Rapport hijackthis suite à un ordinateur trop lent

Sécurité et insécurité. Virus, Trojans, Spywares, Failles etc. …

Modérateur: Modérateurs et Modératrices

Règles du forum
Assiste.com a suspendu l'assistance à la décontamination après presque 15 ans sur l'ancien forum puis celui-ci. Voir :

Procédure de décontamination 1 - Anti-malware
Décontamination anti-malwares

Procédure de décontamination 2 - Anti-malware et antivirus (La Manip)
La Manip - Procédure standard de décontamination

Entretien périodique d'un PC sous Windows
Entretien périodique d'un PC sous Windows

Protection des navigateurs, de la navigation et de la vie privée
Protéger le navigateur, la navigation et la vie privée

Rapport hijackthis suite à un ordinateur trop lent

Messagede frofro » 26 Juil 2009, 20:36

bonjour,

mon ordinateur étant un peu lent en ce moment, j'ai sorti un rapport hijackthis mais ne sait pas quoi retirer

qu'en pensez-vous? Merci

Logfile of Trend Micro HijackThis v2.0.0 (BETA)
Scan saved at 21:34:52, on 26/07/2009
Platform: Windows Vista (WinNT 6.00.1904)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Windows\System32\mobsync.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Users\Sullivan\Downloads\HiJackThis_v2.exe
C:\Program Files\Internet Explorer\iexplore.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.orange.fr/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKUS\S-1-5-20\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE RÉSEAU')
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O13 - Gopher Prefix:
O16 - DPF: CabBuilder - http://kiw.imgag.com/imgag/kiw/toolbar/ ... ontrol.cab
O16 - DPF: {2019DC25-D1C0-11D6-97B3-0008A124F542} (StreamPlug Class) - http://www.streamplug.com/StreamPlug/beta/SP.cab
O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/activescan ... stubie.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupda ... 1868940424
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://fichiers.touslesdrivers.com/fich ... _0_3_0.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{8C812D1F-5A5F-4074-84E9-48A65B60B40E}: NameServer = 213.36.80.1,192.168.1.1
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: @%SystemRoot%\system32\aelupsvc.dll,-1 (AeLookupSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe
O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
O23 - Service: @%systemroot%\system32\appinfo.dll,-100 (Appinfo) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-204 (AudioEndpointBuilder) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-200 (Audiosrv) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\bfe.dll,-1001 (BFE) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\qmgr.dll,-1000 (BITS) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: @%systemroot%\system32\browser.dll,-100 (Browser) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\certprop.dll,-11 (CertPropSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: @%SystemRoot%\system32\cryptsvc.dll,-1001 (CryptSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @oleres.dll,-5012 (DcomLaunch) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\dhcpcsvc.dll,-100 (Dhcp) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\dnsapi.dll,-101 (Dnscache) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\dot3svc.dll,-1102 (dot3svc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\dps.dll,-500 (DPS) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\eapsvc.dll,-1 (EapHost) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\ehome\ehrecvr.exe,-101 (ehRecvr) - Unknown owner - C:\Windows\ehome\ehRecvr.exe
O23 - Service: @%SystemRoot%\ehome\ehsched.exe,-101 (ehSched) - Unknown owner - C:\Windows\ehome\ehsched.exe
O23 - Service: @%SystemRoot%\ehome\ehstart.dll,-101 (ehstart) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\emdmgmt.dll,-1000 (EMDMgmt) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wevtsvc.dll,-200 (Eventlog) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @comres.dll,-2450 (EventSystem) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\fdPHost.dll,-100 (fdPHost) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\fdrespub.dll,-100 (FDResPub) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @gpapi.dll,-112 (gpsvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: Service Google Update (gupdate1c9fcbd9dabb084) (gupdate1c9fcbd9dabb084) - Unknown owner - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: @%SystemRoot%\System32\hidserv.dll,-101 (hidserv) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\kmsvc.dll,-6 (hkmsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: @%SystemRoot%\system32\ikeext.dll,-501 (IKEEXT) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\IPBusEnum.dll,-102 (IPBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\iphlpsvc.dll,-200 (iphlpsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe
O23 - Service: @comres.dll,-2946 (KtmRm) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\srvsvc.dll,-100 (LanmanServer) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\wkssvc.dll,-100 (LanmanWorkstation) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\lltdres.dll,-1 (lltdsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\lmhsvc.dll,-101 (lmhosts) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: lxcz_device - - C:\Windows\system32\lxczcoms.exe
O23 - Service: Ma-Config Service (maconfservice) - Unknown owner - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: @%systemroot%\system32\mmcss.dll,-100 (MMCSS) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\FirewallAPI.dll,-23090 (MpsSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe
O23 - Service: @%SystemRoot%\system32\iscsidsc.dll,-5000 (MSiSCSI) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\msimsg.dll,-27 (msiserver) - Unknown owner - C:\Windows\system32\msiexec.exe
O23 - Service: @%SystemRoot%\system32\qagentrt.dll,-6 (napagent) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe
O23 - Service: @%SystemRoot%\system32\netman.dll,-109 (Netman) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\netprof.dll,-246 (netprofm) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\nlasvc.dll,-1 (NlaSvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\nsisvc.dll,-200 (nsi) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8004 (p2pimsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8006 (p2psvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\pcasvc.dll,-1 (PcaSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\pla.dll,-500 (pla) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\umpnpmgr.dll,-100 (PlugPlay) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8002 (PNRPAutoReg) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8000 (PNRPsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\polstore.dll,-5010 (PolicyAgent) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\profsvc.dll,-300 (ProfSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe
O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\rasauto.dll,-200 (RasAuto) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\rasmans.dll,-200 (RasMan) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @regsvc.dll,-1 (RemoteRegistry) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe
O23 - Service: @oleres.dll,-5010 (RpcSs) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe
O23 - Service: @%SystemRoot%\System32\SCardSvr.dll,-1 (SCardSvr) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\schedsvc.dll,-100 (Schedule) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\certprop.dll,-13 (SCPolicySvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\sdrsvc.dll,-107 (SDRSVC) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\Sens.dll,-200 (SENS) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\SessEnv.dll,-1026 (SessionEnv) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\shsvcs.dll,-12288 (ShellHWDetection) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe
O23 - Service: @%SystemRoot%\system32\SLUINotify.dll,-103 (SLUINotify) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe
O23 - Service: @%systemroot%\system32\ssdpsrv.dll,-100 (SSDPSRV) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wiaservc.dll,-9 (stisvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: @%SystemRoot%\System32\swprv.dll,-103 (swprv) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\sysmain.dll,-1000 (SysMain) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\TabSvc.dll,-100 (TabletInputService) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\tapisrv.dll,-10100 (TapiSrv) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\tbssvc.dll,-100 (TBS) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: TeamViewer 4 (TeamViewer4) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version4\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\System32\termsrv.dll,-268 (TermService) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\shsvcs.dll,-8192 (Themes) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\mmcss.dll,-102 (THREADORDER) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\trkwks.dll,-1 (TrkWks) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\servicing\TrustedInstaller.exe,-100 (TrustedInstaller) - Unknown owner - C:\Windows\servicing\TrustedInstaller.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe
O23 - Service: @%systemroot%\system32\upnphost.dll,-213 (upnphost) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\dwm.exe,-2000 (UxSms) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe
O23 - Service: @%SystemRoot%\system32\w32time.dll,-200 (W32Time) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wcncsvc.dll,-3 (wcncsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\WcsPlugInService.dll,-200 (WcsPlugInService) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\wdi.dll,-502 (WdiServiceHost) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\wdi.dll,-500 (WdiSystemHost) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\webclnt.dll,-100 (WebClient) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wecsvc.dll,-200 (Wecsvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wercplsupport.dll,-101 (wercplsupport) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%ProgramFiles%\Windows Defender\MsMpRes.dll,-103 (WinDefend) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\winhttp.dll,-100 (WinHttpAutoProxySvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\wbem\wmisvc.dll,-205 (Winmgmt) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\wsmsvc.dll,-101 (WinRM) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wlansvc.dll,-257 (Wlansvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files\Windows Media Player\wmpnetwk.exe
O23 - Service: @%SystemRoot%\system32\wpcsvc.dll,-100 (WPCSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wpdbusenum.dll,-100 (WPDBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wscsvc.dll,-200 (wscsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\wuaueng.dll,-105 (wuauserv) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wudfsvc.dll,-1000 (wudfsvc) - Unknown owner - C:\Windows\system32\svchost.exe

--
End of file - 19585 bytes
frofro
 
Messages: 6
Inscription: 26 Juil 2009, 20:34

Messagede frofro » 27 Juil 2009, 17:11

je me permets un petit up car j'aimerais bien régler ce problème au plus vite, un ordinateur lent c'est vite énervant :(
frofro
 
Messages: 6
Inscription: 26 Juil 2009, 20:34

Messagede nickW » 27 Juil 2009, 18:01

Bonjour,

Attention:
Suivre simultanément les instructions de nettoyage de deux forums distincts peut être très dangereux!

De plus, c'est une perte de temps pour les assistants!
http://forum.pcastuces.com/sujet.asp?s=49440&f=25


Tu sembles bien impatient d'avoir une réponse, mais peu préoccupé par les mises à jour!

Logfile of Trend Micro HijackThis v2.0.0 (BETA)
Version bêta complètement obsolète depuis des années!

Windows Vista (WinNT 6.00.1904)
Version non à jour.

Java de Sun: jre1.6.0_03
Version obsolète, périmée depuis janvier 2008.



Peux-tu suivre les instructions de ce sujet et envoyer les trois rapports demandés?


