.exe
[2010/10/23 14:22:43 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\windows\System32\java.exe
[2010/10/23 14:22:43 | 000,073,728 | ---- | M] (Sun Microsystems, Inc.) -- C:\windows\System32\javacpl.cpl
[2010/10/23 14:22:42 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\windows\System32\deployJava1.dll
[2010/10/23 13:49:10 | 000,000,687 | ---- | M] () -- C:\Documents and Settings\Olivier\Bureau\Glary Utilities.lnk
[2010/10/23 13:32:12 | 000,191,384 | ---- | M] () -- C:\windows\System32\FNTCACHE.DAT
[2010/10/18 21:17:10 | 000,000,098 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\Microsoft.SqlServer.Compact.351.32.bc
[2010/10/18 21:13:28 | 002,695,680 | ---- | M] () -- C:\Documents and Settings\Olivier\Bureau\Softonic_France.exe
[2010/10/18 21:12:32 | 000,928,816 | ---- | M] (Soluto Inc) -- C:\Documents and Settings\Olivier\Bureau\solutoinstaller.exe
[2010/10/18 21:05:28 | 000,897,880 | ---- | M] () -- D:\Mes documents\Poisson papillon raton laveur et corail.odg
[2010/10/18 20:14:55 | 000,006,297 | ---- | M] () -- C:\Documents and Settings\Olivier\Bureau\radio sure bloquage.jpg
[2010/10/18 20:13:57 | 000,000,718 | ---- | M] () -- C:\Documents and Settings\Olivier\Menu Démarrer\Programmes\Démarrage\Greenshot.lnk
[2010/10/13 21:23:15 | 000,001,393 | ---- | M] () -- C:\windows\imsins.BAK
[2010/10/12 12:41:54 | 000,181,704 | ---- | M] (Soluto LTD.) -- C:\windows\System32\drivers\PCGenFAM.sys
[2010/10/10 20:29:54 | 000,000,914 | ---- | M] () -- C:\Documents and Settings\Olivier\Bureau\Free CD Ripper.lnk
[2010/10/10 20:29:54 | 000,000,912 | ---- | M] () -- C:\Documents and Settings\Olivier\Bureau\Free Mp3 Wma Converter.lnk
[2010/10/09 22:35:51 | 000,525,048 | ---- | M] () -- C:\windows\System32\perfh00C.dat
[2010/10/09 22:35:51 | 000,453,946 | ---- | M] () -- C:\windows\System32\perfh009.dat
[2010/10/09 22:35:51 | 000,092,114 | ---- | M] () -- C:\windows\System32\perfc00C.dat
[2010/10/09 22:35:51 | 000,077,512 | ---- | M] () -- C:\windows\System32\perfc009.dat
[7 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]
[1 C:\*.tmp files -> C:\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/11/04 20:11:24 | 000,002,274 | ---- | C] () -- C:\Documents and Settings\Olivier\Bureau\Nouveau Classeur OpenDocument.ods
[2010/11/04 20:10:25 | 000,002,417 | ---- | C] () -- C:\Documents and Settings\Olivier\Bureau\Nouveau Dessin OpenDocument.odg
[2010/11/04 20:07:10 | 000,002,440 | ---- | C] () -- C:\Documents and Settings\Olivier\Bureau\Nouveau Texte OpenDocument (2).odt
[2010/11/01 14:17:06 | 000,098,959 | ---- | C] () -- C:\Documents and Settings\Olivier\Bureau\Problemes ordinateur.jpg
[2010/11/01 13:58:08 | 000,000,458 | ---- | C] () -- C:\windows\tasks\Auslogics BoostSpeed Integrator Start On Windows Logon.job
[2010/11/01 13:57:56 | 000,000,904 | ---- | C] () -- C:\Documents and Settings\Olivier\Bureau\Auslogics BoostSpeed.lnk
[2010/10/28 18:16:24 | 000,000,813 | ---- | C] () -- C:\Documents and Settings\Olivier\Bureau\Auslogics Disk Defrag.lnk
[2010/10/28 17:57:56 | 003,654,042 | ---- | C] () -- C:\Documents and Settings\Olivier\Bureau\JkDefragGUI105.zip
[2010/10/25 21:02:00 | 000,066,404 | ---- | C] () -- C:\Documents and Settings\Olivier\Bureau\Infections.jpg
