[OK]Besoin d'aide

Sécurité et insécurité. Virus, Trojans, Spywares, Failles etc. …

Modérateur: Modérateurs et Modératrices

Règles du forum
Assiste.com a suspendu l'assistance à la décontamination après presque 15 ans sur l'ancien forum puis celui-ci. Voir :

Procédure de décontamination 1 - Anti-malware
Décontamination anti-malwares

Procédure de décontamination 2 - Anti-malware et antivirus (La Manip)
La Manip - Procédure standard de décontamination

Entretien périodique d'un PC sous Windows
Entretien périodique d'un PC sous Windows

Protection des navigateurs, de la navigation et de la vie privée
Protéger le navigateur, la navigation et la vie privée

[OK]Besoin d'aide

Messagede Zoom62 » 04 Déc 2009, 16:18

Bonjour et d'avance un grand merci pour l'aide apportée,

Voilà depuis environ 15 jours j'ai de gros soucis avec l'UC de mon pc, pratiquement en permanence à 100% et ce au moindre programme lancé, idem lorsque j'ouvre Firefox. De plus le changement de session prend un temps fou.

Dans un premier temps j'ai vérifié le nombre de services lancés au démarrage (Automatique), là rien de nouveau toujours 19.

Alors j'ai pensé qu'un logiciel installé ou module complémentaire (Firefox) mobilisait toute la mémoire de UC mais lequel? Je les ai donc presque tous désactivés, mais pas d'amélioration flagrante.

Voici donc le rapport Malwarebytes, OTL et hijackThis:

Malwarebytes' Anti-Malware 1.42
Version de la base de données: 3289
Windows 5.1.2600 Service Pack 3
Internet Explorer 7.0.5730.11

4/12/2009 10:03:57
mbam-log-2009-12-04 (10-03-57).txt

Type de recherche: Examen rapide
Eléments examinés: 146562
Temps écoulé: 8 minute(s), 32 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
(Aucun élément nuisible détecté)

OTL:

OTL Extras logfile created on: 4/12/2009 10:05:16 - Run 1
OTL by OldTimer - Version 3.1.11.4 Folder = C:\Documents and Settings\Martine\Bureau
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.11)
Locale: 0000080C | Country: Belgique | Language: FRB | Date Format: d/MM/yyyy

1022,73 Mb Total Physical Memory | 655,99 Mb Available Physical Memory | 64,14% Memory free
3,86 Gb Paging File | 3,53 Gb Available in Paging File | 91,38% Paging File free
Paging file location(s): [Binary data over 100 bytes]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 48,98 Gb Total Space | 10,41 Gb Free Space | 21,25% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
Drive F: | 7,99 Gb Total Space | 3,53 Gb Free Space | 44,20% Space Free | Partition Type: FAT32
G: Drive not present or media not loaded
H: Drive not present or media not loaded
Drive I: | 32,23 Gb Total Space | 9,00 Gb Free Space | 27,94% Space Free | Partition Type: NTFS
Drive J: | 65,85 Gb Total Space | 34,58 Gb Free Space | 52,52% Space Free | Partition Type: NTFS
Drive M: | 31,25 Gb Total Space | 9,52 Gb Free Space | 30,47% Space Free | Partition Type: NTFS

Computer Name: Zoom
Current User Name: Martine
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- Reg Error: Key error. File not found

[HKEY_USERS\S-1-5-21-1770633121-2185212140-2792175243-1007\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
https [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- J:\Program Files\VLC Media Player\VLC\vlc.exe --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- J:\Program Files\VLC Media Player\VLC\vlc.exe --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"FirewallDisableNotify" = 0
"AntiVirusOverride" = 1
"FirewallOverride" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"4000:TCP" = 4000:TCP:*:Enabled:Diablo
"6112:TCP" = 6112:TCP:*:Enabled:Diablo2

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\MSN Messenger\livecall.exe" = C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone) -- File not found
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe" = C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\LimeWire\LimeWire.exe" = C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire -- (Lime Wire, LLC)
"C:\Program Files\iTunes\iTunes.exe" = C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)
"C:\Program Files\Bonjour\mDNSResponder.exe" = C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour -- (Apple Inc.)
"F:\MININT\system32\p000001\APPS\skype\phone\Skype.exe" = F:\MININT\system32\p000001\APPS\skype\phone\Skype.exe:*:Enabled:Skype -- ()
"C:\Program Files\MSN Messenger\livecall.exe" = C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone) -- File not found
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe" = C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001040C-78E1-11D2-B60F-006097C998E7}" = Microsoft Office 2000 SR-1 Professional
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{04AF207D-9A77-465A-8B76-991F6AB66245}" = Adobe Help Viewer CS3
"{0611BD4E-4FE4-4a62-B0C0-18A4CC463428}" = CP_Package_Variety1
"{065D5505-3821-4C2E-BB6C-FE66A7E7CB4F}" = USB Flash Port Driver
"{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour
"{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting
"{09984AEC-6B9F-4ca7-B78D-CB44D4771DA3}" = Destinations
"{0B1C0E32-0589-49BE-AFEE-6888ED4A4FF4}" = Analyseur XML Microsoft
"{0B33B738-AD79-4E32-90C5-E67BFB10BBFF}" = AiO_Scan
"{0C0BE8DE-7BD2-45A5-BBA4-95C9FA2CE292}" = DM_Install
"{0FA44E79-CD7D-4E8D-A2EE-26FE05F509B6}" = OpenOffice.org 3.1
"{1103112B-513D-4DEF-96B4-9889774E0118}" = Creative Zen Touch
"{121634B0-2F4A-11D3-ADA3-00C04F52DD53}" = Windows Installer Clean Up
"{121634B0-2F4B-11D3-ADA3-00C04F52DD52}" = Windows Installer Clean Up
"{1451DE6B-ABE1-4F62-BE9A-B363A17588A2}" = QuickTime
"{175B7C4A-CAF8-437A-B597-73E0D2D970FE}" = Détecteur de flux Windows Live Toolbar (Windows Live Toolbar)
"{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}" = Adobe WinSoft Linguistics Plugin
"{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}" = Microsoft XNA Framework Redistributable 3.1
"{1C139D7D-9FEA-468d-A9C8-2A6E3BDE564A}" = CP_Package_Variety3
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Outil de téléchargement Windows Live
"{212748BB-0DA5-46DE-82A1-403736DC9F27}" = MSVC80_x86
"{21657574-BD54-48A2-9450-EB03B2C7FC29}" = Sonic MyDVD
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{24D7346D-D4B4-45E8-98EA-75EC14B42DD8}" = Adobe ExtendScript Toolkit 2
"{26A24AE4-039D-4CA4-87B4-2F83216016FF}" = Java(TM) 6 Update 17
"{29B3C64A-0F93-47CD-9C54-72C0C5578487}" = Samsung PC Studio
"{29E5EA97-5F74-4A57-B8B2-D4F169117183}" = Adobe Stock Photos CS3
"{2CADCEAB-D5DA-44D6-B5FC-7DEE87AB3C0C}" = Unload
"{2E0C1913-886B-4C5C-8DAF-D1E649CE5FCC}" = Creative MediaSource
"{30C19FF2-7FBA-4d09-B9DE-1659977F64F6}" = TrayApp
"{318AB667-3230-41B5-A617-CB3BF748D371}" = iTunes
"{3248F0A8-6813-11D6-A77B-00B0D0160000}" = Java(TM) SE Runtime Environment 6
"{3248F0A8-6813-11D6-A77B-00B0D0160050}" = Java(TM) 6 Update 5
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java(TM) 6 Update 7
"{350C940c-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3585ED1C-74C5-43B0-A232-831B96A12A2B}" = Menus intelligents (Windows Live Toolbar)
"{36FDBE6E-6684-462B-AE98-9A39A1B200CC}" = HP Product Assistant
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3FA365DF-2D68-45ED-8F83-8C8A33E65143}" = Apple Application Support
"{4002F73D-EBB3-4EA1-A2FF-DBCB4529759E}" = Barre d'outils Outlook de Windows Live (Windows Live Toolbar)
"{425FFD94-36BD-4933-881B-FE0B9DADF2B7}" = Ma-Config.com
"{46ABBC54-1872-4AA3-95E2-F2C063A63F31}" = Installation Windows Live
"{48110A46-A3A4-481E-8230-7873B7F4C696}" = Nokia Software Updater
"{514DF7BB-D192-417C-BB60-58BF1FD34253}" = S500/S600 USB Driver
"{51F366F4-C2E4-429A-866A-59C885ED42FD}" = Bloqueur de fenêtres pop-up (Windows Live Toolbar)
"{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3
"{54E3707F-808E-4fd4-95C9-15D1AB077E5D}" = NewCopy
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{56F8AFC3-FA98-4ff1-9673-8A026CBF85BE}" = WebReg
"{5B79CFD1-6845-4158-9D7D-6BE89DF2C135}" = HP PSC & OfficeJet 5.3.B
"{5F82B545-AE13-45ED-A8A2-67E56F3165BC}" = Conjugaison
"{64C1FA9A-FA94-4B6E-B3E4-8573738E4AD1}" = Adobe Setup
"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6994491D-D491-48F1-AE1F-E179C1FFFC2F}" = HP Photosmart Essential
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6ABE0BEE-D572-4FE8-B434-9E72A289431B}" = Adobe Fonts All
"{6BB6627C-694F-4FDC-A3E5-C7F4BED4C724}" = DocProc
"{6CDC748B-47B0-45EB-B740-681E8429F7F9}" = Opera 10.01
"{6D4AC5A4-4CF9-4F90-8111-B9B53CE257BF}" = Adobe Color Common Settings
"{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}" = Adobe Asset Services CS3
"{73B5D990-04EA-4751-B10F-5534770B91F2}" = Adobe Color EU Recommended Settings
"{770F1BEC-2871-4E70-B837-FB8525FFA3B1}" = Windows Live Messenger
"{77A1C7DD-E4F6-4057-92FC-710219215987}" = Logitech G11 Keyboard Software 1.03
"{7850A6D2-CBEA-4728-9877-F1BEDEA9F619}" = AiOSoftware
"{7AC15160-A49B-4A89-B181-D4619C025FFF}" = Samsung Samples Installer
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{7C9B95B7-B598-4398-B30F-7F6827192E6C}" = ProductContext
"{7D1D6A24-65D4-454C-8815-4F08A5FFF12C}" = Macromedia Shockwave Player
"{802771A9-A856-4A41-ACF7-1450E523C923}" = Adobe XMP Panels CS3
"{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}" = Windows Live Call
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{868D7896-99D4-4513-BC62-2B3AD3E24926}" = TuneUp Utilities 2006
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3
"{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}" = Adobe Type Support
"{8F5A0981-5CDC-41D0-BCA2-AD3B777FC358}" = Thrustmaster FFB Driver
"{9011040C-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3
"{911B040C-6000-11D3-8CFE-0050048383C9}" = Microsoft Word 2002
"{923A7F5A-1E8C-4FBE-8DF6-85940A60A79F}" = Readme
"{924EB80F-C2BB-4B9F-8412-88BBA937393F}" = MobileMe Control Panel
"{926DEB4E-2B0A-4C5C-AE4A-BF6C06949702}" = Adobe Setup
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9541FED0-327F-4DF0-8B96-EF57EF622F19}" = Sonic RecordNow!
"{9A394342-4A68-4EBA-85A6-55B559F4E700}" = Microsoft .NET Framework 1.1 French Language Pack
"{9C7C8898-DC29-4E8B-9E77-55A77C3250F6}" = PC Connectivity Solution
"{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3
"{A195B13E-A5E3-4BAF-A995-7F70F445CD06}" = ScannerCopy
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}" = Adobe CMaps
"{A2D81E70-2A98-4A08-A628-94388B063C5E}" = Adobe Color - Photoshop Specific
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{ABD7DBE3-E344-4BCA-B8AD-4360494DD1D9}" = LG MC USB U330 driver
"{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}" = PDF Settings
"{AC76BA86-7AD7-1036-7B44-A92000000001}" = Adobe Reader 9.2 - Français
"{AC7EE5F1-0DE4-4256-8E43-92B73C8E6019}" = LG Bluetooth Drivers
"{ADA6814F-4DB9-468A-A3F0-A41E68C459EB}_is1" = ZNsoft Free 2007
"{AEC0CEBC-0FC7-4716-8222-1C4A742719B1}" = Digimax Master
"{AFD12747-7CDA-49A5-BC5F-18B90FAD6822}" = DM_Install
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0
"{B3C02EC1-A7B0-4987-9A43-8789426AAA7D}" = Adobe Setup
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{B824B5C9-849F-4b9e-9EA7-6FD8CD8116DA}" = CP_Package_Variety2
"{B996AE66-10DB-4ac5-B151-E8B4BFBC42FC}" = BufferChm
"{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}" = Adobe Default Language CS3
"{BA63612E-0458-416A-ADCD-B2349194F20F}" = Creative ZEN Nano Plus
"{BEAD39CD-901D-4267-8B8B-EAA83CB4B70D}" = Pivot Stickfigure Animator
"{BEEFC4F8-2909-48B3-AFAA-55D3533FDEDD}" = Creative MediaSource 5
"{BF794769-8875-4E01-B7BE-E00104604F4A}" = Adobe Photoshop CS3
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C4A4722E-79F9-417C-BD72-8D359A090C97}" = Samsung PC Studio
"{C506A18C-1469-4678-B094-F4EC9DAE6DB7}" = Scan
"{C92651B8-39F6-3DD5-80EF-E71D2A21DE2F}" = PicLens for Internet Explorer
"{CA83357B-931E-44DC-AD43-9996FEEB8116}" = TrueImage
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware Free Edition
"{CE24344F-DFD8-40C8-8FD8-C9740B5F25AC}" = Fax
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client
"{D137B59C-551C-4659-8AA8-206FA650BF40}" = LG USB Modem Drivers
"{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}" = Adobe PDF Library Files
"{D3116CC7-24DC-4CA3-9CE1-23FED836E9F2}" = Assistant de connexion Windows Live
"{D518AD32-C710-4616-BA0D-D4B1FA5F82E8}" = Extension de Windows Live Toolbar (Windows Live Toolbar)
"{D94BA408-F110-488B-A65E-3AE7945F79E6}_is1" = Désinst. LG PC Suite III
"{DB52432E-3AD8-41A5-A586-0F065FB6A31E}" = Game Cam
"{DCA1EA45-4F03-3842-B36A-EF5369BDD0DB}" = Cooliris for Internet Explorer
"{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}" = Adobe Color JA Extra Settings
"{E3F90083-80D4-4b5a-87C7-E97E12F5516D}" = HPProductAssistant
"{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3
"{E6DA58C0-4EC5-4F5E-B73E-2F22ED30ACFC}" = Razer Krait
"{EA103B64-C0E4-4C0E-A506-751590E1653D}" = SolutionCenter
"{EBA29752-DDD2-4B62-B2E3-9841F92A3E3A}" = Samsung PC Studio 3 USB Driver Installer
"{EC4455AB-F155-4CC1-A4C5-88F3777F9886}" = Apple Mobile Device Support
"{EE0D5DCD-2B97-4473-98DF-E93C0BD92F7A}" = Adobe Stock Photos 1.0
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F242B06B-517F-4D62-B654-16B11564A912}" = OneCare Advisor (Windows Live Toolbar)
"{F4C2E5F5-2970-45f4-ABD3-C180C4D961C4}" = Status
"{F9E3CA72-816F-3905-898C-3962A49F666A}" = Cooliris for Internet Explorer
"{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio
"{FE57DE70-95DE-4B64-9266-84DA811053DB}" = HP Update
"{FF29A7E2-FF40-4D07-B7E4-2093DE59E10A}" = Adobe Color NA Extra Settings
"7D6D030B3D73FCCA3D4E45319380F315DFBE7A54" = Package de pilotes Windows - Infineon Technologies (FlashUSB) USB (04/16/2009 1.0.0.6)
"8461-7759-5462-8226" = Vuze
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe_3e054d2218e7aa282c2369d939e58ff" = Adobe ExtendScript Toolkit 2
"Adobe_6c8e2cb4fd241c55406016127a6ab2e" = Adobe Color Common Settings
"aignesamdeadlink" = AM-DeadLink 3.3
"Ask Toolbar_is1" = Foxit Toolbar
"a-squared Free_is1" = a-squared Free 3.5
"Audacity_is1" = Audacity 1.2.6
"avast!" = avast! Antivirus
"Battle.net" = Battle.net
"CCleaner" = CCleaner
"COMODO Firewall Pro" = COMODO Firewall Pro
"Creative Jukebox Driver" = Creative Jukebox Driver
"Diablo II" = Diablo II
"EVEREST Home Edition_is1" = EVEREST Home Edition v2.20
"FastStone Capture" = FastStone Capture 4.8
"Folderico" = Folderico 3.7.2
"Foxit Reader" = Foxit Reader
"Fraps" = Fraps (remove only)
"GlobFX Space Travel" = GlobFX Space Travel
"Guild Wars" = GUILD WARS
"HijackThis" = HijackThis 2.0.2
"HP Imaging Device Functions" = HP Imaging Device Functions 5.3
"HP Solution Center & Imaging Support Tools" = HP Solution Center & Imaging Support Tools 5.3
"Infineon USB driver_is1" = Infineon USB driver 1.0.0.6
"INFORAD MANAGER_is1" = INFORAD MANAGER 3.4
"Inkscape" = Inkscape 0.46
"Karen's Directory Printer" = Karen's Directory Printer
"LimeWire" = LimeWire 5.2.13
"LogonStudio" = LogonStudio
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.5.5)" = Mozilla Firefox (3.5.5)
"Mozilla Thunderbird (2.0.0.22)" = Mozilla Thunderbird (2.0.0.22)
"MSNINST" = MSN
"Multi Virus Cleaner 2008_is1" = Multi Virus Cleaner 2008
"Multi Virus Cleaner 2009_is1" = Multi Virus Cleaner 2009
"My Drivers 3.11" = My Drivers 3.11
"MyDefrag v4.2.5_is1" = MyDefrag v4.2.5
"MyDefrag_is1" = MyDefrag v4.1.2
"NVIDIA Drivers" = NVIDIA Drivers
"PunkBusterSvc" = PunkBuster Services
"RGSS de RPG MAKER XP_is1" = RGSS de RMXP version 1.0.1
"SAMSUNG CDMA Modem" = SAMSUNG CDMA Modem Driver Set
"SAMSUNG Mobile Composite Device" = SAMSUNG Mobile Composite Device Software
"Samsung Mobile phone USB driver" = Samsung Mobile phone USB driver Software
"SAMSUNG Mobile USB Modem" = SAMSUNG Mobile USB Modem Software
"SAMSUNG Mobile USB Modem 1.0" = SAMSUNG Mobile USB Modem 1.0 Software
"Shockwave" = Shockwave
"SideWinder Precision 2" = SideWinder Precision 2
"SiS VGA Driver" = SiS VGA Utilities
"Steam App 10" = Counter-Strike
"Steam App 590" = Left 4 Dead 2 Demo
"SWIV 3D" = SWIV 3D
"SysInfo" = Creative System Information
"TRUST SPYC@M 100_is1" = TRUST SPYC@M 100
"TuneUpMedia" = TuneUp Companion 1.5.9
"Unlocker" = Unlocker 1.8.7
"ViGlance" = ViGlance
"VLC media player" = VLC media player 0.9.6
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows XP Service" = Windows XP Service Pack 3
"WinGimp-2.0_is1" = GIMP 2.6.7
"WinLiveSuite_Wave3" = Installation Windows Live
"WinRAR archiver" = Archiveur WinRAR
"YInstHelper" = Yahoo! Install Manager

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-1770633121-2185212140-2792175243-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Notification de cadeaux MSN" = Notification de cadeaux MSN

========== Last 10 Event Log Errors ==========

Error: Unable to start EventLog service!

<End>
Zoom62
 
Messages: 25
Inscription: 03 Déc 2009, 17:22
Localisation: Bruxelles

Demande aide analyse Hijackthis

Messagede Zoom62 » 04 Déc 2009, 16:21

Suite rapport OTL:

OTL logfile created on: 4/12/2009 10:05:15 - Run 1
OTL by OldTimer - Version 3.1.11.4 Folder = C:\Documents and Settings\Martine\Bureau
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.11)
Locale: 0000080C | Country: Belgique | Language: FRB | Date Format: d/MM/yyyy

1022,73 Mb Total Physical Memory | 655,99 Mb Available Physical Memory | 64,14% Memory free
3,86 Gb Paging File | 3,53 Gb Available in Paging File | 91,38% Paging File free
Paging file location(s): [Binary data over 100 bytes]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 48,98 Gb Total Space | 10,41 Gb Free Space | 21,25% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
Drive F: | 7,99 Gb Total Space | 3,53 Gb Free Space | 44,20% Space Free | Partition Type: FAT32
G: Drive not present or media not loaded
H: Drive not present or media not loaded
Drive I: | 32,23 Gb Total Space | 9,00 Gb Free Space | 27,94% Space Free | Partition Type: NTFS
Drive J: | 65,85 Gb Total Space | 34,58 Gb Free Space | 52,52% Space Free | Partition Type: NTFS
Drive M: | 31,25 Gb Total Space | 9,52 Gb Free Space | 30,47% Space Free | Partition Type: NTFS

Computer Name: Zoom
Current User Name: Martine
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2009/12/04 09:29:48 | 00,535,552 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Martine\Bureau\OTL.exe
PRC - [2009/11/20 18:10:18 | 01,800,464 | ---- | M] (COMODO) -- C:\Program Files\Comodo\Firewall\cfp.exe
PRC - [2009/11/20 18:10:05 | 00,723,632 | ---- | M] (COMODO) -- C:\Program Files\Comodo\Firewall\cmdagent.exe
PRC - [2009/10/11 04:17:36 | 00,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jusched.exe
PRC - [2009/10/11 04:17:35 | 00,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe
PRC - [2009/09/15 11:56:48 | 00,081,000 | ---- | M] (ALWIL Software) -- J:\Avast (Anti virus)\ashDisp.exe
PRC - [2009/09/15 11:56:43 | 00,138,680 | ---- | M] (ALWIL Software) -- J:\Avast (Anti virus)\ashServ.exe
PRC - [2008/11/20 13:20:54 | 00,290,088 | ---- | M] (Apple Inc.) -- C:\Program Files\iTunes\iTunesHelper.exe
PRC - [2008/11/20 13:20:44 | 00,536,872 | ---- | M] (Apple Inc.) -- C:\Program Files\iPod\bin\iPodService.exe
PRC - [2008/04/14 03:34:03 | 01,037,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe


========== Modules (SafeList) ==========

MOD - [2009/12/04 09:29:48 | 00,535,552 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Martine\Bureau\OTL.exe
MOD - [2009/12/01 09:48:34 | 00,171,552 | ---- | M] (COMODO) -- C:\WINDOWS\system32\guard32.dll
MOD - [2006/05/03 22:53:54 | 00,174,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\framedyn.dll


========== Win32 Services (SafeList) ==========

SRV - File not found -- -- (FLEXnet Licensing Service)
SRV - File not found -- -- (Diskeeper)
SRV - [2009/11/22 10:13:34 | 00,066,872 | ---- | M] () -- C:\WINDOWS\system32\PnkBstrA.exe -- (PnkBstrA)
SRV - [2009/11/20 18:10:05 | 00,723,632 | ---- | M] (COMODO) -- C:\Program Files\Comodo\Firewall\cmdagent.exe -- (cmdAgent)
SRV - [2009/10/11 04:17:35 | 00,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2009/10/01 09:05:49 | 01,858,144 | ---- | M] (Emsi Software GmbH) -- J:\Program Files\a-Squared (Scanner pc malwares)\a-squared Free\a2service.exe -- (a2free)
SRV - [2009/09/23 14:50:28 | 00,238,960 | ---- | M] (CybelSoft) -- C:\Program Files\ma-config.com\maconfservice.exe -- (maconfservice)
SRV - [2009/09/15 11:56:43 | 00,138,680 | ---- | M] (ALWIL Software) -- J:\Avast (Anti virus)\ashServ.exe -- (avast! Antivirus)
SRV - [2009/09/15 11:56:28 | 00,254,040 | ---- | M] (ALWIL Software) -- J:\Avast (Anti virus)\ashMaiSv.exe -- (avast! Mail Scanner)
SRV - [2009/09/15 11:54:13 | 00,352,920 | ---- | M] (ALWIL Software) -- J:\Avast (Anti virus)\ashWebSv.exe -- (avast! Web Scanner)
SRV - [2009/09/15 11:49:40 | 00,018,752 | ---- | M] (ALWIL Software) -- J:\Avast (Anti virus)\aswUpdSv.exe -- (aswUpdSv)
SRV - [2008/12/12 11:17:38 | 00,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe -- (Bonjour Service)
SRV - [2008/11/20 13:20:44 | 00,536,872 | ---- | M] (Apple Inc.) -- C:\Program Files\iPod\bin\iPodService.exe -- (iPod Service)
SRV - [2008/11/07 14:28:16 | 00,132,424 | ---- | M] (Apple Inc.) -- C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2008/05/30 11:32:16 | 00,572,416 | ---- | M] (Nokia.) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2008/04/14 03:34:22 | 00,033,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\snmp.exe -- (SNMP)
SRV - [2008/04/14 03:33:38 | 00,105,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\p2pgasvc.dll -- (p2pgasvc)
SRV - [2007/05/28 17:57:54 | 00,275,968 | ---- | M] (Rocket Division Software) -- J:\Kevin\Programmes Divers\Alcohol 52\StarWind\StarWindServiceAE.exe -- (StarWindServiceAE)
SRV - [2006/08/11 14:42:50 | 00,155,715 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvsvc32.exe -- (NVSvc)
SRV - [2006/04/25 19:40:50 | 00,138,504 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
SRV - [2006/01/17 16:36:56 | 00,172,032 | ---- | M] (Acronis) -- C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe -- (AcrSch2Svc)
SRV - [2005/01/28 10:11:40 | 00,024,576 | ---- | M] (Cyberlink) -- C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe -- (CyberLink Media Library Service)
SRV - [2005/01/28 10:11:14 | 00,110,682 | ---- | M] () -- c:\APPS\Powercinema\Kernel\TV\CLSched.exe -- (CLSched) CyberLink Task Scheduler (CTS)
SRV - [2005/01/28 10:11:10 | 00,176,220 | ---- | M] () -- c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe -- (CLCapSvc) CyberLink Background Capture Service (CBCS)
SRV - [2005/01/07 11:01:52 | 00,049,152 | ---- | M] () -- c:\APPS\HIDSERVICE\HidService.exe -- (GenericHidService)
SRV - [2004/10/22 02:24:18 | 00,073,728 | ---- | M] (Macrovision Corporation) -- C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe -- (IDriverT)
SRV - [2004/09/29 11:14:36 | 00,069,632 | ---- | M] (HP) -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12)
SRV - [2004/08/05 13:00:00 | 00,019,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\tcpsvcs.exe -- (SimpTcp)
SRV - [2004/08/05 13:00:00 | 00,019,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\tcpsvcs.exe -- (LPDSVC)
SRV - [2003/06/19 22:25:00 | 00,322,120 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe -- (MDM)
SRV - [1999/12/13 02:01:00 | 00,044,032 | ---- | M] (Creative Technology Ltd) -- C:\WINDOWS\system32\CTSVCCDA.EXE -- (Creative Service for CDROM Access)


