une description détaillée des symptômes d'infection(outlook)

Sécurité et insécurité. Virus, Trojans, Spywares, Failles etc. …

Modérateur: Modérateurs et Modératrices

Règles du forum
Assiste.com a suspendu l'assistance à la décontamination après presque 15 ans sur l'ancien forum puis celui-ci. Voir :

Procédure de décontamination 1 - Anti-malware
Décontamination anti-malwares

Procédure de décontamination 2 - Anti-malware et antivirus (La Manip)
La Manip - Procédure standard de décontamination

Entretien périodique d'un PC sous Windows
Entretien périodique d'un PC sous Windows

Protection des navigateurs, de la navigation et de la vie privée
Protéger le navigateur, la navigation et la vie privée

une description détaillée des symptômes d'infection(outlook)

Messagede tuba221 » 15 Aoû 2010, 18:16

Édité:
Ce sujet est la suite de: http://assiste.forum.free.fr/viewtopic.php?t=26926



Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Version de la base de données: 4433

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

15/08/2010 19:03:56
mbam-log-2010-08-15 (19-03-56).txt

Type d'examen: Examen rapide
Elément(s) analysé(s): 177185
Temps écoulé: 14 minute(s), 34 seconde(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
(Aucun élément nuisible détecté)
tuba221
 
Messages: 8
Inscription: 14 Aoû 2010, 15:58

une description détaillée des symptômes d'infection(outlook)

Messagede tuba221 » 15 Aoû 2010, 18:56

OTL Extras logfile created on: 15/08/2010 19:10:55 - Run 2
OTL by OldTimer - Version 3.2.9.1 Folder = D:\Documents and Settings\Chapelier\Mes documents\Downloads
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

1 023,00 Mb Total Physical Memory | 466,00 Mb Available Physical Memory | 46,00% Memory free
2,00 Gb Paging File | 2,00 Gb Available in Paging File | 71,00% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 29,99 Gb Total Space | 15,11 Gb Free Space | 50,38% Space Free | Partition Type: NTFS
Drive D: | 150,30 Gb Total Space | 134,49 Gb Free Space | 89,48% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
Drive G: | 244,59 Mb Total Space | 192,65 Mb Free Space | 78,76% Space Free | Partition Type: FAT
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Drive L: | 14,93 Gb Total Space | 7,32 Gb Free Space | 49,05% Space Free | Partition Type: FAT32

Computer Name: chapelier-01
Current User Name: Chapelier
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

[HKEY_USERS\S-1-5-21-733568381-2925260249-56603025-1006\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" /S
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- C:\Program Files\VideoLAN\VLC\vlc.exe --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- C:\Program Files\VideoLAN\VLC\vlc.exe --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 1
"FirewallOverride" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring" = 1
"" =

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"10243:TCP" = 10243:TCP:LocalSubNet:Enabled:Service Partage réseau du Lecteur Windows Media
"10280:UDP" = 10280:UDP:LocalSubNet:Enabled:Service Partage réseau du Lecteur Windows Media
"10281:UDP" = 10281:UDP:LocalSubNet:Enabled:Service Partage réseau du Lecteur Windows Media
"10282:UDP" = 10282:UDP:LocalSubNet:Enabled:Service Partage réseau du Lecteur Windows Media
"10283:UDP" = 10283:UDP:LocalSubNet:Enabled:Service Partage réseau du Lecteur Windows Media
"10284:UDP" = 10284:UDP:LocalSubNet:Enabled:Service Partage réseau du Lecteur Windows Media

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"10243:TCP" = 10243:TCP:LocalSubNet:Enabled:Service Partage réseau du Lecteur Windows Media
"10280:UDP" = 10280:UDP:LocalSubNet:Enabled:Service Partage réseau du Lecteur Windows Media
"10281:UDP" = 10281:UDP:LocalSubNet:Enabled:Service Partage réseau du Lecteur Windows Media
"10282:UDP" = 10282:UDP:LocalSubNet:Enabled:Service Partage réseau du Lecteur Windows Media
"10283:UDP" = 10283:UDP:LocalSubNet:Enabled:Service Partage réseau du Lecteur Windows Media
"10284:UDP" = 10284:UDP:LocalSubNet:Enabled:Service Partage réseau du Lecteur Windows Media

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\eMule\emule.exe" = C:\Program Files\eMule\emule.exe:*:Enabled:eMule -- (http://www.emule-project.net)
"C:\Program Files\SightSpeed\SightSpeed.exe" = C:\Program Files\SightSpeed\SightSpeed.exe:*:Enabled:SightSpeed -- (SightSpeed Inc.)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0BD83598-C2EF-3343-847B-7D2E84599128}" = Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - FRA
"{17342E3B-0818-4A6F-BFF8-99476605ADD6}" = livebox
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Outil de téléchargement Windows Live
"{2075CB0A-D26F-4DAA-B424-5079296B43BA}" = Windows Live FolderShare
"{21657574-BD54-48A2-9450-EB03B2C7FC29}" = Sonic MyDVD
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2376813B-2E5A-4641-B7B3-A0D5ADB55229}" = HPPhotoSmartExpress
"{26A24AE4-039D-4CA4-87B4-2F83216019FF}" = Java(TM) 6 Update 21
"{28BE306E-5DA6-4F9C-BDB0-DBA3C8C6FFFD}" = QuickTime
"{3248F0A8-6813-11D6-A77B-00B0D0150020}" = J2SE Runtime Environment 5.0 Update 2
"{350C940c-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{363790D2-DA98-41DD-9C9F-69FA36B169DE}" = PanoStandAlone
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3E31821C-7917-367E-938E-E65FC413EA31}" = Microsoft .NET Framework 3.5 Language Pack SP1 - fra
"{45B8A76B-57EC-4242-B019-066400CD8428}" = BufferChm
"{4634B21A-CC07-4396-890C-2B8168661FEA}" = Windows Live Writer
"{46ABBC54-1872-4AA3-95E2-F2C063A63F31}" = Installation Windows Live
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CBA3D4C-8F51-4D60-B27E-F6B641C571E7}" = Microsoft Search Enhancement Pack
"{4EA684E9-5C81-4033-A696-3019EC57AC3A}" = HPProductAssistant
"{51F96AEC-D902-4434-A0DC-B9692A21AE7C}" = MobileMe Control Panel
"{5DD76286-9BE7-4894-A990-E905E91AC818}" = Windows Live Mail
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{66910000-8B30-4973-A159-6371345AFFA5}" = WebReg
"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = MSIDVD
"{68763C27-235D-4165-A961-FDEA228CE504}" = AiOSoftwareNPI
"{6909F917-5499-482e-9AA1-FAD06A99F231}" = Toolbox
"{6994491D-D491-48F1-AE1F-E179C1FFFC2F}" = HP Photosmart Essential
"{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{72AD53CC-CCC0-3757-8480-9EE176866A7C}" = Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - FRA
"{736C803C-DD3B-4015-BC51-AFB9E67B9076}" = Readme
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{770F1BEC-2871-4E70-B837-FB8525FFA3B1}" = Windows Live Messenger
"{7D1D6A24-65D4-454C-8815-4F08A5FFF12C}" = Macromedia Shockwave Player
"{7E7B7865-6C80-4373-8BC1-C2EB9431F9DE}" = ProductContextNPI
"{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}" = Windows Live Call
"{8331C3EA-0C91-43AA-A4D4-27221C631139}" = Status
"{87E2B986-07E8-477a-93DC-AF0B6758B192}" = DocProcQFolder
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A4CE7FD-9657-4B06-9943-E1819F3D5D67}" = DocProc
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8CE4E6E9-9D55-43FB-9DDB-688C976BFC05}" = Unload
"{90120000-0020-040C-0000-0000000FF1CE}" = Module de compatibilité pour Microsoft Office System 2007
"{9085040C-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Word Viewer 2003
"{95120000-00AF-040C-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (French)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9541FED0-327F-4DF0-8B96-EF57EF622F19}" = Sonic RecordNow!
"{996512CF-F35B-48DE-9291-557FA5316967}" = ScannerCopy
"{9A394342-4A68-4EBA-85A6-55B559F4E700}" = Microsoft .NET Framework 1.1 French Language Pack
"{9D8B0949-7C47-476F-9F06-F900D3B078EA}" = Kaspersky Internet Security 2010
"{9FC8D8F8-AF3A-4488-98AF-51C6DEC732F2}" = c3100_Help
"{A059DE09-1B49-4450-B340-7AE097EC3F04}" = Microsoft Works
"{A06275F4-324B-4E85-95E6-87B2CD729401}" = Windows Defender
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A4526B5A-89C0-4F4B-9E6E-4F883374D5F9}" = Microsoft Antimalware Service FR-FR Language Pack
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{AC76BA86-7AD7-1036-7B44-A93000000001}" = Adobe Reader 9.3.3 - Français
"{ACCA20B0-C4D1-4BF5-BF21-0A0EB5EF9730}" = REALTEK GbE & FE Ethernet PCI NIC Driver
"{B0F64C44-DC77-497D-9A27-C0F5BAB12493}" = muveeNow 2.0 - Creative
"{B131E59D-202C-43C6-84C9-68F0C37541F1}" = Galerie de photos Windows Live
"{BB85ED9C-AFC9-43BD-B8DC-258C3C7DF72E}" = HP Software Update
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{BDBE2F3E-42DB-4d4a-8CB1-19BA765DBC6C}" = HP Photosmart, Officejet and Deskjet 7.0.A
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C2EBC2F1-B766-4AE3-A10C-6EBBC1EE3B02}" = Logiciel de Synchronisation Orange
"{C514C594-23AA-4F13-A070-DB8BDB27594F}" = Windows Live Mail
"{C7F54CF8-D6FB-4E0A-93A3-E68AE0D6C476}" = SolutionCenter
"{C8753E28-2680-49BF-BD48-DD38FD086EFE}" = AiO_Scan_CDA
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D5D81435-B8DE-4CAF-867F-7998F2B92CFC}" = Windows Live Contrôle parental
"{DBC20735-34E6-4E97-A9E5-2066B66B243D}" = TrayApp
"{DCE8CD14-FBF5-4464-B9A4-E18E473546C7}" = Assistant de connexion Windows Live
"{E1B80DEE-A795-4258-8445-074C06AE3AB8}" = MarketResearch
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}" = Codeur Windows Media Série 9
"{E62A1F01-07B7-4541-A835-EE5B0BF064C2}" = Microsoft Antimalware
"{EB8C9964-09AC-48bf-8B98-027609C78251}" = C3100
"{EF98A02A-1748-4762-9B7D-5ED1600520D5}" = Microsoft Security Essentials
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F157460F-720E-482f-8625-AD7843891E5F}" = InstantShareDevicesMFC
"{F266A90C-3F4A-4F65-9901-3DBBB0D77D80}" = TRENDnet TEW-421PC or TEW-423PI
"{F3760724-B29D-465B-BC53-E5D72095BCC4}" = Scan
"{F6076EF9-08E1-442F-B6A2-BFB61B295A14}" = Fax_CDA
"{F7D27C70-90F5-49B9-B188-0A133C0CE353}" = Windows Live Toolbar
"{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio
"{FB15E224-67C3-491F-9F5C-F257BC418412}" = Destinations
"{FBB980B0-63F8-4B48-8D65-90F1D9F81D9F}" = NewCopy_CDA
"6194C28A8F62DD817EA1B918E6E46E806A21B452" = Package de pilotes Windows - MobileTop (sshpmdm) Modem (02/23/2007 2.5.0.0)
"65B6FE5418CE28F4D72543FB2D964C3CEC83F161" = Package de pilotes Windows - MobileTop (sshpusb) USB (02/23/2007 2.5.0.0)
"abysses" = abysses Screensaver
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Advanced Audio FX Engine" = Advanced Audio FX Engine
"Advanced SystemCare 3_is1" = Advanced SystemCare 3
"Advanced Video FX Engine" = Advanced Video FX Engine
"aohkfejmqzhouv" = Tagging System Revenuebuster
"Avanquest_FR Toolbar" = Avanquest_FR Toolbar
"AVS Update Manager_is1" = AVS Update Manager 1.0
"AVS4YOU Software Navigator_is1" = AVS4YOU Software Navigator 1.3
"b7fc1caa" = Contextual Tool Lightspeedincome
"CCleaner" = CCleaner (remove only)
"CD CODE EXPERT TRAVAIL" = CD Dalloz Expert - Code du travail
"CleanUp!" = CleanUp!
"Codecs.fr" = Codecs.fr v1.0
"Creative Live! Cam Center" = Creative Live! Cam Center
"Creative Live! Cam Doodling" = Creative Live! Cam Doodling
"Creative Live! Cam FX Creator" = Creative Live! Cam FX Creator
"Creative Live! Cam Manager" = Creative Live! Cam Manager
"Creative Live! Cam User's Guide" = Guide de l'utilisateur Creative Live! Cam
"Creative Photo Calendar" = Calendrier de photos Creative
"Creative Software AutoUpdate" = Creative Software AutoUpdate
"Creative VF0350" = Creative Live! Cam Video Chat or Video IM (VF0350) Driver (1.04.01.00)
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"DivX Setup.divx.com" = Configuration DivX
"ecran de veille - 1e RPIMa" = ecran de veille - 1e RPIMa Screen Saver
"eMule" = eMule
"ERUNT_is1" = ERUNT 1.1j
"Google Updater" = Outil de mise à jour Google
"HijackThis" = HijackThis 2.0.2
"HP Imaging Device Functions" = HP Imaging Device Functions 7.0
"HP Solution Center & Imaging Support Tools" = HP Solution Center 7.0
"HPExtendedCapabilities" = HP Customer Participation Program 7.0
"HPOCR" = OCR Software by I.R.I.S 7.0
"ie8" = Windows Internet Explorer 8
"InstallShield_{F266A90C-3F4A-4F65-9901-3DBBB0D77D80}" = TRENDnet TEW-421PC or TEW-423PI
"InstallWIX_{9D8B0949-7C47-476F-9F06-F900D3B078EA}" = Kaspersky Internet Security 2010
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 Language Pack SP1 - fra" = Module linguistique Microsoft .NET Framework 3.5 SP1- fra
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft Security Essentials" = Microsoft Security Essentials
"Mozilla Firefox (3.6.3)" = Mozilla Firefox (3.6.3)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"MSNINST" = MSN
"NVIDIA Drivers" = NVIDIA Drivers
"Picasa 3" = Picasa 3
"PIXresizer_is1" = PIXresizer 2.0.4
"ProtectDisc Driver 11" = ProtectDisc Driver, Version 11
"RepareOE" = RepareOE
"SAMSUNG Mobile Composite Device" = SAMSUNG Mobile Composite Device Software
"SAMSUNG Mobile Modem" = SAMSUNG Mobile Modem Driver Set
"Samsung Mobile phone USB driver" = Samsung Mobile phone USB driver Software
"SAMSUNG Mobile USB Modem" = SAMSUNG Mobile USB Modem Software
"SAMSUNG Mobile USB Modem 1.0" = SAMSUNG Mobile USB Modem 1.0 Software
"SightSpeed" = SightSpeed
"SysInfo" = Creative System Information
"TerraExplorer" = TerraExplorer
"VLC media player" = VLC media player 0.9.6
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Lecteur Windows Media 11
"Windows XP Service" = Windows XP Service Pack 3
"WinLiveSuite_Wave3" = Installation Windows Live
"WinRAR archiver" = Archiveur WinRAR
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-733568381-2925260249-56603025-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
"UnityWebPlayer" = Unity Web Player

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 07/08/2010 12:38:48 | Computer Name = chapelier-01 | Source = Application Hang | ID = 1002
Description = Application bloquée msimn.exe, version 6.0.2900.5512, module bloqué
hungapp, version 0.0.0.0, adresse de blocage 0x00000000.

Error - 07/08/2010 12:38:54 | Computer Name = chapelier-01 | Source = Application Hang | ID = 1001
Description = Détecteur d'erreurs 736169863.

Error - 07/08/2010 12:46:00 | Computer Name = chapelier-01 | Source = Application Hang | ID = 1002
Description = Application bloquée msimn.exe, version 6.0.2900.5512, module bloqué
hungapp, version 0.0.0.0, adresse de blocage 0x00000000.

Error - 07/08/2010 12:46:03 | Computer Name = chapelier-01 | Source = Application Hang | ID = 1001
Description = Détecteur d'erreurs 736169863.

Error - 08/08/2010 14:26:32 | Computer Name = chapelier-01 | Source = Application Hang | ID = 1002
Description = Application bloquée msimn.exe, version 6.0.2900.5512, module bloqué
hungapp, version 0.0.0.0, adresse de blocage 0x00000000.

Error - 08/08/2010 14:26:38 | Computer Name = chapelier-01 | Source = Application Hang | ID = 1001
Description = Détecteur d'erreurs 736169863.

Error - 10/08/2010 10:24:20 | Computer Name = chapelier-01 | Source = Ci | ID = 4124
Description = L'index de contenu sur c:\system volume information\catalog.wci est
endommagé. Veuillez arrêter et redémarrer le service d'indexation (cisvc).

Error - 10/08/2010 10:24:20 | Computer Name = chapelier-01 | Source = Ci | ID = 4126
Description = Nettoyage des méta-données endommagées de l'index de contenu sur c:\system
volume information\catalog.wci. L'index sera automatiquement restauré en refiltrant
tous les documents.

Error - 14/08/2010 10:03:20 | Computer Name = chapelier-01 | Source = MsiInstaller | ID = 11706
Description = Produit : Sonic MyDVD -- Erreur 1706. Package d'installation pour
le produit Sonic MyDVD introuvable. Réessayez d'exécuter Windows Installer avec
un package d'installation valide MYDVDFRA.MSI.

Error - 14/08/2010 11:03:26 | Computer Name = chapelier-01 | Source = Application Error | ID = 1000
Description = Application défaillante evolution-exchange-storage.exe, version 0.0.0.0,
module défaillant ntdll.dll, version 5.1.2600.5755, adresse de défaillance 0x0001b21a.

[ System Events ]
Error - 14/08/2010 11:44:04 | Computer Name = chapelier-01 | Source = Service Control Manager | ID = 7023
Description = Le service Gestion d'applications s'est arrêté avec l'erreur : %%126

Error - 14/08/2010 11:44:05 | Computer Name = chapelier-01 | Source = Service Control Manager | ID = 7023
Description = Le service Gestion d'applications s'est arrêté avec l'erreur : %%126

Error - 14/08/2010 11:44:05 | Computer Name = chapelier-01 | Source = Service Control Manager | ID = 7023
Description = Le service Gestion d'applications s'est arrêté avec l'erreur : %%126

Error - 14/08/2010 11:44:05 | Computer Name = chapelier-01 | Source = Service Control Manager | ID = 7023
Description = Le service Gestion d'applications s'est arrêté avec l'erreur : %%126

Error - 14/08/2010 11:44:05 | Computer Name = chapelier-01 | Source = Service Control Manager | ID = 7023
Description = Le service Gestion d'applications s'est arrêté avec l'erreur : %%126

Error - 14/08/2010 12:37:01 | Computer Name = chapelier-01 | Source = NETLOGON | ID = 3095
Description = Cet ordinateur est configuré en tant que membre d'un groupe de travail,
et
non en tant que membre d'un domaine. Il n'est pas nécessaire d'exécuter le service
Accès réseau dans cette configuration.

