Assiste.Forums

de **FloGraphiste** » 07 Oct 2009, 14:30

Ma config:
PC de FloGraphiste

Système d'exploitation + version :
- Windows Vista Integrale 32 Bits
- SP2
Configuration sécurité
- Pare-feu
  Windows Vista
- Antivirus
  AVIRA
- Anti-trojans
  SpyWareDoctor
- Anti-spams
  None
- Anti-publicités et pop-up
  Intégrés à Firefox et Chrome
- Limitation droits utilisateurs
  UAC non active
- Limitation services Windows
  Au max
- Contrôleur d'intégrité
  ???
- Protection navigation
  Fichier Hosts mis à jour régulièrement
Surveillance système
???
Configuration optimisation système
- Nettoyeur fichiers
  Vista Manager
- Nettoyeur registre
  Vista Manager; CCleaner
Navigation internet
- Type de connexion
  ADSL
- Surveillance de la connexion
  Modem FREEBOX, Mode routeur, DHCP désactivé, connexion WIFI active
- Navigateur
  Chrome, Firefox
- Courrielleur
  OUTLOOK 2007
- Messagerie instantanée
  None
- Autres
  ...

Bonjour,
Je suis confrontée depuis quelques semaines à une infection sur mon poste qui utilise mes codes FTP enregistrés dans FileZilla pour modifier les pages index de mes sites.
Deux de mes sites sont blacklistés par Google et OVH (mon hébergeur: je n'ai pas pris l'option connexion en mode SSH!).
Malaware dénombre 9 infections, dont peut-être celle qui utilse mes codes ftp pour inscrire des IFrames dans mes pages index.
Help, car je ne sais plus trop quoi faire même si j'ai renforcé la protection Htaccess et commencé à voir comment fonction Crawlcrack(?).
Merci pour votre aide
Voici le rapport Anti- Malware:
Malwarebytes' Anti-Malware 1.41
Version de la base de données: 2917
Windows 6.0.6002 Service Pack 2

07/10/2009 15:07:50
mbam-log-2009-10-07 (15-07-32).txt

Type de recherche: Examen rapide
Eléments examinés: 100960
Temps écoulé: 5 minute(s), 6 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 9

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
C:\Users\Flox\AppData\Roaming\wiaserva.log (Malware.Trace) -> No action taken.
C:\Users\Flox\oashdihasidhasuidhiasdhiashdiuasdhasd (Malware.Trace) -> No action taken.
C:\Windows\010112010146118114.dat (Worm.KoobFace) -> No action taken.
C:\Windows\0101120101464849.dat (Worm.KoobFace) -> No action taken.
C:\Windows\01011201014650120.dat (Worm.KoobFace) -> No action taken.
C:\Windows\0101120101465749.dat (Worm.KoobFace) -> No action taken.
C:\Windows\0101120101465752.dat (Worm.KoobFace) -> No action taken.
C:\Windows\934fdfg34fgjf23 (Worm.KoobFace) -> No action taken.
C:\Windows\bf23567.dat (Worm.KoobFace) -> No action taken.

de **FloGraphiste** » 07 Oct 2009, 14:31

Voici le rapport OTL:

OTL logfile created on: 07/10/2009 15:09:14 - Run 1
OTL by OldTimer - Version 3.0.18.4 Folder = C:\Users\Flox\Desktop
Windows Vista Ultimate Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6002.18005)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

2,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 100,00% Memory free
4,00 Gb Paging File | 4,00 Gb Available in Paging File | 100,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 31,49 Gb Total Space | 4,16 Gb Free Space | 13,21% Space Free | Partition Type: NTFS
Drive D: | 232,88 Gb Total Space | 200,33 Gb Free Space | 86,02% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: PC-DE-FLORENCE
Current User Name: Flox
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 90 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2009/08/17 02:41:48 | 00,215,584 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvvsvc.exe
PRC - [2009/08/17 02:41:48 | 00,215,584 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvvsvc.exe
PRC - [2009/07/17 11:05:28 | 00,108,289 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2009/08/18 13:08:07 | 00,185,089 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2006/02/28 12:42:38 | 00,229,376 | ---- | M] (Apple Computer, Inc.) -- C:\Program Files\Extensis\Extensis Suitcase 11\Bonjour\mDNSResponder.exe
PRC - [2008/11/10 06:43:40 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe
PRC - [2009/01/07 12:40:56 | 00,348,752 | ---- | M] (PC Tools) -- C:\Program Files\Spyware Doctor\pctsAuxs.exe
PRC - [2009/07/22 22:44:48 | 01,097,096 | ---- | M] (PC Tools) -- C:\Program Files\Spyware Doctor\pctsSvc.exe
PRC - [2009/08/17 01:32:00 | 00,239,648 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2009/01/19 12:13:44 | 02,789,160 | ---- | M] (Wacom Technology, Corp.) -- C:\Windows\System32\Pen_Tablet.exe
PRC - [2009/01/19 12:14:44 | 00,186,664 | ---- | M] (Wacom Technology, Corp.) -- C:\Windows\System32\WTablet\Pen_TabletUser.exe
PRC - [2009/01/19 12:13:44 | 02,789,160 | ---- | M] (Wacom Technology, Corp.) -- C:\Windows\System32\Pen_Tablet.exe
PRC - [2009/03/02 13:08:11 | 00,209,153 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2009/07/22 22:44:50 | 01,181,064 | ---- | M] (PC Tools) -- C:\Program Files\Spyware Doctor\pctsTray.exe
PRC - [2009/04/11 15:19:03 | 01,233,920 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Sidebar\sidebar.exe
PRC - [2007/03/30 13:05:32 | 01,024,512 | ---- | M] () -- C:\Program Files\GIGABYTE\VGA Utility Manager\Utility.exe
PRC - [2009/04/11 15:19:30 | 02,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\Explorer.exe
PRC - [2009/08/22 01:01:41 | 00,833,008 | ---- | M] (Google Inc.) -- C:\Users\Flox\AppData\Local\Google\Chrome\Application\chrome.exe
PRC - [2009/08/22 01:01:41 | 00,833,008 | ---- | M] (Google Inc.) -- C:\Users\Flox\AppData\Local\Google\Chrome\Application\chrome.exe
PRC - [2008/01/21 04:22:46 | 00,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\Taskmgr.exe
PRC - [2009/10/07 14:46:11 | 00,520,704 | ---- | M] (OldTimer Tools) -- C:\Users\Flox\Desktop\OTL.exe

========== Win32 Services (SafeList) ==========

SRV - [2008/08/15 05:46:20 | 00,284,016 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe -- (Adobe Version Cue CS4 [On_Demand | Stopped])
SRV - [2009/07/17 11:05:28 | 00,108,289 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService [Auto | Running])
SRV - [2009/08/18 13:08:07 | 00,185,089 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService [Auto | Running])
SRV - [2006/02/28 12:42:38 | 00,229,376 | ---- | M] (Apple Computer, Inc.) -- C:\Program Files\Extensis\Extensis Suitcase 11\Bonjour\mDNSResponder.exe -- (Bonjour Service [Auto | Running])
SRV - [2009/04/11 15:19:47 | 00,066,368 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32 [On_Demand | Stopped])
SRV - [2008/01/21 04:23:20 | 00,292,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehRecvr.exe -- (ehRecvr [On_Demand | Stopped])
SRV - [2006/11/02 14:34:14 | 00,131,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehsched.exe -- (ehSched [On_Demand | Stopped])
SRV - [2006/11/02 14:34:14 | 00,013,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehstart.dll -- (ehstart [Auto | Stopped])
SRV - [2009/04/11 15:19:14 | 01,017,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wevtsvc.dll -- (Eventlog [Auto | Running])
SRV - [2008/10/25 23:48:45 | 00,655,624 | ---- | M] (Acresso Software Inc.) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service [On_Demand | Stopped])
SRV - [2009/04/11 15:20:00 | 00,043,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe -- (FontCache3.0.0.0 [On_Demand | Stopped])
SRV - [2009/04/27 22:43:03 | 00,182,768 | ---- | M] (Google) -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc [On_Demand | Stopped])
SRV - [2005/04/04 00:41:10 | 00,069,632 | ---- | M] (Macrovision Corporation) -- C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe -- (IDriverT [On_Demand | Stopped])
SRV - [2009/04/11 15:20:00 | 00,879,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe -- (idsvc [Unknown | Stopped])
SRV - [2009/05/04 14:53:38 | 00,442,368 | ---- | M] (Enfocus, an EskoArtwork company) -- C:\Program Files\Enfocus\Enfocus Instant PDF 08\Application\InstantPDFService.exe -- (Instant PDF Service [Auto | Stopped])
SRV - [2008/11/10 06:43:40 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe -- (JavaQuickStarterService [Auto | Running])
SRV - [2009/09/01 08:07:48 | 00,234,864 | ---- | M] (CybelSoft) -- C:\Program Files\ma-config.com\maconfservice.exe -- (maconfservice [On_Demand | Stopped])
SRV - [2008/10/25 11:44:08 | 00,065,888 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe -- (Microsoft Office Groove Audit Service [On_Demand | Stopped])
SRV - [2009/04/11 15:20:03 | 00,129,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing [Disabled | Stopped])
SRV - [2009/08/17 02:41:48 | 00,215,584 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvvsvc.exe -- (nvsvc [Auto | Running])
SRV - [2008/11/04 01:06:28 | 00,441,712 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv [On_Demand | Stopped])
SRV - [2006/10/26 14:03:08 | 00,145,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose [On_Demand | Stopped])
SRV - [2009/01/07 12:40:56 | 00,348,752 | ---- | M] (PC Tools) -- C:\Program Files\Spyware Doctor\pctsAuxs.exe -- (sdAuxService [Auto | Running])
SRV - [2009/07/22 22:44:48 | 01,097,096 | ---- | M] (PC Tools) -- C:\Program Files\Spyware Doctor\pctsSvc.exe -- (sdCoreService [Auto | Running])
SRV - [2009/08/17 01:32:00 | 00,239,648 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service [Auto | Running])
SRV - [2009/01/19 12:13:44 | 02,789,160 | ---- | M] (Wacom Technology, Corp.) -- C:\Windows\System32\Pen_Tablet.exe -- (TabletServicePen [Auto | Running])
SRV - [2008/10/25 21:47:48 | 00,354,560 | ---- | M] (TuneUp Software GmbH) -- C:\Windows\System32\TuneUpDefragService.exe -- (TuneUp.Defrag [On_Demand | Stopped])
SRV - [2008/04/04 14:51:32 | 00,028,416 | ---- | M] (TuneUp Software GmbH) -- C:\Windows\System32\uxtuneup.dll -- (UxTuneUp [Auto | Stopped])
SRV - [2008/01/21 04:23:48 | 00,896,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc [Disabled | Stopped])

========== Driver Services (SafeList) ==========

DRV - [2008/08/14 07:57:42 | 00,074,720 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\System32\drivers\adfs.sys -- (adfs [Auto | Running])
DRV - [2008/01/21 04:21:29 | 00,422,968 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx [Disabled | Stopped])
DRV - [2008/01/21 04:21:33 | 00,300,600 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci [Disabled | Stopped])
DRV - [2008/01/21 04:21:34 | 00,101,432 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m [Disabled | Stopped])
DRV - [2008/01/21 04:21:35 | 00,149,560 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320 [Disabled | Stopped])
DRV - [2006/11/02 11:50:11 | 00,071,272 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx [Disabled | Stopped])
DRV - [2008/01/21 04:21:09 | 00,017,464 | ---- | M] (Acer Laboratories Inc.) -- C:\Windows\system32\drivers\aliide.sys -- (aliide [Disabled | Stopped])
DRV - [2007/10/12 03:40:12 | 00,009,096 | ---- | M] (Advanced Micro Devices) -- C:\Windows\system32\drivers\amdide.sys -- (amdide [Boot | Running])
DRV - [2008/01/21 04:21:32 | 00,079,416 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\arc.sys -- (arc [Disabled | Stopped])
DRV - [2008/01/21 04:21:32 | 00,079,928 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas [Disabled | Stopped])
DRV - [2009/02/13 12:34:33 | 00,011,608 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys -- (avgio [System | Running])
DRV - [2009/08/18 13:08:07 | 00,055,656 | ---- | M] (Avira GmbH) -- C:\Windows\System32\DRIVERS\avgntflt.sys -- (avgntflt [Auto | Running])
DRV - [2009/03/30 10:32:47 | 00,096,104 | ---- | M] (Avira GmbH) -- C:\Windows\System32\DRIVERS\avipbb.sys -- (avipbb [System | Running])
DRV - [2006/11/02 10:24:45 | 00,013,568 | ---- | M] (Brother Industries, Ltd.) -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo [On_Demand | Stopped])
DRV - [2006/11/02 10:24:46 | 00,005,248 | ---- | M] (Brother Industries, Ltd.) -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp [On_Demand | Stopped])
DRV - [2006/11/02 10:25:24 | 00,071,808 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\system32\drivers\brserid.sys -- (Brserid [Disabled | Stopped])
DRV - [2006/11/02 10:24:44 | 00,062,336 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm [Disabled | Stopped])
DRV - [2006/11/02 10:24:44 | 00,012,160 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm [Disabled | Stopped])
DRV - [2006/11/02 10:24:47 | 00,011,904 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer [On_Demand | Stopped])
DRV - [2008/01/21 04:21:09 | 00,019,000 | ---- | M] (CMD Technology, Inc.) -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide [Disabled | Stopped])
DRV - [2009/09/01 08:13:02 | 00,014,336 | ---- | M] (CybelSoft) -- C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys -- (driverhardwarev2 [On_Demand | Stopped])
DRV - [2008/01/21 04:21:33 | 00,118,784 | ---- | M] (Intel Corporation) -- C:\Windows\System32\DRIVERS\E1G60I32.sys -- (E1G60 [On_Demand | Stopped])
DRV - [2008/01/21 04:21:30 | 00,342,584 | ---- | M] (Emulex) -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor [Disabled | Stopped])
DRV - [2009/04/11 15:18:59 | 00,069,096 | ---- | M] (Hewlett-Packard Company) -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs [Disabled | Stopped])
DRV - [2008/01/21 04:21:31 | 00,235,064 | ---- | M] (Intel Corporation) -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV [Disabled | Stopped])
DRV - [2006/11/02 11:50:17 | 00,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp [Disabled | Stopped])
DRV - [2007/04/10 13:04:40 | 04,397,568 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\System32\drivers\RtkHDAud.sys -- (IntcAzAudAddService [On_Demand | Running])
DRV - [2006/11/02 11:50:07 | 00,035,944 | ---- | M] (Integrated Technology Express, Inc.) -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi [Disabled | Stopped])
DRV - [2006/11/02 11:50:09 | 00,035,944 | ---- | M] (Integrated Technology Express, Inc.) -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid [Disabled | Stopped])
DRV - [2008/10/09 15:42:42 | 00,017,408 | ---- | M] (Windows (R) Codename Longhorn DDK provider) -- C:\Windows\System32\DRIVERS\KMWDFILTER.sys -- (KMWDFILTER [On_Demand | Stopped])
DRV - [2008/01/21 04:21:31 | 00,096,312 | ---- | M] (LSI Logic) -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC [Disabled | Stopped])
DRV - [2008/01/21 04:21:33 | 00,089,656 | ---- | M] (LSI Logic) -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS [Disabled | Stopped])
DRV - [2008/01/21 04:21:31 | 00,096,312 | ---- | M] (LSI Logic) -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI [Disabled | Stopped])
DRV - [2008/01/21 04:21:35 | 00,031,288 | ---- | M] (LSI Corporation) -- C:\Windows\system32\drivers\megasas.sys -- (megasas [Disabled | Stopped])
DRV - [2008/01/21 04:21:35 | 00,386,616 | ---- | M] (LSI Corporation, Inc.) -- C:\Windows\system32\drivers\megasr.sys -- (MegaSR [Disabled | Stopped])
DRV - [2006/11/02 11:49:59 | 00,033,384 | ---- | M] (LSI Logic Corporation) -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x [Disabled | Stopped])
DRV - [2007/10/16 17:14:24 | 00,256,512 | ---- | M] (Marvell Semiconductor, Inc) -- C:\Windows\System32\DRIVERS\MRVW13B.sys -- (MRV6X32P [On_Demand | Stopped])
DRV - [2006/11/02 11:50:19 | 00,045,160 | ---- | M] (IBM Corporation) -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960 [Disabled | Stopped])
DRV - [2006/11/02 09:36:50 | 00,020,608 | ---- | M] (N-trig Innovative Technologies) -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi [Disabled | Stopped])
DRV - [2009/08/17 00:57:00 | 09,545,152 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\DRIVERS\nvlddmkm.sys -- (nvlddmkm [On_Demand | Running])
DRV - [2008/01/21 04:21:29 | 00,102,968 | ---- | M] (NVIDIA Corporation) -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid [Disabled | Stopped])
DRV - [2008/01/21 04:21:29 | 00,045,112 | ---- | M] (NVIDIA Corporation) -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor [Disabled | Stopped])
DRV - [2009/09/06 20:47:51 | 00,206,256 | ---- | M] (PC Tools) -- C:\Windows\system32\drivers\PCTCore.sys -- (PCTCore [Boot | Stopped])
DRV - [2008/02/06 03:00:00 | 00,044,608 | ---- | M] (Sonic Solutions) -- C:\Windows\System32\Drivers\PxHelp20.sys -- (PxHelp20 [Boot | Running])
DRV - [2008/01/21 04:21:33 | 01,122,360 | ---- | M] (QLogic Corporation) -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300 [Disabled | Stopped])
DRV - [2006/11/02 11:50:35 | 00,106,088 | ---- | M] (QLogic Corporation) -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx [Disabled | Stopped])
DRV - [2009/07/29 23:30:02 | 00,172,032 | ---- | M] (Realtek ) -- C:\Windows\System32\DRIVERS\Rtlh86.sys -- (RTL8169 [On_Demand | Running])
DRV - [2006/11/02 08:37:21 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\Windows\System32\drivers\secdrv.sys -- (secdrv [Auto | Running])
DRV - [2008/01/21 04:21:34 | 00,074,808 | ---- | M] (Silicon Integrated Systems) -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4 [Disabled | Stopped])
DRV - [2009/09/22 09:39:47 | 00,721,904 | ---- | M] () -- C:\Windows\System32\Drivers\sptd.sys -- (sptd [Boot | Running])
DRV - [2009/07/17 11:05:28 | 00,028,520 | ---- | M] (Avira GmbH) -- C:\Windows\System32\DRIVERS\ssmdrv.sys -- (ssmdrv [System | Running])
DRV - [2006/11/02 11:50:05 | 00,035,944 | ---- | M] (LSI Logic) -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx [Disabled | Stopped])
DRV - [2006/11/02 11:49:56 | 00,031,848 | ---- | M] (LSI Logic) -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi [Disabled | Stopped])
DRV - [2006/11/02 11:50:03 | 00,034,920 | ---- | M] (LSI Logic) -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3 [Disabled | Stopped])
DRV - [2008/01/21 04:21:28 | 00,238,648 | ---- | M] (ULi Electronics Inc.) -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci [Disabled | Stopped])
DRV - [2006/11/02 11:50:35 | 00,098,408 | ---- | M] (Promise Technology, Inc.) -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata [Disabled | Stopped])
DRV - [2008/01/21 04:21:31 | 00,115,816 | ---- | M] (Promise Technology, Inc.) -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2 [Disabled | Stopped])
DRV - [2008/01/21 04:21:09 | 00,020,024 | ---- | M] (VIA Technologies, Inc.) -- C:\Windows\system32\drivers\viaide.sys -- (viaide [Disabled | Stopped])
DRV - [2008/01/21 04:21:32 | 00,130,616 | ---- | M] (VIA Technologies Inc.,Ltd) -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid [Disabled | Stopped])
DRV - [2008/10/06 11:53:24 | 00,015,656 | ---- | M] (Wacom Technology) -- C:\Windows\System32\DRIVERS\wacmoumonitor.sys -- (wacmoumonitor [On_Demand | Running])
DRV - [2007/02/16 11:12:36 | 00,011,312 | ---- | M] (Wacom Technology) -- C:\Windows\System32\DRIVERS\wacommousefilter.sys -- (wacommousefilter [On_Demand | Running])
DRV - [2008/08/18 15:45:00 | 00,013,352 | ---- | M] (Wacom Technology) -- C:\Windows\System32\DRIVERS\wacomvhid.sys -- (wacomvhid [On_Demand | Running])
DRV - [2007/02/15 16:11:28 | 00,011,440 | ---- | M] (Wacom Technology) -- C:\Windows\System32\DRIVERS\WacomVKHid.sys -- (WacomVKHid [On_Demand | Running])

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie

IE - HKU\.DEFAULT\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-602162358-1417001333-1801674531-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
IE - HKU\S-1-5-21-602162358-1417001333-1801674531-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\S-1-5-21-602162358-1417001333-1801674531-1003\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKU\S-1-5-21-602162358-1417001333-1801674531-1003\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
IE - HKU\S-1-5-21-602162358-1417001333-1801674531-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKU\S-1-5-21-602162358-1417001333-1801674531-1003\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKU\S-1-5-21-602162358-1417001333-1801674531-1003\S-1-5-21-602162358-1417001333-1801674531-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-602162358-1417001333-1801674531-1003\S-1-5-21-602162358-1417001333-1801674531-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.update: false
FF - prefs.js..browser.startup.homepage: "http://www.google.fr/"
FF - prefs.js..extensions.enabledItems: {6AC85730-7D0F-4de0-B3FA-21142DD85326}:2.0
FF - prefs.js..extensions.enabledItems: firebug@software.joehewitt.com:1.4.2
FF - prefs.js..extensions.enabledItems: {3b56bcc7-54e5-44a2-9b44-66c3ef58c13e}:0.8.5.2
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA}:6.0.10
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}:6.0.11
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {bb628310-0ab7-11db-9cd8-0800200c9a66}:3.0.4.0
FF - prefs.js..extensions.enabledItems: {20a82645-c095-46ed-80e3-08825760534b}:1.0
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.0.14
FF - prefs.js..keyword.URL: "http://search.live.com/results.aspx?mkt=fr-FR&FORM=MIMWA2&q="

FF - HKLM\software\mozilla\Firefox\extensions\\jqs@sun.com: C:\Program Files\Java\jre6\lib\deploy\jqs\ff [2009/09/13 21:42:30 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\extensions\\{20a82645-c095-46ed-80e3-08825760534b}: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2009/09/14 00:27:13 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.14\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2009/10/05 18:58:51 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.14\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2009/09/27 07:41:50 | 00,000,000 | ---D | M]

[2009/09/13 22:00:20 | 00,000,000 | ---D | M] -- C:\Users\Flox\AppData\Roaming\mozilla\Extensions
[2008/10/25 21:13:41 | 00,000,000 | ---D | M] -- C:\Users\Flox\AppData\Roaming\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2009/09/14 00:52:42 | 00,000,000 | ---D | M] -- C:\Users\Flox\AppData\Roaming\mozilla\Firefox\Profiles\eticczpt.default\extensions
[2009/09/13 22:00:23 | 00,000,000 | ---D | M] -- C:\Users\Flox\AppData\Roaming\mozilla\Firefox\Profiles\eticczpt.default\extensions\{3b56bcc7-54e5-44a2-9b44-66c3ef58c13e}
[2009/09/13 22:00:25 | 00,000,000 | ---D | M] -- C:\Users\Flox\AppData\Roaming\mozilla\Firefox\Profiles\eticczpt.default\extensions\{6AC85730-7D0F-4de0-B3FA-21142DD85326}
[2009/09/13 23:10:47 | 00,000,000 | ---D | M] -- C:\Users\Flox\AppData\Roaming\mozilla\Firefox\Profiles\eticczpt.default\extensions\{bb628310-0ab7-11db-9cd8-0800200c9a66}
[2009/09/13 22:00:22 | 00,000,000 | ---D | M] -- C:\Users\Flox\AppData\Roaming\mozilla\Firefox\Profiles\eticczpt.default\extensions\firebug@software.joehewitt.com
[2009/03/08 13:10:43 | 00,001,775 | ---- | M] () -- C:\Users\Flox\AppData\Roaming\Mozilla\FireFox\Profiles\eticczpt.default\searchplugins\live-search.xml
[2009/09/14 00:52:42 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions
[2009/09/27 07:41:50 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2009/09/13 21:43:05 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA}
[2009/09/13 21:43:05 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}
[2009/09/27 07:41:36 | 00,023,032 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browserdirprovider.dll
[2009/09/27 07:41:36 | 00,134,648 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\brwsrcmp.dll
[2009/05/01 23:02:48 | 01,044,480 | ---- | M] (The OpenSSL Project, http://www.openssl.org/) -- C:\Program Files\mozilla firefox\plugins\libdivx.dll
[2006/05/29 16:40:26 | 07,296,000 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\libvlc.dll
[2009/01/16 20:17:04 | 00,114,688 | ---- | M] (Adobe Systems, Inc.) -- C:\Program Files\mozilla firefox\plugins\np32dsw.dll
[2008/11/10 06:43:30 | 00,410,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeploytk.dll
[2009/05/12 20:46:20 | 01,650,992 | ---- | M] (DivX,Inc.) -- C:\Program Files\mozilla firefox\plugins\npdivx32.dll
[2009/05/19 00:41:32 | 00,098,304 | ---- | M] (DivX, Inc) -- C:\Program Files\mozilla firefox\plugins\npDivxPlayerPlugin.dll
[2007/02/12 21:30:16 | 00,164,352 | ---- | M] (Indiepath Ltd) -- C:\Program Files\mozilla firefox\plugins\npigl.dll
[2009/09/27 07:41:42 | 00,065,528 | ---- | M] (mozilla.org) -- C:\Program Files\mozilla firefox\plugins\npnul32.dll
[2006/10/26 20:12:16 | 00,016,192 | ---- | M] (Microsoft Corporation) -- C:\Program Files\mozilla firefox\plugins\NPOFF12.DLL
[2008/06/11 22:45:28 | 00,103,792 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\mozilla firefox\plugins\nppdf32.dll
[2009/01/19 14:37:02 | 00,144,984 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\mozilla firefox\plugins\nppl3260.dll
[2009/02/16 18:02:26 | 00,126,976 | ---- | M] (Apple Computer, Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin.dll
[2009/02/16 18:02:26 | 00,126,976 | ---- | M] (Apple Computer, Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll
[2009/02/16 18:02:26 | 00,126,976 | ---- | M] (Apple Computer, Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll
[2009/02/16 18:02:26 | 00,126,976 | ---- | M] (Apple Computer, Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll
[2009/02/16 18:02:27 | 00,126,976 | ---- | M] (Apple Computer, Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll
[2009/02/16 18:02:27 | 00,126,976 | ---- | M] (Apple Computer, Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin6.dll
[2009/01/19 14:37:13 | 00,024,576 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\mozilla firefox\plugins\nprjplug.dll
[2009/01/19 14:36:57 | 00,081,920 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\mozilla firefox\plugins\nprpjplug.dll
[2009/05/01 23:02:48 | 00,200,704 | ---- | M] (The OpenSSL Project, http://www.openssl.org/) -- C:\Program Files\mozilla firefox\plugins\ssldivx.dll
[2009/09/27 07:41:44 | 00,001,516 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-france.xml
[2009/09/27 07:41:44 | 00,000,757 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-france.xml
[2009/09/27 07:41:44 | 00,001,706 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\google.xml
[2009/09/27 07:41:44 | 00,000,748 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\MediaDICO-fr.xml
[2009/09/27 07:41:44 | 00,001,426 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-fr.xml
[2009/09/27 07:41:44 | 00,000,652 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-france.xml

O1 HOSTS File: (610124 bytes) - C:\Windows\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 ad.a8.net
O1 - Hosts: 127.0.0.1 asy.a8ww.net
O1 - Hosts: 127.0.0.1 acezip.net #[SiteAdvisor.acezip.net]
O1 - Hosts: 127.0.0.1 www.acezip.net #[Win32/Adware.180Solutions]
O1 - Hosts: 127.0.0.1 phpadsnew.abac.com
O1 - Hosts: 127.0.0.1 a.abnad.net
O1 - Hosts: 127.0.0.1 b.abnad.net
O1 - Hosts: 127.0.0.1 c.abnad.net #[eTrust.Tracking.Cookie]
O1 - Hosts: 127.0.0.1 d.abnad.net
O1 - Hosts: 127.0.0.1 e.abnad.net
O1 - Hosts: 127.0.0.1 t.abnad.net
O1 - Hosts: 127.0.0.1 z.abnad.net
O1 - Hosts: 127.0.0.1 banners.absolpublisher.com
O1 - Hosts: 127.0.0.1 tracking.absolstats.com
O1 - Hosts: 127.0.0.1 adv.abv.bg
O1 - Hosts: 127.0.0.1 bimg.abv.bg
O1 - Hosts: 127.0.0.1 www2.a-counter.kiev.ua
O1 - Hosts: 127.0.0.1 track.acclaimnetwork.com
O1 - Hosts: 127.0.0.1 accuserveadsystem.com
O1 - Hosts: 127.0.0.1 www.accuserveadsystem.com
O1 - Hosts: 127.0.0.1 gtb5.acecounter.com
O1 - Hosts: 127.0.0.1 gtb19.acecounter.com
O1 - Hosts: 127.0.0.1 gtcc1.acecounter.com
O1 - Hosts: 127.0.0.1 gtp1.acecounter.com #[eTrust.Tracking.Cookie]
O1 - Hosts: 16290 more lines...
O2 - BHO: (ContributeBHO Class) - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files\Adobe\Adobe Contribute CS4\contributeieplugin.dll (Adobe Systems Incorporated.)
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Ript) - {91D9091B-2046-42f7-903E-1215A29E21EA} - C:\Program Files\Ript\mscoree.dll (Microsoft Corporation)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.15642\swg.dll File not found
O2 - BHO: (Google Dictionary Compression sdch) - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll (Google Inc.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (no name) - {F880A4A8-C436-4AC4-AFD1-AA0BDC9552DD} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Contribute Toolbar) - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files\Adobe\Adobe Contribute CS4\contributeieplugin.dll (Adobe Systems Incorporated.)
O3 - HKU\S-1-5-21-602162358-1417001333-1801674531-1003\..\Toolbar\ShellBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKU\S-1-5-21-602162358-1417001333-1801674531-1003\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKU\S-1-5-21-602162358-1417001333-1801674531-1003\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [GrooveMonitor] C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe (Microsoft Corporation)
O4 - HKLM..\Run: [ISTray] C:\Program Files\Spyware Doctor\pctsTray.exe (PC Tools)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-602162358-1417001333-1801674531-1003..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-602162358-1417001333-1801674531-1003..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe (Microsoft Corporation)
O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - Startup: C:\Users\Flox\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\GIGABYTE VGA Utility.lnk = C:\Users\Flox\AppData\Roaming\Microsoft\Installer\{D27BDB5D-3B4C-44F0-A648-BD00B0E79B39}\Utility.exe2_D27BDB5D3B4C44F0A648BD00B0E79B39.exe (Macrovision Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: BindDirectlyToPropertySetStorage = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O7 - HKU\S-1-5-21-602162358-1417001333-1801674531-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Ajouter à un fichier PDF existant - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Ajouter la cible du lien à un fichier PDF existant - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convertir au format Adobe PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convertir la cible du lien au format Adobe PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: E&xporter vers Microsoft Excel - C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE File not found
O8 - Extra context menu item: SmarThru4 Capture Selection - C:\Program Files\SmarThru 4\WebCapture.dll2.htm File not found
O8 - Extra context menu item: SmarThru4 Enregistrer au format HTML - C:\Program Files\SmarThru 4\WebCapture.dll1.htm File not found
O8 - Extra context menu item: SmarThru4 Enregistrer le texte sélectionné - C:\Program Files\SmarThru 4\WebCapture.dll.htm File not found
O8 - Extra context menu item: SmarThru4 Save as HTML - C:\Program Files\SmarThru 4\WebCapture.dll1.htm File not found
O8 - Extra context menu item: SmarThru4 Save Selected Text - C:\Program Files\SmarThru 4\WebCapture.dll.htm File not found
O8 - Extra context menu item: SmarThru4 Sélection par capture - C:\Program Files\SmarThru 4\WebCapture.dll2.htm File not found
O8 - Extra context menu item: SmarThru4 Web Capture - C:\Program Files\SmarThru 4\WebCapture.dll File not found
O9 - Extra Button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programmes\Microsoft Office\Office12\ONBttnIE.dll File not found
O9 - Extra 'Tools' menuitem : &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programmes\Microsoft Office\Office12\ONBttnIE.dll File not found
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programmes\Microsoft Office\Office12\REFIEBAR.DLL File not found
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\Windows\Network Diagnostic\xpnetdiag.exe (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\System32\NLAapi.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Extensis\Extensis Suitcase 11\Bonjour\mdnsNSP.dll (Apple Computer, Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\System32\napinsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\System32\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Windows\System32\pnrpnsp.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} http://upload.facebook.com/controls/200 ... oader5.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macromedia.com/pub/shoc ... tor/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shoc ... wflash.cab (Shockwave Flash Object)
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programmes\Common Files\System\Ole DB\MSDAIPP.DLL File not found
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programmes\Common Files\System\Ole DB\MSDAIPP.DLL File not found
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programmes\Common Files\System\Ole DB\MSDAIPP.DLL File not found
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programmes\Common Files\System\Ole DB\MSDAIPP.DLL File not found
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programmes\Common Files\System\Ole DB\MSDAIPP.DLL File not found
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programmes\Common Files\System\Ole DB\MSDAIPP.DLL File not found
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programmes\Common Files\System\Ole DB\MSDAIPP.DLL File not found
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Filter: - text/xml - C:\Programmes\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\Explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: GinaDLL - (MrvGINA.dll) - File not found
O24 - Desktop Components:0 (Ma page d'accueil) - About:Home
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 23:43:36 | 00,000,024 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2008/09/09 01:15:12 | 00,000,000 | ---- | M] () - D:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\Windows\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - File not found
O35 - comfile [open] -- "%1" %* File not found
O35 - exefile [open] -- "%1" %* File not found

