[OK] Demande d'analyse , Merci !

Sécurité et insécurité. Virus, Trojans, Spywares, Failles etc. …

Modérateur: Modérateurs et Modératrices

Règles du forum
Assiste.com a suspendu l'assistance à la décontamination après presque 15 ans sur l'ancien forum puis celui-ci. Voir :

Procédure de décontamination 1 - Anti-malware
Décontamination anti-malwares

Procédure de décontamination 2 - Anti-malware et antivirus (La Manip)
La Manip - Procédure standard de décontamination

Entretien périodique d'un PC sous Windows
Entretien périodique d'un PC sous Windows

Protection des navigateurs, de la navigation et de la vie privée
Protéger le navigateur, la navigation et la vie privée

Messagede trueshade » 03 Déc 2009, 20:03

Et voici celui de OTL :

OTL logfile created on: 2009-12-03 13:52:25 - Run 3
OTL by OldTimer - Version 3.1.8.0 Folder = C:\Documents and Settings\Phano\Mes documents\Téléchargements
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000C0C | Country: Canada | Language: FRC | Date Format: yyyy-MM-dd

1023,48 Mb Total Physical Memory | 591,13 Mb Available Physical Memory | 57,76% Memory free
2,40 Gb Paging File | 1,99 Gb Available in Paging File | 82,64% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 149,04 Gb Total Space | 81,89 Gb Free Space | 54,95% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: PHANO
Current User Name: Phano
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 14 Days
Output = Standard
Quick Scan

========== Processes (SafeList) ==========

PRC - [2009-11-23 20:57:25 | 00,529,920 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Phano\Mes documents\Téléchargements\OTL.exe
PRC - [2009-11-10 10:15:38 | 00,908,248 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2009-09-30 19:58:42 | 00,026,464 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Contacts\wlcomm.exe
PRC - [2009-09-19 22:39:48 | 00,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe
PRC - [2009-09-19 22:39:48 | 00,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jusched.exe
PRC - [2009-08-11 21:28:37 | 00,135,680 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\Phano\Application Data\Microsoft\Notification de cadeaux MSN\lsnfier.exe
PRC - [2009-08-05 05:17:12 | 00,204,800 | ---- | M] (DT Soft Ltd) -- C:\Program Files\DAEMON Tools Pro\DTProShellHlp.exe
PRC - [2009-07-26 16:44:34 | 03,883,856 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe
PRC - [2009-07-21 13:33:58 | 00,185,089 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2009-07-21 10:42:04 | 00,602,112 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\ati2evxx.exe
PRC - [2009-07-21 10:42:04 | 00,602,112 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\ati2evxx.exe
PRC - [2009-05-19 10:36:18 | 00,240,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
PRC - [2009-05-13 15:47:40 | 00,108,289 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2009-03-02 12:08:11 | 00,209,153 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2008-12-18 13:32:52 | 00,049,152 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
PRC - [2008-12-18 12:19:44 | 00,049,152 | ---- | M] (ATI Technologies Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
PRC - [2008-04-13 21:34:03 | 01,037,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2005-12-21 10:47:48 | 00,061,503 | ---- | M] (NVIDIA) -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
PRC - [2005-09-23 09:04:38 | 00,020,543 | ---- | M] (Apache Software Foundation) -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\Apache.exe
PRC - [2005-09-23 09:04:38 | 00,020,543 | ---- | M] (Apache Software Foundation) -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\Apache.exe
PRC - [2005-06-20 20:42:20 | 00,077,824 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\soundman.exe


========== Modules (SafeList) ==========

MOD - [2009-11-23 20:57:25 | 00,529,920 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Phano\Mes documents\Téléchargements\OTL.exe
MOD - [2008-04-13 21:33:25 | 00,185,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\framedyn.dll
MOD - [2008-04-13 21:30:54 | 01,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - File not found -- -- (Nero BackItUp Scheduler 4.0)
SRV - [2009-09-19 22:39:48 | 00,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2009-07-21 13:33:58 | 00,185,089 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2009-07-21 10:42:04 | 00,602,112 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\ati2evxx.exe -- (Ati HotKey Poller)
SRV - [2009-07-21 09:40:00 | 00,593,920 | ---- | M] () -- C:\WINDOWS\system32\ati2sgag.exe -- (ATI Smart)
SRV - [2009-05-29 16:13:20 | 00,234,864 | ---- | M] (CybelSoft) -- C:\Program Files\ma-config.com\maconfservice.exe -- (maconfservice)
SRV - [2009-05-19 10:36:18 | 00,240,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe -- (SeaPort)
SRV - [2009-05-13 15:47:40 | 00,108,289 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2008-07-29 20:10:04 | 00,046,104 | ---- | M] (Microsoft Corporation) -- c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe -- (FontCache3.0.0.0)
SRV - [2008-07-29 18:24:50 | 00,881,664 | ---- | M] (Microsoft Corporation) -- c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe -- (idsvc)
SRV - [2008-07-29 18:16:38 | 00,132,096 | ---- | M] (Microsoft Corporation) -- c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing)
SRV - [2008-07-25 10:17:02 | 00,069,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008-07-25 10:16:40 | 00,034,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe -- (aspnet_state)
SRV - [2008-04-13 21:33:38 | 00,038,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll -- (helpsvc)
SRV - [2006-11-03 08:59:14 | 00,918,016 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\WMPNetwk.exe -- (WMPNetworkSvc)
SRV - [2005-12-21 10:47:48 | 00,061,503 | ---- | M] (NVIDIA) -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe -- (nSvcLog)
SRV - [2005-09-23 09:04:38 | 00,020,543 | ---- | M] (Apache Software Foundation) -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe -- (ForcewareWebInterface)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.live.com/sphome.aspx

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Page_Transitions = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.ask.com?o=13170&l=dis
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = phano7@hotmail.com:32446

========== FireFox ==========

FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Ask.com"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "Ask.com"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "google.ca"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}:6.0.16
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.5.5
FF - prefs.js..keyword.URL: ""

FF - HKLM\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2009-09-05 10:50:00 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\jqs@sun.com: C:\Program Files\Java\jre6\lib\deploy\jqs\ff [2009-09-19 22:39:49 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.5\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2009-12-01 20:29:13 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.5\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2009-11-27 17:06:35 | 00,000,000 | ---D | M]

[2009-07-13 18:23:20 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Phano\Application Data\Mozilla\Extensions
[2009-07-13 18:23:20 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Phano\Application Data\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2009-12-02 22:21:47 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Phano\Application Data\Mozilla\Firefox\Profiles\kudw5y8w.default\extensions
[2009-09-05 14:40:40 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Phano\Application Data\Mozilla\Firefox\Profiles\kudw5y8w.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2009-12-01 18:34:38 | 00,002,255 | ---- | M] () -- C:\Documents and Settings\Phano\Application Data\Mozilla\Firefox\Profiles\kudw5y8w.default\searchplugins\askcom.xml
[2009-11-21 10:09:23 | 00,001,775 | ---- | M] () -- C:\Documents and Settings\Phano\Application Data\Mozilla\Firefox\Profiles\kudw5y8w.default\searchplugins\live-search.xml
[2009-12-02 22:21:47 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2009-11-10 10:15:42 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2009-09-19 22:39:56 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}
[2009-11-10 10:15:37 | 00,023,512 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\browserdirprovider.dll
[2009-11-10 10:15:37 | 00,137,176 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\brwsrcmp.dll
[2009-09-19 22:39:48 | 00,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeploytk.dll
[2009-11-10 10:15:40 | 00,064,984 | ---- | M] (mozilla.org) -- C:\Program Files\Mozilla Firefox\plugins\npnul32.dll
[2009-06-24 07:31:33 | 00,001,516 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazon-france.xml
[2009-06-24 07:31:33 | 00,001,822 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\cnrtl-tlfi-fr.xml
[2009-06-24 07:31:33 | 00,000,757 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-france.xml
[2009-06-24 07:31:33 | 00,002,371 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\google.xml
[2009-06-24 07:31:33 | 00,001,426 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-fr.xml
[2009-04-07 13:59:38 | 00,000,872 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\Yahooober109195656.gif
[2009-11-20 21:45:08 | 00,000,196 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\Yahooober109195656.src

O1 HOSTS File: (790 bytes) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
O2 - BHO: (Windows Live Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\ShellBrowser: (Ask Toolbar) - {FE063DB9-4EC0-403E-8DD8-394C54984B2C} - C:\Program Files\AskTBar\bar\1.bin\ASKTBAR.DLL (Ask.com)
O3 - HKCU\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [NVMixerTray] C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe (NVIDIA Corporation)
O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\soundman.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKCU..\Run: [DAEMON Tools Pro Agent] C:\Program Files\DAEMON Tools Pro\DTProAgent.exe (DT Soft Ltd)
O4 - HKCU..\Run: [DriverUpdaterPro] C:\Program Files\iXi Tools\Driver Updater Pro\DriverUpdaterPro.exe (iXi Tools)
O4 - HKCU..\Run: [msnmsgr] C:\Program Files\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation)
O4 - HKCU..\Run: [uTorrent] C:\Program Files\uTorrent\uTorrent.exe (BitTorrent, Inc.)
O4 - Startup: C:\Documents and Settings\Phano\Menu Démarrer\Programmes\Démarrage\Notification de cadeaux MSN.lnk = C:\Documents and Settings\Phano\Application Data\Microsoft\Notification de cadeaux MSN\lsnfier.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra Button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\network diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} http://messenger.zone.msn.com/Messenger ... E_UNO1.cab (UnoCtrl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_16)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zone.msn.com/binary/Me ... b56907.cab (MessengerStatsClient Class)
O16 - DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_16)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_16)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shoc ... wflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop Components:0 (Ma page d'accueil) - About:Home
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009-06-25 16:11:02 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - File not found
O35 - comfile [open] -- "%1" %* File not found
O35 - exefile [open] -- "%1" %* File not found

========== Files/Folders - Created Within 14 Days ==========

[2009-12-02 20:44:29 | 00,096,104 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avipbb.sys
[2009-12-02 20:44:29 | 00,055,656 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntflt.sys
[2009-12-02 20:44:29 | 00,045,416 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntdd.sys
[2009-12-02 20:44:29 | 00,022,360 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntmgr.sys
[2009-12-02 20:44:27 | 00,028,520 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\ssmdrv.sys
[2009-12-02 20:44:27 | 00,000,000 | ---D | C] -- C:\Program Files\Avira
[2009-12-02 20:44:27 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Avira
[2009-12-02 10:52:53 | 00,000,000 | RH-D | C] -- C:\Documents and Settings\Phano\Recent
[2009-12-01 23:43:17 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Phano\Local Settings\Application Data\SecondLife
[2009-12-01 23:43:17 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Phano\Application Data\SecondLife
[2009-12-01 23:40:50 | 00,000,000 | ---D | C] -- C:\Program Files\SecondLife
[2009-12-01 22:57:34 | 00,000,000 | ---D | C] -- C:\ToolBar SD
[2009-12-01 18:28:40 | 00,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2009-12-01 18:18:04 | 00,000,000 | ---D | C] -- C:\WINDOWS\l2schemas
[2009-12-01 18:18:04 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\fr
[2009-12-01 18:18:04 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\bits
[2009-12-01 18:16:16 | 00,000,000 | ---D | C] -- C:\WINDOWS\network diagnostic
[2009-12-01 18:14:06 | 00,000,000 | -H-D | C] -- C:\WINDOWS\$NtServicePackUninstall$
[2009-12-01 17:41:37 | 00,000,000 | ---D | C] -- C:\Program Files\eMule
[2009-12-01 17:41:22 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Phano\Application Data\BitTorrent
[2009-12-01 17:41:18 | 00,000,000 | ---D | C] -- C:\Program Files\BitTorrent
[2009-11-30 01:04:08 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Phano\Mes documents\Savage 2 - A Tortured Soul
[2009-11-30 00:58:32 | 00,000,000 | ---D | C] -- C:\Program Files\Savage 2 - A Tortured Soul
[2009-11-29 14:21:40 | 00,000,000 | ---D | C] -- C:\Program Files\GUILD WARS
[2009-11-24 14:55:48 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Phano\Application Data\dvdcss
[2009-11-24 13:48:35 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Phano\Application Data\V-Games
[2009-11-23 20:43:31 | 00,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2009-11-23 20:32:38 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Phano\Mes documents\My Received Files
[2009-11-21 11:27:51 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Phano\Application Data\vlc
[2009-11-21 11:26:46 | 00,000,000 | ---D | C] -- C:\Program Files\VideoLAN
[2009-11-21 11:14:54 | 00,000,000 | ---D | C] -- C:\Nouveau dossier
[2009-11-21 11:00:01 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Phano\Tracing
[2009-11-21 10:55:59 | 00,000,000 | ---D | C] -- C:\Program Files\Windows Live SkyDrive
[2009-11-21 10:55:31 | 00,000,000 | ---D | C] -- C:\Program Files\Windows Live
[2009-11-21 10:54:10 | 00,000,000 | ---D | C] -- C:\Program Files\Fichiers communs\Windows Live
[2009-11-21 10:31:12 | 00,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2009-11-21 10:18:47 | 00,000,000 | -H-D | C] -- C:\WINDOWS\$MSI31Uninstall_KB893803v2$
[2009-11-21 08:59:03 | 00,000,000 | ---D | C] -- C:\WINDOWS\Hidden Wonders of the Depths
[2009-11-21 08:59:03 | 00,000,000 | ---D | C] -- C:\Program Files\Hidden Wonders of the Depths
[2009-11-20 21:45:31 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Yahoo!
[2009-11-20 21:45:22 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Phano\Application Data\Yahoo!
[2009-11-20 21:45:13 | 00,000,000 | ---D | C] -- C:\Program Files\Yahoo!
[2009-11-20 21:45:08 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Oberon Media
[2009-11-20 20:32:00 | 00,000,000 | ---D | C] -- C:\Program Files\MumboJumbo
[2009-11-20 20:30:09 | 00,000,000 | ---D | C] -- C:\Program Files\PopCap Games
[8 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[2 C:\WINDOWS\System32\dllcache\*.tmp files -> C:\WINDOWS\System32\dllcache\*.tmp -> ]
[10 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 14 Days ==========

