Analyse de log

Sécurité et insécurité. Virus, Trojans, Spywares, Failles etc. …

Modérateur: Modérateurs et Modératrices

Règles du forum
Assiste.com a suspendu l'assistance à la décontamination après presque 15 ans sur l'ancien forum puis celui-ci. Voir :

Procédure de décontamination 1 - Anti-malware
Décontamination anti-malwares

Procédure de décontamination 2 - Anti-malware et antivirus (La Manip)
La Manip - Procédure standard de décontamination

Entretien périodique d'un PC sous Windows
Entretien périodique d'un PC sous Windows

Protection des navigateurs, de la navigation et de la vie privée
Protéger le navigateur, la navigation et la vie privée

Analyse de log

Messagede maltin75 » 04 Oct 2009, 17:22

Bonjour je suis sur :
Windows XP Professionnel (build 2600) Service Pack 2
Navigateur web par défaut: Mozilla Firefox
Client e-mail par défaut: Mozilla Thunderbird
Antivirus: Trend Micro PC-cillin Internet Security 2007 15.30.1234
Pare-feu:Trend Micro PC-cillin Internet Security 15

Carte mère
SMBios version 2.3
MICRO-STAR INC. MS-6728 100
Bios: American Megatrends Inc. V2.5 09/29/2004 taille: 512Kb

Chipset
Northbridge: Intel 82865G/PE/P/848P
Southbridge: Intel 82801EB/ER (ICH5/R)

Processeur
Intel(R) Pentium(R) 4 CPU 3.20GHz (3200Mhz) (L1: 28ko L2: 1024ko )

Mémoire
mémoire windows (cette valeur ne correspond pas exactement à la mémoire totale physique): 2047Mo

Carte Graphique
nVidia Corporation NV40 [GeForce 6800 Ultra] (256 Mo)

___________________________

Voici ma demande, depuis quelque temps j'ai du mal à me connecter sur internet, et des lenteurs de mon pc, alors voici mon log :

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:13, on 04/10/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Cacheman\CachemanServ.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\mdm.exe
C:\WINDOWS\system32\oodag.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\CyberLink\Shared files\RichVideo.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\vspc1300.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\CyberLink\PowerDVD9\PDVD9Serv.exe
C:\Program Files\Cyberlink\Shared Files\brs.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Cacheman\CachemanTray.exe
C:\Program Files\Pro Imaging Powertoys\Microsoft Color Control Panel Applet for Windows XP\WinColorReminder.exe
C:\Program Files\MSI\Core Center\CoreCenter.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Fichiers communs\Logishrd\KHAL2\KHALMNPR.EXE
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Trend Micro\Internet Security\SfCtlCom.exe
C:\Program Files\Trend Micro\TrendSecure\TISProToolbar\ProToolbarUpdate.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\TrendSecure\TSCFPlatformCOMSvr.exe
C:\Program Files\Trend Micro\TrendSecure\TISProToolbar\PlatformDependent\ProToolbarComm.exe
C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe
C:\Program Files\Trend Micro\Internet Security\TmPfw.exe
C:\Program Files\Trend Micro\Internet Security\TmProxy.exe
C:\Program Files\Trend Micro\BM\TMBMSRV.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Mozilla Thunderbird\thunderbird.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Trend Micro\Internet Security\UfUpdUi.exe
C:\Program Files\ma-config.com\maconfservice.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = http://www.google.fr/keyword/%s
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.fr/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.fr/ie
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = proxy.free.fr:3128
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local;localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Trend Micro Toolbar BHO - {43C6D902-A1C5-45c9-91F6-FD9E90337E18} - C:\Program Files\Trend Micro\TrendSecure\TISProToolbar\TSToolbar.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Trend Micro Toolbar - {CCAC5586-44D7-4c43-B64A-F042461A97D2} - C:\Program Files\Trend Micro\TrendSecure\TISProToolbar\TSToolbar.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [spc1300] C:\WINDOWS\vspc1300.exe
O4 - HKLM\..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe /install
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [RemoteControl9] "C:\Program Files\CyberLink\PowerDVD9\PDVD9Serv.exe"
O4 - HKLM\..\Run: [PDVD9LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD9\Language\Language.exe"
O4 - HKLM\..\Run: [BDRegion] C:\Program Files\Cyberlink\Shared Files\brs.exe
O4 - HKLM\..\Run: [UfSeAgnt.exe] "C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe"
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [CachemanTray] C:\Program Files\Cacheman\CachemanTray.exe
O4 - HKCU\..\Run: [WinColorReminder] C:\Program Files\Pro Imaging Powertoys\Microsoft Color Control Panel Applet for Windows XP\WinColorReminder.exe
O4 - HKUS\S-1-5-18\..\Run: [OE] C:\Program Files\Trend Micro\Internet Security\TMAS_OE\TMAS_OEMon.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [OE] C:\Program Files\Trend Micro\Internet Security\TMAS_OE\TMAS_OEMon.exe (User 'Default user')
O4 - Global Startup: CoreCenter.lnk = C:\Program Files\MSI\Core Center\CoreCenter.exe
O4 - Global Startup: Lancement rapide d'Adobe Acrobat.lnk = ?
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O4 - Global Startup: WiziWYG XP Startup.lnk = C:\Program Files\Praxisoft\WiziWYG XP\WiziWYGXP.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: http://asia.msi.com.tw
O15 - Trusted Zone: http://global.msi.com.tw
O15 - Trusted Zone: http://www.msi.com.tw
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} (Office Genuine Advantage Validation Tool) -
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) -
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microso ... 4303851718
O16 - DPF: {9191F686-7F0A-441D-8A98-2FE3AC1BD913} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/activescan ... stubie.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{0AE9DD37-0D01-4E2E-90B1-99C596FD648E}: NameServer = 212.27.40.240,212.27.40.241
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\Skype4COM.dll
O18 - Protocol: tmtb - {04EAF3FB-4BAC-4B5A-A37D-A1CF210A5A42} - C:\Program Files\Trend Micro\TrendSecure\TISProToolbar\TSToolbar.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Cacheman Service (CachemanService) - Outertech - C:\Program Files\Cacheman\CachemanServ.exe
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Fichiers communs\Logitech\Bluetooth\LBTServ.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Fichiers communs\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: Norton Ghost - Symantec Corporation - C:\Program Files\Norton Ghost\Agent\VProSvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: O&O Defrag - O&O Software GmbH - C:\WINDOWS\system32\oodag.exe
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe
O23 - Service: Security Activity Dashboard Service - Unknown owner - C:\Program Files\Trend Micro\TrendSecure\SecurityActivityDashboard\tmarsvc.exe (file missing)
O23 - Service: Composant de commande centrale Trend Micro (SfCtlCom) - Trend Micro Inc. - C:\Program Files\Trend Micro\Internet Security\SfCtlCom.exe
O23 - Service: Trend Micro Unauthorized Change Prevention Service (TMBMServer) - Trend Micro Inc. - C:\Program Files\Trend Micro\BM\TMBMSRV.exe
O23 - Service: Trend Micro Personal Firewall (TmPfw) - Trend Micro Inc. - C:\Program Files\Trend Micro\Internet Security\TmPfw.exe
O23 - Service: Trend Micro Proxy Service (TmProxy) - Trend Micro Inc. - C:\Program Files\Trend Micro\Internet Security\TmProxy.exe

--
End of file - 12232 bytes
maltin75
 
Messages: 5
Inscription: 04 Oct 2009, 17:00
Localisation: paris

Messagede nickW » 05 Oct 2009, 00:40

Bonsoir,

Remarque initiale:
Il reste deux services liés à une mise à jour automatique Symantec.
As-tu désinstallé un produit Norton?


Peux-tu donner des précisions sur les problèmes du PC:
*- depuis quand?
*- est-ce arrivé subitement ou petit à petit?
*- quand la lenteur se manifeste-t-elle? Tout le temps/seulement sur internet/quand de nombreux programmes sont lancés/autre
*- que signifie: "j'ai du mal à me connecter sur internet"? Pages blanches/messages d'erreur/sites inaccessibles/autre


Que dit l'Observateur d'événements sur une journée seulement?
Démarrer--->Paramètres--->Panneau de configuration--->Outils d'administration--->Observateur d'événements
Voir dans Application, Sécurité et Système s'il y a des icônes rouges ou jaunes.


As-tu vérifié s'il n'y avait pas un problème de pilote?
Démarrer---->Paramètres---->Panneau de configuration---->Système---->Onglet Matériel--->Bouton Gestionnaire de périphériques
Vois-tu des icônes jaunes ou rouges?


HijackThis étant obsolète, peux-tu suivre les instructions de ce sujet et envoyer les trois rapports demandés?

A suivre,
nickW - Image
30/07/2012: Plus de désinfection de PC jusqu'à nouvel ordre.
Pas de demande d'analyse de log en MP (Message Privé)
Mes configs
Avatar de l’utilisateur
nickW
Modérateur
 
Messages: 21698
Inscription: 20 Mai 2004, 17:41
Localisation: Dordogne/Île de France

Complément d'informations

Messagede maltin75 » 06 Oct 2009, 07:26

Bonsoir voici le complément d'informations :
C'est une mise à jour automatique Symantec pour Ghost...

Merci à toi de m'aider
maltin75
 
Messages: 5
Inscription: 04 Oct 2009, 17:00
Localisation: paris

Messagede maltin75 » 06 Oct 2009, 07:26

Bonsoir
Merci de me répondre, alors les problèmes sont venu au fur et à mesure, et depuis 1 semaine, j'ai plus d'accès à internet comme çi j'avais pas de connexion avec la page habituelle "sites inaccessibles", mon écran se fige quand j'utilise au minimum deux logiciels de graphisme, et dont je dois redémarrer mon Pc.

____________________________

Voici quelques message dans l'observateur d'événements :

- Le maître explorateur a reçu une annonce de serveur de l'ordinateur MIGUEL qui pense qu'il est le maître explorateur sur le domaine pour le transport NetBT_Tcpip_{0AE9DD37-0D01-4E2E-90. Le maître explorateur s'arrête ou une élection est provoquée.

- L'explorateur n'a pas pu retrouver la liste des serveurs du maître explorateur \\MIGUEL sur le réseau \Device\NetBT_Tcpip_{0AE9DD37-0D01-4E2E-90B1-99C596FD648E}. La donnée est le code d'erreur.

- Application défaillante tistool.exe, version 17.50.0.1366, module défaillant unknown, version 0.0.0.0, adresse de défaillance 0x00000000.

Application défaillante SfCtlCom.exe, version 17.1.0.1250, module défaillant unknown, version 0.0.0.0, adresse de défaillance 0x5015b080.

- Le serveur {1A65BAB7-30B1-4FB7-BC13-D00C28FCF605} ne s'est pas enregistré sur DCOM avant la fin du temps imparti.

-DCOM a reçu l'erreur "Le service ne peut pas être démarré parce qu'il est désactivé ou qu'aucun périphérique activé ne lui est associé. " lors de la mise en route du service upnphost avec les arguments "" pour démarrer le serveur :
{204810B9-73B2-11D4-BF42-00B0D0118B56}

- Le maître explorateur a reçu une annonce de serveur de l'ordinateur MIGUEL qui pense qu'il est le maître explorateur sur le domaine pour le transport NetBT_Tcpip_{0AE9DD37-0D01-4E2E-90. Le maître explorateur s'arrête ou une élection est provoquée.

- Application défaillante exportcontroller.exe, version 7.64.17.73, module défaillant ntdll.dll, version 5.1.2600.5755, adresse de défaillance 0x00010b2c.

- Application défaillante SfCtlCom.exe, version 16.10.0.1106, module défaillant msvcr80.dll, version 8.0.50727.3053, adresse de défaillance 0x000046b4.

- Product: Adobe Illustrator CS3 -- Please install Adobe Illustrator CS3 using Setup.exe
---> dont je peux plus imprimer et enregistrer mes documents

- Le service IISADMIN n'est pas disponible, empêchant ainsi l'indexation des racines virtuelles.

- Application défaillante importerprocessserver.exe, version 0.0.0.0, module défaillant ntdll.dll, version 5.1.2600.5755, adresse de défaillance 0x000113b5.

- Product: MSXML 6.0 Parser -- Error 1931. The Windows Installer service cannot update the system file C:\WINDOWS\system32\msxml6r.dll because the file is protected by Windows. You may need to update your operating system for this program to work correctly. Package version: 6.0.3883.0, OS Protected version: 6.0.3883.0

- Nettoyage des méta-données endommagées de l'index de contenu sur g:\system volume information\catalog.wci. L'index sera automatiquement restauré en refiltrant tous les documents.

____________________________

Je n'est pas de problème de pilotes, tout à l'air de bien fonctionner.

____________________________

Rapport Malwarebytes's

Malwarebytes' Anti-Malware 1.41
Version de la base de données: 2908
Windows 5.1.2600 Service Pack 3

06/10/2009 07:57:59
mbam-log-2009-10-06 (07-57-59).txt

Type de recherche: Examen rapide
Eléments examinés: 146431
Temps écoulé: 7 minute(s), 33 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
(Aucun élément nuisible détecté)

____________________________

Raport OTL

OTL logfile created on: 06/10/2009 08:17:48 - Run 2
OTL by OldTimer - Version 3.0.18.4 Folder = D:\Documents de MDA\Téléchargements
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

2.00 Gb Total Physical Memory | 1.68 Gb Available Physical Memory | 84.23% Memory free
2.76 Gb Paging File | 1.96 Gb Available in Paging File | 71.25% Paging File free
Paging file location(s): [Binary data over 100 bytes]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 34.18 Gb Total Space | 7.93 Gb Free Space | 23.19% Space Free | Partition Type: NTFS
Drive D: | 114.87 Gb Total Space | 35.43 Gb Free Space | 30.85% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
Drive G: | 149.05 Gb Total Space | 92.74 Gb Free Space | 62.22% Space Free | Partition Type: NTFS
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: DANASTYLE
Current User Name: Michel
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2009/07/14 13:34:58 | 00,168,004 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvsvc32.exe
PRC - [2007/07/01 12:11:10 | 00,072,704 | ---- | M] (Adobe Systems) -- C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
PRC - [2009/08/28 19:42:54 | 00,144,672 | ---- | M] (Apple Inc.) -- C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
PRC - [2008/12/12 12:17:38 | 00,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe
PRC - [2009/06/19 17:17:20 | 00,215,040 | ---- | M] (Outertech) -- C:\Program Files\Cacheman\CachemanServ.exe
PRC - [2006/04/24 14:25:44 | 00,073,728 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
PRC - [2009/09/10 14:54:02 | 00,269,648 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2006/10/26 13:40:34 | 00,335,872 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\mdm.exe
PRC - [2007/06/29 00:02:08 | 01,049,856 | ---- | M] (O&O Software GmbH) -- C:\WINDOWS\System32\oodag.exe
PRC - [2007/09/26 10:56:14 | 00,554,352 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
PRC - [2009/04/27 18:22:34 | 00,271,760 | ---- | M] () -- C:\Program Files\CyberLink\Shared files\RichVideo.exe
PRC - [2009/05/19 11:36:18 | 00,240,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
PRC - [2007/01/31 14:55:42 | 00,096,370 | ---- | M] (Canon Inc.) -- C:\Program Files\Canon\CAL\CALMAIN.exe
PRC - [2009/07/27 12:33:25 | 00,083,280 | ---- | M] (Trend Micro Inc.) -- C:\Program Files\Trend Micro\TrendSecure\TISProToolbar\ProToolbarUpdate.exe
PRC - [2009/09/21 16:36:02 | 00,545,568 | ---- | M] (Apple Inc.) -- C:\Program Files\iPod\bin\iPodService.exe
PRC - [2008/05/07 16:11:22 | 03,425,632 | ---- | M] (Symantec Corporation) -- C:\Program Files\Norton Ghost\Agent\VProSvc.exe
PRC - [2008/04/14 04:34:03 | 01,037,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Explorer.EXE
PRC - [2007/05/31 16:54:12 | 00,675,840 | ---- | M] (Sonix) -- C:\WINDOWS\vspc1300.exe
PRC - [2009/07/25 05:23:12 | 00,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jusched.exe
PRC - [2009/09/21 16:36:12 | 00,305,440 | ---- | M] (Apple Inc.) -- C:\Program Files\iTunes\iTunesHelper.exe
PRC - [2009/04/27 20:41:58 | 00,087,336 | ---- | M] (CyberLink Corp.) -- C:\Program Files\CyberLink\PowerDVD9\PDVD9Serv.exe
PRC - [2009/05/07 21:05:44 | 00,075,048 | ---- | M] (cyberlink) -- C:\Program Files\Cyberlink\Shared Files\brs.exe
PRC - [2009/06/19 17:20:24 | 00,306,176 | ---- | M] (Outertech) -- C:\Program Files\Cacheman\CachemanTray.exe
PRC - [2005/10/31 10:30:18 | 00,101,120 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Pro Imaging Powertoys\Microsoft Color Control Panel Applet for Windows XP\WinColorReminder.exe
PRC - [2009/10/02 18:58:14 | 00,492,808 | ---- | M] (Trend Micro Inc.) -- C:\Program Files\Trend Micro\Internet Security\TMAS_OE\TMAS_OEMon.exe
PRC - [2008/05/02 03:44:08 | 00,805,392 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Logitech\SetPoint\SetPoint.exe
PRC - [2008/05/02 03:40:56 | 00,076,304 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Fichiers communs\Logishrd\KHAL2\KHALMNPR.EXE
PRC - [2008/07/29 22:10:04 | 00,046,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
PRC - [2009/10/02 18:58:14 | 00,715,368 | ---- | M] (Trend Micro Inc.) -- C:\Program Files\Trend Micro\Internet Security\SfCtlCom.exe
PRC - [2009/10/02 18:58:15 | 01,020,248 | ---- | M] (Trend Micro Inc.) -- C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe
PRC - [2009/10/02 18:58:15 | 00,497,008 | ---- | M] (Trend Micro Inc.) -- C:\Program Files\Trend Micro\Internet Security\TmPfw.exe
PRC - [2009/10/02 18:58:15 | 00,689,416 | ---- | M] (Trend Micro Inc.) -- C:\Program Files\Trend Micro\Internet Security\TmProxy.exe
PRC - [2009/10/02 18:58:14 | 00,345,352 | ---- | M] (Trend Micro Inc.) -- C:\Program Files\Trend Micro\BM\TMBMSRV.exe
PRC - [2009/08/24 22:19:16 | 00,908,280 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2008/04/14 04:34:03 | 01,037,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Explorer.EXE
PRC - [2009/08/12 23:13:09 | 08,318,056 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Thunderbird\thunderbird.exe
PRC - [2009/01/22 19:48:40 | 00,124,928 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Flickr Uploadr\Flickr Uploadr.exe
PRC - [2009/10/05 19:33:31 | 00,520,704 | ---- | M] (OldTimer Tools) -- D:\Documents de MDA\Téléchargements\OTL.exe

