Assiste.Forums

de **SERAUT** » 20 Déc 2008, 21:37

Bonjour, je suis novice et j ai du mal a tout comprendre mais depuis un petit moment mon ordinateur est d une lenteur incroyable, il est aussi long a se mettre en route qu'à s'arrêter, et lorsque j ouvr eun programme cela met du temps.
Je suis équipé de windows XP SP3 édition familiale édition 2002.
Mon ordinateur est un FUTJITSU SIEMENS COMPUTER AMD Athlon 64x2 Dual Core processor 3800+ de 2,01Ghz et 4Go de mémoire mais 3 seulement sont reconnus apparement.

J ai suivi votre PAD avec mes moyens de débutant.

Mon Log HJT2 est :

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:58:43, on 20/12/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\SPAMfighter\SFAgent.exe
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\sessmgr.exe
C:\Program Files\Spyware Doctor\sdhelp.exe
C:\Program Files\SPAMfighter\sfus.exe
C:\WINDOWS\system32\UAService7.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\WINDOWS\system32\SearchFilterHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - (no file)
O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_3_19_0.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - C:\PROGRA~1\Spyware Doctor\tools\iesdsg.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Implements TweakBHO - {7DAAC7DE-9EF0-4FF0-BFA5-AFF3E899054C} - C:\PROGRA~1\TweakMASTER\TweakBHO.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll (file missing)
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll
O2 - BHO: PCTools Browser Monitor - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - C:\PROGRA~1\Spyware Doctor\tools\iesdpb.dll
O3 - Toolbar: Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_3_19_0.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll (file missing)
O4 - HKLM\..\Run: [avast!] "C:\Program Files\Alwil Software\Avast4\ashDisp.exe"
O4 - HKLM\..\Run: [SPAMfighter Agent] "C:\Program Files\SPAMfighter\SFAgent.exe" update delay 60
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Easy-WebPrint Ajouter à la liste d'impressions - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint Impression rapide - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Imprimer - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
O8 - Extra context menu item: Easy-WebPrint Prévisualiser - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\PROGRA~1\Spyware Doctor\tools\iesdpb.dll
O9 - Extra button: Créer un Favori de l'appareil mobile - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: Traduction - {7A2EFD41-E6B3-11D2-89E3-00E0292EE574} - C:\Program Files\PROMT5\PROMTIE4\promtie5.htm
O9 - Extra 'Tools' menuitem: Traduire - {7A2EFD41-E6B3-11D2-89E3-00E0292EE574} - C:\Program Files\PROMT5\PROMTIE4\promtie5.htm
O9 - Extra button: (no name) - {7A2EFD41-E6B3-11D2-89E3-00E0292EE575} - C:\Program Files\PROMT5\PROMTIE4\options.htm
O9 - Extra 'Tools' menuitem: Personnaliser les options de traduction - {7A2EFD41-E6B3-11D2-89E3-00E0292EE575} - C:\Program Files\PROMT5\PROMTIE4\options.htm
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Allocam Multi Vision - {2D6B57BF-71FA-41A3-BDC5-3B5A25813D2E} - C:\WINDOWS\system32\shdocvw.dll (HKCU)
O9 - Extra 'Tools' menuitem: Allocam Multi Vision - {2D6B57BF-71FA-41A3-BDC5-3B5A25813D2E} - C:\WINDOWS\system32\shdocvw.dll (HKCU)
O9 - Extra button: Traduction - {7A2EFD41-E6B3-11D2-89E3-00E0292EE574} - C:\Program Files\PROMT5\PROMTIE4\promtie5.htm (HKCU)
O9 - Extra 'Tools' menuitem: Traduire - {7A2EFD41-E6B3-11D2-89E3-00E0292EE574} - C:\Program Files\PROMT5\PROMTIE4\promtie5.htm (HKCU)
O9 - Extra button: (no name) - {7A2EFD41-E6B3-11D2-89E3-00E0292EE575} - C:\Program Files\PROMT5\PROMTIE4\options.htm (HKCU)
O9 - Extra 'Tools' menuitem: Personnaliser les options de traduction - {7A2EFD41-E6B3-11D2-89E3-00E0292EE575} - C:\Program Files\PROMT5\PROMTIE4\options.htm (HKCU)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} (Java Plug-in 1.6.0_05) -
O18 - Protocol: pfo - {3050F3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Diskeeper - Diskeeper Corporation - C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
O23 - Service: getPlus(R) Helper - NOS Microsystems Ltd. - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Sandra Data Service (SandraDataSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Ingénieur 2007.SP1\Win32\RpcDataSrv.exe
O23 - Service: Sandra Service (SandraTheSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Ingénieur 2007.SP1\RpcSandraSrv.exe
O23 - Service: PC Tools Spyware Doctor (SDhelper) - PC Tools Research Pty Ltd - C:\Program Files\Spyware Doctor\sdhelp.exe
O23 - Service: SPAMfighter Update Service - SPAMfighter ApS - C:\Program Files\SPAMfighter\sfus.exe
O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Sony DADC Austria AG. - C:\WINDOWS\system32\UAService7.exe

--
End of file - 11305 bytes

Mon fichier Navilog est :

Search Navipromo version 3.7.0 commencé le 20/12/2008 à 21:00:24,23

!!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!!
!!! Postez ce rapport sur le forum pour le faire analyser !!!
!!! Ne lancez pas la partie désinfection sans l'avis d'un spéblurpte !!!

Outil exécuté depuis C:\Program Files\navilog1

Mise à jour le 10.12.2008 à 21h00 par IL-MAFIOSO

Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
X86-based PC ( Multiprocessor Free : AMD Athlon(tm) 64 X2 Dual Core Processor 3800+ )
BIOS : Phoenix - AwardBIOS v6.00PG
USER : Michel ( Administrator )
BOOT : Normal boot

Antivirus : avast! antivirus 4.8.1296 [VPS 081220-0] 4.8.1296 (Activated)
Firewall : BitDefender Internet Security v10 7.2 (Not Activated)

C:\ (Local Disk) - NTFS - Total:298 Go (Free:79 Go)
D:\ (CD or DVD)
E:\ (USB)
F:\ (USB)
G:\ (USB)
H:\ (USB)
I:\ (USB)
J:\ (CD or DVD) - CDFS - Total:4 Go (Free:0 Go)
K:\ (CD or DVD) - UDF - Total:3 Go (Free:0 Go)
L:\ (CD or DVD)
M:\ (CD or DVD) - CDFS - Total:0 Go (Free:0 Go)

Recherche executé en mode normal

*** Recherche Programmes installés ***

*** Recherche dossiers dans "C:\WINDOWS" ***

*** Recherche dossiers dans "C:\Program Files" ***

*** Recherche dossiers dans "C:\Documents and Settings\All Users\menudm~1\progra~1" ***

*** Recherche dossiers dans "C:\Documents and Settings\All Users\menudm~1" ***

*** Recherche dossiers dans "c:\docume~1\alluse~1\applic~1" ***

*** Recherche dossiers dans "C:\Documents and Settings\Michel\applic~1" ***

*** Recherche dossiers dans "C:\Documents and Settings\Michel\locals~1\applic~1" ***

*** Recherche dossiers dans "C:\Documents and Settings\Michel\menudm~1\progra~1" ***

*** Recherche avec Catchme-rootkit/stealth malware detector par gmer ***
pour + d'infos : http://www.gmer.net

*** Recherche avec GenericNaviSearch ***
!!! Tous ces résultats peuvent révéler des fichiers légitimes !!!
!!! A vérifier impérativement avant toute suppression manuelle !!!

* Recherche dans "C:\WINDOWS\system32" *

* Recherche dans "C:\Documents and Settings\Michel\locals~1\applic~1" *

Quelqu'un peut-il m'aider, merci beaucoup.
Nota : avant j avais 2GO de mémoire au vu de la lenteur j'ai mis
Go de plus mais ca change pas le problème et je sais plus quoi faire.

de **SERAUT** » 20 Déc 2008, 21:50

Les services Windows suivants ont été‚ lancés:

Acquisition d'image Windows (WIA)
Aide et support
Appel de proc‚dure distante (RPC)
Application systŠme COM+
Audio Windows
avast! Antivirus
avast! iAVS4 Control Service
avast! Mail Scanner
avast! Web Scanner
Centre de s‚curit‚
Client DHCP
Client DNS
Configuration automatique sans fil
Connexions r‚seau
Diskeeper
D‚tection mat‚riel noyau
Emplacement prot‚g‚
Explorateur d'ordinateur
Extension de conception TuneUp
Gestionnaire de comptes de s‚curit‚
Horloge Windows
Infrastructure de gestion Windows
Journal des ‚v‚nements
Lanceur de processus serveur DCOM
Lavasoft Ad-Aware Service
LVCOMSer
Machine Debug Manager
Mises … jour automatiques
NLA (Network Location Awareness)
Notification d'‚v‚nement systŠme
NVIDIA Display Driver Service
Pare-feu Windows / Partage de connexion Internet
PC Tools Spyware Doctor
Planificateur de tƒches
Plug-and-Play
Process Monitor
SecuROM User Access Service (V7)
Serveur
Service de la passerelle de la couche Application
Service de restauration systŠme
Services de cryptographie
Services Terminal Server
SPAMfighter Update Service
Spouleur d'impression
Station de travail
SystŠme d'‚v‚nements de COM+
ThŠmes
Windows Driver Foundation - User-mode Driver Framework
Windows Search

La commande s'est termin‚e correctement.

de **nickW** » 20 Déc 2008, 23:44

Bonsoir,

SERAUT a écrit:depuis un petit moment mon ordinateur est d une lenteur incroyable

Peux-tu essayer de te rappeler si cela faisait suite à une mise à jour WindowsUpdate, une installation/mise à jour d'un autre logiciel, une installation d'un nouveau matériel?

Le log HijackThis, bien insuffisant, ne montre rien de "méchant". Création de deux logs détaillés:

Note: Ces manips doivent être effectuées en ayant ouvert une session avec les "droits Administrateur" (ne pas utiliser le profil utilisateur nommé "Administrateur" visible en mode sans échec).
Sous Windows XP, pour vérifier si un compte a les droits "Administrateur":
Démarrer---->Paramètres---->Panneau de configuration---->Comptes d'utilisateurs
A côté de l'icône représentant certains comptes (hormis celui nommé "Administrateur"), il est indiqué "Administrateur de l'ordinateur"
C'est l'un de ces comptes qu'il faudra utiliser.

Étape 1: OTListIt2 (de OldTimer), téléchargement
Télécharger OTListIt2.exe depuis http://oldtimer.geekstogo.com/OTListIt2.exe
Enregistrer ce fichier sur le Bureau.

Étape 2: OTListIt2 (de OldTimer)
Fermer toutes les fenêtres de programme ouvertes.

Faire un double clic sur OTListIt2.exe pour lancer l'outil.

L'écran principal de OTListIt2 s'affiche:

Si ce n'est déjà fait, dans le paragraphe Extra Registry, cocher le bouton-radio Use SafeList

Cocher (en haut) la case située devant Scan All Users:

Puis cliquer sur le bouton Run Scan:

Laisser l'outil travailler sans l'interrompre.
Lorsque l'outil a terminé, il y a ouverture d'une fenêtre du Bloc-notes contenant un rapport (log).
Fermer le Bloc-notes.
Le second rapport est visible dans la Barre des tâches. Le fermer également.
Fermer la fenêtre de OTListIt2.

Étape 3: Résultats
Envoyer en réponse dans deux messages distincts (à cause de la longueur des logs):
*- les deux rapports de OTListIt2 (contenu des fichiers OTListIt.txt et Extras.txt situés sur le Bureau).
Les rapports envoyés sur le forum doivent se terminer par une ligne contenant <End>. Si ce n'est pas le cas, ils sont incomplets, et doivent alors être découpés en plusieurs messages.

Note importante: Pour l'envoi de ta(tes) réponse(s), il ne faut pas créer un nouveau sujet, mais cliquer sur le bouton "Répondre"

pour continuer dans ce fil de discussion.

A suivre,

de **SERAUT** » 21 Déc 2008, 13:36

Je ne me souviens plus à quel moment exactement le ralentissement est intervenu, je sais vraiement pas.

Mes fichiers OTlistIt2 sont :

Extras.txt :

OTListIt Extras logfile created on: 21/12/2008 13:29:04 - Run
OTListIt2 by OldTimer - Version 1.0.1.0 Folder = C:\Documents and Settings\Michel\Bureau
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

2,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 100,00% Memory free
4,00 Gb Paging File | 4,00 Gb Available in Paging File | 100,00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092;

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 298,09 Gb Total Space | 79,17 Gb Free Space | 26,56% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Drive J: | 4,16 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive K: | 3,84 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
Drive M: | 440,80 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS

Computer Name: SERAUT
Current User Name: Michel
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Output = Standard
File Age = 30 Days
Company Name Whitelist: On

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l
========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts]

