Demande d'analyse de logs

Sécurité et insécurité. Virus, Trojans, Spywares, Failles etc. …

Modérateur: Modérateurs et Modératrices

Règles du forum
Assiste.com a suspendu l'assistance à la décontamination après presque 15 ans sur l'ancien forum puis celui-ci. Voir :

Procédure de décontamination 1 - Anti-malware
Décontamination anti-malwares

Procédure de décontamination 2 - Anti-malware et antivirus (La Manip)
La Manip - Procédure standard de décontamination

Entretien périodique d'un PC sous Windows
Entretien périodique d'un PC sous Windows

Protection des navigateurs, de la navigation et de la vie privée
Protéger le navigateur, la navigation et la vie privée

Demande d'analyse de logs

Messagede gordito78 » 22 Fév 2010, 19:40

Bonsoir,

Suite à des erreurs systèmes (bluescreen, messages d'erreurs et plantages dans outlook et IE)
Outlook : Gestionnaire de contacts professionnels pour outlook
Message:
Code: Tout sélectionner
[C:\Windows\assembly\GAC_32\Microsoft.BusinessSolutions.eCRM.OutlookAddIn\3.0.0.0__31bf3856ad364e35\Microsoft.BusinessSolutions.eCRM.OutlookAddIn.dll] Jeton de chaîne incorrect.

Je me permet de vous envoyer mes logs.
J'ai suivi scrupuleusement la procédure détaillée dans le sujet : http://assiste.forum.free.fr/viewtopic.php?t=23982
Pour info : Je n'ai pas pu desactiver McAffe pendant les analyses

Voilà, je pense que tout y est,
merci par avance et bon courrage.


Code: Tout sélectionner
Malwarebytes' Anti-Malware 1.44
Version de la base de données: 3776
Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.18882

22/02/2010 19:05:52
mbam-log-2010-02-22 (19-05-27).txt

Type de recherche: Examen rapide
Eléments examinés: 108015
Temps écoulé: 5 minute(s), 11 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 1
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 3

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\fcn (Rogue.Residue) -> No action taken.

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
C:\Users\Karlo\Local Settings\Application Data\hhiijjkk_navps.dat (Adware.Navipromo.H) -> No action taken.
C:\Users\Karlo\Local Settings\Application Data\hhiijjkk_nav.dat (Adware.Navipromo.H) -> No action taken.
C:\Users\Karlo\Local Settings\Application Data\hhiijjkk.dat (Adware.Navipromo.H) -> No action taken.
[/code]
gordito78
 
Messages: 4
Inscription: 22 Fév 2010, 19:28

OTL.txt

Messagede gordito78 » 22 Fév 2010, 19:42

OTL logfile created on: 22/02/2010 19:08:56 - Run 1
OTL by OldTimer - Version 3.1.30.1 Folder = C:\Users\Karlo\Desktop
Windows Vista Business Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18882)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 61,00% Memory free
7,00 Gb Paging File | 6,00 Gb Available in Paging File | 83,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 173,69 Gb Total Space | 78,01 Gb Free Space | 44,91% Space Free | Partition Type: NTFS
Drive D: | 10,00 Gb Total Space | 5,53 Gb Free Space | 55,30% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
Drive F: | 3,69 Gb Total Space | 1,75 Gb Free Space | 47,47% Space Free | Partition Type: FAT32
G: Drive not present or media not loaded
Drive H: | 249,00 Mb Total Space | 82,04 Mb Free Space | 32,95% Space Free | Partition Type: FAT
I: Drive not present or media not loaded
Drive Z: | 219,84 Gb Total Space | 153,68 Gb Free Space | 69,90% Space Free | Partition Type: NTFS

Computer Name: PC-DE-KARLO
Current User Name: Karlo
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2010/02/22 18:47:42 | 000,549,376 | ---- | M] (OldTimer Tools) -- C:\Users\Karlo\Desktop\OTL.exe
PRC - [2010/01/02 07:40:20 | 000,638,216 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Internet Explorer\iexplore.exe
PRC - [2009/12/18 10:03:12 | 000,472,384 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\Managed VirusScan\DesktopUI\XTray.exe
PRC - [2009/12/18 10:01:08 | 000,282,824 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\Managed VirusScan\Agent\myAgtSvc.exe
PRC - [2009/12/18 02:38:57 | 000,624,056 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\Adobe\Acrobat 8.0\Acrobat\acrotray.exe
PRC - [2009/12/15 14:22:34 | 000,144,704 | ---- | M] (McAfee, Inc.) -- C:\PROGRA~1\McAfee\MANAGE~1\VScan\McShield.exe
PRC - [2009/12/15 14:21:04 | 000,014,144 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\Managed VirusScan\VScan\EngineServer.exe
PRC - [2009/11/10 09:12:52 | 000,030,192 | ---- | M] (Google) -- C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
PRC - [2009/10/11 04:17:36 | 000,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jusched.exe
PRC - [2009/04/11 07:28:08 | 000,037,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\unsecapp.exe
PRC - [2009/04/11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009/04/11 07:27:28 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conime.exe
PRC - [2008/11/24 22:31:12 | 000,087,904 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
PRC - [2008/11/24 22:31:08 | 000,239,968 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
PRC - [2008/09/03 11:54:00 | 000,196,608 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvvsvc.exe
PRC - [2008/04/29 09:59:44 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
PRC - [2008/04/16 12:02:36 | 000,068,856 | ---- | M] (Google Inc.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
PRC - [2008/04/01 19:49:42 | 000,036,352 | ---- | M] () -- C:\Program Files\Winamp\winampa.exe
PRC - [2008/03/04 21:42:40 | 000,595,184 | ---- | M] ( ) -- C:\Windows\System32\dldncoms.exe
PRC - [2008/01/19 08:33:40 | 000,142,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WUDFHost.exe
PRC - [2008/01/19 08:33:39 | 000,202,240 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnscfg.exe
PRC - [2008/01/19 08:33:15 | 000,095,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mobsync.exe
PRC - [2008/01/16 08:46:24 | 000,030,312 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
PRC - [2008/01/02 04:44:38 | 000,405,504 | ---- | M] (IDT, Inc.) -- C:\Program Files\Sigmatel\C-Major Audio\WDM\sttray.exe
PRC - [2008/01/02 04:44:32 | 000,102,400 | ---- | M] (IDT, Inc.) -- C:\Windows\System32\stacsv.exe
PRC - [2008/01/02 04:44:26 | 000,073,728 | ---- | M] (Andrea Electronics Corporation) -- C:\Windows\System32\AEstSrv.exe
PRC - [2007/12/03 07:05:22 | 000,036,864 | ---- | M] (Creative Technology Ltd.) -- C:\Windows\OEM04Mon.exe
PRC - [2007/11/01 15:39:28 | 000,189,736 | ---- | M] (CyberLink Corp.) -- C:\Program Files\Dell\MediaDirect\PCMService.exe
PRC - [2007/10/26 23:39:14 | 000,095,528 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
PRC - [2007/10/26 23:39:04 | 001,029,416 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
PRC - [2007/08/30 16:43:18 | 000,103,664 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
PRC - [2007/07/25 16:41:42 | 000,647,168 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
PRC - [2007/07/25 16:22:44 | 000,327,680 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
PRC - [2007/05/31 08:21:28 | 000,648,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\WindowsMobile\wmdc.exe
PRC - [2007/04/27 08:34:18 | 001,123,872 | ---- | M] (Dell Inc) -- C:\Program Files\Dell\QuickSet\quickset.exe
PRC - [2007/03/28 19:47:34 | 000,021,504 | ---- | M] (UPEK Inc.) -- C:\Program Files\Protector Suite QL\upeksvr.exe
PRC - [2007/03/28 19:30:18 | 000,053,776 | ---- | M] (UPEK Inc.) -- C:\Program Files\Protector Suite QL\psqltray.exe
PRC - [2006/11/03 17:55:50 | 000,703,280 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
PRC - [2006/11/03 17:55:48 | 001,583,920 | ---- | M] (Broadcom Corporation.) -- c:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe


========== Modules (SafeList) ==========

MOD - [2010/02/22 18:47:42 | 000,549,376 | ---- | M] (OldTimer Tools) -- C:\Users\Karlo\Desktop\OTL.exe
MOD - [2009/04/11 07:21:38 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0\comctl32.dll
MOD - [2007/04/27 08:34:24 | 000,103,968 | ---- | M] () -- C:\Program Files\Dell\QuickSet\dadkeyb.dll
MOD - [2006/11/03 17:46:24 | 000,126,976 | ---- | M] () -- C:\Program Files\WIDCOMM\Bluetooth Software\btkeyind.dll


========== Win32 Services (SafeList) ==========

SRV - [2009/12/18 10:01:08 | 000,282,824 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\McAfee\Managed VirusScan\Agent\myAgtSvc.exe -- (myAgtSvc)
SRV - [2009/12/15 14:22:34 | 000,144,704 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\PROGRA~1\McAfee\MANAGE~1\VScan\McShield.exe -- (McShield)
SRV - [2009/12/15 14:21:04 | 000,014,144 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\McAfee\Managed VirusScan\VScan\EngineServer.exe -- (EngineServer)
SRV - [2009/11/10 09:12:52 | 000,030,192 | ---- | M] (Google) [On_Demand | Stopped] -- C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe -- (GoogleDesktopManager-093009-130223)
SRV - [2009/09/25 02:27:04 | 000,793,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\FntCache.dll -- (FontCache)
SRV - [2009/08/07 14:34:24 | 000,133,104 | ---- | M] (Google Inc.) [Auto | Stopped] -- C:\Program Files\Google\Update\GoogleUpdate.exe -- (gupdate) Service Google Update (gupdate)
SRV - [2009/08/05 22:48:42 | 000,704,864 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Live\Family Safety\fsssvc.exe -- (fsssvc)
SRV - [2009/06/10 13:40:23 | 000,182,768 | ---- | M] (Google) [On_Demand | Stopped] -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc)
SRV - [2009/05/27 02:27:04 | 029,262,680 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe -- (MSSQL$MSSMLBIZ) SQL Server (MSSMLBIZ)
SRV - [2008/11/24 22:31:12 | 000,087,904 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe -- (SQLWriter)
SRV - [2008/11/24 22:31:08 | 000,239,968 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe -- (SQLBrowser)
SRV - [2008/11/24 22:31:08 | 000,045,408 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- c:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe -- (MSSQLServerADHelper)
SRV - [2008/11/04 00:06:28 | 000,441,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv)
SRV - [2008/09/03 11:54:00 | 000,196,608 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Windows\System32\nvvsvc.exe -- (nvsvc)
SRV - [2008/04/29 09:59:44 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Running] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2008/03/04 21:42:44 | 000,099,568 | ---- | M] () [Auto | Stopped] -- C:\Windows\System32\spool\DRIVERS\W32X86\3\\dldnserv.exe -- (dldnCATSCustConnectService)
SRV - [2008/03/04 21:42:40 | 000,595,184 | ---- | M] ( ) [Auto | Running] -- C:\Windows\System32\dldncoms.exe -- (dldn_device)
SRV - [2008/01/19 08:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)
SRV - [2008/01/16 08:46:24 | 000,030,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe -- (BcmSqlStartupSvc)
SRV - [2008/01/02 04:44:32 | 000,102,400 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\System32\stacsv.exe -- (STacSV)
SRV - [2008/01/02 04:44:26 | 000,073,728 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\System32\AEstSrv.exe -- (AESTFilters)
SRV - [2007/12/02 18:34:30 | 000,074,384 | R--- | M] (MicroVision Development, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\SureThing Shared\stllssvr.exe -- (stllssvr)
SRV - [2007/07/25 16:41:42 | 000,647,168 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Wireless\Bin\EvtEng.exe -- (EvtEng) Intel(R)
SRV - [2007/07/25 16:22:44 | 000,327,680 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe -- (RegSrvc) Intel(R)
SRV - [2007/05/31 08:21:24 | 000,379,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2007/05/31 08:21:18 | 000,183,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)
SRV - [2006/10/26 14:03:08 | 000,145,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose)