Error - 15/08/2010 06:34:05 | Computer Name = chapelier-01 | Source = Service Control Manager | ID = 7000
Description = Le service LogMeIn Kernel Information Provider n'a pas pu démarrer
en raison de l'erreur : %%3

Error - 15/08/2010 06:34:21 | Computer Name = chapelier-01 | Source = WMPNetworkSvc | ID = 866312
Description = Un nouveau serveur de données multimédia n’a pas pu être initialisé
en raison de l’erreur ‘0xc00d2781’ dans WMCreateDeviceRegistration(). Il se peut
que les composants DRM de gestion des droits numériques installés sur votre ordinateur
soient endommagés. Vérifiez que les fichiers protégés sont lisibles dans le Lecteur
Windows Media, puis redémarrez le service WMPNetworkSvc.

Error - 15/08/2010 06:34:23 | Computer Name = chapelier-01 | Source = WMPNetworkSvc | ID = 866312
Description = Un nouveau serveur de données multimédia n’a pas pu être initialisé
en raison de l’erreur ‘0xc00d2781’ dans WMCreateDeviceRegistration(). Il se peut
que les composants DRM de gestion des droits numériques installés sur votre ordinateur
soient endommagés. Vérifiez que les fichiers protégés sont lisibles dans le Lecteur
Windows Media, puis redémarrez le service WMPNetworkSvc.

Error - 15/08/2010 06:35:38 | Computer Name = chapelier-01 | Source = Service Control Manager | ID = 7022
Description = Le service Kaspersky Internet Security est en attente de démarrage.


<End>

OTL logfile created on: 15/08/2010 19:10:55 - Run 2
OTL by OldTimer - Version 3.2.9.1 Folder = D:\Documents and Settings\Chapelier\Mes documents\Downloads
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

1 023,00 Mb Total Physical Memory | 466,00 Mb Available Physical Memory | 46,00% Memory free
2,00 Gb Paging File | 2,00 Gb Available in Paging File | 71,00% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 29,99 Gb Total Space | 15,11 Gb Free Space | 50,38% Space Free | Partition Type: NTFS
Drive D: | 150,30 Gb Total Space | 134,49 Gb Free Space | 89,48% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
Drive G: | 244,59 Mb Total Space | 192,65 Mb Free Space | 78,76% Space Free | Partition Type: FAT
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Drive L: | 14,93 Gb Total Space | 7,32 Gb Free Space | 49,05% Space Free | Partition Type: FAT32

Computer Name: chapelier-01
Current User Name: Chapelier
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2010/08/15 12:39:55 | 000,574,976 | ---- | M] (OldTimer Tools) -- D:\Documents and Settings\Chapelier\Mes documents\Downloads\OTL.exe
PRC - [2010/07/31 02:18:11 | 000,945,720 | ---- | M] (Google Inc.) -- D:\Documents and Settings\Chapelier\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
PRC - [2010/07/02 17:33:10 | 002,347,216 | ---- | M] (IObit) -- C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe
PRC - [2010/06/29 17:27:21 | 000,134,808 | ---- | M] (Google Inc.) -- D:\Documents and Settings\Chapelier\Local Settings\Application Data\Google\Update\1.2.183.29\GoogleCrashHandler.exe
PRC - [2010/06/03 02:50:58 | 001,144,104 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe
PRC - [2010/06/01 14:53:46 | 001,093,208 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Essentials\msseces.exe
PRC - [2010/05/14 11:44:46 | 000,248,552 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe
PRC - [2010/04/29 15:39:32 | 001,090,952 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
PRC - [2010/03/25 21:40:44 | 000,017,904 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Essentials\MsMpEng.exe
PRC - [2009/10/20 19:39:28 | 000,340,456 | ---- | M] (Kaspersky Lab) -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
PRC - [2009/05/19 11:36:18 | 000,240,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
PRC - [2008/04/13 20:34:04 | 001,037,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/08/23 01:03:00 | 000,028,672 | ---- | M] (Creative Technology Ltd.) -- C:\WINDOWS\V0350Mon.exe
PRC - [2007/08/09 09:27:52 | 000,073,728 | ---- | M] (HP) -- C:\WINDOWS\system32\HPZipm12.exe
PRC - [2007/05/02 10:30:20 | 000,151,552 | ---- | M] (Creative Technology Ltd.) -- C:\Program Files\Creative\Creative Live! Cam\Live! Cam Manager\CTLCMgr.exe
PRC - [2006/11/17 11:42:46 | 000,053,341 | ---- | M] (Creative Technology Ltd) -- C:\Program Files\Creative\Shared Files\CTSched.exe
PRC - [2005/05/17 18:48:32 | 000,077,824 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SOUNDMAN.EXE
PRC - [2005/05/11 13:52:04 | 000,737,381 | ---- | M] (Cyberlink) -- C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLService.exe
PRC - [2005/05/11 13:52:00 | 000,061,440 | ---- | M] (Cyberlink) -- C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
PRC - [2005/05/11 13:50:34 | 000,110,672 | ---- | M] () -- c:\APPS\Powercinema\Kernel\TV\CLSched.exe
PRC - [2005/05/11 13:50:14 | 000,221,266 | ---- | M] () -- c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe
PRC - [2004/04/08 05:25:04 | 001,135,728 | ---- | M] (America Online, Inc.) -- C:\Program Files\Fichiers communs\AOL\ACS\AOLacsd.exe
PRC - [2004/02/26 09:52:00 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) -- C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
PRC - [2003/07/02 17:40:08 | 000,045,056 | ---- | M] ( ) -- C:\WINDOWS\system32\slserv.exe


========== Modules (SafeList) ==========

MOD - [2010/08/15 12:39:55 | 000,574,976 | ---- | M] (OldTimer Tools) -- D:\Documents and Settings\Chapelier\Mes documents\Downloads\OTL.exe
MOD - [2010/06/19 21:37:56 | 000,378,264 | ---- | M] (Adobe Systems, Inc.) -- C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\pdfshell.dll
MOD - [2010/04/06 04:52:46 | 002,462,720 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wmvcore.dll
MOD - [2009/09/28 20:34:48 | 000,083,288 | ---- | M] (LogMeIn, Inc.) -- C:\WINDOWS\system32\LMIRfsClientNP.dll
MOD - [2009/08/13 15:56:14 | 001,748,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6001.22319_x-ww_f0b4c2df\GdiPlus.dll
MOD - [2009/07/12 02:12:06 | 000,632,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\msvcr80.dll
MOD - [2009/02/27 17:37:16 | 000,311,296 | ---- | M] () -- C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\pdfshell.FRA
MOD - [2009/01/30 20:34:06 | 000,222,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\WMASF.dll
MOD - [2009/01/30 20:34:02 | 000,254,976 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\PortableDeviceApi.dll
MOD - [2008/04/13 20:33:50 | 000,053,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winsta.dll
MOD - [2008/04/13 20:33:48 | 000,068,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\sti.dll
MOD - [2008/04/13 20:33:42 | 000,068,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shgina.dll
MOD - [2008/04/13 20:33:40 | 000,249,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\odbc32.dll
MOD - [2008/04/13 20:33:38 | 000,044,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntlanman.dll
MOD - [2008/04/13 20:33:36 | 000,245,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netui1.dll
MOD - [2008/04/13 20:33:36 | 000,083,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netui0.dll
MOD - [2008/04/13 20:33:36 | 000,011,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netrap.dll
MOD - [2008/04/13 20:33:32 | 001,007,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msgina.dll
MOD - [2008/04/13 20:33:30 | 000,586,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mlang.dll
MOD - [2008/04/13 20:33:24 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\davclnt.dll
MOD - [2008/04/13 20:33:24 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drprov.dll
MOD - [2008/04/13 20:32:04 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx
MOD - [2008/04/13 20:31:04 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cfgmgr32.dll
MOD - [2008/04/13 12:36:48 | 002,986,496 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\xpsp2res.dll
MOD - [2007/03/28 06:56:44 | 000,098,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\odbcint.dll
MOD - [2006/05/03 22:53:54 | 000,174,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\framedyn.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- C:\WINDOWS\System32\appmgmts.dll -- (AppMgmt)
SRV - [2010/03/25 21:40:44 | 000,017,904 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Security Essentials\MsMpEng.exe -- (MsMpSvc)
SRV - [2009/10/20 19:39:28 | 000,340,456 | ---- | M] (Kaspersky Lab) [Auto | Running] -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe -- (AVP)
SRV - [2009/08/05 23:48:42 | 000,704,864 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Live\Family Safety\fsssvc.exe -- (fsssvc)
SRV - [2009/05/19 11:36:18 | 000,240,512 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe -- (SeaPort)
SRV - [2007/08/09 09:27:52 | 000,073,728 | ---- | M] (HP) [Auto | Running] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12)
SRV - [2006/11/03 20:19:58 | 000,013,592 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV - [2005/11/14 01:06:04 | 000,069,632 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe -- (IDriverT)
SRV - [2005/05/11 13:52:00 | 000,061,440 | ---- | M] (Cyberlink) [Auto | Running] -- C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe -- (CyberLink Media Library Service)
SRV - [2005/05/11 13:50:34 | 000,110,672 | ---- | M] () [Auto | Running] -- c:\APPS\Powercinema\Kernel\TV\CLSched.exe -- (CLSched) CyberLink Task Scheduler (CTS)
SRV - [2005/05/11 13:50:14 | 000,221,266 | ---- | M] () [Auto | Running] -- c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe -- (CLCapSvc) CyberLink Background Capture Service (CBCS)
SRV - [2004/10/25 16:23:04 | 003,485,696 | ---- | M] () [On_Demand | Stopped] -- C:\APPS\Inventime\mysql\bin\mysqld-nt.exe -- (MysqlInventime)
SRV - [2004/04/08 05:25:04 | 001,135,728 | ---- | M] (America Online, Inc.) [Auto | Running] -- C:\Program Files\Fichiers communs\AOL\ACS\AOLacsd.exe -- (AOL ACS)
SRV - [2004/02/26 09:52:00 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) [Auto | Running] -- C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe -- (UleadBurningHelper)
SRV - [2003/07/28 20:28:22 | 000,089,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
SRV - [2003/07/02 17:40:08 | 000,045,056 | ---- | M] ( ) [Auto | Running] -- C:\WINDOWS\System32\slserv.exe -- (SLService)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\Drivers\usbaapl.sys -- (USBAAPL)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\splitcam.sys -- (SPLITCAM)
DRV - File not found [Kernel | Auto | Stopped] -- C:\Program Files\LogMeIn\x86\RaInfo.sys -- (LMIInfo)
DRV - [2010/04/29 15:39:38 | 000,038,224 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy)
DRV - [2010/03/25 21:30:22 | 000,151,216 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\MpFilter.sys -- (MpFilter)
DRV - [2010/01/20 13:28:24 | 000,295,432 | ---- | M] (Protect Software GmbH) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\ACEDRV11.sys -- (acedrv11)
DRV - [2009/11/11 16:35:34 | 000,315,408 | ---- | M] (Kaspersky Lab) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\klif.sys -- (KLIF)
DRV - [2009/10/14 20:18:34 | 000,036,880 | ---- | M] (Kaspersky Lab) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\klbg.sys -- (klbg)
DRV - [2009/10/02 18:39:44 | 000,019,472 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\klmouflt.sys -- (klmouflt)
DRV - [2009/09/28 20:34:48 | 000,083,288 | ---- | M] (LogMeIn, Inc.) [File_System | Disabled | Stopped] -- C:\WINDOWS\System32\LMIRfsClientNP.dll -- (LMIRfsClientNP)
DRV - [2009/09/14 13:42:46 | 000,032,272 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\klim5.sys -- (klim5)
DRV - [2009/09/01 14:29:50 | 000,128,016 | ---- | M] (Kaspersky Lab) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\kl1.sys -- (kl1)
DRV - [2009/08/05 23:48:42 | 000,054,752 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\fssfltr_tdi.sys -- (fssfltr)
DRV - [2009/06/22 14:14:12 | 000,130,432 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtnicxp.sys -- (RTL8023xp)
DRV - [2008/10/01 13:58:48 | 000,005,632 | ---- | M] () [File_System | System | Running] -- C:\WINDOWS\System32\drivers\StarOpen.sys -- (StarOpen)
DRV - [2008/08/11 13:41:00 | 000,047,640 | ---- | M] (LogMeIn, Inc.) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\LMIRfsDriver.sys -- (LMIRfsDriver)
DRV - [2008/04/30 15:43:42 | 000,160,768 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\V0350Afx.sys -- (VF0350Afx)
DRV - [2008/04/13 12:46:24 | 000,015,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mpe.sys -- (MPE)
DRV - [2008/04/13 12:45:14 | 000,060,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\usbaudio.sys -- (usbaudio) Pilote USB audio (WDM)
DRV - [2008/04/13 12:36:40 | 000,043,008 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\amdagp.sys -- (amdagp)
DRV - [2008/04/13 12:36:40 | 000,040,960 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\sisagp.sys -- (sisagp)
DRV - [2007/11/02 12:47:38 | 000,109,992 | R--- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s916mdm.sys -- (s916mdm)
DRV - [2007/11/02 12:47:38 | 000,103,976 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s916mgmt.sys -- (s916mgmt) Sony Ericsson Device 916 USB WMC Device Management Drivers (WDM)
DRV - [2007/11/02 12:47:38 | 000,100,008 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s916obex.sys -- (s916obex)
DRV - [2007/11/02 12:47:38 | 000,083,496 | R--- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s916bus.sys -- (s916bus) Sony Ericsson Device 916 driver (WDM)
DRV - [2007/11/02 12:47:38 | 000,015,016 | R--- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s916mdfl.sys -- (s916mdfl)
DRV - [2007/08/29 01:03:00 | 000,170,368 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\V0350Vid.sys -- (VF0350Vid) Live! Cam Video IM (VF0350)
DRV - [2007/07/03 16:58:20 | 000,106,792 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sscdmdm.sys -- (sscdmdm)
DRV - [2007/07/03 16:57:24 | 000,011,944 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sscdmdfl.sys -- (sscdmdfl)
DRV - [2007/07/03 16:54:24 | 000,080,552 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sscdbus.sys -- (sscdbus) SAMSUNG USB Composite Device driver (WDM)
DRV - [2007/03/05 18:45:04 | 000,007,424 | ---- | M] (EyePower Games Pte. Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\V0350Vfx.sys -- (VF0350Vfx)
DRV - [2006/03/01 19:53:54 | 000,032,128 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\pcandis5.sys -- (PCANDIS5)
DRV - [2005/05/27 12:51:26 | 000,799,744 | ---- | M] (Philips Semiconductors GmbH) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\3xHybrid.sys -- (3xHybrid)
DRV - [2005/05/18 17:50:30 | 002,319,680 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS -- (ALCXWDM) Service for Realtek AC97 Audio (WDM)
DRV - [2005/04/01 16:16:00 | 003,454,656 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2005/03/09 15:53:00 | 000,043,008 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8)
DRV - [2004/08/03 22:41:40 | 000,013,776 | ---- | M] (Smart Link) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RecAgent.sys -- (RecAgent)
DRV - [2003/08/20 17:34:50 | 000,548,952 | ---- | M] ( ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\slntamr.sys -- (Slntamr)
DRV - [2003/07/16 12:30:26 | 000,221,736 | ---- | M] ( ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mtlmnt5.sys -- (Mtlmnt5)
DRV - [2003/07/02 16:26:36 | 001,301,128 | ---- | M] ( ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mtlstrm.sys -- (Mtlstrm)
DRV - [2003/07/02 16:24:36 | 000,086,128 | ---- | M] ( ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\slnthal.sys -- (SlNtHal)
DRV - [2003/07/02 16:12:52 | 000,039,348 | ---- | M] (Vireo Software) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\slwdmsup.sys -- (SlWdmSup)
DRV - [2003/07/02 15:57:10 | 000,167,384 | ---- | M] ( ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ntmtlfax.sys -- (NtMtlFax)
DRV - [2003/01/10 16:13:04 | 000,033,588 | ---- | M] (America Online, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\wanatw4.sys -- (wanatw) WAN Miniport (ATW)
DRV - [2002/08/30 13:00:00 | 000,179,584 | ---- | M] (Mylex Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\dac2w2k.sys -- (dac2w2k)
DRV - [2002/08/30 13:00:00 | 000,049,024 | ---- | M] (QLogic Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\ql1280.sys -- (ql1280)
DRV - [2002/08/30 13:00:00 | 000,045,312 | ---- | M] (QLogic Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\ql12160.sys -- (ql12160)
DRV - [2002/08/30 13:00:00 | 000,040,320 | ---- | M] (QLogic Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\ql1080.sys -- (ql1080)
DRV - [2002/08/30 13:00:00 | 000,036,736 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\ultra.sys -- (ultra)
DRV - [2002/08/30 13:00:00 | 000,032,640 | ---- | M] (LSI Logic) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\symc8xx.sys -- (symc8xx)
DRV - [2002/08/30 13:00:00 | 000,030,688 | ---- | M] (LSI Logic) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\sym_u3.sys -- (sym_u3)
DRV - [2002/08/30 13:00:00 | 000,028,384 | ---- | M] (LSI Logic) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\sym_hi.sys -- (sym_hi)
DRV - [2002/08/30 13:00:00 | 000,026,496 | ---- | M] (Advanced System Products, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\asc.sys -- (asc)
DRV - [2002/08/30 13:00:00 | 000,019,072 | ---- | M] (Adaptec, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\sparrow.sys -- (Sparrow)
DRV - [2002/08/30 13:00:00 | 000,017,280 | ---- | M] (American Megatrends Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\mraid35x.sys -- (mraid35x)
DRV - [2002/08/30 13:00:00 | 000,016,256 | ---- | M] (Symbios Logic Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\symc810.sys -- (symc810)
DRV - [2002/08/30 13:00:00 | 000,014,848 | ---- | M] (Advanced System Products, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\asc3550.sys -- (asc3550)
DRV - [2002/08/30 13:00:00 | 000,006,656 | ---- | M] (CMD Technology, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\cmdide.sys -- (CmdIde)
DRV - [2002/08/30 13:00:00 | 000,005,248 | ---- | M] (Acer Laboratories Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\aliide.sys -- (AliIde)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-733568381-2925260249-56603025-1006\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-733568381-2925260249-56603025-1006\SOFTWARE\Microsoft\Internet Explorer\Main,start page = about:blank
IE - HKU\S-1-5-21-733568381-2925260249-56603025-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://fr.msn.com/?ocid=iehp
IE - HKU\S-1-5-21-733568381-2925260249-56603025-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = fr
IE - HKU\S-1-5-21-733568381-2925260249-56603025-1006\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKU\S-1-5-21-733568381-2925260249-56603025-1006\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultthis.engineName: "Avanquest FR Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2500339&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.selectedEngine: "Avanquest FR Customized Web Search"
FF - prefs.js..browser.startup.homepage: "http://search.conduit.com/?ctid=CT2500339&SearchSource=13"
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: linkfilter@kaspersky.ru:9.0.0.736
FF - prefs.js..extensions.enabledItems: {6ec85fcf-87ad-41d7-ae1f-f116f8ad4848}:2.6.0.15
FF - prefs.js..network.proxy.no_proxies_on: "*.local"

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/05/26 21:50:03 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/08/13 19:00:21 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Thunderbird\Extensions\\{eea12ec4-729d-4703-bc37-106ce9879ce2}: C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\THBExt [2010/06/20 23:09:08 | 000,000,000 | ---D | M]

