Besoin confirmation svp

Sécurité et insécurité. Virus, Trojans, Spywares, Failles etc. …

Modérateur: Modérateurs et Modératrices

Règles du forum
Assiste.com a suspendu l'assistance à la décontamination après presque 15 ans sur l'ancien forum puis celui-ci. Voir :

Procédure de décontamination 1 - Anti-malware
Décontamination anti-malwares

Procédure de décontamination 2 - Anti-malware et antivirus (La Manip)
La Manip - Procédure standard de décontamination

Entretien périodique d'un PC sous Windows
Entretien périodique d'un PC sous Windows

Protection des navigateurs, de la navigation et de la vie privée
Protéger le navigateur, la navigation et la vie privée

Besoin confirmation svp

Messagede bouge71 » 12 Oct 2009, 21:34

Bonjour,

J'ai eu des virus du nom de malware trace, navimoproH et trojan BHO.

J'ai avant avant de consulter ce forum nettoyer avec malewarebytes ces virus, mais j'ai la sensation de ne pas en être débarassé.

J'ai tout de même effectué un nouveau scan rapide avec malewarebytes mais il ne detecte plus rien... (effectué sans le résident de l'antivirus seulement)

Pourriez vous m'aider svp j'ai des doutes sur la propreté de mon system.

Je vous post les fichiers mis en quarantaine, dans l'ordre de nettoyage par malwarebytes, ainsi que le fichier OTL et extras.
bouge71
 
Messages: 22
Inscription: 12 Oct 2009, 20:50

Messagede bouge71 » 12 Oct 2009, 21:35

1er nettoyage :

Malwarebytes' Anti-Malware 1.41
Version de la base de données: 2936
Windows 6.0.6002 Service Pack 2

10/10/2009 13:44:04
mbam-log-2009-10-10 (13-44-04).txt

Type de recherche: Examen rapide
Eléments examinés: 89250
Temps écoulé: 6 minute(s), 58 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 1
Clé(s) du Registre infectée(s): 5
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 1

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
C:\ProgramData\Partner\partner.dll (Trojan.BHO) -> Delete on reboot.

Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\TypeLib\{86676e13-d6d8-4652-9fcf-f2047f1fb000} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{83ff80f4-8c74-4b80-b5ba-c8ddd434e5c4} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{83ff80f4-8c74-4b80-b5ba-c8ddd434e5c4} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{83ff80f4-8c74-4b80-b5ba-c8ddd434e5c4} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\kt_bho.KettleBho (Trojan.BHO) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
C:\ProgramData\Partner\partner.dll (Trojan.BHO) -> Delete on reboot.
bouge71
 
Messages: 22
Inscription: 12 Oct 2009, 20:50

Messagede bouge71 » 12 Oct 2009, 21:36

2 eme :

Malwarebytes' Anti-Malware 1.41
Version de la base de données: 2936
Windows 6.0.6002 Service Pack 2

10/10/2009 23:58:57
mbam-log-2009-10-10 (23-58-57).txt

Type de recherche: Examen complet (C:\|)
Eléments examinés: 250095
Temps écoulé: 3 hour(s), 14 minute(s), 25 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 3
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 1

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\partner service (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\partner service (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\partner service (Trojan.BHO) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
C:\ProgramData\Partner\partner.exe (Trojan.BHO) -> Quarantined and deleted successfully.
bouge71
 
Messages: 22
Inscription: 12 Oct 2009, 20:50

Messagede bouge71 » 12 Oct 2009, 21:36

3eme :

Malwarebytes' Anti-Malware 1.41
Version de la base de données: 2941
Windows 6.0.6002 Service Pack 2

11/10/2009 18:23:58
mbam-log-2009-10-11 (18-23-58).txt

Type de recherche: Examen complet (C:\|)
Eléments examinés: 252885
Temps écoulé: 2 hour(s), 34 minute(s), 33 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 2
Valeur(s) du Registre infectée(s): 1
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 6

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\fcn (Rogue.Residue) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Live-Player (Malware.Trace) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\dtesjq (Trojan.Agent.H) -> Quarantined and deleted successfully.

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
C:\Users\Cédric\Local Settings\Application Data\dtesjq_navps.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully.
C:\Users\Cédric\Local Settings\Application Data\dtesjq_nav.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully.
C:\Users\Cédric\Local Settings\Application Data\dtesjq.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully.
C:\Users\Cédric\Local Settings\Application Data\dtesjq.exe (Adware.Navipromo.H) -> Delete on reboot.
c:\Users\Cédric\AppData\Local\dtesjq.exe (Trojan.Agent.H) -> Delete on reboot.
C:\Users\Cédric\Downloads\Live-Player_setup.exe (Adware.NaviPromo) -> Quarantined and deleted successfully.
bouge71
 
Messages: 22
Inscription: 12 Oct 2009, 20:50

Messagede bouge71 » 12 Oct 2009, 21:37

4 eme nettoyage :

Malwarebytes' Anti-Malware 1.41
Version de la base de données: 2941
Windows 6.0.6002 Service Pack 2

11/10/2009 23:49:48
mbam-log-2009-10-11 (23-49-48).txt

Type de recherche: Examen complet (C:\|)
Eléments examinés: 6666
Temps écoulé: 31 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 2

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
C:\Users\Cédric\Local Settings\Application Data\dtesjq_navps.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully.
C:\Users\Cédric\Local Settings\Application Data\dtesjq.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully.
bouge71
 
Messages: 22
Inscription: 12 Oct 2009, 20:50

Messagede bouge71 » 12 Oct 2009, 21:39

OTL :

OTL logfile created on: 12/10/2009 22:10:05 - Run 1
OTL by OldTimer - Version 3.0.20.0 Folder = C:\Users\Cédric\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18813)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

2,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 99,83% Memory free
4,00 Gb Paging File | 4,00 Gb Available in Paging File | 100,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 455,99 Gb Total Space | 399,54 Gb Free Space | 87,62% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: PC-DE-CÉDRIC
Current User Name: Cédric
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2009/10/12 21:51:04 | 00,521,216 | ---- | M] (OldTimer Tools) -- C:\Users\Cédric\Desktop\OTL.exe
PRC - [2009/10/11 06:26:12 | 00,056,456 | ---- | M] (AG Interactive) -- C:\Program Files\Kiwee Toolbar\2.9.201\kwtbaim.exe
PRC - [2009/10/11 06:25:47 | 00,010,240 | ---- | M] () -- C:\Program Files\AGI\common\win32\PythonService.exe
PRC - [2009/10/08 23:30:49 | 00,136,600 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jusched.exe
PRC - [2009/10/08 20:20:02 | 00,030,192 | ---- | M] (Google) -- C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
PRC - [2009/08/26 17:43:50 | 00,111,928 | R--- | M] (SweetIM Technologies Ltd.) -- C:\Program Files\SweetIM\Messenger\SweetIM.exe
PRC - [2009/08/26 02:09:09 | 00,117,640 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton Internet Security\Engine\16.7.2.11\ccSvcHst.exe
PRC - [2009/08/13 15:39:05 | 01,328,128 | ---- | M] (Iminent) -- C:\Program Files\Iminent\IMBooster\IMBooster.exe
PRC - [2009/07/26 16:44:52 | 03,883,856 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe
PRC - [2009/07/20 11:12:01 | 00,497,664 | ---- | M] (Iminent) -- C:\Program Files\Iminent\SearchTheWeb\Iminent.Notifier.exe
PRC - [2009/07/18 05:12:12 | 00,257,440 | R--- | M] (Adobe Systems, Inc.) -- C:\Windows\System32\Macromed\Flash\FlashUtil10c.exe
PRC - [2009/07/09 14:44:14 | 00,711,200 | ---- | M] (Acer Incorporated) -- C:\Program Files\Packard Bell\Packard Bell PowerSave Solution\ePowerTray.exe
PRC - [2009/07/09 14:44:14 | 00,707,104 | ---- | M] (Acer Incorporated) -- C:\Program Files\Packard Bell\Packard Bell PowerSave Solution\ePowerSvc.exe
PRC - [2009/07/09 14:44:12 | 00,453,152 | ---- | M] (Acer Incorporated) -- C:\Program Files\Packard Bell\Packard Bell PowerSave Solution\ePowerEvent.exe
PRC - [2009/07/08 11:42:24 | 00,211,488 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvvsvc.exe
PRC - [2009/06/17 01:45:44 | 01,064,968 | ---- | M] (Dritek System Inc.) -- C:\Program Files\Launch Manager\LManager.exe
PRC - [2009/05/19 11:36:18 | 00,240,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
PRC - [2009/05/07 04:49:24 | 07,227,936 | ---- | M] (Realtek Semiconductor) -- C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
PRC - [2009/04/22 19:05:06 | 01,552,497 | ---- | M] (Suyin) -- C:\Program Files\VideoWebCamera\VideoWebCamera.exe
PRC - [2009/04/11 19:32:10 | 00,250,624 | ---- | M] (NewTech Infosystems, Inc.) -- C:\Program Files\NewTech Infosystems\Packard Bell MyBackup\BackupManagerTray.exe
PRC - [2009/04/11 19:32:00 | 00,061,184 | ---- | M] (NewTech Infosystems, Inc.) -- C:\Program Files\NewTech Infosystems\Packard Bell MyBackup\IScheduleSvc.exe
PRC - [2009/04/11 08:28:15 | 00,247,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\wmiprvse.exe
PRC - [2009/04/11 08:28:08 | 00,037,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\unsecapp.exe
PRC - [2009/04/11 08:27:36 | 02,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\Explorer.EXE
PRC - [2009/04/11 08:27:28 | 00,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conime.exe
PRC - [2009/03/18 10:46:30 | 01,160,736 | ---- | M] (Acer Incorporated) -- C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe
PRC - [2009/03/07 02:57:54 | 01,434,920 | ---- | M] (Synaptics Incorporated) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
PRC - [2009/03/07 02:57:54 | 00,103,720 | ---- | M] (Synaptics Incorporated) -- C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
PRC - [2009/02/12 02:38:40 | 00,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
PRC - [2009/02/12 02:38:38 | 00,186,904 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
PRC - [2008/10/17 10:44:58 | 00,091,432 | ---- | M] (CyberLink Corp.) -- C:\Program Files\CyberLink\PowerDVD8\PDVD8Serv.exe
PRC - [2008/02/18 16:29:12 | 00,877,864 | ---- | M] (Nero AG) -- C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
PRC - [2007/09/11 00:45:04 | 00,124,832 | ---- | M] () -- C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe
PRC - [2006/12/19 09:30:26 | 00,081,920 | ---- | M] (Prolific Technology Inc.) -- C:\Windows\System32\IoctlSvc.exe