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[2006/08/03 14:23:26 | 00,644,096 | ---- | M] (SiSoftware) -- C:\Program Files\SiSoftware\SiSoftware Sandra Ingénieur 2007.SP1\sandra.exe:*:Enabled:SiSoftware Sandra Ingénieur
[2006/08/03 14:23:32 | 01,258,488 | ---- | M] (SiSoftware) -- C:\Program Files\SiSoftware\SiSoftware Sandra Ingénieur 2007.SP1\RpcSandraSrv.exe:*:Enabled:SiSoftware Sandra Ingénieur
[2006/08/03 14:23:36 | 00,119,800 | ---- | M] (SiSoftware) -- C:\Program Files\SiSoftware\SiSoftware Sandra Ingénieur 2007.SP1\Win32\RpcDataSrv.exe:*:Enabled:SiSoftware Sandra Ingénieur
[2008/04/13 19:53:32 | 00,558,080 | ---- | M] (Microsoft Corporation) -- %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000
[2007/10/18 11:34:04 | 05,724,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger
[2007/10/02 17:18:24 | 00,304,488 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
File not found -- C:\Program Files\VideoLAN\VLC\vlc.exe:*:Enabled:VLC media player
[2008/08/22 10:36:51 | 09,973,760 | ---- | M] (adsltv.org) -- C:\Program Files\adslTV\adslTV.exe:*:Enabled:adslTV
File not found -- C:\Program Files\AIM\aim.exe:*:Enabled:AOL Instant Messenger
[2008/04/14 03:34:13 | 01,695,232 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Messenger\Msmsgs.exe:*:Enabled:Windows Messenger
[2006/07/27 20:38:34 | 01,015,808 | ---- | M] () -- C:\téléchargement\FreeMultiPosteTV\FreeMultiPosteTV.exe:*:Enabled:FreeMultiPosteTV
File not found -- C:\téléchargement\vlc-0.8.4a-crazy\vlc.exe:*:Enabled:VLC media player
File not found -- C:\téléchargement\FreeMultiPosteTV.exe:*:Enabled:FreeMultiPosteTV
File not found -- C:\Program Files\FreeEasyZap\FreeEasyZap.exe:*:Enabled:FreeEasyZap
[2006/09/14 15:15:24 | 05,001,216 | ---- | M] (http://www.emule-project.net) -- C:\téléchargement\eMule0.47c\emule.exe:*:Enabled:eMule
[2006/08/11 23:25:46 | 01,304,136 | R--- | M] () -- C:\Program Files\THQ\Company of Heroes\BugReport\BugReport.exe:*:Enabled:BugReport
[2006/08/03 14:23:26 | 00,644,096 | ---- | M] (SiSoftware) -- C:\Program Files\SiSoftware\SiSoftware Sandra Ingénieur 2007.SP1\sandra.exe:*:Enabled:SiSoftware Sandra Ingénieur
[2006/08/03 14:23:32 | 01,258,488 | ---- | M] (SiSoftware) -- C:\Program Files\SiSoftware\SiSoftware Sandra Ingénieur 2007.SP1\RpcSandraSrv.exe:*:Enabled:SiSoftware Sandra Ingénieur
[2006/08/03 14:23:36 | 00,119,800 | ---- | M] (SiSoftware) -- C:\Program Files\SiSoftware\SiSoftware Sandra Ingénieur 2007.SP1\Win32\RpcDataSrv.exe:*:Enabled:SiSoftware Sandra Ingénieur
[2008/12/17 21:25:37 | 00,307,704 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox
[2008/04/13 19:53:32 | 00,558,080 | ---- | M] (Microsoft Corporation) -- %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000
File not found -- C:\Program Files\Fichiers communs\AOL\Loader\aolload.exe:*:Enabled:AOL Loader
[2008/03/10 08:15:41 | 00,254,976 | ---- | M] (Azureus Inc) -- C:\Program Files\Azureus\Azureus.exe:*:Enabled:Azureus
File not found -- C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent
File not found -- C:\DOCUME~1\Michel\LOCALS~1\Temp\44exmodul32f.i.exe:*:Enabled:Microsoft Update
[2008/10/01 20:41:55 | 04,908,544 | ---- | M] () -- C:\TFPTools3_0\TFPTools.exe:*:Enabled:TFPTools
[2008/04/05 14:22:46 | 00,095,744 | ---- | M] () -- C:\TFPTools3_0\VLC\vlc.exe:*:Enabled:VLC media player
File not found -- C:\Ancien ordinateur\divers à trier\EasyBox\vlc\vlc.exe:*:Enabled:VLC media player
[2004/10/07 00:44:45 | 03,969,536 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Games\Zoo Tycoon 2\zt.exe:*:Enabled:Zoo Tycoon 2 Executable
[2004/02/24 15:20:04 | 00,401,491 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft ActiveSync\wcescomm.exe:*:Enabled:ActiveSync Connection Manager
[2007/06/17 11:14:36 | 00,096,256 | ---- | M] () -- C:\Program Files\adslTV\vlc.exe:*:Enabled:VLC media player
File not found -- C:\Program Files\WinHTTrack\WinHTTrack.exe:*:Enabled:WinHTTrack Website Copier, Web Site mirroring for professional and private purposes
File not found -- C:\Program Files\Midway Games\Happy Feet\EngineImplementation_Retail.exe:*:Enabled:A2M Game Engine
File not found -- C:\Program Files\Allocam Multi Visio\allocam.exe:*:Enabled:Multi Video
File not found -- C:\DOCUME~1\Michel\LOCALS~1\Temp\43exinjs.a3.exe:*:Enabled:Microsoft Update
File not found -- C:\DOCUME~1\Michel\LOCALS~1\Temp\7exinjs.a3.exe:*:Enabled:Microsoft Update
File not found -- C:\Program Files\Yahoo!\Messenger\YPager.exe:*:Enabled:Yahoo! Messenger
[2007/08/30 16:43:18 | 00,091,376 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\Messenger\YServer.exe:*:Enabled:Yahoo! FT Server
[2008/08/01 18:41:24 | 05,480,448 | ---- | M] (http://www.emule-project.net) -- C:\Program Files\eMule\emule.exe:*:Enabled:eMule
[2007/10/20 12:14:49 | 00,219,952 | ---- | M] () -- C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent
[2007/08/30 16:43:18 | 04,670,704 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger
[2005/09/02 20:24:01 | 06,415,360 | ---- | M] () -- C:\Program Files\Freeplayer\vlc\vlc.exe:*:Enabled:VLC media player
File not found -- D:\ge.exe:*:Enabled:Application MFC ge
[2007/09/19 02:54:24 | 09,755,136 | ---- | M] (Massive Entertainment AB) -- C:\Program Files\Sierra Entertainment\World in Conflict\wic.exe:*:Enabled:World in Conflict
[2007/09/19 02:47:22 | 09,200,128 | ---- | M] (Massive Entertainment AB) -- C:\Program Files\Sierra Entertainment\World in Conflict\wic_online.exe:*:Enabled:World in Conflict - Online Only
[2007/09/19 03:04:26 | 07,529,472 | ---- | M] () -- C:\Program Files\Sierra Entertainment\World in Conflict\wic_ds.exe:*:Enabled:World in Conflict - Dedicated Server
[2008/04/14 03:34:01 | 00,083,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test
[2008/04/14 03:34:20 | 00,033,792 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rundll32.exe:*:Enabled:Exécuter une DLL en tant qu'application
File not found -- C:\Program Files\Joost\xulrunner\tvprunner.exe:*:Enabled:tvprunner
File not found -- C:\Program Files\Babelgum\Babelgum.exe:*:Enabled:Babelgum
[2008/04/14 03:34:06 | 00,769,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\pchealth\helpctr\binaries\HelpCtr.exe:*:Enabled:Assistance à distance - Windows Messenger et voix
File not found -- C:\Documents and Settings\Michel\Local Settings\Temp\88exmdnk_63.exe:*:Enabled:88exmdnk_63
[2007/12/17 11:12:40 | 00,385,024 | ---- | M] () -- C:\Program Files\PeerTV\PeerCast.exe:*:Enabled:PeerCast
[2008/04/01 23:41:10 | 00,095,744 | ---- | M] () -- C:\Program Files\PeerTV\VLC\vlc.exe:*:Enabled:VLC media player
File not found -- C:\WINDOWS\Temp\occ.exe:*:Enabled:OneCC Module
File not found -- C:\Program Files\Free Music Zilla\FMZilla.exe:*:Enabled:FMZilla Module
[2007/10/18 11:34:04 | 05,724,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger
[2007/10/02 17:18:24 | 00,304,488 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00203668-8170-44A0-BE44-B632FA4D780F}" = Adobe AIR
"{0297C87B-CC40-446F-865A-031B4FC0CF22}" = Race Driver 3
"{0D005F09-A5F4-473B-A901-5735C6AF5628}" = Silent Hunter 4 Wolves of the Pacific
"{0FC65BD2-FB46-4E89-AEB9-C5CB53E4BC1F}_is1" = JkDefrag 3.36
"{105E1A5B-A749-4825-A8A1-AFD16615DC6C}" = DesignPro SE
"{1838C5A2-AB32-4145-85C1-BB9B8DFA24CD}" = QuickTime
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{1FC6AED4-F606-11D4-872D-00E0294855E2}" = Reverso Expert EFFE
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{2ABD5914-4F3F-4A34-A313-A7182901733E}" = HardwareDetection
"{3248F0A8-6813-11D6-A77B-00B0D0160050}" = Java(TM) 6 Update 5
"{331DFBF7-734D-4545-8A9D-48CB5D73AF07}" = OpenOffice.org 2.3
"{35725FBC-A136-4A46-9F29-091759D9BB93}" = MVision
"{4518F005-76A9-4E8B-9C5D-3559DF9BFE11}" = DriverMAGIC Professional Edition
"{49672EC2-171B-47B4-8CE7-50D7806360D7}" = Windows Live Sign-in Assistant
"{51D718D1-DA81-4FAD-919F-5C1CE3C33379}" = Company of Heroes
"{55937F00-A69B-4049-8D3A-1C7729742B6F}" = BUM
"{5E8A1B08-0FBD-4543-9646-F2C2D0D05750}" = Macromedia Flash Player 8
"{659660d0-edb3-4afb-be92-7ea22a0cae65}.sdb" = Windows XP Junglebook Compatiblity Fix
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{73F1BDB7-11E1-11D5-9DC6-00C04F2FC33B}" = PC Booster
"{83d96ed0-98aa-4515-8ddc-816f3efdd104}" = MyDSC2
"{868D7896-99D4-4513-BC62-2B3AD3E24926}" = TuneUp Utilities 2006
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C672C85-394D-421A-BF7E-98F97789462A}" = Micro Application - Plus de 500 Applications pour Excel
"{8EDBA74D-0686-4C99-BFDD-F894678E5101}" = Adobe Common File Installer
"{9011040C-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90120000-0020-040C-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90AF040C-6000-11D3-8CFE-0150048383C9}" = Microsoft Office PowerPoint Viewer 2003
"{938082FD-8F07-440E-8F01-8C49E15EB364}" = Micro Application - Développez vos Photos
"{945AC98B-3DC8-45BE-BAE0-22CEEE37A103}" = Logitech QuickCam
"{9A394342-4A68-4EBA-85A6-55B559F4E700}" = Microsoft .NET Framework 1.1 French Language Pack
"{9F185C48-595B-401A-A1D6-AAB324890DC4}" = GiPo@MoveOnBoot 1.9.5
"{AC76BA86-7AD7-1036-7B44-A90000000001}" = Adobe Reader 9 - Français
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B1D8CAE1-62E8-4259-8B57-1755629F71EC}" = Diskeeper 2007 Pro Premier
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B508B3F1-A24A-32C0-B310-85786919EF28}" = Microsoft .NET Framework 2.0 Service Pack 1
"{BA0601E1-B65C-11D5-80A9-0000B494D9A6}" = PC Booster
"{BADF6744-3787-48F6-B8C9-4C4995401D65}" = Windows Live Messenger
"{BBB1528C-2F8C-4526-9C8E-699F17AF21CA}" = SweetIM For Internet Explorer 1.0a
"{BEF726DD-4037-4214-8C6A-E625C02D2870}" = Logitech Audio Echo Cancellation Component
"{C3113E55-7BCB-4de3-8EBF-60E6CE6B2096}_is1" = SiSoftware Sandra Ingénieur 2007.SP1 (Win64/32/CE)
"{C7340571-7773-4A8C-9EBC-4E4243B38C76}" = Microsoft XML Parser
"{C985153C-3801-EB63-1432-088E71801036}" = Nero 7 Demo
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{D958FAC4-BAE0-4B1D-A42E-DE9BFDE7DDEE}" = Canon PhotoRecord
"{DBEA1034-5882-4A88-8033-81C4EF0CFA29}" = Google Toolbar for Internet Explorer
"{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}" = Ad-Aware
"{E9787678-119F-4D52-B551-6739B2B22101}" = Adobe Help Center 1.0
"{EA516024-D84D-41F1-814F-83175A6188F2}" = Logitech Video Enumerator
"{EE0D5DCD-2B97-4473-98DF-E93C0BD92F7A}" = Adobe Stock Photos 1.0
"{F11ADC64-C89E-47F4-A0B3-3665FF859397}" = World in Conflict
"{F1CB3A6E-4474-4A7B-9DE2-DE6B21B3435E}" = Super Nettoyeur
"{F5346614-B7C4-4E94-826A-E2363155233D}" = EasyCleaner
"{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio
"{FB89456A-8EEE-4357-AAE1-1A5A46A974AD}" = ROUTE 66 Safety Camera Update
"{FD44E544-E7D0-4DBA-9FA0-8AE1A1300390}" = Windows Live installer
"4Diskclean Pro_is1" = 4Diskclean Pro
"7B97A8EDCCEC659B382D562C55FC61601C43C968" = Package de pilotes Windows - Advanced Micro Devices (AmdK8) Processor (04/28/2006 1.3.1.0)
"Ad-aware 6 - trad fr" = Ad-aware 6 - Traduction FR
"Ad-aware 6 Professional" = Ad-aware 6 Professional
"Adobe Acrobat 5.0" = Adobe Acrobat 5.0
"Adobe Flash Player ActiveX" = Adobe Flash Player ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player Plugin
"Adobe Photoshop CS2 - {236BB7C4-4419-42FD-040C-1E257A25E34D}" = Adobe Photoshop CS2
"Adobe® Photoshop® Album Edition Découverte 3.2" = Adobe® Photoshop® Album Edition Découverte 3.2
"adsl TV" = adsl TV
"aignesamdeadlink_is1" = AM-DeadLink 3.1
"avast!" = avast! Antivirus
"AviSynth" = AviSynth 2.5
"Azureus" = Azureus
"BricoCalculette_is1" = BricoCalculette 1.0
"CANONBJ_Deinstall_CNMCP61.DLL" = Canon PIXMA iP3000
"CCleaner" = CCleaner (remove only)
"CFWebAdvancedU" = CamfrogWEB Advanced ActiveX Plugin (remove only)
"CloneDVD.exe_is1" = CloneDVD 3.6
"CloneDVD2" = CloneDVD2
"Combat Flight Simulator 1.00" = Microsoft Combat Flight Simulator
"Combat Flight Simulator 3.0" = Microsoft Combat Flight Simulator 3.0
"dBpoweramp Music Converter" = dBpoweramp Music Converter
"dBpoweramp WavPack Codec" = dBpoweramp WavPack Codec
"dBpoweramp Windows Media Audio 10 Codec" = dBpoweramp Windows Media Audio 10 Codec
"dBpowerAMP WMA V9.1 Codec" = dBpowerAMP WMA V9.1 Codec
"Defraggler" = Defraggler (remove only)
"DMX4_is1" = DriverMax 4
"DVD Shrink_is1" = DVD Shrink 3.2
"Easy-PhotoPrint" = Canon Utilities Easy-PhotoPrint
"Easy-PrintToolBox" = Canon Utilities Easy-PrintToolBox
"Easy-WebPrint" = Easy-WebPrint
"eMule" = eMule
"EVEREST Home Edition_is1" = EVEREST Home Edition v2.20
"Freeplayer" = Freeplayer
"GrabIt_is1" = GrabIt 1.7.1 Beta (build 960)
"Heroes of the Pacific" = Heroes of the Pacific
"HijackThis" = HijackThis 2.0.2
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"Infinity USB_is1" = Infinity USB 1.52
"InstallShield_{105E1A5B-A749-4825-A8A1-AFD16615DC6C}" = DesignPro SE
"iolo technologies' System Mechanic 5 Professional" = iolo technologies' System Mechanic 5 Professional
"iWizz 1.0b1" = iWizz
"jv16 PowerTools 2008_is1" = jv16 PowerTools 2008
"KC Softwares IDPhotoStudio_is1" = KC Softwares IDPhotoStudio
"KC Softwares PhotoToFilm_is1" = KC Softwares PhotoToFilm
"legacyqcam_10.51" = Coffret de pilotes Logitech Legacy USB Camera
"lvdrivers_11.50" = Coffret de pilotes Logitech QuickCam
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"MediaNavigation.CDLabelPrint" = CD-LabelPrint
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 2.0 Language Pack - FRA" = Module de prise en charge linguistique de Microsoft .NET Framework 2.0 - FRA
"Mozilla Firefox (3.0.5)" = Mozilla Firefox (3.0.5)
"Mozilla Thunderbird (2.0.0.9)" = Mozilla Thunderbird (2.0.0.9)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"MSNINST" = MSN
"My Drivers 3.11" = My Drivers 3.11
"Navilog1_is1" = Navilog1 3.7.0
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"NVIDIA Drivers" = NVIDIA Drivers
"PC SECURITY TEST 2007_is1" = PC SECURITY TEST 2007
"PeerTV" = PeerTV 1.1.2
"PhotoFiltre" = PhotoFiltre
"Picasa2" = Picasa 2
"PowerStrip 3 (remove only)" = PowerStrip 3 (remove only)
"Ptite Fouine" = Ptite Fouine (remove only)
"QuickGamma_is1" = QuickGamma 2.0.0.3
"QuickPar" = QuickPar 0.9
"Registry Compressor_is1" = Registry Compressor
"Registry Mechanic_is1" = Registry Mechanic 7.0
"SiS163u" = Fujitsu Siemens Computers WLAN 802.11b/g D1705/D1706
"SpaceMonger" = SpaceMonger 2.1.1
"SPAMfighter" = SPAMfighter
"Spybot - Search & Destroy_is1" = Spybot - Search & Destroy 1.5.2.20
"SpyRemover_is1" = SpyRemover 2.55
"Spyware Doctor_is1" = Spyware Doctor 3.8
"SuperCopier2" = SuperCopier2
"TOWeb-SetupID-0002_is1" = Lauyan TOWeb V2
"TvFreePlayer Tools" = TvFreePlayer Tools
"Tweak-XP Pro 4" = Tweak-XP Pro 4
"Unlocker" = Unlocker 1.8.5
"ViewpointMediaPlayer" = Viewpoint Media Player
"VLC media player" = VideoLAN VLC media player 0.8.5-freehd
"Voissa Anonymo 2_is1" = Voissa Anonymo
"VoissaTV_is1" = VoissaTV
"What's Running_is1" = What's Running 2.2
"Widget SFR" = Widget SFR 2.2
"Window Washer" = Window Washer
"Windows CE Services" = Microsoft ActiveSync 3.7
"Windows Live OneCare safety scanner" = Windows Live OneCare safety scanner
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Lecteur Windows Media 11
"Windows XP Service" = Windows XP Service Pack 3
"WinPcapInst" = WinPcap 4.0 alpha1
"WinRAR archiver" = Archiveur WinRAR
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"xqdcXSP_is1" = Xteq-dotec X-Setup Pro 6.6.300.Final1
"Yahoo! Companion" = Yahoo! Companion
"Yahoo! Messenger" = Yahoo! Messenger
"Zoo Tycoon 2" = Zoo Tycoon 2

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{9863F141-7A33-4c9a-A5F2-96996461B216}" =
"PassportPhoto" = PassportPhoto (remove)
"uTorrent" = µTorrent

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-2921752088-3549839694-617077185-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{9863F141-7A33-4c9a-A5F2-96996461B216}" =
"PassportPhoto" = PassportPhoto (remove)
"uTorrent" = µTorrent

========== Last 10 Event Log Errors ==========

[ Antivirus Events ]
Error - 06/04/2008 07:06:00 | Computer Name = SERAUT | Source = avast! | ID = 33554522
Description = Internal error has occurred in module aswar scan function failed!,
function C0000005.