[2010/05/26 21:50:15 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Chapelier\Application Data\Mozilla\Extensions
[2009/03/20 21:59:57 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Chapelier\Application Data\Mozilla\Extensions\mozswing@mozswing.org
[2010/07/12 22:42:34 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Chapelier\Application Data\Mozilla\Firefox\Profiles\wimoz6av.default\extensions
[2010/07/12 22:42:34 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- D:\Documents and Settings\Chapelier\Application Data\Mozilla\Firefox\Profiles\wimoz6av.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/07/05 22:20:19 | 000,000,000 | ---D | M] (Avanquest FR Toolbar) -- D:\Documents and Settings\Chapelier\Application Data\Mozilla\Firefox\Profiles\wimoz6av.default\extensions\{6ec85fcf-87ad-41d7-ae1f-f116f8ad4848}
[2010/05/06 17:26:20 | 000,000,927 | ---- | M] () -- D:\Documents and Settings\Chapelier\Application Data\Mozilla\Firefox\Profiles\wimoz6av.default\searchplugins\conduit.xml
[2010/08/13 19:00:24 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010/08/13 19:00:24 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010/05/27 11:04:26 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\linkfilter@kaspersky.ru
[2010/07/17 05:00:04 | 000,423,656 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2010/04/01 19:07:29 | 000,001,516 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazon-france.xml
[2010/04/01 19:07:29 | 000,001,822 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\cnrtl-tlfi-fr.xml
[2010/04/01 19:07:29 | 000,000,757 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-france.xml
[2010/04/01 19:07:29 | 000,001,426 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-fr.xml
[2010/04/01 19:07:29 | 000,000,956 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-france.xml

O1 HOSTS File: ([2010/04/29 13:44:06 | 000,000,792 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ievkbd.dll (Kaspersky Lab)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
O2 - BHO: (Avanquest FR Toolbar) - {6ec85fcf-87ad-41d7-ae1f-f116f8ad4848} - C:\Program Files\Avanquest_FR\tbAvan.dll (Conduit Ltd.)
O2 - BHO: (Programme d'aide de l'Assistant de connexion Windows Live) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll (Google Inc.)
O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O2 - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll (Kaspersky Lab)
O2 - BHO: (SMTTB2009 Class) - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - Reg Error: Value error. File not found
O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (Splitcam Toolbar) - {338B4DFE-2E2C-4338-9E41-E176D497299E} - Reg Error: Value error. File not found
O3 - HKLM\..\Toolbar: (Avanquest FR Toolbar) - {6ec85fcf-87ad-41d7-ae1f-f116f8ad4848} - C:\Program Files\Avanquest_FR\tbAvan.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKU\S-1-5-21-733568381-2925260249-56603025-1006\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O3 - HKU\S-1-5-21-733568381-2925260249-56603025-1006\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKU\S-1-5-21-733568381-2925260249-56603025-1006\..\Toolbar\WebBrowser: (Avanquest FR Toolbar) - {6EC85FCF-87AD-41D7-AE1F-F116F8AD4848} - C:\Program Files\Avanquest_FR\tbAvan.dll (Conduit Ltd.)
O4 - HKLM..\Run: [Adobe ARM] C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AppleSyncNotifier] C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleSyncNotifier.exe (Apple Inc.)
O4 - HKLM..\Run: [AVFX Engine] C:\Program Files\Creative\Creative Live! Cam\VideoFX\StartFX.exe (Creative Technology Ltd.)
O4 - HKLM..\Run: [AVP] C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe (Kaspersky Lab)
O4 - HKLM..\Run: [BluetoothAuthenticationAgent] C:\WINDOWS\System32\bthprops.cpl (Microsoft Corporation)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [MSSE] C:\Program Files\Microsoft Security Essentials\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe (NVIDIA Corporation)
O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\SOUNDMAN.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [V0350Mon.exe] C:\WINDOWS\V0350Mon.exe (Creative Technology Ltd.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-733568381-2925260249-56603025-1006..\Run: [Advanced SystemCare 3] C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe (IObit)
O4 - HKU\S-1-5-21-733568381-2925260249-56603025-1006..\Run: [Creative Live! Cam Manager] C:\Program Files\Creative\Creative Live! Cam\Live! Cam Manager\CTLCMgr.exe (Creative Technology Ltd.)
O4 - HKU\S-1-5-21-733568381-2925260249-56603025-1006..\Run: [CreativeTaskScheduler] C:\Program Files\Creative\Shared Files\CTSched.exe (Creative Technology Ltd)
O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKU\.DEFAULT..\RunOnce: [nltide_2] File not found
O4 - HKU\S-1-5-18..\RunOnce: [nltide_2] File not found
O4 - Startup: D:\Documents and Settings\Chapelier\Menu Démarrer\Programmes\Démarrage\ERUNT AutoBackup.lnk = C:\Program Files\ERUNT\AUTOBACK.EXE ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 60
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-733568381-2925260249-56603025-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-733568381-2925260249-56603025-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O8 - Extra context menu item: Ajouter à l'Anti-bannière - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ie_banner_deny.htm ()
O9 - Extra Button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: Clavier &virtuel - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll (Kaspersky Lab)
O9 - Extra Button: Analyse des &liens - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll (Kaspersky Lab)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation)
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} http://upload.facebook.com/controls/200 ... oader5.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/ ... ontrol.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} http://copainsdavant.linternaute.com/fr ... oader5.cab (Image Uploader Control)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebook.com/controls/200 ... ader55.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/fl ... rashim.cab (Reg Error: Value error.)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zone.msn.com/binary/Me ... b56907.cab (MessengerStatsClient Class)
O16 - DPF: {CAFEEFAC-0015-0000-0002-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinsta ... s-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Value error.)
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} http://ccfiles.creative.com/Web/softwar ... /CTPID.cab (Creative Software AutoUpdate Support Package)
O16 - DPF: CabBuilder http://kiw.imgag.com/imgag/kiw/toolbar/ ... ontrol.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Fichiers communs\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\skyline {3a4f9195-65a8-11d5-85c1-0001023952c1} - C:\Program Files\Skyline\TerraExplorer\TerraExplorerX.dll (Skyline software systems Inc.)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\PROGRA~1\KASPER~1\KASPER~2\mzvkbd3.dll) - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\mzvkbd3.dll (Kaspersky Lab)
O20 - AppInit_DLLs: (C:\PROGRA~1\KASPER~1\KASPER~2\kloehk.dll) - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\kloehk.dll (Kaspersky Lab)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\klogon: DllName - C:\WINDOWS\system32\klogon.dll - C:\WINDOWS\system32\klogon.dll (Kaspersky Lab)
O20 - Winlogon\Notify\LMIinit: DllName - LMIinit.dll - C:\WINDOWS\System32\LMIinit.dll (LogMeIn, Inc.)
O24 - Desktop Components:0 (Ma page d'accueil) - About:Home
O24 - Desktop WallPaper: D:\Documents and Settings\Chapelier\Application Data\Microsoft\Windows Live Photo Gallery\Papier peint de la Galerie de photos Windows Live.bmp
O24 - Desktop BackupWallPaper: D:\Documents and Settings\Chapelier\Application Data\Microsoft\Windows Live Photo Gallery\Papier peint de la Galerie de photos Windows Live.bmp
O28 - HKLM ShellExecuteHooks: {091EB208-39DD-417D-A5DD-7E2C2D8FB9CB} - C:\Program Files\Windows Defender\MpShHook.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 0
O32 - AutoRun File - [2010/04/27 12:08:39 | 000,000,050 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{03b9c321-86b2-11de-8880-00038a000015}\Shell - "" = AutoRun
O33 - MountPoints2\{03b9c321-86b2-11de-8880-00038a000015}\Shell\AutoRun\command - "" = L:\LaunchU3.exe -- File not found
O33 - MountPoints2\{d16889bc-43ca-11de-880a-00038a000015}\Shell - "" = AutoRun
O33 - MountPoints2\{dc39345c-3f09-11df-89e0-00038a000015}\Shell\AutoRun\command - "" = WDSetup.exe
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: AppMgmt - C:\WINDOWS\System32\appmgmts.dll File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: Wmi - C:\WINDOWS\System32\wmi.dll (Microsoft Corporation)
NetSvcs: WmdmPmSp - File not found

CREATERESTOREPOINT
Restore point Set: OTL Restore Point (65034330371522560)

========== Files/Folders - Created Within 30 Days ==========

[2010/08/15 18:46:04 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/08/15 18:45:57 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010/08/15 18:45:57 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/08/15 18:42:23 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2010/08/15 18:42:02 | 000,000,000 | ---D | C] -- C:\Program Files\ERUNT
[2010/08/14 18:04:51 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Chapelier\Application Data\QuickScan
[2010/08/14 17:21:46 | 000,000,000 | RH-D | C] -- D:\Documents and Settings\Chapelier\Recent
[2010/08/14 17:03:13 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Chapelier\Application
tuba221
 
Messages: 8
Inscription: 14 Aoû 2010, 15:58

Messagede nickW » 15 Aoû 2010, 23:25

Bonsoir,

1/ Tu n'as pas respecté la consigne pour le téléchargement du fichier OTL.exe en le plaçant dans le dossier D:\Documents and Settings\Chapelier\Mes documents\Downloads (alors qu'il était bien précisé "Enregistrer ce fichier sur le Bureau").


2/ Tu n'as absolument pas respecté les consignes pour l'envoi des rapports d'analyse!

Primo, tu as créé un nouveau sujet au lieu de continuer dans ton sujet d'origine (alors qu'il était bien précisé: "dans ce fil de discussion (ne pas créer de nouveau sujet")
http://assiste.forum.free.fr/viewtopic.php?t=26926

Secundo, et c'est plus ennuyeux, tu as envoyé les deux rapports d'analyse créés par OTL dans le même message (alors qu'il était bien précisé "Envoyer ensuite toujours dans ce sujet dans deux messages distincts".
En conséquence, le rapport OTL.Txt est incomplet.

Peux-tu, en cliquant sur le bouton "Répondre" Image pour continuer dans ce fil de discussion, renvoyer le contenu du fichier OTL.Txt.

A suivre,
nickW - Image
30/07/2012: Plus de désinfection de PC jusqu'à nouvel ordre.
Pas de demande d'analyse de log en MP (Message Privé)
Mes configs
Avatar de l’utilisateur
nickW
Modérateur
 
Messages: 21698
Inscription: 20 Mai 2004, 17:41
Localisation: Dordogne/Île de France

Demandes d'étude de rapports d'analyse outlook

Messagede tuba221 » 16 Aoû 2010, 20:38

OTL logfile created on: 15/08/2010 19:10:55 - Run 2
OTL by OldTimer - Version 3.2.9.1 Folder = D:\Documents and Settings\Chapelier\Mes documents\Downloads
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

1 023,00 Mb Total Physical Memory | 466,00 Mb Available Physical Memory | 46,00% Memory free
2,00 Gb Paging File | 2,00 Gb Available in Paging File | 71,00% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 29,99 Gb Total Space | 15,11 Gb Free Space | 50,38% Space Free | Partition Type: NTFS
Drive D: | 150,30 Gb Total Space | 134,49 Gb Free Space | 89,48% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
Drive G: | 244,59 Mb Total Space | 192,65 Mb Free Space | 78,76% Space Free | Partition Type: FAT
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Drive L: | 14,93 Gb Total Space | 7,32 Gb Free Space | 49,05% Space Free | Partition Type: FAT32

Computer Name: chapelier-01
Current User Name: Chapelier
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2010/08/15 12:39:55 | 000,574,976 | ---- | M] (OldTimer Tools) -- D:\Documents and Settings\Chapelier\Mes documents\Downloads\OTL.exe
PRC - [2010/07/31 02:18:11 | 000,945,720 | ---- | M] (Google Inc.) -- D:\Documents and Settings\Chapelier\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
PRC - [2010/07/02 17:33:10 | 002,347,216 | ---- | M] (IObit) -- C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe
PRC - [2010/06/29 17:27:21 | 000,134,808 | ---- | M] (Google Inc.) -- D:\Documents and Settings\Chapelier\Local Settings\Application Data\Google\Update\1.2.183.29\GoogleCrashHandler.exe
PRC - [2010/06/03 02:50:58 | 001,144,104 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe
PRC - [2010/06/01 14:53:46 | 001,093,208 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Essentials\msseces.exe
PRC - [2010/05/14 11:44:46 | 000,248,552 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe
PRC - [2010/04/29 15:39:32 | 001,090,952 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
PRC - [2010/03/25 21:40:44 | 000,017,904 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Essentials\MsMpEng.exe
PRC - [2009/10/20 19:39:28 | 000,340,456 | ---- | M] (Kaspersky Lab) -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
PRC - [2009/05/19 11:36:18 | 000,240,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
PRC - [2008/04/13 20:34:04 | 001,037,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/08/23 01:03:00 | 000,028,672 | ---- | M] (Creative Technology Ltd.) -- C:\WINDOWS\V0350Mon.exe
PRC - [2007/08/09 09:27:52 | 000,073,728 | ---- | M] (HP) -- C:\WINDOWS\system32\HPZipm12.exe
PRC - [2007/05/02 10:30:20 | 000,151,552 | ---- | M] (Creative Technology Ltd.) -- C:\Program Files\Creative\Creative Live! Cam\Live! Cam Manager\CTLCMgr.exe
PRC - [2006/11/17 11:42:46 | 000,053,341 | ---- | M] (Creative Technology Ltd) -- C:\Program Files\Creative\Shared Files\CTSched.exe
PRC - [2005/05/17 18:48:32 | 000,077,824 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SOUNDMAN.EXE
PRC - [2005/05/11 13:52:04 | 000,737,381 | ---- | M] (Cyberlink) -- C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLService.exe
PRC - [2005/05/11 13:52:00 | 000,061,440 | ---- | M] (Cyberlink) -- C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
PRC - [2005/05/11 13:50:34 | 000,110,672 | ---- | M] () -- c:\APPS\Powercinema\Kernel\TV\CLSched.exe
PRC - [2005/05/11 13:50:14 | 000,221,266 | ---- | M] () -- c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe
PRC - [2004/04/08 05:25:04 | 001,135,728 | ---- | M] (America Online, Inc.) -- C:\Program Files\Fichiers communs\AOL\ACS\AOLacsd.exe
PRC - [2004/02/26 09:52:00 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) -- C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
PRC - [2003/07/02 17:40:08 | 000,045,056 | ---- | M] ( ) -- C:\WINDOWS\system32\slserv.exe