[2010/10/18 21:18:11 | 000,002,432 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2010/10/18 21:17:10 | 000,000,098 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\Microsoft.SqlServer.Compact.351.32.bc
[2010/10/18 21:12:54 | 002,695,680 | ---- | C] () -- C:\Documents and Settings\Olivier\Bureau\Softonic_France.exe
[2010/10/18 20:30:48 | 000,897,880 | ---- | C] () -- D:\Mes documents\Poisson papillon raton laveur et corail.odg
[2010/10/18 20:14:55 | 000,006,297 | ---- | C] () -- C:\Documents and Settings\Olivier\Bureau\radio sure bloquage.jpg
[2010/09/20 18:31:07 | 000,001,755 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2010/08/29 14:06:30 | 000,073,728 | ---- | C] () -- C:\windows\System32\RtNicProp32.dll
[2010/08/26 20:16:04 | 000,000,027 | ---- | C] () -- C:\windows\APP6E.INI
[2010/08/26 20:15:28 | 000,000,035 | ---- | C] () -- C:\windows\A5W.INI
[2010/08/14 17:07:31 | 000,041,624 | ---- | C] () -- C:\windows\System32\drivers\fsbts.sys
[2010/06/28 22:36:23 | 000,000,034 | ---- | C] () -- C:\Documents and Settings\Olivier\Application Data\ezplay.log
[2010/06/28 22:36:17 | 000,007,861 | ---- | C] () -- C:\Documents and Settings\Olivier\Application Data\ezplay.cat
[2010/06/28 22:36:17 | 000,001,103 | ---- | C] () -- C:\Documents and Settings\Olivier\Application Data\ezplay.inf
[2010/06/28 22:36:17 | 000,000,125 | ---- | C] () -- C:\Documents and Settings\Olivier\Application Data\ezplay.ini
[2010/06/26 23:03:46 | 000,000,201 | ---- | C] () -- C:\Documents and Settings\Olivier\Application Data\burnaware.ini
[2010/06/26 22:08:12 | 000,884,736 | ---- | C] () -- C:\windows\System32\vorbisenc.dll
[2010/06/26 22:08:12 | 000,147,456 | ---- | C] () -- C:\windows\System32\vorbis.dll
[2010/06/26 22:08:12 | 000,045,056 | ---- | C] () -- C:\windows\System32\ogg.dll
[2010/06/26 22:08:11 | 000,491,520 | ---- | C] () -- C:\windows\System32\mp3lib.dll
[2010/06/26 22:08:11 | 000,204,800 | ---- | C] () -- C:\windows\System32\libvorbis.dll
[2010/06/26 22:08:11 | 000,147,522 | ---- | C] () -- C:\windows\System32\language.ini
[2010/06/26 22:08:10 | 000,688,128 | ---- | C] () -- C:\windows\System32\ia32math.dll
[2010/06/26 22:08:10 | 000,484,352 | ---- | C] () -- C:\windows\System32\lame_enc.dll
[2010/06/26 22:08:10 | 000,070,018 | ---- | C] () -- C:\windows\System32\akrip32.dll
[2010/06/26 22:08:10 | 000,045,056 | ---- | C] () -- C:\windows\System32\LameEncShim.dll
[2010/05/15 16:49:21 | 000,000,000 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\PKP_DLer.DAT
[2010/05/15 15:51:07 | 000,000,000 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\PKP_DLdu.DAT
[2009/06/16 22:45:35 | 000,000,471 | ---- | C] () -- C:\windows\MAESTRO.INI
[2009/05/13 19:11:36 | 000,000,611 | ---- | C] () -- C:\windows\mInstall.ini
[2009/05/09 22:44:44 | 000,000,018 | ---- | C] () -- C:\windows\gfact.ini
[2009/04/23 20:00:58 | 000,000,169 | ---- | C] () -- C:\windows\RtlRack.ini
[2009/04/08 23:16:46 | 000,000,166 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\.zreglib
[2009/04/07 23:36:27 | 000,010,240 | ---- | C] () -- C:\windows\System32\vidx16.dll
[2009/03/22 17:39:45 | 000,717,296 | ---- | C] () -- C:\windows\System32\drivers\sptd.sys
[2009/03/10 22:53:21 | 000,069,632 | R--- | C] () -- C:\windows\System32\xmltok.dll
[2009/03/10 22:53:21 | 000,036,864 | R--- | C] () -- C:\windows\System32\xmlparse.dll