========== Files/Folders - Created Within 90 Days ==========

[2009/07/17 09:49:40 | 00,000,000 | ---D | C] -- C:\ProgramData\Avira
[2009/09/13 22:19:08 | 00,000,000 | -HSD | C] -- C:\ProgramData\Bureau
[2009/08/06 13:35:01 | 00,000,000 | ---D | C] -- C:\ProgramData\Enfocus Prefs Folder
[2009/09/13 22:19:08 | 00,000,000 | -HSD | C] -- C:\ProgramData\Favoris
[2009/10/07 15:00:15 | 00,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2009/09/13 22:19:08 | 00,000,000 | -HSD | C] -- C:\ProgramData\Menu Démarrer
[2009/09/13 19:51:03 | 00,000,000 | ---D | C] -- C:\ProgramData\Microsoft Corporation
[2009/09/13 22:19:09 | 00,000,000 | -HSD | C] -- C:\ProgramData\Modèles
[2009/09/13 23:22:45 | 00,000,000 | ---D | C] -- C:\ProgramData\NVIDIA
[2009/09/06 20:44:15 | 00,000,000 | ---D | C] -- C:\ProgramData\PC Tools
[2009/09/18 14:30:16 | 00,000,000 | ---D | C] -- C:\ProgramData\Ript
[2009/07/24 21:18:55 | 00,000,000 | ---D | C] -- C:\ProgramData\Windows Genuine Advantage
[2009/09/13 21:27:25 | 00,000,000 | ---D | C] -- C:\Users\Flox\AppData\Roaming
[2009/09/03 22:33:48 | 00,000,000 | ---D | C] -- C:\Users\Flox\AppData\Roaming\Ambient Design
[2009/09/14 11:53:38 | 00,000,000 | ---D | C] -- C:\Users\Flox\AppData\Roaming\Canon
[2009/09/22 14:19:24 | 00,000,000 | ---D | C] -- C:\Users\Flox\AppData\Roaming\Corel
[2009/09/22 09:35:40 | 00,000,000 | ---D | C] -- C:\Users\Flox\AppData\Roaming\DAEMON Tools Lite
[2009/08/18 21:05:43 | 00,000,000 | ---D | C] -- C:\Users\Flox\AppData\Roaming\DivX
[2009/08/06 13:35:38 | 00,000,000 | ---D | C] -- C:\Users\Flox\AppData\Roaming\Enfocus Prefs Folder
[2009/09/18 14:30:28 | 00,000,000 | ---D | C] -- C:\Users\Flox\AppData\Roaming\FastStone
[2009/08/06 13:33:44 | 00,000,000 | ---D | C] -- C:\Users\Flox\AppData\Roaming\InstallShield
[2009/10/07 14:53:22 | 00,000,000 | ---D | C] -- C:\Users\Flox\AppData\Roaming\Malwarebytes
[2009/09/13 21:27:25 | 00,000,000 | ---D | C] -- C:\Users\Flox\AppData\Roaming\Media Center Programs
[2009/09/13 21:27:25 | 00,000,000 | --SD | C] -- C:\Users\Flox\AppData\Roaming\Microsoft
[2009/09/06 20:44:15 | 00,000,000 | ---D | C] -- C:\Users\Flox\AppData\Roaming\PC Tools
[2009/09/10 21:46:15 | 00,000,000 | ---D | C] -- C:\Users\Flox\AppData\Roaming\Pegtop
[2009/09/18 14:30:16 | 00,000,000 | ---D | C] -- C:\Users\Flox\AppData\Roaming\Ript
[2009/09/22 09:09:31 | 00,000,000 | ---D | C] -- C:\Users\Flox\AppData\Roaming\WTablet
[2009/09/13 21:27:25 | 00,000,000 | -HSD | C] -- C:\Users\Flox\AppData\Local\Application Data
[2009/09/13 21:27:25 | 00,000,000 | -HSD | C] -- C:\Users\Flox\AppData\Local\Historique
[2009/09/13 21:27:25 | 00,000,000 | ---D | C] -- C:\Users\Flox\AppData\Local\Microsoft
[2009/09/14 01:03:35 | 00,000,000 | ---D | C] -- C:\Users\Flox\AppData\Local\Microsoft Games
[2009/09/13 22:46:09 | 00,000,000 | ---D | C] -- C:\Users\Flox\AppData\Local\Quark
[2009/09/18 14:30:16 | 00,000,000 | ---D | C] -- C:\Users\Flox\AppData\Local\Ript
[2009/09/13 21:27:25 | 00,000,000 | ---D | C] -- C:\Users\Flox\AppData\Local\Temp
[2009/09/13 21:27:25 | 00,000,000 | -HSD | C] -- C:\Users\Flox\AppData\Local\Temporary Internet Files
[2009/09/13 23:52:31 | 00,000,000 | ---D | C] -- C:\Users\Flox\AppData\Local\VirtualStore
[2009/08/18 21:04:57 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\DivX Shared
[2009/08/06 13:35:22 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Enfocus Software
[2009/09/06 20:44:22 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\PC Tools
[2009/09/13 21:42:04 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\SpeechEngines
[2009/09/18 15:29:29 | 00,000,000 | ---D | C] -- C:\Program Files\Ambient Design
[2009/09/03 22:31:13 | 00,000,000 | ---D | C] -- C:\Program Files\ArtRage 2 Starter Edition
[2009/07/17 09:49:40 | 00,000,000 | ---D | C] -- C:\Program Files\Avira
[2009/09/14 15:29:03 | 00,000,000 | ---D | C] -- C:\Program Files\BitLocker
[2009/09/22 09:42:41 | 00,000,000 | ---D | C] -- C:\Program Files\Corel
[2009/08/18 21:04:54 | 00,000,000 | ---D | C] -- C:\Program Files\DivX
[2009/08/06 13:35:01 | 00,000,000 | ---D | C] -- C:\Program Files\Enfocus
[2009/09/18 14:30:25 | 00,000,000 | ---D | C] -- C:\Program Files\FastStone Capture
[2009/09/13 22:19:09 | 00,000,000 | -HSD | C] -- C:\Program Files\Fichiers communs
[2009/09/10 15:25:13 | 00,000,000 | ---D | C] -- C:\Program Files\FontPicker
[2009/09/10 15:33:26 | 00,000,000 | ---D | C] -- C:\Program Files\indii.org
[2009/09/10 15:49:22 | 00,000,000 | ---D | C] -- C:\Program Files\LaBoiteACouleurs
[2009/10/07 15:00:15 | 00,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2009/09/14 15:13:08 | 00,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2009/09/13 19:50:36 | 00,000,000 | ---D | C] -- C:\Program Files\Microsoft Windows Vista Upgrade Advisor
[2009/09/13 23:22:34 | 00,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation
[2009/09/10 15:45:18 | 00,000,000 | ---D | C] -- C:\Program Files\Pegtop
[2009/09/18 14:29:53 | 00,000,000 | ---D | C] -- C:\Program Files\Ript
[2009/09/18 15:14:59 | 00,000,000 | ---D | C] -- C:\Program Files\Shape Collage
[2009/09/06 20:44:15 | 00,000,000 | ---D | C] -- C:\Program Files\Spyware Doctor
[2009/09/22 09:04:59 | 00,000,000 | ---D | C] -- C:\Program Files\Tablet
[2009/09/18 14:34:36 | 00,000,000 | ---D | C] -- C:\Program Files\Veign
[2009/09/13 22:35:52 | 00,000,000 | ---D | C] -- C:\Program Files\Yamicsoft
[2009/10/07 15:00:16 | 00,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2009/10/07 15:00:15 | 00,019,160 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2009/10/07 14:46:53 | 04,045,528 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\Flox\Desktop\mbam-setup.exe
[2009/10/07 14:45:13 | 00,520,704 | ---- | C] (OldTimer Tools) -- C:\Users\Flox\Desktop\OTL.exe
[2009/10/02 13:26:01 | 00,000,000 | ---D | C] -- C:\Users\Flox\Desktop\2009_10_02
[2009/09/29 11:55:26 | 00,000,000 | ---D | C] -- C:\Users\Flox\Desktop\2009_09_29
[2009/09/22 11:34:13 | 00,000,000 | ---D | C] -- C:\Users\Flox\Desktop\2009_09_22
[2009/09/22 09:09:27 | 04,257,576 | ---- | C] (Wacom Technology, Corp.) -- C:\Windows\System32\PenTablet.cpl
[2009/09/22 09:08:52 | 00,011,440 | ---- | C] (Wacom Technology) -- C:\Windows\System32\drivers\WacomVKHid.sys
[2009/09/22 09:07:50 | 00,013,352 | ---- | C] (Wacom Technology) -- C:\Windows\System32\drivers\wacomvhid.sys
[2009/09/22 09:07:50 | 00,011,312 | ---- | C] (Wacom Technology) -- C:\Windows\System32\drivers\wacommousefilter.sys
[2009/09/22 09:05:02 | 00,015,656 | ---- | C] (Wacom Technology) -- C:\Windows\System32\drivers\wacmoumonitor.sys
[2009/09/22 09:05:02 | 00,000,000 | ---D | C] -- C:\Windows\System32\WTablet
[2009/09/22 09:05:00 | 02,789,160 | ---- | C] (Wacom Technology, Corp.) -- C:\Windows\System32\Pen_Tablet.exe
[2009/09/22 09:05:00 | 00,217,384 | ---- | C] (Wacom Technology, Corp.) -- C:\Windows\System32\Pen_Tablet.dll
[2009/09/22 09:05:00 | 00,172,840 | ---- | C] (Wacom Technology, Corp.) -- C:\Windows\System32\Wintab32.dll
[2009/09/18 14:34:37 | 00,244,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msflxgrd.ocx
[2009/09/18 14:34:37 | 00,233,472 | ---- | C] (DSX) -- C:\Windows\System32\XDockFloat.dll
[2009/09/18 14:34:37 | 00,212,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\richtx32.ocx
[2009/09/18 14:34:37 | 00,167,936 | ---- | C] (Common Controls Replacement Project (CCRP)) -- C:\Windows\System32\ccrpftv6.ocx
[2009/09/18 14:34:37 | 00,094,208 | ---- | C] (vbAccelerator) -- C:\Windows\System32\vbalIml6.ocx
[2009/09/18 14:34:37 | 00,065,536 | ---- | C] (vbAccelerator) -- C:\Windows\System32\vbalIcoM6.dll
[2009/09/14 15:13:11 | 01,171,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SecureKeyBackupCPL.dll
[2009/09/14 15:12:40 | 00,000,000 | ---D | C] -- C:\Windows\System32\zh-TW
[2009/09/14 15:12:40 | 00,000,000 | ---D | C] -- C:\Windows\System32\zh-CN
[2009/09/14 15:12:39 | 00,000,000 | ---D | C] -- C:\Windows\System32\ko-KR
[2009/09/14 15:12:39 | 00,000,000 | ---D | C] -- C:\Windows\System32\ja-JP
[2009/09/14 01:09:05 | 00,000,000 | ---D | C] -- C:\Windows\System32\WindowsPowerShell
[2009/09/14 00:50:14 | 00,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2009/09/14 00:43:37 | 00,233,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DreamScene.dll
[2009/09/14 00:41:21 | 03,851,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_39.dll
[2009/09/14 00:35:38 | 00,000,000 | ---D | C] -- C:\Windows\PCHEALTH
[2009/09/14 00:30:34 | 00,675,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gpprefcl.dll
[2009/09/14 00:23:50 | 10,628,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmp.dll
[2009/09/14 00:23:49 | 00,313,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpdxm.dll
[2009/09/14 00:23:49 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdxm.ocx
[2009/09/14 00:23:49 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxmasf.dll
[2009/09/14 00:23:48 | 08,147,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmploc.DLL
[2009/09/14 00:23:48 | 00,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdxm.tlb
[2009/09/14 00:23:48 | 00,018,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\amcompat.tlb
[2009/09/14 00:23:48 | 00,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spwmp.dll
[2009/09/14 00:23:37 | 00,904,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\tcpip.sys
[2009/09/14 00:23:37 | 00,105,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netiohlp.dll
[2009/09/14 00:23:37 | 00,027,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NETSTAT.EXE
[2009/09/14 00:23:36 | 00,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\tcpipreg.sys
[2009/09/14 00:23:36 | 00,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ARP.EXE
[2009/09/14 00:23:36 | 00,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ROUTE.EXE
[2009/09/14 00:23:36 | 00,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netevent.dll
[2009/09/14 00:23:36 | 00,011,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MRINFO.EXE
[2009/09/14 00:23:36 | 00,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\finger.exe
[2009/09/14 00:23:36 | 00,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TCPSVCS.EXE
[2009/09/14 00:23:36 | 00,008,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\HOSTNAME.EXE
[2009/09/14 00:22:46 | 00,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\atl.dll
[2009/09/14 00:22:38 | 03,599,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.dll
[2009/09/14 00:22:37 | 06,079,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieframe.dll
[2009/09/14 00:22:33 | 01,167,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\urlmon.dll
[2009/09/14 00:22:33 | 00,828,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wininet.dll
[2009/09/14 00:22:33 | 00,180,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2009/09/14 00:22:33 | 00,078,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieencode.dll
[2009/09/14 00:22:25 | 00,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Apphlpdm.dll
[2009/09/14 00:22:24 | 04,240,384 | ---- | C] (Microsoft) -- C:\Windows\System32\GameUXLegacyGDFs.dll
[2009/09/14 00:21:57 | 00,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wkssvc.dll
[2009/09/14 00:21:51 | 02,868,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mf.dll
[2009/09/14 00:21:51 | 02,386,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVCORE.DLL
[2009/09/14 00:21:42 | 00,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlanmsm.dll
[2009/09/14 00:21:42 | 00,127,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\L2SecHC.dll
[2009/09/14 00:21:41 | 00,302,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlansec.dll
[2009/09/14 00:21:40 | 00,513,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlansvc.dll
[2009/09/14 00:21:40 | 00,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlanapi.dll
[2009/09/14 00:21:35 | 02,066,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstscax.dll
[2009/09/14 00:21:33 | 01,259,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\lsasrv.dll
[2009/09/14 00:21:33 | 00,499,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\kerberos.dll
[2009/09/14 00:21:33 | 00,439,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ksecdd.sys
[2009/09/14 00:21:33 | 00,270,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\schannel.dll
[2009/09/14 00:21:33 | 00,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msv1_0.dll
[2009/09/14 00:21:33 | 00,175,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wdigest.dll
[2009/09/14 00:21:32 | 00,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secur32.dll
[2009/09/14 00:21:32 | 00,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\lsass.exe
[2009/09/14 00:21:15 | 02,034,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2009/09/14 00:21:12 | 00,289,792 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll
[2009/09/14 00:21:12 | 00,156,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\t2embed.dll
[2009/09/14 00:21:12 | 00,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fontsub.dll
[2009/09/14 00:21:12 | 00,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\lpk.dll
[2009/09/14 00:21:12 | 00,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dciman32.dll
[2009/09/14 00:21:10 | 00,784,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rpcrt4.dll
[2009/09/14 00:20:21 | 00,091,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\avifil32.dll
[2009/09/14 00:20:20 | 00,623,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\localspl.dll
[2009/09/14 00:20:18 | 00,512,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll
[2009/09/13 23:26:35 | 00,000,000 | -H-D | C] -- C:\Windows\Icons
[2009/09/13 23:19:08 | 00,000,000 | ---D | C] -- C:\NVIDIA
[2009/09/13 23:14:52 | 00,172,032 | ---- | C] (Realtek ) -- C:\Windows\System32\drivers\Rtlh86.sys
[2009/09/13 23:14:52 | 00,094,208 | ---- | C] (Realtek Semiconductor Corporation) -- C:\Windows\System32\RTNUninst32.dll
[2009/09/13 22:23:05 | 01,809,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuaueng.dll
[2009/09/13 22:23:05 | 01,524,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wucltux.dll
[2009/09/13 22:23:05 | 00,051,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuauclt.exe
[2009/09/13 22:23:05 | 00,043,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups2.dll
[2009/09/13 22:22:38 | 00,561,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapi.dll
[2009/09/13 22:22:38 | 00,083,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wudriver.dll
[2009/09/13 22:22:38 | 00,034,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups.dll
[2009/09/13 22:22:22 | 00,162,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuwebv.dll
[2009/09/13 22:22:22 | 00,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapp.exe
[2009/09/13 22:19:09 | 00,000,000 | -HSD | C] -- C:\Users\Public\Documents\Mes vidéos
[2009/09/13 22:19:09 | 00,000,000 | -HSD | C] -- C:\Users\Public\Documents\Mes images
[2009/09/13 22:19:09 | 00,000,000 | -HSD | C] -- C:\Users\Public\Documents\Ma musique
[2009/09/13 22:13:58 | 00,000,000 | ---D | C] -- C:\Windows\Panther
[2009/09/13 22:13:40 | 16,126,464 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\RTHDCPL.EXE
[2009/09/13 22:13:40 | 09,715,200 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\RTLCPL.EXE
[2009/09/13 22:13:40 | 04,397,568 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\drivers\RtkHDAud.sys
[2009/09/13 22:13:40 | 02,808,832 | ---- | C] (RealTek Semicoductor Corp.) -- C:\Windows\ALCWZRD.EXE
[2009/09/13 22:13:40 | 02,157,568 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\MicCal.exe
[2009/09/13 22:13:40 | 01,822,720 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SkyTel.exe
[2009/09/13 22:13:40 | 01,191,936 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\RtlUpd.exe
[2009/09/13 22:13:40 | 00,299,008 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\ALSNDMGR.CPL
[2009/09/13 22:13:40 | 00,282,624 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RTSndMgr.CPL
[2009/09/13 22:13:40 | 00,086,016 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SOUNDMAN.EXE
[2009/09/13 22:13:40 | 00,069,632 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\ALCMTR.EXE
[2009/09/13 22:10:47 | 00,000,000 | ---D | C] -- C:\Windows\Debug
[2009/09/13 21:27:25 | 00,000,000 | -HSD | C] -- C:\Users\Flox\Documents\Mes vidéos
[2009/09/13 21:27:25 | 00,000,000 | -HSD | C] -- C:\Users\Flox\Documents\Mes images
[2009/09/13 21:27:25 | 00,000,000 | -HSD | C] -- C:\Users\Flox\Documents\Ma musique
[2009/09/13 21:24:23 | 00,000,000 | ---D | C] -- C:\Windows\System32\RTCOM
[2009/09/13 21:20:30 | 00,000,000 | ---D | C] -- C:\Windows\CSC
[2009/09/13 21:15:05 | 00,000,000 | ---D | C] -- C:\Windows\Prefetch
[2009/09/13 20:49:13 | 00,000,000 | -HSD | C] -- C:\Boot
[2009/09/06 20:44:35 | 00,159,600 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\pctgntdi.sys
[2009/09/06 20:44:29 | 00,206,256 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\PCTCore.sys
[2009/09/06 20:44:29 | 00,073,840 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\PCTAppEvent.sys
[2009/09/06 20:44:21 | 00,064,392 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\pctplsg.sys
[2009/09/05 11:03:18 | 00,032,768 | ---- | C] (CANON INC.) -- C:\Windows\System32\IJRMF.exe
[2009/08/18 21:05:21 | 00,129,784 | ---- | C] (Sonic Solutions) -- C:\Windows\System32\pxafs.dll
[2009/08/18 21:05:21 | 00,072,440 | ---- | C] (Sonic Solutions) -- C:\Windows\System32\pxhpinst.exe
[2009/08/18 21:05:20 | 01,628,920 | ---- | C] (Sonic Solutions) -- C:\Windows\System32\pxsfs.dll
[2009/08/18 21:05:20 | 00,551,672 | ---- | C] (Sonic Solutions) -- C:\Windows\System32\px.dll
[2009/08/18 21:05:20 | 00,518,904 | ---- | C] (Sonic Solutions) -- C:\Windows\System32\pxdrv.dll
[2009/08/18 21:05:20 | 00,379,640 | ---- | C] (Sonic Solutions) -- C:\Windows\System32\pxwave.dll
[2009/08/18 21:05:20 | 00,187,128 | ---- | C] (Sonic Solutions) -- C:\Windows\System32\pxmas.dll
[2009/08/18 21:05:20 | 00,088,824 | ---- | C] (Sonic Solutions) -- C:\Windows\System32\vxblock.dll
[2009/08/17 02:42:20 | 02,505,248 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcpluir.dll
[2009/08/17 02:42:20 | 02,173,472 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcplui.exe
[2009/08/17 02:42:20 | 00,420,384 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcpl.cpl
[2009/08/17 02:42:18 | 01,411,616 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvsvsr.dll
[2009/08/17 02:42:18 | 01,346,080 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvsvs.dll
[2009/08/17 02:41:54 | 04,622,880 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvvitvsr.dll
[2009/08/17 02:41:54 | 03,680,800 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvwssr.dll
[2009/08/17 02:41:54 | 03,176,992 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvwss.dll
[2009/08/17 02:41:52 | 04,033,056 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvvitvs.dll
[2009/08/17 02:41:52 | 02,861,600 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvmoblsr.dll
[2009/08/17 02:41:52 | 01,292,832 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvmobls.dll
[2009/08/17 02:41:52 | 00,465,440 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvmccssr.dll
[2009/08/17 02:41:52 | 00,195,104 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvmccss.dll
[2009/08/17 02:41:50 | 08,092,192 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvdispsr.dll
[2009/08/17 02:41:50 | 04,647,456 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvgamesr.dll
[2009/08/17 02:41:50 | 03,553,824 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvgames.dll
[2009/08/17 02:41:48 | 13,904,416 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcpl.dll
[2009/08/17 02:41:48 | 04,930,080 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvdisps.dll
[2009/08/17 02:41:48 | 01,171,456 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvsvcr.dll
[2009/08/17 02:41:48 | 00,764,448 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvsvc.dll
[2009/08/17 02:41:48 | 00,215,584 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvvsvc.exe
[2009/08/17 02:41:48 | 00,143,360 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvshext.dll
[2009/08/17 02:41:48 | 00,092,704 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvmctray.dll
[2009/08/17 00:57:00 | 10,858,496 | ---- | C] (N

de **FloGraphiste** » 07 Oct 2009, 14:34

Et enfin le rapport Extras de OTL:

OTL Extras logfile created on: 07/10/2009 15:09:14 - Run 1
OTL by OldTimer - Version 3.0.18.4 Folder = C:\Users\Flox\Desktop
Windows Vista Ultimate Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6002.18005)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

2,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 100,00% Memory free
4,00 Gb Paging File | 4,00 Gb Available in Paging File | 100,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 31,49 Gb Total Space | 4,16 Gb Free Space | 13,21% Space Free | Partition Type: NTFS
Drive D: | 232,88 Gb Total Space | 200,33 Gb Free Space | 86,02% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: PC-DE-FLORENCE
Current User Name: Flox
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 90 Days
Output = Standard

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.chm [@ = chm.file] -- C:\Windows\hh.exe (Microsoft Corporation)
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-602162358-1417001333-1801674531-1003\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
chm.file [open] -- "%SystemRoot%\hh.exe" %1 (Microsoft Corporation)
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~4\Office12\ONENOTE.EXE "%L" File not found
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"20487:UDP" = 20487:UDP:*:Enabled:Enfocus Port
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- File not found

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- File not found
"C:\Program Files\EasyPHP 3.0\mysql\bin\mysqld.exe" = C:\Program Files\EasyPHP 3.0\mysql\bin\mysqld.exe:*:Enabled:mysqld -- ()
"C:\Program Files\Mozilla Firefox\firefox.exe" = C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox -- (Mozilla Corporation)
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe" = C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Disabled:Windows Live Messenger -- File not found
"Ø[’|€ø" = Ø[’|€ø:*:Enabled:Microsoft Updater