[2009-12-03 13:44:01 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009-12-03 13:44:00 | 00,002,422 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2009-12-03 13:43:59 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009-12-03 13:43:14 | 03,670,016 | -H-- | M] () -- C:\Documents and Settings\Phano\NTUSER.DAT
[2009-12-03 13:43:14 | 00,000,184 | -HS- | M] () -- C:\Documents and Settings\Phano\ntuser.ini
[2009-12-03 13:43:10 | 04,806,894 | -H-- | M] () -- C:\Documents and Settings\Phano\Local Settings\Application Data\IconCache.db
[2009-12-03 00:28:18 | 00,026,624 | ---- | M] () -- C:\Documents and Settings\Phano\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009-12-02 21:17:46 | 00,015,488 | ---- | M] () -- C:\Documents and Settings\Phano\Mes documents\TimberLake, Justin.torrent
[2009-12-02 21:16:55 | 00,016,517 | ---- | M] () -- C:\Documents and Settings\Phano\Mes documents\Swift, Taylor.torrent
[2009-12-02 21:16:37 | 00,013,059 | ---- | M] () -- C:\Documents and Settings\Phano\Mes documents\ShineDown.torrent
[2009-12-02 21:16:15 | 00,016,758 | ---- | M] () -- C:\Documents and Settings\Phano\Mes documents\Perry, Katy.torrent
[2009-12-02 21:15:16 | 00,020,702 | ---- | M] () -- C:\Documents and Settings\Phano\Mes documents\Paramore.torrent
[2009-12-02 21:14:50 | 00,016,301 | ---- | M] () -- C:\Documents and Settings\Phano\Mes documents\Nickelback.torrent
[2009-12-02 21:14:12 | 00,019,602 | ---- | M] () -- C:\Documents and Settings\Phano\Mes documents\Fergie de Black Eyed Peas.torrent
[2009-12-02 21:08:49 | 00,019,201 | ---- | M] () -- C:\Documents and Settings\Phano\Mes documents\Four Non Blondes.torrent
[2009-12-02 20:44:37 | 00,001,707 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Avira AntiVir Control Center.lnk
[2009-12-02 20:34:16 | 00,015,608 | ---- | M] () -- C:\Documents and Settings\Phano\Mes documents\Blunt, James.torrent
[2009-12-02 20:32:42 | 00,021,505 | ---- | M] () -- C:\Documents and Settings\Phano\Mes documents\Black Eyed Peas.torrent
[2009-12-02 20:31:40 | 00,025,934 | ---- | M] () -- C:\Documents and Settings\Phano\Mes documents\Backstreet Boys.torrent
[2009-12-02 20:30:59 | 00,018,674 | ---- | M] () -- C:\Documents and Settings\Phano\Mes documents\Boulay, Isabelle.torrent
[2009-12-02 20:30:22 | 00,019,197 | ---- | M] () -- C:\Documents and Settings\Phano\Mes documents\Saliva.torrent
[2009-12-02 20:27:20 | 00,016,168 | ---- | M] () -- C:\Documents and Settings\Phano\Mes documents\SHAKIRA.torrent
[2009-12-02 20:26:46 | 00,017,330 | ---- | M] () -- C:\Documents and Settings\Phano\Mes documents\RIHANNA.torrent
[2009-12-02 20:25:40 | 00,039,523 | ---- | M] () -- C:\Documents and Settings\Phano\Mes documents\Fringe.torrent
[2009-12-02 20:21:32 | 00,020,436 | ---- | M] () -- C:\Documents and Settings\Phano\Mes documents\KAIN.torrent
[2009-12-02 20:19:59 | 00,013,788 | ---- | M] () -- C:\Documents and Settings\Phano\Mes documents\MIKA.torrent
[2009-12-02 10:51:53 | 00,011,160 | ---- | M] () -- C:\Documents and Settings\Phano\Mes documents\cc_20091202_105123.reg
[2009-12-01 23:41:19 | 00,000,758 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Second Life.lnk
[2009-12-01 18:30:17 | 01,094,670 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2009-12-01 18:30:17 | 00,500,482 | ---- | M] () -- C:\WINDOWS\System32\perfh00C.dat
[2009-12-01 18:30:17 | 00,432,356 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2009-12-01 18:30:17 | 00,080,508 | ---- | M] () -- C:\WINDOWS\System32\perfc00C.dat
[2009-12-01 18:30:17 | 00,067,312 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2009-12-01 18:28:17 | 00,098,256 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009-12-01 18:16:08 | 00,252,240 | RHS- | M] () -- C:\ntldr
[2009-11-29 02:49:00 | 00,000,446 | ---- | M] () -- C:\WINDOWS\tasks\Driver Robot.job
[2009-11-24 13:48:01 | 00,001,048 | ---- | M] () -- C:\Documents and Settings\Phano\Bureau\Pogo Jeux.lnk
[2009-11-23 20:43:31 | 00,001,734 | ---- | M] () -- C:\Documents and Settings\Phano\Bureau\HijackThis.lnk
[2009-11-23 20:43:02 | 00,000,959 | ---- | M] () -- C:\Documents and Settings\Phano\Bureau\Nouveau Document au format RTF.rtf
[2009-11-21 10:31:13 | 00,001,548 | ---- | M] () -- C:\Documents and Settings\Phano\Bureau\CCleaner.lnk
[2009-11-20 20:34:32 | 00,000,041 | ---- | M] () -- C:\WINDOWS\popcinfo.dat
[8 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[2 C:\WINDOWS\System32\dllcache\*.tmp files -> C:\WINDOWS\System32\dllcache\*.tmp -> ]
[10 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2009-12-02 21:17:46 | 00,015,488 | ---- | C] () -- C:\Documents and Settings\Phano\Mes documents\TimberLake, Justin.torrent
[2009-12-02 21:16:55 | 00,016,517 | ---- | C] () -- C:\Documents and Settings\Phano\Mes documents\Swift, Taylor.torrent
[2009-12-02 21:16:37 | 00,013,059 | ---- | C] () -- C:\Documents and Settings\Phano\Mes documents\ShineDown.torrent
[2009-12-02 21:16:15 | 00,016,758 | ---- | C] () -- C:\Documents and Settings\Phano\Mes documents\Perry, Katy.torrent
[2009-12-02 21:15:16 | 00,020,702 | ---- | C] () -- C:\Documents and Settings\Phano\Mes documents\Paramore.torrent
[2009-12-02 21:14:50 | 00,016,301 | ---- | C] () -- C:\Documents and Settings\Phano\Mes documents\Nickelback.torrent
[2009-12-02 21:14:12 | 00,019,602 | ---- | C] () -- C:\Documents and Settings\Phano\Mes documents\Fergie de Black Eyed Peas.torrent
[2009-12-02 21:08:49 | 00,019,201 | ---- | C] () -- C:\Documents and Settings\Phano\Mes documents\Four Non Blondes.torrent
[2009-12-02 20:44:37 | 00,001,707 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Avira AntiVir Control Center.lnk
[2009-12-02 20:34:16 | 00,015,608 | ---- | C] () -- C:\Documents and Settings\Phano\Mes documents\Blunt, James.torrent
[2009-12-02 20:32:42 | 00,021,505 | ---- | C] () -- C:\Documents and Settings\Phano\Mes documents\Black Eyed Peas.torrent
[2009-12-02 20:31:40 | 00,025,934 | ---- | C] () -- C:\Documents and Settings\Phano\Mes documents\Backstreet Boys.torrent
[2009-12-02 20:30:59 | 00,018,674 | ---- | C] () -- C:\Documents and Settings\Phano\Mes documents\Boulay, Isabelle.torrent
[2009-12-02 20:30:22 | 00,019,197 | ---- | C] () -- C:\Documents and Settings\Phano\Mes documents\Saliva.torrent
[2009-12-02 20:27:20 | 00,016,168 | ---- | C] () -- C:\Documents and Settings\Phano\Mes documents\SHAKIRA.torrent
[2009-12-02 20:26:46 | 00,017,330 | ---- | C] () -- C:\Documents and Settings\Phano\Mes documents\RIHANNA.torrent
[2009-12-02 20:25:40 | 00,039,523 | ---- | C] () -- C:\Documents and Settings\Phano\Mes documents\Fringe.torrent
[2009-12-02 20:21:32 | 00,020,436 | ---- | C] () -- C:\Documents and Settings\Phano\Mes documents\KAIN.torrent
[2009-12-02 20:19:59 | 00,013,788 | ---- | C] () -- C:\Documents and Settings\Phano\Mes documents\MIKA.torrent
[2009-12-02 10:51:28 | 00,011,160 | ---- | C] () -- C:\Documents and Settings\Phano\Mes documents\cc_20091202_105123.reg
[2009-12-01 23:41:19 | 00,000,758 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Second Life.lnk
[2009-11-24 13:48:01 | 00,001,048 | ---- | C] () -- C:\Documents and Settings\Phano\Bureau\Pogo Jeux.lnk
[2009-11-23 20:43:31 | 00,001,734 | ---- | C] () -- C:\Documents and Settings\Phano\Bureau\HijackThis.lnk
[2009-11-23 20:42:59 | 00,000,959 | ---- | C] () -- C:\Documents and Settings\Phano\Bureau\Nouveau Document au format RTF.rtf
[2009-11-21 10:31:13 | 00,001,548 | ---- | C] () -- C:\Documents and Settings\Phano\Bureau\CCleaner.lnk
[2009-11-15 12:49:01 | 00,021,840 | ---- | C] () -- C:\WINDOWS\System32\SIntfNT.dll
[2009-11-15 12:49:01 | 00,017,212 | ---- | C] () -- C:\WINDOWS\System32\SIntf32.dll
[2009-11-15 12:49:01 | 00,012,067 | ---- | C] () -- C:\WINDOWS\System32\SIntf16.dll
[2009-11-09 12:01:09 | 00,722,416 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2009-08-31 14:01:43 | 00,278,728 | ---- | C] () -- C:\WINDOWS\System32\drivers\atksgt.sys
[2009-08-31 14:01:43 | 00,025,416 | ---- | C] () -- C:\WINDOWS\System32\drivers\lirsgt.sys
[2009-08-03 00:21:54 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll
[2009-08-03 00:21:54 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll
[2009-08-03 00:21:54 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll
[2009-08-03 00:21:54 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll
[2009-08-03 00:21:54 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll
[2009-08-03 00:21:54 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll
[2009-08-03 00:21:54 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll
[2009-08-03 00:21:52 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll
[2009-08-03 00:21:52 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll
[2009-07-21 11:56:19 | 00,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI
[2009-07-16 15:23:21 | 00,000,039 | ---- | C] () -- C:\WINDOWS\Irremote.ini
[2009-07-13 20:00:23 | 00,001,746 | ---- | C] () -- C:\WINDOWS\Language_trs.ini
[2009-07-13 17:52:38 | 00,024,576 | ---- | C] () -- C:\WINDOWS\System32\AsIO.dll
[2009-07-13 17:52:38 | 00,012,400 | ---- | C] () -- C:\WINDOWS\System32\drivers\AsIO.sys
[2009-07-11 08:40:58 | 00,000,164 | ---- | C] () -- C:\WINDOWS\avrack.ini
[2009-07-11 08:40:54 | 00,156,672 | ---- | C] () -- C:\WINDOWS\System32\RTLCPAPI.dll
[2009-07-11 08:37:36 | 00,005,810 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASACPI.sys
[2009-06-28 21:34:40 | 00,026,624 | ---- | C] () -- C:\Documents and Settings\Phano\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009-06-25 16:51:06 | 04,806,894 | -H-- | C] () -- C:\Documents and Settings\Phano\Local Settings\Application Data\IconCache.db
[2009-06-25 16:48:22 | 00,013,688 | ---- | C] () -- C:\Documents and Settings\Phano\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2009-06-25 16:47:51 | 00,000,062 | -HS- | C] () -- C:\Documents and Settings\Phano\Application Data\desktop.ini
[2009-06-25 16:11:02 | 00,000,000 | ---- | C] () -- C:\WINDOWS\control.ini
[2009-06-25 16:08:28 | 00,000,037 | ---- | C] () -- C:\WINDOWS\vbaddin.ini
[2009-06-25 16:08:28 | 00,000,036 | ---- | C] () -- C:\WINDOWS\vb.ini
[2009-06-25 16:07:38 | 00,027,768 | ---- | C] () -- C:\WINDOWS\System32\tslabels.ini
[2009-06-25 16:07:37 | 00,003,914 | ---- | C] () -- C:\WINDOWS\System32\msdtcprf.ini
[2009-06-24 07:08:06 | 01,094,670 | ---- | C] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2009-06-24 07:08:06 | 00,004,205 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2009-06-24 07:07:39 | 00,000,062 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\desktop.ini
[2006-06-29 13:58:52 | 00,030,808 | ---- | C] () -- C:\WINDOWS\Fonts\GlobalUserInterface.CompositeFont
[2006-06-29 13:53:56 | 00,026,489 | ---- | C] () -- C:\WINDOWS\Fonts\GlobalSansSerif.CompositeFont
[2006-04-18 14:39:28 | 00,029,779 | ---- | C] () -- C:\WINDOWS\Fonts\GlobalSerif.CompositeFont
[2006-04-18 14:39:28 | 00,026,040 | ---- | C] () -- C:\WINDOWS\Fonts\GlobalMonospace.CompositeFont
[2006-03-02 07:00:00 | 01,015,477 | ---- | C] () -- C:\WINDOWS\System32\esentprf.ini
[2006-03-02 07:00:00 | 00,733,696 | ---- | C] () -- C:\WINDOWS\System32\qedwipes.dll
[2006-03-02 07:00:00 | 00,355,112 | ---- | C] () -- C:\WINDOWS\System32\msjetoledb40.dll
[2006-03-02 07:00:00 | 00,270,848 | ---- | C] () -- C:\WINDOWS\System32\sbe.dll
[2006-03-02 07:00:00 | 00,253,440 | ---- | C] () -- C:\WINDOWS\System32\compatui.dll
[2006-03-02 07:00:00 | 00,199,168 | ---- | C] () -- C:\WINDOWS\System32\ir32_32.dll
[2006-03-02 07:00:00 | 00,186,880 | ---- | C] () -- C:\WINDOWS\System32\encdec.dll
[2006-03-02 07:00:00 | 00,094,282 | ---- | C] () -- C:\WINDOWS\System32\msencode.dll
[2006-03-02 07:00:00 | 00,070,656 | ---- | C] () -- C:\WINDOWS\System32\amstream.dll
[2006-03-02 07:00:00 | 00,053,478 | ---- | C] () -- C:\WINDOWS\System32\tcpmon.ini
[2006-03-02 07:00:00 | 00,042,809 | ---- | C] () -- C:\WINDOWS\System32\key01.sys
[2006-03-02 07:00:00 | 00,042,537 | ---- | C] () -- C:\WINDOWS\System32\keyboard.sys
[2006-03-02 07:00:00 | 00,035,648 | ---- | C] () -- C:\WINDOWS\System32\ntio411.sys
[2006-03-02 07:00:00 | 00,035,424 | ---- | C] () -- C:\WINDOWS\System32\ntio412.sys
[2006-03-02 07:00:00 | 00,034,560 | ---- | C] () -- C:\WINDOWS\System32\ntio804.sys
[2006-03-02 07:00:00 | 00,034,560 | ---- | C] () -- C:\WINDOWS\System32\ntio404.sys
[2006-03-02 07:00:00 | 00,034,000 | ---- | C] () -- C:\WINDOWS\System32\ntio.sys
[2006-03-02 07:00:00 | 00,029,370 | ---- | C] () -- C:\WINDOWS\System32\ntdos411.sys
[2006-03-02 07:00:00 | 00,029,274 | ---- | C] () -- C:\WINDOWS\System32\ntdos412.sys
[2006-03-02 07:00:00 | 00,029,146 | ---- | C] () -- C:\WINDOWS\System32\ntdos804.sys
[2006-03-02 07:00:00 | 00,029,146 | ---- | C] () -- C:\WINDOWS\System32\ntdos404.sys
[2006-03-02 07:00:00 | 00,027,916 | ---- | C] () -- C:\WINDOWS\System32\ntdos.sys
[2006-03-02 07:00:00 | 00,027,097 | ---- | C] () -- C:\WINDOWS\System32\country.sys
[2006-03-02 07:00:00 | 00,015,937 | ---- | C] () -- C:\WINDOWS\System32\rsvp.ini
[2006-03-02 07:00:00 | 00,015,360 | ---- | C] () -- C:\WINDOWS\System32\tsd32.dll
[2006-03-02 07:00:00 | 00,014,336 | ---- | C] () -- C:\WINDOWS\System32\msdmo.dll
[2006-03-02 07:00:00 | 00,014,073 | ---- | C] () -- C:\WINDOWS\System32\pschdprf.ini
[2006-03-02 07:00:00 | 00,013,312 | ---- | C] () -- C:\WINDOWS\System32\win87em.dll
[2006-03-02 07:00:00 | 00,009,037 | ---- | C] () -- C:\WINDOWS\System32\ansi.sys
[2006-03-02 07:00:00 | 00,006,212 | ---- | C] () -- C:\WINDOWS\System32\rasctrs.ini
[2006-03-02 07:00:00 | 00,004,912 | ---- | C] () -- C:\WINDOWS\System32\himem.sys
[2006-03-02 07:00:00 | 00,003,030 | ---- | C] () -- C:\WINDOWS\System32\perfci.ini
[2006-03-02 07:00:00 | 00,002,994 | ---- | C] () -- C:\WINDOWS\System32\perfwci.ini
[2006-03-02 07:00:00 | 00,001,405 | ---- | C] () -- C:\WINDOWS\msdfmap.ini
[2006-03-02 07:00:00 | 00,001,293 | ---- | C] () -- C:\WINDOWS\System32\perffilt.ini
[2006-03-02 07:00:00 | 00,000,507 | ---- | C] () -- C:\WINDOWS\win.ini
[2006-03-02 07:00:00 | 00,000,367 | ---- | C] () -- C:\WINDOWS\System32\prodspec.ini
[2006-03-02 07:00:00 | 00,000,231 | ---- | C] () -- C:\WINDOWS\system.ini
[2001-08-23 12:47:16 | 00,157,696 | ---- | C] () -- C:\WINDOWS\System32\paqsp.dll