========== Win32 Services (SafeList) ==========

SRV - [2009/10/11 06:25:47 | 00,010,240 | ---- | M] () -- C:\Program Files\AGI\common\win32\PythonService.exe -- (AGWinService [Auto | Running])
SRV - [2009/10/08 20:20:12 | 00,138,168 | ---- | M] (Google) -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc [On_Demand | Stopped])
SRV - [2009/10/08 20:20:02 | 00,030,192 | ---- | M] (Google) -- C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe -- (GoogleDesktopManager-092308-165331 [On_Demand | Stopped])
SRV - [2009/08/26 02:09:09 | 00,117,640 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton Internet Security\Engine\16.7.2.11\ccSvcHst.exe -- (Norton Internet Security [Auto | Running])
SRV - [2009/07/09 14:44:14 | 00,707,104 | ---- | M] (Acer Incorporated) -- C:\Program Files\Packard Bell\Packard Bell PowerSave Solution\ePowerSvc.exe -- (ePowerSvc [Auto | Running])
SRV - [2009/07/08 11:42:24 | 00,211,488 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvvsvc.exe -- (nvsvc [Auto | Running])
SRV - [2009/06/22 20:46:53 | 00,654,848 | ---- | M] (Macrovision Europe Ltd.) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service [On_Demand | Stopped])
SRV - [2009/05/19 11:36:18 | 00,240,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe -- (SeaPort [Auto | Running])
SRV - [2009/04/11 19:32:00 | 00,061,184 | ---- | M] (NewTech Infosystems, Inc.) -- C:\Program Files\NewTech Infosystems\Packard Bell MyBackup\IScheduleSvc.exe -- (NTI IScheduleSvc [Auto | Running])
SRV - [2009/04/11 08:28:25 | 01,017,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wevtsvc.dll -- (Eventlog [Auto | Running])
SRV - [2009/03/30 06:42:14 | 00,066,368 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32 [On_Demand | Stopped])
SRV - [2009/02/19 00:21:00 | 02,769,658 | ---- | M] (INCA Internet Co., Ltd.) -- C:\Windows\System32\GameMon.des -- (npggsvc [On_Demand | Stopped])
SRV - [2009/02/18 20:39:20 | 00,043,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe -- (FontCache3.0.0.0 [On_Demand | Stopped])
SRV - [2009/02/18 20:38:43 | 00,129,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing [Disabled | Stopped])
SRV - [2009/02/18 20:38:42 | 00,879,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe -- (idsvc [Unknown | Stopped])
SRV - [2009/02/12 02:38:40 | 00,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe -- (IAANTMON [Auto | Running])
SRV - [2008/11/04 05:37:58 | 00,410,624 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\System32\XAudio32.dll -- (HsfXAudioService [Auto | Running])
SRV - [2008/11/04 01:06:28 | 00,441,712 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv [On_Demand | Stopped])
SRV - [2008/04/28 16:16:06 | 00,529,704 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe -- (NMIndexingService [On_Demand | Stopped])
SRV - [2008/02/18 16:29:12 | 00,877,864 | ---- | M] (Nero AG) -- C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe -- (Nero BackItUp Scheduler 3 [Auto | Running])
SRV - [2008/01/21 04:25:33 | 00,896,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc [On_Demand | Stopped])
SRV - [2008/01/21 04:25:09 | 00,292,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehRecvr.exe -- (ehRecvr [On_Demand | Stopped])
SRV - [2008/01/21 04:23:32 | 00,272,952 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend [Auto | Stopped])
SRV - [2007/09/11 00:45:04 | 00,124,832 | ---- | M] () -- C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor6.0 [Auto | Running])
SRV - [2006/12/19 09:30:26 | 00,081,920 | ---- | M] (Prolific Technology Inc.) -- C:\Windows\System32\IoctlSvc.exe -- (PLFlash DeviceIoControl Service [Auto | Running])
SRV - [2006/11/02 14:35:29 | 00,131,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehsched.exe -- (ehSched [On_Demand | Stopped])
SRV - [2006/11/02 14:35:29 | 00,013,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehstart.dll -- (ehstart [Auto | Stopped])
SRV - [2006/11/02 11:46:05 | 00,017,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\irmon.dll -- (Irmon [Auto | Running])
SRV - [2006/10/26 14:03:08 | 00,145,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose [On_Demand | Stopped])