========== Driver Services (SafeList) ==========

DRV - [2010/02/19 09:15:38 | 000,066,632 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys -- (SASKUTIL)
DRV - [2010/02/19 09:15:38 | 000,012,872 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS -- (SASDIFSV)
DRV - [2010/02/19 09:15:38 | 000,012,872 | ---- | M] ( SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | On_Demand | Running] -- C:\Program Files\SUPERAntiSpyware\SASENUM.SYS -- (SASENUM)
DRV - [2009/12/15 14:29:52 | 000,055,304 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\mfetdik.sys -- (mfetdik)
DRV - [2009/12/15 14:29:42 | 000,034,248 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mferkdk.sys -- (MfeRKDK)
DRV - [2009/12/15 14:29:34 | 000,214,664 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\mfehidk.sys -- (mfehidk)
DRV - [2009/12/15 14:29:30 | 000,035,272 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mfebopk.sys -- (MfeBOPK)
DRV - [2009/12/15 14:29:26 | 000,079,816 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mfeavfk.sys -- (MfeAVFK)
DRV - [2009/09/15 16:57:05 | 000,721,904 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\sptd.sys -- (sptd)
DRV - [2009/08/05 22:48:42 | 000,054,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\fssfltr.sys -- (fssfltr)
DRV - [2009/04/11 05:46:08 | 000,015,872 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usb8023x.sys -- (usb_rndisx)
DRV - [2008/09/03 11:54:00 | 007,583,552 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2008/04/16 19:36:34 | 000,020,152 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\viaide.sys -- (viaide)
DRV - [2008/04/16 19:36:34 | 000,019,128 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide)
DRV - [2008/04/16 19:36:34 | 000,017,592 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\aliide.sys -- (aliide)
DRV - [2008/01/19 07:14:59 | 000,016,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV - [2008/01/02 04:44:40 | 000,330,240 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\stwrt.sys -- (STHDA)
DRV - [2007/12/03 07:05:32 | 000,234,720 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\OEM04Vid.sys -- (OEM04Vid)
DRV - [2007/12/03 07:05:28 | 000,007,424 | ---- | M] (EyePower Games Pte. Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\OEM04Vfx.sys -- (OEM04Vfx)
DRV - [2007/11/14 03:00:00 | 000,043,840 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\PxHelp20.sys -- (PxHelp20)
DRV - [2007/10/26 23:39:08 | 000,193,456 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SynTP.sys -- (SynTP)
DRV - [2007/08/13 10:44:26 | 002,226,688 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NETw4v32.sys -- (NETw4v32) Pilote de carte Intel(R)
DRV - [2007/05/24 13:35:02 | 000,179,712 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\b57nd60x.sys -- (b57nd60x)
DRV - [2007/04/26 06:23:58 | 000,277,784 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\iastor.sys -- (iaStor)
DRV - [2007/03/28 19:15:34 | 000,046,992 | ---- | M] (UPEK Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tcusb.sys -- (TcUsb)
DRV - [2007/02/28 12:25:46 | 000,037,376 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rixdptsk.sys -- (rismxdp)
DRV - [2007/02/28 12:25:44 | 000,043,520 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2007/02/28 12:25:44 | 000,032,256 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2006/11/07 02:37:16 | 000,078,128 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\btwaudio.sys -- (btwaudio)
DRV - [2006/11/07 00:13:52 | 000,016,560 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\btwrchid.sys -- (btwrchid)
DRV - [2006/11/07 00:13:50 | 000,080,176 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\btwavdt.sys -- (btwavdt)
DRV - [2006/11/02 10:51:45 | 000,900,712 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300)
DRV - [2006/11/02 10:51:38 | 000,420,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx)
DRV - [2006/11/02 10:51:34 | 000,316,520 | ---- | M] (Emulex) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor)
DRV - [2006/11/02 10:51:32 | 000,297,576 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci)
DRV - [2006/11/02 10:51:25 | 000,235,112 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci)
DRV - [2006/11/02 10:51:25 | 000,232,040 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV)
DRV - [2006/11/02 10:51:00 | 000,147,048 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320)
DRV - [2006/11/02 10:50:45 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2)
DRV - [2006/11/02 10:50:41 | 000,112,232 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid)
DRV - [2006/11/02 10:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx)
DRV - [2006/11/02 10:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata)
DRV - [2006/11/02 10:50:35 | 000,098,408 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m)
DRV - [2006/11/02 10:50:24 | 000,088,680 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid)
DRV - [2006/11/02 10:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960)
DRV - [2006/11/02 10:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp)
DRV - [2006/11/02 10:50:16 | 000,071,784 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4)
DRV - [2006/11/02 10:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor)
DRV - [2006/11/02 10:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx)
DRV - [2006/11/02 10:50:10 | 000,067,688 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas)
DRV - [2006/11/02 10:50:10 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI)
DRV - [2006/11/02 10:50:10 | 000,038,504 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid2.sys -- (SiSRaid2)
DRV - [2006/11/02 10:50:10 | 000,037,480 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs)
DRV - [2006/11/02 10:50:09 | 000,067,688 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arc.sys -- (arc)
DRV - [2006/11/02 10:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid)
DRV - [2006/11/02 10:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi)
DRV - [2006/11/02 10:50:05 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS)
DRV - [2006/11/02 10:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx)
DRV - [2006/11/02 10:50:04 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC)
DRV - [2006/11/02 10:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3)
DRV - [2006/11/02 10:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x)
DRV - [2006/11/02 10:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi)
DRV - [2006/11/02 10:49:53 | 000,028,776 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasas.sys -- (megasas)
DRV - [2006/11/02 09:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
DRV - [2006/11/02 09:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer)
DRV - [2006/11/02 09:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp)
DRV - [2006/11/02 09:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo)
DRV - [2006/11/02 09:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm)
DRV - [2006/11/02 09:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm)
DRV - [2006/11/02 08:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi)
DRV - [2006/11/02 08:36:43 | 002,028,032 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (R300)
DRV - [2006/11/02 08:30:55 | 000,200,704 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\e1e6032.sys -- (e1express) Pilote de la connexion réseau Intel(R)
DRV - [2006/11/02 08:30:54 | 000,117,760 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel(R)
DRV - [2006/11/02 07:37:21 | 000,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\secdrv.sys -- (secdrv)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========



IE - HKU\.DEFAULT\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-1550942879-4069634277-2589869334-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = [Binary data over 100 bytes]
IE - HKU\S-1-5-21-1550942879-4069634277-2589869334-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.cnettv.fr/
IE - HKU\S-1-5-21-1550942879-4069634277-2589869334-1003\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-1550942879-4069634277-2589869334-1003\S-1-5-21-1550942879-4069634277-2589869334-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:1.6.6.20090220

FF - HKLM\software\mozilla\Mozilla Firefox 3.0.5\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2009/11/11 13:25:10 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.5\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/01/18 09:38:34 | 000,000,000 | ---D | M]

[2009/01/12 12:34:07 | 000,000,000 | ---D | M] -- C:\Users\Karlo\AppData\Roaming\mozilla\Extensions
[2009/10/14 08:44:56 | 000,000,000 | ---D | M] -- C:\Users\Karlo\AppData\Roaming\mozilla\Firefox\Profiles\axoriv3q.default\extensions
[2009/06/18 14:44:39 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Users\Karlo\AppData\Roaming\mozilla\Firefox\Profiles\axoriv3q.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2009/10/14 08:44:55 | 000,000,000 | ---D | M] -- C:\Users\Karlo\AppData\Roaming\mozilla\Firefox\Profiles\axoriv3q.default\extensions\staged-xpis
[2009/12/08 09:40:44 | 000,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions
[2006/09/10 12:35:08 | 000,001,516 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-france.xml
[2008/09/28 08:10:26 | 000,000,757 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-france.xml
[2006/09/10 12:35:08 | 000,000,748 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\MediaDICO-fr.xml
[2008/03/29 14:59:44 | 000,001,426 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-fr.xml
[2006/09/12 19:49:04 | 000,000,652 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-france.xml