Error - 06/04/2008 07:14:24 | Computer Name = SERAUT | Source = avast! | ID = 33554522
Description = Internal error has occurred in module aswar scan function failed!,
function C0000005.

Error - 06/04/2008 07:28:05 | Computer Name = SERAUT | Source = avast! | ID = 33554522
Description = Internal error has occurred in module aswar scan function failed!,
function C0000005.

Error - 06/04/2008 07:32:33 | Computer Name = SERAUT | Source = avast! | ID = 33554522
Description = Internal error has occurred in module aswar scan function failed!,
function C0000005.

Error - 06/04/2008 08:32:00 | Computer Name = SERAUT | Source = avast! | ID = 33554522
Description = Internal error has occurred in module aswar scan function failed!,
function C0000005.

Error - 06/04/2008 08:53:26 | Computer Name = SERAUT | Source = avast! | ID = 33554522
Description = Internal error has occurred in module aswar scan function failed!,
function C0000005.

Error - 06/04/2008 13:36:02 | Computer Name = SERAUT | Source = avast! | ID = 33554522
Description = Internal error has occurred in module aswar scan function failed!,
function C0000005.

Error - 07/04/2008 06:28:41 | Computer Name = SERAUT | Source = avast! | ID = 33554522
Description = Internal error has occurred in module aswar scan function failed!,
function C0000005.

Error - 19/09/2008 04:24:02 | Computer Name = SERAUT | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
http://download.microsoft.com/download/ ... e_spcd.iso
failed, 00000084.

Error - 07/10/2008 06:26:36 | Computer Name = SERAUT | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
N:\Jeux téléchargés\Silent Hunter 4 Wolves of the Pacific\Silent Hunter 4 Wolves
of the Pacific\SilentHunter4.mdf failed, 0000001E.

[ Application Events ]
Error - 12/12/2008 03:42:30 | Computer Name = SERAUT | Source = Microsoft Zoo Tycoon 2 | ID = 1001
Description =

Error - 13/12/2008 15:50:31 | Computer Name = SERAUT | Source = Windows Search Service | ID = 3013
Description = Impossible de mettre à jour l'entrée <C> dans la configuration de hachage. Contexte : Application
, Catalogue SystemIndex Détails : Un périphérique attaché au système ne fonctionne
pas correctement. (0x8007001f)

Error - 13/12/2008 15:50:31 | Computer Name = SERAUT | Source = Windows Search Service | ID = 3013
Description = Impossible de mettre à jour l'entrée <C> dans la configuration de hachage. Contexte : Application
, Catalogue SystemIndex Détails : Un périphérique attaché au système ne fonctionne
pas correctement. (0x8007001f)

Error - 19/12/2008 12:47:31 | Computer Name = SERAUT | Source = WmiAdapter | ID = 4099
Description = Échec de l'ouverture de services.

Error - 19/12/2008 13:38:33 | Computer Name = SERAUT | Source = Microsoft Zoo Tycoon 2 | ID = 1000
Description =

Error - 19/12/2008 13:38:42 | Computer Name = SERAUT | Source = Microsoft Zoo Tycoon 2 | ID = 1001
Description =

Error - 19/12/2008 14:50:27 | Computer Name = SERAUT | Source = Windows Search Service | ID = 7040
Description = Le service de recherche a détecté des fichiers de données corrompus
dans l’index. Le service tentera de corriger automatiquement ce problème en recréant
l’index. Contexte : Application Windows, Catalogue SystemIndex Détails : 0xc0041801
(0xc0041801)

Error - 19/12/2008 14:50:27 | Computer Name = SERAUT | Source = Windows Search Service | ID = 3029
Description = Impossible d'initialiser le plug-in dans <Search>. Contexte
: Application Windows, Catalogue SystemIndex Détails : Impossible de lire l'index
du contenu. (0xc0041800)

Error - 19/12/2008 14:50:27 | Computer Name = SERAUT | Source = Windows Search Service | ID = 3028
Description = Impossible d'initialiser l'objet rassembleur. Contexte : Application
Windows, Catalogue SystemIndex Détails : Impossible de lire l'index du contenu.
(0xc0041800)

Error - 19/12/2008 14:50:27 | Computer Name = SERAUT | Source = Windows Search Service | ID = 3058
Description = Impossible d'initialiser l'application. Contexte : Application Windows

Détails
: Impossible de lire l'index du contenu. (0xc0041800)

[ Canal+ Events ]
Error - 12/06/2008 17:27:47 | Computer Name = SERAUT | Source = VideoOnDemand | ID = 0
Description = ContentsManager.FetchContents : 401

Error - 12/06/2008 17:28:38 | Computer Name = SERAUT | Source = VideoOnDemand | ID = 0
Description = ContentsManager.FetchContents : 401

Error - 12/06/2008 17:29:31 | Computer Name = SERAUT | Source = VideoOnDemand | ID = 0
Description = ContentsManager.FetchContents : 401

Error - 12/06/2008 17:30:17 | Computer Name = SERAUT | Source = VideoOnDemand | ID = 0
Description = ContentsManager.FetchContents : 401

[ System Events ]
Error - 19/12/2008 14:50:43 | Computer Name = SERAUT | Source = DCOM | ID = 10005
Description = DCOM a reçu l'erreur "%1053" lors de la mise en route du service WSearch
avec les arguments "" pour démarrer le serveur : {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

Error - 20/12/2008 15:48:25 | Computer Name = SERAUT | Source = sfsync02 | ID = 262156
Description =

Error - 20/12/2008 15:48:46 | Computer Name = SERAUT | Source = DCOM | ID = 10005
Description = DCOM a reçu l'erreur "%1084" lors de la mise en route du service netman
avec les arguments "" pour démarrer le serveur : {BA126AE5-2166-11D1-B1D0-00805FC1270E}

Error - 20/12/2008 15:48:50 | Computer Name = SERAUT | Source = DCOM | ID = 10005
Description = DCOM a reçu l'erreur "%1084" lors de la mise en route du service EventSystem
avec les arguments "" pour démarrer le serveur : {1BE1F766-5536-11D1-B726-00C04FB926AF}

Error - 20/12/2008 15:49:50 | Computer Name = SERAUT | Source = Service Control Manager | ID = 7001
Description = Le service Client DHCP dépend du service NetBIOS sur TCP/IP qui n'a
pas pu démarrer en raison de l'erreur : %%31

Error - 20/12/2008 15:49:50 | Computer Name = SERAUT | Source = Service Control Manager | ID = 7001
Description = Le service Client DNS dépend du service Pilote du protocole TCP/IP
qui n'a pas pu démarrer en raison de l'erreur : %%31

Error - 20/12/2008 15:49:50 | Computer Name = SERAUT | Source = Service Control Manager | ID = 7026
Description = Le pilote de démarrage système ou d'amorçage suivant n'a pas pu se
charger : Aavmker4 AFD AmdK8 aswSP aswTdi ElbyCDIO FileDisk Fips IPSec MRxSmb NetBIOS NetBT
oreans32
PStrip
RasAcd
Rdbss
Tcpip

Error - 20/12/2008 15:51:36 | Computer Name = SERAUT | Source = DCOM | ID = 10005
Description = DCOM a reçu l'erreur "%1084" lors de la mise en route du service netman
avec les arguments "" pour démarrer le serveur : {BA126AE5-2166-11D1-B1D0-00805FC1270E}

Error - 20/12/2008 15:52:11 | Computer Name = SERAUT | Source = DCOM | ID = 10005
Description = DCOM a reçu l'erreur "%1084" lors de la mise en route du service netman
avec les arguments "" pour démarrer le serveur : {BA126AE5-2166-11D1-B1D0-00805FC1270E}

Error - 20/12/2008 15:52:14 | Computer Name = SERAUT | Source = DCOM | ID = 10005
Description = DCOM a reçu l'erreur "%1084" lors de la mise en route du service EventSystem
avec les arguments "" pour démarrer le serveur : {1BE1F766-5536-11D1-B726-00C04FB926AF}

<End>

de **SERAUT** » 21 Déc 2008, 13:36

le fichier OTlistIt. Txt :

OTListIt logfile created on: 21/12/2008 13:29:04 - Run
OTListIt2 by OldTimer - Version 1.0.1.0 Folder = C:\Documents and Settings\Michel\Bureau
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

2,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 100,00% Memory free
4,00 Gb Paging File | 4,00 Gb Available in Paging File | 100,00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092;

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 298,09 Gb Total Space | 79,17 Gb Free Space | 26,56% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Drive J: | 4,16 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive K: | 3,84 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
Drive M: | 440,80 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS

Computer Name: SERAUT
Current User Name: Michel
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Output = Standard
File Age = 30 Days
Company Name Whitelist: On

========== Processes (SafeList) ==========

[2008/08/21 21:10:55 | 00,611,664 | ---- | M] (Lavasoft) -- C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
[2008/11/26 18:12:08 | 00,018,752 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
[2008/11/26 18:18:46 | 00,155,160 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe
[2007/10/19 13:19:22 | 00,141,848 | ---- | M] (Logitech Inc.) -- C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
[2008/11/26 18:18:51 | 00,081,000 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashDisp.exe
[2008/07/29 13:54:56 | 00,321,672 | ---- | M] (SPAMfighter ApS) -- C:\Program Files\SPAMfighter\SFAgent.exe
[2008/04/14 03:34:13 | 01,695,232 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Messenger\msmsgs.exe
[2007/12/09 12:37:24 | 00,068,856 | ---- | M] (Google Inc.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
[2004/02/24 15:20:04 | 00,401,491 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft ActiveSync\wcescomm.exe
[2006/10/04 11:49:02 | 00,892,928 | ---- | M] (Diskeeper Corporation) -- C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
[2007/10/19 13:17:28 | 00,186,904 | ---- | M] (Logitech Inc.) -- C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
[2003/06/19 22:25:00 | 00,322,120 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
[2006/03/02 21:41:00 | 00,143,426 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvsvc32.exe
[2007/08/28 07:59:06 | 00,895,088 | ---- | M] (PC Tools Research Pty Ltd) -- C:\Program Files\Spyware Doctor\sdhelp.exe
[2008/07/29 13:56:44 | 00,184,968 | ---- | M] (SPAMfighter ApS) -- C:\Program Files\SPAMfighter\sfus.exe
[2006/12/06 20:59:46 | 00,217,088 | ---- | M] (Sony DADC Austria AG.) -- C:\WINDOWS\system32\UAService7.exe
[2008/05/26 21:18:44 | 00,439,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\searchindexer.exe
[2007/10/19 13:17:28 | 00,186,904 | ---- | M] (Logitech Inc.) -- C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
[2008/11/26 18:16:23 | 00,352,920 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
[2008/11/26 18:18:32 | 00,254,040 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
[2008/12/21 11:23:10 | 00,473,589 | ---- | M] (Smarte Solutions, Inc.) -- C:\Documents and Settings\Michel\Local Settings\Temp\ins2.tmp
[2005/10/25 23:01:58 | 04,358,144 | ---- | M] (Nero AG) -- C:\Program Files\Nero\Nero 7\Nero StartSmart\NeroStartSmart.exe
[2005/10/25 14:26:20 | 19,087,360 | ---- | M] (Nero AG) -- C:\Program Files\Nero\Nero 7\Core\nero.exe
[2005/10/28 15:14:08 | 00,462,848 | ---- | M] (Nero AG) -- C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe
[2008/12/17 21:25:37 | 00,307,704 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
[2008/12/21 13:27:15 | 00,419,328 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Michel\Bureau\OTListIt2.exe

========== (O23) Win32 Services (SafeList) ==========

[2008/08/21 21:10:55 | 00,611,664 | ---- | M] (Lavasoft) -- C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe -- (aawservice [Auto | Running])
[2007/05/13 13:32:57 | 00,072,704 | ---- | M] (Adobe Systems) -- C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe -- (Adobe LM Service [On_Demand | Stopped])
[2007/10/24 00:47:22 | 00,033,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe -- (aspnet_state [On_Demand | Stopped])
[2008/11/26 18:12:08 | 00,018,752 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe -- (aswUpdSv [Auto | Running])
[2008/11/26 18:18:46 | 00,155,160 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe -- (avast! Antivirus [Auto | Running])
[2008/11/26 18:18:32 | 00,254,040 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe -- (avast! Mail Scanner [On_Demand | Running])
[2008/11/26 18:16:23 | 00,352,920 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe -- (avast! Web Scanner [On_Demand | Running])
[2007/10/24 00:47:40 | 00,070,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32 [On_Demand | Stopped])
[2006/10/04 11:49:02 | 00,892,928 | ---- | M] (Diskeeper Corporation) -- C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe -- (Diskeeper [Auto | Running])
[2008/12/01 11:01:02 | 00,033,752 | ---- | M] (NOS Microsystems Ltd.) -- C:\Program Files\NOS\bin\getPlus_HelperSvc.exe -- (getPlus(R) Helper [On_Demand | Stopped])
[2007/11/30 21:36:57 | 00,138,168 | ---- | M] (Google) -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc [On_Demand | Stopped])
[2007/10/19 13:17:28 | 00,186,904 | ---- | M] (Logitech Inc.) -- C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe -- (LVCOMSer [Auto | Running])
[2007/10/19 13:19:22 | 00,141,848 | ---- | M] (Logitech Inc.) -- C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe -- (LVPrcSrv [Auto | Running])
[2007/10/19 13:21:16 | 00,141,848 | ---- | M] (Logitech Inc.) -- C:\Program Files\Fichiers communs\LogiShrd\SrvLnch\SrvLnch.exe -- (LVSrvLauncher [Auto | Stopped])
[2003/06/19 22:25:00 | 00,322,120 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE -- (MDM [Auto | Running])
[2006/03/02 21:41:00 | 00,143,426 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvsvc32.exe -- (NVSvc [Auto | Running])
[2003/07/28 19:28:22 | 00,089,136 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE -- (ose [On_Demand | Stopped])
[2006/08/03 14:23:36 | 00,119,800 | ---- | M] (SiSoftware) -- C:\Program Files\SiSoftware\SiSoftware Sandra Ingénieur 2007.SP1\Win32\RpcDataSrv.exe -- (SandraDataSrv [On_Demand | Stopped])
[2006/08/03 14:23:32 | 01,258,488 | ---- | M] (SiSoftware) -- C:\Program Files\SiSoftware\SiSoftware Sandra Ingénieur 2007.SP1\RpcSandraSrv.exe -- (SandraTheSrv [On_Demand | Stopped])
[2007/08/28 07:59:06 | 00,895,088 | ---- | M] (PC Tools Research Pty Ltd) -- C:\Program Files\Spyware Doctor\sdhelp.exe -- (SDhelper [Auto | Running])
[2008/07/29 13:56:44 | 00,184,968 | ---- | M] (SPAMfighter ApS) -- C:\Program Files\SPAMfighter\sfus.exe -- (SPAMfighter Update Service [Auto | Running])
[2006/12/06 20:59:46 | 00,217,088 | ---- | M] (Sony DADC Austria AG.) -- C:\WINDOWS\system32\UAService7.exe -- (UserAccess7 [Auto | Running])
[2007/10/18 11:31:54 | 00,098,328 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Messenger\usnsvc.exe -- (usnjsvc [On_Demand | Stopped])
[2007/10/25 15:27:54 | 00,266,240 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\installer\WLSetupSvc.exe -- (WLSetupSvc [On_Demand | Stopped])
[2006/11/03 09:59:14 | 00,918,016 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc [On_Demand | Stopped])
[2008/05/26 21:18:44 | 00,439,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\searchindexer.exe -- (WSearch [Auto | Running])