========== Driver Services (SafeList) ==========

DRV - [2009/10/09 15:11:11 | 00,124,976 | ---- | M] (Symantec Corporation) -- C:\Windows\System32\Drivers\SYMEVENT.SYS -- (SymEvent [On_Demand | Running])
DRV - [2009/10/09 15:10:45 | 00,482,432 | ---- | M] (Symantec Corporation) -- C:\Windows\System32\Drivers\NIS\1007020.00B\ccHPx86.sys -- (ccHP [System | Running])
DRV - [2009/10/08 10:00:00 | 01,323,568 | ---- | M] (Symantec Corporation) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20091011.020\NAVEX15.SYS -- (NAVEX15 [On_Demand | Running])
DRV - [2009/10/08 10:00:00 | 00,371,248 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl [System | Running])
DRV - [2009/10/08 10:00:00 | 00,102,448 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv [On_Demand | Running])
DRV - [2009/10/08 10:00:00 | 00,084,912 | ---- | M] (Symantec Corporation) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20091011.020\NAVENG.SYS -- (NAVENG [On_Demand | Running])
DRV - [2009/09/11 19:49:50 | 00,342,576 | ---- | M] (Symantec Corporation) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\ipsdefs\20090916.003\IDSvix86.sys -- (IDSVix86 [System | Running])
DRV - [2009/08/26 02:09:10 | 00,310,320 | ---- | M] (Symantec Corporation) -- C:\Windows\system32\drivers\NIS\1007020.00B\SYMEFA.SYS -- (SymEFA [Boot | Running])
DRV - [2009/08/26 02:09:10 | 00,308,272 | ---- | M] (Symantec Corporation) -- C:\Windows\System32\Drivers\NIS\1007020.00B\SRTSP.SYS -- (SRTSP [On_Demand | Running])
DRV - [2009/08/26 02:09:10 | 00,259,632 | ---- | M] (Symantec Corporation) -- C:\Windows\System32\Drivers\NIS\1007020.00B\BHDrvx86.sys -- (BHDrvx86 [System | Running])
DRV - [2009/08/26 02:09:10 | 00,217,136 | ---- | M] (Symantec Corporation) -- C:\Windows\System32\Drivers\NIS\1007020.00B\SYMTDI.SYS -- (SYMTDI [System | Running])
DRV - [2009/08/26 02:09:10 | 00,089,904 | ---- | M] (Symantec Corporation) -- C:\Windows\System32\Drivers\NIS\1007020.00B\SYMFW.SYS -- (SYMFW [On_Demand | Running])
DRV - [2009/08/26 02:09:10 | 00,048,688 | ---- | M] (Symantec Corporation) -- C:\Windows\System32\Drivers\NIS\1007020.00B\SYMNDISV.SYS -- (SYMNDISV [On_Demand | Running])
DRV - [2009/08/26 02:09:10 | 00,043,696 | ---- | M] (Symantec Corporation) -- C:\Windows\system32\drivers\NIS\1007020.00B\SRTSPX.SYS -- (SRTSPX [System | Running])
DRV - [2009/08/26 02:08:51 | 00,025,648 | R--- | M] (Symantec Corporation) -- C:\Windows\System32\DRIVERS\SymIMv.sys -- (SymIM [System | Running])
DRV - [2009/07/09 07:37:00 | 09,786,272 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\DRIVERS\nvlddmkm.sys -- (nvlddmkm [On_Demand | Running])
DRV - [2009/06/22 20:44:56 | 00,043,528 | ---- | M] (Sonic Solutions) -- C:\Windows\System32\Drivers\PxHelp20.sys -- (PxHelp20 [Boot | Running])
DRV - [2009/05/07 04:37:56 | 02,366,496 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\System32\drivers\RTKVHDA.sys -- (IntcAzAudAddService [On_Demand | Running])
DRV - [2009/05/01 20:13:34 | 00,064,032 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\drivers\nvhda32v.sys -- (NVHDA [On_Demand | Running])
DRV - [2009/04/11 06:45:24 | 00,113,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\DRIVERS\RMCAST.sys -- (RMCAST [Auto | Running])
DRV - [2009/03/26 01:48:32 | 00,015,360 | ---- | M] (NewTech Infosystems, Inc.) -- C:\Windows\System32\Drivers\NTIDrvr.sys -- (NTIDrvr [On_Demand | Running])
DRV - [2009/03/07 02:58:44 | 00,208,304 | ---- | M] (Synaptics Incorporated) -- C:\Windows\System32\DRIVERS\SynTP.sys -- (SynTP [On_Demand | Running])
DRV - [2009/02/13 23:00:22 | 00,980,992 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\System32\DRIVERS\HSX_DPV.sys -- (HSF_DPV [On_Demand | Running])
DRV - [2009/02/13 22:58:16 | 00,207,360 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\System32\DRIVERS\HSXHWAZL.sys -- (HSXHWAZL [On_Demand | Running])
DRV - [2009/02/13 22:57:28 | 00,661,504 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\System32\DRIVERS\HSX_CNXT.sys -- (winachsf [On_Demand | Running])
DRV - [2009/02/12 02:11:50 | 00,329,752 | ---- | M] (Intel Corporation) -- C:\Windows\system32\DRIVERS\iaStor.sys -- (iaStor [Boot | Running])
DRV - [2008/11/04 05:32:20 | 00,008,704 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\System32\DRIVERS\XAudio32.sys -- (XAudio [Auto | Running])
DRV - [2008/10/08 10:43:08 | 00,005,632 | ---- | M] (Windows (R) Codename Longhorn DDK provider) -- C:\Windows\System32\DRIVERS\hidshim.sys -- (hidshim [On_Demand | Running])
DRV - [2008/10/08 10:43:06 | 00,022,528 | ---- | M] (Nuvoton Technology Corporation) -- C:\Windows\System32\DRIVERS\nuvotonhidgeneric.sys -- (nuvotonhidgeneric [On_Demand | Running])
DRV - [2008/09/25 17:37:40 | 03,666,432 | ---- | M] (Intel Corporation) -- C:\Windows\System32\DRIVERS\NETw5v32.sys -- (NETw5v32 [On_Demand | Running])
DRV - [2008/09/04 05:12:56 | 00,223,232 | ---- | M] (Broadcom Corporation) -- C:\Windows\System32\DRIVERS\k57nd60x.sys -- (k57nd60x [On_Demand | Running])
DRV - [2008/01/31 03:51:50 | 00,013,824 | ---- | M] (NewTech Infosystems Corporation) -- C:\Windows\System32\drivers\UBHelper.sys -- (UBHelper [Boot | Running])
DRV - [2008/01/21 04:23:27 | 00,386,616 | ---- | M] (LSI Corporation, Inc.) -- C:\Windows\system32\drivers\megasr.sys -- (MegaSR [Disabled | Stopped])
DRV - [2008/01/21 04:23:27 | 00,149,560 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320 [Disabled | Stopped])
DRV - [2008/01/21 04:23:27 | 00,031,288 | ---- | M] (LSI Corporation) -- C:\Windows\system32\drivers\megasas.sys -- (megasas [Disabled | Stopped])
DRV - [2008/01/21 04:23:26 | 00,101,432 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m [Disabled | Stopped])
DRV - [2008/01/21 04:23:26 | 00,074,808 | ---- | M] (Silicon Integrated Systems) -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4 [Disabled | Stopped])
DRV - [2008/01/21 04:23:26 | 00,040,504 | ---- | M] (Hewlett-Packard Company) -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs [Disabled | Stopped])
DRV - [2008/01/21 04:23:25 | 00,300,600 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci [Disabled | Stopped])
DRV - [2008/01/21 04:23:25 | 00,089,656 | ---- | M] (LSI Logic) -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS [Disabled | Stopped])
DRV - [2008/01/21 04:23:24 | 01,122,360 | ---- | M] (QLogic Corporation) -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300 [Disabled | Stopped])
DRV - [2008/01/21 04:23:24 | 00,118,784 | ---- | M] (Intel Corporation) -- C:\Windows\System32\DRIVERS\E1G60I32.sys -- (E1G60 [On_Demand | Stopped])
DRV - [2008/01/21 04:23:24 | 00,079,928 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas [Disabled | Stopped])
DRV - [2008/01/21 04:23:23 | 00,235,064 | ---- | M] (Intel Corporation) -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV [Disabled | Stopped])
DRV - [2008/01/21 04:23:23 | 00,130,616 | ---- | M] (VIA Technologies Inc.,Ltd) -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid [Disabled | Stopped])
DRV - [2008/01/21 04:23:23 | 00,115,816 | ---- | M] (Promise Technology, Inc.) -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2 [Disabled | Stopped])
DRV - [2008/01/21 04:23:23 | 00,096,312 | ---- | M] (LSI Logic) -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI [Disabled | Stopped])
DRV - [2008/01/21 04:23:23 | 00,096,312 | ---- | M] (LSI Logic) -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC [Disabled | Stopped])
DRV - [2008/01/21 04:23:23 | 00,079,416 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\arc.sys -- (arc [Disabled | Stopped])
DRV - [2008/01/21 04:23:23 | 00,030,720 | ---- | M] (National Semiconductor Corporation) -- C:\Windows\System32\DRIVERS\nscirda.sys -- (NSCIRDA [On_Demand | Stopped])
DRV - [2008/01/21 04:23:22 | 00,342,584 | ---- | M] (Emulex) -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor [Disabled | Stopped])
DRV - [2008/01/21 04:23:22 | 00,200,704 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\System32\DRIVERS\VSTAZL3.SYS -- (HSFHWAZL [On_Demand | Stopped])
DRV - [2008/01/21 04:23:21 | 00,422,968 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx [Disabled | Stopped])
DRV - [2008/01/21 04:23:21 | 00,102,968 | ---- | M] (NVIDIA Corporation) -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid [Disabled | Stopped])
DRV - [2008/01/21 04:23:21 | 00,045,112 | ---- | M] (NVIDIA Corporation) -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor [Disabled | Stopped])
DRV - [2008/01/21 04:23:20 | 00,238,648 | ---- | M] (ULi Electronics Inc.) -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci [Disabled | Stopped])
DRV - [2008/01/21 04:23:20 | 00,179,712 | ---- | M] (Broadcom Corporation) -- C:\Windows\System32\DRIVERS\b57nd60x.sys -- (b57nd60x [On_Demand | Stopped])
DRV - [2008/01/21 04:23:00 | 00,020,024 | ---- | M] (VIA Technologies, Inc.) -- C:\Windows\system32\drivers\viaide.sys -- (viaide [Disabled | Stopped])
DRV - [2008/01/21 04:23:00 | 00,019,000 | ---- | M] (CMD Technology, Inc.) -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide [Disabled | Stopped])
DRV - [2008/01/21 04:23:00 | 00,017,464 | ---- | M] (Acer Laboratories Inc.) -- C:\Windows\system32\drivers\aliide.sys -- (aliide [Disabled | Stopped])
DRV - [2006/11/03 07:29:38 | 00,021,264 | ---- | M] (Dritek System Inc.) -- C:\Windows\System32\DRIVERS\DKbFltr.sys -- (DKbFltr [On_Demand | Running])
DRV - [2006/11/02 11:50:35 | 00,106,088 | ---- | M] (QLogic Corporation) -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx [Disabled | Stopped])
DRV - [2006/11/02 11:50:35 | 00,098,408 | ---- | M] (Promise Technology, Inc.) -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata [Disabled | Stopped])
DRV - [2006/11/02 11:50:19 | 00,045,160 | ---- | M] (IBM Corporation) -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960 [Disabled | Stopped])
DRV - [2006/11/02 11:50:17 | 00,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp [Disabled | Stopped])
DRV - [2006/11/02 11:50:11 | 00,071,272 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx [Disabled | Stopped])
DRV - [2006/11/02 11:50:09 | 00,035,944 | ---- | M] (Integrated Technology Express, Inc.) -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid [Disabled | Stopped])
DRV - [2006/11/02 11:50:07 | 00,035,944 | ---- | M] (Integrated Technology Express, Inc.) -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi [Disabled | Stopped])
DRV - [2006/11/02 11:50:05 | 00,035,944 | ---- | M] (LSI Logic) -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx [Disabled | Stopped])
DRV - [2006/11/02 11:50:03 | 00,034,920 | ---- | M] (LSI Logic) -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3 [Disabled | Stopped])
DRV - [2006/11/02 11:49:59 | 00,033,384 | ---- | M] (LSI Logic Corporation) -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x [Disabled | Stopped])
DRV - [2006/11/02 11:49:56 | 00,031,848 | ---- | M] (LSI Logic) -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi [Disabled | Stopped])
DRV - [2006/11/02 10:25:24 | 00,071,808 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\system32\drivers\brserid.sys -- (Brserid [Disabled | Stopped])
DRV - [2006/11/02 10:24:47 | 00,011,904 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer [On_Demand | Stopped])
DRV - [2006/11/02 10:24:46 | 00,005,248 | ---- | M] (Brother Industries, Ltd.) -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp [On_Demand | Stopped])
DRV - [2006/11/02 10:24:45 | 00,013,568 | ---- | M] (Brother Industries, Ltd.) -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo [On_Demand | Stopped])
DRV - [2006/11/02 10:24:44 | 00,062,336 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm [Disabled | Stopped])
DRV - [2006/11/02 10:24:44 | 00,012,160 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm [Disabled | Stopped])
DRV - [2006/11/02 09:36:50 | 00,020,608 | ---- | M] (N-trig Innovative Technologies) -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi [Disabled | Stopped])
DRV - [2006/11/02 08:37:21 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\Windows\System32\drivers\secdrv.sys -- (secdrv [Auto | Running])
DRV - [2006/06/19 07:26:58 | 00,012,672 | ---- | M] (Conexant) -- C:\Windows\System32\DRIVERS\mdmxsdk.sys -- (mdmxsdk [Auto | Running])

========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.packardbell.com/rdr.asp ... ynote_dt85
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.duxet.com/
IE - HKLM\..\URLSearchHook: {346de098-61f9-4b42-89da-6dfba7091bb6} - C:\Program Files\IMBooster4web-en\tbIMBo.dll (Conduit Ltd.)


