INFECTION - Se débarrasser de Babylon

Sécurité et insécurité. Virus, Trojans, Spywares, Failles etc. …

Modérateur: Modérateurs et Modératrices

Règles du forum
Assiste.com a suspendu l'assistance à la décontamination après presque 15 ans sur l'ancien forum puis celui-ci. Voir :

Procédure de décontamination 1 - Anti-malware
Décontamination anti-malwares

Procédure de décontamination 2 - Anti-malware et antivirus (La Manip)
La Manip - Procédure standard de décontamination

Entretien périodique d'un PC sous Windows
Entretien périodique d'un PC sous Windows

Protection des navigateurs, de la navigation et de la vie privée
Protéger le navigateur, la navigation et la vie privée

INFECTION - Se débarrasser de Babylon

Messagede Houdry » 21 Aoû 2012, 07:14

Bonjour,
Je suis comme beaucoup, infacté avec Babylon... Impossible évidemment de m'en débarrasser. J'ai donc attéri ici après avoir fait tous les examens demandés dans le PDF de demande d'analyse de "log".


Voici mon rapport de Malwarebytes' Anti-Malware :

Malwarebytes Anti-Malware 1.62.0.1300
http://www.malwarebytes.org

Version de la base de données: v2012.08.21.02

Windows XP Service Pack 2 x86 NTFS
Internet Explorer 6.0.2900.2180
Jean-Claude Houdry :: ATELIER-REIMS [administrateur]

21/08/2012 07:15:52
mbam-log-2012-08-21 (07-15-52).txt

Type d'examen: Examen rapide
Options d'examen activées: Mémoire | Démarrage | Registre | Système de fichiers | Heuristique/Extra | Heuristique/Shuriken | PUP | PUM
Options d'examen désactivées: P2P
Elément(s) analysé(s): 194193
Temps écoulé: 1 minute(s), 42 seconde(s)

Processus mémoire détecté(s): 0
(Aucun élément nuisible détecté)

Module(s) mémoire détecté(s): 0
(Aucun élément nuisible détecté)

Clé(s) du Registre détectée(s): 0
(Aucun élément nuisible détecté)

Valeur(s) du Registre détectée(s): 0
(Aucun élément nuisible détecté)

Elément(s) de données du Registre détecté(s): 0
(Aucun élément nuisible détecté)

Dossier(s) détecté(s): 0
(Aucun élément nuisible détecté)

Fichier(s) détecté(s): 0
(Aucun élément nuisible détecté)

(fin)



Voilà pour ça, j'envoie le reste dans deux messages prochain comme demandé dans le PDF.
Avec mes remerciements.
Cordialement
JCH
Houdry
 
Messages: 6
Inscription: 21 Aoû 2012, 07:01

Re: INFECTION - Se débarrasser de Babylon

Messagede Houdry » 21 Aoû 2012, 07:38

Deuxième envoi.

Voici le rapport OTL.TXT en deux morceaux :


OTL logfile created on: 21/08/2012 07:26:19 - Run 1
OTL by OldTimer - Version 3.2.58.1 Folder = C:\Documents and Settings\Jean-Claude Houdry\Bureau
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

3,00 Gb Total Physical Memory | 2,09 Gb Available Physical Memory | 69,76% Memory free
4,84 Gb Paging File | 4,01 Gb Available in Paging File | 82,86% Paging File free
Paging file location(s): c:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 127,99 Gb Total Space | 57,27 Gb Free Space | 44,75% Space Free | Partition Type: NTFS
Drive E: | 803,52 Gb Total Space | 633,84 Gb Free Space | 78,88% Space Free | Partition Type: NTFS

Computer Name: ATELIER-REIMS | User Name: Jean-Claude Houdry | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/08/21 06:37:05 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Jean-Claude Houdry\Bureau\OTL.exe
PRC - [2012/07/25 12:18:36 | 000,019,800 | ---- | M] (Smartbar) -- C:\Documents and Settings\Jean-Claude Houdry\Local Settings\Application Data\Smartbar\Application\Linkury.exe
PRC - [2012/07/16 16:31:32 | 007,445,416 | ---- | M] (TeamViewer GmbH) -- C:\Program Files\TeamViewer\Version7\TeamViewer.exe
PRC - [2012/07/16 16:31:32 | 002,673,064 | ---- | M] (TeamViewer GmbH) -- C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe
PRC - [2012/07/16 16:22:42 | 000,106,408 | ---- | M] (TeamViewer GmbH) -- C:\Program Files\TeamViewer\Version7\tv_w32.exe
PRC - [2012/07/03 18:21:30 | 004,273,976 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2012/07/03 18:21:29 | 000,044,808 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2012/07/03 13:46:44 | 000,655,944 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012/07/03 13:46:44 | 000,462,920 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2012/06/29 16:05:44 | 000,880,496 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files\uTorrent\uTorrent.exe
PRC - [2012/06/22 03:05:42 | 009,683,456 | ---- | M] () -- C:\Program Files\SEO Soft\seosoft.exe
PRC - [2012/04/26 20:34:48 | 000,224,920 | ---- | M] () -- C:\Program Files\Macrium\Reflect\ReflectService.exe
PRC - [2012/01/18 14:02:04 | 000,254,696 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe
PRC - [2012/01/12 11:59:26 | 002,789,280 | ---- | M] (Binary Fortress Software) -- C:\Program Files\DisplayFusion\DisplayFusion.exe
PRC - [2011/10/09 17:02:32 | 000,055,144 | ---- | M] (Apple Inc.) -- C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe
PRC - [2011/06/14 21:40:48 | 000,088,688 | ---- | M] (VIA Technologies, Inc.) -- C:\WINDOWS\system32\KaraokeSer.exe
PRC - [2011/04/21 19:26:11 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) -- C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
PRC - [2011/04/15 11:43:20 | 002,280,312 | ---- | M] (TeamViewer GmbH) -- C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe
PRC - [2011/01/17 19:09:00 | 011,322,880 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\soffice.exe
PRC - [2011/01/17 19:09:00 | 011,314,688 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\soffice.bin
PRC - [2010/11/17 18:04:12 | 008,125,440 | ---- | M] (Extensis a division of Celartem, Inc.) -- C:\Program Files\Extensis\Suitcase Fusion 3\FMCore.exe
PRC - [2010/07/04 20:07:40 | 000,238,952 | ---- | M] (Teruten) -- C:\WINDOWS\system32\FsUsbExService.Exe
PRC - [2010/04/05 14:50:00 | 000,494,920 | R--- | M] (WinZip Computing, S.L.) -- C:\Program Files\WinZip\WZQKPICK.EXE
PRC - [2010/03/04 23:38:00 | 000,071,096 | ---- | M] () -- C:\Program Files\CDBurnerXP\NMSAccessU.exe
PRC - [2010/01/21 01:52:14 | 000,167,528 | ---- | M] () -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
PRC - [2010/01/21 01:52:12 | 000,370,792 | ---- | M] () -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
PRC - [2010/01/15 14:49:20 | 000,255,536 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe
PRC - [2009/10/18 07:19:30 | 000,600,256 | ---- | M] (Druide informatique inc.) -- C:\Program Files\Druide\Antidote 7\Programmes32\agentantidote.exe
PRC - [2007/08/17 15:13:20 | 000,364,192 | ---- | M] () -- C:\WINDOWS\system32\ATWTUSB.EXE
PRC - [2006/11/06 10:42:24 | 000,036,864 | ---- | M] () -- C:\Program Files\MyInk\My Ink Resident.exe
PRC - [2006/10/23 01:40:14 | 000,349,808 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrobat.exe
PRC - [2006/10/22 23:24:02 | 000,620,152 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\Adobe\Acrobat 8.0\Acrobat\acrotray.exe
PRC - [2004/08/04 00:54:50 | 001,036,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe


========== Modules (No Company Name) ==========

MOD - [2012/08/20 21:05:03 | 001,802,240 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\12082001\algo.dll
MOD - [2012/08/09 17:18:25 | 000,059,904 | ---- | M] () -- C:\Program Files\SEO Soft\zlib.dll
MOD - [2012/07/25 12:19:30 | 000,016,216 | ---- | M] () -- C:\Documents and Settings\Jean-Claude Houdry\Local Settings\Application Data\Smartbar\Application\Smartbar.Resources.Utilities.dll
MOD - [2012/07/25 12:19:26 | 000,046,936 | ---- | M] () -- C:\Documents and Settings\Jean-Claude Houdry\Local Settings\Application Data\Smartbar\Application\Smartbar.Resources.SocialNetsSharer.XmlSerializers.dll
MOD - [2012/07/25 12:19:24 | 000,024,920 | ---- | M] () -- C:\Documents and Settings\Jean-Claude Houdry\Local Settings\Application Data\Smartbar\Application\Smartbar.Resources.SocialNetsSharer.dll
MOD - [2012/07/25 12:19:24 | 000,019,288 | ---- | M] () -- C:\Documents and Settings\Jean-Claude Houdry\Local Settings\Application Data\Smartbar\Application\Smartbar.Resources.SideBySide.dll
MOD - [2012/07/25 12:19:18 | 000,013,144 | ---- | M] () -- C:\Documents and Settings\Jean-Claude Houdry\Local Settings\Application Data\Smartbar\Application\Smartbar.Resources.ProcessDownMonitor.dll
MOD - [2012/07/25 12:19:16 | 000,047,448 | ---- | M] () -- C:\Documents and Settings\Jean-Claude Houdry\Local Settings\Application Data\Smartbar\Application\Smartbar.Resources.LanguageSettings.dll
MOD - [2012/07/25 12:19:14 | 000,068,440 | ---- | M] () -- C:\Documents and Settings\Jean-Claude Houdry\Local Settings\Application Data\Smartbar\Application\Smartbar.Resources.HistoryAndStatsWrapper.dll
MOD - [2012/07/25 12:19:12 | 000,034,648 | ---- | M] () -- C:\Documents and Settings\Jean-Claude Houdry\Local Settings\Application Data\Smartbar\Application\Smartbar.Resources.AutomaticUpdates.dll
MOD - [2012/07/25 12:19:06 | 000,079,192 | ---- | M] () -- C:\Documents and Settings\Jean-Claude Houdry\Local Settings\Application Data\Smartbar\Application\Smartbar.Personalization.BusinessLogic.dll
MOD - [2012/07/25 12:19:06 | 000,015,704 | ---- | M] () -- C:\Documents and Settings\Jean-Claude Houdry\Local Settings\Application Data\Smartbar\Application\Smartbar.Personalization.Common.dll
MOD - [2012/07/25 12:18:58 | 000,018,264 | ---- | M] () -- C:\Documents and Settings\Jean-Claude Houdry\Local Settings\Application Data\Smartbar\Application\Smartbar.Infrastructure.Utilities.dll
MOD - [2012/07/25 12:18:54 | 000,054,616 | ---- | M] () -- C:\Documents and Settings\Jean-Claude Houdry\Local Settings\Application Data\Smartbar\Application\Smartbar.Infrastructure.Plugins.InternetExplorerLocalPlugin.dll
MOD - [2012/07/25 12:18:48 | 000,012,120 | ---- | M] () -- C:\Documents and Settings\Jean-Claude Houdry\Local Settings\Application Data\Smartbar\Application\Smartbar.Infrastructure.EventManager.dll
MOD - [2012/07/25 12:18:46 | 000,031,064 | ---- | M] () -- C:\Documents and Settings\Jean-Claude Houdry\Local Settings\Application Data\Smartbar\Application\Smartbar.Infrastructure.Core.dll
MOD - [2012/07/25 12:18:46 | 000,012,632 | ---- | M] () -- C:\Documents and Settings\Jean-Claude Houdry\Local Settings\Application Data\Smartbar\Application\Smartbar.Infrastructure.BusinessEntities.dll
MOD - [2012/07/25 12:18:44 | 000,013,144 | ---- | M] () -- C:\Documents and Settings\Jean-Claude Houdry\Local Settings\Application Data\Smartbar\Application\Smartbar.GUI.Multimedia.Loader.dll
MOD - [2012/07/25 12:18:40 | 001,276,760 | ---- | M] () -- C:\Documents and Settings\Jean-Claude Houdry\Local Settings\Application Data\Smartbar\Application\Smartbar.GUI.MainClient.dll
MOD - [2012/07/25 12:18:40 | 000,080,728 | ---- | M] () -- C:\Documents and Settings\Jean-Claude Houdry\Local Settings\Application Data\Smartbar\Application\Smartbar.GUI.Docking.dll
MOD - [2012/07/25 12:18:38 | 000,565,592 | ---- | M] () -- C:\Documents and Settings\Jean-Claude Houdry\Local Settings\Application Data\Smartbar\Application\Smartbar.GUI.Controls.dll
MOD - [2012/07/25 12:17:18 | 000,046,936 | ---- | M] () -- C:\Documents and Settings\Jean-Claude Houdry\Local Settings\Application Data\Smartbar\Application\MACTrackBarLib.dll
MOD - [2012/07/25 12:17:10 | 000,034,648 | ---- | M] () -- C:\Documents and Settings\Jean-Claude Houdry\Local Settings\Application Data\Smartbar\Application\fr\Smartbar.Resources.LanguageSettings.resources.dll
MOD - [2012/06/24 16:19:24 | 000,910,680 | ---- | M] () -- C:\WINDOWS\assembly\GAC_32\System.Data.SQLite\1.0.66.0__db937bc2d44ff139\System.Data.SQLite.dll
MOD - [2012/06/24 16:19:23 | 008,013,664 | ---- | M] () -- C:\WINDOWS\assembly\GAC\Microsoft.mshtml\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.mshtml.dll
MOD - [2012/06/24 16:19:22 | 000,145,240 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Interop.SHDocVw\1.1.0.0__84542ff99aed6a4d\Interop.SHDocVw.dll
MOD - [2012/06/22 03:05:42 | 009,683,456 | ---- | M] () -- C:\Program Files\SEO Soft\seosoft.exe
MOD - [2012/04/26 20:34:48 | 000,224,920 | ---- | M] () -- C:\Program Files\Macrium\Reflect\ReflectService.exe
MOD - [2011/10/15 09:45:38 | 000,311,296 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_fr_b77a5c561934e089\mscorlib.resources.dll
MOD - [2011/10/15 09:45:37 | 000,212,992 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.resources\2.0.0.0_fr_b77a5c561934e089\System.resources.dll
MOD - [2011/10/15 09:45:36 | 000,430,080 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Windows.Forms.resources\2.0.0.0_fr_b77a5c561934e089\System.Windows.Forms.resources.dll
MOD - [2011/10/12 07:41:45 | 001,840,128 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web.Services\1dad08772eb89d48a8a0cfe9b0467eb0\System.Web.Services.ni.dll
MOD - [2011/10/12 07:41:34 | 011,791,360 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web\50ea744ffc3cb7f09b027fd6c5c93b2b\System.Web.ni.dll
MOD - [2011/10/12 07:41:29 | 000,627,200 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Transactions\12903c3843fe923d1977801ffa3cf26c\System.Transactions.ni.dll
MOD - [2011/10/12 07:41:23 | 000,997,888 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Management\894d87c08a9a5b5923e7104055a616d2\System.Management.ni.dll
MOD - [2011/10/12 07:41:21 | 000,627,712 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\5f9cd5bfebcb94175d440ebab3aa412f\System.EnterpriseServices.ni.dll
MOD - [2011/10/12 07:40:46 | 001,711,104 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\5b3d048d8c003d743ea5e72caf07773a\Microsoft.VisualBasic.ni.dll
MOD - [2011/10/12 07:40:40 | 000,220,672 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\CustomMarshalers\e148983beeb0f30918b0564849a16456\CustomMarshalers.ni.dll
MOD - [2011/10/12 07:40:39 | 000,676,352 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Security\0418eb6dbffe9b46aa4c989153d6a3b5\System.Security.ni.dll
MOD - [2011/10/12 07:40:37 | 000,970,752 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\cb4cb21d14767292e079366a5d3d76cd\System.Configuration.ni.dll
MOD - [2011/10/12 07:40:33 | 000,025,600 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Accessibility\c2af7cfbb47c077029a2645930b4eeac\Accessibility.ni.dll
MOD - [2011/10/12 07:38:47 | 005,449,728 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\36f3953f24d4f0b767bf172331ad6f3e\System.Xml.ni.dll
MOD - [2011/10/12 07:38:43 | 012,428,800 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\9a254c455892c02355ab0ab0f0727c5b\System.Windows.Forms.ni.dll
MOD - [2011/10/12 07:38:35 | 001,587,200 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\6978f2e90f13bc720d57fa6895c911e2\System.Drawing.ni.dll
MOD - [2011/10/12 07:38:26 | 006,614,016 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Data\0b40341027c01716cec1dd97592698e0\System.Data.ni.dll
MOD - [2011/10/12 07:37:51 | 007,867,392 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\aa7926460a336408c8041330ad90929d\System.ni.dll
MOD - [2011/10/12 07:37:47 | 011,485,184 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\9adb89fa22fd5b4ce433b5aca7fb1b07\mscorlib.ni.dll
MOD - [2011/10/12 07:34:14 | 002,933,248 | ---- | M] () -- C:\WINDOWS\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
MOD - [2011/10/12 07:34:09 | 000,303,104 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
MOD - [2011/10/12 07:34:07 | 000,261,632 | ---- | M] () -- C:\WINDOWS\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
MOD - [2011/10/12 07:34:02 | 000,069,120 | ---- | M] () -- C:\WINDOWS\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
MOD - [2011/09/27 08:23:00 | 000,087,912 | ---- | M] () -- C:\Program Files\Fichiers communs\Apple\Apple Application Support\zlib1.dll
MOD - [2011/09/27 08:22:40 | 001,242,472 | ---- | M] () -- C:\Program Files\Fichiers communs\Apple\Apple Application Support\libxml2.dll
MOD - [2011/05/18 09:29:17 | 000,985,088 | ---- | M] () -- C:\Program Files\OpenOffice.org 3\program\libxml2.dll
MOD - [2010/11/25 21:41:00 | 000,270,336 | ---- | M] () -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
MOD - [2010/11/17 17:45:10 | 001,007,616 | ---- | M] () -- C:\Program Files\Extensis\Suitcase Fusion 3\libxml2.2.6.24.dll
MOD - [2010/11/17 17:45:10 | 000,901,120 | ---- | M] () -- C:\Program Files\Extensis\Suitcase Fusion 3\iconv-1.9.2.dll
MOD - [2010/11/17 17:45:10 | 000,007,168 | ---- | M] () -- C:\Program Files\Extensis\Suitcase Fusion 3\libcharset.dll
MOD - [2010/03/16 12:22:12 | 000,014,848 | ---- | M] () -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\AxInterop.WBOCXLib.dll
MOD - [2010/03/04 23:38:00 | 000,071,096 | ---- | M] () -- C:\Program Files\CDBurnerXP\NMSAccessU.exe
MOD - [2010/01/21 01:52:14 | 000,167,528 | ---- | M] () -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
MOD - [2010/01/21 01:52:12 | 000,370,792 | ---- | M] () -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
MOD - [2010/01/21 01:52:06 | 000,565,864 | ---- | M] () -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\SpecialCase.dll
MOD - [2010/01/21 01:51:28 | 000,062,568 | ---- | M] () -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nv_common.dll
MOD - [2009/09/22 23:32:14 | 000,124,112 | ---- | M] () -- C:\Program Files\Druide\Antidote 7\Programmes32\LibrairiesQt\imageformats\qjpeg4.dll
MOD - [2009/09/22 23:32:12 | 000,026,832 | ---- | M] () -- C:\Program Files\Druide\Antidote 7\Programmes32\LibrairiesQt\imageformats\qgif4.dll
MOD - [2009/09/22 23:32:08 | 000,330,448 | ---- | M] () -- C:\Program Files\Druide\Antidote 7\Programmes32\libQtXmlDruide32_7.dll
MOD - [2009/09/22 23:32:06 | 006,735,568 | ---- | M] () -- C:\Program Files\Druide\Antidote 7\Programmes32\libQtGuiDruide32_7.dll
MOD - [2009/09/22 23:32:06 | 000,611,536 | ---- | M] () -- C:\Program Files\Druide\Antidote 7\Programmes32\libQtNetworkDruide32_7.dll
MOD - [2009/09/22 23:32:04 | 001,918,672 | ---- | M] () -- C:\Program Files\Druide\Antidote 7\Programmes32\libQtCoreDruide32_7.dll
MOD - [2007/08/17 15:13:20 | 000,364,192 | ---- | M] () -- C:\WINDOWS\system32\ATWTUSB.EXE
MOD - [2006/11/06 10:42:24 | 000,036,864 | ---- | M] () -- C:\Program Files\MyInk\My Ink Resident.exe
MOD - [2006/10/23 01:51:04 | 003,407,872 | ---- | M] () -- c:\Program Files\Adobe\Acrobat 8.0\Acrobat\ExLang32.FRA
MOD - [2006/10/23 01:29:12 | 000,012,800 | ---- | M] () -- C:\Program Files\Adobe\Acrobat 8.0\Acrobat\plug_ins\XPS2PDF.FRA
MOD - [2006/10/23 01:29:06 | 000,176,128 | ---- | M] () -- C:\Program Files\Adobe\Acrobat 8.0\Acrobat\plug_ins\TouchUp.FRA
MOD - [2006/10/23 01:29:02 | 000,143,360 | ---- | M] () -- C:\Program Files\Adobe\Acrobat 8.0\Acrobat\plug_ins\WebPDF.fra