========== LOP Check ==========

[2009-08-31 14:00:34 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ATI
[2009-12-02 20:44:27 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Avira
[2009-11-09 12:01:08 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Pro
[2009-06-24 07:07:39 | 00,000,062 | -HS- | M] () -- C:\Documents and Settings\All Users\Application Data\desktop.ini
[2009-11-17 16:34:11 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\InstallShield
[2009-08-31 13:51:42 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ma-config.com
[2009-09-06 09:17:10 | 00,000,000 | --SD | M] -- C:\Documents and Settings\All Users\Application Data\Microsoft
[2009-11-27 22:45:41 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Nero
[2009-11-20 21:45:08 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Oberon Media
[2009-11-12 22:07:01 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Playrix Entertainment
[2009-11-24 14:48:36 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2009-08-14 21:33:44 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
[2009-11-21 10:37:17 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Yahoo!
[2009-07-11 08:21:29 | 00,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{CC51AE54-B346-4954-ADDB-30BD4F138CF2}
[2009-07-13 19:32:43 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Phano\Application Data\Adobe
[2009-08-31 14:00:34 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Phano\Application Data\ATI
[2009-11-13 12:28:34 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Phano\Application Data\Big Fish Games
[2009-12-01 17:58:21 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Phano\Application Data\BitTorrent
[2009-11-09 12:03:43 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Phano\Application Data\DAEMON Tools Pro
[2009-06-24 07:07:39 | 00,000,062 | -HS- | M] () -- C:\Documents and Settings\Phano\Application Data\desktop.ini
[2009-11-27 18:55:39 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Phano\Application Data\dvdcss
[2009-07-22 11:02:53 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Phano\Application Data\Goto.Games
[2009-06-25 16:48:00 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Phano\Application Data\Identities
[2009-07-13 20:00:37 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Phano\Application Data\InstallShield
[2009-07-13 19:32:43 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Phano\Application Data\Macromedia
[2009-11-21 10:59:59 | 00,000,000 | --SD | M] -- C:\Documents and Settings\Phano\Application Data\Microsoft
[2009-07-13 18:23:20 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Phano\Application Data\Mozilla
[2009-07-18 16:47:38 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Phano\Application Data\Nero
[2009-11-12 23:19:13 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Phano\Application Data\Playrix Entertainment
[2009-11-12 16:13:42 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Phano\Application Data\Pogo Games
[2009-12-01 23:43:40 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Phano\Application Data\SecondLife
[2009-09-19 22:39:38 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Phano\Application Data\Sun
[2009-09-19 22:44:10 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Phano\Application Data\SystemRequirementsLab
[2009-12-03 13:50:09 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Phano\Application Data\uTorrent
[2009-11-24 13:48:35 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Phano\Application Data\V-Games
[2009-11-30 19:23:57 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Phano\Application Data\vlc
[2009-07-11 08:13:08 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Phano\Application Data\WinRAR
[2009-11-20 21:45:23 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Phano\Application Data\Yahoo!
[2006-03-02 07:00:00 | 00,000,065 | RH-- | M] () -- C:\WINDOWS\Tasks\desktop.ini
[2009-11-29 02:49:00 | 00,000,446 | ---- | M] () -- C:\WINDOWS\Tasks\Driver Robot.job
[2009-12-03 13:44:01 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\Tasks\SA.DAT

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 153 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:798A3728
@Alternate Data Stream - 150 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:861A898F
@Alternate Data Stream - 147 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:33A7CC67
@Alternate Data Stream - 146 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:D93DCF15
@Alternate Data Stream - 143 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:CFE0B346
@Alternate Data Stream - 142 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DD831FA6
@Alternate Data Stream - 139 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:41C283B2
@Alternate Data Stream - 137 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:588B60C7
@Alternate Data Stream - 135 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:9F683177
@Alternate Data Stream - 127 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:813B8EB6
@Alternate Data Stream - 116 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:65B701A9
<End>
trueshade
 
Messages: 28
Inscription: 24 Nov 2009, 02:49

Messagede nickW » 04 Déc 2009, 00:33

Bonsoir,

1/ Toolbar-S&D ne s'est pas exécuté correctement.
Nouvelle manip:

Étape 1: Contrôle des comptes utilisateurs, désactivation
Désactiver l'UAC - User Account Control - contrôle des comptes utilisateurs:
Note importante: Ne pas oublier de le réactiver après la désinfection.
Fermer toutes les fenêtres de programme ouvertes (le PC va redémarrer).

  • Démarrer ----> Panneau de Configuration
  • En mode d'affichage par défaut, cliquer sur Comptes d'utilisateurs; cliquer de nouveau sur Comptes d'utilisateurs
  • En mode d'affichage "Classique", faire un double clic sur Comptes d'utilisateurs
  • Cliquer sur Activer ou désactiver le contrôle des comptes d'utilisateurs (en bas)
  • Décocher la case située devant Utiliser le contrôle des comptes d'utilisateurs pour vous aider à protéger votre ordinateur
    Note: Si l'UAC était déjà désactivé, cliquer sur Annuler, quitter le Panneau de configuration et passer au téléchargement - pas de redémarrage requis
  • Cliquer sur OK pour valider.
  • Un message prévient que l'ordinateur doit redémarrer; cliquer sur OK. L'ordinateur doit maintenant redémarrer.



Étape 2: Désactivation des programmes de sécurité résidents
Désactiver le module résident de l'antivirus.
Image Avira Antivir: clic droit sur l'icône dans la SysBarre (à coté de l'horloge), décocher "Activer Antivir Guard/AntiVir Guard enable"


Étape 3: Toolbar-S&D (de la Team IDN) , option 2: Suppression

Impératif: Fermer toutes les fenêtres de navigateur (Internet Explorer, Firefox, Mozilla, Opera, etc).

Faire un clic droit sur ToolBarSD.exe situé sur le Bureau puis choisir "Exécuter en tant qu'Administrateur" pour lancer l'exécution de l'outil.

Choisir la langue en tapant F puis en appuyant sur Entrée.
Lire l'avertissement, puis cliquer sur OK.

Après l'affichage du menu, taper 2 puis faire Entrée pour supprimer les fichiers responsables de l'infection.

Ne pas fermer la fenêtre pendant la suppression des fichiers!

Lorsque la suppression est terminée, une fenêtre du Bloc-notes s'ouvre et affiche le rapport (alias log).

Fermer le Bloc-notes, ce qui termine l'exécution de l'outil.

Note:
Si le Bureau ne réapparaît pas, ouvrir le Gestionnaire des tâches en utilisant simultanément les touches CTRL+ALT+SUPP.
Cliquer en haut sur le Menu Fichier et choisir Nouvelle tâche (Exécuter...).
Dans la nouvelle fenêtre Créer une nouvelle tâche qui s'est ouverte, dans la zone Ouvrir, taper exactement explorer puis cliquer sur le bouton OK. Le Bureau va réapparaître.


Étape 4: Réactivation des programmes de sécurité résidents
Important: Réactiver le module résident de l'antivirus et celui de l'antispyware.


Étape 5: Contrôle des comptes utilisateurs, réactivation
Réactiver le contrôle des comptes utilisateurs (UAC-User Account Control).


2/ As-tu vérifié les paramètres de connexion d'Internet Explorer?
Un des paramètres le force à utiliser un proxy, élément qu'on ne retrouve pas dans les paramètres de Firefox.
Voir dans Outils---->Options Internet...---->Connexions---->Paramètres réseau


A suivre,
nickW - Image
30/07/2012: Plus de désinfection de PC jusqu'à nouvel ordre.
Pas de demande d'analyse de log en MP (Message Privé)
Mes configs
Avatar de l’utilisateur
nickW
Modérateur
 
Messages: 21698
Inscription: 20 Mai 2004, 17:41
Localisation: Dordogne/Île de France

Messagede trueshade » 04 Déc 2009, 16:55

Bonjours, en se qui concerne Désactiver l'UAC, sa ne marche pas, je ne voit pas comment faire, es-que sa marche que pour vista ? Car j'ai Window XP..

Et j'ai régler le problème de IE , j'ai décocher le proxy et sa régler le problème de IE et en plus , de Window live messenger ..

Donc mes problèmes primaires son régler grâce a vous, mais si vous voyer d'autre problème concernant mon ordinateur faite moi le savoir.

Merci !
trueshade
 
Messages: 28
Inscription: 24 Nov 2009, 02:49

Messagede nickW » 06 Déc 2009, 01:45

Bonsoir,

1/ OTL a été mis à jour.
Peux-tu télécharger la nouvelle version, qui devra remplacer l'ancienne dans le dossier C:\Documents and Settings\Phano\Mes documents\Téléchargements
Lien: http://oldtimer.geekstogo.com/OTL.exe


2/ Oups!
Je t'ai donné les instructions pour les systèmes Vista.

Peux-tu faire ceci:

Note: Ces manips doivent être effectuées en ayant ouvert une session avec les "droits Administrateur" (ne pas utiliser le profil utilisateur nommé "Administrateur" visible en mode sans échec)

Je te conseille d'imprimer la procédure, ou d'en sélectionner toutes les lignes puis de copier cette sélection dans un fichier texte sur ton PC (Note: tu n'auras pas accès à Internet ni aux navigateurs).


Étape 1: Mode sans échec
Faire redémarrer le PC en mode sans échec en utilisant la méthode F8 (F5 sur certains PCs). Impératif: ne pas utiliser la méthode "msconfig"!
Voir http://assiste.com.free.fr/p/comment/co ... echec.html
Fermer le plus possible de fenêtres.
Pas de connexion Internet ouverte, pas d'Internet Explorer ouvert.


Étape 2: Toolbar-S&D (de la Team IDN) , option 2: Suppression

Impératif: Fermer toutes les fenêtres de navigateur (Internet Explorer, Firefox, Mozilla, Opera, etc).

Faire un double clic sur ToolBarSD.exe situé sur le Bureau pour lancer l'exécution de l'outil.

Choisir la langue en tapant F puis en appuyant sur Entrée.
Lire l'avertissement, puis cliquer sur OK.

Après l'affichage du menu, taper 2 puis faire Entrée pour supprimer les fichiers responsables de l'infection.

Ne pas fermer la fenêtre pendant la suppression des fichiers!

Lorsque la suppression est terminée, une fenêtre du Bloc-notes s'ouvre et affiche le rapport (alias log).

Fermer le Bloc-notes, ce qui termine l'exécution de l'outil.

Note:
Si le Bureau ne réapparaît pas, ouvrir le Gestionnaire des tâches en utilisant simultanément les touches CTRL+ALT+SUPP.
Cliquer en haut sur le Menu Fichier et choisir Nouvelle tâche (Exécuter...).
Dans la nouvelle fenêtre Créer une nouvelle tâche qui s'est ouverte, dans la zone Ouvrir, taper exactement explorer puis cliquer sur le bouton OK. Le Bureau va réapparaître.


Étape 3: Redémarrage
Faire redémarrer le PC en mode normal.


Étape 4: OTL (de OldTimer), analyse
Fermer toutes les fenêtres de programme ouvertes.

Faire un double clic sur OTL.exe pour lancer l'outil.

L'écran principal de OTL s'affiche:
Image

Cocher (en haut) la case située devant Scan All Users:
Image

Puis cliquer sur le bouton Run Scan:
Image

Laisser l'outil travailler sans l'interrompre.
Lorsque l'outil a terminé, il y a ouverture d'une fenêtre du Bloc-notes contenant un rapport (log).
Fermer le Bloc-notes.
Fermer la fenêtre de OTL.


Étape 5: Résultats
Envoyer en réponse:
*- le rapport de Toolbar S&D (contenu du fichier SystemDrive\TB.txt)
[SystemDrive représente la partition sur laquelle est installé le système, généralement C:]

Envoyer ensuite en réponse dans un message distinct (à cause de la longueur du log):
*- le rapport principal de OTL (contenu du fichier OTL.Txt situé sur le Bureau).
Le rapport envoyé sur le forum doit se terminer par une ligne contenant <End>. Si ce n'est pas le cas, il est incomplet, et doit alors être découpé en plusieurs messages.


Note importante: Pour l'envoi de ta(tes) réponse(s), il ne faut pas créer un nouveau sujet, mais cliquer sur le bouton "Répondre"
Image pour continuer dans ce fil de discussion.



3/
Et j'ai régler le problème de IE , j'ai décocher le proxy et sa régler le problème de IE et en plus , de Window live messenger ..

Parfait! Image
Peut-être pourrais-tu ré-essayer d'installer IE8?

A suivre,
nickW - Image
30/07/2012: Plus de désinfection de PC jusqu'à nouvel ordre.
Pas de demande d'analyse de log en MP (Message Privé)
Mes configs
Avatar de l’utilisateur
nickW
Modérateur
 
Messages: 21698
Inscription: 20 Mai 2004, 17:41
Localisation: Dordogne/Île de France

Messagede trueshade » 06 Déc 2009, 17:33

Voila le raport TB :


-----------\\ ToolBar S&D 1.2.9 XP/Vista

Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
X86-based PC ( Uniprocessor Free : AMD Athlon(tm) 64 Processor 3200+ )
BIOS : Phoenix - AwardBIOS v6.00PG
USER : Phano ( Administrator )
BOOT : Fail-safe boot
Antivirus : AntiVir Desktop 9.0.1.32 (Activated)
A:\ (USB)
C:\ (Local Disk) - NTFS - Total:149 Go (Free:70 Go)
D:\ (CD or DVD)
E:\ (CD or DVD)

"C:\ToolBar SD" ( MAJ : 22-08-2009|18:42 )
Option : [2] ( 2009-12-06|11:10 )

-----------\\ SUPPRESSION

Supprime! - C:\Program Files\AskTBar\bar
Supprime! - C:\Program Files\AskTBar\SrchAstt
Supprime! - C:\Program Files\AskTBar

-----------\\ Recherche de Fichiers / Dossiers ...

