Il y a actuellement 572 visiteurs
Dimanche 22 Décembre 2024
accueilactualitésdossierscomparer les prixtélécharger gratuitement vos logicielsoffres d'emploiforum informatique
Connexion
Créer un compte

probleme HDD

Un ordinateur qui ralentit, des écrans publicitaires qui apparaissent, des applications qui refusent de démarrer ou encore votre navigateur qui s'obstine à ouvrir une page douteuse sont autant d'éléments qui indiquent que l'intégrité de votre ordinateur est menacée par un virus. Vous trouverez dans ce forum quelques conseils et logiciels pour surfer tranquillement.
Règles du forum
Pour afficher un rapport d'analyse ou un rapport d'infection (HijackThis, OTL, AdwCleaner etc...)‎, veuillez utiliser le système de fichiers joints interne au forum. Seuls les formats les .txt et .log de moins de 1Mo sont acceptés. Pour obtenir de l'aide pour insérer vos fichiers joints, veuillez consulter ce tutoriel

probleme HDD

Message le 26 Mai 2011 09:55

bonjour,
Il y a deux jours lorsque j'ai ouvert ma session mon ordi me dit qu'il y aurait des cluster endommagés sur mon DD et donc je n'avais plus rien sur mon bureau mais les fichiers de mon DD etaient encore visible lorsque je cliquais sur l'onglet ordinateur. J'ai fait une restauration systeme et tout refonctionnais. Le lendemain, meme probleme, impossible de faire une restauration systeme et losque je cliquais sur mon DD il n'y avait plus qu'un seul fichier (BOOTSECT.BAK) alors qu'il m'indiquait autant de place qu'auparavant donc je suppose que mes autres fichiers sont encore là quelque part. De plus lorsque je me connect sur une autre session je peux acceder à internet et aux autres fichiers ( mais meme probleme sur le DD). J'ai fait une recherche de virus avec avast il m'en a trouver un qu'il à supprimer et rien de changer.
Est ce que je dois en déduire que mon DD ou ma carte mere est morte ou y a t 'il une autre solution que de changer le matériel.

Merci de votre réponse.
irishcoffe
Visiteur Confirmé
Visiteur Confirmé
 
Messages: 24
Inscription: 26 Mai 2011 09:28
 


Re: probleme HDD

Message le 26 Mai 2011 19:48

Salut, tu peut toujours essayer ceci:

Tu ouvre l'invitée de commande

Ensuite quand la fenêtre s'ouvre, tu tape dedans:

chkdsk C: /R

Avec de la chance, le système va se remettre en ordre, mais je te suggère quand même de faire un test du disque dur avec un live cd (ultimate boot cd par exemple)

et si ton disque est fichu, le mieux serais de faire une récupération de donnée, tu démarre sur un lice CD de linux (toutou linux par exemple) et tu sauvegarde déjà tout (Menu démarrer, programmes, accessoires, Invite de commande)
Avatar de l'utilisateur
etienne2000
PC-Infopraticien
PC-Infopraticien
 
Messages: 2162
Inscription: 14 Avr 2006 18:39
Localisation: 4E 65 75 63 68 E2 74 65 6C 2F 53 75 69 73 73 65
 

Re: probleme HDD

Message le 27 Mai 2011 08:12

le probleme c'est que je n'ai plus rien dans le menu demarrer donc impossible d'acceder à l invite de comande
irishcoffe
Visiteur Confirmé
Visiteur Confirmé
 
Messages: 24
Inscription: 26 Mai 2011 09:28
 

Re: probleme HDD

Message le 27 Mai 2011 09:15

Bonjour,

Vous pouvez essayer votre DD avec HD Tune => Tutorial HD Tune
Avatar de l'utilisateur
chiva
PC-Infopraticien
PC-Infopraticien
 
Messages: 3146
Inscription: 11 Juin 2007 13:22
Localisation: Au fond de mon calbar
 

Re: probleme HDD

Message le 27 Mai 2011 17:32

je viens de faire un controle de mon HDD avec HD tune et il me m'a rien trouver d'anormal. Ce qui voudrait dire que mon disque dur va bien mais c'est quoi alors qui ne vas pas?
irishcoffe
Visiteur Confirmé
Visiteur Confirmé
 
Messages: 24
Inscription: 26 Mai 2011 09:28
 

Re: probleme HDD

Message le 27 Mai 2011 18:22

Bonsoir Irishcoffee.

? mais c'est quoi alors qui ne vas pas? une infection qui cache tes fichiers peut-être :-?

Je transfère ton post dans la section sécurité.

Un dossier pour préparer l'intervention des helpers :

viewtopic.php?f=19&t=55699

Si tu peux pas tu dis, on trouvera autre chose.

++ ;)
Avatar de l'utilisateur
Pac428
PC-Infopraticien
PC-Infopraticien
 
Messages: 29492
Inscription: 23 Mai 2006 13:25
Localisation: Le Goulag du Maine.
 

Re: probleme HDD

Message le 28 Mai 2011 11:05

irishcoffe
Visiteur Confirmé
Visiteur Confirmé
 
Messages: 24
Inscription: 26 Mai 2011 09:28
 

Re: probleme HDD

Message le 30 Mai 2011 13:21

toujours pas trouver de solution pour mon ordi, toujours les memes problemes et il rame de plus en plus. Pouvez vous me dire s'il est infecté s'il vous plait.

Merci
irishcoffe
Visiteur Confirmé
Visiteur Confirmé
 
Messages: 24
Inscription: 26 Mai 2011 09:28
 

Re: probleme HDD

Message le 03 Juin 2011 22:35

Je remonte ton sujet et je le signale aux helpers, désolé ;)
Avatar de l'utilisateur
Pac428
PC-Infopraticien
PC-Infopraticien
 
Messages: 29492
Inscription: 23 Mai 2006 13:25
Localisation: Le Goulag du Maine.
 

Re: probleme HDD

Message le 03 Juin 2011 22:44

hello les jeunes,

je ne te promet rien mais on va jeter un œil :wink:

* Télécharge >> OTL <<sur ton bureau.

* Fait un double-clic sur l'icône d'OTL pour le lancer

* Assure toi d'avoir fermé toutes les applications en court de fonctionnement.

* Quand la fenêtre d'OTL apparaît, assure toi que dans la section "Rapport" (en haut à droite) la case "rapport minimal " soit cochée.

* Coches les case situées devant "Tous les utilisateurs", " Recherche LOP" et "Recherche Purity".

* Copier et colle le contenue de cette citation dans la partie inférieure d'OTL "personnalisation"

%temp%\smtmp\1\*. /s
%temp%\smtmp\2\*. /s
%temp%\smtmp\4\*. /s
%temp%\smtmp\1\*.* /s
%temp%\smtmp\2\*.* /s
%temp%\smtmp\4\*.* /s
nslookup http://www.google.fr /c
SAVEMBR:0
NetSvcs
%systemroot%\system32\drivers\*.sys /lockedfiles
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%APPDATA%\*.
%APPDATA%\*.exe /s
%SYSTEMDRIVE%\*.exe
netsvcs
%SYSTEMDRIVE%\*.exe
/md5start
dwm.exe
taskhost.exe
taskeng.exe
wscntfy.exe
ctfmon.exe
rdpclip.exe
volsnap.sys
sptd.sys
explorer.exe
userinit.exe
winlogon.exe
wininit.exe
tcpip.sys
Sfloppy.sys
Changer.sys
cdrom.sys
disk.sys
ndis.sys
usbscan.sys
usbprint.sys
tdtcp.sys
tdpipe.sys
swmidi.sys
splitter.sys
rdpwd.sys
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
sceclt.dll
ntelogon.dll
logevent.dll
RASACD.SYS
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
nvrd32.sys
/md5stop
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles


* Cliques sur l'icône "Analyse" (en haut à gauche) .
* Laisse le scan aller à son terme sans te servir du PC
* A la fin du scan deux rapports vont s'ouvrir "OTL.Txt" et ( ou ) "Extras.Txt"( réduit dans la barre des taches).
* Copie et colle les rapports dans ta réponse stp...
* Au cas où, tu peux les retrouver dans le dossier C:\OTL
Avatar de l'utilisateur
jeanmimigab
PC-Infopraticien
PC-Infopraticien
 
Messages: 2986
Inscription: 29 Nov 2009 12:05
 

Re: probleme HDD

Message le 04 Juin 2011 08:54

bonjour,
Merci pour vos réponse. Voici mon rapport OTL
OTL logfile created on: 04/06/2011 09:15:12 - Run 2
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\celine1\Desktop
Windows Vista Home Basic Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19048)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 61,00% Memory free
5,00 Gb Paging File | 5,00 Gb Available in Paging File | 83,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 137,05 Gb Total Space | 37,70 Gb Free Space | 27,51% Space Free | Partition Type: NTFS

Computer Name: PC-DE-CÉLINE | User Name: celine1 | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Users\celine1\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation)
PRC - C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation)
PRC - C:\Program Files\Nero\Update\NASvc.exe (Nero AG)
PRC - C:\Program Files\CDBurnerXP\NMSAccessU.exe ()
PRC - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe (TomTom)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Windows\System32\conime.exe (Microsoft Corporation)
PRC - C:\Windows\System32\wsqmcons.exe (Microsoft Corporation)
PRC - C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe ()
PRC - C:\Program Files\ATK Hotkey\Hcontrol.exe (ATK0100)
PRC - C:\Program Files\ATK Hotkey\ASLDRSrv.exe ()
PRC - C:\Program Files\ATK Hotkey\ATKOSD.exe ()
PRC - C:\Windows\System32\wpcumi.exe (Microsoft Corporation)


========== Modules (SafeList) ==========

MOD - C:\Users\celine1\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\Program Files\Alwil Software\Avast5\snxhk.dll (AVAST Software)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18523_none_5cdd65e20837faf2\comctl32.dll (Microsoft Corporation)


========== Win32 Services (SafeList) ==========

SRV - (NMIndexingService) -- File not found
SRV - (ekrn) -- File not found
SRV - (EhttpSrv) -- File not found
SRV - (CarboniteService) -- File not found
SRV - (Boonty Games) -- C:\Program Files\Common Files\BOONTY Shared\Service\Boonty.exe (BOONTY)
SRV - (sftvsa) -- C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation)
SRV - (sftlist) -- C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation)
SRV - (NAUpdate) -- C:\Program Files\Nero\Update\NASvc.exe (Nero AG)
SRV - (McComponentHostService) -- C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe (McAfee, Inc.)
SRV - (NMSAccessU) -- C:\Program Files\CDBurnerXP\NMSAccessU.exe ()
SRV - (TomTomHOMEService) -- C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe (TomTom)
SRV - (Symantec Core LC) -- C:\PROGRA~1\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe ()
SRV - (FLEXnet Licensing Service) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Macrovision Europe Ltd.)
SRV - (ezSharedSvc) -- C:\Windows\System32\ezsvc7.dll (EasyBits Sofware AS)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SRV - (AdobeActiveFileMonitor6.0) -- C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe ()
SRV - (ASLDRService) -- C:\Program Files\ATK Hotkey\ASLDRSrv.exe ()


========== Driver Services (SafeList) ==========

DRV - (aswTdi) -- File not found
DRV - (aswSP) -- File not found
DRV - (aswRdr) -- File not found
DRV - (aswMonFlt) -- File not found
DRV - (aswFsBlk) -- File not found
DRV - (atksgt) -- C:\Windows\System32\drivers\atksgt.sys ()
DRV - (lirsgt) -- C:\Windows\System32\drivers\lirsgt.sys ()
DRV - (Sftvol) -- C:\Windows\System32\drivers\Sftvollh.sys (Microsoft Corporation)
DRV - (Sftredir) -- C:\Windows\System32\drivers\Sftredirlh.sys (Microsoft Corporation)
DRV - (Sftplay) -- C:\Windows\System32\drivers\Sftplaylh.sys (Microsoft Corporation)
DRV - (Sftfs) -- C:\Windows\System32\drivers\Sftfslh.sys (Microsoft Corporation)
DRV - (StarOpen) -- C:\Windows\System32\drivers\StarOpen.sys ()
DRV - (SE1008mdm) -- C:\Windows\System32\drivers\SE1008mdm.sys (Sony Ericsson)
DRV - (JL2005C) -- C:\Windows\System32\drivers\jl2005c.sys (Windows (R) 2000 DDK provider)
DRV - (SNP2UVC) USB2.0 PC Camera (SNP2UVC) -- C:\Windows\System32\drivers\snp2uvc.sys ()
DRV - (athr) -- C:\Windows\System32\drivers\athr.sys (Atheros Communications, Inc.)
DRV - (atikmdag) -- C:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV - (rimmptsk) -- C:\Windows\System32\drivers\rimmptsk.sys (REDC)
DRV - (rimsptsk) -- C:\Windows\System32\drivers\rimsptsk.sys (REDC)
DRV - (RTL8023xp) -- C:\Windows\System32\drivers\Rtnicxp.sys (Realtek Semiconductor Corporation )
DRV - (MTsensor) -- C:\Windows\System32\drivers\ATKACPI.sys (ATK0100)
DRV - (USBModem) -- C:\Windows\System32\drivers\lgusbmodem.sys (LG Electronics Inc.)
DRV - (UsbDiag) -- C:\Windows\System32\drivers\lgusbdiag.sys (LG Electronics Inc.)
DRV - (usbbus) -- C:\Windows\System32\drivers\lgusbbus.sys (LG Electronics Inc.)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\..\URLSearchHook: {22e03916-85c5-44b0-8dc9-1830c11238d9} - C:\Program Files\Elf_1\prxtbElf0.dll (Conduit Ltd.)
IE - HKLM\..\URLSearchHook: {bf0ad41b-165c-42e1-8f4c-31ef000f9e77} - C:\Program Files\Bigpoint_Games_FR\prxtbBig0.dll (Conduit Ltd.)