========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{01648BD0-648F-4DCC-B2E8-E6EB3B4C4F9C}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{0DA2C736-125F-4B21-AE48-8D9D57C4445E}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{16EE00FE-DB57-44E4-925B-F1B94CA3E0F5}" = rport=10243 | protocol=6 | dir=out | app=system |
"{17ECC20A-B5B3-4799-AB4A-17A7F0F3A4DF}" = lport=137 | protocol=17 | dir=in | app=system |
"{19A0A065-760E-4D08-B0F9-F5A794C2C5C3}" = lport=138 | protocol=17 | dir=in | app=system |
"{39385EF1-FA43-4CC0-AFDD-BA269E56E830}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{461FBC61-D320-4B7F-9A81-D24E6C3FDEFB}" = lport=3389 | protocol=6 | dir=in | app=system |
"{51531CBE-7507-4568-9E62-DF73FBF2F227}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{55F575C1-091C-409D-88AF-AA5F8A9C8EBD}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{6E89DFAF-66D6-482E-8854-6F1A45464BA0}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{74226E16-2327-4774-91E6-8A2874DCF1DC}" = rport=137 | protocol=17 | dir=out | app=system |
"{7434B9D0-D58F-4744-9F9C-CAC9DC8F4909}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{90A4272E-6F02-46E9-94CF-28549A657034}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{9195656B-FDAF-4160-9023-31C118D31C2C}" = rport=445 | protocol=6 | dir=out | app=system |
"{A2FF4178-4A6F-4C4F-B818-47E5AF163445}" = rport=139 | protocol=6 | dir=out | app=system |
"{A619BBD8-FB83-485A-96CC-03A3241EDD04}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{AA6D7B5A-A4BB-4764-856C-197DFDD2C3E3}" = lport=445 | protocol=6 | dir=in | app=system |
"{AF95FB9C-E307-4CB9-A857-A3311EF2034F}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{AFC6D1A5-8491-403B-9015-9528A457A478}" = lport=139 | protocol=6 | dir=in | app=system |
"{B8D02A53-60B8-4C8A-B489-730487083D8F}" = lport=10243 | protocol=6 | dir=in | app=system |
"{CCC76198-9B45-4B25-A5BB-67161BFCAEE4}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{D1F0CF98-E6F9-49B2-AA66-8B1ED92C7821}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{E27DAA61-B91E-4CCE-9FB2-F9AD3B8ECF9A}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{E391D8E2-FEFB-44D4-81FF-8F6C7048B8A3}" = rport=138 | protocol=17 | dir=out | app=system |
"{E92A6AD9-BFBA-431D-9E2C-9A21397D734E}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{EEC99226-26B8-4A05-B5C6-F31831704F86}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{F53ECAE2-F1C6-49D1-8D8B-A8CA3EDB5017}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{FC65A8B6-A5A9-4960-8F0D-7860D7A3523C}" = lport=2869 | protocol=6 | dir=in | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{03943EFC-4B2A-43CD-8115-5754FFA25749}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{065516E6-5708-4C84-B9B8-3898C7D36DB4}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{09242B2F-56E2-42D7-A298-BA4044EE35FB}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{0931B90B-1B6B-450A-8998-EE08C7C8D302}" = protocol=6 | dir=in | app=%systemroot%\system32\msra.exe |
"{3244C039-2F99-4137-8D41-011AD41E514B}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{3E1CEC82-0FF6-4187-A612-7B1B2EDC0293}" = protocol=6 | dir=out | app=system |
"{441A938E-67E6-4F83-BDFC-05EAE3988430}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{4AA8DAB2-2C21-4DDA-AA63-57868F83D3CA}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{743E3C86-194E-4089-BB71-769354427A60}" = protocol=6 | dir=out | app=%systemroot%\system32\msra.exe |
"{93DB3753-130C-41C8-989C-211FB965BA53}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{96293073-FE5A-4469-AD86-26D7AF2273C7}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{9C28EB2D-6F62-479C-B0D9-97C89A2ABF1D}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{9FC7C22A-5CAE-4A33-8DFC-7C40C7C8B51F}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{A3023FBC-7FAF-49DE-B00E-D3F918E511C7}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{AB4744D3-6D9E-4243-A1FD-5246A031C61C}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{B6507617-4C8F-498E-88C7-3F1552181431}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{D97326DF-BDD8-433F-9E5E-9FD2E6EC6892}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{D9B01A19-20D4-4521-B909-501FF3853734}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{E337EF52-57B9-48B5-8E93-F9DEBF3FB932}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{E763EFFF-72DB-4384-91E6-8CA225E62BE6}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{00ADFB20-AE75-46F4-AD2C-F48B15AC3100}" = Adobe Color NA Recommended Settings CS4
"{016884F6-765D-4482-AE07-34C930718B5C}" = ArtRage 2 Starter Edition
"{05308C4E-7285-4066-BAE3-6B50DA6ED755}" = Adobe Update Manager CS4
"{054EFA56-2AC1-48F4-A883-0AB89874B972}" = Adobe Extension Manager CS4
"{059C042E-796A-4ACC-A81A-ECC2010BB78C}" = Windows Live Messenger
"{098727E1-775A-4450-B573-3F441F1CA243}" = kuler
"{0C180787-F8C8-42FD-A9D3-689BA44BEAAF}" = Corel Painter Essentials 3
"{0D6013AB-A0C7-41DC-973C-E93129C9A29F}" = Adobe Color JA Extra Settings CS4
"{0F723FC1-7606-4867-866C-CE80AD292DAF}" = Adobe CSI CS4
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP510" = Canon MP510
"{14F70205-1940-4000-88C7-BE799A6B2CAD}" = Adobe Soundbooth CS4
"{15BF7AAF-846C-4A6D-80E1-5D1FC7FB461B}" = Adobe SGM CS4
"{1618734A-3957-4ADD-8199-F973763109A8}" = Adobe Anchor Service CS4
"{16E16F01-2E2D-4248-A42F-76261C147B6C}" = Adobe Drive CS4
"{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}" = AdobeColorCommonSetRGB
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{197A3012-8C85-4FD3-AB66-9EC7E13DB92E}" = Adobe AIR
"{1B7C06E1-4888-47A6-992A-0990B9683486}" = Adobe Version Cue CS4 Server
"{1D14373E-7970-4F2F-A467-ACA4F0EA21E3}" = Google Earth
"{1DCA3EAA-6EB5-4563-A970-EA14D75037BA}" = Adobe InDesign CS4
"{1E04CB54-AF4E-4AC3-B4B7-C0A160BE57F1}" = Adobe InDesign CS4 Icon Handler
"{1FD25FCD-6F39-4686-AFBB-7056EBAE5E68}" = Avira RootKit Detection
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83216010FF}" = Java(TM) 6 Update 11
"{29622F4A-245C-4126-8764-897E21E888D1}" = Google Earth Pro
"{297190A1-4B0D-4CD6-8B9F-3907F15C3FD8}" = Adobe CS4 American English Speech Analysis Models
"{2BAF2B96-7560-48B4-87D4-10178DDBE217}" = Adobe InDesign CS4 Application Feature Set Files (Roman)
"{30C8AA56-4088-426F-91D1-0EDFD3A25678}" = Adobe Dreamweaver CS4
"{350C940c-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}" = PDF Settings CS4
"{39F6E2B4-CFE8-C30A-66E8-489651F0F34C}" = Adobe Media Player
"{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}" = Adobe XMP Panels CS4
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3D2C9DE6-9ADE-4252-A241-E43723B0CE02}" = Adobe Color - Photoshop Specific CS4
"{3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF}" = Adobe WinSoft Linguistics Plugin
"{3E31821C-7917-367E-938E-E65FC413EA31}" = Microsoft .NET Framework 3.5 Language Pack SP1 - fra
"{3E50F28A-86D8-4DA5-8850-C55684574F86}" = Ript
"{428FDF9F-E010-4C4C-A8BB-156960AFCA1C}" = Adobe Fireworks CS4
"{43509E18-076E-40FE-AF38-CA5ED400A5A9}" = Pixel Bender Toolkit
"{44E240EC-2224-4078-A88B-2CEE0D3016EF}" = Adobe After Effects CS4 Presets
"{45EC816C-0771-4C14-AE6D-72D1B578F4C8}" = Adobe After Effects CS4
"{48F9998C-3BA0-42D3-82E6-5882441EB8CE}" = Adobe Flash CS4 STI-fr
"{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}" = Adobe Service Manager Extension
"{494952B3-AA5A-486C-8495-6BF830962747}" = Ma-Config.com
"{4A52555C-032A-4083-BDD9-6A85ABFB39A8}" = Adobe SING CS4
"{52232EF4-CC12-4C21-ABCF-ADB79618302D}" = Adobe Soundbooth CS4 Codecs
"{5570C7F0-43D0-4916-8A9E-AEDD52FA86F4}" = Adobe Color EU Extra Settings CS4
"{561968FD-56A1-49FD-9ED0-F55482C7C5BC}" = Adobe Media Encoder CS4 Exporter
"{5888428E-699C-4E71-BF71-94EE06B497DA}" = TuneUp Utilities 2008
"{5977A284-6ADB-4CC1-BEC5-1CDE7908ACA3}" = Vista Manager
"{5EAD5443-7194-46CC-A055-428E6ABB1BAF}" = Adobe Encore CS4
"{5FC56E78-B95D-4164-BC23-DC23C8FF05A2}" = Enfocus Instant PDF
"{60DB5894-B5A1-4B62-B0F3-669A22C0EE5D}" = Adobe Dynamiclink Support
"{61D6891E-E822-4448-9F9A-0AAAAEB6AF6C}" = Adobe Creative Suite 4 Master Collection
"{63C24A08-70F3-4C8E-B9FB-9F21A903801D}" = Adobe Color Video Profiles CS CS4
"{63E5CDBF-8214-4F03-84F8-CD3CE48639AD}" = Adobe Photoshop CS4 Support
"{67A9747A-E1F5-4E9A-81CC-12B5D5B81B6E}" = Adobe After Effects CS4 Third Party Content
"{67F0E67A-8E93-4C2C-B29D-47C48262738A}" = Adobe Device Central CS4
"{68243FF8-83CA-466B-B2B8-9F99DA5479C4}" = AdobeColorCommonSetCMYK
"{6C6E880E-FFD4-47C4-A5CE-DFE225662995}" = SendBlaster
"{70014586-7BBA-4A92-A610-CDC896C48F8F}" = NETGEAR WG311v3 PCI Adapter
"{706EA4A8-97B5-4C29-A0F3-0B38C666F0C4}" = QuarkXPress
"{7148F0A8-6813-11D6-A77B-00B0D0142040}" = Java 2 Runtime Environment, SE v1.4.2_04
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7370DF47-B4F9-4279-BFC3-3F09919F720D}" = Installation Windows Live
"{7406DF60-016D-476B-A2C7-55D997592047}" = Adobe OnLocation CS4
"{7451C9B5-3E10-4E59-AD37-AB7438D84288}" = Extensis Suitcase 11.0.1
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{7CC7BDD5-6F10-4724-96A1-EAC7D9F2831C}" = Adobe InDesign CS4 Common Base Files
"{8186FF34-D389-4B7E-9A2F-C197585BCFBD}" = Adobe Media Encoder CS4 Importer
"{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}" = Adobe Type Support CS4
"{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}" = Windows Live Call
"{83877DB1-8B77-45BC-AB43-2BAC22E093E0}" = Adobe Bridge CS4
"{842B4B72-9E8F-4962-B3C1-1C422A5C4434}" = Suite Shared Configuration CS4
"{85AFD3AA-4AAF-4A6F-B3E1-C47252AB0378}" = Conseiller de mise à niveau Windows Vista
"{87532CAB-7932-4F84-8937-823337622807}" = Adobe Illustrator CS4
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}" = Choice Guard
"{90120000-0010-040C-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (French) 12
"{90120000-0015-040C-0000-0000000FF1CE}" = Microsoft Office Access MUI (French) 2007
"{90120000-0015-040C-0000-0000000FF1CE}_ENTERPRISE_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-040C-0000-0000000FF1CE}" = Microsoft Office Excel MUI (French) 2007
"{90120000-0016-040C-0000-0000000FF1CE}_ENTERPRISE_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-040C-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (French) 2007
"{90120000-0018-040C-0000-0000000FF1CE}_ENTERPRISE_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-040C-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (French) 2007
"{90120000-0019-040C-0000-0000000FF1CE}_ENTERPRISE_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-040C-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (French) 2007
"{90120000-001A-040C-0000-0000000FF1CE}_ENTERPRISE_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-040C-0000-0000000FF1CE}" = Microsoft Office Word MUI (French) 2007
"{90120000-001B-040C-0000-0000000FF1CE}_ENTERPRISE_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0401-0000-0000000FF1CE}" = Microsoft Office Proof (Arabic) 2007
"{90120000-001F-0401-0000-0000000FF1CE}_ENTERPRISE_{14809F99-C601-4D4A-9391-F1E8FAA964C5}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0413-0000-0000000FF1CE}" = Microsoft Office Proof (Dutch) 2007
"{90120000-001F-0413-0000-0000000FF1CE}_ENTERPRISE_{D66D5A44-E480-4BA4-B4F2-C554F6B30EBB}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISE_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-040C-0000-0000000FF1CE}" = Microsoft Office Proofing (French) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0044-040C-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (French) 2007
"{90120000-0044-040C-0000-0000000FF1CE}_ENTERPRISE_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-040C-0000-0000000FF1CE}" = Microsoft Office Shared MUI (French) 2007
"{90120000-006E-040C-0000-0000000FF1CE}_ENTERPRISE_{B165D3C2-40AE-4D39-86F7-E5C87C4264C0}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-040C-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (French) 2007
"{90120000-00A1-040C-0000-0000000FF1CE}_ENTERPRISE_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00BA-040C-0000-0000000FF1CE}" = Microsoft Office Groove MUI (French) 2007
"{90120000-00BA-040C-0000-0000000FF1CE}_ENTERPRISE_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{929408E6-D265-4174-805F-81D1D914E2A4}" = QuickTime
"{931AB7EA-3656-4BB7-864D-022B09E3DD67}" = Adobe Linguistics CS4
"{94D398EB-D2FD-4FD1-B8C4-592635E8A191}" = Adobe CMaps CS4
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A6EC82A0-1414-475D-8AFD-469089F3080D}" = Adobe Contribute CS4
"{AC76BA86-1033-F400-7760-000000000004}" = Adobe Acrobat 9 Pro - English, Français, Deutsch
"{B05DE7B7-0B40-4411-BD4B-222CAE2D8F15}" = Adobe MotionPicture Color Files CS4
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B15381DD-FF97-4FCD-A881-ED4DB0975500}" = Adobe Color Video Profiles AE CS4
"{B169BC97-B8AA-4ACA-9CF2-9D0FF5BABDF7}" = Adobe Premiere Pro CS4 Functional Content
"{B29AD377-CC12-490A-A480-1452337C618D}" = Connect
"{B4712E9C-E0C2-45E0-826C-FEEDD5F62E78}" = OxiMailing
"{B65BA85C-0A27-4BC0-A22D-A66F0E5B9494}" = Adobe Photoshop CS4
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{B9F4561A-924D-4510-A85A-BB0960C338CB}" = Adobe Asset Services CS4
"{BB4E33EC-8181-4685-96F7-8554293DEC6A}" = Adobe Output Module
"{BCA02FAD-2C86-4C8C-A815-51C09F4E51FF}" = Dual-Core Optimizer
"{BD423B54-8668-44B6-8610-D24514445E88}" = Adobe Flash CS4 Extension - Flash Lite STI fr
"{BE9CEAAA-F069-4331-BF2F-8D350F6504F4}" = Adobe Media Encoder CS4 Additional Exporter
"{C52E3EC1-048C-45E1-8D53-10B0C6509683}" = Adobe Default Language CS4
"{C86E7C99-E4AD-79C7-375B-1AEF9A91EC2B}" = Acrobat.com
"{C938BE91-3BB5-4B84-9EF6-88F0505D0038}" = Adobe Premiere Pro CS4 Third Party Content
"{CC75AB5C-2110-4A7F-AF52-708680D22FE8}" = Photoshop Camera Raw
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D27BDB5D-3B4C-44F0-A648-BD00B0E79B39}" = VGA Utility
"{D3EE034D-5B92-4A55-AA02-2E6D0A6A96EE}" = Windows Resource Kit Tools - SubInAcl.exe
"{D499F8DE-3F31-4900-9157-61061613704B}" = Adobe Premiere Pro CS4
"{DEB90B8E-0DCB-48CE-B90E-8842A2BD643E}" = Adobe Media Encoder CS4
"{E8EE9410-8AC4-4F43-A626-DDECA75C79F3}" = Adobe Setup
"{EE353798-E875-42E0-B58D-7E6696182EA8}" = Adobe Media Encoder CS4 Dolby
"{F0E64E2E-3A60-40D8-A55D-92F6831875DA}" = Adobe Search for Help
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F6E99614-F042-4459-82B7-8B38B2601356}" = Adobe Flash CS4
"{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}" = Adobe ExtendScript Toolkit CS4
"{F93C84A6-0DC6-42AF-89FA-776F7C377353}" = Adobe PDF Library Files CS4
"{FB2A5FCC-B81B-48C2-A009-7804694D83E9}" = Adobe Encore CS4 Codecs
"{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}" = Adobe Fonts All
"3BEF1AFDE8303306594E2ADA27520E6E700820AE" = Package de pilotes Windows - Advanced Micro Devices (AmdK8) Processor (05/27/2006 1.3.2.0)
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11
"Adobe_b2d6abde968e6f277ddbfd501383e02" = Adobe Creative Suite 4 Master Collection
"All ATI Software" = ATI - Utilitaire de désinstallation du logiciel
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"Cfont Pro_is1" = Cfont Pro v3.8
"ColorPic" = ColorPic
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"DualCoreCenter_is1" = DualCoreCenter
"Enregistrement utilisateur de Canon MP510" = Enregistrement utilisateur de Canon MP510
"ENTERPRISE" = Microsoft Office Enterprise 2007
"FastStone Capture" = FastStone Capture 5.3
"FileZilla Client" = FileZilla Client 3.2.4.1
"FontPicker_is1" = FontPicker
"Gadwin PrintScreen" = Gadwin PrintScreen
"InstallShield_{70014586-7BBA-4A92-A610-CDC896C48F8F}" = NETGEAR WG311v3 PCI Adapter
"InstallShield_{929408E6-D265-4174-805F-81D1D914E2A4}" = QuickTime
"La boite a couleurs_is1" = La boite a couleurs version 1.6.15
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 3.5 Language Pack SP1 - fra" = Module linguistique Microsoft .NET Framework 3.5 SP1- fra
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.0.14)" = Mozilla Firefox (3.0.14)
"MP Navigator 3.0" = Canon MP Navigator 3.0
"MSCSR" = Microsoft Speech Recognition Engine 4.0 (English)
"NVIDIA Drivers" = NVIDIA Drivers
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"OEMInformation" = OEM Logo and Information
"Pegtop PMeter" = Pegtop PMeter
"Pen Tablet Driver" = Pen Tablet
"qbox32_uninstall.exe" = Quite A Box Of Tricks (English)
"RealPlayer 6.0" = RealPlayer
"Satsuki Decoder Pack" = Satsuki Decoder Pack
"ShapeCollage" = Shape Collage
"Spyware Doctor" = Spyware Doctor 6.1
"tintii" = indii.org/tintii
"UltSounds" = Modèles de sons Windows
"UltSounds2" = Ultimate Extras sounds from Microsoft® Tinker™
"VLC media player" = VLC media player 0.9.9
"WinRAR archiver" = Archiveur WinRAR

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-602162358-1417001333-1801674531-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"EMAILINGPRO" = EmailingPro
"Google Chrome" = Google Chrome

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 07/10/2009 08:53:21 | Computer Name = Pc-de-Florence | Source = MsiInstaller | ID = 11706
Description =

Error - 07/10/2009 08:53:37 | Computer Name = Pc-de-Florence | Source = MsiInstaller | ID = 11706
Description =

Error - 07/10/2009 08:53:53 | Computer Name = Pc-de-Florence | Source = MsiInstaller | ID = 11706
Description =

Error - 07/10/2009 08:54:07 | Computer Name = Pc-de-Florence | Source = MsiInstaller | ID = 11706
Description =

Error - 07/10/2009 08:54:38 | Computer Name = Pc-de-Florence | Source = MsiInstaller | ID = 11706
Description =

Error - 07/10/2009 08:55:54 | Computer Name = Pc-de-Florence | Source = MsiInstaller | ID = 11706
Description =

Error - 07/10/2009 08:56:10 | Computer Name = Pc-de-Florence | Source = MsiInstaller | ID = 11706
Description =

Error - 07/10/2009 08:56:40 | Computer Name = Pc-de-Florence | Source = MsiInstaller | ID = 11706
Description =

Error - 07/10/2009 08:57:07 | Computer Name = Pc-de-Florence | Source = MsiInstaller | ID = 11706
Description =

Error - 07/10/2009 08:57:18 | Computer Name = Pc-de-Florence | Source = MsiInstaller | ID = 11706
Description =

[ OSession Events ]
Error - 24/09/2009 01:24:47 | Computer Name = FLORENCE | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6504.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 17
seconds with 0 seconds of active time. This session ended with a crash.

[ System Events ]
Error - 05/10/2009 02:54:03 | Computer Name = Pc-de-Florence | Source = DCOM | ID = 10005
Description = DCOM a reçu l'erreur "%1068" lors de la mise en route du service stisvc
avec les arguments "" pour démarrer le serveur : {A1F4E726-8CF1-11D1-BF92-0060081ED811}

Error - 05/10/2009 02:54:03 | Computer Name = Pc-de-Florence | Source = Service Control Manager | ID = 7001
Description = Le service Acquisition d'image Windows (WIA) dépend du service Détection
matériel noyau qui n'a pas pu démarrer en raison de l'erreur : %%1058

Error - 05/10/2009 02:54:06 | Computer Name = Pc-de-Florence | Source = Service Control Manager | ID = 7001
Description = Le service Acquisition d'image Windows (WIA) dépend du service Détection
matériel noyau qui n'a pas pu démarrer en raison de l'erreur : %%1058

Error - 05/10/2009 02:54:07 | Computer Name = Pc-de-Florence | Source = Service Control Manager | ID = 7001
Description = Le service Acquisition d'image Windows (WIA) dépend du service Détection
matériel noyau qui n'a pas pu démarrer en raison de l'erreur : %%1058

Error - 05/10/2009 08:14:53 | Computer Name = Pc-de-Florence | Source = Service Control Manager | ID = 7001
Description = Le service Acquisition d'image Windows (WIA) dépend du service Détection
matériel noyau qui n'a pas pu démarrer en raison de l'erreur : %%1058

Error - 05/10/2009 08:15:12 | Computer Name = Pc-de-Florence | Source = Service Control Manager | ID = 7001
Description = Le service Acquisition d'image Windows (WIA) dépend du service Détection
matériel noyau qui n'a pas pu démarrer en raison de l'erreur : %%1058

Error - 05/10/2009 08:17:09 | Computer Name = Pc-de-Florence | Source = Service Control Manager | ID = 7001
Description = Le service Acquisition d'image Windows (WIA) dépend du service Détection
matériel noyau qui n'a pas pu démarrer en raison de l'erreur : %%1058

Error - 05/10/2009 08:17:25 | Computer Name = Pc-de-Florence | Source = Service Control Manager | ID = 7001
Description = Le service Acquisition d'image Windows (WIA) dépend du service Détection
matériel noyau qui n'a pas pu démarrer en raison de l'erreur : %%1058

Error - 05/10/2009 08:17:53 | Computer Name = Pc-de-Florence | Source = Service Control Manager | ID = 7001
Description = Le service Acquisition d'image Windows (WIA) dépend du service Détection
matériel noyau qui n'a pas pu démarrer en raison de l'erreur : %%1058

Error - 05/10/2009 12:25:18 | Computer Name = Pc-de-Florence | Source = volsnap | ID = 393252
Description = Les clichés instantanés du volume C: ont été annulés car le stockage
du cliché instantané n'a pas pu s'agrandir en raison d'une limite utilisateur.

<End>:?:

Merci à celui, celle ou ceux qui pourront m'aider dans cette embrouille.:oops:

Flo

de **nickW** » 12 Oct 2009, 00:28

Bonsoir,

Ce ne fut pas très malin d'avoir modifié le paramètre "File Age" dans OTL (pour choisir 90 Days): le rapport que tu as envoyé est incomplet!

Premiers nettoyages, recherche de processus cachés:

Étape 1: RootRepeal (de AD)
Télécharger RootRepeal via un clic droit sur l'un des liens ci-dessous:
http://ad13.geekstogo.com/RootRepeal.zip
http://rootrepeal.googlepages.com/RootRepeal.zip
http://rootrepeal.psikotick.com/RootRepeal.zip
Enregistrer le fichier sur le Bureau.
Créer un nouveau dossier nommé RootRepeal à la racine du disque système (généralement C:\)

Décompresser l'archive téléchargée dans ce nouveau dossier RootRepeal

Étape 2: Pas de processus de contrôle en temps réel
Désactiver le module résident de l'antivirus et celui de l'antispyware.

Avira Antivir: clic droit sur l'icône dans la SysBarre (à coté de l'horloge), décocher "Activer Antivir Guard/AntiVir Guard enable"

Étape 3: Malwarebytes' Anti-Malware, nettoyage
Fermer toutes les fenêtres de programme ouvertes.
Lancer Malwarebytes' Anti-Malware via le Menu Démarrer.
Dans l'onglet Paramètres, vérifier que toutes les cases sont cochées sauf "Créer une option dans le menu contextuel pour analyser des fichiers (clic droit)".
Dans l'onglet Mise à jour, cliquer sur le bouton Recherche de mise à jour et installer toutes les mises à jour trouvées.
Dans l'onglet Recherche, cocher le bouton radio situé devant "Exécuter un examen rapide" puis cliquer sur le bouton Rechercher.
Attendre sans rien faire d'autre la fin de la recherche; dans la fenêtre annonçant la fin de l'analyse, cliquer sur OK; puis cliquer sur le bouton "Afficher les résultats".

Si des éléments nuisibles ont été détectés, cliquer sur le bouton "Supprimer la sélection"
Attendre patiemment sans rien faire d'autre la fin du nettoyage.
Un redémarrage est parfois nécessaire. Accepter.
Une fenêtre du Bloc-notes s'ouvre pour afficher le rapport. Fermer le Bloc-notes.
Cliquer sur le bouton "Quitter" pour fermer Malwarebytes' Anti-Malware.

Étape 4: RootRepeal (de AD)
Dans l'Explorateur, ouvrir le dossier RootRepeal
Faire un clic droit sur RootRepeal.exe puis choisir "Exécuter en tant qu'Administrateur" pour lancer l'outil.

Cliquer sur l'onglet Report (en bas de la fenêtre) comme ceci:

Cliquer sur le bouton Scan

Dans la nouvelle fenêtre Select Scan, cocher:
+ Drivers
+ Files
+ Processes
+ SSDT
+ Stealth Objects
+ Hidden Services
+ Shadow SSDT

Cliquer sur le bouton OK
Dans la nouvelle fenêtre Select Drives, cocher le lecteur système (généralement C:\)

Cliquer sur le bouton OK pour lancer l'analyse

Note: Cette analyse prend un certain temps. NE PAS LANCER d'autres programmes tant qu'elle est active.

Lorsque l'analyse est terminée, le bouton Save Report sera disponible.

Cliquer sur ce bouton Save Report et enregistrer le fichier rapport dans le dossier RootRepeal sous le nom RootRepeal-091011.txt

Ouvrir le menu File, cliquer sur Exit pour fermer le programme.

Étape 5: Processus de contrôle en temps réel
Important: Réactiver le module résident de l'antivirus et celui de l'antispyware.

Étape 6: OTL (de OldTimer), analyse
Fermer toutes les fenêtres de programme ouvertes.

Faire un clic droit sur OTL.exe puis choisir "Exécuter en tant qu'Administrateur" pour lancer l'outil.

L'écran principal de OTL s'affiche:

Cocher (en haut) la case située devant Scan All Users:

Puis cliquer sur le bouton Run Scan:

Laisser l'outil travailler sans l'interrompre.
Lorsque l'outil a terminé, il y a ouverture d'une fenêtre du Bloc-notes contenant un rapport (log).
Fermer le Bloc-notes.
Fermer la fenêtre de OTL.

Étape 7: Résultats
Envoyer en réponse:
*- le log de Malwarebytes' Anti-Malware (contenu du fichier mbam-log-*-**-**** (**-**-**).txt situé dans le dossier SystemDrive\Documents and Settings\<tonprofil>\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs / *-**-**** (**-**-**) représente la date [mois-jour-année] et l'heure [hh-mn-ss])
[SystemDrive représente la partition sur laquelle est installé le système, généralement C:]
*- le rapport de RootRepeal (contenu du fichier RootRepeal-091011.txt)
Ce rapport peut être très long. Bien vérifier qu'il est complet dans le message envoyé. Si nécessaire, le découper en plusieurs messages.
*- le contenu du fichier D:\AUTOEXEC.BAT - Ne pas faire un double clic sur ce fichier, mais l'envoyer vers n'importe quel éditeur de texte

Envoyer ensuite en réponse dans un message distinct (à cause de la longueur du log):
*- le rapport principal de OTL (contenu du fichier OTL.txt situé sur le Bureau).
Le rapport envoyé sur le forum doit se terminer par une ligne contenant <End>. Si ce n'est pas le cas, il est incomplet, et doit alors être découpé en plusieurs messages.

Note importante: Pour l'envoi de ta(tes) réponse(s), il ne faut pas créer un nouveau sujet, mais cliquer sur le bouton "Répondre"

pour continuer dans ce fil de discussion.

A suivre,

de **FloGraphiste** » 12 Oct 2009, 17:17

Bonsoir et merci pour cette réponse,

J'étais passée en mode "90 jours" dans OTL pour obtenir un scan que je croyais pouvoir être plus "large". Une bétise sans doute...

Voilà pour les différents logs demandés:

En commençant par Malwarebytes:

Malwarebytes' Anti-Malware 1.41
Version de la base de données: 2945
Windows 6.0.6002 Service Pack 2

12/10/2009 16:46:45
mbam-log-2009-10-12 (16-46-45).txt

Type de recherche: Examen rapide
Eléments examinés: 101484
Temps écoulé: 5 minute(s), 3 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 9

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
C:\Users\Flox\AppData\Roaming\wiaserva.log (Malware.Trace) -> Quarantined and deleted successfully.
C:\Users\Flox\oashdihasidhasuidhiasdhiashdiuasdhasd (Malware.Trace) -> Quarantined and deleted successfully.
C:\Windows\010112010146118114.dat (Worm.KoobFace) -> Quarantined and deleted successfully.
C:\Windows\0101120101464849.dat (Worm.KoobFace) -> Quarantined and deleted successfully.
C:\Windows\01011201014650120.dat (Worm.KoobFace) -> Quarantined and deleted successfully.
C:\Windows\0101120101465749.dat (Worm.KoobFace) -> Quarantined and deleted successfully.
C:\Windows\0101120101465752.dat (Worm.KoobFace) -> Quarantined and deleted successfully.
C:\Windows\934fdfg34fgjf23 (Worm.KoobFace) -> Quarantined and deleted successfully.
C:\Windows\bf23567.dat (Worm.KoobFace) -> Quarantined and deleted successfully.

Puis le rapport de RootRepeal:

ROOTREPEAL (c) AD, 2007-2009
==================================================
Scan Start Time: 2009/10/12 16:52
Program Version: Version 1.3.5.0
Windows Version: Windows Vista SP2
==================================================

Drivers
-------------------
Name: dump_atapi.sys
Image Path: C:\Windows\System32\Drivers\dump_atapi.sys
Address: 0x927F7000 Size: 32768 File Visible: No Signed: -
Status: -

Name: dump_dumpata.sys
Image Path: C:\Windows\System32\Drivers\dump_dumpata.sys
Address: 0x8AFCB000 Size: 45056 File Visible: No Signed: -
Status: -

Name: dump_dumpfve.sys
Image Path: C:\Windows\System32\Drivers\dump_dumpfve.sys
Address: 0x8AFD6000 Size: 69632 File Visible: No Signed: -
Status: -

Name: mchInjDrv.sys
Image Path: C:\Windows\system32\Drivers\mchInjDrv.sys
Address: 0xA57A0000 Size: 2560 File Visible: No Signed: -
Status: -

Name: rootrepeal.sys
Image Path: C:\Windows\system32\drivers\rootrepeal.sys
Address: 0xA57DA000 Size: 49152 File Visible: No Signed: -
Status: -

Name: sptd
Image Path: \Driver\sptd
Address: 0x00000000 Size: 0 File Visible: No Signed: -
Status: -

Name: spyq.sys
Image Path: C:\Windows\System32\Drivers\spyq.sys
Address: 0x80C0C000 Size: 1052672 File Visible: No Signed: -
Status: -

Hidden/Locked Files
-------------------
Path: C:\System Volume Information\{3808876b-c176-4e48-b7ae-04046e6cc752}
Status: Locked to the Windows API!

Path: C:\System Volume Information\{9FA7E~1
Status: Locked to the Windows API!