O1 HOSTS File: ([2006/09/18 22:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Aide pour le lien d'Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Skype add-on (mastermind)) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O2 - BHO: (Windows Live Family Safety Browser Helper Class) - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll (Microsoft Corporation)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll (Google Inc.)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll (Google Inc.)
O2 - BHO: (Google Dictionary Compression sdch) - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll (Google Inc.)
O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll (Dell Inc.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKU\S-1-5-21-1550942879-4069634277-2589869334-1003\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll (Google Inc.)
O3 - HKU\S-1-5-21-1550942879-4069634277-2589869334-1003\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [Adobe ARM] C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [DELL Webcam Manager] C:\Program Files\Dell\Dell Webcam Manager\DellWMgr.exe (Creative Technology Ltd.)
O4 - HKLM..\Run: [dscactivate] C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe ( )
O4 - HKLM..\Run: [ECenter] C:\DELL\E-Center\EULALauncher.exe ( )
O4 - HKLM..\Run: [fssui] C:\Program Files\Windows Live\Family Safety\fsui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Google Desktop Search] C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (Google)
O4 - HKLM..\Run: [MVS Splash] C:\Program Files\McAfee\Managed VirusScan\DesktopUI\XTray.exe (McAfee, Inc.)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NVHotkey] C:\Windows\System32\nvHotkey.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [OEM04Mon.exe] C:\Windows\OEM04Mon.exe (Creative Technology Ltd.)
O4 - HKLM..\Run: [PCMService] C:\Program Files\Dell\MediaDirect\PCMService.exe (CyberLink Corp.)
O4 - HKLM..\Run: [PSQLLauncher] C:\Program Files\Protector Suite QL\launcher.exe (UPEK Inc.)
O4 - HKLM..\Run: [SigmatelSysTrayApp] C:\Program Files\SigmaTel\C-Major Audio\WDM\sttray.exe (IDT, Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics, Inc.)
O4 - HKLM..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe ()
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Windows Mobile Device Center] C:\Windows\WindowsMobile\wmdc.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-1550942879-4069634277-2589869334-1003..\Run: [Google Update] C:\Users\Karlo\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.)
O4 - HKU\S-1-5-21-1550942879-4069634277-2589869334-1003..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
O4 - HKU\S-1-5-21-1550942879-4069634277-2589869334-1003..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - HKU\S-1-5-21-1550942879-4069634277-2589869334-1003..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-1550942879-4069634277-2589869334-1003..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-1550942879-4069634277-2589869334-1003..\Run: [Yahoo! Pager] C:\Programmes\Yahoo!\Messenger\YahooMessenger.exe File not found
O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKU\S-1-5-21-1550942879-4069634277-2589869334-1003..\RunOnce: [Shockwave Updater] C:\Windows\System32\Adobe\SHOCKW~1\SWHELP~1.EXE -Update -1103471 -Mozilla\4.0 (compatible; MSIE 7.0; Windows NT 6.0; Trident\4.0; File not found
O4 - Startup: C:\Users\Karlo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\La Chaîne Météo.lnk = C:\Program Files\La Chaîne Météo\La Chaîne Météo.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableCAD = 1
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-21-1550942879-4069634277-2589869334-1003\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-21-1550942879-4069634277-2589869334-1003_Classes\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Ajouter au fichier PDF existant - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convertir en Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convertir la cible du lien en Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convertir la cible du lien en un fichier PDF existant - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convertir la sélection en Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convertir la sélection en un fichier PDF existant - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convertir les liens sélectionnés en fichier Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convertir les liens sélectionnés en un fichier PDF existant - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Envoyer au périphérique &Bluetooth... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O8 - Extra context menu item: Envoyer l'&image au périphérique Bluetooth... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O9 - Extra Button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra Button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O13 - gopher Prefix: missing
O15 - HKLM\..Trusted Domains: //about.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //Exclude.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //LanguageSelection.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //Message.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //MyAgttryCmd.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //MyAgttryNag.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //MyNotification.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //NOCLessUpdate.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //quarantine.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //ScanNow.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //strings.vbs/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //Template.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //Update.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //VirFound.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafee.com ([*] http in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafee.com ([*] https in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafeeasap.com ([betavscan] http in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafeeasap.com ([betavscan] https in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafeeasap.com ([vs] http in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafeeasap.com ([vs] https in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafeeasap.com ([www] http in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafeeasap.com ([www] https in Trusted sites)
O15 - HKLM\..Trusted Domains: 2 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKU\.DEFAULT\..Trusted Domains: localhost ([]http in Intranet local)
O15 - HKU\.DEFAULT\..Trusted Ranges: GD ([http] in Intranet local)
O15 - HKU\S-1-5-18\..Trusted Domains: localhost ([]http in Intranet local)
O15 - HKU\S-1-5-18\..Trusted Ranges: GD ([http] in Intranet local)
O15 - HKU\S-1-5-21-1550942879-4069634277-2589869334-1003\..Trusted Domains: localhost ([]http in Intranet local)
O15 - HKU\S-1-5-21-1550942879-4069634277-2589869334-1003\..Trusted Ranges: GD ([http] in Intranet local)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_17)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 194.2.0.20 194.2.0.50
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\PROGRA~1\COMMON~1\MICROS~1\WEBCOM~1\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\myrm {4D034FC3-013F-4b95-B544-44D49ABE3E76} - C:\Program Files\McAfee\Managed VirusScan\Agent\MyRmProt5.0.0.705.dll (McAfee, Inc.)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\x-sdch {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll (Google Inc.)
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL) - C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL (Google)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: GinaDLL - (vrlogon.dll) - C:\Windows\System32\vrlogon.dll (UPEK Inc.)
O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O20 - Winlogon\Notify\psfus: DllName - C:\Windows\system32\psqlpwd.dll - C:\Windows\System32\psqlpwd.dll (UPEK Inc.)
O24 - Desktop WallPaper: C:\Users\Karlo\AppData\Roaming\Microsoft\Windows Photo Gallery\Papier peint de la Galerie de photos Windows.jpg
O24 - Desktop BackupWallPaper: C:\Users\Karlo\AppData\Roaming\Microsoft\Windows Photo Gallery\Papier peint de la Galerie de photos Windows.jpg
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{01464446-4cc4-11dd-abb4-001f3ae3daaf}\Shell\Auto\command - "" = H:\AdobeR.exe -- File not found
O33 - MountPoints2\{189f1fb1-8b0b-11de-8cfb-001f3ae3daaf}\Shell - "" = AutoRun
O33 - MountPoints2\{189f1fb1-8b0b-11de-8cfb-001f3ae3daaf}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- File not found
O33 - MountPoints2\{189f1fe5-8b0b-11de-8cfb-001f3ae3daaf}\Shell - "" = AutoRun
O33 - MountPoints2\{189f1fe5-8b0b-11de-8cfb-001f3ae3daaf}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- File not found
O33 - MountPoints2\{1c8788e7-c1e3-11dd-b5c5-001f3ae3daaf}\Shell - "" = AutoRun
O33 - MountPoints2\{1c8788e7-c1e3-11dd-b5c5-001f3ae3daaf}\Shell\AutoRun\command - "" = G:\LaunchU3.exe -- File not found
O33 - MountPoints2\{2c14afb1-8b38-11de-8633-001f3ae3daaf}\Shell - "" = AutoRun
O33 - MountPoints2\{2c14afb1-8b38-11de-8633-001f3ae3daaf}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- File not found
O33 - MountPoints2\{2c14afbb-8b38-11de-8633-001f3ae3daaf}\Shell - "" = AutoRun
O33 - MountPoints2\{2c14afbb-8b38-11de-8633-001f3ae3daaf}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- File not found
O33 - MountPoints2\{2f61efc7-f2fa-11dd-9ca1-001d09438c78}\Shell\AutoRun\command - "" = F:\wd_windows_tools\setup.exe -- File not found
O33 - MountPoints2\{ab9fb450-a210-11de-a2bc-001f3ae3daaf}\Shell - "" = AutoRun
O33 - MountPoints2\{ab9fb450-a210-11de-a2bc-001f3ae3daaf}\Shell\AutoRun\command - "" = G:\AutoRun.exe -- File not found
O33 - MountPoints2\{b0ac22ec-07cb-11de-8d32-001f3ae3daaf}\Shell\AutoRun\command - "" = F:\EmDesk.exe -- File not found
O33 - MountPoints2\{b0ac22ec-07cb-11de-8d32-001f3ae3daaf}\Shell\EmDesk\command - "" = F:\EmDesk.exe -- File not found
O33 - MountPoints2\{ff08324b-dc23-11dd-892e-001f3ae3daaf}\Shell - "" = AutoRun
O33 - MountPoints2\{ff08324b-dc23-11dd-892e-001f3ae3daaf}\Shell\AutoRun\command - "" = F:\VMC_PBStarter.exe -- File not found
O33 - MountPoints2\{ff083256-dc23-11dd-892e-001f3ae3daaf}\Shell - "" = AutoRun
O33 - MountPoints2\{ff083256-dc23-11dd-892e-001f3ae3daaf}\Shell\AutoRun\command - "" = F:\VMC_PBStarter.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - comfile [open] -- "%1" %*
O35 - exefile [open] -- "%1" %*

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias [2008/08/06 08:46:50 | 000,000,000 | ---D | M]
NetSvcs: Irmon - C:\Windows\System32\irmon.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: Wmi - C:\Windows\System32\wmi.dll (Microsoft Corporation)
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found

