Assiste.Forums

Sécurité informatique et protection de la vie privée sur Internet

Vers le contenu

[OK] Demande d'analyse de log pour PC molasson

Sécurité et insécurité. Virus, Trojans, Spywares, Failles etc. …

Modérateur: Modérateurs et Modératrices

Règles du forum
Assiste.com a suspendu l'assistance à la décontamination après presque 15 ans sur l'ancien forum puis celui-ci. Voir :

Procédure de décontamination 1 - Anti-malware
Décontamination anti-malwares

Procédure de décontamination 2 - Anti-malware et antivirus (La Manip)
La Manip - Procédure standard de décontamination

Entretien périodique d'un PC sous Windows
Entretien périodique d'un PC sous Windows

Protection des navigateurs, de la navigation et de la vie privée
Protéger le navigateur, la navigation et la vie privée
Sujet verrouillé

[OK] Demande d'analyse de log pour PC molasson

Messagede Gacko » 12 Mar 2010, 22:26

Bonjour,
Il a 5 ans et je trouve que mon PC n'est plus aussi nerveux qu'a ses débuts, loin de là ! Pour éviter de vous faire perdre du temps j'ai analysé mon PC en mode sans échec successivement avec Ad-Aware, A-squared-free, Micro Defender et Spyboot. Ca a pris presque 2 jours entre les logiciels d'analyse, le Nettoyage du disque, CCCleaner pour le registre et la défragmentation mais le résultat n'est pas vraiment au rendez-vous. Il y a surement des programmes qui font joujou en arrière-plan mais je ne sais pas lesquels... Et le démarrage de XP et la fermeture sont à peine moins nonchalants qu'avant :(
Merci d'avance à celui ou ceux qui prendront un moment pour jeter un oeil sur le scan. Bonne soirée à tous.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:12:34, on 12/03/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\a-squared Free\a2service.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\FolderSize\FolderSizeSvc.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe
C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe
C:\Program Files\Sunbelt Software\Personal Firewall\SbPFCl.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\PROGRA~1\MICROS~4\rapimgr.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\CircleDock0.9.2Alpha8.2\CircleDock0.9.2Alpha8.2\CircleDock.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.speedapps.com/search.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: flashget urlcatch - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Program Files\FlashGet\jccatch.dll
O2 - BHO: Ziepod One-Click IE Helper - {57A30D1E-08B9-4EF4-B273-AAEA1C234A5B} - C:\WINDOWS\system32\ZiepodOneClicker.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: FlashGet GetFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Program Files\FlashGet\getflash.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe /r
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\RunServices: [Microsoft Updates] svehost.exe
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKCU\..\Run: [EPSON SX410 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIFCE.EXE /FU "C:\DOCUME~1\ERICJE~1\LOCALS~1\Temp\E_S77.tmp" /EF "HKCU"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: CircleDock.lnk = ?
O8 - Extra context menu item: &Tout télécharger avec FlashGet - C:\PROGRA~1\FlashGet\jc_all.htm
O8 - Extra context menu item: &Télécharger avec FlashGet - C:\PROGRA~1\FlashGet\jc_link.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe
O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} (SysProWmi Class) - http://support.euro.dell.com/systemprofiler/SysPro.CAB
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microso ... lient/m(...)
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://www.ma-config.com/activex/MaConfig_3_5_1_0.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{3D302F62-3B91-4AAF-83DB-35F026622F38}: NameServer = 212.27.53.252,212.27.54.252
O18 - Protocol: skyline - {3A4F9195-65A8-11D5-85C1-0001023952C1} - C:\Program Files\Skyline\TerraExplorer\TerraExplorerX.dll
O20 - AppInit_DLLs:
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Creative Labs Licensing Service - Creative Labs - C:\Program Files\Fichiers communs\Creative Labs Shared\Service\CreativeLicensing.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: ERMLicSrv_ATL70 - Unknown owner - C:\WINDOWS\system32\ERM\7.0\ERMLicSrv_ATL70.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Folder Size (FolderSize) - Brio - C:\Program Files\FolderSize\FolderSizeSvc.exe
O23 - Service: Google Update Service (gupdate1c95b0d55dcb580) (gupdate1c95b0d55dcb580) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: SbPF.Launcher - Sunbelt Software, Inc. - C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Sunbelt Personal Firewall 4 (SPF4) - Sunbelt Software, Inc. - C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe
O23 - Service: Start BT in service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\StartSkysolSvc.exe
O23 - Service: wampapache - Unknown owner - L:\wamp\bin\apache\apache2.2.8\bin\httpd.exe (file missing)
O23 - Service: wampmysqld - Unknown owner - L:\wamp\bin\mysql\mysql5.0.51b\bin\mysqld-nt.exe (file missing)

--
End of file - 10322 bytes :cry:
Gacko
 
Messages: 11
Inscription: 12 Mar 2010, 22:15
Haut

Messagede nickW » 13 Mar 2010, 01:49

Bonsoir,

Des traces d'infection sont visibles dans ce rapport HijackThis.

Mais ce programme, dont le développement n'a pas été poursuivi par Trend Micro, est "dépassé" pour les nuisibles d'aujourd'hui.

Peux-tu suivre les instructions de ce sujet et envoyer les trois rapports demandés?

A suivre,
nickW - Image
30/07/2012: Plus de désinfection de PC jusqu'à nouvel ordre.
Pas de demande d'analyse de log en MP (Message Privé)
Mes configs
Avatar de l’utilisateur
nickW
Modérateur
 
Messages: 21698
Inscription: 20 Mai 2004, 17:41
Localisation: Dordogne/Île de France
Haut

Messagede Gacko » 13 Mar 2010, 12:13

Voilà c'est fait. Au passage félicitations pour le tuto qui est vraiment très bien expliqué. Carrément un des meilleurs que j'ai vu c'est dire !
Voici les rapports et... merci pour ton aide :D

Malwarebytes' Anti-Malware 1.44
Version de la base de données: 3862
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

13/03/2010 11:49:18
mbam-log-2010-03-13 (11-49-07).txt

Type de recherche: Examen rapide
Eléments examinés: 153750
Temps écoulé: 5 minute(s), 51 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 1
Valeur(s) du Registre infectée(s): 1
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{08b0f5c0-44cb-11cf-acx5-00401e608512} (Generic.Bot.H) -> No action taken.

Valeur(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices\microsoft updates (Backdoor.Rbot) -> No action taken.

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
(Aucun élément nuisible détecté)
Gacko
 
Messages: 11
Inscription: 12 Mar 2010, 22:15
Haut

Messagede Gacko » 13 Mar 2010, 12:15

OTL.txt (boudiou qu'il est long !)

OTL logfile created on: 13/03/2010 11:55:49 - Run 1
OTL by OldTimer - Version 3.1.37.0 Folder = C:\Documents and Settings\Eric Jeuffrain\Bureau
Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 66,00% Memory free
4,00 Gb Paging File | 3,00 Gb Available in Paging File | 85,00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 144,30 Gb Total Space | 86,49 Gb Free Space | 59,94% Space Free | Partition Type: NTFS
Drive D: | 149,01 Gb Total Space | 101,61 Gb Free Space | 68,19% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
Drive F: | 569,28 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: D9PJ012J
Current User Name: Eric Jeuffrain
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2010/03/13 11:31:12 | 000,555,520 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Eric Jeuffrain\Bureau\OTL.exe
PRC - [2010/01/24 21:27:07 | 000,910,296 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2009/10/01 16:03:14 | 001,858,144 | ---- | M] (Emsi Software GmbH) -- C:\Program Files\a-squared Free\a2service.exe
PRC - [2009/07/21 13:33:58 | 000,185,089 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2009/05/13 15:47:40 | 000,108,289 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2009/03/02 12:08:11 | 000,209,153 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2008/10/31 06:24:28 | 000,095,528 | ---- | M] (Sunbelt Software, Inc.) -- C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe
PRC - [2008/09/14 19:44:32 | 001,831,424 | ---- | M] (Eric Wong) -- C:\Program Files\CircleDock0.9.2Alpha8.2\CircleDock0.9.2Alpha8.2\CircleDock.exe
PRC - [2008/04/14 03:34:03 | 001,037,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/11/14 21:46:00 | 000,131,072 | ---- | M] (Brio) -- C:\Program Files\FolderSize\FolderSizeSvc.exe
PRC - [2006/11/13 14:07:02 | 001,289,000 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft ActiveSync\wcescomm.exe
PRC - [2006/11/13 14:06:52 | 000,199,464 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft ActiveSync\rapimgr.exe
PRC - [2006/11/03 19:20:12 | 000,866,584 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe
PRC - [2006/11/03 19:19:58 | 000,013,592 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MsMpEng.exe
PRC - [2005/09/15 10:47:22 | 000,057,344 | ---- | M] (Creative Technology Ltd) -- C:\Program Files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe


========== Modules (SafeList) ==========

MOD - [2010/03/13 11:31:12 | 000,555,520 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Eric Jeuffrain\Bureau\OTL.exe


========== Win32 Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- -- (wampmysqld)
SRV - File not found [On_Demand | Stopped] -- -- (wampapache)
SRV - [2010/03/07 19:17:05 | 002,462,256 | ---- | M] () [Auto | Running] -- c:\Program Files\Fichiers communs\Akamai\rswin_3648.dll -- (Akamai)
SRV - [2010/02/05 10:03:30 | 001,229,232 | ---- | M] (Lavasoft) [On_Demand | Stopped] -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service)
SRV - [2009/12/02 21:35:09 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2009/10/27 09:26:36 | 000,657,408 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2009/10/01 16:03:14 | 001,858,144 | ---- | M] (Emsi Software GmbH) [Auto | Running] -- C:\Program Files\a-squared Free\a2service.exe -- (a2free)
SRV - [2009/07/21 13:33:58 | 000,185,089 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2009/05/29 16:13:20 | 000,234,864 | ---- | M] (CybelSoft) [On_Demand | Stopped] -- C:\Program Files\ma-config.com\maconfservice.exe -- (maconfservice)
SRV - [2009/05/13 15:47:40 | 000,108,289 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2008/11/04 01:06:28 | 000,441,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv)
SRV - [2008/10/31 06:24:28 | 001,365,288 | ---- | M] (Sunbelt Software, Inc.) [Auto | Stopped] -- C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe -- (SPF4)
SRV - [2008/10/31 06:24:28 | 000,095,528 | ---- | M] (Sunbelt Software, Inc.) [Auto | Running] -- C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe -- (SbPF.Launcher)
SRV - [2007/11/14 21:46:00 | 000,131,072 | ---- | M] (Brio) [Auto | Running] -- C:\Program Files\FolderSize\FolderSizeSvc.exe -- (FolderSize)
SRV - [2007/08/16 15:34:06 | 000,072,704 | ---- | M] (Adobe Systems) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe -- (Adobe LM Service)
SRV - [2007/04/21 13:54:10 | 000,052,080 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\IVT Corporation\BlueSoleil\StartSkysolSvc.exe -- (Start BT in service)
SRV - [2007/01/19 11:54:14 | 000,097,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\MSN Messenger\usnsvc.exe -- (usnjsvc)
SRV - [2006/11/03 19:19:58 | 000,013,592 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV - [2006/10/26 13:03:08 | 000,145,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
SRV - [2006/01/04 18:25:30 | 000,069,632 | ---- | M] (Creative Labs) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\Creative Labs Shared\Service\CreativeLicensing.exe -- (Creative Labs Licensing Service)
SRV - [2005/11/14 00:06:04 | 000,069,632 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe -- (IDriverT)
SRV - [2005/07/27 22:04:40 | 000,094,208 | ---- | M] () [On_Demand | Stopped] -- C:\WINDOWS\system32\ERM\7.0\ERMLicSrv_ATL70.exe -- (ERMLicSrv_ATL70)
SRV - [2002/03/15 21:37:46 | 000,081,920 | R--- | M] (HP) [On_Demand | Stopped] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12)