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-1937009126-742563726-1599648258-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.packardbell.com/?id=9136
IE - HKU\S-1-5-21-1937009126-742563726-1599648258-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.packardbell.com/?id=9136
IE - HKU\S-1-5-21-1937009126-742563726-1599648258-1006\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

FF - HKLM\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird


O1 HOSTS File: ([2006/09/18 23:41:30 | 000,000,761 | -H-- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Aide pour le lien d'Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Elf 1 Toolbar) - {22e03916-85c5-44b0-8dc9-1830c11238d9} - C:\Program Files\Elf_1\prxtbElf0.dll (Conduit Ltd.)
O2 - BHO: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.6209.1142\swg.dll (Google Inc.)
O2 - BHO: (Bigpoint Games FR Toolbar) - {bf0ad41b-165c-42e1-8f4c-31ef000f9e77} - C:\Program Files\Bigpoint_Games_FR\prxtbBig0.dll (Conduit Ltd.)
O2 - BHO: (Nero Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
O3 - HKLM\..\Toolbar: (Elf 1 Toolbar) - {22e03916-85c5-44b0-8dc9-1830c11238d9} - C:\Program Files\Elf_1\prxtbElf0.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Bigpoint Games FR Toolbar) - {bf0ad41b-165c-42e1-8f4c-31ef000f9e77} - C:\Program Files\Bigpoint_Games_FR\prxtbBig0.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Nero Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
O3 - HKU\S-1-5-21-1937009126-742563726-1599648258-1006\..\Toolbar\WebBrowser: (Elf 1 Toolbar) - {22E03916-85C5-44B0-8DC9-1830C11238D9} - C:\Program Files\Elf_1\prxtbElf0.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-1937009126-742563726-1599648258-1006\..\Toolbar\WebBrowser: (Bigpoint Games FR Toolbar) - {BF0AD41B-165C-42E1-8F4C-31EF000F9E77} - C:\Program Files\Bigpoint_Games_FR\prxtbBig0.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-1937009126-742563726-1599648258-1006\..\Toolbar\WebBrowser: (Nero Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [avast] File not found
O4 - HKLM..\Run: [WPCUMI] C:\Windows\System32\wpcumi.exe (Microsoft Corporation)
O4 - HKU\.DEFAULT..\Run: [PixVillage] C:\Program Files\PixVillage\pixvillage.exe (BBCG Software)
O4 - HKU\S-1-5-18..\Run: [PixVillage] C:\Program Files\PixVillage\pixvillage.exe (BBCG Software)
O4 - HKU\S-1-5-19..\Run: [PixVillage] C:\Program Files\PixVillage\pixvillage.exe (BBCG Software)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [PixVillage] C:\Program Files\PixVillage\pixvillage.exe (BBCG Software)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-1937009126-742563726-1599648258-1006..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-1937009126-742563726-1599648258-1006..\RunOnce: [FlashPlayerUpdate] C:\Windows\System32\Macromed\Flash\FlashUtil10p_ActiveX.exe (Adobe Systems, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 1
O7 - HKU\S-1-5-21-1937009126-742563726-1599648258-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1937009126-742563726-1599648258-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKU\S-1-5-21-1937009126-742563726-1599648258-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O9 - Extra Button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/fl ... rashim.cab (Reg Error: Key error.)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 212.27.40.241 212.27.40.240
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\PROGRA~1\COMMON~1\MICROS~1\WEBCOM~1\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\ezShellStart.exe) - C:\Windows\System32\ezShellStart.exe (EasyBits Software AS)
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img24.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img24.jpg
O28 - HKLM ShellExecuteHooks: {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\System32\ezUPBHook.dll (EasyBits Software Corp.)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 23:43:36 | 000,000,024 | -H-- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
Unable to save MBR. Invalid drive designation: 0

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - File not found
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found
NetSvcs: ezSharedSvc - C:\Windows\System32\ezsvc7.dll (EasyBits Sofware AS)

MsConfig - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Microsoft Office.lnk - C:\PROGRA~1\MICROS~3\Office10\OSA.EXE - (Microsoft Corporation)
MsConfig - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Philips SA011 Gestionnaire de piphiques.lnk - C:\PROGRA~1\Philips\GOGEAR~1\main.exe - (KeenHigh Tech.)
MsConfig - StartUpFolder: C:^Users^Céline^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2007 - Capture d'écran et lancement.lnk - C:\PROGRA~1\MICROS~3\Office12\ONENOTEM.EXE - (Microsoft Corporation)
MsConfig - StartUpReg: Adobe Reader Speed Launcher - hkey= - key= - C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
MsConfig - StartUpReg: AdobeUpdater - hkey= - key= - C:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater.exe (Adobe Systems Incorporated)
MsConfig - StartUpReg: egui - hkey= - key= - File not found
MsConfig - StartUpReg: IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} - hkey= - key= - File not found
MsConfig - StartUpReg: QuickTime Task - hkey= - key= - C:\Program Files\QuickTime\QTTask.exe (Apple Inc.)
MsConfig - StartUpReg: RtHDVCpl - hkey= - key= - C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
MsConfig - StartUpReg: Skytel - hkey= - key= - C:\Windows\SkyTel.exe (Realtek Semiconductor Corp.)
MsConfig - StartUpReg: Speech Recognition - hkey= - key= - C:\Windows\Speech\Common\sapisvr.exe (Microsoft Corporation)
MsConfig - StartUpReg: StartCCC - hkey= - key= - C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe ()
MsConfig - StartUpReg: SynTPEnh - hkey= - key= - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics, Inc.)
MsConfig - StartUpReg: TomTomHOME.exe - hkey= - key= - C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe (TomTom)
MsConfig - StartUpReg: toolbar_eula_launcher - hkey= - key= - C:\Program Files\Packard Bell\GOOGLE_EULA\EULALauncher.exe ( )
MsConfig - StartUpReg: Windows Defender - hkey= - key= - File not found
MsConfig - StartUpReg: WMPNSCFG - hkey= - key= - C:\Program Files\Windows Media Player\WMPNSCFG.exe (Microsoft Corporation)

SafeBootMin: AppMgmt - Service
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: NTDS - File not found
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: WinDefend - C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

SafeBootNet: AppMgmt - Service
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: NTDS - File not found
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: WinDefend - C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} -
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 11.0
ActiveX: {233C1507-6A77-46A4-9443-F871F945D258} - Adobe Shockwave Director 10.3
ActiveX: {2A202491-F00D-11cf-87CC-0020AFEECF20} - Adobe Shockwave Director 10.3
ActiveX: {2A3320D6-C805-4280-B423-B665BDE33D8F} - Microsoft .NET Framework 1.1 Security Update (KB979906)
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {2F6EFCE6-10DF-49F9-9E64-9AE3775B2588} - Microsoft .NET Framework 1.1 Security Update (KB2416447)
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework
ActiveX: {3D20B5F3-7F82-408B-D63B-77AADFB6F2DC} -
ActiveX: {411EDCF7-755D-414E-A74B-3DCD6583F589} - Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} -
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - Dossiers Web
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C6BAF60B-6E91-453F-BFF9-D3789CFEFCDD} - .NET Framework
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP

Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\Windows\System32\SL_ANET.ACM (Sipro Lab Telecom Inc.)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\Windows\System32\DivX.dll (DivX, Inc.)
Drivers32: VIDC.JDCT - C:\Windows\System32\jl_jdct.drv (JEILIN Tech.)
Drivers32: vidc.yv12 - C:\Windows\System32\DivX.dll (DivX, Inc.)

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - File not found
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found
NetSvcs: ezSharedSvc - C:\Windows\System32\ezsvc7.dll (EasyBits Sofware AS)

