Fonctionnement du PC devenu trés lent et parfois anormal

Sécurité et insécurité. Virus, Trojans, Spywares, Failles etc. …

Modérateur: Modérateurs et Modératrices

Règles du forum
Assiste.com a suspendu l'assistance à la décontamination après presque 15 ans sur l'ancien forum puis celui-ci. Voir :

Procédure de décontamination 1 - Anti-malware
Décontamination anti-malwares

Procédure de décontamination 2 - Anti-malware et antivirus (La Manip)
La Manip - Procédure standard de décontamination

Entretien périodique d'un PC sous Windows
Entretien périodique d'un PC sous Windows

Protection des navigateurs, de la navigation et de la vie privée
Protéger le navigateur, la navigation et la vie privée

Fonctionnement du PC devenu trés lent et parfois anormal

Messagede lm33980 » 06 Fév 2010, 09:19

Bonjour à tous,

Mon ordinateur a déjà fait l'objet d'une analyse HijackThis et aprés quelques réglages (dans le service DNS entre autres), il réagissait à nouveau normalement.
Suivant les conseils en ligne, j'ai installé Avira Antivir Personnal, PC Tools Firewall et Malwarebytes' antymalwares
Depuis 2 semaines, il réagit de nouveau bizarrement : le lancement de certaines applications est très très lent !!! , d'autres s'ouvrent plusieurs fois en même temps, les fenêtres se figent également parfois, la connection Internet est également lente.
J'ai vérifié le lancement automatique du service DNS = OK
J'ai scanné le PC avec l'antivirus Avira = OK
J'ai aussi vérifié avec Malwarebytes = OK
Aprés plusieurs tests en ligne pour chevaux de troie = OK
La plupart des programmes ainsi que internet explorer se lancent très très lentement

Voici le rapport de Malwarebytes' antymalwares :

Malwarebytes' Anti-Malware 1.44
Version de la base de données: 3734
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

14/02/2010 09:33:22
mbam-log-2010-02-14 (09-33-22).txt

Type de recherche: Examen rapide
Eléments examinés: 115136
Temps écoulé: 7 minute(s), 35 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
(Aucun élément nuisible détecté)

Je transmet également les fichiers Extras et OTL dans 2 posts distincts qui suivent.

Je demande l'avis et l'aide d'un expert pour m'aider à rétablir le bon fonctionnement du PC.
Merçi à tous pour ces bonnes volontés !!!

Cordialement,

Lilou33
lm33980
 
Messages: 11
Inscription: 13 Déc 2009, 10:34

Rapport détaillé du fichier Extra.txt

Messagede lm33980 » 14 Fév 2010, 10:57

Bonjour,

Comme convenu, voici le rapport détaillé du fichier Extra.txt

OTL Extras logfile created on: 14/02/2010 09:48:38 - Run 1
OTL by OldTimer - Version 3.1.28.0 Folder = C:\Documents and Settings\lilou\Bureau
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

767,00 Mb Total Physical Memory | 383,00 Mb Available Physical Memory | 50,00% Memory free
2,00 Gb Paging File | 1,00 Gb Available in Paging File | 79,00% Paging File free
Paging file location(s): C:\pagefile.sys 1152 2304 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 25,29 Gb Total Space | 11,15 Gb Free Space | 44,08% Space Free | Partition Type: NTFS
Drive D: | 19,87 Gb Total Space | 3,40 Gb Free Space | 17,10% Space Free | Partition Type: NTFS
Drive E: | 29,37 Gb Total Space | 10,92 Gb Free Space | 37,16% Space Free | Partition Type: NTFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: POWERNET
Current User Name: lilou
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" /p %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\EmuleEx\emsoft.exe" = C:\Program Files\EmuleEx\emsoft.exe:*:Enabled:eMule 1.2e -- (http://emuleplus.info)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\eMule\emule.exe" = C:\Program Files\eMule\emule.exe:*:Enabled:eMule -- (http://www.emule-project.net)
"C:\Program Files\IncrediMail\bin\ImApp.exe" = C:\Program Files\IncrediMail\bin\ImApp.exe:*:Enabled:IncrediMail -- (IncrediMail, Ltd.)
"C:\Program Files\IncrediMail\bin\IncMail.exe" = C:\Program Files\IncrediMail\bin\IncMail.exe:*:Enabled:IncrediMail -- (IncrediMail, Ltd.)
"C:\Program Files\IncrediMail\bin\ImpCnt.exe" = C:\Program Files\IncrediMail\bin\ImpCnt.exe:*:Enabled:IncrediMail -- (IncrediMail, Ltd.)
"C:\Program Files\Magentic\bin\MgImp.exe" = C:\Program Files\Magentic\bin\MgImp.exe:*:Enabled:Magentic -- File not found
"C:\Program Files\Magentic\bin\Magentic.exe" = C:\Program Files\Magentic\bin\Magentic.exe:*:Enabled:Magentic -- File not found
"C:\Program Files\Magentic\bin\MgApp.exe" = C:\Program Files\Magentic\bin\MgApp.exe:*:Enabled:Magentic -- File not found
"E:\LimeWire\LimeWire.exe" = E:\LimeWire\LimeWire.exe:*:Enabled:LimeWire -- (Lime Wire, LLC)
"C:\Program Files\IncrediMail\bin\ImLc.exe" = C:\Program Files\IncrediMail\bin\ImLc.exe:*:Enabled:IncrediMail -- (IncrediMail, Ltd.)
"C:\Program Files\Internet Explorer\iexplore.exe" = C:\Program Files\Internet Explorer\iexplore.exe:*:Enabled:Internet Explorer -- (Microsoft Corporation)
"C:\Program Files\EmuleEx\emsoft.exe" = C:\Program Files\EmuleEx\emsoft.exe:*:Enabled:eMule 1.2e -- (http://emuleplus.info)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{0B568EF0-5280-4E27-BE21-74D15F0BD8AF}" = Samsung PC Studio 3
"{0FA44E79-CD7D-4E8D-A2EE-26FE05F509B6}" = OpenOffice.org 3.1
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP490_series" = Canon MP490 series MP Drivers
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83216018FF}" = Java(TM) 6 Update 18
"{350C940c-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{366FFC89-C800-4366-B903-B9C4314109A5}" = Garmin WebUpdater
"{3921A67A-5AB1-4E48-9444-C71814CF3027}" = VCRedistSetup
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{66C043F4-56F0-440F-BC5E-149666045A55}" = Neodivx
"{6BE2A4A4-99FB-48ED-AE1E-4E850389F804}" = PartitionMagic
"{6DF73AC4-83DD-4B07-9E70-659950E5909D}" = DC5
"{6F9C0903-4311-4619-7B30-F1E19CF11036}" = Nero 7 Demo
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{766273C1-A39B-47EB-ACE8-DEBDD8094BCC}" = overland
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}" = TomTom HOME Visual Studio Merge Modules
"{9011040C-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90120000-0020-040C-0000-0000000FF1CE}" = Module de compatibilité pour Microsoft Office System 2007
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A394342-4A68-4EBA-85A6-55B559F4E700}" = Microsoft .NET Framework 1.1 French Language Pack
"{A0ACD7D7-E79D-4593-BBF8-65D17889FA25}" = ArcSoft VideoImpression 1.6
"{A10F672B-01C4-498F-ADBD-3E5B144284B7}_is1" = Tomtomax Maxi-Box V2.0.19
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{AC76BA86-7AD7-1036-7B44-A93000000001}" = Adobe Reader 9.3 - Français
"{BB6D4A78-4BDB-4FBD-81CB-00DC2FC2BF41}" = Seagate Manager Installer
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C4A4722E-79F9-417C-BD72-8D359A090C97}" = Samsung PC Studio 3
"{C4EE60C6-515F-4BAE-AB76-2D54DBC0875D}" = Trust WB-1200p Mini Webcam
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D642E38E-0D24-486C-9A2D-E316DD696F4B}" = Microsoft XML Parser
"{D9DA2DF6-8CB6-4E3C-A29E-FAECFBA3E9A7}" = Garmin POI Loader
"{E9F81423-211E-46B6-9AE0-38568BC5CF6F}" =
"{EBA29752-DDD2-4B62-B2E3-9841F92A3E3A}" = Samsung PC Studio 3 USB Driver Installer
"{EC25B803-4BDB-47F7-B877-FCE7D7966C0F}" = Visual C++ CRT 9.0 SP1
"6194C28A8F62DD817EA1B918E6E46E806A21B452" = Package de pilotes Windows - MobileTop (sshpmdm) Modem (02/23/2007 2.5.0.0)
"65B6FE5418CE28F4D72543FB2D964C3CEC83F161" = Package de pilotes Windows - MobileTop (sshpusb) USB (02/23/2007 2.5.0.0)
"Adobe Flash Player ActiveX" = Adobe Flash Player ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"CanonMyPrinter" = Canon Utilities My Printer
"CanonSolutionMenu" = Canon Utilities Solution Menu
"CCleaner" = CCleaner (remove only)
"Chess Openings Wizard - Lite_is1" = Chess Openings Wizard - Lite build 26
"ChessOpeningsWizardExpress_is1" = Chess Openings Wizard - Express build 43
"C-Media Audio" = C-Media 3D Audio
"Compel install Adaptec WinASPI-4.6.0(1021)_is1" = Compel Adaptec WinASPI
"dBpowerAMP Music Converter" = dBpowerAMP Music Converter
"Driver Genius Professional Edition_is1" = Driver Genius Professional Edition
"DVD Shrink_is1" = DVD Shrink 3.2
"Easy-PhotoPrint EX" = Canon Utilities Easy-PhotoPrint EX
"Easy-WebPrint EX" = Canon Easy-WebPrint EX
"eMule" = eMule
"Enregistrement utilisateur de Canon MP490 series" = Enregistrement utilisateur de Canon MP490 series
"ERUNT_is1" = ERUNT 1.1j
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"IncrediMail" = IncrediMail
"InstallShield_{6BE2A4A4-99FB-48ED-AE1E-4E850389F804}" = PowerQuest PartitionMagic 8.0
"InstallShield_{BB6D4A78-4BDB-4FBD-81CB-00DC2FC2BF41}" = Seagate Manager Installer
"InstallShield_{C4EE60C6-515F-4BAE-AB76-2D54DBC0875D}" = Trust WB-1200p Mini Webcam
"Internet Scrabble Club_is1" = WordBiz version 1.8
"LimeWire" = LimeWire 5.1.3
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Micromega Software EasyScan" = Micromega Software System EasyScan
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Money2005b" = Microsoft Money
"MP Navigator EX 3.0" = Canon MP Navigator EX 3.0
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"NVIDIA Drivers" = NVIDIA Drivers
"PC Tools Firewall Plus" = PC Tools Firewall Plus 6.0
"Picasa 3" = Picasa 3
"Registry Booster_is1" = Uniblue Registry Booster
"SAMSUNG Mobile Composite Device" = SAMSUNG Mobile Composite Device Software
"SAMSUNG Mobile Modem" = SAMSUNG Mobile Modem Driver Set
"Samsung Mobile phone USB driver" = Samsung Mobile phone USB driver Software
"SAMSUNG Mobile USB Modem" = SAMSUNG Mobile USB Modem Software
"SAMSUNG Mobile USB Modem 1.0" = SAMSUNG Mobile USB Modem 1.0 Software
"Scrapbooking_is1" = Scrapbooking
"SiS7012" = SiS Audio Driver
"SiSLan" = SiS 900 PCI Fast Ethernet Adapter Driver
"Smart PC Professional_is1" = Smart PC Professional 4.2
"TomTom HOME" = TomTom HOME 2.7.3.1894
"Trend Micro HouseCall 6.6" = HouseCall 6.6
"VLC media player" = VideoLAN VLC media player 0.8.6c
"Winamp" = Winamp (remove only)
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Lecteur Windows Media 11
"Windows XP Service" = Windows XP Service Pack 3
"WinRAR archiver" = WinRAR archiver
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"Yahoo! Companion" = Yahoo! Toolbar avec bloqueur de fenêtres pop-up
"YInstHelper" = Yahoo! Install Manager

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 11/02/2010 01:05:10 | Computer Name = POWERNET | Source = Application Hang | ID = 1002
Description = Application bloquée explorer.exe, version 6.0.2900.5512, module bloqué
hungapp, version 0.0.0.0, adresse de blocage 0x00000000.

Error - 11/02/2010 01:05:14 | Computer Name = POWERNET | Source = Application Hang | ID = 1002
Description = Application bloquée explorer.exe, version 6.0.2900.5512, module bloqué
hungapp, version 0.0.0.0, adresse de blocage 0x00000000.

Error - 11/02/2010 01:05:24 | Computer Name = POWERNET | Source = Application Hang | ID = 1002
Description = Application bloquée explorer.exe, version 6.0.2900.5512, module bloqué
hungapp, version 0.0.0.0, adresse de blocage 0x00000000.

Error - 12/02/2010 01:33:03 | Computer Name = POWERNET | Source = Application Hang | ID = 1002
Description = Application bloquée ccleaner.exe, version 1.38.0.485, module bloqué
hungapp, version 0.0.0.0, adresse de blocage 0x00000000.

Error - 12/02/2010 02:03:46 | Computer Name = POWERNET | Source = Application Hang | ID = 1002
Description = Application bloquée iexplore.exe, version 8.0.6001.18702, module bloqué
hungapp, version 0.0.0.0, adresse de blocage 0x00000000.

Error - 13/02/2010 08:38:25 | Computer Name = POWERNET | Source = Application Hang | ID = 1002
Description = Application bloquée ccleaner.exe, version 1.38.0.485, module bloqué
hungapp, version 0.0.0.0, adresse de blocage 0x00000000.

Error - 13/02/2010 08:38:27 | Computer Name = POWERNET | Source = Application Hang | ID = 1002
Description = Application bloquée ccleaner.exe, version 1.38.0.485, module bloqué
hungapp, version 0.0.0.0, adresse de blocage 0x00000000.

Error - 13/02/2010 09:40:04 | Computer Name = POWERNET | Source = Application Hang | ID = 1002
Description = Application bloquée iexplore.exe, version 8.0.6001.18702, module bloqué
hungapp, version 0.0.0.0, adresse de blocage 0x00000000.

Error - 14/02/2010 03:30:17 | Computer Name = POWERNET | Source = Application Hang | ID = 1002
Description = Application bloquée explorer.exe, version 6.0.2900.5512, module bloqué
hungapp, version 0.0.0.0, adresse de blocage 0x00000000.

Error - 14/02/2010 03:30:18 | Computer Name = POWERNET | Source = Application Hang | ID = 1002
Description = Application bloquée explorer.exe, version 6.0.2900.5512, module bloqué
hungapp, version 0.0.0.0, adresse de blocage 0x00000000.

[ System Events ]
Error - 14/02/2010 04:49:01 | Computer Name = POWERNET | Source = Cdrom | ID = 262151
Description = Le périphérique \Device\CdRom0 comporte un bloc défectueux.

Error - 14/02/2010 04:49:09 | Computer Name = POWERNET | Source = Cdrom | ID = 262151
Description = Le périphérique \Device\CdRom0 comporte un bloc défectueux.