========== Driver Services (SafeList) ==========

DRV - [2010/02/05 10:03:36 | 000,064,288 | ---- | M] (Lavasoft AB) [File_System | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\Lbd.sys -- (Lbd)
DRV - [2009/11/25 11:19:02 | 000,056,816 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2009/10/22 16:11:14 | 000,057,800 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ftdibus.sys -- (FTDIBUS)
DRV - [2009/10/22 15:09:34 | 000,072,520 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ftser2k.sys -- (FTSER2K)
DRV - [2009/10/06 11:52:50 | 000,007,936 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2009/10/06 11:52:34 | 000,022,016 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2009/10/06 11:52:34 | 000,017,664 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2009/10/06 11:52:34 | 000,007,936 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2009/09/08 14:16:07 | 000,074,480 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2009/07/10 16:59:05 | 000,082,380 | ---- | M] (Oak Technology Inc.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AFS2K.SYS -- (AFS2K)
DRV - [2009/05/29 16:16:48 | 000,014,336 | ---- | M] (CybelSoft) [Kernel | On_Demand | Stopped] -- C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys -- (driverhardwarev2)
DRV - [2009/05/25 19:24:47 | 000,009,968 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS -- (SASDIFSV)
DRV - [2009/05/11 09:11:52 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2009/03/30 09:32:47 | 000,096,104 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)
DRV - [2009/02/24 18:42:14 | 000,116,736 | ---- | M] (MagicISO, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mcdbus.sys -- (mcdbus)
DRV - [2009/02/13 11:34:33 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys -- (avgio)
DRV - [2009/01/01 12:18:17 | 000,042,512 | ---- | M] (CACE Technologies) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\npf.sys -- (NPF)
DRV - [2008/10/31 06:09:06 | 000,270,888 | R--- | M] (Sunbelt Software, Inc.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\SbFw.sys -- (SbFw)
DRV - [2008/10/27 22:51:34 | 000,127,496 | ---- | M] (High Criteria inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\TotRec7.sys -- (TotRec7)
DRV - [2008/09/17 22:55:00 | 006,132,576 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2008/08/26 09:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2008/08/14 07:57:42 | 000,074,720 | ---- | M] (Adobe Systems, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\adfs.sys -- (adfs)
DRV - [2008/06/21 03:54:54 | 000,066,600 | R--- | M] (Sunbelt Software, Inc.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\sbhips.sys -- (sbhips)
DRV - [2008/06/21 03:54:54 | 000,065,576 | ---- | M] (Sunbelt Software, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SbFwIm.sys -- (SBFWIMCL)
DRV - [2008/04/13 19:53:09 | 000,040,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmnt.sys -- (nm)
DRV - [2008/04/13 19:36:39 | 000,043,008 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\amdagp.sys -- (amdagp)
DRV - [2008/04/13 19:36:39 | 000,040,960 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\sisagp.sys -- (sisagp)
DRV - [2008/04/13 17:36:05 | 000,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2007/10/08 10:54:36 | 000,023,040 | ---- | M] (DASoft Development Team) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ultradfg.sys -- (ultradfg)
DRV - [2007/08/16 12:50:03 | 000,639,224 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2007/03/05 05:01:18 | 000,039,184 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btcusb.sys -- (Btcsrusb)
DRV - [2007/03/05 05:00:04 | 000,027,792 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\BlueletSCOAudio.sys -- (BlueletSCOAudio)
DRV - [2007/03/05 04:59:04 | 000,018,320 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btnetdrv.sys -- (BT)
DRV - [2007/03/05 04:56:18 | 000,035,600 | ---- | M] (IVT Corporation.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\BTHidMgr.sys -- (BTHidMgr)
DRV - [2007/03/05 04:55:12 | 000,020,880 | ---- | M] (IVT Corporation.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\vbtenum.sys -- (BTHidEnum)
DRV - [2007/03/05 04:53:18 | 000,044,304 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\VcommMgr.sys -- (VcommMgr)
DRV - [2007/03/05 04:52:18 | 000,034,448 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\VComm.sys -- (VComm)
DRV - [2007/03/05 04:51:24 | 000,034,576 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\blueletaudio.sys -- (BlueletAudio)
DRV - [2006/11/30 13:58:42 | 000,090,800 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\se44unic.sys -- (se44unic) Sony Ericsson Device 068 USB Ethernet Emulation SEMC44 (WDM)
DRV - [2006/11/30 13:58:34 | 000,086,432 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\se44obex.sys -- (se44obex)
DRV - [2006/11/30 13:58:32 | 000,018,704 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\se44nd5.sys -- (se44nd5) Sony Ericsson Device 068 USB Ethernet Emulation SEMC44 (NDIS)
DRV - [2006/11/30 13:58:30 | 000,088,624 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\se44mgmt.sys -- (se44mgmt) Sony Ericsson Device 068 USB WMC Device Management Drivers (WDM)
DRV - [2006/11/30 13:58:26 | 000,097,088 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\se44mdm.sys -- (se44mdm)
DRV - [2006/11/30 13:58:24 | 000,009,360 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\se44mdfl.sys -- (se44mdfl)
DRV - [2006/11/30 13:58:18 | 000,061,536 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\se44bus.sys -- (se44bus) Sony Ericsson Device 068 driver (WDM)
DRV - [2006/02/16 17:51:08 | 000,004,096 | R--- | M] (SuperAdBlocker, Inc.) [Kernel | On_Demand | Stopped] -- C:\Program Files\SUPERAntiSpyware\SASENUM.SYS -- (SASENUM)
DRV - [2005/11/03 15:40:07 | 000,063,488 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfvfs02.sys -- (sfvfs02) StarForce Protection VFS Driver (version 2.x)
DRV - [2005/09/27 08:00:02 | 000,069,920 | ---- | M] (PACE Anti-Piracy, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\TPkd.sys -- (TPkd)
DRV - [2005/09/22 19:19:54 | 000,148,608 | ---- | M] (Hauppauge Computer Works, Inc.) [23|25|26]xxx) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hcwPP2.sys -- (hcwPP2)
DRV - [2005/08/10 13:44:04 | 000,050,688 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfdrv01.sys -- (sfdrv01) StarForce Protection Environment Driver (version 1.x)
DRV - [2005/06/06 22:40:48 | 000,180,736 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA) High Definition Audio Driver (WDM)
DRV - [2005/05/25 23:34:00 | 000,158,464 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\CTUSFSYN.SYS -- (CTUSFSYN)
DRV - [2005/05/16 14:20:39 | 000,006,656 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfhlp02.sys -- (sfhlp02) StarForce Protection Helper Driver (version 2.x)
DRV - [2005/04/21 12:40:36 | 000,010,624 | ---- | M] (Elaborate Bytes AG) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\ElbyCDIO.sys -- (ElbyCDIO)
DRV - [2005/04/12 09:41:20 | 000,004,608 | ---- | M] (Elaborate Bytes AG) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ElbyDelay.sys -- (ElbyDelay)
DRV - [2005/03/25 17:11:00 | 001,350,272 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sigfilt.sys -- (sigfilt)
DRV - [2005/01/11 01:15:00 | 000,138,752 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\CTSFM2K.SYS -- (ctsfm2k)
DRV - [2005/01/11 01:15:00 | 000,106,496 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\CTOSS2K.SYS -- (ossrv)
DRV - [2004/12/06 02:05:00 | 000,100,603 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsnudfa.sys -- (tfsnudfa)
DRV - [2004/12/06 02:05:00 | 000,098,714 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsnudf.sys -- (tfsnudf)
DRV - [2004/12/06 02:05:00 | 000,086,586 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsnifs.sys -- (tfsnifs)
DRV - [2004/12/06 02:05:00 | 000,034,843 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsncofs.sys -- (tfsncofs)
DRV - [2004/12/06 02:05:00 | 000,025,883 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsnboio.sys -- (tfsnboio)
DRV - [2004/12/06 02:05:00 | 000,015,227 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsnopio.sys -- (tfsnopio)
DRV - [2004/12/06 02:05:00 | 000,006,363 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsnpool.sys -- (tfsnpool)
DRV - [2004/12/06 02:05:00 | 000,004,123 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsndrct.sys -- (tfsndrct)
DRV - [2004/12/06 02:05:00 | 000,002,271 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsndres.sys -- (tfsndres)
DRV - [2004/12/01 04:22:00 | 000,087,488 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\drvmcdb.sys -- (drvmcdb)
DRV - [2004/11/23 03:56:00 | 000,040,480 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\drvnddm.sys -- (drvnddm)
DRV - [2004/07/14 12:29:04 | 000,005,627 | ---- | M] (Sonic Solutions) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\sscdbhk5.sys -- (sscdbhk5)
DRV - [2004/07/14 12:28:50 | 000,023,545 | ---- | M] (Sonic Solutions) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\ssrtln.sys -- (ssrtln)
DRV - [2004/06/28 14:08:56 | 000,042,752 | ---- | M] (Prolific Technology Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ser2pl.sys -- (Ser2pl)
DRV - [2002/04/09 16:00:10 | 000,004,480 | ---- | M] (Elaborate Bytes) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ElbyCDFL.sys -- (ElbyCDFL)
DRV - [2001/08/23 18:04:44 | 000,006,656 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\cmdide.sys -- (CmdIde)
DRV - [2001/08/17 23:07:44 | 000,019,072 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\sparrow.sys -- (Sparrow)
DRV - [2001/08/17 23:07:42 | 000,030,688 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\sym_u3.sys -- (sym_u3)
DRV - [2001/08/17 23:07:40 | 000,028,384 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\sym_hi.sys -- (sym_hi)
DRV - [2001/08/17 23:07:36 | 000,032,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\symc8xx.sys -- (symc8xx)
DRV - [2001/08/17 23:07:34 | 000,016,256 | ---- | M] (Symbios Logic Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\symc810.sys -- (symc810)
DRV - [2001/08/17 22:52:22 | 000,036,736 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\ultra.sys -- (ultra)
DRV - [2001/08/17 22:52:20 | 000,045,312 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\ql12160.sys -- (ql12160)
DRV - [2001/08/17 22:52:20 | 000,040,320 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\ql1080.sys -- (ql1080)
DRV - [2001/08/17 22:52:18 | 000,049,024 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\ql1280.sys -- (ql1280)
DRV - [2001/08/17 22:52:16 | 000,179,584 | ---- | M] (Mylex Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\dac2w2k.sys -- (dac2w2k)
DRV - [2001/08/17 22:52:12 | 000,017,280 | ---- | M] (American Megatrends Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\mraid35x.sys -- (mraid35x)
DRV - [2001/08/17 22:52:00 | 000,026,496 | ---- | M] (Advanced System Products, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\asc.sys -- (asc)
DRV - [2001/08/17 22:51:58 | 000,014,848 | ---- | M] (Advanced System Products, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\asc3550.sys -- (asc3550)
DRV - [2001/08/17 22:51:56 | 000,005,248 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\aliide.sys -- (AliIde)
DRV - [1998/03/03 13:55:58 | 000,040,480 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\mgnt.sys -- (MicroGuard)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========



IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell.fr/myway
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,First Home Page = http://www.dell.fr/myway
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.dell.fr/myway
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell.fr/myway
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,First Home Page = http://www.dell.fr/myway
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.dell.fr/myway
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-753652507-4259875560-3305497912-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=867034"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.netvibes.com/#General"
FF - prefs.js..extensions.enabledItems: {723AAF16-AF1F-4404-A5D7-0BFE39766605}:0.3.3
FF - prefs.js..extensions.enabledItems: fr@dictionaries.addons.mozilla.org:3.5
FF - prefs.js..extensions.enabledItems: {D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}:0.9.6.7
FF - prefs.js..extensions.enabledItems: {a7c6cf7f-112c-4500-a7ea-39801a327e5f}:1.0.7
FF - prefs.js..extensions.enabledItems: {1018e4d6-728f-4b20-ad56-37578a4de76b}:4.0.2
FF - prefs.js..extensions.enabledItems: {19503e42-ca3c-4c27-b1e2-9cdb2170ee34}:1.2.1.17
FF - prefs.js..extensions.enabledItems: {0538E3E3-7E9B-4d49-8831-A227C80A7AD3}:0.9.10.2
FF - prefs.js..extensions.enabledItems: {ef62e1ce-d2a4-4cdd-b7ec-92b120366b66}:2.5.2
FF - prefs.js..extensions.enabledItems: {26af1522-982e-c0c4-f54a-7e69fb6432f5}:0.4.1
FF - prefs.js..extensions.enabledItems: {5546F97E-11A5-46b0-9082-32AD74AAA920}:0.5.5.8
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {37E4D8EA-8BDA-4831-8EA1-89053939A250}:3.0.0.1
FF - prefs.js..extensions.enabledItems: timetrack@usablehack.com:1.2.5
FF - prefs.js..extensions.enabledItems: {e0204bd5-9d31-402b-a99d-a6aa8ffebdca}:1.2.4
FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.7.1

FF - HKLM\software\mozilla\Mozilla Firefox 3.6\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/03/04 08:53:12 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/03/10 15:32:26 | 000,000,000 | ---D | M]

[2009/12/19 11:39:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Eric Jeuffrain\Application Data\Mozilla\Extensions
[2010/03/13 11:18:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Eric Jeuffrain\Application Data\Mozilla\Firefox\Profiles\he64hvt1.default\extensions
[2010/02/05 20:39:16 | 000,000,000 | ---D | M] (Forecastfox) -- C:\Documents and Settings\Eric Jeuffrain\Application Data\Mozilla\Firefox\Profiles\he64hvt1.default\extensions\{0538E3E3-7E9B-4d49-8831-A227C80A7AD3}
[2010/02/27 22:59:40 | 000,000,000 | ---D | M] (Flagfox) -- C:\Documents and Settings\Eric Jeuffrain\Application Data\Mozilla\Firefox\Profiles\he64hvt1.default\extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}
[2010/03/12 08:51:02 | 000,000,000 | ---D | M] (FlashGot) -- C:\Documents and Settings\Eric Jeuffrain\Application Data\Mozilla\Firefox\Profiles\he64hvt1.default\extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}
[2009/10/02 19:13:53 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Eric Jeuffrain\Application Data\Mozilla\Firefox\Profiles\he64hvt1.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2009/10/02 19:12:19 | 000,000,000 | ---D | M] (Get jetable mail) -- C:\Documents and Settings\Eric Jeuffrain\Application Data\Mozilla\Firefox\Profiles\he64hvt1.default\extensions\{26af1522-982e-c0c4-f54a-7e69fb6432f5}
[2009/10/02 19:12:19 | 000,000,000 | ---D | M] (SearchBox Companion) -- C:\Documents and Settings\Eric Jeuffrain\Application Data\Mozilla\Firefox\Profiles\he64hvt1.default\extensions\{305cdad7-3fd0-c3df-5947-68e5318f5a1c}
[2009/10/15 10:29:05 | 000,000,000 | ---D | M] (PDF Download) -- C:\Documents and Settings\Eric Jeuffrain\Application Data\Mozilla\Firefox\Profiles\he64hvt1.default\extensions\{37E4D8EA-8BDA-4831-8EA1-89053939A250}
[2010/02/24 22:43:30 | 000,000,000 | ---D | M] (InFormEnter) -- C:\Documents and Settings\Eric Jeuffrain\Application Data\Mozilla\Firefox\Profiles\he64hvt1.default\extensions\{5546F97E-11A5-46b0-9082-32AD74AAA920}
[2010/01/10 18:23:20 | 000,000,000 | ---D | M] (CacheViewer) -- C:\Documents and Settings\Eric Jeuffrain\Application Data\Mozilla\Firefox\Profiles\he64hvt1.default\extensions\{71328583-3CA7-4809-B4BA-570A85818FBB}(2)
[2009/10/02 19:12:20 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Eric Jeuffrain\Application Data\Mozilla\Firefox\Profiles\he64hvt1.default\extensions\{723AAF16-AF1F-4404-A5D7-0BFE39766605}
[2009/10/02 19:12:21 | 000,000,000 | ---D | M] (NoScript) -- C:\Documents and Settings\Eric Jeuffrain\Application Data\Mozilla\Firefox\Profiles\he64hvt1.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}(2)
[2009/10/02 19:12:23 | 000,000,000 | ---D | M] (IE Tab) -- C:\Documents and Settings\Eric Jeuffrain\Application Data\Mozilla\Firefox\Profiles\he64hvt1.default\extensions\{77b819fa-95ad-4f2c-ac7c-486b356188a9}
[2009/11/04 20:07:49 | 000,000,000 | ---D | M] (Tor-Proxy.NET Toolbar) -- C:\Documents and Settings\Eric Jeuffrain\Application Data\Mozilla\Firefox\Profiles\he64hvt1.default\extensions\{9815d32d-08c2-42ca-a8c6-43e501a4512f}
[2009/12/06 20:23:46 | 000,000,000 | ---D | M] (FireFTP) -- C:\Documents and Settings\Eric Jeuffrain\Application Data\Mozilla\Firefox\Profiles\he64hvt1.default\extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f}
[2010/03/12 18:07:07 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Documents and Settings\Eric Jeuffrain\Application Data\Mozilla\Firefox\Profiles\he64hvt1.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2009/10/02 19:12:24 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Documents and Settings\Eric Jeuffrain\Application Data\Mozilla\Firefox\Profiles\he64hvt1.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}(2)
[2010/01/10 18:23:21 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Documents and Settings\Eric Jeuffrain\Application Data\Mozilla\Firefox\Profiles\he64hvt1.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}(2)
[2010/01/29 23:03:25 | 000,000,000 | ---D | M] (Download Statusbar) -- C:\Documents and Settings\Eric Jeuffrain\Application Data\Mozilla\Firefox\Profiles\he64hvt1.default\extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}
[2009/10/02 19:12:25 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Eric Jeuffrain\Application Data\Mozilla\Firefox\Profiles\he64hvt1.default\extensions\{dc572301-7619-498c-a57d-39143191b318}
[2010/01/20 18:02:20 | 000,000,000 | ---D | M] (Torbutton) -- C:\Documents and Settings\Eric Jeuffrain\Application Data\Mozilla\Firefox\Profiles\he64hvt1.default\extensions\{e0204bd5-9d31-402b-a99d-a6aa8ffebdca}
[2010/03/08 13:13:30 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Documents and Settings\Eric Jeuffrain\Application Data\Mozilla\Firefox\Profiles\he64hvt1.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
[2009/12/11 21:57:55 | 000,000,000 | ---D | M] (FoxLingo) -- C:\Documents and Settings\Eric Jeuffrain\Application Data\Mozilla\Firefox\Profiles\he64hvt1.default\extensions\{ef62e1ce-d2a4-4cdd-b7ec-92b120366b66}
[2010/01/10 18:23:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Eric Jeuffrain\Application Data\Mozilla\Firefox\Profiles\he64hvt1.default\extensions\autopager@mozilla(2).org
[2009/10/02 19:12:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Eric Jeuffrain\Application Data\Mozilla\Firefox\Profiles\he64hvt1.default\extensions\dlembed@aeruder.net
[2010/01/10 18:22:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Eric Jeuffrain\Application Data\Mozilla\Firefox\Profiles\he64hvt1.default\extensions\firefox@red-cog(2).com
[2010/02/07 20:16:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Eric Jeuffrain\Application Data\Mozilla\Firefox\Profiles\he64hvt1.default\extensions\fr@dictionaries.addons.mozilla.org
[2009/10/02 19:12:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Eric Jeuffrain\Application Data\Mozilla\Firefox\Profiles\he64hvt1.default\extensions\info@visual-search.net
[2009/10/02 19:12:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Eric Jeuffrain\Application Data\Mozilla\Firefox\Profiles\he64hvt1.default\extensions\timetrack@usablehack.com
[2009/12/19 11:29:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Eric Jeuffrain\Application Data\Mozilla\Firefox\Profiles\qza9jd1f.eric\extensions
[2009/10/02 19:12:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Eric Jeuffrain\Application Data\Mozilla\Firefox\Profiles\qza9jd1f.eric\extensions\staged-xpis
[2009/12/13 20:47:04 | 000,002,172 | ---- | M] () -- C:\Documents and Settings\Eric Jeuffrain\Application Data\Mozilla\Firefox\Profiles\he64hvt1.default\searchplugins\bing.xml
[2010/03/13 11:18:32 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2008/11/11 08:38:54 | 000,663,552 | ---- | M] (BitComet) -- C:\Program Files\Mozilla Firefox\plugins\npBitCometAgent.dll
[2008/12/11 18:08:27 | 000,056,576 | ---- | M] (Foxit Software Company) -- C:\Program Files\Mozilla Firefox\plugins\npFoxitReaderPlugin.dll
[2007/03/10 00:16:44 | 000,189,496 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npyaxmpb.dll
[2010/01/24 21:27:15 | 000,001,516 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazon-france.xml
[2010/01/24 21:27:15 | 000,001,822 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\cnrtl-tlfi-fr.xml
[2010/01/24 21:27:15 | 000,000,757 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-france.xml
[2010/01/24 21:27:15 | 000,001,426 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-fr.xml
[2010/01/24 21:27:15 | 000,000,652 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-france.xml