========== Win32 Services (SafeList) ==========

SRV - [2008/04/14 04:33:18 | 00,100,352 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\6to4svc.dll -- (6to4 [Auto | Running])
SRV - [2007/07/01 12:11:10 | 00,072,704 | ---- | M] (Adobe Systems) -- C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe -- (Adobe LM Service [Auto | Running])
SRV - [2009/08/28 19:42:54 | 00,144,672 | ---- | M] (Apple Inc.) -- C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -- (Apple Mobile Device [Auto | Running])
SRV - [2008/07/25 12:16:40 | 00,034,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe -- (aspnet_state [On_Demand | Stopped])
SRV - [2000/05/24 15:20:36 | 00,015,360 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\ATMsrvc.exe -- (ATMsrvc [Disabled | Stopped])
SRV - [2008/12/12 12:17:38 | 00,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe -- (Bonjour Service [Auto | Running])
SRV - [2009/06/19 17:17:20 | 00,215,040 | ---- | M] (Outertech) -- C:\Program Files\Cacheman\CachemanServ.exe -- (CachemanService [Auto | Running])
SRV - [2007/01/31 14:55:42 | 00,096,370 | ---- | M] (Canon Inc.) -- C:\Program Files\Canon\CAL\CALMAIN.exe -- (CCALib8 [Auto | Running])
SRV - [2008/07/25 12:17:02 | 00,069,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32 [On_Demand | Stopped])
SRV - [2007/11/01 13:15:01 | 00,654,848 | ---- | M] (Macrovision Europe Ltd.) -- C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service [On_Demand | Stopped])
SRV - [2008/07/29 22:10:04 | 00,046,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe -- (FontCache3.0.0.0 [On_Demand | Running])
SRV - [2009/09/03 11:53:00 | 00,048,368 | ---- | M] (NOS Microsystems Ltd.) -- C:\Program Files\NOS\bin\getPlus_Helper.dll -- (getPlusHelper [On_Demand | Stopped])
SRV - [2008/04/14 04:33:38 | 00,038,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll -- (helpsvc [Auto | Running])
SRV - [2005/11/14 01:06:04 | 00,069,632 | ---- | M] (Macrovision Corporation) -- C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe -- (IDriverT [On_Demand | Stopped])
SRV - [2008/07/29 19:24:50 | 00,881,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe -- (idsvc [Unknown | Stopped])
SRV - [2009/09/21 16:36:02 | 00,545,568 | ---- | M] (Apple Inc.) -- C:\Program Files\iPod\bin\iPodService.exe -- (iPod Service [On_Demand | Running])
SRV - [2009/07/25 05:23:10 | 00,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe -- (JavaQuickStarterService [On_Demand | Stopped])
SRV - [2008/05/02 03:42:06 | 00,121,360 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Fichiers communs\Logitech\Bluetooth\LBTServ.exe -- (LBTServ [On_Demand | Stopped])
SRV - [2006/04/24 14:25:44 | 00,073,728 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe -- (LightScribeService [Auto | Running])
SRV - [2007/09/26 10:56:14 | 02,999,664 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec\LiveUpdate\LuComServer_3_2.EXE -- (LiveUpdate [On_Demand | Stopped])
SRV - [2009/09/23 14:50:28 | 00,238,960 | ---- | M] (CybelSoft) -- C:\Program Files\ma-config.com\maconfservice.exe -- (maconfservice [On_Demand | Stopped])
SRV - [2007/07/09 12:56:26 | 00,068,096 | ---- | M] () -- C:\Program Files\Fichiers communs\Macromedia Shared\Service\Macromedia Licensing.exe -- (Macromedia Licensing Service [On_Demand | Stopped])
SRV - [2009/09/10 14:54:02 | 00,269,648 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService [Auto | Running])
SRV - [2006/10/26 13:40:34 | 00,335,872 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\mdm.exe -- (MDM [Auto | Running])
SRV - [2008/07/29 19:16:38 | 00,132,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing [Disabled | Stopped])
SRV - File not found -- -- (NMIndexingService [On_Demand | Stopped])
SRV - [2008/05/07 16:11:22 | 03,425,632 | ---- | M] (Symantec Corporation) -- C:\Program Files\Norton Ghost\Agent\VProSvc.exe -- (Norton Ghost [On_Demand | Running])
SRV - [2009/07/14 13:34:58 | 00,168,004 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvsvc32.exe -- (nvsvc [Auto | Running])
SRV - [2007/06/29 00:02:08 | 01,049,856 | ---- | M] (O&O Software GmbH) -- C:\WINDOWS\System32\oodag.exe -- (O&O Defrag [Auto | Running])
SRV - [2008/11/04 01:06:28 | 00,441,712 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv [On_Demand | Stopped])
SRV - [2006/10/26 14:03:08 | 00,145,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE -- (ose [On_Demand | Stopped])
SRV - [2007/09/26 10:56:14 | 00,554,352 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe -- (Planificateur LiveUpdate automatique [Auto | Running])
SRV - [2003/10/22 10:19:22 | 00,065,536 | ---- | M] (HP) -- C:\WINDOWS\System32\HPZipm12.exe -- (Pml Driver HPZ12 [On_Demand | Stopped])
SRV - [2009/04/27 18:22:34 | 00,271,760 | ---- | M] () -- C:\Program Files\CyberLink\Shared files\RichVideo.exe -- (RichVideo [Auto | Running])
SRV - [2009/05/19 11:36:18 | 00,240,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe -- (SeaPort [Auto | Running])
SRV - File not found -- -- (Security Activity Dashboard Service [Auto | Stopped])
SRV - [2009/10/02 18:58:14 | 00,715,368 | ---- | M] (Trend Micro Inc.) -- C:\Program Files\Trend Micro\Internet Security\SfCtlCom.exe -- (SfCtlCom [Auto | Running])
SRV - [2009/10/02 18:58:14 | 00,345,352 | ---- | M] (Trend Micro Inc.) -- C:\Program Files\Trend Micro\BM\TMBMSRV.exe -- (TMBMServer [On_Demand | Running])
SRV - [2009/10/02 18:58:15 | 00,497,008 | ---- | M] (Trend Micro Inc.) -- C:\Program Files\Trend Micro\Internet Security\TmPfw.exe -- (TmPfw [On_Demand | Running])
SRV - [2009/10/02 18:58:15 | 00,689,416 | ---- | M] (Trend Micro Inc.) -- C:\Program Files\Trend Micro\Internet Security\TmProxy.exe -- (TmProxy [On_Demand | Running])
SRV - [2007/10/25 15:27:54 | 00,266,240 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\installer\WLSetupSvc.exe -- (WLSetupSvc [On_Demand | Stopped])
SRV - [2006/11/03 09:59:14 | 00,918,016 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\WMPNetwk.exe -- (WMPNetworkSvc [On_Demand | Stopped])

========== Driver Services (SafeList) ==========

DRV - [2008/04/13 11:46:22 | 00,048,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\DRIVERS\61883.sys -- (61883 [On_Demand | Stopped])
DRV - [2007/01/25 16:37:16 | 04,027,456 | R--- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\System32\drivers\ALCXWDM.SYS -- (ALCXWDM [On_Demand | Stopped])
DRV - [2008/04/13 11:46:22 | 00,038,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\DRIVERS\avc.sys -- (Avc [On_Demand | Stopped])
DRV - [2001/08/17 23:04:46 | 00,223,232 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\DRIVERS\camdrv21.sys -- (camvid20 [On_Demand | Stopped])
DRV - [2004/04/23 09:14:04 | 00,818,496 | R--- | M] (C-Media Inc) -- C:\WINDOWS\System32\drivers\cmuda.sys -- (cmuda [On_Demand | Running])
DRV - [2005/12/07 16:31:46 | 00,026,368 | ---- | M] (CSR) -- C:\WINDOWS\System32\Drivers\csrbcxp.sys -- (CSRBC [On_Demand | Stopped])
DRV - [2009/09/05 10:32:15 | 00,006,494 | ---- | M] (Mitsubishi Electric , NEC-Mitsubishi Electric Visual Systems) -- C:\WINDOWS\System32\DRIVERS\Moni2c.sys -- (DDCCI [On_Demand | Running])
DRV - [2003/07/24 12:10:34 | 00,017,149 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) -- C:\WINDOWS\System32\DNINDIS5.SYS -- (DNINDIS5 [On_Demand | Stopped])
DRV - [2009/09/23 14:53:20 | 00,014,336 | ---- | M] (CybelSoft) -- C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys -- (driverhardwarev2 [On_Demand | Stopped])
DRV - [2008/08/20 15:18:42 | 00,171,152 | ---- | M] (Intel Corporation) -- C:\WINDOWS\System32\DRIVERS\e1000325.sys -- (E1000 [On_Demand | Running])
DRV - [2009/05/18 14:17:00 | 00,026,600 | ---- | M] (GEAR Software Inc.) -- C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys -- (GEARAspiWDM [On_Demand | Running])
DRV - [2009/03/19 13:50:20 | 00,013,224 | ---- | M] (Sony Ericsson Mobile Communications) -- C:\WINDOWS\System32\DRIVERS\ggflt.sys -- (ggflt [On_Demand | Stopped])
DRV - [2009/03/19 13:50:20 | 00,024,616 | ---- | M] (Sony Ericsson Mobile Communications) -- C:\WINDOWS\System32\DRIVERS\ggsemc.sys -- (ggsemc [On_Demand | Stopped])
DRV - [2007/04/11 16:32:30 | 00,020,496 | ---- | M] (Logitech Inc.) -- C:\WINDOWS\System32\DRIVERS\L8042Kbd.sys -- (L8042Kbd [On_Demand | Running])
DRV - [2008/02/29 04:12:56 | 00,063,120 | ---- | M] (Logitech, Inc.) -- C:\WINDOWS\System32\DRIVERS\L8042mou.Sys -- (L8042mou [On_Demand | Running])
DRV - [2008/02/29 04:13:16 | 00,035,344 | ---- | M] (Logitech, Inc.) -- C:\WINDOWS\System32\DRIVERS\LHidFilt.Sys -- (LHidFilt [On_Demand | Stopped])
DRV - [2008/02/29 04:13:24 | 00,036,880 | ---- | M] (Logitech, Inc.) -- C:\WINDOWS\System32\DRIVERS\LMouFilt.Sys -- (LMouFilt [On_Demand | Stopped])
DRV - [2008/02/29 04:13:36 | 00,079,120 | ---- | M] (Logitech, Inc.) -- C:\WINDOWS\System32\DRIVERS\LMouKE.Sys -- (LMouKE [On_Demand | Running])
DRV - [2009/09/10 14:53:50 | 00,019,160 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys -- (MBAMProtector [On_Demand | Running])
DRV - [2008/04/13 11:46:10 | 00,051,200 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\DRIVERS\msdv.sys -- (MSDV [On_Demand | Stopped])
DRV - [2008/04/14 02:21:50 | 00,017,920 | ---- | M] (Your Corporation) -- C:\WINDOWS\System32\Ntaccess.sys -- (NTACCESS [On_Demand | Stopped])
DRV - [2009/07/14 20:54:00 | 07,741,664 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\DRIVERS\nv4_mini.sys -- (nv [On_Demand | Running])
DRV - [2007/05/25 10:17:42 | 00,012,616 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\OxFWLF.sys -- (OxFWLF [System | Running])
DRV - [2007/05/25 10:17:42 | 00,017,664 | ---- | M] () -- C:\WINDOWS\System32\Drivers\OXUDIDRV_X32.sys -- (OXUDIDRV [On_Demand | Stopped])
DRV - [2007/05/25 10:17:42 | 00,008,448 | ---- | M] (OEM) -- C:\WINDOWS\System32\DRIVERS\oxusb.sys -- (OxUsb [System | Stopped])
DRV - [2008/06/19 17:24:30 | 00,028,544 | ---- | M] (Panda Security, S.L.) -- C:\WINDOWS\system32\drivers\pavboot.sys -- (pavboot [Boot | Running])
DRV - [2004/08/20 18:03:02 | 00,021,632 | ---- | M] (Your Corporation) -- C:\Program Files\MSI\Core Center\NTGLM7X.sys -- (PCAlertDriver [On_Demand | Stopped])
DRV - [2007/10/11 15:23:35 | 00,047,360 | ---- | M] (VSO Software) -- C:\WINDOWS\System32\Drivers\pcouffin.sys -- (pcouffin [On_Demand | Stopped])
DRV - [2007/07/16 12:28:06 | 00,088,320 | ---- | M] (Philips Applied Technologies) -- C:\WINDOWS\System32\DRIVERS\phaudlwr.sys -- (phaudlwr [On_Demand | Running])
DRV - [2003/04/24 14:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) -- C:\WINDOWS\System32\DRIVERS\ptilink.sys -- (Ptilink [On_Demand | Running])
DRV - [2009/09/03 10:45:28 | 00,043,872 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\System32\Drivers\PxHelp20.sys -- (PxHelp20 [Boot | Running])
DRV - [2009/03/25 14:29:52 | 00,130,432 | ---- | M] (Realtek Semiconductor Corporation ) -- C:\WINDOWS\System32\DRIVERS\Rtnicxp.sys -- (RTL8023xp [On_Demand | Stopped])
DRV - [2002/10/04 04:04:10 | 00,046,976 | R--- | M] (Realtek Semiconductor Corporation ) -- C:\WINDOWS\System32\DRIVERS\R8139n51.SYS -- (rtl8139 [On_Demand | Stopped])
DRV - [2004/05/26 19:55:42 | 00,037,920 | ---- | M] (Your Corporation) -- C:\Program Files\MSI\Core Center\RushTop.sys -- (RushTopDevice [On_Demand | Stopped])
DRV - [2007/06/25 11:43:22 | 00,082,984 | R--- | M] (MCCI Corporation) -- C:\WINDOWS\System32\DRIVERS\s117bus.sys -- (s117bus [On_Demand | Stopped])
DRV - [2007/06/25 11:43:26 | 00,014,888 | R--- | M] (MCCI Corporation) -- C:\WINDOWS\System32\DRIVERS\s117mdfl.sys -- (s117mdfl [On_Demand | Stopped])
DRV - [2007/06/25 11:43:36 | 00,108,456 | R--- | M] (MCCI Corporation) -- C:\WINDOWS\System32\DRIVERS\s117mdm.sys -- (s117mdm [On_Demand | Stopped])
DRV - [2007/06/25 11:43:36 | 00,100,264 | ---- | M] (MCCI Corporation) -- C:\WINDOWS\System32\DRIVERS\s117mgmt.sys -- (s117mgmt [On_Demand | Stopped])
DRV - [2007/06/25 11:43:36 | 00,022,952 | ---- | M] (MCCI Corporation) -- C:\WINDOWS\System32\DRIVERS\s117nd5.sys -- (s117nd5 [On_Demand | Stopped])
DRV - [2007/06/25 11:43:38 | 00,098,344 | R--- | M] (MCCI Corporation) -- C:\WINDOWS\System32\DRIVERS\s117obex.sys -- (s117obex [On_Demand | Stopped])
DRV - [2007/06/25 11:43:36 | 00,098,856 | ---- | M] (MCCI Corporation) -- C:\WINDOWS\System32\DRIVERS\s117unic.sys -- (s117unic [On_Demand | Stopped])
DRV - [2007/04/03 13:59:30 | 00,083,208 | R--- | M] (MCCI Corporation) -- C:\WINDOWS\System32\DRIVERS\s616bus.sys -- (s616bus [On_Demand | Stopped])
DRV - [2007/04/03 13:59:36 | 00,015,112 | R--- | M] (MCCI Corporation) -- C:\WINDOWS\System32\DRIVERS\s616mdfl.sys -- (s616mdfl [On_Demand | Stopped])
DRV - [2007/04/03 13:59:38 | 00,108,680 | R--- | M] (MCCI Corporation) -- C:\WINDOWS\System32\DRIVERS\s616mdm.sys -- (s616mdm [On_Demand | Stopped])
DRV - [2007/04/03 13:59:40 | 00,100,360 | R--- | M] (MCCI Corporation) -- C:\WINDOWS\System32\DRIVERS\s616mgmt.sys -- (s616mgmt [On_Demand | Stopped])
DRV - [2007/04/03 13:59:42 | 00,023,176 | R--- | M] (MCCI Corporation) -- C:\WINDOWS\System32\DRIVERS\s616nd5.sys -- (s616nd5 [On_Demand | Stopped])
DRV - [2007/04/03 13:59:42 | 00,098,568 | R--- | M] (MCCI Corporation) -- C:\WINDOWS\System32\DRIVERS\s616obex.sys -- (s616obex [On_Demand | Stopped])
DRV - [2007/04/03 13:59:42 | 00,099,080 | R--- | M] (MCCI Corporation) -- C:\WINDOWS\System32\DRIVERS\s616unic.sys -- (s616unic [On_Demand | Stopped])
DRV - [2006/09/05 20:07:00 | 00,061,536 | R--- | M] (MCCI) -- C:\WINDOWS\System32\DRIVERS\se59bus.sys -- (se59bus [On_Demand | Stopped])
DRV - [2006/09/05 20:07:48 | 00,009,360 | R--- | M] (MCCI) -- C:\WINDOWS\System32\DRIVERS\se59mdfl.sys -- (se59mdfl [On_Demand | Stopped])
DRV - [2006/09/05 20:07:52 | 00,097,088 | R--- | M] (MCCI) -- C:\WINDOWS\System32\DRIVERS\se59mdm.sys -- (se59mdm [On_Demand | Stopped])
DRV - [2006/09/05 20:08:40 | 00,088,624 | R--- | M] (MCCI) -- C:\WINDOWS\System32\DRIVERS\se59mgmt.sys -- (se59mgmt [On_Demand | Stopped])
DRV - [2006/09/05 20:06:28 | 00,018,704 | R--- | M] (MCCI) -- C:\WINDOWS\System32\DRIVERS\se59nd5.sys -- (se59nd5 [On_Demand | Stopped])
DRV - [2006/09/05 20:09:26 | 00,086,432 | R--- | M] (MCCI) -- C:\WINDOWS\System32\DRIVERS\se59obex.sys -- (se59obex [On_Demand | Stopped])
DRV - [2006/09/05 20:06:22 | 00,090,800 | R--- | M] (MCCI) -- C:\WINDOWS\System32\DRIVERS\se59unic.sys -- (se59unic [On_Demand | Stopped])
DRV - [2007/11/13 12:25:54 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\WINDOWS\System32\DRIVERS\secdrv.sys -- (Secdrv [On_Demand | Stopped])
DRV - [2002/10/15 22:41:06 | 00,102,220 | ---- | M] (Sony Corporation) -- C:\WINDOWS\System32\DRIVERS\sonypvs1.sys -- (sonypvs1 [On_Demand | Stopped])
DRV - [2007/10/18 08:57:54 | 03,033,728 | R--- | M] () -- C:\WINDOWS\System32\DRIVERS\spc1300.sys -- (SPC1300 [On_Demand | Running])
DRV - [2008/05/07 15:59:20 | 00,137,952 | ---- | M] (StorageCraft) -- C:\WINDOWS\system32\DRIVERS\symsnap.sys -- (symsnap [Boot | Running])
DRV - [2008/06/20 13:08:27 | 00,225,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\DRIVERS\tcpip6.sys -- (Tcpip6 [System | Running])
DRV - [2009/10/02 18:58:22 | 00,059,920 | ---- | M] (Trend Micro Inc.) -- C:\WINDOWS\System32\drivers\tmactmon.sys -- (tmactmon [On_Demand | Running])
DRV - [2009/10/02 18:58:22 | 00,339,984 | ---- | M] (Trend Micro Inc.) -- C:\WINDOWS\System32\DRIVERS\TM_CFW.sys -- (tmcfw [On_Demand | Running])
DRV - [2009/10/02 18:58:22 | 00,158,224 | ---- | M] (Trend Micro Inc.) -- C:\WINDOWS\System32\drivers\tmcomm.sys -- (tmcomm [Auto | Running])
DRV - [2009/10/02 18:58:22 | 00,050,704 | ---- | M] (Trend Micro Inc.) -- C:\WINDOWS\System32\drivers\tmevtmgr.sys -- (tmevtmgr [On_Demand | Running])
DRV - [2009/10/02 18:58:22 | 00,036,368 | ---- | M] (Trend Micro Inc.) -- C:\WINDOWS\System32\DRIVERS\tmpreflt.sys -- (tmpreflt [Auto | Running])
DRV - [2009/10/02 18:58:22 | 00,089,872 | ---- | M] (Trend Micro Inc.) -- C:\WINDOWS\System32\DRIVERS\tmtdi.sys -- (tmtdi [System | Running])
DRV - [2009/10/02 18:58:22 | 00,225,808 | ---- | M] (Trend Micro Inc.) -- C:\WINDOWS\System32\DRIVERS\tmxpflt.sys -- (tmxpflt [Auto | Running])
DRV - [2005/09/27 09:00:02 | 00,069,920 | ---- | M] (PACE Anti-Piracy, Inc.) -- C:\WINDOWS\System32\drivers\TPkd.sys -- (TPkd [Boot | Running])
DRV - [2003/01/26 11:16:54 | 00,064,256 | R--- | M] (Promise Technology, Inc.) -- C:\WINDOWS\system32\DRIVERS\ulsata.sys -- (UlSata [Boot | Running])
DRV - [2008/04/13 12:45:14 | 00,060,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\usbaudio.sys -- (usbaudio [On_Demand | Running])
DRV - [2007/03/28 20:29:10 | 00,037,864 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\DRIVERS\v2imount.sys -- (v2imount [Auto | Running])
DRV - [2007/07/31 17:22:16 | 00,014,072 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\DRIVERS\vproeventmonitor.sys -- (VProEventMonitor [On_Demand | Stopped])
DRV - [2009/10/02 18:58:22 | 01,223,832 | ---- | M] (Trend Micro Inc.) -- C:\WINDOWS\System32\DRIVERS\vsapint.sys -- (vsapint [Auto | Running])
DRV - [2006/04/10 18:05:10 | 00,104,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\DRIVERS\wceusbsh.sys -- (wceusbsh [On_Demand | Stopped])
DRV - [2006/03/22 12:37:50 | 00,017,408 | ---- | M] (Western Digital Technologies) -- C:\WINDOWS\System32\DRIVERS\wdfwhid.sys -- (WD_FireWire_HID [On_Demand | Stopped])
DRV - [2007/03/28 20:49:42 | 00,128,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\DRIVERS\wimfltr.sys -- (WimFltr [On_Demand | Stopped])
DRV - [2009/05/07 21:05:22 | 00,087,536 | ---- | M] (CyberLink Corp.) -- C:\Program Files\CyberLink\PowerDVD9\000.fcl -- ({B154377D-700F-42cc-9474-23858FBDF4BD} [Auto | Running])