========== Files/Folders - Created Within 30 Days ==========

[2010/02/22 18:55:39 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2010/02/22 18:53:28 | 000,000,000 | ---D | C] -- C:\Program Files\ERUNT
[2010/02/22 18:50:19 | 000,000,000 | ---D | C] -- C:\Users\Karlo\AppData\Roaming\Malwarebytes
[2010/02/22 18:50:14 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010/02/22 18:50:13 | 000,019,160 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010/02/22 18:50:13 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/02/22 18:50:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010/02/22 18:47:34 | 000,549,376 | ---- | C] (OldTimer Tools) -- C:\Users\Karlo\Desktop\OTL.exe
[2010/02/22 18:02:02 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2010/02/22 18:02:02 | 000,000,000 | ---D | C] -- C:\rsit
[2010/02/22 11:10:01 | 000,000,000 | -HSD | C] -- C:\Windows\System32\%APPDATA%
[2010/02/22 10:47:02 | 000,029,272 | R--- | C] (Adobe Systems Incorporated.) -- C:\Windows\System32\AdobePDF.dll
[2010/02/11 11:03:18 | 000,000,000 | ---D | C] -- C:\Users\Karlo\AppData\Roaming\HEIDENHAIN
[2010/02/11 11:02:57 | 000,000,000 | ---D | C] -- C:\Program Files\HEIDENHAIN
[2010/02/11 11:02:44 | 000,299,520 | ---- | C] (InstallShield Corporation, Inc.) -- C:\Windows\uninst.exe
[2010/02/11 11:02:20 | 000,000,000 | ---D | C] -- C:\Users\Karlo\Desktop\32495707_Accom_V29_en_WinXP
[2010/02/10 12:10:35 | 003,600,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2010/02/10 12:10:34 | 003,548,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2010/02/10 12:10:22 | 001,314,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\quartz.dll
[2010/02/10 12:10:21 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mciavi32.dll
[2010/02/10 12:10:20 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msvfw32.dll
[2010/02/10 12:10:20 | 000,091,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\avifil32.dll
[2010/02/08 12:10:25 | 000,000,000 | ---D | C] -- C:\Program Files\adslTV
[2010/01/25 09:24:00 | 000,594,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2010/01/25 09:24:00 | 000,387,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2010/01/25 09:23:59 | 001,638,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2010/01/25 09:23:59 | 001,469,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2010/01/25 09:23:59 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2010/01/25 09:23:59 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2010/01/25 09:23:59 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2010/01/25 09:23:59 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2010/01/25 09:23:59 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2010/01/25 09:23:59 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2010/01/25 09:23:59 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2010/01/25 09:23:59 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2010/01/25 09:23:59 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2010/01/25 09:23:59 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2008/01/23 19:49:00 | 000,647,168 | ---- | C] ( ) -- C:\Windows\System32\dldnpmui.dll
[2008/01/23 19:45:58 | 001,105,920 | ---- | C] ( ) -- C:\Windows\System32\dldnserv.dll
[2008/01/23 19:42:42 | 000,569,344 | ---- | C] ( ) -- C:\Windows\System32\dldnlmpm.dll
[2008/01/23 19:42:40 | 000,339,968 | ---- | C] ( ) -- C:\Windows\System32\dldniesc.dll
[2008/01/23 19:42:28 | 000,376,832 | ---- | C] ( ) -- C:\Windows\System32\dldncomm.dll
[2008/01/23 19:41:26 | 000,663,552 | ---- | C] ( ) -- C:\Windows\System32\dldnhbn3.dll
[2008/01/23 19:41:00 | 000,843,776 | ---- | C] ( ) -- C:\Windows\System32\dldnusb1.dll
[2008/01/23 19:40:30 | 000,851,968 | ---- | C] ( ) -- C:\Windows\System32\dldncomc.dll
[2008/01/23 19:39:24 | 000,053,248 | ---- | C] ( ) -- C:\Windows\System32\dldnprox.dll
[2008/01/23 19:37:30 | 000,364,544 | ---- | C] ( ) -- C:\Windows\System32\dldninpa.dll
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010/02/22 19:15:48 | 004,194,304 | -HS- | M] () -- C:\Users\Karlo\NTUSER.DAT
[2010/02/22 19:04:01 | 000,001,076 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1550942879-4069634277-2589869334-1003UA.job
[2010/02/22 18:53:28 | 000,000,735 | ---- | M] () -- C:\Users\Karlo\Desktop\NTREGOPT.lnk
[2010/02/22 18:53:28 | 000,000,716 | ---- | M] () -- C:\Users\Karlo\Desktop\ERUNT.lnk
[2010/02/22 18:50:17 | 000,000,820 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/02/22 18:47:55 | 000,119,205 | ---- | M] () -- C:\ProgramData\nvModes.001
[2010/02/22 18:47:42 | 000,549,376 | ---- | M] (OldTimer Tools) -- C:\Users\Karlo\Desktop\OTL.exe
[2010/02/22 18:44:00 | 000,001,052 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010/02/22 18:22:35 | 000,003,568 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010/02/22 18:22:35 | 000,003,568 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010/02/22 18:02:50 | 000,037,115 | ---- | M] () -- C:\Users\Karlo\Desktop\pb.docx
[2010/02/22 17:47:01 | 001,622,796 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2010/02/22 17:47:01 | 000,726,808 | ---- | M] () -- C:\Windows\System32\perfh00C.dat
[2010/02/22 17:47:01 | 000,636,790 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010/02/22 17:47:01 | 000,147,276 | ---- | M] () -- C:\Windows\System32\perfc00C.dat
[2010/02/22 17:47:01 | 000,119,616 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010/02/22 16:22:53 | 000,002,485 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\QuickSet.lnk
[2010/02/22 16:22:40 | 000,001,048 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010/02/22 16:22:36 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010/02/22 16:22:34 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010/02/22 16:22:31 | 3753,971,712 | -HS- | M] () -- C:\hiberfil.sys
[2010/02/22 16:21:18 | 000,524,288 | -HS- | M] () -- C:\Users\Karlo\NTUSER.DAT{d7f258da-da94-11de-91f3-001f3ae3daaf}.TMContainer00000000000000000001.regtrans-ms
[2010/02/22 16:21:18 | 000,065,536 | -HS- | M] () -- C:\Users\Karlo\NTUSER.DAT{d7f258da-da94-11de-91f3-001f3ae3daaf}.TM.blf
[2010/02/22 16:20:57 | 000,002,140 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2010/02/22 16:20:46 | 003,870,878 | -H-- | M] () -- C:\Users\Karlo\AppData\Local\IconCache.db
[2010/02/22 13:30:28 | 000,119,205 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2010/02/22 10:54:10 | 000,001,889 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 8.lnk
[2010/02/22 08:43:15 | 000,001,024 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1550942879-4069634277-2589869334-1003Core.job
[2010/02/22 08:34:47 | 000,000,422 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{B8E8F1BA-2CFB-4ABF-903C-F563764E223E}.job
[2010/02/21 13:44:46 | 000,000,860 | ---- | M] () -- C:\Users\Karlo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\La Chaîne Météo.lnk
[2010/02/16 11:59:23 | 000,104,128 | ---- | M] () -- C:\Users\Karlo\Desktop\Têtes_PD_010110.pdf
[2010/02/15 13:59:48 | 001,402,825 | ---- | M] () -- C:\Users\Karlo\Desktop\Systèmes de mesure pour le contrôle et les 208_871-27.pdf
[2010/02/12 13:37:22 | 000,098,304 | ---- | M] () -- C:\Users\Karlo\Desktop\Kits visualisations HEIDENHAIN ND52X PP 01_2010.doc
[2010/02/11 11:03:00 | 000,000,933 | ---- | M] () -- C:\Users\Public\Desktop\ACCOM EN 2.9.lnk
[2010/02/11 11:01:28 | 010,687,555 | ---- | M] () -- C:\Users\Karlo\Desktop\32495707_Accom_V29_en_WinXP.zip
[2010/02/08 15:25:37 | 000,082,944 | ---- | M] () -- C:\Users\Karlo\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/02/08 13:43:59 | 000,308,618 | ---- | M] () -- C:\Users\Karlo\Desktop\Bawag Bank.pdf
[2010/02/08 12:53:24 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2010/02/08 12:53:24 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2010/02/08 12:52:00 | 000,001,672 | ---- | M] () -- C:\Users\Karlo\Desktop\CCleaner.lnk
[2010/02/05 10:42:08 | 000,048,961 | ---- | M] () -- C:\Users\Karlo\Desktop\signature karlo.jpg
[2010/02/05 09:49:32 | 000,002,075 | ---- | M] () -- C:\Users\Public\Desktop\Google Earth.lnk
[2010/02/01 18:05:29 | 000,041,984 | ---- | M] () -- C:\Users\Karlo\Desktop\Tél ARAXE.doc
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/02/22 18:53:28 | 000,000,735 | ---- | C] () -- C:\Users\Karlo\Desktop\NTREGOPT.lnk
[2010/02/22 18:53:28 | 000,000,716 | ---- | C] () -- C:\Users\Karlo\Desktop\ERUNT.lnk
[2010/02/22 18:50:17 | 000,000,820 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/02/22 18:02:50 | 000,037,115 | ---- | C] () -- C:\Users\Karlo\Desktop\pb.docx
[2010/02/16 11:42:13 | 000,104,128 | ---- | C] () -- C:\Users\Karlo\Desktop\Têtes_PD_010110.pdf
[2010/02/15 13:59:48 | 001,402,825 | ---- | C] () -- C:\Users\Karlo\Desktop\Systèmes de mesure pour le contrôle et les 208_871-27.pdf
[2010/02/12 13:37:21 | 000,098,304 | ---- | C] () -- C:\Users\Karlo\Desktop\Kits visualisations HEIDENHAIN ND52X PP 01_2010.doc
[2010/02/11 11:03:00 | 000,000,933 | ---- | C] () -- C:\Users\Public\Desktop\ACCOM EN 2.9.lnk
[2010/02/11 11:01:08 | 010,687,555 | ---- | C] () -- C:\Users\Karlo\Desktop\32495707_Accom_V29_en_WinXP.zip
[2010/02/08 12:53:24 | 000,000,000 | RHS- | C] () -- C:\MSDOS.SYS
[2010/02/08 12:53:24 | 000,000,000 | RHS- | C] () -- C:\IO.SYS
[2010/02/05 10:43:54 | 000,048,961 | ---- | C] () -- C:\Users\Karlo\Desktop\signature karlo.jpg
[2010/02/05 09:49:32 | 000,002,075 | ---- | C] () -- C:\Users\Public\Desktop\Google Earth.lnk
[2010/02/03 17:38:08 | 000,308,618 | ---- | C] () -- C:\Users\Karlo\Desktop\Bawag Bank.pdf
[2010/02/01 18:05:28 | 000,041,984 | ---- | C] () -- C:\Users\Karlo\Desktop\Tél ARAXE.doc
[2009/11/26 16:17:57 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009/09/15 17:08:46 | 000,010,240 | ---- | C] () -- C:\Windows\System32\vidx16.dll
[2009/09/15 16:57:05 | 000,721,904 | ---- | C] () -- C:\Windows\System32\drivers\sptd.sys
[2009/06/09 08:25:31 | 000,000,023 | ---- | C] () -- C:\Windows\System32\presets.ini
[2009/01/14 07:51:10 | 000,119,205 | ---- | C] () -- C:\ProgramData\nvModes.dat
[2009/01/14 07:51:10 | 000,119,205 | ---- | C] () -- C:\ProgramData\nvModes.001
[2008/12/09 13:19:21 | 000,305,499 | ---- | C] () -- C:\Users\Karlo\AppData\Local\hhiijjkk_nav.dat
[2008/12/09 13:18:51 | 000,001,473 | ---- | C] () -- C:\Users\Karlo\AppData\Local\hhiijjkk_navps.dat
[2008/12/09 13:18:49 | 000,005,379 | ---- | C] () -- C:\Users\Karlo\AppData\Local\hhiijjkk.dat
[2008/12/09 13:18:49 | 000,000,093 | ---- | C] () -- C:\Users\Karlo\AppData\Local\hhiijjkk.bat
[2008/09/18 17:20:09 | 000,164,352 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2008/09/18 17:20:09 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini
[2008/09/18 17:20:03 | 003,596,288 | ---- | C] () -- C:\Windows\System32\qt-dx331.dll
[2008/09/18 17:20:03 | 000,755,027 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2008/09/18 17:20:03 | 000,159,839 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2008/09/18 17:20:02 | 000,007,680 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2008/09/18 17:20:02 | 000,000,547 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll.manifest
[2008/05/24 13:13:30 | 000,000,680 | ---- | C] () -- C:\Users\Karlo\AppData\Local\d3d9caps.dat
[2008/04/22 18:41:51 | 000,076,271 | ---- | C] () -- C:\Users\Karlo\AppData\Roaming\nvModes.001
[2008/04/22 18:34:08 | 000,076,271 | ---- | C] () -- C:\Users\Karlo\AppData\Roaming\nvModes.dat
[2008/04/22 15:48:32 | 000,082,944 | ---- | C] () -- C:\Users\Karlo\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/04/16 19:36:54 | 000,016,480 | ---- | C] () -- C:\Windows\System32\rixdicon.dll
[2008/04/16 19:36:50 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[2008/02/11 02:09:54 | 000,176,128 | ---- | C] () -- C:\Windows\System32\dldninsb.dll
[2008/02/11 02:09:46 | 000,086,016 | ---- | C] () -- C:\Windows\System32\dldncub.dll
[2008/02/11 02:07:36 | 000,077,824 | ---- | C] () -- C:\Windows\System32\dldncu.dll
[2008/02/11 02:07:32 | 000,176,128 | ---- | C] () -- C:\Windows\System32\dldnins.dll
[2008/02/11 02:05:20 | 000,520,192 | ---- | C] () -- C:\Windows\System32\dldnutil.dll
[2008/01/29 19:49:04 | 000,782,336 | ---- | C] () -- C:\Windows\System32\dldndrs.dll
[2008/01/29 02:09:14 | 000,114,688 | ---- | C] () -- C:\Windows\System32\dldninsr.dll
[2008/01/29 02:09:06 | 000,036,864 | ---- | C] () -- C:\Windows\System32\dldncur.dll
[2008/01/29 02:08:44 | 000,147,456 | ---- | C] () -- C:\Windows\System32\dldnjswr.dll
[2008/01/29 01:42:30 | 000,208,896 | ---- | C] () -- C:\Windows\System32\dldngrd.dll
[2008/01/23 11:08:22 | 000,081,920 | ---- | C] () -- C:\Windows\System32\dldncaps.dll
[2008/01/22 01:05:56 | 000,077,906 | ---- | C] () -- C:\Windows\System32\dldncfg.dll
[2007/12/12 20:32:40 | 000,360,448 | ---- | C] () -- C:\Windows\System32\dldncoin.dll
[2007/10/02 13:51:10 | 000,069,632 | ---- | C] () -- C:\Windows\System32\dldncnv4.dll
[2007/07/25 16:40:02 | 000,999,424 | ---- | C] () -- C:\Windows\System32\WLIHVUI.dll
[2007/04/28 13:41:50 | 000,040,960 | ---- | C] () -- C:\Windows\System32\dldnvs.dll
[2006/11/03 17:25:56 | 000,389,120 | ---- | C] () -- C:\Windows\System32\btwhidcs.dll
[2006/11/02 11:25:44 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll
[2006/11/02 08:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/04/16 07:39:16 | 000,000,059 | ---- | C] () -- C:\Windows\TNCservice.ini
[2001/11/14 12:56:00 | 001,802,240 | ---- | C] () -- C:\Windows\System32\lcppn21.dll