[2008/06/02 22:30:53 | 000,000,034 | ---- | C] () -- C:\Documents and Settings\Olivier\Application Data\pcouffin.log
[2008/06/02 22:30:39 | 000,087,608 | ---- | C] () -- C:\Documents and Settings\Olivier\Application Data\inst.exe
[2008/06/02 22:30:39 | 000,007,887 | ---- | C] () -- C:\Documents and Settings\Olivier\Application Data\pcouffin.cat
[2008/06/02 22:30:39 | 000,001,144 | ---- | C] () -- C:\Documents and Settings\Olivier\Application Data\pcouffin.inf
[2008/06/02 21:59:59 | 000,000,634 | ---- | C] () -- C:\windows\cdplayer.ini
[2008/05/27 22:48:01 | 000,000,229 | ---- | C] () -- C:\windows\CDRFDD01.INI
[2008/05/27 22:47:41 | 000,003,296 | ---- | C] () -- C:\windows\CDRFUNST.INI
[2008/05/16 22:31:00 | 000,286,720 | ---- | C] () -- C:\windows\System32\nvnt4cpl.dll
[2007/09/26 19:10:37 | 000,000,754 | ---- | C] () -- C:\windows\WORDPAD.INI
[2007/08/10 17:59:16 | 000,049,058 | ---- | C] () -- C:\Documents and Settings\Olivier\Application Data\JO 2004 Prefs
[2007/07/23 18:37:58 | 000,033,478 | ---- | C] () -- C:\Documents and Settings\Olivier\Application Data\Passeport II Prefs
[2007/07/23 18:37:42 | 000,002,372 | ---- | C] () -- C:\Documents and Settings\Olivier\Application Data\Enregistrement Hachette
[2007/07/19 20:58:10 | 000,003,625 | ---- | C] () -- C:\windows\TVEpaDrv.ini
[2007/07/19 08:09:08 | 000,000,221 | ---- | C] () -- C:\windows\NCLogConfig.ini
[2007/07/18 21:51:39 | 000,077,824 | R--- | C] () -- C:\windows\System32\HPZIDS01.dll
[2007/07/18 21:47:01 | 000,000,741 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\hpzinstall.log
[2007/06/23 21:39:42 | 000,044,544 | ---- | C] () -- C:\windows\System32\Gif89.dll
[2007/06/22 17:26:52 | 000,000,091 | ---- | C] () -- C:\windows\Breaktim.ini
[2007/06/21 21:14:16 | 000,056,832 | ---- | C] () -- C:\windows\System32\IYVU9_32.DLL
[2007/06/03 20:20:42 | 000,000,250 | ---- | C] () -- C:\windows\3dr.ini
[2007/06/03 20:20:42 | 000,000,054 | ---- | C] () -- C:\windows\XHOMEPRF.INI
[2007/06/02 18:16:28 | 000,000,127 | ---- | C] () -- C:\windows\WEBLINK.INI
[2007/05/19 16:29:13 | 000,000,745 | ---- | C] () -- C:\windows\wininit.ini
[2007/05/12 21:44:20 | 000,000,040 | ---- | C] () -- C:\windows\INTER.INI
[2007/05/12 21:43:34 | 000,000,177 | ---- | C] () -- C:\windows\ODBC.INI
[2007/05/12 21:43:20 | 000,019,968 | ---- | C] () -- C:\windows\System32\UNODBC.DLL
[2007/05/12 21:43:20 | 000,012,288 | ---- | C] () -- C:\windows\System32\ODBC3216.DLL
[2007/05/12 21:43:20 | 000,005,792 | ---- | C] () -- C:\windows\System32\ODBC16UT.DLL
[2007/05/12 21:43:20 | 000,003,264 | ---- | C] () -- C:\windows\System32\CPN16UT.DLL
[2007/05/12 21:43:19 | 000,005,632 | ---- | C] () -- C:\windows\System32\CCP3216.DLL
[2007/05/12 21:43:18 | 000,022,016 | ---- | C] () -- C:\windows\System32\ODBCSTF.DLL
[2007/04/25 19:18:55 | 000,001,036 | ---- | C] () -- C:\windows\ACROREAD.INI
[2007/04/25 19:18:55 | 000,000,027 | ---- | C] () -- C:\windows\ACROGRAF.INI
[2007/04/25 18:25:55 | 000,000,190 | ---- | C] () -- C:\windows\omnimp32.ini
[2007/04/23 04:15:29 | 003,596,288 | ---- | C] () -- C:\windows\System32\qt-dx331.dll
[2007/04/23 04:01:47 | 000,012,288 | ---- | C] () -- C:\windows\System32\DivXWMPExtType.dll
[2007/03/21 19:02:10 | 000,001,017 | ---- | C] () -- C:\windows\disney.ini
[2007/03/02 14:44:44 | 000,094,208 | ---- | C] () -- C:\windows\System32\zmbv.dll