========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Page_Transitions = 1
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.fr/ie


IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
IE - HKU\.DEFAULT\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\.DEFAULT\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local;<local>

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
IE - HKU\S-1-5-18\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local;<local>

IE - HKU\S-1-5-19\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-20\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-1343024091-1682526488-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKU\S-1-5-21-1343024091-1682526488-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Page_Transitions = 1
IE - HKU\S-1-5-21-1343024091-1682526488-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.fr
IE - HKU\S-1-5-21-1343024091-1682526488-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKU\S-1-5-21-1343024091-1682526488-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
IE - HKU\S-1-5-21-1343024091-1682526488-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\S-1-5-21-1343024091-1682526488-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://fr.msn.com/?ocid=iehp
IE - HKU\S-1-5-21-1343024091-1682526488-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = fr
IE - HKU\S-1-5-21-1343024091-1682526488-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 32 C2 F6 67 0F 45 CA 01 [binary data]
IE - HKU\S-1-5-21-1343024091-1682526488-725345543-1003\S-1-5-21-1343024091-1682526488-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1343024091-1682526488-725345543-1003\S-1-5-21-1343024091-1682526488-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local;localhost
IE - HKU\S-1-5-21-1343024091-1682526488-725345543-1003\S-1-5-21-1343024091-1682526488-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = proxy.free.fr:3128

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Google"
FF - prefs.js..browser.startup.homepage: "http://fr.start3.mozilla.com/firefox?client=firefox-a&rls=org.mozilla:fr:official"
FF - prefs.js..extensions.enabledItems: autopager@mozilla.org:0.5.3.5
FF - prefs.js..extensions.enabledItems: en-GB@dictionaries.addons.mozilla.org:1.19
FF - prefs.js..extensions.enabledItems: {D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}:0.9.6.5
FF - prefs.js..extensions.enabledItems: fastdial@telega.phpnet.us:2.23b1
FF - prefs.js..extensions.enabledItems: {9A752782-D706-479b-98F8-3F66BF921692}:5.6.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}:6.0.14
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}:6.0.15
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: sxipper@sxip.com:2.2.2
FF - prefs.js..extensions.enabledItems: en-US@dictionaries.addons.mozilla.org:4.0.0
FF - prefs.js..extensions.enabledItems: {c45c406e-ab73-11d8-be73-000a95be3b12}:1.1.8
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.5.3
FF - prefs.js..keyword.URL: "http://search.live.com/results.aspx?mkt=fr-FR&FORM=MIMWA5&q="


FF - HKLM\software\mozilla\Firefox\extensions\\{20a82645-c095-46ed-80e3-08825760534b}: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2009/08/15 13:05:06 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\extensions\\jqs@sun.com: C:\Program Files\Java\jre6\lib\deploy\jqs\ff [2009/07/31 09:12:45 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\extensions\\{22181a4d-af90-4ca3-a569-faed9118d6bc}: C:\Program Files\Trend Micro\TrendSecure\TISProToolbar\FirefoxExtension [2009/10/04 17:56:07 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.3\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2009/10/04 17:45:38 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.3\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2009/10/04 17:45:38 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 2.0.0.23\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2009/09/25 10:00:17 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 2.0.0.23\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins [2009/10/03 15:06:59 | 00,000,000 | ---D | M]

[2009/01/26 10:26:33 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Michel\Application Data\mozilla\Extensions
[2008/08/27 00:33:43 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Michel\Application Data\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2009/01/26 10:26:33 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Michel\Application Data\mozilla\Extensions\uploadr@flickr.com
[2009/10/05 10:21:43 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Michel\Application Data\mozilla\Firefox\Profiles\6hxilcfd.default\extensions
[2009/02/23 13:04:27 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Michel\Application Data\mozilla\Firefox\Profiles\6hxilcfd.default\extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}(2)
[2009/02/12 14:51:25 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Michel\Application Data\mozilla\Firefox\Profiles\6hxilcfd.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}(2)
[2009/02/19 14:52:35 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Michel\Application Data\mozilla\Firefox\Profiles\6hxilcfd.default\extensions\{317B5128-0B0B-49b2-B2DB-1E7560E16C74}
[2009/02/19 14:52:34 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Michel\Application Data\mozilla\Firefox\Profiles\6hxilcfd.default\extensions\{317B5128-0B0B-49b2-B2DB-1E7560E16C74}(2)
[2009/05/27 19:06:05 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Michel\Application Data\mozilla\Firefox\Profiles\6hxilcfd.default\extensions\{37E4D8EA-8BDA-4831-8EA1-89053939A250}
[2009/07/01 08:29:52 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Michel\Application Data\mozilla\Firefox\Profiles\6hxilcfd.default\extensions\{6AC85730-7D0F-4de0-B3FA-21142DD85326}
[2009/07/25 10:27:42 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Michel\Application Data\mozilla\Firefox\Profiles\6hxilcfd.default\extensions\{71328583-3CA7-4809-B4BA-570A85818FBB}
[2009/06/04 10:26:36 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Michel\Application Data\mozilla\Firefox\Profiles\6hxilcfd.default\extensions\{75493B06-1504-4976-9A55-B6FE240FF0BF}
[2009/08/07 18:13:04 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Michel\Application Data\mozilla\Firefox\Profiles\6hxilcfd.default\extensions\{9A752782-D706-479b-98F8-3F66BF921692}
[2009/09/23 17:56:17 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Michel\Application Data\mozilla\Firefox\Profiles\6hxilcfd.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
[2009/08/11 19:09:21 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Michel\Application Data\mozilla\Firefox\Profiles\6hxilcfd.default\extensions\{A5C87640-F7CF-11DA-974D-0800200C9A66}
[2009/07/18 10:19:20 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Michel\Application Data\mozilla\Firefox\Profiles\6hxilcfd.default\extensions\{AE37D527-6604-461c-8102-975CF8053A2F}
[2009/08/21 07:06:37 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Michel\Application Data\mozilla\Firefox\Profiles\6hxilcfd.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2009/02/19 14:52:34 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Michel\Application Data\mozilla\Firefox\Profiles\6hxilcfd.default\extensions\{c07d1a49-9894-49ff-a594-38960ede8fb9}
[2009/02/19 14:52:34 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Michel\Application Data\mozilla\Firefox\Profiles\6hxilcfd.default\extensions\{c07d1a49-9894-49ff-a594-38960ede8fb9}(2)
[2009/07/01 08:29:55 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Michel\Application Data\mozilla\Firefox\Profiles\6hxilcfd.default\extensions\{c45c406e-ab73-11d8-be73-000a95be3b12}
[2009/05/03 07:11:08 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Michel\Application Data\mozilla\Firefox\Profiles\6hxilcfd.default\extensions\{C4A22BA1-6D61-45F1-82A9-140FD33F1110}
[2009/08/19 09:18:11 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Michel\Application Data\mozilla\Firefox\Profiles\6hxilcfd.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2009/09/14 16:59:12 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Michel\Application Data\mozilla\Firefox\Profiles\6hxilcfd.default\extensions\{d37dc5d0-431d-44e5-8c91-49419370caa1}
[2009/08/09 13:26:21 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Michel\Application Data\mozilla\Firefox\Profiles\6hxilcfd.default\extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}
[2009/07/18 10:19:21 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Michel\Application Data\mozilla\Firefox\Profiles\6hxilcfd.default\extensions\{daf44bf7-a45e-4450-979c-91cf07434c3d}
[2009/08/10 16:11:35 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Michel\Application Data\mozilla\Firefox\Profiles\6hxilcfd.default\extensions\{e0204bd5-9d31-402b-a99d-a6aa8ffebdca}
[2009/09/26 10:12:09 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Michel\Application Data\mozilla\Firefox\Profiles\6hxilcfd.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}
[2009/09/09 10:05:48 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Michel\Application Data\mozilla\Firefox\Profiles\6hxilcfd.default\extensions\autopager@mozilla.org
[2009/06/29 07:33:09 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Michel\Application Data\mozilla\Firefox\Profiles\6hxilcfd.default\extensions\cleanhide@waxb.blog.com.cn
[2009/02/12 14:53:45 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Michel\Application Data\mozilla\Firefox\Profiles\6hxilcfd.default\extensions\Dcurrency@Dcurrency(2).fr
[2009/08/10 16:10:10 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Michel\Application Data\mozilla\Firefox\Profiles\6hxilcfd.default\extensions\en-GB@dictionaries.addons.mozilla.org
[2009/10/02 19:30:26 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Michel\Application Data\mozilla\Firefox\Profiles\6hxilcfd.default\extensions\en-US@dictionaries.addons.mozilla.org
[2009/07/25 10:27:44 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Michel\Application Data\mozilla\Firefox\Profiles\6hxilcfd.default\extensions\fastdial@telega.phpnet.us
[2008/11/01 08:01:02 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Michel\Application Data\mozilla\Firefox\Profiles\6hxilcfd.default\extensions\he@dictionaries.addons.mozilla.org
[2007/10/19 19:47:56 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Michel\Application Data\mozilla\Firefox\Profiles\6hxilcfd.default\extensions\it-IT@dictionaries.addons.mozilla.org
[2009/08/28 11:20:53 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Michel\Application Data\mozilla\Firefox\Profiles\6hxilcfd.default\extensions\kgen@elitwork(2).com
[2009/07/26 09:55:43 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Michel\Application Data\mozilla\Firefox\Profiles\6hxilcfd.default\extensions\locationbar2@design-noir.de
[2009/09/05 07:47:38 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Michel\Application Data\mozilla\Firefox\Profiles\6hxilcfd.default\extensions\seo4firefox@seobook.com
[2009/04/03 07:38:38 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Michel\Application Data\mozilla\Firefox\Profiles\6hxilcfd.default\extensions\sk@dictionaries.addons.mozilla.org
[2009/03/19 11:46:00 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Michel\Application Data\mozilla\Firefox\Profiles\6hxilcfd.default\extensions\startaid@startaid.com
[2009/05/29 07:52:13 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Michel\Application Data\mozilla\Firefox\Profiles\6hxilcfd.default\extensions\sxipper@sxip.com
[2008/06/18 23:02:37 | 00,001,712 | ---- | M] () -- C:\Documents and Settings\Michel\Application Data\Mozilla\FireFox\Profiles\6hxilcfd.default\searchplugins\askcom.xml
[2009/09/25 07:30:42 | 00,001,775 | ---- | M] () -- C:\Documents and Settings\Michel\Application Data\Mozilla\FireFox\Profiles\6hxilcfd.default\searchplugins\live-search.xml
[2009/10/05 14:09:39 | 00,001,568 | ---- | M] () -- C:\Documents and Settings\Michel\Application Data\Mozilla\FireFox\Profiles\6hxilcfd.default\searchplugins\mozbot.xml
[2008/03/04 02:14:19 | 00,002,520 | ---- | M] () -- C:\Documents and Settings\Michel\Application Data\Mozilla\FireFox\Profiles\6hxilcfd.default\searchplugins\mozilla-add-ons.xml
[2009/01/08 01:46:43 | 00,001,447 | ---- | M] () -- C:\Documents and Settings\Michel\Application Data\Mozilla\FireFox\Profiles\6hxilcfd.default\searchplugins\userlogos.xml
[2009/10/05 08:45:12 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions
[2009/10/04 17:45:38 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2009/08/01 13:43:08 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}
[2009/07/31 09:12:57 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}
[2009/08/21 07:19:16 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}
[2009/08/24 22:19:16 | 00,023,544 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browserdirprovider.dll
[2009/08/24 22:19:16 | 00,137,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\brwsrcmp.dll
[2009/07/25 05:23:01 | 00,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeploytk.dll
[2009/02/06 12:44:28 | 01,447,296 | ---- | M] (Microsoft Corporation) -- C:\Program Files\mozilla firefox\plugins\npLegitCheckPlugin.dll
[2009/08/24 22:19:16 | 00,065,016 | ---- | M] (mozilla.org) -- C:\Program Files\mozilla firefox\plugins\npnul32.dll
[2008/10/14 21:33:29 | 00,095,600 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\mozilla firefox\plugins\nppdf32.dll
[2009/10/03 15:06:58 | 00,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin.dll
[2009/10/03 15:06:58 | 00,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll
[2009/10/03 15:06:58 | 00,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll
[2009/10/03 15:06:58 | 00,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll
[2009/10/03 15:06:59 | 00,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll
[2009/10/03 15:06:59 | 00,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin6.dll
[2009/10/03 15:06:59 | 00,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin7.dll
[2009/09/03 11:53:00 | 00,030,912 | ---- | M] (NOS Microsystems Ltd.) -- C:\Program Files\mozilla firefox\plugins\np_gp.dll
[2009/08/24 21:21:51 | 00,001,516 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-france.xml
[2009/08/24 21:21:51 | 00,001,822 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\cnrtl-tlfi-fr.xml
[2009/08/24 21:21:51 | 00,000,757 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-france.xml
[2009/08/24 21:21:51 | 00,002,371 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\google.xml
[2009/08/24 21:21:51 | 00,001,426 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-fr.xml
[2009/08/24 21:21:51 | 00,000,652 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-france.xml