Path: c:\windows\media\windows feed discovered.wav
Status: Allocation size mismatch (API: 36864, Raw: 20480)

Path: c:\windows\media\windows information bar.wav
Status: Allocation size mismatch (API: 36864, Raw: 24576)

Path: c:\windows\media\windows pop-up blocked.wav
Status: Allocation size mismatch (API: 40960, Raw: 86016)

Path: C:\Windows\winsxs\Catalogs\x86_policy.8.0.microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.762_none_8dd7dea5d5a7a18a.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_policy.8.0.microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.4053_none_4ddfc6cd11929a02.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.762_none_0c178a139ee2a7ed.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_microsoft.msxml2_6bd6b9abf345378f_4.20.9870.0_none_b7e00e6c7b30b69b.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.1_none_dcc7eae99ad0d9cf.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.762_none_10b2f55f9bffb8f8.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.762_none_43efccf17831d131.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_policy.9.0.microsoft.vc90.atl_1fc8b3b9a1e18e3b_9.0.30729.4148_none_f0efb442f8a0f46c.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_policy.9.0.microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.1_none_818f59bf601aa775.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_policy.8.0.microsoft.vc80.openmp_1fc8b3b9a1e18e3b_8.0.50727.762_none_abac38a907ee8801.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_microsoft.vc90.openmp_1fc8b3b9a1e18e3b_9.0.21022.8_none_ecdf8c290e547f39.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_policy.9.0.microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.1_none_7dd1e0ebd6590e0b.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_policy.8.0.microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.762_none_8a14c0566bec5b24.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_microsoft.vc90.atl_1fc8b3b9a1e18e3b_9.0.30729.4148_none_51ca66a2bbe76806.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_policy.8.0.microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.762_none_9193a620671dde41.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_microsoft.msxml2r_6bd6b9abf345378f_4.1.1.0_none_365945b9da656e4d.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_microsoft.vc90.atl_1fc8b3b9a1e18e3b_9.0.30729.1_none_e29d1181971ae11e.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_policy.8.0.microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.762_none_8e053e8c6967ba9d.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.1_none_e163563597edeada.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_policy.8.0.microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.42_none_5c4003bc63e949f6.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.42_none_0e9c2a8d74fd3ce6.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.42_none_db5f52fb98cb24ad.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_policy.9.0.microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.21022.8_none_60a5df56e60dc5df.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_policy.9.0.microsoft.vc90.atl_1fc8b3b9a1e18e3b_9.0.30729.1_none_81c25f21d3d46d84.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_microsoft.msxml2_6bd6b9abf345378f_4.20.9848.0_none_b7e811287b298060.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_policy.9.0.microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.1_none_8550c6b5d18a9128.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_policy.4.20.microsoft.msxml2_6bd6b9abf345378f_4.20.9848.0_none_a6e6a8980e994a5d.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.42_none_dc990e4797f81af1.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_policy.9.0.microsoft.vc90.openmp_1fc8b3b9a1e18e3b_9.0.21022.8_none_7ab8cc63a6e4c2a3.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.42_none_d6c3e7af9bae13a2.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.1_none_da4695fc507e16e1.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_policy.4.20.microsoft.msxml2_6bd6b9abf345378f_4.20.9870.0_none_a6dea5dc0ea08098.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_policy.8.0.microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.42_none_58b19c2866332652.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.762_none_11ecb0ab9b2caf3c.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_policy.8.0.microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.42_none_58843c41d2730d3f.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.21022.8_none_bcb86ed6ac711f91.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_policy.4.1.microsoft.msxml2r_6bd6b9abf345378f_4.1.1.0_none_8b7b15c031cda6db.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_policy.8.0.microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.42_none_54c11df268b7c6d9.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.4053_none_d1c738ec43578ea1.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_microsoft.vc80.openmp_1fc8b3b9a1e18e3b_8.0.50727.762_none_7b33aa7d218504d2.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-gameexplorer_31bf3856ad364e35_6.0.6000.16917_none_40164834c4183551\WGXINS~1.MOF
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-gameexplorer_31bf3856ad364e35_6.0.6000.21117_none_409fbd21dd36085d\WGXINS~1.MOF
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-gameexplorer_31bf3856ad364e35_6.0.6001.18320_none_41eab4e8c14d30d2\WGXINS~1.MOF
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-gameexplorer_31bf3856ad364e35_6.0.6001.22509_none_4292f60bda5279f0\WGXINS~1.MOF
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.18005_none_abbe918457a82898\$$DeleteMe.lpk.dll.01ca34c733e24ae0.000d
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-i..ersandsecurityzones_31bf3856ad364e35_6.0.6002.18005_none_b6ce90e7d3ebb69f\$$DeleteMe.urlmon.dll.01ca34c7329c3650.0001
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6002.18005_none_03d46c899ef4dd32\$$DeleteMe.wininet.dll.01ca34c732a66f80.0002
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.16890_none_2d1a75e31d20e59f\WINDOW~1.WAV
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.16890_none_2d1a75e31d20e59f\WINDOW~2.WAV
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.16890_none_2d1a75e31d20e59f\WINDOW~4.WAV
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.21089_none_2db7bd56362e80c9\WINDOW~1.WAV
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.21089_none_2db7bd56362e80c9\WINDOW~2.WAV
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.21089_none_2db7bd56362e80c9\WINDOW~4.WAV
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6001.18294_none_2f04b5b11a43dbec\WINDOW~1.WAV
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6001.18294_none_2f04b5b11a43dbec\WINDOW~2.WAV
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6001.18294_none_2f04b5b11a43dbec\WINDOW~4.WAV
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6001.22475_none_2fa4f48433505a52\WINDOW~1.WAV
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6001.22475_none_2fa4f48433505a52\WINDOW~2.WAV
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6001.22475_none_2fa4f48433505a52\WINDOW~4.WAV
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.18005_none_a83603ce59ed0382\$$DeleteMe.lsasrv.dll.01ca34c7330690e0.0004
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.18005_none_a83603ce59ed0382\$$DeleteMe.lsass.exe.01ca34c733033580.0003
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.18005_none_a83603ce59ed0382\$$DeleteMe.secur32.dll.01ca34c7330e0af0.0005
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-p..ooler-core-localspl_31bf3856ad364e35_6.0.6002.18005_none_3206d7078fcfe427\$$DeleteMe.localspl.dll.01ca34c733a39430.000a
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-security-digest_31bf3856ad364e35_6.0.6001.18000_none_3acd4b177cb513c9\$$DeleteMe.wdigest.dll.01ca34c733460ae0.0006
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-security-ntlm_31bf3856ad364e35_6.0.6002.18005_none_7e9e65df5fac8e64\$$DeleteMe.msv1_0.dll.01ca34c733561070.0009
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-wlansvc_31bf3856ad364e35_6.0.6002.18005_none_9e2fbb5f0207ec84\$$DeleteMe.wlanmsm.dll.01ca34c7344eef60.0010
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-wlansvc_31bf3856ad364e35_6.0.6002.18005_none_9e2fbb5f0207ec84\$$DeleteMe.wlansec.dll.01ca34c7344b6cf0.000e
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-wlansvc_31bf3856ad364e35_6.0.6002.18005_none_9e2fbb5f0207ec84\$$DeleteMe.wlansvc.dll.01ca34c7344cf390.000f
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-workstationservice_31bf3856ad364e35_6.0.6001.18000_none_cc3a17edd6d1c174\$$DeleteMe.wkssvc.dll.01ca34c733b128c0.000b
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_policy.1.2.microsof..op.security.azroles_31bf3856ad364e35_6.0.6000.16386_none_ea83414c2e75b887\Microsoft.Interop.Security.AzRoles.config
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-rpc-local_31bf3856ad364e35_6.0.6002.18005_none_b5e6182342361aab\$$DeleteMe.rpcrt4.dll.01ca34c730ac7440.0000
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-atl_31bf3856ad364e35_6.0.6001.18000_none_ab203fc659b26ce7\$$DeleteMe.atl.dll.01ca34c733bce890.000c
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-security-schannel_31bf3856ad364e35_6.0.6002.18005_none_2401c41a5264a20d\$$DeleteMe.schannel.dll.01ca34c73354ff00.0008
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-security-kerberos_31bf3856ad364e35_6.0.6002.18005_none_e8c25637adef5b44\$$DeleteMe.kerberos.dll.01ca34c73349db70.0007
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-gameexplorer_31bf3856ad364e35_6.0.6002.18101_none_43e7c8d8be626492\WGXINS~1.MOF
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-gameexplorer_31bf3856ad364e35_6.0.6002.22213_none_4468964bd78652fb\WGXINS~1.MOF
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.18272_none_a9896d645abd4ddf\$$DeleteMe.lpk.dll.01ca34c733e24ae0.000d
Status: Locked to the Windows API!

Path: C:\Windows\System32\wbem\WGXINS~1.MOF
Status: Locked to the Windows API!

Path: c:\programdata\avira\antivir desktop\temp\avguard.tmp
Status: Allocation size mismatch (API: 31862784, Raw: 0)

Path: c:\windows\system32\logfiles\scm\scm.evm
Status: Allocation size mismatch (API: 491520, Raw: 0)

Path: c:\users\flox\appdata\local\temp\etilqs_anradtb732itifzxcxzv
Status: Allocation size mismatch (API: 32768, Raw: 0)

Path: c:\windows\serviceprofiles\localservice\appdata\local\lastalive0.dat
Status: Allocation size mismatch (API: 4096, Raw: 0)

Path: c:\windows\serviceprofiles\localservice\appdata\local\lastalive1.dat
Status: Allocation size mismatch (API: 4096, Raw: 0)

Path: C:\Windows\assembly\GAC_32\Policy.1.2.Microsoft.Interop.Security.AzRoles\6.0.6000.16386__31bf3856ad364e35\Microsoft.Interop.Security.AzRoles.config
Status: Locked to the Windows API!

Path: C:\Users\Flox\AppData\Local\apps\2.0\CGLMR97K.ACW\L5ME6BMT.PTB\manifests\clickonce_bootstrap.exe.cdf-ms
Status: Locked to the Windows API!

Path: C:\Users\Flox\AppData\Local\apps\2.0\CGLMR97K.ACW\L5ME6BMT.PTB\manifests\clickonce_bootstrap.exe.manifest
Status: Locked to the Windows API!

Processes
-------------------
Path: System
PID: 4 Status: Locked to the Windows API!

Path: C:\Windows\System32\audiodg.exe
PID: 1236 Status: Locked to the Windows API!

SSDT
-------------------
#: 078 Function Name: NtCreateThread
Status: Hooked by "<unknown>" at address 0x95578444

#: 194 Function Name: NtOpenProcess
Status: Hooked by "<unknown>" at address 0x95578430

#: 201 Function Name: NtOpenThread
Status: Hooked by "<unknown>" at address 0x95578435

#: 334 Function Name: NtTerminateProcess
Status: Hooked by "<unknown>" at address 0x9557843f

Stealth Objects
-------------------
Object: Hidden Module [Name: fr.dll]
Process: chrome.exe (PID: 2584) Address: 0x6c6f0000 Size: 126976

Object: Hidden Module [Name: default.dll]
Process: chrome.exe (PID: 2584) Address: 0x695d0000 Size: 352256

Object: Hidden Module [Name: fr.dll]
Process: chrome.exe (PID: 2648) Address: 0x6c6f0000 Size: 126976

Object: Hidden Code [Driver: Ntfs, IRP_MJ_CREATE]
Process: System Address: 0x856e61f8 Size: 121

Object: Hidden Code [Driver: Ntfs, IRP_MJ_CLOSE]
Process: System Address: 0x856e61f8 Size: 121

Object: Hidden Code [Driver: Ntfs, IRP_MJ_READ]
Process: System Address: 0x856e61f8 Size: 121

Object: Hidden Code [Driver: Ntfs, IRP_MJ_WRITE]
Process: System Address: 0x856e61f8 Size: 121

Object: Hidden Code [Driver: Ntfs, IRP_MJ_QUERY_INFORMATION]
Process: System Address: 0x856e61f8 Size: 121

Object: Hidden Code [Driver: Ntfs, IRP_MJ_SET_INFORMATION]
Process: System Address: 0x856e61f8 Size: 121

Object: Hidden Code [Driver: Ntfs, IRP_MJ_QUERY_EA]
Process: System Address: 0x856e61f8 Size: 121

Object: Hidden Code [Driver: Ntfs, IRP_MJ_SET_EA]
Process: System Address: 0x856e61f8 Size: 121

Object: Hidden Code [Driver: Ntfs, IRP_MJ_FLUSH_BUFFERS]
Process: System Address: 0x856e61f8 Size: 121

Object: Hidden Code [Driver: Ntfs, IRP_MJ_QUERY_VOLUME_INFORMATION]
Process: System Address: 0x856e61f8 Size: 121

Object: Hidden Code [Driver: Ntfs, IRP_MJ_SET_VOLUME_INFORMATION]
Process: System Address: 0x856e61f8 Size: 121

Object: Hidden Code [Driver: Ntfs, IRP_MJ_DIRECTORY_CONTROL]
Process: System Address: 0x856e61f8 Size: 121

Object: Hidden Code [Driver: Ntfs, IRP_MJ_FILE_SYSTEM_CONTROL]
Process: System Address: 0x856e61f8 Size: 121

Object: Hidden Code [Driver: Ntfs, IRP_MJ_DEVICE_CONTROL]
Process: System Address: 0x856e61f8 Size: 121

Object: Hidden Code [Driver: Ntfs, IRP_MJ_SHUTDOWN]
Process: System Address: 0x856e61f8 Size: 121

Object: Hidden Code [Driver: Ntfs, IRP_MJ_LOCK_CONTROL]
Process: System Address: 0x856e61f8 Size: 121

Object: Hidden Code [Driver: Ntfs, IRP_MJ_CLEANUP]
Process: System Address: 0x856e61f8 Size: 121

Object: Hidden Code [Driver: Ntfs, IRP_MJ_QUERY_SECURITY]
Process: System Address: 0x856e61f8 Size: 121

Object: Hidden Code [Driver: Ntfs, IRP_MJ_SET_SECURITY]
Process: System Address: 0x856e61f8 Size: 121

Object: Hidden Code [Driver: Ntfs, IRP_MJ_QUERY_QUOTA]
Process: System Address: 0x856e61f8 Size: 121

Object: Hidden Code [Driver: Ntfs, IRP_MJ_SET_QUOTA]
Process: System Address: 0x856e61f8 Size: 121

Object: Hidden Code [Driver: Ntfs, IRP_MJ_PNP]
Process: System Address: 0x856e61f8 Size: 121

Object: Hidden Code [Driver: fastfat, IRP_MJ_CREATE]
Process: System Address: 0x86b1f500 Size: 121

Object: Hidden Code [Driver: fastfat, IRP_MJ_CLOSE]
Process: System Address: 0x86b1f500 Size: 121

Object: Hidden Code [Driver: fastfat, IRP_MJ_READ]
Process: System Address: 0x86b1f500 Size: 121

Object: Hidden Code [Driver: fastfat, IRP_MJ_WRITE]
Process: System Address: 0x86b1f500 Size: 121

Object: Hidden Code [Driver: fastfat, IRP_MJ_QUERY_INFORMATION]
Process: System Address: 0x86b1f500 Size: 121

Object: Hidden Code [Driver: fastfat, IRP_MJ_SET_INFORMATION]
Process: System Address: 0x86b1f500 Size: 121

Object: Hidden Code [Driver: fastfat, IRP_MJ_QUERY_EA]
Process: System Address: 0x86b1f500 Size: 121

Object: Hidden Code [Driver: fastfat, IRP_MJ_SET_EA]
Process: System Address: 0x86b1f500 Size: 121

Object: Hidden Code [Driver: fastfat, IRP_MJ_FLUSH_BUFFERS]
Process: System Address: 0x86b1f500 Size: 121

Object: Hidden Code [Driver: fastfat, IRP_MJ_QUERY_VOLUME_INFORMATION]
Process: System Address: 0x86b1f500 Size: 121

Object: Hidden Code [Driver: fastfat, IRP_MJ_SET_VOLUME_INFORMATION]
Process: System Address: 0x86b1f500 Size: 121

Object: Hidden Code [Driver: fastfat, IRP_MJ_DIRECTORY_CONTROL]
Process: System Address: 0x86b1f500 Size: 121

Object: Hidden Code [Driver: fastfat, IRP_MJ_FILE_SYSTEM_CONTROL]
Process: System Address: 0x86b1f500 Size: 121

Object: Hidden Code [Driver: fastfat, IRP_MJ_DEVICE_CONTROL]
Process: System Address: 0x86b1f500 Size: 121

Object: Hidden Code [Driver: fastfat, IRP_MJ_SHUTDOWN]
Process: System Address: 0x86b1f500 Size: 121

Object: Hidden Code [Driver: fastfat, IRP_MJ_LOCK_CONTROL]
Process: System Address: 0x86b1f500 Size: 121

Object: Hidden Code [Driver: fastfat, IRP_MJ_CLEANUP]
Process: System Address: 0x86b1f500 Size: 121

Object: Hidden Code [Driver: fastfat, IRP_MJ_PNP]
Process: System Address: 0x86b1f500 Size: 121

Object: Hidden Code [Driver: atapi, IRP_MJ_CREATE]
Process: System Address: 0x856e51f8 Size: 121

Object: Hidden Code [Driver: atapi, IRP_MJ_CLOSE]
Process: System Address: 0x856e51f8 Size: 121

Object: Hidden Code [Driver: atapi, IRP_MJ_DEVICE_CONTROL]
Process: System Address: 0x856e51f8 Size: 121

Object: Hidden Code [Driver: atapi, IRP_MJ_INTERNAL_DEVICE_CONTROL]
Process: System Address: 0x856e51f8 Size: 121

Object: Hidden Code [Driver: atapi, IRP_MJ_POWER]
Process: System Address: 0x856e51f8 Size: 121

Object: Hidden Code [Driver: atapi, IRP_MJ_SYSTEM_CONTROL]
Process: System Address: 0x856e51f8 Size: 121

Object: Hidden Code [Driver: atapi, IRP_MJ_PNP]
Process: System Address: 0x856e51f8 Size: 121

Object: Hidden Code [Driver: cdrom, IRP_MJ_CREATE]
Process: System Address: 0x85c00500 Size: 121

Object: Hidden Code [Driver: cdrom, IRP_MJ_CLOSE]
Process: System Address: 0x85c00500 Size: 121

Object: Hidden Code [Driver: cdrom, IRP_MJ_READ]
Process: System Address: 0x85c00500 Size: 121

Object: Hidden Code [Driver: cdrom, IRP_MJ_WRITE]
Process: System Address: 0x85c00500 Size: 121

Object: Hidden Code [Driver: cdrom, IRP_MJ_FLUSH_BUFFERS]
Process: System Address: 0x85c00500 Size: 121

Object: Hidden Code [Driver: cdrom, IRP_MJ_DEVICE_CONTROL]
Process: System Address: 0x85c00500 Size: 121

Object: Hidden Code [Driver: cdrom, IRP_MJ_INTERNAL_DEVICE_CONTROL]
Process: System Address: 0x85c00500 Size: 121

Object: Hidden Code [Driver: cdrom, IRP_MJ_SHUTDOWN]
Process: System Address: 0x85c00500 Size: 121

Object: Hidden Code [Driver: cdrom, IRP_MJ_POWER]
Process: System Address: 0x85c00500 Size: 121

Object: Hidden Code [Driver: cdrom, IRP_MJ_SYSTEM_CONTROL]
Process: System Address: 0x85c00500 Size: 121

Object: Hidden Code [Driver: cdrom, IRP_MJ_PNP]
Process: System Address: 0x85c00500 Size: 121

Object: Hidden Code [Driver: USBSTOR, IRP_MJ_CREATE]
Process: System Address: 0x8673c500 Size: 121

Object: Hidden Code [Driver: USBSTOR, IRP_MJ_CLOSE]
Process: System Address: 0x8673c500 Size: 121

Object: Hidden Code [Driver: USBSTOR, IRP_MJ_READ]
Process: System Address: 0x8673c500 Size: 121

Object: Hidden Code [Driver: USBSTOR, IRP_MJ_WRITE]
Process: System Address: 0x8673c500 Size: 121

Object: Hidden Code [Driver: USBSTOR, IRP_MJ_DEVICE_CONTROL]
Process: System Address: 0x8673c500 Size: 121

Object: Hidden Code [Driver: USBSTOR, IRP_MJ_INTERNAL_DEVICE_CONTROL]
Process: System Address: 0x8673c500 Size: 121

Object: Hidden Code [Driver: USBSTOR, IRP_MJ_POWER]
Process: System Address: 0x8673c500 Size: 121

Object: Hidden Code [Driver: USBSTOR, IRP_MJ_SYSTEM_CONTROL]
Process: System Address: 0x8673c500 Size: 121

Object: Hidden Code [Driver: USBSTOR, IRP_MJ_PNP]
Process: System Address: 0x8673c500 Size: 121

Object: Hidden Code [Driver: usbohci, IRP_MJ_CREATE]
Process: System Address: 0x85b7e500 Size: 121

Object: Hidden Code [Driver: usbohci, IRP_MJ_CLOSE]
Process: System Address: 0x85b7e500 Size: 121

Object: Hidden Code [Driver: usbohci, IRP_MJ_DEVICE_CONTROL]
Process: System Address: 0x85b7e500 Size: 121

Object: Hidden Code [Driver: usbohci, IRP_MJ_INTERNAL_DEVICE_CONTROL]
Process: System Address: 0x85b7e500 Size: 121

Object: Hidden Code [Driver: usbohci, IRP_MJ_POWER]
Process: System Address: 0x85b7e500 Size: 121

Object: Hidden Code [Driver: usbohci, IRP_MJ_SYSTEM_CONTROL]
Process: System Address: 0x85b7e500 Size: 121

Object: Hidden Code [Driver: usbohci, IRP_MJ_PNP]
Process: System Address: 0x85b7e500 Size: 121

Object: Hidden Code [Driver: Smb, IRP_MJ_CREATE]
Process: System Address: 0x8695c500 Size: 121

Object: Hidden Code [Driver: Smb, IRP_MJ_CLOSE]
Process: System Address: 0x8695c500 Size: 121

Object: Hidden Code [Driver: Smb, IRP_MJ_DEVICE_CONTROL]
Process: System Address: 0x8695c500 Size: 121

Object: Hidden Code [Driver: Smb, IRP_MJ_INTERNAL_DEVICE_CONTROL]
Process: System Address: 0x8695c500 Size: 121

Object: Hidden Code [Driver: Smb, IRP_MJ_CLEANUP]
Process: System Address: 0x8695c500 Size: 121

Object: Hidden Code [Driver: Smb, IRP_MJ_PNP]
Process: System Address: 0x8695c500 Size: 121

Object: Hidden Code [Driver: netbt蒔ā, IRP_MJ_CREATE]
Process: System Address: 0x8695e500 Size: 121

Object: Hidden Code [Driver: netbt蒔ā, IRP_MJ_CLOSE]
Process: System Address: 0x8695e500 Size: 121

Object: Hidden Code [Driver: netbt蒔ā, IRP_MJ_DEVICE_CONTROL]
Process: System Address: 0x8695e500 Size: 121

Object: Hidden Code [Driver: netbt蒔ā, IRP_MJ_INTERNAL_DEVICE_CONTROL]
Process: System Address: 0x8695e500 Size: 121

Object: Hidden Code [Driver: netbt蒔ā, IRP_MJ_CLEANUP]
Process: System Address: 0x8695e500 Size: 121

Object: Hidden Code [Driver: netbt蒔ā, IRP_MJ_PNP]
Process: System Address: 0x8695e500 Size: 121

Object: Hidden Code [Driver: iScsiPrtІ但塃, IRP_MJ_CREATE]
Process: System Address: 0x85a89500 Size: 121

Object: Hidden Code [Driver: iScsiPrtІ但塃, IRP_MJ_CLOSE]
Process: System Address: 0x85a89500 Size: 121

Object: Hidden Code [Driver: iScsiPrtІ但塃, IRP_MJ_DEVICE_CONTROL]
Process: System Address: 0x85a89500 Size: 121

Object: Hidden Code [Driver: iScsiPrtІ但塃, IRP_MJ_INTERNAL_DEVICE_CONTROL]
Process: System Address: 0x85a89500 Size: 121

Object: Hidden Code [Driver: iScsiPrtІ但塃, IRP_MJ_POWER]
Process: System Address: 0x85a89500 Size: 121

Object: Hidden Code [Driver: iScsiPrtІ但塃, IRP_MJ_SYSTEM_CONTROL]
Process: System Address: 0x85a89500 Size: 121

Object: Hidden Code [Driver: iScsiPrtІ但塃, IRP_MJ_PNP]
Process: System Address: 0x85a89500 Size: 121

Object: Hidden Code [Driver: volmgr, IRP_MJ_CREATE]
Process: System Address: 0x856e31f8 Size: 121

Object: Hidden Code [Driver: volmgr, IRP_MJ_READ]
Process: System Address: 0x856e31f8 Size: 121

Object: Hidden Code [Driver: volmgr, IRP_MJ_WRITE]
Process: System Address: 0x856e31f8 Size: 121

Object: Hidden Code [Driver: volmgr, IRP_MJ_FLUSH_BUFFERS]
Process: System Address: 0x856e31f8 Size: 121

Object: Hidden Code [Driver: volmgr, IRP_MJ_DEVICE_CONTROL]
Process: System Address: 0x856e31f8 Size: 121

Object: Hidden Code [Driver: volmgr, IRP_MJ_INTERNAL_DEVICE_CONTROL]
Process: System Address: 0x856e31f8 Size: 121

Object: Hidden Code [Driver: volmgr, IRP_MJ_SHUTDOWN]
Process: System Address: 0x856e31f8 Size: 121

Object: Hidden Code [Driver: volmgr, IRP_MJ_CLEANUP]
Process: System Address: 0x856e31f8 Size: 121

Object: Hidden Code [Driver: volmgr, IRP_MJ_POWER]
Process: System Address: 0x856e31f8 Size: 121

Object: Hidden Code [Driver: volmgr, IRP_MJ_SYSTEM_CONTROL]
Process: System Address: 0x856e31f8 Size: 121

Object: Hidden Code [Driver: volmgr, IRP_MJ_PNP]
Process: System Address: 0x856e31f8 Size: 121

Object: Hidden Code [Driver: usbehci薍Ў浍摌㊈薮ᆘ薴✀銬, IRP_MJ_CREATE]
Process: System Address: 0x85a71500 Size: 121

Object: Hidden Code [Driver: usbehci薍Ў浍摌㊈薮ᆘ薴✀銬, IRP_MJ_CLOSE]
Process: System Address: 0x85a71500 Size: 121

Object: Hidden Code [Driver: usbehci薍Ў浍摌㊈薮ᆘ薴✀銬, IRP_MJ_DEVICE_CONTROL]
Process: System Address: 0x85a71500 Size: 121

Object: Hidden Code [Driver: usbehci薍Ў浍摌㊈薮ᆘ薴✀銬, IRP_MJ_INTERNAL_DEVICE_CONTROL]
Process: System Address: 0x85a71500 Size: 121

Object: Hidden Code [Driver: usbehci薍Ў浍摌㊈薮ᆘ薴✀銬, IRP_MJ_POWER]
Process: System Address: 0x85a71500 Size: 121

Object: Hidden Code [Driver: usbehci薍Ў浍摌㊈薮ᆘ薴✀銬, IRP_MJ_SYSTEM_CONTROL]
Process: System Address: 0x85a71500 Size: 121

Object: Hidden Code [Driver: usbehci薍Ў浍摌㊈薮ᆘ薴✀銬, IRP_MJ_PNP]
Process: System Address: 0x85a71500 Size: 121

Object: Hidden Code [Driver: mrxsmb, IRP_MJ_CREATE]
Process: System Address: 0x86754500 Size: 121

Object: Hidden Code [Driver: mrxsmb, IRP_MJ_CREATE_NAMED_PIPE]
Process: System Address: 0x86754500 Size: 121

Object: Hidden Code [Driver: mrxsmb, IRP_MJ_CLOSE]
Process: System Address: 0x86754500 Size: 121

Object: Hidden Code [Driver: mrxsmb, IRP_MJ_READ]
Process: System Address: 0x86754500 Size: 121

Object: Hidden Code [Driver: mrxsmb, IRP_MJ_WRITE]
Process: System Address: 0x86754500 Size: 121

Object: Hidden Code [Driver: mrxsmb, IRP_MJ_QUERY_INFORMATION]
Process: System Address: 0x86754500 Size: 121

Object: Hidden Code [Driver: mrxsmb, IRP_MJ_SET_INFORMATION]
Process: System Address: 0x86754500 Size: 121

Object: Hidden Code [Driver: mrxsmb, IRP_MJ_QUERY_EA]
Process: System Address: 0x86754500 Size: 121

Object: Hidden Code [Driver: mrxsmb, IRP_MJ_SET_EA]
Process: System Address: 0x86754500 Size: 121

Object: Hidden Code [Driver: mrxsmb, IRP_MJ_FLUSH_BUFFERS]
Process: System Address: 0x86754500 Size: 121

Object: Hidden Code [Drive==EOF==

Par contre, le fichier D:\AUTOEXEC.BAT semble vide (0 octet)...

Je poste le log OTL dans un message suivant.