========== Driver Services (SafeList) ==========

[2008/11/26 18:15:35 | 00,026,944 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4 [System | Running])
[2008/08/21 21:10:59 | 00,015,648 | ---- | M] (Lavasoft AB) -- C:\WINDOWS\system32\drivers\NSDriver.sys -- (Ad-Watch Connect Filter [On_Demand | Stopped])
[2008/08/21 21:10:59 | 00,012,960 | ---- | M] (Lavasoft AB) -- C:\WINDOWS\system32\drivers\AWRTPD.sys -- (Ad-Watch Real-Time Scanner [On_Demand | Stopped])
[2008/08/21 21:10:59 | 00,015,648 | ---- | M] (Lavasoft AB) -- C:\WINDOWS\system32\drivers\AWRTRD.sys -- (Ad-Watch Registry Filter [On_Demand | Stopped])
[2006/05/19 14:44:52 | 03,965,056 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS -- (ALCXWDM [On_Demand | Running])
[2006/05/10 10:27:00 | 00,043,520 | ---- | M] (Advanced Micro Devices) -- C:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8 [System | Running])
[2008/11/26 18:17:25 | 00,020,560 | ---- | M] (ALWIL Software) -- C:\WINDOWS\system32\drivers\aswFsBlk.sys -- (aswFsBlk [Auto | Running])
[2008/11/26 18:18:18 | 00,094,032 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2 [Auto | Running])
[2008/11/26 18:16:29 | 00,023,152 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr [On_Demand | Running])
[2008/11/26 18:17:36 | 00,111,184 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP [System | Running])
[2008/11/26 18:16:38 | 00,050,864 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi [System | Running])
[2006/11/16 19:16:13 | 00,165,376 | ---- | M] () -- C:\WINDOWS\system32\drivers\atksgt.sys -- (atksgt [Auto | Running])
[2006/07/20 09:43:16 | 00,007,168 | ---- | M] () -- C:\Program Files\HardwareDetection\driverhardwarev2.sys -- (driverhardwarev2 [On_Demand | Stopped])
[2007/08/07 20:48:33 | 00,025,160 | ---- | M] (Elaborate Bytes AG) -- C:\WINDOWS\system32\drivers\ElbyCDIO.sys -- (ElbyCDIO [System | Running])
[2005/04/12 09:41:20 | 00,004,608 | ---- | M] (Elaborate Bytes AG) -- C:\WINDOWS\system32\drivers\ElbyDelay.sys -- (ElbyDelay [On_Demand | Running])
[2006/07/24 17:51:34 | 00,009,341 | ---- | M] (iolo technologies, LLC (based on original work by Bo Brantén)) -- C:\WINDOWS\System32\drivers\filedisk.sys -- (FileDisk [System | Running])
[2007/03/29 12:36:53 | 00,030,592 | ---- | M] (PCTools Research Pty Ltd.) -- C:\WINDOWS\system32\drivers\ikhfile.sys -- (ikhfile [System | Running])
[2007/08/28 07:59:03 | 00,051,072 | ---- | M] (PCTools Research Pty Ltd.) -- C:\WINDOWS\system32\drivers\ikhlayer.sys -- (ikhlayer [System | Running])
[2003/07/07 15:19:48 | 00,011,520 | R--- | M] (WB Electronic) -- C:\WINDOWS\system32\drivers\infusb.sys -- (INFUSB [On_Demand | Stopped])
[2006/11/16 19:16:13 | 00,018,048 | ---- | M] () -- C:\WINDOWS\system32\drivers\lirsgt.sys -- (lirsgt [Auto | Running])
[2007/10/19 13:16:30 | 02,109,976 | ---- | M] (Logitech Inc.) -- C:\WINDOWS\system32\drivers\Lvckap.sys -- (LVcKap [On_Demand | Stopped])
[2007/10/11 18:59:02 | 02,142,488 | ---- | M] (Logitech Inc.) -- C:\WINDOWS\system32\drivers\LVMVdrv.sys -- (LVMVDrv [On_Demand | Stopped])
[2007/10/11 18:59:24 | 00,025,624 | ---- | M] () -- C:\WINDOWS\system32\drivers\LVPr2Mon.sys -- (LVPr2Mon [On_Demand | Running])
[2007/05/09 20:51:34 | 00,041,888 | ---- | M] (Logitech Inc.) -- C:\WINDOWS\system32\drivers\LVUSBSta.sys -- (LVUSBSta [On_Demand | Running])
[2001/06/11 13:55:26 | 00,018,736 | ---- | M] () -- C:\Program Files\Micro Application\Super Nettoyeur\mxinsmon.sys -- (mxInsMon [On_Demand | Stopped])
[2008/04/13 19:53:09 | 00,040,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\nmnt.sys -- (nm [On_Demand | Stopped])
[2006/03/02 21:41:00 | 03,648,864 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv [On_Demand | Running])
[2005/10/04 11:48:00 | 00,093,952 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\drivers\nvatabus.sys -- (nvatabus [Boot | Running])
[2005/09/30 12:52:20 | 00,034,048 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD [On_Demand | Running])
[2005/09/30 12:52:22 | 00,013,056 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus [On_Demand | Running])
[2007/01/29 22:29:44 | 00,033,824 | ---- | M] () -- C:\WINDOWS\system32\drivers\oreans32.sys -- (oreans32 [System | Running])
[2006/11/11 09:06:58 | 00,039,488 | ---- | M] (VSO Software) -- C:\WINDOWS\system32\drivers\Pcouffin.sys -- (Pcouffin [On_Demand | Running])
[2007/05/09 20:46:48 | 00,014,112 | ---- | M] (Logitech Inc.) -- C:\WINDOWS\system32\drivers\lv302af.sys -- (pepifilter [On_Demand | Running])
[2005/01/31 11:26:06 | 00,912,768 | ---- | M] (Logitech Inc.) -- C:\WINDOWS\system32\drivers\LV302AV.SYS -- (PID_08A0 [On_Demand | Stopped])
[2007/05/09 20:47:00 | 01,276,832 | ---- | M] (Logitech Inc.) -- C:\WINDOWS\system32\drivers\LV302V32.SYS -- (PID_PEPI [On_Demand | Running])
[2006/09/30 11:35:52 | 00,027,936 | ---- | M] () -- C:\WINDOWS\system32\drivers\pstrip.sys -- (PStrip [System | Running])
[2004/08/05 13:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) -- C:\WINDOWS\system32\drivers\ptilink.sys -- (Ptilink [On_Demand | Running])
[2007/10/20 01:56:10 | 00,043,528 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\drivers\PxHelp20.sys -- (PxHelp20 [Boot | Running])
[2008/04/13 19:40:48 | 00,043,904 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\sbp2port.sys -- (sbp2port [Boot | Running])
[2007/11/13 11:25:54 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\WINDOWS\system32\drivers\secdrv.sys -- (Secdrv [Auto | Running])
[2005/01/14 17:14:07 | 00,047,616 | ---- | M] (Protection Technology) -- C:\WINDOWS\system32\drivers\sfdrv01.sys -- (sfdrv01 [Boot | Running])
[2004/10/28 11:47:59 | 00,006,656 | ---- | M] (Protection Technology) -- C:\WINDOWS\system32\drivers\sfhlp02.sys -- (sfhlp02 [Boot | Running])
[2004/12/03 11:20:41 | 00,020,544 | ---- | M] (Protection Technology) -- C:\WINDOWS\system32\drivers\sfsync02.sys -- (sfsync02 [Boot | Running])
[2005/06/20 08:12:00 | 00,215,040 | ---- | M] (SiS Corporation) -- C:\WINDOWS\system32\drivers\sis163u.sys -- (SIS163u [On_Demand | Stopped])
[2006/12/06 21:25:36 | 00,639,224 | ---- | M] () -- C:\WINDOWS\system32\drivers\sptd.sys -- (sptd [Boot | Running])
[2005/07/13 11:08:20 | 00,033,890 | ---- | M] (Service & Quality Technology.) -- C:\WINDOWS\system32\drivers\Capt905c.sys -- (SQTECH905C [On_Demand | Stopped])
[2008/04/13 19:45:12 | 00,060,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\USBAUDIO.sys -- (usbaudio [On_Demand | Running])
[2003/12/22 09:28:20 | 00,104,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\wceusbsh.sys -- (wceusbsh [On_Demand | Stopped])

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\windows\system32\blank.htm
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home
HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie

HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\windows\system32\blank.htm
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
URLSearchHook: {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - Reg Error: Key does not exist or could not be opened. File not found
HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKU\.DEFAULT\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKU\S-1-5-18\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

HKU\S-1-5-21-2921752088-3549839694-617077185-1007\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKU\S-1-5-21-2921752088-3549839694-617077185-1007\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\windows\system32\blank.htm
HKU\S-1-5-21-2921752088-3549839694-617077185-1007\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
HKU\S-1-5-21-2921752088-3549839694-617077185-1007\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
HKU\S-1-5-21-2921752088-3549839694-617077185-1007\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
URLSearchHook: {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - Reg Error: Key does not exist or could not be opened. File not found
HKU\S-1-5-21-2921752088-3549839694-617077185-1007\S-1-5-21-2921752088-3549839694-617077185-1007\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

O1 HOSTS File: (270046 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.123topsearch.com
O1 - Hosts: 127.0.0.1 123topsearch.com
O1 - Hosts: 127.0.0.1 www.132.com
O1 - Hosts: 127.0.0.1 132.com
O1 - Hosts: 127.0.0.1 www.136136.net
O1 - Hosts: 127.0.0.1 136136.net
O1 - Hosts: 127.0.0.1 www.163ns.com
O1 - Hosts: 127.0.0.1 163ns.com
O1 - Hosts: 127.0.0.1 171203.com
O1 - Hosts: 9307 more lines...
O2 - BHO: (Yahoo! Companion BHO) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_3_19_0.dll (Yahoo! Inc.)
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (PCTools Site Guard) - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - C:\Program Files\Spyware Doctor\tools\iesdsg.dll (PC Tools)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Implements TweakBHO) - {7DAAC7DE-9EF0-4FF0-BFA5-AFF3E899054C} - C:\Program Files\TweakMASTER\TweakBHO.dll (Hagel Technologies)
O2 - BHO: (Windows Live Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll File not found
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll (Google Inc.)
O2 - BHO: (PCTools Browser Monitor) - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - C:\Program Files\Spyware Doctor\tools\iesdpb.dll (PC Tools)
O3 - HKLM\..\Toolbar: (&Google) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll File not found
O3 - HKLM\..\Toolbar: (Easy-WebPrint) - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll ()
O3 - HKLM\..\Toolbar: (Yahoo! Companion) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_3_19_0.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar: (no name) - {BC4FFE41-DE9F-46FA-B455-AAD49B9F9938} - Reg Error: Key does not exist or could not be opened. File not found
O3 - HKCU\..\Toolbar: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll File not found
O3 - HKCU\..\Toolbar: (no name) - {BC4FFE41-DE9F-46FA-B455-AAD49B9F9938} - Reg Error: Key does not exist or could not be opened. File not found
O3 - HKCU\..\Toolbar: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_3_19_0.dll (Yahoo! Inc.)
O3 - HKU\S-1-5-21-2921752088-3549839694-617077185-1007\..\Toolbar: (no name) - {BC4FFE41-DE9F-46FA-B455-AAD49B9F9938} - Reg Error: Key does not exist or could not be opened. File not found
O3 - HKU\S-1-5-21-2921752088-3549839694-617077185-1007\..\Toolbar: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll File not found
O3 - HKU\S-1-5-21-2921752088-3549839694-617077185-1007\..\Toolbar: (no name) - {BC4FFE41-DE9F-46FA-B455-AAD49B9F9938} - Reg Error: Key does not exist or could not be opened. File not found
O3 - HKU\S-1-5-21-2921752088-3549839694-617077185-1007\..\Toolbar: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_3_19_0.dll (Yahoo! Inc.)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avast!] "C:\Program Files\Alwil Software\Avast4\ashDisp.exe" (ALWIL Software)
O4 - HKLM..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup (NVIDIA Corporation)
O4 - HKLM..\Run: [SPAMfighter Agent] "C:\Program Files\SPAMfighter\SFAgent.exe" update delay 60 (SPAMfighter ApS)
O4 - HKCU..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE" (Microsoft Corporation)
O4 - HKCU..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background (Microsoft Corporation)
O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - HKU\.DEFAULT..\Run: [Spyware Doctor] "C:\Program Files\Spyware Doctor\swdoctor.exe" /Q (PC Tools Research Pty Ltd)
O4 - HKU\S-1-5-18..\Run: [Spyware Doctor] "C:\Program Files\Spyware Doctor\swdoctor.exe" /Q (PC Tools Research Pty Ltd)
O4 - HKU\S-1-5-21-2921752088-3549839694-617077185-1007..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE" (Microsoft Corporation)
O4 - HKU\S-1-5-21-2921752088-3549839694-617077185-1007..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background (Microsoft Corporation)
O4 - HKU\S-1-5-21-2921752088-3549839694-617077185-1007..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRecentDocsHirtory = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 91 00 00 00 [binary data]
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoInstrumentation = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 1

O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun =
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun =
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-2921752088-3549839694-617077185-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 91 00 00 00 [binary data]
O7 - HKU\S-1-5-21-2921752088-3549839694-617077185-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoInstrumentation = 1
O7 - HKU\S-1-5-21-2921752088-3549839694-617077185-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 1

O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Easy-WebPrint Ajouter à la liste d'impressions - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint Impression rapide - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Imprimer - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
O8 - Extra context menu item: Easy-WebPrint Prévisualiser - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
O9 - Extra 'Tools' menuitem : Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\npjpi160_05.dll (Sun Microsystems, Inc.)
O9 - Extra Button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\Program Files\Spyware Doctor\tools\iesdpb.dll (PC Tools)
O9 - Extra Button: Créer un Favori de l'appareil mobile - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll (Microsoft Corporation)
O9 - Extra Button: Traduction - {7A2EFD41-E6B3-11D2-89E3-00E0292EE574} - C:\Program Files\PROMT5\PROMTIE4\promtie5.htm ()
O9 - Extra 'Tools' menuitem : Traduire - {7A2EFD41-E6B3-11D2-89E3-00E0292EE574} - C:\Program Files\PROMT5\PROMTIE4\promtie5.htm ()
O9 - Extra 'Tools' menuitem : Personnaliser les options de traduction - {7A2EFD41-E6B3-11D2-89E3-00E0292EE575} - C:\Program Files\PROMT5\PROMTIE4\OPTIONS.HTM ()
O9 - Extra Button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - File not found
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\network diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - File not found
O9 - Extra 'Tools' menuitem : Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - File not found
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O15 - HKLM\..Trusted Sites: 46 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKCU\..Trusted Sites: 47 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKU\.DEFAULT\..Trusted Sites: 47 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKU\S-1-5-18\..Trusted Sites: 47 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKU\S-1-5-19\..Trusted Sites: 33 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKU\S-1-5-20\..Trusted Sites: 33 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKU\S-1-5-21-2921752088-3549839694-617077185-1007\..Trusted Sites: 47 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/fl ... rashim.cab (Reg Error: Key does not exist or could not be opened.)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} (Java Plug-in 1.6.0_05)
O18 - Protocol\Handler: - ipp - No CLSID value found
O18 - Protocol\Handler: - ipp\0x00000001 - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler: - livecall - C:\Program Files\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll (Microsoft Corporation)
O18 - Protocol\Handler: - mctp - C:\Program Files\Microsoft ActiveSync\aatp.dll (Microsoft Corporation)
O18 - Protocol\Handler: - msdaipp - No CLSID value found
O18 - Protocol\Handler: - msdaipp\0x00000001 - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler: - msdaipp\oledb - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler: - ms-itss - c:\Program Files\Fichiers communs\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler: - msnim - C:\Program Files\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll (Microsoft Corporation)
O18 - Protocol\Handler: - mso-offdap - C:\Program Files\Fichiers communs\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler: - mso-offdap11 - C:\Program Files\Fichiers communs\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Filter: - text/xml - C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - See sections below for AppInitDlls and Winlogon settings

========== Shell Execute Hooks ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}" (HKLM) -- C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll (Microsoft Corporation)

========== Safeboot Options ==========

"AlternateShell" = cmd.exe

========== CDRom AutoRun Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom]
"AutoRun" = 1

========== Autorun Files on Drives ==========

AUTOEXEC.BAT []
[2006/07/21 16:19:42 | 00,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT -- [ NTFS ]

Autorun.exe [MZ | ]
[2007/08/02 20:42:29 | 00,587,048 | R--- | M] (Massive Entertainment AB) -- J:\Autorun.exe -- [ CDFS ]

Autorun.inf [[autorun] | open=Autorun.exe | icon=Icon.ico | ]
[2007/06/29 07:21:12 | 00,000,048 | R--- | M] () -- J:\Autorun.inf -- [ CDFS ]

Autorun.sdf [RYS x( | ]
[2007/07/23 14:19:17 | 00,272,975 | R--- | M] () -- J:\Autorun.sdf -- [ CDFS ]

Autorun.inf [[autorun] | OPEN=SH4Autorun.exe | ICON=sh4.ico | LABEL=SilentHunter4 | ]
[2007/02/24 13:12:06 | 00,000,067 | R--- | M] () -- K:\Autorun.inf -- [ UDF ]