O1 HOSTS File: (732 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Aide pour le lien d'Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (TSToolbarBHO) - {43C6D902-A1C5-45c9-91F6-FD9E90337E18} - C:\Program Files\Trend Micro\TrendSecure\TISProToolbar\TSToolbar.dll (Trend Micro Inc.)
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
O2 - BHO: (Programme d'aide de l'Assistant de connexion Windows Live) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (Trend Micro Toolbar) - {CCAC5586-44D7-4c43-B64A-F042461A97D2} - C:\Program Files\Trend Micro\TrendSecure\TISProToolbar\TSToolbar.dll (Trend Micro Inc.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKU\S-1-5-21-1343024091-1682526488-725345543-1003\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKU\S-1-5-21-1343024091-1682526488-725345543-1003\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4 - HKLM..\Run: [BDRegion] C:\Program Files\Cyberlink\Shared Files\brs.exe (cyberlink)
O4 - HKLM..\Run: [Cmaudio] File not found
O4 - HKLM..\Run: [IMJPMIG8.1] C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)
O4 - HKLM..\Run: [Kernel and Hardware Abstraction Layer] C:\WINDOWS\KHALMNPR.EXE (Logitech, Inc.)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\System32\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe ()
O4 - HKLM..\Run: [PDVD9LanguageShortcut] C:\Program Files\CyberLink\PowerDVD9\Language\Language.exe (CyberLink Corp.)
O4 - HKLM..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [PtiuPbmd] C:\WINDOWS\System32\ptipbm.DLL (Promise Technology,Inc.)
O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime\QTTask.exe (Apple Inc.)
O4 - HKLM..\Run: [RemoteControl9] C:\Program Files\CyberLink\PowerDVD9\PDVD9Serv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [spc1300] C:\WINDOWS\vspc1300.exe (Sonix)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [UfSeAgnt.exe] C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe (Trend Micro Inc.)
O4 - HKU\.DEFAULT..\Run: [OE] C:\Program Files\Trend Micro\Internet Security\TMAS_OE\TMAS_OEMon.exe (Trend Micro Inc.)
O4 - HKU\S-1-5-18..\Run: [OE] C:\Program Files\Trend Micro\Internet Security\TMAS_OE\TMAS_OEMon.exe (Trend Micro Inc.)
O4 - HKU\S-1-5-21-1343024091-1682526488-725345543-1003..\Run: [CachemanTray] C:\Program Files\Cacheman\CachemanTray.exe (Outertech)
O4 - HKU\S-1-5-21-1343024091-1682526488-725345543-1003..\Run: [MsnMsgr] C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-1343024091-1682526488-725345543-1003..\Run: [OE] C:\Program Files\Trend Micro\Internet Security\TMAS_OE\TMAS_OEMon.exe (Trend Micro Inc.)
O4 - HKU\S-1-5-21-1343024091-1682526488-725345543-1003..\Run: [QuickTime Task] C:\Program Files\QuickTime\QTTask.exe (Apple Inc.)
O4 - HKU\S-1-5-21-1343024091-1682526488-725345543-1003..\Run: [WinColorReminder] C:\Program Files\Pro Imaging Powertoys\Microsoft Color Control Panel Applet for Windows XP\WinColorReminder.exe (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe (Logitech, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\WiziWYG XP Startup.lnk = C:\Program Files\Praxisoft\WiziWYG XP\WiziWYGXP.exe (Praxisoft LLC)
O4 - Startup: C:\Documents and Settings\MDA\Menu Démarrer\Programmes\Démarrage\Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Low Rights present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: RunStartupScriptSync = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19_Classes\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20_Classes\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O7 - HKU\S-1-5-21-1343024091-1682526488-725345543-1003\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O7 - HKU\S-1-5-21-1343024091-1682526488-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-1343024091-1682526488-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\S-1-5-21-1343024091-1682526488-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoInstrumentation = 1
O7 - HKU\S-1-5-21-1343024091-1682526488-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O7 - HKU\S-1-5-21-1343024091-1682526488-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMMyDocs = 1
O7 - HKU\S-1-5-21-1343024091-1682526488-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFavoritesMenu = 1
O7 - HKU\S-1-5-21-1343024091-1682526488-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 0
O7 - HKU\S-1-5-21-1343024091-1682526488-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktopCleanupWizard = 1
O7 - HKU\S-1-5-21-1343024091-1682526488-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMBalloonTip = 0
O7 - HKU\S-1-5-21-1343024091-1682526488-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-1343024091-1682526488-725345543-1003_Classes\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\WINDOWS\System32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\WINDOWS\System32\rsvpsp.dll (Microsoft Corporation)
O15 - HKU\.DEFAULT\..Trusted Domains: 47 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKU\S-1-5-18\..Trusted Domains: 47 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKU\S-1-5-19\..Trusted Domains: 29 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKU\S-1-5-20\..Trusted Domains: 29 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKU\S-1-5-21-1343024091-1682526488-725345543-1003\..Trusted Domains: com.tw ([asia.msi] http in Sites de confiance)
O15 - HKU\S-1-5-21-1343024091-1682526488-725345543-1003\..Trusted Domains: com.tw ([global.msi] http in Sites de confiance)
O15 - HKU\S-1-5-21-1343024091-1682526488-725345543-1003\..Trusted Domains: com.tw ([www.msi] http in Sites de confiance)
O15 - HKU\S-1-5-21-1343024091-1682526488-725345543-1003\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} Reg Error: Value error. (Office Genuine Advantage Validation Tool)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} Reg Error: Value error. (Windows Genuine Advantage Validation Tool)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.microsoft.com/microso ... 4303851718 (MUWebControl Class)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Fichiers communs\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\tmtb {04EAF3FB-4BAC-4B5A-A37D-A1CF210A5A42} - C:\Program Files\Trend Micro\TrendSecure\TISProToolbar\TSToolbar.dll (Trend Micro Inc.)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Filter: - text/xml - C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\Explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\LBTWlgn: DllName - c:\program files\fichiers communs\logitech\bluetooth\LBTWlgn.dll - c:\program files\fichiers communs\logitech\bluetooth\LBTWlgn.dll (Logitech, Inc.)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007/06/30 13:32:23 | 00,000,000 | -HS- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2009/07/29 09:06:10 | 00,000,000 | ---D | M] - C:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2009/07/29 09:06:10 | 00,000,000 | RHSD | M] - D:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2009/07/29 09:06:10 | 00,000,000 | RHSD | M] - G:\autorun.inf -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - File not found
O34 - HKLM BootExecute: (OODBS) - C:\WINDOWS\System32\OODBS.exe (O&O Software GmbH)
O35 - comfile [open] -- "%1" %* File not found
O35 - exefile [open] -- "%1" %* File not found

========== Files/Folders - Created Within 30 Days ==========

[1 C:\WINDOWS\System32\*.tmp files]
[3 C:\WINDOWS\*.tmp files]
[2009/09/12 07:47:09 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2009/10/02 15:36:06 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\ALM
[2009/10/05 13:12:59 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AVS4YOU
[2009/09/26 08:11:36 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\CyberLink
[2009/10/01 07:32:25 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Grass Valley
[2009/10/03 08:38:07 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Minnetonka Audio Software
[2009/10/01 17:29:13 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Quark
[2009/10/05 13:12:59 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Michel\Application Data\AVS4YOU
[2009/09/26 08:12:29 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Michel\Application Data\CyberLink
[2009/10/01 16:01:57 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Michel\Application Data\dvdcss
[2009/10/01 10:19:05 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Michel\Application Data\Office Genuine Advantage
[2009/09/12 07:53:41 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Michel\Local Settings\Application Data\Apple_Inc
[2009/09/26 08:13:24 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Michel\Local Settings\Application Data\Cyberlink
[2009/09/26 12:20:44 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Michel\Local Settings\Application Data\PowerCinema
[2009/10/04 10:08:58 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Michel\Local Settings\Application Data\TechSmith
[2009/10/04 17:57:04 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Michel\Local Settings\Application Data\Trend Micro
[2009/10/05 13:11:24 | 00,000,000 | ---D | C] -- C:\Program Files\Fichiers communs\AVSMedia
[2009/09/26 08:11:23 | 00,000,00
maltin75
 
Messages: 5
Inscription: 04 Oct 2009, 17:00
Localisation: paris

Messagede nickW » 07 Oct 2009, 00:42

Bonsoir,

Pourrais-tu envoyer (comme cela est demandé :wink:) le rapport OTL.txt dans un premier message, puis dans un second message le rapport Extras.txt - dans les deux cas, utiliser le bouton "Répondre".
Ces deux rapports sont bien trop longs pour pouvoir être inclus dans le même message.

A suivre,
nickW - Image
30/07/2012: Plus de désinfection de PC jusqu'à nouvel ordre.
Pas de demande d'analyse de log en MP (Message Privé)
Mes configs
Avatar de l’utilisateur
nickW
Modérateur
 
Messages: 21698
Inscription: 20 Mai 2004, 17:41
Localisation: Dordogne/Île de France

Raport OTL

Messagede maltin75 » 07 Oct 2009, 05:23

Raport OTL

OTL logfile created on: 06/10/2009 08:17:48 - Run 2
OTL by OldTimer - Version 3.0.18.4 Folder = D:\Documents de MDA\Téléchargements
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

2.00 Gb Total Physical Memory | 1.68 Gb Available Physical Memory | 84.23% Memory free
2.76 Gb Paging File | 1.96 Gb Available in Paging File | 71.25% Paging File free
Paging file location(s): [Binary data over 100 bytes]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 34.18 Gb Total Space | 7.93 Gb Free Space | 23.19% Space Free | Partition Type: NTFS
Drive D: | 114.87 Gb Total Space | 35.43 Gb Free Space | 30.85% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
Drive G: | 149.05 Gb Total Space | 92.74 Gb Free Space | 62.22% Space Free | Partition Type: NTFS
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: DANASTYLE
Current User Name: Michel
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2009/07/14 13:34:58 | 00,168,004 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvsvc32.exe
PRC - [2007/07/01 12:11:10 | 00,072,704 | ---- | M] (Adobe Systems) -- C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
PRC - [2009/08/28 19:42:54 | 00,144,672 | ---- | M] (Apple Inc.) -- C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
PRC - [2008/12/12 12:17:38 | 00,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe
PRC - [2009/06/19 17:17:20 | 00,215,040 | ---- | M] (Outertech) -- C:\Program Files\Cacheman\CachemanServ.exe
PRC - [2006/04/24 14:25:44 | 00,073,728 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
PRC - [2009/09/10 14:54:02 | 00,269,648 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2006/10/26 13:40:34 | 00,335,872 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\mdm.exe
PRC - [2007/06/29 00:02:08 | 01,049,856 | ---- | M] (O&O Software GmbH) -- C:\WINDOWS\System32\oodag.exe
PRC - [2007/09/26 10:56:14 | 00,554,352 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
PRC - [2009/04/27 18:22:34 | 00,271,760 | ---- | M] () -- C:\Program Files\CyberLink\Shared files\RichVideo.exe
PRC - [2009/05/19 11:36:18 | 00,240,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
PRC - [2007/01/31 14:55:42 | 00,096,370 | ---- | M] (Canon Inc.) -- C:\Program Files\Canon\CAL\CALMAIN.exe
PRC - [2009/07/27 12:33:25 | 00,083,280 | ---- | M] (Trend Micro Inc.) -- C:\Program Files\Trend Micro\TrendSecure\TISProToolbar\ProToolbarUpdate.exe
PRC - [2009/09/21 16:36:02 | 00,545,568 | ---- | M] (Apple Inc.) -- C:\Program Files\iPod\bin\iPodService.exe
PRC - [2008/05/07 16:11:22 | 03,425,632 | ---- | M] (Symantec Corporation) -- C:\Program Files\Norton Ghost\Agent\VProSvc.exe
PRC - [2008/04/14 04:34:03 | 01,037,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Explorer.EXE
PRC - [2007/05/31 16:54:12 | 00,675,840 | ---- | M] (Sonix) -- C:\WINDOWS\vspc1300.exe
PRC - [2009/07/25 05:23:12 | 00,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jusched.exe
PRC - [2009/09/21 16:36:12 | 00,305,440 | ---- | M] (Apple Inc.) -- C:\Program Files\iTunes\iTunesHelper.exe
PRC - [2009/04/27 20:41:58 | 00,087,336 | ---- | M] (CyberLink Corp.) -- C:\Program Files\CyberLink\PowerDVD9\PDVD9Serv.exe
PRC - [2009/05/07 21:05:44 | 00,075,048 | ---- | M] (cyberlink) -- C:\Program Files\Cyberlink\Shared Files\brs.exe
PRC - [2009/06/19 17:20:24 | 00,306,176 | ---- | M] (Outertech) -- C:\Program Files\Cacheman\CachemanTray.exe
PRC - [2005/10/31 10:30:18 | 00,101,120 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Pro Imaging Powertoys\Microsoft Color Control Panel Applet for Windows XP\WinColorReminder.exe
PRC - [2009/10/02 18:58:14 | 00,492,808 | ---- | M] (Trend Micro Inc.) -- C:\Program Files\Trend Micro\Internet Security\TMAS_OE\TMAS_OEMon.exe
PRC - [2008/05/02 03:44:08 | 00,805,392 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Logitech\SetPoint\SetPoint.exe
PRC - [2008/05/02 03:40:56 | 00,076,304 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Fichiers communs\Logishrd\KHAL2\KHALMNPR.EXE
PRC - [2008/07/29 22:10:04 | 00,046,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
PRC - [2009/10/02 18:58:14 | 00,715,368 | ---- | M] (Trend Micro Inc.) -- C:\Program Files\Trend Micro\Internet Security\SfCtlCom.exe
PRC - [2009/10/02 18:58:15 | 01,020,248 | ---- | M] (Trend Micro Inc.) -- C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe
PRC - [2009/10/02 18:58:15 | 00,497,008 | ---- | M] (Trend Micro Inc.) -- C:\Program Files\Trend Micro\Internet Security\TmPfw.exe
PRC - [2009/10/02 18:58:15 | 00,689,416 | ---- | M] (Trend Micro Inc.) -- C:\Program Files\Trend Micro\Internet Security\TmProxy.exe
PRC - [2009/10/02 18:58:14 | 00,345,352 | ---- | M] (Trend Micro Inc.) -- C:\Program Files\Trend Micro\BM\TMBMSRV.exe
PRC - [2009/08/24 22:19:16 | 00,908,280 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2008/04/14 04:34:03 | 01,037,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Explorer.EXE
PRC - [2009/08/12 23:13:09 | 08,318,056 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Thunderbird\thunderbird.exe
PRC - [2009/01/22 19:48:40 | 00,124,928 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Flickr Uploadr\Flickr Uploadr.exe
PRC - [2009/10/05 19:33:31 | 00,520,704 | ---- | M] (OldTimer Tools) -- D:\Documents de MDA\Téléchargements\OTL.exe

========== Win32 Services (SafeList) ==========

SRV - [2008/04/14 04:33:18 | 00,100,352 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\6to4svc.dll -- (6to4 [Auto | Running])
SRV - [2007/07/01 12:11:10 | 00,072,704 | ---- | M] (Adobe Systems) -- C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe -- (Adobe LM Service [Auto | Running])
SRV - [2009/08/28 19:42:54 | 00,144,672 | ---- | M] (Apple Inc.) -- C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -- (Apple Mobile Device [Auto | Running])
SRV - [2008/07/25 12:16:40 | 00,034,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe -- (aspnet_state [On_Demand | Stopped])
SRV - [2000/05/24 15:20:36 | 00,015,360 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\ATMsrvc.exe -- (ATMsrvc [Disabled | Stopped])
SRV - [2008/12/12 12:17:38 | 00,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe -- (Bonjour Service [Auto | Running])
SRV - [2009/06/19 17:17:20 | 00,215,040 | ---- | M] (Outertech) -- C:\Program Files\Cacheman\CachemanServ.exe -- (CachemanService [Auto | Running])
SRV - [2007/01/31 14:55:42 | 00,096,370 | ---- | M] (Canon Inc.) -- C:\Program Files\Canon\CAL\CALMAIN.exe -- (CCALib8 [Auto | Running])
SRV - [2008/07/25 12:17:02 | 00,069,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32 [On_Demand | Stopped])
SRV - [2007/11/01 13:15:01 | 00,654,848 | ---- | M] (Macrovision Europe Ltd.) -- C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service [On_Demand | Stopped])
SRV - [2008/07/29 22:10:04 | 00,046,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe -- (FontCache3.0.0.0 [On_Demand | Running])
SRV - [2009/09/03 11:53:00 | 00,048,368 | ---- | M] (NOS Microsystems Ltd.) -- C:\Program Files\NOS\bin\getPlus_Helper.dll -- (getPlusHelper [On_Demand | Stopped])
SRV - [2008/04/14 04:33:38 | 00,038,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll -- (helpsvc [Auto | Running])
SRV - [2005/11/14 01:06:04 | 00,069,632 | ---- | M] (Macrovision Corporation) -- C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe -- (IDriverT [On_Demand | Stopped])
SRV - [2008/07/29 19:24:50 | 00,881,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe -- (idsvc [Unknown | Stopped])
SRV - [2009/09/21 16:36:02 | 00,545,568 | ---- | M] (Apple Inc.) -- C:\Program Files\iPod\bin\iPodService.exe -- (iPod Service [On_Demand | Running])
SRV - [2009/07/25 05:23:10 | 00,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe -- (JavaQuickStarterService [On_Demand | Stopped])
SRV - [2008/05/02 03:42:06 | 00,121,360 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Fichiers communs\Logitech\Bluetooth\LBTServ.exe -- (LBTServ [On_Demand | Stopped])
SRV - [2006/04/24 14:25:44 | 00,073,728 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe -- (LightScribeService [Auto | Running])
SRV - [2007/09/26 10:56:14 | 02,999,664 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec\LiveUpdate\LuComServer_3_2.EXE -- (LiveUpdate [On_Demand | Stopped])
SRV - [2009/09/23 14:50:28 | 00,238,960 | ---- | M] (CybelSoft) -- C:\Program Files\ma-config.com\maconfservice.exe -- (maconfservice [On_Demand | Stopped])
SRV - [2007/07/09 12:56:26 | 00,068,096 | ---- | M] () -- C:\Program Files\Fichiers communs\Macromedia Shared\Service\Macromedia Licensing.exe -- (Macromedia Licensing Service [On_Demand | Stopped])
SRV - [2009/09/10 14:54:02 | 00,269,648 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService [Auto | Running])
SRV - [2006/10/26 13:40:34 | 00,335,872 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\mdm.exe -- (MDM [Auto | Running])
SRV - [2008/07/29 19:16:38 | 00,132,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing [Disabled | Stopped])
SRV - File not found -- -- (NMIndexingService [On_Demand | Stopped])
SRV - [2008/05/07 16:11:22 | 03,425,632 | ---- | M] (Symantec Corporation) -- C:\Program Files\Norton Ghost\Agent\VProSvc.exe -- (Norton Ghost [On_Demand | Running])
SRV - [2009/07/14 13:34:58 | 00,168,004 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvsvc32.exe -- (nvsvc [Auto | Running])
SRV - [2007/06/29 00:02:08 | 01,049,856 | ---- | M] (O&O Software GmbH) -- C:\WINDOWS\System32\oodag.exe -- (O&O Defrag [Auto | Running])
SRV - [2008/11/04 01:06:28 | 00,441,712 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv [On_Demand | Stopped])
SRV - [2006/10/26 14:03:08 | 00,145,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE -- (ose [On_Demand | Stopped])
SRV - [2007/09/26 10:56:14 | 00,554,352 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe -- (Planificateur LiveUpdate automatique [Auto | Running])
SRV - [2003/10/22 10:19:22 | 00,065,536 | ---- | M] (HP) -- C:\WINDOWS\System32\HPZipm12.exe -- (Pml Driver HPZ12 [On_Demand | Stopped])
SRV - [2009/04/27 18:22:34 | 00,271,760 | ---- | M] () -- C:\Program Files\CyberLink\Shared files\RichVideo.exe -- (RichVideo [Auto | Running])
SRV - [2009/05/19 11:36:18 | 00,240,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe -- (SeaPort [Auto | Running])
SRV - File not found -- -- (Security Activity Dashboard Service [Auto | Stopped])
SRV - [2009/10/02 18:58:14 | 00,715,368 | ---- | M] (Trend Micro Inc.) -- C:\Program Files\Trend Micro\Internet Security\SfCtlCom.exe -- (SfCtlCom [Auto | Running])
SRV - [2009/10/02 18:58:14 | 00,345,352 | ---- | M] (Trend Micro Inc.) -- C:\Program Files\Trend Micro\BM\TMBMSRV.exe -- (TMBMServer [On_Demand | Running])
SRV - [2009/10/02 18:58:15 | 00,497,008 | ---- | M] (Trend Micro Inc.) -- C:\Program Files\Trend Micro\Internet Security\TmPfw.exe -- (TmPfw [On_Demand | Running])
SRV - [2009/10/02 18:58:15 | 00,689,416 | ---- | M] (Trend Micro Inc.) -- C:\Program Files\Trend Micro\Internet Security\TmProxy.exe -- (TmProxy [On_Demand | Running])
SRV - [2007/10/25 15:27:54 | 00,266,240 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\installer\WLSetupSvc.exe -- (WLSetupSvc [On_Demand | Stopped])
SRV - [2006/11/03 09:59:14 | 00,918,016 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\WMPNetwk.exe -- (WMPNetworkSvc [On_Demand | Stopped])