C:\WINDOWS\Prefetch\DAEMON TOOLS TOOLBAR.EXE-07E899DD.pf

-----------\\ Extensions

(Phano) - {20a82645-c095-46ed-80e3-08825760534b} => chrome_user


-----------\\ [..\Internet Explorer\Main]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Local Page"="C:\\WINDOWS\\system32\\blank.htm"
"Start Page"="http://www.ask.com/?o=13170&l=dis"
"Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"Url"="http://go.microsoft.com/fwlink/?LinkId=68929"
"Url"="http://go.microsoft.com/fwlink/?LinkId=68928"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome"
"Default_Search_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"Start Page"="http://www.msn.com/"
"Search Bar"="http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm"


--------------------\\ Recherche d'autres infections

--------------------\\ Cracks & Keygens ..

1 - "C:\ToolBar SD\TB_1.txt" - 2009-12-01|22:58 - Option : [1]
2 - "C:\ToolBar SD\TB_2.txt" - 2009-12-02|20:39 - Option : [2]
3 - "C:\ToolBar SD\TB_3.txt" - 2009-12-06|11:11 - Option : [2]

-----------\\ Fin du rapport a 11:11:31,85
trueshade
 
Messages: 28
Inscription: 24 Nov 2009, 02:49

Messagede trueshade » 06 Déc 2009, 17:34

Et celui OTL :

OTL logfile created on: 2009-12-06 11:14:27 - Run 4
OTL by OldTimer - Version 3.1.11.7 Folder = C:\Documents and Settings\Phano\Mes documents\Téléchargements
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000C0C | Country: Canada | Language: FRC | Date Format: yyyy-MM-dd

1023,48 Mb Total Physical Memory | 646,96 Mb Available Physical Memory | 63,21% Memory free
2,40 Gb Paging File | 2,04 Gb Available in Paging File | 85,05% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 149,04 Gb Total Space | 70,48 Gb Free Space | 47,29% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: PHANO
Current User Name: Phano
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2009-12-06 11:03:29 | 00,536,576 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Phano\Mes documents\Téléchargements\OTL(2).exe
PRC - [2009-12-04 10:08:27 | 00,289,584 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files\uTorrent\uTorrent.exe
PRC - [2009-10-30 06:57:08 | 00,369,200 | ---- | M] (DT Soft Ltd) -- C:\Program Files\DAEMON Tools Lite\DTLite.exe
PRC - [2009-10-03 04:08:38 | 00,035,696 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Adobe\Reader 9.0\Reader\reader_sl.exe
PRC - [2009-09-19 22:39:48 | 00,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe
PRC - [2009-09-19 22:39:48 | 00,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jusched.exe
PRC - [2009-08-11 21:28:37 | 00,135,680 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\Phano\Application Data\Microsoft\Notification de cadeaux MSN\lsnfier.exe
PRC - [2009-07-21 13:33:58 | 00,185,089 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2009-07-21 10:42:04 | 00,602,112 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\ati2evxx.exe
PRC - [2009-05-19 10:36:18 | 00,240,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
PRC - [2009-05-13 15:47:40 | 00,108,289 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2009-03-02 12:08:11 | 00,209,153 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2008-12-18 13:32:52 | 00,049,152 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
PRC - [2008-12-18 12:19:44 | 00,049,152 | ---- | M] (ATI Technologies Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
PRC - [2008-04-13 21:34:03 | 01,037,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2005-12-21 10:47:48 | 00,061,503 | ---- | M] (NVIDIA) -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
PRC - [2005-09-23 09:04:38 | 00,020,543 | ---- | M] (Apache Software Foundation) -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\Apache.exe
PRC - [2005-06-20 20:42:20 | 00,077,824 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\soundman.exe


========== Modules (SafeList) ==========

MOD - [2009-12-06 11:03:29 | 00,536,576 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Phano\Mes documents\Téléchargements\OTL(2).exe


========== Win32 Services (SafeList) ==========

SRV - File not found -- -- (Nero BackItUp Scheduler 4.0)
SRV - [2009-09-19 22:39:48 | 00,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2009-07-21 13:33:58 | 00,185,089 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2009-07-21 10:42:04 | 00,602,112 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\ati2evxx.exe -- (Ati HotKey Poller)
SRV - [2009-07-21 09:40:00 | 00,593,920 | ---- | M] () -- C:\WINDOWS\system32\ati2sgag.exe -- (ATI Smart)
SRV - [2009-05-29 16:13:20 | 00,234,864 | ---- | M] (CybelSoft) -- C:\Program Files\ma-config.com\maconfservice.exe -- (maconfservice)
SRV - [2009-05-19 10:36:18 | 00,240,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe -- (SeaPort)
SRV - [2009-05-13 15:47:40 | 00,108,289 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2005-12-21 10:47:48 | 00,061,503 | ---- | M] (NVIDIA) -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe -- (nSvcLog)
SRV - [2005-09-23 09:04:38 | 00,020,543 | ---- | M] (Apache Software Foundation) -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe -- (ForcewareWebInterface)


========== Driver Services (SafeList) ==========

DRV - [2009-12-04 23:22:24 | 00,691,696 | ---- | M] () -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2009-08-31 14:01:43 | 00,278,728 | ---- | M] () -- C:\WINDOWS\system32\drivers\atksgt.sys -- (atksgt)
DRV - [2009-08-31 14:01:43 | 00,025,416 | ---- | M] () -- C:\WINDOWS\system32\drivers\lirsgt.sys -- (lirsgt)
DRV - [2009-07-28 15:33:15 | 00,055,656 | ---- | M] (Avira GmbH) -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2009-07-21 11:30:48 | 03,565,056 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2009-05-29 16:16:48 | 00,014,336 | ---- | M] (CybelSoft) -- C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys -- (driverhardwarev2)
DRV - [2009-05-11 09:11:52 | 00,028,520 | ---- | M] (Avira GmbH) -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2009-03-30 09:32:47 | 00,096,104 | ---- | M] (Avira GmbH) -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)
DRV - [2009-02-13 11:34:33 | 00,011,608 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys -- (avgio)
DRV - [2008-04-13 13:45:29 | 00,010,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum)
DRV - [2008-04-13 13:45:12 | 00,060,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\usbaudio.sys -- (usbaudio) Pilote USB audio (WDM)
DRV - [2008-04-13 11:39:15 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\WINDOWS\system32\drivers\secdrv.sys -- (Secdrv)
DRV - [2007-12-17 16:14:06 | 00,012,400 | ---- | M] () -- C:\WINDOWS\system32\drivers\AsIO.sys -- (AsIO)
DRV - [2006-07-14 13:55:34 | 00,105,088 | R--- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\DRIVERS\nvata.sys -- (nvata)
DRV - [2006-07-01 21:42:58 | 00,043,520 | ---- | M] (Advanced Micro Devices) -- C:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8)
DRV - [2006-04-14 19:09:06 | 00,013,056 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus)
DRV - [2006-04-14 19:09:04 | 00,034,176 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD)
DRV - [2006-03-02 07:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) -- C:\WINDOWS\system32\drivers\ptilink.sys -- (Ptilink)
DRV - [2006-03-02 07:00:00 | 00,005,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\rootmdm.sys -- (ROOTMODEM)
DRV - [2005-07-26 06:01:56 | 00,415,360 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\drivers\nvapu.sys -- (nvnforce) Service for NVIDIA(R) nForce(TM)
DRV - [2005-07-26 05:58:30 | 00,053,376 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\drivers\nvax.sys -- (nvax) Service for NVIDIA(R) nForce(TM)
DRV - [2005-06-20 21:08:44 | 02,324,480 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS -- (ALCXWDM) Service for Realtek AC97 Audio (WDM)
DRV - [2004-08-14 01:56:20 | 00,005,810 | ---- | M] () -- C:\WINDOWS\system32\drivers\ASACPI.sys -- (MTsensor)
DRV - [2001-08-17 17:00:04 | 00,002,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\msmpu401.sys -- (ms_mpu401)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.live.com/sphome.aspx


IE - HKU\.DEFAULT\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-1606980848-73586283-725345543-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.ask.com/?o=13170&l=dis
IE - HKU\S-1-5-21-1606980848-73586283-725345543-1004\S-1-5-21-1606980848-73586283-725345543-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1606980848-73586283-725345543-1004\S-1-5-21-1606980848-73586283-725345543-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = phano7@hotmail.com:32446

========== FireFox ==========

FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Ask.com"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "Ask.com"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "google.ca"
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..keyword.URL: ""

FF - HKLM\software\mozilla\Mozilla Firefox 3.5.5\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2009-12-01 20:29:13 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.5\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2009-12-03 21:46:26 | 00,000,000 | ---D | M]

[2009-07-13 18:23:20 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Phano\Application Data\Mozilla\Extensions
[2009-12-05 23:11:13 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Phano\Application Data\Mozilla\Firefox\Profiles\kudw5y8w.default\extensions
[2009-12-01 18:34:38 | 00,002,255 | ---- | M] () -- C:\Documents and Settings\Phano\Application Data\Mozilla\Firefox\Profiles\kudw5y8w.default\searchplugins\askcom.xml
[2009-11-21 10:09:23 | 00,001,775 | ---- | M] () -- C:\Documents and Settings\Phano\Application Data\Mozilla\Firefox\Profiles\kudw5y8w.default\searchplugins\live-search.xml
[2009-12-05 23:11:13 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2009-06-24 07:31:33 | 00,001,516 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazon-france.xml
[2009-06-24 07:31:33 | 00,001,822 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\cnrtl-tlfi-fr.xml
[2009-06-24 07:31:33 | 00,000,757 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-france.xml
[2009-06-24 07:31:33 | 00,001,426 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-fr.xml
[2009-04-07 13:59:38 | 00,000,872 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\Yahooober109195656.gif
[2009-11-20 21:45:08 | 00,000,196 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\Yahooober109195656.src