Autorun.inf [[autorun] | open=install.exe /autorun | icon=zoo2.ico | Name=Installation de Zoo Tycoon 2 | | shell\setup=&Installer Zoo Tycoon 2 | shell\setup\command=install.exe | | shell\directx=Installer &DirectX 9.0b | shell\directx\command=DirectX\dxsetup.exe | ]
[2004/10/19 13:04:40 | 00,000,242 | R--- | M] () -- M:\Autorun.inf -- [ CDFS ]

========== MountPoints2 ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1c325589-5aaa-11db-916f-0015f2f355dc}\Shell\AutoRun\command]
"" = P:\start.exe -- File not found

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1c325589-5aaa-11db-916f-0015f2f355dc}\Shell\FramaKey\command]
"" = P:\start.exe -- File not found

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1c325593-5aaa-11db-916f-0015f2f355dc}\Shell]
"" = AutoRun

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1c325593-5aaa-11db-916f-0015f2f355dc}\Shell\AutoRun\command]
"" = J:\Autorun.exe -- [2007/08/02 20:42:29 | 00,587,048 | R--- | M] (Massive Entertainment AB)

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{4259b7a0-6e5e-11db-91a9-0015f2f355dc}\Shell\Auto\command]
"" = Start.exe

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{45c187e6-7888-11dc-9358-0015f2f355dc}\Shell\Auto\command]
"" = Start.exe

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{87a9c4c0-b401-11dd-9528-0015f2f355dc}\Shell\AutoRun\command]
"" = N:\start.exe -- File not found

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{87a9c4c0-b401-11dd-9528-0015f2f355dc}\Shell\iledefrance\command]
"" = N:\start.exe -- File not found

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{aa251914-0210-11dc-92b2-0015f2f355dc}\Shell]
"" = AutoRun

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{aa251914-0210-11dc-92b2-0015f2f355dc}\Shell\AutoRun\command]
"" = M:\install.exe -- [2004/10/07 19:58:38 | 00,589,824 | R--- | M] (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{aa251914-0210-11dc-92b2-0015f2f355dc}\Shell\directx\command]
"" = M:\DirectX\dxsetup.exe -- [2003/06/02 01:47:18 | 00,467,456 | R--- | M] (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{aa251914-0210-11dc-92b2-0015f2f355dc}\Shell\setup\command]
"" = M:\install.exe -- [2004/10/07 19:58:38 | 00,589,824 | R--- | M] (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d6db79cc-ecce-11db-927b-0015f2f355dc}\Shell]
"" = AutoRun

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d6db79cc-ecce-11db-927b-0015f2f355dc}\Shell\AutoRun\command]
"" = K:\SH4Autorun.exe -- [2007/02/25 18:55:00 | 08,523,776 | R--- | M] (Ubisoft)

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\J\Shell]
"" = AutoRun

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\J\Shell\AutoRun\command]
"" = J:\install.exe -- File not found

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\J\Shell\directx\command]
"" = J:\DirectX\dxsetup.exe -- File not found

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\J\Shell\setup\command]
"" = J:\install.exe -- File not found

========== Files/Folders - Created Within 30 Days ==========

[2008/12/21 13:27:12 | 00,419,328 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Michel\Bureau\OTListIt2.exe
[2008/12/21 12:32:53 | 00,000,000 | R--D | C] -- C:\Documents and Settings\Michel\Mes documents\Copie de Mes images
[2008/12/21 12:32:05 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Michel\Mes documents\EA Games
[2008/12/21 12:32:05 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Documents\EA Games
[2008/12/20 21:02:05 | 00,005,737 | ---- | C] () -- C:\Documents and Settings\Michel\Local Settings\Application Data\gnc.exe
[2008/12/20 13:41:08 | 00,001,796 | ---- | C] () -- C:\WINDOWS\System32\tmp.reg
[2008/12/20 13:40:24 | 00,289,144 | ---- | C] (S!Ri) -- C:\WINDOWS\System32\VCCLSID.exe
[2008/12/20 13:40:24 | 00,288,417 | ---- | C] (S!Ri) -- C:\WINDOWS\System32\SrchSTS.exe
[2008/12/20 13:40:24 | 00,135,168 | ---- | C] (SteelWerX) -- C:\WINDOWS\System32\swreg.exe
[2008/12/20 13:40:24 | 00,087,552 | ---- | C] (S!Ri.URZ) -- C:\WINDOWS\System32\VACFix.exe
[2008/12/20 13:40:24 | 00,082,944 | ---- | C] (S!Ri.URZ) -- C:\WINDOWS\System32\IEDFix.exe
[2008/12/20 13:40:24 | 00,082,944 | ---- | C] (S!Ri.URZ) -- C:\WINDOWS\System32\IEDFix.C.exe
[2008/12/20 13:40:24 | 00,082,432 | ---- | C] (S!Ri.URZ) -- C:\WINDOWS\System32\404Fix.exe
[2008/12/20 13:40:24 | 00,080,384 | ---- | C] (S!Ri.URZ) -- C:\WINDOWS\System32\o4Patch.exe
[2008/12/20 13:40:24 | 00,079,360 | ---- | C] (SteelWerX) -- C:\WINDOWS\System32\swxcacls.exe
[2008/12/20 13:40:24 | 00,078,336 | ---- | C] (S!Ri.URZ) -- C:\WINDOWS\System32\Agent.OMZ.Fix.exe
[2008/12/20 13:40:24 | 00,053,248 | ---- | C] (http://www.beyondlogic.org) -- C:\WINDOWS\System32\Process.exe
[2008/12/20 13:40:24 | 00,051,200 | ---- | C] () -- C:\WINDOWS\System32\dumphive.exe
[2008/12/20 13:40:24 | 00,040,960 | ---- | C] () -- C:\WINDOWS\System32\swsc.exe
[2008/12/20 13:40:24 | 00,025,600 | ---- | C] () -- C:\WINDOWS\System32\WS2Fix.exe
[2008/12/20 13:21:14 | 00,000,636 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Navilog1.lnk
[2008/12/20 13:21:13 | 00,000,000 | ---D | C] -- C:\Program Files\Navilog1
[2008/12/20 11:51:14 | 00,001,746 | ---- | C] () -- C:\Documents and Settings\Michel\Bureau\HijackThis.lnk
[2008/12/19 19:47:05 | 00,000,000 | ---D | C] -- C:\Program Files\SFRWidget
[2008/12/19 13:08:52 | 00,000,000 | ---D | C] -- C:\Program Files\Microsoft SQL Server Compact Edition
[2008/12/19 13:07:21 | 00,000,000 | ---D | C] -- C:\Program Files\Microsoft
[2008/12/19 13:07:12 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Documents\microsoft
[2008/12/19 13:00:24 | 00,000,000 | ---D | C] -- C:\Program Files\Fichiers communs\Windows Live
[2008/12/16 13:00:11 | 00,000,000 | ---D | C] -- C:\Program Files\NOS
[2008/12/16 13:00:11 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\NOS
[2008/12/11 21:08:46 | 00,000,000 | ---D | C] -- C:\tmp
[2008/12/11 21:08:36 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Michel\Application Data\Nosibay
[2008/12/11 21:08:34 | 00,000,000 | ---D | C] -- C:\Program Files\Fichiers communs\Nosibay
[2008/12/11 21:08:31 | 00,000,000 | ---D | C] -- C:\Program Files\Nosibay
[2008/12/08 17:24:31 | 00,037,062 | ---- | C] () -- C:\WINDOWS\System32\odbcinst.hlp
[2008/12/08 17:24:31 | 00,000,324 | ---- | C] () -- C:\WINDOWS\System32\odbcinst.cnt
[2008/12/08 17:23:37 | 00,000,000 | ---D | C] -- C:\Program Files\Fichiers communs\Micro Application Shared
[2008/12/07 20:20:41 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Michel\Application Data\MAGIX
[2008/12/07 20:19:57 | 00,044,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msxml4a.dll
[2008/12/07 20:19:54 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\MAGIX
[2008/12/07 20:19:41 | 00,245,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mp4sds32.ax
[2008/12/07 20:19:40 | 00,420,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mpg4c32.dll
[2008/12/07 20:18:33 | 00,430,080 | ---- | C] (MAGIX AG) -- C:\WINDOWS\System32\MXRestore.exe
[2008/12/07 20:18:33 | 00,188,416 | ---- | C] (PoINT Software & Systems GmbH) -- C:\WINDOWS\System32\DLLRES32.dll
[2008/12/07 20:18:33 | 00,163,840 | ---- | C] (PoINT Software & Systems GmbH) -- C:\WINDOWS\System32\DLLDEV32.dll
[2008/12/07 20:18:33 | 00,151,552 | ---- | C] (PoINT Software & Systems GmbH) -- C:\WINDOWS\System32\DLLDRV32.dll
[2008/12/07 20:18:33 | 00,114,688 | ---- | C] (PoINT Software & Systems GmbH) -- C:\WINDOWS\System32\DLLCDA32.dll
[2008/12/07 20:18:33 | 00,094,208 | ---- | C] (PoINT Software & Systems GmbH) -- C:\WINDOWS\System32\DLLCPY32.dll
[2008/12/07 20:18:33 | 00,065,536 | ---- | C] (PoINT Software & Systems GmbH) -- C:\WINDOWS\System32\DLLPTL32.dll
[2008/12/07 20:18:33 | 00,061,440 | ---- | C] (PoINT Software & Systems GmbH) -- C:\WINDOWS\System32\DLLCDF32.dll
[2008/12/07 20:18:33 | 00,057,344 | ---- | C] (PoINT Software & Systems GmbH) -- C:\WINDOWS\System32\DLLTPO32.dll
[2008/12/07 20:18:33 | 00,053,248 | ---- | C] (PoINT Software & Systems GmbH) -- C:\WINDOWS\System32\DLLPRJ32.dll
[2008/12/07 20:18:33 | 00,049,152 | ---- | C] (PoINT Software & Systems GmbH) -- C:\WINDOWS\System32\DLLPRF32.dll
[2008/12/07 20:18:33 | 00,049,152 | ---- | C] (PoINT Software & Systems GmbH) -- C:\WINDOWS\System32\DLLIO32.dll
[2008/12/07 20:18:33 | 00,045,056 | ---- | C] (PoINT Software & Systems GmbH) -- C:\WINDOWS\System32\DLLIMG32.dll
[2008/12/07 20:18:33 | 00,040,960 | ---- | C] (PoINT Software & Systems GmbH) -- C:\WINDOWS\System32\DLLRD32.dll
[2008/12/07 20:18:33 | 00,036,864 | ---- | C] (PoINT Software & Systems GmbH) -- C:\WINDOWS\System32\DLLPNT32.dll
[2008/12/07 20:18:33 | 00,032,768 | ---- | C] (PoINT Software & Systems GmbH) -- C:\WINDOWS\System32\STRING32.dll
[2008/12/07 20:18:33 | 00,032,768 | ---- | C] (PoINT Software & Systems GmbH) -- C:\WINDOWS\System32\DLLMSC32.dll
[2008/12/07 20:18:33 | 00,032,768 | ---- | C] (PoINT Software & Systems GmbH) -- C:\WINDOWS\System32\DLLISO32.dll
[2008/12/07 20:18:33 | 00,032,768 | ---- | C] (PoINT Software & Systems GmbH) -- C:\WINDOWS\System32\DLLDIR32.dll
[2008/12/07 20:18:33 | 00,024,576 | ---- | C] (PoINT Software & Systems GmbH) -- C:\WINDOWS\System32\TTIC32.dll
[2008/12/07 20:18:33 | 00,024,576 | ---- | C] (PoINT Software & Systems GmbH) -- C:\WINDOWS\System32\TTI32.dll
[2008/12/07 20:18:33 | 00,024,576 | ---- | C] (PoINT Software & Systems GmbH) -- C:\WINDOWS\System32\DLLIX.dll
[2008/12/07 20:18:33 | 00,014,182 | ---- | C] () -- C:\WINDOWS\System32\DLLAV32.lib
[2008/12/07 20:18:32 | 00,462,848 | ---- | C] (PoINT Software & Systems GmbH) -- C:\WINDOWS\System32\DLLAV32.dll
[2008/12/07 20:18:31 | 00,000,000 | ---D | C] -- C:\Program Files\Fichiers communs\MAGIX Shared
[2008/12/07 20:18:14 | 01,089,536 | ---- | C] (eHelp Corporation.) -- C:\WINDOWS\System32\ROBOEX32.DLL
[2008/12/07 20:18:14 | 00,085,504 | ---- | C] (Blue Sky Software Corporation.) -- C:\WINDOWS\System32\HtmlWH.dll
[2008/12/07 20:18:14 | 00,049,152 | ---- | C] (Blue Sky Software Corporation.) -- C:\WINDOWS\System32\INETWH32.dll
[2008/12/07 20:18:14 | 00,000,000 | ---D | C] -- C:\MAGIX
[2008/12/07 20:17:52 | 00,626,688 | ---- | C] (MAGIX AG) -- C:\WINDOWS\System32\mgxoschk.dll
[2008/12/07 20:17:52 | 00,006,425 | ---- | C] () -- C:\WINDOWS\mgxoschk.ini
[2008/12/07 20:17:52 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\MAGIX
[2008/12/07 17:59:58 | 00,025,088 | ---- | C] () -- C:\Documents and Settings\Michel\Mes documents\Julien SERAUT CV.doc
[2008/12/07 14:17:01 | 00,201,050 | ---- | C] () -- C:\WINDOWS\System32\nvapps.nvb
[2008/12/07 14:16:25 | 00,007,143 | ---- | C] () -- C:\WINDOWS\System32\nvide.nvu
[2008/12/07 14:06:39 | 00,002,306 | ---- | C] () -- C:\WINDOWS\System32\nvsmb.nvu
[2008/12/07 11:23:32 | 00,000,000 | ---D | C] -- C:\Program Files\QuickGamma
[2008/12/06 18:41:02 | 00,000,000 | ---D | C] -- C:\Program Files\Realtek AC97
[2008/12/06 18:09:35 | 00,000,000 | ---D | C] -- C:\Program Files\NDSROM Player
[2008/12/05 12:54:41 | 00,000,000 | ---D | C] -- C:\Program Files\Driver-Soft
[2008/12/04 20:39:38 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Michel\Bureau\Plongée
[2008/12/02 22:37:20 | 00,051,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sirenacm.dll
[2008/11/30 10:59:41 | 00,208,384 | ---- | C] () -- C:\Documents and Settings\Michel\Mes documents\dessert noel.doc
[2008/11/29 22:57:04 | 00,000,000 | ---D | C] -- C:\Program Files\Picasa2
[2008/11/22 10:20:21 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Michel\Bureau\Divers téléchargements