========== Driver Services (SafeList) ==========

DRV - [2008/04/13 11:46:22 | 00,048,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\DRIVERS\61883.sys -- (61883 [On_Demand | Stopped])
DRV - [2007/01/25 16:37:16 | 04,027,456 | R--- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\System32\drivers\ALCXWDM.SYS -- (ALCXWDM [On_Demand | Stopped])
DRV - [2008/04/13 11:46:22 | 00,038,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\DRIVERS\avc.sys -- (Avc [On_Demand | Stopped])
DRV - [2001/08/17 23:04:46 | 00,223,232 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\DRIVERS\camdrv21.sys -- (camvid20 [On_Demand | Stopped])
DRV - [2004/04/23 09:14:04 | 00,818,496 | R--- | M] (C-Media Inc) -- C:\WINDOWS\System32\drivers\cmuda.sys -- (cmuda [On_Demand | Running])
DRV - [2005/12/07 16:31:46 | 00,026,368 | ---- | M] (CSR) -- C:\WINDOWS\System32\Drivers\csrbcxp.sys -- (CSRBC [On_Demand | Stopped])
DRV - [2009/09/05 10:32:15 | 00,006,494 | ---- | M] (Mitsubishi Electric , NEC-Mitsubishi Electric Visual Systems) -- C:\WINDOWS\System32\DRIVERS\Moni2c.sys -- (DDCCI [On_Demand | Running])
DRV - [2003/07/24 12:10:34 | 00,017,149 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) -- C:\WINDOWS\System32\DNINDIS5.SYS -- (DNINDIS5 [On_Demand | Stopped])
DRV - [2009/09/23 14:53:20 | 00,014,336 | ---- | M] (CybelSoft) -- C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys -- (driverhardwarev2 [On_Demand | Stopped])
DRV - [2008/08/20 15:18:42 | 00,171,152 | ---- | M] (Intel Corporation) -- C:\WINDOWS\System32\DRIVERS\e1000325.sys -- (E1000 [On_Demand | Running])
DRV - [2009/05/18 14:17:00 | 00,026,600 | ---- | M] (GEAR Software Inc.) -- C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys -- (GEARAspiWDM [On_Demand | Running])
DRV - [2009/03/19 13:50:20 | 00,013,224 | ---- | M] (Sony Ericsson Mobile Communications) -- C:\WINDOWS\System32\DRIVERS\ggflt.sys -- (ggflt [On_Demand | Stopped])
DRV - [2009/03/19 13:50:20 | 00,024,616 | ---- | M] (Sony Ericsson Mobile Communications) -- C:\WINDOWS\System32\DRIVERS\ggsemc.sys -- (ggsemc [On_Demand | Stopped])
DRV - [2007/04/11 16:32:30 | 00,020,496 | ---- | M] (Logitech Inc.) -- C:\WINDOWS\System32\DRIVERS\L8042Kbd.sys -- (L8042Kbd [On_Demand | Running])
DRV - [2008/02/29 04:12:56 | 00,063,120 | ---- | M] (Logitech, Inc.) -- C:\WINDOWS\System32\DRIVERS\L8042mou.Sys -- (L8042mou [On_Demand | Running])
DRV - [2008/02/29 04:13:16 | 00,035,344 | ---- | M] (Logitech, Inc.) -- C:\WINDOWS\System32\DRIVERS\LHidFilt.Sys -- (LHidFilt [On_Demand | Stopped])
DRV - [2008/02/29 04:13:24 | 00,036,880 | ---- | M] (Logitech, Inc.) -- C:\WINDOWS\System32\DRIVERS\LMouFilt.Sys -- (LMouFilt [On_Demand | Stopped])
DRV - [2008/02/29 04:13:36 | 00,079,120 | ---- | M] (Logitech, Inc.) -- C:\WINDOWS\System32\DRIVERS\LMouKE.Sys -- (LMouKE [On_Demand | Running])
DRV - [2009/09/10 14:53:50 | 00,019,160 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys -- (MBAMProtector [On_Demand | Running])
DRV - [2008/04/13 11:46:10 | 00,051,200 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\DRIVERS\msdv.sys -- (MSDV [On_Demand | Stopped])
DRV - [2008/04/14 02:21:50 | 00,017,920 | ---- | M] (Your Corporation) -- C:\WINDOWS\System32\Ntaccess.sys -- (NTACCESS [On_Demand | Stopped])
DRV - [2009/07/14 20:54:00 | 07,741,664 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\DRIVERS\nv4_mini.sys -- (nv [On_Demand | Running])
DRV - [2007/05/25 10:17:42 | 00,012,616 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\OxFWLF.sys -- (OxFWLF [System | Running])
DRV - [2007/05/25 10:17:42 | 00,017,664 | ---- | M] () -- C:\WINDOWS\System32\Drivers\OXUDIDRV_X32.sys -- (OXUDIDRV [On_Demand | Stopped])
DRV - [2007/05/25 10:17:42 | 00,008,448 | ---- | M] (OEM) -- C:\WINDOWS\System32\DRIVERS\oxusb.sys -- (OxUsb [System | Stopped])
DRV - [2008/06/19 17:24:30 | 00,028,544 | ---- | M] (Panda Security, S.L.) -- C:\WINDOWS\system32\drivers\pavboot.sys -- (pavboot [Boot | Running])
DRV - [2004/08/20 18:03:02 | 00,021,632 | ---- | M] (Your Corporation) -- C:\Program Files\MSI\Core Center\NTGLM7X.sys -- (PCAlertDriver [On_Demand | Stopped])
DRV - [2007/10/11 15:23:35 | 00,047,360 | ---- | M] (VSO Software) -- C:\WINDOWS\System32\Drivers\pcouffin.sys -- (pcouffin [On_Demand | Stopped])
DRV - [2007/07/16 12:28:06 | 00,088,320 | ---- | M] (Philips Applied Technologies) -- C:\WINDOWS\System32\DRIVERS\phaudlwr.sys -- (phaudlwr [On_Demand | Running])
DRV - [2003/04/24 14:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) -- C:\WINDOWS\System32\DRIVERS\ptilink.sys -- (Ptilink [On_Demand | Running])
DRV - [2009/09/03 10:45:28 | 00,043,872 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\System32\Drivers\PxHelp20.sys -- (PxHelp20 [Boot | Running])
DRV - [2009/03/25 14:29:52 | 00,130,432 | ---- | M] (Realtek Semiconductor Corporation ) -- C:\WINDOWS\System32\DRIVERS\Rtnicxp.sys -- (RTL8023xp [On_Demand | Stopped])
DRV - [2002/10/04 04:04:10 | 00,046,976 | R--- | M] (Realtek Semiconductor Corporation ) -- C:\WINDOWS\System32\DRIVERS\R8139n51.SYS -- (rtl8139 [On_Demand | Stopped])
DRV - [2004/05/26 19:55:42 | 00,037,920 | ---- | M] (Your Corporation) -- C:\Program Files\MSI\Core Center\RushTop.sys -- (RushTopDevice [On_Demand | Stopped])
DRV - [2007/06/25 11:43:22 | 00,082,984 | R--- | M] (MCCI Corporation) -- C:\WINDOWS\System32\DRIVERS\s117bus.sys -- (s117bus [On_Demand | Stopped])
DRV - [2007/06/25 11:43:26 | 00,014,888 | R--- | M] (MCCI Corporation) -- C:\WINDOWS\System32\DRIVERS\s117mdfl.sys -- (s117mdfl [On_Demand | Stopped])
DRV - [2007/06/25 11:43:36 | 00,108,456 | R--- | M] (MCCI Corporation) -- C:\WINDOWS\System32\DRIVERS\s117mdm.sys -- (s117mdm [On_Demand | Stopped])
DRV - [2007/06/25 11:43:36 | 00,100,264 | ---- | M] (MCCI Corporation) -- C:\WINDOWS\System32\DRIVERS\s117mgmt.sys -- (s117mgmt [On_Demand | Stopped])
DRV - [2007/06/25 11:43:36 | 00,022,952 | ---- | M] (MCCI Corporation) -- C:\WINDOWS\System32\DRIVERS\s117nd5.sys -- (s117nd5 [On_Demand | Stopped])
DRV - [2007/06/25 11:43:38 | 00,098,344 | R--- | M] (MCCI Corporation) -- C:\WINDOWS\System32\DRIVERS\s117obex.sys -- (s117obex [On_Demand | Stopped])
DRV - [2007/06/25 11:43:36 | 00,098,856 | ---- | M] (MCCI Corporation) -- C:\WINDOWS\System32\DRIVERS\s117unic.sys -- (s117unic [On_Demand | Stopped])
DRV - [2007/04/03 13:59:30 | 00,083,208 | R--- | M] (MCCI Corporation) -- C:\WINDOWS\System32\DRIVERS\s616bus.sys -- (s616bus [On_Demand | Stopped])
DRV - [2007/04/03 13:59:36 | 00,015,112 | R--- | M] (MCCI Corporation) -- C:\WINDOWS\System32\DRIVERS\s616mdfl.sys -- (s616mdfl [On_Demand | Stopped])
DRV - [2007/04/03 13:59:38 | 00,108,680 | R--- | M] (MCCI Corporation) -- C:\WINDOWS\System32\DRIVERS\s616mdm.sys -- (s616mdm [On_Demand | Stopped])
DRV - [2007/04/03 13:59:40 | 00,100,360 | R--- | M] (MCCI Corporation) -- C:\WINDOWS\System32\DRIVERS\s616mgmt.sys -- (s616mgmt [On_Demand | Stopped])
DRV - [2007/04/03 13:59:42 | 00,023,176 | R--- | M] (MCCI Corporation) -- C:\WINDOWS\System32\DRIVERS\s616nd5.sys -- (s616nd5 [On_Demand | Stopped])
DRV - [2007/04/03 13:59:42 | 00,098,568 | R--- | M] (MCCI Corporation) -- C:\WINDOWS\System32\DRIVERS\s616obex.sys -- (s616obex [On_Demand | Stopped])
DRV - [2007/04/03 13:59:42 | 00,099,080 | R--- | M] (MCCI Corporation) -- C:\WINDOWS\System32\DRIVERS\s616unic.sys -- (s616unic [On_Demand | Stopped])
DRV - [2006/09/05 20:07:00 | 00,061,536 | R--- | M] (MCCI) -- C:\WINDOWS\System32\DRIVERS\se59bus.sys -- (se59bus [On_Demand | Stopped])
DRV - [2006/09/05 20:07:48 | 00,009,360 | R--- | M] (MCCI) -- C:\WINDOWS\System32\DRIVERS\se59mdfl.sys -- (se59mdfl [On_Demand | Stopped])
DRV - [2006/09/05 20:07:52 | 00,097,088 | R--- | M] (MCCI) -- C:\WINDOWS\System32\DRIVERS\se59mdm.sys -- (se59mdm [On_Demand | Stopped])
DRV - [2006/09/05 20:08:40 | 00,088,624 | R--- | M] (MCCI) -- C:\WINDOWS\System32\DRIVERS\se59mgmt.sys -- (se59mgmt [On_Demand | Stopped])
DRV - [2006/09/05 20:06:28 | 00,018,704 | R--- | M] (MCCI) -- C:\WINDOWS\System32\DRIVERS\se59nd5.sys -- (se59nd5 [On_Demand | Stopped])
DRV - [2006/09/05 20:09:26 | 00,086,432 | R--- | M] (MCCI) -- C:\WINDOWS\System32\DRIVERS\se59obex.sys -- (se59obex [On_Demand | Stopped])
DRV - [2006/09/05 20:06:22 | 00,090,800 | R--- | M] (MCCI) -- C:\WINDOWS\System32\DRIVERS\se59unic.sys -- (se59unic [On_Demand | Stopped])
DRV - [2007/11/13 12:25:54 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\WINDOWS\System32\DRIVERS\secdrv.sys -- (Secdrv [On_Demand | Stopped])
DRV - [2002/10/15 22:41:06 | 00,102,220 | ---- | M] (Sony Corporation) -- C:\WINDOWS\System32\DRIVERS\sonypvs1.sys -- (sonypvs1 [On_Demand | Stopped])
DRV - [2007/10/18 08:57:54 | 03,033,728 | R--- | M] () -- C:\WINDOWS\System32\DRIVERS\spc1300.sys -- (SPC1300 [On_Demand | Running])
DRV - [2008/05/07 15:59:20 | 00,137,952 | ---- | M] (StorageCraft) -- C:\WINDOWS\system32\DRIVERS\symsnap.sys -- (symsnap [Boot | Running])
DRV - [2008/06/20 13:08:27 | 00,225,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\DRIVERS\tcpip6.sys -- (Tcpip6 [System | Running])
DRV - [2009/10/02 18:58:22 | 00,059,920 | ---- | M] (Trend Micro Inc.) -- C:\WINDOWS\System32\drivers\tmactmon.sys -- (tmactmon [On_Demand | Running])
DRV - [2009/10/02 18:58:22 | 00,339,984 | ---- | M] (Trend Micro Inc.) -- C:\WINDOWS\System32\DRIVERS\TM_CFW.sys -- (tmcfw [On_Demand | Running])
DRV - [2009/10/02 18:58:22 | 00,158,224 | ---- | M] (Trend Micro Inc.) -- C:\WINDOWS\System32\drivers\tmcomm.sys -- (tmcomm [Auto | Running])
DRV - [2009/10/02 18:58:22 | 00,050,704 | ---- | M] (Trend Micro Inc.) -- C:\WINDOWS\System32\drivers\tmevtmgr.sys -- (tmevtmgr [On_Demand | Running])
DRV - [2009/10/02 18:58:22 | 00,036,368 | ---- | M] (Trend Micro Inc.) -- C:\WINDOWS\System32\DRIVERS\tmpreflt.sys -- (tmpreflt [Auto | Running])
DRV - [2009/10/02 18:58:22 | 00,089,872 | ---- | M] (Trend Micro Inc.) -- C:\WINDOWS\System32\DRIVERS\tmtdi.sys -- (tmtdi [System | Running])
DRV - [2009/10/02 18:58:22 | 00,225,808 | ---- | M] (Trend Micro Inc.) -- C:\WINDOWS\System32\DRIVERS\tmxpflt.sys -- (tmxpflt [Auto | Running])
DRV - [2005/09/27 09:00:02 | 00,069,920 | ---- | M] (PACE Anti-Piracy, Inc.) -- C:\WINDOWS\System32\drivers\TPkd.sys -- (TPkd [Boot | Running])
DRV - [2003/01/26 11:16:54 | 00,064,256 | R--- | M] (Promise Technology, Inc.) -- C:\WINDOWS\system32\DRIVERS\ulsata.sys -- (UlSata [Boot | Running])
DRV - [2008/04/13 12:45:14 | 00,060,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\usbaudio.sys -- (usbaudio [On_Demand | Running])
DRV - [2007/03/28 20:29:10 | 00,037,864 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\DRIVERS\v2imount.sys -- (v2imount [Auto | Running])
DRV - [2007/07/31 17:22:16 | 00,014,072 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\DRIVERS\vproeventmonitor.sys -- (VProEventMonitor [On_Demand | Stopped])
DRV - [2009/10/02 18:58:22 | 01,223,832 | ---- | M] (Trend Micro Inc.) -- C:\WINDOWS\System32\DRIVERS\vsapint.sys -- (vsapint [Auto | Running])
DRV - [2006/04/10 18:05:10 | 00,104,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\DRIVERS\wceusbsh.sys -- (wceusbsh [On_Demand | Stopped])
DRV - [2006/03/22 12:37:50 | 00,017,408 | ---- | M] (Western Digital Technologies) -- C:\WINDOWS\System32\DRIVERS\wdfwhid.sys -- (WD_FireWire_HID [On_Demand | Stopped])
DRV - [2007/03/28 20:49:42 | 00,128,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\DRIVERS\wimfltr.sys -- (WimFltr [On_Demand | Stopped])
DRV - [2009/05/07 21:05:22 | 00,087,536 | ---- | M] (CyberLink Corp.) -- C:\Program Files\CyberLink\PowerDVD9\000.fcl -- ({B154377D-700F-42cc-9474-23858FBDF4BD} [Auto | Running])

========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Page_Transitions = 1
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.fr/ie


IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
IE - HKU\.DEFAULT\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\.DEFAULT\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local;<local>