A suivre,
nickW - Image
30/07/2012: Plus de désinfection de PC jusqu'à nouvel ordre.
Pas de demande d'analyse de log en MP (Message Privé)
Mes configs
Avatar de l’utilisateur
nickW
Modérateur
 
Messages: 21698
Inscription: 20 Mai 2004, 17:41
Localisation: Dordogne/Île de France

Messagede frofro » 28 Juil 2009, 00:07

bonsoir et merci pour la réponse

voici le rapport de malwarebyte

Malwarebytes' Anti-Malware 1.24
Version de la base de données: 1026
Windows 6.0.6000

01:01:49 28/07/2009
mbam-log-7-28-2009 (01-01-49).txt

Type de recherche: Examen rapide
Eléments examinés: 36486
Temps écoulé: 12 minute(s), 45 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
(Aucun élément nuisible détecté)


Précision : je n'ai pas désactivé puis réactivé le module résident de l'antivirus et celui de l'antispyware car je ne sais pas le faire.
frofro
 
Messages: 6
Inscription: 26 Juil 2009, 20:34

OTL.txt

Messagede frofro » 28 Juil 2009, 00:19

OTL logfile created on: 28/07/2009 01:15:26 - Run 5
OTL by OldTimer - Version 3.0.10.3 Folder = C:\Users\Sullivan\Desktop
Windows Vista Home Premium Edition (Version = 6.0.6000) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6000.16851)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

2,00 Gb Total Physical Memory | 0,89 Gb Available Physical Memory | 44,68% Memory free
4,00 Gb Paging File | 3,08 Gb Available in Paging File | 76,96% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 290,09 Gb Total Space | 200,71 Gb Free Space | 69,19% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: PC-DE-SULLIVAN
Current User Name: Sullivan
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2008/07/09 17:05:22 | 00,018,704 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Windows OneCare Live\Antivirus\MsMpEng.exe
PRC - [2006/11/08 13:04:04 | 00,552,960 | ---- | M] (ATI Technologies Inc.) -- C:\Windows\System32\Ati2evxx.exe
PRC - [2006/11/08 13:04:04 | 00,552,960 | ---- | M] (ATI Technologies Inc.) -- C:\Windows\System32\Ati2evxx.exe
PRC - [2007/04/19 15:45:06 | 00,074,672 | ---- | M] (Lexmark International, Inc.) -- C:\Program Files\Lexmark 1200 Series\LXCZbmgr.exe
PRC - [2007/09/25 02:11:35 | 00,132,496 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
PRC - [2008/07/16 19:01:30 | 06,253,088 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
PRC - [2008/07/10 10:51:32 | 00,289,064 | ---- | M] (Apple Inc.) -- C:\Program Files\iTunes\iTunesHelper.exe
PRC - [2009/07/27 00:58:29 | 00,122,368 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe
PRC - [2006/10/23 16:49:32 | 01,092,152 | ---- | M] (Packard Bell BV) -- C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe
PRC - [2007/08/02 14:12:51 | 00,068,856 | ---- | M] (Google Inc.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
PRC - [2006/11/02 14:35:32 | 00,125,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehtray.exe
PRC - [2006/11/02 14:36:04 | 00,201,728 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnscfg.exe
PRC - [2007/04/19 15:44:12 | 00,058,288 | ---- | M] (Lexmark International, Inc.) -- C:\Program Files\Lexmark 1200 Series\lxczbmon.exe
PRC - [2009/07/04 17:39:18 | 00,133,104 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Update\GoogleUpdate.exe
PRC - [2006/11/02 14:35:32 | 00,037,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehmsas.exe
PRC - [2008/07/10 09:47:18 | 00,116,040 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
PRC - [2007/07/24 15:17:08 | 00,229,376 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe
PRC - [2007/04/19 15:43:42 | 00,537,520 | ---- | M] ( ) -- C:\Windows\System32\lxczcoms.exe
PRC - [2003/06/19 23:25:00 | 00,322,120 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
PRC - [2006/11/20 22:08:48 | 00,166,648 | ---- | M] (Sonic Solutions) -- C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
PRC - [2009/01/28 09:39:02 | 00,185,640 | ---- | M] (TeamViewer GmbH) -- C:\Program Files\TeamViewer\Version4\TeamViewer_Service.exe
PRC - [2007/11/27 22:45:02 | 00,869,952 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Windows OneCare Live\Firewall\msfwsvc.exe
PRC - [2006/11/02 11:46:02 | 00,143,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WUDFHost.exe
PRC - [2006/11/02 14:36:04 | 00,895,488 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnetwk.exe
PRC - [2008/07/10 10:51:22 | 00,532,264 | ---- | M] (Apple Inc.) -- C:\Program Files\iPod\bin\iPodService.exe
PRC - [2006/11/20 22:08:48 | 00,887,544 | ---- | M] (Sonic Solutions) -- C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
PRC - [2008/10/29 08:20:29 | 02,923,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\Explorer.EXE
PRC - [2006/11/02 11:45:50 | 00,037,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\unsecapp.exe
PRC - [2009/03/03 03:59:26 | 00,247,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\wmiprvse.exe
PRC - [2006/11/02 14:34:48 | 00,095,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mobsync.exe
PRC - [2004/08/02 13:39:54 | 03,272,704 | ---- | M] (Boda Network Technology Inc.) -- C:\Program Files\Foxmail\Foxmail.exe
PRC - [2009/02/06 19:51:28 | 03,885,408 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe
PRC - [2006/11/02 11:44:59 | 00,068,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conime.exe
PRC - [2009/04/24 18:25:27 | 00,634,648 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Internet Explorer\iexplore.exe
PRC - [2007/05/13 16:57:46 | 05,308,416 | ---- | M] (http://www.emule-project.net) -- C:\Program Files\eMule\emule.exe
PRC - [2009/07/28 01:14:03 | 00,513,536 | ---- | M] (OldTimer Tools) -- C:\Users\Sullivan\Desktop\OTL.exe

========== Win32 Services (SafeList) ==========

SRV - [2006/10/23 14:50:35 | 00,046,640 | R--- | M] (AOL LLC) -- C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe -- (AOL ACS [On_Demand | Stopped])
SRV - [2008/07/10 09:47:18 | 00,116,040 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -- (Apple Mobile Device [Auto | Running])
SRV - [2006/11/08 13:04:04 | 00,552,960 | ---- | M] (ATI Technologies Inc.) -- C:\Windows\System32\Ati2evxx.exe -- (Ati External Event Utility [Auto | Running])
SRV - [2007/07/24 15:17:08 | 00,229,376 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe -- (Bonjour Service [Auto | Running])
SRV - [2006/11/02 08:34:11 | 00,059,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32 [On_Demand | Stopped])
SRV - File not found -- -- (CLTNetCnService [Auto | Stopped])
SRV - [2006/11/02 14:35:28 | 00,291,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehRecvr.exe -- (ehRecvr [On_Demand | Stopped])
SRV - [2006/11/02 14:35:29 | 00,131,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehsched.exe -- (ehSched [On_Demand | Stopped])
SRV - [2006/11/02 14:35:29 | 00,013,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehstart.dll -- (ehstart [Auto | Stopped])
SRV - [2006/11/02 11:46:13 | 00,989,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wevtsvc.dll -- (Eventlog [Auto | Running])
SRV - [2006/11/02 14:36:00 | 00,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe -- (FontCache3.0.0.0 [On_Demand | Stopped])
SRV - [2009/07/04 17:39:18 | 00,133,104 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Update\GoogleUpdate.exe -- (gupdate1c9fcbd9dabb084 [Auto | Stopped])
SRV - [2009/03/25 00:18:49 | 00,183,280 | ---- | M] (Google) -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc [Auto | Stopped])
SRV - [2005/11/14 02:06:04 | 00,069,632 | ---- | M] (Macrovision Corporation) -- C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe -- (IDriverT [On_Demand | Stopped])
SRV - [2006/11/02 14:36:02 | 00,741,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe -- (idsvc [Unknown | Stopped])
SRV - [2008/07/10 10:51:22 | 00,532,264 | ---- | M] (Apple Inc.) -- C:\Program Files\iPod\bin\iPodService.exe -- (iPod Service [On_Demand | Running])
SRV - [2007/04/19 15:43:42 | 00,537,520 | ---- | M] ( ) -- C:\Windows\System32\lxczcoms.exe -- (lxcz_device [Auto | Running])
SRV - [2008/07/25 20:57:54 | 00,191,656 | ---- | M] (CybelSoft) -- C:\Program Files\ma-config.com\maconfservice.exe -- (maconfservice [On_Demand | Stopped])
SRV - [2003/06/19 23:25:00 | 00,322,120 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE -- (MDM [Auto | Running])
SRV - [2007/11/27 22:45:02 | 00,869,952 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Windows OneCare Live\Firewall\msfwsvc.exe -- (msfwsvc [Auto | Running])
SRV - [2006/11/02 14:36:02 | 00,122,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing [Disabled | Stopped])
SRV - [2009/03/22 10:59:34 | 00,024,936 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Windows OneCare Live\OcHealthMon.exe -- (OcHealthMon [Disabled | Stopped])
SRV - [2008/07/09 17:05:22 | 00,018,704 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Windows OneCare Live\Antivirus\MsMpEng.exe -- (OneCareMP [Auto | Running])
SRV - [2003/07/28 20:28:22 | 00,089,136 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose [On_Demand | Stopped])
SRV - [2006/11/20 22:08:48 | 00,887,544 | ---- | M] (Sonic Solutions) -- C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe -- (RoxMediaDB9 [On_Demand | Running])
SRV - [2006/11/20 22:08:48 | 00,166,648 | ---- | M] (Sonic Solutions) -- C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe -- (RoxWatch9 [Auto | Running])
SRV - [2006/09/14 15:54:34 | 00,073,728 | ---- | M] (MicroVision Development, Inc.) -- C:\Program Files\Common Files\SureThing Shared\stllssvr.exe -- (stllssvr [On_Demand | Stopped])
SRV - [2009/01/28 09:39:02 | 00,185,640 | ---- | M] (TeamViewer GmbH) -- C:\Program Files\TeamViewer\Version4\TeamViewer_Service.exe -- (TeamViewer4 [Auto | Running])
SRV - [2007/08/02 15:14:14 | 00,265,912 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend [Auto | Stopped])
SRV - [2009/03/22 11:00:16 | 01,131,896 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Windows OneCare Live\winss.exe -- (winss [Disabled | Stopped])
SRV - [2006/11/02 14:36:04 | 00,895,488 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc [On_Demand | Running])
SRV - [2009/01/18 23:34:37 | 00,921,936 | ---- | M] (Lavasoft) -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service [Auto | Stopped])