IE - HKU\.DEFAULT\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\URLSearchHook: {0BC6E3FA-78EF-4886-842C-5A1258C4455A} - C:\Program Files\AGI\common\agcutils.dll (TODO: <Company>)

IE - HKU\S-1-5-20\..\URLSearchHook: {0BC6E3FA-78EF-4886-842C-5A1258C4455A} - C:\Program Files\AGI\common\agcutils.dll (TODO: <Company>)

IE - HKU\S-1-5-21-2166315739-917977843-1224460941-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
IE - HKU\S-1-5-21-2166315739-917977843-1224460941-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Page_Transitions = 1
IE - HKU\S-1-5-21-2166315739-917977843-1224460941-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\S-1-5-21-2166315739-917977843-1224460941-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-2166315739-917977843-1224460941-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
IE - HKU\S-1-5-21-2166315739-917977843-1224460941-1000\..\URLSearchHook: {0BC6E3FA-78EF-4886-842C-5A1258C4455A} - C:\Program Files\AGI\common\agcutils.dll (TODO: <Company>)
IE - HKU\S-1-5-21-2166315739-917977843-1224460941-1000\..\URLSearchHook: {EEE6C35D-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll (SweetIM Technologies Ltd.)
IE - HKU\S-1-5-21-2166315739-917977843-1224460941-1000\S-1-5-21-2166315739-917977843-1224460941-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

FF - HKLM\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2009/10/08 22:23:29 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\toolbar@kiwee.com: C:\Program Files\Kiwee Toolbar\2.9.201\firefox [2009/10/11 06:26:13 | 00,000,000 | ---D | M]


O1 HOSTS File: (761 bytes) - C:\Windows\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (IMBooster4web-en Toolbar) - {346de098-61f9-4b42-89da-6dfba7091bb6} - C:\Program Files\IMBooster4web-en\tbIMBo.dll (Conduit Ltd.)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\16.7.2.11\coIEPlg.dll (Symantec Corporation)
O2 - BHO: (Kiwee Toolbar) - {6638A9DE-0745-4292-8A2E-AE530E7B9B3F} - C:\Program Files\Kiwee Toolbar\2.9.201\KiweeIEToolbar.dll (AG Interactive)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\16.7.2.11\IPSBHO.DLL (Symantec Corporation)
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Iminent.BHO.NavigationError) - {84FF7BD6-B47F-46F8-9130-01B2696B36CB} - C:\Program Files\Iminent\SearchTheWeb\Iminent.BHO.NavigationError.dll (Iminent)
O2 - BHO: (Programme d'aide de l'Assistant de connexion Windows Live) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (LinkToContent Class) - {A6E9BAAF-53CD-4575-967B-2AF710A7D21F} - C:\Program Files\Iminent\IMBooster\Iminent.LinkToContent.dll (Iminent)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.1.415.1646\swg.dll (Google Inc.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O2 - BHO: (SweetIM Toolbar Helper) - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (&Google) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (IMBooster4web-en Toolbar) - {346de098-61f9-4b42-89da-6dfba7091bb6} - C:\Program Files\IMBooster4web-en\tbIMBo.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Kiwee Toolbar) - {6638A9DE-0745-4292-8A2E-AE530E7B9B3F} - C:\Program Files\Kiwee Toolbar\2.9.201\KiweeIEToolbar.dll (AG Interactive)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\16.7.2.11\coIEPlg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (SweetIM Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O3 - HKU\S-1-5-21-2166315739-917977843-1224460941-1000\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKU\S-1-5-21-2166315739-917977843-1224460941-1000\..\Toolbar\WebBrowser: (IMBooster4web-en Toolbar) - {346DE098-61F9-4B42-89DA-6DFBA7091BB6} - C:\Program Files\IMBooster4web-en\tbIMBo.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-2166315739-917977843-1224460941-1000\..\Toolbar\WebBrowser: (Kiwee Toolbar) - {6638A9DE-0745-4292-8A2E-AE530E7B9B3F} - C:\Program Files\Kiwee Toolbar\2.9.201\KiweeIEToolbar.dll (AG Interactive)
O3 - HKU\S-1-5-21-2166315739-917977843-1224460941-1000\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\16.7.2.11\coIEPlg.dll (Symantec Corporation)
O3 - HKU\S-1-5-21-2166315739-917977843-1224460941-1000\..\Toolbar\WebBrowser: (SweetIM Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O4 - HKLM..\Run: [Acer ePower Management] C:\Program Files\Packard Bell\Packard Bell PowerSave Solution\ePowerTrayLauncher.exe (Acer Incorporated)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [BackupManagerTray] C:\Program Files\NewTech Infosystems\Packard Bell MyBackup\BackupManagerTray.exe (NewTech Infosystems, Inc.)
O4 - HKLM..\Run: [Google Desktop Search] C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (Google)
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe (Intel Corporation)
O4 - HKLM..\Run: [IMBooster] C:\Program Files\Iminent\IMBooster\imbooster.exe (Iminent)
O4 - HKLM..\Run: [Iminent.Notifier] C:\Program Files\Iminent\SearchTheWeb\Iminent.Notifier.exe (Iminent)
O4 - HKLM..\Run: [KiweeHook] C:\Program Files\Kiwee Toolbar\2.9.201\kwtbaim.exe (AG Interactive)
O4 - HKLM..\Run: [LManager] C:\Program Files\Launch Manager\LManager.exe (Dritek System Inc.)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [PDVD8LanguageShortcut] c:\Program Files\CyberLink\PowerDVD8\Language\Language.exe ()
O4 - HKLM..\Run: [RemoteControl8] c:\Program Files\CyberLink\PowerDVD8\PDVD8Serv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [Skytel] C:\Program Files\Realtek\Audio\HDA\Skytel.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [SweetIM] C:\Program Files\SweetIM\Messenger\SweetIM.exe (SweetIM Technologies Ltd.)
O4 - HKLM..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics Incorporated)
O4 - HKLM..\Run: [VideoWebCamera] C:\Program Files\VideoWebCamera\VideoWebCamera.exe (Suyin)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.DLL (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.DLL (Microsoft Corporation)
O4 - HKU\S-1-5-21-2166315739-917977843-1224460941-1000..\Run: [msnmsgr] C:\Program Files\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-2166315739-917977843-1224460941-1000..\Run: [PlayNC Launcher] File not found
O4 - HKU\S-1-5-21-2166315739-917977843-1224460941-1000..\Run: [SmpcSys] C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe (Acer Incorporated)
O4 - HKU\S-1-5-21-2166315739-917977843-1224460941-1000..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.DLL (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: BindDirectlyToPropertySetStorage = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O9 - Extra Button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programmes\Microsoft Office\Office12\ONBttnIE.dll File not found
O9 - Extra 'Tools' menuitem : &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programmes\Microsoft Office\Office12\ONBttnIE.dll File not found
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programmes\Microsoft Office\Office12\REFIEBAR.DLL File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\System32\napinsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\System32\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\System32\pnrpnsp.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.microsoft.com/microsoftup ... 5217191817 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://javadl-esd.sun.com/update/1.6.0/ ... s-i586.cab (Java Plug-in 1.6.0_10)
O16 - DPF: {CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_10)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_10)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: CabBuilder http://kiw.imgag.com/imgag/kiw/toolbar/ ... ontrol.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programmes\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll File not found
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - c:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programmes\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll File not found
O18 - Protocol\Handler\symres {AA1061FE-6C41-421f-9344-69640C9732AB} - C:\Program Files\Norton Internet Security\Engine\16.7.2.11\coIEPlg.dll (Symantec Corporation)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Filter: - text/xml - C:\Programmes\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL File not found
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL) - C:\Programmes\Google\Google Desktop Search\GoogleDesktopNetwork3.dll File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 23:43:36 | 00,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\Windows\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - File not found
O35 - comfile [open] -- "%1" %* File not found
O35 - exefile [open] -- "%1" %* File not found