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
IE - HKU\S-1-5-18\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local;<local>

IE - HKU\S-1-5-19\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-20\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-1343024091-1682526488-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKU\S-1-5-21-1343024091-1682526488-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Page_Transitions = 1
IE - HKU\S-1-5-21-1343024091-1682526488-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.fr
IE - HKU\S-1-5-21-1343024091-1682526488-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKU\S-1-5-21-1343024091-1682526488-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
IE - HKU\S-1-5-21-1343024091-1682526488-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\S-1-5-21-1343024091-1682526488-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://fr.msn.com/?ocid=iehp
IE - HKU\S-1-5-21-1343024091-1682526488-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = fr
IE - HKU\S-1-5-21-1343024091-1682526488-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 32 C2 F6 67 0F 45 CA 01 [binary data]
IE - HKU\S-1-5-21-1343024091-1682526488-725345543-1003\S-1-5-21-1343024091-1682526488-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1343024091-1682526488-725345543-1003\S-1-5-21-1343024091-1682526488-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local;localhost
IE - HKU\S-1-5-21-1343024091-1682526488-725345543-1003\S-1-5-21-1343024091-1682526488-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = proxy.free.fr:3128

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Google"
FF - prefs.js..browser.startup.homepage: "http://fr.start3.mozilla.com/firefox?client=firefox-a&rls=org.mozilla:fr:official"
FF - prefs.js..extensions.enabledItems: autopager@mozilla.org:0.5.3.5
FF - prefs.js..extensions.enabledItems: en-GB@dictionaries.addons.mozilla.org:1.19
FF - prefs.js..extensions.enabledItems: {D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}:0.9.6.5
FF - prefs.js..extensions.enabledItems: fastdial@telega.phpnet.us:2.23b1
FF - prefs.js..extensions.enabledItems: {9A752782-D706-479b-98F8-3F66BF921692}:5.6.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}:6.0.14
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}:6.0.15
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: sxipper@sxip.com:2.2.2
FF - prefs.js..extensions.enabledItems: en-US@dictionaries.addons.mozilla.org:4.0.0
FF - prefs.js..extensions.enabledItems: {c45c406e-ab73-11d8-be73-000a95be3b12}:1.1.8
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.5.3
FF - prefs.js..keyword.URL: "http://search.live.com/results.aspx?mkt=fr-FR&FORM=MIMWA5&q="


FF - HKLM\software\mozilla\Firefox\extensions\\{20a82645-c095-46ed-80e3-08825760534b}: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2009/08/15 13:05:06 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\extensions\\jqs@sun.com: C:\Program Files\Java\jre6\lib\deploy\jqs\ff [2009/07/31 09:12:45 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\extensions\\{22181a4d-af90-4ca3-a569-faed9118d6bc}: C:\Program Files\Trend Micro\TrendSecure\TISProToolbar\FirefoxExtension [2009/10/04 17:56:07 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.3\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2009/10/04 17:45:38 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.3\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2009/10/04 17:45:38 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 2.0.0.23\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2009/09/25 10:00:17 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 2.0.0.23\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins [2009/10/03 15:06:59 | 00,000,000 | ---D | M]

[2009/01/26 10:26:33 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Michel\Application Data\mozilla\Extensions
[2008/08/27 00:33:43 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Michel\Application Data\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2009/01/26 10:26:33 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Michel\Application Data\mozilla\Extensions\uploadr@flickr.com
[2009/10/05 10:21:43 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Michel\Application Data\mozilla\Firefox\Profiles\6hxilcfd.default\extensions
[2009/02/23 13:04:27 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Michel\Application Data\mozilla\Firefox\Profiles\6hxilcfd.default\extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}(2)
[2009/02/12 14:51:25 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Michel\Application Data\mozilla\Firefox\Profiles\6hxilcfd.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}(2)
[2009/02/19 14:52:35 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Michel\Application Data\mozilla\Firefox\Profiles\6hxilcfd.default\extensions\{317B5128-0B0B-49b2-B2DB-1E7560E16C74}
[2009/02/19 14:52:34 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Michel\Application Data\mozilla\Firefox\Profiles\6hxilcfd.default\extensions\{317B5128-0B0B-49b2-B2DB-1E7560E16C74}(2)
[2009/05/27 19:06:05 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Michel\Application Data\mozilla\Firefox\Profiles\6hxilcfd.default\extensions\{37E4D8EA-8BDA-4831-8EA1-89053939A250}
[2009/07/01 08:29:52 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Michel\Application Data\mozilla\Firefox\Profiles\6hxilcfd.default\extensions\{6AC85730-7D0F-4de0-B3FA-21142DD85326}
[2009/07/25 10:27:42 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Michel\Application Data\mozilla\Firefox\Profiles\6hxilcfd.default\extensions\{71328583-3CA7-4809-B4BA-570A85818FBB}
[2009/06/04 10:26:36 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Michel\Application Data\mozilla\Firefox\Profiles\6hxilcfd.default\extensions\{75493B06-1504-4976-9A55-B6FE240FF0BF}
[2009/08/07 18:13:04 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Michel\Application Data\mozilla\Firefox\Profiles\6hxilcfd.default\extensions\{9A752782-D706-479b-98F8-3F66BF921692}
[2009/09/23 17:56:17 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Michel\Application Data\mozilla\Firefox\Profiles\6hxilcfd.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
[2009/08/11 19:09:21 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Michel\Application Data\mozilla\Firefox\Profiles\6hxilcfd.default\extensions\{A5C87640-F7CF-11DA-974D-0800200C9A66}
[2009/07/18 10:19:20 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Michel\Application Data\mozilla\Firefox\Profiles\6hxilcfd.default\extensions\{AE37D527-6604-461c-8102-975CF8053A2F}
[2009/08/21 07:06:37 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Michel\Application Data\mozilla\Firefox\Profiles\6hxilcfd.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2009/02/19 14:52:34 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Michel\Application Data\mozilla\Firefox\Profiles\6hxilcfd.default\extensions\{c07d1a49-9894-49ff-a594-38960ede8fb9}
[2009/02/19 14:52:34 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Michel\Application Data\mozilla\Firefox\Profiles\6hxilcfd.default\extensions\{c07d1a49-9894-49ff-a594-38960ede8fb9}(2)
[2009/07/01 08:29:55 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Michel\Application Data\mozilla\Firefox\Profiles\6hxilcfd.default\extensions\{c45c406e-ab73-11d8-be73-000a95be3b12}
[2009/05/03 07:11:08 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Michel\Application Data\mozilla\Firefox\Profiles\6hxilcfd.default\extensions\{C4A22BA1-6D61-45F1-82A9-140FD33F1110}
[2009/08/19 09:18:11 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Michel\Application Data\mozilla\Firefox\Profiles\6hxilcfd.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2009/09/14 16:59:12 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Michel\Application Data\mozilla\Firefox\Profiles\6hxilcfd.default\extensions\{d37dc5d0-431d-44e5-8c91-49419370caa1}
[2009/08/09 13:26:21 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Michel\Application Data\mozilla\Firefox\Profiles\6hxilcfd.default\extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}
[2009/07/18 10:19:21 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Michel\Application Data\mozilla\Firefox\Profiles\6hxilcfd.default\extensions\{daf44bf7-a45e-4450-979c-91cf07434c3d}
[2009/08/10 16:11:35 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Michel\Application Data\mozilla\Firefox\Profiles\6hxilcfd.default\extensions\{e0204bd5-9d31-402b-a99d-a6aa8ffebdca}
[2009/09/26 10:12:09 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Michel\Application Data\mozilla\Firefox\Profiles\6hxilcfd.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}
[2009/09/09 10:05:48 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Michel\Application Data\mozilla\Firefox\Profiles\6hxilcfd.default\extensions\autopager@mozilla.org
[2009/06/29 07:33:09 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Michel\Application Data\mozilla\Firefox\Profiles\6hxilcfd.default\extensions\cleanhide@waxb.blog.com.cn
[2009/02/12 14:53:45 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Michel\Application Data\mozilla\Firefox\Profiles\6hxilcfd.default\extensions\Dcurrency@Dcurrency(2).fr
[2009/08/10 16:10:10 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Michel\Application Data\mozilla\Firefox\Profiles\6hxilcfd.default\extensions\en-GB@dictionaries.addons.mozilla.org
[2009/10/02 19:30:26 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Michel\Application Data\mozilla\Firefox\Profiles\6hxilcfd.default\extensions\en-US@dictionaries.addons.mozilla.org
[2009/07/25 10:27:44 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Michel\Application Data\mozilla\Firefox\Profiles\6hxilcfd.default\extensions\fastdial@telega.phpnet.us
[2008/11/01 08:01:02 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Michel\Application Data\mozilla\Firefox\Profiles\6hxilcfd.default\extensions\he@dictionaries.addons.mozilla.org
[2007/10/19 19:47:56 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Michel\Application Data\mozilla\Firefox\Profiles\6hxilcfd.default\extensions\it-IT@dictionaries.addons.mozilla.org
[2009/08/28 11:20:53 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Michel\Application Data\mozilla\Firefox\Profiles\6hxilcfd.default\extensions\kgen@elitwork(2).com
[2009/07/26 09:55:43 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Michel\Application Data\mozilla\Firefox\Profiles\6hxilcfd.default\extensions\locationbar2@design-noir.de
[2009/09/05 07:47:38 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Michel\Application Data\mozilla\Firefox\Profiles\6hxilcfd.default\extensions\seo4firefox@seobook.com
[2009/04/03 07:38:38 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Michel\Application Data\mozilla\Firefox\Profiles\6hxilcfd.default\extensions\sk@dictionaries.addons.mozilla.org
[2009/03/19 11:46:00 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Michel\Application Data\mozilla\Firefox\Profiles\6hxilcfd.default\extensions\startaid@startaid.com
[2009/05/29 07:52:13 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Michel\Application Data\mozilla\Firefox\Profiles\6hxilcfd.default\extensions\sxipper@sxip.com
[2008/06/18 23:02:37 | 00,001,712 | ---- | M] () -- C:\Documents and Settings\Michel\Application Data\Mozilla\FireFox\Profiles\6hxilcfd.default\searchplugins\askcom.xml
[2009/09/25 07:30:42 | 00,001,775 | ---- | M] () -- C:\Documents and Settings\Michel\Application Data\Mozilla\FireFox\Profiles\6hxilcfd.default\searchplugins\live-search.xml
[2009/10/05 14:09:39 | 00,001,568 | ---- | M] () -- C:\Documents and Settings\Michel\Application Data\Mozilla\FireFox\Profiles\6hxilcfd.default\searchplugins\mozbot.xml
[2008/03/04 02:14:19 | 00,002,520 | ---- | M] () -- C:\Documents and Settings\Michel\Application Data\Mozilla\FireFox\Profiles\6hxilcfd.default\searchplugins\mozilla-add-ons.xml
[2009/01/08 01:46:43 | 00,001,447 | ---- | M] () -- C:\Documents and Settings\Michel\Application Data\Mozilla\FireFox\Profiles\6hxilcfd.default\searchplugins\userlogos.xml
[2009/10/05 08:45:12 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions
[2009/10/04 17:45:38 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2009/08/01 13:43:08 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}
[2009/07/31 09:12:57 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}
[2009/08/21 07:19:16 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}
[2009/08/24 22:19:16 | 00,023,544 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browserdirprovider.dll
[2009/08/24 22:19:16 | 00,137,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\brwsrcmp.dll
[2009/07/25 05:23:01 | 00,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeploytk.dll
[2009/02/06 12:44:28 | 01,447,296 | ---- | M] (Microsoft Corporation) -- C:\Program Files\mozilla firefox\plugins\npLegitCheckPlugin.dll
[2009/08/24 22:19:16 | 00,065,016 | ---- | M] (mozilla.org) -- C:\Program Files\mozilla firefox\plugins\npnul32.dll
[2008/10/14 21:33:29 | 00,095,600 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\mozilla firefox\plugins\nppdf32.dll
[2009/10/03 15:06:58 | 00,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin.dll
[2009/10/03 15:06:58 | 00,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll
[2009/10/03 15:06:58 | 00,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll
[2009/10/03 15:06:58 | 00,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll
[2009/10/03 15:06:59 | 00,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll
[2009/10/03 15:06:59 | 00,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin6.dll
[2009/10/03 15:06:59 | 00,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin7.dll
[2009/09/03 11:53:00 | 00,030,912 | ---- | M] (NOS Microsystems Ltd.) -- C:\Program Files\mozilla firefox\plugins\np_gp.dll
[2009/08/24 21:21:51 | 00,001,516 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-france.xml
[2009/08/24 21:21:51 | 00,001,822 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\cnrtl-tlfi-fr.xml
[2009/08/24 21:21:51 | 00,000,757 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-france.xml
[2009/08/24 21:21:51 | 00,002,371 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\google.xml
[2009/08/24 21:21:51 | 00,001,426 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-fr.xml
[2009/08/24 21:21:51 | 00,000,652 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-france.xml

O1 HOSTS File: (732 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Aide pour le lien d'Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (TSToolbarBHO) - {43C6D902-A1C5-45c9-91F6-FD9E90337E18} - C:\Program Files\Trend Micro\TrendSecure\TISProToolbar\TSToolbar.dll (Trend Micro Inc.)
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
O2 - BHO: (Programme d'aide de l'Assistant de connexion Windows Live) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (Trend Micro Toolbar) - {CCAC5586-44D7-4c43-B64A-F042461A97D2} - C:\Program Files\Trend Micro\TrendSecure\TISProToolbar\TSToolbar.dll (Trend Micro Inc.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKU\S-1-5-21-1343024091-1682526488-725345543-1003\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKU\S-1-5-21-1343024091-1682526488-725345543-1003\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4 - HKLM..\Run: [BDRegion] C:\Program Files\Cyberlink\Shared Files\brs.exe (cyberlink)
O4 - HKLM..\Run: [Cmaudio] File not found
O4 - HKLM..\Run: [IMJPMIG8.1] C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)
O4 - HKLM..\Run: [Kernel and Hardware Abstraction Layer] C:\WINDOWS\KHALMNPR.EXE (Logitech, Inc.)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\System32\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe ()
O4 - HKLM..\Run: [PDVD9LanguageShortcut] C:\Program Files\CyberLink\PowerDVD9\Language\Language.exe (CyberLink Corp.)
O4 - HKLM..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [PtiuPbmd] C:\WINDOWS\System32\ptipbm.DLL (Promise Technology,Inc.)
O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime\QTTask.exe (Apple Inc.)
O4 - HKLM..\Run: [RemoteControl9] C:\Program Files\CyberLink\PowerDVD9\PDVD9Serv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [spc1300] C:\WINDOWS\vspc1300.exe (Sonix)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [UfSeAgnt.exe] C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe (Trend Micro Inc.)
O4 - HKU\.DEFAULT..\Run: [OE] C:\Program Files\Trend Micro\Internet Security\TMAS_OE\TMAS_OEMon.exe (Trend Micro Inc.)
O4 - HKU\S-1-5-18..\Run: [OE] C:\Program Files\Trend Micro\Internet Security\TMAS_OE\TMAS_OEMon.exe (Trend Micro Inc.)
O4 - HKU\S-1-5-21-1343024091-1682526488-725345543-1003..\Run: [CachemanTray] C:\Program Files\Cacheman\CachemanTray.exe (Outertech)
O4 - HKU\S-1-5-21-1343024091-1682526488-725345543-1003..\Run: [MsnMsgr] C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-1343024091-1682526488-725345543-1003..\Run: [OE] C:\Program Files\Trend Micro\Internet Security\TMAS_OE\TMAS_OEMon.exe (Trend Micro Inc.)
O4 - HKU\S-1-5-21-1343024091-1682526488-725345543-1003..\Run: [QuickTime Task] C:\Program Files\QuickTime\QTTask.exe (Apple Inc.)
O4 - HKU\S-1-5-21-1343024091-1682526488-725345543-1003..\Run: [WinColorReminder] C:\Program Files\Pro Imaging Powertoys\Microsoft Color Control Panel Applet for Windows XP\WinColorReminder.exe (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe (Logitech, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\WiziWYG XP Startup.lnk = C:\Program Files\Praxisoft\WiziWYG XP\WiziWYGXP.exe (Praxisoft LLC)
O4 - Startup: C:\Documents and Settings\MDA\Menu Démarrer\Programmes\Démarrage\Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Low Rights present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: RunStartupScriptSync = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19_Classes\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20_Classes\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O7 - HKU\S-1-5-21-1343024091-1682526488-725345543-1003\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O7 - HKU\S-1-5-21-1343024091-1682526488-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-1343024091-1682526488-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\S-1-5-21-1343024091-1682526488-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoInstrumentation = 1
O7 - HKU\S-1-5-21-1343024091-1682526488-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O7 - HKU\S-1-5-21-1343024091-1682526488-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMMyDocs = 1
O7 - HKU\S-1-5-21-1343024091-1682526488-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFavoritesMenu = 1
O7 - HKU\S-1-5-21-1343024091-1682526488-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 0
O7 - HKU\S-1-5-21-1343024091-1682526488-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktopCleanupWizard = 1
O7 - HKU\S-1-5-21-1343024091-1682526488-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMBalloonTip = 0
O7 - HKU\S-1-5-21-1343024091-1682526488-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-1343024091-1682526488-725345543-1003_Classes\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\WINDOWS\System32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\WINDOWS\System32\rsvpsp.dll (Microsoft Corporation)
O15 - HKU\.DEFAULT\..Trusted Domains: 47 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKU\S-1-5-18\..Trusted Domains: 47 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKU\S-1-5-19\..Trusted Domains: 29 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKU\S-1-5-20\..Trusted Domains: 29 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKU\S-1-5-21-1343024091-1682526488-725345543-1003\..Trusted Domains: com.tw ([asia.msi] http in Sites de confiance)
O15 - HKU\S-1-5-21-1343024091-1682526488-725345543-1003\..Trusted Domains: com.tw ([global.msi] http in Sites de confiance)
O15 - HKU\S-1-5-21-1343024091-1682526488-725345543-1003\..Trusted Domains: com.tw ([www.msi] http in Sites de confiance)
O15 - HKU\S-1-5-21-1343024091-1682526488-725345543-1003\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} Reg Error: Value error. (Office Genuine Advantage Validation Tool)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} Reg Error: Value error. (Windows Genuine Advantage Validation Tool)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.microsoft.com/microso ... 4303851718 (MUWebControl Class)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Fichiers communs\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\tmtb {04EAF3FB-4BAC-4B5A-A37D-A1CF210A5A42} - C:\Program Files\Trend Micro\TrendSecure\TISProToolbar\TSToolbar.dll (Trend Micro Inc.)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Filter: - text/xml - C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\Explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\LBTWlgn: DllName - c:\program files\fichiers communs\logitech\bluetooth\LBTWlgn.dll - c:\program files\fichiers communs\logitech\bluetooth\LBTWlgn.dll (Logitech, Inc.)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007/06/30 13:32:23 | 00,000,000 | -HS- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2009/07/29 09:06:10 | 00,000,000 | ---D | M] - C:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2009/07/29 09:06:10 | 00,000,000 | RHSD | M] - D:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2009/07/29 09:06:10 | 00,000,000 | RHSD | M] - G:\autorun.inf -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - File not found
O34 - HKLM BootExecute: (OODBS) - C:\WINDOWS\System32\OODBS.exe (O&O Software GmbH)
O35 - comfile [open] -- "%1" %* File not found
O35 - exefile [open] -- "%1" %* File not found