========== Modules (SafeList) ==========

MOD - [2010/08/15 12:39:55 | 000,574,976 | ---- | M] (OldTimer Tools) -- D:\Documents and Settings\Chapelier\Mes documents\Downloads\OTL.exe
MOD - [2010/06/19 21:37:56 | 000,378,264 | ---- | M] (Adobe Systems, Inc.) -- C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\pdfshell.dll
MOD - [2010/04/06 04:52:46 | 002,462,720 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wmvcore.dll
MOD - [2009/09/28 20:34:48 | 000,083,288 | ---- | M] (LogMeIn, Inc.) -- C:\WINDOWS\system32\LMIRfsClientNP.dll
MOD - [2009/08/13 15:56:14 | 001,748,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6001.22319_x-ww_f0b4c2df\GdiPlus.dll
MOD - [2009/07/12 02:12:06 | 000,632,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\msvcr80.dll
MOD - [2009/02/27 17:37:16 | 000,311,296 | ---- | M] () -- C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\pdfshell.FRA
MOD - [2009/01/30 20:34:06 | 000,222,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\WMASF.dll
MOD - [2009/01/30 20:34:02 | 000,254,976 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\PortableDeviceApi.dll
MOD - [2008/04/13 20:33:50 | 000,053,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winsta.dll
MOD - [2008/04/13 20:33:48 | 000,068,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\sti.dll
MOD - [2008/04/13 20:33:42 | 000,068,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shgina.dll
MOD - [2008/04/13 20:33:40 | 000,249,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\odbc32.dll
MOD - [2008/04/13 20:33:38 | 000,044,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntlanman.dll
MOD - [2008/04/13 20:33:36 | 000,245,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netui1.dll
MOD - [2008/04/13 20:33:36 | 000,083,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netui0.dll
MOD - [2008/04/13 20:33:36 | 000,011,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netrap.dll
MOD - [2008/04/13 20:33:32 | 001,007,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msgina.dll
MOD - [2008/04/13 20:33:30 | 000,586,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mlang.dll
MOD - [2008/04/13 20:33:24 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\davclnt.dll
MOD - [2008/04/13 20:33:24 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drprov.dll
MOD - [2008/04/13 20:32:04 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx
MOD - [2008/04/13 20:31:04 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cfgmgr32.dll
MOD - [2008/04/13 12:36:48 | 002,986,496 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\xpsp2res.dll
MOD - [2007/03/28 06:56:44 | 000,098,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\odbcint.dll
MOD - [2006/05/03 22:53:54 | 000,174,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\framedyn.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- C:\WINDOWS\System32\appmgmts.dll -- (AppMgmt)
SRV - [2010/03/25 21:40:44 | 000,017,904 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Security Essentials\MsMpEng.exe -- (MsMpSvc)
SRV - [2009/10/20 19:39:28 | 000,340,456 | ---- | M] (Kaspersky Lab) [Auto | Running] -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe -- (AVP)
SRV - [2009/08/05 23:48:42 | 000,704,864 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Live\Family Safety\fsssvc.exe -- (fsssvc)
SRV - [2009/05/19 11:36:18 | 000,240,512 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe -- (SeaPort)
SRV - [2007/08/09 09:27:52 | 000,073,728 | ---- | M] (HP) [Auto | Running] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12)
SRV - [2006/11/03 20:19:58 | 000,013,592 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV - [2005/11/14 01:06:04 | 000,069,632 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe -- (IDriverT)
SRV - [2005/05/11 13:52:00 | 000,061,440 | ---- | M] (Cyberlink) [Auto | Running] -- C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe -- (CyberLink Media Library Service)
SRV - [2005/05/11 13:50:34 | 000,110,672 | ---- | M] () [Auto | Running] -- c:\APPS\Powercinema\Kernel\TV\CLSched.exe -- (CLSched) CyberLink Task Scheduler (CTS)
SRV - [2005/05/11 13:50:14 | 000,221,266 | ---- | M] () [Auto | Running] -- c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe -- (CLCapSvc) CyberLink Background Capture Service (CBCS)
SRV - [2004/10/25 16:23:04 | 003,485,696 | ---- | M] () [On_Demand | Stopped] -- C:\APPS\Inventime\mysql\bin\mysqld-nt.exe -- (MysqlInventime)
SRV - [2004/04/08 05:25:04 | 001,135,728 | ---- | M] (America Online, Inc.) [Auto | Running] -- C:\Program Files\Fichiers communs\AOL\ACS\AOLacsd.exe -- (AOL ACS)
SRV - [2004/02/26 09:52:00 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) [Auto | Running] -- C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe -- (UleadBurningHelper)
SRV - [2003/07/28 20:28:22 | 000,089,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
SRV - [2003/07/02 17:40:08 | 000,045,056 | ---- | M] ( ) [Auto | Running] -- C:\WINDOWS\System32\slserv.exe -- (SLService)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\Drivers\usbaapl.sys -- (USBAAPL)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\splitcam.sys -- (SPLITCAM)
DRV - File not found [Kernel | Auto | Stopped] -- C:\Program Files\LogMeIn\x86\RaInfo.sys -- (LMIInfo)
DRV - [2010/04/29 15:39:38 | 000,038,224 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy)
DRV - [2010/03/25 21:30:22 | 000,151,216 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\MpFilter.sys -- (MpFilter)
DRV - [2010/01/20 13:28:24 | 000,295,432 | ---- | M] (Protect Software GmbH) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\ACEDRV11.sys -- (acedrv11)
DRV - [2009/11/11 16:35:34 | 000,315,408 | ---- | M] (Kaspersky Lab) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\klif.sys -- (KLIF)
DRV - [2009/10/14 20:18:34 | 000,036,880 | ---- | M] (Kaspersky Lab) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\klbg.sys -- (klbg)
DRV - [2009/10/02 18:39:44 | 000,019,472 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\klmouflt.sys -- (klmouflt)
DRV - [2009/09/28 20:34:48 | 000,083,288 | ---- | M] (LogMeIn, Inc.) [File_System | Disabled | Stopped] -- C:\WINDOWS\System32\LMIRfsClientNP.dll -- (LMIRfsClientNP)
DRV - [2009/09/14 13:42:46 | 000,032,272 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\klim5.sys -- (klim5)
DRV - [2009/09/01 14:29:50 | 000,128,016 | ---- | M] (Kaspersky Lab) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\kl1.sys -- (kl1)
DRV - [2009/08/05 23:48:42 | 000,054,752 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\fssfltr_tdi.sys -- (fssfltr)
DRV - [2009/06/22 14:14:12 | 000,130,432 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtnicxp.sys -- (RTL8023xp)
DRV - [2008/10/01 13:58:48 | 000,005,632 | ---- | M] () [File_System | System | Running] -- C:\WINDOWS\System32\drivers\StarOpen.sys -- (StarOpen)
DRV - [2008/08/11 13:41:00 | 000,047,640 | ---- | M] (LogMeIn, Inc.) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\LMIRfsDriver.sys -- (LMIRfsDriver)
DRV - [2008/04/30 15:43:42 | 000,160,768 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\V0350Afx.sys -- (VF0350Afx)
DRV - [2008/04/13 12:46:24 | 000,015,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mpe.sys -- (MPE)
DRV - [2008/04/13 12:45:14 | 000,060,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\usbaudio.sys -- (usbaudio) Pilote USB audio (WDM)
DRV - [2008/04/13 12:36:40 | 000,043,008 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\amdagp.sys -- (amdagp)
DRV - [2008/04/13 12:36:40 | 000,040,960 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\sisagp.sys -- (sisagp)
DRV - [2007/11/02 12:47:38 | 000,109,992 | R--- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s916mdm.sys -- (s916mdm)
DRV - [2007/11/02 12:47:38 | 000,103,976 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s916mgmt.sys -- (s916mgmt) Sony Ericsson Device 916 USB WMC Device Management Drivers (WDM)
DRV - [2007/11/02 12:47:38 | 000,100,008 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s916obex.sys -- (s916obex)
DRV - [2007/11/02 12:47:38 | 000,083,496 | R--- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s916bus.sys -- (s916bus) Sony Ericsson Device 916 driver (WDM)
DRV - [2007/11/02 12:47:38 | 000,015,016 | R--- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s916mdfl.sys -- (s916mdfl)
DRV - [2007/08/29 01:03:00 | 000,170,368 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\V0350Vid.sys -- (VF0350Vid) Live! Cam Video IM (VF0350)
DRV - [2007/07/03 16:58:20 | 000,106,792 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sscdmdm.sys -- (sscdmdm)
DRV - [2007/07/03 16:57:24 | 000,011,944 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sscdmdfl.sys -- (sscdmdfl)
DRV - [2007/07/03 16:54:24 | 000,080,552 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sscdbus.sys -- (sscdbus) SAMSUNG USB Composite Device driver (WDM)
DRV - [2007/03/05 18:45:04 | 000,007,424 | ---- | M] (EyePower Games Pte. Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\V0350Vfx.sys -- (VF0350Vfx)
DRV - [2006/03/01 19:53:54 | 000,032,128 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\pcandis5.sys -- (PCANDIS5)
DRV - [2005/05/27 12:51:26 | 000,799,744 | ---- | M] (Philips Semiconductors GmbH) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\3xHybrid.sys -- (3xHybrid)
DRV - [2005/05/18 17:50:30 | 002,319,680 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS -- (ALCXWDM) Service for Realtek AC97 Audio (WDM)
DRV - [2005/04/01 16:16:00 | 003,454,656 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2005/03/09 15:53:00 | 000,043,008 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8)
DRV - [2004/08/03 22:41:40 | 000,013,776 | ---- | M] (Smart Link) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RecAgent.sys -- (RecAgent)
DRV - [2003/08/20 17:34:50 | 000,548,952 | ---- | M] ( ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\slntamr.sys -- (Slntamr)
DRV - [2003/07/16 12:30:26 | 000,221,736 | ---- | M] ( ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mtlmnt5.sys -- (Mtlmnt5)
DRV - [2003/07/02 16:26:36 | 001,301,128 | ---- | M] ( ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mtlstrm.sys -- (Mtlstrm)
DRV - [2003/07/02 16:24:36 | 000,086,128 | ---- | M] ( ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\slnthal.sys -- (SlNtHal)
DRV - [2003/07/02 16:12:52 | 000,039,348 | ---- | M] (Vireo Software) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\slwdmsup.sys -- (SlWdmSup)
DRV - [2003/07/02 15:57:10 | 000,167,384 | ---- | M] ( ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ntmtlfax.sys -- (NtMtlFax)
DRV - [2003/01/10 16:13:04 | 000,033,588 | ---- | M] (America Online, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\wanatw4.sys -- (wanatw) WAN Miniport (ATW)
DRV - [2002/08/30 13:00:00 | 000,179,584 | ---- | M] (Mylex Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\dac2w2k.sys -- (dac2w2k)
DRV - [2002/08/30 13:00:00 | 000,049,024 | ---- | M] (QLogic Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\ql1280.sys -- (ql1280)
DRV - [2002/08/30 13:00:00 | 000,045,312 | ---- | M] (QLogic Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\ql12160.sys -- (ql12160)
DRV - [2002/08/30 13:00:00 | 000,040,320 | ---- | M] (QLogic Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\ql1080.sys -- (ql1080)
DRV - [2002/08/30 13:00:00 | 000,036,736 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\ultra.sys -- (ultra)
DRV - [2002/08/30 13:00:00 | 000,032,640 | ---- | M] (LSI Logic) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\symc8xx.sys -- (symc8xx)
DRV - [2002/08/30 13:00:00 | 000,030,688 | ---- | M] (LSI Logic) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\sym_u3.sys -- (sym_u3)
DRV - [2002/08/30 13:00:00 | 000,028,384 | ---- | M] (LSI Logic) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\sym_hi.sys -- (sym_hi)
DRV - [2002/08/30 13:00:00 | 000,026,496 | ---- | M] (Advanced System Products, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\asc.sys -- (asc)
DRV - [2002/08/30 13:00:00 | 000,019,072 | ---- | M] (Adaptec, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\sparrow.sys -- (Sparrow)
DRV - [2002/08/30 13:00:00 | 000,017,280 | ---- | M] (American Megatrends Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\mraid35x.sys -- (mraid35x)
DRV - [2002/08/30 13:00:00 | 000,016,256 | ---- | M] (Symbios Logic Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\symc810.sys -- (symc810)
DRV - [2002/08/30 13:00:00 | 000,014,848 | ---- | M] (Advanced System Products, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\asc3550.sys -- (asc3550)
DRV - [2002/08/30 13:00:00 | 000,006,656 | ---- | M] (CMD Technology, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\cmdide.sys -- (CmdIde)
DRV - [2002/08/30 13:00:00 | 000,005,248 | ---- | M] (Acer Laboratories Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\aliide.sys -- (AliIde)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-733568381-2925260249-56603025-1006\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-733568381-2925260249-56603025-1006\SOFTWARE\Microsoft\Internet Explorer\Main,start page = about:blank
IE - HKU\S-1-5-21-733568381-2925260249-56603025-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://fr.msn.com/?ocid=iehp
IE - HKU\S-1-5-21-733568381-2925260249-56603025-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = fr
IE - HKU\S-1-5-21-733568381-2925260249-56603025-1006\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKU\S-1-5-21-733568381-2925260249-56603025-1006\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultthis.engineName: "Avanquest FR Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2500339&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.selectedEngine: "Avanquest FR Customized Web Search"
FF - prefs.js..browser.startup.homepage: "http://search.conduit.com/?ctid=CT2500339&SearchSource=13"
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: linkfilter@kaspersky.ru:9.0.0.736
FF - prefs.js..extensions.enabledItems: {6ec85fcf-87ad-41d7-ae1f-f116f8ad4848}:2.6.0.15
FF - prefs.js..network.proxy.no_proxies_on: "*.local"

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/05/26 21:50:03 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/08/13 19:00:21 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Thunderbird\Extensions\\{eea12ec4-729d-4703-bc37-106ce9879ce2}: C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\THBExt [2010/06/20 23:09:08 | 000,000,000 | ---D | M]

[2010/05/26 21:50:15 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Chapelier\Application Data\Mozilla\Extensions
[2009/03/20 21:59:57 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Chapelier\Application Data\Mozilla\Extensions\mozswing@mozswing.org
[2010/07/12 22:42:34 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Chapelier\Application Data\Mozilla\Firefox\Profiles\wimoz6av.default\extensions
[2010/07/12 22:42:34 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- D:\Documents and Settings\Chapelier\Application Data\Mozilla\Firefox\Profiles\wimoz6av.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/07/05 22:20:19 | 000,000,000 | ---D | M] (Avanquest FR Toolbar) -- D:\Documents and Settings\Chapelier\Application Data\Mozilla\Firefox\Profiles\wimoz6av.default\extensions\{6ec85fcf-87ad-41d7-ae1f-f116f8ad4848}
[2010/05/06 17:26:20 | 000,000,927 | ---- | M] () -- D:\Documents and Settings\Chapelier\Application Data\Mozilla\Firefox\Profiles\wimoz6av.default\searchplugins\conduit.xml
[2010/08/13 19:00:24 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010/08/13 19:00:24 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010/05/27 11:04:26 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\linkfilter@kaspersky.ru
[2010/07/17 05:00:04 | 000,423,656 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2010/04/01 19:07:29 | 000,001,516 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazon-france.xml
[2010/04/01 19:07:29 | 000,001,822 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\cnrtl-tlfi-fr.xml
[2010/04/01 19:07:29 | 000,000,757 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-france.xml
[2010/04/01 19:07:29 | 000,001,426 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-fr.xml
[2010/04/01 19:07:29 | 000,000,956 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-france.xml

O1 HOSTS File: ([2010/04/29 13:44:06 | 000,000,792 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ievkbd.dll (Kaspersky Lab)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
O2 - BHO: (Avanquest FR Toolbar) - {6ec85fcf-87ad-41d7-ae1f-f116f8ad4848} - C:\Program Files\Avanquest_FR\tbAvan.dll (Conduit Ltd.)
O2 - BHO: (Programme d'aide de l'Assistant de connexion Windows Live) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll (Google Inc.)
O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O2 - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll (Kaspersky Lab)
O2 - BHO: (SMTTB2009 Class) - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - Reg Error: Value error. File not found
O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (Splitcam Toolbar) - {338B4DFE-2E2C-4338-9E41-E176D497299E} - Reg Error: Value error. File not found
O3 - HKLM\..\Toolbar: (Avanquest FR Toolbar) - {6ec85fcf-87ad-41d7-ae1f-f116f8ad4848} - C:\Program Files\Avanquest_FR\tbAvan.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKU\S-1-5-21-733568381-2925260249-56603025-1006\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O3 - HKU\S-1-5-21-733568381-2925260249-56603025-1006\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKU\S-1-5-21-733568381-2925260249-56603025-1006\..\Toolbar\WebBrowser: (Avanquest FR Toolbar) - {6EC85FCF-87AD-41D7-AE1F-F116F8AD4848} - C:\Program Files\Avanquest_FR\tbAvan.dll (Conduit Ltd.)
O4 - HKLM..\Run: [Adobe ARM] C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AppleSyncNotifier] C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleSyncNotifier.exe (Apple Inc.)
O4 - HKLM..\Run: [AVFX Engine] C:\Program Files\Creative\Creative Live! Cam\VideoFX\StartFX.exe (Creative Technology Ltd.)
O4 - HKLM..\Run: [AVP] C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe (Kaspersky Lab)
O4 - HKLM..\Run: [BluetoothAuthenticationAgent] C:\WINDOWS\System32\bthprops.cpl (Microsoft Corporation)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [MSSE] C:\Program Files\Microsoft Security Essentials\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe (NVIDIA Corporation)
O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\SOUNDMAN.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [V0350Mon.exe] C:\WINDOWS\V0350Mon.exe (Creative Technology Ltd.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-733568381-2925260249-56603025-1006..\Run: [Advanced SystemCare 3] C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe (IObit)
O4 - HKU\S-1-5-21-733568381-2925260249-56603025-1006..\Run: [Creative Live! Cam Manager] C:\Program Files\Creative\Creative Live! Cam\Live! Cam Manager\CTLCMgr.exe (Creative Technology Ltd.)
O4 - HKU\S-1-5-21-733568381-2925260249-56603025-1006..\Run: [CreativeTaskScheduler] C:\Program Files\Creative\Shared Files\CTSched.exe (Creative Technology Ltd)
O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKU\.DEFAULT..\RunOnce: [nltide_2] File not found
O4 - HKU\S-1-5-18..\RunOnce: [nltide_2] File not found
O4 - Startup: D:\Documents and Settings\Chapelier\Menu Démarrer\Programmes\Démarrage\ERUNT AutoBackup.lnk = C:\Program Files\ERUNT\AUTOBACK.EXE ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 60
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-733568381-2925260249-56603025-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-733568381-2925260249-56603025-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O8 - Extra context menu item: Ajouter à l'Anti-bannière - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ie_banner_deny.htm ()
O9 - Extra Button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: Clavier &virtuel - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll (Kaspersky Lab)
O9 - Extra Button: Analyse des &liens - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll (Kaspersky Lab)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation)
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} http://upload.facebook.com/controls/200 ... oader5.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/ ... ontrol.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} http://copainsdavant.linternaute.com/fr ... oader5.cab (Image Uploader Control)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebook.com/controls/200 ... ader55.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/fl ... rashim.cab (Reg Error: Value error.)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zone.msn.com/binary/Me ... b56907.cab (MessengerStatsClient Class)
O16 - DPF: {CAFEEFAC-0015-0000-0002-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinsta ... s-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Value error.)
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} http://ccfiles.creative.com/Web/softwar ... /CTPID.cab (Creative Software AutoUpdate Support Package)
O16 - DPF: CabBuilder http://kiw.imgag.com/imgag/kiw/toolbar/ ... ontrol.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Fichiers communs\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\skyline {3a4f9195-65a8-11d5-85c1-0001023952c1} - C:\Program Files\Skyline\TerraExplorer\TerraExplorerX.dll (Skyline software systems Inc.)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\PROGRA~1\KASPER~1\KASPER~2\mzvkbd3.dll) - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\mzvkbd3.dll (Kaspersky Lab)
O20 - AppInit_DLLs: (C:\PROGRA~1\KASPER~1\KASPER~2\kloehk.dll) - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\kloehk.dll (Kaspersky Lab)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\klogon: DllName - C:\WINDOWS\system32\klogon.dll - C:\WINDOWS\system32\klogon.dll (Kaspersky Lab)
O20 - Winlogon\Notify\LMIinit: DllName - LMIinit.dll - C:\WINDOWS\System32\LMIinit.dll (LogMeIn, Inc.)
O24 - Desktop Components:0 (Ma page d'accueil) - About:Home
O24 - Desktop WallPaper: D:\Documents and Settings\Chapelier\Application Data\Microsoft\Windows Live Photo Gallery\Papier peint de la Galerie de photos Windows Live.bmp
O24 - Desktop BackupWallPaper: D:\Documents and Settings\Chapelier\Application Data\Microsoft\Windows Live Photo Gallery\Papier peint de la Galerie de photos Windows Live.bmp
O28 - HKLM ShellExecuteHooks: {091EB208-39DD-417D-A5DD-7E2C2D8FB9CB} - C:\Program Files\Windows Defender\MpShHook.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 0
O32 - AutoRun File - [2010/04/27 12:08:39 | 000,000,050 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{03b9c321-86b2-11de-8880-00038a000015}\Shell - "" = AutoRun
O33 - MountPoints2\{03b9c321-86b2-11de-8880-00038a000015}\Shell\AutoRun\command - "" = L:\LaunchU3.exe -- File not found
O33 - MountPoints2\{d16889bc-43ca-11de-880a-00038a000015}\Shell - "" = AutoRun
O33 - MountPoints2\{dc39345c-3f09-11df-89e0-00038a000015}\Shell\AutoRun\command - "" = WDSetup.exe
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: AppMgmt - C:\WINDOWS\System32\appmgmts.dll File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: Wmi - C:\WINDOWS\System32\wmi.dll (Microsoft Corporation)
NetSvcs: WmdmPmSp - File not found

CREATERESTOREPOINT
Restore point Set: OTL Restore Point (65034330371522560)