========== Files/Folders - Created Within 30 Days ==========

[2011/06/03 21:27:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Multi Virus Cleaner 2011
[2011/05/28 14:56:01 | 000,000,000 | ---D | C] -- C:\Users\celine1\AppData\Local\Apple
[2011/05/28 11:08:01 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Users\celine1\Desktop\OTL.exe
[2011/05/27 16:14:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HD Tune
[2011/05/27 16:14:07 | 000,000,000 | ---D | C] -- C:\Program Files\HD Tune
[2011/05/27 15:55:37 | 000,000,000 | ---D | C] -- C:\Users\celine1\AppData\Local\Adobe
[2011/05/26 16:40:28 | 000,000,000 | ---D | C] -- C:\Users\celine1\AppData\Local\VirtualStore
[2011/05/26 15:47:47 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2011/05/26 15:47:47 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2011/05/26 11:23:26 | 000,000,000 | ---D | C] -- C:\Users\celine1\AppData\Local\Microsoft Games
[2011/05/26 11:04:57 | 000,000,000 | ---D | C] -- C:\Windows\Sun
[2011/05/26 10:27:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab Setup Files
[2011/05/26 10:07:15 | 000,000,000 | ---D | C] -- C:\Users\celine1\AppData\Local\Conduit
[2011/05/26 10:07:14 | 000,000,000 | ---D | C] -- C:\Users\celine1\AppData\Local\CrashDumps
[2011/05/26 10:06:58 | 000,000,000 | ---D | C] -- C:\Users\celine1\AppData\Roaming\Macromedia
[2011/05/26 10:06:39 | 000,000,000 | ---D | C] -- C:\Users\celine1\AppData\Roaming\Adobe
[2011/05/26 10:04:51 | 000,000,000 | R--D | C] -- C:\Users\celine1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2011/05/26 10:04:51 | 000,000,000 | R--D | C] -- C:\Users\celine1\Searches
[2011/05/26 10:04:51 | 000,000,000 | R--D | C] -- C:\Users\celine1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2011/05/26 10:04:38 | 000,000,000 | ---D | C] -- C:\Users\celine1\AppData\Roaming\Identities
[2011/05/26 10:04:36 | 000,000,000 | R--D | C] -- C:\Users\celine1\Contacts
[2011/05/26 10:04:24 | 000,000,000 | -HSD | C] -- C:\Users\celine1\Voisinage réseau
[2011/05/26 10:04:24 | 000,000,000 | -HSD | C] -- C:\Users\celine1\Voisinage d'impression
[2011/05/26 10:04:24 | 000,000,000 | -HSD | C] -- C:\Users\celine1\AppData\Local\Temporary Internet Files
[2011/05/26 10:04:24 | 000,000,000 | -HSD | C] -- C:\Users\celine1\SendTo
[2011/05/26 10:04:24 | 000,000,000 | -HSD | C] -- C:\Users\celine1\Recent
[2011/05/26 10:04:24 | 000,000,000 | -HSD | C] -- C:\Users\celine1\Modèles
[2011/05/26 10:04:24 | 000,000,000 | -HSD | C] -- C:\Users\celine1\Documents\Mes vidéos
[2011/05/26 10:04:24 | 000,000,000 | -HSD | C] -- C:\Users\celine1\Documents\Mes images
[2011/05/26 10:04:24 | 000,000,000 | -HSD | C] -- C:\Users\celine1\Mes documents
[2011/05/26 10:04:24 | 000,000,000 | -HSD | C] -- C:\Users\celine1\Menu Démarrer
[2011/05/26 10:04:24 | 000,000,000 | -HSD | C] -- C:\Users\celine1\Documents\Ma musique
[2011/05/26 10:04:24 | 000,000,000 | -HSD | C] -- C:\Users\celine1\Local Settings
[2011/05/26 10:04:24 | 000,000,000 | -HSD | C] -- C:\Users\celine1\AppData\Local\Historique
[2011/05/26 10:04:24 | 000,000,000 | -HSD | C] -- C:\Users\celine1\Cookies
[2011/05/26 10:04:24 | 000,000,000 | -HSD | C] -- C:\Users\celine1\Application Data
[2011/05/26 10:04:24 | 000,000,000 | -HSD | C] -- C:\Users\celine1\AppData\Local\Application Data
[2011/05/26 10:04:22 | 000,000,000 | --SD | C] -- C:\Users\celine1\AppData\Roaming\Microsoft
[2011/05/26 10:04:22 | 000,000,000 | RH-D | C] -- C:\Users\celine1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2011/05/26 10:04:22 | 000,000,000 | RH-D | C] -- C:\Users\celine1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2011/05/26 10:04:22 | 000,000,000 | R--D | C] -- C:\Users\celine1\Videos
[2011/05/26 10:04:22 | 000,000,000 | R--D | C] -- C:\Users\celine1\Saved Games
[2011/05/26 10:04:22 | 000,000,000 | R--D | C] -- C:\Users\celine1\Pictures
[2011/05/26 10:04:22 | 000,000,000 | R--D | C] -- C:\Users\celine1\Music
[2011/05/26 10:04:22 | 000,000,000 | R--D | C] -- C:\Users\celine1\Links
[2011/05/26 10:04:22 | 000,000,000 | R--D | C] -- C:\Users\celine1\Favorites
[2011/05/26 10:04:22 | 000,000,000 | R--D | C] -- C:\Users\celine1\Downloads
[2011/05/26 10:04:22 | 000,000,000 | R--D | C] -- C:\Users\celine1\Documents
[2011/05/26 10:04:22 | 000,000,000 | R--D | C] -- C:\Users\celine1\Desktop
[2011/05/26 10:04:22 | 000,000,000 | -H-D | C] -- C:\Users\celine1\AppData\Local\Temp
[2011/05/26 10:04:22 | 000,000,000 | -H-D | C] -- C:\Users\celine1\AppData\Local\Microsoft Help
[2011/05/26 10:04:22 | 000,000,000 | -H-D | C] -- C:\Users\celine1\AppData\Local\Microsoft
[2011/05/26 10:04:22 | 000,000,000 | -H-D | C] -- C:\Users\celine1\AppData
[2011/05/24 16:05:53 | 000,335,872 | -H-- | C] (Microsoft Corporation) -- C:\ProgramData\46128888.exe
[2011/05/24 15:57:12 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\beep.sys
[2011/05/18 09:37:21 | 000,000,000 | -H-D | C] -- C:\Program Files\Bigpoint_Games_FR
[2011/05/15 16:50:29 | 000,000,000 | -H-D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
[2011/05/12 16:10:02 | 000,000,000 | -H-D | C] -- C:\ProgramData\McAfee Security Scan
[2011/05/12 16:10:01 | 000,000,000 | -H-D | C] -- C:\ProgramData\McAfee
[2011/05/12 16:09:57 | 000,000,000 | -H-D | C] -- C:\Program Files\McAfee Security Scan
[2011/05/09 10:54:21 | 000,000,000 | -H-D | C] -- C:\ProgramData\Balls
[2011/05/06 11:12:54 | 000,000,000 | -H-D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
[2011/05/06 11:12:34 | 000,000,000 | -H-D | C] -- C:\Program Files\QuickTime
[2011/05/06 11:12:34 | 000,000,000 | -H-D | C] -- C:\ProgramData\Apple Computer
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/06/04 09:20:00 | 000,000,434 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{A0DEDE41-8B8B-40DE-A6FF-2B4C2A8AF227}.job
[2011/06/04 09:19:00 | 000,001,082 | -H-- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1937009126-742563726-1599648258-1000UA.job
[2011/06/04 09:19:00 | 000,001,030 | -H-- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1937009126-742563726-1599648258-1000Core.job
[2011/06/04 09:06:00 | 000,001,056 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA1cc22747ab980f0.job
[2011/06/04 09:00:00 | 000,000,342 | -H-- | M] () -- C:\Windows\tasks\Extension de garantie-Céline.job
[2011/06/04 07:23:22 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011/06/04 07:23:22 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011/06/04 07:06:00 | 000,001,052 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore1cc2274791b51b0.job
[2011/06/03 23:08:19 | 000,001,115 | ---- | M] () -- C:\Users\celine1\Desktop\Multi Virus Cleaner 2011.lnk
[2011/06/03 22:32:13 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/06/02 09:16:11 | 000,000,680 | ---- | M] () -- C:\Users\celine1\AppData\Local\d3d9caps.dat
[2011/05/30 22:52:20 | 000,000,476 | -H-- | M] () -- C:\Windows\tasks\Norton Security Scan for Céline.job
[2011/05/28 11:08:06 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\celine1\Desktop\OTL.exe
[2011/05/27 16:14:07 | 000,000,738 | ---- | M] () -- C:\Users\celine1\Desktop\HD Tune.lnk
[2011/05/26 15:37:52 | 000,000,290 | RHS- | M] () -- C:\ProgramData\ntuser.pol
[2011/05/26 10:06:11 | 000,000,946 | ---- | M] () -- C:\Users\celine1\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2011/05/26 10:04:25 | 000,000,664 | RHS- | M] () -- C:\Users\celine1\ntuser.pol
[2011/05/24 19:14:10 | 000,222,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe
[2011/05/24 16:06:16 | 000,000,152 | -H-- | M] () -- C:\ProgramData\~46128888r
[2011/05/24 16:06:16 | 000,000,120 | -H-- | M] () -- C:\ProgramData\~46128888
[2011/05/24 16:05:56 | 000,000,344 | -H-- | M] () -- C:\ProgramData\46128888
[2011/05/24 16:05:54 | 000,335,872 | -H-- | M] (Microsoft Corporation) -- C:\ProgramData\46128888.exe
[2011/05/22 19:41:03 | 000,002,577 | -H-- | M] () -- C:\Windows\System32\config.nt
[2011/05/22 09:59:02 | 000,000,144 | -H-- | M] () -- C:\ProgramData\~44883704r
[2011/05/22 09:59:02 | 000,000,120 | -H-- | M] () -- C:\ProgramData\~44883704
[2011/05/22 09:55:48 | 000,000,392 | -H-- | M] () -- C:\ProgramData\44883704
[2011/05/19 21:31:14 | 000,075,466 | -H-- | M] () -- C:\dxdiag.xml
[2011/05/19 17:54:45 | 000,689,338 | -H-- | M] () -- C:\Windows\System32\perfh00C.dat
[2011/05/19 17:54:44 | 000,605,208 | -H-- | M] () -- C:\Windows\System32\perfh009.dat
[2011/05/19 17:54:44 | 000,131,674 | -H-- | M] () -- C:\Windows\System32\perfc00C.dat
[2011/05/19 17:54:44 | 000,108,282 | -H-- | M] () -- C:\Windows\System32\perfc009.dat
[2011/05/16 20:00:00 | 000,000,702 | -H-- | M] () -- C:\Windows\tasks\Norton Internet Security - Effectuer une analyse complète du système - Céline.job
[2011/05/16 10:02:01 | 000,001,958 | -H-- | M] () -- C:\Users\celine1\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/06/04 07:01:35 | 000,001,056 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA1cc22747ab980f0.job
[2011/06/04 07:01:33 | 000,001,052 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore1cc2274791b51b0.job
[2011/06/03 21:27:52 | 000,001,115 | ---- | C] () -- C:\Users\celine1\Desktop\Multi Virus Cleaner 2011.lnk
[2011/05/27 16:14:07 | 000,000,738 | ---- | C] () -- C:\Users\celine1\Desktop\HD Tune.lnk
[2011/05/26 15:37:52 | 000,000,290 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2011/05/26 12:24:06 | 000,000,680 | ---- | C] () -- C:\Users\celine1\AppData\Local\d3d9caps.dat
[2011/05/26 10:06:11 | 000,000,946 | ---- | C] () -- C:\Users\celine1\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2011/05/26 10:04:55 | 000,000,952 | ---- | C] () -- C:\Users\celine1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2011/05/26 10:04:50 | 000,000,947 | ---- | C] () -- C:\Users\celine1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
[2011/05/26 10:04:35 | 000,000,918 | ---- | C] () -- C:\Users\celine1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk
[2011/05/26 10:04:25 | 000,000,664 | RHS- | C] () -- C:\Users\celine1\ntuser.pol
[2011/05/26 10:04:23 | 000,001,958 | -H-- | C] () -- C:\Users\celine1\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2011/05/26 10:04:23 | 000,000,258 | -H-- | C] () -- C:\Users\celine1\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2011/05/26 10:04:23 | 000,000,240 | -H-- | C] () -- C:\Users\celine1\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2011/05/24 16:06:16 | 000,000,152 | -H-- | C] () -- C:\ProgramData\~46128888r
[2011/05/24 16:06:12 | 000,000,120 | -H-- | C] () -- C:\ProgramData\~46128888
[2011/05/24 16:05:56 | 000,000,344 | -H-- | C] () -- C:\ProgramData\46128888
[2011/05/22 00:30:00 | 000,000,144 | -H-- | C] () -- C:\ProgramData\~44883704r
[2011/05/22 00:30:00 | 000,000,120 | -H-- | C] () -- C:\ProgramData\~44883704
[2011/05/22 00:29:51 | 000,000,392 | -H-- | C] () -- C:\ProgramData\44883704
[2010/10/23 19:06:20 | 000,000,032 | -H-- | C] () -- C:\Windows\Menu.INI
[2010/09/30 18:13:22 | 000,075,466 | -H-- | C] () -- \dxdiag.xml
[2010/07/04 11:50:08 | 000,278,984 | -H-- | C] () -- C:\Windows\System32\drivers\atksgt.sys
[2010/07/04 11:50:08 | 000,025,416 | -H-- | C] () -- C:\Windows\System32\drivers\lirsgt.sys
[2010/03/07 14:22:44 | 000,000,039 | -H-- | C] () -- C:\Windows\BELOTEXP.INI
[2009/12/20 18:52:55 | 000,049,152 | -H-- | C] () -- C:\Windows\System32\dec_jl6.dll
[2009/10/17 11:34:44 | 000,007,168 | -H-- | C] () -- C:\Windows\System32\drivers\StarOpen.sys
[2009/06/06 17:30:29 | 000,033,061 | -H-- | C] () -- C:\Windows\king-uninstall.exe
[2009/05/03 13:29:55 | 000,000,056 | -H-- | C] () -- C:\Windows\System32\ezsidmv.dat
[2009/05/03 13:29:31 | 000,008,172 | -H-- | C] () -- C:\Windows\System32\ezdigsgn.dat
[2009/05/02 18:09:56 | 000,000,382 | -H-- | C] () -- C:\Windows\ODBC.INI
[2009/04/26 13:43:02 | 000,106,605 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2009/04/26 13:43:02 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2009/04/24 16:35:42 | 3131,334,656 | -HS- | C] () --
[2008/11/26 04:34:17 | 000,689,338 | -H-- | C] () -- C:\Windows\System32\perfh00C.dat
[2008/11/26 04:34:17 | 000,340,236 | -H-- | C] () -- C:\Windows\System32\perfi00C.dat
[2008/11/26 04:34:17 | 000,131,674 | -H-- | C] () -- C:\Windows\System32\perfc00C.dat
[2008/11/26 04:34:17 | 000,037,390 | -H-- | C] () -- C:\Windows\System32\perfd00C.dat
[2008/11/26 04:25:05 | 000,008,192 | R-S- | C] () -- \BOOTSECT.BAK
[2008/11/26 04:24:50 | 001,769,984 | -H-- | C] () -- C:\Windows\System32\drivers\snp2uvc.sys
[2008/11/26 04:24:50 | 000,028,160 | -H-- | C] () -- C:\Windows\System32\drivers\sncduvc.sys
[2008/11/25 20:28:58 | 000,000,209 | -H-- | C] () -- C:\Windows\ODBCINST.INI
[2008/11/25 12:04:14 | 000,333,203 | RHS- | C] () -- \bootmgr
[2008/05/07 09:55:12 | 000,002,916 | -H-- | C] () -- \files.crc
[2007/06/12 08:55:11 | 003,107,788 | -H-- | C] () -- C:\Windows\System32\atiumdva.dat
[2007/06/12 08:55:11 | 000,159,744 | -H-- | C] () -- C:\Windows\System32\atitmmxx.dll
[2007/06/12 08:55:11 | 000,144,773 | -H-- | C] () -- C:\Windows\System32\atiicdxx.dat
[2007/05/30 09:54:10 | 001,060,424 | -H-- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[2006/11/02 14:53:49 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006/11/02 14:44:53 | 000,306,336 | -H-- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006/11/02 12:33:01 | 000,605,208 | -H-- | C] () -- C:\Windows\System32\perfh009.dat
[2006/11/02 12:33:01 | 000,287,440 | -H-- | C] () -- C:\Windows\System32\perfi009.dat
[2006/11/02 12:33:01 | 000,108,282 | -H-- | C] () -- C:\Windows\System32\perfc009.dat
[2006/11/02 12:33:01 | 000,030,674 | -H-- | C] () -- C:\Windows\System32\perfd009.dat
[2006/11/02 12:23:21 | 000,215,943 | -H-- | C] () -- C:\Windows\System32\dssec.dat
[2006/11/02 12:23:09 | 000,000,024 | -H-- | C] () -- \autoexec.bat
[2006/11/02 10:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006/11/02 10:19:00 | 000,000,741 | -H-- | C] () -- C:\Windows\System32\NOISE.DAT
[2006/11/02 09:40:29 | 000,013,750 | -H-- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/11/02 09:25:31 | 000,673,088 | -H-- | C] () -- C:\Windows\System32\mlang.dat
[2006/11/02 08:25:08 | 000,000,010 | -H-- | C] () -- \config.sys