========== Files/Folders - Created Within 30 Days ==========

[2009/10/11 06:32:58 | 00,000,000 | -H-D | C] -- C:\ProgramData\{043AF2C6-8F13-4D97-B13C-0ECF538281D9}
[2009/10/11 06:31:18 | 00,000,000 | -H-D | C] -- C:\ProgramData\{567066F5-4167-42EB-91E3-FC7889D390C7}
[2009/10/11 06:25:36 | 00,000,000 | ---D | C] -- C:\ProgramData\AGI
[2009/10/08 20:15:41 | 00,000,000 | -HSD | C] -- C:\ProgramData\Application Data
[2009/10/08 20:15:41 | 00,000,000 | -HSD | C] -- C:\ProgramData\Bureau
[2009/10/12 08:26:49 | 00,000,000 | ---D | C] -- C:\ProgramData\CyberLink
[2009/10/08 20:15:41 | 00,000,000 | -HSD | C] -- C:\ProgramData\Documents
[2009/10/08 20:15:41 | 00,000,000 | -HSD | C] -- C:\ProgramData\Favoris
[2009/10/08 20:20:12 | 00,000,000 | ---D | C] -- C:\ProgramData\Google
[2009/10/11 06:31:37 | 00,000,000 | ---D | C] -- C:\ProgramData\Iminent
[2009/10/11 06:26:04 | 00,000,000 | ---D | C] -- C:\ProgramData\Kiwee Toolbar
[2009/10/10 13:35:05 | 00,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2009/10/08 20:15:41 | 00,000,000 | -HSD | C] -- C:\ProgramData\Menu Démarrer
[2009/10/08 20:15:41 | 00,000,000 | -HSD | C] -- C:\ProgramData\Modèles
[2009/10/08 20:15:02 | 00,000,000 | ---D | C] -- C:\ProgramData\NVIDIA
[2009/10/08 20:20:15 | 00,000,000 | ---D | C] -- C:\ProgramData\Partner
[2009/10/11 07:06:49 | 00,000,000 | ---D | C] -- C:\ProgramData\SweetIM
[2009/10/08 20:31:38 | 00,000,000 | ---D | C] -- C:\ProgramData\Temp
[2009/10/08 20:18:53 | 00,000,000 | ---D | C] -- C:\Users\Cédric\AppData\Roaming
[2009/10/12 07:39:41 | 00,000,000 | -HSD | C] -- C:\Users\Cédric\AppData\Roaming\.#
[2009/10/08 22:47:05 | 00,000,000 | ---D | C] -- C:\Users\Cédric\AppData\Roaming\Adobe
[2009/10/11 06:25:56 | 00,000,000 | ---D | C] -- C:\Users\Cédric\AppData\Roaming\agi
[2009/10/12 08:26:49 | 00,000,000 | ---D | C] -- C:\Users\Cédric\AppData\Roaming\CyberLink
[2009/10/10 13:15:34 | 00,000,000 | ---D | C] -- C:\Users\Cédric\AppData\Roaming\GetRightToGo
[2009/10/08 20:21:23 | 00,000,000 | ---D | C] -- C:\Users\Cédric\AppData\Roaming\Identities
[2009/10/08 20:26:08 | 00,000,000 | ---D | C] -- C:\Users\Cédric\AppData\Roaming\InstallShield
[2009/10/11 14:09:36 | 00,000,000 | ---D | C] -- C:\Users\Cédric\AppData\Roaming\live-player
[2009/10/08 20:28:57 | 00,000,000 | ---D | C] -- C:\Users\Cédric\AppData\Roaming\Macromedia
[2009/10/10 13:35:11 | 00,000,000 | ---D | C] -- C:\Users\Cédric\AppData\Roaming\Malwarebytes
[2009/10/08 20:18:53 | 00,000,000 | ---D | C] -- C:\Users\Cédric\AppData\Roaming\Media Center Programs
[2009/10/08 20:18:53 | 00,000,000 | --SD | C] -- C:\Users\Cédric\AppData\Roaming\Microsoft
[2009/10/08 20:39:01 | 00,000,000 | ---D | C] -- C:\Users\Cédric\AppData\Roaming\Packard Bell
[2009/10/08 20:18:53 | 00,000,000 | ---D | C] -- C:\Users\Cédric\AppData\Local
[2009/10/08 20:33:06 | 00,000,000 | ---D | C] -- C:\Users\Cédric\AppData\Local\Acer ePower Management V4
[2009/10/09 09:49:11 | 00,000,000 | ---D | C] -- C:\Users\Cédric\AppData\Local\Adobe
[2009/10/08 20:18:53 | 00,000,000 | -HSD | C] -- C:\Users\Cédric\AppData\Local\Application Data
[2009/10/10 13:18:14 | 00,000,000 | ---D | C] -- C:\Users\Cédric\AppData\Local\assembly
[2009/10/10 13:57:12 | 00,000,000 | ---D | C] -- C:\Users\Cédric\AppData\Local\DF
[2009/10/08 20:21:43 | 00,000,000 | ---D | C] -- C:\Users\Cédric\AppData\Local\Google
[2009/10/08 20:18:53 | 00,000,000 | -HSD | C] -- C:\Users\Cédric\AppData\Local\Historique
[2009/10/08 20:18:53 | 00,000,000 | ---D | C] -- C:\Users\Cédric\AppData\Local\Microsoft
[2009/10/09 10:25:17 | 00,000,000 | ---D | C] -- C:\Users\Cédric\AppData\Local\Microsoft Games
[2009/10/08 20:20:23 | 00,000,000 | ---D | C] -- C:\Users\Cédric\AppData\Local\Packard Bell
[2009/10/08 20:18:53 | 00,000,000 | ---D | C] -- C:\Users\Cédric\AppData\Local\Temp
[2009/10/08 20:18:53 | 00,000,000 | -HSD | C] -- C:\Users\Cédric\AppData\Local\Temporary Internet Files
[2009/10/08 20:18:55 | 00,000,000 | ---D | C] -- C:\Users\Cédric\AppData\Local\VirtualStore
[2009/10/08 20:32:18 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\CyberLink
[2009/10/10 13:55:04 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\INCA Shared
[2009/10/08 20:24:45 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\InstallShield
[2009/10/08 20:39:34 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Symantec Shared
[2009/10/08 20:24:32 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Wise Installation Wizard
[2009/10/08 20:24:36 | 00,000,000 | ---D | C] -- C:\Program Files\AGEIA Technologies
[2009/10/11 06:25:34 | 00,000,000 | ---D | C] -- C:\Program Files\AGI
[2009/10/11 20:05:20 | 00,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2009/10/11 06:33:44 | 00,000,000 | ---D | C] -- C:\Program Files\Conduit
[2009/10/08 20:31:55 | 00,000,000 | ---D | C] -- C:\Program Files\CyberLink
[2009/10/08 20:15:41 | 00,000,000 | -HSD | C] -- C:\Program Files\Fichiers communs
[2009/10/09 14:16:29 | 00,000,000 | ---D | C] -- C:\Program Files\Gamigo Games
[2009/10/08 20:20:02 | 00,000,000 | ---D | C] -- C:\Program Files\Google
[2009/10/11 06:33:42 | 00,000,000 | ---D | C] -- C:\Program Files\IMBooster4web-en
[2009/10/11 06:31:21 | 00,000,000 | ---D | C] -- C:\Program Files\Iminent
[2009/10/08 23:30:39 | 00,000,000 | ---D | C] -- C:\Program Files\Java
[2009/10/11 06:26:09 | 00,000,000 | ---D | C] -- C:\Program Files\Kiwee Toolbar
[2009/10/08 20:27:57 | 00,000,000 | ---D | C] -- C:\Program Files\Launch Manager
[2009/10/11 14:05:51 | 00,000,000 | ---D | C] -- C:\Program Files\Live-Player
[2009/10/10 13:35:04 | 00,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2009/10/10 11:18:56 | 00,000,000 | ---D | C] -- C:\Program Files\Microsoft
[2009/10/10 11:23:34 | 00,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2009/10/10 11:22:14 | 00,000,000 | ---D | C] -- C:\Program Files\Microsoft Sync Framework
[2009/10/10 13:17:22 | 00,000,000 | ---D | C] -- C:\Program Files\NCSoft
[2009/10/08 20:30:06 | 00,000,000 | ---D | C] -- C:\Program Files\NewTech Infosystems
[2009/10/08 20:28:31 | 00,000,000 | ---D | C] -- C:\Program Files\Nuvoton Technology Corporation
[2009/10/09 23:50:49 | 00,000,000 | ---D | C] -- C:\Program Files\PKR
[2009/10/08 20:24:48 | 00,000,000 | ---D | C] -- C:\Program Files\Realtek
[2009/10/11 07:06:49 | 00,000,000 | ---D | C] -- C:\Program Files\SweetIM
[2009/10/08 20:39:34 | 00,000,000 | ---D | C] -- C:\Program Files\Symantec
[2009/10/08 20:27:27 | 00,000,000 | ---D | C] -- C:\Program Files\Synaptics
[2009/10/08 20:24:48 | 00,000,000 | -H-D | C] -- C:\Program Files\Temp
[2009/10/08 20:26:20 | 00,000,000 | ---D | C] -- C:\Program Files\VideoWebCamera
[2009/10/12 21:50:58 | 00,521,216 | ---- | C] (OldTimer Tools) -- C:\Users\Cédric\Desktop\OTL.exe
[2009/10/12 08:27:22 | 00,000,000 | ---D | C] -- C:\Users\Cédric\Documents\CyberLink
[2009/10/11 06:31:37 | 00,000,000 | -HSD | C] -- C:\Config.Msi
[2009/10/11 06:25:44 | 02,117,632 | ---- | C] (Python Software Foundation) -- C:\Windows\System32\python25.dll
[2009/10/10 13:56:56 | 02,769,658 | ---- | C] (INCA Internet Co., Ltd.) -- C:\Windows\System32\GameMon.des
[2009/10/10 13:55:16 | 00,004,682 | ---- | C] (INCA Internet Co., Ltd.) -- C:\Windows\System32\npptNT2.sys
[2009/10/10 13:35:06 | 00,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2009/10/10 13:35:04 | 00,019,160 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2009/10/09 23:39:57 | 00,000,000 | ---D | C] -- C:\Users\Cédric\Documents\Mes fichiers reçus
[2009/10/09 19:36:53 | 00,000,000 | ---D | C] -- C:\Poker
[2009/10/09 17:06:13 | 00,000,000 | ---D | C] -- C:\GAMIGO
[2009/10/09 04:39:52 | 00,000,000 | ---D | C] -- C:\Windows\System32\oem
[2009/10/09 04:38:19 | 00,309,768 | ---- | C] (Dritek System Inc.) -- C:\Windows\UNINST32.EXE
[2009/10/09 04:38:19 | 00,021,264 | ---- | C] (Dritek System Inc.) -- C:\Windows\System32\drivers\DKbFltr.sys
[2009/10/09 04:38:16 | 03,666,432 | ---- | C] (Intel Corporation) -- C:\Windows\System32\drivers\NETw5v32.sys
[2009/10/09 04:38:16 | 02,756,608 | ---- | C] (Intel Corporation) -- C:\Windows\System32\NETw5r32.dll
[2009/10/09 04:38:16 | 00,663,552 | ---- | C] (Intel Corporation) -- C:\Windows\System32\NETw5c32.dll
[2009/10/09 04:38:01 | 01,112,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WdfCoInstaller01007.dll
[2009/10/09 04:38:01 | 00,208,304 | ---- | C] (Synaptics Incorporated) -- C:\Windows\System32\drivers\SynTP.sys
[2009/10/09 04:38:01 | 00,206,120 | ---- | C] (Synaptics Incorporated) -- C:\Windows\System32\SynCtrl.dll
[2009/10/09 04:38:01 | 00,169,256 | ---- | C] (Synaptics Incorporated) -- C:\Windows\System32\SynCOM.dll
[2009/10/09 04:38:01 | 00,161,064 | ---- | C] (Synaptics Incorporated) -- C:\Windows\System32\SynTPAPI.dll
[2009/10/09 04:38:01 | 00,120,104 | ---- | C] (Synaptics Incorporated) -- C:\Windows\System32\SynTPCo4.dll
[2009/10/09 04:37:39 | 03,155,968 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvwgf2um.dll
[2009/10/09 04:37:39 | 00,485,920 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvudisp.exe
[2009/10/09 04:37:39 | 00,457,248 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvuhda.exe
[2009/10/09 04:37:39 | 00,143,360 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcohda.dll
[2009/10/09 04:37:39 | 00,064,032 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\drivers\nvhda32v.sys
[2009/10/09 04:37:39 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nvhdap32.dll
[2009/10/09 04:37:38 | 10,387,456 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvoglv32.dll
[2009/10/09 04:37:38 | 09,786,272 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\drivers\nvlddmkm.sys
[2009/10/09 04:37:38 | 07,621,120 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvd3dum.dll
[2009/10/09 04:37:38 | 01,705,984 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcuda.dll
[2009/10/09 04:37:38 | 01,317,408 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcuvenc.dll
[2009/10/09 04:37:38 | 00,991,744 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvapi.dll
[2009/10/09 04:37:38 | 00,795,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dpinst.exe
[2009/10/09 04:37:38 | 00,678,432 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcuvid.dll
[2009/10/09 04:37:38 | 00,151,552 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcod157.dll
[2009/10/09 04:37:38 | 00,151,552 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcod.dll
[2009/10/09 04:37:38 | 00,004,224 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\drivers\nvBridge.kmd
[2009/10/09 04:37:21 | 00,020,480 | ---- | C] (Wistron Corp.) -- C:\Windows\PATCHFUL.EXE
[2009/10/09 04:37:21 | 00,000,000 | ---D | C] -- C:\Windows\Lan
[2009/10/08 23:31:09 | 00,410,976 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\deploytk.dll
[2009/10/08 23:31:09 | 00,148,888 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe
[2009/10/08 23:31:09 | 00,144,792 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe
[2009/10/08 23:31:09 | 00,144,792 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe
[2009/10/08 22:22:23 | 00,726,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll
[2009/10/08 22:06:27 | 00,000,000 | ---D | C] -- C:\Windows\System32\eu-ES