Error - 14/02/2010 04:49:16 | Computer Name = POWERNET | Source = Cdrom | ID = 262151
Description = Le périphérique \Device\CdRom0 comporte un bloc défectueux.

Error - 14/02/2010 04:49:24 | Computer Name = POWERNET | Source = Cdrom | ID = 262151
Description = Le périphérique \Device\CdRom0 comporte un bloc défectueux.

Error - 14/02/2010 04:49:32 | Computer Name = POWERNET | Source = Cdrom | ID = 262151
Description = Le périphérique \Device\CdRom0 comporte un bloc défectueux.

Error - 14/02/2010 04:49:39 | Computer Name = POWERNET | Source = Cdrom | ID = 262151
Description = Le périphérique \Device\CdRom0 comporte un bloc défectueux.

Error - 14/02/2010 04:49:47 | Computer Name = POWERNET | Source = Cdrom | ID = 262151
Description = Le périphérique \Device\CdRom0 comporte un bloc défectueux.

Error - 14/02/2010 04:49:54 | Computer Name = POWERNET | Source = Cdrom | ID = 262151
Description = Le périphérique \Device\CdRom0 comporte un bloc défectueux.

Error - 14/02/2010 04:50:02 | Computer Name = POWERNET | Source = Cdrom | ID = 262151
Description = Le périphérique \Device\CdRom0 comporte un bloc défectueux.

Error - 14/02/2010 04:50:10 | Computer Name = POWERNET | Source = Cdrom | ID = 262151
Description = Le périphérique \Device\CdRom0 comporte un bloc défectueux.


<End>

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" /p %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\EmuleEx\emsoft.exe" = C:\Program Files\EmuleEx\emsoft.exe:*:Enabled:eMule 1.2e -- (http://emuleplus.info)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\eMule\emule.exe" = C:\Program Files\eMule\emule.exe:*:Enabled:eMule -- (http://www.emule-project.net)
"C:\Program Files\IncrediMail\bin\ImApp.exe" = C:\Program Files\IncrediMail\bin\ImApp.exe:*:Enabled:IncrediMail -- (IncrediMail, Ltd.)
"C:\Program Files\IncrediMail\bin\IncMail.exe" = C:\Program Files\IncrediMail\bin\IncMail.exe:*:Enabled:IncrediMail -- (IncrediMail, Ltd.)
"C:\Program Files\IncrediMail\bin\ImpCnt.exe" = C:\Program Files\IncrediMail\bin\ImpCnt.exe:*:Enabled:IncrediMail -- (IncrediMail, Ltd.)
"C:\Program Files\Magentic\bin\MgImp.exe" = C:\Program Files\Magentic\bin\MgImp.exe:*:Enabled:Magentic -- File not found
"C:\Program Files\Magentic\bin\Magentic.exe" = C:\Program Files\Magentic\bin\Magentic.exe:*:Enabled:Magentic -- File not found
"C:\Program Files\Magentic\bin\MgApp.exe" = C:\Program Files\Magentic\bin\MgApp.exe:*:Enabled:Magentic -- File not found
"E:\LimeWire\LimeWire.exe" = E:\LimeWire\LimeWire.exe:*:Enabled:LimeWire -- (Lime Wire, LLC)
"C:\Program Files\IncrediMail\bin\ImLc.exe" = C:\Program Files\IncrediMail\bin\ImLc.exe:*:Enabled:IncrediMail -- (IncrediMail, Ltd.)
"C:\Program Files\Internet Explorer\iexplore.exe" = C:\Program Files\Internet Explorer\iexplore.exe:*:Enabled:Internet Explorer -- (Microsoft Corporation)
"C:\Program Files\EmuleEx\emsoft.exe" = C:\Program Files\EmuleEx\emsoft.exe:*:Enabled:eMule 1.2e -- (http://emuleplus.info)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{0B568EF0-5280-4E27-BE21-74D15F0BD8AF}" = Samsung PC Studio 3
"{0FA44E79-CD7D-4E8D-A2EE-26FE05F509B6}" = OpenOffice.org 3.1
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP490_series" = Canon MP490 series MP Drivers
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83216018FF}" = Java(TM) 6 Update 18
"{350C940c-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{366FFC89-C800-4366-B903-B9C4314109A5}" = Garmin WebUpdater
"{3921A67A-5AB1-4E48-9444-C71814CF3027}" = VCRedistSetup
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{66C043F4-56F0-440F-BC5E-149666045A55}" = Neodivx
"{6BE2A4A4-99FB-48ED-AE1E-4E850389F804}" = PartitionMagic
"{6DF73AC4-83DD-4B07-9E70-659950E5909D}" = DC5
"{6F9C0903-4311-4619-7B30-F1E19CF11036}" = Nero 7 Demo
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{766273C1-A39B-47EB-ACE8-DEBDD8094BCC}" = overland
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}" = TomTom HOME Visual Studio Merge Modules
"{9011040C-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90120000-0020-040C-0000-0000000FF1CE}" = Module de compatibilité pour Microsoft Office System 2007
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A394342-4A68-4EBA-85A6-55B559F4E700}" = Microsoft .NET Framework 1.1 French Language Pack
"{A0ACD7D7-E79D-4593-BBF8-65D17889FA25}" = ArcSoft VideoImpression 1.6
"{A10F672B-01C4-498F-ADBD-3E5B144284B7}_is1" = Tomtomax Maxi-Box V2.0.19
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{AC76BA86-7AD7-1036-7B44-A93000000001}" = Adobe Reader 9.3 - Français
"{BB6D4A78-4BDB-4FBD-81CB-00DC2FC2BF41}" = Seagate Manager Installer
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C4A4722E-79F9-417C-BD72-8D359A090C97}" = Samsung PC Studio 3
"{C4EE60C6-515F-4BAE-AB76-2D54DBC0875D}" = Trust WB-1200p Mini Webcam
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D642E38E-0D24-486C-9A2D-E316DD696F4B}" = Microsoft XML Parser
"{D9DA2DF6-8CB6-4E3C-A29E-FAECFBA3E9A7}" = Garmin POI Loader
"{E9F81423-211E-46B6-9AE0-38568BC5CF6F}" =
"{EBA29752-DDD2-4B62-B2E3-9841F92A3E3A}" = Samsung PC Studio 3 USB Driver Installer
"{EC25B803-4BDB-47F7-B877-FCE7D7966C0F}" = Visual C++ CRT 9.0 SP1
"6194C28A8F62DD817EA1B918E6E46E806A21B452" = Package de pilotes Windows - MobileTop (sshpmdm) Modem (02/23/2007 2.5.0.0)
"65B6FE5418CE28F4D72543FB2D964C3CEC83F161" = Package de pilotes Windows - MobileTop (sshpusb) USB (02/23/2007 2.5.0.0)
"Adobe Flash Player ActiveX" = Adobe Flash Player ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"CanonMyPrinter" = Canon Utilities My Printer
"CanonSolutionMenu" = Canon Utilities Solution Menu
"CCleaner" = CCleaner (remove only)
"Chess Openings Wizard - Lite_is1" = Chess Openings Wizard - Lite build 26
"ChessOpeningsWizardExpress_is1" = Chess Openings Wizard - Express build 43
"C-Media Audio" = C-Media 3D Audio
"Compel install Adaptec WinASPI-4.6.0(1021)_is1" = Compel Adaptec WinASPI
"dBpowerAMP Music Converter" = dBpowerAMP Music Converter
"Driver Genius Professional Edition_is1" = Driver Genius Professional Edition
"DVD Shrink_is1" = DVD Shrink 3.2
"Easy-PhotoPrint EX" = Canon Utilities Easy-PhotoPrint EX
"Easy-WebPrint EX" = Canon Easy-WebPrint EX
"eMule" = eMule
"Enregistrement utilisateur de Canon MP490 series" = Enregistrement utilisateur de Canon MP490 series
"ERUNT_is1" = ERUNT 1.1j
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"IncrediMail" = IncrediMail
"InstallShield_{6BE2A4A4-99FB-48ED-AE1E-4E850389F804}" = PowerQuest PartitionMagic 8.0
"InstallShield_{BB6D4A78-4BDB-4FBD-81CB-00DC2FC2BF41}" = Seagate Manager Installer
"InstallShield_{C4EE60C6-515F-4BAE-AB76-2D54DBC0875D}" = Trust WB-1200p Mini Webcam
"Internet Scrabble Club_is1" = WordBiz version 1.8
"LimeWire" = LimeWire 5.1.3
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Micromega Software EasyScan" = Micromega Software System EasyScan
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Money2005b" = Microsoft Money
"MP Navigator EX 3.0" = Canon MP Navigator EX 3.0
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"NVIDIA Drivers" = NVIDIA Drivers
"PC Tools Firewall Plus" = PC Tools Firewall Plus 6.0
"Picasa 3" = Picasa 3
"Registry Booster_is1" = Uniblue Registry Booster
"SAMSUNG Mobile Composite Device" = SAMSUNG Mobile Composite Device Software
"SAMSUNG Mobile Modem" = SAMSUNG Mobile Modem Driver Set
"Samsung Mobile phone USB driver" = Samsung Mobile phone USB driver Software
"SAMSUNG Mobile USB Modem" = SAMSUNG Mobile USB Modem Software
"SAMSUNG Mobile USB Modem 1.0" = SAMSUNG Mobile USB Modem 1.0 Software
"Scrapbooking_is1" = Scrapbooking
"SiS7012" = SiS Audio Driver
"SiSLan" = SiS 900 PCI Fast Ethernet Adapter Driver
"Smart PC Professional_is1" = Smart PC Professional 4.2
"TomTom HOME" = TomTom HOME 2.7.3.1894
"Trend Micro HouseCall 6.6" = HouseCall 6.6
"VLC media player" = VideoLAN VLC media player 0.8.6c
"Winamp" = Winamp (remove only)
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Lecteur Windows Media 11
"Windows XP Service" = Windows XP Service Pack 3
"WinRAR archiver" = WinRAR archiver
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"Yahoo! Companion" = Yahoo! Toolbar avec bloqueur de fenêtres pop-up
"YInstHelper" = Yahoo! Install Manager

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 11/02/2010 01:05:10 | Computer Name = POWERNET | Source = Application Hang | ID = 1002
Description = Application bloquée explorer.exe, version 6.0.2900.5512, module bloqué
hungapp, version 0.0.0.0, adresse de blocage 0x00000000.

Error - 11/02/2010 01:05:14 | Computer Name = POWERNET | Source = Application Hang | ID = 1002
Description = Application bloquée explorer.exe, version 6.0.2900.5512, module bloqué
hungapp, version 0.0.0.0, adresse de blocage 0x00000000.

Error - 11/02/2010 01:05:24 | Computer Name = POWERNET | Source = Application Hang | ID = 1002
Description = Application bloquée explorer.exe, version 6.0.2900.5512, module bloqué
hungapp, version 0.0.0.0, adresse de blocage 0x00000000.

Error - 12/02/2010 01:33:03 | Computer Name = POWERNET | Source = Application Hang | ID = 1002
Description = Application bloquée ccleaner.exe, version 1.38.0.485, module bloqué
hungapp, version 0.0.0.0, adresse de blocage 0x00000000.

Error - 12/02/2010 02:03:46 | Computer Name = POWERNET | Source = Application Hang | ID = 1002
Description = Application bloquée iexplore.exe, version 8.0.6001.18702, module bloqué
hungapp, version 0.0.0.0, adresse de blocage 0x00000000.

Error - 13/02/2010 08:38:25 | Computer Name = POWERNET | Source = Application Hang | ID = 1002
Description = Application bloquée ccleaner.exe, version 1.38.0.485, module bloqué
hungapp, version 0.0.0.0, adresse de blocage 0x00000000.

Error - 13/02/2010 08:38:27 | Computer Name = POWERNET | Source = Application Hang | ID = 1002
Description = Application bloquée ccleaner.exe, version 1.38.0.485, module bloqué
hungapp, version 0.0.0.0, adresse de blocage 0x00000000.

Error - 13/02/2010 09:40:04 | Computer Name = POWERNET | Source = Application Hang | ID = 1002
Description = Application bloquée iexplore.exe, version 8.0.6001.18702, module bloqué
hungapp, version 0.0.0.0, adresse de blocage 0x00000000.

Error - 14/02/2010 03:30:17 | Computer Name = POWERNET | Source = Application Hang | ID = 1002
Description = Application bloquée explorer.exe, version 6.0.2900.5512, module bloqué
hungapp, version 0.0.0.0, adresse de blocage 0x00000000.

Error - 14/02/2010 03:30:18 | Computer Name = POWERNET | Source = Application Hang | ID = 1002
Description = Application bloquée explorer.exe, version 6.0.2900.5512, module bloqué
hungapp, version 0.0.0.0, adresse de blocage 0x00000000.

[ System Events ]
Error - 14/02/2010 04:49:01 | Computer Name = POWERNET | Source = Cdrom | ID = 262151
Description = Le périphérique \Device\CdRom0 comporte un bloc défectueux.

Error - 14/02/2010 04:49:09 | Computer Name = POWERNET | Source = Cdrom | ID = 262151
Description = Le périphérique \Device\CdRom0 comporte un bloc défectueux.

Error - 14/02/2010 04:49:16 | Computer Name = POWERNET | Source = Cdrom | ID = 262151
Description = Le périphérique \Device\CdRom0 comporte un bloc défectueux.

Error - 14/02/2010 04:49:24 | Computer Name = POWERNET | Source = Cdrom | ID = 262151
Description = Le périphérique \Device\CdRom0 comporte un bloc défectueux.

Error - 14/02/2010 04:49:32 | Computer Name = POWERNET | Source = Cdrom | ID = 262151
Description = Le périphérique \Device\CdRom0 comporte un bloc défectueux.

Error - 14/02/2010 04:49:39 | Computer Name = POWERNET | Source = Cdrom | ID = 262151
Description = Le périphérique \Device\CdRom0 comporte un bloc défectueux.

Error - 14/02/2010 04:49:47 | Computer Name = POWERNET | Source = Cdrom | ID = 262151
Description = Le périphérique \Device\CdRom0 comporte un bloc défectueux.

Error - 14/02/2010 04:49:54 | Computer Name = POWERNET | Source = Cdrom | ID = 262151
Description = Le périphérique \Device\CdRom0 comporte un bloc défectueux.

Error - 14/02/2010 04:50:02 | Computer Name = POWERNET | Source = Cdrom | ID = 262151
Description = Le périphérique \Device\CdRom0 comporte un bloc défectueux.

Error - 14/02/2010 04:50:10 | Computer Name = POWERNET | Source = Cdrom | ID = 262151
Description = Le périphérique \Device\CdRom0 comporte un bloc défectueux.