[2007/02/20 15:32:15 | 000,200,192 | ---- | C] () -- C:\Documents and Settings\Olivier\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007/02/20 15:21:14 | 000,000,560 | ---- | C] () -- C:\Documents and Settings\Olivier\Application Data\ViewerApp.dat
[2007/02/07 20:15:39 | 000,000,706 | ---- | C] () -- C:\windows\IMAGEIN.INI
[2007/01/30 21:58:19 | 000,003,654 | ---- | C] () -- C:\windows\System32\drivers\Sonyhcp.dll
[2007/01/30 21:40:18 | 000,000,005 | ---- | C] () -- C:\windows\SR.INI
[2007/01/27 16:49:01 | 000,000,018 | ---- | C] () -- C:\windows\cnc.ini
[2007/01/27 16:36:00 | 000,000,114 | ---- | C] () -- C:\windows\WINCHESS.INI
[2007/01/27 15:40:37 | 000,004,092 | ---- | C] () -- C:\windows\SCANFX.INI
[2007/01/23 23:12:43 | 000,000,029 | ---- | C] () -- C:\windows\max3_fr.ini
[2007/01/23 20:06:18 | 000,021,840 | ---- | C] () -- C:\windows\System32\SIntfNT.dll
[2007/01/23 20:06:18 | 000,017,212 | ---- | C] () -- C:\windows\System32\SIntf32.dll
[2007/01/23 20:06:18 | 000,012,067 | ---- | C] () -- C:\windows\System32\SIntf16.dll
[2007/01/22 20:46:06 | 000,000,259 | ---- | C] () -- C:\windows\QTW.INI
[2007/01/18 18:53:29 | 000,004,205 | ---- | C] () -- C:\windows\ODBCINST.INI
[2007/01/18 12:45:30 | 000,000,130 | ---- | C] () -- C:\Documents and Settings\Olivier\Local Settings\Application Data\fusioncache.dat
[2007/01/18 11:31:50 | 000,000,327 | ---- | C] () -- C:\windows\System32\OEMINFO.INI
[2007/01/18 11:30:06 | 000,135,168 | R--- | C] () -- C:\windows\System32\RtlCPAPI.dll
[2007/01/18 11:29:59 | 000,000,164 | R--- | C] () -- C:\windows\avrack.ini
[2007/01/18 11:26:17 | 000,593,938 | ---- | C] () -- C:\windows\System32\x264vfw.dll
[2007/01/18 11:23:57 | 000,016,125 | ---- | C] () -- C:\windows\Ascd_tmp.ini
[2007/01/18 11:23:50 | 000,005,824 | ---- | C] () -- C:\windows\System32\drivers\ASUSHWIO.SYS
[2006/12/08 16:50:14 | 000,180,224 | ---- | C] () -- C:\windows\System32\xvidvfw.dll
[2006/12/08 16:47:54 | 000,815,104 | ---- | C] () -- C:\windows\System32\xvidcore.dll
[2006/06/22 22:19:22 | 002,465,280 | R--- | C] () -- C:\windows\System32\s3gcil_inv.dll
[2005/05/03 18:56:34 | 000,000,000 | ---- | C] () -- C:\windows\System32\px.ini
[2002/10/16 02:54:04 | 000,153,088 | ---- | C] () -- C:\windows\System32\unrar.dll
[2002/03/06 04:00:00 | 000,075,264 | ---- | C] () -- C:\windows\System32\UNACEV2.DLL
[2001/07/07 03:00:00 | 000,003,279 | ---- | C] () -- C:\windows\System32\HPTCPMON.INI
[1999/02/19 16:09:00 | 000,193,536 | ---- | C] () -- C:\windows\System32\LOADSERV.DLL

========== Alternate Data Streams ==========

@Alternate Data Stream - 88 bytes -> D:\Mes documents\CD Segment.bin:SummaryInformation
@Alternate Data Stream - 144 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:07BF512B
@Alternate Data Stream - 142 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:07BF512B
@Alternate Data Stream - 121 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2
@Alternate Data Stream - 109 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:A8ADE5D8

<End>
Tit pas..Tit pas n'arrivé!(proverbe creole réunionnais)
Zok974
 
Messages: 2
Inscription: 04 Nov 2010, 14:56


Retourner vers Sécurité (Contamination - Décontamination)

Qui est en ligne

Utilisateurs parcourant ce forum: Aucun utilisateur enregistré et 20 invités