O1 HOSTS File: (790 bytes) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
O2 - BHO: (Windows Live Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKU\S-1-5-21-1606980848-73586283-725345543-1004\..\Toolbar\ShellBrowser: (Ask Toolbar) - {FE063DB9-4EC0-403E-8DD8-394C54984B2C} - C:\Program Files\AskTBar\bar\1.bin\ASKTBAR.DLL File not found
O3 - HKU\S-1-5-21-1606980848-73586283-725345543-1004\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O4 - HKLM..\Run: [Adobe ARM] C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [NVMixerTray] C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe (NVIDIA Corporation)
O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\soundman.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKU\S-1-5-21-1606980848-73586283-725345543-1004..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-1606980848-73586283-725345543-1004..\Run: [DriverUpdaterPro] C:\Program Files\iXi Tools\Driver Updater Pro\DriverUpdaterPro.exe (iXi Tools)
O4 - HKU\S-1-5-21-1606980848-73586283-725345543-1004..\Run: [uTorrent] C:\Program Files\uTorrent\uTorrent.exe (BitTorrent, Inc.)
O4 - Startup: C:\Documents and Settings\Phano\Menu Démarrer\Programmes\Démarrage\Notification de cadeaux MSN.lnk = C:\Documents and Settings\Phano\Application Data\Microsoft\Notification de cadeaux MSN\lsnfier.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1606980848-73586283-725345543-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra Button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} http://messenger.zone.msn.com/Messenger ... E_UNO1.cab (UnoCtrl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_16)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zone.msn.com/binary/Me ... b56907.cab (MessengerStatsClient Class)
O16 - DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_16)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_16)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shoc ... wflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop Components:0 (Ma page d'accueil) - About:Home
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009-06-25 16:11:02 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - comfile [open] -- "%1" %*
O35 - exefile [open] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2009-12-04 23:40:16 | 00,000,000 | RH-D | C] -- C:\Documents and Settings\Phano\Recent
[2009-12-04 23:27:57 | 00,000,000 | ---D | C] -- C:\Program Files\Microsoft Games
[2009-12-04 23:22:20 | 00,000,000 | ---D | C] -- C:\Program Files\DAEMON Tools Lite
[2009-12-04 23:22:05 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Phano\Application Data\DAEMON Tools Lite
[2009-12-04 23:21:39 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Lite
[2009-12-04 13:12:16 | 00,000,000 | ---D | C] -- C:\Soldat
[2009-12-04 13:12:16 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Phano\Application Data\Soldat
[2009-12-04 10:07:20 | 00,180,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\scrobj.dll
[2009-12-04 10:07:20 | 00,172,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\scrrun.dll
[2009-12-04 10:07:20 | 00,155,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wscript.exe
[2009-12-04 10:07:20 | 00,135,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wshom.ocx
[2009-12-04 10:07:20 | 00,135,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cscript.exe
[2009-12-04 10:07:20 | 00,090,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wshext.dll
[2009-12-03 21:50:45 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Phano\Local Settings\Application Data\Adobe
[2009-12-03 21:46:15 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Adobe
[2009-12-03 21:46:01 | 00,000,000 | ---D | C] -- C:\Program Files\Fichiers communs\Adobe
[2009-12-03 21:46:01 | 00,000,000 | ---D | C] -- C:\Program Files\Adobe
[2009-12-03 14:15:13 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Phano\Bureau\Sebast
[2009-12-02 20:44:29 | 00,096,104 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avipbb.sys
[2009-12-02 20:44:29 | 00,055,656 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntflt.sys
[2009-12-02 20:44:29 | 00,045,416 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntdd.sys
[2009-12-02 20:44:29 | 00,022,360 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntmgr.sys
[2009-12-02 20:44:27 | 00,028,520 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\ssmdrv.sys
[2009-12-02 20:44:27 | 00,000,000 | ---D | C] -- C:\Program Files\Avira
[2009-12-02 20:44:27 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Avira
[2009-12-01 23:43:17 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Phano\Local Settings\Application Data\SecondLife
[2009-12-01 23:43:17 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Phano\Application Data\SecondLife
[2009-12-01 23:40:50 | 00,000,000 | ---D | C] -- C:\Program Files\SecondLife
[2009-12-01 22:57:34 | 00,000,000 | ---D | C] -- C:\ToolBar SD
[2009-12-01 18:28:40 | 00,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2009-12-01 18:18:04 | 00,000,000 | ---D | C] -- C:\WINDOWS\l2schemas
[2009-12-01 18:18:04 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\fr
[2009-12-01 18:18:04 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\bits
[2009-12-01 18:16:16 | 00,000,000 | ---D | C] -- C:\WINDOWS\network diagnostic
[2009-12-01 18:14:06 | 00,000,000 | -H-D | C] -- C:\WINDOWS\$NtServicePackUninstall$
[2009-12-01 17:41:37 | 00,000,000 | ---D | C] -- C:\Program Files\eMule
[2009-12-01 17:41:22 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Phano\Application Data\BitTorrent
[2009-12-01 17:41:18 | 00,000,000 | ---D | C] -- C:\Program Files\BitTorrent
[2009-11-30 01:04:08 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Phano\Mes documents\Savage 2 - A Tortured Soul
[2009-11-30 01:00:39 | 00,266,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_8.dll
[2009-11-30 01:00:39 | 00,018,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\x3daudio1_2.dll
[2009-11-30 01:00:38 | 01,124,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_34.dll
[2009-11-30 01:00:38 | 00,443,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_34.dll
[2009-11-30 01:00:37 | 03,497,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_34.dll
[2009-11-30 01:00:30 | 00,081,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xinput1_3.dll
[2009-11-30 01:00:25 | 00,261,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_7.dll
[2009-11-30 01:00:24 | 01,123,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_33.dll
[2009-11-30 01:00:24 | 00,443,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_33.dll
[2009-11-30 01:00:19 | 03,495,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_33.dll
[2009-11-30 01:00:19 | 00,255,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_6.dll
[2009-11-30 01:00:18 | 00,251,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_5.dll
[2009-11-30 01:00:15 | 02,414,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_31.dll
[2009-11-30 01:00:15 | 00,237,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_4.dll
[2009-11-30 01:00:15 | 00,015,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\x3daudio1_1.dll
[2009-11-30 01:00:14 | 00,236,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_3.dll
[2009-11-30 01:00:14 | 00,062,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xinput1_2.dll
[2009-11-30 00:58:32 | 00,000,000 | ---D | C] -- C:\Program Files\Savage 2 - A Tortured Soul
[2009-11-29 14:21:40 | 00,000,000 | ---D | C] -- C:\Program Files\GUILD WARS
[2009-11-24 14:55:48 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Phano\Application Data\dvdcss
[2009-11-24 13:48:35 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Phano\Application Data\V-Games
[2009-11-23 20:43:31 | 00,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2009-11-23 20:32:38 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Phano\Mes documents\My Received Files
[2009-11-21 11:27:51 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Phano\Application Data\vlc
[2009-11-21 11:26:46 | 00,000,000 | ---D | C] -- C:\Program Files\VideoLAN
[2009-11-21 11:14:54 | 00,000,000 | ---D | C] -- C:\Nouveau dossier
[2009-11-21 11:00:01 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Phano\Tracing
[2009-11-21 10:55:59 | 00,000,000 | ---D | C] -- C:\Program Files\Windows Live SkyDrive
[2009-11-21 10:55:31 | 00,000,000 | ---D | C] -- C:\Program Files\Windows Live
[2009-11-21 10:54:10 | 00,000,000 | ---D | C] -- C:\Program Files\Fichiers communs\Windows Live
[2009-11-21 10:31:12 | 00,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2009-11-21 10:18:47 | 00,000,000 | -H-D | C] -- C:\WINDOWS\$MSI31Uninstall_KB893803v2$
[2009-11-21 08:59:03 | 00,000,000 | ---D | C] -- C:\WINDOWS\Hidden Wonders of the Depths
[2009-11-21 08:59:03 | 00,000,000 | ---D | C] -- C:\Program Files\Hidden Wonders of the Depths
[2009-11-20 21:45:31 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Yahoo!
[2009-11-20 21:45:22 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Phano\Application Data\Yahoo!
[2009-11-20 21:45:13 | 00,000,000 | ---D | C] -- C:\Program Files\Yahoo!
[2009-11-20 21:45:08 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Oberon Media
[2009-11-20 20:32:00 | 00,000,000 | ---D | C] -- C:\Program Files\MumboJumbo
[2009-11-20 20:30:09 | 00,000,000 | ---D | C] -- C:\Program Files\PopCap Games
[2009-11-19 13:02:09 | 00,000,000 | ---D | C] -- C:\Program Files\Hero Editor
[2009-11-19 13:02:06 | 00,249,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\Setup1.exe
[2009-11-19 13:02:04 | 00,073,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\ST6UNST.EXE
[2009-11-18 19:31:16 | 00,000,000 | R--D | C] -- C:\Documents and Settings\Phano\Bureau\Minie Serie
[2009-11-17 17:49:20 | 01,689,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\6bd83c0.dll
[2009-11-17 17:49:20 | 00,082,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\8042bc5.dll
[2009-11-17 17:49:20 | 00,082,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\10dce7a0.dll
[2009-11-17 17:49:19 | 01,689,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\2e5fcdcb.dll
[2009-11-17 16:34:11 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\InstallShield
[2009-11-17 16:25:55 | 00,000,000 | ---D | C] -- C:\Program Files\gPotato.eu
[2009-11-15 12:38:33 | 00,102,400 | ---- | C] (Blizzard Entertainment) -- C:\WINDOWS\DIIUnin.exe
[2009-11-15 12:29:37 | 00,000,000 | ---D | C] -- C:\Program Files\Diablo II
[2009-11-13 22:53:00 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Phano\Local Settings\Application Data\Plan It Green Files
[2009-11-13 21:08:54 | 00,000,000 | ---D | C] -- C:\WINDOWS\ie8updates
[2009-11-13 12:28:34 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Phano\Application Data\Big Fish Games
[2009-11-13 09:41:07 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Phano\Saved Games
[2009-11-13 09:41:07 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Phano\Local Settings\Application Data\Oberon Games
[2009-11-13 00:23:17 | 00,000,000 | R--D | C] -- C:\Documents and Settings\Phano\Bureau\Jeux
[2009-11-12 23:19:13 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Phano\Application Data\Playrix Entertainment
[2009-11-12 23:18:12 | 00,000,000 | ---D | C] -- C:\Program Files\Fichiers communs\Oberon Media
[2009-11-12 22:07:01 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Playrix Entertainment
[2009-11-12 22:02:42 | 00,000,000 | ---D | C] -- C:\Program Files\Pogo FR
[2009-11-12 16:13:42 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Phano\Application Data\Pogo Games
[2009-11-12 15:19:57 | 00,000,000 | ---D | C] -- C:\Program Files\Oberon Media
[2009-11-10 20:44:37 | 00,000,000 | ---D | C] -- C:\Program Files\Fichiers communs\eSellerate
[2009-11-10 20:44:36 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2009-11-10 20:44:31 | 00,000,000 | ---D | C] -- C:\Program Files\Pop Buddy
[2009-11-09 12:43:42 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Phano\Mes documents\My Games
[2009-11-09 12:38:13 | 00,000,000 | -H-D | C] -- C:\WINDOWS\msdownld.tmp
[2009-11-09 12:01:08 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Pro
[2009-11-09 12:01:06 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Phano\Application Data\DAEMON Tools Pro
[2009-11-09 11:44:13 | 01,985,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iertutil.dll
[2009-11-09 11:44:12 | 00,594,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeeds.dll
[2009-11-09 11:44:11 | 11,069,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieframe.dll
[2009-11-09 11:44:11 | 00,055,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeedsbs.dll
[8 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[2 C:\WINDOWS\System32\dllcache\*.tmp files -> C:\WINDOWS\System32\dllcache\*.tmp -> ]
[10 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2009-12-06 11:12:40 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009-12-06 11:12:39 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009-12-06 11:11:57 | 03,670,016 | -H-- | M] () -- C:\Documents and Settings\Phano\NTUSER.DAT
[2009-12-06 11:11:57 | 00,000,184 | -HS- | M] () -- C:\Documents and Settings\Phano\ntuser.ini
[2009-12-06 11:11:56 | 03,712,656 | -H-- | M] () -- C:\Documents and Settings\Phano\Local Settings\Application Data\IconCache.db
[2009-12-06 02:49:00 | 00,000,446 | ---- | M] () -- C:\WINDOWS\tasks\Driver Robot.job
[2009-12-05 16:46:13 | 00,000,041 | ---- | M] () -- C:\WINDOWS\popcinfo.dat
[2009-12-05 12:18:59 | 00,027,648 | ---- | M] () -- C:\Documents and Settings\Phano\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009-12-04 23:48:09 | 00,014,856 | ---- | M] () -- C:\Documents and Settings\Phano\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2009-12-04 23:47:42 | 00,002,422 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2009-12-04 23:47:20 | 00,100,640 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009-12-04 23:22:24 | 00,691,696 | ---- | M] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2009-12-04 13:13:22 | 00,000,000 | R--- | M] () -- C:\logwmemory.bin
[2009-12-03 21:46:26 | 00,001,729 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Adobe Reader 9.lnk
[2009-12-03 21:19:26 | 00,016,772 | ---- | M] () -- C:\Documents and Settings\Phano\Mes documents\Katy Perry - discographie.torrent
[2009-12-03 21:14:56 | 00,013,804 | ---- | M] () -- C:\Documents and Settings\Phano\Mes documents\Mika - discographie.torrent
[2009-12-02 21:17:46 | 00,015,488 | ---- | M] () -- C:\Documents and Settings\Phano\Mes documents\TimberLake, Justin.torrent
[2009-12-02 21:16:55 | 00,016,517 | ---- | M] () -- C:\Documents and Settings\Phano\Mes documents\Swift, Taylor.torrent
[2009-12-02 21:16:37 | 00,013,059 | ---- | M] () -- C:\Documents and Settings\Phano\Mes documents\ShineDown.torrent
[2009-12-02 21:16:15 | 00,016,758 | ---- | M] () -- C:\Documents and Settings\Phano\Mes documents\Perry, Katy.torrent
[2009-12-02 21:15:16 | 00,020,702 | ---- | M] () -- C:\Documents and Settings\Phano\Mes documents\Paramore.torrent
[2009-12-02 21:14:50 | 00,016,301 | ---- | M] () -- C:\Documents and Settings\Phano\Mes documents\Nickelback.torrent
[2009-12-02 21:14:12 | 00,019,602 | ---- | M] () -- C:\Documents and Settings\Phano\Mes documents\Fergie de Black Eyed Peas.torrent
[2009-12-02 21:08:49 | 00,019,201 | ---- | M] () -- C:\Documents and Settings\Phano\Mes documents\Four Non Blondes.torrent
[2009-12-02 20:44:37 | 00,001,707 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Avira AntiVir Control Center.lnk
[2009-12-02 20:34:16 | 00,015,608 | ---- | M] () -- C:\Documents and Settings\Phano\Mes documents\Blunt, James.torrent
[2009-12-02 20:32:42 | 00,021,505 | ---- | M] () -- C:\Documents and Settings\Phano\Mes documents\Black Eyed Peas.torrent
[2009-12-02 20:31:40 | 00,025,934 | ---- | M] () -- C:\Documents and Settings\Phano\Mes documents\Backstreet Boys.torrent
[2009-12-02 20:30:59 | 00,018,674 | ---- | M] () -- C:\Documents and Settings\Phano\Mes documents\Boulay, Isabelle.torrent
[2009-12-02 20:30:22 | 00,019,197 | ---- | M] () -- C:\Documents and Settings\Phano\Mes documents\Saliva.torrent
[2009-12-02 20:27:20 | 00,016,168 | ---- | M] () -- C:\Documents and Settings\Phano\Mes documents\SHAKIRA.torrent
[2009-12-02 20:26:46 | 00,017,330 | ---- | M] () -- C:\Documents and Settings\Phano\Mes documents\RIHANNA.torrent
[2009-12-02 20:25:40 | 00,039,523 | ---- | M] () -- C:\Documents and Settings\Phano\Mes documents\Fringe.torrent
[2009-12-02 20:21:32 | 00,020,436 | ---- | M] () -- C:\Documents and Settings\Phano\Mes documents\KAIN.torrent
[2009-12-02 20:19:59 | 00,013,788 | ---- | M] () -- C:\Documents and Settings\Phano\Mes documents\MIKA.torrent
[2009-12-02 10:51:53 | 00,011,160 | ---- | M] () -- C:\Documents and Settings\Phano\Mes documents\cc_20091202_105123.reg
[2009-12-01 23:41:19 | 00,000,758 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Second Life.lnk
[2009-12-01 18:30:17 | 01,094,670 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2009-12-01 18:30:17 | 00,500,482 | ---- | M] () -- C:\WINDOWS\System32\perfh00C.dat
[2009-12-01 18:30:17 | 00,432,356 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2009-12-01 18:30:17 | 00,080,508 | ---- | M] () -- C:\WINDOWS\System32\perfc00C.dat
[2009-12-01 18:30:17 | 00,067,312 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2009-12-01 18:16:08 | 00,252,240 | RHS- | M] () -- C:\ntldr
[2009-11-24 13:48:01 | 00,001,048 | ---- | M] () -- C:\Documents and Settings\Phano\Bureau\Pogo Jeux.lnk
[2009-11-21 10:31:13 | 00,001,548 | ---- | M] () -- C:\Documents and Settings\Phano\Bureau\CCleaner.lnk
[2009-11-19 13:02:06 | 00,249,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Setup1.exe
[2009-11-19 13:02:05 | 00,073,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\ST6UNST.EXE
[2009-11-15 12:53:59 | 00,035,204 | ---- | M] () -- C:\WINDOWS\DIIUnin.dat
[2009-11-15 12:52:29 | 00,021,840 | ---- | M] () -- C:\WINDOWS\System32\SIntfNT.dll
[2009-11-15 12:52:29 | 00,017,212 | ---- | M] () -- C:\WINDOWS\System32\SIntf32.dll
[2009-11-15 12:52:29 | 00,012,067 | ---- | M] () -- C:\WINDOWS\System32\SIntf16.dll
[2009-11-15 12:38:33 | 00,102,400 | ---- | M] (Blizzard Entertainment) -- C:\WINDOWS\DIIUnin.exe
[2009-11-15 12:38:33 | 00,002,829 | ---- | M] () -- C:\WINDOWS\DIIUnin.pif
[2009-11-09 12:45:30 | 00,000,228 | RHS- | M] () -- C:\boot.ini
[8 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[2 C:\WINDOWS\System32\dllcache\*.tmp files -> C:\WINDOWS\System32\dllcache\*.tmp -> ]
[10 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2009-12-04 13:13:22 | 00,000,000 | R--- | C] () -- C:\logwmemory.bin
[2009-12-03 21:46:26 | 00,001,729 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Adobe Reader 9.lnk
[2009-12-03 21:19:26 | 00,016,772 | ---- | C] () -- C:\Documents and Settings\Phano\Mes documents\Katy Perry - discographie.torrent
[2009-12-03 21:14:56 | 00,013,804 | ---- | C] () -- C:\Documents and Settings\Phano\Mes documents\Mika - discographie.torrent
[2009-12-02 21:17:46 | 00,015,488 | ---- | C] () -- C:\Documents and Settings\Phano\Mes documents\TimberLake, Justin.torrent
[2009-12-02 21:16:55 | 00,016,517 | ---- | C] () -- C:\Documents and Settings\Phano\Mes documents\Swift, Taylor.torrent
[2009-12-02 21:16:37 | 00,013,059 | ---- | C] () -- C:\Documents and Settings\Phano\Mes documents\ShineDown.torrent
[2009-12-02 21:16:15 | 00,016,758 | ---- | C] () -- C:\Documents and Settings\Phano\Mes documents\Perry, Katy.torrent
[2009-12-02 21:15:16 | 00,020,702 | ---- | C] () -- C:\Documents and Settings\Phano\Mes documents\Paramore.torrent
[2009-12-02 21:14:50 | 00,016,301 | ---- | C] () -- C:\Documents and Settings\Phano\Mes documents\Nickelback.torrent
[2009-12-02 21:14:12 | 00,019,602 | ---- | C] () -- C:\Documents and Settings\Phano\Mes documents\Fergie de Black Eyed Peas.torrent
[2009-12-02 21:08:49 | 00,019,201 | ---- | C] () -- C:\Documents and Settings\Phano\Mes documents\Four Non Blondes.torrent
[2009-12-02 20:44:37 | 00,001,707 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Avira AntiVir Control Center.lnk
[2009-12-02 20:34:16 | 00,015,608 | ---- | C] () -- C:\Documents and Settings\Phano\Mes documents\Blunt, James.torrent
[2009-12-02 20:32:42 | 00,021,505 | ---- | C] () -- C:\Documents and Settings\Phano\Mes documents\Black Eyed Peas.torrent
[2009-12-02 20:31:40 | 00,025,934 | ---- | C] () -- C:\Documents and Settings\Phano\Mes documents\Backstreet Boys.torrent
[2009-12-02 20:30:59 | 00,018,674 | ---- | C] () -- C:\Documents and Settings\Phano\Mes documents\Boulay, Isabelle.torrent
[2009-12-02 20:30:22 | 00,019,197 | ---- | C] () -- C:\Documents and Settings\Phano\Mes documents\Saliva.torrent
[2009-12-02 20:27:20 | 00,016,168 | ---- | C] () -- C:\Documents and Settings\Phano\Mes documents\SHAKIRA.torrent
[2009-12-02 20:26:46 | 00,017,330 | ---- | C] () -- C:\Documents and Settings\Phano\Mes documents\RIHANNA.torrent
[2009-12-02 20:25:40 | 00,039,523 | ---- | C] () -- C:\Documents and Settings\Phano\Mes documents\Fringe.torrent
[2009-12-02 20:21:32 | 00,020,436 | ---- | C] () -- C:\Documents and Settings\Phano\Mes documents\KAIN.torrent
[2009-12-02 20:19:59 | 00,013,788 | ---- | C] () -- C:\Documents and Settings\Phano\Mes documents\MIKA.torrent
[2009-12-02 10:51:28 | 00,011,160 | ---- | C] () -- C:\Documents and Settings\Phano\Mes documents\cc_20091202_105123.reg
[2009-12-01 23:41:19 | 00,000,758 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Second Life.lnk
[2009-11-24 13:48:01 | 00,001,048 | ---- | C] () -- C:\Documents and Settings\Phano\Bureau\Pogo Jeux.lnk
[2009-11-21 10:31:13 | 00,001,548 | ---- | C] () -- C:\Documents and Settings\Phano\Bureau\CCleaner.lnk
[2009-11-15 12:49:01 | 00,021,840 | ---- | C] () -- C:\WINDOWS\System32\SIntfNT.dll
[2009-11-15 12:49:01 | 00,017,212 | ---- | C] () -- C:\WINDOWS\System32\SIntf32.dll
[2009-11-15 12:49:01 | 00,012,067 | ---- | C] () -- C:\WINDOWS\System32\SIntf16.dll
[2009-11-15 12:38:37 | 00,035,204 | ---- | C] () -- C:\WINDOWS\DIIUnin.dat
[2009-11-15 12:38:33 | 00,002,829 | ---- | C] () -- C:\WINDOWS\DIIUnin.pif
[2009-11-12 23:16:56 | 00,000,041 | ---- | C] () -- C:\WINDOWS\popcinfo.dat
[2009-11-09 12:01:09 | 00,691,696 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2009-08-31 14:01:43 | 00,278,728 | ---- | C] () -- C:\WINDOWS\System32\drivers\atksgt.sys
[2009-08-31 14:01:43 | 00,025,416 | ---- | C] () -- C:\WINDOWS\System32\drivers\lirsgt.sys
[2009-08-03 00:21:54 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll
[2009-08-03 00:21:54 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll
[2009-08-03 00:21:54 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll
[2009-08-03 00:21:54 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll
[2009-08-03 00:21:54 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll
[2009-08-03 00:21:54 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll
[2009-08-03 00:21:54 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll
[2009-08-03 00:21:52 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll
[2009-08-03 00:21:52 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll
[2009-07-21 11:56:19 | 00,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI
[2009-07-16 15:23:21 | 00,000,039 | ---- | C] () -- C:\WINDOWS\Irremote.ini
[2009-07-13 20:00:23 | 00,001,746 | ---- | C] () -- C:\WINDOWS\Language_trs.ini
[2009-07-13 17:52:38 | 00,024,576 | ---- | C] () -- C:\WINDOWS\System32\AsIO.dll
[2009-07-13 17:52:38 | 00,012,400 | ---- | C] () -- C:\WINDOWS\System32\drivers\AsIO.sys
[2009-07-11 08:40:58 | 00,000,164 | ---- | C] () -- C:\WINDOWS\avrack.ini
[2009-07-11 08:40:54 | 00,156,672 | ---- | C] () -- C:\WINDOWS\System32\RTLCPAPI.dll
[2009-07-11 08:37:36 | 00,005,810 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASACPI.sys
[2009-06-28 21:34:40 | 00,027,648 | ---- | C] () -- C:\Documents and Settings\Phano\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