========== LOP Check ==========

[2009/10/16 13:46:29 | 000,000,000 | -H-D | M] -- C:\Users\Céline\AppData\Roaming\.ABC
[2010/03/11 22:39:18 | 000,000,000 | -H-D | M] -- C:\Users\Céline\AppData\Roaming\1morebee
[2010/01/14 23:31:14 | 000,000,000 | -H-D | M] -- C:\Users\Céline\AppData\Roaming\ACD Systems
[2010/11/15 13:14:29 | 000,000,000 | -H-D | M] -- C:\Users\Céline\AppData\Roaming\Alawar
[2010/07/17 10:13:29 | 000,000,000 | -H-D | M] -- C:\Users\Céline\AppData\Roaming\Alawar Entertainment
[2011/02/24 01:30:38 | 000,000,000 | -H-D | M] -- C:\Users\Céline\AppData\Roaming\AlawarSouthpoint
[2009/11/15 18:47:33 | 000,000,000 | -H-D | M] -- C:\Users\Céline\AppData\Roaming\Anabel
[2009/11/02 14:57:00 | 000,000,000 | -H-D | M] -- C:\Users\Céline\AppData\Roaming\Ashtons Family Resort
[2011/03/14 11:19:36 | 000,000,000 | -H-D | M] -- C:\Users\Céline\AppData\Roaming\Awem
[2010/05/31 20:13:55 | 000,000,000 | -H-D | M] -- C:\Users\Céline\AppData\Roaming\BanzaiInteractive
[2011/05/22 19:24:34 | 000,000,000 | -H-D | M] -- C:\Users\Céline\AppData\Roaming\BeachPartyCraze
[2010/10/04 11:59:14 | 000,000,000 | -H-D | M] -- C:\Users\Céline\AppData\Roaming\BlamGames
[2011/02/28 10:33:52 | 000,000,000 | -H-D | M] -- C:\Users\Céline\AppData\Roaming\Boolat Games
[2010/11/10 21:15:39 | 000,000,000 | -H-D | M] -- C:\Users\Céline\AppData\Roaming\Brunhilda_real
[2009/10/17 11:34:58 | 000,000,000 | -H-D | M] -- C:\Users\Céline\AppData\Roaming\Canneverbe_Limited
[2010/11/23 10:32:56 | 000,000,000 | -H-D | M] -- C:\Users\Céline\AppData\Roaming\CasualForge
[2010/03/19 10:44:12 | 000,000,000 | -H-D | M] -- C:\Users\Céline\AppData\Roaming\Dekovir
[2010/03/10 21:50:29 | 000,000,000 | -H-D | M] -- C:\Users\Céline\AppData\Roaming\EleFun Games
[2010/02/17 21:38:04 | 000,000,000 | -H-D | M] -- C:\Users\Céline\AppData\Roaming\ElementalsTheMagicKey
[2009/10/14 08:45:19 | 000,000,000 | -H-D | M] -- C:\Users\Céline\AppData\Roaming\Farm Mania
[2010/04/03 22:45:10 | 000,000,000 | -H-D | M] -- C:\Users\Céline\AppData\Roaming\Farm Mania 2
[2010/09/21 14:09:27 | 000,000,000 | -H-D | M] -- C:\Users\Céline\AppData\Roaming\Floodlight Games
[2011/03/13 12:24:53 | 000,000,000 | -H-D | M] -- C:\Users\Céline\AppData\Roaming\FlyWheelGames
[2010/07/23 18:47:51 | 000,000,000 | -H-D | M] -- C:\Users\Céline\AppData\Roaming\freshgames
[2010/10/12 13:02:08 | 000,000,000 | -H-D | M] -- C:\Users\Céline\AppData\Roaming\Friday's games
[2010/06/26 11:33:02 | 000,000,000 | -H-D | M] -- C:\Users\Céline\AppData\Roaming\Fugazo
[2011/01/13 00:11:48 | 000,000,000 | -H-D | M] -- C:\Users\Céline\AppData\Roaming\funkitron
[2010/01/05 21:50:24 | 000,000,000 | -H-D | M] -- C:\Users\Céline\AppData\Roaming\GameHousev1002
[2011/03/29 14:51:00 | 000,000,000 | -H-D | M] -- C:\Users\Céline\AppData\Roaming\GameInvest
[2010/08/12 19:40:42 | 000,000,000 | -H-D | M] -- C:\Users\Céline\AppData\Roaming\GamesCafe
[2009/08/20 18:11:39 | 000,000,000 | -H-D | M] -- C:\Users\Céline\AppData\Roaming\gemsweeperextractedgfx
[2011/05/03 09:25:27 | 000,000,000 | -H-D | M] -- C:\Users\Céline\AppData\Roaming\Gogii
[2009/08/13 18:32:41 | 000,000,000 | -H-D | M] -- C:\Users\Céline\AppData\Roaming\GOL_byHasbro
[2010/01/27 20:50:43 | 000,000,000 | -H-D | M] -- C:\Users\Céline\AppData\Roaming\HdO Adventure
[2010/08/24 18:56:46 | 000,000,000 | -H-D | M] -- C:\Users\Céline\AppData\Roaming\IBAGroup
[2011/05/10 11:51:45 | 000,000,000 | -H-D | M] -- C:\Users\Céline\AppData\Roaming\iMaxGen
[2011/05/05 11:07:07 | 000,000,000 | -H-D | M] -- C:\Users\Céline\AppData\Roaming\InImages
[2010/12/30 17:07:33 | 000,000,000 | -H-D | M] -- C:\Users\Céline\AppData\Roaming\iWin
[2011/05/22 19:24:35 | 000,000,000 | -H-D | M] -- C:\Users\Céline\AppData\Roaming\Jane s Hotel 3
[2009/10/17 19:39:44 | 000,000,000 | -H-D | M] -- C:\Users\Céline\AppData\Roaming\LG Electronics
[2011/05/22 19:24:35 | 000,000,000 | -H-D | M] -- C:\Users\Céline\AppData\Roaming\Magic3
[2010/03/01 19:48:48 | 000,000,000 | -H-D | M] -- C:\Users\Céline\AppData\Roaming\Merscom
[2009/10/17 13:28:19 | 000,000,000 | -H-D | M] -- C:\Users\Céline\AppData\Roaming\My Games
[2011/02/22 23:14:36 | 000,000,000 | -H-D | M] -- C:\Users\Céline\AppData\Roaming\Mystery of Mortlake Mansion
[2009/11/24 18:22:09 | 000,000,000 | -H-D | M] -- C:\Users\Céline\AppData\Roaming\MysteryStudio
[2010/08/05 12:52:29 | 000,000,000 | -H-D | M] -- C:\Users\Céline\AppData\Roaming\NevoSoft Games
[2009/05/08 22:30:33 | 000,000,000 | -H-D | M] -- C:\Users\Céline\AppData\Roaming\Packard Bell
[2009/11/25 23:04:28 | 000,000,000 | -H-D | M] -- C:\Users\Céline\AppData\Roaming\Peace Craft
[2010/10/07 10:24:30 | 000,000,000 | -H-D | M] -- C:\Users\Céline\AppData\Roaming\PeaceCraft2
[2011/05/22 19:24:37 | 000,000,000 | -H-D | M] -- C:\Users\Céline\AppData\Roaming\PetShowCraze
[2011/05/19 09:38:42 | 000,000,000 | -H-D | M] -- C:\Users\Céline\AppData\Roaming\PlayFirst
[2010/02/02 15:07:24 | 000,000,000 | -H-D | M] -- C:\Users\Céline\AppData\Roaming\Playrix Entertainment
[2011/03/14 12:56:08 | 000,000,000 | -H-D | M] -- C:\Users\Céline\AppData\Roaming\Princess Isabella
[2011/05/22 19:24:37 | 000,000,000 | -H-D | M] -- C:\Users\Céline\AppData\Roaming\RobinsonCrusoe
[2009/09/25 15:28:43 | 000,000,000 | -H-D | M] -- C:\Users\Céline\AppData\Roaming\Saved Games
[2011/05/22 19:24:37 | 000,000,000 | -H-D | M] -- C:\Users\Céline\AppData\Roaming\SecretIslandFraBF
[2011/05/22 19:24:37 | 000,000,000 | -H-D | M] -- C:\Users\Céline\AppData\Roaming\Settlement. Colossus
[2010/05/14 10:27:15 | 000,000,000 | -H-D | M] -- C:\Users\Céline\AppData\Roaming\ShinyTales
[2011/05/24 10:16:54 | 000,000,000 | -H-D | M] -- C:\Users\Céline\AppData\Roaming\SoftGrid Client
[2010/11/03 11:50:06 | 000,000,000 | -H-D | M] -- C:\Users\Céline\AppData\Roaming\SulusGames
[2011/03/28 09:42:06 | 000,000,000 | -H-D | M] -- C:\Users\Céline\AppData\Roaming\Supermarket Mania 2
[2009/11/24 22:20:10 | 000,000,000 | -H-D | M] -- C:\Users\Céline\AppData\Roaming\Template
[2011/05/22 19:24:37 | 000,000,000 | -H-D | M] -- C:\Users\Céline\AppData\Roaming\ThreeDays2
[2010/04/27 16:04:21 | 000,000,000 | -H-D | M] -- C:\Users\Céline\AppData\Roaming\Tific
[2010/05/20 21:27:44 | 000,000,000 | -H-D | M] -- C:\Users\Céline\AppData\Roaming\TitanicMystery
[2011/05/22 19:24:37 | 000,000,000 | -H-D | M] -- C:\Users\Céline\AppData\Roaming\TMInc
[2009/05/02 19:14:55 | 000,000,000 | -H-D | M] -- C:\Users\Céline\AppData\Roaming\TomTom
[2010/11/19 12:06:27 | 000,000,000 | -H-D | M] -- C:\Users\Céline\AppData\Roaming\Total Eclipse
[2010/11/02 19:20:41 | 000,000,000 | -H-D | M] -- C:\Users\Céline\AppData\Roaming\TP
[2010/11/09 22:18:13 | 000,000,000 | -H-D | M] -- C:\Users\Céline\AppData\Roaming\Trio
[2010/11/30 11:53:15 | 000,000,000 | -H-D | M] -- C:\Users\Céline\AppData\Roaming\VendelGAMES
[2010/07/22 17:52:22 | 000,000,000 | -H-D | M] -- C:\Users\Céline\AppData\Roaming\Virtual City
[2009/08/18 21:37:19 | 000,000,000 | -H-D | M] -- C:\Users\Céline\AppData\Roaming\World-LooM
[2011/05/03 14:16:49 | 000,000,000 | -H-D | M] -- C:\Users\Céline\AppData\Roaming\YoudaGames
[2011/05/22 19:24:38 | 000,000,000 | -H-D | M] -- C:\Users\Céline\AppData\Roaming\Zylom
[2011/05/22 19:24:38 | 000,000,000 | -H-D | M] -- C:\Users\Céline\AppData\Roaming\Zylom 3 Days Zoo Mystery
[2011/05/22 19:24:38 | 000,000,000 | -H-D | M] -- C:\Users\Céline\AppData\Roaming\Zylom JanesZOO
[2011/02/09 18:47:11 | 000,000,000 | -H-D | M] -- C:\Users\lila\AppData\Roaming\Canneverbe_Limited
[2011/06/04 09:00:00 | 000,000,342 | -H-- | M] () -- C:\Windows\Tasks\Extension de garantie-Céline.job
[2011/05/31 23:34:26 | 000,032,614 | -H-- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2011/06/04 09:20:00 | 000,000,434 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{A0DEDE41-8B8B-40DE-A6FF-2B4C2A8AF227}.job