========== Files - Modified Within 30 Days ==========

[4 C:\WINDOWS\*.tmp files]
[2008/12/21 13:27:25 | 00,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2008/12/21 13:27:15 | 00,419,328 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Michel\Bureau\OTListIt2.exe
[2008/12/21 11:22:50 | 00,003,134 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2008/12/21 11:22:39 | 00,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2008/12/21 11:22:03 | 00,192,478 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2008/12/21 11:21:59 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2008/12/21 11:21:53 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2008/12/20 22:23:10 | 00,002,573 | ---- | M] () -- C:\Documents and Settings\Michel\Bureau\Microsoft Office Word 2003.lnk
[2008/12/20 20:49:40 | 00,001,796 | ---- | M] () -- C:\WINDOWS\System32\tmp.reg
[2008/12/20 20:49:35 | 00,270,046 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2008/12/20 20:00:00 | 00,000,330 | -H-- | M] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2008/12/20 19:00:00 | 00,000,410 | ---- | M] () -- C:\WINDOWS\tasks\Maintenance en 1 clic.job
[2008/12/20 13:21:14 | 00,000,636 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Navilog1.lnk
[2008/12/20 11:51:14 | 00,001,746 | ---- | M] () -- C:\Documents and Settings\Michel\Bureau\HijackThis.lnk
[2008/12/20 11:49:54 | 00,041,984 | ---- | M] () -- C:\Documents and Settings\Michel\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/12/20 10:40:56 | 00,088,032 | ---- | M] () -- C:\Documents and Settings\Michel\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2008/12/20 10:27:25 | 00,000,569 | ---- | M] () -- C:\Documents and Settings\Michel\Mes documents\Mes dossiers de partage.lnk
[2008/12/19 19:49:52 | 00,332,280 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2008/12/19 13:33:21 | 00,521,624 | ---- | M] () -- C:\WINDOWS\System32\perfh00C.dat
[2008/12/19 13:33:21 | 00,408,120 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2008/12/19 13:33:21 | 00,096,260 | ---- | M] () -- C:\WINDOWS\System32\perfc00C.dat
[2008/12/19 13:33:21 | 00,064,650 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2008/12/19 13:26:59 | 00,000,830 | ---- | M] () -- C:\WINDOWS\win.ini
[2008/12/19 13:26:59 | 00,000,264 | ---- | M] () -- C:\WINDOWS\system.ini
[2008/12/12 18:02:12 | 03,088,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mshtml.dll
[2008/12/12 18:02:12 | 03,088,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshtml.dll
[2008/12/12 13:17:21 | 00,000,239 | -HS- | M] () -- C:\boot.ini
[2008/12/12 00:57:43 | 00,078,336 | ---- | M] (S!Ri.URZ) -- C:\WINDOWS\System32\Agent.OMZ.Fix.exe
[2008/12/10 00:24:37 | 17,593,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\MRT.exe
[2008/12/08 17:33:57 | 00,000,294 | ---- | M] () -- C:\WINDOWS\NAVIGMA.INI
[2008/12/07 21:11:27 | 01,576,586 | -H-- | M] () -- C:\Documents and Settings\Michel\Local Settings\Application Data\IconCache.db
[2008/12/07 20:19:52 | 00,006,425 | ---- | M] () -- C:\WINDOWS\mgxoschk.ini
[2008/12/07 17:59:58 | 00,025,088 | ---- | M] () -- C:\Documents and Settings\Michel\Mes documents\Julien SERAUT CV.doc
[2008/11/30 19:52:38 | 00,003,616 | ---- | M] () -- C:\WINDOWS\System32\settings.aaw
[2008/11/30 19:52:38 | 00,000,960 | ---- | M] () -- C:\WINDOWS\System32\history.aaw
[2008/11/30 10:59:41 | 00,208,384 | ---- | M] () -- C:\Documents and Settings\Michel\Mes documents\dessert noel.doc
[2008/11/29 17:58:21 | 00,082,944 | ---- | M] (S!Ri.URZ) -- C:\WINDOWS\System32\IEDFix.C.exe
[2008/11/28 11:09:48 | 00,000,700 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Widget SFR.lnk
[2008/11/26 18:21:30 | 01,236,208 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\aswBoot.exe
[2008/11/26 18:18:25 | 00,093,296 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2008/11/26 18:18:18 | 00,094,032 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2008/11/26 18:17:36 | 00,111,184 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2008/11/26 18:17:25 | 00,020,560 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2008/11/26 18:16:38 | 00,050,864 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2008/11/26 18:16:29 | 00,023,152 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2008/11/26 18:15:35 | 00,026,944 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2008/11/26 18:15:10 | 00,097,480 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\AVASTSS.scr

========== Alternate Data Streams ==========

@Alternate Data Stream - 0 bytes -> %UserProfile%\Mes documents\Thumbs.db:encryptable
<End>

MERCI DE TON AIDE

de **nickW** » 21 Déc 2008, 23:57

Bonsoir,

1/ L'Observateur d'événements a enregistré plusieurs erreurs pour le service Windows Search.

Est-ce toi qui as installé volontairement Windows (Desktop) Search?

L'utilises-tu?

2/ Peux-tu désactiver le service Client DNS:

Ouvrir la console de gestion des services:
Démarrer--->Exécuter
Taper services.msc puis cliquer sur OK

Descendre jusqu'à Client DNS
Faire un clic droit dessus et choisir Propriétés
Dans Statut du service, cliquer sur Arrêter (s'il n'est pas déjà arrêté)
Cliquer sur Appliquer,
Dans Type de démarrage, choisir Désactivé
Cliquer sur Appliquer, puis sur OK

Faire redémarrer le PC.

Est-ce plus rapide?

A suivre,

de **SERAUT** » 22 Déc 2008, 20:15

Je ne me souviens pas avoir installé volontairement Windows (Desktop) Search? Je ne l utilise pas.

J'ai désactiver le service Client DNS comme indiqué, je ne vois pas plus rapide le démarrage. Lorsque je le mets en route il met 45 secondes avant de voir windows apparaitre.

de **nickW** » 23 Déc 2008, 00:59

Bonsoir,

Note: Ces manips doivent être effectuées en ayant ouvert une session avec les "droits Administrateur" (ne pas utiliser le profil utilisateur nommé "Administrateur" visible en mode sans échec).

Service Windows Search ou WSearch

Essai de désactivation:

Lancer l'Invite de commandes: Démarrer---->Exécuter---->taper cmd puis cliquer sur OK

Dans la petite fenêtre à fond noir qui s'est ouverte, taper exactement (ou copier/coller) chacune des lignes ci-dessous et appuyer sur Entrée après chaque ligne:

sc config wsearch start= disabled (+ Entrée)

sc stop wsearch (+ Entrée)

Faire redémarrer le PC.

Peux-tu ensuite envoyer un nouveau log OTListIt2:

Étape 1: OTListIt2 (de OldTimer)
Fermer toutes les fenêtres de programme ouvertes.

Faire un double clic sur OTListIt2.exe pour lancer l'outil.

L'écran principal de OTListIt2 s'affiche:

Cocher (en haut) la case située devant Scan All Users:

Puis cliquer sur le bouton Run Scan:

Laisser l'outil travailler sans l'interrompre.
Lorsque l'outil a terminé, il y a ouverture d'une fenêtre du Bloc-notes contenant un rapport (log).
Fermer le Bloc-notes.
Fermer la fenêtre de OTListIt2.

Étape 2: Résultats
Envoyer en réponse:
*- le rapport principal de OTListIt2 (contenu du fichier OTListIt2.txt situé sur le Bureau).
Le rapport envoyé sur le forum doit se terminer par une ligne contenant <End>. Si ce n'est pas le cas, il est incomplet, et doit alors être découpé en plusieurs messages.

de **SERAUT** » 23 Déc 2008, 13:52

j ai fait ce que tu m as dit et volià le fichier OTListIt2.exe :

OTListIt logfile created on: 23/12/2008 13:49:33 - Run 2
OTListIt2 by OldTimer - Version 1.0.1.0 Folder = C:\Documents and Settings\Michel\Bureau
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

2,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 100,00% Memory free
4,00 Gb Paging File | 4,00 Gb Available in Paging File | 100,00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092;

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 298,09 Gb Total Space | 81,95 Gb Free Space | 27,49% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Drive J: | 4,16 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive K: | 3,84 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
Drive M: | 440,80 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS

Computer Name: SERAUT
Current User Name: Michel
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Output = Standard
File Age = 30 Days
Company Name Whitelist: On

========== Processes (SafeList) ==========

[2008/08/21 21:10:55 | 00,611,664 | ---- | M] (Lavasoft) -- C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
[2008/11/26 18:12:08 | 00,018,752 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
[2008/11/26 18:18:46 | 00,155,160 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe
[2008/11/26 18:18:51 | 00,081,000 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashDisp.exe
[2008/07/29 13:54:56 | 00,321,672 | ---- | M] (SPAMfighter ApS) -- C:\Program Files\SPAMfighter\SFAgent.exe
[2008/06/12 02:38:00 | 00,034,672 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Adobe\Reader 9.0\Reader\reader_sl.exe
[2008/04/14 03:34:13 | 01,695,232 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Messenger\msmsgs.exe
[2007/12/09 12:37:24 | 00,068,856 | ---- | M] (Google Inc.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
[2004/02/24 15:20:04 | 00,401,491 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft ActiveSync\wcescomm.exe
[2007/10/19 13:19:22 | 00,141,848 | ---- | M] (Logitech Inc.) -- C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
[2006/10/04 11:49:02 | 00,892,928 | ---- | M] (Diskeeper Corporation) -- C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
[2007/10/19 13:17:28 | 00,186,904 | ---- | M] (Logitech Inc.) -- C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
[2003/06/19 22:25:00 | 00,322,120 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
[2006/03/02 21:41:00 | 00,143,426 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvsvc32.exe
[2007/08/28 07:59:06 | 00,895,088 | ---- | M] (PC Tools Research Pty Ltd) -- C:\Program Files\Spyware Doctor\sdhelp.exe
[2008/07/29 13:56:44 | 00,184,968 | ---- | M] (SPAMfighter ApS) -- C:\Program Files\SPAMfighter\sfus.exe
[2006/12/06 20:59:46 | 00,217,088 | ---- | M] (Sony DADC Austria AG.) -- C:\WINDOWS\system32\UAService7.exe
[2008/11/26 18:16:23 | 00,352,920 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
[2008/11/26 18:18:32 | 00,254,040 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
[2008/12/21 13:27:15 | 00,419,328 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Michel\Bureau\OTListIt2.exe
[2007/10/19 13:17:28 | 00,186,904 | ---- | M] (Logitech Inc.) -- C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe

========== (O23) Win32 Services (SafeList) ==========

[2008/08/21 21:10:55 | 00,611,664 | ---- | M] (Lavasoft) -- C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe -- (aawservice [Auto | Running])
[2007/05/13 13:32:57 | 00,072,704 | ---- | M] (Adobe Systems) -- C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe -- (Adobe LM Service [On_Demand | Stopped])
[2007/10/24 00:47:22 | 00,033,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe -- (aspnet_state [On_Demand | Stopped])
[2008/11/26 18:12:08 | 00,018,752 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe -- (aswUpdSv [Auto | Running])
[2008/11/26 18:18:46 | 00,155,160 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe -- (avast! Antivirus [Auto | Running])
[2008/11/26 18:18:32 | 00,254,040 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe -- (avast! Mail Scanner [On_Demand | Running])
[2008/11/26 18:16:23 | 00,352,920 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe -- (avast! Web Scanner [On_Demand | Running])
[2007/10/24 00:47:40 | 00,070,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32 [On_Demand | Stopped])
[2006/10/04 11:49:02 | 00,892,928 | ---- | M] (Diskeeper Corporation) -- C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe -- (Diskeeper [Auto | Running])
[2008/12/01 11:01:02 | 00,033,752 | ---- | M] (NOS Microsystems Ltd.) -- C:\Program Files\NOS\bin\getPlus_HelperSvc.exe -- (getPlus(R) Helper [On_Demand | Stopped])
[2007/11/30 21:36:57 | 00,138,168 | ---- | M] (Google) -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc [On_Demand | Stopped])
[2007/10/19 13:17:28 | 00,186,904 | ---- | M] (Logitech Inc.) -- C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe -- (LVCOMSer [Auto | Running])
[2007/10/19 13:19:22 | 00,141,848 | ---- | M] (Logitech Inc.) -- C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe -- (LVPrcSrv [Auto | Running])
[2007/10/19 13:21:16 | 00,141,848 | ---- | M] (Logitech Inc.) -- C:\Program Files\Fichiers communs\LogiShrd\SrvLnch\SrvLnch.exe -- (LVSrvLauncher [Auto | Stopped])
[2003/06/19 22:25:00 | 00,322,120 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE -- (MDM [Auto | Running])
[2006/03/02 21:41:00 | 00,143,426 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvsvc32.exe -- (NVSvc [Auto | Running])
[2003/07/28 19:28:22 | 00,089,136 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE -- (ose [On_Demand | Stopped])
[2006/08/03 14:23:36 | 00,119,800 | ---- | M] (SiSoftware) -- C:\Program Files\SiSoftware\SiSoftware Sandra Ingénieur 2007.SP1\Win32\RpcDataSrv.exe -- (SandraDataSrv [On_Demand | Stopped])
[2006/08/03 14:23:32 | 01,258,488 | ---- | M] (SiSoftware) -- C:\Program Files\SiSoftware\SiSoftware Sandra Ingénieur 2007.SP1\RpcSandraSrv.exe -- (SandraTheSrv [On_Demand | Stopped])
[2007/08/28 07:59:06 | 00,895,088 | ---- | M] (PC Tools Research Pty Ltd) -- C:\Program Files\Spyware Doctor\sdhelp.exe -- (SDhelper [Auto | Running])
[2008/07/29 13:56:44 | 00,184,968 | ---- | M] (SPAMfighter ApS) -- C:\Program Files\SPAMfighter\sfus.exe -- (SPAMfighter Update Service [Auto | Running])
[2006/12/06 20:59:46 | 00,217,088 | ---- | M] (Sony DADC Austria AG.) -- C:\WINDOWS\system32\UAService7.exe -- (UserAccess7 [Auto | Running])
[2007/10/18 11:31:54 | 00,098,328 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Messenger\usnsvc.exe -- (usnjsvc [On_Demand | Stopped])
[2007/10/25 15:27:54 | 00,266,240 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\installer\WLSetupSvc.exe -- (WLSetupSvc [On_Demand | Stopped])
[2006/11/03 09:59:14 | 00,918,016 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc [On_Demand | Stopped])
[2008/05/26 21:18:44 | 00,439,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\searchindexer.exe -- (WSearch [Disabled | Stopped])