Merci encore de m'aider.

de **FloGraphiste** » 12 Oct 2009, 17:21

Voici donc le nouveau rapport OTL:

OTL logfile created on: 12/10/2009 17:48:11 - Run 2
OTL by OldTimer - Version 3.0.18.4 Folder = C:\Users\Flox\Desktop
Windows Vista Ultimate Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6002.18005)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

2,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 100,00% Memory free
4,00 Gb Paging File | 4,00 Gb Available in Paging File | 100,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 31,49 Gb Total Space | 3,36 Gb Free Space | 10,66% Space Free | Partition Type: NTFS
Drive D: | 232,88 Gb Total Space | 200,21 Gb Free Space | 85,97% Space Free | Partition Type: NTFS
Drive E: | 372,61 Gb Total Space | 293,55 Gb Free Space | 78,78% Space Free | Partition Type: NTFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: PC-DE-FLORENCE
Current User Name: Flox
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2009/08/17 02:41:48 | 00,215,584 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvvsvc.exe
PRC - [2009/08/17 02:41:48 | 00,215,584 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvvsvc.exe
PRC - [2009/07/17 11:05:28 | 00,108,289 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2009/08/18 13:08:07 | 00,185,089 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2006/02/28 12:42:38 | 00,229,376 | ---- | M] (Apple Computer, Inc.) -- C:\Program Files\Extensis\Extensis Suitcase 11\Bonjour\mDNSResponder.exe
PRC - [2008/11/10 06:43:40 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe
PRC - [2009/04/11 15:19:30 | 02,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\Explorer.EXE
PRC - [2009/01/07 12:40:56 | 00,348,752 | ---- | M] (PC Tools) -- C:\Program Files\Spyware Doctor\pctsAuxs.exe
PRC - [2009/07/22 22:44:48 | 01,097,096 | ---- | M] (PC Tools) -- C:\Program Files\Spyware Doctor\pctsSvc.exe
PRC - [2009/08/17 01:32:00 | 00,239,648 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2009/07/22 22:44:50 | 01,181,064 | ---- | M] (PC Tools) -- C:\Program Files\Spyware Doctor\pctsTray.exe
PRC - [2009/01/19 12:13:44 | 02,789,160 | ---- | M] (Wacom Technology, Corp.) -- C:\Windows\System32\Pen_Tablet.exe
PRC - [2009/01/19 12:14:44 | 00,186,664 | ---- | M] (Wacom Technology, Corp.) -- C:\Windows\System32\WTablet\Pen_TabletUser.exe
PRC - [2009/01/19 12:13:44 | 02,789,160 | ---- | M] (Wacom Technology, Corp.) -- C:\Windows\System32\Pen_Tablet.exe
PRC - [2009/03/02 13:08:11 | 00,209,153 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2008/10/25 11:44:34 | 00,031,072 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
PRC - [2009/04/11 15:19:03 | 01,233,920 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Sidebar\sidebar.exe
PRC - [2009/08/22 01:01:41 | 00,833,008 | ---- | M] (Google Inc.) -- C:\Users\Flox\AppData\Local\Google\Chrome\Application\chrome.exe
PRC - [2009/08/22 01:01:41 | 00,833,008 | ---- | M] (Google Inc.) -- C:\Users\Flox\AppData\Local\Google\Chrome\Application\chrome.exe
PRC - [2009/10/07 14:46:11 | 00,520,704 | ---- | M] (OldTimer Tools) -- C:\Users\Flox\Desktop\OTL.exe

========== Win32 Services (SafeList) ==========

SRV - [2008/08/15 05:46:20 | 00,284,016 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe -- (Adobe Version Cue CS4 [On_Demand | Stopped])
SRV - [2009/07/17 11:05:28 | 00,108,289 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService [Auto | Running])
SRV - [2009/08/18 13:08:07 | 00,185,089 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService [Auto | Running])
SRV - [2006/02/28 12:42:38 | 00,229,376 | ---- | M] (Apple Computer, Inc.) -- C:\Program Files\Extensis\Extensis Suitcase 11\Bonjour\mDNSResponder.exe -- (Bonjour Service [Auto | Running])
SRV - [2009/04/11 15:19:47 | 00,066,368 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32 [On_Demand | Stopped])
SRV - [2008/01/21 04:23:20 | 00,292,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehRecvr.exe -- (ehRecvr [On_Demand | Stopped])
SRV - [2006/11/02 14:34:14 | 00,131,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehsched.exe -- (ehSched [On_Demand | Stopped])
SRV - [2006/11/02 14:34:14 | 00,013,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehstart.dll -- (ehstart [Auto | Stopped])
SRV - [2009/04/11 15:19:14 | 01,017,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wevtsvc.dll -- (Eventlog [Auto | Running])
SRV - [2008/10/25 23:48:45 | 00,655,624 | ---- | M] (Acresso Software Inc.) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service [On_Demand | Stopped])
SRV - [2009/04/11 15:20:00 | 00,043,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe -- (FontCache3.0.0.0 [On_Demand | Stopped])
SRV - [2009/04/27 22:43:03 | 00,182,768 | ---- | M] (Google) -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc [On_Demand | Stopped])
SRV - [2005/04/04 00:41:10 | 00,069,632 | ---- | M] (Macrovision Corporation) -- C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe -- (IDriverT [On_Demand | Stopped])
SRV - [2009/04/11 15:20:00 | 00,879,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe -- (idsvc [Unknown | Stopped])
SRV - [2009/05/04 14:53:38 | 00,442,368 | ---- | M] (Enfocus, an EskoArtwork company) -- C:\Program Files\Enfocus\Enfocus Instant PDF 08\Application\InstantPDFService.exe -- (Instant PDF Service [Auto | Stopped])
SRV - [2008/11/10 06:43:40 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe -- (JavaQuickStarterService [Auto | Running])
SRV - [2009/09/01 08:07:48 | 00,234,864 | ---- | M] (CybelSoft) -- C:\Program Files\ma-config.com\maconfservice.exe -- (maconfservice [On_Demand | Stopped])
SRV - [2008/10/25 11:44:08 | 00,065,888 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe -- (Microsoft Office Groove Audit Service [On_Demand | Stopped])
SRV - [2009/04/11 15:20:03 | 00,129,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing [Disabled | Stopped])
SRV - [2009/08/17 02:41:48 | 00,215,584 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvvsvc.exe -- (nvsvc [Auto | Running])
SRV - [2008/11/04 01:06:28 | 00,441,712 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv [On_Demand | Stopped])
SRV - [2006/10/26 14:03:08 | 00,145,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose [On_Demand | Stopped])
SRV - [2009/01/07 12:40:56 | 00,348,752 | ---- | M] (PC Tools) -- C:\Program Files\Spyware Doctor\pctsAuxs.exe -- (sdAuxService [Auto | Running])
SRV - [2009/07/22 22:44:48 | 01,097,096 | ---- | M] (PC Tools) -- C:\Program Files\Spyware Doctor\pctsSvc.exe -- (sdCoreService [Auto | Running])
SRV - [2009/08/17 01:32:00 | 00,239,648 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service [Auto | Running])
SRV - [2009/01/19 12:13:44 | 02,789,160 | ---- | M] (Wacom Technology, Corp.) -- C:\Windows\System32\Pen_Tablet.exe -- (TabletServicePen [Auto | Running])
SRV - [2008/10/25 21:47:48 | 00,354,560 | ---- | M] (TuneUp Software GmbH) -- C:\Windows\System32\TuneUpDefragService.exe -- (TuneUp.Defrag [On_Demand | Stopped])
SRV - [2008/04/04 14:51:32 | 00,028,416 | ---- | M] (TuneUp Software GmbH) -- C:\Windows\System32\uxtuneup.dll -- (UxTuneUp [Auto | Stopped])
SRV - [2008/01/21 04:23:48 | 00,896,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc [Disabled | Stopped])

========== Driver Services (SafeList) ==========

DRV - [2008/08/14 07:57:42 | 00,074,720 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\System32\drivers\adfs.sys -- (adfs [Auto | Running])
DRV - [2008/01/21 04:21:29 | 00,422,968 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx [Disabled | Stopped])
DRV - [2008/01/21 04:21:33 | 00,300,600 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci [Disabled | Stopped])
DRV - [2008/01/21 04:21:34 | 00,101,432 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m [Disabled | Stopped])
DRV - [2008/01/21 04:21:35 | 00,149,560 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320 [Disabled | Stopped])
DRV - [2006/11/02 11:50:11 | 00,071,272 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx [Disabled | Stopped])
DRV - [2008/01/21 04:21:09 | 00,017,464 | ---- | M] (Acer Laboratories Inc.) -- C:\Windows\system32\drivers\aliide.sys -- (aliide [Disabled | Stopped])
DRV - [2007/10/12 03:40:12 | 00,009,096 | ---- | M] (Advanced Micro Devices) -- C:\Windows\system32\drivers\amdide.sys -- (amdide [Boot | Running])
DRV - [2008/01/21 04:21:32 | 00,079,416 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\arc.sys -- (arc [Disabled | Stopped])
DRV - [2008/01/21 04:21:32 | 00,079,928 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas [Disabled | Stopped])
DRV - [2009/02/13 12:34:33 | 00,011,608 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys -- (avgio [System | Running])
DRV - [2009/08/18 13:08:07 | 00,055,656 | ---- | M] (Avira GmbH) -- C:\Windows\System32\DRIVERS\avgntflt.sys -- (avgntflt [Auto | Running])
DRV - [2009/03/30 10:32:47 | 00,096,104 | ---- | M] (Avira GmbH) -- C:\Windows\System32\DRIVERS\avipbb.sys -- (avipbb [System | Running])
DRV - [2006/11/02 10:24:45 | 00,013,568 | ---- | M] (Brother Industries, Ltd.) -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo [On_Demand | Stopped])
DRV - [2006/11/02 10:24:46 | 00,005,248 | ---- | M] (Brother Industries, Ltd.) -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp [On_Demand | Stopped])
DRV - [2006/11/02 10:25:24 | 00,071,808 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\system32\drivers\brserid.sys -- (Brserid [Disabled | Stopped])
DRV - [2006/11/02 10:24:44 | 00,062,336 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm [Disabled | Stopped])
DRV - [2006/11/02 10:24:44 | 00,012,160 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm [Disabled | Stopped])
DRV - [2006/11/02 10:24:47 | 00,011,904 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer [On_Demand | Stopped])
DRV - [2008/01/21 04:21:09 | 00,019,000 | ---- | M] (CMD Technology, Inc.) -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide [Disabled | Stopped])
DRV - [2009/09/01 08:13:02 | 00,014,336 | ---- | M] (CybelSoft) -- C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys -- (driverhardwarev2 [On_Demand | Stopped])
DRV - [2008/01/21 04:21:33 | 00,118,784 | ---- | M] (Intel Corporation) -- C:\Windows\System32\DRIVERS\E1G60I32.sys -- (E1G60 [On_Demand | Stopped])
DRV - [2008/01/21 04:21:30 | 00,342,584 | ---- | M] (Emulex) -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor [Disabled | Stopped])
DRV - [2009/04/11 15:18:59 | 00,069,096 | ---- | M] (Hewlett-Packard Company) -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs [Disabled | Stopped])
DRV - [2008/01/21 04:21:31 | 00,235,064 | ---- | M] (Intel Corporation) -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV [Disabled | Stopped])
DRV - [2006/11/02 11:50:17 | 00,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp [Disabled | Stopped])
DRV - [2007/04/10 13:04:40 | 04,397,568 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\System32\drivers\RtkHDAud.sys -- (IntcAzAudAddService [On_Demand | Running])
DRV - [2006/11/02 11:50:07 | 00,035,944 | ---- | M] (Integrated Technology Express, Inc.) -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi [Disabled | Stopped])
DRV - [2006/11/02 11:50:09 | 00,035,944 | ---- | M] (Integrated Technology Express, Inc.) -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid [Disabled | Stopped])
DRV - [2008/10/09 15:42:42 | 00,017,408 | ---- | M] (Windows (R) Codename Longhorn DDK provider) -- C:\Windows\System32\DRIVERS\KMWDFILTER.sys -- (KMWDFILTER [On_Demand | Stopped])
DRV - [2008/01/21 04:21:31 | 00,096,312 | ---- | M] (LSI Logic) -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC [Disabled | Stopped])
DRV - [2008/01/21 04:21:33 | 00,089,656 | ---- | M] (LSI Logic) -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS [Disabled | Stopped])
DRV - [2008/01/21 04:21:31 | 00,096,312 | ---- | M] (LSI Logic) -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI [Disabled | Stopped])
DRV - [2008/01/21 04:21:35 | 00,031,288 | ---- | M] (LSI Corporation) -- C:\Windows\system32\drivers\megasas.sys -- (megasas [Disabled | Stopped])
DRV - [2008/01/21 04:21:35 | 00,386,616 | ---- | M] (LSI Corporation, Inc.) -- C:\Windows\system32\drivers\megasr.sys -- (MegaSR [Disabled | Stopped])
DRV - [2006/11/02 11:49:59 | 00,033,384 | ---- | M] (LSI Logic Corporation) -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x [Disabled | Stopped])
DRV - [2007/10/16 17:14:24 | 00,256,512 | ---- | M] (Marvell Semiconductor, Inc) -- C:\Windows\System32\DRIVERS\MRVW13B.sys -- (MRV6X32P [On_Demand | Stopped])
DRV - [2006/11/02 11:50:19 | 00,045,160 | ---- | M] (IBM Corporation) -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960 [Disabled | Stopped])
DRV - [2006/11/02 09:36:50 | 00,020,608 | ---- | M] (N-trig Innovative Technologies) -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi [Disabled | Stopped])
DRV - [2009/08/17 00:57:00 | 09,545,152 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\DRIVERS\nvlddmkm.sys -- (nvlddmkm [On_Demand | Running])
DRV - [2008/01/21 04:21:29 | 00,102,968 | ---- | M] (NVIDIA Corporation) -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid [Disabled | Stopped])
DRV - [2008/01/21 04:21:29 | 00,045,112 | ---- | M] (NVIDIA Corporation) -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor [Disabled | Stopped])
DRV - [2009/09/06 20:47:51 | 00,206,256 | ---- | M] (PC Tools) -- C:\Windows\system32\drivers\PCTCore.sys -- (PCTCore [Boot | Stopped])
DRV - [2008/02/06 03:00:00 | 00,044,608 | ---- | M] (Sonic Solutions) -- C:\Windows\System32\Drivers\PxHelp20.sys -- (PxHelp20 [Boot | Running])
DRV - [2008/01/21 04:21:33 | 01,122,360 | ---- | M] (QLogic Corporation) -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300 [Disabled | Stopped])
DRV - [2006/11/02 11:50:35 | 00,106,088 | ---- | M] (QLogic Corporation) -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx [Disabled | Stopped])
DRV - [2009/07/29 23:30:02 | 00,172,032 | ---- | M] (Realtek ) -- C:\Windows\System32\DRIVERS\Rtlh86.sys -- (RTL8169 [On_Demand | Running])
DRV - [2006/11/02 08:37:21 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\Windows\System32\drivers\secdrv.sys -- (secdrv [Auto | Running])
DRV - [2008/01/21 04:21:34 | 00,074,808 | ---- | M] (Silicon Integrated Systems) -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4 [Disabled | Stopped])
DRV - [2009/09/22 09:39:47 | 00,721,904 | ---- | M] () -- C:\Windows\System32\Drivers\sptd.sys -- (sptd [Boot | Running])
DRV - [2009/07/17 11:05:28 | 00,028,520 | ---- | M] (Avira GmbH) -- C:\Windows\System32\DRIVERS\ssmdrv.sys -- (ssmdrv [System | Running])
DRV - [2006/11/02 11:50:05 | 00,035,944 | ---- | M] (LSI Logic) -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx [Disabled | Stopped])
DRV - [2006/11/02 11:49:56 | 00,031,848 | ---- | M] (LSI Logic) -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi [Disabled | Stopped])
DRV - [2006/11/02 11:50:03 | 00,034,920 | ---- | M] (LSI Logic) -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3 [Disabled | Stopped])
DRV - [2008/01/21 04:21:28 | 00,238,648 | ---- | M] (ULi Electronics Inc.) -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci [Disabled | Stopped])
DRV - [2006/11/02 11:50:35 | 00,098,408 | ---- | M] (Promise Technology, Inc.) -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata [Disabled | Stopped])
DRV - [2008/01/21 04:21:31 | 00,115,816 | ---- | M] (Promise Technology, Inc.) -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2 [Disabled | Stopped])
DRV - [2008/01/21 04:21:09 | 00,020,024 | ---- | M] (VIA Technologies, Inc.) -- C:\Windows\system32\drivers\viaide.sys -- (viaide [Disabled | Stopped])
DRV - [2008/01/21 04:21:32 | 00,130,616 | ---- | M] (VIA Technologies Inc.,Ltd) -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid [Disabled | Stopped])
DRV - [2008/10/06 11:53:24 | 00,015,656 | ---- | M] (Wacom Technology) -- C:\Windows\System32\DRIVERS\wacmoumonitor.sys -- (wacmoumonitor [On_Demand | Running])
DRV - [2007/02/16 11:12:36 | 00,011,312 | ---- | M] (Wacom Technology) -- C:\Windows\System32\DRIVERS\wacommousefilter.sys -- (wacommousefilter [On_Demand | Running])
DRV - [2008/08/18 15:45:00 | 00,013,352 | ---- | M] (Wacom Technology) -- C:\Windows\System32\DRIVERS\wacomvhid.sys -- (wacomvhid [On_Demand | Running])
DRV - [2007/02/15 16:11:28 | 00,011,440 | ---- | M] (Wacom Technology) -- C:\Windows\System32\DRIVERS\WacomVKHid.sys -- (WacomVKHid [On_Demand | Running])

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie

IE - HKU\.DEFAULT\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-602162358-1417001333-1801674531-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
IE - HKU\S-1-5-21-602162358-1417001333-1801674531-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\S-1-5-21-602162358-1417001333-1801674531-1003\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKU\S-1-5-21-602162358-1417001333-1801674531-1003\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
IE - HKU\S-1-5-21-602162358-1417001333-1801674531-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKU\S-1-5-21-602162358-1417001333-1801674531-1003\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKU\S-1-5-21-602162358-1417001333-1801674531-1003\S-1-5-21-602162358-1417001333-1801674531-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-602162358-1417001333-1801674531-1003\S-1-5-21-602162358-1417001333-1801674531-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.update: false
FF - prefs.js..browser.startup.homepage: "http://www.google.fr/"
FF - prefs.js..extensions.enabledItems: {6AC85730-7D0F-4de0-B3FA-21142DD85326}:2.0
FF - prefs.js..extensions.enabledItems: firebug@software.joehewitt.com:1.4.2
FF - prefs.js..extensions.enabledItems: {3b56bcc7-54e5-44a2-9b44-66c3ef58c13e}:0.8.5.2
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA}:6.0.10
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}:6.0.11
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {bb628310-0ab7-11db-9cd8-0800200c9a66}:3.0.4.0
FF - prefs.js..extensions.enabledItems: {20a82645-c095-46ed-80e3-08825760534b}:1.0
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.0.14
FF - prefs.js..keyword.URL: "http://search.live.com/results.aspx?mkt=fr-FR&FORM=MIMWA2&q="

FF - HKLM\software\mozilla\Firefox\extensions\\jqs@sun.com: C:\Program Files\Java\jre6\lib\deploy\jqs\ff [2009/09/13 21:42:30 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\extensions\\{20a82645-c095-46ed-80e3-08825760534b}: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2009/09/14 00:27:13 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.14\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2009/10/05 18:58:51 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.14\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2009/09/27 07:41:50 | 00,000,000 | ---D | M]

[2009/09/13 22:00:20 | 00,000,000 | ---D | M] -- C:\Users\Flox\AppData\Roaming\mozilla\Extensions
[2008/10/25 21:13:41 | 00,000,000 | ---D | M] -- C:\Users\Flox\AppData\Roaming\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2009/09/14 00:52:42 | 00,000,000 | ---D | M] -- C:\Users\Flox\AppData\Roaming\mozilla\Firefox\Profiles\eticczpt.default\extensions
[2009/09/13 22:00:23 | 00,000,000 | ---D | M] -- C:\Users\Flox\AppData\Roaming\mozilla\Firefox\Profiles\eticczpt.default\extensions\{3b56bcc7-54e5-44a2-9b44-66c3ef58c13e}
[2009/09/13 22:00:25 | 00,000,000 | ---D | M] -- C:\Users\Flox\AppData\Roaming\mozilla\Firefox\Profiles\eticczpt.default\extensions\{6AC85730-7D0F-4de0-B3FA-21142DD85326}
[2009/09/13 23:10:47 | 00,000,000 | ---D | M] -- C:\Users\Flox\AppData\Roaming\mozilla\Firefox\Profiles\eticczpt.default\extensions\{bb628310-0ab7-11db-9cd8-0800200c9a66}
[2009/09/13 22:00:22 | 00,000,000 | ---D | M] -- C:\Users\Flox\AppData\Roaming\mozilla\Firefox\Profiles\eticczpt.default\extensions\firebug@software.joehewitt.com
[2009/03/08 13:10:43 | 00,001,775 | ---- | M] () -- C:\Users\Flox\AppData\Roaming\Mozilla\FireFox\Profiles\eticczpt.default\searchplugins\live-search.xml
[2009/09/14 00:52:42 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions
[2009/09/27 07:41:50 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2009/09/13 21:43:05 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA}
[2009/09/13 21:43:05 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}
[2009/09/27 07:41:36 | 00,023,032 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browserdirprovider.dll
[2009/09/27 07:41:36 | 00,134,648 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\brwsrcmp.dll
[2009/05/01 23:02:48 | 01,044,480 | ---- | M] (The OpenSSL Project, http://www.openssl.org/) -- C:\Program Files\mozilla firefox\plugins\libdivx.dll
[2006/05/29 16:40:26 | 07,296,000 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\libvlc.dll
[2009/01/16 20:17:04 | 00,114,688 | ---- | M] (Adobe Systems, Inc.) -- C:\Program Files\mozilla firefox\plugins\np32dsw.dll
[2008/11/10 06:43:30 | 00,410,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeploytk.dll
[2009/05/12 20:46:20 | 01,650,992 | ---- | M] (DivX,Inc.) -- C:\Program Files\mozilla firefox\plugins\npdivx32.dll
[2009/05/19 00:41:32 | 00,098,304 | ---- | M] (DivX, Inc) -- C:\Program Files\mozilla firefox\plugins\npDivxPlayerPlugin.dll
[2007/02/12 21:30:16 | 00,164,352 | ---- | M] (Indiepath Ltd) -- C:\Program Files\mozilla firefox\plugins\npigl.dll
[2009/09/27 07:41:42 | 00,065,528 | ---- | M] (mozilla.org) -- C:\Program Files\mozilla firefox\plugins\npnul32.dll
[2006/10/26 20:12:16 | 00,016,192 | ---- | M] (Microsoft Corporation) -- C:\Program Files\mozilla firefox\plugins\NPOFF12.DLL
[2008/06/11 22:45:28 | 00,103,792 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\mozilla firefox\plugins\nppdf32.dll
[2009/01/19 14:37:02 | 00,144,984 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\mozilla firefox\plugins\nppl3260.dll
[2009/02/16 18:02:26 | 00,126,976 | ---- | M] (Apple Computer, Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin.dll
[2009/02/16 18:02:26 | 00,126,976 | ---- | M] (Apple Computer, Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll
[2009/02/16 18:02:26 | 00,126,976 | ---- | M] (Apple Computer, Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll
[2009/02/16 18:02:26 | 00,126,976 | ---- | M] (Apple Computer, Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll
[2009/02/16 18:02:27 | 00,126,976 | ---- | M] (Apple Computer, Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll
[2009/02/16 18:02:27 | 00,126,976 | ---- | M] (Apple Computer, Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin6.dll
[2009/01/19 14:37:13 | 00,024,576 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\mozilla firefox\plugins\nprjplug.dll
[2009/01/19 14:36:57 | 00,081,920 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\mozilla firefox\plugins\nprpjplug.dll
[2009/05/01 23:02:48 | 00,200,704 | ---- | M] (The OpenSSL Project, http://www.openssl.org/) -- C:\Program Files\mozilla firefox\plugins\ssldivx.dll
[2009/09/27 07:41:44 | 00,001,516 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-france.xml
[2009/09/27 07:41:44 | 00,000,757 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-france.xml
[2009/09/27 07:41:44 | 00,001,706 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\google.xml
[2009/09/27 07:41:44 | 00,000,748 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\MediaDICO-fr.xml
[2009/09/27 07:41:44 | 00,001,426 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-fr.xml
[2009/09/27 07:41:44 | 00,000,652 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-france.xml

O1 HOSTS File: (610124 bytes) - C:\Windows\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 ad.a8.net
O1 - Hosts: 127.0.0.1 asy.a8ww.net
O1 - Hosts: 127.0.0.1 acezip.net #[SiteAdvisor.acezip.net]
O1 - Hosts: 127.0.0.1 www.acezip.net #[Win32/Adware.180Solutions]
O1 - Hosts: 127.0.0.1 phpadsnew.abac.com
O1 - Hosts: 127.0.0.1 a.abnad.net
O1 - Hosts: 127.0.0.1 b.abnad.net
O1 - Hosts: 127.0.0.1 c.abnad.net #[eTrust.Tracking.Cookie]
O1 - Hosts: 127.0.0.1 d.abnad.net
O1 - Hosts: 127.0.0.1 e.abnad.net
O1 - Hosts: 127.0.0.1 t.abnad.net
O1 - Hosts: 127.0.0.1 z.abnad.net
O1 - Hosts: 127.0.0.1 banners.absolpublisher.com
O1 - Hosts: 127.0.0.1 tracking.absolstats.com
O1 - Hosts: 127.0.0.1 adv.abv.bg
O1 - Hosts: 127.0.0.1 bimg.abv.bg
O1 - Hosts: 127.0.0.1 www2.a-counter.kiev.ua
O1 - Hosts: 127.0.0.1 track.acclaimnetwork.com
O1 - Hosts: 127.0.0.1 accuserveadsystem.com
O1 - Hosts: 127.0.0.1 www.accuserveadsystem.com
O1 - Hosts: 127.0.0.1 gtb5.acecounter.com
O1 - Hosts: 127.0.0.1 gtb19.acecounter.com
O1 - Hosts: 127.0.0.1 gtcc1.acecounter.com
O1 - Hosts: 127.0.0.1 gtp1.acecounter.com #[eTrust.Tracking.Cookie]
O1 - Hosts: 16290 more lines...
O2 - BHO: (ContributeBHO Class) - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files\Adobe\Adobe Contribute CS4\contributeieplugin.dll (Adobe Systems Incorporated.)
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Ript) - {91D9091B-2046-42f7-903E-1215A29E21EA} - C:\Program Files\Ript\mscoree.dll (Microsoft Corporation)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.15642\swg.dll File not found
O2 - BHO: (Google Dictionary Compression sdch) - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll (Google Inc.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (no name) - {F880A4A8-C436-4AC4-AFD1-AA0BDC9552DD} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Contribute Toolbar) - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files\Adobe\Adobe Contribute CS4\contributeieplugin.dll (Adobe Systems Incorporated.)
O3 - HKU\S-1-5-21-602162358-1417001333-1801674531-1003\..\Toolbar\ShellBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKU\S-1-5-21-602162358-1417001333-1801674531-1003\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKU\S-1-5-21-602162358-1417001333-1801674531-1003\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [GrooveMonitor] C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe (Microsoft Corporation)
O4 - HKLM..\Run: [ISTray] C:\Program Files\Spyware Doctor\pctsTray.exe (PC Tools)
O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-602162358-1417001333-1801674531-1003..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-602162358-1417001333-1801674531-1003..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe (Microsoft Corporation)
O4 - Startup: C:\Users\Flox\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\GIGABYTE VGA Utility.lnk = C:\Users\Flox\AppData\Roaming\Microsoft\Installer\{D27BDB5D-3B4C-44F0-A648-BD00B0E79B39}\Utility.exe2_D27BDB5D3B4C44F0A648BD00B0E79B39.exe (Macrovision Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: BindDirectlyToPropertySetStorage = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O7 - HKU\S-1-5-21-602162358-1417001333-1801674531-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Ajouter à un fichier PDF existant - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Ajouter la cible du lien à un fichier PDF existant - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convertir au format Adobe PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convertir la cible du lien au format Adobe PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: E&xporter vers Microsoft Excel - C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE File not found
O8 - Extra context menu item: SmarThru4 Capture Selection - C:\Program Files\SmarThru 4\WebCapture.dll2.htm File not found
O8 - Extra context menu item: SmarThru4 Enregistrer au format HTML - C:\Program Files\SmarThru 4\WebCapture.dll1.htm File not found
O8 - Extra context menu item: SmarThru4 Enregistrer le texte sélectionné - C:\Program Files\SmarThru 4\WebCapture.dll.htm File not found
O8 - Extra context menu item: SmarThru4 Save as HTML - C:\Program Files\SmarThru 4\WebCapture.dll1.htm File not found
O8 - Extra context menu item: SmarThru4 Save Selected Text - C:\Program Files\SmarThru 4\WebCapture.dll.htm File not found
O8 - Extra context menu item: SmarThru4 Sélection par capture - C:\Program Files\SmarThru 4\WebCapture.dll2.htm File not found
O8 - Extra context menu item: SmarThru4 Web Capture - C:\Program Files\SmarThru 4\WebCapture.dll File not found
O9 - Extra Button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programmes\Microsoft Office\Office12\ONBttnIE.dll File not found
O9 - Extra 'Tools' menuitem : &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programmes\Microsoft Office\Office12\ONBttnIE.dll File not found
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programmes\Microsoft Office\Office12\REFIEBAR.DLL File not found
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\Windows\Network Diagnostic\xpnetdiag.exe (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\System32\NLAapi.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Extensis\Extensis Suitcase 11\Bonjour\mdnsNSP.dll (Apple Computer, Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\System32\napinsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\System32\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Windows\System32\pnrpnsp.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} http://upload.facebook.com/controls/200 ... oader5.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macromedia.com/pub/shoc ... tor/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shoc ... wflash.cab (Shockwave Flash Object)
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programmes\Common Files\System\Ole DB\MSDAIPP.DLL File not found
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programmes\Common Files\System\Ole DB\MSDAIPP.DLL File not found
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programmes\Common Files\System\Ole DB\MSDAIPP.DLL File not found
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programmes\Common Files\System\Ole DB\MSDAIPP.DLL File not found
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programmes\Common Files\System\Ole DB\MSDAIPP.DLL File not found
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programmes\Common Files\System\Ole DB\MSDAIPP.DLL File not found
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programmes\Common Files\System\Ole DB\MSDAIPP.DLL File not found
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Filter: - text/xml - C:\Programmes\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\Explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: GinaDLL - (MrvGINA.dll) - File not found
O24 - Desktop Components:0 (Ma page d'accueil) - About:Home
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 23:43:36 | 00,000,024 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2008/09/09 01:15:12 | 00,000,000 | ---- | M] () - D:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\Windows\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - File not found
O35 - comfile [open] -- "%1" %* File not found
O35 - exefile [open] -- "%1" %* File not found