[2009/10/08 22:06:27 | 00,000,000 | ---D | C] -- C:\Windows\System32\ca-ES
[2009/10/08 22:06:26 | 00,000,000 | ---D | C] -- C:\Windows\System32\vi-VN
[2009/10/08 21:50:35 | 00,000,000 | ---D | C] -- C:\Windows\System32\EventProviders
[2009/10/08 21:49:38 | 12,240,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0007.dll
[2009/10/08 21:49:35 | 03,408,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SLsvc.exe
[2009/10/08 21:49:35 | 01,081,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SLCExt.dll
[2009/10/08 21:49:34 | 02,134,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FunctionDiscoveryFolder.dll
[2009/10/08 21:49:34 | 00,065,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DevicePairingWizard.exe
[2009/10/08 21:49:32 | 02,644,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0009.dll
[2009/10/08 21:49:30 | 01,480,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssrch.dll
[2009/10/08 21:49:29 | 01,576,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tquery.dll
[2009/10/08 21:49:29 | 00,684,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\spsys.sys
[2009/10/08 21:49:28 | 00,779,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationNative_v0300.dll
[2009/10/08 21:49:28 | 00,561,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\hdaudbus.sys
[2009/10/08 21:49:28 | 00,526,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_isv.exe
[2009/10/08 21:49:27 | 02,241,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msi.dll
[2009/10/08 21:49:27 | 00,928,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scavenge.dll
[2009/10/08 21:49:27 | 00,518,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate.exe
[2009/10/08 21:49:26 | 00,968,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wcnwiz2.dll
[2009/10/08 21:49:26 | 00,677,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imapi2fs.dll
[2009/10/08 21:49:26 | 00,558,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sysmain.dll
[2009/10/08 21:49:26 | 00,476,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_isv.dll
[2009/10/08 21:49:26 | 00,291,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WscEapPr.dll
[2009/10/08 21:49:25 | 00,619,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\icardagt.exe
[2009/10/08 21:49:24 | 01,216,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AuxiliaryDisplayCpl.dll
[2009/10/08 21:49:24 | 00,114,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EhStorShell.dll
[2009/10/08 21:49:23 | 00,978,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drmv2clt.dll
[2009/10/08 21:49:23 | 00,289,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spinstall.exe
[2009/10/08 21:49:23 | 00,112,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spreview.exe
[2009/10/08 21:49:22 | 11,584,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\shell32.dll
[2009/10/08 21:49:22 | 00,644,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\p2psvc.dll
[2009/10/08 21:49:22 | 00,472,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc.dll
[2009/10/08 21:49:22 | 00,438,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mcupdate_GenuineIntel.dll
[2009/10/08 21:49:22 | 00,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spwizui.dll
[2009/10/08 21:49:21 | 00,670,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssvp.dll
[2009/10/08 21:49:21 | 00,613,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSMPEG2VDEC.DLL
[2009/10/08 21:49:21 | 00,441,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SearchIndexer.exe
[2009/10/08 21:49:21 | 00,351,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssph.dll
[2009/10/08 21:49:21 | 00,278,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscoree.dll
[2009/10/08 21:49:21 | 00,203,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssphtb.dll
[2009/10/08 21:49:20 | 03,601,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2009/10/08 21:49:20 | 00,378,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imapi2.dll
[2009/10/08 21:49:20 | 00,324,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sdohlp.dll
[2009/10/08 21:49:19 | 01,459,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\esent.dll
[2009/10/08 21:49:19 | 00,729,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IMJP10K.DLL
[2009/10/08 21:49:19 | 00,478,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DevicePairing.dll
[2009/10/08 21:49:19 | 00,347,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp.exe
[2009/10/08 21:49:19 | 00,190,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sperror.dll
[2009/10/08 21:49:19 | 00,143,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\korwbrkr.dll
[2009/10/08 21:49:18 | 01,017,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wevtsvc.dll
[2009/10/08 21:49:18 | 00,463,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IasMigReader.exe
[2009/10/08 21:49:18 | 00,346,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp_isv.exe
[2009/10/08 21:49:18 | 00,231,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msshsq.dll
[2009/10/08 21:49:18 | 00,228,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SLC.dll
[2009/10/08 21:49:18 | 00,041,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHostProxy.dll
[2009/10/08 21:49:17 | 03,549,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2009/10/08 21:49:17 | 01,589,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msjet40.dll
[2009/10/08 21:49:17 | 01,336,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msxml6.dll
[2009/10/08 21:49:17 | 00,407,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MPSSVC.dll
[2009/10/08 21:49:16 | 01,381,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Query.dll
[2009/10/08 21:49:16 | 01,078,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\diagperf.dll
[2009/10/08 21:49:16 | 00,883,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IMJP10.IME
[2009/10/08 21:49:16 | 00,758,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qmgr.dll
[2009/10/08 21:49:16 | 00,409,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msexch40.dll
[2009/10/08 21:49:16 | 00,327,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\P2PGraph.dll
[2009/10/08 21:49:15 | 01,316,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ole32.dll
[2009/10/08 21:49:15 | 01,202,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntdll.dll
[2009/10/08 21:49:15 | 01,183,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msxml3.dll
[2009/10/08 21:49:15 | 00,986,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winload.exe
[2009/10/08 21:49:15 | 00,950,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mblctr.exe
[2009/10/08 21:49:15 | 00,428,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EncDec.dll
[2009/10/08 21:49:15 | 00,301,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\srchadmin.dll
[2009/10/08 21:49:14 | 02,092,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dfsr.exe
[2009/10/08 21:49:14 | 01,792,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mmc.exe
[2009/10/08 21:49:14 | 00,880,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RacEngn.dll
[2009/10/08 21:49:14 | 00,466,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\riched20.dll
[2009/10/08 21:49:14 | 00,454,144 | ---- | C] (Microsoft) -- C:\Windows\System32\IasMigPlugin.dll
[2009/10/08 21:49:14 | 00,203,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\uDWM.dll
[2009/10/08 21:49:14 | 00,088,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fdBth.dll
[2009/10/08 21:49:13 | 02,012,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\milcore.dll
[2009/10/08 21:49:13 | 01,112,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CertEnroll.dll
[2009/10/08 21:49:13 | 00,891,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\kernel32.dll
[2009/10/08 21:49:13 | 00,805,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NaturalLanguage6.dll
[2009/10/08 21:49:13 | 00,595,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\schedsvc.dll
[2009/10/08 21:49:13 | 00,185,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SearchProtocolHost.exe
[2009/10/08 21:49:13 | 00,160,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spoolss.dll
[2009/10/08 21:49:13 | 00,120,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EhStorAPI.dll
[2009/10/08 21:49:13 | 00,087,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SearchFilterHost.exe
[2009/10/08 21:49:12 | 00,950,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gpedit.dll
[2009/10/08 21:49:12 | 00,406,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msvcp60.dll
[2009/10/08 21:49:12 | 00,290,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msjtes40.dll
[2009/10/08 21:49:12 | 00,115,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AuxiliaryDisplayDriverLib.dll
[2009/10/08 21:49:11 | 03,217,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WinSAT.exe
[2009/10/08 21:49:11 | 00,268,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\es.dll
[2009/10/08 21:49:11 | 00,099,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\infocardapi.dll
[2009/10/08 21:49:10 | 01,083,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ntfs.sys
[2009/10/08 21:49:10 | 00,800,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\advapi32.dll
[2009/10/08 21:49:10 | 00,710,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Magnify.exe
[2009/10/08 21:49:10 | 00,282,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstext40.dll
[2009/10/08 21:49:10 | 00,167,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationSettings.exe
[2009/10/08 21:49:10 | 00,102,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AuxiliaryDisplayServices.dll
[2009/10/08 21:49:09 | 01,524,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WindowsAnytimeUpgradeCPL.dll
[2009/10/08 21:49:09 | 01,209,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\comsvcs.dll
[2009/10/08 21:49:09 | 01,077,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vssapi.dll
[2009/10/08 21:49:09 | 00,454,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msxbde40.dll
[2009/10/08 21:49:09 | 00,339,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msexcl40.dll
[2009/10/08 21:49:09 | 00,321,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMPhoto.dll
[2009/10/08 21:49:09 | 00,217,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psisrndr.ax
[2009/10/08 21:49:09 | 00,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WebClnt.dll
[2009/10/08 21:49:09 | 00,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\slwmi.dll
[2009/10/08 21:49:08 | 01,985,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\authui.dll
[2009/10/08 21:49:08 | 01,086,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NetProjW.dll
[2009/10/08 21:49:08 | 00,978,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\crypt32.dll
[2009/10/08 21:49:08 | 00,754,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\propsys.dll
[2009/10/08 21:49:08 | 00,643,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrepl40.dll
[2009/10/08 21:49:08 | 00,640,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bthprops.cpl
[2009/10/08 21:49:08 | 00,576,512 | ---- | C] (Microsoft Corporation
bouge71
 