========== LOP Check ==========

[2009/07/22 07:50:18 | 000,000,000 | ---D | M] -- C:\Users\Karlo\AppData\Roaming\com.adobe.example.widget.33A7EEEDEE7A114BE5163F740489DD413641A8EC.1
[2009/09/15 17:07:39 | 000,000,000 | ---D | M] -- C:\Users\Karlo\AppData\Roaming\DAEMON Tools Lite
[2010/02/11 11:03:18 | 000,000,000 | ---D | M] -- C:\Users\Karlo\AppData\Roaming\HEIDENHAIN
[2008/06/20 11:44:48 | 000,000,000 | ---D | M] -- C:\Users\Karlo\AppData\Roaming\PowerHouse
[2008/07/31 21:41:45 | 000,000,000 | ---D | M] -- C:\Users\Karlo\AppData\Roaming\streamripper
[2008/04/24 00:16:49 | 000,000,000 | ---D | M] -- C:\Users\Karlo\AppData\Roaming\tmp
[2010/02/22 16:20:57 | 000,032,586 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2010/02/22 08:34:47 | 000,000,422 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{B8E8F1BA-2CFB-4ABF-903C-F563764E223E}.job

========== Purity Check ==========



========== Custom Scans ==========


<SYSTEMDRIVE>


<MD5>
[2008/01/19 08:42:25 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_51b95d75\AGP440.sys
[2008/01/19 08:42:25 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\AGP440.sys
[2008/01/19 08:42:25 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys
[2008/01/19 08:42:25 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\AGP440.sys
[2008/04/16 19:26:54 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=8B10CE1C1F9F1D47E4DEB1A547A00CD4 -- C:\Windows\System32\drivers\AGP440.sys
[2008/04/16 19:26:54 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=8B10CE1C1F9F1D47E4DEB1A547A00CD4 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_8ed06b47\AGP440.sys
[2008/04/16 19:26:54 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=8B10CE1C1F9F1D47E4DEB1A547A00CD4 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6000.16400_none_b82caac9c18a4e3b\AGP440.sys
[2008/04/16 19:26:54 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=BF34B4A0E0B64440C5389AA6B902F4AD -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6000.20496_none_b85af81edaeb8461\AGP440.sys
[2006/11/02 10:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys

<MD5>
[2009/04/11 07:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\drivers\atapi.sys
[2009/04/11 07:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_b12d8e84\atapi.sys
[2009/04/11 07:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys
[2008/01/19 08:41:30 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys
[2008/01/19 08:41:30 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys
[2008/04/16 19:27:16 | 000,021,688 | ---- | M] (Microsoft Corporation) MD5=3E39E69F31F95D056703212E94320899 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_e6b2949c\atapi.sys
[2008/04/16 19:27:16 | 000,021,688 | ---- | M] (Microsoft Corporation) MD5=3E39E69F31F95D056703212E94320899 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.20544_none_dbb443eb3d9db847\atapi.sys
[2006/11/02 10:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys
[2008/04/16 19:27:09 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=5653737BAD8C6C10136451C195C19881 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.20485_none_db8a029f3dbd443b\atapi.sys
[2008/04/16 19:36:34 | 000,021,688 | ---- | M] (Microsoft Corporation) MD5=61CA2C1E145809813C28752298CF9843 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_5da5d093\atapi.sys
[2008/04/16 19:36:34 | 000,021,688 | ---- | M] (Microsoft Corporation) MD5=61CA2C1E145809813C28752298CF9843 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.20580_none_db8503133dc1c2af\atapi.sys
[2008/04/16 19:36:34 | 000,021,688 | ---- | M] (Microsoft Corporation) MD5=7EB55F6BEFB392BD312CD0CD5263305D -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_6c3af7d3\atapi.sys
[2008/04/16 19:36:34 | 000,021,688 | ---- | M] (Microsoft Corp
gordito78
 
Messages: 4
Inscription: 22 Fév 2010, 19:28

Extras.txt

Messagede gordito78 » 22 Fév 2010, 19:43

OTL Extras logfile created on: 22/02/2010 19:08:56 - Run 1
OTL by OldTimer - Version 3.1.30.1 Folder = C:\Users\Karlo\Desktop
Windows Vista Business Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18882)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 61,00% Memory free
7,00 Gb Paging File | 6,00 Gb Available in Paging File | 83,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 173,69 Gb Total Space | 78,01 Gb Free Space | 44,91% Space Free | Partition Type: NTFS
Drive D: | 10,00 Gb Total Space | 5,53 Gb Free Space | 55,30% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
Drive F: | 3,69 Gb Total Space | 1,75 Gb Free Space | 47,47% Space Free | Partition Type: FAT32
G: Drive not present or media not loaded
Drive H: | 249,00 Mb Total Space | 82,04 Mb Free Space | 32,95% Space Free | Partition Type: FAT
I: Drive not present or media not loaded
Drive Z: | 219,84 Gb Total Space | 153,68 Gb Free Space | 69,90% Space Free | Partition Type: NTFS