========== Files/Folders - Created Within 30 Days ==========

[2009/09/13 22:19:08 | 00,000,000 | -HSD | C] -- C:\ProgramData\Bureau
[2009/09/13 22:19:08 | 00,000,000 | -HSD | C] -- C:\ProgramData\Favoris
[2009/10/07 15:00:15 | 00,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2009/09/13 22:19:08 | 00,000,000 | -HSD | C] -- C:\ProgramData\Menu Démarrer
[2009/09/13 19:51:03 | 00,000,000 | ---D | C] -- C:\ProgramData\Microsoft Corporation
[2009/09/13 22:19:09 | 00,000,000 | -HSD | C] -- C:\ProgramData\Modèles
[2009/09/13 23:22:45 | 00,000,000 | ---D | C] -- C:\ProgramData\NVIDIA
[2009/09/18 14:30:16 | 00,000,000 | ---D | C] -- C:\ProgramData\Ript
[2009/09/13 21:27:25 | 00,000,000 | ---D | C] -- C:\Users\Flox\AppData\Roaming
[2009/09/14 11:53:38 | 00,000,000 | ---D | C] -- C:\Users\Flox\AppData\Roaming\Canon
[2009/09/22 14:19:24 | 00,000,000 | ---D | C] -- C:\Users\Flox\AppData\Roaming\Corel
[2009/09/22 09:35:40 | 00,000,000 | ---D | C] -- C:\Users\Flox\AppData\Roaming\DAEMON Tools Lite
[2009/09/18 14:30:28 | 00,000,000 | ---D | C] -- C:\Users\Flox\AppData\Roaming\FastStone
[2009/10/07 14:53:22 | 00,000,000 | ---D | C] -- C:\Users\Flox\AppData\Roaming\Malwarebytes
[2009/09/13 21:27:25 | 00,000,000 | ---D | C] -- C:\Users\Flox\AppData\Roaming\Media Center Programs
[2009/09/13 21:27:25 | 00,000,000 | --SD | C] -- C:\Users\Flox\AppData\Roaming\Microsoft
[2009/09/18 14:30:16 | 00,000,000 | ---D | C] -- C:\Users\Flox\AppData\Roaming\Ript
[2009/09/22 09:09:31 | 00,000,000 | ---D | C] -- C:\Users\Flox\AppData\Roaming\WTablet
[2009/09/13 21:27:25 | 00,000,000 | -HSD | C] -- C:\Users\Flox\AppData\Local\Application Data
[2009/09/13 21:27:25 | 00,000,000 | -HSD | C] -- C:\Users\Flox\AppData\Local\Historique
[2009/09/13 21:27:25 | 00,000,000 | ---D | C] -- C:\Users\Flox\AppData\Local\Microsoft
[2009/09/14 01:03:35 | 00,000,000 | ---D | C] -- C:\Users\Flox\AppData\Local\Microsoft Games
[2009/09/13 22:46:09 | 00,000,000 | ---D | C] -- C:\Users\Flox\AppData\Local\Quark
[2009/09/18 14:30:16 | 00,000,000 | ---D | C] -- C:\Users\Flox\AppData\Local\Ript
[2009/09/13 21:27:25 | 00,000,000 | ---D | C] -- C:\Users\Flox\AppData\Local\Temp
[2009/09/13 21:27:25 | 00,000,000 | -HSD | C] -- C:\Users\Flox\AppData\Local\Temporary Internet Files
[2009/09/13 23:52:31 | 00,000,000 | ---D | C] -- C:\Users\Flox\AppData\Local\VirtualStore
[2009/09/13 21:42:04 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\SpeechEngines
[2009/09/18 15:29:29 | 00,000,000 | ---D | C] -- C:\Program Files\Ambient Design
[2009/09/14 15:29:03 | 00,000,000 | ---D | C] -- C:\Program Files\BitLocker
[2009/09/22 09:42:41 | 00,000,000 | ---D | C] -- C:\Program Files\Corel
[2009/09/18 14:30:25 | 00,000,000 | ---D | C] -- C:\Program Files\FastStone Capture
[2009/09/13 22:19:09 | 00,000,000 | -HSD | C] -- C:\Program Files\Fichiers communs
[2009/10/07 15:00:15 | 00,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2009/09/14 15:13:08 | 00,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2009/09/13 19:50:36 | 00,000,000 | ---D | C] -- C:\Program Files\Microsoft Windows Vista Upgrade Advisor
[2009/09/13 23:22:34 | 00,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation
[2009/09/18 14:29:53 | 00,000,000 | ---D | C] -- C:\Program Files\Ript
[2009/09/18 15:14:59 | 00,000,000 | ---D | C] -- C:\Program Files\Shape Collage
[2009/09/22 09:04:59 | 00,000,000 | ---D | C] -- C:\Program Files\Tablet
[2009/09/18 14:34:36 | 00,000,000 | ---D | C] -- C:\Program Files\Veign
[2009/09/13 22:35:52 | 00,000,000 | ---D | C] -- C:\Program Files\Yamicsoft
[2009/10/12 16:39:13 | 00,000,000 | ---D | C] -- C:\RootRepeal
[2009/10/09 12:08:27 | 00,000,000 | ---D | C] -- C:\Users\Flox\Documents\Nouveau dossier
[2009/10/07 15:00:16 | 00,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2009/10/07 15:00:15 | 00,019,160 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2009/10/07 14:46:53 | 04,045,528 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\Flox\Desktop\mbam-setup.exe
[2009/10/07 14:45:13 | 00,520,704 | ---- | C] (OldTimer Tools) -- C:\Users\Flox\Desktop\OTL.exe
[2009/10/02 13:26:01 | 00,000,000 | ---D | C] -- C:\Users\Flox\Desktop\2009_10_02
[2009/09/29 11:55:26 | 00,000,000 | ---D | C] -- C:\Users\Flox\Desktop\2009_09_29
[2009/09/22 11:34:13 | 00,000,000 | ---D | C] -- C:\Users\Flox\Desktop\2009_09_22
[2009/09/22 09:09:27 | 04,257,576 | ---- | C] (Wacom Technology, Corp.) -- C:\Windows\System32\PenTablet.cpl
[2009/09/22 09:08:52 | 00,011,440 | ---- | C] (Wacom Technology) -- C:\Windows\System32\drivers\WacomVKHid.sys
[2009/09/22 09:07:50 | 00,013,352 | ---- | C] (Wacom Technology) -- C:\Windows\System32\drivers\wacomvhid.sys
[2009/09/22 09:07:50 | 00,011,312 | ---- | C] (Wacom Technology) -- C:\Windows\System32\drivers\wacommousefilter.sys
[2009/09/22 09:05:02 | 00,015,656 | ---- | C] (Wacom Technology) -- C:\Windows\System32\drivers\wacmoumonitor.sys
[2009/09/22 09:05:02 | 00,000,000 | ---D | C] -- C:\Windows\System32\WTablet
[2009/09/22 09:05:00 | 02,789,160 | ---- | C] (Wacom Technology, Corp.) -- C:\Windows\System32\Pen_Tablet.exe
[2009/09/22 09:05:00 | 00,217,384 | ---- | C] (Wacom Technology, Corp.) -- C:\Windows\System32\Pen_Tablet.dll
[2009/09/22 09:05:00 | 00,172,840 | ---- | C] (Wacom Technology, Corp.) -- C:\Windows\System32\Wintab32.dll
[2009/09/18 14:34:37 | 00,244,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msflxgrd.ocx
[2009/09/18 14:34:37 | 00,233,472 | ---- | C] (DSX) -- C:\Windows\System32\XDockFloat.dll
[2009/09/18 14:34:37 | 00,212,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\richtx32.ocx
[2009/09/18 14:34:37 | 00,167,936 | ---- | C] (Common Controls Replacement Project (CCRP)) -- C:\Windows\System32\ccrpftv6.ocx
[2009/09/18 14:34:37 | 00,094,208 | ---- | C] (vbAccelerator) -- C:\Windows\System32\vbalIml6.ocx
[2009/09/18 14:34:37 | 00,065,536 | ---- | C] (vbAccelerator) -- C:\Windows\System32\vbalIcoM6.dll
[2009/09/14 15:13:11 | 01,171,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SecureKeyBackupCPL.dll
[2009/09/14 15:12:40 | 00,000,000 | ---D | C] -- C:\Windows\System32\zh-TW
[2009/09/14 15:12:40 | 00,000,000 | ---D | C] -- C:\Windows\System32\zh-CN
[2009/09/14 15:12:39 | 00,000,000 | ---D | C] -- C:\Windows\System32\ko-KR
[2009/09/14 15:12:39 | 00,000,000 | ---D | C] -- C:\Windows\System32\ja-JP
[2009/09/14 01:09:05 | 00,000,000 | ---D | C] -- C:\Windows\System32\WindowsPowerShell
[2009/09/14 00:50:14 | 00,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2009/09/14 00:43:37 | 00,233,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DreamScene.dll
[2009/09/14 00:41:21 | 03,851,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_39.dll
[2009/09/14 00:35:38 | 00,000,000 | ---D | C] -- C:\Windows\PCHEALTH
[2009/09/14 00:30:34 | 00,675,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gpprefcl.dll
[2009/09/14 00:23:50 | 10,628,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmp.dll
[2009/09/14 00:23:49 | 00,313,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpdxm.dll
[2009/09/14 00:23:49 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdxm.ocx
[2009/09/14 00:23:49 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxmasf.dll
[2009/09/14 00:23:48 | 08,147,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmploc.DLL
[2009/09/14 00:23:48 | 00,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdxm.tlb
[2009/09/14 00:23:48 | 00,018,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\amcompat.tlb
[2009/09/14 00:23:48 | 00,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spwmp.dll
[2009/09/14 00:23:37 | 00,904,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\tcpip.sys
[2009/09/14 00:23:37 | 00,105,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netiohlp.dll
[2009/09/14 00:23:37 | 00,027,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NETSTAT.EXE
[2009/09/14 00:23:36 | 00,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\tcpipreg.sys
[2009/09/14 00:23:36 | 00,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ARP.EXE
[2009/09/14 00:23:36 | 00,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ROUTE.EXE
[2009/09/14 00:23:36 | 00,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netevent.dll
[2009/09/14 00:23:36 | 00,011,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MRINFO.EXE
[2009/09/14 00:23:36 | 00,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\finger.exe
[2009/09/14 00:23:36 | 00,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TCPSVCS.EXE
[2009/09/14 00:23:36 | 00,008,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\HOSTNAME.EXE
[2009/09/14 00:22:46 | 00,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\atl.dll
[2009/09/14 00:22:38 | 03,599,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.dll
[2009/09/14 00:22:37 | 06,079,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieframe.dll
[2009/09/14 00:22:33 | 01,167,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\urlmon.dll
[2009/09/14 00:22:33 | 00,828,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wininet.dll
[2009/09/14 00:22:33 | 00,180,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2009/09/14 00:22:33 | 00,078,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieencode.dll
[2009/09/14 00:22:25 | 00,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Apphlpdm.dll
[2009/09/14 00:22:24 | 04,240,384 | ---- | C] (Microsoft) -- C:\Windows\System32\GameUXLegacyGDFs.dll
[2009/09/14 00:21:57 | 00,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wkssvc.dll
[2009/09/14 00:21:51 | 02,868,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mf.dll
[2009/09/14 00:21:51 | 02,386,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVCORE.DLL
[2009/09/14 00:21:42 | 00,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlanmsm.dll
[2009/09/14 00:21:42 | 00,127,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\L2SecHC.dll
[2009/09/14 00:21:41 | 00,302,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlansec.dll
[2009/09/14 00:21:40 | 00,513,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlansvc.dll
[2009/09/14 00:21:40 | 00,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlanapi.dll
[2009/09/14 00:21:35 | 02,066,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstscax.dll
[2009/09/14 00:21:33 | 01,259,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\lsasrv.dll
[2009/09/14 00:21:33 | 00,499,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\kerberos.dll
[2009/09/14 00:21:33 | 00,439,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ksecdd.sys
[2009/09/14 00:21:33 | 00,270,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\schannel.dll
[2009/09/14 00:21:33 | 00,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msv1_0.dll
[2009/09/14 00:21:33 | 00,175,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wdigest.dll
[2009/09/14 00:21:32 | 00,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secur32.dll
[2009/09/14 00:21:32 | 00,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\lsass.exe
[2009/09/14 00:21:15 | 02,034,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2009/09/14 00:21:12 | 00,289,792 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll
[2009/09/14 00:21:12 | 00,156,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\t2embed.dll
[2009/09/14 00:21:12 | 00,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fontsub.dll
[2009/09/14 00:21:12 | 00,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\lpk.dll
[2009/09/14 00:21:12 | 00,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dciman32.dll
[2009/09/14 00:21:10 | 00,784,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rpcrt4.dll
[2009/09/14 00:20:21 | 00,091,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\avifil32.dll
[2009/09/14 00:20:20 | 00,623,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\localspl.dll
[2009/09/14 00:20:18 | 00,512,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll
[2009/09/13 23:26:35 | 00,000,000 | -H-D | C] -- C:\Windows\Icons
[2009/09/13 23:19:08 | 00,000,000 | ---D | C] -- C:\NVIDIA
[2009/09/13 23:14:52 | 00,172,032 | ---- | C] (Realtek ) -- C:\Windows\System32\drivers\Rtlh86.sys
[2009/09/13 23:14:52 | 00,094,208 | ---- | C] (Realtek Semiconductor Corporation) -- C:\Windows\System32\RTNUninst32.dll
[2009/09/13 22:23:05 | 01,809,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuaueng.dll
[2009/09/13 22:23:05 | 01,524,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wucltux.dll
[2009/09/13 22:23:05 | 00,051,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuauclt.exe
[2009/09/13 22:23:05 | 00,043,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups2.dll
[2009/09/13 22:22:38 | 00,561,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapi.dll
[2009/09/13 22:22:38 | 00,083,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wudriver.dll
[2009/09/13 22:22:38 | 00,034,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups.dll
[2009/09/13 22:22:22 | 00,162,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuwebv.dll
[2009/09/13 22:22:22 | 00,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapp.exe
[2009/09/13 22:19:09 | 00,000,000 | -HSD | C] -- C:\Users\Public\Documents\Mes vidéos
[2009/09/13 22:19:09 | 00,000,000 | -HSD | C] -- C:\Users\Public\Documents\Mes images
[2009/09/13 22:19:09 | 00,000,000 | -HSD | C] -- C:\Users\Public\Documents\Ma musique
[2009/09/13 22:13:58 | 00,000,000 | ---D | C] -- C:\Windows\Panther
[2009/09/13 22:13:40 | 16,126,464 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\RTHDCPL.EXE
[2009/09/13 22:13:40 | 09,715,200 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\RTLCPL.EXE
[2009/09/13 22:13:40 | 04,397,568 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\drivers\RtkHDAud.sys
[2009/09/13 22:13:40 | 02,808,832 | ---- | C] (RealTek Semicoductor Corp.) -- C:\Windows\ALCWZRD.EXE
[2009/09/13 22:13:40 | 02,157,568 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\MicCal.exe
[2009/09/13 22:13:40 | 01,822,720 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SkyTel.exe
[2009/09/13 22:13:40 | 01,191,936 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\RtlUpd.exe
[2009/09/13 22:13:40 | 00,299,008 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\ALSNDMGR.CPL
[2009/09/13 22:13:40 | 00,282,624 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RTSndMgr.CPL
[2009/09/13 22:13:40 | 00,086,016 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SOUNDMAN.EXE
[2009/09/13 22:13:40 | 00,069,632 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\ALCMTR.EXE
[2009/09/13 22:10:47 | 00,000,000 | ---D | C] -- C:\Windows\Debug
[2009/09/13 21:27:25 | 00,000,000 | -HSD | C] -- C:\Users\Flox\Documents\Mes vidéos
[2009/09/13 21:27:25 | 00,000,000 | -HSD | C] -- C:\Users\Flox\Documents\Mes images
[2009/09/13 21:27:25 | 00,000,000 | -HSD | C] -- C:\Users\Flox\Documents\Ma musique
[2009/09/13 21:24:23 | 00,000,000 | ---D | C] -- C:\Windows\System32\RTCOM
[2009/09/13 21:20:30 | 00,000,000 | ---D | C] -- C:\Windows\CSC
[2009/09/13 21:15:05 | 00,000,000 | ---D | C] -- C:\Windows\Prefetch
[2009/09/13 20:49:13 | 00,000,000 | -HSD | C] -- C:\Boot

========== Files - Modified Within 30 Days ==========

[2009/10/12 17:50:13 | 00,000,416 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{6C5D8E40-C3CA-448D-99E9-5E95EF80DE63}.job
[2009/10/12 16:56:11 | 01,510,272 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2009/10/12 16:56:11 | 00,683,446 | ---- | M] () -- C:\Windows\System32\perfh00C.dat
[2009/10/12 16:56:11 | 00,599,416 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2009/10/12 16:56:11 | 00,130,186 | ---- | M] () -- C:\Windows\System32\perfc00C.dat
[2009/10/12 16:56:11 | 00,106,532 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2009/10/12 16:51:16 | 00,096,848 | ---- | M] () -- C:\Windows\System32\GDIPFONTCACHEV1.DAT
[2009/10/12 16:50:40 | 00,003,568 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2009/10/12 16:50:40 | 00,003,568 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2009/10/12 16:50:17 | 06,964,984 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2009/10/12 16:50:16 | 00,032,784 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2009/10/12 16:50:15 | 00,032,784 | ---- | M] () -- C:\ProgramData\nvModes.001
[2009/10/12 16:50:11 | 00,002,649 | ---- | M] () -- C:\Users\Flox\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\GIGABYTE VGA Utility.lnk
[2009/10/12 16:49:37 | 00,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2009/10/12 16:49:33 | 00,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2009/10/12 16:47:28 | 03,680,816 | -H-- | M] () -- C:\Users\Flox\AppData\Local\IconCache.db
[2009/10/12 16:38:37 | 00,464,491 | ---- | M] () -- C:\Users\Flox\Desktop\RootRepeal.zip
[2009/10/11 21:21:42 | 00,010,488 | ---- | M] () -- C:\Users\Flox\Desktop\L.docx
[2009/10/07 15:00:18 | 00,000,818 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2009/10/07 14:51:27 | 04,045,528 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\Flox\Desktop\mbam-setup.exe
[2009/10/07 14:46:11 | 00,520,704 | ---- | M] (OldTimer Tools) -- C:\Users\Flox\Desktop\OTL.exe
[2009/10/07 09:33:27 | 00,000,160 | ---- | M] () -- C:\Users\Flox\Desktop\ColorPic.ini
[2009/10/07 09:33:27 | 00,000,000 | ---- | M] () -- C:\Users\Flox\Desktop\palettes.xml
[2009/10/06 11:58:30 | 00,013,515 | ---- | M] () -- C:\Users\Flox\Desktop\DEVELOPPEUR LOGICIEL.docx
[2009/10/06 11:57:07 | 00,056,955 | ---- | M] () -- C:\Users\Flox\Desktop\DEVELOPPEUR LOGICIEL.pdf
[2009/10/06 10:15:00 | 00,109,495 | ---- | M] () -- C:\Users\Flox\Desktop\cvitae.pdf
[2009/09/30 15:07:16 | 00,095,692 | ---- | M] () -- C:\Users\Flox\Desktop\Magnificent.ttf
[2009/09/28 11:03:23 | 00,140,966 | ---- | M] () -- C:\Users\Flox\Desktop\GBEA.N.pdf
[2009/09/26 07:23:27 | 00,061,440 | ---- | M] () -- C:\Users\Flox\Desktop\Livre 1.indb
[2009/09/25 11:33:42 | 00,046,167 | ---- | M] () -- C:\Users\Flox\Desktop\cv-f-schule.pdf
[2009/09/24 07:28:54 | 00,044,261 | ---- | M] () -- C:\Users\Flox\Desktop\cv-f.schule.pdf
[2009/09/22 09:39:47 | 00,721,904 | ---- | M] () -- C:\Windows\System32\drivers\sptd.sys
[2009/09/22 09:21:16 | 00,012,288 | ---- | M] () -- C:\Users\Flox\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/09/21 20:49:54 | 34,493,134 | ---- | M] () -- C:\Users\Flox\Desktop\alex.psd
[2009/09/20 20:31:14 | 00,138,008 | ---- | M] () -- C:\Users\Flox\Desktop\cousins.jpg
[2009/09/20 20:31:07 | 00,140,402 | ---- | M] () -- C:\Users\Flox\Desktop\filles.jpg
[2009/09/19 18:21:44 | 07,983,819 | ---- | M] () -- C:\Users\Flox\Desktop\enf.psd
[2009/09/18 15:14:59 | 00,000,864 | ---- | M] () -- C:\Users\Public\Desktop\Shape Collage.lnk
[2009/09/18 14:55:09 | 00,000,847 | ---- | M] () -- C:\Users\Public\Desktop\Cfont Pro.lnk
[2009/09/18 14:30:26 | 00,000,872 | ---- | M] () -- C:\Users\Public\Desktop\FastStone Capture.lnk
[2009/09/18 14:29:55 | 00,001,636 | ---- | M] () -- C:\Users\Public\Desktop\Ript.lnk
[2009/09/17 14:15:40 | 00,001,853 | ---- | M] () -- C:\Users\Flox\Desktop\photos_famille - Raccourci.lnk
[2009/09/16 09:52:52 | 00,788,256 | ---- | M] () -- C:\Users\Flox\Documents\FM bois (2).pdf
[2009/09/16 09:49:22 | 00,353,379 | ---- | M] () -- C:\Users\Flox\Documents\Copie de FM bois (2).pdf
[2009/09/14 10:42:59 | 00,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_00_00.Wdf
[2009/09/14 00:32:58 | 00,000,552 | ---- | M] () -- C:\Windows\win.ini
[2009/09/13 23:25:51 | 00,000,680 | ---- | M] () -- C:\Users\Flox\AppData\Local\d3d9caps.dat
[2009/09/13 22:15:28 | 00,448,550 | ---- | M] () -- C:\Windows\System32\license.rtf
[2009/09/13 22:13:43 | 00,008,192 | R-S- | M] () -- C:\BOOTSECT.BAK
[2009/09/13 22:13:42 | 00,000,368 | RHS- | M] () -- C:\Boot.ini.saved
[2009/09/13 22:12:15 | 00,022,476 | ---- | M] () -- C:\Windows\System32\emptyregdb.dat
[2009/09/13 22:03:38 | 00,000,060 | ---- | M] () -- C:\Windows\wininit.ini
[2009/09/13 22:03:35 | 00,000,260 | ---- | M] () -- C:\Windows\_delis32.ini
[2009/09/13 20:49:19 | 00,000,368 | -H-- | M] () -- C:\Boot.BAK
[2009/09/13 20:29:12 | 00,001,142 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-602162358-1417001333-1801674531-1003UA.job
[2009/09/13

de **FloGraphiste** » 12 Oct 2009, 17:21

Voici donc le nouveau rapport OTL:

OTL logfile created on: 12/10/2009 17:48:11 - Run 2
OTL by OldTimer - Version 3.0.18.4 Folder = C:\Users\Flox\Desktop
Windows Vista Ultimate Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6002.18005)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

2,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 100,00% Memory free
4,00 Gb Paging File | 4,00 Gb Available in Paging File | 100,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 31,49 Gb Total Space | 3,36 Gb Free Space | 10,66% Space Free | Partition Type: NTFS
Drive D: | 232,88 Gb Total Space | 200,21 Gb Free Space | 85,97% Space Free | Partition Type: NTFS
Drive E: | 372,61 Gb Total Space | 293,55 Gb Free Space | 78,78% Space Free | Partition Type: NTFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: PC-DE-FLORENCE
Current User Name: Flox
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2009/08/17 02:41:48 | 00,215,584 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvvsvc.exe
PRC - [2009/08/17 02:41:48 | 00,215,584 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvvsvc.exe
PRC - [2009/07/17 11:05:28 | 00,108,289 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2009/08/18 13:08:07 | 00,185,089 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2006/02/28 12:42:38 | 00,229,376 | ---- | M] (Apple Computer, Inc.) -- C:\Program Files\Extensis\Extensis Suitcase 11\Bonjour\mDNSResponder.exe
PRC - [2008/11/10 06:43:40 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe
PRC - [2009/04/11 15:19:30 | 02,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\Explorer.EXE
PRC - [2009/01/07 12:40:56 | 00,348,752 | ---- | M] (PC Tools) -- C:\Program Files\Spyware Doctor\pctsAuxs.exe
PRC - [2009/07/22 22:44:48 | 01,097,096 | ---- | M] (PC Tools) -- C:\Program Files\Spyware Doctor\pctsSvc.exe
PRC - [2009/08/17 01:32:00 | 00,239,648 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2009/07/22 22:44:50 | 01,181,064 | ---- | M] (PC Tools) -- C:\Program Files\Spyware Doctor\pctsTray.exe
PRC - [2009/01/19 12:13:44 | 02,789,160 | ---- | M] (Wacom Technology, Corp.) -- C:\Windows\System32\Pen_Tablet.exe
PRC - [2009/01/19 12:14:44 | 00,186,664 | ---- | M] (Wacom Technology, Corp.) -- C:\Windows\System32\WTablet\Pen_TabletUser.exe
PRC - [2009/01/19 12:13:44 | 02,789,160 | ---- | M] (Wacom Technology, Corp.) -- C:\Windows\System32\Pen_Tablet.exe
PRC - [2009/03/02 13:08:11 | 00,209,153 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2008/10/25 11:44:34 | 00,031,072 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
PRC - [2009/04/11 15:19:03 | 01,233,920 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Sidebar\sidebar.exe
PRC - [2009/08/22 01:01:41 | 00,833,008 | ---- | M] (Google Inc.) -- C:\Users\Flox\AppData\Local\Google\Chrome\Application\chrome.exe
PRC - [2009/08/22 01:01:41 | 00,833,008 | ---- | M] (Google Inc.) -- C:\Users\Flox\AppData\Local\Google\Chrome\Application\chrome.exe
PRC - [2009/10/07 14:46:11 | 00,520,704 | ---- | M] (OldTimer Tools) -- C:\Users\Flox\Desktop\OTL.exe

========== Win32 Services (SafeList) ==========

SRV - [2008/08/15 05:46:20 | 00,284,016 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe -- (Adobe Version Cue CS4 [On_Demand | Stopped])
SRV - [2009/07/17 11:05:28 | 00,108,289 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService [Auto | Running])
SRV - [2009/08/18 13:08:07 | 00,185,089 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService [Auto | Running])
SRV - [2006/02/28 12:42:38 | 00,229,376 | ---- | M] (Apple Computer, Inc.) -- C:\Program Files\Extensis\Extensis Suitcase 11\Bonjour\mDNSResponder.exe -- (Bonjour Service [Auto | Running])
SRV - [2009/04/11 15:19:47 | 00,066,368 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32 [On_Demand | Stopped])
SRV - [2008/01/21 04:23:20 | 00,292,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehRecvr.exe -- (ehRecvr [On_Demand | Stopped])
SRV - [2006/11/02 14:34:14 | 00,131,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehsched.exe -- (ehSched [On_Demand | Stopped])
SRV - [2006/11/02 14:34:14 | 00,013,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehstart.dll -- (ehstart [Auto | Stopped])
SRV - [2009/04/11 15:19:14 | 01,017,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wevtsvc.dll -- (Eventlog [Auto | Running])
SRV - [2008/10/25 23:48:45 | 00,655,624 | ---- | M] (Acresso Software Inc.) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service [On_Demand | Stopped])
SRV - [2009/04/11 15:20:00 | 00,043,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe -- (FontCache3.0.0.0 [On_Demand | Stopped])
SRV - [2009/04/27 22:43:03 | 00,182,768 | ---- | M] (Google) -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc [On_Demand | Stopped])
SRV - [2005/04/04 00:41:10 | 00,069,632 | ---- | M] (Macrovision Corporation) -- C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe -- (IDriverT [On_Demand | Stopped])
SRV - [2009/04/11 15:20:00 | 00,879,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe -- (idsvc [Unknown | Stopped])
SRV - [2009/05/04 14:53:38 | 00,442,368 | ---- | M] (Enfocus, an EskoArtwork company) -- C:\Program Files\Enfocus\Enfocus Instant PDF 08\Application\InstantPDFService.exe -- (Instant PDF Service [Auto | Stopped])
SRV - [2008/11/10 06:43:40 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe -- (JavaQuickStarterService [Auto | Running])
SRV - [2009/09/01 08:07:48 | 00,234,864 | ---- | M] (CybelSoft) -- C:\Program Files\ma-config.com\maconfservice.exe -- (maconfservice [On_Demand | Stopped])
SRV - [2008/10/25 11:44:08 | 00,065,888 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe -- (Microsoft Office Groove Audit Service [On_Demand | Stopped])
SRV - [2009/04/11 15:20:03 | 00,129,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing [Disabled | Stopped])
SRV - [2009/08/17 02:41:48 | 00,215,584 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvvsvc.exe -- (nvsvc [Auto | Running])
SRV - [2008/11/04 01:06:28 | 00,441,712 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv [On_Demand | Stopped])
SRV - [2006/10/26 14:03:08 | 00,145,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose [On_Demand | Stopped])
SRV - [2009/01/07 12:40:56 | 00,348,752 | ---- | M] (PC Tools) -- C:\Program Files\Spyware Doctor\pctsAuxs.exe -- (sdAuxService [Auto | Running])
SRV - [2009/07/22 22:44:48 | 01,097,096 | ---- | M] (PC Tools) -- C:\Program Files\Spyware Doctor\pctsSvc.exe -- (sdCoreService [Auto | Running])
SRV - [2009/08/17 01:32:00 | 00,239,648 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service [Auto | Running])
SRV - [2009/01/19 12:13:44 | 02,789,160 | ---- | M] (Wacom Technology, Corp.) -- C:\Windows\System32\Pen_Tablet.exe -- (TabletServicePen [Auto | Running])
SRV - [2008/10/25 21:47:48 | 00,354,560 | ---- | M] (TuneUp Software GmbH) -- C:\Windows\System32\TuneUpDefragService.exe -- (TuneUp.Defrag [On_Demand | Stopped])
SRV - [2008/04/04 14:51:32 | 00,028,416 | ---- | M] (TuneUp Software GmbH) -- C:\Windows\System32\uxtuneup.dll -- (UxTuneUp [Auto | Stopped])
SRV - [2008/01/21 04:23:48 | 00,896,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc [Disabled | Stopped])