========== Driver Services (SafeList) ==========

DRV - [2006/11/02 11:51:38 | 00,420,968 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx [Disabled | Stopped])
DRV - [2006/11/02 11:51:32 | 00,297,576 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci [Disabled | Stopped])
DRV - [2006/11/02 11:50:35 | 00,098,408 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m [Disabled | Stopped])
DRV - [2006/11/02 11:51:00 | 00,147,048 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320 [Disabled | Stopped])
DRV - [2006/11/02 11:50:11 | 00,071,272 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx [Disabled | Stopped])
DRV - [2006/11/02 11:49:20 | 00,014,952 | ---- | M] (Acer Laboratories Inc.) -- C:\Windows\system32\drivers\aliide.sys -- (aliide [Disabled | Stopped])
DRV - [2006/11/02 11:50:09 | 00,067,688 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\arc.sys -- (arc [Disabled | Stopped])
DRV - [2006/11/02 11:50:10 | 00,067,688 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas [Disabled | Stopped])
DRV - [2006/11/02 10:24:45 | 00,013,568 | ---- | M] (Brother Industries, Ltd.) -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo [On_Demand | Stopped])
DRV - [2006/11/02 10:24:46 | 00,005,248 | ---- | M] (Brother Industries, Ltd.) -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp [On_Demand | Stopped])
DRV - [2006/11/02 10:25:24 | 00,071,808 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\system32\drivers\brserid.sys -- (Brserid [Disabled | Stopped])
DRV - [2006/11/02 10:24:44 | 00,062,336 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm [Disabled | Stopped])
DRV - [2006/11/02 10:24:44 | 00,012,160 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm [Disabled | Stopped])
DRV - [2006/11/02 10:24:47 | 00,011,904 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer [On_Demand | Stopped])
DRV - [2006/11/02 11:49:28 | 00,016,488 | ---- | M] (CMD Technology, Inc.) -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide [Disabled | Stopped])
DRV - [2008/07/25 21:14:02 | 00,015,352 | ---- | M] (Ma-Config.com) -- C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys -- (driverhardwarev2 [On_Demand | Stopped])
DRV - [2006/11/02 09:30:54 | 00,117,760 | ---- | M] (Intel Corporation) -- C:\Windows\System32\DRIVERS\E1G60I32.sys -- (E1G60 [On_Demand | Stopped])
DRV - [2006/11/02 11:51:34 | 00,316,520 | ---- | M] (Emulex) -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor [Disabled | Stopped])
DRV - [2006/11/02 09:30:56 | 00,045,568 | ---- | M] (VIA Technologies, Inc. ) -- C:\Windows\System32\DRIVERS\fetnd5.sys -- (FETNDIS [On_Demand | Running])
DRV - [2008/01/29 12:01:28 | 00,016,168 | ---- | M] (GEAR Software Inc.) -- C:\Windows\System32\Drivers\GEARAspiWDM.sys -- (GEARAspiWDM [On_Demand | Running])
DRV - [2006/11/02 11:50:10 | 00,037,480 | ---- | M] (Hewlett-Packard Company) -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs [Disabled | Stopped])
DRV - [2006/11/02 11:51:25 | 00,232,040 | ---- | M] (Intel Corporation) -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV [Disabled | Stopped])
DRV - [2006/11/02 11:50:17 | 00,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp [Disabled | Stopped])
DRV - [2008/07/16 18:51:24 | 02,156,312 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\System32\drivers\RTKVHDA.sys -- (IntcAzAudAddService [On_Demand | Running])
DRV - [2006/11/02 11:50:07 | 00,035,944 | ---- | M] (Integrated Technology Express, Inc.) -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi [Disabled | Stopped])
DRV - [2006/11/02 11:50:09 | 00,035,944 | ---- | M] (Integrated Technology Express, Inc.) -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid [Disabled | Stopped])
DRV - [2006/11/02 11:50:04 | 00,065,640 | ---- | M] (LSI Logic) -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC [Disabled | Stopped])
DRV - [2006/11/02 11:50:05 | 00,065,640 | ---- | M] (LSI Logic) -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS [Disabled | Stopped])
DRV - [2006/11/02 11:50:10 | 00,065,640 | ---- | M] (LSI Logic) -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI [Disabled | Stopped])
DRV - [2006/11/02 11:49:53 | 00,028,776 | ---- | M] (LSI Logic Corporation) -- C:\Windows\system32\drivers\megasas.sys -- (megasas [Disabled | Stopped])
DRV - [2007/06/20 15:57:46 | 00,023,680 | ---- | M] (Motorola) -- C:\Windows\System32\DRIVERS\motmodem.sys -- (motmodem [On_Demand | Stopped])
DRV - [2008/05/15 16:15:16 | 00,053,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\DRIVERS\MpFilter.sys -- (MpFilter [On_Demand | Running])
DRV - [2006/11/02 11:49:59 | 00,033,384 | ---- | M] (LSI Logic Corporation) -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x [Disabled | Stopped])
DRV - [2007/11/27 22:45:00 | 00,091,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\DRIVERS\msfwdrv.sys -- (MSFWDrv [Auto | Running])
DRV - [2007/11/27 22:44:54 | 00,037,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\DRIVERS\msfwhlpr.sys -- (MSFWHLPR [System | Running])
DRV - [2006/11/02 11:50:19 | 00,045,160 | ---- | M] (IBM Corporation) -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960 [Disabled | Stopped])
DRV - [2006/11/02 09:36:50 | 00,020,608 | ---- | M] (N-trig Innovative Technologies) -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi [Disabled | Stopped])
DRV - [2006/11/02 11:50:24 | 00,088,680 | ---- | M] (NVIDIA Corporation) -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid [Disabled | Stopped])
DRV - [2006/11/02 11:50:13 | 00,040,040 | ---- | M] (NVIDIA Corporation) -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor [Disabled | Stopped])
DRV - [2004/01/12 10:51:44 | 01,252,474 | ---- | M] (Creative Technology Ltd.) -- C:\Windows\System32\DRIVERS\P1120Vid.sys -- (P1120VID [On_Demand | Stopped])
DRV - [2008/02/13 03:00:00 | 00,043,528 | ---- | M] (Sonic Solutions) -- C:\Windows\System32\Drivers\PxHelp20.sys -- (PxHelp20 [Boot | Running])
DRV - [2006/11/02 11:51:45 | 00,900,712 | ---- | M] (QLogic Corporation) -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300 [Disabled | Stopped])
DRV - [2006/11/02 11:50:35 | 00,106,088 | ---- | M] (QLogic Corporation) -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx [Disabled | Stopped])
DRV - [2006/11/08 13:15:04 | 02,071,552 | ---- | M] (ATI Technologies Inc.) -- C:\Windows\System32\DRIVERS\atikmdag.sys -- (R300 [On_Demand | Running])
DRV - [2008/11/02 10:44:10 | 00,056,572 | ---- | M] (PowerISO Computing, Inc.) -- C:\Windows\System32\drivers\scdemu.sys -- (SCDEmu [System | Running])
DRV - [2006/11/02 08:37:21 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\Windows\System32\drivers\secdrv.sys -- (secdrv [Auto | Running])
DRV - [2006/11/02 11:50:10 | 00,038,504 | ---- | M] (Silicon Integrated Systems Corp.) -- C:\Windows\system32\drivers\sisraid2.sys -- (SiSRaid2 [Disabled | Stopped])
DRV - [2006/11/02 11:50:16 | 00,071,784 | ---- | M] (Silicon Integrated Systems) -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4 [Disabled | Stopped])
DRV - [2006/11/02 11:50:05 | 00,035,944 | ---- | M] (LSI Logic) -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx [Disabled | Stopped])
DRV - [2006/11/02 11:49:56 | 00,031,848 | ---- | M] (LSI Logic) -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi [Disabled | Stopped])
DRV - [2006/11/02 11:50:03 | 00,034,920 | ---- | M] (LSI Logic) -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3 [Disabled | Stopped])
DRV - [2006/11/02 11:51:25 | 00,235,112 | ---- | M] (ULi Electronics Inc.) -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci [Disabled | Stopped])
DRV - [2006/11/02 11:50:35 | 00,098,408 | ---- | M] (Promise Technology, Inc.) -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata [Disabled | Stopped])
DRV - [2006/11/02 11:50:45 | 00,115,816 | ---- | M] (Promise Technology, Inc.) -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2 [Disabled | Stopped])
DRV - [2008/07/10 09:35:22 | 00,032,000 | ---- | M] (Apple, Inc.) -- C:\Windows\System32\Drivers\usbaapl.sys -- (USBAAPL [On_Demand | Stopped])
DRV - [2008/02/14 04:04:27 | 00,020,024 | ---- | M] (VIA Technologies, Inc.) -- C:\Windows\system32\drivers\viaide.sys -- (viaide [Boot | Running])
DRV - [2006/11/02 11:50:41 | 00,112,232 | ---- | M] (VIA Technologies Inc.,Ltd) -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid [Disabled | Stopped])
DRV - [2006/11/01 22:18:15 | 00,033,588 | ---- | M] (America Online, Inc.) -- C:\Windows\System32\DRIVERS\wanatw4.sys -- (wanatw [On_Demand | Running])

========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome


IE - HKU\.DEFAULT\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-816692740-1844642012-476897256-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
IE - HKU\S-1-5-21-816692740-1844642012-476897256-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\S-1-5-21-816692740-1844642012-476897256-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.orange.fr/
IE - HKU\S-1-5-21-816692740-1844642012-476897256-1002\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-816692740-1844642012-476897256-1002\S-1-5-21-816692740-1844642012-476897256-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-816692740-1844642012-476897256-1002\S-1-5-21-816692740-1844642012-476897256-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

FF - HKLM\software\mozilla\Mozilla Thunderbird 2.0.0.17\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2009/07/26 23:59:14 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 2.0.0.17\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins [2009/07/26 23:59:14 | 00,000,000 | ---D | M]