========== Files/Folders - Created Within 30 Days ==========

[2010/08/15 18:46:04 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/08/15 18:45:57 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010/08/15 18:45:57 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/08/15 18:42:23 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2010/08/15 18:42:02 | 000,000,000 | ---D | C] -- C:\Program Files\ERUNT
[2010/08/14 18:04:51 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Chapelier\Application Data\QuickScan
[2010/08/14 17:21:46 | 000,000,000 | RH-D | C] -- D:\Documents and Settings\Chapelier\Recent
[2010/08/14 17:03:13 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Chapelier\Application Data\gtk-2.0
[2010/08/14 17:01:56 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Chapelier\.evolution
[2010/08/14 17:01:40 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Chapelier\.gconfd
[2010/08/14 17:01:40 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Chapelier\.gconf
[2010/08/14 17:01:39 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Chapelier\.gnome2_private
[2010/08/14 17:01:39 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Chapelier\.gnome2
[2010/08/14 15:24:52 | 000,000,000 | ---D | C] -- C:\Program Files\DIP Consultants, LLC
[2010/08/13 19:00:21 | 000,153,376 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2010/08/13 19:00:21 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2010/08/13 19:00:21 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2010/08/13 17:40:36 | 000,249,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\Setup1.exe
[2010/08/13 17:40:33 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\ST6UNST.EXE
[2010/08/13 17:25:25 | 000,000,000 | ---D | C] -- C:\Program Files\RepareOE
[2010/08/10 22:59:24 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Chapelier\Mes documents\Ma musique
[2010/08/10 16:41:19 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Application Data\IObit
[2010/08/10 16:36:23 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Chapelier\Application Data\IObit
[2010/08/10 16:36:21 | 000,000,000 | ---D | C] -- C:\Program Files\IObit
[2010/08/07 18:55:12 | 000,000,000 | ---D | C] -- C:\Program Files\Uniblue
[2010/08/01 00:08:52 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Chapelier\Bureau\bateau
[2010/07/29 14:48:25 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Essentials
[2010/07/18 17:04:52 | 000,018,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spmsg.dll
[2010/07/18 15:20:29 | 000,000,000 | ---D | C] -- C:\Program Files\Skyline
[2005/08/10 18:43:21 | 000,014,976 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\winddx.sys
[1980/01/01 00:00:00 | 001,301,128 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\mtlstrm.sys
[1980/01/01 00:00:00 | 000,548,952 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\slntamr.sys
[1980/01/01 00:00:00 | 000,221,736 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\mtlmnt5.sys
[1980/01/01 00:00:00 | 000,167,384 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\ntmtlfax.sys
[1980/01/01 00:00:00 | 000,086,128 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\slnthal.sys
[7 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 D:\Documents and Settings\Chapelier\*.tmp files -> D:\Documents and Settings\Chapelier\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010/08/15 19:13:00 | 000,000,440 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{3A3E81BD-5953-4E51-B255-5F040310666F}.job
[2010/08/15 18:46:09 | 000,000,581 | ---- | M] () -- D:\Documents and Settings\All Users\Bureau\Malwarebytes' Anti-Malware.lnk
[2010/08/15 18:42:59 | 000,000,674 | ---- | M] () -- D:\Documents and Settings\Chapelier\Menu Démarrer\Programmes\Démarrage\ERUNT AutoBackup.lnk
[2010/08/15 18:42:57 | 000,000,530 | ---- | M] () -- D:\Documents and Settings\Chapelier\Bureau\NTREGOPT.lnk
[2010/08/15 18:42:57 | 000,000,517 | ---- | M] () -- D:\Documents and Settings\Chapelier\Bureau\ERUNT.lnk
[2010/08/15 18:32:00 | 000,001,162 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-733568381-2925260249-56603025-1006UA.job
[2010/08/15 17:32:00 | 000,001,110 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-733568381-2925260249-56603025-1006Core.job
[2010/08/15 14:48:12 | 000,001,000 | ---- | M] () -- C:\WINDOWS\tasks\Google Software Updater.job
[2010/08/15 12:40:50 | 000,000,408 | -H-- | M] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2010/08/15 12:34:32 | 000,021,787 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2010/08/15 12:33:58 | 000,000,286 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-733568381-2925260249-56603025-1006.job
[2010/08/15 12:33:57 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/08/15 12:33:52 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/08/15 01:16:35 | 000,000,012 | ---- | M] () -- C:\WINDOWS\bthservsdp.dat
[2010/08/15 01:16:29 | 011,010,048 | -H-- | M] () -- D:\Documents and Settings\Chapelier\NTUSER.DAT
[2010/08/15 01:16:29 | 000,000,184 | -HS- | M] () -- D:\Documents and Settings\Chapelier\ntuser.ini
[2010/08/15 01:16:05 | 011,225,434 | -H-- | M] () -- D:\Documents and Settings\Chapelier\Local Settings\Application Data\IconCache.db
[2010/08/15 01:14:53 | 000,017,920 | ---- | M] () -- D:\Documents and Settings\Chapelier\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/08/13 17:40:36 | 000,249,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Setup1.exe
[2010/08/13 17:40:33 | 000,073,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\ST6UNST.EXE
[2010/08/13 17:27:58 | 000,001,548 | ---- | M] () -- C:\WINDOWS\win.ini
[2010/08/13 15:06:41 | 000,012,620 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/08/13 10:35:24 | 000,002,320 | ---- | M] () -- D:\Documents and Settings\Chapelier\Bureau\Google Chrome.lnk
[2010/08/13 10:12:53 | 000,309,992 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/08/12 23:54:01 | 001,084,244 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010/08/12 23:54:01 | 000,512,688 | ---- | M] () -- C:\WINDOWS\System32\perfh00C.dat
[2010/08/12 23:54:01 | 000,443,316 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/08/12 23:54:01 | 000,086,052 | ---- | M] () -- C:\WINDOWS\System32\perfc00C.dat
[2010/08/12 23:54:01 | 000,072,466 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010/08/10 16:36:39 | 000,000,759 | ---- | M] () -- D:\Documents and Settings\Chapelier\Application Data\Microsoft\Internet Explorer\Quick Launch\Advanced SystemCare.lnk
[2010/08/10 16:36:39 | 000,000,759 | ---- | M] () -- D:\Documents and Settings\All Users\Bureau\Advanced SystemCare.lnk
[2010/08/10 16:36:39 | 000,000,157 | ---- | M] () -- D:\Documents and Settings\Chapelier\Bureau\IObit Freeware.url
[2010/08/09 17:25:52 | 000,017,042 | ---- | M] () -- D:\Documents and Settings\Chapelier\Application Data\wklnhst.dat
[2010/08/09 17:25:36 | 000,070,144 | ---- | M] () -- D:\Documents and Settings\Chapelier\Bureau\drapeau.wps
[2010/08/06 14:01:25 | 000,000,104 | ---- | M] () -- D:\Documents and Settings\Chapelier\Bureau\Raccourci vers Courrier électronique.lnk
[2010/08/05 23:08:14 | 000,061,062 | ---- | M] () -- D:\Documents and Settings\Chapelier\Mes documents\identities.reg
[2010/08/04 11:49:00 | 000,000,294 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-733568381-2925260249-56603025-1006.job
[2010/08/03 13:54:56 | 000,214,614 | ---- | M] () -- D:\Documents and Settings\Chapelier\Mes documents\vhf.jpg
[2010/08/01 14:20:11 | 000,057,513 | ---- | M] () -- D:\Documents and Settings\Chapelier\Mes documents\38805_10150242066160347_676145346_14099493_1968911_n.jpg
[2010/07/30 22:01:00 | 000,275,530 | ---- | M] () -- D:\Documents and Settings\Chapelier\Mes documents\DSCN1253.JPG
[2010/07/30 10:20:30 | 000,113,933 | ---- | M] () -- C:\WINDOWS\System32\drivers\klin.dat
[2010/07/30 10:20:30 | 000,097,549 | ---- | M] () -- C:\WINDOWS\System32\drivers\klick.dat
[2010/07/29 14:48:28 | 000,000,703 | ---- | M] () -- D:\Documents and Settings\All Users\Bureau\Microsoft Security Essentials.lnk
[2010/07/29 10:28:46 | 000,179,573 | ---- | M] () -- D:\Documents and Settings\Chapelier\Mes documents\pole emploi 07.pdf
[2010/07/27 08:30:01 | 008,518,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shell32.dll
[2010/07/18 19:11:19 | 000,000,671 | ---- | M] () -- D:\Documents and Settings\Chapelier\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk
[2010/07/18 17:04:32 | 000,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb
[2010/07/18 17:04:32 | 000,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb
[2010/07/18 15:21:00 | 000,001,648 | ---- | M] () -- D:\Documents and Settings\Chapelier\Bureau\Geoportail.lnk
[2010/07/18 15:20:40 | 000,000,179 | ---- | M] () -- D:\Documents and Settings\All Users\Bureau\Lancez TerraExplorer.URL
[2010/07/17 05:00:12 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2010/07/17 05:00:12 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2010/07/17 05:00:10 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2010/07/17 05:00:04 | 000,423,656 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deployJava1.dll
[2010/07/17 02:42:29 | 000,073,728 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl
[7 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 D:\Documents and Settings\Chapelier\*.tmp files -> D:\Documents and Settings\Chapelier\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/08/15 18:46:09 | 000,000,581 | ---- | C] () -- D:\Documents and Settings\All Users\Bureau\Malwarebytes' Anti-Malware.lnk
[2010/08/15 18:42:07 | 000,000,674 | ---- | C] () -- D:\Documents and Settings\Chapelier\Menu Démarrer\Programmes\Démarrage\ERUNT AutoBackup.lnk
[2010/08/15 18:42:04 | 000,000,530 | ---- | C] () -- D:\Documents and Settings\Chapelier\Bureau\NTREGOPT.lnk
[2010/08/15 18:42:04 | 000,000,517 | ---- | C] () -- D:\Documents and Settings\Chapelier\Bureau\ERUNT.lnk
[2010/08/10 16:36:39 | 000,000,759 | ---- | C] () -- D:\Documents and Settings\Chapelier\Application Data\Microsoft\Internet Explorer\Quick Launch\Advanced SystemCare.lnk
[2010/08/10 16:36:39 | 000,000,759 | ---- | C] () -- D:\Documents and Settings\All Users\Bureau\Advanced SystemCare.lnk
[2010/08/10 16:36:39 | 000,000,157 | ---- | C] () -- D:\Documents and Settings\Chapelier\Bureau\IObit Freeware.url
[2010/08/07 12:40:16 | 000,070,144 | ---- | C] () -- D:\Documents and Settings\Chapelier\Bureau\drapeau.wps
[2010/08/06 14:01:25 | 000,000,104 | ---- | C] () -- D:\Documents and Settings\Chapelier\Bureau\Raccourci vers Courrier électronique.lnk
[2010/08/05 23:08:14 | 000,061,062 | ---- | C] () -- D:\Documents and Settings\Chapelier\Mes documents\identities.reg
[2010/08/03 13:54:39 | 000,214,614 | ---- | C] () -- D:\Documents and Settings\Chapelier\Mes documents\vhf.jpg
[2010/08/01 14:20:09 | 000,057,513 | ---- | C] () -- D:\Documents and Settings\Chapelier\Mes documents\38805_10150242066160347_676145346_14099493_1968911_n.jpg
[2010/07/30 22:01:00 | 000,275,530 | ---- | C] () -- D:\Documents and Settings\Chapelier\Mes documents\DSCN1253.JPG
[2010/07/30 21:59:32 | 000,442,001 | ---- | C] () -- D:\Documents and Settings\Chapelier\Mes documents\DSCN1254.JPG
[2010/07/30 10:09:41 | 000,000,408 | -H-- | C] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2010/07/29 14:48:28 | 000,000,703 | ---- | C] () -- D:\Documents and Settings\All Users\Bureau\Microsoft Security Essentials.lnk
[2010/07/29 10:28:46 | 000,179,573 | ---- | C] () -- D:\Documents and Settings\Chapelier\Mes documents\pole emploi 07.pdf
[2010/07/18 15:20:40 | 000,000,179 | ---- | C] () -- D:\Documents and Settings\All Users\Bureau\Lancez TerraExplorer.URL
[2010/07/18 15:12:36 | 000,001,648 | ---- | C] () -- D:\Documents and Settings\Chapelier\Bureau\Geoportail.lnk
[2009/06/26 14:34:19 | 000,000,033 | ---- | C] () -- C:\WINDOWS\Multimedia manager.INI
[2009/06/22 14:14:53 | 000,073,728 | ---- | C] () -- C:\WINDOWS\System32\RtNicProp32.dll
[2009/06/11 19:27:32 | 000,339,968 | ---- | C] () -- C:\WINDOWS\System32\pythoncom25.dll
[2009/06/11 19:27:32 | 000,114,688 | ---- | C] () -- C:\WINDOWS\System32\pywintypes25.dll
[2009/02/11 23:02:22 | 000,000,118 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
[2009/01/07 22:26:16 | 000,000,000 | ---- | C] () -- C:\WINDOWS\MSDraw.ini
[2008/09/12 08:43:50 | 000,000,061 | ---- | C] () -- C:\WINDOWS\yesmessenger.ini
[2008/09/06 20:38:45 | 000,001,417 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2008/09/06 16:14:43 | 000,005,632 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys
[2008/09/02 19:32:20 | 000,000,379 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2008/09/01 21:50:02 | 000,000,000 | ---- | C] () -- C:\WINDOWS\cdDalloz.ini
[2008/08/27 01:05:31 | 000,000,044 | ---- | C] () -- C:\WINDOWS\liveup.ini
[2008/07/18 18:15:56 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2008/07/18 13:05:58 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\HPZIDS01.dll
[2005/08/10 19:20:53 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2005/08/10 19:09:08 | 000,198,144 | ---- | C] () -- C:\WINDOWS\System32\_psisdecd.dll
[2005/08/10 19:06:03 | 000,000,501 | ---- | C] () -- C:\WINDOWS\System32\SETUPPC.INI
[2005/08/10 18:59:50 | 000,007,576 | ---- | C] () -- C:\WINDOWS\HDReg.ini
[2005/08/10 18:51:11 | 000,156,672 | ---- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll
[2005/08/10 18:50:14 | 000,003,072 | R--- | C] () -- C:\WINDOWS\System32\34CoInstaller.dll
[2005/08/10 18:43:21 | 000,475,136 | ---- | C] () -- C:\WINDOWS\System32\SLLights.dll
[2005/08/10 18:43:21 | 000,155,648 | ---- | C] () -- C:\WINDOWS\System32\amr_cpl.dll
[2005/08/10 18:43:21 | 000,135,168 | ---- | C] () -- C:\WINDOWS\System32\SLMOHServ.dll
[2005/05/20 14:05:02 | 000,005,606 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2005/01/18 15:41:20 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2004/08/19 18:09:40 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2004/08/16 18:25:16 | 000,000,829 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2001/07/07 03:00:00 | 000,003,279 | ---- | C] () -- C:\WINDOWS\System32\HPTCPMON.INI
[1980/01/01 00:00:00 | 000,540,672 | ---- | C] () -- C:\WINDOWS\System32\nvhwvid.dll
[1980/01/01 00:00:00 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\slextspk.dll
[1980/01/01 00:00:00 | 000,159,744 | ---- | C] () -- C:\WINDOWS\System32\SLGen.dll
[1980/01/01 00:00:00 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\coinst.dll

========== LOP Check ==========

[2009/06/11 19:27:12 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\AGI
[2010/02/09 15:15:09 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\Alwil Software
[2008/06/09 21:58:46 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\BitDefender
[2006/02/08 20:04:43 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\Bluetooth
[2008/07/16 22:18:09 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\Downloaded Installations
[2007/08/01 22:13:06 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\Emjysoft
[2007/05/21 17:28:56 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\FreeTest
[2009/06/10 18:43:28 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\G DATA
[2010/08/10 16:41:19 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\IObit
[2008/03/13 22:38:21 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\muvee Technologies
[2009/09/15 13:46:35 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\MyHeritage
[2005/08/10 11:58:23 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\OD2
[2008/02/12 23:06:52 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\Panasonic
[2010/07/18 15:20:39 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\Skyline
[2010/02/28 19:04:20 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\TEMP
[2010/02/23 19:35:56 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\TuneUp Software
[2005/08/10 12:06:21 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\Ulead Systems
[2005/08/10 11:59:20 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\Viewpoint
[2008/02/02 08:14:06 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\WindowsLiveInstaller
[2009/03/13 14:53:24 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\{00D89592-F643-4D8D-8F0F-AFAE0F14D4C3}
[2007/05/25 22:33:44 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\{3BF7B6DE-D2D6-4888-83BE-488663791EB5}
[2010/04/08 17:02:29 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2010/02/23 19:35:39 | 000,000,000 | -HSD | M] -- D:\Documents and Settings\All Users\Application Data\{55A29068-F2CE-456C-9148-C869879E2357}
[2009/09/18 12:18:05 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2009/04/07 11:34:09 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
[2010/04/16 18:14:36 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Chapelier\Application Data\AVP 2009
[2010/04/15 17:57:27 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Chapelier\Application Data\CamfrogWEB
[2010/08/14 17:03:13 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Chapelier\Application Data\gtk-2.0
[2010/04/30 13:11:07 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Chapelier\Application Data\Image Zone Express
[2010/08/10 16:36:23 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Chapelier\Application Data\IObit
[2008/07/18 18:14:50 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Chapelier\Application Data\Leadertech
[2009/10/11 15:55:18 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Chapelier\Application Data\LimeWire
[2008/07/16 22:32:37 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Chapelier\Application Data\MSNInstaller
[2009/09/15 13:46:35 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Chapelier\Application Data\MyHeritage
[2008/07/16 22:18:33 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Chapelier\Application Data\OD2
[2010/05/06 14:16:12 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Chapelier\Application Data\ProtectDisc
[2010/08/14 18:08:58 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Chapelier\Application Data\QuickScan
[2010/02/16 19:02:11 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Chapelier\Application Data\Registry Mechanic
[2009/09/13 16:33:21 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Chapelier\Application Data\Samsung
[2008/07/16 17:55:21 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Chapelier\Application Data\Template
[2010/05/23 12:52:19 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Chapelier\Application Data\Toolbar4
[2010/02/23 19:36:58 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Chapelier\Application Data\TuneUp Software
[2009/04/14 18:50:06 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Chapelier\Application Data\Ulead Systems
[2010/01/17 01:07:04 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Chapelier\Application Data\Uniblue
[2010/04/16 18:39:09 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Chapelier\Application Data\uTorrent
[2008/08/16 11:50:34 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Chapelier\Application Data\Viewpoint
[2008/08/17 22:53:36 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Chapelier\Application Data\Voxmobili
[2009/03/05 00:05:18 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Chapelier\Application Data\Windows Live Writer
[2006/11/21 21:41:20 | 000,000,000 | ---D | M] -- D:\Documents and Settings\jean-marc\Application Data\Azureus
[2007/08/01 22:13:06 | 000,000,000 | ---D | M] -- D:\Documents and Settings\jean-marc\Application Data\Emjysoft
[2008/07/16 09:31:26 | 000,000,000 | ---D | M] -- D:\Documents and Settings\jean-marc\Application Data\EoRezo
[2008/07/03 18:45:34 | 000,000,000 | ---D | M] -- D:\Documents and Settings\jean-marc\Application Data\Image Zone Express
[2008/07/04 01:07:21 | 000,000,000 | ---D | M] -- D:\Documents and Settings\jean-marc\Application Data\ItsLabel
[2005/09/21 22:15:28 | 000,000,000 | ---D | M] -- D:\Documents and Settings\jean-marc\Application Data\Leadertech
[2006/03/02 01:04:18 | 000,000,000 | ---D | M] -- D:\Documents and Settings\jean-marc\Application Data\MSNInstaller
[2005/09/20 19:26:20 | 000,000,000 | ---D | M] -- D:\Documents and Settings\jean-marc\Application Data\OD2
[2007/10/13 19:29:56 | 000,000,000 | ---D | M] -- D:\Documents and Settings\jean-marc\Application Data\Printer Info Cache
[2007/11/04 18:00:23 | 000,000,000 | ---D | M] -- D:\Documents and Settings\jean-marc\Application Data\SecondLife
[2007/10/06 18:45:07 | 000,000,000 | ---D | M] -- D:\Documents and Settings\jean-marc\Application Data\SPAMfighter
[2005/09/20 22:07:36 | 000,000,000 | ---D | M] -- D:\Documents and Settings\jean-marc\Application Data\Ulead Systems
[2007/04/05 21:34:06 | 000,000,000 | ---D | M] -- D:\Documents and Settings\jean-marc\Application Data\VadeRetro
[2008/06/18 10:32:03 | 000,000,000 | ---D | M] -- D:\Documents and Settings\jean-marc\Application Data\Viewpoint
[2007/09/27 13:30:39 | 000,000,000 | ---D | M] -- D:\Documents and Settings\jean-marc\Application Data\Windows Desktop Search
[2006/01/26 19:59:28 | 000,000,000 | ---D | M] -- D:\Documents and Settings\yann\Application Data\OD2
[2010/08/15 12:40:50 | 000,000,408 | -H-- | M] () -- C:\WINDOWS\Tasks\MP Scheduled Scan.job
[2010/08/15 19:13:00 | 000,000,440 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{3A3E81BD-5953-4E51-B255-5F040310666F}.job

========== Purity Check ==========



========== Custom Scans ==========


<SYSTEMDRIVE>


<MD5>
[2008/03/25 16:25:03 | 016,726,727 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2008/04/13 20:47:24 | 020,102,028 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
[2004/08/05 14:00:00 | 018,779,217 | ---- | M] () .cab file -- C:\WINDOWS\I386\sp2.cab:AGP440.sys
[2008/04/13 20:47:24 | 020,102,028 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys
[2008/04/13 12:36:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008/04/13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\SoftwareDistribution\Download\327771f7f3830b5acec68906a2aac4ab\agp440.sys
[2008/04/13 12:36:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\dllcache\agp440.sys
[2008/04/13 12:36:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys
[2004/08/04 00:07:42 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\WINDOWS\$NtServicePackUninstall$\agp440.sys

<MD5>
[2008/03/25 16:25:03 | 016,726,727 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2008/04/13 20:47:24 | 020,102,028 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2004/08/05 14:00:00 | 018,779,217 | ---- | M] () .cab file -- C:\WINDOWS\I386\sp2.cab:atapi.sys
[2008/04/13 20:47:24 | 020,102,028 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008/04/13 12:40:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008/04/13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\SoftwareDistribution\Download\327771f7f3830b5acec68906a2aac4ab\atapi.sys
[2008/04/13 12:40:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\dllcache\atapi.sys
[2008/04/13 12:40:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004/08/03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys

<MD5>
[2004/08/19 16:09:26 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=49B1376885340BF9EA0D99F71557B59A -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll
[2008/04/13 20:33:26 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=4EC800BDF80521B0207BD2301DFC7D14 -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008/04/14 04:33:24 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=4EC800BDF80521B0207BD2301DFC7D14 -- C:\WINDOWS\SoftwareDistribution\Download\327
tuba221
 
Messages: 8
Inscription: 14 Aoû 2010, 15:58

Messagede nickW » 18 Aoû 2010, 00:26

Bonsoir,

Le rapport d'analyse OTL.Exe est toujours incomplet!