========== Driver Services (SafeList) ==========

DRV - [2008/08/14 07:57:42 | 00,074,720 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\System32\drivers\adfs.sys -- (adfs [Auto | Running])
DRV - [2008/01/21 04:21:29 | 00,422,968 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx [Disabled | Stopped])
DRV - [2008/01/21 04:21:33 | 00,300,600 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci [Disabled | Stopped])
DRV - [2008/01/21 04:21:34 | 00,101,432 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m [Disabled | Stopped])
DRV - [2008/01/21 04:21:35 | 00,149,560 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320 [Disabled | Stopped])
DRV - [2006/11/02 11:50:11 | 00,071,272 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx [Disabled | Stopped])
DRV - [2008/01/21 04:21:09 | 00,017,464 | ---- | M] (Acer Laboratories Inc.) -- C:\Windows\system32\drivers\aliide.sys -- (aliide [Disabled | Stopped])
DRV - [2007/10/12 03:40:12 | 00,009,096 | ---- | M] (Advanced Micro Devices) -- C:\Windows\system32\drivers\amdide.sys -- (amdide [Boot | Running])
DRV - [2008/01/21 04:21:32 | 00,079,416 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\arc.sys -- (arc [Disabled | Stopped])
DRV - [2008/01/21 04:21:32 | 00,079,928 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas [Disabled | Stopped])
DRV - [2009/02/13 12:34:33 | 00,011,608 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys -- (avgio [System | Running])
DRV - [2009/08/18 13:08:07 | 00,055,656 | ---- | M] (Avira GmbH) -- C:\Windows\System32\DRIVERS\avgntflt.sys -- (avgntflt [Auto | Running])
DRV - [2009/03/30 10:32:47 | 00,096,104 | ---- | M] (Avira GmbH) -- C:\Windows\System32\DRIVERS\avipbb.sys -- (avipbb [System | Running])
DRV - [2006/11/02 10:24:45 | 00,013,568 | ---- | M] (Brother Industries, Ltd.) -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo [On_Demand | Stopped])
DRV - [2006/11/02 10:24:46 | 00,005,248 | ---- | M] (Brother Industries, Ltd.) -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp [On_Demand | Stopped])
DRV - [2006/11/02 10:25:24 | 00,071,808 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\system32\drivers\brserid.sys -- (Brserid [Disabled | Stopped])
DRV - [2006/11/02 10:24:44 | 00,062,336 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm [Disabled | Stopped])
DRV - [2006/11/02 10:24:44 | 00,012,160 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm [Disabled | Stopped])
DRV - [2006/11/02 10:24:47 | 00,011,904 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer [On_Demand | Stopped])
DRV - [2008/01/21 04:21:09 | 00,019,000 | ---- | M] (CMD Technology, Inc.) -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide [Disabled | Stopped])
DRV - [2009/09/01 08:13:02 | 00,014,336 | ---- | M] (CybelSoft) -- C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys -- (driverhardwarev2 [On_Demand | Stopped])
DRV - [2008/01/21 04:21:33 | 00,118,784 | ---- | M] (Intel Corporation) -- C:\Windows\System32\DRIVERS\E1G60I32.sys -- (E1G60 [On_Demand | Stopped])
DRV - [2008/01/21 04:21:30 | 00,342,584 | ---- | M] (Emulex) -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor [Disabled | Stopped])
DRV - [2009/04/11 15:18:59 | 00,069,096 | ---- | M] (Hewlett-Packard Company) -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs [Disabled | Stopped])
DRV - [2008/01/21 04:21:31 | 00,235,064 | ---- | M] (Intel Corporation) -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV [Disabled | Stopped])
DRV - [2006/11/02 11:50:17 | 00,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp [Disabled | Stopped])
DRV - [2007/04/10 13:04:40 | 04,397,568 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\System32\drivers\RtkHDAud.sys -- (IntcAzAudAddService [On_Demand | Running])
DRV - [2006/11/02 11:50:07 | 00,035,944 | ---- | M] (Integrated Technology Express, Inc.) -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi [Disabled | Stopped])
DRV - [2006/11/02 11:50:09 | 00,035,944 | ---- | M] (Integrated Technology Express, Inc.) -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid [Disabled | Stopped])
DRV - [2008/10/09 15:42:42 | 00,017,408 | ---- | M] (Windows (R) Codename Longhorn DDK provider) -- C:\Windows\System32\DRIVERS\KMWDFILTER.sys -- (KMWDFILTER [On_Demand | Stopped])
DRV - [2008/01/21 04:21:31 | 00,096,312 | ---- | M] (LSI Logic) -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC [Disabled | Stopped])
DRV - [2008/01/21 04:21:33 | 00,089,656 | ---- | M] (LSI Logic) -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS [Disabled | Stopped])
DRV - [2008/01/21 04:21:31 | 00,096,312 | ---- | M] (LSI Logic) -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI [Disabled | Stopped])
DRV - [2008/01/21 04:21:35 | 00,031,288 | ---- | M] (LSI Corporation) -- C:\Windows\system32\drivers\megasas.sys -- (megasas [Disabled | Stopped])
DRV - [2008/01/21 04:21:35 | 00,386,616 | ---- | M] (LSI Corporation, Inc.) -- C:\Windows\system32\drivers\megasr.sys -- (MegaSR [Disabled | Stopped])
DRV - [2006/11/02 11:49:59 | 00,033,384 | ---- | M] (LSI Logic Corporation) -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x [Disabled | Stopped])
DRV - [2007/10/16 17:14:24 | 00,256,512 | ---- | M] (Marvell Semiconductor, Inc) -- C:\Windows\System32\DRIVERS\MRVW13B.sys -- (MRV6X32P [On_Demand | Stopped])
DRV - [2006/11/02 11:50:19 | 00,045,160 | ---- | M] (IBM Corporation) -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960 [Disabled | Stopped])
DRV - [2006/11/02 09:36:50 | 00,020,608 | ---- | M] (N-trig Innovative Technologies) -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi [Disabled | Stopped])
DRV - [2009/08/17 00:57:00 | 09,545,152 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\DRIVERS\nvlddmkm.sys -- (nvlddmkm [On_Demand | Running])
DRV - [2008/01/21 04:21:29 | 00,102,968 | ---- | M] (NVIDIA Corporation) -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid [Disabled | Stopped])
DRV - [2008/01/21 04:21:29 | 00,045,112 | ---- | M] (NVIDIA Corporation) -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor [Disabled | Stopped])
DRV - [2009/09/06 20:47:51 | 00,206,256 | ---- | M] (PC Tools) -- C:\Windows\system32\drivers\PCTCore.sys -- (PCTCore [Boot | Stopped])
DRV - [2008/02/06 03:00:00 | 00,044,608 | ---- | M] (Sonic Solutions) -- C:\Windows\System32\Drivers\PxHelp20.sys -- (PxHelp20 [Boot | Running])
DRV - [2008/01/21 04:21:33 | 01,122,360 | ---- | M] (QLogic Corporation) -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300 [Disabled | Stopped])
DRV - [2006/11/02 11:50:35 | 00,106,088 | ---- | M] (QLogic Corporation) -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx [Disabled | Stopped])
DRV - [2009/07/29 23:30:02 | 00,172,032 | ---- | M] (Realtek ) -- C:\Windows\System32\DRIVERS\Rtlh86.sys -- (RTL8169 [On_Demand | Running])
DRV - [2006/11/02 08:37:21 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\Windows\System32\drivers\secdrv.sys -- (secdrv [Auto | Running])
DRV - [2008/01/21 04:21:34 | 00,074,808 | ---- | M] (Silicon Integrated Systems) -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4 [Disabled | Stopped])
DRV - [2009/09/22 09:39:47 | 00,721,904 | ---- | M] () -- C:\Windows\System32\Drivers\sptd.sys -- (sptd [Boot | Running])
DRV - [2009/07/17 11:05:28 | 00,028,520 | ---- | M] (Avira GmbH) -- C:\Windows\System32\DRIVERS\ssmdrv.sys -- (ssmdrv [System | Running])
DRV - [2006/11/02 11:50:05 | 00,035,944 | ---- | M] (LSI Logic) -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx [Disabled | Stopped])
DRV - [2006/11/02 11:49:56 | 00,031,848 | ---- | M] (LSI Logic) -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi [Disabled | Stopped])
DRV - [2006/11/02 11:50:03 | 00,034,920 | ---- | M] (LSI Logic) -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3 [Disabled | Stopped])
DRV - [2008/01/21 04:21:28 | 00,238,648 | ---- | M] (ULi Electronics Inc.) -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci [Disabled | Stopped])
DRV - [2006/11/02 11:50:35 | 00,098,408 | ---- | M] (Promise Technology, Inc.) -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata [Disabled | Stopped])
DRV - [2008/01/21 04:21:31 | 00,115,816 | ---- | M] (Promise Technology, Inc.) -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2 [Disabled | Stopped])
DRV - [2008/01/21 04:21:09 | 00,020,024 | ---- | M] (VIA Technologies, Inc.) -- C:\Windows\system32\drivers\viaide.sys -- (viaide [Disabled | Stopped])
DRV - [2008/01/21 04:21:32 | 00,130,616 | ---- | M] (VIA Technologies Inc.,Ltd) -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid [Disabled | Stopped])
DRV - [2008/10/06 11:53:24 | 00,015,656 | ---- | M] (Wacom Technology) -- C:\Windows\System32\DRIVERS\wacmoumonitor.sys -- (wacmoumonitor [On_Demand | Running])
DRV - [2007/02/16 11:12:36 | 00,011,312 | ---- | M] (Wacom Technology) -- C:\Windows\System32\DRIVERS\wacommousefilter.sys -- (wacommousefilter [On_Demand | Running])
DRV - [2008/08/18 15:45:00 | 00,013,352 | ---- | M] (Wacom Technology) -- C:\Windows\System32\DRIVERS\wacomvhid.sys -- (wacomvhid [On_Demand | Running])
DRV - [2007/02/15 16:11:28 | 00,011,440 | ---- | M] (Wacom Technology) -- C:\Windows\System32\DRIVERS\WacomVKHid.sys -- (WacomVKHid [On_Demand | Running])

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie

IE - HKU\.DEFAULT\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-602162358-1417001333-1801674531-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
IE - HKU\S-1-5-21-602162358-1417001333-1801674531-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\S-1-5-21-602162358-1417001333-1801674531-1003\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKU\S-1-5-21-602162358-1417001333-1801674531-1003\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
IE - HKU\S-1-5-21-602162358-1417001333-1801674531-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKU\S-1-5-21-602162358-1417001333-1801674531-1003\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKU\S-1-5-21-602162358-1417001333-1801674531-1003\S-1-5-21-602162358-1417001333-1801674531-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-602162358-1417001333-1801674531-1003\S-1-5-21-602162358-1417001333-1801674531-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.update: false
FF - prefs.js..browser.startup.homepage: "http://www.google.fr/"
FF - prefs.js..extensions.enabledItems: {6AC85730-7D0F-4de0-B3FA-21142DD85326}:2.0
FF - prefs.js..extensions.enabledItems: firebug@software.joehewitt.com:1.4.2
FF - prefs.js..extensions.enabledItems: {3b56bcc7-54e5-44a2-9b44-66c3ef58c13e}:0.8.5.2
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA}:6.0.10
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}:6.0.11
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {bb628310-0ab7-11db-9cd8-0800200c9a66}:3.0.4.0
FF - prefs.js..extensions.enabledItems: {20a82645-c095-46ed-80e3-08825760534b}:1.0
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.0.14
FF - prefs.js..keyword.URL: "http://search.live.com/results.aspx?mkt=fr-FR&FORM=MIMWA2&q="

FF - HKLM\software\mozilla\Firefox\extensions\\jqs@sun.com: C:\Program Files\Java\jre6\lib\deploy\jqs\ff [2009/09/13 21:42:30 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\extensions\\{20a82645-c095-46ed-80e3-08825760534b}: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2009/09/14 00:27:13 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.14\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2009/10/05 18:58:51 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.14\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2009/09/27 07:41:50 | 00,000,000 | ---D | M]

[2009/09/13 22:00:20 | 00,000,000 | ---D | M] -- C:\Users\Flox\AppData\Roaming\mozilla\Extensions
[2008/10/25 21:13:41 | 00,000,000 | ---D | M] -- C:\Users\Flox\AppData\Roaming\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2009/09/14 00:52:42 | 00,000,000 | ---D | M] -- C:\Users\Flox\AppData\Roaming\mozilla\Firefox\Profiles\eticczpt.default\extensions
[2009/09/13 22:00:23 | 00,000,000 | ---D | M] -- C:\Users\Flox\AppData\Roaming\mozilla\Firefox\Profiles\eticczpt.default\extensions\{3b56bcc7-54e5-44a2-9b44-66c3ef58c13e}
[2009/09/13 22:00:25 | 00,000,000 | ---D | M] -- C:\Users\Flox\AppData\Roaming\mozilla\Firefox\Profiles\eticczpt.default\extensions\{6AC85730-7D0F-4de0-B3FA-21142DD85326}
[2009/09/13 23:10:47 | 00,000,000 | ---D | M] -- C:\Users\Flox\AppData\Roaming\mozilla\Firefox\Profiles\eticczpt.default\extensions\{bb628310-0ab7-11db-9cd8-0800200c9a66}
[2009/09/13 22:00:22 | 00,000,000 | ---D | M] -- C:\Users\Flox\AppData\Roaming\mozilla\Firefox\Profiles\eticczpt.default\extensions\firebug@software.joehewitt.com
[2009/03/08 13:10:43 | 00,001,775 | ---- | M] () -- C:\Users\Flox\AppData\Roaming\Mozilla\FireFox\Profiles\eticczpt.default\searchplugins\live-search.xml
[2009/09/14 00:52:42 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions
[2009/09/27 07:41:50 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2009/09/13 21:43:05 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA}
[2009/09/13 21:43:05 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}
[2009/09/27 07:41:36 | 00,023,032 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browserdirprovider.dll
[2009/09/27 07:41:36 | 00,134,648 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\brwsrcmp.dll
[2009/05/01 23:02:48 | 01,044,480 | ---- | M] (The OpenSSL Project, http://www.openssl.org/) -- C:\Program Files\mozilla firefox\plugins\libdivx.dll
[2006/05/29 16:40:26 | 07,296,000 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\libvlc.dll
[2009/01/16 20:17:04 | 00,114,688 | ---- | M] (Adobe Systems, Inc.) -- C:\Program Files\mozilla firefox\plugins\np32dsw.dll
[2008/11/10 06:43:30 | 00,410,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeploytk.dll
[2009/05/12 20:46:20 | 01,650,992 | ---- | M] (DivX,Inc.) -- C:\Program Files\mozilla firefox\plugins\npdivx32.dll
[2009/05/19 00:41:32 | 00,098,304 | ---- | M] (DivX, Inc) -- C:\Program Files\mozilla firefox\plugins\npDivxPlayerPlugin.dll
[2007/02/12 21:30:16 | 00,164,352 | ---- | M] (Indiepath Ltd) -- C:\Program Files\mozilla firefox\plugins\npigl.dll
[2009/09/27 07:41:42 | 00,065,528 | ---- | M] (mozilla.org) -- C:\Program Files\mozilla firefox\plugins\npnul32.dll
[2006/10/26 20:12:16 | 00,016,192 | ---- | M] (Microsoft Corporation) -- C:\Program Files\mozilla firefox\plugins\NPOFF12.DLL
[2008/06/11 22:45:28 | 00,103,792 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\mozilla firefox\plugins\nppdf32.dll
[2009/01/19 14:37:02 | 00,144,984 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\mozilla firefox\plugins\nppl3260.dll
[2009/02/16 18:02:26 | 00,126,976 | ---- | M] (Apple Computer, Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin.dll
[2009/02/16 18:02:26 | 00,126,976 | ---- | M] (Apple Computer, Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll
[2009/02/16 18:02:26 | 00,126,976 | ---- | M] (Apple Computer, Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll
[2009/02/16 18:02:26 | 00,126,976 | ---- | M] (Apple Computer, Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll
[2009/02/16 18:02:27 | 00,126,976 | ---- | M] (Apple Computer, Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll
[2009/02/16 18:02:27 | 00,126,976 | ---- | M] (Apple Computer, Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin6.dll
[2009/01/19 14:37:13 | 00,024,576 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\mozilla firefox\plugins\nprjplug.dll
[2009/01/19 14:36:57 | 00,081,920 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\mozilla firefox\plugins\nprpjplug.dll
[2009/05/01 23:02:48 | 00,200,704 | ---- | M] (The OpenSSL Project, http://www.openssl.org/) -- C:\Program Files\mozilla firefox\plugins\ssldivx.dll
[2009/09/27 07:41:44 | 00,001,516 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-france.xml
[2009/09/27 07:41:44 | 00,000,757 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-france.xml
[2009/09/27 07:41:44 | 00,001,706 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\google.xml
[2009/09/27 07:41:44 | 00,000,748 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\MediaDICO-fr.xml
[2009/09/27 07:41:44 | 00,001,426 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-fr.xml
[2009/09/27 07:41:44 | 00,000,652 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-france.xml

O1 HOSTS File: (610124 bytes) - C:\Windows\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 ad.a8.net
O1 - Hosts: 127.0.0.1 asy.a8ww.net
O1 - Hosts: 127.0.0.1 acezip.net #[SiteAdvisor.acezip.net]
O1 - Hosts: 127.0.0.1 www.acezip.net #[Win32/Adware.180Solutions]
O1 - Hosts: 127.0.0.1 phpadsnew.abac.com
O1 - Hosts: 127.0.0.1 a.abnad.net
O1 - Hosts: 127.0.0.1 b.abnad.net
O1 - Hosts: 127.0.0.1 c.abnad.net #[eTrust.Tracking.Cookie]
O1 - Hosts: 127.0.0.1 d.abnad.net
O1 - Hosts: 127.0.0.1 e.abnad.net
O1 - Hosts: 127.0.0.1 t.abnad.net
O1 - Hosts: 127.0.0.1 z.abnad.net
O1 - Hosts: 127.0.0.1 banners.absolpublisher.com
O1 - Hosts: 127.0.0.1 tracking.absolstats.com
O1 - Hosts: 127.0.0.1 adv.abv.bg
O1 - Hosts: 127.0.0.1 bimg.abv.bg
O1 - Hosts: 127.0.0.1 www2.a-counter.kiev.ua
O1 - Hosts: 127.0.0.1 track.acclaimnetwork.com
O1 - Hosts: 127.0.0.1 accuserveadsystem.com
O1 - Hosts: 127.0.0.1 www.accuserveadsystem.com
O1 - Hosts: 127.0.0.1 gtb5.acecounter.com
O1 - Hosts: 127.0.0.1 gtb19.acecounter.com
O1 - Hosts: 127.0.0.1 gtcc1.acecounter.com
O1 - Hosts: 127.0.0.1 gtp1.acecounter.com #[eTrust.Tracking.Cookie]
O1 - Hosts: 16290 more lines...
O2 - BHO: (ContributeBHO Class) - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files\Adobe\Adobe Contribute CS4\contributeieplugin.dll (Adobe Systems Incorporated.)
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Ript) - {91D9091B-2046-42f7-903E-1215A29E21EA} - C:\Program Files\Ript\mscoree.dll (Microsoft Corporation)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.15642\swg.dll File not found
O2 - BHO: (Google Dictionary Compression sdch) - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll (Google Inc.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (no name) - {F880A4A8-C436-4AC4-AFD1-AA0BDC9552DD} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Contribute Toolbar) - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files\Adobe\Adobe Contribute CS4\contributeieplugin.dll (Adobe Systems Incorporated.)
O3 - HKU\S-1-5-21-602162358-1417001333-1801674531-1003\..\Toolbar\ShellBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKU\S-1-5-21-602162358-1417001333-1801674531-1003\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKU\S-1-5-21-602162358-1417001333-1801674531-1003\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [GrooveMonitor] C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe (Microsoft Corporation)
O4 - HKLM..\Run: [ISTray] C:\Program Files\Spyware Doctor\pctsTray.exe (PC Tools)
O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-602162358-1417001333-1801674531-1003..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-602162358-1417001333-1801674531-1003..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe (Microsoft Corporation)
O4 - Startup: C:\Users\Flox\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\GIGABYTE VGA Utility.lnk = C:\Users\Flox\AppData\Roaming\Microsoft\Installer\{D27BDB5D-3B4C-44F0-A648-BD00B0E79B39}\Utility.exe2_D27BDB5D3B4C44F0A648BD00B0E79B39.exe (Macrovision Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: BindDirectlyToPropertySetStorage = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O7 - HKU\S-1-5-21-602162358-1417001333-1801674531-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Ajouter à un fichier PDF existant - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Ajouter la cible du lien à un fichier PDF existant - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convertir au format Adobe PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convertir la cible du lien au format Adobe PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: E&xporter vers Microsoft Excel - C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE File not found
O8 - Extra context menu item: SmarThru4 Capture Selection - C:\Program Files\SmarThru 4\WebCapture.dll2.htm File not found
O8 - Extra context menu item: SmarThru4 Enregistrer au format HTML - C:\Program Files\SmarThru 4\WebCapture.dll1.htm File not found
O8 - Extra context menu item: SmarThru4 Enregistrer le texte sélectionné - C:\Program Files\SmarThru 4\WebCapture.dll.htm File not found
O8 - Extra context menu item: SmarThru4 Save as HTML - C:\Program Files\SmarThru 4\WebCapture.dll1.htm File not found
O8 - Extra context menu item: SmarThru4 Save Selected Text - C:\Program Files\SmarThru 4\WebCapture.dll.htm File not found
O8 - Extra context menu item: SmarThru4 Sélection par capture - C:\Program Files\SmarThru 4\WebCapture.dll2.htm File not found
O8 - Extra context menu item: SmarThru4 Web Capture - C:\Program Files\SmarThru 4\WebCapture.dll File not found
O9 - Extra Button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programmes\Microsoft Office\Office12\ONBttnIE.dll File not found
O9 - Extra 'Tools' menuitem : &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programmes\Microsoft Office\Office12\ONBttnIE.dll File not found
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programmes\Microsoft Office\Office12\REFIEBAR.DLL File not found
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\Windows\Network Diagnostic\xpnetdiag.exe (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\System32\NLAapi.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Extensis\Extensis Suitcase 11\Bonjour\mdnsNSP.dll (Apple Computer, Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\System32\napinsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\System32\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Windows\System32\pnrpnsp.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} http://upload.facebook.com/controls/200 ... oader5.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macromedia.com/pub/shoc ... tor/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shoc ... wflash.cab (Shockwave Flash Object)
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programmes\Common Files\System\Ole DB\MSDAIPP.DLL File not found
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programmes\Common Files\System\Ole DB\MSDAIPP.DLL File not found
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programmes\Common Files\System\Ole DB\MSDAIPP.DLL File not found
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programmes\Common Files\System\Ole DB\MSDAIPP.DLL File not found
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programmes\Common Files\System\Ole DB\MSDAIPP.DLL File not found
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programmes\Common Files\System\Ole DB\MSDAIPP.DLL File not found
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programmes\Common Files\System\Ole DB\MSDAIPP.DLL File not found
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Filter: - text/xml - C:\Programmes\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\Explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: GinaDLL - (MrvGINA.dll) - File not found
O24 - Desktop Components:0 (Ma page d'accueil) - About:Home
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 23:43:36 | 00,000,024 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2008/09/09 01:15:12 | 00,000,000 | ---- | M] () - D:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\Windows\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - File not found
O35 - comfile [open] -- "%1" %* File not found
O35 - exefile [open] -- "%1" %* File not found

========== Files/Folders - Created Within 30 Days ==========

[2009/09/13 22:19:08 | 00,000,000 | -HSD | C] -- C:\ProgramData\Bureau
[2009/09/13 22:19:08 | 00,000,000 | -HSD | C] -- C:\ProgramData\Favoris
[2009/10/07 15:00:15 | 00,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2009/09/13 22:19:08 | 00,000,000 | -HSD | C] -- C:\ProgramData\Menu Démarrer
[2009/09/13 19:51:03 | 00,000,000 | ---D | C] -- C:\ProgramData\Microsoft Corporation
[2009/09/13 22:19:09 | 00,000,000 | -HSD | C] -- C:\ProgramData\Modèles
[2009/09/13 23:22:45 | 00,000,000 | ---D | C] -- C:\ProgramData\NVIDIA
[2009/09/18 14:30:16 | 00,000,000 | ---D | C] -- C:\ProgramData\Ript
[2009/09/13 21:27:25 | 00,000,000 | ---D | C] -- C:\Users\Flox\AppData\Roaming
[2009/09/14 11:53:38 | 00,000,000 | ---D | C] -- C:\Users\Flox\AppData\Roaming\Canon
[2009/09/22 14:19:24 | 00,000,000 | ---D | C] -- C:\Users\Flox\AppData\Roaming\Corel
[2009/09/22 09:35:40 | 00,000,000 | ---D | C] -- C:\Users\Flox\AppData\Roaming\DAEMON Tools Lite
[2009/09/18 14:30:28 | 00,000,000 | ---D | C] -- C:\Users\Flox\AppData\Roaming\FastStone
[2009/10/07 14:53:22 | 00,000,000 | ---D | C] -- C:\Users\Flox\AppData\Roaming\Malwarebytes
[2009/09/13 21:27:25 | 00,000,000 | ---D | C] -- C:\Users\Flox\AppData\Roaming\Media Center Programs
[2009/09/13 21:27:25 | 00,000,000 | --SD | C] -- C:\Users\Flox\AppData\Roaming\Microsoft
[2009/09/18 14:30:16 | 00,000,000 | ---D | C] -- C:\Users\Flox\AppData\Roaming\Ript
[2009/09/22 09:09:31 | 00,000,000 | ---D | C] -- C:\Users\Flox\AppData\Roaming\WTablet
[2009/09/13 21:27:25 | 00,000,000 | -HSD | C] -- C:\Users\Flox\AppData\Local\Application Data
[2009/09/13 21:27:25 | 00,000,000 | -HSD | C] -- C:\Users\Flox\AppData\Local\Historique
[2009/09/13 21:27:25 | 00,000,000 | ---D | C] -- C:\Users\Flox\AppData\Local\Microsoft
[2009/09/14 01:03:35 | 00,000,000 | ---D | C] -- C:\Users\Flox\AppData\Local\Microsoft Games
[2009/09/13 22:46:09 | 00,000,000 | ---D | C] -- C:\Users\Flox\AppData\Local\Quark
[2009/09/18 14:30:16 | 00,000,000 | ---D | C] -- C:\Users\Flox\AppData\Local\Ript
[2009/09/13 21:27:25 | 00,000,000 | ---D | C] -- C:\Users\Flox\AppData\Local\Temp
[2009/09/13 21:27:25 | 00,000,000 | -HSD | C] -- C:\Users\Flox\AppData\Local\Temporary Internet Files
[2009/09/13 23:52:31 | 00,000,000 | ---D | C] -- C:\Users\Flox\AppData\Local\VirtualStore
[2009/09/13 21:42:04 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\SpeechEngines
[2009/09/18 15:29:29 | 00,000,000 | ---D | C] -- C:\Program Files\Ambient Design
[2009/09/14 15:29:03 | 00,000,000 | ---D | C] -- C:\Program Files\BitLocker
[2009/09/22 09:42:41 | 00,000,000 | ---D | C] -- C:\Program Files\Corel
[2009/09/18 14:30:25 | 00,000,000 | ---D | C] -- C:\Program Files\FastStone Capture
[2009/09/13 22:19:09 | 00,000,000 | -HSD | C] -- C:\Program Files\Fichiers communs
[2009/10/07 15:00:15 | 00,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2009/09/14 15:13:08 | 00,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2009/09/13 19:50:36 | 00,000,000 | ---D | C] -- C:\Program Files\Microsoft Windows Vista Upgrade Advisor
[2009/09/13 23:22:34 | 00,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation
[2009/09/18 14:29:53 | 00,000,000 | ---D | C] -- C:\Program Files\Ript
[2009/09/18 15:14:59 | 00,000,000 | ---D | C] -- C:\Program Files\Shape Collage
[2009/09/22 09:04:59 | 00,000,000 | ---D | C] -- C:\Program Files\Tablet
[2009/09/18 14:34:36 | 00,000,000 | ---D | C] -- C:\Program Files\Veign
[2009/09/13 22:35:52 | 00,000,000 | ---D | C] -- C:\Program Files\Yamicsoft
[2009/10/12 16:39:13 | 00,000,000 | ---D | C] -- C:\RootRepeal
[2009/10/09 12:08:27 | 00,000,000 | ---D | C] -- C:\Users\Flox\Documents\Nouveau dossier
[2009/10/07 15:00:16 | 00,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2009/10/07 15:00:15 | 00,019,160 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2009/10/07 14:46:53 | 04,045,528 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\Flox\Desktop\mbam-setup.exe
[2009/10/07 14:45:13 | 00,520,704 | ---- | C] (OldTimer Tools) -- C:\Users\Flox\Desktop\OTL.exe
[2009/10/02 13:26:01 | 00,000,000 | ---D | C] -- C:\Users\Flox\Desktop\2009_10_02
[2009/09/29 11:55:26 | 00,000,000 | ---D | C] -- C:\Users\Flox\Desktop\2009_09_29
[2009/09/22 11:34:13 | 00,000,000 | ---D | C] -- C:\Users\Flox\Desktop\2009_09_22
[2009/09/22 09:09:27 | 04,257,576 | ---- | C] (Wacom Technology, Corp.) -- C:\Windows\System32\PenTablet.cpl
[2009/09/22 09:08:52 | 00,011,440 | ---- | C] (Wacom Technology) -- C:\Windows\System32\drivers\WacomVKHid.sys
[2009/09/22 09:07:50 | 00,013,352 | ---- | C] (Wacom Technology) -- C:\Windows\System32\drivers\wacomvhid.sys
[2009/09/22 09:07:50 | 00,011,312 | ---- | C] (Wacom Technology) -- C:\Windows\System32\drivers\wacommousefilter.sys
[2009/09/22 09:05:02 | 00,015,656 | ---- | C] (Wacom Technology) -- C:\Windows\System32\drivers\wacmoumonitor.sys
[2009/09/22 09:05:02 | 00,000,000 | ---D | C] -- C:\Windows\System32\WTablet
[2009/09/22 09:05:00 | 02,789,160 | ---- | C] (Wacom Technology, Corp.) -- C:\Windows\System32\Pen_Tablet.exe
[2009/09/22 09:05:00 | 00,217,384 | ---- | C] (Wacom Technology, Corp.) -- C:\Windows\System32\Pen_Tablet.dll
[2009/09/22 09:05:00 | 00,172,840 | ---- | C] (Wacom Technology, Corp.) -- C:\Windows\System32\Wintab32.dll
[2009/09/18 14:34:37 | 00,244,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msflxgrd.ocx
[2009/09/18 14:34:37 | 00,233,472 | ---- | C] (DSX) -- C:\Windows\System32\XDockFloat.dll
[2009/09/18 14:34:37 | 00,212,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\richtx32.ocx
[2009/09/18 14:34:37 | 00,167,936 | ---- | C] (Common Controls Replacement Project (CCRP)) -- C:\Windows\System32\ccrpftv6.ocx
[2009/09/18 14:34:37 | 00,094,208 | ---- | C] (vbAccelerator) -- C:\Windows\System32\vbalIml6.ocx
[2009/09/18 14:34:37 | 00,065,536 | ---- | C] (vbAccelerator) -- C:\Windows\System32\vbalIcoM6.dll
[2009/09/14 15:13:11 | 01,171,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SecureKeyBackupCPL.dll
[2009/09/14 15:12:40 | 00,000,000 | ---D | C] -- C:\Windows\System32\zh-TW
[2009/09/14 15:12:40 | 00,000,000 | ---D | C] -- C:\Windows\System32\zh-CN
[2009/09/14 15:12:39 | 00,000,000 | ---D | C] -- C:\Windows\System32\ko-KR
[2009/09/14 15:12:39 | 00,000,000 | ---D | C] -- C:\Windows\System32\ja-JP
[2009/09/14 01:09:05 | 00,000,000 | ---D | C] -- C:\Windows\System32\WindowsPowerShell
[2009/09/14 00:50:14 | 00,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2009/09/14 00:43:37 | 00,233,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DreamScene.dll
[2009/09/14 00:41:21 | 03,851,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_39.dll
[2009/09/14 00:35:38 | 00,000,000 | ---D | C] -- C:\Windows\PCHEALTH
[2009/09/14 00:30:34 | 00,675,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gpprefcl.dll
[2009/09/14 00:23:50 | 10,628,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmp.dll
[2009/09/14 00:23:49 | 00,313,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpdxm.dll
[2009/09/14 00:23:49 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdxm.ocx
[2009/09/14 00:23:49 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxmasf.dll
[2009/09/14 00:23:48 | 08,147,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmploc.DLL
[2009/09/14 00:23:48 | 00,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdxm.tlb
[2009/09/14 00:23:48 | 00,018,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\amcompat.tlb
[2009/09/14 00:23:48 | 00,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spwmp.dll
[2009/09/14 00:23:37 | 00,904,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\tcpip.sys
[2009/09/14 00:23:37 | 00,105,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netiohlp.dll
[2009/09/14 00:23:37 | 00,027,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NETSTAT.EXE
[2009/09/14 00:23:36 | 00,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\tcpipreg.sys
[2009/09/14 00:23:36 | 00,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ARP.EXE
[2009/09/14 00:23:36 | 00,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ROUTE.EXE
[2009/09/14 00:23:36 | 00,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netevent.dll
[2009/09/14 00:23:36 | 00,011,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MRINFO.EXE
[2009/09/14 00:23:36 | 00,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\finger.exe
[2009/09/14 00:23:36 | 00,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TCPSVCS.EXE
[2009/09/14 00:23:36 | 00,008,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\HOSTNAME.EXE
[2009/09/14 00:22:46 | 00,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\atl.dll
[2009/09/14 00:22:38 | 03,599,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.dll
[2009/09/14 00:22:37 | 06,079,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieframe.dll
[2009/09/14 00:22:33 | 01,167,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\urlmon.dll
[2009/09/14 00:22:33 | 00,828,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wininet.dll
[2009/09/14 00:22:33 | 00,180,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2009/09/14 00:22:33 | 00,078,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieencode.dll
[2009/09/14 00:22:25 | 00,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Apphlpdm.dll
[2009/09/14 00:22:24 | 04,240,384 | ---- | C] (Microsoft) -- C:\Windows\System32\GameUXLegacyGDFs.dll
[2009/09/14 00:21:57 | 00,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wkssvc.dll
[2009/09/14 00:21:51 | 02,868,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mf.dll
[2009/09/14 00:21:51 | 02,386,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVCORE.DLL
[2009/09/14 00:21:42 | 00,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlanmsm.dll
[2009/09/14 00:21:42 | 00,127,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\L2SecHC.dll
[2009/09/14 00:21:41 | 00,302,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlansec.dll
[2009/09/14 00:21:40 | 00,513,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlansvc.dll
[2009/09/14 00:21:40 | 00,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlanapi.dll
[2009/09/14 00:21:35 | 02,066,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstscax.dll
[2009/09/14 00:21:33 | 01,259,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\lsasrv.dll
[2009/09/14 00:21:33 | 00,499,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\kerberos.dll
[2009/09/14 00:21:33 | 00,439,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ksecdd.sys
[2009/09/14 00:21:33 | 00,270,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\schannel.dll
[2009/09/14 00:21:33 | 00,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msv1_0.dll
[2009/09/14 00:21:33 | 00,175,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wdigest.dll
[2009/09/14 00:21:32 | 00,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secur32.dll
[2009/09/14 00:21:32 | 00,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\lsass.exe
[2009/09/14 00:21:15 | 02,034,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2009/09/14 00:21:12 | 00,289,792 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll
[2009/09/14 00:21:12 | 00,156,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\t2embed.dll
[2009/09/14 00:21:12 | 00,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fontsub.dll
[2009/09/14 00:21:12 | 00,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\lpk.dll
[2009/09/14 00:21:12 | 00,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dciman32.dll
[2009/09/14 00:21:10 | 00,784,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rpcrt4.dll
[2009/09/14 00:20:21 | 00,091,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\avifil32.dll
[2009/09/14 00:20:20 | 00,623,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\localspl.dll
[2009/09/14 00:20:18 | 00,512,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll
[2009/09/13 23:26:35 | 00,000,000 | -H-D | C] -- C:\Windows\Icons
[2009/09/13 23:19:08 | 00,000,000 | ---D | C] -- C:\NVIDIA
[2009/09/13 23:14:52 | 00,172,032 | ---- | C] (Realtek ) -- C:\Windows\System32\drivers\Rtlh86.sys
[2009/09/13 23:14:52 | 00,094,208 | ---- | C] (Realtek Semiconductor Corporation) -- C:\Windows\System32\RTNUninst32.dll
[2009/09/13 22:23:05 | 01,809,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuaueng.dll
[2009/09/13 22:23:05 | 01,524,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wucltux.dll
[2009/09/13 22:23:05 | 00,051,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuauclt.exe
[2009/09/13 22:23:05 | 00,043,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups2.dll
[2009/09/13 22:22:38 | 00,561,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapi.dll
[2009/09/13 22:22:38 | 00,083,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wudriver.dll
[2009/09/13 22:22:38 | 00,034,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups.dll
[2009/09/13 22:22:22 | 00,162,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuwebv.dll
[2009/09/13 22:22:22 | 00,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapp.exe
[2009/09/13 22:19:09 | 00,000,000 | -HSD | C] -- C:\Users\Public\Documents\Mes vidéos
[2009/09/13 22:19:09 | 00,000,000 | -HSD | C] -- C:\Users\Public\Documents\Mes images
[2009/09/13 22:19:09 | 00,000,000 | -HSD | C] -- C:\Users\Public\Documents\Ma musique
[2009/09/13 22:13:58 | 00,000,000 | ---D | C] -- C:\Windows\Panther
[2009/09/13 22:13:40 | 16,126,464 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\RTHDCPL.EXE
[2009/09/13 22:13:40 | 09,715,200 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\RTLCPL.EXE
[2009/09/13 22:13:40 | 04,397,568 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\drivers\RtkHDAud.sys
[2009/09/13 22:13:40 | 02,808,832 | ---- | C] (RealTek Semicoductor Corp.) -- C:\Windows\ALCWZRD.EXE
[2009/09/13 22:13:40 | 02,157,568 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\MicCal.exe
[2009/09/13 22:13:40 | 01,822,720 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SkyTel.exe
[2009/09/13 22:13:40 | 01,191,936 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\RtlUpd.exe
[2009/09/13 22:13:40 | 00,299,008 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\ALSNDMGR.CPL
[2009/09/13 22:13:40 | 00,282,624 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RTSndMgr.CPL
[2009/09/13 22:13:40 | 00,086,016 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SOUNDMAN.EXE
[2009/09/13 22:13:40 | 00,069,632 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\ALCMTR.EXE
[2009/09/13 22:10:47 | 00,000,000 | ---D | C] -- C:\Windows\Debug
[2009/09/13 21:27:25 | 00,000,000 | -HSD | C] -- C:\Users\Flox\Documents\Mes vidéos
[2009/09/13 21:27:25 | 00,000,000 | -HSD | C] -- C:\Users\Flox\Documents\Mes images
[2009/09/13 21:27:25 | 00,000,000 | -HSD | C] -- C:\Users\Flox\Documents\Ma musique
[2009/09/13 21:24:23 | 00,000,000 | ---D | C] -- C:\Windows\System32\RTCOM
[2009/09/13 21:20:30 | 00,000,000 | ---D | C] -- C:\Windows\CSC
[2009/09/13 21:15:05 | 00,000,000 | ---D | C] -- C:\Windows\Prefetch
[2009/09/13 20:49:13 | 00,000,000 | -HSD | C] -- C:\Boot