O1 HOSTS File: (292215 bytes) - C:\Windows\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O1 - Hosts: 127.0.0.1 update.asdf.cn
O1 - Hosts: 127.0.0.1 msg.asdf.com
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 10063 more lines...
O2 - BHO: (Aide pour le lien d'Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Programme d'aide de l'Assistant de connexion Windows Live) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll (Google Inc.)
O2 - BHO: (Google Dictionary Compression sdch) - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKU\S-1-5-21-816692740-1844642012-476897256-1002\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O4 - HKLM..\Run: [Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe (Lavasoft)
O4 - HKLM..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe (Apple Inc.)
O4 - HKLM..\Run: [Google Quick Search Box] C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe (Google Inc.)
O4 - HKLM..\Run: [ISUSPM Startup] C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe (Macrovision Corporation)
O4 - HKLM..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)
O4 - HKLM..\Run: [Lexmark 1200 Series] C:\Program Files\Lexmark 1200 Series\lxczbmgr.exe (Lexmark International, Inc.)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.DLL (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.DLL (Microsoft Corporation)
O4 - HKU\S-1-5-21-816692740-1844642012-476897256-1002..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-816692740-1844642012-476897256-1002..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-816692740-1844642012-476897256-1002..\Run: [SmpcSys] C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe (Packard Bell BV)
O4 - HKU\S-1-5-21-816692740-1844642012-476897256-1002..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - HKU\S-1-5-21-816692740-1844642012-476897256-1002..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-816692740-1844642012-476897256-1002..\RunOnce: [Shockwave Updater] C:\Windows\System32\Adobe\SHOCKW~1\SWHELP~1.EXE -Update -1100465 -Mozilla\4.0 (compatible; MSIE 7.0; Windows NT 6.0; AntivirXP08; GTB5; Mozilla\4.0 ( File not found
O4 - Startup: C:\Users\Default\AppData [2006/11/02 13:18:34 | 00,000,000 | -H-D | M]
O4 - Startup: File not found
O4 - Startup: C:\Users\Default\Cookies [2006/11/02 15:02:03 | 00,000,000 | -HSD | M]
O4 - Startup: C:\Users\Default\Desktop [2006/11/02 12:23:35 | 00,000,000 | R--D | M]
O4 - Startup: C:\Users\Default\Documents [2007/08/02 12:18:12 | 00,000,000 | R--D | M]
O4 - Startup: C:\Users\Default\Downloads [2006/11/02 12:23:35 | 00,000,000 | R--D | M]
O4 - Startup: C:\Users\Default\Favorites [2006/11/02 12:23:35 | 00,000,000 | R--D | M]
O4 - Startup: C:\Users\Default\Links [2006/11/02 12:23:35 | 00,000,000 | R--D | M]
O4 - Startup: File not found
O4 - Startup: File not found
O4 - Startup: File not found
O4 - Startup: C:\Users\Default\Modèles [2007/08/02 12:18:12 | 00,000,000 | -HSD | M]
O4 - Startup: C:\Users\Default\Music [2006/11/02 12:23:35 | 00,000,000 | R--D | M]
O4 - Startup: File not found
O4 - Startup: C:\Users\Default\NetHood [2006/11/02 15:02:03 | 00,000,000 | -HSD | M]
O4 - Startup: C:\Users\Default\NTUSER.DAT ()
O4 - Startup: C:\Users\Default\NTUSER.DAT.LOG ()
O4 - Startup: C:\Users\Default\ntuser.dat.LOG1 ()
O4 - Startup: C:\Users\Default\ntuser.dat.LOG2 ()
O4 - Startup: C:\Users\Default\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TM.blf ()
O4 - Startup: C:\Users\Default\NTUSER.DAT ()
O4 - Startup: C:\Users\Default\NTUSER.DAT ()
O4 - Startup: C:\Users\Default\Pictures [2006/11/02 12:23:35 | 00,000,000 | R--D | M]
O4 - Startup: C:\Users\Default\PrintHood [2006/11/02 15:02:03 | 00,000,000 | -HSD | M]
O4 - Startup: C:\Users\Default\Recent [2006/11/02 15:02:03 | 00,000,000 | -HSD | M]
O4 - Startup: File not found
O4 - Startup: C:\Users\Default\SendTo [2006/11/02 15:02:03 | 00,000,000 | -HSD | M]
O4 - Startup: File not found
O4 - Startup: C:\Users\Default\Templates [2006/11/02 15:02:03 | 00,000,000 | -HSD | M]
O4 - Startup: C:\Users\Default\Videos [2006/11/02 12:23:35 | 00,000,000 | R--D | M]
O4 - Startup: File not found
O4 - Startup: File not found
O4 - Startup: C:\Users\Public\carly_parker_2.mpeg ()
O4 - Startup: C:\Users\Public\carly_parker_3.mpeg ()
O4 - Startup: C:\Users\Public\Desktop [2009/07/27 21:49:16 | 00,000,000 | RH-D | M]
O4 - Startup: C:\Users\Public\Documents [2009/03/06 04:00:57 | 00,000,000 | R--D | M]
O4 - Startup: C:\Users\Public\Downloads [2006/11/02 14:50:50 | 00,000,000 | R--D | M]
O4 - Startup: C:\Users\Public\Favorites [2006/11/02 12:23:35 | 00,000,000 | RH-D | M]
O4 - Startup: C:\Users\Public\fffhhhhh.wmv ()
O4 - Startup: C:\Users\Public\gtdhj.wmv ()
O4 - Startup: C:\Users\Public\hjjhjhjj.wmv ()
O4 - Startup: C:\Users\Public\jgjjjjj.wmv ()
O4 - Startup: C:\Users\Public\jjjjjj.wmv ()
O4 - Startup: C:\Users\Public\Music [2008/12/29 01:59:13 | 00,000,000 | R--D | M]
O4 - Startup: C:\Users\Public\Pictures [2006/11/02 14:50:50 | 00,000,000 | R--D | M]
O4 - Startup: File not found
O4 - Startup: C:\Users\Public\rghghhh.wmv ()
O4 - Startup: C:\Users\Public\vid12_2.wmv ()
O4 - Startup: C:\Users\Public\Videos [2006/11/02 14:50:50 | 00,000,000 | R--D | M]
O4 - Startup: C:\Users\Sullivan\.bit File not found
O4 - Startup: C:\Users\Sullivan\1195077128-(null) ()
O4 - Startup: File not found
O4 - Startup: C:\Users\Sullivan\1195078942-oem20.inf ()
O4 - Startup: C:\Users\Sullivan\1195078942-oem20.PNF ()
O4 - Startup: C:\Users\Sullivan\1195084446-oem20.inf ()
O4 - Startup: C:\Users\Sullivan\1195084446-oem20.PNF ()
O4 - Startup: C:\Users\Sullivan\1195084568-(null) ()
O4 - Startup: File not found
O4 - Startup: File not found
O4 - Startup: File not found
O4 - Startup: File not found
O4 - Startup: File not found
O4 - Startup: C:\Users\Sullivan\1195084569-(null) ()
O4 - Startup: File not found
O4 - Startup: File not found
O4 - Startup: File not found
O4 - Startup: C:\Users\Sullivan\AppData [2007/08/02 12:26:36 | 00,000,000 | -H-D | M]
O4 - Startup: File not found
O4 - Startup: C:\Users\Sullivan\backupsettings.conf ()
O4 - Startup: C:\Users\Sullivan\Contacts [2009/02/18 00:01:59 | 00,000,000 | R--D | M]
O4 - Startup: C:\Users\Sullivan\Cookies [2007/08/02 12:21:41 | 00,000,000 | -HSD | M]
O4 - Startup: C:\Users\Sullivan\Desktop [2009/07/28 01:14:49 | 00,000,000 | R--D | M]
O4 - Startup: C:\Users\Sullivan\Documents [2009/07/14 15:31:11 | 00,000,000 | R--D | M]
O4 - Startup: C:\Users\Sullivan\Downloads [2009/07/27 21:15:43 | 00,000,000 | R--D | M]
O4 - Startup: C:\Users\Sullivan\Favorites [2009/06/17 00:02:49 | 00,000,000 | R--D | M]
O4 - Startup: C:\Users\Sullivan\iWizz [2008/12/13 22:18:22 | 00,000,000 | ---D | M]
O4 - Startup: C:\Users\Sullivan\Links [2007/08/30 03:10:46 | 00,000,000 | R--D | M]
O4 - Startup: File not found
O4 - Startup: C:\Users\Sullivan\MCCI_BUS.INF ()
O4 - Startup: C:\Users\Sullivan\MCCI_MDM.INF ()
O4 - Startup: C:\Users\Sullivan\MCCI_SDM.INF ()
O4 - Startup: File not found
O4 - Startup: File not found
O4 - Startup: C:\Users\Sullivan\Modèles [2007/08/02 12:21:41 | 00,000,000 | -HSD | M]
O4 - Startup: C:\Users\Sullivan\Motorola_Driver_Log.txt ()
O4 - Startup: C:\Users\Sullivan\mqdmbus.sys (MCCI)
O4 - Startup: C:\Users\Sullivan\mqdmcmnt.sys (MCCI)
O4 - Startup: C:\Users\Sullivan\mqdmcr.sys (MCCI)
O4 - Startup: C:\Users\Sullivan\mqdmmdfl.sys (MCCI)
O4 - Startup: C:\Users\Sullivan\mqdmmdm.sys (MCCI)
O4 - Startup: C:\Users\Sullivan\mqdmserd.sys (MCCI)
O4 - Startup: C:\Users\Sullivan\mqdmwhnt.sys (MCCI)
O4 - Startup: C:\Users\Sullivan\Music [2009/07/09 00:04:22 | 00,000,000 | R--D | M]
O4 - Startup: C:\Users\Sullivan\ntuser.dat ()
O4 - Startup: C:\Users\Sullivan\ntuser.dat.LOG1 ()
O4 - Startup: C:\Users\Sullivan\ntuser.dat.LOG2 ()
O4 - Startup: C:\Users\Sullivan\ntuser.dat ()
O4 - Startup: C:\Users\Sullivan\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TM.blf ()
O4 - Startup: C:\Users\Sullivan\NTUSER.DAT ()
O4 - Startup: C:\Users\Sullivan\NTUSER.DAT ()
O4 - Startup: C:\Users\Sullivan\ntuser.dat{56b1feeb-8839-11dd-8753-00038a000015}.TM.blf ()
O4 - Startup: C:\Users\Sullivan\ntuser.dat ()
O4 - Startup: C:\Users\Sullivan\ntuser.dat ()
O4 - Startup: C:\Users\Sullivan\ntuser.ini ()
O4 - Startup: C:\Users\Sullivan\Pictures [2008/12/26 12:24:48 | 00,000,000 | R--D | M]
O4 - Startup: C:\Users\Sullivan\Recent [2007/08/02 12:21:41 | 00,000,000 | -HSD | M]
O4 - Startup: File not found
O4 - Startup: C:\Users\Sullivan\Searches [2007/08/30 03:10:46 | 00,000,000 | R--D | M]
O4 - Startup: C:\Users\Sullivan\SendTo [2007/08/02 12:21:41 | 00,000,000 | -HSD | M]
O4 - Startup: C:\Users\Sullivan\temp [2009/02/28 01:26:00 | 00,000,000 | ---D | M]
O4 - Startup: C:\Users\Sullivan\tome.jpg ()
O4 - Startup: C:\Users\Sullivan\Tracing [2009/07/27 21:14:14 | 00,000,000 | ---D | M]
O4 - Startup: C:\Users\Sullivan\USBMOT2000.INF ()
O4 - Startup: C:\Users\Sullivan\USBMOT2000XP.INF ()
O4 - Startup: C:\Users\Sullivan\usbsermpt.sys (Microsoft Corporation)
O4 - Startup: C:\Users\Sullivan\usbsermptxp.sys (Microsoft Corporation)
O4 - Startup: C:\Users\Sullivan\USB_CMCS_2000.INF ()
O4 - Startup: C:\Users\Sullivan\USB_MOT_A1000.INF ()
O4 - Startup: C:\Users\Sullivan\USB_MOT_BRIT.INF ()
O4 - Startup: C:\Users\Sullivan\Videos [2009/02/14 22:23:38 | 00,000,000 | R--D | M]
O4 - Startup: File not found
O4 - Startup: File not found
O4 - Startup: C:\Users\Sullivan\{05180b01-b9c7-4ee7-98e8-c3af1c2314f6} [2007/08/02 14:48:48 | 00,000,000 | ---D | M]
O4 - Startup: C:\Users\Sullivan\{1e1dcb66-2294-4f31-919a-780902d94f56} [2007/08/03 12:36:00 | 00,000,000 | ---D | M]
O4 - Startup: C:\Users\Sullivan\{3a993d5f-6b11-447e-a35a-3a7b343cf480} [2008/09/28 12:44:07 | 00,000,000 | ---D | M]
O4 - Startup: C:\Users\Sullivan\{45a31022-8e4f-4305-9c2a-bff4c380ade1} [2008/07/06 19:17:18 | 00,000,000 | ---D | M]
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O7 - HKU\S-1-5-21-816692740-1844642012-476897256-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRecentDocsHistory = 1
O7 - HKU\S-1-5-21-816692740-1844642012-476897256-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispBackgroundPage = 0
O7 - HKU\S-1-5-21-816692740-1844642012-476897256-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispScrSavPage = 0
O8 - Extra context menu item: E&xporter vers Microsoft Excel - C:\Program Files\Microsoft Office\OFFICE11\EXCEL.EXE (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll (Sun Microsystems, Inc.)
O9 - Extra Button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O15 - HKLM\..Trusted Domains: 48 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKU\.DEFAULT\..Trusted Domains: 48 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKU\S-1-5-18\..Trusted Domains: 48 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKU\S-1-5-21-816692740-1844642012-476897256-1002\..Trusted Domains: 48 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {2019DC25-D1C0-11D6-97B3-0008A124F542} http://www.streamplug.com/StreamPlug/beta/SP.cab (StreamPlug Class)
O16 - DPF: {2250C29C-C5E9-4F55-BE4E-01E45A40FCF1} http://musicmix.messenger.msn.com/Medialogic.CAB (CMediaMix Object)
O16 - DPF: {2357B3CF-7F8D-4451-8D81-FD6097610AEE} http://activex.camfrogweb.com/advanced/ ... module.exe (CamfrogWEB Advanced Unicode Control)
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} http://gfx1.mail.live.com/mail/w1/resou ... dfr-fr.cab (MSN Photo Upload Tool)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.microsoft.com/windowsupda ... 1868940424 (WUWebControl Class)
O16 - DPF: {78ABDC59-D8E7-44D3-9A76-9A0918C52B4A} http://dl.uc.sina.com/cab/downloader.cab (DLoader Class)
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} http://fichiers.touslesdrivers.com/fich ... _0_3_0.cab (HardwareDetection Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_03)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/fl ... rashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_02)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_03)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_03)
O16 - DPF: CabBuilder http://kiw.imgag.com/imgag/kiw/toolbar/ ... ontrol.cab (Reg Error: Key error.)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Common Files\microsoft shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Filter: - text/xml - C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter: - x-sdch - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: TaskMan - (C:\RECYCLER\S-1-5-21-0850988052-8874033421-468036829-3967\wingn.exe) - C:\RECYCLER\S-1-5-21-0850988052-8874033421-468036829-3967\wingn.exe ()
O20 - HKU\S-1-5-21-816692740-1844642012-476897256-1002 Winlogon: Shell - (C:\RECYCLER\S-1-5-21-5275118205-5786942086-864209142-0412\wingn.exe) - C:\RECYCLER\S-1-5-21-5275118205-5786942086-864209142-0412\wingn.exe ()
O20 - HKU\S-1-5-21-816692740-1844642012-476897256-1002 Winlogon: Shell - (C:\RECYCLER\S-1-5-21-0850988052-8874033421-468036829-3967\wingn.exe) - C:\RECYCLER\S-1-5-21-0850988052-8874033421-468036829-3967\wingn.exe ()
O20 - HKU\S-1-5-21-816692740-1844642012-476897256-1002 Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKU\S-1-5-21-816692740-1844642012-476897256-1002 Winlogon: Shell - (C:\RECYCLER\S-1-5-21-3555915787-1323513627-579275689-5549\wingn.exe) - C:\RECYCLER\S-1-5-21-3555915787-1323513627-579275689-5549\wingn.exe ()
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 23:43:36 | 00,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{67a8cc94-0f8a-11dd-84d1-00038a000015}\Shell\AutoRun\command - "" = J:\RECYCLER\lassas.exe -- File not found
O33 - MountPoints2\{67a8cc94-0f8a-11dd-84d1-00038a000015}\Shell\OpEn\CoMmAnD - "" = J:\RECYCLER\lassas.exe -- File not found
O33 - MountPoints2\{d6267368-2c42-11de-9209-00038a000015}\Shell\AutoRun\command - "" = I:\NADFOLDER\autorun.exe -- File not found
O33 - MountPoints2\{d6267368-2c42-11de-9209-00038a000015}\Shell\open\command - "" = I:\NADFOLDER\autorun.exe -- File not found
O33 - MountPoints2\{fea5357d-2599-11de-ac09-00038a000015}\Shell\AutoRun\command - "" = J:\RECYCLER\lassas.exe -- File not found
O33 - MountPoints2\{fea5357d-2599-11de-ac09-00038a000015}\Shell\OpEn\CoMmAnD - "" = J:\RECYCLER\lassas.exe -- File not found
O33 - MountPoints2\{fea5357f-2599-11de-ac09-00038a000015}\Shell\AutoRun\command - "" = K:\RECYCLER\lassas.exe -- File not found
O33 - MountPoints2\{fea5357f-2599-11de-ac09-00038a000015}\Shell\OpEn\CoMmAnD - "" = K:\RECYCLER\lassas.exe -- File not found
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\Windows\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - File not found
O34 - HKLM BootExecute: (C:\PROGRA~2\SPYWAR~1\sp_rsdel.exe) - C:\PROGRA~2\SPYWAR~1\sp_rsdel.exe File not found
O34 - HKLM BootExecute: ("\??\C:\PROGRA~2\SPYWAR~1\sp_rsdel.dat) - C:\PROGRA~2\SPYWAR~1\sp_rsdel.dat File not found
O34 - HKLM BootExecute: (lsdelete) - C:\Windows\System32\lsdelete.exe ()