========== Alternate Data Streams ==========

@Alternate Data Stream - 153 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:798A3728
@Alternate Data Stream - 150 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:861A898F
@Alternate Data Stream - 147 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:33A7CC67
@Alternate Data Stream - 146 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:D93DCF15
@Alternate Data Stream - 143 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:CFE0B346
@Alternate Data Stream - 142 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DD831FA6
@Alternate Data Stream - 139 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:41C283B2
@Alternate Data Stream - 137 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:588B60C7
@Alternate Data Stream - 135 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:9F683177
@Alternate Data Stream - 127 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:813B8EB6
@Alternate Data Stream - 116 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:65B701A9
<End>
trueshade
 
Messages: 28
Inscription: 24 Nov 2009, 02:49

Messagede trueshade » 06 Déc 2009, 17:42

Et tu me dis souvent, Note importante: Pour l'envoi de ta(tes) réponse(s), il ne faut pas créer un nouveau sujet, mais cliquer sur le bouton "Répondre" ... Es-que je fais quel que chose de mal ? je ne comprend pas..

Internet Explorer 8 Installer, mai encore une fois j'ai eu: Mise a jour impossible (comme avira...) Es-que sa peux être un virus / problème qui cause sa? Ou vous l'auriez repérer ...?

Pour le mettre a jour j'ai une fois de plus fait la méthode manuel.

PS: Lorsque j'ouvre Internet Explorer 8, je ne vois pas Ask Tool Bar, et quand j'ouvre Mozila, je la vois ... normal ?

Merci pour tous encore une fois.
trueshade
 
Messages: 28
Inscription: 24 Nov 2009, 02:49

Messagede nickW » 08 Déc 2009, 19:20

Bonsoir,

1/ Je mets la "Note importante" dans toutes mes réponses lorsque je demande l'envoi de plusieurs messages: souvent mon interlocuteur clique sur "Répondre" pour l'envoi de son premier message, puis clique sur "Nouveau" pour être sûr de bien respecter les consignes et d'envoyer deux messages distincts. Cela crée un nouveau Sujet pour le second envoi, ce qui ne permet pas de suivre le même fil de discussion.


2/ Je n'ai pas compris quelle est la mise à jour qui a été "impossible".


3/ Suite du nettoyage:

Étape 1: OTL (de OldTimer), nettoyage
Ouvrir une fenêtre du Bloc-notes, via Démarrer---->Exécuter, taper notepad puis cliquer sur OK
Sélectionner toutes les lignes de la zone blanche située sous "Code:" ci-dessous, puis appuyer simultanément sur les touches Ctrl et C

Code: Tout sélectionner
rien
:otl
IE - HKU\S-1-5-21-1606980848-73586283-725345543-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.ask.com/?o=13170&l=dis
FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Ask.com"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "Ask.com"
O3 - HKU\S-1-5-21-1606980848-73586283-725345543-1004\..\Toolbar\ShellBrowser: (Ask Toolbar) - {FE063DB9-4EC0-403E-8DD8-394C54984B2C} - C:\Program Files\AskTBar\bar\1.bin\ASKTBAR.DLL File not found

:Commands
[emptytemp]



Retourner dans la fenêtre du Bloc-notes, faire un clic droit dans la fenêtre et choisir Coller
Vérifier dans le menu Format (en haut) que "Retour automatique à ligne" n'est pas actif (pas coché).
Enregistrer le fichier sous le nom OTL-1.txt
Fermer le Bloc-notes.
Note: Les lignes de la zone Code ci-dessus ont été créées exclusivement pour CET utilisateur: trueshade.
si vous n'êtes pas CET utilisateur, il ne faut pas les utiliser: elles pourraient endommager votre système.



Étape 2: Pas de processus de contrôle en temps réel
Désactiver le module résident de l'antivirus.
Image Avira Antivir: clic droit sur l'icône dans la SysBarre (à coté de l'horloge), décocher "Activer Antivir Guard/AntiVir Guard enable"


Étape 3: OTL (de OldTimer), nettoyage
Faire un double clic sur OTL.exe pour lancer l'outil.
Ouvrir le fichier OTL-1.txt dans le Bloc-notes.
Dans le Bloc-notes, cliquer sur le menu Edition (en haut) et choisir Sélectionner tout.
Dans le Bloc-notes, cliquer sur le menu Edition (en haut) et choisir Copier.

Retourner dans la fenêtre de OTL, faire un clic droit dans la fenêtre située en bas nommée "Custom Scans/Fixes" Image et choisir Coller.

Fermer toutes les fenêtres de programme ouvertes (navigateur, traitement de texte, etc...): un redémarrage du PC va se produire.

Cliquer sur le bouton Run Fix: Image

Note: Un redémarrage est parfois nécessaire. S'il est demandé, cliquer sur Oui/Yes

Lorsque l'outil a terminé son travail, il y a affichage dans une petite fenêtre du message "Fix Complete! Click OK to open the fix log". Cliquer sur OK puis fermer OTL.


Étape 4: Processus de contrôle en temps réel
Important: Réactiver le module résident de l'antivirus.


Étape 5: OTL (de OldTimer), analyse
Fermer toutes les fenêtres de programme ouvertes.

Faire un double clic sur OTL.exe pour lancer l'outil.

L'écran principal de OTL s'affiche:
Image

Cocher (en haut) la case située devant Scan All Users: Image

Puis cliquer sur le bouton Run Scan: Image

Laisser l'outil travailler sans l'interrompre.
Lorsque l'outil a terminé, il y a ouverture d'une fenêtre du Bloc-notes contenant un rapport (log).
Fermer le Bloc-notes.
Fermer la fenêtre de OTL.


Étape 6: Résultats
Envoyer en réponse:
*- le rapport de correction de OTL (contenu du fichier SystemDrive\_OTL\MovedFiles\********_******.log - les *** sont des chiffres représentant la date [moisjourannée] et l'heure)
[SystemDrive représente la partition sur laquelle est installé le système, généralement C:]

Envoyer ensuite en réponse dans un message distinct (à cause de la longueur du log):
*- le rapport principal de OTL (contenu du fichier OTL.txt situé sur le Bureau).
Le rapport envoyé sur le forum doit se terminer par une ligne contenant <End>. Si ce n'est pas le cas, il est incomplet, et doit alors être découpé en plusieurs messages.

Note importante: Pour l'envoi de ta(tes) réponse(s), il ne faut pas créer un nouveau sujet, mais cliquer sur le bouton "Répondre"
Image pour continuer dans ce fil de discussion.

A suivre,
nickW - Image
30/07/2012: Plus de désinfection de PC jusqu'à nouvel ordre.
Pas de demande d'analyse de log en MP (Message Privé)
Mes configs
Avatar de l’utilisateur
nickW
Modérateur
 
Messages: 21698
Inscription: 20 Mai 2004, 17:41
Localisation: Dordogne/Île de France

Messagede trueshade » 08 Déc 2009, 19:53

La mise a jour que je parlai étais celle de Internet Explorer 8 , une fois que j'ai télécharger et installer Internet Explorer 8 , on ma demande de faire une mise a jour, je n'ai pas étais capable de la faire , encore une fois j'ai dus passer par une méthode manuel .

Voici le rapport numéro 1 :

All processes killed
Error: Unable to interpret <rien> in the current context!
========== OTL ==========
Unable to set value : HKU\S-1-5-21-1606980848-73586283-725345543-1004\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E!
Prefs.js: "Ask.com" removed from browser.search.defaultengine
Prefs.js: "Ask.com" removed from browser.search.defaultenginename
Prefs.js: "Ask.com" removed from browser.search.order.1
Prefs.js: "Ask.com" removed from browser.search.selectedEngine
Registry value HKEY_USERS\S-1-5-21-1606980848-73586283-725345543-1004\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser\\{FE063DB9-4EC0-403E-8DD8-394C54984B2C} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FE063DB9-4EC0-403E-8DD8-394C54984B2C}\ deleted successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: LocalService
->Temp folder emptied: 115616 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Phano
->Temp folder emptied: 86473997 bytes
->Temporary Internet Files folder emptied: 2089650 bytes
->Java cache emptied: 28723812 bytes
->FireFox cache emptied: 111453841 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 2267779 bytes
%systemroot%\System32 .tmp files removed: 5326336 bytes
Windows Temp folder emptied: 16384 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 23968980 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 248,50 mb


OTL by OldTimer - Version 3.1.11.7 log created on 12082009_134234

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...
trueshade
 
Messages: 28
Inscription: 24 Nov 2009, 02:49

Messagede trueshade » 08 Déc 2009, 19:55

Et le rapport principal de OTL :

OTL logfile created on: 2009-12-08 13:46:29 - Run 5
OTL by OldTimer - Version 3.1.11.7 Folder = C:\Documents and Settings\Phano\Mes documents\Téléchargements
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000C0C | Country: Canada | Language: FRC | Date Format: yyyy-MM-dd

1023,48 Mb Total Physical Memory | 602,15 Mb Available Physical Memory | 58,83% Memory free
2,40 Gb Paging File | 1,98 Gb Available in Paging File | 82,54% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 149,04 Gb Total Space | 60,42 Gb Free Space | 40,54% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: PHANO
Current User Name: Phano
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2009-12-06 11:03:29 | 00,536,576 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Phano\Mes documents\Téléchargements\OTL(2).exe
PRC - [2009-12-04 10:08:27 | 00,289,584 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files\uTorrent\uTorrent.exe
PRC - [2009-11-10 10:15:38 | 00,908,248 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2009-10-30 06:57:08 | 00,369,200 | ---- | M] (DT Soft Ltd) -- C:\Program Files\DAEMON Tools Lite\DTLite.exe
PRC - [2009-10-03 04:08:38 | 00,035,696 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Adobe\Reader 9.0\Reader\reader_sl.exe
PRC - [2009-09-19 22:39:48 | 00,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe
PRC - [2009-09-19 22:39:48 | 00,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jusched.exe
PRC - [2009-08-11 21:28:37 | 00,135,680 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\Phano\Application Data\Microsoft\Notification de cadeaux MSN\lsnfier.exe
PRC - [2009-07-21 13:33:58 | 00,185,089 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2009-07-21 10:42:04 | 00,602,112 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\ati2evxx.exe
PRC - [2009-06-12 06:32:04 | 02,682,880 | ---- | M] (iXi Tools) -- C:\Program Files\iXi Tools\Driver Updater Pro\DriverUpdaterPro.exe
PRC - [2009-05-19 10:36:18 | 00,240,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
PRC - [2009-05-13 15:47:40 | 00,108,289 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2009-03-02 12:08:11 | 00,209,153 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2008-12-18 13:32:52 | 00,049,152 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
PRC - [2008-12-18 12:19:44 | 00,049,152 | ---- | M] (ATI Technologies Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
PRC - [2008-04-13 21:34:03 | 01,037,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2005-12-21 10:47:48 | 00,061,503 | ---- | M] (NVIDIA) -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
PRC - [2005-09-23 09:04:38 | 00,020,543 | ---- | M] (Apache Software Foundation) -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\Apache.exe
PRC - [2005-06-20 20:42:20 | 00,077,824 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\soundman.exe
PRC - [2004-12-20 16:12:36 | 00,131,072 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NvMixer\NvMixerTray.exe