Peux-tu envoyer en réponse les lignes qui suivent:
========== Custom Scans ==========


Pourquoi as-tu écrit:
de plus un virus doit se promener dans le PC


As-tu vérifié les paramètres de Outlook:
Partager les paramètres de connexion avec IE
Quel est le serveur sortant (SMTP)? Quel est le port?
Quel est le FAI (Fournisseur d'Accès Internet)?


As-tu vérifié qu'Outlook n'est pas bloqué par le pare-feu (KIS)?

A suivre,
nickW - Image
30/07/2012: Plus de désinfection de PC jusqu'à nouvel ordre.
Pas de demande d'analyse de log en MP (Message Privé)
Mes configs
Avatar de l’utilisateur
nickW
Modérateur
 
Messages: 21698
Inscription: 20 Mai 2004, 17:41
Localisation: Dordogne/Île de France

erreur outlook

Messagede tuba221 » 18 Aoû 2010, 13:27

As-tu vérifié les paramètres de Outlook: oui
Partager les paramètres de connexion avec IE :comment faire
Quel est le serveur sortant (SMTP)? Quel est le port? smtp.orange.fr
Quel est le FAI (Fournisseur d'Accès Internet)? orange.

concernant le virus ou l'instabilité du système: le mode sans échec se met et je n'ai plus d'accès nul part ,avec le message suivant "la connexion d'identité n'a pas pu être lancée.certains composants sont manquants ou mal configurés (0x80070718)
tuba221
 
Messages: 8
Inscription: 14 Aoû 2010, 15:58

Messagede nickW » 19 Aoû 2010, 16:45

Bonjour,

Tu parles bien de OutLook, qui appartient à la suite Microsoft Office, et non de Outlook Express?


Tu confirmes que le code et le message d'erreur sont bien: "0x80070718" & "la connexion d'identité n'a pas pu être lancée.certains composants sont manquants ou mal configurés"
... car il n'existe aucune référence sur Google.


Le dossier C:\Windows\Minidump contient-il des fichiers récents (une semaine ou moins)?

S'il en existe, il faudrait les déposer sur un serveur externe pour que je puisse les récupérer:

*- mettre dans un fichier archive nommé tuba221.zip les fichiers datés d'une semaine et moins
*- Aller sur: http://www.yousendit.com/
(Javascript doit être activé)
*- Dans les zones To et From, saisir n'importe quoi avec un @ dedans (Exemples: abc@def.com et abcdef@def.com) et décocher la case située devant "Remember my email"
*- Sous Select a file, cliquer sur le bouton "Parcourir..." et aller jusqu'au fichier tuba221.zip - faire un double clic sur ce fichier
*- Cliquer sur le bouton vert "Send It"
*- Attendre la fin du transfert du fichier
*- Envoyer en réponse sur le forum le lien qui est affiché en dessous de "Here is the link for the file you uploaded:".

A suivre,
nickW - Image
30/07/2012: Plus de désinfection de PC jusqu'à nouvel ordre.
Pas de demande d'analyse de log en MP (Message Privé)
Mes configs
Avatar de l’utilisateur
nickW
Modérateur
 
Messages: 21698
Inscription: 20 Mai 2004, 17:41
Localisation: Dordogne/Île de France

problème Outlook

Messagede tuba221 » 19 Aoû 2010, 20:16

je parle de outlook Express!
la procédure que tu me donnes est la même?
tuba221
 
Messages: 8
Inscription: 14 Aoû 2010, 15:58

Messagede nickW » 20 Aoû 2010, 08:32

Bonjour,

Question restée sans réponse:
Le rapport d'analyse OTL.Exe est toujours incomplet!

Peux-tu envoyer en réponse les lignes qui suivent:
========== Custom Scans ==========


Question restée sans réponse:
As-tu vérifié qu'Outlook n'est pas bloqué par le pare-feu (KIS)?


Question restée sans réponse:
Tu confirmes que le code et le message d'erreur sont bien: "0x80070718" & "la connexion d'identité n'a pas pu être lancée.certains composants sont manquants ou mal configurés"
... car il n'existe aucune référence sur Google.



Tout ceci ajouté à la confusion Outlook / Outlook Express ... pas évident de t'aider!


Si le dossier Minidump contient des fichiers récents, peux-tu me les transmettre (procédure ci-dessus)?

A suivre,
nickW - Image
30/07/2012: Plus de désinfection de PC jusqu'à nouvel ordre.
Pas de demande d'analyse de log en MP (Message Privé)
Mes configs
Avatar de l’utilisateur
nickW
Modérateur
 
Messages: 21698
Inscription: 20 Mai 2004, 17:41
Localisation: Dordogne/Île de France

outlook express

Messagede tuba221 » 20 Aoû 2010, 14:59

file:///D:/Documents%20and%20Settings/Chapelier/Bureau/OTL.Txt

OTL logfile created on: 20/08/2010 15:29:48 - Run 2
OTL by OldTimer - Version 3.2.10.0 Folder = D:\Documents and Settings\Chapelier\Mes documents\Downloads
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

1 023,00 Mb Total Physical Memory | 687,00 Mb Available Physical Memory | 67,00% Memory free
2,00 Gb Paging File | 2,00 Gb Available in Paging File | 83,00% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 29,99 Gb Total Space | 15,41 Gb Free Space | 51,38% Space Free | Partition Type: NTFS
Drive D: | 150,30 Gb Total Space | 134,33 Gb Free Space | 89,37% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: chapelier-01
Current User Name: Chapelier
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2010/08/20 15:01:20 | 000,575,488 | ---- | M] (OldTimer Tools) -- D:\Documents and Settings\Chapelier\Mes documents\Downloads\OTL (2).exe
PRC - [2010/07/27 11:11:24 | 000,025,984 | ---- | M] (Uniblue Systems Limited) -- C:\Program Files\Uniblue\RegistryBooster\rbmonitor.exe
PRC - [2010/07/01 21:39:08 | 000,357,096 | ---- | M] (Kaspersky Lab ZAO) -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe
PRC - [2010/06/29 17:27:21 | 000,134,808 | ---- | M] (Google Inc.) -- D:\Documents and Settings\Chapelier\Local Settings\Application Data\Google\Update\1.2.183.29\GoogleCrashHandler.exe
PRC - [2010/06/03 02:50:58 | 001,144,104 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe
PRC - [2010/05/14 11:44:46 | 000,248,552 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe
PRC - [2009/05/19 11:36:18 | 000,240,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
PRC - [2008/04/13 20:34:14 | 000,060,416 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Outlook Express\msimn.exe
PRC - [2008/04/13 20:34:04 | 001,037,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/08/23 01:03:00 | 000,028,672 | ---- | M] (Creative Technology Ltd.) -- C:\WINDOWS\V0350Mon.exe
PRC - [2007/08/09 09:27:52 | 000,073,728 | ---- | M] (HP) -- C:\WINDOWS\system32\HPZipm12.exe
PRC - [2007/05/02 10:30:20 | 000,151,552 | ---- | M] (Creative Technology Ltd.) -- C:\Program Files\Creative\Creative Live! Cam\Live! Cam Manager\CTLCMgr.exe
PRC - [2006/11/17 11:42:46 | 000,053,341 | ---- | M] (Creative Technology Ltd) -- C:\Program Files\Creative\Shared Files\CTSched.exe
PRC - [2005/05/17 18:48:32 | 000,077,824 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SOUNDMAN.EXE
PRC - [2005/05/11 13:52:04 | 000,737,381 | ---- | M] (Cyberlink) -- C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLService.exe
PRC - [2005/05/11 13:52:00 | 000,061,440 | ---- | M] (Cyberlink) -- C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
PRC - [2005/05/11 13:50:34 | 000,110,672 | ---- | M] () -- c:\APPS\Powercinema\Kernel\TV\CLSched.exe
PRC - [2005/05/11 13:50:14 | 000,221,266 | ---- | M] () -- c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe
PRC - [2004/04/08 05:25:04 | 001,135,728 | ---- | M] (America Online, Inc.) -- C:\Program Files\Fichiers communs\AOL\ACS\AOLacsd.exe
PRC - [2004/02/26 09:52:00 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) -- C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
PRC - [2003/07/02 17:40:08 | 000,045,056 | ---- | M] ( ) -- C:\WINDOWS\system32\slserv.exe


========== Modules (SafeList) ==========

MOD - [2010/08/20 15:01:20 | 000,575,488 | ---- | M] (OldTimer Tools) -- D:\Documents and Settings\Chapelier\Mes documents\Downloads\OTL (2).exe
MOD - [2010/04/06 04:52:46 | 002,462,720 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wmvcore.dll
MOD - [2009/09/28 20:34:48 | 000,083,288 | ---- | M] (LogMeIn, Inc.) -- C:\WINDOWS\system32\LMIRfsClientNP.dll
MOD - [2009/08/13 15:56:14 | 001,748,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6001.22319_x-ww_f0b4c2df\GdiPlus.dll
MOD - [2009/02/27 17:37:16 | 000,311,296 | ---- | M] () -- C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\pdfshell.FRA
MOD - [2009/01/30 20:34:06 | 000,222,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\WMASF.dll
MOD - [2009/01/30 20:34:02 | 000,254,976 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\PortableDeviceApi.dll
MOD - [2008/04/13 20:33:50 | 000,053,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winsta.dll
MOD - [2008/04/13 20:33:48 | 000,068,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\sti.dll
MOD - [2008/04/13 20:33:42 | 000,068,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shgina.dll
MOD - [2008/04/13 20:33:40 | 000,249,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\odbc32.dll
MOD - [2008/04/13 20:33:38 | 000,044,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntlanman.dll
MOD - [2008/04/13 20:33:36 | 000,245,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netui1.dll
MOD - [2008/04/13 20:33:36 | 000,083,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netui0.dll
MOD - [2008/04/13 20:33:36 | 000,011,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netrap.dll
MOD - [2008/04/13 20:33:32 | 001,007,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msgina.dll
MOD - [2008/04/13 20:33:30 | 000,586,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mlang.dll
MOD - [2008/04/13 20:33:24 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\davclnt.dll
MOD - [2008/04/13 20:33:24 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drprov.dll
MOD - [2008/04/13 20:32:04 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx
MOD - [2008/04/13 20:31:04 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cfgmgr32.dll
MOD - [2008/04/13 12:36:48 | 002,986,496 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\xpsp2res.dll
MOD - [2007/03/28 06:56:44 | 000,098,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\odbcint.dll
MOD - [2006/05/03 22:53:54 | 000,174,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\framedyn.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- C:\WINDOWS\System32\appmgmts.dll -- (AppMgmt)
SRV - [2010/07/01 21:39:08 | 000,357,096 | ---- | M] (Kaspersky Lab ZAO) [Auto | Running] -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe -- (AVP)
SRV - [2009/08/05 23:48:42 | 000,704,864 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Live\Family Safety\fsssvc.exe -- (fsssvc)
SRV - [2009/05/19 11:36:18 | 000,240,512 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe -- (SeaPort)
SRV - [2007/08/09 09:27:52 | 000,073,728 | ---- | M] (HP) [Auto | Running] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12)
SRV - [2005/11/14 01:06:04 | 000,069,632 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe -- (IDriverT)
SRV - [2005/05/11 13:52:00 | 000,061,440 | ---- | M] (Cyberlink) [Auto | Running] -- C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe -- (CyberLink Media Library Service)
SRV - [2005/05/11 13:50:34 | 000,110,672 | ---- | M] () [Auto | Running] -- c:\APPS\Powercinema\Kernel\TV\CLSched.exe -- (CLSched) CyberLink Task Scheduler (CTS)
SRV - [2005/05/11 13:50:14 | 000,221,266 | ---- | M] () [Auto | Running] -- c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe -- (CLCapSvc) CyberLink Background Capture Service (CBCS)
SRV - [2004/10/25 16:23:04 | 003,485,696 | ---- | M] () [On_Demand | Stopped] -- C:\APPS\Inventime\mysql\bin\mysqld-nt.exe -- (MysqlInventime)
SRV - [2004/04/08 05:25:04 | 001,135,728 | ---- | M] (America Online, Inc.) [Auto | Running] -- C:\Program Files\Fichiers communs\AOL\ACS\AOLacsd.exe -- (AOL ACS)
SRV - [2004/02/26 09:52:00 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) [Auto | Running] -- C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe -- (UleadBurningHelper)
SRV - [2003/07/28 20:28:22 | 000,089,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
SRV - [2003/07/02 17:40:08 | 000,045,056 | ---- | M] ( ) [Auto | Running] -- C:\WINDOWS\System32\slserv.exe -- (SLService)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\Drivers\usbaapl.sys -- (USBAAPL)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\splitcam.sys -- (SPLITCAM)
DRV - File not found [Kernel | Auto | Stopped] -- C:\Program Files\LogMeIn\x86\RaInfo.sys -- (LMIInfo)
DRV - [2010/06/22 19:24:00 | 000,482,392 | ---- | M] (Kaspersky Lab) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\klif.sys -- (KLIF)
DRV - [2010/06/09 17:43:52 | 000,011,352 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\kl2.sys -- (kl2)
DRV - [2010/06/09 17:43:50 | 000,132,184 | ---- | M] (Kaspersky Lab ZAO) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\kl1.sys -- (kl1)
DRV - [2010/05/07 12:06:26 | 000,032,856 | ---- | M] (Kaspersky Lab ZAO) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\klim5.sys -- (klim5)
DRV - [2010/01/20 13:28:24 | 000,295,432 | ---- | M] (Protect Software GmbH) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\ACEDRV11.sys -- (acedrv11)
DRV - [2009/11/02 20:27:24 | 000,019,472 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\klmouflt.sys -- (klmouflt)
DRV - [2009/09/28 20:34:48 | 000,083,288 | ---- | M] (LogMeIn, Inc.) [File_System | Disabled | Stopped] -- C:\WINDOWS\System32\LMIRfsClientNP.dll -- (LMIRfsClientNP)
DRV - [2009/08/05 23:48:42 | 000,054,752 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\fssfltr_tdi.sys -- (fssfltr)
DRV - [2009/06/22 14:14:12 | 000,130,432 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtnicxp.sys -- (RTL8023xp)
DRV - [2008/10/01 13:58:48 | 000,005,632 | ---- | M] () [File_System | System | Running] -- C:\WINDOWS\System32\drivers\StarOpen.sys -- (StarOpen)
DRV - [2008/08/11 13:41:00 | 000,047,640 | ---- | M] (LogMeIn, Inc.) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\LMIRfsDriver.sys -- (LMIRfsDriver)
DRV - [2008/04/30 15:43:42 | 000,160,768 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\V0350Afx.sys -- (VF0350Afx)
DRV - [2008/04/13 12:46:24 | 000,015,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mpe.sys -- (MPE)
DRV - [2008/04/13 12:45:14 | 000,060,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\usbaudio.sys -- (usbaudio) Pilote USB audio (WDM)
DRV - [2008/04/13 12:36:40 | 000,043,008 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\amdagp.sys -- (amdagp)
DRV - [2008/04/13 12:36:40 | 000,040,960 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\sisagp.sys -- (sisagp)
DRV - [2007/11/02 12:47:38 | 000,109,992 | R--- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s916mdm.sys -- (s916mdm)
DRV - [2007/11/02 12:47:38 | 000,103,976 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s916mgmt.sys -- (s916mgmt) Sony Ericsson Device 916 USB WMC Device Management Drivers (WDM)
DRV - [2007/11/02 12:47:38 | 000,100,008 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s916obex.sys -- (s916obex)
DRV - [2007/11/02 12:47:38 | 000,083,496 | R--- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s916bus.sys -- (s916bus) Sony Ericsson Device 916 driver (WDM)
DRV - [2007/11/02 12:47:38 | 000,015,016 | R--- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s916mdfl.sys -- (s916mdfl)
DRV - [2007/08/29 01:03:00 | 000,170,368 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\V0350Vid.sys -- (VF0350Vid) Live! Cam Video IM (VF0350)
DRV - [2007/07/03 16:58:20 | 000,106,792 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sscdmdm.sys -- (sscdmdm)
DRV - [2007/07/03 16:57:24 | 000,011,944 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sscdmdfl.sys -- (sscdmdfl)
DRV - [2007/07/03 16:54:24 | 000,080,552 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sscdbus.sys -- (sscdbus) SAMSUNG USB Composite Device driver (WDM)
DRV - [2007/03/05 18:45:04 | 000,007,424 | ---- | M] (EyePower Games Pte. Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\V0350Vfx.sys -- (VF0350Vfx)
DRV - [2006/03/01 19:53:54 | 000,032,128 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\pcandis5.sys -- (PCANDIS5)
DRV - [2005/05/27 12:51:26 | 000,799,744 | ---- | M] (Philips Semiconductors GmbH) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\3xHybrid.sys -- (3xHybrid)
DRV - [2005/05/18 17:50:30 | 002,319,680 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS -- (ALCXWDM) Service for Realtek AC97 Audio (WDM)
DRV - [2005/04/01 16:16:00 | 003,454,656 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2005/03/09 15:53:00 | 000,043,008 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8)
DRV - [2004/08/03 22:41:40 | 000,013,776 | ---- | M] (Smart Link) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RecAgent.sys -- (RecAgent)
DRV - [2003/08/20 17:34:50 | 000,548,952 | ---- | M] ( ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\slntamr.sys -- (Slntamr)
DRV - [2003/07/16 12:30:26 | 000,221,736 | ---- | M] ( ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mtlmnt5.sys -- (Mtlmnt5)
DRV - [2003/07/02 16:26:36 | 001,301,128 | ---- | M] ( ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mtlstrm.sys -- (Mtlstrm)
DRV - [2003/07/02 16:24:36 | 000,086,128 | ---- | M] ( ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\slnthal.sys -- (SlNtHal)
DRV - [2003/07/02 16:12:52 | 000,039,348 | ---- | M] (Vireo Software) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\slwdmsup.sys -- (SlWdmSup)
DRV - [2003/07/02 15:57:10 | 000,167,384 | ---- | M] ( ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ntmtlfax.sys -- (NtMtlFax)
DRV - [2003/01/10 16:13:04 | 000,033,588 | ---- | M] (America Online, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\wanatw4.sys -- (wanatw) WAN Miniport (ATW)
DRV - [2002/08/30 13:00:00 | 000,179,584 | ---- | M] (Mylex Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\dac2w2k.sys -- (dac2w2k)
DRV - [2002/08/30 13:00:00 | 000,049,024 | ---- | M] (QLogic Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\ql1280.sys -- (ql1280)
DRV - [2002/08/30 13:00:00 | 000,045,312 | ---- | M] (QLogic Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\ql12160.sys -- (ql12160)
DRV - [2002/08/30 13:00:00 | 000,040,320 | ---- | M] (QLogic Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\ql1080.sys -- (ql1080)
DRV - [2002/08/30 13:00:00 | 000,036,736 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\ultra.sys -- (ultra)
DRV - [2002/08/30 13:00:00 | 000,032,640 | ---- | M] (LSI Logic) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\symc8xx.sys -- (symc8xx)
DRV - [2002/08/30 13:00:00 | 000,030,688 | ---- | M] (LSI Logic) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\sym_u3.sys -- (sym_u3)
DRV - [2002/08/30 13:00:00 | 000,028,384 | ---- | M] (LSI Logic) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\sym_hi.sys -- (sym_hi)
DRV - [2002/08/30 13:00:00 | 000,026,496 | ---- | M] (Advanced System Products, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\asc.sys -- (asc)
DRV - [2002/08/30 13:00:00 | 000,019,072 | ---- | M] (Adaptec, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\sparrow.sys -- (Sparrow)
DRV - [2002/08/30 13:00:00 | 000,017,280 | ---- | M] (American Megatrends Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\mraid35x.sys -- (mraid35x)
DRV - [2002/08/30 13:00:00 | 000,016,256 | ---- | M] (Symbios Logic Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\symc810.sys -- (symc810)
DRV - [2002/08/30 13:00:00 | 000,014,848 | ---- | M] (Advanced System Products, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\asc3550.sys -- (asc3550)
DRV - [2002/08/30 13:00:00 | 000,006,656 | ---- | M] (CMD Technology, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\cmdide.sys -- (CmdIde)
DRV - [2002/08/30 13:00:00 | 000,005,248 | ---- | M] (Acer Laboratories Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\aliide.sys -- (AliIde)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-733568381-2925260249-56603025-1006\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-733568381-2925260249-56603025-1006\SOFTWARE\Microsoft\Internet Explorer\Main,start page = about:blank
IE - HKU\S-1-5-21-733568381-2925260249-56603025-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://fr.msn.com/?ocid=iehp
IE - HKU\S-1-5-21-733568381-2925260249-56603025-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = fr
IE - HKU\S-1-5-21-733568381-2925260249-56603025-1006\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKU\S-1-5-21-733568381-2925260249-56603025-1006\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultthis.engineName: "Avanquest FR Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2500339&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.selectedEngine: "Avanquest FR Customized Web Search"
FF - prefs.js..browser.startup.homepage: "http://search.conduit.com/?ctid=CT2500339&SearchSource=13"
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: linkfilter@kaspersky.ru:9.0.0.736
FF - prefs.js..extensions.enabledItems: {6ec85fcf-87ad-41d7-ae1f-f116f8ad4848}:2.6.0.15
FF - prefs.js..network.proxy.no_proxies_on: "*.local"