========== Files/Folders - Created Within 30 Days ==========

[2009/07/27 22:31:19 | 00,015,688 | ---- | C] () -- C:\Windows\System32\lsdelete.exe
[2009/07/27 22:31:18 | 00,000,192 | -H-- | C] () -- C:\aaw7boot.cmd
[2009/07/27 21:09:45 | 00,000,512 | ---- | C] () -- C:\Windows\tasks\Ad-Aware Update (Weekly).job
[2009/07/27 21:08:35 | 00,000,000 | ---D | C] -- C:\ProgramData\Lavasoft
[2009/07/27 21:08:35 | 00,000,000 | ---D | C] -- C:\Program Files\Lavasoft
[2009/07/27 02:05:36 | 00,000,000 | -H-D | C] -- C:\ProgramData\{83C91755-2546-441D-AC40-9A6B4B860800}
[2009/07/27 00:00:56 | 21,459,02592 | -HS- | C] () -- C:\hiberfil.sys
[2009/07/26 19:47:45 | 00,000,000 | ---D | C] -- C:\Windows\BDOSCAN8
[2009/07/26 19:43:24 | 00,000,000 | ---D | C] -- C:\Program Files\Zeb-Utility
[2009/07/26 19:12:08 | 00,000,000 | ---D | C] -- C:\Program Files\jv16 PowerTools
[2009/07/26 17:40:14 | 00,000,000 | ---D | C] -- C:\Program Files\Panda Security
[2009/07/26 15:30:00 | 00,000,000 | ---D | C] -- C:\UsbFix
[2009/07/25 23:22:36 | 00,000,000 | ---D | C] -- C:\ProgramData\Avira
[2009/07/25 23:22:36 | 00,000,000 | ---D | C] -- C:\Program Files\Avira
[2009/07/25 23:11:31 | 00,000,000 | ---D | C] -- C:\Program Files\trend micro
[2009/07/14 22:44:14 | 00,289,792 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll
[2009/07/14 22:44:14 | 00,156,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\t2embed.dll
[2009/07/14 22:44:14 | 00,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fontsub.dll
[2009/07/14 22:44:14 | 00,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll
[2009/07/14 22:44:14 | 00,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\lpk.dll
[2009/07/14 22:44:14 | 00,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dciman32.dll
[2009/07/05 17:42:21 | 00,000,000 | ---D | C] -- C:\Program Files\Windows Installer Clean Up
[2009/07/04 17:49:58 | 00,001,054 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2009/07/04 17:49:57 | 00,001,050 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2009/06/27 23:58:46 | 00,339,968 | ---- | C] () -- C:\Windows\System32\pythoncom25.dll
[2009/06/27 23:58:46 | 00,114,688 | ---- | C] () -- C:\Windows\System32\pywintypes25.dll
[2008/05/31 12:13:51 | 00,000,000 | ---- | C] () -- C:\Windows\Spadgh.INI
[2007/09/16 16:47:55 | 00,000,144 | ---- | C] () -- C:\Windows\psnetwork.ini
[2007/09/16 16:45:30 | 00,000,073 | ---- | C] () -- C:\Windows\powerplayer.ini
[2007/08/28 00:46:56 | 00,000,382 | ---- | C] () -- C:\Windows\ODBC.INI
[2007/08/03 12:41:32 | 00,413,696 | ---- | C] ( ) -- C:\Windows\System32\lxczinpa.dll
[2007/08/03 12:41:32 | 00,323,584 | ---- | C] ( ) -- C:\Windows\System32\LXCZhcp.dll
[2007/08/03 12:41:32 | 00,274,432 | ---- | C] () -- C:\Windows\System32\LXCZinst.dll
[2007/08/03 12:41:31 | 00,991,232 | ---- | C] ( ) -- C:\Windows\System32\lxczusb1.dll
[2007/08/03 12:41:31 | 00,413,696 | ---- | C] () -- C:\Windows\System32\lxczutil.dll
[2007/08/03 12:41:31 | 00,397,312 | ---- | C] ( ) -- C:\Windows\System32\lxcziesc.dll
[2007/08/03 12:41:30 | 01,224,704 | ---- | C] ( ) -- C:\Windows\System32\lxczserv.dll
[2007/08/03 12:41:30 | 00,643,072 | ---- | C] ( ) -- C:\Windows\System32\lxczpmui.dll
[2007/08/03 12:41:30 | 00,163,840 | ---- | C] ( ) -- C:\Windows\System32\lxczprox.dll
[2007/08/03 12:41:30 | 00,094,208 | ---- | C] ( ) -- C:\Windows\System32\lxczpplc.dll
[2007/08/03 12:41:29 | 00,585,728 | ---- | C] ( ) -- C:\Windows\System32\lxczlmpm.dll
[2007/08/03 12:41:28 | 00,696,320 | ---- | C] ( ) -- C:\Windows\System32\lxczhbn3.dll
[2007/08/03 12:41:27 | 00,684,032 | ---- | C] ( ) -- C:\Windows\System32\lxczcomc.dll
[2007/08/03 12:41:27 | 00,421,888 | ---- | C] ( ) -- C:\Windows\System32\lxczcomm.dll
[2007/08/02 18:25:42 | 00,163,840 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2007/08/02 18:25:39 | 00,815,104 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2007/08/02 18:25:39 | 00,180,224 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2007/08/02 18:25:38 | 03,596,288 | ---- | C] () -- C:\Windows\System32\qt-dx331.dll
[2007/08/02 18:25:35 | 00,007,680 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2007/08/02 18:25:35 | 00,000,547 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll.manifest
[2007/08/02 13:10:50 | 00,000,827 | ---- | C] () -- C:\Windows\lexstat.ini
[2007/02/07 18:58:12 | 00,039,899 | ---- | C] () -- C:\Windows\System32\rtsicis.ini
[2007/01/22 09:49:34 | 00,344,064 | ---- | C] () -- C:\Windows\System32\lxczcoin.dll
[2007/01/20 04:55:56 | 00,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll
[2007/01/19 20:46:41 | 00,016,384 | ---- | C] () -- C:\Windows\System32\DsrSleep.dll
[2007/01/19 20:45:55 | 00,162,304 | ---- | C] () -- C:\Windows\System32\ztvunrar36.dll
[2007/01/19 20:45:54 | 00,077,312 | ---- | C] () -- C:\Windows\System32\ztvunace26.dll
[2006/12/21 12:06:12 | 00,000,000 | ---- | C] () -- C:\Windows\System32\px.ini
[2006/11/02 14:35:32 | 00,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 12:23:31 | 00,000,348 | ---- | C] () -- C:\Windows\win.ini
[2006/11/02 12:23:31 | 00,000,219 | ---- | C] () -- C:\Windows\system.ini
[2006/11/02 09:40:29 | 00,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/06/07 14:23:04 | 00,061,440 | ---- | C] () -- C:\Windows\System32\lxczcnv7.dll
[2006/03/27 12:19:14 | 00,040,960 | ---- | C] () -- C:\Windows\System32\lxczvs.dll
[2006/03/24 05:01:20 | 00,004,296 | ---- | C] () -- C:\Windows\pp21cn.dll
[2006/03/07 12:59:04 | 00,061,440 | ---- | C] () -- C:\Windows\System32\lxczcnv6.dll
[2006/01/30 14:42:22 | 00,000,270 | ---- | C] () -- C:\Windows\System32\lxczcoin.ini
[2006/01/10 18:11:06 | 00,061,440 | ---- | C] () -- C:\Windows\System32\lxczcnv5.dll
[2006/01/10 18:11:06 | 00,061,440 | ---- | C] () -- C:\Windows\System32\lxczcnv4.dll
[2003/04/01 10:58:02 | 00,005,260 | ---- | C] () -- C:\Windows\System32\OUTLPERF.INI