O1 HOSTS File: ([2009/12/02 22:52:18 | 000,001,272 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 activate.adobe.com
O1 - Hosts: 127.0.0.1 practivate.adobe.com
O1 - Hosts: 127.0.0.1 ereg.adobe.com
O1 - Hosts: 127.0.0.1 activate.wip3.adobe.com
O1 - Hosts: 127.0.0.1 wip3.adobe.com
O1 - Hosts: 127.0.0.1 3dns-3.adobe.com
O1 - Hosts: 127.0.0.1 3dns-2.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns-2.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns-3.adobe.com
O1 - Hosts: 127.0.0.1 ereg.wip3.adobe.com
O1 - Hosts: 127.0.0.1 activate-sea.adobe.com
O1 - Hosts: 127.0.0.1 wwis-dubc1-vip60.adobe.com
O1 - Hosts: 127.0.0.1 activate-sjc0.adobe.com
O2 - BHO: (FGCatchUrl) - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Program Files\FlashGet\jccatch.dll (www.flashget.com)
O2 - BHO: (Ziepod One-Click Helper) - {57A30D1E-08B9-4EF4-B273-AAEA1C234A5B} - C:\WINDOWS\system32\ZiepodOneClicker.dll (Ziepod)
O2 - BHO: (DriveLetterAccess) - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll (Sonic Solutions)
O2 - BHO: (Windows Live Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Windows Live Toolbar Helper) - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll (Microsoft Corporation)
O2 - BHO: (FlashGet GetFlash Class) - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Program Files\FlashGet\getflash.dll (www.flashget.com)
O3 - HKLM\..\Toolbar: (Windows Live Toolbar) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll (Microsoft Corporation)
O3 - HKU\S-1-5-21-753652507-4259875560-3305497912-1005\..\Toolbar\WebBrowser: (no name) - {3041D03E-FD4B-44E0-B742-2D9B88305F98} - No CLSID value found.
O3 - HKU\S-1-5-21-753652507-4259875560-3305497912-1005\..\Toolbar\WebBrowser: (no name) - {31CF9EBE-5755-4A1D-AC25-2834D952D9B4} - No CLSID value found.
O3 - HKU\S-1-5-21-753652507-4259875560-3305497912-1005\..\Toolbar\WebBrowser: (no name) - {8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} - No CLSID value found.
O3 - HKU\S-1-5-21-753652507-4259875560-3305497912-1005\..\Toolbar\WebBrowser: (Windows Live Toolbar) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll (Microsoft Corporation)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [CTSysVol] C:\Program Files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-753652507-4259875560-3305497912-1005..\Run: [EPSON SX410 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIFCE.EXE (SEIKO EPSON CORPORATION)
O4 - HKU\S-1-5-21-753652507-4259875560-3305497912-1005..\Run: [H/PC Connection Agent] C:\Program Files\Microsoft ActiveSync\wcescomm.exe (Microsoft Corporation)
O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\RunServices: [Microsoft Updates] File not found
O4 - Startup: C:\Documents and Settings\Eric Jeuffrain\Menu Démarrer\Programmes\Démarrage\CircleDock.lnk = C:\Program Files\CircleDock0.9.2Alpha8.2\CircleDock0.9.2Alpha8.2\CircleDock.exe (Eric Wong)
O4 - Startup: C:\Documents and Settings\Eric Jeuffrain\Menu Démarrer\Programmes\Démarrage\ERUNT AutoBackup.lnk = C:\Program Files\ERUNT\AUTOBACK.EXE ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallVisualStyle = C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles (Microsoft)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallTheme = C:\WINDOWS\Resources\Themes\Royale.theme ()
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-753652507-4259875560-3305497912-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: &Télécharger avec FlashGet - C:\Program Files\FlashGet\JC_LINK.HTM ()
O8 - Extra context menu item: &Tout télécharger avec FlashGet - C:\Program Files\FlashGet\JC_ALL.HTM ()
O8 - Extra context menu item: E&xporter vers Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INetRepl.dll (Microsoft Corporation)
O9 - Extra Button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\flashget.exe (FlashGet.com)
O9 - Extra 'Tools' menuitem : FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\flashget.exe (FlashGet.com)
O16 - DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} http://support.euro.dell.com/systemprofiler/SysPro.CAB (SysProWmi Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.microsoft.com/microso ... 7372360796 (MUWebControl Class)
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} http://www.ma-config.com/activex/MaConfig_3_5_1_0.cab (HardwareDetection Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA} http://java.sun.com/products/plugin/aut ... s-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shoc ... wflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\MSN Messenger\msgrapp.8.1.0178.00.dll (Microsoft Corporation)
O18 - Protocol\Handler\mctp {d7b95390-b1c5-11d0-b111-0080c712fe82} - Reg Error: Key error. File not found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Fichiers communs\Microsoft Shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\MSN Messenger\msgrapp.8.1.0178.00.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files\Fichiers communs\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Fichiers communs\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skyline {3a4f9195-65a8-11d5-85c1-0001023952c1} - C:\Program Files\Skyline\TerraExplorer\TerraExplorerX.dll (Skyline software systems Inc.)
O18 - Protocol\Filter\application/x-internet-signup {A173B69A-1F9B-4823-9FDA-412F641E65D6} - Reg Error: Key error. File not found
O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O24 - Desktop Components:0 (Ma page d'accueil) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Eric Jeuffrain\Application Data\XnView\xnviewshell_wallpaper.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Eric Jeuffrain\Application Data\XnView\xnviewshell_wallpaper.bmp
O28 - HKLM ShellExecuteHooks: {091EB208-39DD-417D-A5DD-7E2C2D8FB9CB} - C:\Program Files\Windows Defender\MpShHook.dll (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2005/09/01 07:17:58 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2006/04/06 11:41:12 | 000,000,064 | R--- | M] () - F:\autorun.inf -- [ CDFS ]
O33 - MountPoints2\{e5cf847c-5bc9-11dc-869f-0011675b9253}\Shell - "" = AutoRun
O33 - MountPoints2\{e5cf847c-5bc9-11dc-869f-0011675b9253}\Shell\AutoRun\command - "" = L:\cle_usb2.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (lsdelete) - C:\WINDOWS\System32\lsdelete.exe ()
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: Ias - C:\WINDOWS\system32\ias [2005/09/01 06:57:38 | 000,000,000 | ---D | M]
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