MOD - [2006/10/23 01:28:58 | 000,049,152 | ---- | M] () -- C:\Program Files\Adobe\Acrobat 8.0\Acrobat\plug_ins\Weblink.FRA
MOD - [2006/10/23 01:28:46 | 000,005,120 | ---- | M] () -- C:\Program Files\Adobe\Acrobat 8.0\Acrobat\plug_ins\updater.FRA
MOD - [2006/10/23 01:28:42 | 000,016,384 | ---- | M] () -- C:\Program Files\Adobe\Acrobat 8.0\Acrobat\plug_ins\tablepicker.FRA
MOD - [2006/10/23 01:28:30 | 000,036,864 | ---- | M] () -- C:\Program Files\Adobe\Acrobat 8.0\Acrobat\plug_ins\Spelling.FRA
MOD - [2006/10/23 01:28:24 | 000,026,112 | ---- | M] () -- C:\Program Files\Adobe\Acrobat 8.0\Acrobat\plug_ins\SendMail.fra
MOD - [2006/10/23 01:28:14 | 000,012,288 | ---- | M] () -- C:\Program Files\Adobe\Acrobat 8.0\Acrobat\plug_ins\Search5.FRA
MOD - [2006/10/23 01:28:08 | 000,053,248 | ---- | M] () -- C:\Program Files\Adobe\Acrobat 8.0\Acrobat\plug_ins\Search.FRA
MOD - [2006/10/23 01:28:00 | 000,966,656 | ---- | M] () -- C:\Program Files\Adobe\Acrobat 8.0\Acrobat\plug_ins\PPKLITE.FRA
MOD - [2006/10/23 01:28:00 | 000,102,400 | ---- | M] () -- C:\Program Files\Adobe\Acrobat 8.0\Acrobat\plug_ins\Scan.FRA
MOD - [2006/10/23 01:27:52 | 000,019,456 | ---- | M] () -- C:\Program Files\Adobe\Acrobat 8.0\Acrobat\plug_ins\saveasxml.FRA
MOD - [2006/10/23 01:27:48 | 000,028,672 | ---- | M] () -- C:\Program Files\Adobe\Acrobat 8.0\Acrobat\plug_ins\SaveAsRTF.fra
MOD - [2006/10/23 01:27:36 | 000,008,704 | ---- | M] () -- C:\Program Files\Adobe\Acrobat 8.0\Acrobat\plug_ins\Reflow.fra
MOD - [2006/10/23 01:27:32 | 000,013,312 | ---- | M] () -- C:\Program Files\Adobe\Acrobat 8.0\Acrobat\plug_ins\ReadOutLoud.FRA
MOD - [2006/10/23 01:27:08 | 000,045,056 | ---- | M] () -- C:\Program Files\Adobe\Acrobat 8.0\Acrobat\plug_ins\PaperCapture.FRA
MOD - [2006/10/23 01:27:08 | 000,011,264 | ---- | M] () -- C:\Program Files\Adobe\Acrobat 8.0\Acrobat\plug_ins\pddom.FRA
MOD - [2006/10/23 01:26:58 | 000,159,744 | ---- | M] () -- C:\Program Files\Adobe\Acrobat 8.0\Acrobat\plug_ins\Multimedia.FRA
MOD - [2006/10/23 01:26:50 | 000,245,760 | ---- | M] () -- C:\Program Files\Adobe\Acrobat 8.0\Acrobat\plug_ins\JDFProdDef.FRA
MOD - [2006/10/23 01:26:44 | 000,086,016 | ---- | M] () -- C:\Program Files\Adobe\Acrobat 8.0\Acrobat\plug_ins\makeaccessible.FRA
MOD - [2006/10/23 01:26:22 | 000,102,400 | ---- | M] () -- C:\Program Files\Adobe\Acrobat 8.0\Acrobat\plug_ins\ImageConversion.FRA
MOD - [2006/10/23 01:26:16 | 000,061,440 | ---- | M] () -- C:\Program Files\Adobe\Acrobat 8.0\Acrobat\plug_ins\Html2PDF.fra
MOD - [2006/10/23 01:26:10 | 000,013,312 | ---- | M] () -- C:\Program Files\Adobe\Acrobat 8.0\Acrobat\plug_ins\Hls.fra
MOD - [2006/10/23 01:25:46 | 000,098,304 | ---- | M] () -- C:\Program Files\Adobe\Acrobat 8.0\Acrobat\plug_ins\EScript.fra
MOD - [2006/10/23 01:25:46 | 000,006,656 | ---- | M] () -- C:\Program Files\Adobe\Acrobat 8.0\Acrobat\plug_ins\EWH32.FRA
MOD - [2006/10/23 01:25:44 | 001,216,512 | ---- | M] () -- C:\Program Files\Adobe\Acrobat 8.0\Acrobat\plug_ins\Annots.FRA
MOD - [2006/10/23 01:25:36 | 000,233,472 | ---- | M] () -- C:\Program Files\Adobe\Acrobat 8.0\Acrobat\plug_ins\Editor.FRA
MOD - [2006/10/23 01:25:20 | 000,028,672 | ---- | M] () -- C:\Program Files\Adobe\Acrobat 8.0\Acrobat\plug_ins\eBook.FRA
MOD - [2006/10/23 01:25:08 | 000,221,184 | ---- | M] () -- C:\Program Files\Adobe\Acrobat 8.0\Acrobat\plug_ins\DigSig.FRA
MOD - [2006/10/23 01:24:42 | 000,015,872 | ---- | M] () -- C:\Program Files\Adobe\Acrobat 8.0\Acrobat\plug_ins\DistillerPI.FRA
MOD - [2006/10/23 01:24:08 | 000,196,608 | ---- | M] () -- C:\Program Files\Adobe\Acrobat 8.0\Acrobat\plug_ins\Checkers.FRA
MOD - [2006/10/23 01:23:44 | 000,053,248 | ---- | M] () -- C:\Program Files\Adobe\Acrobat 8.0\Acrobat\plug_ins\Catalog.FRA
MOD - [2006/10/23 01:23:22 | 000,009,728 | ---- | M] () -- C:\Program Files\Adobe\Acrobat 8.0\Acrobat\plug_ins\ADBC.FRA
MOD - [2006/10/23 01:23:12 | 000,806,912 | ---- | M] () -- C:\Program Files\Adobe\Acrobat 8.0\Acrobat\plug_ins\Acroform.FRA
MOD - [2006/10/23 01:14:26 | 000,081,920 | ---- | M] () -- C:\Program Files\Adobe\Acrobat 8.0\Acrobat\plug_ins\accessibility.FRA
MOD - [2006/10/23 00:11:30 | 000,921,600 | ---- | M] () -- C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AdistRes.FRA
MOD - [2006/10/01 21:49:16 | 000,389,120 | ---- | M] () -- C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AdobeXMP.dll
MOD - [2006/08/31 09:28:18 | 000,008,192 | R--- | M] () -- C:\Program Files\Adobe\Acrobat 8.0\Acrobat\plug_ins\InDesignPI.FRA
MOD - [2004/08/04 00:54:34 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Unknown] -- C:\Program Files\AVAST Software\Avast\afwServ.exe -- (avast! Firewall)
SRV - [2012/08/16 21:19:34 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/07/19 07:59:50 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/07/16 16:31:32 | 002,673,064 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe -- (TeamViewer7)
SRV - [2012/07/03 18:21:29 | 000,044,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2012/07/03 13:46:44 | 000,655,944 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012/06/07 14:34:43 | 000,072,704 | ---- | M] (Adobe Systems) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe -- (Adobe LM Service)
SRV - [2012/04/26 20:34:48 | 000,224,920 | ---- | M] () [Auto | Running] -- C:\Program Files\Macrium\Reflect\ReflectService.exe -- (ReflectService.exe)
SRV - [2011/11/25 16:36:00 | 000,311,928 | ---- | M] (CybelSoft) [On_Demand | Stopped] -- C:\Program Files\ma-config.com\maconfservice.exe -- (maconfservice)
SRV - [2011/10/09 17:02:32 | 000,055,144 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2011/06/14 21:40:48 | 000,088,688 | ---- | M] (VIA Technologies, Inc.) [Auto | Running] -- C:\WINDOWS\system32\KaraokeSer.exe -- (KaraokeService)
SRV - [2011/04/21 19:26:11 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Running] -- C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2011/04/15 11:43:20 | 002,280,312 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe -- (TeamViewer6)
SRV - [2010/07/04 20:07:40 | 000,238,952 | ---- | M] (Teruten) [Auto | Running] -- C:\WINDOWS\system32\FsUsbExService.Exe -- (FsUsbExService)
SRV - [2010/03/04 23:38:00 | 000,071,096 | ---- | M] () [Auto | Running] -- C:\Program Files\CDBurnerXP\NMSAccessU.exe -- (NMSAccess)
SRV - [2010/01/21 01:52:14 | 000,167,528 | ---- | M] () [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe -- (nSvcIp)
SRV - [2010/01/15 14:49:20 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService)
SRV - [2007/08/17 15:13:20 | 000,364,192 | ---- | M] () [Auto | Running] -- C:\WINDOWS\system32\ATWTUSB.EXE -- (WTService)
SRV - [2007/03/20 16:41:24 | 000,153,792 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe -- (Adobe Version Cue CS3)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - [2012/07/03 18:21:54 | 000,054,232 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2012/07/03 18:21:53 | 000,721,000 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2012/07/03 18:21:53 | 000,353,688 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2012/07/03 18:21:53 | 000,097,608 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2012/07/03 18:21:53 | 000,035,928 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2012/07/03 18:21:53 | 000,021,256 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2012/07/03 18:21:52 | 000,025,256 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2012/07/03 13:46:44 | 000,022,344 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2012/07/02 12:23:04 | 000,025,088 | ---- | M] (TeamViewer GmbH) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\teamviewervpn.sys -- (teamviewervpn)
DRV - [2012/04/26 20:35:02 | 000,016,024 | ---- | M] (Macrium Software) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\pssnap.sys -- (pssnap)
DRV - [2012/03/07 01:02:43 | 000,024,408 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswKbd.sys -- (aswKbd)
DRV - [2011/11/04 21:33:18 | 000,296,592 | ---- | M] (EldoS Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\cbfs3.sys -- (cbfs3)
DRV - [2011/09/02 08:31:28 | 000,039,192 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LMouFilt.Sys -- (LMouFilt)
DRV - [2011/09/02 08:31:28 | 000,030,360 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LUsbFilt.sys -- (LUsbFilt)
DRV - [2011/09/02 08:31:20 | 000,041,240 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LHidFilt.Sys -- (LHidFilt)
DRV - [2011/09/02 08:30:58 | 000,012,184 | ---- | M] (Logitech, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\LBeepKE.sys -- (LBeepKE)
DRV - [2011/07/29 13:54:56 | 000,013,192 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\epmntdrv.sys -- (epmntdrv)
DRV - [2011/07/29 13:54:56 | 000,008,456 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\EuGdiDrv.sys -- (EuGdiDrv)
DRV - [2011/07/21 19:55:50 | 000,016,640 | ---- | M] (CybelSoft) [Kernel | On_Demand | Stopped] -- C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys -- (driverhardwarev2)
DRV - [2010/11/26 06:17:40 | 005,555,712 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2010/06/14 10:32:54 | 000,036,608 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\FsUsbExDisk.Sys -- (FsUsbExDisk)
DRV - [2010/05/15 13:11:40 | 002,136,224 | R--- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\viahduaa.sys -- (VIAHdAudAddService)
DRV - [2010/04/27 04:25:12 | 000,123,776 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_mdm.sys -- (ss_mdm)
DRV - [2010/04/27 04:25:12 | 000,098,560 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_bus.sys -- (ss_bus)
DRV - [2010/04/27 04:25:12 | 000,014,848 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_mdfl.sys -- (ss_mdfl)
DRV - [2010/04/08 20:30:10 | 000,168,040 | R--- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\nvgts.sys -- (nvgts)
DRV - [2010/03/04 12:02:10 | 000,013,824 | R--- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus)
DRV - [2010/03/04 12:02:08 | 000,070,912 | R--- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD)
DRV - [2009/11/12 14:48:56 | 000,005,504 | ---- | M] () [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\StarOpen.sys -- (StarOpen)
DRV - [2009/06/15 13:45:36 | 000,102,656 | R--- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ewusbfake.sys -- (hwusbfake)
DRV - [2009/06/15 13:45:36 | 000,102,400 | R--- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ewusbmdm.sys -- (hwdatacard)
DRV - [2008/02/20 04:52:54 | 000,034,688 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\pcampr5.sys -- (PCAMPR5)
DRV - [2008/02/20 04:52:54 | 000,032,128 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\pcandis5.sys -- (PCANDIS5)
DRV - [2007/04/16 17:46:34 | 000,033,792 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdPPM.sys -- (AmdPPM)
DRV - [2006/03/01 19:37:32 | 000,217,088 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sis163u.sys -- (SIS163u)
DRV - [2004/08/13 04:56:20 | 000,005,810 | R--- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ASACPI.sys -- (MTsensor)
DRV - [2001/08/17 21:53:26 | 000,010,880 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\scsiscan.sys -- (scsiscan)
DRV - [1998/08/25 11:04:04 | 000,024,032 | R--- | M] (Advanced System Products, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\Ntaspi32.sys -- (Ntaspi32)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {006ee092-9658-4fd6-bd8e-a21a348e59f5}
IE - HKLM\..\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}: "URL" = http://feed.helperbar.com/?publisher=OP ... c=lnkry&q={searchTerms}