========== Modules (SafeList) ==========

MOD - [2009-12-06 11:03:29 | 00,536,576 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Phano\Mes documents\Téléchargements\OTL(2).exe


========== Win32 Services (SafeList) ==========

SRV - File not found -- -- (Nero BackItUp Scheduler 4.0)
SRV - [2009-09-19 22:39:48 | 00,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2009-07-21 13:33:58 | 00,185,089 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2009-07-21 10:42:04 | 00,602,112 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\ati2evxx.exe -- (Ati HotKey Poller)
SRV - [2009-07-21 09:40:00 | 00,593,920 | ---- | M] () -- C:\WINDOWS\system32\ati2sgag.exe -- (ATI Smart)
SRV - [2009-05-29 16:13:20 | 00,234,864 | ---- | M] (CybelSoft) -- C:\Program Files\ma-config.com\maconfservice.exe -- (maconfservice)
SRV - [2009-05-19 10:36:18 | 00,240,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe -- (SeaPort)
SRV - [2009-05-13 15:47:40 | 00,108,289 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2005-12-21 10:47:48 | 00,061,503 | ---- | M] (NVIDIA) -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe -- (nSvcLog)
SRV - [2005-09-23 09:04:38 | 00,020,543 | ---- | M] (Apache Software Foundation) -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe -- (ForcewareWebInterface)


========== Driver Services (SafeList) ==========

DRV - [2009-12-04 23:22:24 | 00,691,696 | ---- | M] () -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2009-08-31 14:01:43 | 00,278,728 | ---- | M] () -- C:\WINDOWS\system32\drivers\atksgt.sys -- (atksgt)
DRV - [2009-08-31 14:01:43 | 00,025,416 | ---- | M] () -- C:\WINDOWS\system32\drivers\lirsgt.sys -- (lirsgt)
DRV - [2009-07-28 15:33:15 | 00,055,656 | ---- | M] (Avira GmbH) -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2009-07-21 11:30:48 | 03,565,056 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2009-05-29 16:16:48 | 00,014,336 | ---- | M] (CybelSoft) -- C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys -- (driverhardwarev2)
DRV - [2009-05-11 09:11:52 | 00,028,520 | ---- | M] (Avira GmbH) -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2009-03-30 09:32:47 | 00,096,104 | ---- | M] (Avira GmbH) -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)
DRV - [2009-02-13 11:34:33 | 00,011,608 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys -- (avgio)
DRV - [2008-04-13 13:45:29 | 00,010,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum)
DRV - [2008-04-13 13:45:12 | 00,060,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\usbaudio.sys -- (usbaudio) Pilote USB audio (WDM)
DRV - [2008-04-13 11:39:15 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\WINDOWS\system32\drivers\secdrv.sys -- (Secdrv)
DRV - [2007-12-17 16:14:06 | 00,012,400 | ---- | M] () -- C:\WINDOWS\system32\drivers\AsIO.sys -- (AsIO)
DRV - [2006-07-14 13:55:34 | 00,105,088 | R--- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\DRIVERS\nvata.sys -- (nvata)
DRV - [2006-07-01 21:42:58 | 00,043,520 | ---- | M] (Advanced Micro Devices) -- C:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8)
DRV - [2006-04-14 19:09:06 | 00,013,056 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus)
DRV - [2006-04-14 19:09:04 | 00,034,176 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD)
DRV - [2006-03-02 07:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) -- C:\WINDOWS\system32\drivers\ptilink.sys -- (Ptilink)
DRV - [2006-03-02 07:00:00 | 00,005,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\rootmdm.sys -- (ROOTMODEM)
DRV - [2005-07-26 06:01:56 | 00,415,360 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\drivers\nvapu.sys -- (nvnforce) Service for NVIDIA(R) nForce(TM)
DRV - [2005-07-26 05:58:30 | 00,053,376 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\drivers\nvax.sys -- (nvax) Service for NVIDIA(R) nForce(TM)
DRV - [2005-06-20 21:08:44 | 02,324,480 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS -- (ALCXWDM) Service for Realtek AC97 Audio (WDM)
DRV - [2004-08-14 01:56:20 | 00,005,810 | ---- | M] () -- C:\WINDOWS\system32\drivers\ASACPI.sys -- (MTsensor)
DRV - [2001-08-17 17:00:04 | 00,002,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\msmpu401.sys -- (ms_mpu401)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.live.com/sphome.aspx


IE - HKU\.DEFAULT\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-1606980848-73586283-725345543-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.ask.com/?o=13170&l=dis
IE - HKU\S-1-5-21-1606980848-73586283-725345543-1004\S-1-5-21-1606980848-73586283-725345543-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1606980848-73586283-725345543-1004\S-1-5-21-1606980848-73586283-725345543-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = phano7@hotmail.com:32446

========== FireFox ==========

FF - prefs.js..browser.search.defaultengine: ""
FF - prefs.js..browser.search.defaultenginename: ""
FF - prefs.js..browser.search.order.1: ""
FF - prefs.js..browser.search.selectedEngine: ""
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "google.ca"
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..keyword.URL: ""

FF - HKLM\software\mozilla\Mozilla Firefox 3.5.5\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2009-12-01 20:29:13 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.5\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2009-12-03 21:46:26 | 00,000,000 | ---D | M]

[2009-07-13 18:23:20 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Phano\Application Data\Mozilla\Extensions
[2009-12-08 09:58:56 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Phano\Application Data\Mozilla\Firefox\Profiles\kudw5y8w.default\extensions
[2009-12-01 18:34:38 | 00,002,255 | ---- | M] () -- C:\Documents and Settings\Phano\Application Data\Mozilla\Firefox\Profiles\kudw5y8w.default\searchplugins\askcom.xml
[2009-11-21 10:09:23 | 00,001,775 | ---- | M] () -- C:\Documents and Settings\Phano\Application Data\Mozilla\Firefox\Profiles\kudw5y8w.default\searchplugins\live-search.xml
[2009-12-08 09:58:56 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2009-06-24 07:31:33 | 00,001,516 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazon-france.xml
[2009-06-24 07:31:33 | 00,001,822 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\cnrtl-tlfi-fr.xml
[2009-06-24 07:31:33 | 00,000,757 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-france.xml
[2009-06-24 07:31:33 | 00,001,426 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-fr.xml
[2009-04-07 13:59:38 | 00,000,872 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\Yahooober109195656.gif
[2009-11-20 21:45:08 | 00,000,196 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\Yahooober109195656.src