========== Purity Check ==========



========== Custom Scans ==========


< %temp%\smtmp\1\*. /s >

< %temp%\smtmp\2\*. /s >

< %temp%\smtmp\4\*. /s >

< %temp%\smtmp\1\*.* /s >

< %temp%\smtmp\2\*.* /s >

< %temp%\smtmp\4\*.* /s >

< nslookup http://www.google.fr /c >
Serveur : dns2.proxad.net
Address: 212.27.40.241

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %APPDATA%\*. >
[2011/05/27 15:55:58 | 000,000,000 | ---D | M] -- C:\Users\celine1\AppData\Roaming\Adobe
[2011/05/26 10:04:38 | 000,000,000 | ---D | M] -- C:\Users\celine1\AppData\Roaming\Identities
[2011/05/26 10:06:58 | 000,000,000 | ---D | M] -- C:\Users\celine1\AppData\Roaming\Macromedia
[2011/05/26 15:33:40 | 000,000,000 | --SD | M] -- C:\Users\celine1\AppData\Roaming\Microsoft

< %APPDATA%\*.exe /s >

< %SYSTEMDRIVE%\*.exe >

< %SYSTEMDRIVE%\*.exe >


< MD5 for: AGP440.SYS >
[2008/01/21 04:32:22 | 000,056,376 | -H-- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\drivers\AGP440.sys
[2008/01/21 04:32:22 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\AGP440.sys
[2008/01/21 04:32:22 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys
[2008/01/21 04:32:22 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\AGP440.sys
[2006/11/02 11:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys

< MD5 for: ATAPI.SYS >
[2009/04/11 08:32:26 | 000,019,944 | -H-- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\SoftwareDistribution\Download\cd2b15b1a90e884578188440a1660b12\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys
[2008/01/21 04:32:21 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\drivers\atapi.sys
[2008/01/21 04:32:21 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys
[2008/01/21 04:32:21 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys
[2006/11/02 11:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys

< MD5 for: CDROM.SYS >
[2008/01/21 04:32:23 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=1EC25CEA0DE6AC4718BF89F9E1778B57 -- C:\Windows\System32\drivers\cdrom.sys
[2008/01/21 04:32:23 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=1EC25CEA0DE6AC4718BF89F9E1778B57 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_a29e71c6\cdrom.sys
[2008/01/21 04:32:23 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=1EC25CEA0DE6AC4718BF89F9E1778B57 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.0.6001.18000_none_5fa95be2a3c76a4a\cdrom.sys
[2009/04/11 06:39:17 | 000,067,072 | -H-- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\Windows\SoftwareDistribution\Download\cd2b15b1a90e884578188440a1660b12\x86_cdrom.inf_31bf3856ad364e35_6.0.6002.18005_none_6194d4eea0e93596\cdrom.sys
[2006/11/02 10:51:44 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=8D1866E61AF096AE8B582454F5E4D303 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_e487f727\cdrom.sys

< MD5 for: CNGAUDIT.DLL >
[2006/11/02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\System32\cngaudit.dll
[2006/11/02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll

< MD5 for: CTFMON.EXE >
[2006/11/02 11:45:00 | 000,008,704 | ---- | M] (Microsoft Corporation) MD5=22BFD03DF51065A9ED8D17F8FB72296B -- C:\Windows\System32\ctfmon.exe
[2006/11/02 11:45:00 | 000,008,704 | ---- | M] (Microsoft Corporation) MD5=22BFD03DF51065A9ED8D17F8FB72296B -- C:\Windows\winsxs\x86_microsoft-windows-t..cesframework-ctfmon_31bf3856ad364e35_6.0.6000.16386_none_9af9cad793a67953\ctfmon.exe

< MD5 for: DISK.SYS >
[2009/04/11 08:32:31 | 000,053,736 | -H-- | M] (Microsoft Corporation) MD5=5D4AEFC3386920236A548271F8F1AF6A -- C:\Windows\SoftwareDistribution\Download\cd2b15b1a90e884578188440a1660b12\x86_disk.inf_31bf3856ad364e35_6.0.6002.18005_none_fbb1faf0714e4ea6\disk.sys
[2008/01/21 04:32:45 | 000,055,352 | ---- | M] (Microsoft Corporation) MD5=64109E623ABD6955C8FB110B592E68B7 -- C:\Windows\System32\drivers\disk.sys
[2008/01/21 04:32:45 | 000,055,352 | ---- | M] (Microsoft Corporation) MD5=64109E623ABD6955C8FB110B592E68B7 -- C:\Windows\System32\DriverStore\FileRepository\disk.inf_90722180\disk.sys
[2008/01/21 04:32:45 | 000,055,352 | ---- | M] (Microsoft Corporation) MD5=64109E623ABD6955C8FB110B592E68B7 -- C:\Windows\winsxs\x86_disk.inf_31bf3856ad364e35_6.0.6001.18000_none_f9c681e4742c835a\disk.sys
[2006/11/02 11:49:51 | 000,052,840 | ---- | M] (Microsoft Corporation) MD5=841AF4C4D41D3E3B2F244E976B0F7963 -- C:\Windows\System32\DriverStore\FileRepository\disk.inf_e0b0b355\disk.sys

< MD5 for: DWM.EXE >
[2009/04/11 08:27:33 | 000,081,920 | -H-- | M] (Microsoft Corporation) MD5=01DD1004181FD46ECDC3628228EB269D -- C:\Windows\SoftwareDistribution\Download\cd2b15b1a90e884578188440a1660b12\x86_microsoft-windows-d..pwindowmanager-core_31bf3856ad364e35_6.0.6002.18005_none_8f8f0d20ba53c683\dwm.exe
[2008/01/21 04:34:32 | 000,081,920 | ---- | M] (Microsoft Corporation) MD5=59903071D7ACE6A02093C47E9E38AF97 -- C:\Windows\System32\dwm.exe
[2008/01/21 04:34:32 | 000,081,920 | ---- | M] (Microsoft Corporation) MD5=59903071D7ACE6A02093C47E9E38AF97 -- C:\Windows\winsxs\x86_microsoft-windows-d..pwindowmanager-core_31bf3856ad364e35_6.0.6001.18000_none_8da39414bd31fb37\dwm.exe

< MD5 for: EXPLORER.EXE >
[2008/10/29 08:20:29 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_4f83bb287ccdb7e3\explorer.exe
[2008/10/29 08:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\explorer.exe
[2008/10/29 08:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_5177ca9879e978e8\explorer.exe
[2008/10/30 05:59:17 | 002,927,616 | ---- | M] (Microsoft Corporation) MD5=50BA5850147410CDE89C523AD3BC606E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_51e4f8c7931bd1e1\explorer.exe
[2009/04/11 08:27:36 | 002,926,592 | -H-- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\SoftwareDistribution\Download\cd2b15b1a90e884578188440a1660b12\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_53a0201e76de3a0b\explorer.exe
[2008/10/28 04:15:02 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=E7156B0B74762D9DE0E66BDCDE06E5FB -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_5033cb5995cd990b\explorer.exe
[2008/01/21 04:34:05 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=FFA764631CB70A30065C12EF8E174F9F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_51b4a71279bc6ebf\explorer.exe

< MD5 for: IASTORV.SYS >
[2008/01/21 04:32:49 | 000,235,064 | -H-- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\drivers\iaStorV.sys
[2008/01/21 04:32:49 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_c9df7691\iaStorV.sys
[2008/01/21 04:32:49 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_af11527887c7fa8f\iaStorV.sys
[2006/11/02 11:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_37cdafa4\iaStorV.sys

< MD5 for: NDIS.SYS >
[2009/04/11 08:32:49 | 000,527,848 | -H-- | M] (Microsoft Corporation) MD5=1357274D1883F68300AEADD15D7BBB42 -- C:\Windows\SoftwareDistribution\Download\cd2b15b1a90e884578188440a1660b12\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6002.18005_none_a9b2a4d31930d864\ndis.sys
[2008/01/21 04:33:22 | 000,529,464 | ---- | M] (Microsoft Corporation) MD5=9BDC71790FA08F0A0B5F10462B1BD0B1 -- C:\Windows\System32\drivers\ndis.sys
[2008/01/21 04:33:22 | 000,529,464 | ---- | M] (Microsoft Corporation) MD5=9BDC71790FA08F0A0B5F10462B1BD0B1 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6001.18000_none_a7c72bc71c0f0d18\ndis.sys

< MD5 for: NETLOGON.DLL >
[2009/04/11 08:28:23 | 000,592,896 | -H-- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\SoftwareDistribution\Download\cd2b15b1a90e884578188440a1660b12\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_ffa3304f351bb3a3\netlogon.dll
[2008/01/21 04:33:41 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\System32\netlogon.dll
[2008/01/21 04:33:41 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7b74337f9e857\netlogon.dll

< MD5 for: NVSTOR.SYS >
[2006/11/02 11:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys
[2008/01/21 04:32:47 | 000,045,112 | -H-- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\drivers\nvstor.sys
[2008/01/21 04:32:47 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvstor.sys
[2008/01/21 04:32:47 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvstor.sys

< MD5 for: RASACD.SYS >
[2008/01/21 04:34:00 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=147D7F9C556D259924351FEB0DE606C3 -- C:\Windows\System32\drivers\rasacd.sys
[2008/01/21 04:34:00 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=147D7F9C556D259924351FEB0DE606C3 -- C:\Windows\winsxs\x86_microsoft-windows-rasautodial_31bf3856ad364e35_6.0.6001.18000_none_0fd9feb665531f63\rasacd.sys

< MD5 for: RDPWD.SYS >
[2009/04/11 06:51:27 | 000,180,736 | -H-- | M] (Microsoft Corporation) MD5=30BFBDFB7F95559EDE971F9DDB9A00BA -- C:\Windows\SoftwareDistribution\Download\cd2b15b1a90e884578188440a1660b12\x86_microsoft-windows-t..dp-winstationdriver_31bf3856ad364e35_6.0.6002.18005_none_4d610153d22453a6\rdpwd.sys
[2008/01/21 04:34:38 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=E1C18F4097A5ABCEC941DC4B2F99DB7E -- C:\Windows\System32\drivers\rdpwd.sys
[2008/01/21 04:34:38 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=E1C18F4097A5ABCEC941DC4B2F99DB7E -- C:\Windows\winsxs\x86_microsoft-windows-t..dp-winstationdriver_31bf3856ad364e35_6.0.6001.18000_none_4b758847d502885a\rdpwd.sys