========== Driver Services (SafeList) ==========

DRV - [2009/12/01 09:48:31 | 00,133,064 | ---- | M] (COMODO) -- C:\WINDOWS\system32\drivers\cmdguard.sys -- (cmdGuard)
DRV - [2009/11/24 15:24:27 | 00,721,904 | ---- | M] () -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2009/11/24 15:18:04 | 00,223,128 | ---- | M] (DT Soft Ltd.) -- C:\WINDOWS\System32\Drivers\dtscsi.sys -- (dtscsi)
DRV - [2009/11/20 18:11:05 | 00,087,104 | ---- | M] (COMODO) -- C:\WINDOWS\System32\DRIVERS\inspect.sys -- (Inspect)
DRV - [2009/11/20 18:11:04 | 00,025,160 | ---- | M] (COMODO) -- C:\WINDOWS\system32\drivers\cmdhlp.sys -- (cmdHlp)
DRV - [2009/10/03 06:14:17 | 00,074,480 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) -- J:\Program Files\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2009/09/29 08:11:22 | 00,012,160 | ---- | M] (LG Electronics Inc.) -- C:\WINDOWS\system32\drivers\lgbtport.sys -- (LgBttPort)
DRV - [2009/09/29 08:11:20 | 00,012,928 | ---- | M] (LG Electronics Inc.) -- C:\WINDOWS\system32\drivers\lgvmodem.sys -- (LGVMODEM)
DRV - [2009/09/29 08:11:20 | 00,010,496 | ---- | M] (LG Electronics Inc.) -- C:\WINDOWS\system32\drivers\lgbtbus.sys -- (lgbusenum)
DRV - [2009/09/23 14:53:20 | 00,014,336 | ---- | M] (CybelSoft) -- C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys -- (driverhardwarev2)
DRV - [2009/09/15 11:56:14 | 00,094,160 | ---- | M] (ALWIL Software) -- C:\WINDOWS\system32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2009/09/15 11:55:30 | 00,114,768 | ---- | M] (ALWIL Software) -- C:\WINDOWS\system32\drivers\aswSP.sys -- (aswSP)
DRV - [2009/09/15 11:55:19 | 00,020,560 | ---- | M] (ALWIL Software) -- C:\WINDOWS\system32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2009/09/15 11:54:30 | 00,052,368 | ---- | M] (ALWIL Software) -- C:\WINDOWS\system32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2009/09/15 11:54:21 | 00,023,152 | ---- | M] (ALWIL Software) -- C:\WINDOWS\system32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2009/09/15 11:53:24 | 00,027,408 | ---- | M] (ALWIL Software) -- C:\WINDOWS\system32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2009/08/21 02:08:00 | 00,024,960 | ---- | M] (LG Electronics Inc.) -- C:\WINDOWS\system32\drivers\lgusbmodem.sys -- (USBModem)
DRV - [2009/08/21 02:08:00 | 00,020,864 | ---- | M] (LG Electronics Inc.) -- C:\WINDOWS\system32\drivers\lgusbdiag.sys -- (UsbDiag)
DRV - [2009/08/21 02:08:00 | 00,013,056 | ---- | M] (LG Electronics Inc.) -- C:\WINDOWS\system32\drivers\lgusbbus.sys -- (usbbus)
DRV - [2009/06/09 05:58:56 | 00,033,536 | ---- | M] (Advanced Card Systems Ltd) -- C:\WINDOWS\system32\drivers\a38usb.sys -- (ACSSCR)
DRV - [2009/03/30 05:21:18 | 00,009,968 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) -- J:\Program Files\SASDIFSV.SYS -- (SASDIFSV)
DRV - [2009/01/07 07:30:58 | 00,005,632 | ---- | M] () -- C:\WINDOWS\system32\drivers\StarOpen.sys -- (StarOpen)
DRV - [2008/09/24 11:29:25 | 00,029,184 | ---- | M] (Elaborate Bytes AG) -- C:\WINDOWS\system32\drivers\VClone.sys -- (VClone)
DRV - [2008/07/21 13:11:58 | 00,024,392 | ---- | M] (Elaborate Bytes AG) -- C:\WINDOWS\system32\drivers\ElbyCDIO.sys -- (ElbyCDIO)
DRV - [2008/06/20 12:08:27 | 00,225,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\tcpip6.sys -- (Tcpip6)
DRV - [2008/04/17 13:12:54 | 00,015,464 | ---- | M] (GEAR Software Inc.) -- C:\WINDOWS\system32\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV - [2008/04/14 02:57:14 | 00,032,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\wceusbsh.sys -- (wceusbsh)
DRV - [2008/04/13 19:45:32 | 00,059,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\gckernel.sys -- (GcKernel)
DRV - [2008/04/13 19:45:12 | 00,060,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\usbaudio.sys -- (usbaudio) Pilote USB audio (WDM)
DRV - [2008/04/13 19:36:39 | 00,043,008 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\WINDOWS\system32\DRIVERS\amdagp.sys -- (amdagp)
DRV - [2007/11/13 11:25:54 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\WINDOWS\system32\drivers\secdrv.sys -- (Secdrv)
DRV - [2007/09/17 14:53:26 | 00,021,632 | ---- | M] (Nokia) -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2007/04/15 16:26:31 | 00,249,152 | ---- | M] (Acronis) -- C:\WINDOWS\system32\DRIVERS\timntr.sys -- (timounter)
DRV - [2007/04/15 16:26:31 | 00,030,688 | ---- | M] (Acronis) -- C:\WINDOWS\system32\drivers\tifsfilt.sys -- (tifsfilter)
DRV - [2007/04/15 16:26:27 | 00,096,320 | ---- | M] (Acronis) -- C:\WINDOWS\system32\DRIVERS\snapman.sys -- (snapman)
DRV - [2007/03/08 00:51:00 | 00,043,528 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\System32\Drivers\PxHelp20.sys -- (PxHelp20)
DRV - [2007/01/25 15:37:16 | 04,027,456 | R--- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS -- (ALCXWDM) Service for Realtek AC97 Audio (WDM)
DRV - [2006/09/13 20:23:13 | 00,076,560 | ---- | M] (Trend Micro Inc.) -- C:\WINDOWS\system32\drivers\tmcomm.sys -- (tmcomm)
DRV - [2006/08/11 14:42:42 | 03,958,496 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2006/02/16 16:51:08 | 00,004,096 | R--- | M] (SuperAdBlocker, Inc.) -- J:\Program Files\SASENUM.SYS -- (SASENUM)
DRV - [2005/12/07 16:27:52 | 00,013,324 | ---- | M] (Razer (Asia-Pacific) Pte Ltd) -- C:\WINDOWS\system32\drivers\krait.sys -- (krait03)
DRV - [2005/11/03 15:40:07 | 00,063,488 | ---- | M] (Protection Technology) -- C:\WINDOWS\System32\drivers\sfvfs02.sys -- (sfvfs02) StarForce Protection VFS Driver (version 2.x)
DRV - [2005/08/30 17:59:00 | 00,094,000 | ---- | M] (MCCI) -- C:\WINDOWS\system32\drivers\ss_mdm.sys -- (ss_mdm)
DRV - [2005/08/30 17:58:56 | 00,008,304 | ---- | M] (MCCI) -- C:\WINDOWS\system32\drivers\ss_mdfl.sys -- (ss_mdfl)
DRV - [2005/08/30 17:57:18 | 00,058,320 | ---- | M] (MCCI) -- C:\WINDOWS\system32\drivers\ss_bus.sys -- (ss_bus) SAMSUNG Mobile USB Device 1.0 driver (WDM)
DRV - [2005/08/10 13:44:04 | 00,050,688 | ---- | M] (Protection Technology) -- C:\WINDOWS\System32\drivers\sfdrv01.sys -- (sfdrv01) StarForce Protection Environment Driver (version 1.x)
DRV - [2005/05/16 14:20:39 | 00,006,656 | ---- | M] (Protection Technology) -- C:\WINDOWS\System32\drivers\sfhlp02.sys -- (sfhlp02) StarForce Protection Helper Driver (version 2.x)
DRV - [2005/03/08 05:43:27 | 00,021,744 | R--- | M] (HP) -- C:\WINDOWS\system32\drivers\HPZius12.sys -- (HPZius12)
DRV - [2005/03/08 05:43:26 | 00,016,496 | R--- | M] (HP) -- C:\WINDOWS\system32\drivers\HPZipr12.sys -- (HPZipr12)
DRV - [2005/03/08 05:43:25 | 00,051,120 | R--- | M] (HP) -- C:\WINDOWS\system32\drivers\HPZid412.sys -- (HPZid412)
DRV - [2005/01/04 16:46:14 | 00,013,184 | ---- | M] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\system32\drivers\srvkp.sys -- (SiSkp)
DRV - [2005/01/04 16:01:48 | 00,239,104 | ---- | M] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\system32\drivers\sisgrp.sys -- (SiS315)
DRV - [2004/12/02 15:36:08 | 00,070,912 | ---- | M] (Realtek Semiconductor Corporation ) -- C:\WINDOWS\system32\drivers\Rtlnicxp.sys -- (RTL8023xp)
DRV - [2004/09/03 12:43:00 | 00,046,464 | ---- | M] (Silicon Integrated Systems) -- C:\WINDOWS\system32\DRIVERS\SiSRaid.sys -- (SiSRaid)
DRV - [2004/08/05 13:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) -- C:\WINDOWS\system32\drivers\ptilink.sys -- (Ptilink)
DRV - [2004/08/03 21:41:40 | 00,013,776 | ---- | M] (Smart Link) -- C:\WINDOWS\system32\drivers\RecAgent.sys -- (RecAgent)
DRV - [2004/06/28 14:08:56 | 00,042,752 | ---- | M] (Prolific Technology Inc.) -- C:\WINDOWS\system32\drivers\ser2pl.sys -- (Ser2pl)
DRV - [2004/05/18 00:25:00 | 00,016,880 | ---- | M] (Creative Technology Ltd.) -- C:\WINDOWS\system32\drivers\ctpdusb.sys -- (Jukebox3)
DRV - [2004/05/05 22:15:04 | 00,004,228 | ---- | M] (PowerQuest Corporation) -- C:\WINDOWS\system32\drivers\PQNTDRV.sys -- (PQNTDrv)
DRV - [2003/11/28 10:46:44 | 00,070,632 | ---- | M] (Windows (R) 2000 DDK provider) -- C:\WINDOWS\system32\drivers\toywdm.sys -- (JL2005)
DRV - [2003/08/20 16:34:50 | 00,548,952 | ---- | M] ( ) -- C:\WINDOWS\system32\drivers\slntamr.sys -- (Slntamr)
DRV - [2003/07/16 11:30:26 | 00,221,736 | ---- | M] ( ) -- C:\WINDOWS\system32\drivers\mtlmnt5.sys -- (Mtlmnt5)
DRV - [2003/07/02 15:26:36 | 01,301,128 | ---- | M] ( ) -- C:\WINDOWS\system32\drivers\mtlstrm.sys -- (Mtlstrm)
DRV - [2003/07/02 15:24:36 | 00,086,128 | ---- | M] ( ) -- C:\WINDOWS\system32\drivers\slnthal.sys -- (SlNtHal)
DRV - [2003/07/02 15:12:52 | 00,039,348 | ---- | M] (Vireo Software) -- C:\WINDOWS\system32\drivers\slwdmsup.sys -- (SlWdmSup)
DRV - [2003/07/02 14:57:10 | 00,167,384 | ---- | M] ( ) -- C:\WINDOWS\system32\drivers\ntmtlfax.sys -- (NtMtlFax)
DRV - [2001/08/23 16:20:50 | 00,006,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\serscan.sys -- (StillCam)
DRV - [2001/08/23 16:04:44 | 00,006,656 | ---- | M] (CMD Technology, Inc.) -- C:\WINDOWS\system32\DRIVERS\cmdide.sys -- (CmdIde)
DRV - [2001/08/17 21:07:44 | 00,019,072 | ---- | M] (Adaptec, Inc.) -- C:\WINDOWS\system32\DRIVERS\sparrow.sys -- (Sparrow)
DRV - [2001/08/17 21:07:42 | 00,030,688 | ---- | M] (LSI Logic) -- C:\WINDOWS\system32\DRIVERS\sym_u3.sys -- (sym_u3)
DRV - [2001/08/17 21:07:40 | 00,028,384 | ---- | M] (LSI Logic) -- C:\WINDOWS\system32\DRIVERS\sym_hi.sys -- (sym_hi)
DRV - [2001/08/17 21:07:36 | 00,032,640 | ---- | M] (LSI Logic) -- C:\WINDOWS\system32\DRIVERS\symc8xx.sys -- (symc8xx)
DRV - [2001/08/17 21:07:34 | 00,016,256 | ---- | M] (Symbios Logic Inc.) -- C:\WINDOWS\system32\DRIVERS\symc810.sys -- (symc810)
DRV - [2001/08/17 21:02:50 | 00,002,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\HIDSwvd.sys -- (HIDSwvd)
DRV - [2001/08/17 20:52:22 | 00,036,736 | ---- | M] (Promise Technology, Inc.) -- C:\WINDOWS\system32\DRIVERS\ultra.sys -- (ultra)
DRV - [2001/08/17 20:52:20 | 00,045,312 | ---- | M] (QLogic Corporation) -- C:\WINDOWS\system32\DRIVERS\ql12160.sys -- (ql12160)
DRV - [2001/08/17 20:52:20 | 00,040,320 | ---- | M] (QLogic Corporation) -- C:\WINDOWS\system32\DRIVERS\ql1080.sys -- (ql1080)
DRV - [2001/08/17 20:52:18 | 00,049,024 | ---- | M] (QLogic Corporation) -- C:\WINDOWS\system32\DRIVERS\ql1280.sys -- (ql1280)
DRV - [2001/08/17 20:52:16 | 00,179,584 | ---- | M] (Mylex Corporation) -- C:\WINDOWS\system32\DRIVERS\dac2w2k.sys -- (dac2w2k)
DRV - [2001/08/17 20:52:12 | 00,017,280 | ---- | M] (American Megatrends Inc.) -- C:\WINDOWS\system32\DRIVERS\mraid35x.sys -- (mraid35x)
DRV - [2001/08/17 20:52:00 | 00,026,496 | ---- | M] (Advanced System Products, Inc.) -- C:\WINDOWS\system32\DRIVERS\asc.sys -- (asc)
DRV - [2001/08/17 20:51:58 | 00,014,848 | ---- | M] (Advanced System Products, Inc.) -- C:\WINDOWS\system32\DRIVERS\asc3550.sys -- (asc3550)
DRV - [2001/08/17 20:51:56 | 00,005,248 | ---- | M] (Acer Laboratories Inc.) -- C:\WINDOWS\system32\DRIVERS\aliide.sys -- (AliIde)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.01net.com/http://www.01men.com/ [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.01net.com/http://www.01men.com/ [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com


IE - HKU\.DEFAULT\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


IE - HKU\S-1-5-21-1770633121-2185212140-2792175243-1007\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\S-1-5-21-1770633121-2185212140-2792175243-1007\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-1770633121-2185212140-2792175243-1007\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Live Search
IE - HKU\S-1-5-21-1770633121-2185212140-2792175243-1007\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKU\S-1-5-21-1770633121-2185212140-2792175243-1007\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.be/
IE - HKU\S-1-5-21-1770633121-2185212140-2792175243-1007\S-1-5-21-1770633121-2185212140-2792175243-1007\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1770633121-2185212140-2792175243-1007\S-1-5-21-1770633121-2185212140-2792175243-1007\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Bing"
FF - prefs.js..browser.search.defaulturl: "http://www.bing.com/search?FORM=MIMWA5&q="
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.igoogle.fr"
FF - prefs.js..extensions.enabledItems: fr@dictionaries.addons.mozilla.org:2.1
FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.6.5
FF - prefs.js..extensions.enabledItems: {582195F5-92E7-40a0-A127-DB71295901D7}:0.5.7.5
FF - prefs.js..extensions.enabledItems: imdldb@p4ul.info:1.0
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {84b24861-62f6-364b-eba5-2e5e2061d7e6}:0.9.2
FF - prefs.js..extensions.enabledItems: {07b2a769-ed19-4483-87ce-c643914c81bb}:3.0.0.62
FF - prefs.js..keyword.URL: "http://www.bing.com/search?FORM=MIMWA5&q="


FF - HKLM\software\mozilla\Mozilla Firefox 3.5.5\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2009/12/03 10:57:46 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.5\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2009/12/04 09:46:52 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 2.0.0.22\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2009/12/03 10:57:46 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 2.0.0.22\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins [2009/12/04 09:46:53 | 00,000,000 | ---D | M]

[2009/08/29 11:46:11 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Martine\Application Data\Mozilla\Extensions
[2009/08/29 11:46:11 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Martine\Application Data\Mozilla\Extensions\mozswing@mozswing.org
[2009/12/04 08:30:32 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Martine\Application Data\Mozilla\Firefox\Profiles\yt3vnwpd.default\extensions
[2009/09/14 06:54:29 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Martine\Application Data\Mozilla\Firefox\Profiles\yt3vnwpd.default\extensions\{07b2a769-ed19-4483-87ce-c643914c81bb}
[2009/12/03 17:18:42 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Martine\Application Data\Mozilla\Firefox\Profiles\yt3vnwpd.default\extensions\{27c60876-b5c9-4335-b4f3-52b26782220c}
[2009/10/22 05:36:33 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Martine\Application Data\Mozilla\Firefox\Profiles\yt3vnwpd.default\extensions\{582195F5-92E7-40a0-A127-DB71295901D7}
[2009/07/28 06:25:03 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Martine\Application Data\Mozilla\Firefox\Profiles\yt3vnwpd.default\extensions\{84b24861-62f6-364b-eba5-2e5e2061d7e6}
[2009/11/29 21:01:37 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Martine\Application Data\Mozilla\Firefox\Profiles\yt3vnwpd.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2009/08/26 06:12:07 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Martine\Application Data\Mozilla\Firefox\Profiles\yt3vnwpd.default\extensions\fr@dictionaries.addons.mozilla.org
[2009/10/20 06:09:35 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Martine\Application Data\Mozilla\Firefox\Profiles\yt3vnwpd.default\extensions\imdldb@p4ul.info
[2008/08/24 12:44:48 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Martine\Application Data\Mozilla\Firefox\Profiles\yt3vnwpd.default\extensions\piclens@cooliris(2).com
[2008/08/24 12:44:48 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Martine\Application Data\Mozilla\Firefox\Profiles\yt3vnwpd.default\extensions\piclens@cooliris.com
[2008/08/24 12:44:48 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Martine\Application Data\Mozilla\Firefox\Profiles\yt3vnwpd.default\extensions\piclens@cooliris.com-trash
[2009/09/12 08:34:08 | 00,002,172 | ---- | M] () -- C:\Documents and Settings\Martine\Application Data\Mozilla\Firefox\Profiles\yt3vnwpd.default\searchplugins\bing.xml
[2009/01/26 06:25:40 | 00,015,292 | ---- | M] () -- C:\Documents and Settings\Martine\Application Data\Mozilla\Firefox\Profiles\yt3vnwpd.default\searchplugins\wikia-search.xml
[2009/01/26 06:25:53 | 00,001,032 | ---- | M] () -- C:\Documents and Settings\Martine\Application Data\Mozilla\Firefox\Profiles\yt3vnwpd.default\searchplugins\wikipedia-eng.xml
[2009/12/04 08:30:32 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2009/08/14 14:02:38 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2008/02/27 14:24:51 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA}
[2008/10/01 15:29:01 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\talkback@mozilla(2).org
[2008/11/22 08:45:10 | 00,056,576 | ---- | M] (Foxit Software Company) -- C:\Program Files\Mozilla Firefox\plugins\npFoxitReaderPlugin.dll
[2008/03/20 17:06:50 | 00,454,656 | ---- | M] (StoneTrip) -- C:\Program Files\Mozilla Firefox\plugins\npSton3D.dll
[2007/03/10 00:16:44 | 00,189,496 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npyaxmpb.dll
[2009/08/26 06:11:27 | 00,001,516 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazon-france.xml
[2009/08/26 06:11:27 | 00,001,822 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\cnrtl-tlfi-fr.xml
[2009/08/26 06:11:27 | 00,000,757 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-france.xml
[2006/09/10 12:35:08 | 00,000,748 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\MediaDICO-fr.xml
[2009/08/26 06:11:27 | 00,001,426 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-fr.xml
[2009/08/26 06:11:27 | 00,000,652 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-france.xml