<End>

Cordialement,

lilou33
lm33980
 
Messages: 11
Inscription: 13 Déc 2009, 10:34

Rapport détaillé du fichier Log.txt

Messagede lm33980 » 14 Fév 2010, 11:02

Bonjour,

Voici la dernière partie contenant le fichier LOG.txt :

OTL logfile created on: 14/02/2010 09:47:45 - Run 1
OTL by OldTimer - Version 3.1.28.0 Folder = C:\Documents and Settings\lilou\Bureau
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

767,00 Mb Total Physical Memory | 383,00 Mb Available Physical Memory | 50,00% Memory free
2,00 Gb Paging File | 1,00 Gb Available in Paging File | 79,00% Paging File free
Paging file location(s): C:\pagefile.sys 1152 2304 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 25,29 Gb Total Space | 11,15 Gb Free Space | 44,08% Space Free | Partition Type: NTFS
Drive D: | 19,87 Gb Total Space | 3,40 Gb Free Space | 17,10% Space Free | Partition Type: NTFS
Drive E: | 29,37 Gb Total Space | 10,92 Gb Free Space | 37,16% Space Free | Partition Type: NTFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: POWERNET
Current User Name: lilou
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2010/02/14 09:38:33 | 000,549,376 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\lilou\Bureau\OTL.exe
PRC - [2010/02/13 09:12:13 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe
PRC - [2010/01/19 06:11:44 | 003,168,216 | ---- | M] (PC Tools) -- C:\Program Files\PC Tools Firewall Plus\FirewallGUI.exe
PRC - [2010/01/11 15:21:52 | 000,246,504 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe
PRC - [2009/11/13 12:31:14 | 000,092,008 | ---- | M] (TomTom) -- C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
PRC - [2009/11/09 11:20:14 | 000,818,432 | ---- | M] (PC Tools) -- C:\Program Files\PC Tools Firewall Plus\FWService.exe
PRC - [2009/07/21 13:33:58 | 000,185,089 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2009/05/13 15:47:40 | 000,108,289 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2009/03/27 15:54:06 | 000,165,160 | ---- | M] (Seagate Technology LLC) -- C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe
PRC - [2009/03/23 18:00:00 | 001,983,816 | ---- | M] (CANON INC.) -- C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
PRC - [2009/03/08 13:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Internet Explorer\iexplore.exe
PRC - [2009/03/02 12:08:11 | 000,209,153 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2009/01/27 13:10:06 | 000,189,824 | ---- | M] (IncrediMail, Ltd.) -- C:\Program Files\IncrediMail\bin\ImApp.exe
PRC - [2008/09/13 06:12:42 | 000,039,408 | ---- | M] (Google Inc.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
PRC - [2008/05/16 14:01:00 | 000,159,812 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvsvc32.exe
PRC - [2008/04/14 03:34:03 | 001,037,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2005/01/14 09:32:38 | 000,053,248 | ---- | M] () -- C:\WINDOWS\system32\PAStiSvc.exe


========== Modules (SafeList) ==========

MOD - [2010/02/14 09:38:33 | 000,549,376 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\lilou\Bureau\OTL.exe
MOD - [2008/06/03 09:47:06 | 000,138,216 | ---- | M] (Babylon Ltd.) -- C:\Program Files\IncrediMail\bin\B4ImApp.dll
MOD - [2008/04/14 03:33:28 | 000,019,968 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\linkinfo.dll
MOD - [2006/05/03 21:53:54 | 000,174,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\framedyn.dll


========== Win32 Services (SafeList) ==========

SRV - [2010/02/13 09:12:13 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) [Auto | Running] -- C:\Program Files\Java\jre6\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2009/11/13 12:31:14 | 000,092,008 | ---- | M] (TomTom) [Auto | Running] -- C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe -- (TomTomHOMEService)
SRV - [2009/11/09 11:20:14 | 000,818,432 | ---- | M] (PC Tools) [Auto | Running] -- C:\Program Files\PC Tools Firewall Plus\FWService.exe -- (PCToolsFirewallPlus)
SRV - [2009/07/21 13:33:58 | 000,185,089 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2009/05/13 15:47:40 | 000,108,289 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2009/05/01 14:38:09 | 000,182,768 | ---- | M] (Google) [On_Demand | Stopped] -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc)
SRV - [2009/03/27 15:54:06 | 000,165,160 | ---- | M] (Seagate Technology LLC) [Auto | Running] -- C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe -- (FreeAgentGoNext Service)
SRV - [2008/05/16 14:01:00 | 000,159,812 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\WINDOWS\system32\nvsvc32.exe -- (NVSvc)
SRV - [2005/01/14 09:32:38 | 000,053,248 | ---- | M] () [Auto | Running] -- C:\WINDOWS\system32\PAStiSvc.exe -- (STI Simulator)
SRV - [2004/01/05 10:44:28 | 000,065,795 | ---- | M] (HP) [On_Demand | Stopped] -- C:\WINDOWS\system32\hpzipm12.exe -- (Pml Driver HPZ12)
SRV - [2003/07/28 19:28:22 | 000,089,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE -- (ose)


========== Driver Services (SafeList) ==========

DRV - [2010/01/19 06:12:50 | 000,115,216 | ---- | M] (PC Tools) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pctplfw.sys -- (pctplfw)
DRV - [2010/01/19 06:12:49 | 000,070,664 | ---- | M] (PC Tools) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pctNdis-PacketFilter.sys -- (PCTFW-PacketFilter)
DRV - [2010/01/19 06:12:49 | 000,058,816 | ---- | M] (PC Tools) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pctNdis.sys -- (pctNDIS)
DRV - [2010/01/19 06:12:48 | 000,233,136 | ---- | M] (PC Tools) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\pctgntdi.sys -- (pctgntdi)
DRV - [2010/01/19 06:12:48 | 000,032,680 | ---- | M] (PC Tools) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pctNdis-DNS.sys -- (PCTFW-DNS)
DRV - [2009/11/25 11:19:02 | 000,056,816 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2009/11/23 13:54:20 | 000,088,040 | ---- | M] (PC Tools) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\PCTAppEvent.sys -- (PCTAppEvent)
DRV - [2009/06/03 20:26:54 | 000,005,632 | ---- | M] () [File_System | System | Running] -- C:\WINDOWS\system32\drivers\StarOpen.sys -- (StarOpen)
DRV - [2009/05/11 09:11:52 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2009/03/30 09:32:47 | 000,096,104 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)
DRV - [2009/02/13 11:34:33 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys -- (avgio)
DRV - [2008/11/20 20:19:06 | 000,043,872 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\PxHelp20.sys -- (PxHelp20)
DRV - [2008/08/17 18:15:16 | 000,000,000 | ---- | M] () [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\Ultra.dll -- (ultra)
DRV - [2008/05/16 14:01:00 | 006,557,408 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2008/04/13 19:45:29 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum)
DRV - [2008/04/13 19:45:12 | 000,060,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbaudio.sys -- (usbaudio) Pilote USB audio (WDM)
DRV - [2008/04/13 19:40:30 | 000,096,512 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\atapi.sys -- (atapi)
DRV - [2008/04/13 17:39:15 | 000,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\secdrv.sys -- (Secdrv)
DRV - [2008/02/22 14:33:02 | 000,114,304 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sscdmdm.sys -- (sscdmdm)
DRV - [2008/02/22 14:33:02 | 000,014,976 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sscdmdfl.sys -- (sscdmdfl)
DRV - [2008/02/22 14:33:00 | 000,087,936 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sscdbus.sys -- (sscdbus) SAMSUNG USB Composite Device driver (WDM)
DRV - [2007/05/02 10:12:36 | 000,109,704 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssm_mdm.sys -- (ssm_mdm)
DRV - [2007/05/02 10:12:36 | 000,015,112 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssm_mdfl.sys -- (ssm_mdfl)
DRV - [2007/05/02 10:12:34 | 000,083,592 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssm_bus.sys -- (ssm_bus) SAMSUNG Mobile USB Device II 1.0 driver (WDM)
DRV - [2005/02/24 12:29:14 | 000,162,176 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\PFC027.sys -- (PAC207)
DRV - [2004/11/03 14:14:26 | 000,267,136 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sis7012.sys -- (SiS7012) Service for AC'97 Sample Driver (WDM)
DRV - [2004/06/30 14:01:12 | 000,032,768 | ---- | M] (SiS Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sisnicxp.sys -- (SISNICXP)
DRV - [2004/04/30 09:37:02 | 000,160,640 | ---- | M] ( ) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\a347bus.sys -- (a347bus)
DRV - [2004/04/30 09:33:00 | 000,005,248 | ---- | M] ( ) [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\a347scsi.sys -- (a347scsi)
DRV - [2004/01/05 10:44:30 | 000,021,488 | R--- | M] (HP) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\HPZius12.sys -- (HPZius12)
DRV - [2004/01/05 10:44:30 | 000,016,496 | R--- | M] (HP) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\HPZipr12.sys -- (HPZipr12)
DRV - [2004/01/05 10:44:28 | 000,051,056 | R--- | M] (HP) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\hpzid412.sys -- (HPZid412)
DRV - [2003/10/17 04:52:06 | 000,754,560 | ---- | M] (C-Media Inc) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\cmuda.sys -- (cmuda)
DRV - [2003/03/25 17:50:46 | 000,004,096 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\siside.sys -- (SiSide)
DRV - [2002/09/16 18:07:24 | 000,004,228 | ---- | M] (PowerQuest Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\PQNTDRV.sys -- (PQNTDrv)
DRV - [2002/08/30 13:00:00 | 000,017,792 | ---- | M] (Parallel Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ptilink.sys -- (Ptilink)
DRV - [2002/07/10 16:39:34 | 000,032,256 | R--- | M] (SiS Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sisnic.sys -- (SISNIC)
DRV - [2001/08/17 21:56:16 | 000,007,552 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SONYPVU1.SYS -- (SONYPVU1) Pilote de filtrage Sony USB (SONYPVU1)
DRV - [1999/09/10 12:06:00 | 000,025,244 | ---- | M] (Adaptec) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\Aspi32.sys -- (Aspi32)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie


IE - HKU\.DEFAULT\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-20\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-854245398-1123561945-682003330-1004\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKU\S-1-5-21-854245398-1123561945-682003330-1004\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
IE - HKU\S-1-5-21-854245398-1123561945-682003330-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://mystart.incredimail.com/french/ [binary data]
IE - HKU\S-1-5-21-854245398-1123561945-682003330-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://mystart.magentic.com/
IE - HKU\S-1-5-21-854245398-1123561945-682003330-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore = http://isearch.babylon.com/home
IE - HKU\S-1-5-21-854245398-1123561945-682003330-1004\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKU\S-1-5-21-854245398-1123561945-682003330-1004\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
IE - HKU\S-1-5-21-854245398-1123561945-682003330-1004\S-1-5-21-854245398-1123561945-682003330-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "MyStart Rechercher"
FF - prefs.js..browser.search.selectedEngine: "MyStart"
FF - prefs.js..browser.startup.homepage: "http://www.mystart101.com/"
FF - prefs.js..keyword.URL: "http://mystart.magentic.com/?loc=FF_Magentic_AddressBar&search="


[2009/12/18 22:12:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\lilou\Application Data\Mozilla\Extensions
[2009/12/18 22:12:49 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\lilou\Application Data\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2009/12/25 18:54:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\lilou\Application Data\Mozilla\Extensions\home2@tomtom.com
[2009/06/15 12:01:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\lilou\Application Data\Mozilla\Extensions\mozswing@mozswing.org
[2009/10/27 08:29:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\lilou\Application Data\Mozilla\Firefox\Profiles\fnhlvknr.default\extensions
[2009/03/22 09:30:14 | 000,002,143 | ---- | M] () -- C:\Documents and Settings\lilou\Application Data\Mozilla\Firefox\Profiles\fnhlvknr.default\searchplugins\MyStart Search.xml
[2009/12/09 06:03:06 | 000,001,611 | ---- | M] () -- C:\Documents and Settings\lilou\Application Data\Mozilla\Firefox\Profiles\fnhlvknr.default\searchplugins\MyStart.xml
[2010/01/31 11:16:33 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions

O1 HOSTS File: ([2008/08/08 15:51:40 | 000,257,781 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.1001-search.info
O1 - Hosts: 127.0.0.1 1001-search.info
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.123topsearch.com
O1 - Hosts: 127.0.0.1 123topsearch.com
O1 - Hosts: 127.0.0.1 www.132.com
O1 - Hosts: 127.0.0.1 132.com
O1 - Hosts: 127.0.0.1 www.136136.net
O1 - Hosts: 127.0.0.1 136136.net
O1 - Hosts: 8958 more lines...
O2 - BHO: (Yahoo! Toolbar Helper) - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (Canon Easy-WebPrint EX BHO) - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
O2 - BHO: (no name) - {64F56FC1-1272-44CD-BA6E-39723696E350} - No CLSID value found.
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll (Google Inc.)
O2 - BHO: (Google Dictionary Compression sdch) - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll (Google Inc.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar avec bloqueur de fenêtres pop-up) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKU\S-1-5-21-854245398-1123561945-682003330-1004\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll (Google Inc.)
O3 - HKU\S-1-5-21-854245398-1123561945-682003330-1004\..\Toolbar\WebBrowser: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O3 - HKU\S-1-5-21-854245398-1123561945-682003330-1004\..\Toolbar\WebBrowser: (Yahoo! Toolbar avec bloqueur de fenêtres pop-up) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O4 - HKLM..\Run: [00PCTFW] C:\Program Files\PC Tools Firewall Plus\FirewallGUI.exe (PC Tools)
O4 - HKLM..\Run: [Adobe ARM] C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4 - HKLM..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe (CANON INC.)
O4 - HKLM..\Run: [Cmaudio] File not found
O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
O4 - HKU\S-1-5-21-854245398-1123561945-682003330-1004..\Run: [ccleaner] C:\Program Files\CCleaner\ccleaner.exe (Piriform Ltd)
O4 - HKU\S-1-5-21-854245398-1123561945-682003330-1004..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - Startup: C:\Documents and Settings\lilou\Menu Démarrer\Programmes\Démarrage\ERUNT AutoBackup.lnk = C:\Program Files\ERUNT\AUTOBACK.EXE ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19_Classes\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20_Classes\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-21-854245398-1123561945-682003330-1004\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-21-854245398-1123561945-682003330-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = FF 00 00 00 [binary data]
O7 - HKU\S-1-5-21-854245398-1123561945-682003330-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0
O7 - HKU\S-1-5-21-854245398-1123561945-682003330-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispCPL = 0
O7 - HKU\S-1-5-21-854245398-1123561945-682003330-1004_Classes\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O15 - HKLM\..Trusted Domains: 43 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKU\.DEFAULT\..Trusted Domains: 42 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKU\S-1-5-18\..Trusted Domains: 42 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKU\S-1-5-21-854245398-1123561945-682003330-1004\..Trusted Domains: 42 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} http://ushousecall02.trendmicro.com/hou ... hcImpl.cab (Trend Micro ActiveX Scan Agent 6.6)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\yinsthelper.dll (YInstStarter Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shoc ... wflash.cab (Shockwave Flash Object)
O16 - DPF: DirectAnimation Java Classes Reg Error: Value error. (Reg Error: Key error.)
O16 - DPF: Garmin Communicator Plug-In https://my.garmin.com/mygarmin/m/GarminAxControl.CAB (Reg Error: Key error.)
O16 - DPF: Microsoft XML Parser for Java Reg Error: Value error. (Reg Error: Key error.)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Fichiers communs\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\x-sdch {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll (Google Inc.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Ma page d'accueil) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\lilou\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\lilou\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008/08/07 19:22:23 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{06e2c4c8-f149-11de-85e8-001966697212}\Shell\AutoRun\command - "" = I:\InstallTomTomHOME.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - comfile [open] -- "%1" %*
O35 - exefile [open] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: Ias - C:\WINDOWS\system32\ias [2008/08/07 19:21:58 | 000,000,000 | ---D | M]
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: Wmi - C:\WINDOWS\system32\wmi.dll (Microsoft Corporation)
NetSvcs: WmdmPmSp - File not found