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-1085031214-1993962763-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKU\S-1-5-21-1085031214-1993962763-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://feed.helperbar.com/?publisher=OP ... c=lnkry&q={searchTerms}
IE - HKU\S-1-5-21-1085031214-1993962763-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://feed.helperbar.com/?publisher=OP ... c=lnkry&q={searchTerms}
IE - HKU\S-1-5-21-1085031214-1993962763-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-1085031214-1993962763-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://feed.helperbar.com/?publisher=OP ... c=lnkry_nt
IE - HKU\S-1-5-21-1085031214-1993962763-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://fr.msn.com/?ocid=iehp
IE - HKU\S-1-5-21-1085031214-1993962763-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = fr
IE - HKU\S-1-5-21-1085031214-1993962763-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = DC C3 F5 3C 03 07 CC 01 [binary data]
IE - HKU\S-1-5-21-1085031214-1993962763-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://feed.helperbar.com/?publisher=OP ... c=lnkry&q={searchTerms}
IE - HKU\S-1-5-21-1085031214-1993962763-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://feed.helperbar.com/?publisher=OP ... c=lnkry&q={searchTerms}
IE - HKU\S-1-5-21-1085031214-1993962763-725345543-1003\..\SearchScopes,DefaultScope = {006ee092-9658-4fd6-bd8e-a21a348e59f5}
IE - HKU\S-1-5-21-1085031214-1993962763-725345543-1003\..\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}: "URL" = http://feed.helperbar.com/?publisher=OP ... c=lnkry&q={searchTerms}
IE - HKU\S-1-5-21-1085031214-1993962763-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1085031214-1993962763-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "about:home"
FF - prefs.js..keyword.URL: "http://feed.helperbar.com/?publisher=OPENCANDY&dpid=OPENCANDYAPRIL&co=FR&userid=457fe700-b350-43bc-b168-7c9d0a408ab4&affid=111583&searchtype=ds&babsrc=lnkry&q="
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_3_300_271.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@canon.com/MycameraPlugin: C:\Program Files\Canon\MyCamera Download Plugin\NPCIG.dll (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_32: C:\WINDOWS\system32\npdeployJava1.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@ma-config.com/HardwareDetection: C:\Program Files\ma-config.com\nphardwaredetection.dll (Cybelsoft)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.2: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\Jean-Claude Houdry\Local Settings\Application Data\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\Jean-Claude Houdry\Local Settings\Application Data\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012/07/15 06:01:35 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{3112ca9c-de6d-4884-a869-9855de68056c}: C:\Documents and Settings\All Users\Application Data\Google\Toolbar for Firefox\{3112ca9c-de6d-4884-a869-9855de68056c} [2011/06/29 15:07:01 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/07/19 07:59:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/07/12 18:37:41 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Sunbird 1.0b1\extensions\\Components: C:\Program Files\Mozilla Sunbird\components [2012/07/12 18:36:37 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Sunbird 1.0b1\extensions\\Plugins: C:\Program Files\Mozilla Sunbird\plugins [2012/07/12 18:37:42 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 14.0\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2012/08/17 19:53:00 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 14.0\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins

[2011/12/02 09:41:38 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Jean-Claude Houdry\Application Data\Mozilla\Extensions
[2011/05/04 10:20:01 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Jean-Claude Houdry\Application Data\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2011/12/02 09:41:38 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Jean-Claude Houdry\Application Data\Mozilla\Extensions\{718e30fb-e89b-41dd-9da7-e25a45638b28}
[2012/08/19 10:42:27 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Jean-Claude Houdry\Application Data\Mozilla\Firefox\Profiles\bkm7uswq.default\extensions
[2012/08/19 10:42:27 | 000,000,000 | ---D | M] (iMacros for Firefox) -- C:\Documents and Settings\Jean-Claude Houdry\Application Data\Mozilla\Firefox\Profiles\bkm7uswq.default\extensions\{81BF1D23-5F17-408D-AC6B-BD6DF7CAF670}
[2012/03/16 10:38:33 | 000,000,000 | ---D | M] (Cookies Manager+) -- C:\Documents and Settings\Jean-Claude Houdry\Application Data\Mozilla\Firefox\Profiles\bkm7uswq.default\extensions\{bb6bc1bb-f824-4702-90cd-35e2fb24f25d}
[2012/08/17 17:46:59 | 000,000,000 | ---D | M] (FlashFirebug) -- C:\Documents and Settings\Jean-Claude Houdry\Application Data\Mozilla\Firefox\Profiles\bkm7uswq.default\extensions\flashfirebug@o-minds.com
[2012/01/18 06:45:07 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Jean-Claude Houdry\Application Data\Mozilla\Sunbird\Profiles\qert8fg3.default\extensions
[2012/01/18 06:43:09 | 000,000,000 | ---D | M] (ReminderFox) -- C:\Documents and Settings\Jean-Claude Houdry\Application Data\Mozilla\Sunbird\Profiles\qert8fg3.default\extensions\{ada4b710-8346-4b82-8199-5de2b400a6ae}
[2012/07/25 15:59:08 | 000,002,474 | ---- | M] () -- C:\Documents and Settings\Jean-Claude Houdry\Application Data\Mozilla\Firefox\Profiles\bkm7uswq.default\searchplugins\Web Search.xml
[2012/06/21 17:06:59 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012/03/16 10:38:32 | 000,025,332 | ---- | M] () (No name found) -- C:\DOCUMENTS AND SETTINGS\JEAN-CLAUDE HOUDRY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\BKM7USWQ.DEFAULT\EXTENSIONS\{8F6A6FD9-0619-459F-B9D0-81DE065D4E21}.XPI
[2012/01/25 09:05:34 | 000,085,264 | ---- | M] () (No name found) -- C:\DOCUMENTS AND SETTINGS\JEAN-CLAUDE HOUDRY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\BKM7USWQ.DEFAULT\EXTENSIONS\FIREFORM@MOZILLA.ORG.XPI
[2012/07/15 06:01:35 | 000,000,000 | ---D | M] (avast! WebRep) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF
[2012/05/18 18:28:18 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2012/07/19 07:59:51 | 000,136,672 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll

========== Chrome ==========

CHR - homepage: http://www.google.com/
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}
CHR - homepage: http://www.google.com/
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Documents and Settings\Jean-Claude Houdry\Local Settings\Application Data\Google\Chrome\Application\21.0.1180.79\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Documents and Settings\Jean-Claude Houdry\Local Settings\Application Data\Google\Chrome\Application\21.0.1180.79\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Documents and Settings\Jean-Claude Houdry\Local Settings\Application Data\Google\Chrome\Application\21.0.1180.79\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.300.12 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U30 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll
CHR - plugin: DivX Plus Web Player (Enabled) = C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.2.183.13\npGoogleOneClick8.dll
CHR - plugin: VLC Multimedia Plug-in (Enabled) = C:\Program Files\VideoLAN\VLC\npvlc.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Ma-Config.com plugin (Enabled) = C:\Program Files\ma-config.com\nphardwaredetection.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: YouTube = C:\Documents and Settings\Jean-Claude Houdry\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: YouTube = C:\Documents and Settings\Jean-Claude Houdry\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2_0\
CHR - Extension: Recherche Google = C:\Documents and Settings\Jean-Claude Houdry\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.14_0\
CHR - Extension: Recherche Google = C:\Documents and Settings\Jean-Claude Houdry\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: uTorrentBar_FR = C:\Documents and Settings\Jean-Claude Houdry\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\paoponfhfdfnjgddpnpjkambkcgdaaib\2.3.11.0_0\
CHR - Extension: uTorrentBar_FR = C:\Documents and Settings\Jean-Claude Houdry\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\paoponfhfdfnjgddpnpjkambkcgdaaib\2.3.15.10_0\
CHR - Extension: Gmail = C:\Documents and Settings\Jean-Claude Houdry\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\6.1.3_0\
CHR - Extension: Gmail = C:\Documents and Settings\Jean-Claude Houdry\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2001/08/28 14:00:00 | 000,000,790 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Aide pour le lien d'Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Virtual Storage Mount Notification) - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\WINDOWS\system32\CbFsMntNtf3.dll (EldoS Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKU\S-1-5-21-1085031214-1993962763-725345543-1003\..\Toolbar\ShellBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKU\S-1-5-21-1085031214-1993962763-725345543-1003\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [Adobe_ID0EYTHM] C:\Program Files\Fichiers communs\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3Tray.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [agentantidote.exe] C:\Program Files\Druide\Antidote 7\Programmes32\agentantidote.exe (Druide informatique inc.)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Fichiers communs\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [ColorPix] C:\Documents and Settings\Jean-Claude Houdry\Mes documents\Téléchargements\ColorPix.exe ()
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [NPSStartup] File not found
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
O4 - HKU\S-1-5-21-1085031214-1993962763-725345543-1003..\Run: [Browser Infrastructure Helper] C:\Documents and Settings\Jean-Claude Houdry\Local Settings\Application Data\Smartbar\Application\Linkury.exe (Smartbar)
O4 - HKU\S-1-5-21-1085031214-1993962763-725345543-1003..\Run: [ccleaner] C:\Program Files\CCleaner\CCleaner.exe (Piriform Ltd)
O4 - HKU\S-1-5-21-1085031214-1993962763-725345543-1003..\Run: [DisplayFusion] C:\Program Files\DisplayFusion\DisplayFusion.exe (Binary Fortress Software)
O4 - HKU\S-1-5-21-1085031214-1993962763-725345543-1003..\Run: [FMCore.exe] C:\Program Files\Extensis\Suitcase Fusion 3\FMCore.exe (Extensis a division of Celartem, Inc.)
O4 - HKU\S-1-5-21-1085031214-1993962763-725345543-1003..\Run: [SEO Soft] C:\Program Files\SEO Soft\seosoft.exe ()
O4 - HKU\S-1-5-21-1085031214-1993962763-725345543-1003..\Run: [uTorrent] C:\Program Files\uTorrent\uTorrent.exe (BitTorrent, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AdobeCollabSync.exe ()
O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Lancement rapide d'Adobe Acrobat.lnk = C:\WINDOWS\Installer\{AC76BA86-1033-F400-7760-000000000003}\_SC_Acrobat.exe ()
O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe (McAfee, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\My Ink Resident.lnk = C:\Program Files\MyInk\My Ink Resident.exe ()
O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE (WinZip Computing, S.L.)
O4 - Startup: C:\Documents and Settings\Jean-Claude Houdry\Menu Démarrer\Programmes\Démarrage\Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
O4 - Startup: C:\Documents and Settings\Jean-Claude Houdry\Menu Démarrer\Programmes\Démarrage\OpenOffice.org 3.3.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1085031214-1993962763-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Ajouter au fichier PDF existant - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convertir en Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convertir la cible du lien en Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convertir la cible du lien en un fichier PDF existant - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convertir la sélection en Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convertir la sélection en un fichier PDF existant - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convertir les liens sélectionnés en fichier Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convertir les liens sélectionnés en un fichier PDF existant - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O9 - Extra Button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll ()
O9 - Extra 'Tools' menuitem : Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll ()
O9 - Extra Button: FlashCapture - {753BBC4B-CC73-4fb8-A5B5-CA09C804C1DD} - res://C:\Program Files\Flash Capture\fciext.dll/FCIEXT.htm File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKU\S-1-5-21-1085031214-1993962763-725345543-1003\..Trusted Domains: ([]msn in My Computer)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_32)
O16 - DPF: {CAFEEFAC-0016-0000-0032-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_32)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_32)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7309E453-4692-4396-9063-E034D07DD5C8}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\vnd.ms.radio {3DA2AA3B-3D96-11D2-9BD2-204C4F4F5020} - C:\WINDOWS\system32\msdxm.ocx (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O21 - SSODL: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\WINDOWS\system32\CbFsMntNtf3.dll (EldoS Corporation)
O22 - SharedTaskScheduler: {5FF49FE8-B332-4CB9-B102-FB6951629E55} - Virtual Storage Mount Notification - C:\WINDOWS\system32\CbFsMntNtf3.dll (EldoS Corporation)
O24 - Desktop Components:0 () - C:\Documents and Settings\Jean-Claude Houdry\Mes documents\Perso\Fond écran\Saint-Céré_2011.jpg
O24 - Desktop Components:1 () - C:\Documents and Settings\Jean-Claude Houdry\Mes documents\Perso\Fond écran\Nieul-sur-mer-2011.jpg
O24 - Desktop Components:2 () - C:\Documents and Settings\Jean-Claude Houdry\Mes documents\Perso\Fond écran\verzy-03_recadre.jpg
O24 - Desktop Components:3 () - C:\Documents and Settings\Jean-Claude Houdry\Mes documents\Perso\Fond écran\chenay-02_rcadre.jpg
O24 - Desktop Components:4 () - C:\Documents and Settings\Jean-Claude Houdry\Mes documents\Perso\Fond écran\chenay-01.JPG
O24 - Desktop Components:5 (Ma page d'accueil) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Jean-Claude Houdry\Application Data\DisplayFusion\Wallpaper_2.bmp
O24 - Desktop BackupWallPaper:
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011/04/21 18:28:32 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{5dbe46dc-6c72-11e0-964b-806d6172696f}\Shell - "" = AutoRun
O33 - MountPoints2\{5dbe46dc-6c72-11e0-964b-806d6172696f}\Shell\AutoRun\command - "" = D:\Bin\ASSETUP.exe
O33 - MountPoints2\{979d67a8-7626-11e0-a6fe-e6a51ee88903}\Shell\AutoRun\command - "" = setupSNK.exe
O33 - MountPoints2\{979d67ac-7626-11e0-a6fe-e6a51ee88903}\Shell - "" = AutoRun
O33 - MountPoints2\{979d67ac-7626-11e0-a6fe-e6a51ee88903}\Shell\AutoRun\command - "" = F:\AutoRunCardDetector.exe
O33 - MountPoints2\{ed7f32d4-6881-11e1-9e6a-bcaec5dd538d}\Shell\AutoRun\command - "" = "F:\LaCie Setup.exe"
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

NetSvcs: 6to4 - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

CREATERESTOREPOINT
Restore point Set: OTL Restore Point
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin


... la seconde partie dans le message suivant...
Merci
Houdry
 
Messages: 6
Inscription: 21 Aoû 2012, 07:01

Re: INFECTION - Se débarrasser de Babylon

Messagede Houdry » 21 Aoû 2012, 07:39

Deuxième envoi.