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/05/26 21:50:03 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/08/13 19:00:21 | 000,000,000 | ---D | M]

[2010/05/26 21:50:15 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Chapelier\Application Data\Mozilla\Extensions
[2009/03/20 21:59:57 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Chapelier\Application Data\Mozilla\Extensions\mozswing@mozswing.org
[2010/07/12 22:42:34 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Chapelier\Application Data\Mozilla\Firefox\Profiles\wimoz6av.default\extensions
[2010/07/12 22:42:34 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- D:\Documents and Settings\Chapelier\Application Data\Mozilla\Firefox\Profiles\wimoz6av.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/07/05 22:20:19 | 000,000,000 | ---D | M] (Avanquest FR Toolbar) -- D:\Documents and Settings\Chapelier\Application Data\Mozilla\Firefox\Profiles\wimoz6av.default\extensions\{6ec85fcf-87ad-41d7-ae1f-f116f8ad4848}
[2010/05/06 17:26:20 | 000,000,927 | ---- | M] () -- D:\Documents and Settings\Chapelier\Application Data\Mozilla\Firefox\Profiles\wimoz6av.default\searchplugins\conduit.xml
[2010/08/13 19:00:24 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010/08/13 19:00:24 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010/08/18 13:37:43 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\KavAntiBanner@Kaspersky.ru
[2010/08/18 13:37:40 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\linkfilter@kaspersky.ru
[2010/07/17 05:00:04 | 000,423,656 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2010/04/01 19:07:29 | 000,001,516 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazon-france.xml
[2010/04/01 19:07:29 | 000,001,822 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\cnrtl-tlfi-fr.xml
[2010/04/01 19:07:29 | 000,000,757 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-france.xml
[2010/04/01 19:07:29 | 000,001,426 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-fr.xml
[2010/04/01 19:07:29 | 000,000,956 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-france.xml

O1 HOSTS File: ([2010/04/29 13:44:06 | 000,000,792 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\ievkbd.dll (Kaspersky Lab ZAO)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
O2 - BHO: (Avanquest FR Toolbar) - {6ec85fcf-87ad-41d7-ae1f-f116f8ad4848} - C:\Program Files\Avanquest_FR\tbAvan.dll (Conduit Ltd.)
O2 - BHO: (Programme d'aide de l'Assistant de connexion Windows Live) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll (Google Inc.)
O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O2 - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll (Kaspersky Lab ZAO)
O2 - BHO: (SMTTB2009 Class) - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - Reg Error: Value error. File not found
O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (Splitcam Toolbar) - {338B4DFE-2E2C-4338-9E41-E176D497299E} - Reg Error: Value error. File not found
O3 - HKLM\..\Toolbar: (Avanquest FR Toolbar) - {6ec85fcf-87ad-41d7-ae1f-f116f8ad4848} - C:\Program Files\Avanquest_FR\tbAvan.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKU\S-1-5-21-733568381-2925260249-56603025-1006\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O3 - HKU\S-1-5-21-733568381-2925260249-56603025-1006\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKU\S-1-5-21-733568381-2925260249-56603025-1006\..\Toolbar\WebBrowser: (Avanquest FR Toolbar) - {6EC85FCF-87AD-41D7-AE1F-F116F8AD4848} - C:\Program Files\Avanquest_FR\tbAvan.dll (Conduit Ltd.)
O4 - HKLM..\Run: [Adobe ARM] C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AppleSyncNotifier] C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleSyncNotifier.exe (Apple Inc.)
O4 - HKLM..\Run: [AVFX Engine] C:\Program Files\Creative\Creative Live! Cam\VideoFX\StartFX.exe (Creative Technology Ltd.)
O4 - HKLM..\Run: [AVP] C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe (Kaspersky Lab ZAO)
O4 - HKLM..\Run: [BluetoothAuthenticationAgent] C:\WINDOWS\System32\bthprops.cpl (Microsoft Corporation)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe (NVIDIA Corporation)
O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\SOUNDMAN.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [V0350Mon.exe] C:\WINDOWS\V0350Mon.exe (Creative Technology Ltd.)
O4 - HKU\S-1-5-21-733568381-2925260249-56603025-1006..\Run: [Creative Live! Cam Manager] C:\Program Files\Creative\Creative Live! Cam\Live! Cam Manager\CTLCMgr.exe (Creative Technology Ltd.)
O4 - HKU\S-1-5-21-733568381-2925260249-56603025-1006..\Run: [CreativeTaskScheduler] C:\Program Files\Creative\Shared Files\CTSched.exe (Creative Technology Ltd)
O4 - HKU\.DEFAULT..\RunOnce: [nltide_2] File not found
O4 - HKU\S-1-5-18..\RunOnce: [nltide_2] File not found
O4 - Startup: D:\Documents and Settings\Chapelier\Menu Démarrer\Programmes\Démarrage\ERUNT AutoBackup.lnk = C:\Program Files\ERUNT\AUTOBACK.EXE ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 60
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-733568381-2925260249-56603025-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-733568381-2925260249-56603025-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O8 - Extra context menu item: Ajouter à l'Anti-bannière - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\ie_banner_deny.htm ()
O9 - Extra Button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: Clavier &virtuel - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll (Kaspersky Lab ZAO)
O9 - Extra Button: Analyse des &liens - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll (Kaspersky Lab ZAO)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation)
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} http://upload.facebook.com/controls/200 ... oader5.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/ ... ontrol.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} http://copainsdavant.linternaute.com/fr ... oader5.cab (Image Uploader Control)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebook.com/controls/200 ... ader55.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/fl ... rashim.cab (Reg Error: Value error.)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zone.msn.com/binary/Me ... b56907.cab (MessengerStatsClient Class)
O16 - DPF: {CAFEEFAC-0015-0000-0002-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinsta ... s-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Value error.)
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} http://ccfiles.creative.com/Web/softwar ... /CTPID.cab (Creative Software AutoUpdate Support Package)
O16 - DPF: CabBuilder http://kiw.imgag.com/imgag/kiw/toolbar/ ... ontrol.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Fichiers communs\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\skyline {3a4f9195-65a8-11d5-85c1-0001023952c1} - C:\Program Files\Skyline\TerraExplorer\TerraExplorerX.dll (Skyline software systems Inc.)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\PROGRA~1\KASPER~1\KASPER~3\mzvkbd3.dll) - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\mzvkbd3.dll (Kaspersky Lab ZAO)
O20 - AppInit_DLLs: (C:\PROGRA~1\KASPER~1\KASPER~3\kloehk.dll) - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\kloehk.dll (Kaspersky Lab ZAO)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\klogon: DllName - C:\WINDOWS\system32\klogon.dll - C:\WINDOWS\system32\klogon.dll (Kaspersky Lab ZAO)
O20 - Winlogon\Notify\LMIinit: DllName - LMIinit.dll - C:\WINDOWS\System32\LMIinit.dll (LogMeIn, Inc.)
O24 - Desktop Components:0 (Ma page d'accueil) - About:Home
O24 - Desktop WallPaper: D:\Documents and Settings\Chapelier\Application Data\Microsoft\Windows Live Photo Gallery\Papier peint de la Galerie de photos Windows Live.bmp
O24 - Desktop BackupWallPaper: D:\Documents and Settings\Chapelier\Application Data\Microsoft\Windows Live Photo Gallery\Papier peint de la Galerie de photos Windows Live.bmp
O32 - HKLM CDRom: AutoRun - 0
O32 - AutoRun File - [2010/04/27 12:08:39 | 000,000,050 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{03b9c321-86b2-11de-8880-00038a000015}\Shell - "" = AutoRun
O33 - MountPoints2\{03b9c321-86b2-11de-8880-00038a000015}\Shell\AutoRun\command - "" = L:\LaunchU3.exe -- File not found
O33 - MountPoints2\{d16889bc-43ca-11de-880a-00038a000015}\Shell - "" = AutoRun
O33 - MountPoints2\{dc39345c-3f09-11df-89e0-00038a000015}\Shell\AutoRun\command - "" = WDSetup.exe
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: AppMgmt - C:\WINDOWS\System32\appmgmts.dll File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: Wmi - C:\WINDOWS\System32\wmi.dll (Microsoft Corporation)
NetSvcs: WmdmPmSp - File not found

CREATERESTOREPOINT
Restore point Set: OTL Restore Point (65034330371522560)