========== Files/Folders - Created Within 30 Days ==========

[2010/02/14 09:38:32 | 000,549,376 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\lilou\Bureau\OTL.exe
[2010/02/13 20:46:19 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2010/02/13 20:45:04 | 000,000,000 | ---D | C] -- C:\Program Files\ERUNT
[2010/02/13 10:22:17 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\lilou\Recent
[2010/02/13 09:25:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\F-Secure
[2010/02/13 09:13:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Sun
[2010/02/13 09:13:23 | 000,000,000 | ---D | C] -- C:\Program Files\Fichiers communs\Java
[2010/02/13 09:12:28 | 000,153,376 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2010/02/13 09:12:28 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2010/02/13 09:12:28 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2010/02/13 09:12:28 | 000,073,728 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl
[2010/02/08 18:28:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\UG
[2010/02/07 11:08:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\SxsCaPendDel
[2010/01/31 18:50:09 | 000,000,000 | ---D | C] -- C:\Program Files\Chess Opening Trainer
[2010/01/23 10:25:20 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Application Data\CanonIJEGV
[2010/01/23 10:05:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\lilou\Application Data\Canon
[2010/01/23 10:03:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\lilou\Bureau\Imprimantes
[2010/01/23 10:00:51 | 001,310,720 | ---- | C] (CANON INC.) -- C:\WINDOWS\System32\CNC490C.dll
[2010/01/23 10:00:51 | 000,303,104 | ---- | C] (CANON INC.) -- C:\WINDOWS\System32\CNC490L.dll
[2010/01/23 10:00:51 | 000,110,592 | ---- | C] (CANON INC.) -- C:\WINDOWS\System32\CNC490I.dll
[2010/01/23 10:00:51 | 000,106,496 | ---- | C] (CANON INC.) -- C:\WINDOWS\System32\CNC490U.dll
[2010/01/23 10:00:51 | 000,015,872 | ---- | C] (CANON INC.) -- C:\WINDOWS\System32\CNHMCA.dll
[2010/01/23 10:00:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\lilou\Application Data\Canon Easy-WebPrint EX
[2010/01/23 09:59:38 | 000,000,000 | ---D | C] -- C:\Program Files\Fichiers communs\CANON
[2010/01/23 09:57:20 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Application Data\CanonBJ
[2010/01/23 09:57:03 | 000,272,384 | ---- | C] (CANON INC.) -- C:\WINDOWS\System32\CNMLM9Y.DLL
[2010/01/23 09:56:38 | 000,000,000 | -H-D | C] -- C:\WINDOWS\System32\CanonIJ Uninstaller Information
[2010/01/23 09:56:31 | 000,090,112 | ---- | C] (Canon Inc.) -- C:\WINDOWS\System32\CNC490O.dll
[2010/01/23 09:56:28 | 000,178,176 | ---- | C] (CANON INC.) -- C:\WINDOWS\System32\CNMIU9Y.DLL
[2010/01/23 09:56:13 | 000,000,000 | -H-D | C] -- C:\Program Files\CanonBJ
[2010/01/23 09:54:01 | 000,000,000 | ---D | C] -- C:\Program Files\Canon
[2010/01/19 20:13:20 | 000,000,000 | ---D | C] -- C:\Program Files\Chess Position Trainer 3.2
[2009/12/19 12:57:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\Adobe
[2009/11/04 19:41:53 | 000,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Application Data\Microsoft
[2009/07/31 02:00:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft
[2009/02/01 22:54:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Google
[2008/12/25 20:28:51 | 000,160,640 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\a347bus.sys
[2008/12/25 20:28:51 | 000,005,248 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\a347scsi.sys
[2008/08/19 21:02:23 | 000,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Application Data\Microsoft
[2008/08/09 09:56:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft
[6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010/02/14 09:38:33 | 000,549,376 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\lilou\Bureau\OTL.exe
[2010/02/13 20:51:00 | 007,340,032 | -H-- | M] () -- C:\Documents and Settings\lilou\NTUSER.bak
[2010/02/13 20:49:33 | 007,213,056 | ---- | M] () -- C:\Documents and Settings\lilou\NTUSER.DAT
[2010/02/13 20:45:08 | 000,000,773 | ---- | M] () -- C:\Documents and Settings\lilou\Menu Démarrer\Programmes\Démarrage\ERUNT AutoBackup.lnk
[2010/02/13 13:36:53 | 000,089,004 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2010/02/13 13:33:34 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/02/13 13:33:29 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/02/13 13:30:27 | 000,000,184 | -HS- | M] () -- C:\Documents and Settings\lilou\ntuser.ini
[2010/02/13 10:38:48 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010/02/13 10:16:06 | 000,013,676 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/02/13 09:12:12 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deploytk.dll
[2010/02/13 09:12:12 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2010/02/13 09:12:12 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2010/02/13 09:12:12 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2010/02/13 09:12:12 | 000,073,728 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl
[2010/02/12 06:33:59 | 000,074,864 | ---- | M] () -- C:\Documents and Settings\lilou\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2010/02/12 06:23:35 | 000,290,088 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/02/08 18:28:12 | 000,004,608 | ---- | M] () -- C:\WINDOWS\System32\hmxpgoec.dll
[2010/02/08 18:28:12 | 000,001,018 | ---- | M] () -- C:\Documents and Settings\lilou\Bureau\Chess Openings Wizard.lnk
[2010/02/07 13:39:09 | 000,000,854 | ---- | M] () -- C:\WINDOWS\win.ini
[2010/02/07 11:54:39 | 000,002,573 | ---- | M] () -- C:\Documents and Settings\lilou\Bureau\Microsoft Office Word 2003.lnk
[2010/02/07 10:42:45 | 000,000,226 | ---- | M] () -- C:\WINDOWS\ChssBase.ini
[2010/02/05 21:21:23 | 000,001,735 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Adobe Reader 9.lnk
[2010/01/31 18:07:25 | 000,000,143 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2010/01/31 11:52:39 | 000,000,036 | ---- | M] () -- C:\Documents and Settings\lilou\Local Settings\Application Data\housecall.guid.cache
[2010/01/25 16:33:51 | 000,020,992 | ---- | M] () -- C:\Documents and Settings\lilou\Mes documents\Résiliation assurance scooter.doc
[2010/01/19 06:12:50 | 000,115,216 | ---- | M] (PC Tools) -- C:\WINDOWS\System32\drivers\pctplfw.sys
[2010/01/19 06:12:49 | 000,070,664 | ---- | M] (PC Tools) -- C:\WINDOWS\System32\drivers\pctNdis-PacketFilter.sys
[2010/01/19 06:12:49 | 000,058,816 | ---- | M] (PC Tools) -- C:\WINDOWS\System32\drivers\pctNdis.sys
[2010/01/19 06:12:48 | 000,233,136 | ---- | M] (PC Tools) -- C:\WINDOWS\System32\drivers\pctgntdi.sys
[2010/01/19 06:12:48 | 000,032,680 | ---- | M] (PC Tools) -- C:\WINDOWS\System32\drivers\pctNdis-DNS.sys
[6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/02/13 20:45:08 | 000,000,773 | ---- | C] () -- C:\Documents and Settings\lilou\Menu Démarrer\Programmes\Démarrage\ERUNT AutoBackup.lnk
[2010/02/13 10:29:33 | 000,001,374 | ---- | C] () -- C:\WINDOWS\imsins.BAK
[2010/02/08 18:28:12 | 000,004,608 | ---- | C] () -- C:\WINDOWS\System32\hmxpgoec.dll
[2010/02/08 18:28:12 | 000,001,018 | ---- | C] () -- C:\Documents and Settings\lilou\Bureau\Chess Openings Wizard.lnk
[2010/02/05 21:21:23 | 000,001,735 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Adobe Reader 9.lnk
[2010/01/31 11:52:39 | 000,000,036 | ---- | C] () -- C:\Documents and Settings\lilou\Local Settings\Application Data\housecall.guid.cache
[2010/01/25 16:33:51 | 000,020,992 | ---- | C] () -- C:\Documents and Settings\lilou\Mes documents\Résiliation assurance scooter.doc
[2010/01/23 10:00:51 | 000,012,544 | ---- | C] () -- C:\WINDOWS\System32\CNC173CD.TBL
[2009/06/03 20:28:04 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\LauncherAccess.dt
[2009/06/03 20:14:01 | 000,005,632 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys
[2009/03/26 14:48:14 | 000,000,151 | ---- | C] () -- C:\WINDOWS\PhotoSnapViewer.INI
[2009/02/22 18:14:56 | 000,389,120 | ---- | C] () -- C:\WINDOWS\System32\XVID.DLL
[2009/02/22 18:14:26 | 000,200,704 | ---- | C] () -- C:\WINDOWS\System32\avisynth.dll
[2009/02/22 18:14:26 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\MPEG2DEC.dll
[2009/02/22 18:14:26 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\Decomb.dll
[2008/12/25 21:08:58 | 000,000,143 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2008/12/11 19:04:20 | 000,000,478 | ---- | C] () -- C:\WINDOWS\videoimp.ini
[2008/12/11 19:04:12 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\vidx16.dll
[2008/12/11 19:03:55 | 000,000,021 | ---- | C] () -- C:\WINDOWS\VI_setup.ini
[2008/08/17 18:15:16 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\Ultra.dll
[2008/08/15 10:42:03 | 000,000,128 | ---- | C] () -- C:\Documents and Settings\lilou\Local Settings\Application Data\fusioncache.dat
[2008/08/12 05:29:39 | 000,044,032 | ---- | C] () -- C:\Documents and Settings\lilou\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/08/10 17:52:31 | 000,000,226 | ---- | C] () -- C:\WINDOWS\ChssBase.ini
[2008/08/09 12:25:18 | 000,000,092 | ---- | C] () -- C:\WINDOWS\CMISETUP.INI
[2008/08/09 12:25:17 | 000,000,026 | ---- | C] () -- C:\WINDOWS\CMCDPLAY.INI
[2008/08/09 12:25:16 | 000,000,000 | ---- | C] () -- C:\WINDOWS\Wininit.ini
[2008/08/09 12:25:05 | 000,028,672 | ---- | C] () -- C:\WINDOWS\CMIRmDriver.dll
[2008/08/09 12:22:53 | 000,002,314 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini
[2008/08/09 12:22:51 | 000,005,824 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS
[2008/08/09 12:17:24 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\cmirmdrv.dll
[2008/08/08 15:14:08 | 000,003,873 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\hpzinstall.log
[2008/08/07 20:04:46 | 000,000,385 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2008/08/07 19:24:01 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2006/10/22 11:22:00 | 001,703,936 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2006/10/22 11:22:00 | 001,486,848 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2006/10/22 11:22:00 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2006/10/22 11:22:00 | 000,581,632 | ---- | C] () -- C:\WINDOWS\System32\nvhwvid.dll
[2006/10/22 11:22:00 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2006/10/22 11:22:00 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2005/02/24 12:29:14 | 000,162,176 | ---- | C] () -- C:\WINDOWS\System32\drivers\PFC027.sys
[2005/01/25 15:15:42 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\PA207USD.DLL
[2002/08/30 13:00:00 | 000,096,512 | ---- | C] () -- C:\WINDOWS\System32\drivers\atapi.sys

========== LOP Check ==========

[2010/01/23 09:57:20 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonBJ
[2010/01/23 10:25:20 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonIJEGV
[2009/11/14 09:15:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ChessBase
[2008/09/27 10:13:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\eXPert PDF 4
[2010/02/13 09:25:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\F-Secure
[2008/08/27 09:58:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\IM
[2008/08/27 09:57:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\IncrediMail
[2008/11/10 20:44:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Planit Fusion Live But
[2009/11/25 18:36:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Seagate
[2010/02/13 19:47:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2009/12/25 18:55:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TomTom
[2008/10/15 19:57:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\lilou\Application Data\Anuman Interactive
[2010/01/23 10:05:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\lilou\Application Data\Canon
[2010/01/23 14:10:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\lilou\Application Data\Canon Easy-WebPrint EX
[2009/12/08 20:48:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\lilou\Application Data\Chess Tutor
[2010/02/07 13:39:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\lilou\Application Data\ChessBase
[2009/03/22 17:12:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\lilou\Application Data\Common Files
[2008/08/07 20:21:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\lilou\Application Data\EoRezo
[2008/09/27 20:42:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\lilou\Application Data\eXPert PDF Editor
[2008/11/25 20:31:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\lilou\Application Data\GARMIN
[2009/12/10 09:53:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\lilou\Application Data\HouseCall 6.6
[2008/08/07 20:15:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\lilou\Application Data\ItsLabel
[2009/11/26 11:46:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\lilou\Application Data\Leadertech
[2009/11/16 13:06:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\lilou\Application Data\LimeWire
[2009/11/08 09:38:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\lilou\Application Data\OpenOffice.org
[2009/12/30 16:54:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\lilou\Application Data\PCToolsFirewallPlus
[2008/11/10 20:44:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\lilou\Application Data\Planit International
[2010/02/12 20:49:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\lilou\Application Data\Registry Booster
[2009/06/03 20:32:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\lilou\Application Data\Samsung
[2008/08/07 20:22:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\lilou\Application Data\Smart PC Solutions
[2009/12/08 19:50:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\lilou\Application Data\Spamihilator
[2009/12/18 22:12:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\lilou\Application Data\Thunderbird
[2009/12/25 18:54:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\lilou\Application Data\TomTom

========== Purity Check ==========



========== Custom Scans ==========


<SYSTEMDRIVE>


<MD5>
[2008/08/09 09:20:59 | 022,282,803 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2008/09/27 08:36:29 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
[2008/08/09 09:20:59 | 022,282,803 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:AGP440.sys
[2008/09/27 08:36:29 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys
[2008/04/13 19:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008/04/13 19:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\dllcache\agp440.sys
[2008/04/13 19:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys
[2004/08/04 07:07:41 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\WINDOWS\$NtServicePackUninstall$\agp440.sys

<MD5>
[2002/08/30 13:00:00 | 010,179,564 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp1.cab:atapi.sys
[2008/08/09 09:20:59 | 022,282,803 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2008/09/27 08:36:29 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008/08/09 09:20:59 | 022,282,803 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:atapi.sys
[2008/09/27 08:36:29 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008/04/13 19:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\Driver Backup 11-8-2008-211356\Canal IDE principal\atapi.sys
[2008/04/13 19:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\Driver Backup 11-8-2008-211356\Canal IDE secondaire\atapi.sys
[2008/04/13 19:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008/04/13 19:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\ReinstallBackups\0002\DriverFiles\i386\atapi.sys
[2004/08/04 06:59:42 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys
[2008/04/13 19:40:30 | 000,096,512 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\atapi.sys