< MD5 for: SCECLI.DLL >
[2008/01/21 04:34:39 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\System32\scecli.dll
[2008/01/21 04:34:39 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll
[2009/04/11 08:28:24 | 000,177,152 | -H-- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\SoftwareDistribution\Download\cd2b15b1a90e884578188440a1660b12\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_39f95b67d63d3a5e\scecli.dll

< MD5 for: SFLOPPY.SYS >
[2006/11/02 10:51:40 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=46ED8E91793B2E6F848015445A0AC188 -- C:\Windows\System32\DriverStore\FileRepository\flpydisk.inf_7a4ca8e4\sfloppy.sys
[2008/01/21 04:32:45 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=C33BFBD6E9E41FCD9FFEF9729E9FAED6 -- C:\Windows\System32\drivers\sfloppy.sys
[2008/01/21 04:32:45 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=C33BFBD6E9E41FCD9FFEF9729E9FAED6 -- C:\Windows\System32\DriverStore\FileRepository\flpydisk.inf_36da1340\sfloppy.sys
[2008/01/21 04:32:45 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=C33BFBD6E9E41FCD9FFEF9729E9FAED6 -- C:\Windows\winsxs\x86_flpydisk.inf_31bf3856ad364e35_6.0.6001.18000_none_e70a102d7a7bbf43\sfloppy.sys

< MD5 for: TASKENG.EXE >
[2010/11/05 15:43:51 | 000,171,520 | ---- | M] (Microsoft Corporation) MD5=110B5E5AFA79DD8A45A2F6ED738469B9 -- C:\Windows\winsxs\x86_microsoft-windows-taskscheduler-engine_31bf3856ad364e35_6.0.6001.22791_none_e5d5a65bd84010db\taskeng.exe
[2010/11/04 18:34:06 | 000,171,520 | ---- | M] (Microsoft Corporation) MD5=3D50C4B10352367D5CB20ED1F50F8DA2 -- C:\Windows\winsxs\x86_microsoft-windows-taskscheduler-engine_31bf3856ad364e35_6.0.6002.18342_none_e7698b5ebc1f53d7\taskeng.exe
[2008/01/21 04:34:32 | 000,169,472 | ---- | M] (Microsoft Corporation) MD5=5F109032CE46B7184ED9E50F9FE8489E -- C:\Windows\winsxs\x86_microsoft-windows-taskscheduler-engine_31bf3856ad364e35_6.0.6001.18000_none_e5ac4d2ebeda6d57\taskeng.exe
[2010/11/05 00:15:29 | 000,171,520 | ---- | M] (Microsoft Corporation) MD5=9AF3E523E39FD8C10EDFA3ABA702DC9B -- C:\Windows\winsxs\x86_microsoft-windows-taskscheduler-engine_31bf3856ad364e35_6.0.6002.22519_none_e81a9bd9d51e4e56\taskeng.exe
[2009/04/11 08:28:07 | 000,169,984 | -H-- | M] (Microsoft Corporation) MD5=E5BBFC283D6F5D69B41E464676361020 -- C:\Windows\SoftwareDistribution\Download\cd2b15b1a90e884578188440a1660b12\x86_microsoft-windows-taskscheduler-engine_31bf3856ad364e35_6.0.6002.18005_none_e797c63abbfc38a3\taskeng.exe
[2010/11/05 02:53:47 | 000,171,520 | ---- | M] (Microsoft Corporation) MD5=EAFB5897AC9CD84890171AC38862320F -- C:\Windows\System32\taskeng.exe
[2010/11/05 02:53:47 | 000,171,520 | ---- | M] (Microsoft Corporation) MD5=EAFB5897AC9CD84890171AC38862320F -- C:\Windows\winsxs\x86_microsoft-windows-taskscheduler-engine_31bf3856ad364e35_6.0.6001.18551_none_e577475abf020426\taskeng.exe

< MD5 for: TCPIP.SYS >
[2008/04/26 10:08:16 | 000,891,448 | ---- | M] (Microsoft Corporation) MD5=01EC1E92595F839BEE70D439C46796E3 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22167_none_b36dd19b7fae39c7\tcpip.sys
[2009/04/11 08:33:02 | 000,897,000 | -H-- | M] (Microsoft Corporation) MD5=0E6B0885C3D5E4643ED2D043DE3433D8 -- C:\Windows\SoftwareDistribution\Download\cd2b15b1a90e884578188440a1660b12\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18005_none_b5098b5e63880c42\tcpip.sys
[2009/12/08 22:52:30 | 000,897,624 | ---- | M] (Microsoft Corporation) MD5=1ACBB7A47E78F4CC82D2EFFB72901528 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18377_none_b2d96a966698ad63\tcpip.sys
[2009/08/15 23:30:53 | 000,816,640 | ---- | M] (Microsoft Corporation) MD5=2512B4D1353370D6688B1AF1F5AFA1CF -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21108_none_6030d425ab49af00\tcpip.sys
[2009/08/14 19:01:55 | 000,900,168 | ---- | M] (Microsoft Corporation) MD5=2608E71AAD54564647D4BB984E1925AA -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22497_none_b34d67897fc6850f\tcpip.sys
[2010/02/18 13:51:51 | 000,818,688 | ---- | M] (Microsoft Corporation) MD5=2C1F7005AA3B62721BFDB307BD5F5010 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21226_none_6019359fab5bb15b\tcpip.sys
[2010/02/18 16:49:38 | 000,898,952 | ---- | M] (Microsoft Corporation) MD5=2EAE4500984C2F8DACFB977060300A15 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18427_none_b30f7c1866701ed5\tcpip.sys
[2009/08/14 16:24:47 | 000,813,568 | ---- | M] (Microsoft Corporation) MD5=300208927321066EA53761FDC98747C6 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16908_none_5fa75f38922bdbf4\tcpip.sys
[2009/12/08 22:15:00 | 000,907,832 | ---- | M] (Microsoft Corporation) MD5=46E6685F3E92AEC743773ADD4CD54F57 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22283_none_b53aaa1b7ce8560d\tcpip.sys
[2010/02/18 16:07:16 | 000,904,576 | ---- | M] (Microsoft Corporation) MD5=48CBE6D53632D0067C2D6B20F90D84CA -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18209_none_b50d905263846bec\tcpip.sys
[2010/02/18 14:05:37 | 000,815,104 | ---- | M] (Microsoft Corporation) MD5=4A82FA8F0DF67AA354580C3FAAF8BDE3 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.17021_none_5f8a957c924295b7\tcpip.sys
[2009/12/08 22:37:09 | 000,900,696 | ---- | M] (Microsoft Corporation) MD5=5653230D480A9C54D169E1B080B72CF5 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22577_none_b36309477fb64a54\tcpip.sys
[2010/06/16 17:55:58 | 000,902,032 | ---- | M] (Microsoft Corporation) MD5=6216A954ED7045B62880A92D6C9B9FC7 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22713_none_b39feb737f8937a0\tcpip.sys
[2009/08/14 18:27:34 | 000,904,776 | ---- | M] (Microsoft Corporation) MD5=65877AA1B6A7CB797488E831698973E9 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18091_none_b4a43aea63d4a25f\tcpip.sys
[2010/06/16 18:39:32 | 000,912,776 | ---- | M] (Microsoft Corporation) MD5=6A10AFCE0B38371064BE41C1FBFD3C6B -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22425_none_b57d8e037cb5db63\tcpip.sys
[2010/06/16 17:59:54 | 000,898,952 | ---- | M] (Microsoft Corporation) MD5=782568AB6A43160A159B6215B70BCCE9 -- C:\Windows\System32\drivers\tcpip.sys
[2010/06/16 17:59:54 | 000,898,952 | ---- | M] (Microsoft Corporation) MD5=782568AB6A43160A159B6215B70BCCE9 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18493_none_b2bfcb7c66ac7d10\tcpip.sys
[2008/04/26 10:26:49 | 000,891,448 | ---- | M] (Microsoft Corporation) MD5=82E266BEE5F0167E41C6ECFDD2A79C02 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18063_none_b2e033a8669434a1\tcpip.sys
[2009/12/08 19:58:13 | 000,813,568 | ---- | M] (Microsoft Corporation) MD5=8734BD051FFDCBF8425CF222141C3741 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16973_none_5f56ae52926920d8\tcpip.sys
[2009/08/14 19:07:56 | 000,897,608 | ---- | M] (Microsoft Corporation) MD5=8A7AD2A214233F684242F289ED83EBC3 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18311_none_b3144862666d6db3\tcpip.sys
[2010/02/18 19:36:50 | 000,902,024 | ---- | M] (Microsoft Corporation) MD5=93A5655CD9CD2F080EF1CB71A3666215 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22636_none_b38d4a937f96be60\tcpip.sys
[2010/06/16 18:04:57 | 000,905,088 | ---- | M] (Microsoft Corporation) MD5=A474879AFA4A596B3A531F3E69730DBF -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18272_none_b4baded863c37e22\tcpip.sys
[2009/12/08 19:45:32 | 000,816,640 | ---- | M] (Microsoft Corporation) MD5=CA3A5756672013A66BB9D547A5A62DCA -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21175_none_5fe223d3ab852692\tcpip.sys
[2010/02/18 16:22:11 | 000,910,216 | ---- | M] (Microsoft Corporation) MD5=D9F5DD5BBC8348E8F8220CCBF14C022E -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22341_none_b563eb1d7cc9b0c2\tcpip.sys
[2009/12/08 22:01:08 | 000,904,776 | ---- | M] (Microsoft Corporation) MD5=DA467E7619AE5F4588E6262C13C8940A -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18160_none_b4c3ac4a63bd325c\tcpip.sys
[2008/01/21 04:34:55 | 000,891,448 | ---- | M] (Microsoft Corporation) MD5=FC6E2835D667774D409C7C7021EAF9C4 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18000_none_b31e1252666640f6\tcpip.sys
[2009/08/14 18:33:50 | 000,905,784 | ---- | M] (Microsoft Corporation) MD5=FF71856BD4CD6D4367F9FD84BE79A874 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22200_none_b58e289d7caa2a80\tcpip.sys

< MD5 for: TDPIPE.SYS >
[2008/01/21 04:33:45 | 000,017,920 | ---- | M] (Microsoft Corporation) MD5=5DCF5E267BE67A1AE926F2DF77FBCC56 -- C:\Windows\System32\drivers\tdpipe.sys
[2008/01/21 04:33:45 | 000,017,920 | ---- | M] (Microsoft Corporation) MD5=5DCF5E267BE67A1AE926F2DF77FBCC56 -- C:\Windows\winsxs\x86_microsoft-windows-t..es-transportdrivers_31bf3856ad364e35_6.0.6001.18000_none_dbac376c44b742d7\tdpipe.sys

< MD5 for: TDTCP.SYS >
[2008/01/21 04:33:45 | 000,029,184 | ---- | M] (Microsoft Corporation) MD5=389C63E32B3CEFED425B61ED92D3F021 -- C:\Windows\System32\drivers\tdtcp.sys
[2008/01/21 04:33:45 | 000,029,184 | ---- | M] (Microsoft Corporation) MD5=389C63E32B3CEFED425B61ED92D3F021 -- C:\Windows\winsxs\x86_microsoft-windows-t..es-transportdrivers_31bf3856ad364e35_6.0.6001.18000_none_dbac376c44b742d7\tdtcp.sys

< MD5 for: USBPRINT.SYS >
[2006/11/02 11:14:58 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=B51E52ACF758BE00EF3A58EA452FE360 -- C:\Windows\System32\DriverStore\FileRepository\usbprint.inf_35521f61\usbprint.sys
[2008/01/21 04:32:48 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=E75C4B5269091D15A2E7DC0B6D35F2F5 -- C:\Windows\System32\drivers\usbprint.sys
[2008/01/21 04:32:48 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=E75C4B5269091D15A2E7DC0B6D35F2F5 -- C:\Windows\System32\DriverStore\FileRepository\usbprint.inf_29f90369\usbprint.sys
[2008/01/21 04:32:48 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=E75C4B5269091D15A2E7DC0B6D35F2F5 -- C:\Windows\winsxs\x86_usbprint.inf_31bf3856ad364e35_6.0.6001.18000_none_32f9c26ac169fb1e\usbprint.sys