========== Files/Folders - Created Within 30 Days ==========

[1 C:\WINDOWS\System32\*.tmp files]
[3 C:\WINDOWS\*.tmp files]
[2009/09/12 07:47:09 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2009/10/02 15:36:06 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\ALM
[2009/10/05 13:12:59 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AVS4YOU
[2009/09/26 08:11:36 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\CyberLink
[2009/10/01 07:32:25 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Grass Valley
[2009/10/03 08:38:07 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Minnetonka Audio Software
[2009/10/01 17:29:13 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Quark
[2009/10/05 13:12:59 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Michel\Application Data\AVS4YOU
[2009/09/26 08:12:29 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Michel\Application Data\CyberLink
[2009/10/01 16:01:57 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Michel\Application Data\dvdcss
[2009/10/01 10:19:05 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Michel\Application Data\Office Genuine Advantage
[2009/09/12 07:53:41 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Michel\Local Settings\Application Data\Apple_Inc
[2009/09/26 08:13:24 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Michel\Local Settings\Application Data\Cyberlink
[2009/09/26 12:20:44 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Michel\Local Settings\Application Data\PowerCinema
[2009/10/04 10:08:58 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Michel\Local Settings\Application Data\TechSmith
[2009/10/04 17:57:04 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Michel\Local Settings\Application Data\Trend Micro
[2009/10/05 13:11:24 | 00,000,000 | ---D | C] -- C:\Program Files\Fichiers communs\AVSMedia
[2009/09/26 08:11:23 | 00,000,000 | ---D | C] -- C:\Program Files\Fichiers communs\CyberLink
[2009/09/23 09:37:50 | 00,000,000 | ---D | C] -- C:\Program Files\adslTV
[2009/10/05 13:11:17 | 00,000,000 | ---D | C] -- C:\Program Files\AVS4YOU
[2009/10/01 08:47:35 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files
[2009/09/26 08:10:16 | 00,000,000 | ---D | C] -- C:\Program Files\CyberLink
[2009/09/28 09:33:16 | 00,000,000 | ---D | C] -- C:\Program Files\FreePack
[2009/09/26 19:04:37 | 00,000,000 | ---D | C] -- C:\Program Files\HomePlayer
[2009/09/25 10:25:38 | 00,000,000 | ---D | C] -- C:\Program Files\iPod
[2009/09/25 10:25:18 | 00,000,000 | ---D | C] -- C:\Program Files\iTunes
[2009/09/26 10:12:15 | 00,000,000 | ---D | C] -- C:\Program Files\NOS
[2009/10/03 13:10:54 | 00,000,000 | ---D | C] -- C:\Program Files\Panda Security
[2009/10/03 07:54:42 | 00,000,000 | ---D | C] -- C:\Program Files\Pegasus Imaging
[2009/09/07 19:19:51 | 00,000,000 | ---D | C] -- C:\Program Files\Pro Imaging Powertoys
[2009/10/04 10:05:29 | 00,000,000 | ---D | C] -- C:\Program Files\TechSmith
[2009/09/12 07:51:27 | 00,000,000 | ---D | C] -- C:\Program Files\Utilitaire de configuration iPhone
[2009/09/27 13:42:51 | 00,000,000 | ---D | C] -- C:\Program Files\WinAVI Video Capture
[2009/10/03 08:02:05 | 00,000,000 | ---D | C] -- C:\Program Files\Windows Media Components
[2009/10/01 16:02:58 | 00,000,000 | ---D | C] -- C:\Program Files\XviD
[2009/10/03 12:23:33 | 00,000,000 | ---D | C] -- C:\Program Files\ZebHelpProcess
[2009/10/03 12:48:24 | 00,000,000 | ---D | C] -- C:\Program Files\Zeb-Utility
[2009/10/04 18:23:00 | 00,000,000 | ---D | C] -- C:\Program Files\ZHPDiag
[2009/10/03 12:14:48 | 00,000,000 | ---D | C] -- C:\Program Files\ZHPFix
[2009/10/05 13:11:18 | 00,974,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mfc70.dll
[2009/10/05 13:11:17 | 01,700,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\GdiPlus.dll
[2009/10/04 17:55:59 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Documents\Trend Micro
[2009/10/04 17:55:18 | 00,059,920 | ---- | C] (Trend Micro Inc.) -- C:\WINDOWS\System32\drivers\tmactmon.sys
[2009/10/04 17:55:18 | 00,050,704 | ---- | C] (Trend Micro Inc.) -- C:\WINDOWS\System32\drivers\tmevtmgr.sys
[2009/10/04 17:51:45 | 00,158,224 | ---- | C] (Trend Micro Inc.) -- C:\WINDOWS\System32\drivers\tmcomm.sys
[2009/10/04 17:49:49 | 01,223,832 | ---- | C] (Trend Micro Inc.) -- C:\WINDOWS\System32\drivers\vsapint.sys
[2009/10/04 17:49:49 | 00,225,808 | ---- | C] (Trend Micro Inc.) -- C:\WINDOWS\System32\drivers\tmxpflt.sys
[2009/10/04 17:49:49 | 00,036,368 | ---- | C] (Trend Micro Inc.) -- C:\WINDOWS\System32\drivers\tmpreflt.sys
[2009/10/04 17:07:35 | 00,000,000 | ---D | C] -- C:\WINDOWS\7BB40A228D9843F9A08AE7EFF5AB1324.TMP
[2009/10/04 10:06:40 | 00,000,000 | ---D | C] -- D:\Documents de MDA\Camtasia Studio
[2009/10/03 13:11:11 | 00,028,544 | ---- | C] (Panda Security, S.L.) -- C:\WINDOWS\System32\drivers\pavboot.sys
[2009/10/03 13:07:13 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\Kaspersky Lab
[2009/10/03 08:12:40 | 00,515,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_5.dll
[2009/10/03 08:12:39 | 00,238,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_5.dll
[2009/10/03 08:12:38 | 01,974,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_42.dll
[2009/10/03 08:12:37 | 05,501,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dcsx_42.dll
[2009/10/03 08:12:36 | 00,453,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_42.dll
[2009/10/03 08:12:36 | 00,235,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx11_42.dll
[2009/10/03 08:12:35 | 01,892,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_42.dll
[2009/10/03 08:12:34 | 01,846,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_41.dll
[2009/10/03 08:12:34 | 00,453,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_41.dll
[2009/10/03 08:12:33 | 04,178,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_41.dll
[2009/10/03 08:12:32 | 00,517,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_4.dll
[2009/10/03 08:12:32 | 00,235,352 | ---- | C] (Microsoft Corporation) -- C:\WIND
maltin75
 
Messages: 5
Inscription: 04 Oct 2009, 17:00
Localisation: paris

Raport Extras

Messagede maltin75 » 07 Oct 2009, 05:24

Rapport Extras
OTL Extras logfile created on: 06/10/2009 08:17:48 - Run 2
OTL by OldTimer - Version 3.0.18.4 Folder = D:\Documents de MDA\Téléchargements
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

2.00 Gb Total Physical Memory | 1.68 Gb Available Physical Memory | 84.23% Memory free
2.76 Gb Paging File | 1.96 Gb Available in Paging File | 71.25% Paging File free
Paging file location(s): [Binary data over 100 bytes]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 34.18 Gb Total Space | 7.93 Gb Free Space | 23.19% Space Free | Partition Type: NTFS
Drive D: | 114.87 Gb Total Space | 35.43 Gb Free Space | 30.85% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
Drive G: | 149.05 Gb Total Space | 92.74 Gb Free Space | 62.22% Space Free | Partition Type: NTFS
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: DANASTYLE
Current User Name: Michel
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.chm [@ = chm.file] -- C:\WINDOWS\hh.exe (Microsoft Corporation)
.html [@ = Reg Error: Value error.] -- Reg Error: Key error. File not found
.js [@ = jsfile] -- C:\Program Files\Macromedia\Dreamweaver MX\Dreamweaver.exe (Macromedia, Inc.)

[HKEY_USERS\S-1-5-21-1343024091-1682526488-725345543-1003\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
chm.file [open] -- "C:\WINDOWS\hh.exe" %1 (Microsoft Corporation)
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
https [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
jsfile [open] -- "C:\Program Files\Macromedia\Dreamweaver MX\Dreamweaver.exe" "%1" (Macromedia, Inc.)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Directory [Digital Photo Professional] -- C:\Program Files\Canon\Digital Photo Professional\DPPViewer.exe /path "%1" (CANON INC.)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Porta.MakeAlbum] -- "C:\Program Files\Porta\Porta.exe" "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "%programfiles%\internet explorer\iexplore.exe" (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"AntiVirusOverride" = 1
"FirewallOverride" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"48113:TCP" = 48113:TCP:LocalSubNet:Enabled:maconfig_tcp
"48113:UDP" = 48113:UDP:LocalSubNet:Enabled:maconfig_udp