Computer Name: PC-DE-KARLO
Current User Name: Karlo
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-1550942879-4069634277-2589869334-1003\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\S-1-5-21-1550942879-4069634277-2589869334-1003]
"EnableNotifications" = 0
"EnableNotificationsRef" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0344C07D-3C63-4B74-B445-85BB4F4A63F4}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{05C0A588-2532-4701-AF25-A0B772736C26}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{1111D4D7-A247-4BD0-8F2E-556A65B0816F}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{1854F397-4136-4910-8EC1-248FE96AE08D}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{1B02F992-CE4B-4FD7-A88B-4BFE0E58524A}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{1D85AAB6-B785-43F7-AFBE-9D67C3EEB9C7}" = lport=999 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe |
"{1FCE13AD-E83E-41CF-AD0B-C3B1A5FF668C}" = lport=26675 | protocol=6 | dir=in | name=@%systemroot%\windowsmobile\wmdcbase.exe,-4006 |
"{270BB8B8-812F-42D9-921B-8EFEB2BD4B06}" = rport=138 | protocol=17 | dir=out | app=system |
"{2C63A04F-3E55-47D3-AD98-384F3F2F169F}" = lport=5721 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{2D21D903-A433-4A7E-BE06-73EF6E94027B}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{2DC554BE-EC58-4F94-A836-81EBE7F09F77}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{3851FF6A-A2EB-45C7-8356-033D34E8F244}" = lport=5721 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{3B52EC33-FA32-446A-AA2E-D2EEEE28E5F7}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{44D01DA1-17C1-4ABF-A8F4-2595CD466B46}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{4AE083FD-2690-486B-AD75-3BE3AE78FA3B}" = lport=5678 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe |
"{548F6A9D-A654-4F74-ACB7-9E7B58F63AA4}" = rport=139 | protocol=6 | dir=out | app=system |
"{624665BB-2B38-420C-9DAE-7D5F3E0AC2B3}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{698A953B-16FE-46C8-8A89-DA04DA282A81}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{8C890918-F9D6-4085-8511-72C34E6D4DF6}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{8F1D779D-D232-437D-B347-9675740B6EEC}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{99D6D360-B844-4D7B-9691-00CC230ED758}" = lport=5721 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{9BB9DE4A-4A13-460D-B2AE-F6DEE986D6BA}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{AA612126-FF41-4C33-862F-BE677A9F3DAA}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{AC11025B-5EC1-4C2B-B1F9-784844B071FC}" = lport=999 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe |
"{BD8547F6-81AE-4B83-9EA4-71058AE82730}" = lport=5678 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe |
"{C0228E96-4E9E-4088-B911-527170972610}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{C1B61318-A9CA-4D10-A954-C0722D37C59F}" = lport=5678 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe |
"{C447D491-318E-4DB6-8EB4-5AC6FF6321FE}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{D6817944-AED5-419E-81C6-F62E04DD35D3}" = rport=445 | protocol=6 | dir=out | app=system |
"{DC70B00D-9152-4AF3-8B66-A08C8675F1CF}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |
"{DCDE1F92-F18F-4B87-BADF-D06F430546C5}" = lport=999 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe |
"{DFB25315-6DB1-4297-800C-3B5C2ECB9099}" = lport=445 | protocol=6 | dir=in | app=system |
"{EDF3497F-18C6-42F6-BF19-B7FC864F393A}" = lport=26675 | protocol=6 | dir=in | name=@%systemroot%\windowsmobile\wmdcbase.exe,-4006 |
"{EEE9BF25-3E08-41BD-9719-7B9450212009}" = lport=137 | protocol=17 | dir=in | app=system |
"{F0E7D5A3-AFF8-47B0-9AB2-CD3E66841FC5}" = lport=26675 | protocol=6 | dir=in | name=@%systemroot%\windowsmobile\wmdcbase.exe,-4006 |
"{F0F682A6-5A01-4E33-9FD5-7217FA3D965D}" = lport=138 | protocol=17 | dir=in | app=system |
"{F3C58487-C301-4E14-8EBA-5E1C1A21DD17}" = lport=139 | protocol=6 | dir=in | app=system |
"{F41854CE-919A-42AF-BB1C-5A9B5B700B3A}" = rport=137 | protocol=17 | dir=out | app=system |
"{F8CD9032-53FE-441D-A82C-3051BE6DBE2A}" = lport=2869 | protocol=6 | dir=in | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{069FF8F5-60C2-4C2B-9BFA-1632FCAAD49B}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{083C0CFD-D869-4D85-8DA9-CC646B8D3FC8}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{09700736-81B4-428F-A413-960B0503EFEB}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{1152A789-A047-496B-90D9-50257CFEEEFB}" = protocol=6 | dir=in | app=c:\users\karlo\appdata\local\google\google talk plugin\googletalkplugin.dll |
"{118A5845-2916-4AE6-92DB-62B45687B810}" = protocol=17 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\dldnjswx.exe |
"{19C33086-8C61-4E68-9C7E-2F2F70E25D8D}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{1ACD8218-35E9-458B-B120-9358D7C43413}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{1BFDF799-B192-4EAF-9969-10BE5CE53766}" = dir=in | app=c:\program files\dell\mediadirect\mediadirect.exe |
"{229E9663-BD09-4263-8F10-20E1F38A8153}" = protocol=17 | dir=in | app=c:\users\karlo\appdata\local\google\google talk plugin\googletalkplugin.exe |
"{22F5683C-BE5D-4A28-A45F-65971B76AE6B}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{24F44C51-44E6-4A12-8DEB-F9076CD3C3E5}" = dir=in | app=c:\program files\dell\mediadirect\pcmservice.exe |
"{250A9BA2-7028-41BF-8C70-F7DD986776F9}" = protocol=6 | dir=in | app=c:\program files\mcafee\managed virusscan\agent\myagtsvc.exe |
"{2C2E37DA-58B1-44D2-BB3D-2E59EA49537F}" = protocol=17 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\dldnpswx.exe |
"{325D4980-7259-45DA-8ADB-4975B3BF65F4}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{32D9CBE7-D3A6-4700-9892-0BF18816BAD7}" = protocol=6 | dir=in | app=c:\windows\system32\dldncoms.exe |
"{357D5DD9-1151-48B9-B557-B74468108873}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe |
"{3DD18042-AEA1-4021-88AC-CB84A7C7A91F}" = protocol=17 | dir=in | app=c:\program files\mcafee\managed virusscan\agent\myagtsvc.exe |
"{463D8F4B-FAB3-452C-A4A2-AFC68FEA82B1}" = protocol=17 | dir=in | app=c:\program files\yahoo!\messenger\yserver.exe |
"{47504391-9DCD-4780-9D4E-99BAB798882C}" = protocol=17 | dir=in | app=c:\users\karlo\appdata\local\google\google talk plugin\googletalkplugin.dll |
"{477A866D-5D24-46B5-B908-7026BA7ABA02}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{4806FB96-F694-426D-BE68-41E9450A5261}" = protocol=17 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\dldntime.exe |
"{49DC2DFC-4DB2-485B-80DF-E4244E3C9856}" = protocol=6 | dir=in | app=c:\program files\winamp remote\bin\orbstreamerclient.exe |
"{4A279B0E-5520-42E3-83F3-DDABAC89E995}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{4A9E2575-E55D-46C7-A7CC-609B7032F10B}" = protocol=6 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\dldntime.exe |
"{55DFDFDA-F905-4A7E-9D03-3AB68B004BAD}" = protocol=17 | dir=in | app=c:\program files\winamp remote\bin\orbtray.exe |
"{5B5D0BF7-D3B2-496A-A865-4FFDA3941FC3}" = protocol=17 | dir=in | app=c:\program files\mcafee\managed virusscan\agent\myagtsvc.exe |
"{5E6FA74F-D65A-4B12-85DA-5C381060A12D}" = protocol=17 | dir=in | app=c:\users\karlo\appdata\local\google\google talk plugin\googletalkplugin.dll |
"{64544CD3-6460-47E6-AA33-F27265E47BED}" = dir=in | app=c:\program files\dell\mediadirect\kernel\dmp\clbrowserengine.exe |
"{6827F771-1D83-4F57-BABA-DE4282CC4497}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{69FC7374-5188-4F6C-9ECC-8E88BFC2267C}" = protocol=6 | dir=in | app=c:\program files\winamp remote\bin\orbtray.exe |
"{6E34A562-A60D-4457-9EE1-5C7593369C7B}" = protocol=6 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\dldnpswx.exe |
"{74890715-0259-411F-A161-2E5F984610BB}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{7A08D723-4B35-46AA-9804-633A3E580F52}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{7C57DF6C-17D1-434B-AFAE-E0AB213E5A4E}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{7E823E11-59FE-4910-8541-DAA0081BCFA1}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{87891D06-D6AD-4E75-968D-72A4AC4C9B75}" = protocol=17 | dir=in | app=c:\program files\winamp remote\bin\orb.exe |
"{87ADEE7E-9366-4C46-A2B7-64A9F5D54FB0}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{8AD1B883-E0A1-41AC-AB62-964CF383A23D}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{956F426E-6EC3-44AD-800A-0170719BB7E1}" = protocol=6 | dir=in | app=c:\program files\yahoo!\messenger\yserver.exe |
"{9F38B1B2-1A1B-4A21-AFD9-6FF279F3741F}" = protocol=17 | dir=in | app=c:\program files\winamp remote\bin\orbstreamerclient.exe |
"{A387AEF1-BF2D-4B6E-9B64-3401FF9639B1}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{A422F6CE-8AD0-4D15-8B0A-F66C0F8A3502}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{A8C6E779-B470-482B-B9F9-D6294726BBC1}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{B067017D-2651-4E2D-A270-8E815D54A5DA}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{B3ACDD69-799D-4CB3-9061-5AF0BC39A303}" = protocol=6 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"{CDB6BD7F-8F19-4E79-99F8-968293BF48C5}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{CEA57794-6F46-400F-A6E2-2A137B45EF96}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{CF53C0F4-86DD-4F0C-B171-349D3F836AC9}" = protocol=17 | dir=in | app=c:\users\karlo\appdata\local\google\google talk plugin\googletalkplugin.exe |
"{D3FB224E-A90F-400F-ADA0-FADFD8FC8CEA}" = protocol=6 | dir=in | app=c:\users\karlo\appdata\local\google\google talk plugin\googletalkplugin.dll |
"{D5F86298-EFCE-4348-9A4C-1F0EF0E27EC3}" = protocol=17 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"{E2122BC5-9E75-492C-B309-274BC80142F3}" = protocol=6 | dir=in | app=c:\users\karlo\appdata\local\google\google talk plugin\googletalkplugin.exe |
"{E4FCDAEE-066D-4519-B577-0929F07BBC42}" = protocol=17 | dir=in | app=c:\windows\system32\dldncoms.exe |
"{EA108614-9C87-43AB-9819-F6B7DE92FB84}" = protocol=6 | dir=in | app=c:\users\karlo\appdata\local\google\google talk plugin\googletalkplugin.exe |
"{EC3F6978-AE36-4824-88F9-82EB8BA1BFCE}" = dir=in | app=c:\program files\dell\mediadirect\kernel\dms\clmsservice.exe |
"{ED3815D2-1043-4223-A5FC-DA8BDC8F6DF6}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{F1087D74-B77A-408F-A2C6-9EA5F8046BE0}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{F2376A61-FF64-4156-985E-DE01CE49423D}" = protocol=6 | dir=in | app=c:\program files\winamp remote\bin\orb.exe |
"{F4967A19-A8E6-4B1F-B061-5A8285ADFDDF}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{F54955BA-DF9D-458D-B471-032AC30DB3BA}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{F70A5261-7937-4A45-9B79-30B830FD4738}" = protocol=6 | dir=in | app=c:\program files\mcafee\managed virusscan\agent\myagtsvc.exe |
"{F9AD194D-F001-44EF-B123-EC806C8F5C9E}" = protocol=6 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\dldnjswx.exe |
"{FB1C32AD-493E-4D04-8795-B0CD1934E0AC}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"TCP Query User{0B3810D2-3C6B-414C-ADDF-C1264FBEAF0E}C:\program files\yahoo!\messenger\yserver.exe" = protocol=6 | dir=in | app=c:\program files\yahoo!\messenger\yserver.exe |
"TCP Query User{162802EA-0978-4423-BFDD-CFDB3C33E9F6}C:\windows\system32\spool\drivers\w32x86\3\dldnpswx.exe" = protocol=6 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\dldnpswx.exe |
"TCP Query User{5DDA7165-A7A8-4712-9C80-D40808F35ADA}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"TCP Query User{75734DEA-8323-4DEC-B5AC-E086CB06EB6D}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"TCP Query User{BCE5808D-7809-4825-BEE0-895A91D0579A}C:\program files\yahoo!\messenger\yahoomessenger.exe" = protocol=6 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"UDP Query User{00388F09-3A18-4998-8393-433182562BB7}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{26253015-43B2-410E-B92A-3DB7981C3AC4}C:\windows\system32\spool\drivers\w32x86\3\dldnpswx.exe" = protocol=17 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\dldnpswx.exe |
"UDP Query User{41036281-16DE-4F75-B1C8-015F1E39F347}C:\program files\yahoo!\messenger\yahoomessenger.exe" = protocol=17 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"UDP Query User{50C25141-AE3A-404B-AADB-DBE6F14A69EC}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{DC624ED4-4D4D-4F27-A60C-62019A08D1BB}C:\program files\yahoo!\messenger\yserver.exe" = protocol=17 | dir=in | app=c:\program files\yahoo!\messenger\yserver.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{08E81ABD-79F7-49C2-881F-FD6CB0975693}" = Roxio Creator Data
"{09760D42-E223-42AD-8C3E-55B47D0DDAC3}" = Roxio Creator DE
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1D5E29AD-39A9-4D0A-A8B6-46A6FCD8C995}" = Live! Cam Avatar
"{1F24E48F-7692-4E89-8784-68DD4D2712A0}" = Microsoft SQL Server Native Client
"{1F54DAFA-9261-4A62-B59D-6C9F26B48FE4}" = Roxio Creator Tools
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Outil de téléchargement Windows Live
"{2075CB0A-D26F-4DAA-B424-5079296B43BA}" = Windows Live FolderShare
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{24D753CA-6AE9-4E30-8F5F-EFC93E08BF3D}" = Skype™ 4.0
"{26A24AE4-039D-4CA4-87B4-2F83216015FF}" = Java(TM) 6 Update 17
"{2EAF7E61-068E-11DF-953C-005056806466}" = Google Earth
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Roxio Update Manager
"{3248F0A8-6813-11D6-A77B-00B0D0160000}" = Java(TM) SE Runtime Environment 6
"{3380F354-C5F7-4E71-8F51-EEE6C3F06C62}" = Fichiers de prise en charge de l'installation de Microsoft SQL Server (Français)
"{38496EC2-78B7-412A-9398-FC6B7DB8E182}" = Orange Preload
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3E31821C-7917-367E-938E-E65FC413EA31}" = Microsoft .NET Framework 3.5 Language Pack SP1 - fra
"{4634B21A-CC07-4396-890C-2B8168661FEA}" = Windows Live Writer
"{46ABBC54-1872-4AA3-95E2-F2C063A63F31}" = Installation Windows Live
"{480DBB60-F0B6-45F2-B26F-1A2E11197791}" = Microsoft SQL Server 2005 Express Edition (MSSMLBIZ)
"{50120000-1105-0000-0000-0000000FF1CE}" = Microsoft Office 2007 Primary Interop Assemblies
"{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}" = Microsoft Office Live Add-in 1.3
"{5CD29180-A95E-11D3-A4EB-00C04F7BDB2C}" = Guide de l'utilisateur
"{5DD76286-9BE7-4894-A990-E905E91AC818}" = Windows Live Mail
"{62230596-37E5-4618-A329-0D21F529A86F}" = Browser Address Error Redirector
"{63DB9CCD-2B56-4217-9A3D-507AC78320CA}" = mWMI
"{65D0C510-D7B6-4438-9FC8-E6B91115AB0D}" = Live! Cam Avatar Creator
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler 3
"{69ca8988-1c6c-4285-b8af-db780a6e42af}" = Gestionnaire de contacts professionnels pour Outlook 2007 SP2
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{73A4F29F-31AC-4EBD-AA1B-0CC5F18C8F83}" = Roxio Creator Audio
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{770F1BEC-2871-4E70-B837-FB8525FFA3B1}" = Windows Live Messenger
"{7F0C4457-8E64-491B-8D7B-991504365D1E}" = QuickSet
"{8215AC14-BFC2-4ECC-96D6-1030202F8BDF}" = Visual C++ 8.0 x86 Runtime Setup Package
"{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}" = Windows Live Call
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8B928BA1-EDEC-4227-A2DA-DD83026C36F5}" = mPfMgr
"{8C6BB412-D3A8-4AAE-A01B-35B681789D68}" = mHelp
"{90120000-0016-040C-0000-0000000FF1CE}" = Microsoft Office Excel MUI (French) 2007
"{90120000-0016-040C-0000-0000000FF1CE}_SMALLBUSINESSR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-040C-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (French) 2007
"{90120000-0018-040C-0000-0000000FF1CE}_SMALLBUSINESSR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-040C-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (French) 2007
"{90120000-0019-040C-0000-0000000FF1CE}_SMALLBUSINESSR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-040C-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (French) 2007
"{90120000-001A-040C-0000-0000000FF1CE}_SMALLBUSINESSR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-040C-0000-0000000FF1CE}" = Microsoft Office Word MUI (French) 2007
"{90120000-001B-040C-0000-0000000FF1CE}_SMALLBUSINESSR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0401-0000-0000000FF1CE}" = Microsoft Office Proof (Arabic) 2007
"{90120000-001F-0401-0000-0000000FF1CE}_SMALLBUSINESSR_{14809F99-C601-4D4A-9391-F1E8FAA964C5}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_SMALLBUSINESSR_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_SMALLBUSINESSR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_SMALLBUSINESSR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0413-0000-0000000FF1CE}" = Microsoft Office Proof (Dutch) 2007
"{90120000-001F-0413-0000-0000000FF1CE}_SMALLBUSINESSR_{D66D5A44-E480-4BA4-B4F2-C554F6B30EBB}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_SMALLBUSINESSR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-040C-0000-0000000FF1CE}" = Microsoft Office Proofing (French) 2007
"{90120000-006E-040C-0000-0000000FF1CE}" = Microsoft Office Shared MUI (French) 2007
"{90120000-006E-040C-0000-0000000FF1CE}_SMALLBUSINESSR_{B165D3C2-40AE-4D39-86F7-E5C87C4264C0}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{904CCF62-818D-4675-BC76-D37EB399F917}" = Gestionnaire pour appareils Windows Mobile
"{90A4040C-6000-11D3-8CFE-0150048383C9}" = Microsoft Office 2003 Web Components
"{91120000-00CA-0000-0000-0000000FF1CE}" = Microsoft Office Small Business 2007
"{91120000-00CA-0000-0000-0000000FF1CE}_SMALLBUSINESSR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-00CA-0000-0000-0000000FF1CE}_SMALLBUSINESSR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95120000-0122-040C-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{9954484F-6EE4-4040-94E3-4B380646F867}" = Guide de mise en route Dell
"{9BDEF074-020E-458D-ADC5-8FF68E0C9B56}" = OutlookAddinSetup
"{9C6978E8-B6D0-4AB7-A7A0-D81A74FBF745}" = MediaDirect
"{A13E07E1-A423-44FB-9DEE-B24C75C1BAF2}" = WIDCOMM Bluetooth Software 6.0.1.3100
"{A2289997-10A3-48F2-AA03-99180D761661}" = Protector Suite QL 5.6
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A30179B7-997A-4D47-AA43-57AE59A9C78B}" = Microsoft SQL Server VSS Writer
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A939D341-5A04-4E0A-BB55-3E65B386432D}" = Microsoft Office Small Business Connectivity Components
"{AC76BA86-1033-F400-BA7E-000000000003}" = Adobe Acrobat 8 Standard - English, Français, Deutsch
"{AC76BA86-7AD7-1036-7B44-A82000000003}" = Adobe Reader 8.2.1 - Français
"{B131E59D-202C-43C6-84C9-68F0C37541F1}" = Galerie de photos Windows Live
"{B6A26DE5-F2B5-4D58-9570-4FC760E00FCD}" = Roxio Creator Copy
"{BBF6D0CD-A081-369F-B0B8-F168594CBB6B}" = Google Talk Plugin
"{C29302BF-32F8-7834-A4C8-780349DE9659}" = La Chaîne Météo
"{C99C0593-3B48-41D9-B42F-6E035B320449}" = Broadcom Management Programs
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware Free Edition
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CFA76A76-03CF-43AC-AAB4-E2E3DACE4E02}" = Vodafone Mobile Connect Lite Runtime Components
"{D5D81435-B8DE-4CAF-867F-7998F2B92CFC}" = Windows Live Contrôle parental
"{DCE8CD14-FBF5-4464-B9A4-E18E473546C7}" = Assistant de connexion Windows Live
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{E3BFEE55-39E2-4BE0-B966-89FE583822C1}" = Dell Support Center
"{E7044E25-3038-4A76-9064-344AC038043E}" = Windows Mobile Device Center Driver Update
"{ED439A64-F018-4DD4-8BA5-328D85AB09AB}" = Roxio Creator DE
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0BFC7EF-9CF8-44EE-91B0-158884CD87C5}" = mMHouse
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F5D7FAB5-A1FD-4DD3-983E-4155B09D7102}" = mCore
"7-Zip" = 7-Zip 4.58 beta
"ACCOM_EN 2.9 (Windows 2000/XP/Vista)" = ACCOM_EN 2.9 (Windows 2000/XP/Vista)
"Adobe Acrobat 8 Standard - English, Français, Deutsch" = Adobe Acrobat 8.2.1 Standard
"Adobe Acrobat 8 Standard - English, Français, Deutsch_821" = Adobe Acrobat 8.2.1 - CPSID_50570
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Shockwave Player" = Adobe Shockwave Player 11
"Advanced Audio FX Engine" = Advanced Audio FX Engine
"Advanced Video FX Engine" = Advanced Video FX Engine
"Business Contact Manager" = Gestionnaire de contacts professionnels pour Outlook 2007 SP2
"CCleaner" = CCleaner
"com.adobe.example.widget.33A7EEEDEE7A114BE5163F740489DD413641A8EC.1" = La Chaîne Météo
"Creative OEM004" = Laptop Integrated Webcam Driver (1.03.01.1011)
"Dell V105" = Dell V105
"Dell Webcam Center" = Dell Webcam Center
"Dell Webcam Manager" = Dell Webcam Manager
"DVD Shrink_is1" = DVD Shrink 3.2
"ERUNT_is1" = ERUNT 1.1j
"Google Desktop" = Google Desktop
"hhiijjkk" = Favorit
"HijackThis" = HijackThis 2.0.2
"KLiteCodecPack_is1" = K-Lite Codec Pack 4.1.4 (Full)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 3.5 Language Pack SP1 - fra" = Module linguistique Microsoft .NET Framework 3.5 SP1- fra
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft SQL Server 2005" = Microsoft SQL Server 2005
"Migo" = Migo
"Mozilla Firefox (3.0.5)" = Mozilla Firefox (3.0.5)
"MVS" = Service de protection antivirus et antispywareMcAfee
"NVIDIA Drivers" = NVIDIA Drivers
"Picasa 3" = Picasa 3
"ProInst" = Logiciel Intel(R) PROSet/Wireless
"SMALLBUSINESSR" = Microsoft Office Small Business 2007
"Streamripper" = Streamripper (Remove only)
"SynTPDeinstKey" = Dell Touchpad
"TMM80" = TELL ME MORE
"TNCservice_V2.02_is1" = TNCservice OEM - V2.02
"VLC media player" = VideoLAN VLC media player 0.8.6h
"Winamp" = Winamp
"Windows Mobile Device Handbook" = Ressources Windows Mobile
"WinLiveSuite_Wave3" = Installation Windows Live
"Yahoo! Messenger" = Yahoo! Messenger