<MD5>
[2004/08/20 00:09:25 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=49B1376885340BF9EA0D99F71557B59A -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll
[2008/04/14 03:33:24 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=4EC800BDF80521B0207BD2301DFC7D14 -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008/04/14 03:33:24 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=4EC800BDF80521B0207BD2301DFC7D14 -- C:\WINDOWS\system32\eventlog.dll

<MD5>
[2008/04/14 03:33:34 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=04821179C3171554C1BD1F9888A113E2 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2008/04/14 03:33:34 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=04821179C3171554C1BD1F9888A113E2 -- C:\WINDOWS\system32\netlogon.dll
[2004/08/20 00:09:36 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=D4CFAC76926C24E32B7F25A35C31BC6E -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll

<MD5>
[2004/08/20 00:09:39 | 000,186,368 | ---- | M] (Microsoft Corporation) MD5=58D439F6EF73A2D9288B204E819F4BBD -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
[2008/04/14 03:33:40 | 000,187,392 | ---- | M] (Microsoft Corporation) MD5=973B36634C544948C663E8269AA1B3A3 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008/04/14 03:33:40 | 000,187,392 | ---- | M] (Microsoft Corporation) MD5=973B36634C544948C663E8269AA1B3A3 -- C:\WINDOWS\system32\scecli.dll

<systemroot>

<systemroot>
[3 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

<systemroot>

========== Alternate Data Streams ==========

@Alternate Data Stream - 120 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:C31F31E6
<End>
[2010/02/14 09:38:33 | 000,549,376 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\lilou\Bureau\OTL.exe
[2010/02/13 20:51:00 | 007,340,032 | -H-- | M] () -- C:\Documents and Settings\lilou\NTUSER.bak
[2010/02/13 20:49:33 | 007,213,056 | ---- | M] () -- C:\Documents and Settings\lilou\NTUSER.DAT
[2010/02/13 20:45:08 | 000,000,773 | ---- | M] () -- C:\Documents and Settings\lilou\Menu Démarrer\Programmes\Démarrage\ERUNT AutoBackup.lnk
[2010/02/13 20:45:08 | 000,000,000 | ---D | M] -- C:\Program Files\ERUNT
[2010/02/13 19:47:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2010/02/13 14:18:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\lilou\Local Settings\Application Data\Microsoft
[2010/02/13 13:36:53 | 000,089,004 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2010/02/13 13:33:34 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/02/13 13:33:29 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/02/13 13:30:27 | 000,000,184 | -HS- | M] () -- C:\Documents and Settings\lilou\ntuser.ini
[2010/02/13 10:38:48 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010/02/13 10:16:06 | 000,013,676 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/02/13 09:25:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\F-Secure
[2010/02/13 09:13:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sun
[2010/02/13 09:13:23 | 000,000,000 | ---D | M] -- C:\Program Files\Fichiers communs\Java
[2010/02/13 09:13:23 | 000,000,000 | ---D | M] -- C:\Program Files\Fichiers communs
[2010/02/13 09:12:12 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2010/02/13 09:12:12 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2010/02/13 09:12:12 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2010/02/13 09:12:12 | 000,073,728 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl
[2010/02/12 20:49:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\lilou\Application Data\Registry Booster
[2010/02/12 06:33:59 | 000,074,864 | ---- | M] () -- C:\Documents and Settings\lilou\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2010/02/12 06:23:35 | 000,290,088 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/02/08 18:28:12 | 000,004,608 | ---- | M] () -- C:\WINDOWS\System32\hmxpgoec.dll
[2010/02/08 18:28:12 | 000,001,018 | ---- | M] () -- C:\Documents and Settings\lilou\Bureau\Chess Openings Wizard.lnk
[2010/02/08 18:28:06 | 000,000,000 | ---D | M] -- C:\Program Files\Bookup
[2010/02/07 13:39:09 | 000,000,854 | ---- | M] () -- C:\WINDOWS\win.ini
[2010/02/07 13:39:09 | 000,000,000 | -H-D | M] -- C:\Program Files\InstallShield Installation Information
[2010/02/07 13:39:09 | 000,000,000 | ---D | M] -- C:\Program Files\ChessBase
[2010/02/07 13:39:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\lilou\Application Data\ChessBase
[2010/02/07 11:54:39 | 000,002,573 | ---- | M] () -- C:\Documents and Settings\lilou\Bureau\Microsoft Office Word 2003.lnk
[2010/02/07 11:08:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\lilou\Local Settings\Application Data\ChessBase
[2010/02/07 10:42:45 | 000,000,226 | ---- | M] () -- C:\WINDOWS\ChssBase.ini
[2010/02/05 21:21:23 | 000,001,735 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Adobe Reader 9.lnk
[2010/02/05 21:21:18 | 000,000,000 | ---D | M] -- C:\Program Files\Fichiers communs\Adobe
[2010/02/05 21:21:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Adobe
[2010/02/03 19:49:01 | 000,000,000 | ---D | M] -- C:\Program Files\Chess Opening Trainer
[2010/02/03 06:59:42 | 000,000,000 | ---D | M] -- C:\Program Files\Chess Position Trainer 3.2
[2010/02/03 06:56:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\lilou\Local Settings\Application Data\ApplicationHistory
[2010/01/31 18:07:25 | 000,000,143 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2010/01/31 11:52:39 | 000,000,036 | ---- | M] () -- C:\Documents and Settings\lilou\Local Settings\Application Data\housecall.guid.cache
[2010/01/31 11:16:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\lilou\Local Settings\Application Data\Thunderbird
[2010/01/31 11:16:33 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox
[2010/01/31 09:43:50 | 000,003,873 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\hpzinstall.log
[2010/01/30 11:14:37 | 000,000,000 | ---D | M] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/01/25 16:33:51 | 000,020,992 | ---- | M] () -- C:\Documents and Settings\lilou\Mes documents\Résiliation assurance scooter.doc
[2010/01/23 14:10:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\lilou\Application Data\Canon Easy-WebPrint EX
[2010/01/23 10:25:20 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonIJEGV
[2010/01/23 10:05:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\lilou\Application Data\Canon
[2010/01/23 10:04:00 | 000,000,000 | ---D | M] -- C:\Program Files\Internet Explorer
[2010/01/23 10:00:42 | 000,000,000 | ---D | M] -- C:\Program Files\Canon
[2010/01/23 09:59:38 | 000,000,000 | ---D | M] -- C:\Program Files\Fichiers communs\CANON
[2010/01/23 09:57:20 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonBJ
[2010/01/23 09:56:13 | 000,000,000 | -H-D | M] -- C:\Program Files\CanonBJ
[2010/01/22 05:43:42 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Silverlight
[2010/01/19 07:18:22 | 000,000,000 | ---D | M] -- C:\Program Files\eMule
[2010/01/19 06:12:59 | 000,000,000 | ---D | M] -- C:\Program Files\PC Tools Firewall Plus
[2010/01/09 18:00:27 | 000,044,032 | ---- | M] () -- C:\Documents and Settings\lilou\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/12/19 12:57:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\Adobe
[2009/11/04 19:41:53 | 000,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Application Data\Microsoft
[2009/08/09 11:06:37 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\LauncherAccess.dt
[2009/08/07 21:18:13 | 001,634,306 | -H-- | M] () -- C:\Documents and Settings\lilou\Local Settings\Application Data\IconCache.db
[2009/07/31 02:00:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft
[2009/02/01 22:54:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Google
[2008/08/19 21:02:23 | 000,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Application Data\Microsoft
[2008/08/15 10:42:03 | 000,000,128 | ---- | M] () -- C:\Documents and Settings\lilou\Local Settings\Application Data\fusioncache.dat
[2008/08/09 09:56:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft
[2008/08/07 19:31:17 | 000,000,062 | -HS- | M] () -- C:\Documents and Settings\lilou\Application Data\desktop.ini
[2008/08/07 19:31:17 | 000,000,062 | -HS- | M] () -- C:\Documents and Settings\All Users\Application Data\desktop.ini
[2006/06/29 13:58:52 | 000,030,808 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalUserInterface.CompositeFont
[2006/06/29 13:53:56 | 000,026,489 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalSansSerif.CompositeFont
[2006/04/18 14:39:28 | 000,029,779 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalSerif.CompositeFont
[2006/04/18 14:39:28 | 000,026,040 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalMonospace.CompositeFont
[6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010/02/14 09:38:33 | 000,549,376 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\lilou\Bureau\OTL.exe
[2010/02/13 20:51:00 | 007,340,032 | -H-- | M] () -- C:\Documents and Settings\lilou\NTUSER.bak
[2010/02/13 20:49:33 | 007,213,056 | ---- | M] () -- C:\Documents and Settings\lilou\NTUSER.DAT
[2010/02/13 20:45:08 | 000,000,773 | ---- | M] () -- C:\Documents and Settings\lilou\Menu Démarrer\Programmes\Démarrage\ERUNT AutoBackup.lnk
[2010/02/13 13:36:53 | 000,089,004 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2010/02/13 13:33:34 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/02/13 13:33:29 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/02/13 13:30:27 | 000,000,184 | -HS- | M] () -- C:\Documents and Settings\lilou\ntuser.ini
[2010/02/13 10:38:48 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010/02/13 10:16:06 | 000,013,676 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/02/13 09:12:12 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deploytk.dll
[2010/02/13 09:12:12 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2010/02/13 09:12:12 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2010/02/13 09:12:12 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2010/02/13 09:12:12 | 000,073,728 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl
[2010/02/12 06:33:59 | 000,074,864 | ---- | M] () -- C:\Documents and Settings\lilou\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2010/02/12 06:23:35 | 000,290,088 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/02/08 18:28:12 | 000,004,608 | ---- | M] () -- C:\WINDOWS\System32\hmxpgoec.dll
[2010/02/08 18:28:12 | 000,001,018 | ---- | M] () -- C:\Documents and Settings\lilou\Bureau\Chess Openings Wizard.lnk
[2010/02/07 13:39:09 | 000,000,854 | ---- | M] () -- C:\WINDOWS\win.ini
[2010/02/07 11:54:39 | 000,002,573 | ---- | M] () -- C:\Documents and Settings\lilou\Bureau\Microsoft Office Word 2003.lnk
[2010/02/07 10:42:45 | 000,000,226 | ---- | M] () -- C:\WINDOWS\ChssBase.ini
[2010/02/05 21:21:23 | 000,001,735 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Adobe Reader 9.lnk
[2010/01/31 18:07:25 | 000,000,143 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2010/01/31 11:52:39 | 000,000,036 | ---- | M] () -- C:\Documents and Settings\lilou\Local Settings\Application Data\housecall.guid.cache
[2010/01/25 16:33:51 | 000,020,992 | ---- | M] () -- C:\Documents and Settings\lilou\Mes documents\Résiliation assurance scooter.doc
[2010/01/19 06:12:50 | 000,115,216 | ---- | M] (PC Tools) -- C:\WINDOWS\System32\drivers\pctplfw.sys
[2010/01/19 06:12:49 | 000,070,664 | ---- | M] (PC Tools) -- C:\WINDOWS\System32\drivers\pctNdis-PacketFilter.sys
[2010/01/19 06:12:49 | 000,058,816 | ---- | M] (PC Tools) -- C:\WINDOWS\System32\drivers\pctNdis.sys
[2010/01/19 06:12:48 | 000,233,136 | ---- | M] (PC Tools) -- C:\WINDOWS\System32\drivers\pctgntdi.sys
[2010/01/19 06:12:48 | 000,032,680 | ---- | M] (PC Tools) -- C:\WINDOWS\System32\drivers\pctNdis-DNS.sys
[6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== LOP Check ==========

[2010/01/23 09:57:20 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonBJ
[2010/01/23 10:25:20 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonIJEGV
[2009/11/14 09:15:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ChessBase
[2008/09/27 10:13:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\eXPert PDF 4
[2010/02/13 09:25:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\F-Secure
[2008/08/27 09:58:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\IM
[2008/08/27 09:57:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\IncrediMail
[2008/11/10 20:44:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Planit Fusion Live But
[2009/11/25 18:36:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Seagate
[2010/02/13 19:47:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2009/12/25 18:55:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TomTom
[2008/10/15 19:57:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\lilou\Application Data\Anuman Interactive
[2010/01/23 10:05:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\lilou\Application Data\Canon
[2010/01/23 14:10:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\lilou\Application Data\Canon Easy-WebPrint EX
[2009/12/08 20:48:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\lilou\Application Data\Chess Tutor
[2010/02/07 13:39:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\lilou\Application Data\ChessBase
[2009/03/22 17:12:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\lilou\Application Data\Common Files
[2008/08/07 20:21:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\lilou\Application Data\EoRezo
[2008/09/27 20:42:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\lilou\Application Data\eXPert PDF Editor
[2008/11/25 20:31:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\lilou\Application Data\GARMIN
[2009/12/10 09:53:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\lilou\Application Data\HouseCall 6.6
[2008/08/07 20:15:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\lilou\Application Data\ItsLabel
[2009/11/26 11:46:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\lilou\Application Data\Leadertech
[2009/11/16 13:06:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\lilou\Application Data\LimeWire
[2009/11/08 09:38:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\lilou\Application Data\OpenOffice.org
[2009/12/30 16:54:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\lilou\Application Data\PCToolsFirewallPlus
[2008/11/10 20:44:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\lilou\Application Data\Planit International
[2010/02/12 20:49:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\lilou\Application Data\Registry Booster
[2009/06/03 20:32:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\lilou\Application Data\Samsung
[2008/08/07 20:22:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\lilou\Application Data\Smart PC Solutions
[2009/12/08 19:50:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\lilou\Application Data\Spamihilator
[2009/12/18 22:12:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\lilou\Application Data\Thunderbird
[2009/12/25 18:54:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\lilou\Application Data\TomTom

========== Purity Check ==========



========== Custom Scans ==========


<SYSTEMDRIVE>


<MD5>
[2008/08/09 09:20:59 | 022,282,803 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2008/09/27 08:36:29 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
[2008/08/09 09:20:59 | 022,282,803 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:AGP440.sys
[2008/09/27 08:36:29 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys
[2008/04/13 19:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008/04/13 19:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\dllcache\agp440.sys
[2008/04/13 19:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys
[2004/08/04 07:07:41 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\WINDOWS\$NtServicePackUninstall$\agp440.sys

<MD5>
[2002/08/30 13:00:00 | 010,179,564 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp1.cab:atapi.sys
[2008/08/09 09:20:59 | 022,282,803 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2008/09/27 08:36:29 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008/08/09 09:20:59 | 022,282,803 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:atapi.sys
[2008/09/27 08:36:29 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008/04/13 19:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\Driver Backup 11-8-2008-211356\Canal IDE principal\atapi.sys
[2008/04/13 19:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\Drive
lm33980
 
Messages: 11
Inscription: 13 Déc 2009, 10:34

Rapport détaillé du fichier OTL.txt

Messagede lm33980 » 14 Fév 2010, 11:10

Bonjour,

Je retransmet l'intégralité du fichier OTL.txt car lors de mon précédent envoi, j'ai une déconnexion intempestive qui m'a empêché la transmission complète du fichier que voici :