Messages: 22
Inscription: 12 Oct 2009, 20:50

Messagede bouge71 » 12 Oct 2009, 21:40

extras :

OTL Extras logfile created on: 12/10/2009 22:10:05 - Run 1
OTL by OldTimer - Version 3.0.20.0 Folder = C:\Users\Cédric\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18813)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

2,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 99,83% Memory free
4,00 Gb Paging File | 4,00 Gb Available in Paging File | 100,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 455,99 Gb Total Space | 399,54 Gb Free Space | 87,62% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: PC-DE-CÉDRIC
Current User Name: Cédric
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.chm [@ = chm.file] -- C:\Windows\hh.exe (Microsoft Corporation)
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
chm.file [open] -- "%SystemRoot%\hh.exe" %1 (Microsoft Corporation)
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~3\Office12\ONENOTE.EXE "%L" File not found
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\NCsoft\Exteel (US)\System\Exteel.exe" = C:\Program Files\NCsoft\Exteel (US)\System\Exteel.exe:*:Enabled:Exteel -- ()

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\NCsoft\Exteel (US)\System\Exteel.exe" = C:\Program Files\NCsoft\Exteel (US)\System\Exteel.exe:*:Enabled:Exteel -- ()


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{180D1FC7-BE41-4B54-AC6D-ED906C5A65AE}" = lport=2869 | protocol=6 | dir=in | app=system |
"{936CF0A7-2B50-4275-8FC3-0559AACA5438}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{2682679E-F1B5-425E-8BDB-A88D4A3B353F}" = dir=in | app=c:\program files\cyberlink\powerdvd8\powerdvd8.exe |
"{2F817E2A-AF40-45AA-B198-E3415BBA7EFA}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{3DCE737F-C518-46B9-9923-559D7954306D}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe |
"{742332D3-7B61-4822-900A-C2F5DB9509FD}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{E0D6E7B5-14AF-4B58-A087-3B8CDE5B8849}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0214A441-A4AB-43A8-8DEF-2F73C5364673}" = Microsoft Works
"{0D06637C-6624-433C-A807-C34D45DAB184}" = SearchTheWeb
"{1C4551A6-4743-4093-91E4-1477CD655043}" = NVIDIA PhysX
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Outil de téléchargement Windows Live
"{2075CB0A-D26F-4DAA-B424-5079296B43BA}" = Windows Live FolderShare
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{23A287DB-449A-462F-BDE1-8635A61671CE}" = Kiwee Toolbar
"{26A24AE4-039D-4CA4-87B4-2F83216010FF}" = Java(TM) 6 Update 10
"{2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}" = CyberLink PowerDVD 8
"{302E9B7B-2B6A-4C29-9A02-9F2110649779}" = Nuvoton EC Generic HID Driver
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3DB0448D-AD82-4923-B305-D001E521A964}" = Packard Bell PowerSave Solution
"{3E31821C-7917-367E-938E-E65FC413EA31}" = Microsoft .NET Framework 3.5 Language Pack SP1 - fra
"{4634B21A-CC07-4396-890C-2B8168661FEA}" = Windows Live Writer
"{46ABBC54-1872-4AA3-95E2-F2C063A63F31}" = Installation Windows Live
"{4CBA3D4C-8F51-4D60-B27E-F6B641C571E7}" = Microsoft Search Enhancement Pack
"{53B20C18-D8D4-4588-8737-9BBFE303C354}" = Windows Live Movie Maker
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}" = Microsoft Office Live Add-in 1.3
"{5C1BF3AC-B19D-4C26-B0A0-90833A521036}" = Nero 8 Essentials
"{5DD76286-9BE7-4894-A990-E905E91AC818}" = Windows Live Mail
"{5F8E2CBB-949D-4175-AC98-5ADE7F6C9697}" = NCsoft Launcher
"{709817E4-5439-4206-8738-796B34B623BD}" = MetaBoli
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{72B776E5-4530-4C4B-9453-751DF87D9D93}" = Backup Manager Basic
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{770F1BEC-2871-4E70-B837-FB8525FFA3B1}" = Windows Live Messenger
"{7B15D70E-9449-4CFB-B9BC-798465B2BD5C}" = Norton Internet Security
"{7F811A54-5A09-4579-90E1-C93498E230D9}" = Packard Bell Recovery Management
"{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}" = Windows Live Call
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8C13BEE4-E7CE-4E46-BD13-8F41DAD00FEF}" = SweetIM Toolbar for Internet Explorer 3.4
"{90120000-0016-040C-0000-0000000FF1CE}" = Microsoft Office Excel MUI (French) 2007
"{90120000-0016-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-040C-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (French) 2007
"{90120000-0018-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-040C-0000-0000000FF1CE}" = Microsoft Office Word MUI (French) 2007
"{90120000-001B-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0401-0000-0000000FF1CE}" = Microsoft Office Proof (Arabic) 2007
"{90120000-001F-0401-0000-0000000FF1CE}_HOMESTUDENTR_{14809F99-C601-4D4A-9391-F1E8FAA964C5}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0413-0000-0000000FF1CE}" = Microsoft Office Proof (Dutch) 2007
"{90120000-001F-0413-0000-0000000FF1CE}_HOMESTUDENTR_{D66D5A44-E480-4BA4-B4F2-C554F6B30EBB}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-0020-040C-0000-0000000FF1CE}" = Module de compatibilité pour Microsoft Office System 2007
"{90120000-002C-040C-0000-0000000FF1CE}" = Microsoft Office Proofing (French) 2007
"{90120000-006E-040C-0000-0000000FF1CE}" = Microsoft Office Shared MUI (French) 2007
"{90120000-006E-040C-0000-0000000FF1CE}_HOMESTUDENTR_{B165D3C2-40AE-4D39-86F7-E5C87C4264C0}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-040C-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (French) 2007
"{90120000-00A1-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{95120000-00AF-040C-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (French)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9AF0B106-56F1-461B-A270-95BC1682E282}" = Broadcom Gigabit NetLink Controller
"{A77255C4-AFCB-44A3-BF0F-2091A71FFD9E}" = Video Web Camera
"{AC76BA86-7AD7-1036-7B44-A90000000001}" = Adobe Reader 9 - Français
"{B131E59D-202C-43C6-84C9-68F0C37541F1}" = Galerie de photos Windows Live
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{CC431AE0-60DC-451B-A7A9-FBBC2BE5E86F}" = LastChaosFRA
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{DBEA1034-5882-4A88-8033-81C4EF0CFA29}" = Google Toolbar for Internet Explorer
"{DC24971E-1946-445D-8A82-CE685433FA7D}" = Realtek USB 2.0 Card Reader
"{DCE8CD14-FBF5-4464-B9A4-E18E473546C7}" = Assistant de connexion Windows Live
"{E1B94435-241E-4519-B1C3-C4DD9EB352A2}" = IMBooster
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant
"{EC87E256-B0A4-4A41-8682-AB57FF21196D}" = SweetIM for Messenger 2.7
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F54AC413-D2C6-4A24-B324-370C223C6250}" = Adobe Photoshop Elements 6.0
"{F7D27C70-90F5-49B9-B188-0A133C0CE353}" = Windows Live Toolbar
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Photoshop Elements 6" = Adobe Photoshop Elements 6.0
"CCleaner" = CCleaner (remove only)
"Chilipoker" = Chilipoker
"CNXT_MODEM_HDA_HSF" = HDAUDIO Soft Data Fax Modem with SmartCP
"dtesjq" = Favorit
"Fiesta Online(EU_French)" = Fiesta Online(EU_French) 1.02.000
"Google Desktop" = Google Desktop
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"Identity Card" = Identity Card
"IMBooster" = IMBooster
"IMBooster4web-en Toolbar" = IMBooster4web-en Toolbar
"InfoCentre" = InfoCentre
"InstallShield_{2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}" = CyberLink PowerDVD 8
"InstallShield_{72B776E5-4530-4C4B-9453-751DF87D9D93}" = Packard Bell MyBackup
"LManager" = Launch Manager
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 3.5 Language Pack SP1 - fra" = Module linguistique Microsoft .NET Framework 3.5 SP1- fra
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"NIS" = Norton Internet Security
"NVIDIA Drivers" = NVIDIA Drivers
"Packard Bell Customer Registration" = Packard Bell Customer Registration
"Packard Bell Screensaver" = Packard Bell ScreenSaver
"Packard Bell Updator" = Packard Bell Updator
"PKR" = PKR
"SearchTheWeb" = SearchTheWeb
"SetUpMyPC" = SetUpMyPC
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"WinLiveSuite_Wave3" = Installation Windows Live

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-2166315739-917977843-1224460941-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"NCsoft-Exteel" = Exteel (US)

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 09/10/2009 04:19:15 | Computer Name = PC-de-Cédric | Source = SideBySide | ID = 16842785
Description = La création du contexte d’activation a échoué pour « C:\Windows\Installer\{0214A441-A4AB-43A8-8DEF-2F73C5364673}\WksWP.exe ».
Assembly
dépendant msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"
introuvable. Utilisez sxstrace.exe pour un diagnostic détaillé.

Error - 09/10/2009 04:19:46 | Computer Name = PC-de-Cédric | Source = Windows Search Service | ID = 3013
Description =

Error - 09/10/2009 04:19:46 | Computer Name = PC-de-Cédric | Source = Windows Search Service | ID = 3013
Description =

Error - 09/10/2009 08:50:00 | Computer Name = PC-de-Cédric | Source = Application Error | ID = 1000
Description = Application défaillante iexplore.exe, version 8.0.6001.18813, horodatage
0x4a6621ae, module défaillant coWPPlg.dll, version 2009.0.0.104, horodatage 0x48b77d74,
code d’exception 0xc0000005, décalage d’erreur 0x0000ee20, ID du processus 0x978,
heure de début de l’application 0x01ca48dea57a8d9a.