========== Files/Folders - Created Within 30 Days ==========

[2010/08/19 23:23:18 | 000,000,000 | ---D | C] -- C:\Program Files\Recovery Toolbox for Outlook Express
[2010/08/19 23:02:33 | 000,085,504 | ---- | C] (Microsoft Corporation) -- D:\Documents and Settings\Chapelier\Mes documents\wabimp.dll
[2010/08/19 23:02:33 | 000,046,080 | ---- | C] (Microsoft Corporation) -- D:\Documents and Settings\Chapelier\Mes documents\wab.exe
[2010/08/19 23:02:33 | 000,032,768 | ---- | C] (Microsoft Corporation) -- D:\Documents and Settings\Chapelier\Mes documents\wabfind.dll
[2010/08/19 23:02:33 | 000,030,208 | ---- | C] (Microsoft Corporation) -- D:\Documents and Settings\Chapelier\Mes documents\wabmig.exe
[2010/08/19 23:02:27 | 002,534,400 | ---- | C] (Microsoft Corporation) -- D:\Documents and Settings\Chapelier\Mes documents\msoeres.dll
[2010/08/19 23:02:27 | 001,315,328 | ---- | C] (Microsoft Corporation) -- D:\Documents and Settings\Chapelier\Mes documents\msoe.dll
[2010/08/19 23:02:27 | 000,104,448 | ---- | C] (Microsoft Corporation) -- D:\Documents and Settings\Chapelier\Mes documents\oeimport.dll
[2010/08/19 23:02:27 | 000,060,416 | ---- | C] (Microsoft Corporation) -- D:\Documents and Settings\Chapelier\Mes documents\msimn.exe
[2010/08/19 23:01:54 | 000,035,840 | ---- | C] (Microsoft Corporation) -- D:\Documents and Settings\Chapelier\Mes documents\oemiglib.dll
[2010/08/19 23:01:07 | 000,060,928 | ---- | C] (Microsoft Corporation) -- D:\Documents and Settings\Chapelier\Mes documents\oemig50.exe
[2010/08/19 22:57:52 | 000,073,728 | ---- | C] (Microsoft Corporation) -- D:\Documents and Settings\Chapelier\Mes documents\setup50.exe
[2010/08/19 22:39:00 | 000,000,000 | ---D | C] -- C:\Program Files\Wanadoo
[2010/08/18 19:19:02 | 000,000,000 | RH-D | C] -- D:\Documents and Settings\Chapelier\Recent
[2010/08/15 18:46:04 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/08/15 18:45:57 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010/08/15 18:45:57 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/08/15 18:42:23 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2010/08/15 18:42:02 | 000,000,000 | ---D | C] -- C:\Program Files\ERUNT
[2010/08/14 18:04:51 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Chapelier\Application Data\QuickScan
[2010/08/14 17:03:13 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Chapelier\Application Data\gtk-2.0
[2010/08/14 17:01:56 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Chapelier\.evolution
[2010/08/14 17:01:40 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Chapelier\.gconfd
[2010/08/14 17:01:40 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Chapelier\.gconf
[2010/08/14 17:01:39 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Chapelier\.gnome2_private
[2010/08/14 17:01:39 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Chapelier\.gnome2
[2010/08/14 15:24:52 | 000,000,000 | ---D | C] -- C:\Program Files\DIP Consultants, LLC
[2010/08/13 19:00:21 | 000,153,376 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2010/08/13 19:00:21 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2010/08/13 19:00:21 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2010/08/13 17:40:36 | 000,249,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\Setup1.exe
[2010/08/13 17:40:33 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\ST6UNST.EXE
[2010/08/13 17:25:25 | 000,000,000 | ---D | C] -- C:\Program Files\RepareOE
[2010/08/10 22:59:24 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Chapelier\Mes documents\Ma musique
[2010/08/10 16:41:19 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Application Data\IObit
[2010/08/10 16:36:23 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Chapelier\Application Data\IObit
[2010/08/10 16:36:21 | 000,000,000 | ---D | C] -- C:\Program Files\IObit
[2010/08/07 18:55:12 | 000,000,000 | ---D | C] -- C:\Program Files\Uniblue
[2010/08/01 00:08:52 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Chapelier\Bureau\bateau
[2005/08/10 18:43:21 | 000,014,976 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\winddx.sys
[1980/01/01 00:00:00 | 001,301,128 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\mtlstrm.sys
[1980/01/01 00:00:00 | 000,548,952 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\slntamr.sys
[1980/01/01 00:00:00 | 000,221,736 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\mtlmnt5.sys
[1980/01/01 00:00:00 | 000,167,384 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\ntmtlfax.sys
[1980/01/01 00:00:00 | 000,086,128 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\slnthal.sys
[7 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 D:\Documents and Settings\Chapelier\*.tmp files -> D:\Documents and Settings\Chapelier\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010/08/20 15:38:00 | 000,000,440 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{3A3E81BD-5953-4E51-B255-5F040310666F}.job
[2010/08/20 15:32:01 | 000,001,162 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-733568381-2925260249-56603025-1006UA.job
[2010/08/20 14:57:01 | 007,442,944 | ---- | M] () -- D:\Documents and Settings\Chapelier\Bureau\Ballade en Pays Basque.pps
[2010/08/20 14:50:35 | 000,021,787 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2010/08/20 14:50:23 | 000,001,000 | ---- | M] () -- C:\WINDOWS\tasks\Google Software Updater.job
[2010/08/20 14:50:05 | 000,000,286 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-733568381-2925260249-56603025-1006.job
[2010/08/20 14:50:04 | 000,000,272 | ---- | M] () -- C:\WINDOWS\tasks\RegistryBooster.job
[2010/08/20 14:50:04 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/08/20 14:50:00 | 000,012,620 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/08/20 14:49:57 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/08/19 23:42:19 | 000,000,012 | ---- | M] () -- C:\WINDOWS\bthservsdp.dat
[2010/08/19 23:42:16 | 006,815,744 | ---- | M] () -- D:\Documents and Settings\Chapelier\NTUSER.DAT
[2010/08/19 23:42:16 | 000,000,184 | -HS- | M] () -- D:\Documents and Settings\Chapelier\ntuser.ini
[2010/08/19 23:42:05 | 013,368,222 | -H-- | M] () -- D:\Documents and Settings\Chapelier\Local Settings\Application Data\IconCache.db
[2010/08/19 23:09:08 | 000,000,632 | ---- | M] () -- D:\Documents and Settings\Chapelier\Application Data\Microsoft\Internet Explorer\Quick Launch\RegistryBooster.lnk
[2010/08/19 17:32:00 | 000,001,110 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-733568381-2925260249-56603025-1006Core.job
[2010/08/18 13:56:22 | 000,113,933 | ---- | M] () -- C:\WINDOWS\System32\drivers\klin.dat
[2010/08/18 13:56:22 | 000,097,549 | ---- | M] () -- C:\WINDOWS\System32\drivers\klick.dat
[2010/08/16 13:57:56 | 011,010,048 | -H-- | M] () -- D:\Documents and Settings\Chapelier\NTUSER.bak
[2010/08/15 18:46:09 | 000,000,581 | ---- | M] () -- D:\Documents and Settings\All Users\Bureau\Malwarebytes' Anti-Malware.lnk
[2010/08/15 18:42:59 | 000,000,674 | ---- | M] () -- D:\Documents and Settings\Chapelier\Menu Démarrer\Programmes\Démarrage\ERUNT AutoBackup.lnk
[2010/08/15 01:14:53 | 000,017,920 | ---- | M] () -- D:\Documents and Settings\Chapelier\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/08/13 17:40:36 | 000,249,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Setup1.exe
[2010/08/13 17:40:33 | 000,073,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\ST6UNST.EXE
[2010/08/13 17:27:58 | 000,001,548 | ---- | M] () -- C:\WINDOWS\win.ini
[2010/08/13 10:35:24 | 000,002,320 | ---- | M] () -- D:\Documents and Settings\Chapelier\Bureau\Google Chrome.lnk
[2010/08/13 10:12:53 | 000,309,992 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/08/12 23:54:01 | 001,084,244 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010/08/12 23:54:01 | 000,512,688 | ---- | M] () -- C:\WINDOWS\System32\perfh00C.dat
[2010/08/12 23:54:01 | 000,443,316 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/08/12 23:54:01 | 000,086,052 | ---- | M] () -- C:\WINDOWS\System32\perfc00C.dat
[2010/08/12 23:54:01 | 000,072,466 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010/08/09 17:25:52 | 000,017,042 | ---- | M] () -- D:\Documents and Settings\Chapelier\Application Data\wklnhst.dat
[2010/08/09 17:25:36 | 000,070,144 | ---- | M] () -- D:\Documents and Settings\Chapelier\Bureau\drapeau.wps
[2010/08/06 14:01:25 | 000,000,104 | ---- | M] () -- D:\Documents and Settings\Chapelier\Bureau\Raccourci vers Courrier électronique.lnk
[2010/08/05 23:08:14 | 000,061,062 | ---- | M] () -- D:\Documents and Settings\Chapelier\Mes documents\identities.reg
[2010/08/04 11:49:00 | 000,000,294 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-733568381-2925260249-56603025-1006.job
[2010/08/03 13:54:56 | 000,214,614 | ---- | M] () -- D:\Documents and Settings\Chapelier\Mes documents\vhf.jpg
[2010/08/01 14:20:11 | 000,057,513 | ---- | M] () -- D:\Documents and Settings\Chapelier\Mes documents\38805_10150242066160347_676145346_14099493_1968911_n.jpg
[2010/07/30 22:01:00 | 000,275,530 | ---- | M] () -- D:\Documents and Settings\Chapelier\Mes documents\DSCN1253.JPG
[2010/07/29 10:28:46 | 000,179,573 | ---- | M] () -- D:\Documents and Settings\Chapelier\Mes documents\pole emploi 07.pdf
[2010/07/27 08:30:01 | 008,518,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shell32.dll
[7 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 D:\Documents and Settings\Chapelier\*.tmp files -> D:\Documents and Settings\Chapelier\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/08/20 14:57:01 | 007,442,944 | ---- | C] () -- D:\Documents and Settings\Chapelier\Bureau\Ballade en Pays Basque.pps
[2010/08/19 23:09:31 | 000,000,272 | ---- | C] () -- C:\WINDOWS\tasks\RegistryBooster.job
[2010/08/19 23:09:08 | 000,000,632 | ---- | C] () -- D:\Documents and Settings\Chapelier\Application Data\Microsoft\Internet Explorer\Quick Launch\RegistryBooster.lnk
[2010/08/19 23:02:27 | 000,191,845 | ---- | C] () -- D:\Documents and Settings\Chapelier\Mes documents\jmc.wab
[2010/08/16 13:56:34 | 000,000,000 | -H-- | C] () -- D:\Documents and Settings\Chapelier\NTUSER.tmp.LOG
[2010/08/15 18:46:09 | 000,000,581 | ---- | C] () -- D:\Documents and Settings\All Users\Bureau\Malwarebytes' Anti-Malware.lnk
[2010/08/15 18:42:07 | 000,000,674 | ---- | C] () -- D:\Documents and Settings\Chapelier\Menu Démarrer\Programmes\Démarrage\ERUNT AutoBackup.lnk
[2010/08/07 12:40:16 | 000,070,144 | ---- | C] () -- D:\Documents and Settings\Chapelier\Bureau\drapeau.wps
[2010/08/06 14:01:25 | 000,000,104 | ---- | C] () -- D:\Documents and Settings\Chapelier\Bureau\Raccourci vers Courrier électronique.lnk
[2010/08/05 23:08:14 | 000,061,062 | ---- | C] () -- D:\Documents and Settings\Chapelier\Mes documents\identities.reg
[2010/08/03 13:54:39 | 000,214,614 | ---- | C] () -- D:\Documents and Settings\Chapelier\Mes documents\vhf.jpg
[2010/08/01 14:20:09 | 000,057,513 | ---- | C] () -- D:\Documents and Settings\Chapelier\Mes documents\38805_10150242066160347_676145346_14099493_1968911_n.jpg
[2010/07/30 22:01:00 | 000,275,530 | ---- | C] () -- D:\Documents and Settings\Chapelier\Mes documents\DSCN1253.JPG
[2010/07/30 21:59:32 | 000,442,001 | ---- | C] () -- D:\Documents and Settings\Chapelier\Mes documents\DSCN1254.JPG
[2010/07/29 10:28:46 | 000,179,573 | ---- | C] () -- D:\Documents and Settings\Chapelier\Mes documents\pole emploi 07.pdf
[2009/06/26 14:34:19 | 000,000,033 | ---- | C] () -- C:\WINDOWS\Multimedia manager.INI
[2009/06/22 14:14:53 | 000,073,728 | ---- | C] () -- C:\WINDOWS\System32\RtNicProp32.dll
[2009/06/11 19:27:32 | 000,339,968 | ---- | C] () -- C:\WINDOWS\System32\pythoncom25.dll
[2009/06/11 19:27:32 | 000,114,688 | ---- | C] () -- C:\WINDOWS\System32\pywintypes25.dll
[2009/06/10 14:36:36 | 000,003,121 | ---- | C] () -- D:\Documents and Settings\LocalService\Local Settings\Application Data\Config.nt.bak
[2009/06/10 14:36:36 | 000,001,896 | ---- | C] () -- D:\Documents and Settings\LocalService\Local Settings\Application Data\Autoexec.nt.bak
[2009/06/10 14:36:36 | 000,000,736 | ---- | C] () -- D:\Documents and Settings\LocalService\Local Settings\Application Data\hosts.bak
[2009/06/09 22:36:04 | 000,007,279 | ---- | C] () -- C:\Program Files\gonfle (197 x 112).jpg
[2009/02/11 23:02:22 | 000,000,118 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
[2009/01/07 22:26:16 | 000,000,000 | ---- | C] () -- C:\WINDOWS\MSDraw.ini
[2008/09/12 08:43:50 | 000,000,061 | ---- | C] () -- C:\WINDOWS\yesmessenger.ini
[2008/09/06 20:38:45 | 000,001,417 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2008/09/06 16:16:14 | 000,000,000 | ---- | C] () -- D:\Documents and Settings\All Users\Application Data\LauncherAccess.dt
[2008/09/06 16:14:43 | 000,005,632 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys
[2008/09/02 19:32:20 | 000,000,379 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2008/09/01 21:50:02 | 000,000,000 | ---- | C] () -- C:\WINDOWS\cdDalloz.ini
[2008/08/27 01:05:31 | 000,000,044 | ---- | C] () -- C:\WINDOWS\liveup.ini
[2008/07/18 18:15:56 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2008/07/18 13:05:58 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\HPZIDS01.dll
[2008/07/17 22:27:35 | 000,097,155 | ---- | C] () -- D:\Documents and Settings\Chapelier\Local Settings\Application Data\FASTWiz.log
[2008/07/16 17:55:20 | 000,017,042 | ---- | C] () -- D:\Documents and Settings\Chapelier\Application Data\wklnhst.dat
[2008/07/16 17:53:46 | 000,017,920 | ---- | C] () -- D:\Documents and Settings\Chapelier\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/07/16 11:42:04 | 000,000,132 | ---- | C] () -- D:\Documents and Settings\Chapelier\Local Settings\Application Data\fusioncache.dat
[2007/08/12 15:58:41 | 000,017,920 | ---- | C] () -- D:\Documents and Settings\NetworkService\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007/04/01 16:47:21 | 000,001,755 | ---- | C] () -- D:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2006/09/18 19:03:46 | 000,003,120 | ---- | C] () -- D:\Documents and Settings\All Users\Application Data\118300.34
[2006/08/19 19:14:52 | 000,007,531 | ---- | C] () -- D:\Documents and Settings\All Users\Application Data\hpzinstall.log
[2005/08/10 19:20:53 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2005/08/10 19:09:08 | 000,198,144 | ---- | C] () -- C:\WINDOWS\System32\_psisdecd.dll
[2005/08/10 19:06:03 | 000,000,501 | ---- | C] () -- C:\WINDOWS\System32\SETUPPC.INI
[2005/08/10 18:59:50 | 000,007,576 | ---- | C] () -- C:\WINDOWS\HDReg.ini
[2005/08/10 18:51:11 | 000,156,672 | ---- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll
[2005/08/10 18:50:14 | 000,003,072 | R--- | C] () -- C:\WINDOWS\System32\34CoInstaller.dll
[2005/08/10 18:43:21 | 000,475,136 | ---- | C] () -- C:\WINDOWS\System32\SLLights.dll
[2005/08/10 18:43:21 | 000,155,648 | ---- | C] () -- C:\WINDOWS\System32\amr_cpl.dll
[2005/08/10 18:43:21 | 000,135,168 | ---- | C] () -- C:\WINDOWS\System32\SLMOHServ.dll
[2005/05/20 14:05:02 | 000,005,606 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2005/01/18 15:41:20 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2004/08/19 18:09:40 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2004/08/16 18:25:16 | 000,000,829 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2001/07/07 03:00:00 | 000,003,279 | ---- | C] () -- C:\WINDOWS\System32\HPTCPMON.INI
[1980/01/01 00:00:00 | 000,540,672 | ---- | C] () -- C:\WINDOWS\System32\nvhwvid.dll
[1980/01/01 00:00:00 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\slextspk.dll
[1980/01/01 00:00:00 | 000,159,744 | ---- | C] () -- C:\WINDOWS\System32\SLGen.dll
[1980/01/01 00:00:00 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\coinst.dll

========== LOP Check ==========

[2009/06/11 19:27:12 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\AGI
[2010/02/09 15:15:09 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\Alwil Software
[2008/06/09 21:58:46 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\BitDefender
[2006/02/08 20:04:43 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\Bluetooth
[2008/07/16 22:18:09 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\Downloaded Installations
[2007/08/01 22:13:06 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\Emjysoft
[2007/05/21 17:28:56 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\FreeTest
[2009/06/10 18:43:28 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\G DATA
[2010/08/10 16:41:19 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\IObit
[2008/03/13 22:38:21 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\muvee Technologies
[2009/09/15 13:46:35 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\MyHeritage
[2005/08/10 11:58:23 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\OD2
[2008/02/12 23:06:52 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\Panasonic
[2010/07/18 15:20:39 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\Skyline
[2010/02/28 19:04:20 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\TEMP
[2010/02/23 19:35:56 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\TuneUp Software
[2005/08/10 12:06:21 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\Ulead Systems
[2005/08/10 11:59:20 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\Viewpoint
[2008/02/02 08:14:06 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\WindowsLiveInstaller
[2009/03/13 14:53:24 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\{00D89592-F643-4D8D-8F0F-AFAE0F14D4C3}
[2007/05/25 22:33:44 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\{3BF7B6DE-D2D6-4888-83BE-488663791EB5}
[2010/04/08 17:02:29 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2010/02/23 19:35:39 | 000,000,000 | -HSD | M] -- D:\Documents and Settings\All Users\Application Data\{55A29068-F2CE-456C-9148-C869879E2357}
[2009/09/18 12:18:05 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2009/04/07 11:34:09 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
[2010/04/16 18:14:36 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Chapelier\Application Data\AVP 2009
[2010/04/15 17:57:27 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Chapelier\Application Data\CamfrogWEB
[2010/08/14 17:03:13 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Chapelier\Application Data\gtk-2.0
[2010/04/30 13:11:07 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Chapelier\Application Data\Image Zone Express
[2010/08/10 16:36:23 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Chapelier\Application Data\IObit
[2008/07/18 18:14:50 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Chapelier\Application Data\Leadertech
[2009/10/11 15:55:18 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Chapelier\Application Data\LimeWire
[2008/07/16 22:32:37 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Chapelier\Application Data\MSNInstaller
[2009/09/15 13:46:35 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Chapelier\Application Data\MyHeritage
[2008/07/16 22:18:33 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Chapelier\Application Data\OD2
[2010/05/06 14:16:12 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Chapelier\Application Data\ProtectDisc
[2010/08/14 18:08:58 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Chapelier\Application Data\QuickScan
[2010/02/16 19:02:11 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Chapelier\Application Data\Registry Mechanic
[2009/09/13 16:33:21 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Chapelier\Application Data\Samsung
[2008/07/16 17:55:21 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Chapelier\Application Data\Template
[2010/05/23 12:52:19 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Chapelier\Application Data\Toolbar4
[2010/02/23 19:36:58 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Chapelier\Application Data\TuneUp Software
[2009/04/14 18:50:06 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Chapelier\Application Data\Ulead Systems
[2010/01/17 01:07:04 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Chapelier\Application Data\Uniblue
[2010/04/16 18:39:09 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Chapelier\Application Data\uTorrent
[2008/08/16 11:50:34 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Chapelier\Application Data\Viewpoint
[2008/08/17 22:53:36 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Chapelier\Application Data\Voxmobili
[2009/03/05 00:05:18 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Chapelier\Application Data\Windows Live Writer
[2006/11/21 21:41:20 | 000,000,000 | ---D | M] -- D:\Documents and Settings\jean-marc\Application Data\Azureus
[2007/08/01 22:13:06 | 000,000,000 | ---D | M] -- D:\Documents and Settings\jean-marc\Application Data\Emjysoft
[2008/07/16 09:31:26 | 000,000,000 | ---D | M] -- D:\Documents and Settings\jean-marc\Application Data\EoRezo
[2008/07/03 18:45:34 | 000,000,000 | ---D | M] -- D:\Documents and Settings\jean-marc\Application Data\Image Zone Express
[2008/07/04 01:07:21 | 000,000,000 | ---D | M] -- D:\Documents and Settings\jean-marc\Application Data\ItsLabel
[2005/09/21 22:15:28 | 000,000,000 | ---D | M] -- D:\Documents and Settings\jean-marc\Application Data\Leadertech
[2006/03/02 01:04:18 | 000,000,000 | ---D | M] -- D:\Documents and Settings\jean-marc\Application Data\MSNInstaller
[2005/09/20 19:26:20 | 000,000,000 | ---D | M] -- D:\Documents and Settings\jean-marc\Application Data\OD2
[2007/10/13 19:29:56 | 000,000,000 | ---D | M] -- D:\Documents and Settings\jean-marc\Application Data\Printer Info Cache
[2007/11/04 18:00:23 | 000,000,000 | ---D | M] -- D:\Documents and Settings\jean-marc\Application Data\SecondLife
[2007/10/06 18:45:07 | 000,000,000 | ---D | M] -- D:\Documents and Settings\jean-marc\Application Data\SPAMfighter
[2005/09/20 22:07:36 | 000,000,000 | ---D | M] -- D:\Documents and Settings\jean-marc\Application Data\Ulead Systems
[2007/04/05 21:34:06 | 000,000,000 | ---D | M] -- D:\Documents and Settings\jean-marc\Application Data\VadeRetro
[2008/06/18 10:32:03 | 000,000,000 | ---D | M] -- D:\Documents and Settings\jean-marc\Application Data\Viewpoint
[2007/09/27 13:30:39 | 000,000,000 | ---D | M] -- D:\Documents and Settings\jean-marc\Application Data\Windows Desktop Search
[2006/01/26 19:59:28 | 000,000,000 | ---D | M] -- D:\Documents and Settings\yann\Application Data\OD2
[2010/08/20 14:50:04 | 000,000,272 | ---- | M] () -- C:\WINDOWS\Tasks\RegistryBooster.job
[2010/08/20 15:38:00 | 000,000,440 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{3A3E81BD-5953-4E51-B255-5F040310666F}.job

========== Purity Check ==========



========== Custom Scans ==========


<SYSTEMDRIVE>


<MD5>
[2008/03/25 16:25:03 | 016,726,727 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2008/04/13 20:47:24 | 020,102,028 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
[2004/08/05 14:00:00 | 018,779,217 | ---- | M] () .cab file -- C:\WINDOWS\I386\sp2.cab:AGP440.sys
[2008/04/13 20:47:24 | 020,102,028 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys
[2008/04/13 12:36:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008/04/13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\SoftwareDistribution\Download\327771f7f3830b5acec68906a2aac4ab\agp440.sys
[2008/04/13 12:36:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\dllcache\agp440.sys
[2008/04/13 12:36:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys
[2004/08/04 00:07:42 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\WINDOWS\$NtServicePackUninstall$\agp440.sys

<MD5>
[2008/03/25 16:25:03 | 016,726,727 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2008/04/13 20:47:24 | 020,102,028 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2004/08/05 14:00:00 | 018,779,217 | ---- | M] () .cab file -- C:\WINDOWS\I386\sp2.cab:atapi.sys
[2008/04/13 20:47:24 | 020,102,028 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008/04/13 12:40:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008/04/13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\SoftwareDistribution\Download\327771f7f3830b5acec68906a2aac4ab\atapi.sys
[2008/04/13 12:40:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\dllcache\atapi.sys
[2008/04/13 12:40:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004/08/03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys

<MD5>
[2004/08/19 16:09:26 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=49B1376885340BF9EA0D99F71557B59A -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll
[2008/04/13 20:33:26 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=4EC800BDF80521B0207BD2301DFC7D14 -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008/04/14 04:33:24 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=4EC800BDF80521B0207BD2301DFC7D14 -- C:\WINDOWS\SoftwareDistribution\Download\327771f7f3830b5acec68906a2aac4ab\eventlog.dll
[2008/04/13 20:33:26 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=4EC800BDF80521B0207BD2301DFC7D14 -- C:\WINDOWS\system32\eventlog.dll

<MD5>
[2008/04/13 20:33:36 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=04821179C3171554C1BD1F9888A113E2 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2008/04/14 04:33:34 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=04821179C3171554C1BD1F9888A113E2 -- C:\WINDOWS\SoftwareDistribution\Download\327771f7f3830b5acec68906a2aac4ab\netlogon.dll
[2008/04/13 20:33:36 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=04821179C3171554C1BD1F9888A113E2 -- C:\WINDOWS\system32\netlogon.dll
[2004/08/19 16:09:38 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=D4CFAC76926C24E32B7F25A35C31BC6E -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll

<MD5>
[2004/08/19 16:09:40 | 000,186,368 | ---- | M] (Microsoft Corporation) MD5=58D439F6EF73A
tuba221
 
Messages: 8
Inscription: 14 Aoû 2010, 15:58

Suivante

Retourner vers Sécurité (Contamination - Décontamination)

Qui est en ligne

Utilisateurs parcourant ce forum: Aucun utilisateur enregistré et 30 invités