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 28/12/2009 10:04:16 | Computer Name = PC-de-Karlo | Source = Google Update | ID = 20
Description =

Error - 04/01/2010 04:43:01 | Computer Name = PC-de-Karlo | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =

Error - 04/01/2010 05:13:19 | Computer Name = PC-de-Karlo | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =

Error - 04/01/2010 10:36:03 | Computer Name = PC-de-Karlo | Source = Application Error | ID = 1000
Description = Application défaillante iexplore.exe, version 8.0.6001.18865, horodatage
0x4b077416, module défaillant Flash10b.ocx, version 10.0.22.87, horodatage 0x4987a6c3,
code d’exception 0xc0000005, décalage d’erreur 0x000cead4, ID du processus 0x204,
heure de début de l’application 0x01ca8d3f98df7d98.

Error - 04/01/2010 18:48:28 | Computer Name = PC-de-Karlo | Source = Application Error | ID = 1000
Description = Application défaillante googleearth.exe, version 5.1.3533.1731, horodatage
0x4afc775d, module défaillant googleearth.exe, version 5.1.3533.1731, horodatage
0x4afc775d, code d’exception 0xc0000005, décalage d’erreur 0x00004030, ID du processus
0xcd4, heure de début de l’application 0x01ca8d8e99561bdf.