Error - 09/10/2009 11:05:44 | Computer Name = PC-de-Cédric | Source = VSS | ID = 8194
Description =

Error - 10/10/2009 05:06:56 | Computer Name = PC-de-Cédric | Source = WinMgmt | ID = 10
Description =

Error - 10/10/2009 05:07:56 | Computer Name = PC-de-Cédric | Source = SideBySide | ID = 16842785
Description = La création du contexte d’activation a échoué pour « C:\Windows\Installer\{0214A441-A4AB-43A8-8DEF-2F73C5364673}\wksdb.exe ».
Assembly
dépendant msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"
introuvable. Utilisez sxstrace.exe pour un diagnostic détaillé.

Error - 10/10/2009 05:07:56 | Computer Name = PC-de-Cédric | Source = SideBySide | ID = 16842785
Description = La création du contexte d’activation a échoué pour « C:\Windows\Installer\{0214A441-A4AB-43A8-8DEF-2F73C5364673}\WksCal.exe ».
Assembly
dépendant msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"
introuvable. Utilisez sxstrace.exe pour un diagnostic détaillé.

Error - 10/10/2009 05:07:56 | Computer Name = PC-de-Cédric | Source = SideBySide | ID = 16842785
Description = La création du contexte d’activation a échoué pour « C:\Windows\Installer\{0214A441-A4AB-43A8-8DEF-2F73C5364673}\wksss.exe ».
Assembly
dépendant msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"
introuvable. Utilisez sxstrace.exe pour un diagnostic détaillé.

Error - 10/10/2009 05:07:56 | Computer Name = PC-de-Cédric | Source = SideBySide | ID = 16842785
Description = La création du contexte d’activation a échoué pour « C:\Windows\Installer\{0214A441-A4AB-43A8-8DEF-2F73C5364673}\WksWP.exe ».
Assembly
dépendant msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"
introuvable. Utilisez sxstrace.exe pour un diagnostic détaillé.

[ System Events ]
Error - 08/10/2009 14:49:35 | Computer Name = PC-de-Cédric | Source = Microsoft-Windows-Servicing | ID = 4375
Description =

Error - 08/10/2009 14:49:35 | Computer Name = PC-de-Cédric | Source = Microsoft-Windows-Servicing | ID = 4385
Description =

Error - 08/10/2009 14:49:35 | Computer Name = PC-de-Cédric | Source = Microsoft-Windows-Servicing | ID = 4375
Description =

Error - 08/10/2009 14:49:35 | Computer Name = PC-de-Cédric | Source = Microsoft-Windows-Servicing | ID = 4375
Description =

Error - 08/10/2009 14:49:35 | Computer Name = PC-de-Cédric | Source = Microsoft-Windows-Servicing | ID = 4385
Description =

Error - 08/10/2009 14:49:35 | Computer Name = PC-de-Cédric | Source = Microsoft-Windows-Servicing | ID = 4375
Description =

Error - 08/10/2009 14:49:35 | Computer Name = PC-de-Cédric | Source = Microsoft-Windows-Servicing | ID = 4385
Description =

Error - 08/10/2009 14:49:35 | Computer Name = PC-de-Cédric | Source = Microsoft-Windows-Servicing | ID = 4375
Description =

Error - 08/10/2009 14:49:35 | Computer Name = PC-de-Cédric | Source = Microsoft-Windows-Servicing | ID = 4385
Description =

Error - 08/10/2009 15:04:36 | Computer Name = PC-de-Cédric | Source = BROWSER | ID = 8032
Description =


<End>
bouge71
 
Messages: 22
Inscription: 12 Oct 2009, 20:50

Messagede bouge71 » 12 Oct 2009, 21:42

Merci d'avance pour votre attention et votre patience.
bouge71
 
Messages: 22
Inscription: 12 Oct 2009, 20:50

Messagede nickW » 14 Oct 2009, 00:48

Bonsoir,


Utilisation de deux autres outils:


Étape 1: Toolbar-S&D (de la Team IDN), téléchargement
Télécharger Toolbar-S&D via un clic droit sur l'un des liens ci-dessous:
http://eric71.geekstogo.com/tools/ToolBarSD.exe
http://eric.71.mespages.googlepages.com/ToolBarSD.exe
Enregistrer le fichier sur le Bureau.


Étape 2: Désactivation des programmes de sécurité résidents
Désactiver le module résident de l'antivirus et celui de l'antispyware.
Image Norton Antivirus: clic droit sur l'icône dans la SysBarre (à coté de l'horloge), choisir "Désactiver Auto-Protect"
Image Windows Defender: Démarrer---->Tous les programmes---->Windows Defender; cliquer sur "Outils", puis sur "Options"; Sous "Options de protection en temps réel", désactiver la case à cocher "Utiliser la protection en temps réel (recommandé)", puis cliquer sur "Enregistrer"


Étape 3: Navilog1 (de IL-MAFIOSO)
Télécharger Navilog1 par un clic droit sur le lien ci-dessous:
http://pagesperso-orange.fr/il.mafioso/ ... vilog1.exe
Enregistrer le fichier sur le Bureau.

Fermer toutes les applications actives (comme traitement de texte, navigateur).
Faire un clic droit sur le fichier Navilog1.exe situé sur le Bureau et choisir "Exécuter en tant qu'Administrateur".

Suivre les indications affichées.
Sur le menu principal, choisir l'option 1 et valider.
(ne pas choisir l'option 2 sans mon avis/accord)

L'outil peut annoncer qu'il va effectuer un redémarrage du PC: Appuyer sur une touche comme demandé.
Si le PC ne redémarre pas automatiquement, lancer manuellement le redémarrage, en choisissant la session habituelle.

Attendre jusqu'au message :
*** Scan Termine le ..... ***
Appuyer sur une touche comme demandé, le Bloc-notes va s'ouvrir.
Note: Dans le Bloc-notes, vérifier dans le menu Format (en haut) que l'option "Retour automatique à la ligne" n'est pas cochée.
Enregistrer ce fichier sous le nom navi1-091013.txt
Fermer le Bloc-notes.


Étape 4: Toolbar-S&D (de la Team IDN), option 1: Recherche
Faire un double clic sur ToolBarSD.exe situé sur le Bureau pour lancer l'exécution de l'outil.

Choisir la langue en tapant F puis en appuyant sur Entrée.
Lire l'avertissement, puis cliquer sur OK.

Après l'affichage du menu, taper 1 puis faire Entrée pour rechercher les fichiers responsables de l'infection.
Lorsque la recherche est terminée, une fenêtre du Bloc-notes s'ouvre et affiche le rapport (alias log).

Fermer le Bloc-notes, ce qui termine l'exécution de l'outil.

Note:
Si le Bureau ne réapparaît pas, ouvrir le Gestionnaire des tâches en utilisant simultanément les touches CTRL+ALT+SUPP.
Cliquer en haut sur le Menu Fichier et choisir Nouvelle tâche (Exécuter...).
Dans la nouvelle fenêtre Créer une nouvelle tâche qui s'est ouverte, dans la zone Ouvrir, taper exactement explorer puis cliquer sur le bouton OK. Le Bureau va réapparaître.


Étape 5: Réactivation des programmes de sécurité résidents
Important: Réactiver le module résident de l'antivirus et celui de l'antispyware.


Étape 6: Résultat
Envoyer en réponse:
*- le rapport de Navilog1, Option 1 (contenu du fichier navi1-091013.txt)
*- le rapport de ToolBar S&D (contenu du fichier SystemDrive\TB.txt)
[SystemDrive représente la partition sur laquelle est installé le système, généralement C:]


A suivre,
nickW - Image
30/07/2012: Plus de désinfection de PC jusqu'à nouvel ordre.
Pas de demande d'analyse de log en MP (Message Privé)
Mes configs
Avatar de l’utilisateur
nickW
Modérateur
 
Messages: 21698
Inscription: 20 Mai 2004, 17:41
Localisation: Dordogne/Île de France

Messagede bouge71 » 14 Oct 2009, 18:16

Bonsoir,

Voici le fichier Navilog :


Fix Navipromo version 4.0.3 commencé le 14/10/2009 18:53:21,67

!!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!!
!!! Postez ce rapport sur le forum pour le faire analyser !!!

Outil exécuté depuis C:\Program Files\navilog1

Mise à jour le 13.10.2009 à 19h00 par IL-MAFIOSO

Microsoft® Windows Vista™ Édition Familiale Premium ( v6.0.6002 ) Service Pack 2
X86-based PC ( Multiprocessor Free : Intel(R) Core(TM)2 Duo CPU P7350 @ 2.00GHz )
BIOS : Ver 1.00PARTTBL
USER : Cédric ( Administrator )
BOOT : Normal boot




C:\ (Local Disk) - NTFS - Total:455 Go (Free:391 Go)
D:\ (CD or DVD)


Recherche executée en mode normal

Nettoyage exécuté au redémarrage de l'ordinateur


C:\Program Files\Live-Player supprimé !
c:\progra~2\micros~1\windows\startm~1\programs\Live-Player supprimé !
c:\users\cdric~1\appdata\local\virtua~1\progra~1\Live-Player supprimé !
C:\Users\C‚dric\AppData\Roaming\Live-Player supprimé !
c:\users\public\desktop\Live-Player.lnk supprimé !
C:\Users\C‚dric\AppData\Local\dtesjq.bat supprimé !


Nettoyage contenu C:\Windows\Temp effectué !
Nettoyage contenu C:\Users\CDRIC~1\AppData\Local\Temp effectué !


*** Sauvegarde du Registre vers dossier Safebackup ***

sauvegarde du Registre réalisée avec succès !

*** Nettoyage Registre ***

Nettoyage Registre Ok




*** Scan terminé 14/10/2009 18:57:38,87 ***
bouge71
 
Messages: 22
Inscription: 12 Oct 2009, 20:50

Suivante

Retourner vers Sécurité (Contamination - Décontamination)

Qui est en ligne

Utilisateurs parcourant ce forum: Aucun utilisateur enregistré et 28 invités