========== Driver Services (SafeList) ==========

[2008/11/26 18:15:35 | 00,026,944 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4 [System | Running])
[2008/08/21 21:10:59 | 00,015,648 | ---- | M] (Lavasoft AB) -- C:\WINDOWS\system32\drivers\NSDriver.sys -- (Ad-Watch Connect Filter [On_Demand | Stopped])
[2008/08/21 21:10:59 | 00,012,960 | ---- | M] (Lavasoft AB) -- C:\WINDOWS\system32\drivers\AWRTPD.sys -- (Ad-Watch Real-Time Scanner [On_Demand | Stopped])
[2008/08/21 21:10:59 | 00,015,648 | ---- | M] (Lavasoft AB) -- C:\WINDOWS\system32\drivers\AWRTRD.sys -- (Ad-Watch Registry Filter [On_Demand | Stopped])
[2006/05/19 14:44:52 | 03,965,056 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS -- (ALCXWDM [On_Demand | Running])
[2006/05/10 10:27:00 | 00,043,520 | ---- | M] (Advanced Micro Devices) -- C:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8 [System | Running])
[2008/11/26 18:17:25 | 00,020,560 | ---- | M] (ALWIL Software) -- C:\WINDOWS\system32\drivers\aswFsBlk.sys -- (aswFsBlk [Auto | Running])
[2008/11/26 18:18:18 | 00,094,032 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2 [Auto | Running])
[2008/11/26 18:16:29 | 00,023,152 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr [On_Demand | Running])
[2008/11/26 18:17:36 | 00,111,184 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP [System | Running])
[2008/11/26 18:16:38 | 00,050,864 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi [System | Running])
[2006/11/16 19:16:13 | 00,165,376 | ---- | M] () -- C:\WINDOWS\system32\drivers\atksgt.sys -- (atksgt [Auto | Running])
[2006/07/20 09:43:16 | 00,007,168 | ---- | M] () -- C:\Program Files\HardwareDetection\driverhardwarev2.sys -- (driverhardwarev2 [On_Demand | Stopped])
[2007/08/07 20:48:33 | 00,025,160 | ---- | M] (Elaborate Bytes AG) -- C:\WINDOWS\system32\drivers\ElbyCDIO.sys -- (ElbyCDIO [System | Running])
[2005/04/12 09:41:20 | 00,004,608 | ---- | M] (Elaborate Bytes AG) -- C:\WINDOWS\system32\drivers\ElbyDelay.sys -- (ElbyDelay [On_Demand | Running])
[2006/07/24 17:51:34 | 00,009,341 | ---- | M] (iolo technologies, LLC (based on original work by Bo Brantén)) -- C:\WINDOWS\System32\drivers\filedisk.sys -- (FileDisk [System | Running])
[2007/03/29 12:36:53 | 00,030,592 | ---- | M] (PCTools Research Pty Ltd.) -- C:\WINDOWS\system32\drivers\ikhfile.sys -- (ikhfile [System | Running])
[2007/08/28 07:59:03 | 00,051,072 | ---- | M] (PCTools Research Pty Ltd.) -- C:\WINDOWS\system32\drivers\ikhlayer.sys -- (ikhlayer [System | Running])
[2003/07/07 15:19:48 | 00,011,520 | R--- | M] (WB Electronic) -- C:\WINDOWS\system32\drivers\infusb.sys -- (INFUSB [On_Demand | Stopped])
[2006/11/16 19:16:13 | 00,018,048 | ---- | M] () -- C:\WINDOWS\system32\drivers\lirsgt.sys -- (lirsgt [Auto | Running])
[2007/10/19 13:16:30 | 02,109,976 | ---- | M] (Logitech Inc.) -- C:\WINDOWS\system32\drivers\Lvckap.sys -- (LVcKap [On_Demand | Stopped])
[2007/10/11 18:59:02 | 02,142,488 | ---- | M] (Logitech Inc.) -- C:\WINDOWS\system32\drivers\LVMVdrv.sys -- (LVMVDrv [On_Demand | Stopped])
[2007/10/11 18:59:24 | 00,025,624 | ---- | M] () -- C:\WINDOWS\system32\drivers\LVPr2Mon.sys -- (LVPr2Mon [On_Demand | Running])
[2007/05/09 20:51:34 | 00,041,888 | ---- | M] (Logitech Inc.) -- C:\WINDOWS\system32\drivers\LVUSBSta.sys -- (LVUSBSta [On_Demand | Running])
[2001/06/11 13:55:26 | 00,018,736 | ---- | M] () -- C:\Program Files\Micro Application\Super Nettoyeur\mxinsmon.sys -- (mxInsMon [On_Demand | Stopped])
[2008/04/13 19:53:09 | 00,040,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\nmnt.sys -- (nm [On_Demand | Stopped])
[2006/03/02 21:41:00 | 03,648,864 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv [On_Demand | Running])
[2005/10/04 11:48:00 | 00,093,952 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\drivers\nvatabus.sys -- (nvatabus [Boot | Running])
[2005/09/30 12:52:20 | 00,034,048 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD [On_Demand | Running])
[2005/09/30 12:52:22 | 00,013,056 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus [On_Demand | Running])
[2007/01/29 22:29:44 | 00,033,824 | ---- | M] () -- C:\WINDOWS\system32\drivers\oreans32.sys -- (oreans32 [System | Running])
[2006/11/11 09:06:58 | 00,039,488 | ---- | M] (VSO Software) -- C:\WINDOWS\system32\drivers\Pcouffin.sys -- (Pcouffin [On_Demand | Running])
[2007/05/09 20:46:48 | 00,014,112 | ---- | M] (Logitech Inc.) -- C:\WINDOWS\system32\drivers\lv302af.sys -- (pepifilter [On_Demand | Running])
[2005/01/31 11:26:06 | 00,912,768 | ---- | M] (Logitech Inc.) -- C:\WINDOWS\system32\drivers\LV302AV.SYS -- (PID_08A0 [On_Demand | Stopped])
[2007/05/09 20:47:00 | 01,276,832 | ---- | M] (Logitech Inc.) -- C:\WINDOWS\system32\drivers\LV302V32.SYS -- (PID_PEPI [On_Demand | Running])
[2006/09/30 11:35:52 | 00,027,936 | ---- | M] () -- C:\WINDOWS\system32\drivers\pstrip.sys -- (PStrip [System | Running])
[2004/08/05 13:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) -- C:\WINDOWS\system32\drivers\ptilink.sys -- (Ptilink [On_Demand | Running])
[2007/10/20 01:56:10 | 00,043,528 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\drivers\PxHelp20.sys -- (PxHelp20 [Boot | Running])
[2008/04/13 19:40:48 | 00,043,904 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\sbp2port.sys -- (sbp2port [Boot | Running])
[2007/11/13 11:25:54 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\WINDOWS\system32\drivers\secdrv.sys -- (Secdrv [Auto | Running])
[2005/01/14 17:14:07 | 00,047,616 | ---- | M] (Protection Technology) -- C:\WINDOWS\system32\drivers\sfdrv01.sys -- (sfdrv01 [Boot | Running])
[2004/10/28 11:47:59 | 00,006,656 | ---- | M] (Protection Technology) -- C:\WINDOWS\system32\drivers\sfhlp02.sys -- (sfhlp02 [Boot | Running])
[2004/12/03 11:20:41 | 00,020,544 | ---- | M] (Protection Technology) -- C:\WINDOWS\system32\drivers\sfsync02.sys -- (sfsync02 [Boot | Running])
[2005/06/20 08:12:00 | 00,215,040 | ---- | M] (SiS Corporation) -- C:\WINDOWS\system32\drivers\sis163u.sys -- (SIS163u [On_Demand | Stopped])
[2006/12/06 21:25:36 | 00,639,224 | ---- | M] () -- C:\WINDOWS\system32\drivers\sptd.sys -- (sptd [Boot | Running])
[2005/07/13 11:08:20 | 00,033,890 | ---- | M] (Service & Quality Technology.) -- C:\WINDOWS\system32\drivers\Capt905c.sys -- (SQTECH905C [On_Demand | Stopped])
[2008/04/13 19:45:12 | 00,060,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\USBAUDIO.sys -- (usbaudio [On_Demand | Running])
[2003/12/22 09:28:20 | 00,104,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\wceusbsh.sys -- (wceusbsh [On_Demand | Stopped])

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\windows\system32\blank.htm
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home
HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie

HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\windows\system32\blank.htm
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
URLSearchHook: {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - Reg Error: Key does not exist or could not be opened. File not found
HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKU\.DEFAULT\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKU\S-1-5-18\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

HKU\S-1-5-21-2921752088-3549839694-617077185-1007\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKU\S-1-5-21-2921752088-3549839694-617077185-1007\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\windows\system32\blank.htm
HKU\S-1-5-21-2921752088-3549839694-617077185-1007\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
HKU\S-1-5-21-2921752088-3549839694-617077185-1007\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
HKU\S-1-5-21-2921752088-3549839694-617077185-1007\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
URLSearchHook: {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - Reg Error: Key does not exist or could not be opened. File not found
HKU\S-1-5-21-2921752088-3549839694-617077185-1007\S-1-5-21-2921752088-3549839694-617077185-1007\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

O1 HOSTS File: (270046 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.123topsearch.com
O1 - Hosts: 127.0.0.1 123topsearch.com
O1 - Hosts: 127.0.0.1 www.132.com
O1 - Hosts: 127.0.0.1 132.com
O1 - Hosts: 127.0.0.1 www.136136.net
O1 - Hosts: 127.0.0.1 136136.net
O1 - Hosts: 127.0.0.1 www.163ns.com
O1 - Hosts: 127.0.0.1 163ns.com
O1 - Hosts: 127.0.0.1 171203.com
O1 - Hosts: 9307 more lines...
O2 - BHO: (Yahoo! Companion BHO) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_3_19_0.dll (Yahoo! Inc.)
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (PCTools Site Guard) - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - C:\Program Files\Spyware Doctor\tools\iesdsg.dll (PC Tools)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Implements TweakBHO) - {7DAAC7DE-9EF0-4FF0-BFA5-AFF3E899054C} - C:\Program Files\TweakMASTER\TweakBHO.dll (Hagel Technologies)
O2 - BHO: (Windows Live Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll File not found
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll (Google Inc.)
O2 - BHO: (PCTools Browser Monitor) - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - C:\Program Files\Spyware Doctor\tools\iesdpb.dll (PC Tools)
O3 - HKLM\..\Toolbar: (&Google) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll File not found
O3 - HKLM\..\Toolbar: (Easy-WebPrint) - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll ()
O3 - HKLM\..\Toolbar: (Yahoo! Companion) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_3_19_0.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar: (no name) - {BC4FFE41-DE9F-46FA-B455-AAD49B9F9938} - Reg Error: Key does not exist or could not be opened. File not found
O3 - HKCU\..\Toolbar: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll File not found
O3 - HKCU\..\Toolbar: (no name) - {BC4FFE41-DE9F-46FA-B455-AAD49B9F9938} - Reg Error: Key does not exist or could not be opened. File not found
O3 - HKCU\..\Toolbar: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_3_19_0.dll (Yahoo! Inc.)
O3 - HKU\S-1-5-21-2921752088-3549839694-617077185-1007\..\Toolbar: (no name) - {BC4FFE41-DE9F-46FA-B455-AAD49B9F9938} - Reg Error: Key does not exist or could not be opened. File not found
O3 - HKU\S-1-5-21-2921752088-3549839694-617077185-1007\..\Toolbar: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll File not found
O3 - HKU\S-1-5-21-2921752088-3549839694-617077185-1007\..\Toolbar: (no name) - {BC4FFE41-DE9F-46FA-B455-AAD49B9F9938} - Reg Error: Key does not exist or could not be opened. File not found
O3 - HKU\S-1-5-21-2921752088-3549839694-617077185-1007\..\Toolbar: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_3_19_0.dll (Yahoo! Inc.)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avast!] "C:\Program Files\Alwil Software\Avast4\ashDisp.exe" (ALWIL Software)
O4 - HKLM..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup (NVIDIA Corporation)
O4 - HKLM..\Run: [SPAMfighter Agent] "C:\Program Files\SPAMfighter\SFAgent.exe" update delay 60 (SPAMfighter ApS)
O4 - HKCU..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE" (Microsoft Corporation)
O4 - HKCU..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background (Microsoft Corporation)
O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - HKU\.DEFAULT..\Run: [Spyware Doctor] "C:\Program Files\Spyware Doctor\swdoctor.exe" /Q (PC Tools Research Pty Ltd)
O4 - HKU\S-1-5-18..\Run: [Spyware Doctor] "C:\Program Files\Spyware Doctor\swdoctor.exe" /Q (PC Tools Research Pty Ltd)
O4 - HKU\S-1-5-21-2921752088-3549839694-617077185-1007..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE" (Microsoft Corporation)
O4 - HKU\S-1-5-21-2921752088-3549839694-617077185-1007..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background (Microsoft Corporation)
O4 - HKU\S-1-5-21-2921752088-3549839694-617077185-1007..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRecentDocsHirtory = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 91 00 00 00 [binary data]
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoInstrumentation = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 1

O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun =
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun =
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-2921752088-3549839694-617077185-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 91 00 00 00 [binary data]
O7 - HKU\S-1-5-21-2921752088-3549839694-617077185-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoInstrumentation = 1
O7 - HKU\S-1-5-21-2921752088-3549839694-617077185-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 1

O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Easy-WebPrint Ajouter à la liste d'impressions - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint Impression rapide - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Imprimer - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
O8 - Extra context menu item: Easy-WebPrint Prévisualiser - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
O9 - Extra 'Tools' menuitem : Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\npjpi160_05.dll (Sun Microsystems, Inc.)
O9 - Extra Button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\Program Files\Spyware Doctor\tools\iesdpb.dll (PC Tools)
O9 - Extra Button: Créer un Favori de l'appareil mobile - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll (Microsoft Corporation)
O9 - Extra Button: Traduction - {7A2EFD41-E6B3-11D2-89E3-00E0292EE574} - C:\Program Files\PROMT5\PROMTIE4\promtie5.htm ()
O9 - Extra 'Tools' menuitem : Traduire - {7A2EFD41-E6B3-11D2-89E3-00E0292EE574} - C:\Program Files\PROMT5\PROMTIE4\promtie5.htm ()
O9 - Extra 'Tools' menuitem : Personnaliser les options de traduction - {7A2EFD41-E6B3-11D2-89E3-00E0292EE575} - C:\Program Files\PROMT5\PROMTIE4\OPTIONS.HTM ()
O9 - Extra Button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - File not found
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\network diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - File not found
O9 - Extra 'Tools' menuitem : Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - File not found
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O15 - HKLM\..Trusted Sites: 46 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKCU\..Trusted Sites: 47 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKU\.DEFAULT\..Trusted Sites: 47 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKU\S-1-5-18\..Trusted Sites: 47 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKU\S-1-5-19\..Trusted Sites: 33 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKU\S-1-5-20\..Trusted Sites: 33 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKU\S-1-5-21-2921752088-3549839694-617077185-1007\..Trusted Sites: 47 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/fl ... rashim.cab (Reg Error: Key does not exist or could not be opened.)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} (Java Plug-in 1.6.0_05)
O18 - Protocol\Handler: - ipp - No CLSID value found
O18 - Protocol\Handler: - ipp\0x00000001 - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler: - livecall - C:\Program Files\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll (Microsoft Corporation)
O18 - Protocol\Handler: - mctp - C:\Program Files\Microsoft ActiveSync\aatp.dll (Microsoft Corporation)
O18 - Protocol\Handler: - msdaipp - No CLSID value found
O18 - Protocol\Handler: - msdaipp\0x00000001 - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler: - msdaipp\oledb - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler: - ms-itss - c:\Program Files\Fichiers communs\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler: - msnim - C:\Program Files\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll (Microsoft Corporation)
O18 - Protocol\Handler: - mso-offdap - C:\Program Files\Fichiers communs\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler: - mso-offdap11 - C:\Program Files\Fichiers communs\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Filter: - text/xml - C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - See sections below for AppInitDlls and Winlogon settings

========== Shell Execute Hooks ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}" (HKLM) -- C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll (Microsoft Corporation)

========== Safeboot Options ==========

"AlternateShell" = cmd.exe

========== CDRom AutoRun Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom]
"AutoRun" = 1

========== Autorun Files on Drives ==========

AUTOEXEC.BAT []
[2006/07/21 16:19:42 | 00,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT -- [ NTFS ]

Autorun.exe [MZ | ]
[2007/08/02 20:42:29 | 00,587,048 | R--- | M] (Massive Entertainment AB) -- J:\Autorun.exe -- [ CDFS ]

Autorun.inf [[autorun] | open=Autorun.exe | icon=Icon.ico | ]
[2007/06/29 07:21:12 | 00,000,048 | R--- | M] () -- J:\Autorun.inf -- [ CDFS ]

Autorun.sdf [RYS x( | ]
[2007/07/23 14:19:17 | 00,272,975 | R--- | M] () -- J:\Autorun.sdf -- [ CDFS ]

Autorun.inf [[autorun] | OPEN=SH4Autorun.exe | ICON=sh4.ico | LABEL=SilentHunter4 | ]
[2007/02/24 13:12:06 | 00,000,067 | R--- | M] () -- K:\Autorun.inf -- [ UDF ]

Autorun.inf [[autorun] | open=install.exe /autorun | icon=zoo2.ico | Name=Installation de Zoo Tycoon 2 | | shell\setup=&Installer Zoo Tycoon 2 | shell\setup\command=install.exe | | shell\directx=Installer &DirectX 9.0b | shell\directx\command=DirectX\dxsetup.exe | ]
[2004/10/19 13:04:40 | 00,000,242 | R--- | M] () -- M:\Autorun.inf -- [ CDFS ]

========== MountPoints2 ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1c325589-5aaa-11db-916f-0015f2f355dc}\Shell\AutoRun\command]
"" = P:\start.exe -- File not found

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1c325589-5aaa-11db-916f-0015f2f355dc}\Shell\FramaKey\command]
"" = P:\start.exe -- File not found

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1c325593-5aaa-11db-916f-0015f2f355dc}\Shell]
"" = AutoRun

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1c325593-5aaa-11db-916f-0015f2f355dc}\Shell\AutoRun\command]
"" = J:\Autorun.exe -- [2007/08/02 20:42:29 | 00,587,048 | R--- | M] (Massive Entertainment AB)

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{4259b7a0-6e5e-11db-91a9-0015f2f355dc}\Shell\Auto\command]
"" = Start.exe

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{45c187e6-7888-11dc-9358-0015f2f355dc}\Shell\Auto\command]
"" = Start.exe

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{87a9c4c0-b401-11dd-9528-0015f2f355dc}\Shell\AutoRun\command]
"" = N:\start.exe -- File not found

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{87a9c4c0-b401-11dd-9528-0015f2f355dc}\Shell\iledefrance\command]
"" = N:\start.exe -- File not found

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{aa251914-0210-11dc-92b2-0015f2f355dc}\Shell]
"" = AutoRun

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{aa251914-0210-11dc-92b2-0015f2f355dc}\Shell\AutoRun\command]
"" = M:\install.exe -- [2004/10/07 19:58:38 | 00,589,824 | R--- | M] (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{aa251914-0210-11dc-92b2-0015f2f355dc}\Shell\directx\command]
"" = M:\DirectX\dxsetup.exe -- [2003/06/02 01:47:18 | 00,467,456 | R--- | M] (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{aa251914-0210-11dc-92b2-0015f2f355dc}\Shell\setup\command]
"" = M:\install.exe -- [2004/10/07 19:58:38 | 00,589,824 | R--- | M] (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d6db79cc-ecce-11db-927b-0015f2f355dc}\Shell]
"" = AutoRun

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d6db79cc-ecce-11db-927b-0015f2f355dc}\Shell\AutoRun\command]
"" = K:\SH4Autorun.exe -- [2007/02/25 18:55:00 | 08,523,776 | R--- | M] (Ubisoft)

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\J\Shell]
"" = AutoRun

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\J\Shell\AutoRun\command]
"" = J:\install.exe -- File not found

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\J\Shell\directx\command]
"" = J:\DirectX\dxsetup.exe -- File not found

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\J\Shell\setup\command]
"" = J:\install.exe -- File not found