========== Files/Folders - Created Within 30 Days ==========

[2010/03/13 11:39:00 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2010/03/13 11:37:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Eric Jeuffrain\Bureau\erunt-loc_fr
[2010/03/13 11:36:10 | 000,000,000 | ---D | C] -- C:\Program Files\ERUNT
[2010/03/13 11:34:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Eric Jeuffrain\Application Data\Malwarebytes
[2010/03/13 11:34:33 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/03/13 11:34:31 | 000,019,160 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010/03/13 11:34:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2010/03/13 11:34:30 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/03/13 11:31:09 | 000,555,520 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Eric Jeuffrain\Bureau\OTL.exe
[2010/03/12 19:14:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Eric Jeuffrain\Bureau\SASPlanet
[2010/03/12 18:08:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Eric Jeuffrain\dwhelper
[2010/03/12 08:44:35 | 000,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Application Data\Microsoft
[2010/03/12 08:28:47 | 003,558,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\moviemk.exe
[2010/03/12 08:27:14 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\browserchoice.exe
[2010/03/10 14:07:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft
[2010/03/10 13:21:45 | 000,181,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MpSigStub.exe
[2010/03/10 13:19:46 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Defender
[2010/03/10 13:12:06 | 000,000,000 | ---D | C] -- C:\Program Files\a-squared Free
[2010/03/10 13:12:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Eric Jeuffrain\Mes documents\a-squared Free
[2010/03/10 13:03:15 | 000,064,288 | ---- | C] (Lavasoft AB) -- C:\WINDOWS\System32\drivers\Lbd.sys
[2010/03/10 13:03:03 | 000,095,024 | ---- | C] (Sunbelt Software) -- C:\WINDOWS\System32\drivers\SBREDrv.sys
[2010/03/10 12:59:40 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Application Data\{52AC600B-5800-407E-99FF-83CD0669760B}
[2010/03/10 12:59:26 | 000,000,000 | ---D | C] -- C:\Program Files\Lavasoft
[2010/03/10 12:32:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Eric Jeuffrain\Application Data\Lavasoft
[2010/03/10 11:53:33 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2010/03/09 11:01:11 | 000,000,000 | ---D | C] -- C:\Program Files\MP3Gain
[2010/03/08 12:12:19 | 000,000,000 | --SD | C] -- C:\Documents and Settings\Eric Jeuffrain\Mes documents\Mes sources de données
[2010/03/03 15:19:37 | 000,000,000 | ---D | C] -- C:\Program Files\Wswin
[2010/02/28 21:58:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Eric Jeuffrain\Bureau\Carnaval
[2010/02/26 21:55:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Eric Jeuffrain\Mes documents\Téléchargements
[2010/02/26 19:48:38 | 000,000,000 | ---D | C] -- C:\Program Files\FTP-Watchdog
[2010/02/23 22:50:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Eric Jeuffrain\Bureau\DCIM
[2009/11/03 08:42:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Temp
[2009/10/19 10:26:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Help
[2009/02/12 07:53:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Google
[2009/02/11 18:08:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Google
[2008/01/22 19:34:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft
[2007/09/16 19:23:28 | 000,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Application Data\Microsoft
[2007/08/16 11:47:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\McAfee.com Personal Firewall
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010/03/13 11:52:01 | 000,001,054 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010/03/13 11:49:42 | 012,845,056 | ---- | M] () -- C:\Documents and Settings\Eric Jeuffrain\ntuser.dat
[2010/03/13 11:36:33 | 000,000,767 | ---- | M] () -- C:\Documents and Settings\Eric Jeuffrain\Menu Démarrer\Programmes\Démarrage\ERUNT AutoBackup.lnk
[2010/03/13 11:36:10 | 000,000,611 | ---- | M] () -- C:\Documents and Settings\Eric Jeuffrain\Bureau\NTREGOPT.lnk
[2010/03/13 11:36:10 | 000,000,592 | ---- | M] () -- C:\Documents and Settings\Eric Jeuffrain\Bureau\ERUNT.lnk
[2010/03/13 11:34:36 | 000,000,696 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Malwarebytes' Anti-Malware.lnk
[2010/03/13 11:32:41 | 000,005,024 | ---- | M] () -- C:\Documents and Settings\Eric Jeuffrain\Bureau\erunt-loc_fr.zip
[2010/03/13 11:31:12 | 000,555,520 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Eric Jeuffrain\Bureau\OTL.exe
[2010/03/13 11:28:03 | 000,000,256 | ---- | M] () -- C:\WINDOWS\tasks\Vérifier les mises à jour de Windows Live Toolbar.job
[2010/03/13 11:11:58 | 000,187,988 | ---- | M] () -- C:\Documents and Settings\Eric Jeuffrain\Bureau\00-PAD-nickW.pdf
[2010/03/13 10:59:28 | 000,000,330 | -H-- | M] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2010/03/13 10:56:28 | 000,195,150 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2010/03/13 10:56:23 | 000,001,050 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010/03/13 10:56:22 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/03/13 10:56:18 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/03/13 10:56:16 | 2145,538,048 | -HS- | M] () -- C:\hiberfil.sys
[2010/03/12 19:28:00 | 000,000,408 | ---- | M] () -- C:\WINDOWS\tasks\FRU Task #Hewlett-Packard#hp psc 2100 series#1187544455.job
[2010/03/12 18:00:00 | 000,000,426 | ---- | M] () -- C:\WINDOWS\tasks\Norton Security Scan for Eric Jeuffrain.job
[2010/03/12 17:13:55 | 001,138,422 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010/03/12 17:13:55 | 000,518,410 | ---- | M] () -- C:\WINDOWS\System32\perfh00C.dat
[2010/03/12 17:13:55 | 000,449,228 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/03/12 17:13:55 | 000,087,946 | ---- | M] () -- C:\WINDOWS\System32\perfc00C.dat
[2010/03/12 17:13:55 | 000,074,182 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010/03/12 12:59:00 | 000,000,284 | -HS- | M] () -- C:\Documents and Settings\Eric Jeuffrain\ntuser.ini
[2010/03/12 09:23:39 | 000,000,935 | ---- | M] () -- C:\WINDOWS\win.ini
[2010/03/12 09:20:20 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2010/03/12 09:20:15 | 000,195,072 | ---- | M] () -- C:\Documents and Settings\Eric Jeuffrain\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/03/10 16:23:54 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\Eric Jeuffrain\Application Data\Dossier de téléchargement Share-to-Web
[2010/03/10 13:19:07 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/03/10 13:04:42 | 000,000,478 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2010/03/10 13:03:03 | 000,095,024 | ---- | M] (Sunbelt Software) -- C:\WINDOWS\System32\drivers\SBREDrv.sys
[2010/03/09 20:35:45 | 079,906,816 | ---- | M] () -- C:\Documents and Settings\Eric Jeuffrain\Mes documents\Catalogue en cours.ccd
[2010/03/08 15:33:47 | 000,075,713 | ---- | M] () -- C:\Documents and Settings\Eric Jeuffrain\Bureau\Cgn022_DXO (Large).jpg
[2010/03/05 22:13:32 | 000,998,747 | ---- | M] () -- C:\Documents and Settings\Eric Jeuffrain\Bureau\eric.jpg
[2010/03/05 17:21:20 | 000,102,757 | ---- | M] () -- C:\Documents and Settings\Eric Jeuffrain\Bureau\devenir_marechal.pdf
[2010/02/24 09:16:06 | 000,181,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\MpSigStub.exe
[2010/02/23 23:44:25 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010/02/18 18:37:49 | 000,046,568 | ---- | M] () -- C:\Documents and Settings\Eric Jeuffrain\Mes documents\vlcsnap-174778.jpg
[2010/02/12 11:03:03 | 000,293,376 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\browserchoice.exe
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/03/13 11:36:33 | 000,000,767 | ---- | C] () -- C:\Documents and Settings\Eric Jeuffrain\Menu Démarrer\Programmes\Démarrage\ERUNT AutoBackup.lnk
[2010/03/13 11:36:10 | 000,000,611 | ---- | C] () -- C:\Documents and Settings\Eric Jeuffrain\Bureau\NTREGOPT.lnk
[2010/03/13 11:36:10 | 000,000,592 | ---- | C] () -- C:\Documents and Settings\Eric Jeuffrain\Bureau\ERUNT.lnk
[2010/03/13 11:34:36 | 000,000,696 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Malwarebytes' Anti-Malware.lnk
[2010/03/13 11:32:41 | 000,005,024 | ---- | C] () -- C:\Documents and Settings\Eric Jeuffrain\Bureau\erunt-loc_fr.zip
[2010/03/13 11:11:57 | 000,187,988 | ---- | C] () -- C:\Documents and Settings\Eric Jeuffrain\Bureau\00-PAD-nickW.pdf
[2010/03/12 12:59:41 | 2145,538,048 | -HS- | C] () -- C:\hiberfil.sys
[2010/03/10 16:23:54 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Eric Jeuffrain\Application Data\Dossier de téléchargement Share-to-Web
[2010/03/10 15:32:35 | 000,015,880 | ---- | C] () -- C:\WINDOWS\System32\lsdelete.exe
[2010/03/10 13:22:50 | 000,000,330 | -H-- | C] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2010/03/10 13:03:45 | 000,000,478 | ---- | C] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2010/03/08 15:33:47 | 000,075,713 | ---- | C] () -- C:\Documents and Settings\Eric Jeuffrain\Bureau\Cgn022_DXO (Large).jpg
[2010/03/05 22:13:31 | 000,998,747 | ---- | C] () -- C:\Documents and Settings\Eric Jeuffrain\Bureau\eric.jpg
[2010/03/05 17:21:18 | 000,102,757 | ---- | C] () -- C:\Documents and Settings\Eric Jeuffrain\Bureau\devenir_marechal.pdf
[2010/02/18 18:37:48 | 000,046,568 | ---- | C] () -- C:\Documents and Settings\Eric Jeuffrain\Mes documents\vlcsnap-174778.jpg
[2010/02/04 19:30:48 | 000,021,760 | ---- | C] () -- C:\WINDOWS\System32\MG16.DLL
[2010/02/04 19:30:46 | 000,040,480 | ---- | C] () -- C:\WINDOWS\System32\drivers\mgnt.sys
[2010/01/12 22:28:51 | 000,286,208 | ---- | C] () -- C:\WINDOWS\System32\binkw32.dll
[2009/09/21 18:07:35 | 000,000,056 | RHS- | C] () -- C:\WINDOWS\System32\ADC2C7756C.sys
[2009/08/01 22:27:21 | 000,000,594 | ---- | C] () -- C:\Documents and Settings\Eric Jeuffrain\Application Data\AutoGK.ini
[2009/07/08 14:36:09 | 000,000,155 | ---- | C] () -- C:\WINDOWS\WinDrvGhost.ini
[2009/06/21 20:01:14 | 000,000,520 | ---- | C] () -- C:\WINDOWS\netdet.ini
[2009/05/16 15:34:25 | 000,000,137 | ---- | C] () -- C:\WINDOWS\MyDrivers.ini
[2009/05/16 11:49:43 | 000,000,024 | ---- | C] () -- C:\WINDOWS\system.sys
[2009/03/23 19:49:42 | 000,000,135 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\ShLog.txt
[2009/03/23 19:38:38 | 000,003,522 | ---- | C] () -- C:\Documents and Settings\Eric Jeuffrain\Local Settings\Application Data\ShLog.txt
[2009/03/01 19:55:41 | 000,484,352 | ---- | C] () -- C:\WINDOWS\System32\lame_enc.dll
[2009/02/17 18:22:53 | 000,017,920 | ---- | C] () -- C:\WINDOWS\System32\wnaspi32.dll
[2009/01/17 10:40:23 | 000,000,385 | ---- | C] () -- C:\WINDOWS\exifmanager.ini
[2008/12/22 19:56:52 | 000,876,544 | ---- | C] () -- C:\WINDOWS\System32\TEACico2.dll
[2008/12/20 14:28:04 | 000,002,528 | ---- | C] () -- C:\Documents and Settings\Eric Jeuffrain\Application Data\$_hpcst$.hpc
[2008/11/27 18:28:36 | 000,021,840 | ---- | C] () -- C:\WINDOWS\System32\SIntfNT.dll
[2008/11/27 18:28:36 | 000,017,212 | ---- | C] () -- C:\WINDOWS\System32\SIntf32.dll
[2008/11/27 18:28:36 | 000,012,067 | ---- | C] () -- C:\WINDOWS\System32\SIntf16.dll
[2008/09/07 18:22:35 | 000,056,320 | ---- | C] () -- C:\WINDOWS\System32\iyvu9_32.dll
[2008/08/22 22:51:41 | 000,000,443 | ---- | C] () -- C:\WINDOWS\dellstat.ini
[2008/06/26 05:24:00 | 001,724,416 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2008/06/26 05:24:00 | 001,503,232 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2008/06/26 05:24:00 | 001,101,824 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2008/06/26 05:24:00 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2008/06/26 05:24:00 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2008/03/25 21:10:28 | 000,000,056 | RHS- | C] () -- C:\WINDOWS\System32\812266F955.sys
[2008/03/25 21:10:15 | 000,007,308 | -HS- | C] () -- C:\WINDOWS\System32\KGyGaAvL.sys
[2008/03/16 18:22:48 | 000,004,093 | ---- | C] () -- C:\WINDOWS\NSAID.INI
[2008/03/15 17:19:47 | 000,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.INI
[2008/02/16 15:52:27 | 000,000,036 | ---- | C] () -- C:\WINDOWS\TLCAPPS.INI
[2008/01/26 22:55:09 | 000,000,122 | ---- | C] () -- C:\WINDOWS\Winchat.ini
[2008/01/23 20:49:11 | 000,044,544 | ---- | C] () -- C:\WINDOWS\System32\GIF89.DLL
[2008/01/09 10:36:49 | 000,408,576 | ---- | C] () -- C:\WINDOWS\System32\Smab.dll
[2008/01/09 10:36:49 | 000,027,648 | ---- | C] () -- C:\WINDOWS\System32\AVSredirect.dll
[2008/01/06 14:10:45 | 000,000,000 | ---- | C] () -- C:\WINDOWS\SETUP32.INI
[2007/12/06 21:33:18 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2007/12/06 21:33:18 | 000,282,624 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2007/12/06 21:33:17 | 000,007,680 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2007/12/06 21:33:17 | 000,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest
[2007/11/08 21:10:20 | 001,880,064 | -HS- | C] () -- C:\Program Files\ehthumbs.db
[2007/10/13 15:55:06 | 000,000,305 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\addr_file.html
[2007/09/28 17:34:34 | 000,000,008 | ---- | C] () -- C:\WINDOWS\System32\PROTOCOL.INI
[2007/09/18 20:18:48 | 000,000,075 | ---- | C] () -- C:\WINDOWS\winDecrypt.INI
[2007/09/18 20:18:15 | 000,000,036 | ---- | C] () -- C:\WINDOWS\verypdf.ini
[2007/09/18 19:58:00 | 000,000,167 | ---- | C] () -- C:\WINDOWS\ConverterCore.INI
[2007/09/16 19:29:35 | 001,559,040 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2007/08/22 10:41:03 | 000,098,304 | ---- | C] () -- C:\WINDOWS\System32\OgcDrvGarmin.dll
[2007/08/22 10:41:03 | 000,073,728 | ---- | C] () -- C:\WINDOWS\System32\OgcDrvMagellan.dll
[2007/08/22 10:41:03 | 000,061,440 | ---- | C] () -- C:\WINDOWS\System32\OgcDrvSena.dll
[2007/08/22 10:41:03 | 000,061,440 | ---- | C] () -- C:\WINDOWS\System32\OgcDrvMlr.dll
[2007/08/22 10:41:03 | 000,061,440 | ---- | C] () -- C:\WINDOWS\System32\OgcDrvLowrance.dll
[2007/08/22 10:41:03 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\OgcDrvSilva.dll
[2007/08/22 10:41:03 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\OgcDrvPyx.dll
[2007/08/22 10:41:03 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\OgcDrvAvmap.dll
[2007/08/22 10:41:03 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\OgcDrvSuu.dll
[2007/08/22 10:40:14 | 000,688,128 | ---- | C] () -- C:\WINDOWS\System32\BCGCB474.dll
[2007/08/22 10:40:14 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\CP30FW.DLL
[2007/08/22 10:40:14 | 000,143,360 | ---- | C] () -- C:\WINDOWS\System32\ConversApi.dll
[2007/08/22 10:40:14 | 000,139,264 | ---- | C] () -- C:\WINDOWS\System32\Polyclip.dll
[2007/08/22 10:40:14 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\BCGCBResFRA.dll
[2007/08/22 10:40:14 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\Ogc.dll
[2007/08/22 10:40:14 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\Nmea.dll
[2007/08/22 10:40:14 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\RCalcul.dll
[2007/08/20 20:31:20 | 000,000,000 | ---- | C] () -- C:\WINDOWS\planning.INI
[2007/08/20 20:31:02 | 000,003,517 | ---- | C] () -- C:\WINDOWS\HyperPage.INI
[2007/08/19 18:19:40 | 000,000,002 | ---- | C] () -- C:\WINDOWS\msoffice.ini
[2007/08/18 09:07:23 | 000,002,552 | ---- | C] () -- C:\WINDOWS\WAVEMIX.INI
[2007/08/18 09:07:22 | 000,000,190 | ---- | C] () -- C:\WINDOWS\QTW.INI
[2007/08/16 19:21:57 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2007/08/16 17:05:30 | 000,000,158 | ---- | C] () -- C:\WINDOWS\pagesuit.ini
[2007/08/16 17:05:29 | 000,023,040 | ---- | C] () -- C:\WINDOWS\System32\irisco32.dll
[2007/08/16 15:22:43 | 000,000,385 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2007/08/16 13:01:00 | 000,195,072 | ---- | C] () -- C:\Documents and Settings\Eric Jeuffrain\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007/08/16 12:59:21 | 000,014,848 | ---- | C] () -- C:\WINDOWS\System32\BASSMOD.dll
[2007/08/16 12:50:03 | 000,639,224 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2007/08/16 11:26:52 | 000,000,137 | ---- | C] () -- C:\Documents and Settings\Eric Jeuffrain\Local Settings\Application Data\fusioncache.dat
[2006/01/04 18:35:36 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2006/01/04 18:32:23 | 000,000,138 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2006/01/04 18:26:05 | 000,005,811 | R--- | C] () -- C:\WINDOWS\System32\CTSBMB.INI
[2006/01/04 18:02:56 | 000,004,969 | ---- | C] () -- C:\WINDOWS\System32\Sigfilt.ini
[2006/01/04 18:02:56 | 000,000,029 | ---- | C] () -- C:\WINDOWS\System32\ctzapxx.ini
[2006/01/04 18:02:40 | 001,345,520 | ---- | C] () -- C:\WINDOWS\System32\CTMBHA.DLL
[2006/01/04 18:02:36 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\dlbcvs.dll
[2006/01/04 18:02:36 | 000,000,200 | ---- | C] () -- C:\WINDOWS\System32\dlbcplc.ini
[2006/01/04 18:02:34 | 000,000,373 | ---- | C] () -- C:\WINDOWS\System32\dlbccoin.ini
[2006/01/04 18:02:28 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\hcwXDS.dll
[2006/01/04 18:02:06 | 000,000,537 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2005/09/01 07:12:11 | 000,003,712 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2005/08/05 16:38:54 | 000,235,008 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2005/04/09 18:04:54 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2003/11/18 00:37:20 | 000,072,192 | ---- | C] () -- C:\WINDOWS\System32\zlib.dll
[2003/04/01 09:58:02 | 000,005,260 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2002/10/15 23:54:04 | 000,153,088 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2002/05/29 14:50:02 | 000,552,960 | ---- | C] () -- C:\WINDOWS\System32\hpotscl.dll
[2002/03/06 22:19:16 | 000,454,656 | ---- | C] () -- C:\WINDOWS\System32\PaintX.dll
[2001/05/23 14:30:18 | 000,007,165 | ---- | C] () -- C:\WINDOWS\CDex.INI
[2001/01/12 10:52:26 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\vbpng.dll
[2000/10/25 17:15:00 | 000,017,920 | ---- | C] () -- C:\WINDOWS\System32\Implode.dll

========== LOP Check ==========

[2009/05/29 19:36:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrateur\Application Data\Notepad++
[2009/12/19 11:28:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alex\Application Data\ACD Systems
[2007/08/17 12:34:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alex\Application Data\Notepad++
[2009/12/19 11:28:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Acronis
[2009/07/05 10:06:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ashampoo
[2009/03/17 19:18:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Azureus
Gacko
 
Messages: 11
Inscription: 12 Mar 2010, 22:15
Haut

Messagede Gacko » 13 Mar 2010, 12:21

La suite de OTL.txt car il semble que le rapport soit tronqué car trop long.