O1 HOSTS File: (790 bytes) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
O2 - BHO: (Windows Live Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKU\S-1-5-21-1606980848-73586283-725345543-1004\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O4 - HKLM..\Run: [Adobe ARM] C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [NVMixerTray] C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe (NVIDIA Corporation)
O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\soundman.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKU\S-1-5-21-1606980848-73586283-725345543-1004..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-1606980848-73586283-725345543-1004..\Run: [DriverUpdaterPro] C:\Program Files\iXi Tools\Driver Updater Pro\DriverUpdaterPro.exe (iXi Tools)
O4 - HKU\S-1-5-21-1606980848-73586283-725345543-1004..\Run: [uTorrent] C:\Program Files\uTorrent\uTorrent.exe (BitTorrent, Inc.)
O4 - Startup: C:\Documents and Settings\Phano\Menu Démarrer\Programmes\Démarrage\Notification de cadeaux MSN.lnk = C:\Documents and Settings\Phano\Application Data\Microsoft\Notification de cadeaux MSN\lsnfier.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1606980848-73586283-725345543-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra Button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} http://messenger.zone.msn.com/Messenger ... E_UNO1.cab (UnoCtrl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_16)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zone.msn.com/binary/Me ... b56907.cab (MessengerStatsClient Class)
O16 - DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_16)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_16)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shoc ... wflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop Components:0 (Ma page d'accueil) - About:Home
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009-06-25 16:11:02 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - comfile [open] -- "%1" %*
O35 - exefile [open] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2009-12-08 13:42:34 | 00,000,000 | ---D | C] -- C:\_OTL
[2009-12-07 08:08:46 | 00,000,000 | ---D | C] -- C:\Program Files\Ubisoft
[2009-12-06 11:24:11 | 00,000,000 | -H-D | C] -- C:\WINDOWS\ie8
[2009-12-04 23:40:16 | 00,000,000 | RH-D | C] -- C:\Documents and Settings\Phano\Recent
[2009-12-04 23:27:57 | 00,000,000 | ---D | C] -- C:\Program Files\Microsoft Games
[2009-12-04 23:22:20 | 00,000,000 | ---D | C] -- C:\Program Files\DAEMON Tools Lite
[2009-12-04 23:22:05 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Phano\Application Data\DAEMON Tools Lite
[2009-12-04 23:21:39 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Lite
[2009-12-04 13:12:16 | 00,000,000 | ---D | C] -- C:\Soldat
[2009-12-04 13:12:16 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Phano\Application Data\Soldat
[2009-12-04 10:07:20 | 00,180,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\scrobj.dll
[2009-12-04 10:07:20 | 00,172,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\scrrun.dll
[2009-12-04 10:07:20 | 00,155,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wscript.exe
[2009-12-04 10:07:20 | 00,135,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wshom.ocx
[2009-12-04 10:07:20 | 00,135,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cscript.exe
[2009-12-04 10:07:20 | 00,090,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wshext.dll
[2009-12-03 21:50:45 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Phano\Local Settings\Application Data\Adobe
[2009-12-03 21:46:15 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Adobe
[2009-12-03 21:46:01 | 00,000,000 | ---D | C] -- C:\Program Files\Fichiers communs\Adobe
[2009-12-03 21:46:01 | 00,000,000 | ---D | C] -- C:\Program Files\Adobe
[2009-12-03 14:15:13 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Phano\Bureau\Sebast
[2009-12-02 20:44:29 | 00,096,104 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avipbb.sys
[2009-12-02 20:44:29 | 00,055,656 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntflt.sys
[2009-12-02 20:44:29 | 00,045,416 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntdd.sys
[2009-12-02 20:44:29 | 00,022,360 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntmgr.sys
[2009-12-02 20:44:27 | 00,028,520 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\ssmdrv.sys
[2009-12-02 20:44:27 | 00,000,000 | ---D | C] -- C:\Program Files\Avira
[2009-12-02 20:44:27 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Avira
[2009-12-01 23:43:17 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Phano\Local Settings\Application Data\SecondLife
[2009-12-01 23:43:17 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Phano\Application Data\SecondLife
[2009-12-01 23:40:50 | 00,000,000 | ---D | C] -- C:\Program Files\SecondLife
[2009-12-01 22:57:34 | 00,000,000 | ---D | C] -- C:\ToolBar SD
[2009-12-01 18:28:40 | 00,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2009-12-01 18:18:04 | 00,000,000 | ---D | C] -- C:\WINDOWS\l2schemas
[2009-12-01 18:18:04 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\fr
[2009-12-01 18:18:04 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\bits
[2009-12-01 18:16:16 | 00,000,000 | ---D | C] -- C:\WINDOWS\network diagnostic
[2009-12-01 18:14:06 | 00,000,000 | -H-D | C] -- C:\WINDOWS\$NtServicePackUninstall$
[2009-12-01 17:41:37 | 00,000,000 | ---D | C] -- C:\Program Files\eMule
[2009-12-01 17:41:22 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Phano\Application Data\BitTorrent
[2009-12-01 17:41:18 | 00,000,000 | ---D | C] -- C:\Program Files\BitTorrent
[2009-11-30 01:04:08 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Phano\Mes documents\Savage 2 - A Tortured Soul
[2009-11-30 01:00:39 | 00,266,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_8.dll
[2009-11-30 01:00:39 | 00,018,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\x3daudio1_2.dll
[2009-11-30 01:00:38 | 01,124,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_34.dll
[2009-11-30 01:00:38 | 00,443,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_34.dll
[2009-11-30 01:00:37 | 03,497,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_34.dll
[2009-11-30 01:00:30 | 00,081,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xinput1_3.dll
[2009-11-30 01:00:25 | 00,261,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_7.dll
[2009-11-30 01:00:24 | 01,123,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_33.dll
[2009-11-30 01:00:24 | 00,443,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_33.dll
[2009-11-30 01:00:19 | 03,495,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_33.dll
[2009-11-30 01:00:19 | 00,255,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_6.dll
[2009-11-30 01:00:18 | 00,251,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_5.dll
[2009-11-30 01:00:15 | 02,414,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_31.dll
[2009-11-30 01:00:15 | 00,237,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_4.dll
[2009-11-30 01:00:15 | 00,015,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\x3daudio1_1.dll
[2009-11-30 01:00:14 | 00,236,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_3.dll
[2009-11-30 01:00:14 | 00,062,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xinput1_2.dll
[2009-11-30 00:58:32 | 00,000,000 | ---D | C] -- C:\Program Files\Savage 2 - A Tortured Soul
[2009-11-29 14:21:40 | 00,000,000 | ---D | C] -- C:\Program Files\GUILD WARS
[2009-11-24 14:55:48 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Phano\Application Data\dvdcss
[2009-11-24 13:48:35 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Phano\Application Data\V-Games
[2009-11-23 20:43:31 | 00,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2009-11-23 20:32:38 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Phano\Mes documents\My Received Files
[2009-11-21 11:27:51 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Phano\Application Data\vlc
[2009-11-21 11:26:46 | 00,000,000 | ---D | C] -- C:\Program Files\VideoLAN
[2009-11-21 11:14:54 | 00,000,000 | ---D | C] -- C:\Nouveau dossier
[2009-11-21 11:00:01 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Phano\Tracing
[2009-11-21 10:55:59 | 00,000,000 | ---D | C] -- C:\Program Files\Windows Live SkyDrive
[2009-11-21 10:55:31 | 00,000,000 | ---D | C] -- C:\Program Files\Windows Live
[2009-11-21 10:54:10 | 00,000,000 | ---D | C] -- C:\Program Files\Fichiers communs\Windows Live
[2009-11-21 10:31:12 | 00,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2009-11-21 10:18:47 | 00,000,000 | -H-D | C] -- C:\WINDOWS\$MSI31Uninstall_KB893803v2$
[2009-11-21 08:59:03 | 00,000,000 | ---D | C] -- C:\WINDOWS\Hidden Wonders of the Depths
[2009-11-21 08:59:03 | 00,000,000 | ---D | C] -- C:\Program Files\Hidden Wonders of the Depths
[2009-11-20 21:45:31 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Yahoo!
[2009-11-20 21:45:22 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Phano\Application Data\Yahoo!
[2009-11-20 21:45:13 | 00,000,000 | ---D | C] -- C:\Program Files\Yahoo!
[2009-11-20 21:45:08 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Oberon Media
[2009-11-20 20:32:00 | 00,000,000 | ---D | C] -- C:\Program Files\MumboJumbo
[2009-11-20 20:30:09 | 00,000,000 | ---D | C] -- C:\Program Files\PopCap Games
[2009-11-19 13:02:09 | 00,000,000 | ---D | C] -- C:\Program Files\Hero Editor
[2009-11-19 13:02:06 | 00,249,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\Setup1.exe
[2009-11-19 13:02:04 | 00,073,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\ST6UNST.EXE
[2009-11-18 19:31:16 | 00,000,000 | R--D | C] -- C:\Documents and Settings\Phano\Bureau\Minie Serie
[2009-11-17 17:49:20 | 01,689,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\6bd83c0.dll
[2009-11-17 17:49:20 | 00,082,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\8042bc5.dll
[2009-11-17 17:49:20 | 00,082,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\10dce7a0.dll
[2009-11-17 17:49:19 | 01,689,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\2e5fcdcb.dll
[2009-11-17 16:34:11 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\InstallShield
[2009-11-17 16:25:55 | 00,000,000 | ---D | C] -- C:\Program Files\gPotato.eu
[2009-11-15 12:38:33 | 00,102,400 | ---- | C] (Blizzard Entertainment) -- C:\WINDOWS\DIIUnin.exe
[2009-11-15 12:29:37 | 00,000,000 | ---D | C] -- C:\Program Files\Diablo II
[2009-11-13 22:53:00 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Phano\Local Settings\Application Data\Plan It Green Files
[2009-11-13 21:08:54 | 00,000,000 | ---D | C] -- C:\WINDOWS\ie8updates
[2009-11-13 12:28:34 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Phano\Application Data\Big Fish Games
[2009-11-13 09:41:07 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Phano\Saved Games
[2009-11-13 09:41:07 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Phano\Local Settings\Application Data\Oberon Games
[2009-11-13 00:23:17 | 00,000,000 | R--D | C] -- C:\Documents and Settings\Phano\Bureau\Jeux
[2009-11-12 23:19:13 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Phano\Application Data\Playrix Entertainment
[2009-11-12 23:18:12 | 00,000,000 | ---D | C] -- C:\Program Files\Fichiers communs\Oberon Media
[2009-11-12 22:07:01 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Playrix Entertainment
[2009-11-12 22:02:42 | 00,000,000 | ---D | C] -- C:\Program Files\Pogo FR
[2009-11-12 16:13:42 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Phano\Application Data\Pogo Games
[2009-11-12 15:19:57 | 00,000,000 | ---D | C] -- C:\Program Files\Oberon Media
[2009-11-10 20:44:37 | 00,000,000 | ---D | C] -- C:\Program Files\Fichiers communs\eSellerate
[2009-11-10 20:44:36 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2009-11-10 20:44:31 | 00,000,000 | ---D | C] -- C:\Program Files\Pop Buddy
[2009-11-09 12:43:42 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Phano\Mes documents\My Games
[2009-11-09 12:01:08 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Pro
[2009-11-09 12:01:06 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Phano\Application Data\DAEMON Tools Pro
[2009-11-09 11:44:13 | 01,985,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iertutil.dll
[2009-11-09 11:44:12 | 00,594,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeeds.dll
[2009-11-09 11:44:11 | 11,069,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieframe.dll
[2009-11-09 11:44:11 | 00,055,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeedsbs.dll
[2 C:\WINDOWS\System32\dllcache\*.tmp files -> C:\WINDOWS\System32\dllcache\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2009-12-08 13:43:40 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009-12-08 13:43:39 | 00,002,422 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2009-12-08 13:43:38 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009-12-08 13:42:54 | 03,932,160 | -H-- | M] () -- C:\Documents and Settings\Phano\NTUSER.DAT
[2009-12-08 13:42:54 | 00,000,184 | -HS- | M] () -- C:\Documents and Settings\Phano\ntuser.ini
[2009-12-08 10:57:00 | 00,038,912 | ---- | M] () -- C:\Documents and Settings\Phano\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009-12-07 11:39:33 | 03,173,106 | -H-- | M] () -- C:\Documents and Settings\Phano\Local Settings\Application Data\IconCache.db
[2009-12-06 11:25:12 | 00,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2009-12-06 02:49:00 | 00,000,446 | ---- | M] () -- C:\WINDOWS\tasks\Driver Robot.job
[2009-12-05 16:46:13 | 00,000,041 | ---- | M] () -- C:\WINDOWS\popcinfo.dat
[2009-12-04 23:48:09 | 00,014,856 | ---- | M] () -- C:\Documents and Settings\Phano\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2009-12-04 23:47:20 | 00,100,640 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009-12-04 23:22:24 | 00,691,696 | ---- | M] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2009-12-04 13:13:22 | 00,000,000 | R--- | M] () -- C:\logwmemory.bin
[2009-12-03 21:46:26 | 00,001,729 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Adobe Reader 9.lnk
[2009-12-03 21:19:26 | 00,016,772 | ---- | M] () -- C:\Documents and Settings\Phano\Mes documents\Katy Perry - discographie.torrent
[2009-12-03 21:14:56 | 00,013,804 | ---- | M] () -- C:\Documents and Settings\Phano\Mes documents\Mika - discographie.torrent
[2009-12-02 21:17:46 | 00,015,488 | ---- | M] () -- C:\Documents and Settings\Phano\Mes documents\TimberLake, Justin.torrent
[2009-12-02 21:16:55 | 00,016,517 | ---- | M] () -- C:\Documents and Settings\Phano\Mes documents\Swift, Taylor.torrent
[2009-12-02 21:16:37 | 00,013,059 | ---- | M] () -- C:\Documents and Settings\Phano\Mes documents\ShineDown.torrent
[2009-12-02 21:15:16 | 00,020,702 | ---- | M] () -- C:\Documents and Settings\Phano\Mes documents\Paramore.torrent
[2009-12-02 21:14:12 | 00,019,602 | ---- | M] () -- C:\Documents and Settings\Phano\Mes documents\Fergie de Black Eyed Peas.torrent
[2009-12-02 21:08:49 | 00,019,201 | ---- | M] () -- C:\Documents and Settings\Phano\Mes documents\Four Non Blondes.torrent
[2009-12-02 20:44:37 | 00,001,707 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Avira AntiVir Control Center.lnk
[2009-12-02 20:34:16 | 00,015,608 | ---- | M] () -- C:\Documents and Settings\Phano\Mes documents\Blunt, James.torrent
[2009-12-02 20:32:42 | 00,021,505 | ---- | M] () -- C:\Documents and Settings\Phano\Mes documents\Black Eyed Peas.torrent
[2009-12-02 20:30:59 | 00,018,674 | ---- | M] () -- C:\Documents and Settings\Phano\Mes documents\Boulay, Isabelle.torrent
[2009-12-02 20:26:46 | 00,017,330 | ---- | M] () -- C:\Documents and Settings\Phano\Mes documents\RIHANNA.torrent
[2009-12-02 20:21:32 | 00,020,436 | ---- | M] () -- C:\Documents and Settings\Phano\Mes documents\KAIN.torrent
[2009-12-02 10:51:53 | 00,011,160 | ---- | M] () -- C:\Documents and Settings\Phano\Mes documents\cc_20091202_105123.reg
[2009-12-01 18:30:17 | 01,094,670 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2009-12-01 18:30:17 | 00,500,482 | ---- | M] () -- C:\WINDOWS\System32\perfh00C.dat
[2009-12-01 18:30:17 | 00,432,356 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2009-12-01 18:30:17 | 00,080,508 | ---- | M] () -- C:\WINDOWS\System32\perfc00C.dat
[2009-12-01 18:30:17 | 00,067,312 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2009-12-01 18:16:08 | 00,252,240 | RHS- | M] () -- C:\ntldr
[2009-11-24 13:48:01 | 00,001,048 | ---- | M] () -- C:\Documents and Settings\Phano\Bureau\Pogo Jeux.lnk
[2009-11-21 10:31:13 | 00,001,548 | ---- | M] () -- C:\Documents and Settings\Phano\Bureau\CCleaner.lnk
[2009-11-19 13:02:06 | 00,249,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Setup1.exe
[2009-11-19 13:02:05 | 00,073,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\ST6UNST.EXE
[2009-11-15 12:53:59 | 00,035,204 | ---- | M] () -- C:\WINDOWS\DIIUnin.dat
[2009-11-15 12:52:29 | 00,021,840 | ---- | M] () -- C:\WINDOWS\System32\SIntfNT.dll
[2009-11-15 12:52:29 | 00,017,212 | ---- | M] () -- C:\WINDOWS\System32\SIntf32.dll
[2009-11-15 12:52:29 | 00,012,067 | ---- | M] () -- C:\WINDOWS\System32\SIntf16.dll
[2009-11-15 12:38:33 | 00,102,400 | ---- | M] (Blizzard Entertainment) -- C:\WINDOWS\DIIUnin.exe
[2009-11-15 12:38:33 | 00,002,829 | ---- | M] () -- C:\WINDOWS\DIIUnin.pif
[2009-11-09 12:45:30 | 00,000,228 | RHS- | M] () -- C:\boot.ini
[2 C:\WINDOWS\System32\dllcache\*.tmp files -> C:\WINDOWS\System32\dllcache\*.tmp -> ]

========== Files Created - No Company Name ==========

[2009-12-06 11:24:43 | 00,001,374 | ---- | C] () -- C:\WINDOWS\imsins.BAK
[2009-12-04 13:13:22 | 00,000,000 | R--- | C] () -- C:\logwmemory.bin
[2009-12-03 21:46:26 | 00,001,729 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Adobe Reader 9.lnk
[2009-12-03 21:19:26 | 00,016,772 | ---- | C] () -- C:\Documents and Settings\Phano\Mes documents\Katy Perry - discographie.torrent
[2009-12-03 21:14:56 | 00,013,804 | ---- | C] () -- C:\Documents and Settings\Phano\Mes documents\Mika - discographie.torrent
[2009-12-02 21:17:46 | 00,015,488 | ---- | C] () -- C:\Documents and Settings\Phano\Mes documents\TimberLake, Justin.torrent
[2009-12-02 21:16:55 | 00,016,517 | ---- | C] () -- C:\Documents and Settings\Phano\Mes documents\Swift, Taylor.torrent
[2009-12-02 21:16:37 | 00,013,059 | ---- | C] () -- C:\Documents and Settings\Phano\Mes documents\ShineDown.torrent
[2009-12-02 21:15:16 | 00,020,702 | ---- | C] () -- C:\Documents and Settings\Phano\Mes documents\Paramore.torrent
[2009-12-02 21:14:12 | 00,019,602 | ---- | C] () -- C:\Documents and Settings\Phano\Mes documents\Fergie de Black Eyed Peas.torrent
[2009-12-02 21:08:49 | 00,019,201 | ---- | C] () -- C:\Documents and Settings\Phano\Mes documents\Four Non Blondes.torrent
[2009-12-02 20:44:37 | 00,001,707 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Avira AntiVir Control Center.lnk
[2009-12-02 20:34:16 | 00,015,608 | ---- | C] () -- C:\Documents and Settings\Phano\Mes documents\Blunt, James.torrent
[2009-12-02 20:32:42 | 00,021,505 | ---- | C] () -- C:\Documents and Settings\Phano\Mes documents\Black Eyed Peas.torrent
[2009-12-02 20:30:59 | 00,018,674 | ---- | C] () -- C:\Documents and Settings\Phano\Mes documents\Boulay, Isabelle.torrent
[2009-12-02 20:26:46 | 00,017,330 | ---- | C] () -- C:\Documents and Settings\Phano\Mes documents\RIHANNA.torrent
[2009-12-02 20:21:32 | 00,020,436 | ---- | C] () -- C:\Documents and Settings\Phano\Mes documents\KAIN.torrent
[2009-12-02 10:51:28 | 00,011,160 | ---- | C] () -- C:\Documents and Settings\Phano\Mes documents\cc_20091202_105123.reg
[2009-11-24 13:48:01 | 00,001,048 | ---- | C] () -- C:\Documents and Settings\Phano\Bureau\Pogo Jeux.lnk
[2009-11-21 10:31:13 | 00,001,548 | ---- | C] () -- C:\Documents and Settings\Phano\Bureau\CCleaner.lnk
[2009-11-15 12:49:01 | 00,021,840 | ---- | C] () -- C:\WINDOWS\System32\SIntfNT.dll
[2009-11-15 12:49:01 | 00,017,212 | ---- | C] () -- C:\WINDOWS\System32\SIntf32.dll
[2009-11-15 12:49:01 | 00,012,067 | ---- | C] () -- C:\WINDOWS\System32\SIntf16.dll
[2009-11-15 12:38:37 | 00,035,204 | ---- | C] () -- C:\WINDOWS\DIIUnin.dat
[2009-11-15 12:38:33 | 00,002,829 | ---- | C] () -- C:\WINDOWS\DIIUnin.pif
[2009-11-12 23:16:56 | 00,000,041 | ---- | C] () -- C:\WINDOWS\popcinfo.dat
[2009-11-09 12:01:09 | 00,691,696 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2009-08-31 14:01:43 | 00,278,728 | ---- | C] () -- C:\WINDOWS\System32\drivers\atksgt.sys
[2009-08-31 14:01:43 | 00,025,416 | ---- | C] () -- C:\WINDOWS\System32\drivers\lirsgt.sys
[2009-08-03 00:21:54 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll
[2009-08-03 00:21:54 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll
[2009-08-03 00:21:54 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll
[2009-08-03 00:21:54 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll
[2009-08-03 00:21:54 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll
[2009-08-03 00:21:54 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll
[2009-08-03 00:21:54 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll
[2009-08-03 00:21:52 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll
[2009-08-03 00:21:52 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll
[2009-07-21 11:56:19 | 00,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI
[2009-07-16 15:23:21 | 00,000,039 | ---- | C] () -- C:\WINDOWS\Irremote.ini
[2009-07-13 20:00:23 | 00,001,746 | ---- | C] () -- C:\WINDOWS\Language_trs.ini
[2009-07-13 17:52:38 | 00,024,576 | ---- | C] () -- C:\WINDOWS\System32\AsIO.dll
[2009-07-13 17:52:38 | 00,012,400 | ---- | C] () -- C:\WINDOWS\System32\drivers\AsIO.sys
[2009-07-11 08:40:58 | 00,000,164 | ---- | C] () -- C:\WINDOWS\avrack.ini
[2009-07-11 08:40:54 | 00,156,672 | ---- | C] () -- C:\WINDOWS\System32\RTLCPAPI.dll
[2009-07-11 08:37:36 | 00,005,810 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASACPI.sys
[2009-06-28 21:34:40 | 00,038,912 | ---- | C] () -- C:\Documents and Settings\Phano\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

========== Alternate Data Streams ==========

@Alternate Data Stream - 153 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:798A3728
@Alternate Data Stream - 150 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:861A898F
@Alternate Data Stream - 147 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:33A7CC67
@Alternate Data Stream - 146 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:D93DCF15
@Alternate Data Stream - 143 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:CFE0B346
@Alternate Data Stream - 142 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DD831FA6
@Alternate Data Stream - 139 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:41C283B2
@Alternate Data Stream - 137 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:588B60C7
@Alternate Data Stream - 135 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:9F683177
@Alternate Data Stream - 127 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:813B8EB6
@Alternate Data Stream - 116 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:65B701A9
<End>
trueshade
 
Messages: 28
Inscription: 24 Nov 2009, 02:49

PrécédenteSuivante

Retourner vers Sécurité (Contamination - Décontamination)

Qui est en ligne

Utilisateurs parcourant ce forum: Aucun utilisateur enregistré et 24 invités

cron