Error - 05/01/2010 06:08:02 | Computer Name = PC-de-Karlo | Source = Application Error | ID = 1000
Description = Application défaillante YServer.exe, version 3.0.0.1, horodatage 0x46d7569a,
module défaillant YServer.exe, version 3.0.0.1, horodatage 0x46d7569a, code d’exception
0xc0000005, décalage d’erreur 0x000029b0, ID du processus 0x904, heure de début
de l’application 0x01ca8deef541f2c0.

Error - 07/01/2010 05:27:09 | Computer Name = PC-de-Karlo | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =

Error - 18/01/2010 10:02:29 | Computer Name = PC-de-Karlo | Source = Application Error | ID = 1000
Description = Application défaillante iexplore.exe, version 8.0.6001.18865, horodatage
0x4b077416, module défaillant unknown, version 0.0.0.0, horodatage 0x00000000,
code d’exception 0xc0000005, décalage d’erreur 0x0038005f, ID du processus 0x1f18,
heure de début de l’application 0x01ca98382f8ac00e.

Error - 19/01/2010 07:13:39 | Computer Name = PC-de-Karlo | Source = Application Error | ID = 1000
Description = Application défaillante iexplore.exe, version 8.0.6001.18865, horodatage
0x4b077416, module défaillant mshtml.dll, version 8.0.6001.18865, horodatage 0x4b078a9b,
code d’exception 0xc00000fd, décalage d’erreur 0x00072771, ID du processus 0x1360,
heure de début de l’application 0x01ca98e8ab3692a1.

Error - 19/01/2010 10:47:37 | Computer Name = PC-de-Karlo | Source = Application Error | ID = 1000
Description = Application défaillante YServer.exe, version 3.0.0.1, horodatage 0x46d7569a,
module défaillant YServer.exe, version 3.0.0.1, horodatage 0x46d7569a, code d’exception
0xc0000005, décalage d’erreur 0x000029b0, ID du processus 0x163c, heure de début
de l’application 0x01ca9916559c6cb1.

[ OSession Events ]
Error - 23/04/2008 19:03:45 | Computer Name = PC-de-Karlo | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 21
seconds with 0 seconds of active time. This session ended with a crash.

Error - 12/09/2008 03:02:14 | Computer Name = PC-de-Karlo | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6316.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 3
seconds with 0 seconds of active time. This session ended with a crash.

Error - 30/07/2009 09:25:56 | Computer Name = PC-de-Karlo | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6504.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 20887
seconds with 2220 seconds of active time. This session ended with a crash.

Error - 26/11/2009 11:27:13 | Computer Name = PC-de-Karlo | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 2944
seconds with 720 seconds of active time. This session ended with a crash.

[ System Events ]
Error - 22/02/2010 10:13:55 | Computer Name = PC-de-Karlo | Source = Client Side Rendering Spooler | ID = 3
Description = Le spouleur d’impression n’a pas pu rouvrir une connexion d’imprimante
existante car il n’a pas pu lire les informations de configuration dans la clé
de Registre S-1-5-21-1550942879-4069634277-2589869334-1003\Printers\Connections\S-1-5-21-1550942879-4069634277-2589869334-1003\Printers\Connections.
Ceci peut se produire si le nom de la clé ou ses valeurs sont endommagées ou absentes.

Error - 22/02/2010 11:22:51 | Computer Name = PC-de-Karlo | Source = Client Side Rendering Spooler | ID = 3
Description = Le spouleur d’impression n’a pas pu rouvrir une connexion d’imprimante
existante car il n’a pas pu lire les informations de configuration dans la clé
de Registre S-1-5-21-1550942879-4069634277-2589869334-1003\Printers\Connections\S-1-5-21-1550942879-4069634277-2589869334-1003\Printers\Connections.
Ceci peut se produire si le nom de la clé ou ses valeurs sont endommagées ou absentes.

Error - 22/02/2010 11:22:51 | Computer Name = PC-de-Karlo | Source = Client Side Rendering Spooler | ID = 3
Description = Le spouleur d’impression n’a pas pu rouvrir une connexion d’imprimante
existante car il n’a pas pu lire les informations de configuration dans la clé
de Registre S-1-5-21-1550942879-4069634277-2589869334-1003\Printers\Connections\S-1-5-21-1550942879-4069634277-2589869334-1003\Printers\Connections.
Ceci peut se produire si le nom de la clé ou ses valeurs sont endommagées ou absentes.

Error - 22/02/2010 11:23:03 | Computer Name = PC-de-Karlo | Source = Service Control Manager | ID = 7009
Description =

Error - 22/02/2010 11:23:03 | Computer Name = PC-de-Karlo | Source = Service Control Manager | ID = 7000
Description =

Error - 22/02/2010 11:23:38 | Computer Name = PC-de-Karlo | Source = DCOM | ID = 10016
Description =

Error - 22/02/2010 12:53:02 | Computer Name = PC-de-Karlo | Source = Client Side Rendering Spooler | ID = 3
Description = Le spouleur d’impression n’a pas pu rouvrir une connexion d’imprimante
existante car il n’a pas pu lire les informations de configuration dans la clé
de Registre S-1-5-21-1550942879-4069634277-2589869334-1003\Printers\Connections\S-1-5-21-1550942879-4069634277-2589869334-1003\Printers\Connections.
Ceci peut se produire si le nom de la clé ou ses valeurs sont endommagées ou absentes.

Error - 22/02/2010 12:53:03 | Computer Name = PC-de-Karlo | Source = Client Side Rendering Spooler | ID = 3
Description = Le spouleur d’impression n’a pas pu rouvrir une connexion d’imprimante
existante car il n’a pas pu lire les informations de configuration dans la clé
de Registre S-1-5-21-1550942879-4069634277-2589869334-1003\Printers\Connections\S-1-5-21-1550942879-4069634277-2589869334-1003\Printers\Connections.
Ceci peut se produire si le nom de la clé ou ses valeurs sont endommagées ou absentes.

Error - 22/02/2010 12:53:09 | Computer Name = PC-de-Karlo | Source = Client Side Rendering Spooler | ID = 3
Description = Le spouleur d’impression n’a pas pu rouvrir une connexion d’imprimante
existante car il n’a pas pu lire les informations de configuration dans la clé
de Registre S-1-5-21-1550942879-4069634277-2589869334-1003\Printers\Connections\S-1-5-21-1550942879-4069634277-2589869334-1003\Printers\Connections.
Ceci peut se produire si le nom de la clé ou ses valeurs sont endommagées ou absentes.

Error - 22/02/2010 12:53:09 | Computer Name = PC-de-Karlo | Source = Client Side Rendering Spooler | ID = 3
Description = Le spouleur d’impression n’a pas pu rouvrir une connexion d’imprimante
existante car il n’a pas pu lire les informations de configuration dans la clé
de Registre S-1-5-21-1550942879-4069634277-2589869334-1003\Printers\Connections\S-1-5-21-1550942879-4069634277-2589869334-1003\Printers\Connections.
Ceci peut se produire si le nom de la clé ou ses valeurs sont endommagées ou absentes.


<End>
gordito78
 
Messages: 4
Inscription: 22 Fév 2010, 19:28

up

Messagede gordito78 » 25 Fév 2010, 16:40

up please
gordito78
 
Messages: 4
Inscription: 22 Fév 2010, 19:28

Messagede nickW » 26 Fév 2010, 01:36

Bonsoir,

Est-ce un PC Professionnel?


Le rapport d'analyse OTL.Txt que tu as envoyé est incomplet.
Peux-tu, avant d'effectuer les manips ci-dessous, envoyer dans un message en réponse ce qui est listé après:
"========== Custom Scans =========="


Nettoyage de l'infection NaviPromo:

Étape 1: Navilog1 (de IL-MAFIOSO)
Télécharger Navilog1 par un clic droit sur le lien ci-dessous:
http://pagesperso-orange.fr/il.mafioso/ ... vilog1.exe
Enregistrer le fichier sur le Bureau.

Fermer toutes les applications actives (comme traitement de texte, navigateur).
Faire un clic droit sur le fichier Navilog1.exe situé sur le Bureau et choisir "Exécuter en tant qu'Administrateur".

Suivre les indications affichées.
Sur le menu principal, choisir l'option 1 et valider.
(ne pas choisir l'option 2 sans mon avis/accord)

L'outil peut annoncer qu'il va effectuer un redémarrage du PC: Appuyer sur une touche comme demandé.
Si le PC ne redémarre pas automatiquement, lancer manuellement le redémarrage, en choisissant la session habituelle.

Attendre jusqu'au message :
*** Scan Termine le ..... ***
Appuyer sur une touche comme demandé, le Bloc-notes va s'ouvrir.
Note: Dans le Bloc-notes, vérifier dans le menu Format (en haut) que l'option "Retour automatique à la ligne" n'est pas cochée.
Enregistrer ce fichier sous le nom navi1-100225.txt
Fermer le Bloc-notes.


Étape 2: OTL (de OldTimer), analyse rapide
Fermer toutes les fenêtres de programme ouvertes.

Faire un clic droit sur OTL.exe puis choisir "Exécuter en tant qu'Administrateur" pour lancer l'outil.

L'écran principal de OTL s'affiche:
Image

Cliquer sur le bouton Quick Scan:
Image


Laisser l'outil travailler sans l'interrompre.
Lorsque l'outil a terminé, il y a ouverture d'une fenêtre du Bloc-notes contenant un rapport (log).
Fermer le Bloc-notes.
Fermer la fenêtre de OTL.


Étape 3: Résultat
Envoyer en réponse:
*- le rapport de Navilog1, Option 1 (contenu du fichier navi1-100225.txt)

Envoyer ensuite en réponse dans un message distinct (à cause de la longueur du log):
*- le rapport principal de OTL (contenu du fichier OTL.Txt situé sur le Bureau).
Le rapport envoyé sur le forum doit se terminer par une ligne contenant <End>. Si ce n'est pas le cas, il est incomplet, et doit alors être découpé en plusieurs messages.

Note importante: Pour l'envoi de ta(tes) réponse(s), il ne faut pas créer un nouveau sujet, mais cliquer sur le bouton "Répondre"
Image pour continuer dans ce fil de discussion.

A suivre,
nickW - Image
30/07/2012: Plus de désinfection de PC jusqu'à nouvel ordre.
Pas de demande d'analyse de log en MP (Message Privé)
Mes configs
Avatar de l’utilisateur
nickW
Modérateur
 
Messages: 21698
Inscription: 20 Mai 2004, 17:41
Localisation: Dordogne/Île de France


Retourner vers Sécurité (Contamination - Décontamination)

Qui est en ligne

Utilisateurs parcourant ce forum: Aucun utilisateur enregistré et 23 invités