========== Files - Modified Within 30 Days ==========

[2009/10/12 17:50:13 | 00,000,416 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{6C5D8E40-C3CA-448D-99E9-5E95EF80DE63}.job
[2009/10/12 16:56:11 | 01,510,272 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2009/10/12 16:56:11 | 00,683,446 | ---- | M] () -- C:\Windows\System32\perfh00C.dat
[2009/10/12 16:56:11 | 00,599,416 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2009/10/12 16:56:11 | 00,130,186 | ---- | M] () -- C:\Windows\System32\perfc00C.dat
[2009/10/12 16:56:11 | 00,106,532 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2009/10/12 16:51:16 | 00,096,848 | ---- | M] () -- C:\Windows\System32\GDIPFONTCACHEV1.DAT
[2009/10/12 16:50:40 | 00,003,568 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2009/10/12 16:50:40 | 00,003,568 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2009/10/12 16:50:17 | 06,964,984 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2009/10/12 16:50:16 | 00,032,784 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2009/10/12 16:50:15 | 00,032,784 | ---- | M] () -- C:\ProgramData\nvModes.001
[2009/10/12 16:50:11 | 00,002,649 | ---- | M] () -- C:\Users\Flox\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\GIGABYTE VGA Utility.lnk
[2009/10/12 16:49:37 | 00,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2009/10/12 16:49:33 | 00,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2009/10/12 16:47:28 | 03,680,816 | -H-- | M] () -- C:\Users\Flox\AppData\Local\IconCache.db
[2009/10/12 16:38:37 | 00,464,491 | ---- | M] () -- C:\Users\Flox\Desktop\RootRepeal.zip
[2009/10/11 21:21:42 | 00,010,488 | ---- | M] () -- C:\Users\Flox\Desktop\L.docx
[2009/10/07 15:00:18 | 00,000,818 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2009/10/07 14:51:27 | 04,045,528 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\Flox\Desktop\mbam-setup.exe
[2009/10/07 14:46:11 | 00,520,704 | ---- | M] (OldTimer Tools) -- C:\Users\Flox\Desktop\OTL.exe
[2009/10/07 09:33:27 | 00,000,160 | ---- | M] () -- C:\Users\Flox\Desktop\ColorPic.ini
[2009/10/07 09:33:27 | 00,000,000 | ---- | M] () -- C:\Users\Flox\Desktop\palettes.xml
[2009/10/06 11:58:30 | 00,013,515 | ---- | M] () -- C:\Users\Flox\Desktop\DEVELOPPEUR LOGICIEL.docx
[2009/10/06 11:57:07 | 00,056,955 | ---- | M] () -- C:\Users\Flox\Desktop\DEVELOPPEUR LOGICIEL.pdf
[2009/10/06 10:15:00 | 00,109,495 | ---- | M] () -- C:\Users\Flox\Desktop\cvitae.pdf
[2009/09/30 15:07:16 | 00,095,692 | ---- | M] () -- C:\Users\Flox\Desktop\Magnificent.ttf
[2009/09/28 11:03:23 | 00,140,966 | ---- | M] () -- C:\Users\Flox\Desktop\GBEA.N.pdf
[2009/09/26 07:23:27 | 00,061,440 | ---- | M] () -- C:\Users\Flox\Desktop\Livre 1.indb
[2009/09/25 11:33:42 | 00,046,167 | ---- | M] () -- C:\Users\Flox\Desktop\cv-f-schule.pdf
[2009/09/24 07:28:54 | 00,044,261 | ---- | M] () -- C:\Users\Flox\Desktop\cv-f.schule.pdf
[2009/09/22 09:39:47 | 00,721,904 | ---- | M] () -- C:\Windows\System32\drivers\sptd.sys
[2009/09/22 09:21:16 | 00,012,288 | ---- | M] () -- C:\Users\Flox\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/09/21 20:49:54 | 34,493,134 | ---- | M] () -- C:\Users\Flox\Desktop\alex.psd
[2009/09/20 20:31:14 | 00,138,008 | ---- | M] () -- C:\Users\Flox\Desktop\cousins.jpg
[2009/09/20 20:31:07 | 00,140,402 | ---- | M] () -- C:\Users\Flox\Desktop\filles.jpg
[2009/09/19 18:21:44 | 07,983,819 | ---- | M] () -- C:\Users\Flox\Desktop\enf.psd
[2009/09/18 15:14:59 | 00,000,864 | ---- | M] () -- C:\Users\Public\Desktop\Shape Collage.lnk
[2009/09/18 14:55:09 | 00,000,847 | ---- | M] () -- C:\Users\Public\Desktop\Cfont Pro.lnk
[2009/09/18 14:30:26 | 00,000,872 | ---- | M] () -- C:\Users\Public\Desktop\FastStone Capture.lnk
[2009/09/18 14:29:55 | 00,001,636 | ---- | M] () -- C:\Users\Public\Desktop\Ript.lnk
[2009/09/17 14:15:40 | 00,001,853 | ---- | M] () -- C:\Users\Flox\Desktop\photos_famille - Raccourci.lnk
[2009/09/16 09:52:52 | 00,788,256 | ---- | M] () -- C:\Users\Flox\Documents\FM bois (2).pdf
[2009/09/16 09:49:22 | 00,353,379 | ---- | M] () -- C:\Users\Flox\Documents\Copie de FM bois (2).pdf
[2009/09/14 10:42:59 | 00,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_00_00.Wdf
[2009/09/14 00:32:58 | 00,000,552 | ---- | M] () -- C:\Windows\win.ini
[2009/09/13 23:25:51 | 00,000,680 | ---- | M] () -- C:\Users\Flox\AppData\Local\d3d9caps.dat
[2009/09/13 22:15:28 | 00,448,550 | ---- | M] () -- C:\Windows\System32\license.rtf
[2009/09/13 22:13:43 | 00,008,192 | R-S- | M] () -- C:\BOOTSECT.BAK
[2009/09/13 22:13:42 | 00,000,368 | RHS- | M] () -- C:\Boot.ini.saved
[2009/09/13 22:12:15 | 00,022,476 | ---- | M] () -- C:\Windows\System32\emptyregdb.dat
[2009/09/13 22:03:38 | 00,000,060 | ---- | M] () -- C:\Windows\wininit.ini
[2009/09/13 22:03:35 | 00,000,260 | ---- | M] () -- C:\Windows\_delis32.ini
[2009/09/13 20:49:19 | 00,000,368 | -H-- | M] () -- C:\Boot.BAK
[2009/09/13 20:29:12 | 00,001,142 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-602162358-1417001333-1801674531-1003UA.job
[2009/09/13

de **FloGraphiste** » 12 Oct 2009, 17:24

[color=red]Et la fin qui manquait...[/color]

========== Files - Modified Within 30 Days ==========

[2009/10/12 17:50:13 | 00,000,416 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{6C5D8E40-C3CA-448D-99E9-5E95EF80DE63}.job
[2009/10/12 16:56:11 | 01,510,272 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2009/10/12 16:56:11 | 00,683,446 | ---- | M] () -- C:\Windows\System32\perfh00C.dat
[2009/10/12 16:56:11 | 00,599,416 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2009/10/12 16:56:11 | 00,130,186 | ---- | M] () -- C:\Windows\System32\perfc00C.dat
[2009/10/12 16:56:11 | 00,106,532 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2009/10/12 16:51:16 | 00,096,848 | ---- | M] () -- C:\Windows\System32\GDIPFONTCACHEV1.DAT
[2009/10/12 16:50:40 | 00,003,568 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2009/10/12 16:50:40 | 00,003,568 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2009/10/12 16:50:17 | 06,964,984 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2009/10/12 16:50:16 | 00,032,784 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2009/10/12 16:50:15 | 00,032,784 | ---- | M] () -- C:\ProgramData\nvModes.001
[2009/10/12 16:50:11 | 00,002,649 | ---- | M] () -- C:\Users\Flox\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\GIGABYTE VGA Utility.lnk
[2009/10/12 16:49:37 | 00,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2009/10/12 16:49:33 | 00,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2009/10/12 16:47:28 | 03,680,816 | -H-- | M] () -- C:\Users\Flox\AppData\Local\IconCache.db
[2009/10/12 16:38:37 | 00,464,491 | ---- | M] () -- C:\Users\Flox\Desktop\RootRepeal.zip
[2009/10/11 21:21:42 | 00,010,488 | ---- | M] () -- C:\Users\Flox\Desktop\L.docx
[2009/10/07 15:00:18 | 00,000,818 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2009/10/07 14:51:27 | 04,045,528 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\Flox\Desktop\mbam-setup.exe
[2009/10/07 14:46:11 | 00,520,704 | ---- | M] (OldTimer Tools) -- C:\Users\Flox\Desktop\OTL.exe
[2009/10/07 09:33:27 | 00,000,160 | ---- | M] () -- C:\Users\Flox\Desktop\ColorPic.ini
[2009/10/07 09:33:27 | 00,000,000 | ---- | M] () -- C:\Users\Flox\Desktop\palettes.xml
[2009/10/06 11:58:30 | 00,013,515 | ---- | M] () -- C:\Users\Flox\Desktop\DEVELOPPEUR LOGICIEL.docx
[2009/10/06 11:57:07 | 00,056,955 | ---- | M] () -- C:\Users\Flox\Desktop\DEVELOPPEUR LOGICIEL.pdf
[2009/10/06 10:15:00 | 00,109,495 | ---- | M] () -- C:\Users\Flox\Desktop\cvitae.pdf
[2009/09/30 15:07:16 | 00,095,692 | ---- | M] () -- C:\Users\Flox\Desktop\Magnificent.ttf
[2009/09/28 11:03:23 | 00,140,966 | ---- | M] () -- C:\Users\Flox\Desktop\GBEA.N.pdf
[2009/09/26 07:23:27 | 00,061,440 | ---- | M] () -- C:\Users\Flox\Desktop\Livre 1.indb
[2009/09/25 11:33:42 | 00,046,167 | ---- | M] () -- C:\Users\Flox\Desktop\cv-f-schule.pdf
[2009/09/24 07:28:54 | 00,044,261 | ---- | M] () -- C:\Users\Flox\Desktop\cv-f.schule.pdf
[2009/09/22 09:39:47 | 00,721,904 | ---- | M] () -- C:\Windows\System32\drivers\sptd.sys
[2009/09/22 09:21:16 | 00,012,288 | ---- | M] () -- C:\Users\Flox\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/09/21 20:49:54 | 34,493,134 | ---- | M] () -- C:\Users\Flox\Desktop\alex.psd
[2009/09/20 20:31:14 | 00,138,008 | ---- | M] () -- C:\Users\Flox\Desktop\cousins.jpg
[2009/09/20 20:31:07 | 00,140,402 | ---- | M] () -- C:\Users\Flox\Desktop\filles.jpg
[2009/09/19 18:21:44 | 07,983,819 | ---- | M] () -- C:\Users\Flox\Desktop\enf.psd
[2009/09/18 15:14:59 | 00,000,864 | ---- | M] () -- C:\Users\Public\Desktop\Shape Collage.lnk
[2009/09/18 14:55:09 | 00,000,847 | ---- | M] () -- C:\Users\Public\Desktop\Cfont Pro.lnk
[2009/09/18 14:30:26 | 00,000,872 | ---- | M] () -- C:\Users\Public\Desktop\FastStone Capture.lnk
[2009/09/18 14:29:55 | 00,001,636 | ---- | M] () -- C:\Users\Public\Desktop\Ript.lnk
[2009/09/17 14:15:40 | 00,001,853 | ---- | M] () -- C:\Users\Flox\Desktop\photos_famille - Raccourci.lnk
[2009/09/16 09:52:52 | 00,788,256 | ---- | M] () -- C:\Users\Flox\Documents\FM bois (2).pdf
[2009/09/16 09:49:22 | 00,353,379 | ---- | M] () -- C:\Users\Flox\Documents\Copie de FM bois (2).pdf
[2009/09/14 10:42:59 | 00,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_00_00.Wdf
[2009/09/14 00:32:58 | 00,000,552 | ---- | M] () -- C:\Windows\win.ini
[2009/09/13 23:25:51 | 00,000,680 | ---- | M] () -- C:\Users\Flox\AppData\Local\d3d9caps.dat
[2009/09/13 22:15:28 | 00,448,550 | ---- | M] () -- C:\Windows\System32\license.rtf
[2009/09/13 22:13:43 | 00,008,192 | R-S- | M] () -- C:\BOOTSECT.BAK
[2009/09/13 22:13:42 | 00,000,368 | RHS- | M] () -- C:\Boot.ini.saved
[2009/09/13 22:12:15 | 00,022,476 | ---- | M] () -- C:\Windows\System32\emptyregdb.dat
[2009/09/13 22:03:38 | 00,000,060 | ---- | M] () -- C:\Windows\wininit.ini
[2009/09/13 22:03:35 | 00,000,260 | ---- | M] () -- C:\Windows\_delis32.ini
[2009/09/13 20:49:19 | 00,000,368 | -H-- | M] () -- C:\Boot.BAK
[2009/09/13 20:29:12 | 00,001,142 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-602162358-1417001333-1801674531-1003UA.job
[2009/09/13 20:00:00 | 00,000,502 | ---- | M] () -- C:\Windows\tasks\Maintenance en 1 clic.job
[2009/09/13 19:48:21 | 00,001,887 | ---- | M] () -- C:\Windows\diagwrn.xml
[2009/09/13 19:48:21 | 00,001,887 | ---- | M] () -- C:\Windows\diagerr.xml

========== Files - No Company Name ==========
[2009/10/12 16:38:37 | 00,464,491 | ---- | C] () -- C:\Users\Flox\Desktop\RootRepeal.zip
[2009/10/12 15:38:46 | 00,060,280 | R--- | C] () -- C:\Users\Flox\Desktop\VeraSe.ttf
[2009/10/12 15:38:46 | 00,058,736 | R--- | C] () -- C:\Users\Flox\Desktop\VeraSeBd.ttf
[2009/10/12 15:38:34 | 00,081,672 | ---- | C] () -- C:\Users\Flox\Desktop\RomanSerif-Oblique.ttf
[2009/10/12 15:38:34 | 00,074,784 | ---- | C] () -- C:\Users\Flox\Desktop\RomanSerif.ttf
[2009/10/12 15:13:25 | 00,052,752 | ---- | C] () -- C:\Users\Flox\Desktop\centabel.ttf
[2009/10/12 15:13:18 | 00,061,212 | ---- | C] () -- C:\Users\Flox\Desktop\Timeless.ttf
[2009/10/12 15:13:18 | 00,035,596 | ---- | C] () -- C:\Users\Flox\Desktop\Timeless-Bold.ttf
[2009/10/12 15:13:08 | 00,095,692 | ---- | C] () -- C:\Users\Flox\Desktop\Magnificent.ttf
[2009/10/11 21:21:41 | 00,010,488 | ---- | C] () -- C:\Users\Flox\Desktop\L.docx
[2009/10/07 15:00:18 | 00,000,818 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2009/10/06 10:34:29 | 00,056,955 | ---- | C] () -- C:\Users\Flox\Desktop\DEVELOPPEUR LOGICIEL.pdf
[2009/10/06 10:32:21 | 00,013,515 | ---- | C] () -- C:\Users\Flox\Desktop\DEVELOPPEUR LOGICIEL.docx
[2009/10/06 10:15:00 | 00,109,495 | ---- | C] () -- C:\Users\Flox\Desktop\cvitae.pdf
[2009/09/28 11:03:23 | 00,140,966 | ---- | C] () -- C:\Users\Flox\Desktop\GBEA.N.pdf
[2009/09/26 09:26:59 | 00,000,160 | ---- | C] () -- C:\Users\Flox\Desktop\ColorPic.ini
[2009/09/26 08:02:15 | 00,000,000 | ---- | C] () -- C:\Users\Flox\Desktop\palettes.xml
[2009/09/26 07:23:26 | 00,061,440 | ---- | C] () -- C:\Users\Flox\Desktop\Livre 1.indb
[2009/09/25 11:33:41 | 00,046,167 | ---- | C] () -- C:\Users\Flox\Desktop\cv-f-schule.pdf
[2009/09/23 21:45:12 | 00,044,261 | ---- | C] () -- C:\Users\Flox\Desktop\cv-f.schule.pdf
[2009/09/22 09:09:27 | 01,421,964 | ---- | C] () -- C:\Windows\System32\PenTablet.znc
[2009/09/21 18:27:24 | 34,493,134 | ---- | C] () -- C:\Users\Flox\Desktop\alex.psd
[2009/09/21 17:55:41 | 04,655,231 | ---- | C] () -- C:\Users\Flox\Desktop\vpvector.eps
[2009/09/20 20:28:10 | 00,138,008 | ---- | C] () -- C:\Users\Flox\Desktop\cousins.jpg
[2009/09/20 20:27:20 | 00,140,402 | ---- | C] () -- C:\Users\Flox\Desktop\filles.jpg
[2009/09/19 18:21:42 | 07,983,819 | ---- | C] () -- C:\Users\Flox\Desktop\enf.psd
[2009/09/18 15:14:59 | 00,000,864 | ---- | C] () -- C:\Users\Public\Desktop\Shape Collage.lnk
[2009/09/18 14:55:09 | 00,000,847 | ---- | C] () -- C:\Users\Public\Desktop\Cfont Pro.lnk
[2009/09/18 14:49:49 | 00,012,288 | ---- | C] () -- C:\Users\Flox\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/09/18 14:30:26 | 00,000,872 | ---- | C] () -- C:\Users\Public\Desktop\FastStone Capture.lnk
[2009/09/18 14:29:55 | 00,001,636 | ---- | C] () -- C:\Users\Public\Desktop\Ript.lnk
[2009/09/17 14:15:47 | 00,001,853 | ---- | C] () -- C:\Users\Flox\Desktop\photos_famille - Raccourci.lnk
[2009/09/16 09:52:52 | 00,788,256 | ---- | C] () -- C:\Users\Flox\Documents\FM bois (2).pdf
[2009/09/16 09:49:17 | 00,353,379 | ---- | C] () -- C:\Users\Flox\Documents\Copie de FM bois (2).pdf
[2009/09/14 15:13:11 | 00,000,711 | ---- | C] () -- C:\Windows\System32\CPSOKBTasks.xml
[2009/09/14 10:42:59 | 00,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_00_00.Wdf
[2009/09/14 01:09:01 | 03,680,816 | -H-- | C] () -- C:\Users\Flox\AppData\Local\IconCache.db
[2009/09/14 00:21:41 | 02,501,921 | ---- | C] () -- C:\Windows\System32\wlan.tmf
[2009/09/13 23:32:46 | 00,032,784 | ---- | C] () -- C:\ProgramData\nvModes.001
[2009/09/13 23:32:44 | 00,032,784 | ---- | C] () -- C:\ProgramData\nvModes.dat
[2009/09/13 23:14:52 | 00,073,728 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll
[2009/09/13 22:45:11 | 00,000,416 | -H-- | C] () -- C:\Windows\tasks\User_Feed_Synchronization-{6C5D8E40-C3CA-448D-99E9-5E95EF80DE63}.job
[2009/09/13 22:39:43 | 00,171,136 | RHS- | C] () -- C:\grldr
[2009/09/13 22:25:17 | 00,000,680 | ---- | C] () -- C:\Users\Flox\AppData\Local\d3d9caps.dat
[2009/09/13 22:12:15 | 00,022,476 | ---- | C] () -- C:\Windows\System32\emptyregdb.dat
[2009/09/13 21:20:34 | 00,003,568 | -H-- | C] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2009/09/13 21:20:34 | 00,003,568 | -H-- | C] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2009/09/13 21:19:27 | 06,964,984 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2009/09/13 20:49:19 | 00,008,192 | R-S- | C] () -- C:\BOOTSECT.BAK
[2009/09/13 20:49:19 | 00,000,368 | -H-- | C] () -- C:\Boot.BAK
[2009/09/13 20:49:13 | 00,333,257 | RHS- | C] () -- C:\bootmgr
[2009/09/13 19:48:21 | 00,001,887 | ---- | C] () -- C:\Windows\diagwrn.xml
[2009/09/13 19:48:21 | 00,001,887 | ---- | C] () -- C:\Windows\diagerr.xml
[2009/08/01 15:55:56 | 00,000,260 | ---- | C] () -- C:\Windows\_delis32.ini
[2009/07/21 18:52:10 | 00,000,060 | ---- | C] () -- C:\Windows\wininit.ini
[2009/04/12 13:51:42 | 00,000,121 | ---- | C] () -- C:\Windows\Winchat.ini
[2009/04/11 15:19:09 | 00,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009/01/16 16:55:50 | 00,011,512 | ---- | C] () -- C:\Users\Flox\AppData\Roaming\SmarThruOptions.xml
[2009/01/16 16:53:36 | 00,022,723 | ---- | C] () -- C:\Windows\System32\sst1cl3.dll
[2009/01/16 16:27:59 | 00,139,776 | ---- | C] () -- C:\Windows\System32\SaXPEH.dll
[2009/01/16 16:27:59 | 00,138,752 | ---- | C] () -- C:\Windows\System32\SaXPWIA.dll
[2009/01/16 16:27:59 | 00,138,240 | ---- | C] () -- C:\Windows\System32\SaXPUIEx.dll
[2009/01/16 16:27:59 | 00,116,736 | ---- | C] () -- C:\Windows\System32\SaXPIPH.dll
[2009/01/16 16:27:59 | 00,087,040 | ---- | C] () -- C:\Windows\System32\SaXPSTI.dll
[2009/01/06 16:12:36 | 00,024,244 | ---- | C] () -- C:\Users\Flox\AppData\Roaming\Microsoft Access 97-2003.ADR
[2009/01/06 14:59:29 | 00,000,028 | ---- | C] () -- C:\Windows\ODBC.INI
[2008/11/03 19:15:41 | 00,000,038 | ---- | C] () -- C:\Windows\AviSplitter.INI
[2008/10/25 22:27:15 | 00,000,026 | ---- | C] () -- C:\Windows\System32\satsukidecodersettings.ini
[2008/10/25 21:08:05 | 00,721,904 | ---- | C] () -- C:\Windows\System32\drivers\sptd.sys
[2008/10/25 21:05:16 | 00,006,912 | ---- | C] () -- C:\Windows\System32\drivers\FlashSys.sys
[2008/10/25 21:04:39 | 00,217,088 | ---- | C] () -- C:\Windows\NVGfxOgl.dll
[2008/01/21 04:23:41 | 00,081,158 | ---- | C] () -- C:\Windows\System32\manage-bde.ini.en
[2007/06/28 18:43:00 | 01,703,936 | ---- | C] () -- C:\Windows\System32\nvwdmcpl.dll
[2007/06/28 18:43:00 | 01,474,560 | ---- | C] () -- C:\Windows\System32\nview.dll
[2007/06/28 18:43:00 | 01,019,904 | ---- | C] () -- C:\Windows\System32\nvwimg.dll
[2007/06/28 18:43:00 | 00,466,944 | ---- | C] () -- C:\Windows\System32\nvshell.dll
[2007/06/03 14:31:28 | 00,010,752 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2006/12/10 23:32:16 | 00,000,547 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll.manifest
[2006/11/02 14:49:43 | 00,000,174 | -HS- | C] () -- C:\Program Files\desktop.ini
[2006/11/02 14:34:20 | 00,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 09:40:29 | 00,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2004/11/18 10:16:42 | 00,069,632 | ---- | C] () -- C:\Windows\System32\nktwab.dll
[2002/09/07 02:00:00 | 00,000,552 | ---- | C] () -- C:\Windows\win.ini
[2002/09/07 02:00:00 | 00,000,250 | ---- | C] () -- C:\Windows\system.ini

========== Alternate Data Streams ==========

@Alternate Data Stream - 195 bytes -> C:\ProgramData\TEMP:DFC5A2B2
<End>

de **nickW** » 15 Oct 2009, 00:28

Bonsoir,

Après ce premier nettoyage, peux-tu me dire comment se comporte le PC?

Faire une nouvelle recherche avec MBAM:

Étape 1: Pas de processus de contrôle en temps réel
Désactiver le module résident de l'antivirus.

Avira Antivir: clic droit sur l'icône dans la SysBarre (à coté de l'horloge), décocher "Activer Antivir Guard/AntiVir Guard enable"

Étape 2: Malwarebytes' Anti-Malware, recherche
Fermer toutes les fenêtres de programme ouvertes.
Lancer Malwarebytes' Anti-Malware via le Menu Démarrer.
Dans l'onglet Paramètres, vérifier que toutes les cases sont cochées sauf "Créer une option dans le menu contextuel pour analyser des fichiers (clic droit)".
Dans l'onglet Mise à jour, cliquer sur le bouton Recherche de mise à jour et installer toutes les mises à jour trouvées.
Dans l'onglet Recherche, cocher le bouton radio situé devant "Exécuter un examen rapide" puis cliquer sur le bouton Rechercher.
Attendre sans rien faire d'autre la fin de la recherche; dans la fenêtre annonçant la fin de l'analyse, cliquer sur OK; puis cliquer sur le bouton "Afficher les résultats".

Cliquer sur le bouton "Enregistrer le rapport", valider la sauvegarde, puis cliquer sur le bouton "Quitter"

Étape 3: Processus de contrôle en temps réel
Important: Réactiver le module résident de l'antivirus.

Étape 4: Résultats
Envoyer en réponse:
*- le log de Malwarebytes' Anti-Malware (contenu du fichier mbam-log-*-**-**** (**-**-**).txt situé dans le dossier SystemDrive\Documents and Settings\<tonprofil>\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs / *-**-**** (**-**-**) représente la date [mois-jour-année] et l'heure [hh-mn-ss])
[SystemDrive représente la partition sur laquelle est installé le système, généralement C:]

A suivre,

de **FloGraphiste** » 24 Oct 2009, 12:47

Bonjour Nick,

Merci pour ton aide qui a manifestement été efficace. Il n'y a plus trace de quoique ce soit.

Et pardon pour le délai de réponse, je m'étais absentée quelques jours.

Malwarebytes' Anti-Malware 1.41
Version de la base de données: 3024
Windows 6.0.6002 Service Pack 2

24/10/2009 13:42:42
mbam-log-2009-10-24 (13-42-42).txt

Type de recherche: Examen rapide
Eléments examinés: 103143
Temps écoulé: 4 minute(s), 44 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
(Aucun élément nuisible détecté)

Sans trop m'avancer, je pense que ça devrait être OK.

Flo

Assiste.Forums

Analyse de logs suite infection qui utilise Filezilla

Analyse de logs suite infection qui utilise Filezilla

Suite des rapports

Suite des rapports

Qui est en ligne