Voici le rapport OTL.TXT en deux morceaux :


OTL logfile created on: 21/08/2012 07:26:19 - Run 1
OTL by OldTimer - Version 3.2.58.1 Folder = C:\Documents and Settings\Jean-Claude Houdry\Bureau
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

3,00 Gb Total Physical Memory | 2,09 Gb Available Physical Memory | 69,76% Memory free
4,84 Gb Paging File | 4,01 Gb Available in Paging File | 82,86% Paging File free
Paging file location(s): c:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 127,99 Gb Total Space | 57,27 Gb Free Space | 44,75% Space Free | Partition Type: NTFS
Drive E: | 803,52 Gb Total Space | 633,84 Gb Free Space | 78,88% Space Free | Partition Type: NTFS

Computer Name: ATELIER-REIMS | User Name: Jean-Claude Houdry | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/08/21 06:37:05 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Jean-Claude Houdry\Bureau\OTL.exe
PRC - [2012/07/25 12:18:36 | 000,019,800 | ---- | M] (Smartbar) -- C:\Documents and Settings\Jean-Claude Houdry\Local Settings\Application Data\Smartbar\Application\Linkury.exe
PRC - [2012/07/16 16:31:32 | 007,445,416 | ---- | M] (TeamViewer GmbH) -- C:\Program Files\TeamViewer\Version7\TeamViewer.exe
PRC - [2012/07/16 16:31:32 | 002,673,064 | ---- | M] (TeamViewer GmbH) -- C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe
PRC - [2012/07/16 16:22:42 | 000,106,408 | ---- | M] (TeamViewer GmbH) -- C:\Program Files\TeamViewer\Version7\tv_w32.exe
PRC - [2012/07/03 18:21:30 | 004,273,976 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2012/07/03 18:21:29 | 000,044,808 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2012/07/03 13:46:44 | 000,655,944 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012/07/03 13:46:44 | 000,462,920 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2012/06/29 16:05:44 | 000,880,496 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files\uTorrent\uTorrent.exe
PRC - [2012/06/22 03:05:42 | 009,683,456 | ---- | M] () -- C:\Program Files\SEO Soft\seosoft.exe
PRC - [2012/04/26 20:34:48 | 000,224,920 | ---- | M] () -- C:\Program Files\Macrium\Reflect\ReflectService.exe
PRC - [2012/01/18 14:02:04 | 000,254,696 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe
PRC - [2012/01/12 11:59:26 | 002,789,280 | ---- | M] (Binary Fortress Software) -- C:\Program Files\DisplayFusion\DisplayFusion.exe
PRC - [2011/10/09 17:02:32 | 000,055,144 | ---- | M] (Apple Inc.) -- C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe
PRC - [2011/06/14 21:40:48 | 000,088,688 | ---- | M] (VIA Technologies, Inc.) -- C:\WINDOWS\system32\KaraokeSer.exe
PRC - [2011/04/21 19:26:11 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) -- C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
PRC - [2011/04/15 11:43:20 | 002,280,312 | ---- | M] (TeamViewer GmbH) -- C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe
PRC - [2011/01/17 19:09:00 | 011,322,880 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\soffice.exe
PRC - [2011/01/17 19:09:00 | 011,314,688 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\soffice.bin
PRC - [2010/11/17 18:04:12 | 008,125,440 | ---- | M] (Extensis a division of Celartem, Inc.) -- C:\Program Files\Extensis\Suitcase Fusion 3\FMCore.exe
PRC - [2010/07/04 20:07:40 | 000,238,952 | ---- | M] (Teruten) -- C:\WINDOWS\system32\FsUsbExService.Exe
PRC - [2010/04/05 14:50:00 | 000,494,920 | R--- | M] (WinZip Computing, S.L.) -- C:\Program Files\WinZip\WZQKPICK.EXE
PRC - [2010/03/04 23:38:00 | 000,071,096 | ---- | M] () -- C:\Program Files\CDBurnerXP\NMSAccessU.exe
PRC - [2010/01/21 01:52:14 | 000,167,528 | ---- | M] () -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
PRC - [2010/01/21 01:52:12 | 000,370,792 | ---- | M] () -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
PRC - [2010/01/15 14:49:20 | 000,255,536 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe
PRC - [2009/10/18 07:19:30 | 000,600,256 | ---- | M] (Druide informatique inc.) -- C:\Program Files\Druide\Antidote 7\Programmes32\agentantidote.exe
PRC - [2007/08/17 15:13:20 | 000,364,192 | ---- | M] () -- C:\WINDOWS\system32\ATWTUSB.EXE
PRC - [2006/11/06 10:42:24 | 000,036,864 | ---- | M] () -- C:\Program Files\MyInk\My Ink Resident.exe
PRC - [2006/10/23 01:40:14 | 000,349,808 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrobat.exe
PRC - [2006/10/22 23:24:02 | 000,620,152 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\Adobe\Acrobat 8.0\Acrobat\acrotray.exe
PRC - [2004/08/04 00:54:50 | 001,036,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe


========== Modules (No Company Name) ==========

MOD - [2012/08/20 21:05:03 | 001,802,240 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\12082001\algo.dll
MOD - [2012/08/09 17:18:25 | 000,059,904 | ---- | M] () -- C:\Program Files\SEO Soft\zlib.dll
MOD - [2012/07/25 12:19:30 | 000,016,216 | ---- | M] () -- C:\Documents and Settings\Jean-Claude Houdry\Local Settings\Application Data\Smartbar\Application\Smartbar.Resources.Utilities.dll
MOD - [2012/07/25 12:19:26 | 000,046,936 | ---- | M] () -- C:\Documents and Settings\Jean-Claude Houdry\Local Settings\Application Data\Smartbar\Application\Smartbar.Resources.SocialNetsSharer.XmlSerializers.dll
MOD - [2012/07/25 12:19:24 | 000,024,920 | ---- | M] () -- C:\Documents and Settings\Jean-Claude Houdry\Local Settings\Application Data\Smartbar\Application\Smartbar.Resources.SocialNetsSharer.dll
MOD - [2012/07/25 12:19:24 | 000,019,288 | ---- | M] () -- C:\Documents and Settings\Jean-Claude Houdry\Local Settings\Application Data\Smartbar\Application\Smartbar.Resources.SideBySide.dll
MOD - [2012/07/25 12:19:18 | 000,013,144 | ---- | M] () -- C:\Documents and Settings\Jean-Claude Houdry\Local Settings\Application Data\Smartbar\Application\Smartbar.Resources.ProcessDownMonitor.dll
MOD - [2012/07/25 12:19:16 | 000,047,448 | ---- | M] () -- C:\Documents and Settings\Jean-Claude Houdry\Local Settings\Application Data\Smartbar\Application\Smartbar.Resources.LanguageSettings.dll
MOD - [2012/07/25 12:19:14 | 000,068,440 | ---- | M] () -- C:\Documents and Settings\Jean-Claude Houdry\Local Settings\Application Data\Smartbar\Application\Smartbar.Resources.HistoryAndStatsWrapper.dll
MOD - [2012/07/25 12:19:12 | 000,034,648 | ---- | M] () -- C:\Documents and Settings\Jean-Claude Houdry\Local Settings\Application Data\Smartbar\Application\Smartbar.Resources.AutomaticUpdates.dll
MOD - [2012/07/25 12:19:06 | 000,079,192 | ---- | M] () -- C:\Documents and Settings\Jean-Claude Houdry\Local Settings\Application Data\Smartbar\Application\Smartbar.Personalization.BusinessLogic.dll
MOD - [2012/07/25 12:19:06 | 000,015,704 | ---- | M] () -- C:\Documents and Settings\Jean-Claude Houdry\Local Settings\Application Data\Smartbar\Application\Smartbar.Personalization.Common.dll
MOD - [2012/07/25 12:18:58 | 000,018,264 | ---- | M] () -- C:\Documents and Settings\Jean-Claude Houdry\Local Settings\Application Data\Smartbar\Application\Smartbar.Infrastructure.Utilities.dll
MOD - [2012/07/25 12:18:54 | 000,054,616 | ---- | M] () -- C:\Documents and Settings\Jean-Claude Houdry\Local Settings\Application Data\Smartbar\Application\Smartbar.Infrastructure.Plugins.InternetExplorerLocalPlugin.dll
MOD - [2012/07/25 12:18:48 | 000,012,120 | ---- | M] () -- C:\Documents and Settings\Jean-Claude Houdry\Local Settings\Application Data\Smartbar\Application\Smartbar.Infrastructure.EventManager.dll
MOD - [2012/07/25 12:18:46 | 000,031,064 | ---- | M] () -- C:\Documents and Settings\Jean-Claude Houdry\Local Settings\Application Data\Smartbar\Application\Smartbar.Infrastructure.Core.dll
MOD - [2012/07/25 12:18:46 | 000,012,632 | ---- | M] () -- C:\Documents and Settings\Jean-Claude Houdry\Local Settings\Application Data\Smartbar\Application\Smartbar.Infrastructure.BusinessEntities.dll
MOD - [2012/07/25 12:18:44 | 000,013,144 | ---- | M] () -- C:\Documents and Settings\Jean-Claude Houdry\Local Settings\Application Data\Smartbar\Application\Smartbar.GUI.Multimedia.Loader.dll
MOD - [2012/07/25 12:18:40 | 001,276,760 | ---- | M] () -- C:\Documents and Settings\Jean-Claude Houdry\Local Settings\Application Data\Smartbar\Application\Smartbar.GUI.MainClient.dll
MOD - [2012/07/25 12:18:40 | 000,080,728 | ---- | M] () -- C:\Documents and Settings\Jean-Claude Houdry\Local Settings\Application Data\Smartbar\Application\Smartbar.GUI.Docking.dll
MOD - [2012/07/25 12:18:38 | 000,565,592 | ---- | M] () -- C:\Documents and Settings\Jean-Claude Houdry\Local Settings\Application Data\Smartbar\Application\Smartbar.GUI.Controls.dll
MOD - [2012/07/25 12:17:18 | 000,046,936 | ---- | M] () -- C:\Documents and Settings\Jean-Claude Houdry\Local Settings\Application Data\Smartbar\Application\MACTrackBarLib.dll
MOD - [2012/07/25 12:17:10 | 000,034,648 | ---- | M] () -- C:\Documents and Settings\Jean-Claude Houdry\Local Settings\Application Data\Smartbar\Application\fr\Smartbar.Resources.LanguageSettings.resources.dll
MOD - [2012/06/24 16:19:24 | 000,910,680 | ---- | M] () -- C:\WINDOWS\assembly\GAC_32\System.Data.SQLite\1.0.66.0__db937bc2d44ff139\System.Data.SQLite.dll
MOD - [2012/06/24 16:19:23 | 008,013,664 | ---- | M] () -- C:\WINDOWS\assembly\GAC\Microsoft.mshtml\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.mshtml.dll
MOD - [2012/06/24 16:19:22 | 000,145,240 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Interop.SHDocVw\1.1.0.0__84542ff99aed6a4d\Interop.SHDocVw.dll
MOD - [2012/06/22 03:05:42 | 009,683,456 | ---- | M] () -- C:\Program Files\SEO Soft\seosoft.exe
MOD - [2012/04/26 20:34:48 | 000,224,920 | ---- | M] () -- C:\Program Files\Macrium\Reflect\ReflectService.exe
MOD - [2011/10/15 09:45:38 | 000,311,296 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_fr_b77a5c561934e089\mscorlib.resources.dll
MOD - [2011/10/15 09:45:37 | 000,212,992 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.resources\2.0.0.0_fr_b77a5c561934e089\System.resources.dll
MOD - [2011/10/15 09:45:36 | 000,430,080 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Windows.Forms.resources\2.0.0.0_fr_b77a5c561934e089\System.Windows.Forms.resources.dll
MOD - [2011/10/12 07:41:45 | 001,840,128 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web.Services\1dad08772eb89d48a8a0cfe9b0467eb0\System.Web.Services.ni.dll
MOD - [2011/10/12 07:41:34 | 011,791,360 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web\50ea744ffc3cb7f09b027fd6c5c93b2b\System.Web.ni.dll
MOD - [2011/10/12 07:41:29 | 000,627,200 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Transactions\12903c3843fe923d1977801ffa3cf26c\System.Transactions.ni.dll
MOD - [2011/10/12 07:41:23 | 000,997,888 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Management\894d87c08a9a5b5923e7104055a616d2\System.Management.ni.dll
MOD - [2011/10/12 07:41:21 | 000,627,712 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\5f9cd5bfebcb94175d440ebab3aa412f\System.EnterpriseServices.ni.dll
MOD - [2011/10/12 07:40:46 | 001,711,104 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\5b3d048d8c003d743ea5e72caf07773a\Microsoft.VisualBasic.ni.dll
MOD - [2011/10/12 07:40:40 | 000,220,672 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\CustomMarshalers\e148983beeb0f30918b0564849a16456\CustomMarshalers.ni.dll
MOD - [2011/10/12 07:40:39 | 000,676,352 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Security\0418eb6dbffe9b46aa4c989153d6a3b5\System.Security.ni.dll
MOD - [2011/10/12 07:40:37 | 000,970,752 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\cb4cb21d14767292e079366a5d3d76cd\System.Configuration.ni.dll
MOD - [2011/10/12 07:40:33 | 000,025,600 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Accessibility\c2af7cfbb47c077029a2645930b4eeac\Accessibility.ni.dll
MOD - [2011/10/12 07:38:47 | 005,449,728 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\36f3953f24d4f0b767bf172331ad6f3e\System.Xml.ni.dll
MOD - [2011/10/12 07:38:43 | 012,428,800 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\9a254c455892c02355ab0ab0f0727c5b\System.Windows.Forms.ni.dll
MOD - [2011/10/12 07:38:35 | 001,587,200 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\6978f2e90f13bc720d57fa6895c911e2\System.Drawing.ni.dll
MOD - [2011/10/12 07:38:26 | 006,614,016 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Data\0b40341027c01716cec1dd97592698e0\System.Data.ni.dll
MOD - [2011/10/12 07:37:51 | 007,867,392 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\aa7926460a336408c8041330ad90929d\System.ni.dll
MOD - [2011/10/12 07:37:47 | 011,485,184 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\9adb89fa22fd5b4ce433b5aca7fb1b07\mscorlib.ni.dll
MOD - [2011/10/12 07:34:14 | 002,933,248 | ---- | M] () -- C:\WINDOWS\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
MOD - [2011/10/12 07:34:09 | 000,303,104 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
MOD - [2011/10/12 07:34:07 | 000,261,632 | ---- | M] () -- C:\WINDOWS\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
MOD - [2011/10/12 07:34:02 | 000,069,120 | ---- | M] () -- C:\WINDOWS\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
MOD - [2011/09/27 08:23:00 | 000,087,912 | ---- | M] () -- C:\Program Files\Fichiers communs\Apple\Apple Application Support\zlib1.dll
MOD - [2011/09/27 08:22:40 | 001,242,472 | ---- | M] () -- C:\Program Files\Fichiers communs\Apple\Apple Application Support\libxml2.dll
MOD - [2011/05/18 09:29:17 | 000,985,088 | ---- | M] () -- C:\Program Files\OpenOffice.org 3\program\libxml2.dll
MOD - [2010/11/25 21:41:00 | 000,270,336 | ---- | M] () -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
MOD - [2010/11/17 17:45:10 | 001,007,616 | ---- | M] () -- C:\Program Files\Extensis\Suitcase Fusion 3\libxml2.2.6.24.dll
MOD - [2010/11/17 17:45:10 | 000,901,120 | ---- | M] () -- C:\Program Files\Extensis\Suitcase Fusion 3\iconv-1.9.2.dll
MOD - [2010/11/17 17:45:10 | 000,007,168 | ---- | M] () -- C:\Program Files\Extensis\Suitcase Fusion 3\libcharset.dll
MOD - [2010/03/16 12:22:12 | 000,014,848 | ---- | M] () -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\AxInterop.WBOCXLib.dll
MOD - [2010/03/04 23:38:00 | 000,071,096 | ---- | M] () -- C:\Program Files\CDBurnerXP\NMSAccessU.exe
MOD - [2010/01/21 01:52:14 | 000,167,528 | ---- | M] () -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