[2010/01/25 21:34:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Bitmeter2
[2009/04/25 16:59:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Bluetooth
[2009/12/24 14:11:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\EPSON
[2009/01/26 09:15:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\GARMIN
[2010/02/02 16:32:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Installations
[2009/05/30 19:23:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ma-config.com
[2010/01/25 19:56:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\National Instruments
[2010/01/30 17:14:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NCH Swift Sound
[2009/06/09 21:17:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Nokia
[2010/01/13 13:56:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\OviInstallerCache
[2010/02/19 14:41:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PACE Anti-Piracy
[2010/01/13 14:10:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Suite
[2009/05/29 17:36:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Skyline
[2007/09/18 19:43:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SolidDocuments
[2007/09/01 19:52:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Tarma Installer
[2007/08/31 14:15:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TechSmith
[2010/03/05 18:36:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TrackMania
[2006/01/04 18:30:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
[2010/03/10 12:59:40 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{52AC600B-5800-407E-99FF-83CD0669760B}
[2009/05/29 18:19:02 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{81D4BDA8-1F33-4633-B176-8A7E942ABDE1}
[2010/02/14 19:43:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Eric Jeuffrain\Application Data\Azureus
[2010/01/25 21:28:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Eric Jeuffrain\Application Data\Bitmeter2
[2007/08/20 20:31:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Eric Jeuffrain\Application Data\cByo
[2009/02/07 16:58:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Eric Jeuffrain\Application Data\convertisseur
[2009/09/11 08:35:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Eric Jeuffrain\Application Data\Dealio
[2010/03/10 16:23:54 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\Eric Jeuffrain\Application Data\Dossier de téléchargement Share-to-Web
[2009/12/19 12:08:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Eric Jeuffrain\Application Data\EPSON
[2010/03/08 22:16:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Eric Jeuffrain\Application Data\FileZilla
[2009/12/19 11:29:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Eric Jeuffrain\Application Data\GARMIN
[2008/01/26 23:05:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Eric Jeuffrain\Application Data\GlarySoft
[2009/12/19 11:29:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Eric Jeuffrain\Application Data\GrabIt
[2009/10/27 18:43:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Eric Jeuffrain\Application Data\Groobax
[2009/06/04 21:44:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Eric Jeuffrain\Application Data\gtk-2.0
[2009/09/24 21:08:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Eric Jeuffrain\Application Data\Hrsim
[2009/12/19 11:29:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Eric Jeuffrain\Application Data\Inkscape
[2008/09/05 07:21:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Eric Jeuffrain\Application Data\iPodder
[2010/01/10 19:26:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Eric Jeuffrain\Application Data\KompoZer
[2010/01/08 16:56:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Eric Jeuffrain\Application Data\kompozer.net
[2008/08/25 21:42:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Eric Jeuffrain\Application Data\Leadertech
[2009/07/10 20:52:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Eric Jeuffrain\Application Data\MapInfo
[2009/05/22 09:36:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Eric Jeuffrain\Application Data\Mindscape
[2008/03/15 22:57:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Eric Jeuffrain\Application Data\Mp3tag
[2007/08/16 19:53:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Eric Jeuffrain\Application Data\MSNInstaller
[2010/01/30 17:14:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Eric Jeuffrain\Application Data\NCH Swift Sound
[2009/05/01 16:22:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Eric Jeuffrain\Application Data\Netscape
[2008/07/26 18:26:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Eric Jeuffrain\Application Data\Nitro PDF
[2010/01/13 18:48:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Eric Jeuffrain\Application Data\Nokia
[2010/01/13 18:48:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Eric Jeuffrain\Application Data\Nokia Ovi Suite
[2010/02/10 19:56:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Eric Jeuffrain\Application Data\Notepad++
[2009/05/08 11:00:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Eric Jeuffrain\Application Data\PACE Anti-Piracy
[2009/09/25 13:28:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Eric Jeuffrain\Application Data\PC Suite
[2009/03/23 19:38:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Eric Jeuffrain\Application Data\Regrun
[2009/05/21 19:26:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Eric Jeuffrain\Application Data\Skyline
[2008/07/22 21:05:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Eric Jeuffrain\Application Data\SolidDocuments
[2008/09/05 18:08:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Eric Jeuffrain\Application Data\Summer Athletics 2008
[2007/10/05 20:37:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Eric Jeuffrain\Application Data\Teleca
[2008/09/15 21:56:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Eric Jeuffrain\Application Data\Template
[2009/02/28 23:27:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Eric Jeuffrain\Application Data\TotalRecorder
[2010/03/12 16:55:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Eric Jeuffrain\Application Data\XnView
[2007/12/30 19:51:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Invité\Application Data\Notepad++
[2008/07/09 10:32:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Invité\Application Data\SolidDocuments
[2010/03/10 13:04:42 | 000,000,478 | ---- | M] () -- C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job
[2007/11/18 18:06:13 | 000,000,360 | ---- | M] () -- C:\WINDOWS\Tasks\FRU Task #Hewlett-Packard#hp psc 2100 series#1187280336.job
[2010/03/12 19:28:00 | 000,000,408 | ---- | M] () -- C:\WINDOWS\Tasks\FRU Task #Hewlett-Packard#hp psc 2100 series#1187544455.job
[2010/03/13 10:59:28 | 000,000,330 | -H-- | M] () -- C:\WINDOWS\Tasks\MP Scheduled Scan.job
[2007/08/17 22:45:00 | 000,000,258 | ---- | M] () -- C:\WINDOWS\Tasks\Rappel d'abonnement 1 auprès de l'ISP.job
[2010/03/13 11:28:03 | 000,000,256 | ---- | M] () -- C:\WINDOWS\Tasks\Vérifier les mises à jour de Windows Live Toolbar.job

========== Purity Check ==========



========== Custom Scans ==========


<SYSTEMDRIVE>


<MD5>
[2004/08/10 13:00:00 | 017,013,719 | ---- | M] () .cab file -- C:\i386\sp2.cab:AGP440.sys
[2004/08/10 13:00:00 | 017,013,719 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2008/09/05 07:35:25 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
[2008/09/05 07:35:25 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys
[2008/04/13 19:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008/04/13 19:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys
[2004/08/04 00:07:42 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\i386\AGP440.SYS
[2004/08/04 00:07:42 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\WINDOWS\$NtServicePackUninstall$\agp440.sys

<MD5>
[2004/08/10 13:00:00 | 017,013,719 | ---- | M] () .cab file -- C:\i386\sp2.cab:atapi.sys
[2004/08/10 13:00:00 | 017,013,719 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2008/09/05 07:35:25 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008/09/05 07:35:25 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008/04/13 19:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008/04/13 19:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004/08/03 23:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\i386\atapi.sys
[2004/08/03 23:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys
[2004/08/03 23:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0004\DriverFiles\i386\atapi.sys
[2004/08/03 23:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0011\DriverFiles\i386\atapi.sys

<MD5>
[2004/08/10 13:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=21E83876A6287F15538EF187D286FE11 -- C:\i386\eventlog.dll
[2004/08/10 13:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=21E83876A6287F15538EF187D286FE11 -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll
[2008/04/14 03:33:24 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=4EC800BDF80521B0207BD2301DFC7D14 -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008/04/14 03:33:24 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=4EC800BDF80521B0207BD2301DFC7D14 -- C:\WINDOWS\system32\eventlog.dll

<MD5>
[2008/04/14 03:33:34 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=04821179C3171554C1BD1F9888A113E2 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2008/04/14 03:33:34 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=04821179C3171554C1BD1F9888A113E2 -- C:\WINDOWS\system32\netlogon.dll
[2004/08/10 13:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=FAF07FDCDE76000621A28D19F8E2E8EB -- C:\i386\netlogon.dll
[2004/08/10 13:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=FAF07FDCDE76000621A28D19F8E2E8EB -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll

<MD5>
[2008/04/14 03:33:40 | 000,187,392 | ---- | M] (Microsoft Corporation) MD5=973B36634C544948C663E8269AA1B3A3 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008/04/14 03:33:40 | 000,187,392 | ---- | M] (Microsoft Corporation) MD5=973B36634C544948C663E8269AA1B3A3 -- C:\WINDOWS\system32\scecli.dll
[2004/08/10 13:00:00 | 000,186,368 | ---- | M] (Microsoft Corporation) MD5=DEC0397F35D027874804EC72979D03CC -- C:\i386\scecli.dll
[2004/08/10 13:00:00 | 000,186,368 | ---- | M] (Microsoft Corporation) MD5=DEC0397F35D027874804EC72979D03CC -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll

<systemroot>

<systemroot>
[2008/04/14 03:33:21 | 001,267,200 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\comsvcs.dll

<systemroot>

========== Alternate Data Streams ==========

@Alternate Data Stream - 980 bytes -> C:\Documents and Settings\All Users\Application Data\Microsoft:DmwEcajX2asJMkeWoP
@Alternate Data Stream - 977 bytes -> C:\Documents and Settings\Eric Jeuffrain\Cookies:QPRUQy2NYiBYXOAN44Ci67Yss3tn0u
@Alternate Data Stream - 841 bytes -> C:\Documents and Settings\All Users\Application Data\Microsoft:8iRqUyj2fF74g6Cmh9FPpPK
<End>
Gacko
 
Messages: 11
Inscription: 12 Mar 2010, 22:15
Haut

Messagede Gacko » 13 Mar 2010, 12:23

Et pour finir Extras.txt

OTL Extras logfile created on: 13/03/2010 11:55:49 - Run 1
OTL by OldTimer - Version 3.1.37.0 Folder = C:\Documents and Settings\Eric Jeuffrain\Bureau
Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 66,00% Memory free
4,00 Gb Paging File | 3,00 Gb Available in Paging File | 85,00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 144,30 Gb Total Space | 86,49 Gb Free Space | 59,94% Space Free | Partition Type: NTFS
Drive D: | 149,01 Gb Total Space | 101,61 Gb Free Space | 68,19% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
Drive F: | 569,28 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: D9PJ012J
Current User Name: Eric Jeuffrain
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html [@ = Reg Error: Value error.] -- Reg Error: Key error. File not found

[HKEY_USERS\S-1-5-21-753652507-4259875560-3305497912-1005\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
http [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
https [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\adslTV\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Mp3tag] -- "C:\Program Files\Mp3tag\Mp3tag.exe" "/fp:%1" (Florian Heidenreich)
Directory [PlayWithVLC] -- "C:\Program Files\adslTV\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
"26675:TCP" = 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"26675:TCP" = 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service
"15733:TCP" = 15733:TCP:*:Enabled:BitComet 15733 TCP
"15733:UDP" = 15733:UDP:*:Enabled:BitComet 15733 UDP
"60733:TCP" = 60733:TCP:*:Enabled:BitComet 60733 TCP
"60733:UDP" = 60733:UDP:*:Enabled:BitComet 60733 UDP
"48113:TCP" = 48113:TCP:LocalSubNet:Enabled:maconfig_tcp
"48113:UDP" = 48113:UDP:LocalSubNet:Enabled:maconfig_udp
"5353:TCP" = 5353:TCP:*:Enabled:Adobe CSI CS4
"1032:TCP" = 1032:TCP:*:Enabled:Akamai NetSession Interface
"5000:UDP" = 5000:UDP:*:Enabled:Akamai NetSession Interface