OTL logfile created on: 14/02/2010 09:47:45 - Run 1
OTL by OldTimer - Version 3.1.28.0 Folder = C:\Documents and Settings\lilou\Bureau
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

767,00 Mb Total Physical Memory | 383,00 Mb Available Physical Memory | 50,00% Memory free
2,00 Gb Paging File | 1,00 Gb Available in Paging File | 79,00% Paging File free
Paging file location(s): C:\pagefile.sys 1152 2304 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 25,29 Gb Total Space | 11,15 Gb Free Space | 44,08% Space Free | Partition Type: NTFS
Drive D: | 19,87 Gb Total Space | 3,40 Gb Free Space | 17,10% Space Free | Partition Type: NTFS
Drive E: | 29,37 Gb Total Space | 10,92 Gb Free Space | 37,16% Space Free | Partition Type: NTFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: POWERNET
Current User Name: lilou
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2010/02/14 09:38:33 | 000,549,376 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\lilou\Bureau\OTL.exe
PRC - [2010/02/13 09:12:13 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe
PRC - [2010/01/19 06:11:44 | 003,168,216 | ---- | M] (PC Tools) -- C:\Program Files\PC Tools Firewall Plus\FirewallGUI.exe
PRC - [2010/01/11 15:21:52 | 000,246,504 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe
PRC - [2009/11/13 12:31:14 | 000,092,008 | ---- | M] (TomTom) -- C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
PRC - [2009/11/09 11:20:14 | 000,818,432 | ---- | M] (PC Tools) -- C:\Program Files\PC Tools Firewall Plus\FWService.exe
PRC - [2009/07/21 13:33:58 | 000,185,089 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2009/05/13 15:47:40 | 000,108,289 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2009/03/27 15:54:06 | 000,165,160 | ---- | M] (Seagate Technology LLC) -- C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe
PRC - [2009/03/23 18:00:00 | 001,983,816 | ---- | M] (CANON INC.) -- C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
PRC - [2009/03/08 13:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Internet Explorer\iexplore.exe
PRC - [2009/03/02 12:08:11 | 000,209,153 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2009/01/27 13:10:06 | 000,189,824 | ---- | M] (IncrediMail, Ltd.) -- C:\Program Files\IncrediMail\bin\ImApp.exe
PRC - [2008/09/13 06:12:42 | 000,039,408 | ---- | M] (Google Inc.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
PRC - [2008/05/16 14:01:00 | 000,159,812 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvsvc32.exe
PRC - [2008/04/14 03:34:03 | 001,037,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2005/01/14 09:32:38 | 000,053,248 | ---- | M] () -- C:\WINDOWS\system32\PAStiSvc.exe


========== Modules (SafeList) ==========

MOD - [2010/02/14 09:38:33 | 000,549,376 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\lilou\Bureau\OTL.exe
MOD - [2008/06/03 09:47:06 | 000,138,216 | ---- | M] (Babylon Ltd.) -- C:\Program Files\IncrediMail\bin\B4ImApp.dll
MOD - [2008/04/14 03:33:28 | 000,019,968 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\linkinfo.dll
MOD - [2006/05/03 21:53:54 | 000,174,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\framedyn.dll


========== Win32 Services (SafeList) ==========

SRV - [2010/02/13 09:12:13 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) [Auto | Running] -- C:\Program Files\Java\jre6\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2009/11/13 12:31:14 | 000,092,008 | ---- | M] (TomTom) [Auto | Running] -- C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe -- (TomTomHOMEService)
SRV - [2009/11/09 11:20:14 | 000,818,432 | ---- | M] (PC Tools) [Auto | Running] -- C:\Program Files\PC Tools Firewall Plus\FWService.exe -- (PCToolsFirewallPlus)
SRV - [2009/07/21 13:33:58 | 000,185,089 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2009/05/13 15:47:40 | 000,108,289 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2009/05/01 14:38:09 | 000,182,768 | ---- | M] (Google) [On_Demand | Stopped] -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc)
SRV - [2009/03/27 15:54:06 | 000,165,160 | ---- | M] (Seagate Technology LLC) [Auto | Running] -- C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe -- (FreeAgentGoNext Service)
SRV - [2008/05/16 14:01:00 | 000,159,812 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\WINDOWS\system32\nvsvc32.exe -- (NVSvc)
SRV - [2005/01/14 09:32:38 | 000,053,248 | ---- | M] () [Auto | Running] -- C:\WINDOWS\system32\PAStiSvc.exe -- (STI Simulator)
SRV - [2004/01/05 10:44:28 | 000,065,795 | ---- | M] (HP) [On_Demand | Stopped] -- C:\WINDOWS\system32\hpzipm12.exe -- (Pml Driver HPZ12)
SRV - [2003/07/28 19:28:22 | 000,089,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE -- (ose)


========== Driver Services (SafeList) ==========

DRV - [2010/01/19 06:12:50 | 000,115,216 | ---- | M] (PC Tools) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pctplfw.sys -- (pctplfw)
DRV - [2010/01/19 06:12:49 | 000,070,664 | ---- | M] (PC Tools) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pctNdis-PacketFilter.sys -- (PCTFW-PacketFilter)
DRV - [2010/01/19 06:12:49 | 000,058,816 | ---- | M] (PC Tools) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pctNdis.sys -- (pctNDIS)
DRV - [2010/01/19 06:12:48 | 000,233,136 | ---- | M] (PC Tools) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\pctgntdi.sys -- (pctgntdi)
DRV - [2010/01/19 06:12:48 | 000,032,680 | ---- | M] (PC Tools) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pctNdis-DNS.sys -- (PCTFW-DNS)
DRV - [2009/11/25 11:19:02 | 000,056,816 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2009/11/23 13:54:20 | 000,088,040 | ---- | M] (PC Tools) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\PCTAppEvent.sys -- (PCTAppEvent)
DRV - [2009/06/03 20:26:54 | 000,005,632 | ---- | M] () [File_System | System | Running] -- C:\WINDOWS\system32\drivers\StarOpen.sys -- (StarOpen)
DRV - [2009/05/11 09:11:52 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2009/03/30 09:32:47 | 000,096,104 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)
DRV - [2009/02/13 11:34:33 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys -- (avgio)
DRV - [2008/11/20 20:19:06 | 000,043,872 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\PxHelp20.sys -- (PxHelp20)
DRV - [2008/08/17 18:15:16 | 000,000,000 | ---- | M] () [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\Ultra.dll -- (ultra)
DRV - [2008/05/16 14:01:00 | 006,557,408 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2008/04/13 19:45:29 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum)
DRV - [2008/04/13 19:45:12 | 000,060,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbaudio.sys -- (usbaudio) Pilote USB audio (WDM)
DRV - [2008/04/13 19:40:30 | 000,096,512 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\atapi.sys -- (atapi)
DRV - [2008/04/13 17:39:15 | 000,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\secdrv.sys -- (Secdrv)
DRV - [2008/02/22 14:33:02 | 000,114,304 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sscdmdm.sys -- (sscdmdm)
DRV - [2008/02/22 14:33:02 | 000,014,976 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sscdmdfl.sys -- (sscdmdfl)
DRV - [2008/02/22 14:33:00 | 000,087,936 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sscdbus.sys -- (sscdbus) SAMSUNG USB Composite Device driver (WDM)
DRV - [2007/05/02 10:12:36 | 000,109,704 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssm_mdm.sys -- (ssm_mdm)
DRV - [2007/05/02 10:12:36 | 000,015,112 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssm_mdfl.sys -- (ssm_mdfl)
DRV - [2007/05/02 10:12:34 | 000,083,592 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssm_bus.sys -- (ssm_bus) SAMSUNG Mobile USB Device II 1.0 driver (WDM)
DRV - [2005/02/24 12:29:14 | 000,162,176 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\PFC027.sys -- (PAC207)
DRV - [2004/11/03 14:14:26 | 000,267,136 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sis7012.sys -- (SiS7012) Service for AC'97 Sample Driver (WDM)
DRV - [2004/06/30 14:01:12 | 000,032,768 | ---- | M] (SiS Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sisnicxp.sys -- (SISNICXP)
DRV - [2004/04/30 09:37:02 | 000,160,640 | ---- | M] ( ) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\a347bus.sys -- (a347bus)
DRV - [2004/04/30 09:33:00 | 000,005,248 | ---- | M] ( ) [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\a347scsi.sys -- (a347scsi)
DRV - [2004/01/05 10:44:30 | 000,021,488 | R--- | M] (HP) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\HPZius12.sys -- (HPZius12)
DRV - [2004/01/05 10:44:30 | 000,016,496 | R--- | M] (HP) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\HPZipr12.sys -- (HPZipr12)
DRV - [2004/01/05 10:44:28 | 000,051,056 | R--- | M] (HP) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\hpzid412.sys -- (HPZid412)
DRV - [2003/10/17 04:52:06 | 000,754,560 | ---- | M] (C-Media Inc) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\cmuda.sys -- (cmuda)
DRV - [2003/03/25 17:50:46 | 000,004,096 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\siside.sys -- (SiSide)
DRV - [2002/09/16 18:07:24 | 000,004,228 | ---- | M] (PowerQuest Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\PQNTDRV.sys -- (PQNTDrv)
DRV - [2002/08/30 13:00:00 | 000,017,792 | ---- | M] (Parallel Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ptilink.sys -- (Ptilink)
DRV - [2002/07/10 16:39:34 | 000,032,256 | R--- | M] (SiS Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sisnic.sys -- (SISNIC)
DRV - [2001/08/17 21:56:16 | 000,007,552 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SONYPVU1.SYS -- (SONYPVU1) Pilote de filtrage Sony USB (SONYPVU1)
DRV - [1999/09/10 12:06:00 | 000,025,244 | ---- | M] (Adaptec) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\Aspi32.sys -- (Aspi32)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie


IE - HKU\.DEFAULT\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-20\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-854245398-1123561945-682003330-1004\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKU\S-1-5-21-854245398-1123561945-682003330-1004\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
IE - HKU\S-1-5-21-854245398-1123561945-682003330-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://mystart.incredimail.com/french/ [binary data]
IE - HKU\S-1-5-21-854245398-1123561945-682003330-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://mystart.magentic.com/
IE - HKU\S-1-5-21-854245398-1123561945-682003330-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore = http://isearch.babylon.com/home
IE - HKU\S-1-5-21-854245398-1123561945-682003330-1004\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKU\S-1-5-21-854245398-1123561945-682003330-1004\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
IE - HKU\S-1-5-21-854245398-1123561945-682003330-1004\S-1-5-21-854245398-1123561945-682003330-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "MyStart Rechercher"
FF - prefs.js..browser.search.selectedEngine: "MyStart"
FF - prefs.js..browser.startup.homepage: "http://www.mystart101.com/"
FF - prefs.js..keyword.URL: "http://mystart.magentic.com/?loc=FF_Magentic_AddressBar&search="


[2009/12/18 22:12:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\lilou\Application Data\Mozilla\Extensions
[2009/12/18 22:12:49 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\lilou\Application Data\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2009/12/25 18:54:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\lilou\Application Data\Mozilla\Extensions\home2@tomtom.com
[2009/06/15 12:01:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\lilou\Application Data\Mozilla\Extensions\mozswing@mozswing.org
[2009/10/27 08:29:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\lilou\Application Data\Mozilla\Firefox\Profiles\fnhlvknr.default\extensions
[2009/03/22 09:30:14 | 000,002,143 | ---- | M] () -- C:\Documents and Settings\lilou\Application Data\Mozilla\Firefox\Profiles\fnhlvknr.default\searchplugins\MyStart Search.xml
[2009/12/09 06:03:06 | 000,001,611 | ---- | M] () -- C:\Documents and Settings\lilou\Application Data\Mozilla\Firefox\Profiles\fnhlvknr.default\searchplugins\MyStart.xml
[2010/01/31 11:16:33 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions

O1 HOSTS File: ([2008/08/08 15:51:40 | 000,257,781 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.1001-search.info
O1 - Hosts: 127.0.0.1 1001-search.info
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.123topsearch.com
O1 - Hosts: 127.0.0.1 123topsearch.com
O1 - Hosts: 127.0.0.1 www.132.com
O1 - Hosts: 127.0.0.1 132.com
O1 - Hosts: 127.0.0.1 www.136136.net
O1 - Hosts: 127.0.0.1 136136.net
O1 - Hosts: 8958 more lines...
O2 - BHO: (Yahoo! Toolbar Helper) - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (Canon Easy-WebPrint EX BHO) - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
O2 - BHO: (no name) - {64F56FC1-1272-44CD-BA6E-39723696E350} - No CLSID value found.
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll (Google Inc.)
O2 - BHO: (Google Dictionary Compression sdch) - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll (Google Inc.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar avec bloqueur de fenêtres pop-up) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKU\S-1-5-21-854245398-1123561945-682003330-1004\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll (Google Inc.)
O3 - HKU\S-1-5-21-854245398-1123561945-682003330-1004\..\Toolbar\WebBrowser: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O3 - HKU\S-1-5-21-854245398-1123561945-682003330-1004\..\Toolbar\WebBrowser: (Yahoo! Toolbar avec bloqueur de fenêtres pop-up) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O4 - HKLM..\Run: [00PCTFW] C:\Program Files\PC Tools Firewall Plus\FirewallGUI.exe (PC Tools)
O4 - HKLM..\Run: [Adobe ARM] C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4 - HKLM..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe (CANON INC.)
O4 - HKLM..\Run: [Cmaudio] File not found
O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
O4 - HKU\S-1-5-21-854245398-1123561945-682003330-1004..\Run: [ccleaner] C:\Program Files\CCleaner\ccleaner.exe (Piriform Ltd)
O4 - HKU\S-1-5-21-854245398-1123561945-682003330-1004..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - Startup: C:\Documents and Settings\lilou\Menu Démarrer\Programmes\Démarrage\ERUNT AutoBackup.lnk = C:\Program Files\ERUNT\AUTOBACK.EXE ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19_Classes\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20_Classes\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-21-854245398-1123561945-682003330-1004\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-21-854245398-1123561945-682003330-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = FF 00 00 00 [binary data]
O7 - HKU\S-1-5-21-854245398-1123561945-682003330-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0
O7 - HKU\S-1-5-21-854245398-1123561945-682003330-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispCPL = 0
O7 - HKU\S-1-5-21-854245398-1123561945-682003330-1004_Classes\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O15 - HKLM\..Trusted Domains: 43 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKU\.DEFAULT\..Trusted Domains: 42 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKU\S-1-5-18\..Trusted Domains: 42 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKU\S-1-5-21-854245398-1123561945-682003330-1004\..Trusted Domains: 42 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} http://ushousecall02.trendmicro.com/hou ... hcImpl.cab (Trend Micro ActiveX Scan Agent 6.6)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\yinsthelper.dll (YInstStarter Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shoc ... wflash.cab (Shockwave Flash Object)
O16 - DPF: DirectAnimation Java Classes Reg Error: Value error. (Reg Error: Key error.)
O16 - DPF: Garmin Communicator Plug-In https://my.garmin.com/mygarmin/m/GarminAxControl.CAB (Reg Error: Key error.)
O16 - DPF: Microsoft XML Parser for Java Reg Error: Value error. (Reg Error: Key error.)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Fichiers communs\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\x-sdch {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll (Google Inc.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Ma page d'accueil) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\lilou\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\lilou\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008/08/07 19:22:23 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{06e2c4c8-f149-11de-85e8-001966697212}\Shell\AutoRun\command - "" = I:\InstallTomTomHOME.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - comfile [open] -- "%1" %*
O35 - exefile [open] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: Ias - C:\WINDOWS\system32\ias [2008/08/07 19:21:58 | 000,000,000 | ---D | M]
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: Wmi - C:\WINDOWS\system32\wmi.dll (Microsoft Corporation)
NetSvcs: WmdmPmSp - File not found