========== Files - Modified Within 30 Days ==========

[2009/07/28 01:15:49 | 00,003,072 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2009/07/28 01:15:49 | 00,003,072 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2009/07/28 01:05:20 | 00,001,000 | ---- | M] () -- C:\Windows\tasks\Google Software Updater.job
[2009/07/28 01:00:00 | 00,000,346 | ---- | M] () -- C:\Windows\tasks\Recovery DVD Creator.job
[2009/07/28 01:00:00 | 00,000,346 | ---- | M] () -- C:\Windows\tasks\Extension de garantie.job
[2009/07/28 00:54:00 | 00,001,054 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2009/07/27 22:31:18 | 00,000,192 | -H-- | M] () -- C:\aaw7boot.cmd
[2009/07/27 21:09:45 | 00,000,512 | ---- | M] () -- C:\Windows\tasks\Ad-Aware Update (Weekly).job
[2009/07/27 17:53:59 | 00,001,050 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2009/07/27 12:55:23 | 00,000,424 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{A164FB45-1B3B-4F48-A379-BB63F5CE0674}.job
[2009/07/27 08:20:22 | 01,546,568 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2009/07/27 08:20:22 | 00,702,740 | ---- | M] () -- C:\Windows\System32\perfh00C.dat
[2009/07/27 08:20:22 | 00,621,176 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2009/07/27 08:20:22 | 00,122,692 | ---- | M] () -- C:\Windows\System32\perfc00C.dat
[2009/07/27 08:20:22 | 00,108,260 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2009/07/27 08:15:53 | 00,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2009/07/27 08:15:48 | 00,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2009/07/27 08:15:44 | 21,459,02592 | -HS- | M] () -- C:\hiberfil.sys
[2009/07/15 03:11:34 | 00,632,368 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2009/07/07 17:10:56 | 24,539,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mrt.exe

========== Alternate Data Streams ==========

@Alternate Data Stream - 76 bytes -> C:\Program Files\SmitfraudFix:Roxio EMC Stream
<End>
frofro
 
Messages: 6
Inscription: 26 Juil 2009, 20:34

Extras.txt

Messagede frofro » 28 Juil 2009, 00:22

OTL Extras logfile created on: 28/07/2009 01:15:26 - Run 5
OTL by OldTimer - Version 3.0.10.3 Folder = C:\Users\Sullivan\Desktop
Windows Vista Home Premium Edition (Version = 6.0.6000) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6000.16851)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

2,00 Gb Total Physical Memory | 0,89 Gb Available Physical Memory | 44,68% Memory free
4,00 Gb Paging File | 3,08 Gb Available in Paging File | 76,96% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 290,09 Gb Total Space | 200,71 Gb Free Space | 69,19% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: PC-DE-SULLIVAN
Current User Name: Sullivan
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"UacDisableNotify" = 0
"InternetSettingsDisableNotify" = 0
"AutoUpdateDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\BitTorrent\bittorrent.exe" = C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent -- ()
"C:\Program Files\Free Music Zilla\FMZilla.exe" = C:\Program Files\Free Music Zilla\FMZilla.exe:*:Enabled:FMZilla -- ()