========== Files/Folders - Created Within 30 Days ==========

[2008/12/21 13:27:12 | 00,419,328 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Michel\Bureau\OTListIt2.exe
[2008/12/21 12:32:53 | 00,000,000 | R--D | C] -- C:\Documents and Settings\Michel\Mes documents\Copie de Mes images
[2008/12/21 12:32:05 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Michel\Mes documents\EA Games
[2008/12/21 12:32:05 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Documents\EA Games
[2008/12/20 21:02:05 | 00,005,737 | ---- | C] () -- C:\Documents and Settings\Michel\Local Settings\Application Data\gnc.exe
[2008/12/20 13:41:08 | 00,001,796 | ---- | C] () -- C:\WINDOWS\System32\tmp.reg
[2008/12/20 13:40:24 | 00,289,144 | ---- | C] (S!Ri) -- C:\WINDOWS\System32\VCCLSID.exe
[2008/12/20 13:40:24 | 00,288,417 | ---- | C] (S!Ri) -- C:\WINDOWS\System32\SrchSTS.exe
[2008/12/20 13:40:24 | 00,135,168 | ---- | C] (SteelWerX) -- C:\WINDOWS\System32\swreg.exe
[2008/12/20 13:40:24 | 00,087,552 | ---- | C] (S!Ri.URZ) -- C:\WINDOWS\System32\VACFix.exe
[2008/12/20 13:40:24 | 00,082,944 | ---- | C] (S!Ri.URZ) -- C:\WINDOWS\System32\IEDFix.exe
[2008/12/20 13:40:24 | 00,082,944 | ---- | C] (S!Ri.URZ) -- C:\WINDOWS\System32\IEDFix.C.exe
[2008/12/20 13:40:24 | 00,082,432 | ---- | C] (S!Ri.URZ) -- C:\WINDOWS\System32\404Fix.exe
[2008/12/20 13:40:24 | 00,080,384 | ---- | C] (S!Ri.URZ) -- C:\WINDOWS\System32\o4Patch.exe
[2008/12/20 13:40:24 | 00,079,360 | ---- | C] (SteelWerX) -- C:\WINDOWS\System32\swxcacls.exe
[2008/12/20 13:40:24 | 00,078,336 | ---- | C] (S!Ri.URZ) -- C:\WINDOWS\System32\Agent.OMZ.Fix.exe
[2008/12/20 13:40:24 | 00,053,248 | ---- | C] (http://www.beyondlogic.org) -- C:\WINDOWS\System32\Process.exe
[2008/12/20 13:40:24 | 00,051,200 | ---- | C] () -- C:\WINDOWS\System32\dumphive.exe
[2008/12/20 13:40:24 | 00,040,960 | ---- | C] () -- C:\WINDOWS\System32\swsc.exe
[2008/12/20 13:40:24 | 00,025,600 | ---- | C] () -- C:\WINDOWS\System32\WS2Fix.exe
[2008/12/20 13:21:14 | 00,000,636 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Navilog1.lnk
[2008/12/20 13:21:13 | 00,000,000 | ---D | C] -- C:\Program Files\Navilog1
[2008/12/20 11:51:14 | 00,001,746 | ---- | C] () -- C:\Documents and Settings\Michel\Bureau\HijackThis.lnk
[2008/12/19 19:47:05 | 00,000,000 | ---D | C] -- C:\Program Files\SFRWidget
[2008/12/19 13:08:52 | 00,000,000 | ---D | C] -- C:\Program Files\Microsoft SQL Server Compact Edition
[2008/12/19 13:07:21 | 00,000,000 | ---D | C] -- C:\Program Files\Microsoft
[2008/12/19 13:07:12 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Documents\microsoft
[2008/12/19 13:00:24 | 00,000,000 | ---D | C] -- C:\Program Files\Fichiers communs\Windows Live
[2008/12/16 13:00:11 | 00,000,000 | ---D | C] -- C:\Program Files\NOS
[2008/12/16 13:00:11 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\NOS
[2008/12/11 21:08:46 | 00,000,000 | ---D | C] -- C:\tmp
[2008/12/11 21:08:36 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Michel\Application Data\Nosibay
[2008/12/11 21:08:34 | 00,000,000 | ---D | C] -- C:\Program Files\Fichiers communs\Nosibay
[2008/12/11 21:08:31 | 00,000,000 | ---D | C] -- C:\Program Files\Nosibay
[2008/12/08 17:24:31 | 00,037,062 | ---- | C] () -- C:\WINDOWS\System32\odbcinst.hlp
[2008/12/08 17:24:31 | 00,000,324 | ---- | C] () -- C:\WINDOWS\System32\odbcinst.cnt
[2008/12/08 17:23:37 | 00,000,000 | ---D | C] -- C:\Program Files\Fichiers communs\Micro Application Shared
[2008/12/07 20:20:41 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Michel\Application Data\MAGIX
[2008/12/07 20:19:57 | 00,044,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msxml4a.dll
[2008/12/07 20:19:54 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\MAGIX
[2008/12/07 20:19:41 | 00,245,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mp4sds32.ax
[2008/12/07 20:19:40 | 00,420,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mpg4c32.dll
[2008/12/07 20:18:33 | 00,430,080 | ---- | C] (MAGIX AG) -- C:\WINDOWS\System32\MXRestore.exe
[2008/12/07 20:18:33 | 00,188,416 | ---- | C] (PoINT Software & Systems GmbH) -- C:\WINDOWS\System32\DLLRES32.dll
[2008/12/07 20:18:33 | 00,163,840 | ---- | C] (PoINT Software & Systems GmbH) -- C:\WINDOWS\System32\DLLDEV32.dll
[2008/12/07 20:18:33 | 00,151,552 | ---- | C] (PoINT Software & Systems GmbH) -- C:\WINDOWS\System32\DLLDRV32.dll
[2008/12/07 20:18:33 | 00,114,688 | ---- | C] (PoINT Software & Systems GmbH) -- C:\WINDOWS\System32\DLLCDA32.dll
[2008/12/07 20:18:33 | 00,094,208 | ---- | C] (PoINT Software & Systems GmbH) -- C:\WINDOWS\System32\DLLCPY32.dll
[2008/12/07 20:18:33 | 00,065,536 | ---- | C] (PoINT Software & Systems GmbH) -- C:\WINDOWS\System32\DLLPTL32.dll
[2008/12/07 20:18:33 | 00,061,440 | ---- | C] (PoINT Software & Systems GmbH) -- C:\WINDOWS\System32\DLLCDF32.dll
[2008/12/07 20:18:33 | 00,057,344 | ---- | C] (PoINT Software & Systems GmbH) -- C:\WINDOWS\System32\DLLTPO32.dll
[2008/12/07 20:18:33 | 00,053,248 | ---- | C] (PoINT Software & Systems GmbH) -- C:\WINDOWS\System32\DLLPRJ32.dll
[2008/12/07 20:18:33 | 00,049,152 | ---- | C] (PoINT Software & Systems GmbH) -- C:\WINDOWS\System32\DLLPRF32.dll
[2008/12/07 20:18:33 | 00,049,152 | ---- | C] (PoINT Software & Systems GmbH) -- C:\WINDOWS\System32\DLLIO32.dll
[2008/12/07 20:18:33 | 00,045,056 | ---- | C] (PoINT Software & Systems GmbH) -- C:\WINDOWS\System32\DLLIMG32.dll
[2008/12/07 20:18:33 | 00,040,960 | ---- | C] (PoINT Software & Systems GmbH) -- C:\WINDOWS\System32\DLLRD32.dll
[2008/12/07 20:18:33 | 00,036,864 | ---- | C] (PoINT Software & Systems GmbH) -- C:\WINDOWS\System32\DLLPNT32.dll
[2008/12/07 20:18:33 | 00,032,768 | ---- | C] (PoINT Software & Systems GmbH) -- C:\WINDOWS\System32\STRING32.dll
[2008/12/07 20:18:33 | 00,032,768 | ---- | C] (PoINT Software & Systems GmbH) -- C:\WINDOWS\System32\DLLMSC32.dll
[2008/12/07 20:18:33 | 00,032,768 | ---- | C] (PoINT Software & Systems GmbH) -- C:\WINDOWS\System32\DLLISO32.dll
[2008/12/07 20:18:33 | 00,032,768 | ---- | C] (PoINT Software & Systems GmbH) -- C:\WINDOWS\System32\DLLDIR32.dll
[2008/12/07 20:18:33 | 00,024,576 | ---- | C] (PoINT Software & Systems GmbH) -- C:\WINDOWS\System32\TTIC32.dll
[2008/12/07 20:18:33 | 00,024,576 | ---- | C] (PoINT Software & Systems GmbH) -- C:\WINDOWS\System32\TTI32.dll
[2008/12/07 20:18:33 | 00,024,576 | ---- | C] (PoINT Software & Systems GmbH) -- C:\WINDOWS\System32\DLLIX.dll
[2008/12/07 20:18:33 | 00,014,182 | ---- | C] () -- C:\WINDOWS\System32\DLLAV32.lib
[2008/12/07 20:18:32 | 00,462,848 | ---- | C] (PoINT Software & Systems GmbH) -- C:\WINDOWS\System32\DLLAV32.dll
[2008/12/07 20:18:31 | 00,000,000 | ---D | C] -- C:\Program Files\Fichiers communs\MAGIX Shared
[2008/12/07 20:18:14 | 01,089,536 | ---- | C] (eHelp Corporation.) -- C:\WINDOWS\System32\ROBOEX32.DLL
[2008/12/07 20:18:14 | 00,085,504 | ---- | C] (Blue Sky Software Corporation.) -- C:\WINDOWS\System32\HtmlWH.dll
[2008/12/07 20:18:14 | 00,049,152 | ---- | C] (Blue Sky Software Corporation.) -- C:\WINDOWS\System32\INETWH32.dll
[2008/12/07 20:18:14 | 00,000,000 | ---D | C] -- C:\MAGIX
[2008/12/07 20:17:52 | 00,626,688 | ---- | C] (MAGIX AG) -- C:\WINDOWS\System32\mgxoschk.dll
[2008/12/07 20:17:52 | 00,006,425 | ---- | C] () -- C:\WINDOWS\mgxoschk.ini
[2008/12/07 20:17:52 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\MAGIX
[2008/12/07 17:59:58 | 00,025,088 | ---- | C] () -- C:\Documents and Settings\Michel\Mes documents\Julien SERAUT CV.doc
[2008/12/07 14:17:01 | 00,201,050 | ---- | C] () -- C:\WINDOWS\System32\nvapps.nvb
[2008/12/07 14:16:25 | 00,007,143 | ---- | C] () -- C:\WINDOWS\System32\nvide.nvu
[2008/12/07 14:06:39 | 00,002,306 | ---- | C] () -- C:\WINDOWS\System32\nvsmb.nvu
[2008/12/07 11:23:32 | 00,000,000 | ---D | C] -- C:\Program Files\QuickGamma
[2008/12/06 18:41:02 | 00,000,000 | ---D | C] -- C:\Program Files\Realtek AC97
[2008/12/06 18:09:35 | 00,000,000 | ---D | C] -- C:\Program Files\NDSROM Player
[2008/12/05 12:54:41 | 00,000,000 | ---D | C] -- C:\Program Files\Driver-Soft
[2008/12/04 20:39:38 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Michel\Bureau\Plongée
[2008/12/02 22:37:20 | 00,051,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sirenacm.dll
[2008/11/30 10:59:41 | 00,208,384 | ---- | C] () -- C:\Documents and Settings\Michel\Mes documents\dessert noel.doc
[2008/11/29 22:57:04 | 00,000,000 | ---D | C] -- C:\Program Files\Picasa2

========== Files - Modified Within 30 Days ==========

[4 C:\WINDOWS\*.tmp files]
[2008/12/23 13:49:48 | 00,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2008/12/23 13:49:25 | 00,003,134 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2008/12/23 13:48:49 | 00,192,478 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2008/12/23 13:48:49 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2008/12/23 13:48:43 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2008/12/23 13:43:32 | 00,000,569 | ---- | M] () -- C:\Documents and Settings\Michel\Mes documents\Mes dossiers de partage.lnk
[2008/12/23 08:46:00 | 00,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2008/12/23 08:45:59 | 00,043,520 | ---- | M] () -- C:\Documents and Settings\Michel\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/12/21 20:00:00 | 00,000,330 | -H-- | M] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2008/12/21 19:00:00 | 00,000,410 | ---- | M] () -- C:\WINDOWS\tasks\Maintenance en 1 clic.job
[2008/12/21 13:27:15 | 00,419,328 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Michel\Bureau\OTListIt2.exe
[2008/12/20 22:23:10 | 00,002,573 | ---- | M] () -- C:\Documents and Settings\Michel\Bureau\Microsoft Office Word 2003.lnk
[2008/12/20 20:49:40 | 00,001,796 | ---- | M] () -- C:\WINDOWS\System32\tmp.reg
[2008/12/20 20:49:35 | 00,270,046 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2008/12/20 13:21:14 | 00,000,636 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Navilog1.lnk
[2008/12/20 11:51:14 | 00,001,746 | ---- | M] () -- C:\Documents and Settings\Michel\Bureau\HijackThis.lnk
[2008/12/20 10:40:56 | 00,088,032 | ---- | M] () -- C:\Documents and Settings\Michel\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2008/12/19 19:49:52 | 00,332,280 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2008/12/19 13:33:21 | 00,521,624 | ---- | M] () -- C:\WINDOWS\System32\perfh00C.dat
[2008/12/19 13:33:21 | 00,408,120 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2008/12/19 13:33:21 | 00,096,260 | ---- | M] () -- C:\WINDOWS\System32\perfc00C.dat
[2008/12/19 13:33:21 | 00,064,650 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2008/12/19 13:26:59 | 00,000,830 | ---- | M] () -- C:\WINDOWS\win.ini
[2008/12/19 13:26:59 | 00,000,264 | ---- | M] () -- C:\WINDOWS\system.ini
[2008/12/12 18:02:12 | 03,088,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mshtml.dll
[2008/12/12 18:02:12 | 03,088,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshtml.dll
[2008/12/12 13:17:21 | 00,000,239 | -HS- | M] () -- C:\boot.ini
[2008/12/12 00:57:43 | 00,078,336 | ---- | M] (S!Ri.URZ) -- C:\WINDOWS\System32\Agent.OMZ.Fix.exe
[2008/12/10 00:24:37 | 17,593,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\MRT.exe
[2008/12/08 17:33:57 | 00,000,294 | ---- | M] () -- C:\WINDOWS\NAVIGMA.INI
[2008/12/07 21:11:27 | 01,576,586 | -H-- | M] () -- C:\Documents and Settings\Michel\Local Settings\Application Data\IconCache.db
[2008/12/07 20:19:52 | 00,006,425 | ---- | M] () -- C:\WINDOWS\mgxoschk.ini
[2008/12/07 17:59:58 | 00,025,088 | ---- | M] () -- C:\Documents and Settings\Michel\Mes documents\Julien SERAUT CV.doc
[2008/11/30 19:52:38 | 00,003,616 | ---- | M] () -- C:\WINDOWS\System32\settings.aaw
[2008/11/30 19:52:38 | 00,000,960 | ---- | M] () -- C:\WINDOWS\System32\history.aaw
[2008/11/30 10:59:41 | 00,208,384 | ---- | M] () -- C:\Documents and Settings\Michel\Mes documents\dessert noel.doc
[2008/11/29 17:58:21 | 00,082,944 | ---- | M] (S!Ri.URZ) -- C:\WINDOWS\System32\IEDFix.C.exe
[2008/11/28 11:09:48 | 00,000,700 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Widget SFR.lnk
[2008/11/26 18:21:30 | 01,236,208 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\aswBoot.exe
[2008/11/26 18:18:25 | 00,093,296 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2008/11/26 18:18:18 | 00,094,032 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2008/11/26 18:17:36 | 00,111,184 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2008/11/26 18:17:25 | 00,020,560 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2008/11/26 18:16:38 | 00,050,864 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2008/11/26 18:16:29 | 00,023,152 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2008/11/26 18:15:35 | 00,026,944 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2008/11/26 18:15:10 | 00,097,480 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\AVASTSS.scr

========== Alternate Data Streams ==========

@Alternate Data Stream - 0 bytes -> %UserProfile%\Mes documents\Thumbs.db:encryptable
<End>

de **nickW** » 24 Déc 2008, 00:56

Bonsoir,

Toujours pas d'amélioration de la vitesse du PC?

A suivre,

Assiste.Forums

Demande d'analyse de logs

Demande d'analyse de logs

Autres renseignements si ca peut aider dans l analyse

suite

réponse

Qui est en ligne