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\MSN Messenger\livecall.exe" = C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone) -- (Microsoft Corporation)
"C:\Program Files\Microsoft ActiveSync\rapimgr.exe" = C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager -- (Microsoft Corporation)
"C:\Program Files\Microsoft ActiveSync\wcescomm.exe" = C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager -- (Microsoft Corporation)
"C:\Program Files\Microsoft ActiveSync\WCESMgr.exe" = C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application -- (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\WINDOWS\system32\ZoneLabs\avsys\ScanningProcess.exe" = C:\WINDOWS\system32\ZoneLabs\avsys\ScanningProcess.exe:*:Enabled:Kaspersky AV Scanner -- File not found
"C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE" = C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE:*:Enabled:Connection Manager -- (Microsoft Corporation)
"C:\Program Files\adslTV\adsltv.exe" = C:\Program Files\adslTV\adsltv.exe:*:Enabled:adsltv -- (adsltv.org)
"C:\Program Files\MSN Messenger\livecall.exe" = C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone) -- (Microsoft Corporation)
"C:\Program Files\Microsoft ActiveSync\rapimgr.exe" = C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager -- (Microsoft Corporation)
"C:\Program Files\Microsoft ActiveSync\WCESMgr.exe" = C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application -- (Microsoft Corporation)
"C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe" = C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe:*:Enabled:BlueSoleil -- (IVT Corporation)
"C:\Program Files\ma-config.com\maconfservice.exe" = C:\Program Files\ma-config.com\maconfservice.exe:LocalSubNet:Enabled:maconfservice -- (CybelSoft)
"C:\Program Files\Fichiers communs\Adobe\CS4ServiceManager\CS4ServiceManager.exe" = C:\Program Files\Fichiers communs\Adobe\CS4ServiceManager\CS4ServiceManager.exe:*:Enabled:Adobe CSI CS4 -- (Adobe Systems Incorporated)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{05308C4E-7285-4066-BAE3-6B50DA6ED755}" = Adobe Update Manager CS4
"{054EFA56-2AC1-48F4-A883-0AB89874B972}" = Adobe Extension Manager CS4
"{075473F5-846A-448B-BCB3-104AA1760205}" = Sonic RecordNow Data
"{098727E1-775A-4450-B573-3F441F1CA243}" = kuler
"{098A2A49-7CF3-4F08-A38D-FB879117152A}" = Adobe Color NA Extra Settings CS4
"{0A8C97AD-DEED-4894-B446-3ABA95A77D0D}" = Windows Live Toolbar
"{0BD83598-C2EF-3343-847B-7D2E84599128}" = Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - FRA
"{0CA6047C-D28B-4295-834A-07C52BA20C2D}" = Extension de Windows Live Toolbar (Windows Live Toolbar)
"{0CC70FEF-5068-4CD5-B4DE-86FFD98EC929}" = Menus intelligents (Windows Live Toolbar)
"{0D6013AB-A0C7-41DC-973C-E93129C9A29F}" = Adobe Color JA Extra Settings CS4
"{0D67A4E4-5BE0-4C9A-8AD8-AB552B433F23}" = Adobe Setup
"{0DC0E85F-36E4-463B-B3EA-4CD8ED2222A1}" = Adobe Color EU Recommended Settings CS4
"{0DD140D3-9563-481E-AA75-BA457CBDAEF2}" = PC Inspector File Recovery
"{0F723FC1-7606-4867-866C-CE80AD292DAF}" = Adobe CSI CS4
"{1206EF92-2E83-4859-ACCB-2048C3CB7DA6}" = Sonic DLA
"{1618734A-3957-4ADD-8199-F973763109A8}" = Adobe Anchor Service CS4
"{16E16F01-2E2D-4248-A42F-76261C147B6C}" = Adobe Drive CS4
"{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}" = AdobeColorCommonSetRGB
"{190BF7E6-59C5-45E2-B9CE-E8E7245A5B4D}" = TMPGEnc Plus 2.5
"{197A3012-8C85-4FD3-AB66-9EC7E13DB92E}" = Adobe AIR
"{1AF66C45-68E3-4038-BFDE-3F46E23C1238}" = Global Mapper 9
"{1CB92574-96F2-467B-B793-5CEB35C40C29}" = Image Resizer Powertoy for Windows XP
"{1D3C662A-F6C6-4767-A788-7AA43A9A1317}" = ARTEuro
"{212748BB-0DA5-46DE-82A1-403736DC9F27}" = MSVC80_x86
"{21657574-BD54-48A2-9450-EB03B2C7FC29}" = Sonic MyDVD LE
"{26A24AE4-039D-4CA4-87B4-2F83216013FF}" = Java(TM) 6 Update 17
"{2D5EBC13-8EC1-4BED-A77E-8C7AB6B56A5E}" = CSS-eXplorer 2.0
"{2DBF9D2F-522F-4B19-8679-3539CC38EB5F}" = Search Commands from Microsoft Office Labs
"{2E0C1913-886B-4C5C-8DAF-D1E649CE5FCC}" = Creative MediaSource
"{2EAF7E61-068E-11DF-953C-005056806466}" = Google Earth
"{2FEA102C-F535-4513-009B-57B165013C18}" = Tiger Woods PGA TOUR 08
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Sonic Update Manager
"{3248F0A8-6813-11D6-A77B-00B0D0160020}" = Java(TM) 6 Update 2
"{3248F0A8-6813-11D6-A77B-00B0D0160030}" = Java(TM) 6 Update 3
"{3248F0A8-6813-11D6-A77B-00B0D0160050}" = Java(TM) 6 Update 5
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java(TM) 6 Update 7
"{3250D35A-F0C7-44E4-A12C-2D810F468090}" = Réseau France BdNyme
"{338F08AB-C262-42C7-B000-34DE1A475273}" = Ad-Aware Email Scanner for Outlook
"{350C940c-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{35BDEFF1-A610-4956-A00D-15453C116395}" = Internet Explorer Default Page
"{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}" = PDF Settings CS4
"{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}" = Adobe XMP Panels CS4
"{3D2C9DE6-9ADE-4252-A241-E43723B0CE02}" = Adobe Color - Photoshop Specific CS4
"{3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF}" = Adobe WinSoft Linguistics Plugin
"{3E31821C-7917-367E-938E-E65FC413EA31}" = Microsoft .NET Framework 3.5 Language Pack SP1 - fra
"{3E4A07ED-8D35-4999-8F8D-F003C88142AF}" = Adibou joue à lire et à compter 6-7 ans
"{4448ABF6-786D-4C3D-A49D-7BB237E6DD17}" = Foxit PDF IFilter
"{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}" = Adobe Service Manager Extension
"{49672EC2-171B-47B4-8CE7-50D7806360D7}" = Windows Live Sign-in Assistant
"{4CE6B3C4-D8E2-4A5D-BEF5-5B69AF843B0C}" = PC Connectivity Solution
"{4F763864-DDEA-46CA-AA1E-63A9C2453E83}" = Garmin TOPO France v2
"{4FD05420-333C-4233-94A6-9759430D6C2A}" = Theme Generator V2
"{50126293-3DAC-4CCC-B9F5-D6911842C4D9}" = Pocket Athlete
"{51D569E0-8A28-11D2-B962-006097C4DE24}" = Microsoft (R) C Runtime Library
"{51D569E2-8A28-11D2-B962-006097C4DE24}" = MFCDLL Shared Library - Retail Version
"{51D569E3-8A28-11D2-B962-006097C4DE24}" = Microsoft (R) C++ Runtime Library
"{51F24145-A833-4BD5-AA38-AFC5268928E5}" = PF+FB+AEP
"{52C97E71-DC72-4BFC-8F27-3DD60228FBAF}" = FTP-Watchdog
"{52D6EA6F-3751-4064-BF86-900FC9BB9E46}" = PanaVue ImageAssembler 3.4.0
"{53C6D09E-EAB6-49E5-BA4C-BA7FF13830FB}" = Sound Blaster Audigy ADVANCED MB
"{572DDD41-B104-4D5C-BA1B-7A22E92E7A0C}" = GPS TrackMaker
"{5905F42D-3F5F-4916-ADA6-94A3646AEE76}" = Dell Driver Reset Tool
"{63C24A08-70F3-4C8E-B9FB-9F21A903801D}" = Adobe Color Video Profiles CS CS4
"{63E5CDBF-8214-4F03-84F8-CD3CE48639AD}" = Adobe Photoshop CS4 Support
"{64D114CE-4234-45C2-B60A-2B07D5A48F72}" = Microsoft Works 7.0
"{67F0E67A-8E93-4C2C-B29D-47C48262738A}" = Adobe Device Central CS4
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD 5.5
"{68243FF8-83CA-466B-B2B8-9F99DA5479C4}" = AdobeColorCommonSetCMYK
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6C4D4FC0-467B-4BD7-8D11-50E49B2770D2}" = Ma-Config.com
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{6D7F8D4B-D1A4-402A-973E-31E90940E585}" = OneCare Advisor (Windows Live Toolbar)
"{6E15BEDF-7EB5-4010-998E-B430DB4EFE45}" = Barre d'outils Outlook de Windows Live (Windows Live Toolbar)
"{7148F0A8-6813-11D6-A77B-00B0D0142030}" = Java 2 Runtime Environment, SE v1.4.2_03
"{72AD53CC-CCC0-3757-8480-9EE176866A7C}" = Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - FRA
"{767CC44C-9BBC-438D-BAD3-FD4595DD148B}" = VC80CRTRedist - 8.0.50727.762
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{786C4AD1-DCBA-49A6-B0EF-B317A344BD66}" = Windows Live Favorites pour Windows Live Toolbar
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}" = Adobe Type Support CS4
"{82B1150E-9B37-49FC-83EB-D52197D900D0}" = Sunbelt Personal Firewall
"{82DFB852-9594-4668-9C66-28BB6E94BCB2}" = Photo et imagerie HP 1.0 - HP PSC - HP OfficeJet
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83877DB1-8B77-45BC-AB43-2BAC22E093E0}" = Adobe Bridge CS4
"{83F793B5-8BBF-42FD-A8A6-868CB3E2AAEA}" = Intel(R) PROSet for Wired Connections
"{842B4B72-9E8F-4962-B3C1-1C422A5C4434}" = Suite Shared Configuration CS4
"{8D2AE3F6-79DF-423C-91CB-389F6FB5837B}" = Andrea VoiceCenter
"{8E9D738A-2C30-4574-90FE-E6B4F6065D48}" = Bluesoleil3.2.2.8 Release 070421
"{8F5A0981-5CDC-41D0-BCA2-AD3B777FC358}" = Thrustmaster Force Feedback Driver
"{9011040C-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90120000-0010-040C-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (French) 12
"{90120000-0016-040C-0000-0000000FF1CE}" = Microsoft Office Excel MUI (French) 2007
"{90120000-0016-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-040C-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (French) 2007
"{90120000-0018-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-040C-0000-0000000FF1CE}" = Microsoft Office Word MUI (French) 2007
"{90120000-001B-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0401-0000-0000000FF1CE}" = Microsoft Office Proof (Arabic) 2007
"{90120000-001F-0401-0000-0000000FF1CE}_HOMESTUDENTR_{14809F99-C601-4D4A-9391-F1E8FAA964C5}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0413-0000-0000000FF1CE}" = Microsoft Office Proof (Dutch) 2007
"{90120000-001F-0413-0000-0000000FF1CE}_HOMESTUDENTR_{D66D5A44-E480-4BA4-B4F2-C554F6B30EBB}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-0020-040C-0000-0000000FF1CE}" = Module de compatibilité pour Microsoft Office System 2007
"{90120000-002C-040C-0000-0000000FF1CE}" = Microsoft Office Proofing (French) 2007
"{90120000-006E-040C-0000-0000000FF1CE}" = Microsoft Office Shared MUI (French) 2007
"{90120000-006E-040C-0000-0000000FF1CE}_HOMESTUDENTR_{B165D3C2-40AE-4D39-86F7-E5C87C4264C0}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-040C-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (French) 2007
"{90120000-00A1-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{915341C0-8BC6-49E3-A887-B87D7FE6B467}" = SplashID for PocketPC
"{9249D7E7-33E7-4CC8-BB0B-3DF3C3CB2568}" = Nokia PC Suite
"{930E3A4D-70B7-4D0D-AF8D-0B351A9B55BE}" = MSXML 3.0
"{931AB7EA-3656-4BB7-864D-022B09E3DD67}" = Adobe Linguistics CS4
"{944A4CEE-7DB9-4BEB-B8B2-26F491B9CEB4}" = Sprite Clone
"{94C3BB3A-56A1-43DE-A242-8B41F46E97EF}" = Dealio Toolbar v4.0.1
"{94D398EB-D2FD-4FD1-B8C4-592635E8A191}" = Adobe CMaps CS4
"{9559F7CA-5E34-4237-A2D9-D856464AD727}" = Project64 1.6
"{97C82B44-D408-4F14-9252-47FC1636D23E}_is1" = IZArc 3.81
"{99052DB7-9592-4522-A558-5417BBAD48EE}" = Microsoft ActiveSync
"{991B1E79-12B6-40C3-A081-1FC47C6F2F37}" = Bulk Rename Utility 2, 6, 1, 0
"{9941F0AA-B903-4AF4-A055-83A9815CC011}" = Sonic Encoders
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A394342-4A68-4EBA-85A6-55B559F4E700}" = Microsoft .NET Framework 1.1 French Language Pack
"{9BFFB382-0B2C-11D6-AB3E-000102B0F79A}" = Readiris 7.5
"{A06275F4-324B-4E85-95E6-87B2CD729401}" = Windows Defender
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A425C250-A0E1-4D78-B1C1-A5CBC7385E7C}" = Bloqueur de fenêtres pop-up (Windows Live Toolbar)
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AB708C9B-97C8-4AC9-899B-DBF226AC9382}" = Sonic RecordNow Audio
"{ABC5404F-F0F3-4221-8DB9-5D34DD866E50}" = Sprite Backup
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{AFC02C27-473F-4EC5-9372-30771EFFB35F}" = VC80_CRT_x86
"{B1102A25-3AA3-446B-AA0F-A699B07A02FD}" = Garmin USB Drivers
"{B12665F4-4E93-4AB4-B7FC-37053B524629}" = Sonic RecordNow Copy
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B13FE5B5-A0DF-4700-9AB4-8C94C38BCFF3}" = Réseau France BdAlti
"{B158F76F-76AB-4115-A4F0-4C6EF6956093}_is1" = VirtualDubMOD 1.5.10.3 Fr
"{B29AD377-CC12-490A-A480-1452337C618D}" = Connect
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B65BA85C-0A27-4BC0-A22D-A66F0E5B9494}" = Adobe Photoshop CS4
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{B8BFB69F-BBBA-48A9-A788-851222571C77}" = MapSource Product Install
"{B955D26E-5E9F-43D4-BCAC-EC0E6223E8C4}" = Weather Exchange
"{BAF78226-3200-4DB4-BE33-4D922A799840}" = Windows Presentation Foundation
"{BB4E33EC-8181-4685-96F7-8554293DEC6A}" = Adobe Output Module
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C50EF365-2898-489A-B6C7-30DAA466E9A2}" = Nokia Connectivity Cable Driver
"{C52E3EC1-048C-45E1-8D53-10B0C6509683}" = Adobe Default Language CS4
"{CA567AD5-33A4-403D-86D1-EE2D38251951}_is1" = VDownloader 1.0
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CC75AB5C-2110-4A7F-AF52-708680D22FE8}" = Photoshop Camera Raw
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware Free Edition
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE6DEE87-1C87-42ED-A108-7369BFE9076F}" = 32 bit Windows Card Reader Driver
"{D2988E9B-C73F-422C-AD4B-A66EBE257120}" = MCU
"{D8207FF4-0A8C-4D36-9682-36E04AE96C52}" = SiRFDemo
"{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}" = Ad-Aware
"{E1FBB8D1-C5CB-E146-9F2B-1EB6FCBCE124}" = WDGPS_CE
"{E4848436-0345-47E2-B648-8B522FCDA623}" = Adobe Photoshop CS4
"{E7559288-223B-453C-9F06-340E3BE21E39}" = MyWay Search Assistant
"{E916E61F-DE9D-4EAF-91E1-CEB50016326A}" = Navigation par onglets (Windows Live Toolbar)
"{EA6EB7D0-C920-4434-B43D-0DDD0AF8F497}" = Garmin MapSource
"{ED93995E-8BF2-480F-8EA4-7D29E29A7052}" = Photo et imagerie HP 1.0 - HP PSC - HP OfficeJet Pilote
"{EFFCB0F1-CFEC-48D4-B793-EBFCAE852976}" = Détecteur de flux Windows Live Toolbar (Windows Live Toolbar)
"{F0E64E2E-3A60-40D8-A55D-92F6831875DA}" = Adobe Search for Help
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{F5346614-B7C4-4E94-826A-E2363155233D}" = EasyCleaner
"{F6326B60-1B1D-4ABF-BFCD-7B7404F44411}" = Windows Live Messenger
"{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}" = Adobe ExtendScript Toolkit CS4
"{F93C84A6-0DC6-42AF-89FA-776F7C377353}" = Adobe PDF Library Files CS4
"{FC8D21C8-7B29-4104-ADB0-FEE9CA1C7922}" = Folder Size for Windows
"{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}" = Adobe Fonts All
"05B59228C7E1C21DFBE89260F879BD95880548D8" = Package de pilotes Windows - Nokia Modem (10/05/2009 4.2)
"0D20D36D-A11C-444c-9AF7-70CBFED42ECF" = Otto
"3134FEF0E1D959EC0CC2E458C94B7057B2AC0CC9" = Package de pilotes Windows - FTDI CDM Driver Package (10/22/2009 2.06.00)
"504244733D18C8F63FF584AEB290E3904E791693" = Package de pilotes Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"5564564_is1" = VisualGPS - BeeLineGPS v1.83
"76322c23820ae7473cdebbff3eceb262" = Cars
"8461-7759-5462-8226" = Vuze
"88EB56038379B8B7DCFB4D2448A60F52E064B265" = Package de pilotes Windows - FTDI CDM Driver Package (10/22/2009 2.06.00)
"8CDCFB95BB84DD9C0F88F22266A0CA86035E55BA" = Package de pilotes Windows - Nokia Modem (06/01/2009 7.01.0.4)
"99A88D57-2C93-491B-87B8-E41A870FB6BE" = GemMaster Mystic
"Ad-Aware" = Ad-Aware
"Adibou V.3.00 on C" = Adibou V.3.00 on C
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Adobe_faf656ef605427ee2f42989c3ad31b8" = Adobe Photoshop CS4
"adsl TV" = adsl TV
"Akamai" = Akamai NetSession Interface
"a-squared Free_is1" = a-squared Free 4.5
"Astraware Ultimate Bowling Fighter for Pocket PC" = Ultimate Bowling Fighter for Pocket PC
"Audacity_is1" = Audacity 1.2.6
"AutoGK" = Auto Gordian Knot 2.45
"Autopano Pro" = Autopano Pro
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"AviSynth" = AviSynth 2.5
"BeeLineGPS" = BeeLineGPS
"BEIKS BEIKS Dictionary Reader WCE" = BEIKS BEIKS Dictionary Reader WCE
"Binaryfish Art of Positions 3 - Windows Mobile Standard Edition" = Art of Positions - Windows Mobile Standard Edition 3.0.1
"BitMeter" = BitMeter
"CartoExploreur 3_is1" = CartoExploreur 3 3.12
"CartoExploreur 3D_is1" = CartoExploreur 3D 1.05
"CCleaner" = CCleaner
"CDex" = CDex extraction audio
"CDVista_is1" = CDVista 1.46a
"CloneDVD2" = CloneDVD2
"Code couleurs" = Code couleurs
"CodeStuff Starter" = CodeStuff Starter
"ComPortChecker_is1" = ComPort Checker Version 1
"Composant Hmk" = Composant Hmk
"Convers" = Convers
"Convertisseur 1.4_is1" = Convertisseur 1.4
"Coup de Foot 2006_is1" = Coup de Foot 2006, v1.0.3
"Dell Photo Printer 720" = Dell Photo Printer 720
"DxO Optics Pro v4" = DxO Optics Pro v4.0
"Easy Video Splitter_is1" = Easy Video Splitter 1.28
"Editor PDIs1.3.50" = Editor PDIs
"eMule" = eMule
"EPSON Scanner" = EPSON Scan
"EPSON SX410 Series" = EPSON SX410 Series Printer Uninstall
"ER Mapper 7.0" = ER Mapper 7.0
"ERUNT_is1" = ERUNT 1.1j
"EVEREST Ultimate Edition_is1" = EVEREST Ultimate Edition v2.80
"FastStone Capture" = FastStone Capture 5.7
"FileZilla Client" = FileZilla Client 3.3.2
"FlashGet" = FlashGet 1.9.6.1073
"Foxit Reader" = Foxit Reader
"Foxmail 6.5(022) TFFP package (build 009)" = Foxmail 6.5(022) TFFP package (build 009)
"Free Easy Burner_is1" = Free Easy Burner V 3.9
"Glary Utilities_is1" = Glary Utilities 2.4
"GPS Tuner" = GPS Tuner (remove only)
"GpsGate" = GpsGate
"GPS-Track-Analyse.NET" = GPS-Track-Analyse.NET
"Groobax_is1" = Groobax
"Guild Wars" = GUILD WARS
"Handheld Synchronizer" = Handheld Synchronizer
"HeavyWeatherReview_is1" = HeavyWeatherReview 1.0
"HijackThis" = HijackThis 2.0.2
"Home Jukebox_is1" = Home Jukebox 0.8.4
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"hp psc 2100 series_Driver" = hp psc 2100 series
"iColorFolder" = iColorFolder
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"Img2Ozf_is1" = Img2Ozf Version 3
"ImTOO ISO Burner" = ImTOO ISO Burner
"Indeo® Software" = Indeo® Software
"INFORAD MANAGER_is1" = INFORAD MANAGER 3.5
"Inkscape" = Inkscape 0.46
"InstallShield_{190BF7E6-59C5-45E2-B9CE-E8E7245A5B4D}" = TMPGEnc Plus 2.5
"InstallShield_{51F24145-A833-4BD5-AA38-AFC5268928E5}" = PF+FB+AEP
"IsoBuster_is1" = IsoBuster 1.9
"ISOpen_is1" = ISOpen V4.1
"KLiteCodecPack_is1" = K-Lite Codec Pack 3.5.7 Basic
"La Marmite du Chef_is1" = La Marmite du Chef 6.5.16
"MADE" = MADE
"Magic ISO Maker v5.5 (build 0273)" = Magic ISO Maker v5.5 (build 0273)
"MagicDisc 2.7.106" = MagicDisc 2.7.106
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Map Merge Utility for OziExplorer_is1" = Map Merge utility Version 1
"MapSource" = MapSource
"Mapsource Mapset Manager (M3)_is1" = M3 v2.00
"Maroc-Topo Map_is1" = Maroc-Topo Map 1.21
"Microcat for Land Rover" = Microcat for Land Rover
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 Language Pack SP1 - fra" = Module linguistique Microsoft .NET Framework 3.5 SP1- fra
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mobile Media Converter_is1" = MIKSOFT Mobile Media Converter
"Monkey's Audio_is1" = Monkey's Audio
"Moto Racer 3_is1" = Moto Racer 3
"MozBackup" = MozBackup 1.4.9
"Mozilla Firefox (3.6)" = Mozilla Firefox (3.6)
"Mp3tag" = Mp3tag v2.45a
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"MSNINST" = MSN
"MyDefrag v4.2.4_is1" = MyDefrag v4.2.4
"Nero - Burning Rom!UninstallKey" = Nero 6 Ultra Edition
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"Nokia PC Suite" = Nokia PC Suite
"Notepad++" = Notepad++
"NVIDIA Drivers" = NVIDIA Drivers
"OgcDrv_is1" = OgcDrv 2.13
"Oil Map" = Oil Map 1.0
"Orbitron_is1" = Orbitron - Satellite Tracking System
"OziExplorer 3.95_is1" = OziExplorer 3.95
"OziExplorer3D_is1" = OziExplorer3D Version 1
"OziExplorerCE Screen Designer_is1" = OziExplorerCE Screen Designer Version 2
"OziHelp2_is1" = OziHelp2
"PC-Wetterstation_is1" = WsWin V2.95.11 - 2010-02-16
"PDF Password Remover v2.5_is1" = PDF Password Remover v2.5
"Photodex Presenter" = Photodex Presenter
"PIXresizer_is1" = PIXresizer 2.0.4
"PoiEdit" = PoiEdit
"PQView 2.0" = PQView 2.0
"PROSet" = Intel(R) PRO Network Connections Drivers
"PSC 2000 Series" = Photo et imagerie HP 1.0 - HP PSC - HP OfficeJet
"PyGrenouille_is1" = PyGrenouille version 1.12
"QuicktimeAlt_is1" = QuickTime Alternative 3.1.0
"RealPlayer 12.0" = RealPlayer
"Recuva" = Recuva
"Réseau France Bayo_is1" = Réseau France Bayo 0013-Q0
"Réseau France BdAlti" = Réseau France BdAlti
"Réseau France BdNyme" = Réseau France BdNyme
"Revo Uninstaller" = Revo Uninstaller 1.30
"Ruler" = Ruler
"SA Watch" = SA Watch
"SompyPlayer" = SompyPlayer
"Sound Blaster Audigy ADVANCED MB Product Registration" = Enregistrement du produit Sound Blaster Audigy ADVANCED MB
"Spybot - Search & Destroy_is1" = Spybot - Search & Destroy 1.4
"ST6UNST #1" = WS2300 Edit v0.4
"StreetPlugin" = Learn2 Player (Uninstall Only)
"SUPER ©" = SUPER © Version 2010.bld.37 (Jan 2, 2010)
"Switch" = Switch Sound File Converter
"Taiyo_is1" = Taiyo
"Taiyo-Desktop_is1" = Taiyo-Desktop
"Tennis Addict" = Tennis Addict
"TerraExplorer" = TerraExplorer
"TmNationsForever_is1" = TmNationsForever
"Topo Pirineos" = Topo Pirineos 2.7
"TotalRecorder" = Total Recorder 7.1
"Traces4x4Maroc" = Traces4x4Maroc
"UltraDefrag" = DASoft Ultra Defragmenter
"Universal Extractor_is1" = Universal Extractor 1.6
"Unlocker" = Unlocker 1.8.8
"ViewpointMediaPlayer" = Viewpoint Media Player
"VisualGPS" = VisualGPS
"VisualGPS BeeLineGPS v1.82 - SyMBiAN" = VisualGPS BeeLineGPS v1.82 - SyMBiAN
"VisualGPSce" = VisualGPSce
"Viveza" = Viveza
"VLC media player" = VLC media player 1.0.0
"VobSub" = VobSub v2.23 (Remove Only)
"WampServer 2_is1" = WampServer 2.0
"Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
"Wdf01007" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
"WIC" = Windows Imaging Component
"Windows Live Toolbar" = Windows Live Toolbar
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Lecteur Windows Media 11
"Windows XP Service" = Windows XP Service Pack 3
"WINDSTATION" = Windstation
"WinGimp-2.0_is1" = GIMP 2.6.6
"WinHTTrack Website Copier_is1" = WinHTTrack Website Copier 3.43-7
"WinRAR archiver" = Archiveur WinRAR
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01007" = Microsoft User-Mode Driver Framework Feature Pack 1.7
"XnView Shell Extension_is1" = XnView Shell Extension 2.6.0
"XnView_is1" = XnView 1.96.5
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0
"XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0
"XviD MPEG4 Video Codec" = XviD MPEG4 Video Codec (remove only)
"Ziepod_is1" = Ziepod 0.99.9