< MD5 for: USBSCAN.SYS >
[2008/01/21 04:32:53 | 000,035,328 | -H-- | M] (Microsoft Corporation) MD5=A508C9BD8724980512136B039BBA65E9 -- C:\Windows\System32\drivers\usbscan.sys
[2008/01/21 04:32:53 | 000,035,328 | ---- | M] (Microsoft Corporation) MD5=A508C9BD8724980512136B039BBA65E9 -- C:\Windows\System32\DriverStore\FileRepository\sti.inf_67b3f94c\usbscan.sys
[2008/01/21 04:32:53 | 000,035,328 | ---- | M] (Microsoft Corporation) MD5=A508C9BD8724980512136B039BBA65E9 -- C:\Windows\winsxs\x86_sti.inf_31bf3856ad364e35_6.0.6001.18000_none_59ded168e0c6a0d3\usbscan.sys
[2008/01/21 04:32:53 | 000,035,328 | ---- | M] (Microsoft Corporation) MD5=A508C9BD8724980512136B039BBA65E9 -- C:\Windows\winsxs\x86_sti.inf_31bf3856ad364e35_6.0.6002.18005_none_5bca4a74dde86c1f\usbscan.sys
[2006/11/02 11:14:17 | 000,035,328 | ---- | M] (Microsoft Corporation) MD5=B1F95285C08DDFE00C0B955462637EC7 -- C:\Windows\System32\DriverStore\FileRepository\sti.inf_727905e0\usbscan.sys

< MD5 for: USERINIT.EXE >
[2008/01/21 04:34:37 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\System32\userinit.exe
[2008/01/21 04:34:37 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe

< MD5 for: VOLSNAP.SYS >
[2006/11/02 11:51:18 | 000,208,488 | ---- | M] (Microsoft Corporation) MD5=11EF6C1CAEF76B685233450A126125D6 -- C:\Windows\System32\DriverStore\FileRepository\volume.inf_9320b452\volsnap.sys
[2009/04/11 08:32:55 | 000,226,280 | -H-- | M] (Microsoft Corporation) MD5=147281C01FCB1DF9252DE2A10D5E7093 -- C:\Windows\SoftwareDistribution\Download\cd2b15b1a90e884578188440a1660b12\x86_volume.inf_31bf3856ad364e35_6.0.6002.18005_none_17a2308cf936c619\volsnap.sys
[2008/01/21 04:32:47 | 000,227,896 | ---- | M] (Microsoft Corporation) MD5=D8B4A53DD2769F226B3EB374374987C9 -- C:\Windows\System32\DriverStore\FileRepository\volume.inf_f53a1785\volsnap.sys
[2008/01/21 04:32:47 | 000,227,896 | ---- | M] (Microsoft Corporation) MD5=D8B4A53DD2769F226B3EB374374987C9 -- C:\Windows\winsxs\x86_volume.inf_31bf3856ad364e35_6.0.6001.18000_none_15b6b780fc14facd\volsnap.sys
[2008/01/21 04:32:47 | 000,227,896 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\drivers\volsnap.sys

< MD5 for: WININIT.EXE >
[2008/01/21 04:33:13 | 000,096,768 | ---- | M] (Microsoft Corporation) MD5=101BA3EA053480BB5D957EF37C06B5ED -- C:\Windows\System32\wininit.exe
[2008/01/21 04:33:13 | 000,096,768 | ---- | M] (Microsoft Corporation) MD5=101BA3EA053480BB5D957EF37C06B5ED -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.0.6001.18000_none_30f2b8cf0450a6a2\wininit.exe

< MD5 for: WINLOGON.EXE >
[2009/04/11 08:28:13 | 000,314,368 | -H-- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\SoftwareDistribution\Download\cd2b15b1a90e884578188440a1660b12\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe
[2008/01/21 04:34:38 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\System32\winlogon.exe
[2008/01/21 04:34:38 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[1 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]

< %systemroot%\Tasks\*.job /lockedfiles >

< >

< >

========== Alternate Data Streams ==========

@Alternate Data Stream - 140 bytes -> C:\ProgramData\TEMP:05F547A9
@Alternate Data Stream - 121 bytes -> C:\ProgramData\TEMP:D8F9D810

< End of report >
irishcoffe
Visiteur Confirmé
Visiteur Confirmé
 
Messages: 24
Inscription: 26 Mai 2011 09:28
 

Re: probleme HDD

Message le 04 Juin 2011 10:39

hello,

* Fais un double-clic sur l'icône d'OTL pour le lancer
/!\ pour Vista/Seven fais un clic-droit sur l'icône d'OTL et choisis "Exécuter en tant qu'administrateur"

* Assure toi d'avoir fermé toutes les applications en court de fonctionnement.

* Quand la fenêtre d'OTL apparaît, assure toi que dans la section "Rapport" (en haut à droite) la case "Rapport minimal" soit cochée.

* Copies et colles le contenue de cette citation dans la partie inférieure d'OTL "Personnalisation"
:OTL
SRV - (Boonty Games) -- C:\Program Files\Common Files\BOONTY Shared\Service\Boonty.exe (BOONTY)
IE - HKLM\..\URLSearchHook: {22e03916-85c5-44b0-8dc9-1830c11238d9} - C:\Program Files\Elf_1\prxtbElf0.dll (Conduit Ltd.)
O2 - BHO: (Elf 1 Toolbar) - {22e03916-85c5-44b0-8dc9-1830c11238d9} - C:\Program Files\Elf_1\prxtbElf0.dll (Conduit Ltd.)
O2 - BHO: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
O2 - BHO: (Bigpoint Games FR Toolbar) - {bf0ad41b-165c-42e1-8f4c-31ef000f9e77} - C:\Program Files\Bigpoint_Games_FR\prxtbBig0.dll (Conduit Ltd.)
O2 - BHO: (Nero Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
O3 - HKLM\..\Toolbar: (Elf 1 Toolbar) - {22e03916-85c5-44b0-8dc9-1830c11238d9} - C:\Program Files\Elf_1\prxtbElf0.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Bigpoint Games FR Toolbar) - {bf0ad41b-165c-42e1-8f4c-31ef000f9e77} - C:\Program Files\Bigpoint_Games_FR\prxtbBig0.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Nero Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
O3 - HKU\S-1-5-21-1937009126-742563726-1599648258-1006\..\Toolbar\WebBrowser: (Elf 1 Toolbar) - {22E03916-85C5-44B0-8DC9-1830C11238D9} - C:\Program Files\Elf_1\prxtbElf0.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-1937009126-742563726-1599648258-1006\..\Toolbar\WebBrowser: (Bigpoint Games FR Toolbar) - {BF0AD41B-165C-42E1-8F4C-31EF000F9E77} - C:\Program Files\Bigpoint_Games_FR\prxtbBig0.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-1937009126-742563726-1599648258-1006\..\Toolbar\WebBrowser: (Nero Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 1
[2011/05/24 16:06:16 | 000,000,152 | -H-- | M] () -- C:\ProgramData\~46128888r
[2011/05/24 16:06:16 | 000,000,120 | -H-- | M] () -- C:\ProgramData\~46128888
[2011/05/24 16:05:56 | 000,000,344 | -H-- | M] () -- C:\ProgramData\46128888
[2011/05/24 16:05:54 | 000,335,872 | -H-- | M] (Microsoft Corporation) -- C:\ProgramData\46128888.exe
[2011/05/22 09:59:02 | 000,000,144 | -H-- | M] () -- C:\ProgramData\~44883704r
[2011/05/22 09:59:02 | 000,000,120 | -H-- | M] () -- C:\ProgramData\~44883704
[2011/05/22 09:55:48 | 000,000,392 | -H-- | M] () -- C:\ProgramData\44883704
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
@Alternate Data Stream - 140 bytes -> C:\ProgramData\TEMP:05F547A9
@Alternate Data Stream - 121 bytes -> C:\ProgramData\TEMP:D8F9D810


:Files
C:\Program Files\Common Files\BOONTY Shared
C:\Program Files\Elf_1
C:\Program Files\ConduitEngine
C:\Program Files\Bigpoint_Games_FR
C:\Program Files\Ask.com
C:\Program Files\Elf_1\prxtbElf0.dll
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Multi Virus Cleaner 2011
C:\Users\celine1\AppData\Local\Conduit
C:\ProgramData\46128888.exe
C:\Program Files\Bigpoint_Games_FR
C:\Windows\tasks\GoogleUpdateTaskMachineUA1cc22747ab980f0.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore1cc2274791b51b0.job
C:\Users\celine1\Desktop\Multi Virus Cleaner 2011.lnk
C:\Users\Céline\AppData\Roaming\gemsweeperextractedgfx
C:\Users\Céline\AppData\Roaming\iWin


:Reg
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring"=-

:Commands
[emptytemp]
[EMPTYFLASH]

* Cliques sur l'icône "Correction" (en haut à gauche) .
* Laisse le scan aller à son terme sans te servir du PC
* A la fin du scan un rapport va s'ouvrir
* Copie et colle le rapports dans ta réponse stp...

ensuite...

Télécharge UnHide.exe (de grinler) sur ton bureau
exécute -le, une fenêtre noire va s'ouvrir, laisse le bosser et attend que petite fenêtre de confirmation que tout c'est bien passer apparaisse, et clique sur "OK"

ensuite..

  • télécharge Malwarebytes.
  • Téléchargement et tuto de Danakil à lire avant le scan.
  • Choisie "exécuter un examen rapide" et à la fin du scan , coche tous les éléments trouvés,et clique sur supprimer la sélection et autorise le redémarrage du pc si demandé.
  • Poste moi le rapport stp.

Donc il me faut....

  • Le rapport OTL
  • Le rapport Malwarebytes stp...
Avatar de l'utilisateur
jeanmimigab
PC-Infopraticien
PC-Infopraticien
 