O1 HOSTS File: (792 bytes) - C:\WINDOWS\system32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (AskBar BHO) - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll (Ask.com)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Programme d'aide de l'Assistant de connexion Windows Live) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (no name) - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - No CLSID value found.
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O2 - BHO: (no name) - {EAEE5C74-6D0D-4aca-9232-0DA4A7B866BA} - C:\Program Files\PicLensIE\cooliris.dll (Cooliris Inc.)
O2 - BHO: (no name) - {F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Foxit Toolbar) - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll (Ask.com)
O3 - HKLM\..\Toolbar: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA} - No CLSID value found.
O3 - HKU\S-1-5-21-1770633121-2185212140-2792175243-1007\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O3 - HKU\S-1-5-21-1770633121-2185212140-2792175243-1007\..\Toolbar\ShellBrowser: (no name) - {ECDEE021-0D17-467F-A1FF-C7A115230949} - No CLSID value found.
O3 - HKU\S-1-5-21-1770633121-2185212140-2792175243-1007\..\Toolbar\WebBrowser: (no name) - {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - No CLSID value found.
O3 - HKU\S-1-5-21-1770633121-2185212140-2792175243-1007\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\S-1-5-21-1770633121-2185212140-2792175243-1007\..\Toolbar\WebBrowser: (Foxit Toolbar) - {3041D03E-FD4B-44E0-B742-2D9B88305F98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll (Ask.com)
O4 - HKLM..\Run: [Adobe ARM] C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avast!] J:\Avast (Anti virus)\ashDisp.exe (ALWIL Software)
O4 - HKLM..\Run: [COMODO Firewall Pro] C:\Program Files\Comodo\Firewall\cfp.exe (COMODO)
O4 - HKLM..\Run: [COMODO Internet Security] C:\Program Files\Comodo\Firewall\cfp.exe (COMODO)
O4 - HKLM..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)
O4 - HKLM..\Run: [QuickTime Task] J:\Program Files\Quicktime (vidéo)\QTTask.exe (Apple Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - Startup: C:\Documents and Settings\Default User\Menu Démarrer\Programmes\Démarrage\desktop(2).ini ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: BackupNoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra Button: Launch Cooliris - {3437D640-C91A-458f-89F5-B9095EA4C28B} - C:\Program Files\PicLensIE\cooliris.dll (Cooliris Inc.)
O9 - Extra 'Tools' menuitem : Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKU\.DEFAULT\..Trusted Domains: 110 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKU\S-1-5-18\..Trusted Domains: 110 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKU\S-1-5-20\..Trusted Domains: 110 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKU\S-1-5-21-1770633121-2185212140-2792175243-1007\..Trusted Domains: 22 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} http://messenger.zone.msn.com/binary/ms ... b31267.cab (Reg Error: Key error.)
O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} http://www.creative.com/su/ocx/15015/CTSUEng.cab (Reg Error: Key error.)
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} http://messenger.zone.msn.com/binary/Me ... b31267.cab (Reg Error: Key error.)
O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} http://housecall65.trendmicro.com/house ... hcImpl.cab (Trend Micro ActiveX Scan Agent 6.6)
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} http://messenger.zone.msn.com/binary/Mi ... b31267.cab (Reg Error: Key error.)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\Yinsthelper.dll (Installation Support)
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} http://gfx2.hotmail.com/mail/w3/pr01/re ... NPUpld.cab (MSN Photo Upload Tool)
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} http://messenger.zone.msn.com/FR-BE/a-U ... E_UNO1.cab (UnoCtrl Class)
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} http://bitdefender.bwm-mediasoft.com/scan8/oscan8.cab (BDSCANONLINE Control)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://www.update.microsoft.com/microso ... 5285014078 (WUWebControl Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.microsoft.com/microso ... 5284983656 (MUWebControl Class)
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} http://a840.g.akamai.net/7/840/537/2005 ... scan53.cab (Reg Error: Key error.)
O16 - DPF: {80DD2229-B8E4-4C77-B72F-F22972D723EA} http://www.inoculer.com/antivirus/Msie/bitdefender.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} http://messenger.zone.msn.com/binary/Me ... b31267.cab (Reg Error: Key error.)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/fl ... rashim.cab (Reg Error: Key error.)
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} http://messenger.zone.msn.com/binary/ZI ... b56649.cab (Reg Error: Key error.)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zone.msn.com/binary/Me ... b56907.cab (MessengerStatsClient Class)
O16 - DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} http://download.mcafee.com/molbin/iss-l ... cfscan.cab (McFreeScan Class)
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} http://www.creative.com/su/ocx/15023/CTPID.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Fichiers communs\Microsoft Shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files\Fichiers communs\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Fichiers communs\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\WINDOWS\system32\guard32.dll) - C:\WINDOWS\system32\guard32.dll (COMODO)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UIHost - (C:\WINDOWS\system32\logonuiX.exe) - C:\WINDOWS\system32\logonuiX.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - J:\Program Files\SASWINLO.DLL - J:\Program Files\SASWINLO.DLL (SUPERAntiSpyware.com)
O24 - Desktop Components:0 (Ma page d'accueil) - About:Home
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - J:\Program Files\SASSEH.DLL (SuperAdBlocker.com)
O30 - LSA: Authentication Packages - (relog_ap) - C:\WINDOWS\System32\relog_ap.dll (Acronis)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2005/10/18 20:02:16 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2003/04/10 09:24:34 | 00,004,398 | ---- | M] () - F:\AUTOEXEC.BAT -- [ FAT32 ]
O33 - MountPoints2\{04ce4956-de82-11da-80bd-0013d43f8306}\Shell\Open(0)\command - "" = H:\Recycled\ctfmon.exe -- File not found
O33 - MountPoints2\{05558724-e297-11da-80c1-0013d43f8306}\Shell - "" = AutoRun
O33 - MountPoints2\{05558724-e297-11da-80c1-0013d43f8306}\Shell\AutoRun\command - "" = L:\load.exe -- File not found
O33 - MountPoints2\{4799e98f-3d81-11db-8165-0013d43f8306}\Shell - "" = AutoRun
O33 - MountPoints2\{8e5df0df-d720-11dc-b218-0013d43f8306}\Shell\Open(0)\command - "" = H:\Recycled\ctfmon.exe -- File not found
O33 - MountPoints2\{baa59ac6-f012-11da-80e0-0013d43f8306}\Shell - "" = AutoRun
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (*) - File not found
O35 - comfile [open] -- "%1" %*
O35 - exefile [open] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2009/12/04 09:29:45 | 00,535,552 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Martine\Bureau\OTL.exe
[2009/12/04 06:58:00 | 00,000,000 | ---D | C] -- C:\Program Files\ma-config.com
[2009/12/04 06:58:00 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\ma-config.com
[2009/12/03 16:32:42 | 00,000,000 | -HSD | C] -- C:\Documents and Settings\Martine\Recent
[2009/11/24 15:39:15 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Nero
[2009/11/24 15:39:12 | 00,000,000 | ---D | C] -- C:\Program Files\Fichiers communs\Nero
[2009/11/24 15:18:04 | 00,223,128 | ---- | C] (DT Soft Ltd.) -- C:\WINDOWS\System32\drivers\dtscsi.sys
[2009/11/17 09:30:17 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Martine\.thumbnails
[2009/11/17 09:06:21 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Martine\.gimp-2.6
[2009/11/17 09:06:20 | 00,000,000 | ---D | C] -- J:\1-Divers documents (Martine-Guy)\gegl-0.0
[2009/11/16 06:38:27 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Martine\Local Settings\Application Data\Karen's Power Tools
[2009/11/16 06:37:23 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Karen's Power Tools
[2009/11/14 21:49:16 | 00,000,000 | ---D | C] -- J:\1-Divers documents (Martine-Guy)\LG Electronics
[2009/11/14 21:47:01 | 01,164,728 | ---- | C] (NuMedia Soft, Inc.) -- C:\WINDOWS\System32\NMSDVDXU.dll
[2009/11/14 21:47:01 | 00,630,784 | ---- | C] (ComponentOne) -- C:\WINDOWS\System32\vsflex8u.ocx
[2009/11/14 21:47:01 | 00,419,240 | ---- | C] (VideoSoft) -- C:\WINDOWS\System32\Vsflex7L.ocx
[2009/11/14 21:47:01 | 00,244,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\Msflxgrd.ocx
[2009/11/14 21:46:54 | 00,000,000 | -H-D | C] -- C:\Documents and Settings\Martine\Application Data\{D94BA408-F110-488B-A65E-3AE7945F79E6}
[2009/11/14 20:27:15 | 00,016,896 | ---- | C] (Danish Wireless Design A/S) -- C:\WINDOWS\System32\drivers\FlashUsb.sys
[2009/11/14 20:27:15 | 00,000,000 | ---D | C] -- C:\Program Files\infineon
[2009/11/14 20:24:43 | 00,013,056 | ---- | C] (LG Electronics Inc.) -- C:\WINDOWS\System32\drivers\lgusbbus.sys
[2009/11/14 20:18:47 | 00,000,000 | ---D | C] -- C:\GB220
[2009/11/14 14:56:21 | 00,000,000 | ---D | C] -- C:\Program Files\LG Electronics
[2009/11/14 14:55:46 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Martine\Application Data\LG Electronics
[2009/11/14 14:22:27 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\LGMOBILEAX
[2009/11/14 08:21:53 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Martine\Application Data\ViGlance
[2009/11/14 08:21:52 | 00,000,000 | ---D | C] -- C:\Program Files\ViGlance
[2009/11/10 23:08:24 | 00,094,208 | ---- | C] (Apple Inc.) -- C:\WINDOWS\System32\QuickTimeVR.qtx
[2009/11/10 23:08:24 | 00,069,632 | ---- | C] (Apple Inc.) -- C:\WINDOWS\System32\QuickTime.qts
[2009/11/08 17:59:28 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Martine\Application Data\gtk-2.0
[2009/11/07 19:56:27 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Martine\Application Data\Inkscape
[2005/07/24 16:07:01 | 00,014,976 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\winddx.sys
[1979/12/31 23:00:00 | 01,301,128 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\mtlstrm.sys
[1979/12/31 23:00:00 | 00,548,952 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\slntamr.sys
[1979/12/31 23:00:00 | 00,221,736 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\mtlmnt5.sys
[1979/12/31 23:00:00 | 00,167,384 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\ntmtlfax.sys
[1979/12/31 23:00:00 | 00,086,128 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\slnthal.sys
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2009/12/04 09:50:32 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009/12/04 09:48:49 | 11,272,192 | ---- | M] () -- C:\Documents and Settings\Martine\ntuser.dat
[2009/12/04 09:48:39 | 08,342,670 | -H-- | M] () -- C:\Documents and Settings\Martine\Local Settings\Application Data\IconCache.db
[2009/12/04 09:46:53 | 00,001,732 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Adobe Reader 9.lnk
[2009/12/04 09:29:48 | 00,535,552 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Martine\Bureau\OTL.exe
[2009/12/03 20:44:29 | 00,000,284 | -HS- | M] () -- C:\Documents and Settings\Martine\ntuser.ini
[2009/12/03 16:14:06 | 00,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2009/12/03 16:13:56 | 00,019,160 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2009/12/03 11:15:01 | 00,002,341 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\iTunes.lnk
[2009/12/03 10:57:29 | 00,001,518 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\QuickTime Player.lnk
[2009/12/03 08:08:13 | 00,000,919 | ---- | M] () -- C:\WINDOWS\win.ini
[2009/12/03 08:08:13 | 00,000,456 | -HS- | M] () -- C:\boot.ini
[2009/12/03 08:08:13 | 00,000,256 | ---- | M] () -- C:\WINDOWS\system.ini
[2009/12/02 08:26:10 | 00,000,666 | ---- | M] () -- C:\Documents and Settings\Martine\Bureau\CCleaner.lnk
[2009/12/01 09:48:34 | 00,171,552 | ---- | M] (COMODO) -- C:\WINDOWS\System32\guard32.dll
[2009/12/01 09:48:31 | 00,133,064 | ---- | M] (COMODO) -- C:\WINDOWS\System32\drivers\cmdguard.sys
[2009/11/29 19:34:59 | 00,034,304 | ---- | M] () -- C:\Documents and Settings\Martine\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/11/24 16:23:58 | 00,098,304 | ---- | M] (Sony DADC Austria AG.) -- C:\WINDOWS\System32\CmdLineExt.dll
[2009/11/24 15:24:27 | 00,721,904 | ---- | M] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2009/11/24 15:18:04 | 00,223,128 | ---- | M] (DT Soft Ltd.) -- C:\WINDOWS\System32\drivers\dtscsi.sys
[2009/11/24 11:04:28 | 00,001,508 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Vuze.lnk
[2009/11/22 10:13:34 | 00,066,872 | ---- | M] () -- C:\WINDOWS\System32\PnkBstrA.exe
[2009/11/21 07:17:34 | 00,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2009/11/20 18:11:05 | 00,087,104 | ---- | M] (COMODO) -- C:\WINDOWS\System32\drivers\inspect.sys
[2009/11/20 18:11:04 | 00,025,160 | ---- | M] (COMODO) -- C:\WINDOWS\System32\drivers\cmdhlp.sys
[2009/11/20 09:25:55 | 00,000,218 | ---- | M] () -- C:\Documents and Settings\Martine\.recently-used.xbel
[2009/11/19 06:56:45 | 00,000,653 | ---- | M] () -- C:\Documents and Settings\Martine\Bureau\37g86v47.exe.lnk
[2009/11/17 09:06:11 | 00,000,743 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\GIMP 2.lnk
[2009/11/17 07:49:45 | 00,002,551 | ---- | M] () -- C:\Documents and Settings\Martine\Bureau\Microsoft Word.lnk
[2009/11/14 21:47:17 | 00,000,910 | ---- | M] () -- C:\Documents and Settings\Martine\Bureau\LG PC Suite III.lnk
[2009/11/14 20:28:29 | 00,002,412 | ---- | M] () -- C:\WINDOWS\System32\lgAxconfig.ini
[2009/11/14 20:10:00 | 00,046,952 | ---- | M] () -- C:\WINDOWS\System32\GDIPFONTCACHEV1.DAT
[2009/11/14 15:16:00 | 00,203,272 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009/11/13 23:33:26 | 00,003,105 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2009/11/10 23:08:24 | 00,094,208 | ---- | M] (Apple Inc.) -- C:\WINDOWS\System32\QuickTimeVR.qtx
[2009/11/10 23:08:24 | 00,069,632 | ---- | M] (Apple Inc.) -- C:\WINDOWS\System32\QuickTime.qts
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2009/12/04 09:46:53 | 00,001,732 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Adobe Reader 9.lnk
[2009/12/03 11:15:01 | 00,002,341 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\iTunes.lnk
[2009/12/03 10:57:29 | 00,001,518 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\QuickTime Player.lnk
[2009/11/20 09:25:55 | 00,000,218 | ---- | C] () -- C:\Documents and Settings\Martine\.recently-used.xbel
[2009/11/19 06:56:51 | 00,000,653 | ---- | C] () -- C:\Documents and Settings\Martine\Bureau\37g86v47.exe.lnk
[2009/11/17 09:06:11 | 00,000,743 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\GIMP 2.lnk
[2009/11/14 21:47:17 | 00,000,910 | ---- | C] () -- C:\Documents and Settings\Martine\Bureau\LG PC Suite III.lnk
[2009/11/14 14:23:12 | 00,053,248 | ---- | C] () -- C:\WINDOWS\System32\CommonDL.dll
[2009/11/14 14:23:12 | 00,002,412 | ---- | C] () -- C:\WINDOWS\System32\lgAxconfig.ini
[2009/11/13 23:33:11 | 00,380,928 | ---- | C] () -- C:\WINDOWS\System32\actskin4.ocx
[2009/09/24 16:28:00 | 00,018,944 | ---- | C] () -- C:\WINDOWS\System32\xrxscnui.dll
[2009/06/09 05:58:56 | 00,110,592 | ---- | C] () -- C:\WINDOWS\System32\usbr38.dll
[2009/01/07 07:54:45 | 00,000,033 | ---- | C] () -- C:\WINDOWS\Multimedia manager.INI
[2009/01/07 07:51:25 | 00,000,000 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\LauncherAccess.dt
[2009/01/07 07:15:07 | 00,005,632 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys
[2008/12/23 19:33:44 | 00,000,011 | ---- | C] () -- C:\WINDOWS\permis.ini
[2008/12/20 11:48:02 | 00,138,520 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2008/12/10 16:52:29 | 00,045,794 | ---- | C] () -- C:\Documents and Settings\Martine\Application Data\Update_HP_RedboxHprblog_HPSU.log
[2008/12/10 16:52:29 | 00,000,221 | ---- | C] () -- C:\WINDOWS\HP_RedboxHprblog_HPSU.ini
[2008/10/23 05:44:42 | 02,869,760 | ---- | C] () -- C:\Documents and Settings\Martine\Local Settings\Application Data\cooliris-win-iemin-release-1.8.5.14750.msi
[2008/10/20 05:51:14 | 02,869,760 | ---- | C] () -- C:\Documents and Settings\Martine\Local Settings\Application Data\cooliris-win-iemin-release-1.8.4.14391.msi
[2008/10/04 06:00:34 | 02,849,792 | ---- | C] () -- C:\Documents and Settings\Martine\Local Settings\Application Data\cooliris-win-iemin-release-1.8.3.14080.msi
[2008/09/17 05:42:24 | 00,939,080 | ---- | C] () -- C:\Documents and Settings\Martine\Local Settings\Application Data\cooliris-win-iemin-release-1.8.2.4689.msi
[2008/08/22 07:55:08 | 02,149,376 | ---- | C] () -- C:\Documents and Settings\Martine\Local Settings\Application Data\cooliris-win-iemin-release-1.8.0.4272.msi
[2008/07/25 14:00:21 | 01,854,464 | ---- | C] () -- C:\Documents and Settings\Martine\Local Settings\Application Data\piclens-win-iemin-release-1.7.1.3938.msi
[2008/07/24 07:31:51 | 01,916,928 | ---- | C] () -- C:\Documents and Settings\Martine\Local Settings\Application Data\piclens-win-iefull-release-1.7.1.3900.msi
[2008/07/23 17:50:52 | 03,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2008/07/23 17:47:34 | 00,000,416 | ---- | C] () -- C:\WINDOWS\System32\dtu100.dll.manifest
[2008/07/23 17:47:34 | 00,000,416 | ---- | C] () -- C:\WINDOWS\System32\dpl100.dll.manifest
[2008/07/23 17:46:38 | 00,012,288 | ---- | C] () -- C:\WINDOWS\System32\DivXWMPExtType.dll
[2008/06/18 05:35:06 | 01,699,328 | ---- | C] () -- C:\Documents and Settings\Martine\Local Settings\Application Data\piclens-win-iefull-release-1.7.0.3458.msi
[2008/05/31 14:00:36 | 00,688,128 | ---- | C] () -- C:\WINDOWS\System32\libeay32.dll
[2008/05/31 14:00:36 | 00,155,648 | ---- | C] () -- C:\WINDOWS\System32\SSLeay32.dll
[2008/05/29 05:28:02 | 01,641,472 | ---- | C] () -- C:\Documents and Settings\Martine\Local Settings\Application Data\piclens-win-iefull-release-1.6.4.3021.msi
[2008/04/13 17:26:17 | 00,081,332 | ---- | C] () -- C:\WINDOWS\System32\bass.dll
[2008/03/25 11:50:28 | 00,347,136 | ---- | C] () -- C:\WINDOWS\System32\binkw32.dll
[2007/12/14 09:52:27 | 00,000,003 | ---- | C] () -- C:\WINDOWS\System32\Trial The Santa Claus 3D.dll
[2007/12/12 09:54:02 | 00,000,193 | ---- | C] () -- C:\WINDOWS\MyDrivers.ini
[2007/12/06 11:15:19 | 00,000,024 | ---- | C] () -- C:\WINDOWS\LogonStudio.ini
[2007/12/05 19:38:41 | 00,003,459 | ---- | C] () -- C:\WINDOWS\stricot.ini
[2007/12/02 13:36:27 | 00,000,034 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2007/09/10 15:25:23 | 00,000,305 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\addr_file.html
[2007/06/12 06:43:34 | 00,000,206 | ---- | C] () -- C:\WINDOWS\System32\ebcefaa_r.dll
[2007/05/06 08:46:38 | 00,000,041 | ---- | C] () -- C:\WINDOWS\System32\aaafe_s.dll
[2007/04/10 16:38:23 | 00,155,411 | ---- | C] () -- C:\WINDOWS\System32\drivers\dump_wmimmc.sys
[2007/01/07 13:32:41 | 00,002,053 | ---- | C] () -- C:\Documents and Settings\Martine\Application Data\Hewlett-PackardHP PSC 1500 series1153030812_PROTOCOL.log
[2007/01/07 13:32:41 | 00,000,589 | ---- | C] () -- C:\Documents and Settings\Martine\Application Data\Hewlett-PackardHP PSC 1500 series1153030812_UI.log
[2007/01/07 13:32:41 | 00,000,221 | ---- | C] () -- C:\WINDOWS\NCLogConfig.ini
[2007/01/07 13:32:41 | 00,000,108 | ---- | C] () -- C:\Documents and Settings\Martine\Application Data\Hewlett-PackardHP PSC 1500 series1153030812_API.log
[2007/01/07 13:25:47 | 00,002,095 | ---- | C] () -- C:\Documents and Settings\Martine\Application Data\HPSU_48BitScanUpdate.log
[2007/01/07 13:25:47 | 00,000,214 | ---- | C] () -- C:\WINDOWS\HP_48BitScanUpdatePatch.ini
[2006/09/06 09:23:05 | 00,721,904 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2006/09/04 12:56:59 | 00,001,208 | ---- | C] () -- C:\WINDOWS\Radio_Fr.ini
[2006/08/28 15:40:12 | 00,000,736 | ---- | C] () -- C:\WINDOWS\DigimaxMaster.INI
[2006/08/24 15:58:51 | 00,589,824 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2006/08/24 15:58:51 | 00,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2006/08/21 18:51:10 | 00,001,160 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2006/08/11 14:45:20 | 00,581,632 | ---- | C] () -- C:\WINDOWS\System32\nvhwvid.dll
[2006/08/11 14:43:10 | 00,196,608 | ---- | C] () -- C:\WINDOWS\System32\nvapi.dll
[2006/08/11 14:43:00 | 01,662,976 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2006/08/11 14:43:00 | 01,470,464 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2006/08/11 14:43:00 | 01,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2006/08/11 14:43:00 | 00,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2006/08/11 14:43:00 | 00,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2006/08/08 08:16:03 | 00,000,067 | ---- | C] () -- C:\WINDOWS\StationRipper.INI
[2006/08/05 07:38:50 | 00,071,749 | ---- | C] () -- C:\WINDOWS\hcextoutput.dll
[2006/08/05 07:38:50 | 00,000,823 | ---- | C] () -- C:\WINDOWS\tsc.ini
[2006/08/05 07:38:11 | 00,000,170 | ---- | C] () -- C:\WINDOWS\GetServer.ini
[2006/07/28 11:19:02 | 00,043,520 | ---- | C] () -- C:\WINDOWS\System32\CmdLineExt03.dll
[2006/07/27 06:42:24 | 00,028,672 | ---- | C] () -- C:\WINDOWS\System32\PdeSrvps.dll
[2006/07/27 06:42:22 | 00,005,885 | ---- | C] () -- C:\WINDOWS\UNWISE.INI
[2006/07/16 07:01:54 | 00,000,726 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\hpzinstall.log
[2006/06/03 06:35:41 | 00,000,021 | ---- | C] () -- C:\WINDOWS\cdtppoint.ini
[2006/05/26 15:23:23 | 00,000,040 | ---- | C] () -- C:\WINDOWS\Navigma.INI
[2006/05/13 16:43:05 | 00,000,112 | ---- | C] () -- C:\WINDOWS\ActiveSkin.INI
[2006/02/27 05:54:15 | 00,000,039 | ---- | C] () -- C:\WINDOWS\System32\CielComponent.ini
[2006/02/27 05:52:48 | 00,110,592 | ---- | C] () -- C:\WINDOWS\System32\XXXProgress.dll
[2006/02/27 05:50:21 | 00,000,032 | ---- | C] () -- C:\WINDOWS\CD_Start.INI
[2006/01/11 13:50:16 | 00,034,304 | ---- | C] () -- C:\Documents and Settings\Martine\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2005/12/17 13:49:50 | 00,021,840 | ---- | C] () -- C:\WINDOWS\System32\SIntfNT.dll
[2005/12/17 13:49:50 | 00,017,212 | ---- | C] () -- C:\WINDOWS\System32\SIntf32.dll
[2005/12/17 13:49:50 | 00,012,067 | ---- | C] () -- C:\WINDOWS\System32\SIntf16.dll
[2005/10/18 18:56:51 | 00,003,712 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2005/10/15 18:03:32 | 00,000,302 | ---- | C] () -- C:\WINDOWS\GALLERY.INI
[2005/10/05 18:03:14 | 00,000,021 | ---- | C] () -- C:\WINDOWS\SIERRA.INI
[2005/10/02 16:02:47 | 00,260,096 | ---- | C] () -- C:\WINDOWS\System32\cp21_comeai.dll
[2005/10/01 13:29:59 | 00,000,130 | ---- | C] () -- C:\Documents and Settings\Martine\Local Settings\Application Data\fusioncache.dat
[2005/07/24 16:40:04 | 00,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2005/07/24 16:29:24 | 00,000,497 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2005/07/24 16:26:40 | 00,007,584 | ---- | C] () -- C:\WINDOWS\HDReg.ini
[2005/07/24 16:21:46 | 00,000,501 | ---- | C] () -- C:\WINDOWS\System32\SETUPPC.INI
[2005/07/24 16:13:45 | 00,083,822 | ---- | C] () -- C:\WINDOWS\VGAsetup.ini
[2005/07/24 16:13:36 | 00,097,931 | ---- | C] () -- C:\WINDOWS\System32\VGAunistlog.ini
[2005/07/24 16:13:04 | 00,000,164 | ---- | C] () -- C:\WINDOWS\avrack.ini
[2005/07/24 16:13:03 | 00,147,456 | ---- | C] () -- C:\WINDOWS\System32\RTLCPAPI.dll
[2005/07/24 16:07:01 | 00,475,136 | ---- | C] () -- C:\WINDOWS\System32\SLLights.dll
[2005/07/24 16:07:01 | 00,155,648 | ---- | C] () -- C:\WINDOWS\System32\amr_cpl.dll
[2005/07/24 16:07:01 | 00,135,168 | ---- | C] () -- C:\WINDOWS\System32\SLMOHServ.dll
[2005/06/22 20:54:30 | 04,202,496 | ---- | C] () -- C:\WINDOWS\System32\qt-mt334.dll
[2005/06/22 20:54:30 | 04,202,496 | ---- | C] () -- C:\WINDOWS\System32\qt-mt334(4).dll
[2005/06/22 20:54:30 | 04,202,496 | ---- | C] () -- C:\WINDOWS\System32\qt-mt334(3).dll
[2005/06/22 20:54:30 | 04,202,496 | ---- | C] () -- C:\WINDOWS\System32\qt-mt334(2).dll
[2005/05/20 13:05:02 | 00,005,606 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2005/05/20 13:05:02 | 00,005,606 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO(2).INI
[2005/03/14 13:38:28 | 00,000,469 | ---- | C] () -- C:\WINDOWS\bdoscandellang.ini
[2004/08/16 17:25:16 | 00,000,926 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2004/08/16 16:41:02 | 00,027,440 | ---- | C] () -- C:\WINDOWS\System32\drivers\secdrv(2).sys
[2004/08/16 16:40:40 | 00,014,336 | ---- | C] () -- C:\WINDOWS\System32\msdmo(9).dll
[2004/08/16 16:40:40 | 00,014,336 | ---- | C] () -- C:\WINDOWS\System32\msdmo(8).dll
[2004/08/16 16:40:40 | 00,014,336 | ---- | C] () -- C:\WINDOWS\System32\msdmo(7).dll
[2004/08/16 16:40:40 | 00,014,336 | ---- | C] () -- C:\WINDOWS\System32\msdmo(6).dll
[2004/08/16 16:40:40 | 00,014,336 | ---- | C] () -- C:\WINDOWS\System32\msdmo(5).dll
[2004/08/16 16:40:40 | 00,014,336 | ---- | C] () -- C:\WINDOWS\System32\msdmo(4).dll
[2004/08/16 16:40:40 | 00,014,336 | ---- | C] () -- C:\WINDOWS\System32\msdmo(3).dll
[2004/08/16 16:40:40 | 00,014,336 | ---- | C] () -- C:\WINDOWS\System32\msdmo(2).dll
[2004/08/16 16:40:31 | 00,199,168 | ---- | C] () -- C:\WINDOWS\System32\ir32_32(3).dll
[2004/08/16 16:40:31 | 00,199,168 | ---- | C] () -- C:\WINDOWS\System32\ir32_32(2).dll
[2004/08/03 16:00:00 | 00,773,120 | ---- | C] () -- C:\WINDOWS\System32\RGSS100J.dll
[2002/11/01 15:17:50 | 00,000,256 | ---- | C] () -- C:\WINDOWS\aucfg.ini
[2002/07/04 14:05:34 | 00,000,269 | ---- | C] () -- C:\WINDOWS\tmupdate.ini
[2001/12/14 12:34:46 | 00,164,864 | ---- | C] () -- C:\WINDOWS\patchw32.dll
[2001/07/06 14:30:00 | 00,003,279 | ---- | C] () -- C:\WINDOWS\System32\HPTCPMON.INI
[1999/07/23 12:46:48 | 00,000,116 | ---- | C] () -- C:\WINDOWS\AuHCcup1.ini
[1999/07/23 09:53:20 | 00,129,536 | ---- | C] () -- C:\WINDOWS\AuHCcup1.dll
[1999/01/22 19:46:58 | 00,065,536 | ---- | C] () -- C:\WINDOWS\System32\MSRTEDIT.DLL
[1998/09/14 20:43:16 | 00,065,536 | ---- | C] () -- C:\WINDOWS\System32\TWAIN32d.dll
[1979/12/31 23:00:00 | 00,188,416 | ---- | C] () -- C:\WINDOWS\System32\slextspk.dll
[1979/12/31 23:00:00 | 00,159,744 | ---- | C] () -- C:\WINDOWS\System32\SLGen.dll
[1979/12/31 23:00:00 | 00,135,168 | ---- | C] () -- C:\WINDOWS\System32\property.dll
[1979/12/31 23:00:00 | 00,049,152 | ---- | C] () -- C:\WINDOWS\System32\coinst.dll

========== Alternate Data Streams ==========

@Alternate Data Stream - 133 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:05EE1EEF
@Alternate Data Stream - 114 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:EEE39B00
<End>
Zoom62
 
Messages: 25
Inscription: 03 Déc 2009, 17:22
Localisation: Bruxelles

Besoin aide analyse Hijacthis

Messagede Zoom62 » 04 Déc 2009, 16:24

Et enfin rapport HijackThis:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:14:15, on 3/12/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16876)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Comodo\Firewall\cmdagent.exe
C:\WINDOWS\system32\svchost.exe
J:\Avast (Anti virus)\ashServ.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\Explorer.EXE
J:\AVAST(~1\ashDisp.exe
C:\Program Files\Comodo\Firewall\cfp.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Mozilla Firefox\firefox.exe
J:\Program Files\Hijackthis\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.be/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - (no file)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: Cooliris Plug-In for Internet Explorer - {EAEE5C74-6D0D-4aca-9232-0DA4A7B866BA} - C:\Program Files\PicLensIE\cooliris.dll
O2 - BHO: Ask Toolbar BHO - {F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA} - (no file)
O3 - Toolbar: (no name) - {F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA} - (no file)
O3 - Toolbar: (no name) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - (no file)
O3 - Toolbar: Foxit Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O3 - Toolbar: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - (no file)
O4 - HKLM\..\Run: [COMODO Firewall Pro] "C:\Program Files\Comodo\Firewall\cfp.exe" -h
O4 - HKLM\..\Run: [avast!] J:\AVAST(~1\ashDisp.exe
O4 - HKLM\..\Run: [COMODO Internet Security] "C:\Program Files\Comodo\Firewall\cfp.exe" -h
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKLM\..\Run: [QuickTime Task] "J:\Program Files\Quicktime (vidéo)\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User '?')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User '?')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - S-1-5-18 Startup: desktop(2).ini (User '?')
O4 - .DEFAULT Startup: desktop(2).ini (User 'Default user')
O4 - .DEFAULT User Startup: desktop(2).ini (User 'Default user')
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: Crawler Search - tbr:iemenu
O8 - Extra context menu item: E&xport to Microsoft Excel - res://c:\program files\microsoft office\office11\excel.exe/3000
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Launch Cooliris - {3437D640-C91A-458f-89F5-B9095EA4C28B} - C:\Program Files\PicLensIE\cooliris.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\befr.htm
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} - http://messenger.zone.msn.com/binary/ms ... b31267.cab
O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} - http://www.creative.com/su/ocx/15015/CTSUEng.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} - http://messenger.zone.msn.com/binary/Me ... b31267.cab
O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://housecall65.trendmicro.com/house ... hcImpl.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} - http://messenger.zone.msn.com/binary/Mi ... b31267.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w3/pr01/re ... NPUpld.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-BE/a-U ... E_UNO1.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://bitdefender.bwm-mediasoft.com/scan8/oscan8.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/microso ... 5285014078
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microso ... 5284983656
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} - http://a840.g.akamai.net/7/840/537/2005 ... scan53.cab
O16 - DPF: {80DD2229-B8E4-4C77-B72F-F22972D723EA} - http://www.inoculer.com/antivirus/Msie/bitdefender.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} - http://messenger.zone.msn.com/binary/Me ... b31267.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} - http://messenger.zone.msn.com/binary/ZI ... b56649.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Me ... b56907.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/iss-l ... cfscan.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} - http://www.creative.com/su/ocx/15023/CTPID.cab
O20 - AppInit_DLLs: C:\WINDOWS\system32\guard32.dll
O20 - Winlogon Notify: !SASWinLogon - J:\Program Files\SASWINLO.DLL
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - J:\Avast (Anti virus)\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - J:\Avast (Anti virus)\ashServ.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - C:\Program Files\Comodo\Firewall\cmdagent.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe

--
End of file - 8477 bytes
Zoom62
 
Messages: 25
Inscription: 03 Déc 2009, 17:22
Localisation: Bruxelles

Re: Besoin d'aide

Messagede Zoom62 » 05 Déc 2009, 15:50

Zoom62 a écrit:Bonjour et d'avance un grand merci pour l'aide apportée,

Voilà depuis environ 15 jours j'ai de gros soucis avec l'UC de mon pc, pratiquement en permanence à 100% et ce au moindre programme lancé, idem lorsque j'ouvre Firefox. De plus le changement de session prend un temps fou.

Dans un premier temps j'ai vérifié le nombre de services lancés au démarrage (Automatique), là rien de nouveau toujours 19.

Alors j'ai pensé qu'un logiciel installé ou module complémentaire (Firefox) mobilisait toute la mémoire de UC mais lequel?
J'ai donc désactivé la plupart d'entre eux mais cela ne change pas grand chose.

Voici donc le rapport Malwarebytes, OTL, et pour finir hijackThis:

Malwarebytes' Anti-Malware 1.42
Version de la base de données: 3289
Windows 5.1.2600 Service Pack 3
Internet Explorer 7.0.5730.11

4/12/2009 10:03:57
mbam-log-2009-12-04 (10-03-57).txt

Type de recherche: Examen rapide
Eléments examinés: 146562
Temps écoulé: 8 minute(s), 32 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
(Aucun élément nuisible détecté)

OTL:

OTL Extras logfile created on: 4/12/2009 10:05:16 - Run 1
OTL by OldTimer - Version 3.1.11.4 Folder = C:\Documents and Settings\Martine\Bureau
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.11)
Locale: 0000080C | Country: Belgique | Language: FRB | Date Format: d/MM/yyyy

1022,73 Mb Total Physical Memory | 655,99 Mb Available Physical Memory | 64,14% Memory free
3,86 Gb Paging File | 3,53 Gb Available in Paging File | 91,38% Paging File free
Paging file location(s): [Binary data over 100 bytes]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 48,98 Gb Total Space | 10,41 Gb Free Space | 21,25% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
Drive F: | 7,99 Gb Total Space | 3,53 Gb Free Space | 44,20% Space Free | Partition Type: FAT32
G: Drive not present or media not loaded
H: Drive not present or media not loaded
Drive I: | 32,23 Gb Total Space | 9,00 Gb Free Space | 27,94% Space Free | Partition Type: NTFS
Drive J: | 65,85 Gb Total Space | 34,58 Gb Free Space | 52,52% Space Free | Partition Type: NTFS
Drive M: | 31,25 Gb Total Space | 9,52 Gb Free Space | 30,47% Space Free | Partition Type: NTFS

Computer Name: Zoom
Current User Name: Martine
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- Reg Error: Key error. File not found

[HKEY_USERS\S-1-5-21-1770633121-2185212140-2792175243-1007\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
https [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- J:\Program Files\VLC Media Player\VLC\vlc.exe --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- J:\Program Files\VLC Media Player\VLC\vlc.exe --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"FirewallDisableNotify" = 0
"AntiVirusOverride" = 1
"FirewallOverride" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"4000:TCP" = 4000:TCP:*:Enabled:Diablo
"6112:TCP" = 6112:TCP:*:Enabled:Diablo2