========== Files/Folders - Created Within 30 Days ==========

[2010/02/14 09:38:32 | 000,549,376 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\lilou\Bureau\OTL.exe
[2010/02/13 20:46:19 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2010/02/13 20:45:04 | 000,000,000 | ---D | C] -- C:\Program Files\ERUNT
[2010/02/13 10:22:17 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\lilou\Recent
[2010/02/13 09:25:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\F-Secure
[2010/02/13 09:13:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Sun
[2010/02/13 09:13:23 | 000,000,000 | ---D | C] -- C:\Program Files\Fichiers communs\Java
[2010/02/13 09:12:28 | 000,153,376 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2010/02/13 09:12:28 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2010/02/13 09:12:28 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2010/02/13 09:12:28 | 000,073,728 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl
[2010/02/08 18:28:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\UG
[2010/02/07 11:08:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\SxsCaPendDel
[2010/01/31 18:50:09 | 000,000,000 | ---D | C] -- C:\Program Files\Chess Opening Trainer
[2010/01/23 10:25:20 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Application Data\CanonIJEGV
[2010/01/23 10:05:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\lilou\Application Data\Canon
[2010/01/23 10:03:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\lilou\Bureau\Imprimantes
[2010/01/23 10:00:51 | 001,310,720 | ---- | C] (CANON INC.) -- C:\WINDOWS\System32\CNC490C.dll
[2010/01/23 10:00:51 | 000,303,104 | ---- | C] (CANON INC.) -- C:\WINDOWS\System32\CNC490L.dll
[2010/01/23 10:00:51 | 000,110,592 | ---- | C] (CANON INC.) -- C:\WINDOWS\System32\CNC490I.dll
[2010/01/23 10:00:51 | 000,106,496 | ---- | C] (CANON INC.) -- C:\WINDOWS\System32\CNC490U.dll
[2010/01/23 10:00:51 | 000,015,872 | ---- | C] (CANON INC.) -- C:\WINDOWS\System32\CNHMCA.dll
[2010/01/23 10:00:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\lilou\Application Data\Canon Easy-WebPrint EX
[2010/01/23 09:59:38 | 000,000,000 | ---D | C] -- C:\Program Files\Fichiers communs\CANON
[2010/01/23 09:57:20 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Application Data\CanonBJ
[2010/01/23 09:57:03 | 000,272,384 | ---- | C] (CANON INC.) -- C:\WINDOWS\System32\CNMLM9Y.DLL
[2010/01/23 09:56:38 | 000,000,000 | -H-D | C] -- C:\WINDOWS\System32\CanonIJ Uninstaller Information
[2010/01/23 09:56:31 | 000,090,112 | ---- | C] (Canon Inc.) -- C:\WINDOWS\System32\CNC490O.dll
[2010/01/23 09:56:28 | 000,178,176 | ---- | C] (CANON INC.) -- C:\WINDOWS\System32\CNMIU9Y.DLL
[2010/01/23 09:56:13 | 000,000,000 | -H-D | C] -- C:\Program Files\CanonBJ
[2010/01/23 09:54:01 | 000,000,000 | ---D | C] -- C:\Program Files\Canon
[2010/01/19 20:13:20 | 000,000,000 | ---D | C] -- C:\Program Files\Chess Position Trainer 3.2
[2009/12/19 12:57:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\Adobe
[2009/11/04 19:41:53 | 000,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Application Data\Microsoft
[2009/07/31 02:00:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft
[2009/02/01 22:54:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Google
[2008/12/25 20:28:51 | 000,160,640 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\a347bus.sys
[2008/12/25 20:28:51 | 000,005,248 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\a347scsi.sys
[2008/08/19 21:02:23 | 000,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Application Data\Microsoft
[2008/08/09 09:56:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft
[6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010/02/14 09:38:33 | 000,549,376 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\lilou\Bureau\OTL.exe
[2010/02/13 20:51:00 | 007,340,032 | -H-- | M] () -- C:\Documents and Settings\lilou\NTUSER.bak
[2010/02/13 20:49:33 | 007,213,056 | ---- | M] () -- C:\Documents and Settings\lilou\NTUSER.DAT
[2010/02/13 20:45:08 | 000,000,773 | ---- | M] () -- C:\Documents and Settings\lilou\Menu Démarrer\Programmes\Démarrage\ERUNT AutoBackup.lnk
[2010/02/13 13:36:53 | 000,089,004 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2010/02/13 13:33:34 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/02/13 13:33:29 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/02/13 13:30:27 | 000,000,184 | -HS- | M] () -- C:\Documents and Settings\lilou\ntuser.ini
[2010/02/13 10:38:48 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010/02/13 10:16:06 | 000,013,676 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/02/13 09:12:12 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deploytk.dll
[2010/02/13 09:12:12 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2010/02/13 09:12:12 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2010/02/13 09:12:12 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2010/02/13 09:12:12 | 000,073,728 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl
[2010/02/12 06:33:59 | 000,074,864 | ---- | M] () -- C:\Documents and Settings\lilou\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2010/02/12 06:23:35 | 000,290,088 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/02/08 18:28:12 | 000,004,608 | ---- | M] () -- C:\WINDOWS\System32\hmxpgoec.dll
[2010/02/08 18:28:12 | 000,001,018 | ---- | M] () -- C:\Documents and Settings\lilou\Bureau\Chess Openings Wizard.lnk
[2010/02/07 13:39:09 | 000,000,854 | ---- | M] () -- C:\WINDOWS\win.ini
[2010/02/07 11:54:39 | 000,002,573 | ---- | M] () -- C:\Documents and Settings\lilou\Bureau\Microsoft Office Word 2003.lnk
[2010/02/07 10:42:45 | 000,000,226 | ---- | M] () -- C:\WINDOWS\ChssBase.ini
[2010/02/05 21:21:23 | 000,001,735 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Adobe Reader 9.lnk
[2010/01/31 18:07:25 | 000,000,143 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2010/01/31 11:52:39 | 000,000,036 | ---- | M] () -- C:\Documents and Settings\lilou\Local Settings\Application Data\housecall.guid.cache
[2010/01/25 16:33:51 | 000,020,992 | ---- | M] () -- C:\Documents and Settings\lilou\Mes documents\Résiliation assurance scooter.doc
[2010/01/19 06:12:50 | 000,115,216 | ---- | M] (PC Tools) -- C:\WINDOWS\System32\drivers\pctplfw.sys
[2010/01/19 06:12:49 | 000,070,664 | ---- | M] (PC Tools) -- C:\WINDOWS\System32\drivers\pctNdis-PacketFilter.sys
[2010/01/19 06:12:49 | 000,058,816 | ---- | M] (PC Tools) -- C:\WINDOWS\System32\drivers\pctNdis.sys
[2010/01/19 06:12:48 | 000,233,136 | ---- | M] (PC Tools) -- C:\WINDOWS\System32\drivers\pctgntdi.sys
[2010/01/19 06:12:48 | 000,032,680 | ---- | M] (PC Tools) -- C:\WINDOWS\System32\drivers\pctNdis-DNS.sys
[6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/02/13 20:45:08 | 000,000,773 | ---- | C] () -- C:\Documents and Settings\lilou\Menu Démarrer\Programmes\Démarrage\ERUNT AutoBackup.lnk
[2010/02/13 10:29:33 | 000,001,374 | ---- | C] () -- C:\WINDOWS\imsins.BAK
[2010/02/08 18:28:12 | 000,004,608 | ---- | C] () -- C:\WINDOWS\System32\hmxpgoec.dll
[2010/02/08 18:28:12 | 000,001,018 | ---- | C] () -- C:\Documents and Settings\lilou\Bureau\Chess Openings Wizard.lnk
[2010/02/05 21:21:23 | 000,001,735 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Adobe Reader 9.lnk
[2010/01/31 11:52:39 | 000,000,036 | ---- | C] () -- C:\Documents and Settings\lilou\Local Settings\Application Data\housecall.guid.cache
[2010/01/25 16:33:51 | 000,020,992 | ---- | C] () -- C:\Documents and Settings\lilou\Mes documents\Résiliation assurance scooter.doc
[2010/01/23 10:00:51 | 000,012,544 | ---- | C] () -- C:\WINDOWS\System32\CNC173CD.TBL
[2009/06/03 20:28:04 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\LauncherAccess.dt
[2009/06/03 20:14:01 | 000,005,632 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys
[2009/03/26 14:48:14 | 000,000,151 | ---- | C] () -- C:\WINDOWS\PhotoSnapViewer.INI
[2009/02/22 18:14:56 | 000,389,120 | ---- | C] () -- C:\WINDOWS\System32\XVID.DLL
[2009/02/22 18:14:26 | 000,200,704 | ---- | C] () -- C:\WINDOWS\System32\avisynth.dll
[2009/02/22 18:14:26 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\MPEG2DEC.dll
[2009/02/22 18:14:26 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\Decomb.dll
[2008/12/25 21:08:58 | 000,000,143 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2008/12/11 19:04:20 | 000,000,478 | ---- | C] () -- C:\WINDOWS\videoimp.ini
[2008/12/11 19:04:12 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\vidx16.dll
[2008/12/11 19:03:55 | 000,000,021 | ---- | C] () -- C:\WINDOWS\VI_setup.ini
[2008/08/17 18:15:16 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\Ultra.dll
[2008/08/15 10:42:03 | 000,000,128 | ---- | C] () -- C:\Documents and Settings\lilou\Local Settings\Application Data\fusioncache.dat
[2008/08/12 05:29:39 | 000,044,032 | ---- | C] () -- C:\Documents and Settings\lilou\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/08/10 17:52:31 | 000,000,226 | ---- | C] () -- C:\WINDOWS\ChssBase.ini
[2008/08/09 12:25:18 | 000,000,092 | ---- | C] () -- C:\WINDOWS\CMISETUP.INI
[2008/08/09 12:25:17 | 000,000,026 | ---- | C] () -- C:\WINDOWS\CMCDPLAY.INI
[2008/08/09 12:25:16 | 000,000,000 | ---- | C] () -- C:\WINDOWS\Wininit.ini
[2008/08/09 12:25:05 | 000,028,672 | ---- | C] () -- C:\WINDOWS\CMIRmDriver.dll
[2008/08/09 12:22:53 | 000,002,314 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini
[2008/08/09 12:22:51 | 000,005,824 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS
[2008/08/09 12:17:24 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\cmirmdrv.dll
[2008/08/08 15:14:08 | 000,003,873 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\hpzinstall.log
[2008/08/07 20:04:46 | 000,000,385 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2008/08/07 19:24:01 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2006/10/22 11:22:00 | 001,703,936 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2006/10/22 11:22:00 | 001,486,848 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2006/10/22 11:22:00 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2006/10/22 11:22:00 | 000,581,632 | ---- | C] () -- C:\WINDOWS\System32\nvhwvid.dll
[2006/10/22 11:22:00 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2006/10/22 11:22:00 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2005/02/24 12:29:14 | 000,162,176 | ---- | C] () -- C:\WINDOWS\System32\drivers\PFC027.sys
[2005/01/25 15:15:42 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\PA207USD.DLL
[2002/08/30 13:00:00 | 000,096,512 | ---- | C] () -- C:\WINDOWS\System32\drivers\atapi.sys

========== LOP Check ==========

[2010/01/23 09:57:20 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonBJ
[2010/01/23 10:25:20 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonIJEGV
[2009/11/14 09:15:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ChessBase
[2008/09/27 10:13:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\eXPert PDF 4
[2010/02/13 09:25:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\F-Secure
[2008/08/27 09:58:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\IM
[2008/08/27 09:57:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\IncrediMail
[2008/11/10 20:44:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Planit Fusion Live But
[2009/11/25 18:36:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Seagate
[2010/02/13 19:47:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2009/12/25 18:55:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TomTom
[2008/10/15 19:57:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\lilou\Application Data\Anuman Interactive
[2010/01/23 10:05:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\lilou\Application Data\Canon
[2010/01/23 14:10:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\lilou\Application Data\Canon Easy-WebPrint EX
[2009/12/08 20:48:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\lilou\Application Data\Chess Tutor
[2010/02/07 13:39:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\lilou\Application Data\ChessBase
[2009/03/22 17:12:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\lilou\Application Data\Common Files
[2008/08/07 20:21:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\lilou\Application Data\EoRezo
[2008/09/27 20:42:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\lilou\Application Data\eXPert PDF Editor
[2008/11/25 20:31:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\lilou\Application Data\GARMIN
[2009/12/10 09:53:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\lilou\Application Data\HouseCall 6.6
[2008/08/07 20:15:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\lilou\Application Data\ItsLabel
[2009/11/26 11:46:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\lilou\Application Data\Leadertech
[2009/11/16 13:06:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\lilou\Application Data\LimeWire
[2009/11/08 09:38:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\lilou\Application Data\OpenOffice.org
[2009/12/30 16:54:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\lilou\Application Data\PCToolsFirewallPlus
[2008/11/10 20:44:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\lilou\Application Data\Planit International
[2010/02/12 20:49:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\lilou\Application Data\Registry Booster
[2009/06/03 20:32:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\lilou\Application Data\Samsung
[2008/08/07 20:22:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\lilou\Application Data\Smart PC Solutions
[2009/12/08 19:50:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\lilou\Application Data\Spamihilator
[2009/12/18 22:12:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\lilou\Application Data\Thunderbird
[2009/12/25 18:54:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\lilou\Application Data\TomTom

========== Purity Check ==========



========== Custom Scans ==========


<SYSTEMDRIVE>


<MD5>
[2008/08/09 09:20:59 | 022,282,803 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2008/09/27 08:36:29 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
[2008/08/09 09:20:59 | 022,282,803 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:AGP440.sys
[2008/09/27 08:36:29 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys
[2008/04/13 19:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008/04/13 19:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\dllcache\agp440.sys
[2008/04/13 19:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys
[2004/08/04 07:07:41 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\WINDOWS\$NtServicePackUninstall$\agp440.sys

<MD5>
[2002/08/30 13:00:00 | 010,179,564 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp1.cab:atapi.sys
[2008/08/09 09:20:59 | 022,282,803 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2008/09/27 08:36:29 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008/08/09 09:20:59 | 022,282,803 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:atapi.sys
[2008/09/27 08:36:29 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008/04/13 19:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\Driver Backup 11-8-2008-211356\Canal IDE principal\atapi.sys
[2008/04/13 19:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\Driver Backup 11-8-2008-211356\Canal IDE secondaire\atapi.sys
[2008/04/13 19:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008/04/13 19:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\ReinstallBackups\0002\DriverFiles\i386\atapi.sys
[2004/08/04 06:59:42 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys
[2008/04/13 19:40:30 | 000,096,512 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\atapi.sys