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\ma-config.com\maconfservice.exe" = C:\Program Files\ma-config.com\maconfservice.exe:LocalSubNet:Enabled:maconfservice -- (CybelSoft)
"C:\Program Files\Skype\Phone\Skype.exe" = C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype -- (Skype Technologies S.A.)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{0224CACC-994D-45F8-B973-D65056EA9C2F}" = Adobe XMP DVA Panels CS3
"{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour
"{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting
"{0AB76F69-E761-4CFA-B9B0-A1906B4E9E4B}" = WD Diagnostics
"{0BD83598-C2EF-3343-847B-7D2E84599128}" = Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - FRA
"{0C34B801-6AEC-4667-B053-03A67E2D0415}" = Apple Application Support
"{0C826C5B-B131-423A-A229-C71B3CACCD6A}" = CDDRV_Installer
"{121634B0-2F4B-11D3-ADA3-00C04F52DD52}" = Windows Installer Clean Up
"{1628F6BD-5ED1-4FD1-B90F-C106AF4E00F0}" = Adobe Setup
"{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}" = Adobe WinSoft Linguistics Plugin
"{193EAFD0-1BAF-4FB4-B18F-79D5D6A4B285}" = Adobe After Effects CS3 Presets
"{1B0BCA28-1F11-4D60-8A2F-DEBE04B5341E}" = Adobe Flash Video Encoder
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Outil de téléchargement Windows Live
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{268723B7-A994-4286-9F85-B974D5CAFC7B}" = EasyRecovery Professional
"{26A24AE4-039D-4CA4-87B4-2F83216014FF}" = Java(TM) 6 Update 15
"{2792F12C-3515-4D69-8083-B557AF35F06F}" = LightScribe 1.4.89.1
"{27CC6AB1-E72B-4179-AF1A-EAE507EBAF51}_is1" = ConvertHelper 2.2
"{29E5EA97-5F74-4A57-B8B2-D4F169117183}" = Adobe Stock Photos CS3
"{29F4F1C1-5278-436C-AB8D-2C1E2207552D}" = Biblical Hebrew (Tiro)
"{2FFE93F0-BB72-4E52-8761-354D1AAA9387}" = Sony Ericsson PC Suite 4.010.00
"{3101CB58-3482-4D21-AF1A-7057FC935355}" = KhalInstallWrapper
"{314D592A-B234-4424-A49C-B43F993AB07B}" = Philips SPC1300NC Webcam
"{350C940C-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{37FF74E1-843A-4431-AA07-E73E2B847CA4}" = Pegasus Imaging PICVideo Motion JPEG 3.0
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3E31821C-7917-367E-938E-E65FC413EA31}" = Microsoft .NET Framework 3.5 Language Pack SP1 - fra
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = Logitech Registration
"{425FFD94-36BD-4933-881B-FE0B9DADF2B7}" = Ma-Config.com
"{46ABBC54-1872-4AA3-95E2-F2C063A63F31}" = Installation Windows Live
"{4767A7DE-5B5E-4F91-B122-3CD67CC0C5A0}" = Photosynth
"{485ACF57-F364-440A-8496-E1E81C8FA1AA}" = Adobe Premiere Pro CS3 Third Party Content
"{48963B63-7A10-49D6-8B08-61E6132453D0}" = ViewSonic Monitor Drivers
"{4BDB76C6-902E-41D5-9064-68768E02886B}" = Adobe Dreamweaver CS3
"{4CBA3D4C-8F51-4D60-B27E-F6B641C571E7}" = Microsoft Search Enhancement Pack
"{50F102CA-4BE2-41A9-9810-5BB05EB91B9A}" = Adobe Premiere Pro CS3 Functional Content
"{53480330-E1D1-41CA-B8F8-7F78644F7F50}" = O&O Defrag Professional Edition
"{53735ECE-E461-4FD0-B742-23A352436D3A}" = Logitech Updater
"{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3
"{57C7C46A-D35D-492d-A328-4F8C9B5B4B52}" = PrintScreen
"{58DCEEE5-532E-44F4-B1D7-A146EF9E9FDA}" = Adobe Premiere Pro CS3
"{5C29CB8B-AC1E-4114-8D68-9CD080140D4A}" = Sony USB Driver
"{5D2398DF-3022-4820-93BA-F1175FBEA9CA}" = Adobe Creative Suite 3 Master Collection
"{5DD76286-9BE7-4894-A990-E905E91AC818}" = Windows Live Mail
"{64C1FA9A-FA94-4B6E-B3E4-8573738E4AD1}" = Adobe Setup
"{67D0313C-4F15-437D-9A2D-C1564088A26A}" = Windows Live Sync
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6ABE0BEE-D572-4FE8-B434-9E72A289431B}" = Adobe Fonts All
"{6B708481-748A-4EB4-97C1-CD386244FF77}" = Adobe MotionPicture Color Files
"{6BBAA81D-6A7E-43AD-8889-2F002DCAAFDD}" = AHV content for Acrobat and Flash
"{6D4AC5A4-4CF9-4F90-8111-B9B53CE257BF}" = Adobe Color Common Settings
"{6E08CE13-C2AB-4749-9335-5900B958929E}" = Adobe Illustrator CS3
"{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}" = Adobe Asset Services CS3
"{706EA4A8-97B5-4C29-A0F3-0B38C666F0C4}" = QuarkXPress
"{71557340-D00E-11D4-90BF-00104BBC7428}" = Comptabilité
"{718D791F-F4E8-4aa7-98A6-15FDED17BDD0}" = Trend Micro Internet Security Pro
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{73B5D990-04EA-4751-B10F-5534770B91F2}" = Adobe Color EU Recommended Settings
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{770F1BEC-2871-4E70-B837-FB8525FFA3B1}" = Windows Live Messenger
"{77D2A9D3-5800-43E3-B274-87841BC87DB2}" = Adobe ExtendScript Toolkit 2
"{7ACFB90E-8FD0-4397-AD3A-5195412623A3}" = Adobe Help Viewer CS3
"{7F04B272-E0DD-47E7-8B55-D97483DB0EBD}" = hp LaserJet 1160/1320 series
"{80FD3971-8482-49C8-BA8C-B6464A15882F}" = Adobe Flash CS3
"{8287E5A6-A0D1-4074-B149-F6157EE0DEEB}" = NEC-Mitsubishi NaViSet
"{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}" = Windows Live Call
"{845A8DB9-8802-4FD3-9FE3-938A6C46A2EC}" = Adobe Video Profiles
"{8A514CD8-49ED-4717-B87C-49B8F94CF9E0}" = Biblical Hebrew (SIL)
"{8AE03988-8C8C-40EE-BDC7-76781BEF1B1D}" = Adobe Setup
"{8B4AB829-DFD3-436D-B808-D9733D76C590}" = Macromedia Dreamweaver MX
"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3
"{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}" = Adobe Type Support
"{8EDBA74D-0686-4C99-BFDD-F894678E5101}" = Adobe Common File Installer
"{90120000-0010-040C-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (French) 12
"{90120000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2007
"{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0015-040C-0000-0000000FF1CE}" = Microsoft Office Access MUI (French) 2007
"{90120000-0015-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-040C-0000-0000000FF1CE}" = Microsoft Office Excel MUI (French) 2007
"{90120000-0016-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-040C-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (French) 2007
"{90120000-0018-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-040C-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (French) 2007
"{90120000-0019-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-040C-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (French) 2007
"{90120000-001A-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-040C-0000-0000000FF1CE}" = Microsoft Office Word MUI (French) 2007
"{90120000-001B-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0401-0000-0000000FF1CE}" = Microsoft Office Proof (Arabic) 2007
"{90120000-001F-0401-0000-0000000FF1CE}_PROPLUS_{14809F99-C601-4D4A-9391-F1E8FAA964C5}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_PROPLUS_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_PROPLUS_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_PROPLUS_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0413-0000-0000000FF1CE}" = Microsoft Office Proof (Dutch) 2007
"{90120000-001F-0413-0000-0000000FF1CE}_PROPLUS_{D66D5A44-E480-4BA4-B4F2-C554F6B30EBB}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_PROPLUS_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-0020-040C-0000-0000000FF1CE}" = Module de compatibilité pour Microsoft Office System 2007
"{90120000-002C-040C-0000-0000000FF1CE}" = Microsoft Office Proofing (French) 2007
"{90120000-0044-040C-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (French) 2007
"{90120000-0044-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-040C-0000-0000000FF1CE}" = Microsoft Office Shared MUI (French) 2007
"{90120000-006E-040C-0000-0000000FF1CE}_PROPLUS_{B165D3C2-40AE-4D39-86F7-E5C87C4264C0}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00B2-040C-0000-0000000FF1CE}" = Complément Microsoft Enregistrer en tant que PDF ou XPS pour programmes Microsoft Office 2007
"{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3
"{90B5E602-1867-449D-86FD-FC9DEA4434BF}" = HP Software Update
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3
"{9D2B0322-44AE-460E-9283-4D2D7A9205AE}" = Trend Micro Internet Security Pro
"{9D3F3D5A-BE6D-48C4-B51E-E2D6753ABCDE}" = Adobe Setup
"{9D669429-A2E4-4793-B7A0-283D259F39AF}" = Adobe Photoshop Lightroom 2.5
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}" = Adobe CMaps
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A2D81E70-2A98-4A08-A628-94388B063C5E}" = Adobe Color - Photoshop Specific
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A351224F-533A-4EED-89F4-0BF3417FD31D}" = WD Backup
"{A429C2AE-EBF1-4F81-A221-1C115CAADDAD}" = QuickTime
"{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD 9
"{A92A4DB0-CD37-42D1-BE1D-603D53C24328}" = Utilitaire d'identification du processeur Intel(R)
"{AAA8CA88-8A22-43D1-867F-ABD7944C9815}" = Intel(R) Network Connections 14.3.0.0
"{AADEA55D-C834-4BCB-98A3-4B8D1C18F4EE}" = Apple Mobile Device Support
"{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}" = PDF Settings
"{AC76BA86-1033-F400-7760-000000000003}" = Adobe Acrobat 8 Professional - English, Français, Deutsch
"{ACCA20B0-C4D1-4BF5-BF21-0A0EB5EF9730}" = REALTEK GbE & FE Ethernet PCI NIC Driver
"{B0255743-165B-4BD5-8DA8-37DFB9930012}" = Norton Ghost
"{B1EF7B00-8FCC-4209-BFB6-37C50B354B2A}" = Adobe Creative Suite 3 Design Premium
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B2F5D08C-7E79-4FCD-AAF4-57AD35FF0601}" = Adobe Illustrator CS2
"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0
"{B671CBFD-4109-4D35-9252-3062D3CCB7B2}" = Adobe SING CS3
"{B73CFB12-C814-4638-AFFD-7E3AAFAF0B4E}" = Adobe BridgeTalk Plugin CS3
"{B83FC356-B7C0-441F-8A4D-D71E088E7974}" = NVIDIA PhysX
"{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}" = Adobe Default Language CS3
"{BAF78226-3200-4DB4-BE33-4D922A799840}" = Windows Presentation Foundation
"{BB65C393-C76E-4F06-9B0C-2124AA8AF97B}" = Adobe Flash Player 9 ActiveX
"{BB81360F-041C-4CF7-B15E-71380D154244}" = Adobe Setup
"{BE5F3842-8309-4754-92D5-83E02E6077A3}" = Adobe Extension Manager CS3
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C1FA4B3B-1625-4922-9C9D-780E8FCE161A}" = Adobe Photoshop CS3
"{C5BD220A-EFE8-48A5-B70E-9503D535FACE}" = Adobe WAS CS3
"{C7C368E6-0B79-45A9-A9A4-5D57639EDAA2}" = Philips SPC 1300NC Webcam Driver
"{C964A549-C74A-11D3-B88A-00A0C9379093}" = Budget Plus
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CC1DB186-550F-3CFE-A2A9-EBA5E5A34BC1}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE378F36-E404-4244-A33F-F50A2A6D31BD}" = Microsoft Color Control Panel Applet for Windows XP
"{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.1
"{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}" = Adobe PDF Library Files
"{D5A31AB1-345D-47C7-A87B-036A669F6DF1}" = Adobe XMP Panels CS3
"{DA34FE93-5DC5-48E0-ACC8-A5389E05BB51}" = iTunes
"{DCE8CD14-FBF5-4464-B9A4-E18E473546C7}" = Assistant de connexion Windows Live
"{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}" = Adobe Color JA Extra Settings
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}" = Windows Media Encoder 9 Series
"{E583ED6F-BD99-4066-A420-C815BF692B69}" = Macromedia Fireworks MX 2004
"{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3
"{E9787678-119F-4D52-B551-6739B2B22101}" = Adobe Help Center 1.0
"{EA57A1B9-0DD2-44DD-9B70-64E8DA553F6F}" = Philips VLounge
"{EA7B3CC4-366D-4CF6-8350-FD7A7034116E}" = Adobe InDesign CS3 Icon Handler
"{EC25B803-4BDB-47F7-B877-FCE7D7966C0F}" = Visual C++ CRT 9.0 SP1
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F29B21BD-CAA6-445F-8EF7-A7E2B9D8B14E}" = Logitech SetPoint
"{F7D27C70-90F5-49B9-B188-0A133C0CE353}" = Windows Live Toolbar
"{FA54AFB1-5745-4389-B8C1-9F7509672ED1}" = Utilitaire de configuration iPhone
"{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio
"{FD6C6B7F-5696-48C5-A601-2EE9E50C3D46}" = WD Firewire HID Driver
"{FE8327F9-3AC1-4586-8C7E-3DEE2BC92441}" = Adobe InDesign CS3
"{FF29A7E2-FF40-4D07-B7E4-2093DE59E10A}" = Adobe Color NA Extra Settings
"ActiveScan 2.0" = Panda ActiveScan 2.0
"Adobe Acrobat 8 Professional - English, Français, Deutsch" = Adobe Acrobat 8.1.6 Professional
"Adobe Acrobat 8 Professional - English, Français, Deutsch_816" = Adobe Acrobat 8.1.6 - CPSID_49167
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Illustrator CS2" = Adobe Illustrator CS2
"Adobe SVG Viewer" = Adobe SVG Viewer 3.0
"Adobe_32fdd767b4383606e8168e834af5d90" = Adobe Premiere Pro CS3
"Adobe_3e054d2218e7aa282c2369d939e58ff" = Adobe ExtendScript Toolkit 2
"Adobe_6c8e2cb4fd241c55406016127a6ab2e" = Adobe Color Common Settings
"Adobe_b5d5789539ea1f004a4defceea74312" = Ajouter ou supprimer Adobe Creative Suite 3 Master Collection
"Adobe_e79070e1ef25043cbd93191267ecaf0" = Ajouter ou supprimer Adobe Creative Suite 3 Design Premium
"adsl TV" = adsl TV
"AVS Update Manager_is1" = AVS Update Manager 1.0
"AVS4YOU Software Navigator_is1" = AVS4YOU Software Navigator 1.3
"AVS4YOU Video Converter 6_is1" = AVS Video Converter 6
"Cacheman" = Cacheman 7.0
"CAL" = Canon Camera Access Library
"CameraWindowDC" = Canon Utilities CameraWindow DC
"CameraWindowDVC5" = Canon Utilities CameraWindow DC_DV 5 for ZoomBrowser EX
"CameraWindowDVC6" = Canon Utilities CameraWindow DC_DV 6 for ZoomBrowser EX
"CameraWindowLauncher" = Canon Utilities CameraWindow
"Canon G.726 WMP-Decoder" = Canon G.726 WMP-Decoder
"CANON iMAGE GATEWAY Task" = CANON iMAGE GATEWAY Task for ZoomBrowser EX
"Canon Internet Library for ZoomBrowser EX" = Canon Internet Library for ZoomBrowser EX
"Canon MOV Decoder" = Canon MOV Decoder
"Canon RAW Codec" = Canon RAW Codec
"CCleaner" = CCleaner (remove only)
"Clean Virus MSN_is1" = Clean Virus MSN
"CloneDVD Full_is1" = CloneDVD Full 3.0.2.5
"C-Media Audio" = C-Media 3D Audio
"Connection Manager" = Microsoft Connection Manager
"Core Center" = Core Center
"CSCLIB" = Canon Camera Support Core Library
"DPP" = Canon Utilities Digital Photo Professional 3.6
"Driver Cleaner Pro" = DH Driver Cleaner Professional Edition
"EOS Utility" = Canon Utilities EOS Utility
"EPSON Printer and Utilities" = EPSON Logiciel imprimante
"EPSON Scanner" = EPSON Scan
"FileZilla" = FileZilla (remove only)
"FileZilla Client" = FileZilla Client 3.1.1.1
"Flickr Uploadr" = Flickr Uploadr 3.1.3
"FpTest" = FpTest 3.2
"Free Easy Burner_is1" = Free Easy Burner V 3.9
"Free iPod Video Converter_is1" = Free iPod Video Converter 1.34
"Free Window Registry Repair" = Free Window Registry Repair
"Free-info_is1" = Free-info
"Générateur de Mot de Passe_is1" = Générateur de Mot de Passe version 2.0
"GSiteCrawler" = GSiteCrawler
"HijackThis" = HijackThis 2.0.2
"HomePlayer" = HomePlayer 1.5.8a
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"InstallShield_{268723B7-A994-4286-9F85-B974D5CAFC7B}" = EasyRecovery Professional
"InstallShield_{37FF74E1-843A-4431-AA07-E73E2B847CA4}" = Pegasus Imaging PICVideo Motion JPEG 3.0
"InstallShield_{8287E5A6-A0D1-4074-B149-F6157EE0DEEB}" = NEC-Mitsubishi NaViSet
"InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD 9
"jv16 PowerTools 2009_is1" = jv16 PowerTools 2009
"Kaspersky On-line Scanner" = Kaspersky On-line Scanner
"Linotype FontExplorer X_is1" = Linotype FontExplorer X Public Beta
"LiveUpdate" = LiveUpdate 3.2 (Symantec Corporation)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 Language Pack SP1 - fra" = Module linguistique Microsoft .NET Framework 3.5 SP1- fra
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"milleetunephotos_is1" = milleetunephotos
"MovieEditTask" = Canon MovieEdit Task for ZoomBrowser EX
"Mozilla Firefox (3.5.3)" = Mozilla Firefox (3.5.3)
"Mozilla Thunderbird (2.0.0.23)" = Mozilla Thunderbird (2.0.0.23)
"MPE" = MyPhoneExplorer
"MyCamera" = Canon Utilities MyCamera
"MyCameraDC" = Canon Utilities MyCamera DC
"myPANTONE Palettes 1.5 1.5" = myPANTONE Palettes 1.5
"Non Driver CIO Components" = Non Driver CIO Components
"NVIDIA Drivers" = NVIDIA Drivers
"NVIDIA nView Desktop Manager" = NVIDIA nView Desktop Manager
"PC Wizard 2009_is1" = PC Wizard 2009.1.88
"PhotoStitch" = Canon Utilities PhotoStitch
"Picture Style Editor" = Canon Utilities Picture Style Editor
"Porta" = Porta
"PROPLUS" = Microsoft Office Professional Plus 2007
"RAW Image Task" = Canon RAW Image Task for ZoomBrowser EX
"RemoteCaptureDC" = Canon Utilities RemoteCapture DC
"RemoteCaptureTask" = Canon Utilities RemoteCapture Task for ZoomBrowser EX
"swf2avi_is1" = swf2avi 0.3
"Téléchargement PHOTOWAYS" = Téléchargement PHOTOWAYS 3.0.8
"UsbFix" = UsbFix
"Wdf01007" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
"Windows Media Encoder 9" = Windows Media Encoder 9 Series
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Lecteur Windows Media 11
"WinISO_is1" = WinISO 5.3
"WinLiveSuite_Wave3" = Installation Windows Live
"WinRAR archiver" = Archiveur WinRAR
"WiziWYG XP" = WiziWYG XP
"Xenu_is1" = Xenu's Link Sleuth
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0
"Xvid_is1" = Xvid 1.2.2 final uninstall
"Zeb Help Process_is1" = ZebHelpProcess 2.34
"Zeb-Utility 1.2" = Zeb-Utility 1.2
"ZHPDiag_is1" = ZHPDiag 1.24
"ZHPFix_is1" = ZHPFix 1.12
"ZoomBrowser EX" = Canon Utilities ZoomBrowser EX
"ZoomBrowser EX Memory Card Utility" = Canon ZoomBrowser EX Memory Card Utility

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-1343024091-1682526488-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Notification de cadeaux MSN" = Notification de cadeaux MSN

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 02/10/2009 05:18:25 | Computer Name = DANASTYLE | Source = MsiInstaller | ID = 10005
Description = Product: Adobe Premiere Pro CS3 Functional Content -- Please install
Adobe Premiere Pro CS3 Functional Content using Setup.exe

Error - 02/10/2009 05:18:39 | Computer Name = DANASTYLE | Source = MsiInstaller | ID = 10005
Description = Product: Adobe Premiere Pro CS3 -- Please install Adobe Premiere Pro
CS3 using Setup.exe

Error - 02/10/2009 12:02:20 | Computer Name = DANASTYLE | Source = Application Error | ID = 1000
Description = Application défaillante SfCtlCom.exe, version 16.10.0.1106, module
défaillant msvcr80.dll, version 8.0.50727.3053, adresse de défaillance 0x000046b4.

Error - 04/10/2009 04:16:21 | Computer Name = DANASTYLE | Source = Application Error | ID = 1000
Description = Application défaillante exportcontroller.exe, version 7.64.17.73,
module défaillant ntdll.dll, version 5.1.2600.5755, adresse de défaillance 0x00010b2c.

Error - 04/10/2009 04:16:21 | Computer Name = DANASTYLE | Source = Application Error | ID = 1000
Description = Application défaillante exportcontroller.exe, version 7.64.17.73,
module défaillant ntdll.dll, version 5.1.2600.5755, adresse de défaillance 0x00010b2c.

Error - 04/10/2009 04:16:21 | Computer Name = DANASTYLE | Source = Application Error | ID = 1000
Description = Application défaillante exportcontroller.exe, version 7.64.17.73,
module défaillant ntdll.dll, version 5.1.2600.5755, adresse de défaillance 0x00010b2c.

Error - 04/10/2009 06:06:14 | Computer Name = DANASTYLE | Source = MsiInstaller | ID = 10005
Description = Product: Adobe Setup -- Please install Adobe Setup using Setup.exe

Error - 04/10/2009 06:06:36 | Computer Name = DANASTYLE | Source = MsiInstaller | ID = 10005
Description = Product: Adobe Premiere Pro CS3 -- Please install Adobe Premiere Pro
CS3 using Setup.exe

Error - 04/10/2009 11:17:48 | Computer Name = DANASTYLE | Source = Application Error | ID = 1000
Description = Application défaillante tistool.exe, version 17.50.0.1366, module
défaillant unknown, version 0.0.0.0, adresse de défaillance 0x00000000.

Error - 05/10/2009 02:37:15 | Computer Name = DANASTYLE | Source = CachemanServ.exe | ID = 0
Description =

[ System Events ]
Error - 01/10/2009 08:44:30 | Computer Name = DANASTYLE | Source = Dhcp | ID = 1002
Description = Le bail de l'adresse IP 192.168.1.1 pour la carte réseau dont l'adresse
réseau est 000C7655F813 a été refusé par le serveur DHCP 192.168.1.254 (celui-ci
a envoyé un message DHCPNACK).

Error - 01/10/2009 08:46:22 | Computer Name = DANASTYLE | Source = PlugPlayManager | ID = 11
Description = Le périphérique Root\LEGACY_RUSHTOPDEVICE\0000 a disparu du système
sans que sa suppression ait tout d'abord été préparée.

Error - 01/10/2009 08:50:54 | Computer Name = DANASTYLE | Source = PlugPlayManager | ID = 11
Description = Le périphérique Root\LEGACY_RUSHTOPDEVICE\0000 a disparu du système
sans que sa suppression ait tout d'abord été préparée.

Error - 01/10/2009 08:56:08 | Computer Name = DANASTYLE | Source = PlugPlayManager | ID = 11
Description = Le périphérique Root\LEGACY_RUSHTOPDEVICE\0000 a disparu du système
sans que sa suppression ait tout d'abord été préparée.

Error - 01/10/2009 09:49:10 | Computer Name = DANASTYLE | Source = Dhcp | ID = 1002
Description = Le bail de l'adresse IP 192.168.1.1 pour la carte réseau dont l'adresse
réseau est 000C7655F813 a été refusé par le serveur DHCP 192.168.1.254 (celui-ci
a envoyé un message DHCPNACK).

Error - 01/10/2009 09:51:50 | Computer Name = DANASTYLE | Source = PlugPlayManager | ID = 11
Description = Le périphérique Root\LEGACY_RUSHTOPDEVICE\0000 a disparu du système
sans que sa suppression ait tout d'abord été préparée.

Error - 01/10/2009 10:09:01 | Computer Name = DANASTYLE | Source = PlugPlayManager | ID = 11
Description = Le périphérique Root\LEGACY_RUSHTOPDEVICE\0000 a disparu du système
sans que sa suppression ait tout d'abord été préparée.

Error - 01/10/2009 11:55:01 | Computer Name = DANASTYLE | Source = Service Control Manager | ID = 7034
Description = Le service Composant de commande centrale Trend Micro s'est terminé
de façon inattendue pour la 1ème fois.

Error - 01/10/2009 12:03:52 | Computer Name = DANASTYLE | Source = PlugPlayManager | ID = 11
Description = Le périphérique Root\LEGACY_RUSHTOPDEVICE\0000 a disparu du système
sans que sa suppression ait tout d'abord été préparée.

Error - 02/10/2009 08:28:29 | Computer Name = DANASTYLE | Source = PlugPlayManager | ID = 11
Description = Le périphérique Root\LEGACY_RUSHTOPDEVICE\0000 a disparu du système
sans que sa suppression ait tout d'abord été préparée.


<End>
maltin75
 
Messages: 5
Inscription: 04 Oct 2009, 17:00
Localisation: paris

Messagede nickW » 19 Oct 2009, 00:29

Bonsoir,

Je ne vois rien d'"infectieux" dans les rapports OTL.


Il y a un pilote lié à Panda Security qui est actif. Sais-tu d'où il vient?


Que se passe-t-il si tu lances "Firefox en mode sans échec" (j'ai mis des guillemets, car ce n'est pas le système qui doit être en mode sans échec, mais seulement Firefox)?

Pour ce faire:

*- Fermer toutes les fenêtres de Firefox ouvertes

*- Démarrer---->Exécuter
taper exactement
firefox.exe¤-safe-mode
(le caractère ¤ représente un espace)
puis cliquer sur OK


Quels sont les "État" et "Type de démarrage" du service Client DNS?

A suivre,
nickW - Image
30/07/2012: Plus de désinfection de PC jusqu'à nouvel ordre.
Pas de demande d'analyse de log en MP (Message Privé)
Mes configs
Avatar de l’utilisateur
nickW
Modérateur
 
Messages: 21698
Inscription: 20 Mai 2004, 17:41
Localisation: Dordogne/Île de France


Retourner vers Sécurité (Contamination - Décontamination)

Qui est en ligne

Utilisateurs parcourant ce forum: Aucun utilisateur enregistré et 23 invités

cron