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\MSN Messenger\livecall.exe" = C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone) -- File not found
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe" = C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\LimeWire\LimeWire.exe" = C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire -- (Lime Wire, LLC)
"C:\Program Files\iTunes\iTunes.exe" = C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)
"C:\Program Files\Bonjour\mDNSResponder.exe" = C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour -- (Apple Inc.)
"F:\MININT\system32\p000001\APPS\skype\phone\Skype.exe" = F:\MININT\system32\p000001\APPS\skype\phone\Skype.exe:*:Enabled:Skype -- ()
"C:\Program Files\MSN Messenger\livecall.exe" = C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone) -- File not found
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe" = C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001040C-78E1-11D2-B60F-006097C998E7}" = Microsoft Office 2000 SR-1 Professional
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{04AF207D-9A77-465A-8B76-991F6AB66245}" = Adobe Help Viewer CS3
"{0611BD4E-4FE4-4a62-B0C0-18A4CC463428}" = CP_Package_Variety1
"{065D5505-3821-4C2E-BB6C-FE66A7E7CB4F}" = USB Flash Port Driver
"{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour
"{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting
"{09984AEC-6B9F-4ca7-B78D-CB44D4771DA3}" = Destinations
"{0B1C0E32-0589-49BE-AFEE-6888ED4A4FF4}" = Analyseur XML Microsoft
"{0B33B738-AD79-4E32-90C5-E67BFB10BBFF}" = AiO_Scan
"{0C0BE8DE-7BD2-45A5-BBA4-95C9FA2CE292}" = DM_Install
"{0FA44E79-CD7D-4E8D-A2EE-26FE05F509B6}" = OpenOffice.org 3.1
"{1103112B-513D-4DEF-96B4-9889774E0118}" = Creative Zen Touch
"{121634B0-2F4A-11D3-ADA3-00C04F52DD53}" = Windows Installer Clean Up
"{121634B0-2F4B-11D3-ADA3-00C04F52DD52}" = Windows Installer Clean Up
"{1451DE6B-ABE1-4F62-BE9A-B363A17588A2}" = QuickTime
"{175B7C4A-CAF8-437A-B597-73E0D2D970FE}" = Détecteur de flux Windows Live Toolbar (Windows Live Toolbar)
"{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}" = Adobe WinSoft Linguistics Plugin
"{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}" = Microsoft XNA Framework Redistributable 3.1
"{1C139D7D-9FEA-468d-A9C8-2A6E3BDE564A}" = CP_Package_Variety3
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Outil de téléchargement Windows Live
"{212748BB-0DA5-46DE-82A1-403736DC9F27}" = MSVC80_x86
"{21657574-BD54-48A2-9450-EB03B2C7FC29}" = Sonic MyDVD
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{24D7346D-D4B4-45E8-98EA-75EC14B42DD8}" = Adobe ExtendScript Toolkit 2
"{26A24AE4-039D-4CA4-87B4-2F83216016FF}" = Java(TM) 6 Update 17
"{29B3C64A-0F93-47CD-9C54-72C0C5578487}" = Samsung PC Studio
"{29E5EA97-5F74-4A57-B8B2-D4F169117183}" = Adobe Stock Photos CS3
"{2CADCEAB-D5DA-44D6-B5FC-7DEE87AB3C0C}" = Unload
"{2E0C1913-886B-4C5C-8DAF-D1E649CE5FCC}" = Creative MediaSource
"{30C19FF2-7FBA-4d09-B9DE-1659977F64F6}" = TrayApp
"{318AB667-3230-41B5-A617-CB3BF748D371}" = iTunes
"{3248F0A8-6813-11D6-A77B-00B0D0160000}" = Java(TM) SE Runtime Environment 6
"{3248F0A8-6813-11D6-A77B-00B0D0160050}" = Java(TM) 6 Update 5
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java(TM) 6 Update 7
"{350C940c-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3585ED1C-74C5-43B0-A232-831B96A12A2B}" = Menus intelligents (Windows Live Toolbar)
"{36FDBE6E-6684-462B-AE98-9A39A1B200CC}" = HP Product Assistant
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3FA365DF-2D68-45ED-8F83-8C8A33E65143}" = Apple Application Support
"{4002F73D-EBB3-4EA1-A2FF-DBCB4529759E}" = Barre d'outils Outlook de Windows Live (Windows Live Toolbar)
"{425FFD94-36BD-4933-881B-FE0B9DADF2B7}" = Ma-Config.com
"{46ABBC54-1872-4AA3-95E2-F2C063A63F31}" = Installation Windows Live
"{48110A46-A3A4-481E-8230-7873B7F4C696}" = Nokia Software Updater
"{514DF7BB-D192-417C-BB60-58BF1FD34253}" = S500/S600 USB Driver
"{51F366F4-C2E4-429A-866A-59C885ED42FD}" = Bloqueur de fenêtres pop-up (Windows Live Toolbar)
"{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3
"{54E3707F-808E-4fd4-95C9-15D1AB077E5D}" = NewCopy
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{56F8AFC3-FA98-4ff1-9673-8A026CBF85BE}" = WebReg
"{5B79CFD1-6845-4158-9D7D-6BE89DF2C135}" = HP PSC & OfficeJet 5.3.B
"{5F82B545-AE13-45ED-A8A2-67E56F3165BC}" = Conjugaison
"{64C1FA9A-FA94-4B6E-B3E4-8573738E4AD1}" = Adobe Setup
"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6994491D-D491-48F1-AE1F-E179C1FFFC2F}" = HP Photosmart Essential
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6ABE0BEE-D572-4FE8-B434-9E72A289431B}" = Adobe Fonts All
"{6BB6627C-694F-4FDC-A3E5-C7F4BED4C724}" = DocProc
"{6CDC748B-47B0-45EB-B740-681E8429F7F9}" = Opera 10.01
"{6D4AC5A4-4CF9-4F90-8111-B9B53CE257BF}" = Adobe Color Common Settings
"{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}" = Adobe Asset Services CS3
"{73B5D990-04EA-4751-B10F-5534770B91F2}" = Adobe Color EU Recommended Settings
"{770F1BEC-2871-4E70-B837-FB8525FFA3B1}" = Windows Live Messenger
"{77A1C7DD-E4F6-4057-92FC-710219215987}" = Logitech G11 Keyboard Software 1.03
"{7850A6D2-CBEA-4728-9877-F1BEDEA9F619}" = AiOSoftware
"{7AC15160-A49B-4A89-B181-D4619C025FFF}" = Samsung Samples Installer
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{7C9B95B7-B598-4398-B30F-7F6827192E6C}" = ProductContext
"{7D1D6A24-65D4-454C-8815-4F08A5FFF12C}" = Macromedia Shockwave Player
"{802771A9-A856-4A41-ACF7-1450E523C923}" = Adobe XMP Panels CS3
"{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}" = Windows Live Call
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{868D7896-99D4-4513-BC62-2B3AD3E24926}" = TuneUp Utilities 2006
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3
"{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}" = Adobe Type Support
"{8F5A0981-5CDC-41D0-BCA2-AD3B777FC358}" = Thrustmaster FFB Driver
"{9011040C-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3
"{911B040C-6000-11D3-8CFE-0050048383C9}" = Microsoft Word 2002
"{923A7F5A-1E8C-4FBE-8DF6-85940A60A79F}" = Readme
"{924EB80F-C2BB-4B9F-8412-88BBA937393F}" = MobileMe Control Panel
"{926DEB4E-2B0A-4C5C-AE4A-BF6C06949702}" = Adobe Setup
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9541FED0-327F-4DF0-8B96-EF57EF622F19}" = Sonic RecordNow!
"{9A394342-4A68-4EBA-85A6-55B559F4E700}" = Microsoft .NET Framework 1.1 French Language Pack
"{9C7C8898-DC29-4E8B-9E77-55A77C3250F6}" = PC Connectivity Solution
"{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3
"{A195B13E-A5E3-4BAF-A995-7F70F445CD06}" = ScannerCopy
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}" = Adobe CMaps
"{A2D81E70-2A98-4A08-A628-94388B063C5E}" = Adobe Color - Photoshop Specific
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{ABD7DBE3-E344-4BCA-B8AD-4360494DD1D9}" = LG MC USB U330 driver
"{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}" = PDF Settings
"{AC76BA86-7AD7-1036-7B44-A92000000001}" = Adobe Reader 9.2 - Français
"{AC7EE5F1-0DE4-4256-8E43-92B73C8E6019}" = LG Bluetooth Drivers
"{ADA6814F-4DB9-468A-A3F0-A41E68C459EB}_is1" = ZNsoft Free 2007
"{AEC0CEBC-0FC7-4716-8222-1C4A742719B1}" = Digimax Master
"{AFD12747-7CDA-49A5-BC5F-18B90FAD6822}" = DM_Install
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0
"{B3C02EC1-A7B0-4987-9A43-8789426AAA7D}" = Adobe Setup
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{B824B5C9-849F-4b9e-9EA7-6FD8CD8116DA}" = CP_Package_Variety2
"{B996AE66-10DB-4ac5-B151-E8B4BFBC42FC}" = BufferChm
"{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}" = Adobe Default Language CS3
"{BA63612E-0458-416A-ADCD-B2349194F20F}" = Creative ZEN Nano Plus
"{BEAD39CD-901D-4267-8B8B-EAA83CB4B70D}" = Pivot Stickfigure Animator
"{BEEFC4F8-2909-48B3-AFAA-55D3533FDEDD}" = Creative MediaSource 5
"{BF794769-8875-4E01-B7BE-E00104604F4A}" = Adobe Photoshop CS3
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C4A4722E-79F9-417C-BD72-8D359A090C97}" = Samsung PC Studio
"{C506A18C-1469-4678-B094-F4EC9DAE6DB7}" = Scan
"{C92651B8-39F6-3DD5-80EF-E71D2A21DE2F}" = PicLens for Internet Explorer
"{CA83357B-931E-44DC-AD43-9996FEEB8116}" = TrueImage
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware Free Edition
"{CE24344F-DFD8-40C8-8FD8-C9740B5F25AC}" = Fax
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client
"{D137B59C-551C-4659-8AA8-206FA650BF40}" = LG USB Modem Drivers
"{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}" = Adobe PDF Library Files
"{D3116CC7-24DC-4CA3-9CE1-23FED836E9F2}" = Assistant de connexion Windows Live
"{D518AD32-C710-4616-BA0D-D4B1FA5F82E8}" = Extension de Windows Live Toolbar (Windows Live Toolbar)
"{D94BA408-F110-488B-A65E-3AE7945F79E6}_is1" = Désinst. LG PC Suite III
"{DB52432E-3AD8-41A5-A586-0F065FB6A31E}" = Game Cam
"{DCA1EA45-4F03-3842-B36A-EF5369BDD0DB}" = Cooliris for Internet Explorer
"{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}" = Adobe Color JA Extra Settings
"{E3F90083-80D4-4b5a-87C7-E97E12F5516D}" = HPProductAssistant
"{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3
"{E6DA58C0-4EC5-4F5E-B73E-2F22ED30ACFC}" = Razer Krait
"{EA103B64-C0E4-4C0E-A506-751590E1653D}" = SolutionCenter
"{EBA29752-DDD2-4B62-B2E3-9841F92A3E3A}" = Samsung PC Studio 3 USB Driver Installer
"{EC4455AB-F155-4CC1-A4C5-88F3777F9886}" = Apple Mobile Device Support
"{EE0D5DCD-2B97-4473-98DF-E93C0BD92F7A}" = Adobe Stock Photos 1.0
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F242B06B-517F-4D62-B654-16B11564A912}" = OneCare Advisor (Windows Live Toolbar)
"{F4C2E5F5-2970-45f4-ABD3-C180C4D961C4}" = Status
"{F9E3CA72-816F-3905-898C-3962A49F666A}" = Cooliris for Internet Explorer
"{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio
"{FE57DE70-95DE-4B64-9266-84DA811053DB}" = HP Update
"{FF29A7E2-FF40-4D07-B7E4-2093DE59E10A}" = Adobe Color NA Extra Settings
"7D6D030B3D73FCCA3D4E45319380F315DFBE7A54" = Package de pilotes Windows - Infineon Technologies (FlashUSB) USB (04/16/2009 1.0.0.6)
"8461-7759-5462-8226" = Vuze
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe_3e054d2218e7aa282c2369d939e58ff" = Adobe ExtendScript Toolkit 2
"Adobe_6c8e2cb4fd241c55406016127a6ab2e" = Adobe Color Common Settings
"aignesamdeadlink" = AM-DeadLink 3.3
"Ask Toolbar_is1" = Foxit Toolbar
"a-squared Free_is1" = a-squared Free 3.5
"Audacity_is1" = Audacity 1.2.6
"avast!" = avast! Antivirus
"Battle.net" = Battle.net
"CCleaner" = CCleaner
"COMODO Firewall Pro" = COMODO Firewall Pro
"Creative Jukebox Driver" = Creative Jukebox Driver
"Diablo II" = Diablo II
"EVEREST Home Edition_is1" = EVEREST Home Edition v2.20
"FastStone Capture" = FastStone Capture 4.8
"Folderico" = Folderico 3.7.2
"Foxit Reader" = Foxit Reader
"Fraps" = Fraps (remove only)
"GlobFX Space Travel" = GlobFX Space Travel
"Guild Wars" = GUILD WARS
"HijackThis" = HijackThis 2.0.2
"HP Imaging Device Functions" = HP Imaging Device Functions 5.3
"HP Solution Center & Imaging Support Tools" = HP Solution Center & Imaging Support Tools 5.3
"Infineon USB driver_is1" = Infineon USB driver 1.0.0.6
"INFORAD MANAGER_is1" = INFORAD MANAGER 3.4
"Inkscape" = Inkscape 0.46
"Karen's Directory Printer" = Karen's Directory Printer
"LimeWire" = LimeWire 5.2.13
"LogonStudio" = LogonStudio
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.5.5)" = Mozilla Firefox (3.5.5)
"Mozilla Thunderbird (2.0.0.22)" = Mozilla Thunderbird (2.0.0.22)
"MSNINST" = MSN
"Multi Virus Cleaner 2008_is1" = Multi Virus Cleaner 2008
"Multi Virus Cleaner 2009_is1" = Multi Virus Cleaner 2009
"My Drivers 3.11" = My Drivers 3.11
"MyDefrag v4.2.5_is1" = MyDefrag v4.2.5
"MyDefrag_is1" = MyDefrag v4.1.2
"NVIDIA Drivers" = NVIDIA Drivers
"PunkBusterSvc" = PunkBuster Services
"RGSS de RPG MAKER XP_is1" = RGSS de RMXP version 1.0.1
"SAMSUNG CDMA Modem" = SAMSUNG CDMA Modem Driver Set
"SAMSUNG Mobile Composite Device" = SAMSUNG Mobile Composite Device Software
"Samsung Mobile phone USB driver" = Samsung Mobile phone USB driver Software
"SAMSUNG Mobile USB Modem" = SAMSUNG Mobile USB Modem Software
"SAMSUNG Mobile USB Modem 1.0" = SAMSUNG Mobile USB Modem 1.0 Software
"Shockwave" = Shockwave
"SideWinder Precision 2" = SideWinder Precision 2
"SiS VGA Driver" = SiS VGA Utilities
"Steam App 10" = Counter-Strike
"Steam App 590" = Left 4 Dead 2 Demo
"SWIV 3D" = SWIV 3D
"SysInfo" = Creative System Information
"TRUST SPYC@M 100_is1" = TRUST SPYC@M 100
"TuneUpMedia" = TuneUp Companion 1.5.9
"Unlocker" = Unlocker 1.8.7
"ViGlance" = ViGlance
"VLC media player" = VLC media player 0.9.6
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows XP Service" = Windows XP Service Pack 3
"WinGimp-2.0_is1" = GIMP 2.6.7
"WinLiveSuite_Wave3" = Installation Windows Live
"WinRAR archiver" = Archiveur WinRAR
"YInstHelper" = Yahoo! Install Manager

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-1770633121-2185212140-2792175243-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Notification de cadeaux MSN" = Notification de cadeaux MSN

========== Last 10 Event Log Errors ==========

Error: Unable to start EventLog service!

<End>
Zoom62
 
Messages: 25
Inscription: 03 Déc 2009, 17:22
Localisation: Bruxelles

Messagede nickW » 06 Déc 2009, 01:55

Bonsoir,

Que signifie ce nouvel envoi des mêmes rapports d'analyse? :evil:

Peux-tu faire démarrer le service "Journal des événements", et me donner le(s) message(s) d'erreur en cas d'échec?
Si le service démarre, il faudrait le mettre en Type de démarrage "Automatique".

A suivre,
nickW - Image
30/07/2012: Plus de désinfection de PC jusqu'à nouvel ordre.
Pas de demande d'analyse de log en MP (Message Privé)
Mes configs
Avatar de l’utilisateur
nickW
Modérateur
 
Messages: 21698
Inscription: 20 Mai 2004, 17:41
Localisation: Dordogne/Île de France

Besoin d'aide

Messagede Zoom62 » 06 Déc 2009, 08:28

Désolée mauvaise manip. Je souhaitais corriger une faute d'orthographe et j'ai cliqué sur citer au lieu d'éditer. Toutes mes excuses.

Concernant le journal des évènements, il est en automatique et démarré. Hier j'ai regardé les conseils donnés concernant le mode de démarrage des services et j'ai remis en automatique ce service, me doutant un peu que cela pourrais aidé à la résolution de mon problème.
Zoom62
 
Messages: 25
Inscription: 03 Déc 2009, 17:22
Localisation: Bruxelles

Messagede nickW » 07 Déc 2009, 01:57

Bonsoir,


Recherches ciblées:

Note: Ces manips doivent être effectuées en ayant ouvert une session avec les "droits Administrateur" (ne pas utiliser le profil utilisateur nommé "Administrateur" visible en mode sans échec)
Sous Windows XP, pour vérifier si un compte a les droits "Administrateur":
Démarrer---->Paramètres---->Panneau de configuration---->Comptes d'utilisateurs
A côté de l'icône représentant certains comptes (hormis celui nommé "Administrateur"), il est indiqué "Administrateur de l'ordinateur"
C'est l'un de ces comptes qu'il faudra utiliser.



Étape 1: Toolbar-S&D (de la Team IDN), téléchargement
Télécharger Toolbar-S&D via un clic droit sur l'un des liens ci-dessous:
http://eric71.geekstogo.com/tools/ToolBarSD.exe
http://eric.71.mespages.googlepages.com/ToolBarSD.exe
Enregistrer le fichier sur le Bureau.


Étape 2: RootRepeal (de AD)
Télécharger RootRepeal via un clic droit sur l'un des liens ci-dessous:
http://ad13.geekstogo.com/RootRepeal.zip
http://rootrepeal.googlepages.com/RootRepeal.zip
http://rootrepeal.psikotick.com/RootRepeal.zip
Enregistrer le fichier sur le Bureau.
Créer un nouveau dossier nommé RootRepeal à la racine du disque système (généralement C:\)

Décompresser l'archive téléchargée dans ce nouveau dossier RootRepeal


Étape 3: OTS (de OldTimer), installation
Télécharger OTS.exe depuis le lien ci-dessous
http://oldtimer.geekstogo.com/OTS.exe
Enregistrer ce fichier sur le Bureau.
S'il y a une alerte du module résident de l'antivirus, il faut ignorer cette alerte puis désactiver le module résident en temps réel de l'antivirus jusqu'à la fin de cette étape.


Étape 4: Désactivation des programmes de sécurité résidents
Désactiver le module résident de l'antivirus.
Image avast!: clic droit sur l'icône dans la SysBarre (à coté de l'horloge), puis "Arrêter la protection résidente"


Étape 5: Toolbar-S&D (de la Team IDN), option 1: Recherche
Faire un double clic sur ToolBarSD.exe situé sur le Bureau pour lancer l'exécution de l'outil.

Choisir la langue en tapant F puis en appuyant sur Entrée.
Lire l'avertissement, puis cliquer sur OK.

Après l'affichage du menu, taper 1 puis faire Entrée pour rechercher les fichiers responsables de l'infection.
Lorsque la recherche est terminée, une fenêtre du Bloc-notes s'ouvre et affiche le rapport (alias log).

Fermer le Bloc-notes, ce qui termine l'exécution de l'outil.

Note:
Si le Bureau ne réapparaît pas, ouvrir le Gestionnaire des tâches en utilisant simultanément les touches CTRL+ALT+SUPP.
Cliquer en haut sur le Menu Fichier et choisir Nouvelle tâche (Exécuter...).
Dans la nouvelle fenêtre Créer une nouvelle tâche qui s'est ouverte, dans la zone Ouvrir, taper exactement explorer puis cliquer sur le bouton OK. Le Bureau va réapparaître.


Étape 6: RootRepeal (de AD)
Dans l'Explorateur, ouvrir le dossier RootRepeal
Faire un double clic sur RootRepeal.exe pour lancer l'outil.

Cliquer sur l'onglet Report (en bas de la fenêtre) comme ceci:
Image

Cliquer sur le bouton Scan
Image

Dans la nouvelle fenêtre Select Scan, cocher:
+ Drivers
+ Files
+ Processes
+ SSDT
+ Stealth Objects
+ Hidden Services
+ Shadow SSDT

Image

Cliquer sur le bouton OK
Dans la nouvelle fenêtre Select Drives, cocher le lecteur système (généralement C:\)
Image

Cliquer sur le bouton OK pour lancer l'analyse

Note: Cette analyse prend un certain temps. NE PAS LANCER d'autres programmes tant qu'elle est active.

Lorsque l'analyse est terminée, le bouton Save Report sera disponible.
Image

Cliquer sur ce bouton Save Report et enregistrer le fichier rapport dans le dossier RootRepeal sous le nom RootRepeal-091206.txt

Ouvrir le menu File, cliquer sur Exit pour fermer le programme.


Étape 7: OTS (de OldTimer), création d'un rapport (log)
Fermer toutes les fenêtres de programme ouvertes.
Faire un double clic sur OTS.exe pour lancer l'outil:

L'écran principal de OTS s'affiche:
Image

Cliquer en haut sur le bouton None

Dans le paragraphe Additional Scans, cocher la case située devant:
Evnt - EventViewer Logs (Last 10 Errors)

Cocher (en haut) la case située devant Scan All Users
Image

Puis cliquer sur le bouton Run Scan.
Image

Laisser l'outil travailler, sans rien faire d'autre.
Lorsque l'outil a terminé, il y a ouverture d'une fenêtre du Bloc-notes contenant le rapport.
Note: Dans le Bloc-notes, vérifier dans le menu Format (en haut) que l'option "Retour automatique à la ligne" n'est pas cochée.
Fermer la fenêtre de OTS.


Étape 8: Réactivation des programmes de sécurité résidents
Important: Réactiver le module résident de l'antivirus.


Étape 9: Résultats
Envoyer en réponse:
*- le rapport de ToolBar S&D (contenu du fichier SystemDrive\TB.txt)
[SystemDrive représente la partition sur laquelle est installé le système, généralement C:]
*- le rapport de RootRepeal (contenu du fichier RootRepeal-091206.txt)
Ce rapport peut être très long. Bien vérifier qu'il est complet dans le message envoyé. Si nécessaire, le découper en plusieurs messages.
*- le rapport de OTS (contenu du fichier OTS.Txt situé sur le Bureau).
Note: Si dans le message ainsi envoyé sur le forum la dernière ligne de la zone Code n'est pas <End>, cela signifie que le rapport est trop grand pour tenir dans un seul message. Dans ce cas, il faut le couper en plusieurs messages.

Note importante: Pour l'envoi de ta(tes) réponse(s), il ne faut pas créer un nouveau sujet, mais cliquer sur le bouton "Répondre"
Image pour continuer dans ce fil de discussion.

A suivre,
nickW - Image
30/07/2012: Plus de désinfection de PC jusqu'à nouvel ordre.
Pas de demande d'analyse de log en MP (Message Privé)
Mes configs
Avatar de l’utilisateur
nickW
Modérateur
 
Messages: 21698
Inscription: 20 Mai 2004, 17:41
Localisation: Dordogne/Île de France

Besoin d'aide

Messagede Zoom62 » 07 Déc 2009, 07:41

Merci pour ta patience nickW et ton aide.

Voilà les rapports demandés ToolBar S&D et OTS par contre j'ai un problème avec RootRepeal.

RootRepeal Error
FOPS-Device Control Error!
Error Code= 0x0000001
Extended Info (0x0000070)

Rapport ToolBar:


-----------\\ ToolBar S&D 1.2.9 XP/Vista

Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
X86-based PC ( Uniprocessor Free : Intel(R) Pentium(R) 4 CPU 3.06GHz )
BIOS : BIOS Date: 05/12/05 22:37:41 Ver: 08.00.09
USER : Martine ( Administrator )
BOOT : Normal boot
Antivirus : avast! antivirus 4.8.1368 [VPS 091205-1] 4.8.1368 (Not Activated)
Firewall : Norton Internet Security 2005 (Activated)
A:\ (USB)
C:\ (Local Disk) - NTFS - Total:48 Go (Free:14 Go)
D:\ (CD or DVD)
E:\ (CD or DVD)
F:\ (Local Disk) - FAT32 - Total:7 Go (Free:3 Go)
G:\ (CD or DVD)
I:\ (Local Disk) - NTFS - Total:32 Go (Free:9 Go)
J:\ (Local Disk) - NTFS - Total:65 Go (Free:31 Go)
K:\ (USB)
L:\ (USB)
M:\ (Local Disk) - NTFS - Total:31 Go (Free:9 Go)
N:\ (USB)
Z:\ (USB)

"C:\ToolBar SD" ( MAJ : 22-08-2009|18:42 )
Option : [1] ( lun. 07/12/2009| 6:24 )

-----------\\ Recherche de Fichiers / Dossiers ...

C:\Program Files\AskBarDis
C:\Program Files\AskBarDis\bar
C:\Program Files\AskBarDis\PopSwatter
C:\Program Files\AskBarDis\unins000.dat
C:\Program Files\AskBarDis\unins000.exe
C:\Program Files\AskBarDis\bar\bin
C:\Program Files\AskBarDis\bar\Cache
C:\Program Files\AskBarDis\bar\History
C:\Program Files\AskBarDis\bar\Settings
C:\Program Files\AskBarDis\bar\bin\askBar.dll
C:\Program Files\AskBarDis\bar\bin\askPopStp.dll
C:\Program Files\AskBarDis\bar\bin\psvince.dll
C:\Program Files\AskBarDis\bar\Cache\000285EF.bin
C:\Program Files\AskBarDis\bar\Cache\00028D13.bin
C:\Program Files\AskBarDis\bar\Cache\00028EE8.bin
C:\Program Files\AskBarDis\bar\Cache\000290EB.bin
C:\Program Files\AskBarDis\bar\Cache\000292D0.bin
C:\Program Files\AskBarDis\bar\Cache\0002E3FD.bin
C:\Program Files\AskBarDis\bar\Cache\0002E67E.bin
C:\Program Files\AskBarDis\bar\Cache\0002E7B6.bin
C:\Program Files\AskBarDis\bar\Cache\0002E90E.bin
C:\Program Files\AskBarDis\bar\Cache\0002EA66.bin
C:\Program Files\AskBarDis\bar\Cache\0039CFBE
C:\Program Files\AskBarDis\bar\Cache\003EE021
C:\Program Files\AskBarDis\bar\Cache\003EE4B5
C:\Program Files\AskBarDis\bar\Cache\003EE63B.bin
C:\Program Files\AskBarDis\bar\Cache\003EE755.bin
C:\Program Files\AskBarDis\bar\Cache\003EE89D.bin
C:\Program Files\AskBarDis\bar\Cache\003EE949.bin
C:\Program Files\AskBarDis\bar\Cache\003EE9F5.bin
C:\Program Files\AskBarDis\bar\Cache\008F9245.bin
C:\Program Files\AskBarDis\bar\Cache\008F9562.bin
C:\Program Files\AskBarDis\bar\Cache\008F96AA.bin
C:\Program Files\AskBarDis\bar\Cache\008F9802.bin
C:\Program Files\AskBarDis\bar\Cache\008F99B8.bin
C:\Program Files\AskBarDis\bar\Cache\008F9C09.bin
C:\Program Files\AskBarDis\bar\Cache\01B95775
C:\Program Files\AskBarDis\bar\Cache\026AAC8D
C:\Program Files\AskBarDis\bar\Cache\files.ini
C:\Program Files\AskBarDis\bar\History\search
C:\Program Files\AskBarDis\bar\Settings\config.dat
C:\Program Files\AskBarDis\bar\Settings\prevcfg.htm
C:\Program Files\AskBarDis\bar\Settings\prevCfg2.htm
C:\Program Files\AskBarDis\PopSwatter\History
C:\Program Files\AskBarDis\PopSwatter\History\allowed
C:\Program Files\AskBarDis\PopSwatter\History\notallow
C:\Program Files\AskSBar
C:\Program Files\AskSBar\bar
C:\Program Files\AskSBar\bar\1.bin
C:\Program Files\AskSBar\bar\Cache
C:\Program Files\AskSBar\bar\History
C:\Program Files\AskSBar\bar\Settings
C:\Program Files\AskSBar\bar\1.bin\A2FFXTBR.JAR
C:\Program Files\AskSBar\bar\1.bin\A2FFXTBR.MANIFEST
C:\Program Files\AskSBar\bar\1.bin\A2HIGHIN.EXE
C:\Program Files\AskSBar\bar\1.bin\A2NTSTBR.JAR
C:\Program Files\AskSBar\bar\1.bin\A2NTSTBR.MANIFEST
C:\Program Files\AskSBar\bar\Cache\0003B0F2
C:\Program Files\AskSBar\bar\Cache\0003B68F
C:\Program Files\AskSBar\bar\Cache\0003BD65.bin
C:\Program Files\AskSBar\bar\Cache\0003C19B.bin
C:\Program Files\AskSBar\bar\Cache\0003C3BE.bin
C:\Program Files\AskSBar\bar\Cache\0003C64F.bin
C:\Program Files\AskSBar\bar\Cache\0003C99A.bin
C:\Program Files\AskSBar\bar\Cache\0003D468.bin
C:\Program Files\AskSBar\bar\Cache\0003D66C.bin
C:\Program Files\AskSBar\bar\Cache\0003D794.bin
C:\Program Files\AskSBar\bar\Cache\files.ini
C:\Program Files\AskSBar\bar\History\search2
C:\Program Files\AskSBar\bar\Settings\prevcfg2.htm
C:\DOCUME~1\Martine\Cookies\martine@baidu[1].txt
C:\DOCUME~1\Martine\Cookies\martine@hi.baidu[2].txt
C:\Program Files\Crawler
C:\Program Files\Crawler\Cache(2)
C:\Program Files\Crawler\Toolbar
C:\Program Files\Crawler\Cache(2)\STWSG
C:\Program Files\Crawler\Cache(2)\STWSG\STBUTTON_BMP.dat
C:\Program Files\Crawler\Cache(2)\STWSG\STBUTTON_CHBMP.dat
C:\Program Files\Crawler\Cache(2)\STWSG\STBUTTON_MENU.dat
C:\Program Files\Crawler\Cache(2)\STWSG\WSGBUTTON_BMP.dat
C:\Program Files\Crawler\Cache(2)\STWSG\WSGBUTTON_CHBMP.dat
C:\Program Files\Crawler\Cache(2)\STWSG\WSGBUTTON_MENU.dat
C:\Program Files\Crawler\Toolbar\adrkeys.dat
C:\Program Files\Crawler\Toolbar\Cache
C:\Program Files\Crawler\Toolbar\common_ff.dat
C:\Program Files\Crawler\Toolbar\confirm.dat
C:\Program Files\Crawler\Toolbar\ctbcomm.dll
C:\Program Files\Crawler\Toolbar\ctbr.dll
C:\Program Files\Crawler\Toolbar\CTipsDef.dll
C:\Program Files\Crawler\Toolbar\CToolbar.exe
C:\Program Files\Crawler\Toolbar\firefox
C:\Program Files\Crawler\Toolbar\Languages
C:\Program Files\Crawler\Toolbar\STWSGLanguageAct
C:\Program Files\Crawler\Toolbar\svc_set.dat
C:\Program Files\Crawler\Toolbar\TBR5LanguageAct
C:\Program Files\Crawler\Toolbar\TempDir
C:\Program Files\Crawler\Toolbar\Update
C:\Program Files\Crawler\Toolbar\WebSecurityGuard.dll
C:\Program Files\Crawler\Toolbar\WSGData
C:\Program Files\Crawler\Toolbar\Cache\COMMON
C:\Program Files\Crawler\Toolbar\Cache\STWSG
C:\Program Files\Crawler\Toolbar\Cache\COMMON\CLEANUP_CHBMP.dat
C:\Program Files\Crawler\Toolbar\Cache\COMMON\CLEANUP_MENU.dat
C:\Program Files\Crawler\Toolbar\Cache\COMMON\DIRLIST_CHBMP.dat
C:\Program Files\Crawler\Toolbar\Cache\COMMON\DIRLIST_MENU.dat
C:\Program Files\Crawler\Toolbar\Cache\COMMON\ECARDS_CHBMP.dat
C:\Program Files\Crawler\Toolbar\Cache\COMMON\ECARDS_MENU.dat
C:\Program Files\Crawler\Toolbar\Cache\COMMON\EMAIL_CHBMP.dat
C:\Program Files\Crawler\Toolbar\Cache\COMMON\GAMES_CHBMP.dat
C:\Program Files\Crawler\Toolbar\Cache\COMMON\GAMES_MENU.dat
C:\Program Files\Crawler\Toolbar\Cache\COMMON\SHOP_CHBMP.dat
C:\Program Files\Crawler\Toolbar\Cache\COMMON\SPELL_CHBMP.dat
C:\Program Files\Crawler\Toolbar\Cache\COMMON\TRAVEL_CHBMP.dat
C:\Program Files\Crawler\Toolbar\Cache\COMMON\WAYBACK_CHBMP.dat
C:\Program Files\Crawler\Toolbar\Cache\COMMON\WP_CHBMP.dat
C:\Program Files\Crawler\Toolbar\Cache\COMMON\YP_CHBMP.dat
C:\Program Files\Crawler\Toolbar\Cache\STWSG\WSGBUTTON_BMP.dat
C:\Program Files\Crawler\Toolbar\Cache\STWSG\WSGBUTTON_CHBMP.dat
C:\Program Files\Crawler\Toolbar\Cache\STWSG\WSGBUTTON_MENU.dat
C:\Program Files\Crawler\Toolbar\firefox\chrome
C:\Program Files\Crawler\Toolbar\firefox\chrome.manifest
C:\Program Files\Crawler\Toolbar\firefox\components
C:\Program Files\Crawler\Toolbar\firefox\install.ini
C:\Program Files\Crawler\Toolbar\firefox\install.rdf
C:\Program Files\Crawler\Toolbar\firefox\chrome\crawlertbr.jar
C:\Program Files\Crawler\Toolbar\firefox\components\xshared.xpt
C:\Program Files\Crawler\Toolbar\firefox\components\xsupport.dll
C:\Program Files\Crawler\Toolbar\firefox\components\xsupport.xpt
C:\Program Files\Crawler\Toolbar\firefox\components\xwsg.dll
C:\Program Files\Crawler\Toolbar\firefox\components\xwsg.xpt
C:\Program Files\Crawler\Toolbar\Languages\STWSG_CS.cab
C:\Program Files\Crawler\Toolbar\Languages\STWSG_EN.cab
C:\Program Files\Crawler\Toolbar\Languages\STWSG_ES.cab
C:\Program Files\Crawler\Toolbar\Languages\STWSG_FF.cab
C:\Program Files\Crawler\Toolbar\Languages\STWSG_FR.cab
C:\Program Files\Crawler\Toolbar\Languages\STWSG_IT.cab
C:\Program Files\Crawler\Toolbar\Languages\STWSG_PT-BR.cab
C:\Program Files\Crawler\Toolbar\Languages\STWSG_PT.cab
C:\Program Files\Crawler\Toolbar\Languages\TBR5_CS.cab
C:\Program Files\Crawler\Toolbar\Languages\TBR5_EN.cab
C:\Program Files\Crawler\Toolbar\Languages\TBR5_ES.cab
C:\Program Files\Crawler\Toolbar\Languages\TBR5_IT.cab
C:\Program Files\Crawler\Toolbar\Languages\TBR5_PT-BR.cab
C:\Program Files\Crawler\Toolbar\Languages\TBR5_PT.cab
C:\Program Files\Crawler\Toolbar\STWSGLanguageAct\info.ini
C:\Program Files\Crawler\Toolbar\STWSGLanguageAct\language.ini
C:\Program Files\Crawler\Toolbar\Update\WebSecurityGuard.dll.pda
C:\Program Files\Crawler\Toolbar\Update\WebSecurityGuard.dll.pin
C:\Program Files\Crawler\Toolbar\WSGData\domains
C:\Program Files\Crawler\Toolbar\WSGData\userData_S-1-5-21-1770633121-2185212140-2792175243-1007.dat
C:\Program Files\Crawler\Toolbar\WSGData\userData_S-1-5-21-1770633121-2185212140-2792175243-1010.dat
C:\Program Files\Crawler\Toolbar\WSGData\wfilter.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_000.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_000_diff.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_001.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_001_diff.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_002.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_002_diff.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_003.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_003_diff.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_004.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_004_diff.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_005.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_005_diff.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_006.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_006_diff.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_007.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_007_diff.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_008.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_008_diff.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_009.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_009_diff.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_010.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_010_diff.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_011.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_011_diff.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_012.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_012_diff.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_013.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_013_diff.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_014.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_014_diff.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_015.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_015_diff.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_016.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_016_diff.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_017.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_017_diff.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_018.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_018_diff.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_019.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_019_diff.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_020.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_020_diff.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_021.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_021_diff.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_022.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_022_diff.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_023.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_023_diff.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\index.dat