<MD5>
[2004/08/20 00:09:25 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=49B1376885340BF9EA0D99F71557B59A -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll
[2008/04/14 03:33:24 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=4EC800BDF80521B0207BD2301DFC7D14 -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008/04/14 03:33:24 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=4EC800BDF80521B0207BD2301DFC7D14 -- C:\WINDOWS\system32\eventlog.dll

<MD5>
[2008/04/14 03:33:34 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=04821179C3171554C1BD1F9888A113E2 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2008/04/14 03:33:34 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=04821179C3171554C1BD1F9888A113E2 -- C:\WINDOWS\system32\netlogon.dll
[2004/08/20 00:09:36 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=D4CFAC76926C24E32B7F25A35C31BC6E -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll

<MD5>
[2004/08/20 00:09:39 | 000,186,368 | ---- | M] (Microsoft Corporation) MD5=58D439F6EF73A2D9288B204E819F4BBD -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
[2008/04/14 03:33:40 | 000,187,392 | ---- | M] (Microsoft Corporation) MD5=973B36634C544948C663E8269AA1B3A3 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008/04/14 03:33:40 | 000,187,392 | ---- | M] (Microsoft Corporation) MD5=973B36634C544948C663E8269AA1B3A3 -- C:\WINDOWS\system32\scecli.dll

<systemroot>

<systemroot>
[3 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

<systemroot>

========== Alternate Data Streams ==========

@Alternate Data Stream - 120 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:C31F31E6
<End>
[2010/02/14 09:38:33 | 000,549,376 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\lilou\Bureau\OTL.exe
[2010/02/13 20:51:00 | 007,340,032 | -H-- | M] () -- C:\Documents and Settings\lilou\NTUSER.bak
[2010/02/13 20:49:33 | 007,213,056 | ---- | M] () -- C:\Documents and Settings\lilou\NTUSER.DAT
[2010/02/13 20:45:08 | 000,000,773 | ---- | M] () -- C:\Documents and Settings\lilou\Menu Démarrer\Programmes\Démarrage\ERUNT AutoBackup.lnk
[2010/02/13 20:45:08 | 000,000,000 | ---D | M] -- C:\Program Files\ERUNT
[2010/02/13 19:47:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2010/02/13 14:18:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\lilou\Local Settings\Application Data\Microsoft
[2010/02/13 13:36:53 | 000,089,004 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2010/02/13 13:33:34 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/02/13 13:33:29 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/02/13 13:30:27 | 000,000,184 | -HS- | M] () -- C:\Documents and Settings\lilou\ntuser.ini
[2010/02/13 10:38:48 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010/02/13 10:16:06 | 000,013,676 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/02/13 09:25:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\F-Secure
[2010/02/13 09:13:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sun
[2010/02/13 09:13:23 | 000,000,000 | ---D | M] -- C:\Program Files\Fichiers communs\Java
[2010/02/13 09:13:23 | 000,000,000 | ---D | M] -- C:\Program Files\Fichiers communs
[2010/02/13 09:12:12 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2010/02/13 09:12:12 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2010/02/13 09:12:12 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2010/02/13 09:12:12 | 000,073,728 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl
[2010/02/12 20:49:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\lilou\Application Data\Registry Booster
[2010/02/12 06:33:59 | 000,074,864 | ---- | M] () -- C:\Documents and Settings\lilou\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2010/02/12 06:23:35 | 000,290,088 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/02/08 18:28:12 | 000,004,608 | ---- | M] () -- C:\WINDOWS\System32\hmxpgoec.dll
[2010/02/08 18:28:12 | 000,001,018 | ---- | M] () -- C:\Documents and Settings\lilou\Bureau\Chess Openings Wizard.lnk
[2010/02/08 18:28:06 | 000,000,000 | ---D | M] -- C:\Program Files\Bookup
[2010/02/07 13:39:09 | 000,000,854 | ---- | M] () -- C:\WINDOWS\win.ini
[2010/02/07 13:39:09 | 000,000,000 | -H-D | M] -- C:\Program Files\InstallShield Installation Information
[2010/02/07 13:39:09 | 000,000,000 | ---D | M] -- C:\Program Files\ChessBase
[2010/02/07 13:39:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\lilou\Application Data\ChessBase
[2010/02/07 11:54:39 | 000,002,573 | ---- | M] () -- C:\Documents and Settings\lilou\Bureau\Microsoft Office Word 2003.lnk
[2010/02/07 11:08:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\lilou\Local Settings\Application Data\ChessBase
[2010/02/07 10:42:45 | 000,000,226 | ---- | M] () -- C:\WINDOWS\ChssBase.ini
[2010/02/05 21:21:23 | 000,001,735 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Adobe Reader 9.lnk
[2010/02/05 21:21:18 | 000,000,000 | ---D | M] -- C:\Program Files\Fichiers communs\Adobe
[2010/02/05 21:21:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Adobe
[2010/02/03 19:49:01 | 000,000,000 | ---D | M] -- C:\Program Files\Chess Opening Trainer
[2010/02/03 06:59:42 | 000,000,000 | ---D | M] -- C:\Program Files\Chess Position Trainer 3.2
[2010/02/03 06:56:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\lilou\Local Settings\Application Data\ApplicationHistory
[2010/01/31 18:07:25 | 000,000,143 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2010/01/31 11:52:39 | 000,000,036 | ---- | M] () -- C:\Documents and Settings\lilou\Local Settings\Application Data\housecall.guid.cache
[2010/01/31 11:16:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\lilou\Local Settings\Application Data\Thunderbird
[2010/01/31 11:16:33 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox
[2010/01/31 09:43:50 | 000,003,873 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\hpzinstall.log
[2010/01/30 11:14:37 | 000,000,000 | ---D | M] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/01/25 16:33:51 | 000,020,992 | ---- | M] () -- C:\Documents and Settings\lilou\Mes documents\Résiliation assurance scooter.doc
[2010/01/23 14:10:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\lilou\Application Data\Canon Easy-WebPrint EX
[2010/01/23 10:25:20 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonIJEGV
[2010/01/23 10:05:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\lilou\Application Data\Canon
[2010/01/23 10:04:00 | 000,000,000 | ---D | M] -- C:\Program Files\Internet Explorer
[2010/01/23 10:00:42 | 000,000,000 | ---D | M] -- C:\Program Files\Canon
[2010/01/23 09:59:38 | 000,000,000 | ---D | M] -- C:\Program Files\Fichiers communs\CANON
[2010/01/23 09:57:20 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonBJ
[2010/01/23 09:56:13 | 000,000,000 | -H-D | M] -- C:\Program Files\CanonBJ
[2010/01/22 05:43:42 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Silverlight
[2010/01/19 07:18:22 | 000,000,000 | ---D | M] -- C:\Program Files\eMule
[2010/01/19 06:12:59 | 000,000,000 | ---D | M] -- C:\Program Files\PC Tools Firewall Plus
[2010/01/09 18:00:27 | 000,044,032 | ---- | M] () -- C:\Documents and Settings\lilou\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/12/19 12:57:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\Adobe
[2009/11/04 19:41:53 | 000,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Application Data\Microsoft
[2009/08/09 11:06:37 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\LauncherAccess.dt
[2009/08/07 21:18:13 | 001,634,306 | -H-- | M] () -- C:\Documents and Settings\lilou\Local Settings\Application Data\IconCache.db
[2009/07/31 02:00:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft
[2009/02/01 22:54:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Google
[2008/08/19 21:02:23 | 000,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Application Data\Microsoft
[2008/08/15 10:42:03 | 000,000,128 | ---- | M] () -- C:\Documents and Settings\lilou\Local Settings\Application Data\fusioncache.dat
[2008/08/09 09:56:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft
[2008/08/07 19:31:17 | 000,000,062 | -HS- | M] () -- C:\Documents and Settings\lilou\Application Data\desktop.ini
[2008/08/07 19:31:17 | 000,000,062 | -HS- | M] () -- C:\Documents and Settings\All Users\Application Data\desktop.ini
[2006/06/29 13:58:52 | 000,030,808 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalUserInterface.CompositeFont
[2006/06/29 13:53:56 | 000,026,489 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalSansSerif.CompositeFont
[2006/04/18 14:39:28 | 000,029,779 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalSerif.CompositeFont
[2006/04/18 14:39:28 | 000,026,040 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalMonospace.CompositeFont
[6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010/02/14 09:38:33 | 000,549,376 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\lilou\Bureau\OTL.exe
[2010/02/13 20:51:00 | 007,340,032 | -H-- | M] () -- C:\Documents and Settings\lilou\NTUSER.bak
[2010/02/13 20:49:33 | 007,213,056 | ---- | M] () -- C:\Documents and Settings\lilou\NTUSER.DAT
[2010/02/13 20:45:08 | 000,000,773 | ---- | M] () -- C:\Documents and Settings\lilou\Menu Démarrer\Programmes\Démarrage\ERUNT AutoBackup.lnk
[2010/02/13 13:36:53 | 000,089,004 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2010/02/13 13:33:34 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/02/13 13:33:29 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/02/13 13:30:27 | 000,000,184 | -HS- | M] () -- C:\Documents and Settings\lilou\ntuser.ini
[2010/02/13 10:38:48 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010/02/13 10:16:06 | 000,013,676 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/02/13 09:12:12 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deploytk.dll
[2010/02/13 09:12:12 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2010/02/13 09:12:12 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2010/02/13 09:12:12 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2010/02/13 09:12:12 | 000,073,728 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl
[2010/02/12 06:33:59 | 000,074,864 | ---- | M] () -- C:\Documents and Settings\lilou\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2010/02/12 06:23:35 | 000,290,088 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/02/08 18:28:12 | 000,004,608 | ---- | M] () -- C:\WINDOWS\System32\hmxpgoec.dll
[2010/02/08 18:28:12 | 000,001,018 | ---- | M] () -- C:\Documents and Settings\lilou\Bureau\Chess Openings Wizard.lnk
[2010/02/07 13:39:09 | 000,000,854 | ---- | M] () -- C:\WINDOWS\win.ini
[2010/02/07 11:54:39 | 000,002,573 | ---- | M] () -- C:\Documents and Settings\lilou\Bureau\Microsoft Office Word 2003.lnk
[2010/02/07 10:42:45 | 000,000,226 | ---- | M] () -- C:\WINDOWS\ChssBase.ini
[2010/02/05 21:21:23 | 000,001,735 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Adobe Reader 9.lnk
[2010/01/31 18:07:25 | 000,000,143 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2010/01/31 11:52:39 | 000,000,036 | ---- | M] () -- C:\Documents and Settings\lilou\Local Settings\Application Data\housecall.guid.cache
[2010/01/25 16:33:51 | 000,020,992 | ---- | M] () -- C:\Documents and Settings\lilou\Mes documents\Résiliation assurance scooter.doc
[2010/01/19 06:12:50 | 000,115,216 | ---- | M] (PC Tools) -- C:\WINDOWS\System32\drivers\pctplfw.sys
[2010/01/19 06:12:49 | 000,070,664 | ---- | M] (PC Tools) -- C:\WINDOWS\System32\drivers\pctNdis-PacketFilter.sys
[2010/01/19 06:12:49 | 000,058,816 | ---- | M] (PC Tools) -- C:\WINDOWS\System32\drivers\pctNdis.sys
[2010/01/19 06:12:48 | 000,233,136 | ---- | M] (PC Tools) -- C:\WINDOWS\System32\drivers\pctgntdi.sys
[2010/01/19 06:12:48 | 000,032,680 | ---- | M] (PC Tools) -- C:\WINDOWS\System32\drivers\pctNdis-DNS.sys
[6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== LOP Check ==========

[2010/01/23 09:57:20 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonBJ
[2010/01/23 10:25:20 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonIJEGV
[2009/11/14 09:15:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ChessBase
[2008/09/27 10:13:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\eXPert PDF 4
[2010/02/13 09:25:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\F-Secure
[2008/08/27 09:58:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\IM
[2008/08/27 09:57:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\IncrediMail
[2008/11/10 20:44:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Planit Fusion Live But
[2009/11/25 18:36:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Seagate
[2010/02/13 19:47:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2009/12/25 18:55:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TomTom
[2008/10/15 19:57:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\lilou\Application Data\Anuman Interactive
[2010/01/23 10:05:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\lilou\Application Data\Canon
[2010/01/23 14:10:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\lilou\Application Data\Canon Easy-WebPrint EX
[2009/12/08 20:48:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\lilou\Application Data\Chess Tutor
[2010/02/07 13:39:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\lilou\Application Data\ChessBase
[2009/03/22 17:12:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\lilou\Application Data\Common Files
[2008/08/07 20:21:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\lilou\Application Data\EoRezo
[2008/09/27 20:42:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\lilou\Application Data\eXPert PDF Editor
[2008/11/25 20:31:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\lilou\Application Data\GARMIN
[2009/12/10 09:53:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\lilou\Application Data\HouseCall 6.6
[2008/08/07 20:15:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\lilou\Application Data\ItsLabel
[2009/11/26 11:46:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\lilou\Application Data\Leadertech
[2009/11/16 13:06:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\lilou\Application Data\LimeWire
[2009/11/08 09:38:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\lilou\Application Data\OpenOffice.org
[2009/12/30 16:54:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\lilou\Application Data\PCToolsFirewallPlus
[2008/11/10 20:44:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\lilou\Application Data\Planit International
[2010/02/12 20:49:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\lilou\Application Data\Registry Booster
[2009/06/03 20:32:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\lilou\Application Data\Samsung
[2008/08/07 20:22:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\lilou\Application Data\Smart PC Solutions
[2009/12/08 19:50:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\lilou\Application Data\Spamihilator
[2009/12/18 22:12:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\lilou\Application Data\Thunderbird
[2009/12/25 18:54:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\lilou\Application Data\TomTom

========== Purity Check ==========



========== Custom Scans ==========


<SYSTEMDRIVE>


<MD5>
[2008/08/09 09:20:59 | 022,282,803 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2008/09/27 08:36:29 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
[2008/08/09 09:20:59 | 022,282,803 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:AGP440.sys
[2008/09/27 08:36:29 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys
[2008/04/13 19:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008/04/13 19:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\dllcache\agp440.sys
[2008/04/13 19:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys
[2004/08/04 07:07:41 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\WINDOWS\$NtServicePackUninstall$\agp440.sys

<MD5>
[2002/08/30 13:00:00 | 010,179,564 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp1.cab:atapi.sys
[2008/08/09 09:20:59 | 022,282,803 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2008/09/27 08:36:29 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008/08/09 09:20:59 | 022,282,803 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:atapi.sys
[2008/09/27 08:36:29 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008/04/13 19:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\Driver Backup 11-8-2008-211356\Canal IDE principal\atapi.s
lm33980
 
Messages: 11
Inscription: 13 Déc 2009, 10:34


Retourner vers Sécurité (Contamination - Décontamination)

Qui est en ligne

Utilisateurs parcourant ce forum: Aucun utilisateur enregistré et 26 invités