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{04DFD8CB-34EB-46D6-A655-49B18FF32059}" = rport=138 | protocol=17 | dir=out | app=system |
"{059ED8C6-679C-4375-B6BF-2D64040C8599}" = rport=445 | protocol=6 | dir=out | app=system |
"{34607E95-5CFD-4936-9F37-063F23099CEF}" = lport=48113 | protocol=6 | dir=in | name=maconfig_tcp |
"{531CB2D9-F287-4D9F-9F31-44587F7C0D04}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{750BD341-BF03-4090-B013-4BB63A54FCA3}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{8085D2B6-18DE-4395-B9FE-D488F4BA4C6D}" = rport=139 | protocol=6 | dir=out | app=system |
"{8616CA3D-349A-4663-B3B6-8E03EFB14C8E}" = lport=138 | protocol=17 | dir=in | app=system |
"{87EF2E1F-2D3F-4EFC-BACF-745DEBAB0581}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |
"{9467D1C9-F282-4734-9FE8-A0C00EC3A27A}" = rport=137 | protocol=17 | dir=out | app=system |
"{9567927F-05E8-4E74-B29A-AC2CCAF90BBB}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{A0EE5F5F-3357-4122-ABCE-7B66685D686C}" = lport=139 | protocol=6 | dir=in | app=system |
"{A484DF6D-672A-4BE8-B1D1-B164A3377E32}" = lport=445 | protocol=6 | dir=in | app=system |
"{A7C0FDC7-1191-41AC-A7B7-280427AD2BDB}" = lport=2869 | protocol=6 | dir=in | app=system |
"{ACE75713-8510-40F3-8F59-49A475F4889B}" = lport=4672 | protocol=17 | dir=in | name=emule |
"{B36C2BF4-12AA-4038-B363-1B060A838A2A}" = lport=4662 | protocol=6 | dir=in | name=emule |
"{EE1D7EAC-9A7C-4637-A604-4B7F376CD357}" = lport=48113 | protocol=17 | dir=in | name=maconfig_udp |
"{EFC4400C-E2CF-4441-9E89-A22427FF7AA9}" = lport=137 | protocol=17 | dir=in | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00FFE04E-CA52-4846-A135-4A2C49CDD60C}" = protocol=17 | dir=in | app=c:\program files\common files\aol\topspeed\3.0\aoltpsd3.exe |
"{0C488611-39BB-49D4-A3E9-4AF6118A4F51}" = protocol=17 | dir=in | app=c:\program files\itunes\itunes.exe |
"{12265D3B-7621-4F26-B0A9-3F8B0BF82282}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{12ED3BA1-B7FC-4D08-8EB0-EF9E28548488}" = protocol=17 | dir=in | app=c:\program files\sina\sap\saplatform.exe |
"{32F76A8D-7D25-468A-A2C1-998DC64EC8DC}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{47413F9E-BC90-438F-941B-DE0F953B3D59}" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe |
"{483F1A56-3BA3-4987-8CF3-D214FB2C3C95}" = protocol=6 | dir=in | app=c:\program files\21cn\vgo\clt.exe |
"{4D97B55A-D311-4077-A199-5332478F013D}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{4D9CEB0B-3433-4C53-987E-727C9831499E}" = protocol=17 | dir=in | app=c:\program files\ma-config.com\maconfservice.exe |
"{57188494-4B39-4983-A674-8FBBCED5E594}" = protocol=17 | dir=in | app=c:\program files\skype\phone\skype.exe |
"{5B87386B-698E-4FA9-A339-6328674D6BC2}" = protocol=17 | dir=in | app=c:\program files\common files\aol\acs\aolacsd.exe |
"{5E9E8AA9-151B-4FBF-8038-15E8C6194BED}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{600A9D4A-3F7A-40E8-9BC1-36DE469E79D5}" = protocol=17 | dir=in | app=c:\program files\21cn\vgo\clt.exe |
"{61196E75-201C-4C43-ACD4-D4788A401493}" = protocol=6 | dir=in | app=c:\program files\common files\aol\system information\sinf.exe |
"{61F4BA1F-BDEB-42F1-94E1-1FEF16788BF3}" = protocol=6 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\lxczpswx.exe |
"{6263A77E-453A-43B1-B6DA-907B99C55CEE}" = protocol=17 | dir=in | app=c:\windows\system32\lxczcoms.exe |
"{67FDD8DC-29B0-4C26-B433-75BD0FEA4379}" = protocol=6 | dir=in | app=c:\program files\common files\aol\topspeed\3.0\aoltpsd3.exe |
"{7111394F-639B-47BD-9AE7-91C5E7A16C37}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{72BF2D93-E0CD-4B90-BE36-B2446A2EDFA5}" = protocol=6 | dir=in | app=c:\program files\aol 9.0 vr\waol.exe |
"{80DCA3E6-5C17-4718-8F51-F34F3841E6DE}" = protocol=17 | dir=in | app=c:\program files\common files\aol\acs\aoldial.exe |
"{9CA2E704-2BDF-4C17-89C5-77361A1F3142}" = protocol=17 | dir=in | app=c:\program files\common files\aol\loader\aolload.exe |
"{9F0A6E08-54C2-476F-93EE-15AFC0F2DF53}" = protocol=6 | dir=in | app=c:\windows\system32\lxczcoms.exe |
"{AC8E584D-93C6-40A3-A537-31760619065A}" = protocol=6 | dir=in | app=c:\program files\common files\aol\loader\aolload.exe |
"{B1E87C70-A14E-4676-9F28-9790085D69D1}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{C5DF698E-0C73-44C0-B8DF-7886D35F8789}" = protocol=17 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\lxczpswx.exe |
"{CC64F0EA-684C-4BF7-A684-B34E3A924B18}" = protocol=6 | dir=in | app=c:\program files\common files\aol\acs\aoldial.exe |
"{D67848A3-39B2-4B25-B29A-B2D0B41DE873}" = protocol=17 | dir=in | app=c:\program files\aol 9.0 vr\waol.exe |
"{D6C14678-DF64-491A-B18A-F5BC66F7A318}" = protocol=6 | dir=in | app=c:\program files\common files\aol\acs\aolacsd.exe |
"{F1946E70-B7E1-438C-B73E-7FC4CB77B479}" = protocol=6 | dir=in | app=c:\program files\ma-config.com\maconfservice.exe |
"{F947DA87-30CC-4214-923E-BA743E0EE3AC}" = protocol=6 | dir=in | app=c:\program files\sina\sap\saplatform.exe |
"{F9A400A4-0C11-4F52-848E-6BECA8257B30}" = protocol=17 | dir=in | app=c:\program files\common files\aol\system information\sinf.exe |
"{FDA64437-864F-476F-90AB-76CAAFCA8A5E}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"TCP Query User{0737BD58-6B82-4ADA-B128-B430CD69BB1B}C:\program files\21cn\vgo\vgodl.exe" = protocol=6 | dir=in | app=c:\program files\21cn\vgo\vgodl.exe |
"TCP Query User{0C309D6A-9F76-4B1E-AFF9-8B4B2BDC0129}C:\program files\filezilla ftp client\filezilla.exe" = protocol=6 | dir=in | app=c:\program files\filezilla ftp client\filezilla.exe |
"TCP Query User{4911CCD7-FE68-4F21-8EBA-69EB9535F518}C:\program files\tvants\tvants.exe" = protocol=6 | dir=in | app=c:\program files\tvants\tvants.exe |
"TCP Query User{8EBB41E0-BD75-4710-AA4F-2D1C96CEA629}C:\program files\emule\emule.exe" = protocol=6 | dir=in | app=c:\program files\emule\emule.exe |
"TCP Query User{A0432658-D35D-449B-9E29-2F6A2AE0B6D9}C:\quetzalcoatl-script-v1.6\mirc.exe" = protocol=6 | dir=in | app=c:\quetzalcoatl-script-v1.6\mirc.exe |
"TCP Query User{AF0B91C5-3C95-43AC-82A6-44A5411C4937}J:\program files\wanadoo\sullivan\windrop\eggdrop.exe" = protocol=6 | dir=in | app=j:\program files\wanadoo\sullivan\windrop\eggdrop.exe |
"TCP Query User{BC567969-4F2E-4F03-AF1D-16A440908C4E}C:\program files\sopcast\adv\sopadver.exe" = protocol=6 | dir=in | app=c:\program files\sopcast\adv\sopadver.exe |
"TCP Query User{C152137F-2010-4130-8037-ACC1A07F784F}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"TCP Query User{C9B87578-E976-41F1-9CF8-1D554FF46ACA}C:\program files\sopcast\sopcast.exe" = protocol=6 | dir=in | app=c:\program files\sopcast\sopcast.exe |
"TCP Query User{D264007A-8109-4AD5-B632-F7F4159E27E1}C:\program files\realvnc\vnc4\winvnc4.exe" = protocol=6 | dir=in | app=c:\program files\realvnc\vnc4\winvnc4.exe |
"TCP Query User{DA07D4CB-DE7D-4169-AB46-43B37CAD5950}C:\program files\free music zilla\fmzilla.exe" = protocol=6 | dir=in | app=c:\program files\free music zilla\fmzilla.exe |
"TCP Query User{DD389B9D-08E5-4BA9-B43F-9F013D923C9A}C:\users\sullivan\appdata\roaming\sopcast\adv\sopadver.exe" = protocol=6 | dir=in | app=c:\users\sullivan\appdata\roaming\sopcast\adv\sopadver.exe |
"TCP Query User{E6C1BAA9-ABE2-4F06-8FA6-F4FF28909444}C:\program files\bittorrent\bittorrent.exe" = protocol=6 | dir=in | app=c:\program files\bittorrent\bittorrent.exe |
"TCP Query User{EE3DED20-2E7C-4776-81F9-4A351D62B6FD}C:\users\sullivan\appdata\roaming\microsoft\windows\start menu\itunes.exe" = protocol=6 | dir=in | app=c:\users\sullivan\appdata\roaming\microsoft\windows\start menu\itunes.exe |
"UDP Query User{05AF1C4C-97E7-4A61-98B1-ED995CF19E36}J:\program files\wanadoo\sullivan\windrop\eggdrop.exe" = protocol=17 | dir=in | app=j:\program files\wanadoo\sullivan\windrop\eggdrop.exe |
"UDP Query User{21EDC5F3-3811-4F27-9E6B-E67DEFEBF876}C:\program files\sopcast\sopcast.exe" = protocol=17 | dir=in | app=c:\program files\sopcast\sopcast.exe |
"UDP Query User{225E73FB-5BEF-4B44-96FD-94917921E20D}C:\users\sullivan\appdata\roaming\sopcast\adv\sopadver.exe" = protocol=17 | dir=in | app=c:\users\sullivan\appdata\roaming\sopcast\adv\sopadver.exe |
"UDP Query User{2A2CE83C-162B-4C27-97E3-1F3E86C7B877}C:\users\sullivan\appdata\roaming\microsoft\windows\start menu\itunes.exe" = protocol=17 | dir=in | app=c:\users\sullivan\appdata\roaming\microsoft\windows\start menu\itunes.exe |
"UDP Query User{70A188E8-CFB7-48CB-AA03-65B46FE31A36}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{7DD237F5-1A08-4A14-AFBA-4E55DD52998E}C:\quetzalcoatl-script-v1.6\mirc.exe" = protocol=17 | dir=in | app=c:\quetzalcoatl-script-v1.6\mirc.exe |
"UDP Query User{8E70A5C1-3692-44C7-A419-BE0F20CC67BA}C:\program files\bittorrent\bittorrent.exe" = protocol=17 | dir=in | app=c:\program files\bittorrent\bittorrent.exe |
"UDP Query User{91B3F224-4D4C-4CB0-814A-CFD05222DF5F}C:\program files\tvants\tvants.exe" = protocol=17 | dir=in | app=c:\program files\tvants\tvants.exe |
"UDP Query User{9393511A-1201-46FA-AAC1-71486D8557CD}C:\program files\sopcast\adv\sopadver.exe" = protocol=17 | dir=in | app=c:\program files\sopcast\adv\sopadver.exe |
"UDP Query User{B0A71B36-32E9-48D0-9D60-A1C01E7B9C9E}C:\program files\realvnc\vnc4\winvnc4.exe" = protocol=17 | dir=in | app=c:\program files\realvnc\vnc4\winvnc4.exe |
"UDP Query User{BF8FAEE7-FC06-46EA-8488-4E257374A049}C:\program files\filezilla ftp client\filezilla.exe" = protocol=17 | dir=in | app=c:\program files\filezilla ftp client\filezilla.exe |
"UDP Query User{D5F265A3-9E52-4B49-889E-E672A1980648}C:\program files\free music zilla\fmzilla.exe" = protocol=17 | dir=in | app=c:\program files\free music zilla\fmzilla.exe |
"UDP Query User{D890F00A-53F8-4C1F-BF20-1A7DE58F5797}C:\program files\21cn\vgo\vgodl.exe" = protocol=17 | dir=in | app=c:\program files\21cn\vgo\vgodl.exe |
"UDP Query User{ED551165-9EBE-4110-8C80-8965F100C707}C:\program files\emule\emule.exe" = protocol=17 | dir=in | app=c:\program files\emule\emule.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{02DFF6B1-1654-411C-8D7B-FD6052EF016F}" = Apple Software Update
"{059C042E-796A-4ACC-A81A-ECC2010BB78C}" = Windows Live Messenger
"{08CA9554-B5FE-4313-938F-D4A417B81175}" = QuickTime
"{0ED40D2A-7131-4FE7-941E-5C329336F712}" = HDReg France
"{121634B0-2F4B-11D3-ADA3-00C04F52DD52}" = Windows Installer Clean Up
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1EF377AC-035A-48BE-8EF7-D18D36308CE9}" = OFFICE One 7.0
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Outil de téléchargement Windows Live
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{3248F0A8-6813-11D6-A77B-00B0D0160020}" = Java(TM) 6 Update 2
"{3248F0A8-6813-11D6-A77B-00B0D0160030}" = Java(TM) 6 Update 3
"{33B637E3-1DF3-9729-0813-9A7AFD95B7FF}" = ATI Catalyst Control Center Ex
"{35B91753-5789-4517-9CF1-2CCE3A8CF4F1}" = Apple Mobile Device Support
"{3851147E-5A91-4469-BA4D-13FFFCC8A920}" = Microsoft Windows OneCare Live v2.5.2900.24 Idcrl Install
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{44CDBD1B-89FB-4E02-8319-2A4C550F664A}" = RTC Client API v1.2
"{47BF1BD6-DCAC-468F-A0AD-E5DECC2211C3}" = Bonjour
"{4DE3E3D9-AE81-45DE-9195-3015F7B1DBF3}" = Junk Mail filter update
"{4F41AD68-89F2-4262-A32C-2F70B01FCE9E}" = Photorécit 3 pour Windows
"{5660022E-F3F2-4126-8CC5-9726C47150EB}" = Microsoft Windows Live OneCare Resources v2.5.2900.24
"{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}" = Skype™ 3.8
"{5D2683BE-2C44-4DB5-BECD-87B324077A7F}" = OFFICE One Notes v7
"{63DC2DA0-2A6C-4C38-9249-B75395458657}" = Windows Live Mail
"{63E949F6-03BC-5C40-FF1F-C8B3B9A1E18E}" = Visual C++ 8.0 CRT.Policy (x86) WinSXS MSM Beta2
"{6513E869-647F-40FD-A55D-CFC92579B9BA}" = PX Engine
"{66332652-9C28-58B1-FF1F-C8B3B9A1E18E}" = Visual C++ 8.0 ATL.Policy (x86) WinSXS MSM Beta2
"{68B7C6D9-1DF2-54C1-FF1F-C8B3B9A1E18E}" = Visual C++ 8.0 MFC.Policy (x86) WinSXS MSM Beta2
"{7370DF47-B4F9-4279-BFC3-3F09919F720D}" = Installation Windows Live
"{76E41F43-59D2-4F30-BA42-9A762EE1E8DE}" = Avanquest update
"{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}" = Windows Live Call
"{85C5827E-106F-4497-8066-B7CFEBBEA91D}" = OFFICE One Menu v7
"{87DEF84E-51A5-4A0E-91C2-E012E92DE69B}" = OFFICE One QuickZip v7
"{8B21B9EF-6DBF-4F63-8CC7-9F6A56D1EE8E}" = GTOneCare
"{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}" = Choice Guard
"{90120000-0020-040C-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{9012040C-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Standard Edition 2003
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{97F81AF1-0E47-DC99-FF1F-C8B3B9A1E18E}" = Visual C++ 8.0 ATL (x86) WinSXS MSM Beta2
"{98CB24AD-52FB-DB5F-FF1F-C8B3B9A1E18E}" = Visual C++ 8.0 CRT (x86) WinSXS MSM Beta2
"{9BAE13A2-E7AF-D6C3-FF1F-C8B3B9A1E18E}" = Visual C++ 8.0 MFC (x86) WinSXS MSM Beta2
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9E5D235-52F9-49E5-98F0-CD79940FB0CE}" = Microsoft Protection Service
"{AC76BA86-7AD7-1036-7B44-A80000000002}" = Adobe Reader 8 - Français
"{B243ABE9-57C2-4B97-BA6B-37DF6C0208ED}" = OFFICE One Safety-Box v7
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B7FB0C86-41A4-4402-9A33-912C462042A0}" = Roxio Creator 9 LE
"{B8F3555E-B918-445E-97D1-BC4861C4EF59}" = OFFICE One ClipArt v7
"{BA147801-8946-4BBE-BE17-A2199CE52C81}" = OFFICE One 150 Templates v7
"{BAD8CA9C-77C0-4663-B00B-A8D3B13C341B}" = Motorola Phone Tools
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CC016F21-3970-11DE-B878-005056806466}" = Google Earth
"{CC0C788C-7C68-47A9-BFBF-0DF7B205B4CC}" = OFFICE One Fonts v7
"{CFF24C43-9C46-4044-9C54-A4D98A3A25FB}" = Ma-Config.com
"{D07A8E7E-D324-4945-BA8C-E532AD008FF3}" = Microsoft Windows OneCare Live v2.5.2900.24
"{D2BD3C8F-9D7F-472B-BDF9-7309A5CB813A}" = Motorola Driver Installation 3.5.0
"{D3116CC7-24DC-4CA3-9CE1-23FED836E9F2}" = Assistant de connexion Windows Live
"{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}" = Ad-Aware
"{E1A7B28B-AA31-442C-A4FA-598B65A7F5DA}" = OFFICE One License v7
"{E26B83D1-C0BB-41BC-8F44-31D5354DD6AF}" = Microsoft Windows OneCare Live AntiSpyware and AntiVirus
"{EF6C4600-306D-4F6A-A119-C2A877D25B4A}" = iTunes
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F29DDAD0-447D-4BDB-80CB-4276B4D5C9A7}" = Ciel Devis Factures 6.0
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{F49FEF83-45CA-4CE8-8304-A7372BA07AA9}" = Motorola Phone Tools
"{FEC30F06-A382-47D1-B828-859AC641EB1D}" = OFFICE One Startup v7
"Ad-Aware" = Ad-Aware
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Shockwave Player" = Adobe Shockwave Player
"AdobeReader" = Adobe Reader 8
"AOL" = AOL 9.5
"Artful GIF Animator_is1" = Artful GIF Animator 1.2
"AUDIO_REALTEK" = Realtek HD Audio V6.0.1.5322
"BitTorrent" = BitTorrent 5.0.9
"Calendar_is1" = Calendar v.4.0
"CCleaner" = CCleaner (remove only)
"CFWebAdvancedU" = CamfrogWEB Advanced ActiveX Plugin (remove only)
"Coach Cérébral Vol.1" = Coach Cérébral Vol.1
"Creative PC-CAM Center" = Creative PC-CAM Center
"Creative PD1120" = Creative WebCam NX Ultra Driver (1.01.03.0112)
"Creative WebCam Monitor" = Creative WebCam Monitor
"CREATOR9" = Creator 9
"eMule" = eMule
"eoEngine_is1" = eoEngine 4.8
"eoWeather_is1" = eoWeather 4.6
"FileZilla Client" = FileZilla Client 3.0.8.1
"Flashplayer" = Flash Player plugins 9
"Foxmail_is1" = Foxmail 5.0 Fr.
"Free Music Zilla_is1" = Free Music Zilla
"Free Video Converter_is1" = Free Video Converter V 1.2
"Freecorder_1.0" = Freecorder 2.3 (with Skype Call Recording)
"Google Chrome" = Google Chrome
"Google Updater" = Outil de mise à jour Google
"HijackThis" = HijackThis 2.0.0
"Infocentre" = Infocentre Rev. 2.0
"ItsMedia_is1" = ItsMedia 1.3
"iWizz 1.0b1" = iWizz
"iWizz 1.0b4c5" = iWizz
"Joost" = Joost (tm) Beta 1.1.3
"KLiteCodecPack_is1" = K-Lite Codec Pack 3.3.0 Full
"Lexmark 1200 Series" = Lexmark 1200 Series
"MailWasher Free_is1" = MailWasher Free
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Messenger Plus! Live" = Messenger Plus! Live
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"mIRC" = mIRC
"Mozilla Thunderbird (2.0.0.17)" = Mozilla Thunderbird (2.0.0.17)
"Navilog1_is1" = Navilog1 3.7.1
"NIS2007_FR" = NIS2007
"OFFICE" = Office One
"PowerISO" = PowerISO
"Programme de désinstallation AOL" = AOL - Assistant de désinstallation
"QuEtZaLcOatL-ScRiPt" = QuEtZaLcOatL-ScRiPt v1.6
"SecondLife" = SecondLife (remove only)
"SETUPMYPC_FR" = SetUp My PC
"Sina Web TV" = Sina Web TV
"SKYPE" = Skype 2.5.2.151
"SopCast" = SopCast 1.1.2
"StuffPlug3" = StuffPlug 3
"Switch" = Switch Sound File Converter
"TeamViewer 4" = TeamViewer 4
"TVAnts 1.0" = TVAnts 1.0
"Updator" = Packard Bell Updator
"VIDEO_ATI" = Video ATI v8.31
"VidGIF_is1" = VidGIF
"ViewpointMediaPlayer" = Viewpoint Media Player
"WinLiveSuite_Wave3" = Installation Windows Live
"WinRAR archiver" = Archiveur WinRAR
"WinSS" = Windows Live OneCare
"Xvid_is1" = Xvid 1.2.1 final uninstall