-----------\\ Extensions

(Administrateur) - {3112ca9c-de6d-4884-a869-9855de68056c} => google-toolbar

(Martine) - {582195F5-92E7-40a0-A127-DB71295901D7} => gmanager
(Martine) - {84b24861-62f6-364b-eba5-2e5e2061d7e6} => mediaplayerconnectivity
(Martine) - {b9db16a4-6edc-47ec-a1f4-b86292ed211d} => dwhelper
(Martine) - {04060490-5c60-11da-8cd6-0800200c9a66} => Noia-Cute_TB_Yop_GD
(Martine) - {4e797306-9ff7-11dc-8314-0800200c9a66} => aero_thunderbird-1.0.3-tb


-----------\\ [..\Internet Explorer\Main]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.be/"
"Search Page"="http://www.google.com"
"SearchMigratedDefaultURL"="http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}"
"Url"="http://go.microsoft.com/fwlink/?LinkId=68928"
"Url"="http://go.microsoft.com/fwlink/?LinkId=68929"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"


--------------------\\ Recherche d'autres infections

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet005\..\{8FEDED2D-763C-44CB-AEAA-5C9D637C4DDB}]
DhcpNameServer REG_SZ 85.255.116.51,85.255.112.96
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet005\..\{D8DF1CDE-CFF6-4E92-93BC-692FD5992AD4}]
DhcpNameServer REG_SZ 85.255.116.51,85.255.112.96
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet006\..\{8FEDED2D-763C-44CB-AEAA-5C9D637C4DDB}]
DhcpNameServer REG_SZ 85.255.116.51,85.255.112.96
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet006\..\{D8DF1CDE-CFF6-4E92-93BC-692FD5992AD4}]
DhcpNameServer REG_SZ 85.255.116.51,85.255.112.96
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet007\..\{8FEDED2D-763C-44CB-AEAA-5C9D637C4DDB}]
DhcpNameServer REG_SZ 85.255.116.51,85.255.112.96
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet007\..\{D8DF1CDE-CFF6-4E92-93BC-692FD5992AD4}]
DhcpNameServer REG_SZ 85.255.116.51,85.255.112.96
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet008\..\{8FEDED2D-763C-44CB-AEAA-5C9D637C4DDB}]
DhcpNameServer REG_SZ 85.255.116.51,85.255.112.96
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet008\..\{D8DF1CDE-CFF6-4E92-93BC-692FD5992AD4}]
DhcpNameServer REG_SZ 85.255.116.51,85.255.112.96
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet009\..\{8FEDED2D-763C-44CB-AEAA-5C9D637C4DDB}]
DhcpNameServer REG_SZ 85.255.116.51,85.255.112.96
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet009\..\{D8DF1CDE-CFF6-4E92-93BC-692FD5992AD4}]
DhcpNameServer REG_SZ 85.255.116.51,85.255.112.96
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet010\..\{8FEDED2D-763C-44CB-AEAA-5C9D637C4DDB}]
DhcpNameServer REG_SZ 85.255.116.51,85.255.112.96
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet010\..\{D8DF1CDE-CFF6-4E92-93BC-692FD5992AD4}]
DhcpNameServer REG_SZ 85.255.116.51,85.255.112.96
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet011\..\{8FEDED2D-763C-44CB-AEAA-5C9D637C4DDB}]
DhcpNameServer REG_SZ 85.255.116.51,85.255.112.96
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet011\..\{D8DF1CDE-CFF6-4E92-93BC-692FD5992AD4}]
DhcpNameServer REG_SZ 85.255.116.51,85.255.112.96
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet012\..\{8FEDED2D-763C-44CB-AEAA-5C9D637C4DDB}]
DhcpNameServer REG_SZ 85.255.116.51,85.255.112.96
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet012\..\{D8DF1CDE-CFF6-4E92-93BC-692FD5992AD4}]
DhcpNameServer REG_SZ 85.255.116.51,85.255.112.96
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet013\..\{8FEDED2D-763C-44CB-AEAA-5C9D637C4DDB}]
DhcpNameServer REG_SZ 85.255.116.51,85.255.112.96
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet013\..\{D8DF1CDE-CFF6-4E92-93BC-692FD5992AD4}]
DhcpNameServer REG_SZ 85.255.116.51,85.255.112.96
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet014\..\{8FEDED2D-763C-44CB-AEAA-5C9D637C4DDB}]
DhcpNameServer REG_SZ 85.255.116.51,85.255.112.96
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet014\..\{D8DF1CDE-CFF6-4E92-93BC-692FD5992AD4}]
DhcpNameServer REG_SZ 85.255.116.51,85.255.112.96
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet015\..\{8FEDED2D-763C-44CB-AEAA-5C9D637C4DDB}]
DhcpNameServer REG_SZ 85.255.116.51,85.255.112.96
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet015\..\{D8DF1CDE-CFF6-4E92-93BC-692FD5992AD4}]
DhcpNameServer REG_SZ 85.255.116.51,85.255.112.96
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet016\..\{8FEDED2D-763C-44CB-AEAA-5C9D637C4DDB}]
DhcpNameServer REG_SZ 85.255.116.51,85.255.112.96
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet016\..\{D8DF1CDE-CFF6-4E92-93BC-692FD5992AD4}]
DhcpNameServer REG_SZ 85.255.116.51,85.255.112.96
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet017\..\{8FEDED2D-763C-44CB-AEAA-5C9D637C4DDB}]
DhcpNameServer REG_SZ 85.255.116.51,85.255.112.96
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet017\..\{D8DF1CDE-CFF6-4E92-93BC-692FD5992AD4}]
DhcpNameServer REG_SZ 85.255.116.51,85.255.112.96
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet018\..\{8FEDED2D-763C-44CB-AEAA-5C9D637C4DDB}]
DhcpNameServer REG_SZ 85.255.116.51,85.255.112.96
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet018\..\{D8DF1CDE-CFF6-4E92-93BC-692FD5992AD4}]
DhcpNameServer REG_SZ 85.255.116.51,85.255.112.96
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet019\..\{8FEDED2D-763C-44CB-AEAA-5C9D637C4DDB}]
DhcpNameServer REG_SZ 85.255.116.51,85.255.112.96
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet019\..\{D8DF1CDE-CFF6-4E92-93BC-692FD5992AD4}]
DhcpNameServer REG_SZ 85.255.116.51,85.255.112.96
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet020\..\{8FEDED2D-763C-44CB-AEAA-5C9D637C4DDB}]
DhcpNameServer REG_SZ 85.255.116.51,85.255.112.96
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet020\..\{D8DF1CDE-CFF6-4E92-93BC-692FD5992AD4}]
DhcpNameServer REG_SZ 85.255.116.51,85.255.112.96
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet021\..\{D8DF1CDE-CFF6-4E92-93BC-692FD5992AD4}]
DhcpNameServer REG_SZ 85.255.116.51,85.255.112.96
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet022\..\{D8DF1CDE-CFF6-4E92-93BC-692FD5992AD4}]
DhcpNameServer REG_SZ 85.255.116.51,85.255.112.96
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet023\..\{D8DF1CDE-CFF6-4E92-93BC-692FD5992AD4}]
DhcpNameServer REG_SZ 85.255.116.51,85.255.112.96
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet024\..\{D8DF1CDE-CFF6-4E92-93BC-692FD5992AD4}]
DhcpNameServer REG_SZ 85.255.116.51,85.255.112.96
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet025\..\{D8DF1CDE-CFF6-4E92-93BC-692FD5992AD4}]
DhcpNameServer REG_SZ 85.255.116.51,85.255.112.96
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet026\..\{D8DF1CDE-CFF6-4E92-93BC-692FD5992AD4}]
DhcpNameServer REG_SZ 85.255.116.51,85.255.112.96
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet027\..\{D8DF1CDE-CFF6-4E92-93BC-692FD5992AD4}]
DhcpNameServer REG_SZ 85.255.116.51,85.255.112.96
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet028\..\{D8DF1CDE-CFF6-4E92-93BC-692FD5992AD4}]
DhcpNameServer REG_SZ 85.255.116.51,85.255.112.96
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet029\..\{D8DF1CDE-CFF6-4E92-93BC-692FD5992AD4}]
DhcpNameServer REG_SZ 85.255.116.51,85.255.112.96
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet030\..\{D8DF1CDE-CFF6-4E92-93BC-692FD5992AD4}]
DhcpNameServer REG_SZ 85.255.116.51,85.255.112.96
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet031\..\{D8DF1CDE-CFF6-4E92-93BC-692FD5992AD4}]
DhcpNameServer REG_SZ 85.255.116.51,85.255.112.96
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet032\..\{D8DF1CDE-CFF6-4E92-93BC-692FD5992AD4}]
DhcpNameServer REG_SZ 85.255.116.51,85.255.112.96
==> WAREOUT <==

--------------------\\ Cracks & Keygens ..

C:\DOCUME~1\Martine\.housecall6.6\Quarantine\Nero Ultra Edition 8.3.2.1 - KeyGen + Activation + Serials [by qualitytors].zip.bac_a00840
C:\DOCUME~1\Martine\Complete\Nero Ultra Edition 8.3.2.1 - KeyGen + Activation + Serials [by qualitytors].zip



1 - "C:\ToolBar SD\TB_1.txt" - lun. 07/12/2009| 6:26 - Option : [1]
Zoom62
 
Messages: 25
Inscription: 03 Déc 2009, 17:22
Localisation: Bruxelles

Besoin d'aide

Messagede Zoom62 » 07 Déc 2009, 07:43

Rapport OTS:

[code]
OTS logfile created on: 7/12/2009 6:52:07 - Run 1
OTS by OldTimer - Version 3.1.8.7 Folder = C:\Documents and Settings\Martine\Bureau
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.11)
Locale: 0000080C | Country: Belgique | Language: FRB | Date Format: d/MM/yyyy

1022,73 Mb Total Physical Memory | 779,11 Mb Available Physical Memory | 76,18% Memory free
3,86 Gb Paging File | 3,52 Gb Available in Paging File | 91,09% Paging File free
Paging file location(s): [Binary data over 100 bytes]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 48,98 Gb Total Space | 14,06 Gb Free Space | 28,70% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
Drive F: | 7,99 Gb Total Space | 3,53 Gb Free Space | 44,20% Space Free | Partition Type: FAT32
G: Drive not present or media not loaded
H: Drive not present or media not loaded
Drive I: | 32,23 Gb Total Space | 9,00 Gb Free Space | 27,94% Space Free | Partition Type: NTFS
Drive J: | 65,85 Gb Total Space | 31,72 Gb Free Space | 48,17% Space Free | Partition Type: NTFS
Drive M: | 31,25 Gb Total Space | 9,52 Gb Free Space | 30,47% Space Free | Partition Type: NTFS

Computer Name: Zoom
Current User Name: Martine
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days

[Processes - Safe List]
ots.exe -> C:\Documents and Settings\Martine\Bureau\OTS.exe -> [2009/12/07 06:22:44 | 00,532,992 | ---- | M] (OldTimer Tools)
ashdisp.exe -> J:\Avast (Anti virus)\ashDisp.exe -> [2009/11/25 00:51:40 | 00,081,000 | ---- | M] (ALWIL Software)
ashserv.exe -> J:\Avast (Anti virus)\ashServ.exe -> [2009/11/25 00:51:35 | 00,138,680 | ---- | M] (ALWIL Software)
aswupdsv.exe -> J:\Avast (Anti virus)\aswUpdSv.exe -> [2009/11/25 00:43:56 | 00,018,752 | ---- | M] (ALWIL Software)
cfp.exe -> C:\Program Files\Comodo\Firewall\cfp.exe -> [2009/11/20 18:10:18 | 01,800,464 | ---- | M] (COMODO)
cmdagent.exe -> C:\Program Files\Comodo\Firewall\cmdagent.exe -> [2009/11/20 18:10:05 | 00,723,632 | ---- | M] (COMODO)
firefox.exe -> C:\Program Files\Mozilla Firefox\firefox.exe -> [2009/11/09 22:27:42 | 00,908,248 | ---- | M] (Mozilla Corporation)
jusched.exe -> C:\Program Files\Java\jre6\bin\jusched.exe -> [2009/10/11 04:17:36 | 00,149,280 | ---- | M] (Sun Microsystems, Inc.)
ituneshelper.exe -> C:\Program Files\iTunes\iTunesHelper.exe -> [2008/11/20 13:20:54 | 00,290,088 | ---- | M] (Apple Inc.)
ipodservice.exe -> C:\Program Files\iPod\bin\iPodService.exe -> [2008/11/20 13:20:44 | 00,536,872 | ---- | M] (Apple Inc.)
explorer.exe -> C:\WINDOWS\explorer.exe -> [2008/04/14 03:34:03 | 01,037,824 | ---- | M] (Microsoft Corporation)

[Modules - Safe List]
ots.exe -> C:\Documents and Settings\Martine\Bureau\OTS.exe -> [2009/12/07 06:22:44 | 00,532,992 | ---- | M] (OldTimer Tools)
guard32.dll -> C:\WINDOWS\system32\guard32.dll -> [2009/12/01 09:48:34 | 00,171,552 | ---- | M] (COMODO)
framedyn.dll -> C:\WINDOWS\system32\framedyn.dll -> [2006/05/03 22:53:54 | 00,174,592 | ---- | M] (Microsoft Corporation)

[Win32 Services - Safe List]
(FLEXnet Licensing Service) FLEXnet Licensing Service [Disabled | Stopped] -> -> File not found
(Diskeeper) Diskeeper [Disabled | Stopped] -> -> File not found
(avast! Antivirus) avast! Antivirus [Auto | Running] -> J:\Avast (Anti virus)\ashServ.exe -> [2009/11/25 00:51:35 | 00,138,680 | ---- | M] (ALWIL Software)
(avast! Mail Scanner) avast! Mail Scanner [On_Demand | Stopped] -> J:\Avast (Anti virus)\ashMaiSv.exe -> [2009/11/25 00:51:21 | 00,254,040 | ---- | M] (ALWIL Software)
(avast! Web Scanner) avast! Web Scanner [On_Demand | Stopped] -> J:\Avast (Anti virus)\ashWebSv.exe -> [2009/11/25 00:48:48 | 00,352,920 | ---- | M] (ALWIL Software)
(aswUpdSv) avast! iAVS4 Control Service [Auto | Running] -> J:\Avast (Anti virus)\aswUpdSv.exe -> [2009/11/25 00:43:56 | 00,018,752 | ---- | M] (ALWIL Software)
(PnkBstrA) PnkBstrA [Disabled | Stopped] -> C:\WINDOWS\system32\PnkBstrA.exe -> [2009/11/22 10:13:34 | 00,066,872 | ---- | M] ()
(cmdAgent) COMODO Internet Security Helper Service [Auto | Running] -> C:\Program Files\Comodo\Firewall\cmdagent.exe -> [2009/11/20 18:10:05 | 00,723,632 | ---- | M] (COMODO)
(JavaQuickStarterService) Java Quick Starter [On_Demand | Stopped] -> C:\Program Files\Java\jre6\bin\jqs.exe -> [2009/10/11 04:17:35 | 00,153,376 | ---- | M] (Sun Microsystems, Inc.)
(a2free) a-squared Free Service [Disabled | Stopped] -> J:\Program Files\a-Squared (Scanner pc malwares)\a-squared Free\a2service.exe -> [2009/10/01 09:05:49 | 01,858,144 | ---- | M] (Emsi Software GmbH)
(maconfservice) Ma-Config Service [On_Demand | Stopped] -> C:\Program Files\ma-config.com\maconfservice.exe -> [2009/09/23 14:50:28 | 00,238,960 | ---- | M] (CybelSoft)
(Bonjour Service) Service Bonjour [On_Demand | Stopped] -> C:\Program Files\Bonjour\mDNSResponder.exe -> [2008/12/12 11:17:38 | 00,238,888 | ---- | M] (Apple Inc.)
(iPod Service) Service de l’iPod [On_Demand | Running] -> C:\Program Files\iPod\bin\iPodService.exe -> [2008/11/20 13:20:44 | 00,536,872 | ---- | M] (Apple Inc.)
(Apple Mobile Device) Apple Mobile Device [On_Demand | Stopped] -> C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -> [2008/11/07 14:28:16 | 00,132,424 | ---- | M] (Apple Inc.)
(ServiceLayer) ServiceLayer [Disabled | Stopped] -> C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -> [2008/05/30 11:32:16 | 00,572,416 | ---- | M] (Nokia.)
(SNMP) Service SNMP [Disabled | Stopped] -> C:\WINDOWS\system32\snmp.exe -> [2008/04/14 03:34:22 | 00,033,280 | ---- | M] (Microsoft Corporation)
(p2pgasvc) Authentification de groupe réseau homologue [Disabled | Stopped] -> C:\WINDOWS\system32\p2pgasvc.dll -> [2008/04/14 03:33:38 | 00,105,472 | ---- | M] (Microsoft Corporation)
(StarWindServiceAE) StarWind AE Service [Disabled | Stopped] -> J:\Kevin\Programmes Divers\Alcohol 52\StarWind\StarWindServiceAE.exe -> [2007/05/28 17:57:54 | 00,275,968 | ---- | M] (Rocket Division Software)
(NVSvc) NVIDIA Display Driver Service [On_Demand | Stopped] -> C:\WINDOWS\system32\nvsvc32.exe -> [2006/08/11 14:42:50 | 00,155,715 | ---- | M] (NVIDIA Corporation)
(ose) Office Source Engine [On_Demand | Stopped] -> C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE -> [2006/04/25 19:40:50 | 00,138,504 | ---- | M] (Microsoft Corporation)
(AcrSch2Svc) Acronis Scheduler2 Service [Disabled | Stopped] -> C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe -> [2006/01/17 16:36:56 | 00,172,032 | ---- | M] (Acronis)
(CyberLink Media Library Service) CyberLink Media Library Service [Disabled | Stopped] -> C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe -> [2005/01/28 10:11:40 | 00,024,576 | ---- | M] (Cyberlink)
(CLSched) CyberLink Task Scheduler (CTS) [Disabled | Stopped] -> c:\APPS\Powercinema\Kernel\TV\CLSched.exe -> [2005/01/28 10:11:14 | 00,110,682 | ---- | M] ()
(CLCapSvc) CyberLink Background Capture Service (CBCS) [Disabled | Stopped] -> c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe -> [2005/01/28 10:11:10 | 00,176,220 | ---- | M] ()
(GenericHidService) Generic Service for HID Keyboard Input Collections [On_Demand | Stopped] -> c:\APPS\HIDSERVICE\HidService.exe -> [2005/01/07 11:01:52 | 00,049,152 | ---- | M] ()
(IDriverT) InstallDriver Table Manager [Disabled | Stopped] -> C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe -> [2004/10/22 02:24:18 | 00,073,728 | ---- | M] (Macrovision Corporation)
(Pml Driver HPZ12) Pml Driver HPZ12 [On_Demand | Stopped] -> C:\WINDOWS\system32\HPZipm12.exe -> [2004/09/29 11:14:36 | 00,069,632 | ---- | M] (HP)
(SimpTcp) Services TCP/IP simplifiés [On_Demand | Stopped] -> C:\WINDOWS\system32\tcpsvcs.exe -> [2004/08/05 13:00:00 | 00,019,456 | ---- | M] (Microsoft Corporation)
(LPDSVC) Serveur d'impression TCP/IP [On_Demand | Stopped] -> C:\WINDOWS\system32\tcpsvcs.exe -> [2004/08/05 13:00:00 | 00,019,456 | ---- | M] (Microsoft Corporation)
(MDM) Machine Debug Manager [Disabled | Stopped] -> C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe -> [2003/06/19 22:25:00 | 00,322,120 | ---- | M] (Microsoft Corporation)
(Creative Service for CDROM Access) Creative Service for CDROM Access [Disabled | Stopped] -> C:\WINDOWS\system32\CTSVCCDA.EXE -> [1999/12/13 02:01:00 | 00,044,032 | ---- | M] (Creative Technology Ltd)