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-753652507-4259875560-3305497912-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"309a46b1dc89b774" = Dell Driver Download Manager
"albanie v15" = albanie v15
"e0a00a3855587865" = OziMapSelect 2.0
"garmin mapsource mauritanie" = garmin mapsource mauritanie
"mapsource tunisie RS V11" = mapsource tunisie RS V11
"mapsource tunisie v16" = mapsource tunisie v16
"QUICKMEDIACONVERTER" = Converter
"sc10-CH_TSR" = Ski Challenge 2010 (TSR)
"sc10-FR_FTV_MAIN" = Ski Challenge 2010 (FTV)
"Track Profiler" = Track Profiler

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 16/02/2010 16:42:59 | Computer Name = D9PJ012J | Source = Application Hang | ID = 1002
Description = Application bloquée heavy weather.exe, version 1.0.0.0, module bloqué
hungapp, version 0.0.0.0, adresse de blocage 0x00000000.

Error - 21/02/2010 16:53:15 | Computer Name = D9PJ012J | Source = Application Error | ID = 1000
Description = Application défaillante wswin32.exe, version 2.95.10.0, module défaillant
unknown, version 0.0.0.0, adresse de défaillance 0x00000000.

Error - 28/02/2010 05:37:27 | Computer Name = D9PJ012J | Source = Application Hang | ID = 1002
Description = Application bloquée Updater.exe, version 0.0.0.0, module bloqué hungapp,
version 0.0.0.0, adresse de blocage 0x00000000.

Error - 03/03/2010 12:26:18 | Computer Name = D9PJ012J | Source = Application Error | ID = 1000
Description = Application défaillante wswin32.exe, version 2.95.10.0, module défaillant
unknown, version 0.0.0.0, adresse de défaillance 0x00000000.

Error - 04/03/2010 09:01:31 | Computer Name = D9PJ012J | Source = Application Error | ID = 1000
Description = Application défaillante wswin32.exe, version 2.95.10.0, module défaillant
unknown, version 0.0.0.0, adresse de défaillance 0x00000000.

Error - 05/03/2010 17:45:28 | Computer Name = D9PJ012J | Source = Application Hang | ID = 1002
Description = Application bloquée heavy weather.exe, version 1.0.0.0, module bloqué
hungapp, version 0.0.0.0, adresse de blocage 0x00000000.

Error - 06/03/2010 11:38:02 | Computer Name = D9PJ012J | Source = Application Hang | ID = 1002
Description = Application bloquée Foxmail.exe, version 6.15.201.22, module bloqué
hungapp, version 0.0.0.0, adresse de blocage 0x00000000.

Error - 06/03/2010 13:44:30 | Computer Name = D9PJ012J | Source = FolderSize | ID = 0
Description =

Error - 08/03/2010 17:21:31 | Computer Name = D9PJ012J | Source = Application Error | ID = 1000
Description = Application défaillante wswin32.exe, version 2.95.10.0, module défaillant
kernel32.dll, version 5.1.2600.5781, adresse de défaillance 0x00012afb.