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-816692740-1844642012-476897256-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Beach Soccer" = Beach Soccer
"IMVU Avatar chat client software BETA" = IMVU Avatar Chat Software

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 27/07/2009 01:50:55 | Computer Name = PC-de-Sullivan | Source = Application Error | ID = 1000
Description = Application défaillante Explorer.EXE, version 6.0.6000.16771, horodatage
0x4907deda, module défaillant kernel32.dll, version 6.0.6000.16820, horodatage
0x49952034, code d’exception 0xc0000005, décalage d’erreur 0x000c5ff7, ID du processus
0x7fc, heure de début de l’application 0x01ca0e7e21d1fa05.

Error - 27/07/2009 01:51:08 | Computer Name = PC-de-Sullivan | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =

Error - 27/07/2009 02:11:32 | Computer Name = PC-de-Sullivan | Source = Application Error | ID = 1000
Description = Application défaillante Explorer.EXE, version 6.0.6000.16771, horodatage
0x4907deda, module défaillant kernel32.dll, version 6.0.6000.16820, horodatage
0x49952034, code d’exception 0xc0000096, décalage d’erreur 0x000c60db, ID du processus
0x7f8, heure de début de l’application 0x01ca0e81035a1e51.

Error - 27/07/2009 02:11:34 | Computer Name = PC-de-Sullivan | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =

Error - 27/07/2009 02:14:15 | Computer Name = PC-de-Sullivan | Source = MsiInstaller | ID = 10005
Description =

Error - 27/07/2009 02:14:31 | Computer Name = PC-de-Sullivan | Source = MsiInstaller | ID = 10005
Description =

Error - 27/07/2009 02:16:22 | Computer Name = PC-de-Sullivan | Source = Application Error | ID = 1000
Description = Application défaillante Explorer.EXE, version 6.0.6000.16771, horodatage
0x4907deda, module défaillant kernel32.dll, version 6.0.6000.16820, horodatage
0x49952034, code d’exception 0xc0000096, décalage d’erreur 0x000c60db, ID du processus
0x7c, heure de début de l’application 0x01ca0e81b2e53248.

Error - 27/07/2009 02:16:22 | Computer Name = PC-de-Sullivan | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =

Error - 27/07/2009 02:22:31 | Computer Name = PC-de-Sullivan | Source = MsiInstaller | ID = 10005
Description =

Error - 27/07/2009 15:08:48 | Computer Name = PC-de-Sullivan | Source = Lavasoft Ad-Aware Service | ID = 0
Description =

[ Media Center Events ]
Error - 24/11/2007 15:30:06 | Computer Name = PC-de-Sullivan | Source = Media Center Guide | ID = 0
Description = ?

Error - 05/12/2008 09:42:52 | Computer Name = PC-de-Sullivan | Source = Media Center Guide | ID = 0
Description = ?

[ System Events ]
Error - 26/07/2009 12:57:59 | Computer Name = PC-de-Sullivan | Source = MSFWDrv | ID = 262153
Description = Le périphérique n'a pas répondu dans le délai imparti.

Error - 26/07/2009 12:58:00 | Computer Name = PC-de-Sullivan | Source = MSFWDrv | ID = 262153
Description = Le périphérique n'a pas répondu dans le délai imparti.

Error - 26/07/2009 12:58:07 | Computer Name = PC-de-Sullivan | Source = MSFWDrv | ID = 262153
Description = Le périphérique n'a pas répondu dans le délai imparti.

Error - 26/07/2009 12:58:08 | Computer Name = PC-de-Sullivan | Source = MSFWDrv | ID = 262153
Description = Le périphérique n'a pas répondu dans le délai imparti.

Error - 26/07/2009 12:58:08 | Computer Name = PC-de-Sullivan | Source = MSFWDrv | ID = 262153
Description = Le périphérique n'a pas répondu dans le délai imparti.

Error - 26/07/2009 16:59:48 | Computer Name = PC-de-Sullivan | Source = Service Control Manager | ID = 7009
Description =

Error - 26/07/2009 16:59:48 | Computer Name = PC-de-Sullivan | Source = Service Control Manager | ID = 7000
Description =

Error - 26/07/2009 17:17:00 | Computer Name = PC-de-Sullivan | Source = Service Control Manager | ID = 7034
Description =

Error - 26/07/2009 18:58:34 | Computer Name = PC-de-Sullivan | Source = Service Control Manager | ID = 7030
Description =

Error - 27/07/2009 15:08:48 | Computer Name = PC-de-Sullivan | Source = Service Control Manager | ID = 7030
Description =

[ Windows OneCare Events ]
Error - 09/05/2009 20:42:23 | Computer Name = PC-de-Sullivan | Source = WinSS | ID = 7001
Description = Impossible d'exécuter le processus de vérification de la sécurité
sans fil. Code d'erreur = 0x8a180109.


<End>
frofro
 
Messages: 6
Inscription: 26 Juil 2009, 20:34

Messagede frofro » 30 Juil 2009, 00:44

bonsoir,

Pour vous informer que bizarrement, sans rien faire, du jour au lendemain le débit est redevenu normal sur mon ordinateur, sans raison particulière...

Cela dit, ça m'intéresse toujours de savoir ce que je pourrais enlever de mon rapport hijackthis.

Merci!
frofro
 
Messages: 6
Inscription: 26 Juil 2009, 20:34


Retourner vers Sécurité (Contamination - Décontamination)

Qui est en ligne

Utilisateurs parcourant ce forum: Aucun utilisateur enregistré et 9 invités