[Driver Services - Safe List]
(cmdGuard) COMODO Firewall Pro Sandbox Driver [File_System | System | Running] -> C:\WINDOWS\system32\drivers\cmdguard.sys -> [2009/12/01 09:48:31 | 00,133,064 | ---- | M] (COMODO)
(aswTdi) avast! Network Shield Support [Kernel | System | Running] -> C:\WINDOWS\system32\drivers\aswTdi.sys -> [2009/11/25 00:49:07 | 00,048,560 | ---- | M] (ALWIL Software)
(aswRdr) aswRdr [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\aswRdr.sys -> [2009/11/25 00:48:57 | 00,023,120 | ---- | M] (ALWIL Software)
(Aavmker4) avast! Asynchronous Virus Monitor [Kernel | System | Running] -> C:\WINDOWS\system32\drivers\aavmker4.sys -> [2009/11/25 00:47:54 | 00,027,408 | ---- | M] (ALWIL Software)
(sptd) sptd [Kernel | Boot | Running] -> C:\WINDOWS\System32\Drivers\sptd.sys -> [2009/11/24 15:24:27 | 00,721,904 | ---- | M] ()
(dtscsi) dtscsi [Kernel | On_Demand | Stopped] -> C:\WINDOWS\System32\Drivers\dtscsi.sys -> [2009/11/24 15:18:04 | 00,223,128 | ---- | M] (DT Soft Ltd.)
(Inspect) COMODO Firewall Pro Firewall Driver [Kernel | Boot | Running] -> C:\WINDOWS\System32\DRIVERS\inspect.sys -> [2009/11/20 18:11:05 | 00,087,104 | ---- | M] (COMODO)
(cmdHlp) COMODO Firewall Pro Helper Driver [Kernel | System | Running] -> C:\WINDOWS\system32\drivers\cmdhlp.sys -> [2009/11/20 18:11:04 | 00,025,160 | ---- | M] (COMODO)
(SASKUTIL) SASKUTIL [Kernel | System | Running] -> J:\Program Files\SASKUTIL.SYS -> [2009/10/03 06:14:17 | 00,074,480 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
(LgBttPort) LGE Bluetooth TransPort [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\lgbtport.sys -> [2009/09/29 08:11:22 | 00,012,160 | ---- | M] (LG Electronics Inc.)
(LGVMODEM) LGE Virtual Modem [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\lgvmodem.sys -> [2009/09/29 08:11:20 | 00,012,928 | ---- | M] (LG Electronics Inc.)
(lgbusenum) LG Bluetooth Bus Enumerator [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\lgbtbus.sys -> [2009/09/29 08:11:20 | 00,010,496 | ---- | M] (LG Electronics Inc.)
(driverhardwarev2) driverhardwarev2 [Kernel | On_Demand | Stopped] -> C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys -> [2009/09/23 14:53:20 | 00,014,336 | ---- | M] (CybelSoft)
(aswMon2) avast! Standard Shield Support [File_System | Auto | Running] -> C:\WINDOWS\system32\drivers\aswmon2.sys -> [2009/09/15 11:56:14 | 00,094,160 | ---- | M] (ALWIL Software)
(aswSP) avast! Self Protection [Kernel | System | Running] -> C:\WINDOWS\system32\drivers\aswSP.sys -> [2009/09/15 11:55:30 | 00,114,768 | ---- | M] (ALWIL Software)
(aswFsBlk) aswFsBlk [File_System | Auto | Running] -> C:\WINDOWS\system32\drivers\aswFsBlk.sys -> [2009/09/15 11:55:19 | 00,020,560 | ---- | M] (ALWIL Software)
(USBModem) LGE Mobile USB Modem [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\lgusbmodem.sys -> [2009/08/21 02:08:00 | 00,024,960 | ---- | M] (LG Electronics Inc.)
(UsbDiag) LGE Mobile USB Serial Port [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\lgusbdiag.sys -> [2009/08/21 02:08:00 | 00,020,864 | ---- | M] (LG Electronics Inc.)
(usbbus) LGE Mobile Composite USB Device [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\lgusbbus.sys -> [2009/08/21 02:08:00 | 00,013,056 | ---- | M] (LG Electronics Inc.)
(ACSSCR) ACR38 Smart Card Reader [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\a38usb.sys -> [2009/06/09 05:58:56 | 00,033,536 | ---- | M] (Advanced Card Systems Ltd)
(SASDIFSV) SASDIFSV [Kernel | System | Running] -> J:\Program Files\SASDIFSV.SYS -> [2009/03/30 05:21:18 | 00,009,968 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
(StarOpen) StarOpen [File_System | System | Running] -> C:\WINDOWS\system32\drivers\StarOpen.sys -> [2009/01/07 07:30:58 | 00,005,632 | ---- | M] ()
(VClone) VClone [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\VClone.sys -> [2008/09/24 11:29:25 | 00,029,184 | ---- | M] (Elaborate Bytes AG)
(ElbyCDIO) ElbyCDIO Driver [Kernel | System | Running] -> C:\WINDOWS\system32\drivers\ElbyCDIO.sys -> [2008/07/21 13:11:58 | 00,024,392 | ---- | M] (Elaborate Bytes AG)
(Tcpip6) Pilote du protocole IPv6 Microsoft [Kernel | System | Running] -> C:\WINDOWS\system32\drivers\tcpip6.sys -> [2008/06/20 12:08:27 | 00,225,856 | ---- | M] (Microsoft Corporation)
(GEARAspiWDM) GEAR ASPI Filter Driver [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\GEARAspiWDM.sys -> [2008/04/17 13:12:54 | 00,015,464 | ---- | M] (GEAR Software Inc.)
(wceusbsh) Windows CE USB Serial Host Driver [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\wceusbsh.sys -> [2008/04/14 02:57:14 | 00,032,128 | ---- | M] (Microsoft Corporation)
(GcKernel) Pilote de filtre Microsoft SideWinder Value Add [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\gckernel.sys -> [2008/04/13 19:45:32 | 00,059,136 | ---- | M] (Microsoft Corporation)
(usbaudio) Pilote USB audio (WDM) [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\usbaudio.sys -> [2008/04/13 19:45:12 | 00,060,032 | ---- | M] (Microsoft Corporation)
(amdagp) Pilote de filtre du bus AMD AGP [Kernel | Boot | Running] -> C:\WINDOWS\system32\DRIVERS\amdagp.sys -> [2008/04/13 19:36:39 | 00,043,008 | ---- | M] (Advanced Micro Devices, Inc.)
(Secdrv) Secdrv [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\secdrv.sys -> [2007/11/13 11:25:54 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)
(pccsmcfd) PCCS Mode Change Filter Driver [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\pccsmcfd.sys -> [2007/09/17 14:53:26 | 00,021,632 | ---- | M] (Nokia)
(timounter) Acronis TrueImage Backup Archive Explorer [Kernel | Boot | Running] -> C:\WINDOWS\system32\DRIVERS\timntr.sys -> [2007/04/15 16:26:31 | 00,249,152 | ---- | M] (Acronis)
(tifsfilter) Acronis TrueImage FS Filter [File_System | Auto | Running] -> C:\WINDOWS\system32\drivers\tifsfilt.sys -> [2007/04/15 16:26:31 | 00,030,688 | ---- | M] (Acronis)
(snapman) Acronis Snapshots Manager [Kernel | Boot | Running] -> C:\WINDOWS\system32\DRIVERS\snapman.sys -> [2007/04/15 16:26:27 | 00,096,320 | ---- | M] (Acronis)
(PxHelp20) PxHelp20 [Kernel | Boot | Running] -> C:\WINDOWS\System32\Drivers\PxHelp20.sys -> [2007/03/08 00:51:00 | 00,043,528 | ---- | M] (Sonic Solutions)
(ALCXWDM) Service for Realtek AC97 Audio (WDM) [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\ALCXWDM.SYS -> [2007/01/25 15:37:16 | 04,027,456 | R--- | M] (Realtek Semiconductor Corp.)
(tmcomm) tmcomm [Kernel | Auto | Running] -> C:\WINDOWS\system32\drivers\tmcomm.sys -> [2006/09/13 20:23:13 | 00,076,560 | ---- | M] (Trend Micro Inc.)
(nv) nv [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\nv4_mini.sys -> [2006/08/11 14:42:42 | 03,958,496 | ---- | M] (NVIDIA Corporation)
(SASENUM) SASENUM [Kernel | On_Demand | Stopped] -> J:\Program Files\SASENUM.SYS -> [2006/02/16 16:51:08 | 00,004,096 | R--- | M] (SuperAdBlocker, Inc.)
(krait03) Razer krait USB Filter Driver [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\krait.sys -> [2005/12/07 16:27:52 | 00,013,324 | ---- | M] (Razer (Asia-Pacific) Pte Ltd)
(sfvfs02) StarForce Protection VFS Driver (version 2.x) [Kernel | Boot | Running] -> C:\WINDOWS\System32\drivers\sfvfs02.sys -> [2005/11/03 15:40:07 | 00,063,488 | ---- | M] (Protection Technology)
(ss_mdm) SAMSUNG Mobile USB Modem 1.0 Drivers [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\ss_mdm.sys -> [2005/08/30 17:59:00 | 00,094,000 | ---- | M] (MCCI)
(ss_mdfl) SAMSUNG Mobile USB Modem 1.0 Filter [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\ss_mdfl.sys -> [2005/08/30 17:58:56 | 00,008,304 | ---- | M] (MCCI)
(ss_bus) SAMSUNG Mobile USB Device 1.0 driver (WDM) [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\ss_bus.sys -> [2005/08/30 17:57:18 | 00,058,320 | ---- | M] (MCCI)
(sfdrv01) StarForce Protection Environment Driver (version 1.x) [Kernel | Boot | Running] -> C:\WINDOWS\System32\drivers\sfdrv01.sys -> [2005/08/10 13:44:04 | 00,050,688 | ---- | M] (Protection Technology)
(sfhlp02) StarForce Protection Helper Driver (version 2.x) [Kernel | Boot | Running] -> C:\WINDOWS\System32\drivers\sfhlp02.sys -> [2005/05/16 14:20:39 | 00,006,656 | ---- | M] (Protection Technology)
(HPZius12) USB to IEEE-1284.4 Translation Driver HPZius12 [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\HPZius12.sys -> [2005/03/08 05:43:27 | 00,021,744 | R--- | M] (HP)
(HPZipr12) Print Class Driver for IEEE-1284.4 HPZipr12 [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\HPZipr12.sys -> [2005/03/08 05:43:26 | 00,016,496 | R--- | M] (HP)
(HPZid412) IEEE-1284.4 Driver HPZid412 [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\HPZid412.sys -> [2005/03/08 05:43:25 | 00,051,120 | R--- | M] (HP)
(SiSkp) SiSkp [Kernel | System | Running] -> C:\WINDOWS\system32\drivers\srvkp.sys -> [2005/01/04 16:46:14 | 00,013,184 | ---- | M] (Silicon Integrated Systems Corporation)
(SiS315) SiS315 [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\sisgrp.sys -> [2005/01/04 16:01:48 | 00,239,104 | ---- | M] (Silicon Integrated Systems Corporation)
(RTL8023xp) Realtek RTL8139/810x/8169/8110 all in one NDIS XP Driver [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\Rtlnicxp.sys -> [2004/12/02 15:36:08 | 00,070,912 | ---- | M] (Realtek Semiconductor Corporation )
(SiSRaid) SiSRaid [Kernel | Boot | Stopped] -> C:\WINDOWS\system32\DRIVERS\SiSRaid.sys -> [2004/09/03 12:43:00 | 00,046,464 | ---- | M] (Silicon Integrated Systems)
(Ptilink) Pilote de liaison parallèle directe [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\ptilink.sys -> [2004/08/05 13:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.)
(RecAgent) RecAgent [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\RecAgent.sys -> [2004/08/03 21:41:40 | 00,013,776 | ---- | M] (Smart Link)
(Ser2pl) Prolific Serial port driver [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\ser2pl.sys -> [2004/06/28 14:08:56 | 00,042,752 | ---- | M] (Prolific Technology Inc.)
(Jukebox3) Jukebox3 [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\ctpdusb.sys -> [2004/05/18 00:25:00 | 00,016,880 | ---- | M] (Creative Technology Ltd.)
(PQNTDrv) PQNTDrv [Kernel | System | Running] -> C:\WINDOWS\system32\drivers\PQNTDRV.sys -> [2004/05/05 22:15:04 | 00,004,228 | ---- | M] (PowerQuest Corporation)
(JL2005) TRUST SPYC@M 100 [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\toywdm.sys -> [2003/11/28 10:46:44 | 00,070,632 | ---- | M] (Windows (R) 2000 DDK provider)
(Slntamr) SmartLink AMR_PCI Driver [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\slntamr.sys -> [2003/08/20 16:34:50 | 00,548,952 | ---- | M] ( )
(Mtlmnt5) Mtlmnt5 [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\mtlmnt5.sys -> [2003/07/16 11:30:26 | 00,221,736 | ---- | M] ( )
(Mtlstrm) Mtlstrm [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\mtlstrm.sys -> [2003/07/02 15:26:36 | 01,301,128 | ---- | M] ( )
(SlNtHal) SlNtHal [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\slnthal.sys -> [2003/07/02 15:24:36 | 00,086,128 | ---- | M] ( )
(SlWdmSup) SlWdmSup [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\slwdmsup.sys -> [2003/07/02 15:12:52 | 00,039,348 | ---- | M] (Vireo Software)
(NtMtlFax) NtMtlFax [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\ntmtlfax.sys -> [2003/07/02 14:57:10 | 00,167,384 | ---- | M] ( )
(StillCam) Pilote d'appareil photo numérique série [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\serscan.sys -> [2001/08/23 16:20:50 | 00,006,912 | ---- | M] (Microsoft Corporation)
(CmdIde) CmdIde [Kernel | Boot | Running] -> C:\WINDOWS\system32\DRIVERS\cmdide.sys -> [2001/08/23 16:04:44 | 00,006,656 | ---- | M] (CMD Technology, Inc.)
(Sparrow) Sparrow [Kernel | Boot | Running] -> C:\WINDOWS\system32\DRIVERS\sparrow.sys -> [2001/08/17 21:07:44 | 00,019,072 | ---- | M] (Adaptec, Inc.)
(sym_u3) sym_u3 [Kernel | Boot | Running] -> C:\WINDOWS\system32\DRIVERS\sym_u3.sys -> [2001/08/17 21:07:42 | 00,030,688 | ---- | M] (LSI Logic)
(sym_hi) sym_hi [Kernel | Boot | Running] -> C:\WINDOWS\system32\DRIVERS\sym_hi.sys -> [2001/08/17 21:07:40 | 00,028,384 | ---- | M] (LSI Logic)
(symc8xx) symc8xx [Kernel | Boot | Running] -> C:\WINDOWS\system32\DRIVERS\symc8xx.sys -> [2001/08/17 21:07:36 | 00,032,640 | ---- | M] (LSI Logic)
(symc810) symc810 [Kernel | Boot | Running] -> C:\WINDOWS\system32\DRIVERS\symc810.sys -> [2001/08/17 21:07:34 | 00,016,256 | ---- | M] (Symbios Logic Inc.)
(HIDSwvd) Minipilote de périphérique Microsoft SideWinder HID virtuel [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\HIDSwvd.sys -> [2001/08/17 21:02:50 | 00,002,688 | ---- | M] (Microsoft Corporation)
(ultra) ultra [Kernel | Boot | Running] -> C:\WINDOWS\system32\DRIVERS\ultra.sys -> [2001/08/17 20:52:22 | 00,036,736 | ---- | M] (Promise Technology, Inc.)
(ql12160) ql12160 [Kernel | Boot | Running] -> C:\WINDOWS\system32\DRIVERS\ql12160.sys -> [2001/08/17 20:52:20 | 00,045,312 | ---- | M] (QLogic Corporation)
(ql1080) ql1080 [Kernel | Boot | Running] -> C:\WINDOWS\system32\DRIVERS\ql1080.sys -> [2001/08/17 20:52:20 | 00,040,320 | ---- | M] (QLogic Corporation)
(ql1280) ql1280 [Kernel | Boot | Running] -> C:\WINDOWS\system32\DRIVERS\ql1280.sys -> [2001/08/17 20:52:18 | 00,049,024 | ---- | M] (QLogic Corporation)
(dac2w2k) dac2w2k [Kernel | Boot | Running] -> C:\WINDOWS\system32\DRIVERS\dac2w2k.sys -> [2001/08/17 20:52:16 | 00,179,584 | ---- | M] (Mylex Corporation)
(mraid35x) mraid35x [Kernel | Boot | Running] -> C:\WINDOWS\system32\DRIVERS\mraid35x.sys -> [2001/08/17 20:52:12 | 00,017,280 | ---- | M] (American Megatrends Inc.)
(asc) asc [Kernel | Boot | Running] -> C:\WINDOWS\system32\DRIVERS\asc.sys -> [2001/08/17 20:52:00 | 00,026,496 | ---- | M] (Advanced System Products, Inc.)
(asc3550) asc3550 [Kernel | Boot | Running] -> C:\WINDOWS\system32\DRIVERS\asc3550.sys -> [2001/08/17 20:51:58 | 00,014,848 | ---- | M] (Advanced System Products, Inc.)
(AliIde) AliIde [Kernel | Boot | Running] -> C:\WINDOWS\system32\DRIVERS\aliide.sys -> [2001/08/17 20:51:56 | 00,005,248 | ---- | M] (Acer Laboratories Inc.)

[Registry - Safe List]
<Internet> -> ->
HKEY_LOCAL_MACHINE\: Main\\"Default_Secondary_Page_URL" -> http://www.01net.com/http://www.01men.com/ [binary data] ->
HKEY_LOCAL_MACHINE\: Main\\"Secondary Start Pages" -> http://www.01net.com/http://www.01men.com/ [binary data] ->
HKEY_LOCAL_MACHINE\: Main\\"Start Page" -> http://www.google.com ->
<Internet> -> ->
HKEY_USERS\.DEFAULT\: "ProxyEnable" -> 0 ->
<Internet> -> ->
HKEY_USERS\S-1-5-18\: "ProxyEnable" -> 0 ->
<Internet> -> ->
<Internet> -> ->
HKEY_USERS\S-1-5-21-1770633121-2185212140-2792175243-1007\: Main\\"Search Page" -> http://www.google.com ->
HKEY_USERS\S-1-5-21-1770633121-2185212140-2792175243-1007\: Main\\"SearchDefaultBranded" -> 1 ->
HKEY_USERS\S-1-5-21-1770633121-2185212140-2792175243-1007\: Main\\"SearchMigratedDefaultName" -> Live Search ->
HKEY_USERS\S-1-5-21-1770633121-2185212140-2792175243-1007\: Main\\"SearchMigratedDefaultURL" -> http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?} ->
HKEY_USERS\S-1-5-21-1770633121-2185212140-2792175243-1007\: Main\\"Start Page" -> http://www.google.be/ ->
HKEY_USERS\S-1-5-21-1770633121-2185212140-2792175243-1007\: "ProxyEnable" -> 0 ->
HKEY_USERS\S-1-5-21-1770633121-2185212140-2792175243-1007\: "ProxyOverride" -> *.local ->
<FireFox> -> C:\Documents and Settings\Martine\Application Data\Mozilla\FireFox\Profiles\yt3vnwpd.default\prefs.js ->
browser.search.defaultenginename -> "Bing" ->
browser.search.defaulturl -> "http://www.bing.com/search?FORM=MIMWA5&q=" ->
browser.search.useDBForOrder -> true ->
browser.startup.homepage -> "http://www.igoogle.fr" ->
extensions.enabledItems -> {582195F5-92E7-40a0-A127-DB71295901D7}:0.5.7.5 ->
extensions.enabledItems -> jqs@sun.com:1.0 ->
extensions.enabledItems -> {07b2a769-ed19-4483-87ce-c643914c81bb}:3.0.0.62 ->
keyword.URL -> "http://www.bing.com/search?FORM=MIMWA5&q=" ->
<FireFox> -> C:\Documents and Settings\Martine\Application Data\Mozilla\FireFox\Profiles\yt3vnwpd.default\user.js ->
<FireFox> -> HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla
HKLM\software\mozilla\Firefox\Extensions -> ->
HKLM\software\mozilla\Mozilla Firefox 3.5.5\extensions -> ->
HKLM\software\mozilla\Mozilla Firefox 3.5.5\extensions\\Components -> C:\Program Files\Mozilla Firefox\components [C:\PROGRAM FILES\MOZILLA FIREFOX\COMPONENTS] -> [2009/12/04 15:38:50 | 00,000,000 | ---D | M]
HKLM\software\mozilla\Mozilla Firefox 3.5.5\extensions\\Plugins -> C:\Program Files\Mozilla Firefox\plugins [C:\PROGRAM FILES\MOZILLA FIREFOX\PLUGINS] -> [2009/12/04 09:46:52 | 00,000,000 | ---D | M]
HKLM\software\mozilla\Mozilla Thunderbird 2.0.0.22\extensions -> ->
HKLM\software\mozilla\Mozilla Thunderbird 2.0.0.22\extensions\\Components -> C:\Program Files\Mozilla Thunderbird\components [C:\PROGRAM FILES\MOZILLA THUNDERBIRD\COMPONENTS] -> [2009/12/03 10:57:46 | 00,000,000 | ---D | M]
HKLM\software\mozilla\Mozilla Thunderbird 2.0.0.22\extensions\\Plugins -> C:\Program Files\Mozilla Thunderbird\plugins [C:\PROGRAM FILES\MOZILLA THUNDERBIRD\PLUGINS] -> [2009/12/04 09:46:53 | 00,000,000 | ---D | M]
HKLM\software\mozilla\Mozilla Thunderbird 2.0.0.5\extensions -> ->
<FireFox> ->
-> C:\Documents and Settings\Martine\Application Data\Mozilla\Extensions -> [2009/08/29 11:46:11 | 00,000,000 | ---D | M]
-> C:\Documents and Settings\Martine\Application Data\Mozilla\Extensions\mozswing@mozswing.org -> [2009/08/29 11:46:11 | 00,000,000 | ---D | M]
-> C:\Documents and Settings\Martine\Application Data\Mozilla\Firefox\Profiles\yt3vnwpd.default\extensions -> [2009/12/06 09:52:52 | 00,000,000 | ---D | M]
-> C:\Documents and Settings\Martine\Application Data\Mozilla\Firefox\Profiles\yt3vnwpd.default\extensions\{07b2a769-ed19-4483-87ce-c643914c81bb} -> [2009/09/14 06:54:29 | 00,000,000 | ---D | M]
-> C:\Documents and Settings\Martine\Application Data\Mozilla\Firefox\Profiles\yt3vnwpd.default\extensions\{27c60876-b5c9-4335-b4f3-52b26782220c} -> [2009/12/03 17:18:42 | 00,000,000 | ---D | M]
-> C:\Documents and Settings\Martine\Application Data\Mozilla\Firefox\Profiles\yt3vnwpd.default\extensions\{582195F5-92E7-40a0-A127-DB71295901D7} -> [2009/10/22 05:36:33 | 00,000,000 | ---D | M]
-> C:\Documents and Settings\Martine\Application Data\Mozilla\Firefox\Profiles\yt3vnwpd.default\extensions\{84b24861-62f6-364b-eba5-2e5e2061d7e6} -> [2009/07/28 06:25:03 | 00,000,000 | ---D | M]
-> C:\Documents and Settings\Martine\Application Data\Mozilla\Firefox\Profiles\yt3vnwpd.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} -> [2009/11/29 21:01:37 | 00,000,000 | ---D | M]
-> C:\Documents and Settings\Martine\Application Data\Mozilla\Firefox\Profiles\yt3vnwpd.default\extensions\fr@dictionaries.addons.mozilla.org -> [2009/08/26 06:12:07 | 00,000,000 | ---D | M]
-> C:\Documents and Settings\Martine\Application Data\Mozilla\Firefox\Profiles\yt3vnwpd.default\extensions\imdldb@p4ul.info -> [2009/10/20 06:09:35 | 00,000,000 | ---D | M]
-> C:\Documents and Settings\Martine\Application Data\Mozilla\Firefox\Profiles\yt3vnwpd.default\extensions\piclens@cooliris(2).com -> [2008/08/24 12:44:48 | 00,000,000 | ---D | M]
-> C:\Documents and Settings\Martine\Application Data\Mozilla\Firefox\Profiles\yt3vnwpd.default\extensions\piclens@cooliris.com -> [2008/08/24 12:44:48 | 00,000,000 | ---D | M]
-> C:\Documents and Settings\Martine\Application Data\Mozilla\Firefox\Profiles\yt3vnwpd.default\extensions\piclens@cooliris.com-trash -> [2008/08/24 12:44:48 | 00,000,000 | ---D | M]
<FireFox> ->
bing.xml -> C:\Documents and Settings\Martine\Application Data\Mozilla\Firefox\Profiles\yt3vnwpd.default\searchplugins\bing.xml -> [2009/09/12 08:34:08 | 00,002,172 | ---- | M] ()
wikia-search.xml -> C:\Documents and Settings\Martine\Application Data\Mozilla\Firefox\Profiles\yt3vnwpd.default\searchplugins\wikia-search.xml -> [2009/01/26 06:25:40 | 00,015,292 | ---- | M] ()
wikipedia-eng.xml -> C:\Documents and Settings\Martine\Application Data\Mozilla\Firefox\Profiles\yt3vnwpd.default\searchplugins\wikipedia-eng.xml -> [2009/01/26 06:25:53 | 00,001,032 | ---- | M] ()
<FireFox> ->
-> C:\Program Files\Mozilla Firefox\extensions -> [2009/12/06 09:52:52 | 00,000,000 | ---D | M]
-> C:\Program Files\Mozilla Firefox\extensions\{3112ca9c-de6d-4884-a869-9855de68056c} -> [2009/08/14 14:02:38 | 00,000,000 | ---D | M]
-> C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} -> [2008/02/27 14:24:51 | 00,000,000 | ---D | M]
-> C:\Program Files\Mozilla Firefox\extensions\talkback@mozilla(2).org -> [2008/10/01 15:29:01 | 00,000,000 | ---D | M]
<HOSTS> (792 bytes and 20 lines) -> C:\WINDOWS\system32\drivers\etc\Hosts ->
Reset Hosts
127.0.0.1 localhost
< BHO's [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ ->
{18DF081C-E8AD-4283-A596-FA578C2EBDC3} [HKLM] -> C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [Adobe PDF Link Helper] -> [2009/02/27 13:07:26 | 00,075,128 | ---- | M] (Adobe Systems Incorporated)
{201f27d4-3704-41d6-89c1-aa35e39143ed} [HKLM] -> C:\Program Files\AskBarDis\bar\bin\askBar.dll [AskBar BHO] -> [2008/11/18 12:58:58 | 00,333,192 | ---- | M] (Ask.com)
{5C255C8A-E604-49b4-9D64-90988571CECB} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{9030D464-4C02-4ABF-8ECC-5164760863C6} [HKLM] -> C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [Programme d'aide de l'Assistant de connexion Windows Live] -> [2009/02/17 15:11:04 | 00,408,440 | ---- | M] (Microsoft Corporation)
{BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{DBC80044-A445-435b-BC74-9C25C1C588A9} [HKLM] -> C:\Program Files\Java\jre6\bin\jp2ssv.dll [Java(tm) Plug-In 2 SSV Helper] -> [2009/10/11 04:17:29 | 00,041,760 | ---- | M] (Sun Microsystems, Inc.)
{E7E6F031-17CE-4C07-BC86-EABFE594F69C} [HKLM] -> C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [JQSIEStartDetectorImpl Class] -> [2009/10/11 04:17:12 | 00,073,728 | ---- | M] (Sun Microsystems, Inc.)
{EAEE5C74-6D0D-4aca-9232-0DA4A7B866BA} [HKLM] -> C:\Program Files\PicLensIE\cooliris.dll [Reg Error: Value error.] -> [2008/12/18 16:54:24 | 03,741,664 | ---- | M] (Cooliris Inc.)
{F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
<Internet> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar ->
"{3041d03e-fd4b-44e0-b742-2d9b88305f98}" [HKLM] -> C:\Program Files\AskBarDis\bar\bin\askBar.dll [Foxit Toolbar] -> [2008/11/18 12:58:58 | 00,333,192 | ---- | M] (Ask.com)
"{32099AAC-C132-4136-9E9A-4E364A424E17}" [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
"{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0}" [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
"{F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA}" [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
<Internet> -> HKEY_USERS\S-1-5-21-1770633121-2185212140-2792175243-1007\Software\Microsoft\Internet Explorer\Toolbar\ ->
ShellBrowser\\"{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6}" [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
ShellBrowser\\"{ECDEE021-0D17-467F-A1FF-C7A115230949}" [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
WebBrowser\\"{0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7}" [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
WebBrowser\\"{2318C2B1-4965-11D4-9B18-009027A5CD4F}" [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
WebBrowser\\"{3041D03E-FD4B-44E0-B742-2D9B88305F98}" [HKLM] -> C:\Program Files\AskBarDis\bar\bin\askBar.dll [Foxit Toolbar] -> [2008/11/18 12:58:58 | 00,333,192 | ---- | M] (Ask.com)
WebBrowser\\"{4B3803EA-5230-4DC3-A7FC-33638F3D3542}" [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
WebBrowser\\"{4E7BD74F-2B8D-469E-A0E8-ED6AB197B82D}" [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
WebBrowser\\"{BC4FFE41-DE9F-46FA-B455-AAD49B9F9938}" [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
WebBrowser\\"{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0}" [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
WebBrowser\\"{C75C8E7E-5059-4469-AC11-D7544B260382}" [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
WebBrowser\\"{F0D4B239-DA4B-4DAF-81E4-DFEE4931A4AA}" [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
<Run> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ->
"Adobe ARM" -> C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe ["C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe"] -> [2009/09/04 12:08:30 | 00,935,288 | R--- | M] (Adobe Systems Incorporated)
"Adobe Reader Speed Launcher" -> C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe ["C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"] -> [2009/10/03 04:08:38 | 00,035,696 | ---- | M] (Adobe Systems Incorporated)
"avast!" -> J:\Avast (Anti virus)\ashDisp.exe [J:\AVAST(~1\ashDisp.exe] -> [2009/11/25 00:51:40 | 00,081,000 | ---- | M] (ALWIL Software)
"COMODO Firewall Pro" -> C:\Program Files\Comodo\Firewall\cfp.exe ["C:\Program Files\Comodo\Firewall\cfp.exe" -h] -> [2009/11/20 18:10:18 | 01,800,464 | ---- | M] (COMODO)
"COMODO Internet Security" -> C:\Program Files\Comodo\Firewall\cfp.exe ["C:\Program Files\Comodo\Firewall\cfp.exe" -h] -> [2009/11/20 18:10:18 | 01,800,464 | ---- | M] (COMODO)
"iTunesHelper" -> C:\Program Files\iTunes\iTunesHelper.exe ["C:\Program Files\iTunes\iTunesHelper.exe"] -> [2008/11/20 13:20:54 | 00,290,088 | ---- | M] (Apple Inc.)
"QuickTime Task" -> J:\Program Files\Quicktime (vidéo)\QTTask.exe ["J:\Program Files\Quicktime (vidéo)\QTTask.exe" -atboottime] -> [2009/11/10 23:08:18 | 00,417,792 | ---- | M] (Apple Inc.)
"SunJavaUpdateSched" -> C:\Program Files\Java\jre6\bin\jusched.exe ["C:\Program Files\Java\jre6\bin\jusched.exe"] -> [2009/10/11 04:17:36 | 00,149,280 | ---- | M] (Sun Microsystems, Inc.)
<Administrateur> -> C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\Démarrage ->
<All> -> C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage ->
<Default> -> C:\Documents and Settings\Default User\Menu Démarrer\Programmes\Démarrage ->
-> C:\Documents and Settings\Default User\Menu Démarrer\Programmes\Démarrage\desktop(2).ini -> [2004/08/16 17:11:02 | 00,000,084 | -HS- | M] ()
<Martine> -> C:\Documents and Settings\Martine\Menu Démarrer\Programmes\Démarrage ->
<CurrentVersion> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
\\"NoCDBurning" -> [1] -> File not found
\\"BackupNoCDBurning" -> [0] -> File not found
\\"HonorAutoRunSetting" -> [1] -> File not found
<CurrentVersion> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System
<CurrentVersion> -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer ->
<CurrentVersion> -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System ->
<CurrentVersion> -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer ->
<CurrentVersion> -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System ->
<CurrentVersion> -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer ->
HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
\\"NoDriveTypeAutoRun" -> [145] -> File not found
<CurrentVersion> -> HKEY_USERS\S-1-5-21-1770633121-2185212140-2792175243-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer ->
<CurrentVersion> -> HKEY_USERS\S-1-5-21-1770633121-2185212140-2792175243-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System ->
<Internet> -> HKEY_USERS\S-1-5-21-1770633121-2185212140-2792175243-1007\Software\Microsoft\Internet Explorer\MenuExt\ ->
&Windows Live Search -> C:\Program Files\Windows Live Toolbar\msntb.dll [res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm] -> File not found
Add to Windows &Live Favorites -> [http://favorites.live.com/quickadd.aspx] -> File not found
Crawler Search -> [tbr:iemenu] -> File not found
<Internet> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\ ->
{3437D640-C91A-458f-89F5-B9095EA4C28B}:{04F93351-81D2-4484-9982-0D55DEFFFAE6} [HKLM] -> C:\Program Files\PicLensIE\cooliris.dll [Button: Launch Cooliris] -> [2008/12/18 16:54:24 | 03,741,664 | ---- | M] (Cooliris Inc.)
{85d1f590-48f4-11d9-9669-0800200c9a66}:Exec [HKLM] -> C:\WINDOWS\bdoscandel.exe [Menu: Uninstall BitDefender Online Scanner v8] -> [2006/05/25 01:22:06 | 00,053,248 | ---- | M] ()
<Internet> -> HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Extensions\ ->
CmdMapping\\"{08B0E5C0-4FCB-11CF-AAA5-00401C608501}" [HKLM] -> [Reg Error: Value error.] -> File not found
<Internet> -> HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Extensions\ ->
CmdMapping\\"{08B0E5C0-4FCB-11CF-AAA5-00401C608501}" [HKLM] -> [Reg Error: Value error.] -> File not found
<Internet> -> HKEY_USERS\S-1-5-21-1770633121-2185212140-2792175243-1007\Software\Microsoft\Internet Explorer\Extensions\ ->
CmdMapping\\"{08B0E5C0-4FCB-11CF-AAA5-00401C608501}" [HKLM] -> [Reg Error: Value error.] -> File not found
CmdMapping\\"{2D663D1A-8670-49D9-A1A5-4C56B4E14E84}" [HKLM] -> [Reg Error: Key error.] -> File not found
CmdMapping\\"{85d1f590-48f4-11d9-9669-0800200c9a66}" [HKLM] -> C:\WINDOWS\bdoscandel.exe [Uninstall BitDefender Online Scanner v8] -> [2006/05/25 01:22:06 | 00,053,248 | ---- | M] ()
CmdMapping\\"{92780B25-18CC-41C8-B9BE-3C9C571A8263}" [HKLM] -> [Reg Error: Key error.] -> File not found
<Internet> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\ ->
<Default> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix
"" -> http://
<Trusted> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 1 domain(s) found. ->
1 domain(s) and sub-domain(s) not assigned to a zone.
<Trusted> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->
<Trusted> -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 2060 domain(s) found. ->
110 domain(s) and sub-domain(s) not assigned to a zone.
<Trusted> -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 70 range(s) found. ->
<Trusted> -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 2060 domain(s) found. ->
110 domain(s) and sub-domain(s) not assigned to a zone.
<Trusted> -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 70 range(s) found. ->
<Trusted> -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 2060 domain(s) found. ->
110 domain(s) and sub-domain(s) not assigned to a zone.
<Trusted> -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 70 range(s) found. ->
<Trusted> -> HKEY_USERS\S-1-5-21-1770633121-2185212140-2792175243-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_USERS\S-1-5-21-1770633121-2185212140-2792175243-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 1865 domain(s) found. ->
22 domain(s) and sub-domain(s) not assigned to a zone.
Zoom62
 
Messages: 25
Inscription: 03 Déc 2009, 17:22
Localisation: Bruxelles

Besoin d'aide

Messagede Zoom62 » 07 Déc 2009, 07:45

Rapport OTS suite:

<Trusted> -> HKEY_USERS\S-1-5-21-1770633121-2185212140-2792175243-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_USERS\S-1-5-21-1770633121-2185212140-2792175243-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->
<Downloaded> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\ ->
{00B71CFB-6864-4346-A978-C0A14556272C} [HKLM] -> http://messenger.zone.msn.com/binary/ms ... b31267.cab [Reg Error: Key error.] ->
{0A5FD7C5-A45C-49FC-ADB5-9952547D5715} [HKLM] -> http://www.creative.com/su/ocx/15015/CTSUEng.cab [Reg Error: Key error.] ->
{14B87622-7E19-4EA8-93B3-97215F77A6BC} [HKLM] -> http://messenger.zone.msn.com/binary/Me ... b31267.cab [Reg Error: Key error.] ->
{215B8138-A3CF-44C5-803F-8226143CFC0A} [HKLM] -> http://housecall65.trendmicro.com/house ... hcImpl.cab [Trend Micro ActiveX Scan Agent 6.6] ->
{2917297F-F02B-4B9D-81DF-494B6333150B} [HKLM] -> http://messenger.zone.msn.com/binary/Mi ... b31267.cab [Reg Error: Key error.] ->
{30528230-99f7-4bb4-88d8-fa1d4f56a2ab} [HKLM] -> C:\Program Files\Yahoo!\Common\Yinsthelper.dll [Installation Support] ->
{4F1E5B1A-2A80-42CA-8532-2D05CB959537} [HKLM] -> http://gfx2.hotmail.com/mail/w3/pr01/re ... NPUpld.cab [MSN Photo Upload Tool] ->
{5D6F45B3-9043-443D-A792-115447494D24} [HKLM] -> http://messenger.zone.msn.com/FR-BE/a-U ... E_UNO1.cab [UnoCtrl Class] ->
{5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} [HKLM] -> http://bitdefender.bwm-mediasoft.com/scan8/oscan8.cab [BDSCANONLINE Control] ->
{6414512B-B978-451D-A0D8-FCFDF33E833C} [HKLM] -> http://www.update.microsoft.com/microso ... 5285014078 [WUWebControl Class] ->
{6E32070A-766D-4EE6-879C-DC1FA91D2FC3} [HKLM] -> http://www.update.microsoft.com/microso ... 5284983656 [MUWebControl Class] ->
{74D05D43-3236-11D4-BDCD-00C04F9A3B61} [HKLM] -> http://a840.g.akamai.net/7/840/537/2005 ... scan53.cab [Reg Error: Key error.] ->
{80DD2229-B8E4-4C77-B72F-F22972D723EA} [HKLM] -> http://www.inoculer.com/antivirus/Msie/bitdefender.cab [Reg Error: Key error.] ->
{8AD9C840-044E-11D1-B3E9-00805F499D93} [HKLM] -> http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab [Java Plug-in 1.6.0_17] ->
{8E0D4DE5-3180-4024-A327-4DFAD1796A8D} [HKLM] -> http://messenger.zone.msn.com/binary/Me ... b31267.cab [Reg Error: Key error.] ->
{8FFBE65D-2C9C-4669-84BD-5829DC0B603C} [HKLM] -> http://fpdownload.macromedia.com/get/fl ... rashim.cab [Reg Error: Key error.] ->
{B8BE5E93-A60C-4D26-A2DC-220313175592} [HKLM] -> http://messenger.zone.msn.com/binary/ZI ... b56649.cab [Reg Error: Key error.] ->
{C3F79A2B-B9B4-4A66-B012-3EE46475B072} [HKLM] -> http://messenger.zone.msn.com/binary/Me ... b56907.cab [MessengerStatsClient Class] ->
{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab [Reg Error: Key error.] ->
{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab [Reg Error: Key error.] ->
{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab [Reg Error: Key error.] ->
{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab [Reg Error: Key error.] ->
{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab [Java Plug-in 1.6.0_17] ->
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab [Java Plug-in 1.6.0_17] ->
{E2883E8F-472F-4FB0-9522-AC9BF37916A7} [HKLM] -> http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab [Reg Error: Key error.] ->
{EF791A6B-FC12-4C68-99EF-FB9E207A39E6} [HKLM] -> http://download.mcafee.com/molbin/iss-l ... cfscan.cab [McFreeScan Class] ->
{F6ACF75C-C32C-447B-9BEF-46B766368D29} [HKLM] -> http://www.creative.com/su/ocx/15023/CTPID.cab [Reg Error: Key error.] ->
<Name> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\ ->
DhcpNameServer -> 192.168.1.254 ->
<Name> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\ ->
{9528EE5A-62D4-49D9-8BA5-FA09247FF4C2}\\DhcpNameServer -> 192.168.1.254 (Realtek RTL8139/810x Family Fast Ethernet NIC) ->
<AppInit_DLLs> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_DLLs ->
*AppInit_DLLs* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_Dlls ->
C:\WINDOWS\system32\guard32.dll -> C:\WINDOWS\system32\guard32.dll -> [2009/12/01 09:48:34 | 00,171,552 | ---- | M] (COMODO)
*MultiFile Done* -> ->
<Winlogon> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon ->
*Shell* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell ->
Explorer.exe -> C:\WINDOWS\explorer.exe -> [2008/04/14 03:34:03 | 01,037,824 | ---- | M] (Microsoft Corporation)
*MultiFile Done* -> ->
*UIHost* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\UIHost ->
C:\WINDOWS\system32\logonuiX.exe -> C:\WINDOWS\system32\logonuiX.exe -> [2009/12/05 16:56:01 | 04,196,352 | ---- | M] (Microsoft Corporation)
*MultiFile Done* -> ->
<Winlogon> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ ->
!SASWinLogon -> J:\Program Files\SASWINLO.DLL -> [2009/10/03 06:14:19 | 00,548,352 | ---- | M] (SUPERAntiSpyware.com)
<ShellExecuteHooks> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks ->
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}" [HKLM] -> J:\Program Files\SASSEH.DLL [] -> [2008/07/01 20:58:54 | 00,077,824 | ---- | M] (SuperAdBlocker.com)
<LSA> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\Authentication Packages ->
*LSA Authentication Packages* -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\Authentication Packages ->
relog_ap -> C:\WINDOWS\System32\relog_ap.dll -> [2006/01/17 16:36:56 | 00,008,704 | ---- | M] (Acronis)
*MultiFile Done* -> ->
<Domain> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List ->
"C:\Program Files\MSN Messenger\livecall.exe" -> C:\Program Files\MSN Messenger\livecall.exe [C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)] -> File not found
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe" -> C:\Program Files\Windows Live\Messenger\wlcsdk.exe [C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call] -> [2009/02/06 17:21:00 | 00,583,024 | ---- | M] (Microsoft Corporation)
<Standard> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List ->
"C:\Program Files\Bonjour\mDNSResponder.exe" -> C:\Program Files\Bonjour\mDNSResponder.exe [C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour] -> [2008/12/12 11:17:38 | 00,238,888 | ---- | M] (Apple Inc.)
"C:\Program Files\iTunes\iTunes.exe" -> C:\Program Files\iTunes\iTunes.exe [C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes] -> [2008/11/20 13:20:48 | 14,294,824 | ---- | M] (Apple Inc.)
"C:\Program Files\LimeWire\LimeWire.exe" -> C:\Program Files\LimeWire\LimeWire.exe [C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire] -> [2009/07/31 20:22:14 | 00,139,776 | ---- | M] (Lime Wire, LLC)
"C:\Program Files\MSN Messenger\livecall.exe" -> C:\Program Files\MSN Messenger\livecall.exe [C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)] -> File not found
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe" -> C:\Program Files\Windows Live\Messenger\wlcsdk.exe [C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call] -> [2009/02/06 17:21:00 | 00,583,024 | ---- | M] (Microsoft Corporation)
"F:\MININT\system32\p000001\APPS\skype\phone\Skype.exe" -> F:\MININT\system32\p000001\APPS\skype\phone\Skype.exe [F:\MININT\system32\p000001\APPS\skype\phone\Skype.exe:*:Enabled:Skype] -> [2005/04/19 14:14:02 | 13,192,360 | ---- | M] ()
<SafeBoot> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot ->
<CDROM> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom ->
"AutoRun" -> 1 ->
"DisplayName" -> Pilote de CD-ROM ->
"ImagePath" -> [system32\DRIVERS\cdrom.sys] -> File not found
<Drives> -> ->
C:\AUTOEXEC.BAT [] -> C:\AUTOEXEC.BAT [ NTFS ] -> [2005/10/18 20:02:16 | 00,000,000 | ---- | M] ()
F:\AUTOEXEC.BAT [@ECHO OFF | Rem Get the letter of the drive we boot from | Call GETBOOTD.BAT | Set FILESSRC=%BOOTDRIVE%: | | IF "%BOOTDRIVE%"=="C" SET ISBOOTBP=/bootbp | CLS | | IF NOT "%BOOTDRIVE%"=="A" GOTO NOTEST | IF EXIST TEST.BAT CALL TEST.BAT | :NOTEST | | :MCDSTART rem reboot if HDD backup hidden | SWITCHER /STATUS >NUL | IF ERRORLEVEL 1 SET SETBCKUP=HDD | IF ERRORLEVEL 5 SET SETBCKUP=CDROM | Rem if we boot from BP, skip the hide/unhide part | IF NOT "%BOOTDRIVE%"=="A" GOTO LABEL1B | IF NOT '%SETBCKUP%==' GOTO LABEL1 | SWITCHER /ON >NUL | REBOOT | GOTO END | | :LABEL1 | IF "%SETBCKUP%"=="HDD" SWITCHER /OFF | :LABEL1B | CLS | ECHO Loading SMARTDRV... | lh %BOOTDRIVE%:\SMARTDRV C+ /U | | REM *** RAM DRIVE DETECTION *** | ECHO Detecting RAMDRIVE... | SET LGLDRV=27 * 26 Z 25 Y 24 X 23 W 22 V 21 U 20 T 19 S 18 R 17 Q 16 P 15 | SET LGLDRV=%LGLDRV% O 14 N 13 M 12 L 11 K 10 J 9 I 8 H 7 G 6 F 5 E 4 D 3 C | CALL SETRAMD.BAT %LGLDRV% | SET LGLDRV= | PATH=%RAMD%:\ | %RAMD%: | | ECHO Set COMSPEC=%RAMD%:\COMMAND.COM... | COPY %BOOTDRIVE%:\COMMAND.COM %RAMD%:\>NUL | SET COMSPEC=%RAMD%:\COMMAND.COM | | REM 28/08/2002, SQU ****************************************************** | | ECHO SCANNING DRIVES LABELS... | COPY %BOOTDRIVE%:\SEEKDRVS.EXE %RAMD%:\>NUL | COPY %BOOTDRIVE%:\SETDRVS.BAT %RAMD%:\>NUL | CALL SETDRVS.BAT %RAMD%: | Rem if the backup is present we use it to copy files | IF "%SETBCKUP%"=="HDD" GOTO BPPRESENT | GOTO RUN | | :BPPRESENT | IF NOT "%BOOTDRIVE%"=="A" GOTO RUN | SET FILESSRC=%BACKUP%:\RSTFLOP | | Rem checking that files have been already copied onto RSTFLOP directory. | IF EXIST %filessrc%\OEMSETUP.EXE GOTO RUN | Rem copy the files to backup | MD %BACKUP%:\RSTFLOP | COPY %BOOTDRIVE%:\MSTOOLS.EXE %filessrc% /Y /V>NUL | COPY %BOOTDRIVE%:\TOOLS.EXE %filessrc% /Y /V>NUL | COPY %BOOTDRIVE%:\FLIPART.EXE %filessrc% /Y /V>NUL | COPY %BOOTDRIVE%:\SWITCHER.COM %filessrc% /Y /V>NUL | COPY %BOOTDRIVE%:\OEMSETUP.EXE %filessrc% /Y /V>NUL | IF EXIST %BOOTDRIVE%:\OTHER.EXE COPY %BOOTDRIVE%:\OTHER.EXE %filessrc% /V /Y>NUL | IF EXIST %BOOTDRIVE%:\CUSTOM.BAT COPY %BOOTDRIVE%:\CUSTOM.BAT %filessrc% /V /Y>NUL | | :RUN | | ECHO COPYING OS ONLY MASK FILE... | COPY %BOOTDRIVE%:\OSONLY.INI /Y /V>NUL | | REM ********************************************************************** | | REM *** EXTRACT TOOLS *** | IF EXIST %filessrc%\OTHER.EXE COPY %filessrc%\OTHER.EXE /V /Y>NUL | IF EXIST %filessrc%\CUSTOM.BAT COPY %filessrc%\CUSTOM.BAT /V /Y>NUL | IF EXIST %filessrc%\FLIPART.EXE COPY %filessrc%\FLIPART.EXE /V /Y>NUL | IF EXIST %filessrc%\SWITCHER.COM COPY %filessrc%\SWITCHER.COM /V /Y>NUL | | ECHO Extracting MSTOOLS... | COPY %filessrc%\MSTOOLS.EXE /Y>NUL | MSTOOLS.EXE>NUL | IF ERRORLEVEL 1 SET ERROR=1 | DEL MSTOOLS.EXE>NUL | | ECHO Extracting TOOLS... | COPY %filessrc%\TOOLS.EXE /Y>NUL | TOOLS.EXE>NUL | IF ERRORLEVEL 1 SET ERROR=1 | DEL TOOLS.EXE>NUL | | REM ECHO Copy other RamDrive files (ex:Technical support files)... | IF EXIST %BOOTDRIVE%:\RAMD\NUL COPY %BOOTDRIVE%:\RAMD\*.* /Y>NUL | | Rem -------------------------------------------------------------- | | IF '%SETBCKUP%=='CDROM GOTO CDROM | | :HDD | SET HDDDRIVE= | %BOOTDRIVE%:\SWITCHER /LOG >NUL | IF ERRORLEVEL 3 SET HDDDRIVE=C | IF ERRORLEVEL 4 SET HDDDRIVE=D | IF ERRORLEVEL 5 SET HDDDRIVE=E | IF ERRORLEVEL 6 SET HDDDRIVE=F | | IF '%HDDDRIVE%==' GOTO END | COPY %HDDDRIVE%:\drivers\mcdbf\source1\OEMSETUP.EXE %RAMD%:\>NUL | ECHO %RAMD%:\OEMSETUP.EXE /NOCHECKEXTHS /CDROM=%HDDDRIVE% /EXTRACTPATH:%HDD%: %ISBOOTBP% /PATH=%HDDDRIVE%:\SETUP /PRGF=%RAMD%: %%1 %%2 %%3 %%4>%RAMD%:\RUN.BAT | COPY %RAMD%:\RUN.BAT %RAMD%:\RUN.OLD /Y>NUL | CALL %RAMD%:\RUN.BAT | GOTO SETUPEND | | :CDROM | ECHO Checking CDROM DRIVE... | REM *** CD ROM DETECTION *** | COPY %BOOTDRIVE%:\CDINST.BAT /Y>NUL | CALL CDINST.BAT Q %RAMD% | | REM *** MISCELLANEOUS *** | ECHO Finalising... | ECHO %RAMD%:\OEMSETUP.EXE /NOCHECKEXTHS /PATH=Q:\SETUP /EXTRACTPATH:%HDD%: %ISBOOTBP% /PRGF=%RAMD%: %%1 %%2 %%3 %%4>%RAMD%:\RUN.BAT | COPY %RAMD%:\RUN.BAT %RAMD%:\RUN.OLD /Y >NUL | COPY %filessrc%\OEMSETUP.EXE %RAMD%:\>NUL | | IF EXIST %BOOTDRIVE%:\LMU\NUL XCOPY %BOOTDRIVE%:\LMU\*.* LMU\*.* /S/Y>NUL | | IF '%ERROR%=='1 GOTO ERROR_ARJ | REM *** START OEMSETUP *** | CALL %RAMD%:\RUN.BAT | GOTO SETUPEND | | :SETUPEND | ECHO Exit from OEMSETUP. | ECHO. | GOTO END | | :NOKEYB | ECHO NO KEYBOARD CONNECTED. | ECHO CHECK YOUR KEYBOARD AND RESTART YOUR SYSTEM. | ECHO. | GOTO END | | :ERROR_ARJ | ECHO ERROR Extracting MSTOOLS.EXE, TOOLS.EXE | ECHO. | GOTO END | | :END | | | ] -> F:\AUTOEXEC.BAT [ FAT32 ] -> [2003/04/10 09:24:34 | 00,004,398 | ---- | M] ()
<MountPoints2> -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2 ->
\{04ce4956-de82-11da-80bd-0013d43f8306}
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{04ce4956-de82-11da-80bd-0013d43f8306}\Shell\Open(0)\command
\{04ce4956-de82-11da-80bd-0013d43f8306}\Shell\Open(0)\command\\"" -> H:\Recycled\ctfmon.exe [H:\Recycled\ctfmon.exe] -> File not found
\{05558724-e297-11da-80c1-0013d43f8306}
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{05558724-e297-11da-80c1-0013d43f8306}\Shell
\{05558724-e297-11da-80c1-0013d43f8306}\Shell\\"" -> [AutoRun] -> File not found
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{05558724-e297-11da-80c1-0013d43f8306}\Shell\AutoRun\command
\{05558724-e297-11da-80c1-0013d43f8306}\Shell\AutoRun\command\\"" -> L:\load.exe [L:\load.exe /CDROM] -> File not found
\{4799e98f-3d81-11db-8165-0013d43f8306}
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{4799e98f-3d81-11db-8165-0013d43f8306}\Shell
\{4799e98f-3d81-11db-8165-0013d43f8306}\Shell\\"" -> [AutoRun] -> File not found
\{8e5df0df-d720-11dc-b218-0013d43f8306}
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{8e5df0df-d720-11dc-b218-0013d43f8306}\Shell\Open(0)\command
\{8e5df0df-d720-11dc-b218-0013d43f8306}\Shell\Open(0)\command\\"" -> H:\Recycled\ctfmon.exe [H:\Recycled\ctfmon.exe] -> File not found
\{baa59ac6-f012-11da-80e0-0013d43f8306}
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{baa59ac6-f012-11da-80e0-0013d43f8306}\Shell
\{baa59ac6-f012-11da-80e0-0013d43f8306}\Shell\\"" -> [AutoRun] -> File not found
<Registry> -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command ->
comfile [open] -> "%1" %* ->
exefile [open] -> "%1" %* ->

[Registry - Additional Scans - Safe List]
<EventViewer> -> Event Information -> Description
Antivirus [ Error ] 21/08/2009 2:17:53 Computer Name = Zoom | Source = avast! | ID = 33554522 -> Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of C:\Program Files\InstallShield Installation Information\{DB52432E-3AD8-41A5-A586-0F065FB6A31E}\setup.ilg failed, 00000005.
Antivirus [ Error ] 24/08/2009 3:51:22 Computer Name = Zoom | Source = avast! | ID = 33554522 -> Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of C:\Program Files\InstallShield Installation Information\{DB52432E-3AD8-41A5-A586-0F065FB6A31E}\setup.ilg failed, 00000005.
Antivirus [ Error ] 27/08/2009 1:44:00 Computer Name = Zoom | Source = avast! | ID = 33554522 -> Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of C:\Program Files\InstallShield Installation Information\{DB52432E-3AD8-41A5-A586-0F065FB6A31E}\setup.ilg failed, 00000005.
Antivirus [ Error ] 27/08/2009 1:59:49 Computer Name = Zoom | Source = avast! | ID = 33554522 -> Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of C:\RECYCLER\S-1-5-21-1770633121-2185212140-2792175243-1010\Dc1.jpg failed, 00000005.
Antivirus [ Error ] 16/09/2009 1:33:57 Computer Name = Zoom | Source = avast! | ID = 33554522 -> Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of C:\Program Files\InstallShield Installation Information\{DB52432E-3AD8-41A5-A586-0F065FB6A31E}\setup.ilg failed, 00000005.
Antivirus [ Error ] 1/10/2009 4:46:50 Computer Name = Zoom | Source = avast! | ID = 33554522 -> Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of C:\Program Files\InstallShield Installation Information\{DB52432E-3AD8-41A5-A586-0F065FB6A31E}\setup.ilg failed, 00000005.
Antivirus [ Error ] 14/10/2009 1:43:37 Computer Name = Zoom | Source = avast! | ID = 33554522 -> Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of C:\Program Files\InstallShield Installation Information\{DB52432E-3AD8-41A5-A586-0F065FB6A31E}\setup.ilg failed, 00000005.
Antivirus [ Error ] 14/10/2009 1:59:20 Computer Name = Zoom | Source = avast! | ID = 33554522 -> Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of C:\RECYCLER\S-1-5-21-1770633121-2185212140-2792175243-1010\Dc1.jpg failed, 00000005.
Antivirus [ Error ] 14/10/2009 1:59:20 Computer Name = Zoom | Source = avast! | ID = 33554522 -> Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of C:\RECYCLER\S-1-5-21-1770633121-2185212140-2792175243-1010\Dc2.jpg failed, 00000005.
Antivirus [ Error ] 24/11/2009 1:34:27 Computer Name = Zoom | Source = avast! | ID = 33554522 -> Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of C:\Program Files\InstallShield Installation Information\{DB52432E-3AD8-41A5-A586-0F065FB6A31E}\setup.ilg failed, 00000005.
Application [ Error ] 30/11/2009 12:13:45 Computer Name = Zoom | Source = Application Error | ID = 1000 -> Description = Application défaillante mpqedit.exe, version 0.0.0.0, module défaillant user32.dll, version 5.1.2600.5512, adresse de défaillance 0x000187f1.
Application [ Error ] 1/12/2009 1:27:24 Computer Name = Zoom | Source = PerfNet | ID = 2004 -> Description = Impossible d'ouvrir le Service serveur. Les données de performance du serveur ne seront pas renvoyées. Le code d'erreur renvoyé est la donnée DWORD 0.
Application [ Error ] 1/12/2009 4:48:32 Computer Name = Zoom | Source = crypt32 | ID = 131083 -> Description = Échec de l'extraction de la liste racine tierce partie depuis le fichier CAB de mise à jour automatique à : <http> avec l'erreur : Une erreur interne de chaînage des certificats s'est produite.
Application [ Error ] 1/12/2009 4:50:28 Computer Name = Zoom | Source = PerfNet | ID = 2004 -> Description = Impossible d'ouvrir le Service serveur. Les données de performance du serveur ne seront pas renvoyées. Le code d'erreur renvoyé est la donnée DWORD 0.
Application [ Error ] 1/12/2009 7:06:51 Computer Name = Zoom | Source = Application Error | ID = 1000 -> Description = Application défaillante hitmanbloodmoney.exe, version 0.0.0.0, module défaillant hitmanbloodmoney.exe, version 0.0.0.0, adresse de défaillance 0x0005d5fd.
Application [ Error ] 2/12/2009 1:42:32 Computer Name = Zoom | Source = PerfNet | ID = 2004 -> Description = Impossible d'ouvrir le Service serveur. Les données de performance du serveur ne seront pas renvoyées. Le code d'erreur renvoyé est la donnée DWORD 0.
Application [ Error ] 3/12/2009 1:08:09 Computer Name = Zoom | Source = PerfNet | ID = 2004 -> Description = Impossible d'ouvrir le Service serveur. Les données de performance du serveur ne seront pas renvoyées. Le code d'erreur renvoyé est la donnée DWORD 0.
Application [ Error ] 6/12/2009 10:05:30 Computer Name = Zoom | Source = Application Error | ID = 1000 -> Description = Application défaillante hitmanbloodmoney.exe, version 0.0.0.0, module défaillant hitmanbloodmoney.exe, version 0.0.0.0, adresse de défaillance 0x0005d47d.
Application [ Error ] 6/12/2009 10:06:24 Computer Name = Zoom | Source = Application Error | ID = 1000 -> Description = Application défaillante hitmanbloodmoney.exe, version 0.0.0.0, module défaillant hitmanbloodmoney.exe, version 0.0.0.0, adresse de défaillance 0x0005d47d.
Application [ Error ] 6/12/2009 10:35:29 Computer Name = Zoom | Source = Application Error | ID = 1000 -> Description = Application défaillante hitmanbloodmoney.exe, version 0.0.0.0, module défaillant hitmanbloodmoney.exe, version 0.0.0.0, adresse de défaillance 0x0005d47d.
System [ Error ] 6/12/2009 13:03:55 Computer Name = Zoom | Source = DCOM | ID = 10005 -> Description = DCOM a reçu l'erreur "%1058" lors de la mise en route du service SENS avec les arguments "" pour démarrer le serveur : {D3938AB0-5B9D-11D1-8DD2-00AA004ABD5E}
System [ Error ] 7/12/2009 1:09:10 Computer Name = Zoom | Source = DCOM | ID = 10005 -> Description = DCOM a reçu l'erreur "%1058" lors de la mise en route du service SENS avec les arguments "" pour démarrer le serveur : {D3938AB0-5B9D-11D1-8DD2-00AA004ABD5E}
System [ Error ] 7/12/2009 1:09:10 Computer Name = Zoom | Source = DCOM | ID = 10005 -> Description = DCOM a reçu l'erreur "%1058" lors de la mise en route du service SENS avec les arguments "" pour démarrer le serveur : {D3938AB0-5B9D-11D1-8DD2-00AA004ABD5E}
System [ Error ] 7/12/2009 1:09:10 Computer Name = Zoom | Source = DCOM | ID = 10005 -> Description = DCOM a reçu l'erreur "%1058" lors de la mise en route du service SENS avec les arguments "" pour démarrer le serveur : {D3938AB0-5B9D-11D1-8DD2-00AA004ABD5E}
System [ Error ] 7/12/2009 1:09:10 Computer Name = Zoom | Source = DCOM | ID = 10005 -> Description = DCOM a reçu l'erreur "%1058" lors de la mise en route du service SENS avec les arguments "" pour démarrer le serveur : {D3938AB0-5B9D-11D1-8DD2-00AA004ABD5E}
System [ Error ] 7/12/2009 1:09:10 Computer Name = Zoom | Source = DCOM | ID = 10005 -> Description = DCOM a reçu l'erreur "%1058" lors de la mise en route du service SENS avec les arguments "" pour démarrer le serveur : {D3938AB0-5B9D-11D1-8DD2-00AA004ABD5E}
System [ Error ] 7/12/2009 1:09:10 Computer Name = Zoom | Source = DCOM | ID = 10005 -> Description = DCOM a reçu l'erreur "%1058" lors de la mise en route du service SENS avec les arguments "" pour démarrer le serveur : {D3938AB0-5B9D-11D1-8DD2-00AA004ABD5E}
System [ Error ] 7/12/2009 1:09:10 Computer Name = Zoom | Source = DCOM | ID = 10005 -> Description = DCOM a reçu l'erreur "%1058" lors de la mise en route du service SENS avec les arguments "" pour démarrer le serveur : {D3938AB0-5B9D-11D1-8DD2-00AA004ABD5E}
System [ Error ] 7/12/2009 1:09:10 Computer Name = Zoom | Source = DCOM | ID = 10005 -> Description = DCOM a reçu l'erreur "%1058" lors de la mise en route du service SENS avec les arguments "" pour démarrer le serveur : {D3938AB0-5B9D-11D1-8DD2-00AA004ABD5E}
System [ Error ] 7/12/2009 1:16:29 Computer Name = Zoom | Source = DCOM | ID = 10005 -> Description = DCOM a reçu l'erreur "%1058" lors de la mise en route du service MDM avec les arguments "" pour démarrer le serveur : {0C0A3666-30C9-11D0-8F20-00805F2CD064}

[Files/Folders - Created Within 30 Days]
ToolBar SD -> C:\ToolBar SD -> [2009/12/07 06:23:34 | 00,000,000 | ---D | C]
OTS.exe -> C:\Documents and Settings\Martine\Bureau\OTS.exe -> [2009/12/07 06:22:41 | 00,532,992 | ---- | C] (OldTimer Tools)
RootRepeal -> C:\Program Files\RootRepeal -> [2009/12/07 06:19:19 | 00,000,000 | ---D | C]
Recent -> C:\Documents and Settings\Martine\Recent -> [2009/12/04 21:41:29 | 00,000,000 | -HSD | C]
ma-config.com -> C:\Program Files\ma-config.com -> [2009/12/04 06:58:00 | 00,000,000 | ---D | C]
ma-config.com -> C:\Documents and Settings\All Users\Application Data\ma-config.com -> [2009/12/04 06:58:00 | 00,000,000 | ---D | C]
Nero -> C:\Documents and Settings\All Users\Application Data\Nero -> [2009/11/24 15:39:15 | 00,000,000 | ---D | C]
Nero -> C:\Program Files\Fichiers communs\Nero -> [2009/11/24 15:39:12 | 00,000,000 | ---D | C]
dtscsi.sys -> C:\WINDOWS\System32\drivers\dtscsi.sys -> [2009/11/24 15:18:04 | 00,223,128 | ---- | C] (DT Soft Ltd.)
.thumbnails -> C:\Documents and Settings\Martine\.thumbnails -> [2009/11/17 09:30:17 | 00,000,000 | ---D | C]
.gimp-2.6 -> C:\Documents and Settings\Martine\.gimp-2.6 -> [2009/11/17 09:06:21 | 00,000,000 | ---D | C]
gegl-0.0 -> J:\1-Divers documents (Martine-Guy)\gegl-0.0 -> [2009/11/17 09:06:20 | 00,000,000 | ---D | C]
Karen's Power Tools -> C:\Documents and Settings\Martine\Local Settings\Application Data\Karen's Power Tools -> [2009/11/16 06:38:27 | 00,000,000 | ---D | C]
Karen's Power Tools -> C:\Documents and Settings\All Users\Application Data\Karen's Power Tools -> [2009/11/16 06:37:23 | 00,000,000 | ---D | C]
LG Electronics -> J:\1-Divers documents (Martine-Guy)\LG Electronics -> [2009/11/14 21:49:16 | 00,000,000 | ---D | C]
NMSDVDXU.dll -> C:\WINDOWS\System32\NMSDVDXU.dll -> [2009/11/14 21:47:01 | 01,164,728 | ---- | C] (NuMedia Soft, Inc.)
vsflex8u.ocx -> C:\WINDOWS\System32\vsflex8u.ocx -> [2009/11/14 21:47:01 | 00,630,784 | ---- | C] (ComponentOne)
Vsflex7L.ocx -> C:\WINDOWS\System32\Vsflex7L.ocx -> [2009/11/14 21:47:01 | 00,419,240 | ---- | C] (VideoSoft)
Msflxgrd.ocx -> C:\WINDOWS\System32\Msflxgrd.ocx -> [2009/11/14 21:47:01 | 00,244,416 | ---- | C] (Microsoft Corporation)
{D94BA408-F110-488B-A65E-3AE7945F79E6} -> C:\Documents and Settings\Martine\Application Data\{D94BA408-F110-488B-A65E-3AE7945F79E6} -> [2009/11/14 21:46:54 | 00,000,000 | -H-D | C]
FlashUsb.sys -> C:\WINDOWS\System32\drivers\FlashUsb.sys -> [2009/11/14 20:27:15 | 00,016,896 | ---- | C] (Danish Wireless Design A/S)
infineon -> C:\Program Files\infineon -> [2009/11/14 20:27:15 | 00,000,000 | ---D | C]
lgusbbus.sys -> C:\WINDOWS\System32\drivers\lgusbbus.sys -> [2009/11/14 20:24:43 | 00,013,056 | ---- | C] (LG Electronics Inc.)
GB220 -> C:\GB220 -> [2009/11/14 20:18:47 | 00,000,000 | ---D | C]
LG Electronics -> C:\Program Files\LG Electronics -> [2009/11/14 14:56:21 | 00,000,000 | ---D | C]
LG Electronics -> C:\Documents and Settings\Martine\Application Data\LG Electronics -> [2009/11/14 14:55:46 | 00,000,000 | ---D | C]
LGMOBILEAX -> C:\Documents and Settings\All Users\Application Data\LGMOBILEAX -> [2009/11/14 14:22:27 | 00,000,000 | ---D | C]
ViGlance -> C:\Documents and Settings\Martine\Application Data\ViGlance -> [2009/11/14 08:21:53 | 00,000,000 | ---D | C]
ViGlance -> C:\Program Files\ViGlance -> [2009/11/14 08:21:52 | 00,000,000 | ---D | C]
QuickTimeVR.qtx -> C:\WINDOWS\System32\QuickTimeVR.qtx -> [2009/11/10 23:08:24 | 00,094,208 | ---- | C] (Apple Inc.)
QuickTime.qts -> C:\WINDOWS\System32\QuickTime.qts -> [2009/11/10 23:08:24 | 00,069,632 | ---- | C] (Apple Inc.)
gtk-2.0 -> C:\Documents and Settings\Martine\Application Data\gtk-2.0 -> [2009/11/08 17:59:28 | 00,000,000 | ---D | C]
Inkscape -> C:\Documents and Settings\Martine\Application Data\Inkscape -> [2009/11/07 19:56:27 | 00,000,000 | ---D | C]
winddx.sys -> C:\WINDOWS\System32\drivers\winddx.sys -> [2005/07/24 16:07:01 | 00,014,976 | ---- | C] ( )
mtlstrm.sys -> C:\WINDOWS\System32\drivers\mtlstrm.sys -> [1979/12/31 23:00:00 | 01,301,128 | ---- | C] ( )
slntamr.sys -> C:\WINDOWS\System32\drivers\slntamr.sys -> [1979/12/31 23:00:00 | 00,548,952 | ---- | C] ( )
mtlmnt5.sys -> C:\WINDOWS\System32\drivers\mtlmnt5.sys -> [1979/12/31 23:00:00 | 00,221,736 | ---- | C] ( )
ntmtlfax.sys -> C:\WINDOWS\System32\drivers\ntmtlfax.sys -> [1979/12/31 23:00:00 | 00,167,384 | ---- | C] ( )
slnthal.sys -> C:\WINDOWS\System32\drivers\slnthal.sys -> [1979/12/31 23:00:00 | 00,086,128 | ---- | C] ( )
4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp ->