Error - 10/03/2010 08:02:22 | Computer Name = D9PJ012J | Source = Lavasoft Ad-Aware Service | ID = 0
Description =

[ System Events ]
Error - 12/03/2010 07:51:03 | Computer Name = D9PJ012J | Source = Service Control Manager | ID = 7001
Description = Le service Assistance TCP/IP NetBIOS dépend du service AFD qui n'a
pas pu démarrer en raison de l'erreur : %%31

Error - 12/03/2010 07:51:03 | Computer Name = D9PJ012J | Source = Service Control Manager | ID = 7001
Description = Le service Fax dépend du service Spouleur d'impression qui n'a pas
pu démarrer en raison de l'erreur : %%1068

Error - 12/03/2010 07:51:03 | Computer Name = D9PJ012J | Source = Service Control Manager | ID = 7001
Description = Le service Services IPSEC dépend du service Pilote IPSEC qui n'a pas
pu démarrer en raison de l'erreur : %%31

Error - 12/03/2010 07:51:03 | Computer Name = D9PJ012J | Source = Service Control Manager | ID = 7026
Description = Le pilote de démarrage système ou d'amorçage suivant n'a pas pu se
charger : AFD avgio avipbb Fips intelppm IPSec MRxSmb NetBIOS NetBT Partizan RasAcd Rdbss SASDIFSV
SASKUTIL
sbhips
ssmdrv
Tcpip

Error - 12/03/2010 07:56:00 | Computer Name = D9PJ012J | Source = DCOM | ID = 10005
Description = DCOM a reçu l'erreur "%1084" lors de la mise en route du service netman
avec les arguments "" pour démarrer le serveur : {BA126AE5-2166-11D1-B1D0-00805FC1270E}

Error - 12/03/2010 07:56:08 | Computer Name = D9PJ012J | Source = DCOM | ID = 10005
Description = DCOM a reçu l'erreur "%1084" lors de la mise en route du service EventSystem
avec les arguments "" pour démarrer le serveur : {1BE1F766-5536-11D1-B726-00C04FB926AF}

Error - 12/03/2010 07:57:40 | Computer Name = D9PJ012J | Source = DCOM | ID = 10005
Description = DCOM a reçu l'erreur "%1084" lors de la mise en route du service StiSvc
avec les arguments "" pour démarrer le serveur : {A1F4E726-8CF1-11D1-BF92-0060081ED811}

Error - 12/03/2010 07:58:59 | Computer Name = D9PJ012J | Source = DCOM | ID = 10005
Description = DCOM a reçu l'erreur "%1084" lors de la mise en route du service EventSystem
avec les arguments "" pour démarrer le serveur : {1BE1F766-5536-11D1-B726-00C04FB926AF}

Error - 12/03/2010 08:00:28 | Computer Name = D9PJ012J | Source = Service Control Manager | ID = 7026
Description = Le pilote de démarrage système ou d'amorçage suivant n'a pas pu se
charger : Partizan

Error - 13/03/2010 05:57:13 | Computer Name = D9PJ012J | Source = Service Control Manager | ID = 7026
Description = Le pilote de démarrage système ou d'amorçage suivant n'a pas pu se
charger : Partizan


<End>
Gacko
 
Messages: 11
Inscription: 12 Mar 2010, 22:15
Haut

Messagede nickW » 14 Mar 2010, 02:04

Bonsoir,

Tu utilises ouvertement un logiciel piraté: Adobe CS4 Master Collection :twisted:


Plusieurs messages de l'Observateur d'événements signalent des erreurs avec HeavyWeatherReview 1.0.
Pourrais-tu vérifier le fonctionnement de ce logiciel?



Premiers nettoyages:

Étape 1: OTL (de OldTimer), préparation du nettoyage
Ouvrir une fenêtre du Bloc-notes, via Démarrer---->Exécuter, taper notepad puis cliquer sur OK

Sélectionner toutes les lignes de la zone blanche située sous "Code:" ci-dessous, puis appuyer simultanément sur les touches Ctrl et C

Code: Tout sélectionner
rien

:otl
O4 - HKLM..\RunServices: [Microsoft Updates] File not found
@Alternate Data Stream - 980 bytes -> C:\Documents and Settings\All Users\Application Data\Microsoft:DmwEcajX2asJMkeWoP
@Alternate Data Stream - 977 bytes -> C:\Documents and Settings\Eric Jeuffrain\Cookies:QPRUQy2NYiBYXOAN44Ci67Yss3tn0u
@Alternate Data Stream - 841 bytes -> C:\Documents and Settings\All Users\Application Data\Microsoft:8iRqUyj2fF74g6Cmh9FPpPK

:Commands
[emptytemp]



Retourner dans la fenêtre du Bloc-notes, faire un clic droit dans la fenêtre et choisir Coller
Vérifier dans le menu Format (en haut) que "Retour automatique à ligne" n'est pas actif (pas coché).
Enregistrer le fichier sous le nom fix.txt <---- ne pas modifier le nom du fichier
Fermer le Bloc-notes.

Note: Les lignes de la zone Code ci-dessus ont été créées exclusivement pour CET utilisateur: Gacko.
si vous n'êtes pas CET utilisateur, il ne faut pas les utiliser: elles pourraient endommager votre système.


Étape 2: Pas de processus de contrôle en temps réel
Désactiver le module résident de l'antivirus et celui de l'antispyware.
Image Avira Antivir: clic droit sur l'icône dans la SysBarre (à coté de l'horloge), décocher "Activer Antivir Guard/AntiVir Guard enable"
Image Windows Defender: Démarrer---->Tous les programmes---->Windows Defender; cliquer sur "Outils", puis sur "Options"; Sous "Options de protection en temps réel", désactiver la case à cocher "Utiliser la protection en temps réel (recommandé)"; Sous "Options de l'administrateur", , désactiver la case à cocher "Utiliser Windows Defender"; Puis cliquer sur "Enregistrer"


Étape 3: OTL (de OldTimer), nettoyage

Faire un double clic sur OTL.exe pour lancer l'outil.

L'écran principal de OTL s'affiche:
Image

Cliquer sur le bouton Run Fix: Image

Il y a ouverture d'une petite fenêtre "Information": Image

Cliquer sur le bouton Yes.

A partir de la nouvelle fenêtre "Ouvrir", naviguer jusqu'au dossier de sauvegarde du fichier fix.txt puis cliquer sur le bouton Ouvrir.

Le contenu du fichier fix.txt est ainsi inséré dans le panneau "Custom Scans/Fixes" Image

Fermer toutes les fenêtres de programme ouvertes autres que OTL (navigateur, traitement de texte, etc...): un redémarrage du PC va se produire.

Cliquer de nouveau sur le bouton Run Fix: Image

Note: Lorsque le redémarrage est demandé, cliquer sur Oui/Yes

Lorsque l'outil a terminé son travail, il y a affichage dans une petite fenêtre du message "Fix Complete! Click OK to open the fix log". Cliquer sur OK puis fermer OTL.


Étape 4: Malwarebytes' Anti-Malware, nettoyage
Fermer toutes les fenêtres de programme ouvertes.
Lancer Malwarebytes' Anti-Malware via le Menu Démarrer.
Dans l'onglet Paramètres, vérifier que toutes les cases sont cochées sauf "Créer une option dans le menu contextuel pour analyser des fichiers (clic droit)".
Dans l'onglet Mise à jour, cliquer sur le bouton Recherche de mise à jour et installer toutes les mises à jour trouvées.
Dans l'onglet Recherche, cocher le bouton radio situé devant "Exécuter un examen rapide" puis cliquer sur le bouton Rechercher.
Attendre sans rien faire d'autre la fin de la recherche; dans la fenêtre annonçant la fin de l'analyse, cliquer sur OK; puis cliquer sur le bouton "Afficher les résultats".

Si des éléments nuisibles ont été détectés, cliquer sur le bouton "Supprimer la sélection"
Attendre patiemment sans rien faire d'autre la fin du nettoyage.
Un redémarrage est parfois nécessaire. Accepter.
Une fenêtre du Bloc-notes s'ouvre pour afficher le rapport. Fermer le Bloc-notes.
Cliquer sur le bouton "Quitter" pour fermer Malwarebytes' Anti-Malware.


Étape 5: Processus de contrôle en temps réel
Important: Réactiver le module résident de l'antivirus et celui de l'antispyware.


Étape 6: OTL (de OldTimer), analyse rapide
Fermer toutes les fenêtres de programme ouvertes.

Faire un double clic sur OTL.exe pour lancer l'outil.

L'écran principal de OTL s'affiche:
Image

Cliquer sur le bouton Quick Scan:
Image


Laisser l'outil travailler sans l'interrompre.
Lorsque l'outil a terminé, il y a ouverture d'une fenêtre du Bloc-notes contenant un rapport (log).
Fermer le Bloc-notes.
Fermer la fenêtre de OTL.


Étape 7: Résultats
Envoyer en réponse:
*- le rapport de correction de OTL (contenu du fichier SystemDrive\_OTL\MovedFiles\********_******.log - les *** sont des chiffres représentant la date [moisjourannée] et l'heure)
[SystemDrive représente la partition sur laquelle est installé le système, généralement C:]
*- le rapport de Malwarebytes' Anti-Malware (contenu du fichier mbam-log-****-**-** (**-**-**).txt situé dans le dossier SystemDrive\Documents and Settings\<tonprofil>\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs où ****-** (**-**-**) représente la date [année-mois-jour] et l'heure [hh-mn-ss])
[SystemDrive représente la partition sur laquelle est installé le système, généralement C:]

Envoyer ensuite en réponse dans un message distinct (à cause de la longueur du log):
*- le rapport principal de OTL (contenu du fichier OTL.txt situé sur le Bureau).
Le rapport envoyé sur le forum doit se terminer par une ligne contenant <End>. Si ce n'est pas le cas, il est incomplet, et doit alors être découpé en plusieurs messages.

Note importante: Pour l'envoi de ta(tes) réponse(s), il ne faut pas créer un nouveau sujet, mais cliquer sur le bouton "Répondre"
Image pour continuer dans ce fil de discussion.

A suivre,
nickW - Image
30/07/2012: Plus de désinfection de PC jusqu'à nouvel ordre.
Pas de demande d'analyse de log en MP (Message Privé)
Mes configs
Avatar de l’utilisateur
nickW
Modérateur
 
Messages: 21698
Inscription: 20 Mai 2004, 17:41
Localisation: Dordogne/Île de France
Haut

Messagede Gacko » 14 Mar 2010, 19:26

Bonsoir,

Concernant Adobe CS4 je l'utilise à environ 0,00000001% de ses possibilités car je ne sais me servir que des réglages du contraste, de la luminosité, de l'histogramme/courbe d'exposition et du tampon pour nettoyer les pétouilles. Je sais que c'est idiot d'avoir un soft cracké mais je n'ai pas retrouvé ces 4 fonctions que j'utilise au mieux 1 fois par mois (!) sur un autre logiciel...
HeavyWeatherReview 1.0 vient d'être désinstallé car de toutes façons il faisait double emploi avec un autre soft de météo bien mieux fichu.

Résultat d'OTL

All processes killed
Error: Unable to interpret <rien> in the current context!
========== OTL ==========
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunServices\\Microsoft Updates deleted successfully.
ADS C:\Documents and Settings\All Users\Application Data\Microsoft:DmwEcajX2asJMkeWoP deleted successfully.
ADS C:\Documents and Settings\Eric Jeuffrain\Cookies:QPRUQy2NYiBYXOAN44Ci67Yss3tn0u deleted successfully.
ADS C:\Documents and Settings\All Users\Application Data\Microsoft:8iRqUyj2fF74g6Cmh9FPpPK deleted successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: Administrateur
->Temp folder emptied: 7265908 bytes
->Temporary Internet Files folder emptied: 1727891 bytes
->FireFox cache emptied: 14478349 bytes
->Flash cache emptied: 405 bytes

User: Alex
->Temp folder emptied: 4761073 bytes
->Temporary Internet Files folder emptied: 3537766 bytes
->Java cache emptied: 43431 bytes
->FireFox cache emptied: 30004291 bytes
->Flash cache emptied: 6253 bytes

User: All Users

User: Default User
->Temp folder emptied: 59964 bytes
->Temporary Internet Files folder emptied: 32902 bytes
->Flash cache emptied: 41 bytes

User: Eric Jeuffrain
->Temp folder emptied: 472335681 bytes
->Temporary Internet Files folder emptied: 98278331 bytes
->Java cache emptied: 14049112 bytes
->FireFox cache emptied: 135659717 bytes
->Flash cache emptied: 1983172 bytes

User: Invité
->Temp folder emptied: 560749 bytes
->Temporary Internet Files folder emptied: 1638265 bytes
->Java cache emptied: 916 bytes
->FireFox cache emptied: 4094487 bytes
->Flash cache emptied: 2274 bytes

User: LocalService
->Temp folder emptied: 115616 bytes
->Temporary Internet Files folder emptied: 188768 bytes

User: NetworkService
->Temp folder emptied: 10618 bytes
->Temporary Internet Files folder emptied: 34391 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 14939776 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 141970 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 10503524 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 62474 bytes
RecycleBin emptied: 14887601 bytes

Total Files Cleaned = 793,00 mb


OTL by OldTimer - Version 3.1.37.0 log created on 03142010_183953

Files\Folders moved on Reboot...
File\Folder C:\WINDOWS\temp\Perflib_Perfdata_224.dat not found!

Registry entries deleted on Reboot...

Celui de Malwarebytes

Malwarebytes' Anti-Malware 1.44
Version de la base de données: 3867
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

14/03/2010 19:13:00
mbam-log-2010-03-14 (19-13-00).txt

Type de recherche: Examen rapide
Eléments examinés: 152162
Temps écoulé: 5 minute(s), 9 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 1
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{08b0f5c0-44cb-11cf-acx5-00401e608512} (Generic.Bot.H) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
(Aucun élément nuisible détecté)
Gacko
 
Messages: 11
Inscription: 12 Mar 2010, 22:15
Haut

Messagede Gacko » 14 Mar 2010, 19:35

Concernant le rapport principal de OTL je ne trouve sur le bureau que celui que je t'ai envoyé hier...
Gacko
 
Messages: 11
Inscription: 12 Mar 2010, 22:15
Haut

Messagede nickW » 16 Mar 2010, 01:23

Bonsoir,

Peux-tu recommencer l'étape 6 ci-dessus, elle doit normalement créer un nouveau rapport OTL.Txt (qui remplacera l'ancien, mais avec une date différente), puis envoyer le rapport OTL.Txt.

A suivre,
nickW - Image
30/07/2012: Plus de désinfection de PC jusqu'à nouvel ordre.
Pas de demande d'analyse de log en MP (Message Privé)
Mes configs
Avatar de l’utilisateur
nickW
Modérateur
 
Messages: 21698
Inscription: 20 Mai 2004, 17:41
Localisation: Dordogne/Île de France
Haut
Suivante
Sujet verrouillé

Retourner vers Sécurité (Contamination - Décontamination)

Qui est en ligne

Utilisateurs parcourant ce forum: Google [Bot] et 27 invités

Développé par phpBB® Forum Software © phpBB Group
Traduction par phpBB-fr.com