Messages: 2986
Inscription: 29 Nov 2009 12:05
 

Re: probleme HDD

Message le 04 Juin 2011 12:02

rapport OTL
All processes killed
========== OTL ==========
Service Boonty Games stopped successfully!
Service Boonty Games deleted successfully!
C:\Program Files\Common Files\BOONTY Shared\Service\Boonty.exe moved successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{22e03916-85c5-44b0-8dc9-1830c11238d9} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{22e03916-85c5-44b0-8dc9-1830c11238d9}\ deleted successfully.
C:\Program Files\Elf_1\prxtbElf0.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22e03916-85c5-44b0-8dc9-1830c11238d9}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{22e03916-85c5-44b0-8dc9-1830c11238d9}\ not found.
File C:\Program Files\Elf_1\prxtbElf0.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D}\ deleted successfully.
C:\Program Files\ConduitEngine\prxConduitEngine.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{bf0ad41b-165c-42e1-8f4c-31ef000f9e77}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{bf0ad41b-165c-42e1-8f4c-31ef000f9e77}\ deleted successfully.
C:\Program Files\Bigpoint_Games_FR\prxtbBig0.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ deleted successfully.
C:\Program Files\Ask.com\GenericAskToolbar.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{22e03916-85c5-44b0-8dc9-1830c11238d9} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{22e03916-85c5-44b0-8dc9-1830c11238d9}\ not found.
File C:\Program Files\Elf_1\prxtbElf0.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{30F9B915-B755-4826-820B-08FBA6BD249D} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D}\ not found.
File C:\Program Files\ConduitEngine\prxConduitEngine.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{bf0ad41b-165c-42e1-8f4c-31ef000f9e77} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{bf0ad41b-165c-42e1-8f4c-31ef000f9e77}\ not found.
File C:\Program Files\Bigpoint_Games_FR\prxtbBig0.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
File C:\Program Files\Ask.com\GenericAskToolbar.dll not found.
Registry value HKEY_USERS\S-1-5-21-1937009126-742563726-1599648258-1006\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{22E03916-85C5-44B0-8DC9-1830C11238D9} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{22E03916-85C5-44B0-8DC9-1830C11238D9}\ not found.
File C:\Program Files\Elf_1\prxtbElf0.dll not found.
Registry value HKEY_USERS\S-1-5-21-1937009126-742563726-1599648258-1006\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{BF0AD41B-165C-42E1-8F4C-31EF000F9E77} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BF0AD41B-165C-42E1-8F4C-31EF000F9E77}\ not found.
File C:\Program Files\Bigpoint_Games_FR\prxtbBig0.dll not found.
Registry value HKEY_USERS\S-1-5-21-1937009126-742563726-1599648258-1006\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
File C:\Program Files\Ask.com\GenericAskToolbar.dll not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\DisableTaskMgr deleted successfully.
C:\ProgramData\~46128888r moved successfully.
C:\ProgramData\~46128888 moved successfully.
C:\ProgramData\46128888 moved successfully.
C:\ProgramData\46128888.exe moved successfully.
C:\ProgramData\~44883704r moved successfully.
C:\ProgramData\~44883704 moved successfully.
C:\ProgramData\44883704 moved successfully.
C:\Windows\msdownld.tmp folder deleted successfully.
C:\Windows\PixVillage_Setup.log.tmp deleted successfully.
C:\Windows\System32\ConduitEngine.tmp deleted successfully.
ADS C:\ProgramData\TEMP:05F547A9 deleted successfully.
ADS C:\ProgramData\TEMP:D8F9D810 deleted successfully.
========== FILES ==========
C:\Program Files\Common Files\BOONTY Shared\Service folder moved successfully.
C:\Program Files\Common Files\BOONTY Shared folder moved successfully.
C:\Program Files\Elf_1 folder moved successfully.
C:\Program Files\ConduitEngine folder moved successfully.
C:\Program Files\Bigpoint_Games_FR folder moved successfully.
C:\Program Files\Ask.com folder moved successfully.
File\Folder C:\Program Files\Elf_1\prxtbElf0.dll not found.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Multi Virus Cleaner 2011 folder moved successfully.
C:\Users\celine1\AppData\Local\Conduit\CT2856415 folder moved successfully.
C:\Users\celine1\AppData\Local\Conduit folder moved successfully.
File\Folder C:\ProgramData\46128888.exe not found.
File\Folder C:\Program Files\Bigpoint_Games_FR not found.
C:\Windows\tasks\GoogleUpdateTaskMachineUA1cc22747ab980f0.job moved successfully.
C:\Windows\tasks\GoogleUpdateTaskMachineCore1cc2274791b51b0.job moved successfully.
C:\Users\celine1\Desktop\Multi Virus Cleaner 2011.lnk moved successfully.
C:\Users\Céline\AppData\Roaming\gemsweeperextractedgfx\resources-processed.frc folder moved successfully.
C:\Users\Céline\AppData\Roaming\gemsweeperextractedgfx\resources-loadingwindow.frc folder moved successfully.
C:\Users\Céline\AppData\Roaming\gemsweeperextractedgfx\numerics.frc folder moved successfully.
C:\Users\Céline\AppData\Roaming\gemsweeperextractedgfx\highscoregems.frc folder moved successfully.
C:\Users\Céline\AppData\Roaming\gemsweeperextractedgfx\gems.frc folder moved successfully.
C:\Users\Céline\AppData\Roaming\gemsweeperextractedgfx\gem-fragments.frc folder moved successfully.
C:\Users\Céline\AppData\Roaming\gemsweeperextractedgfx\fonts.frc folder moved successfully.
C:\Users\Céline\AppData\Roaming\gemsweeperextractedgfx\bonusfonts.frc folder moved successfully.
C:\Users\Céline\AppData\Roaming\gemsweeperextractedgfx\boardfonts.frc folder moved successfully.
C:\Users\Céline\AppData\Roaming\gemsweeperextractedgfx\board-yellow-processed.frc folder moved successfully.
C:\Users\Céline\AppData\Roaming\gemsweeperextractedgfx\board-white-processed.frc folder moved successfully.
C:\Users\Céline\AppData\Roaming\gemsweeperextractedgfx\board-red-processed.frc folder moved successfully.
C:\Users\Céline\AppData\Roaming\gemsweeperextractedgfx\board-purple-processed.frc folder moved successfully.
C:\Users\Céline\AppData\Roaming\gemsweeperextractedgfx\board-processed.frc folder moved successfully.
C:\Users\Céline\AppData\Roaming\gemsweeperextractedgfx\board-pink-processed.frc folder moved successfully.
C:\Users\Céline\AppData\Roaming\gemsweeperextractedgfx\board-particles.frc folder moved successfully.
C:\Users\Céline\AppData\Roaming\gemsweeperextractedgfx\board-orange-processed.frc folder moved successfully.
C:\Users\Céline\AppData\Roaming\gemsweeperextractedgfx\board-lgreen-processed.frc folder moved successfully.
C:\Users\Céline\AppData\Roaming\gemsweeperextractedgfx\board-lblue-processed.frc folder moved successfully.
C:\Users\Céline\AppData\Roaming\gemsweeperextractedgfx\board-empty-processed.frc folder moved successfully.
C:\Users\Céline\AppData\Roaming\gemsweeperextractedgfx\board-dgreen-processed.frc folder moved successfully.
C:\Users\Céline\AppData\Roaming\gemsweeperextractedgfx\board-brown-processed.frc folder moved successfully.
C:\Users\Céline\AppData\Roaming\gemsweeperextractedgfx\board-blue-processed.frc folder moved successfully.
C:\Users\Céline\AppData\Roaming\gemsweeperextractedgfx\board-black-processed.frc folder moved successfully.
C:\Users\Céline\AppData\Roaming\gemsweeperextractedgfx folder moved successfully.
C:\Users\Céline\AppData\Roaming\iWin\Rachel's Dream Retreat folder moved successfully.
C:\Users\Céline\AppData\Roaming\iWin\KellyGreenGardenQueen folder moved successfully.
C:\Users\Céline\AppData\Roaming\iWin\jewelquestsolitaire folder moved successfully.
C:\Users\Céline\AppData\Roaming\iWin folder moved successfully.
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\\DisableMonitoring deleted successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: celine1
->Temp folder emptied: 128745793 bytes
->Temporary Internet Files folder emptied: 57174507 bytes
->Java cache emptied: 1650 bytes
->Flash cache emptied: 4549 bytes

User: Céline
->Temp folder emptied: 499568 bytes
->Temporary Internet Files folder emptied: 42992 bytes
->Java cache emptied: 1127419 bytes
->Google Chrome cache emptied: 0 bytes
->Flash cache emptied: 7285 bytes

User: CÚline
->Temp folder emptied: 810024958 bytes

User: C�line

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: lila
->Temp folder emptied: 3049612 bytes
->Temporary Internet Files folder emptied: 104537448 bytes
->Java cache emptied: 2358816 bytes
->Google Chrome cache emptied: 557424 bytes
->Flash cache emptied: 370531 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 24136836 bytes
RecycleBin emptied: 120582472 bytes

Total Files Cleaned = 1 195,00 mb


[EMPTYFLASH]

User: All Users

User: celine1
->Flash cache emptied: 0 bytes

User: Céline
->Flash cache emptied: 0 bytes

User: CÚline

User: C�line

User: Default

User: Default User

User: lila
->Flash cache emptied: 0 bytes

User: Public

Total Flash Files Cleaned = 0,00 mb


OTL by OldTimer - Version 3.2.22.3 log created on 06042011_115737

Files\Folders moved on Reboot...
File\Folder C:\Users\celine1\AppData\Local\Temp\~DF54F7.tmp not found!
File\Folder C:\Users\celine1\AppData\Local\Temp\~DF5502.tmp not found!
File\Folder C:\Users\celine1\AppData\Local\Temp\~DF556C.tmp not found!
File\Folder C:\Users\celine1\AppData\Local\Temp\~DF5576.tmp not found!
File\Folder C:\Users\celine1\AppData\Local\Temp\~DF55A1.tmp not found!
File\Folder C:\Users\celine1\AppData\Local\Temp\~DF55AB.tmp not found!
File\Folder C:\Users\celine1\AppData\Local\Temp\~DFA389.tmp not found!

Registry entries deleted on Reboot...

raport malwarebytes
Malwarebytes' Anti-Malware 1.51.0.1200
www.malwarebytes.org

Version de la base de données: 6768

Windows 6.0.6001 Service Pack 1
Internet Explorer 8.0.6001.19048

04/06/2011 13:00:08
mbam-log-2011-06-04 (13-00-08).txt

Type d'examen: Examen rapide
Elément(s) analysé(s): 187143
Temps écoulé: 4 minute(s), 33 seconde(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
(Aucun élément nuisible détecté)
irishcoffe
Visiteur Confirmé
Visiteur Confirmé
 
Messages: 24
Inscription: 26 Mai 2011 09:28
 

Re: probleme HDD

Message le 04 Juin 2011 12:15

re,

Télécharge TDSSKiller (Kapersky Lab) sur ton bureau en allant sur cette page web
http://support.kaspersky.com/fr/faq/?qid=208280685
Dezzipe le et fais un double-clic dessus pour l'exécuter et si une détection apparait après le scanne,suis les instructions et autorise le redémarrage du pc
/!\ ne change pas l'action proposé par TDSSKiller en fin de scanne (skip, quarantine, cure ) /!\
Poste le rapport "C:\TDSSKiller_Quarantine\DATE_HEURE"
Avatar de l'utilisateur
jeanmimigab
PC-Infopraticien
PC-Infopraticien
 
Messages: 2986
Inscription: 29 Nov 2009 12:05
 

Re: probleme HDD

Message le 05 Juin 2011 11:54

bonjour,
J'ai tout fait comme tu me l'as dit, y'as bien quelque chose de "dangereux" qui a été détecté, j'ai laissé en cure comme c'était indiquer, j'ai redemarrer mon pc, mais apres impossible de trouver le dossier que tu veux que je te mette en rapport, pas de dossier quarantine dans C.
irishcoffe
Visiteur Confirmé
Visiteur Confirmé
 
Messages: 24
Inscription: 26 Mai 2011 09:28
 

Suivante


Sujets similaires

Message problème jeu pc indiana jones et le cercle ancien
Bonjour,Pourriez-vous m'aider à résoudre l'erreur " english missing vulkan device extensions please update your graphics driver or gpu vk KHR ray querry" au moment de démarrer le jeu pc "Indiana Jones et le cercle ancien" sur un pc avec la configuration :Carte mère F898 Saber ...
Réponses: 8

Message Problème USB 3 sur mini PC (SSD M2 externe)
Bonjour a tous, j'ai un problème sur un mini PC fonctionnant sur un Intel N100. Il y a 2 port usb2 et 2 ports usb3. Mon problème ? Il semble que certains perifériques ne fonctionnent pas correctement (en l'occurence, les boitiers externes pour SSD M2).Si le SSD M2 est connecté sur un USB3 j'obtiens ...
Réponses: 5

Message probleme avec le logiciel nvidia
Bonjour,Oui DDU est très efficace , on s'en sert surtout quand on change de fabricant de carte graphique de AMD vers Nvidia par exemple. Il nettoie tout.Bonne journée.
Réponses: 13

Message [Réglé] probleme windows update recherche sans fin
Salut tout le monde depuis quelques jours lorsque je clique sur Windows update et recherche de mise à jour en cours cela se mets en recherche sans fin voir ma capture écran Rien n'y fait, j'ai beau exécuter l'utilitaire de dépannage Windows update rien n'y fait? Il me détecte en effet un incident, m ...
Réponses: 14

Message [Réglé] Problème de dépendance manquantes sur Kali Linux
Salut, j'ai essayé d'installer un logiciel (Free download manager) sur Kali Linux Mais quand j'ai essayé de l'installer, ça a affiché qu'il y a des dépendance manquantesQuelqu'un peut-il m'aider à résoudre ce problème s'il vous plaît ?
Réponses: 1

Message Problème d'installation Kali Linux Dual boot
Bonjour, j'ai crée une nouvelle partition pour l'installation de Kali Linux, après j'ai démarrer l'installation de Kali Linux en dual boot via clé USB, j'ai suivi les instructions, mais quand je clique sur terminer le partitionnement et appliquer les changements, ça affiche "Aucun système de fi ...
Réponses: 1

Message Problème de démarrage pc sur clé USB
Salut, j'ai gravé Linux sur une clé USB (qui ne contient aucun virus après analyse), je veux installer Linux mais quand je démarre mon PC avec ma clé USB ça affiche "security boot fail". Quelqu'un peut-il m'aider à résoudre ce problème, s'il vous plaît ?
Réponses: 1


Qui est en ligne

Utilisateurs parcourant ce forum: Aucun utilisateur enregistré et 16 invités


.: Nous contacter :: Flux RSS :: Données personnelles :.