[Files/Folders - Modified Within 30 Days]
ntuser.dat -> C:\Documents and Settings\Martine\ntuser.dat -> [2009/12/07 06:33:24 | 11,272,192 | ---- | M] ()
ntuser.ini -> C:\Documents and Settings\Martine\ntuser.ini -> [2009/12/07 06:33:24 | 00,000,284 | -HS- | M] ()
IconCache.db -> C:\Documents and Settings\Martine\Local Settings\Application Data\IconCache.db -> [2009/12/07 06:33:14 | 09,717,636 | -H-- | M] ()
OTS.exe -> C:\Documents and Settings\Martine\Bureau\OTS.exe -> [2009/12/07 06:22:44 | 00,532,992 | ---- | M] (OldTimer Tools)
ToolBarSD.exe -> C:\Documents and Settings\Martine\Bureau\ToolBarSD.exe -> [2009/12/07 06:17:36 | 00,343,020 | ---- | M] ()
bootstat.dat -> C:\WINDOWS\bootstat.dat -> [2009/12/07 06:08:26 | 00,002,048 | --S- | M] ()
CONFIG.NT -> C:\WINDOWS\System32\CONFIG.NT -> [2009/12/06 09:19:26 | 00,003,105 | ---- | M] ()
logonuiX.exe -> C:\WINDOWS\System32\logonuiX.exe -> [2009/12/05 16:56:01 | 04,196,352 | ---- | M] (Microsoft Corporation)
LogonStudio.ini -> C:\WINDOWS\LogonStudio.ini -> [2009/12/05 16:54:03 | 00,000,024 | ---- | M] ()
PerfStringBackup.INI -> C:\WINDOWS\System32\PerfStringBackup.INI -> [2009/12/05 07:33:19 | 01,148,376 | ---- | M] ()
perfh00C.dat -> C:\WINDOWS\System32\perfh00C.dat -> [2009/12/05 07:33:19 | 00,521,400 | ---- | M] ()
perfh009.dat -> C:\WINDOWS\System32\perfh009.dat -> [2009/12/05 07:33:19 | 00,448,016 | ---- | M] ()
perfh040.dat -> C:\WINDOWS\System32\perfh040.dat -> [2009/12/05 07:33:19 | 00,440,380 | ---- | M] ()
perfc00C.dat -> C:\WINDOWS\System32\perfc00C.dat -> [2009/12/05 07:33:19 | 00,090,222 | ---- | M] ()
perfc009.dat -> C:\WINDOWS\System32\perfc009.dat -> [2009/12/05 07:33:19 | 00,073,982 | ---- | M] ()
perfc040.dat -> C:\WINDOWS\System32\perfc040.dat -> [2009/12/05 07:33:19 | 00,061,112 | ---- | M] ()
Adobe Reader 9.lnk -> C:\Documents and Settings\All Users\Bureau\Adobe Reader 9.lnk -> [2009/12/04 09:46:53 | 00,001,732 | ---- | M] ()
mbamswissarmy.sys -> C:\WINDOWS\System32\drivers\mbamswissarmy.sys -> [2009/12/03 16:14:06 | 00,038,224 | ---- | M] (Malwarebytes Corporation)
mbam.sys -> C:\WINDOWS\System32\drivers\mbam.sys -> [2009/12/03 16:13:56 | 00,019,160 | ---- | M] (Malwarebytes Corporation)
iTunes.lnk -> C:\Documents and Settings\All Users\Bureau\iTunes.lnk -> [2009/12/03 11:15:01 | 00,002,341 | ---- | M] ()
QuickTime Player.lnk -> C:\Documents and Settings\All Users\Bureau\QuickTime Player.lnk -> [2009/12/03 10:57:29 | 00,001,518 | ---- | M] ()
win.ini -> C:\WINDOWS\win.ini -> [2009/12/03 08:08:13 | 00,000,919 | ---- | M] ()
boot.ini -> C:\boot.ini -> [2009/12/03 08:08:13 | 00,000,456 | -HS- | M] ()
system.ini -> C:\WINDOWS\system.ini -> [2009/12/03 08:08:13 | 00,000,256 | ---- | M] ()
CCleaner.lnk -> C:\Documents and Settings\Martine\Bureau\CCleaner.lnk -> [2009/12/02 08:26:10 | 00,000,666 | ---- | M] ()
guard32.dll -> C:\WINDOWS\System32\guard32.dll -> [2009/12/01 09:48:34 | 00,171,552 | ---- | M] (COMODO)
cmdguard.sys -> C:\WINDOWS\System32\drivers\cmdguard.sys -> [2009/12/01 09:48:31 | 00,133,064 | ---- | M] (COMODO)
DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> C:\Documents and Settings\Martine\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> [2009/11/29 19:34:59 | 00,034,304 | ---- | M] ()
aswBoot.exe -> C:\WINDOWS\System32\aswBoot.exe -> [2009/11/25 00:54:29 | 01,280,480 | ---- | M] (ALWIL Software)
aswmon.sys -> C:\WINDOWS\System32\drivers\aswmon.sys -> [2009/11/25 00:51:09 | 00,093,424 | ---- | M] (ALWIL Software)
aswTdi.sys -> C:\WINDOWS\System32\drivers\aswTdi.sys -> [2009/11/25 00:49:07 | 00,048,560 | ---- | M] (ALWIL Software)
aswRdr.sys -> C:\WINDOWS\System32\drivers\aswRdr.sys -> [2009/11/25 00:48:57 | 00,023,120 | ---- | M] (ALWIL Software)
aavmker4.sys -> C:\WINDOWS\System32\drivers\aavmker4.sys -> [2009/11/25 00:47:54 | 00,027,408 | ---- | M] (ALWIL Software)
AvastSS.scr -> C:\WINDOWS\System32\AvastSS.scr -> [2009/11/25 00:47:28 | 00,097,480 | ---- | M] (ALWIL Software)
CmdLineExt.dll -> C:\WINDOWS\System32\CmdLineExt.dll -> [2009/11/24 16:23:58 | 00,098,304 | ---- | M] (Sony DADC Austria AG.)
sptd.sys -> C:\WINDOWS\System32\drivers\sptd.sys -> [2009/11/24 15:24:27 | 00,721,904 | ---- | M] ()
dtscsi.sys -> C:\WINDOWS\System32\drivers\dtscsi.sys -> [2009/11/24 15:18:04 | 00,223,128 | ---- | M] (DT Soft Ltd.)
Vuze.lnk -> C:\Documents and Settings\All Users\Bureau\Vuze.lnk -> [2009/11/24 11:04:28 | 00,001,508 | ---- | M] ()
PnkBstrA.exe -> C:\WINDOWS\System32\PnkBstrA.exe -> [2009/11/22 10:13:34 | 00,066,872 | ---- | M] ()
wpa.dbl -> C:\WINDOWS\System32\wpa.dbl -> [2009/11/21 07:17:34 | 00,001,158 | ---- | M] ()
inspect.sys -> C:\WINDOWS\System32\drivers\inspect.sys -> [2009/11/20 18:11:05 | 00,087,104 | ---- | M] (COMODO)
cmdhlp.sys -> C:\WINDOWS\System32\drivers\cmdhlp.sys -> [2009/11/20 18:11:04 | 00,025,160 | ---- | M] (COMODO)
.recently-used.xbel -> C:\Documents and Settings\Martine\.recently-used.xbel -> [2009/11/20 09:25:55 | 00,000,218 | ---- | M] ()
37g86v47.exe.lnk -> C:\Documents and Settings\Martine\Bureau\37g86v47.exe.lnk -> [2009/11/19 06:56:45 | 00,000,653 | ---- | M] ()
GIMP 2.lnk -> C:\Documents and Settings\All Users\Bureau\GIMP 2.lnk -> [2009/11/17 09:06:11 | 00,000,743 | ---- | M] ()
Microsoft Word.lnk -> C:\Documents and Settings\Martine\Bureau\Microsoft Word.lnk -> [2009/11/17 07:49:45 | 00,002,551 | ---- | M] ()
LG PC Suite III.lnk -> C:\Documents and Settings\Martine\Bureau\LG PC Suite III.lnk -> [2009/11/14 21:47:17 | 00,000,910 | ---- | M] ()
lgAxconfig.ini -> C:\WINDOWS\System32\lgAxconfig.ini -> [2009/11/14 20:28:29 | 00,002,412 | ---- | M] ()
GDIPFONTCACHEV1.DAT -> C:\WINDOWS\System32\GDIPFONTCACHEV1.DAT -> [2009/11/14 20:10:00 | 00,046,952 | ---- | M] ()
FNTCACHE.DAT -> C:\WINDOWS\System32\FNTCACHE.DAT -> [2009/11/14 15:16:00 | 00,203,272 | ---- | M] ()
QuickTimeVR.qtx -> C:\WINDOWS\System32\QuickTimeVR.qtx -> [2009/11/10 23:08:24 | 00,094,208 | ---- | M] (Apple Inc.)
QuickTime.qts -> C:\WINDOWS\System32\QuickTime.qts -> [2009/11/10 23:08:24 | 00,069,632 | ---- | M] (Apple Inc.)
7 C:\Documents and Settings\Martine\Local Settings\Temp\*.tmp files -> C:\Documents and Settings\Martine\Local Settings\Temp\*.tmp ->
4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp ->

[Files - No Company Name]
ToolBarSD.exe -> C:\Documents and Settings\Martine\Bureau\ToolBarSD.exe -> [2009/12/07 06:17:35 | 00,343,020 | ---- | C] ()
Adobe Reader 9.lnk -> C:\Documents and Settings\All Users\Bureau\Adobe Reader 9.lnk -> [2009/12/04 09:46:53 | 00,001,732 | ---- | C] ()
iTunes.lnk -> C:\Documents and Settings\All Users\Bureau\iTunes.lnk -> [2009/12/03 11:15:01 | 00,002,341 | ---- | C] ()
QuickTime Player.lnk -> C:\Documents and Settings\All Users\Bureau\QuickTime Player.lnk -> [2009/12/03 10:57:29 | 00,001,518 | ---- | C] ()
.recently-used.xbel -> C:\Documents and Settings\Martine\.recently-used.xbel -> [2009/11/20 09:25:55 | 00,000,218 | ---- | C] ()
37g86v47.exe.lnk -> C:\Documents and Settings\Martine\Bureau\37g86v47.exe.lnk -> [2009/11/19 06:56:51 | 00,000,653 | ---- | C] ()
GIMP 2.lnk -> C:\Documents and Settings\All Users\Bureau\GIMP 2.lnk -> [2009/11/17 09:06:11 | 00,000,743 | ---- | C] ()
LG PC Suite III.lnk -> C:\Documents and Settings\Martine\Bureau\LG PC Suite III.lnk -> [2009/11/14 21:47:17 | 00,000,910 | ---- | C] ()
CommonDL.dll -> C:\WINDOWS\System32\CommonDL.dll -> [2009/11/14 14:23:12 | 00,053,248 | ---- | C] ()
lgAxconfig.ini -> C:\WINDOWS\System32\lgAxconfig.ini -> [2009/11/14 14:23:12 | 00,002,412 | ---- | C] ()
actskin4.ocx -> C:\WINDOWS\System32\actskin4.ocx -> [2009/11/13 23:33:11 | 00,380,928 | ---- | C] ()
xrxscnui.dll -> C:\WINDOWS\System32\xrxscnui.dll -> [2009/09/24 16:28:00 | 00,018,944 | ---- | C] ()
usbr38.dll -> C:\WINDOWS\System32\usbr38.dll -> [2009/06/09 05:58:56 | 00,110,592 | ---- | C] ()
Multimedia manager.INI -> C:\WINDOWS\Multimedia manager.INI -> [2009/01/07 07:54:45 | 00,000,033 | ---- | C] ()
StarOpen.sys -> C:\WINDOWS\System32\drivers\StarOpen.sys -> [2009/01/07 07:15:07 | 00,005,632 | ---- | C] ()
permis.ini -> C:\WINDOWS\permis.ini -> [2008/12/23 19:33:44 | 00,000,011 | ---- | C] ()
PnkBstrK.sys -> C:\WINDOWS\System32\drivers\PnkBstrK.sys -> [2008/12/20 11:48:02 | 00,138,520 | ---- | C] ()
HP_RedboxHprblog_HPSU.ini -> C:\WINDOWS\HP_RedboxHprblog_HPSU.ini -> [2008/12/10 16:52:29 | 00,000,221 | ---- | C] ()
qt-dx331.dll -> C:\WINDOWS\System32\qt-dx331.dll -> [2008/07/23 17:50:52 | 03,596,288 | ---- | C] ()
dtu100.dll.manifest -> C:\WINDOWS\System32\dtu100.dll.manifest -> [2008/07/23 17:47:34 | 00,000,416 | ---- | C] ()
dpl100.dll.manifest -> C:\WINDOWS\System32\dpl100.dll.manifest -> [2008/07/23 17:47:34 | 00,000,416 | ---- | C] ()
DivXWMPExtType.dll -> C:\WINDOWS\System32\DivXWMPExtType.dll -> [2008/07/23 17:46:38 | 00,012,288 | ---- | C] ()
libeay32.dll -> C:\WINDOWS\System32\libeay32.dll -> [2008/05/31 14:00:36 | 00,688,128 | ---- | C] ()
SSLeay32.dll -> C:\WINDOWS\System32\SSLeay32.dll -> [2008/05/31 14:00:36 | 00,155,648 | ---- | C] ()
bass.dll -> C:\WINDOWS\System32\bass.dll -> [2008/04/13 17:26:17 | 00,081,332 | ---- | C] ()
binkw32.dll -> C:\WINDOWS\System32\binkw32.dll -> [2008/03/25 11:50:28 | 00,347,136 | ---- | C] ()
Trial The Santa Claus 3D.dll -> C:\WINDOWS\System32\Trial The Santa Claus 3D.dll -> [2007/12/14 09:52:27 | 00,000,003 | ---- | C] ()
MyDrivers.ini -> C:\WINDOWS\MyDrivers.ini -> [2007/12/12 09:54:02 | 00,000,193 | ---- | C] ()
LogonStudio.ini -> C:\WINDOWS\LogonStudio.ini -> [2007/12/06 11:15:19 | 00,000,024 | ---- | C] ()
stricot.ini -> C:\WINDOWS\stricot.ini -> [2007/12/05 19:38:41 | 00,003,459 | ---- | C] ()
cdplayer.ini -> C:\WINDOWS\cdplayer.ini -> [2007/12/02 13:36:27 | 00,000,034 | ---- | C] ()
ebcefaa_r.dll -> C:\WINDOWS\System32\ebcefaa_r.dll -> [2007/06/12 06:43:34 | 00,000,206 | ---- | C] ()
aaafe_s.dll -> C:\WINDOWS\System32\aaafe_s.dll -> [2007/05/06 08:46:38 | 00,000,041 | ---- | C] ()
dump_wmimmc.sys -> C:\WINDOWS\System32\drivers\dump_wmimmc.sys -> [2007/04/10 16:38:23 | 00,155,411 | ---- | C] ()
NCLogConfig.ini -> C:\WINDOWS\NCLogConfig.ini -> [2007/01/07 13:32:41 | 00,000,221 | ---- | C] ()
HP_48BitScanUpdatePatch.ini -> C:\WINDOWS\HP_48BitScanUpdatePatch.ini -> [2007/01/07 13:25:47 | 00,000,214 | ---- | C] ()
sptd.sys -> C:\WINDOWS\System32\drivers\sptd.sys -> [2006/09/06 09:23:05 | 00,721,904 | ---- | C] ()
Radio_Fr.ini -> C:\WINDOWS\Radio_Fr.ini -> [2006/09/04 12:56:59 | 00,001,208 | ---- | C] ()
DigimaxMaster.INI -> C:\WINDOWS\DigimaxMaster.INI -> [2006/08/28 15:40:12 | 00,000,736 | ---- | C] ()
xvidcore.dll -> C:\WINDOWS\System32\xvidcore.dll -> [2006/08/24 15:58:51 | 00,589,824 | ---- | C] ()
xvidvfw.dll -> C:\WINDOWS\System32\xvidvfw.dll -> [2006/08/24 15:58:51 | 00,180,224 | ---- | C] ()
wininit.ini -> C:\WINDOWS\wininit.ini -> [2006/08/21 18:51:10 | 00,001,160 | ---- | C] ()
nvhwvid.dll -> C:\WINDOWS\System32\nvhwvid.dll -> [2006/08/11 14:45:20 | 00,581,632 | ---- | C] ()
nvapi.dll -> C:\WINDOWS\System32\nvapi.dll -> [2006/08/11 14:43:10 | 00,196,608 | ---- | C] ()
nvwdmcpl.dll -> C:\WINDOWS\System32\nvwdmcpl.dll -> [2006/08/11 14:43:00 | 01,662,976 | ---- | C] ()
nview.dll -> C:\WINDOWS\System32\nview.dll -> [2006/08/11 14:43:00 | 01,470,464 | ---- | C] ()
nvwimg.dll -> C:\WINDOWS\System32\nvwimg.dll -> [2006/08/11 14:43:00 | 01,019,904 | ---- | C] ()
nvshell.dll -> C:\WINDOWS\System32\nvshell.dll -> [2006/08/11 14:43:00 | 00,466,944 | ---- | C] ()
nvnt4cpl.dll -> C:\WINDOWS\System32\nvnt4cpl.dll -> [2006/08/11 14:43:00 | 00,286,720 | ---- | C] ()
StationRipper.INI -> C:\WINDOWS\StationRipper.INI -> [2006/08/08 08:16:03 | 00,000,067 | ---- | C] ()
hcextoutput.dll -> C:\WINDOWS\hcextoutput.dll -> [2006/08/05 07:38:50 | 00,071,749 | ---- | C] ()
tsc.ini -> C:\WINDOWS\tsc.ini -> [2006/08/05 07:38:50 | 00,000,823 | ---- | C] ()
GetServer.ini -> C:\WINDOWS\GetServer.ini -> [2006/08/05 07:38:11 | 00,000,170 | ---- | C] ()
CmdLineExt03.dll -> C:\WINDOWS\System32\CmdLineExt03.dll -> [2006/07/28 11:19:02 | 00,043,520 | ---- | C] ()
PdeSrvps.dll -> C:\WINDOWS\System32\PdeSrvps.dll -> [2006/07/27 06:42:24 | 00,028,672 | ---- | C] ()
UNWISE.INI -> C:\WINDOWS\UNWISE.INI -> [2006/07/27 06:42:22 | 00,005,885 | ---- | C] ()
GlobalUserInterface.CompositeFont -> C:\WINDOWS\Fonts\GlobalUserInterface.CompositeFont -> [2006/06/29 13:58:52 | 00,030,808 | ---- | C] ()
GlobalSansSerif.CompositeFont -> C:\WINDOWS\Fonts\GlobalSansSerif.CompositeFont -> [2006/06/29 13:53:56 | 00,026,489 | ---- | C] ()
cdtppoint.ini -> C:\WINDOWS\cdtppoint.ini -> [2006/06/03 06:35:41 | 00,000,021 | ---- | C] ()
Navigma.INI -> C:\WINDOWS\Navigma.INI -> [2006/05/26 15:23:23 | 00,000,040 | ---- | C] ()
ActiveSkin.INI -> C:\WINDOWS\ActiveSkin.INI -> [2006/05/13 16:43:05 | 00,000,112 | ---- | C] ()
GlobalSerif.CompositeFont -> C:\WINDOWS\Fonts\GlobalSerif.CompositeFont -> [2006/04/18 14:39:28 | 00,029,779 | ---- | C] ()
GlobalMonospace.CompositeFont -> C:\WINDOWS\Fonts\GlobalMonospace.CompositeFont -> [2006/04/18 14:39:28 | 00,026,040 | ---- | C] ()
CielComponent.ini -> C:\WINDOWS\System32\CielComponent.ini -> [2006/02/27 05:54:15 | 00,000,039 | ---- | C] ()
XXXProgress.dll -> C:\WINDOWS\System32\XXXProgress.dll -> [2006/02/27 05:52:48 | 00,110,592 | ---- | C] ()
CD_Start.INI -> C:\WINDOWS\CD_Start.INI -> [2006/02/27 05:50:21 | 00,000,032 | ---- | C] ()
SIntfNT.dll -> C:\WINDOWS\System32\SIntfNT.dll -> [2005/12/17 13:49:50 | 00,021,840 | ---- | C] ()
SIntf32.dll -> C:\WINDOWS\System32\SIntf32.dll -> [2005/12/17 13:49:50 | 00,017,212 | ---- | C] ()
SIntf16.dll -> C:\WINDOWS\System32\SIntf16.dll -> [2005/12/17 13:49:50 | 00,012,067 | ---- | C] ()
fxsperf.ini -> C:\WINDOWS\System32\fxsperf.ini -> [2005/10/18 18:56:51 | 00,003,712 | ---- | C] ()
GALLERY.INI -> C:\WINDOWS\GALLERY.INI -> [2005/10/15 18:03:32 | 00,000,302 | ---- | C] ()
SIERRA.INI -> C:\WINDOWS\SIERRA.INI -> [2005/10/05 18:03:14 | 00,000,021 | ---- | C] ()
cp21_comeai.dll -> C:\WINDOWS\System32\cp21_comeai.dll -> [2005/10/02 16:02:47 | 00,260,096 | ---- | C] ()
smscfg.ini -> C:\WINDOWS\smscfg.ini -> [2005/07/24 16:40:04 | 00,000,061 | ---- | C] ()
ODBC.INI -> C:\WINDOWS\ODBC.INI -> [2005/07/24 16:29:24 | 00,000,497 | ---- | C] ()
HDReg.ini -> C:\WINDOWS\HDReg.ini -> [2005/07/24 16:26:40 | 00,007,584 | ---- | C] ()
SETUPPC.INI -> C:\WINDOWS\System32\SETUPPC.INI -> [2005/07/24 16:21:46 | 00,000,501 | ---- | C] ()
VGAsetup.ini -> C:\WINDOWS\VGAsetup.ini -> [2005/07/24 16:13:45 | 00,083,822 | ---- | C] ()
VGAunistlog.ini -> C:\WINDOWS\System32\VGAunistlog.ini -> [2005/07/24 16:13:36 | 00,097,931 | ---- | C] ()
avrack.ini -> C:\WINDOWS\avrack.ini -> [2005/07/24 16:13:04 | 00,000,164 | ---- | C] ()
RTLCPAPI.dll -> C:\WINDOWS\System32\RTLCPAPI.dll -> [2005/07/24 16:13:03 | 00,147,456 | ---- | C] ()
SLLights.dll -> C:\WINDOWS\System32\SLLights.dll -> [2005/07/24 16:07:01 | 00,475,136 | ---- | C] ()
amr_cpl.dll -> C:\WINDOWS\System32\amr_cpl.dll -> [2005/07/24 16:07:01 | 00,155,648 | ---- | C] ()
SLMOHServ.dll -> C:\WINDOWS\System32\SLMOHServ.dll -> [2005/07/24 16:07:01 | 00,135,168 | ---- | C] ()
qt-mt334.dll -> C:\WINDOWS\System32\qt-mt334.dll -> [2005/06/22 20:54:30 | 04,202,496 | ---- | C] ()
qt-mt334(4).dll -> C:\WINDOWS\System32\qt-mt334(4).dll -> [2005/06/22 20:54:30 | 04,202,496 | ---- | C] ()
qt-mt334(3).dll -> C:\WINDOWS\System32\qt-mt334(3).dll -> [2005/06/22 20:54:30 | 04,202,496 | ---- | C] ()
qt-mt334(2).dll -> C:\WINDOWS\System32\qt-mt334(2).dll -> [2005/06/22 20:54:30 | 04,202,496 | ---- | C] ()
OEMINFO.INI -> C:\WINDOWS\System32\OEMINFO.INI -> [2005/05/20 13:05:02 | 00,005,606 | ---- | C] ()
OEMINFO(2).INI -> C:\WINDOWS\System32\OEMINFO(2).INI -> [2005/05/20 13:05:02 | 00,005,606 | ---- | C] ()
bdoscandellang.ini -> C:\WINDOWS\bdoscandellang.ini -> [2005/03/14 13:38:28 | 00,000,469 | ---- | C] ()
orun32.ini -> C:\WINDOWS\orun32.ini -> [2004/08/16 17:25:16 | 00,000,926 | ---- | C] ()
secdrv(2).sys -> C:\WINDOWS\System32\drivers\secdrv(2).sys -> [2004/08/16 16:41:02 | 00,027,440 | ---- | C] ()
msdmo(9).dll -> C:\WINDOWS\System32\msdmo(9).dll -> [2004/08/16 16:40:40 | 00,014,336 | ---- | C] ()
msdmo(8).dll -> C:\WINDOWS\System32\msdmo(8).dll -> [2004/08/16 16:40:40 | 00,014,336 | ---- | C] ()
msdmo(7).dll -> C:\WINDOWS\System32\msdmo(7).dll -> [2004/08/16 16:40:40 | 00,014,336 | ---- | C] ()
msdmo(6).dll -> C:\WINDOWS\System32\msdmo(6).dll -> [2004/08/16 16:40:40 | 00,014,336 | ---- | C] ()
msdmo(5).dll -> C:\WINDOWS\System32\msdmo(5).dll -> [2004/08/16 16:40:40 | 00,014,336 | ---- | C] ()
msdmo(4).dll -> C:\WINDOWS\System32\msdmo(4).dll -> [2004/08/16 16:40:40 | 00,014,336 | ---- | C] ()
msdmo(3).dll -> C:\WINDOWS\System32\msdmo(3).dll -> [2004/08/16 16:40:40 | 00,014,336 | ---- | C] ()
msdmo(2).dll -> C:\WINDOWS\System32\msdmo(2).dll -> [2004/08/16 16:40:40 | 00,014,336 | ---- | C] ()
ir32_32(3).dll -> C:\WINDOWS\System32\ir32_32(3).dll -> [2004/08/16 16:40:31 | 00,199,168 | ---- | C] ()
ir32_32(2).dll -> C:\WINDOWS\System32\ir32_32(2).dll -> [2004/08/16 16:40:31 | 00,199,168 | ---- | C] ()
RGSS100J.dll -> C:\WINDOWS\System32\RGSS100J.dll -> [2004/08/03 16:00:00 | 00,773,120 | ---- | C] ()
aucfg.ini -> C:\WINDOWS\aucfg.ini -> [2002/11/01 15:17:50 | 00,000,256 | ---- | C] ()
tmupdate.ini -> C:\WINDOWS\tmupdate.ini -> [2002/07/04 14:05:34 | 00,000,269 | ---- | C] ()
patchw32.dll -> C:\WINDOWS\patchw32.dll -> [2001/12/14 12:34:46 | 00,164,864 | ---- | C] ()
HPTCPMON.INI -> C:\WINDOWS\System32\HPTCPMON.INI -> [2001/07/06 14:30:00 | 00,003,279 | ---- | C] ()
AuHCcup1.ini -> C:\WINDOWS\AuHCcup1.ini -> [1999/07/23 12:46:48 | 00,000,116 | ---- | C] ()
AuHCcup1.dll -> C:\WINDOWS\AuHCcup1.dll -> [1999/07/23 09:53:20 | 00,129,536 | ---- | C] ()
MSRTEDIT.DLL -> C:\WINDOWS\System32\MSRTEDIT.DLL -> [1999/01/22 19:46:58 | 00,065,536 | ---- | C] ()
TWAIN32d.dll -> C:\WINDOWS\System32\TWAIN32d.dll -> [1998/09/14 20:43:16 | 00,065,536 | ---- | C] ()
slextspk.dll -> C:\WINDOWS\System32\slextspk.dll -> [1979/12/31 23:00:00 | 00,188,416 | ---- | C] ()
SLGen.dll -> C:\WINDOWS\System32\SLGen.dll -> [1979/12/31 23:00:00 | 00,159,744 | ---- | C] ()
property.dll -> C:\WINDOWS\System32\property.dll -> [1979/12/31 23:00:00 | 00,135,168 | ---- | C] ()
coinst.dll -> C:\WINDOWS\System32\coinst.dll -> [1979/12/31 23:00:00 | 00,049,152 | ---- | C] ()

[Alternate Data Streams]
@Alternate Data Stream - 114 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:EEE39B00
@Alternate Data Stream - 133 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:05EE1EEF
<End>
[/code]
Zoom62
 
Messages: 25
Inscription: 03 Déc 2009, 17:22
Localisation: Bruxelles

Suivante

Retourner vers Sécurité (Contamination - Décontamination)

Qui est en ligne

Utilisateurs parcourant ce forum: Aucun utilisateur enregistré et 9 invités