MOD - [2010/01/21 01:52:12 | 000,370,792 | ---- | M] () -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
MOD - [2010/01/21 01:52:06 | 000,565,864 | ---- | M] () -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\SpecialCase.dll
MOD - [2010/01/21 01:51:28 | 000,062,568 | ---- | M] () -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nv_common.dll
MOD - [2009/09/22 23:32:14 | 000,124,112 | ---- | M] () -- C:\Program Files\Druide\Antidote 7\Programmes32\LibrairiesQt\imageformats\qjpeg4.dll
MOD - [2009/09/22 23:32:12 | 000,026,832 | ---- | M] () -- C:\Program Files\Druide\Antidote 7\Programmes32\LibrairiesQt\imageformats\qgif4.dll
MOD - [2009/09/22 23:32:08 | 000,330,448 | ---- | M] () -- C:\Program Files\Druide\Antidote 7\Programmes32\libQtXmlDruide32_7.dll
MOD - [2009/09/22 23:32:06 | 006,735,568 | ---- | M] () -- C:\Program Files\Druide\Antidote 7\Programmes32\libQtGuiDruide32_7.dll
MOD - [2009/09/22 23:32:06 | 000,611,536 | ---- | M] () -- C:\Program Files\Druide\Antidote 7\Programmes32\libQtNetworkDruide32_7.dll
MOD - [2009/09/22 23:32:04 | 001,918,672 | ---- | M] () -- C:\Program Files\Druide\Antidote 7\Programmes32\libQtCoreDruide32_7.dll
MOD - [2007/08/17 15:13:20 | 000,364,192 | ---- | M] () -- C:\WINDOWS\system32\ATWTUSB.EXE
MOD - [2006/11/06 10:42:24 | 000,036,864 | ---- | M] () -- C:\Program Files\MyInk\My Ink Resident.exe
MOD - [2006/10/23 01:51:04 | 003,407,872 | ---- | M] () -- c:\Program Files\Adobe\Acrobat 8.0\Acrobat\ExLang32.FRA
MOD - [2006/10/23 01:29:12 | 000,012,800 | ---- | M] () -- C:\Program Files\Adobe\Acrobat 8.0\Acrobat\plug_ins\XPS2PDF.FRA
MOD - [2006/10/23 01:29:06 | 000,176,128 | ---- | M] () -- C:\Program Files\Adobe\Acrobat 8.0\Acrobat\plug_ins\TouchUp.FRA
MOD - [2006/10/23 01:29:02 | 000,143,360 | ---- | M] () -- C:\Program Files\Adobe\Acrobat 8.0\Acrobat\plug_ins\WebPDF.fra
MOD - [2006/10/23 01:28:58 | 000,049,152 | ---- | M] () -- C:\Program Files\Adobe\Acrobat 8.0\Acrobat\plug_ins\Weblink.FRA
MOD - [2006/10/23 01:28:46 | 000,005,120 | ---- | M] () -- C:\Program Files\Adobe\Acrobat 8.0\Acrobat\plug_ins\updater.FRA
MOD - [2006/10/23 01:28:42 | 000,016,384 | ---- | M] () -- C:\Program Files\Adobe\Acrobat 8.0\Acrobat\plug_ins\tablepicker.FRA
MOD - [2006/10/23 01:28:30 | 000,036,864 | ---- | M] () -- C:\Program Files\Adobe\Acrobat 8.0\Acrobat\plug_ins\Spelling.FRA
MOD - [2006/10/23 01:28:24 | 000,026,112 | ---- | M] () -- C:\Program Files\Adobe\Acrobat 8.0\Acrobat\plug_ins\SendMail.fra
MOD - [2006/10/23 01:28:14 | 000,012,288 | ---- | M] () -- C:\Program Files\Adobe\Acrobat 8.0\Acrobat\plug_ins\Search5.FRA
MOD - [2006/10/23 01:28:08 | 000,053,248 | ---- | M] () -- C:\Program Files\Adobe\Acrobat 8.0\Acrobat\plug_ins\Search.FRA
MOD - [2006/10/23 01:28:00 | 000,966,656 | ---- | M] () -- C:\Program Files\Adobe\Acrobat 8.0\Acrobat\plug_ins\PPKLITE.FRA
MOD - [2006/10/23 01:28:00 | 000,102,400 | ---- | M] () -- C:\Program Files\Adobe\Acrobat 8.0\Acrobat\plug_ins\Scan.FRA
MOD - [2006/10/23 01:27:52 | 000,019,456 | ---- | M] () -- C:\Program Files\Adobe\Acrobat 8.0\Acrobat\plug_ins\saveasxml.FRA
MOD - [2006/10/23 01:27:48 | 000,028,672 | ---- | M] () -- C:\Program Files\Adobe\Acrobat 8.0\Acrobat\plug_ins\SaveAsRTF.fra
MOD - [2006/10/23 01:27:36 | 000,008,704 | ---- | M] () -- C:\Program Files\Adobe\Acrobat 8.0\Acrobat\plug_ins\Reflow.fra
MOD - [2006/10/23 01:27:32 | 000,013,312 | ---- | M] () -- C:\Program Files\Adobe\Acrobat 8.0\Acrobat\plug_ins\ReadOutLoud.FRA
MOD - [2006/10/23 01:27:08 | 000,045,056 | ---- | M] () -- C:\Program Files\Adobe\Acrobat 8.0\Acrobat\plug_ins\PaperCapture.FRA
MOD - [2006/10/23 01:27:08 | 000,011,264 | ---- | M] () -- C:\Program Files\Adobe\Acrobat 8.0\Acrobat\plug_ins\pddom.FRA
MOD - [2006/10/23 01:26:58 | 000,159,744 | ---- | M] () -- C:\Program Files\Adobe\Acrobat 8.0\Acrobat\plug_ins\Multimedia.FRA
MOD - [2006/10/23 01:26:50 | 000,245,760 | ---- | M] () -- C:\Program Files\Adobe\Acrobat 8.0\Acrobat\plug_ins\JDFProdDef.FRA
MOD - [2006/10/23 01:26:44 | 000,086,016 | ---- | M] () -- C:\Program Files\Adobe\Acrobat 8.0\Acrobat\plug_ins\makeaccessible.FRA
MOD - [2006/10/23 01:26:22 | 000,102,400 | ---- | M] () -- C:\Program Files\Adobe\Acrobat 8.0\Acrobat\plug_ins\ImageConversion.FRA
MOD - [2006/10/23 01:26:16 | 000,061,440 | ---- | M] () -- C:\Program Files\Adobe\Acrobat 8.0\Acrobat\plug_ins\Html2PDF.fra
MOD - [2006/10/23 01:26:10 | 000,013,312 | ---- | M] () -- C:\Program Files\Adobe\Acrobat 8.0\Acrobat\plug_ins\Hls.fra
MOD - [2006/10/23 01:25:46 | 000,098,304 | ---- | M] () -- C:\Program Files\Adobe\Acrobat 8.0\Acrobat\plug_ins\EScript.fra
MOD - [2006/10/23 01:25:46 | 000,006,656 | ---- | M] () -- C:\Program Files\Adobe\Acrobat 8.0\Acrobat\plug_ins\EWH32.FRA
MOD - [2006/10/23 01:25:44 | 001,216,512 | ---- | M] () -- C:\Program Files\Adobe\Acrobat 8.0\Acrobat\plug_ins\Annots.FRA
MOD - [2006/10/23 01:25:36 | 000,233,472 | ---- | M] () -- C:\Program Files\Adobe\Acrobat 8.0\Acrobat\plug_ins\Editor.FRA
MOD - [2006/10/23 01:25:20 | 000,028,672 | ---- | M] () -- C:\Program Files\Adobe\Acrobat 8.0\Acrobat\plug_ins\eBook.FRA
MOD - [2006/10/23 01:25:08 | 000,221,184 | ---- | M] () -- C:\Program Files\Adobe\Acrobat 8.0\Acrobat\plug_ins\DigSig.FRA
MOD - [2006/10/23 01:24:42 | 000,015,872 | ---- | M] () -- C:\Program Files\Adobe\Acrobat 8.0\Acrobat\plug_ins\DistillerPI.FRA
MOD - [2006/10/23 01:24:08 | 000,196,608 | ---- | M] () -- C:\Program Files\Adobe\Acrobat 8.0\Acrobat\plug_ins\Checkers.FRA
MOD - [2006/10/23 01:23:44 | 000,053,248 | ---- | M] () -- C:\Program Files\Adobe\Acrobat 8.0\Acrobat\plug_ins\Catalog.FRA
MOD - [2006/10/23 01:23:22 | 000,009,728 | ---- | M] () -- C:\Program Files\Adobe\Acrobat 8.0\Acrobat\plug_ins\ADBC.FRA
MOD - [2006/10/23 01:23:12 | 000,806,912 | ---- | M] () -- C:\Program Files\Adobe\Acrobat 8.0\Acrobat\plug_ins\Acroform.FRA
MOD - [2006/10/23 01:14:26 | 000,081,920 | ---- | M] () -- C:\Program Files\Adobe\Acrobat 8.0\Acrobat\plug_ins\accessibility.FRA
MOD - [2006/10/23 00:11:30 | 000,921,600 | ---- | M] () -- C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AdistRes.FRA
MOD - [2006/10/01 21:49:16 | 000,389,120 | ---- | M] () -- C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AdobeXMP.dll
MOD - [2006/08/31 09:28:18 | 000,008,192 | R--- | M] () -- C:\Program Files\Adobe\Acrobat 8.0\Acrobat\plug_ins\InDesignPI.FRA
MOD - [2004/08/04 00:54:34 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Unknown] -- C:\Program Files\AVAST Software\Avast\afwServ.exe -- (avast! Firewall)
SRV - [2012/08/16 21:19:34 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/07/19 07:59:50 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/07/16 16:31:32 | 002,673,064 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe -- (TeamViewer7)
SRV - [2012/07/03 18:21:29 | 000,044,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2012/07/03 13:46:44 | 000,655,944 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012/06/07 14:34:43 | 000,072,704 | ---- | M] (Adobe Systems) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe -- (Adobe LM Service)
SRV - [2012/04/26 20:34:48 | 000,224,920 | ---- | M] () [Auto | Running] -- C:\Program Files\Macrium\Reflect\ReflectService.exe -- (ReflectService.exe)
SRV - [2011/11/25 16:36:00 | 000,311,928 | ---- | M] (CybelSoft) [On_Demand | Stopped] -- C:\Program Files\ma-config.com\maconfservice.exe -- (maconfservice)
SRV - [2011/10/09 17:02:32 | 000,055,144 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2011/06/14 21:40:48 | 000,088,688 | ---- | M] (VIA Technologies, Inc.) [Auto | Running] -- C:\WINDOWS\system32\KaraokeSer.exe -- (KaraokeService)
SRV - [2011/04/21 19:26:11 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Running] -- C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2011/04/15 11:43:20 | 002,280,312 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe -- (TeamViewer6)
SRV - [2010/07/04 20:07:40 | 000,238,952 | ---- | M] (Teruten) [Auto | Running] -- C:\WINDOWS\system32\FsUsbExService.Exe -- (FsUsbExService)
SRV - [2010/03/04 23:38:00 | 000,071,096 | ---- | M] () [Auto | Running] -- C:\Program Files\CDBurnerXP\NMSAccessU.exe -- (NMSAccess)
SRV - [2010/01/21 01:52:14 | 000,167,528 | ---- | M] () [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe -- (nSvcIp)
SRV - [2010/01/15 14:49:20 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService)
SRV - [2007/08/17 15:13:20 | 000,364,192 | ---- | M] () [Auto | Running] -- C:\WINDOWS\system32\ATWTUSB.EXE -- (WTService)
SRV - [2007/03/20 16:41:24 | 000,153,792 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe -- (Adobe Version Cue CS3)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - [2012/07/03 18:21:54 | 000,054,232 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2012/07/03 18:21:53 | 000,721,000 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2012/07/03 18:21:53 | 000,353,688 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2012/07/03 18:21:53 | 000,097,608 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2012/07/03 18:21:53 | 000,035,928 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2012/07/03 18:21:53 | 000,021,256 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2012/07/03 18:21:52 | 000,025,256 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2012/07/03 13:46:44 | 000,022,344 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2012/07/02 12:23:04 | 000,025,088 | ---- | M] (TeamViewer GmbH) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\teamviewervpn.sys -- (teamviewervpn)
DRV - [2012/04/26 20:35:02 | 000,016,024 | ---- | M] (Macrium Software) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\pssnap.sys -- (pssnap)
DRV - [2012/03/07 01:02:43 | 000,024,408 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswKbd.sys -- (aswKbd)
DRV - [2011/11/04 21:33:18 | 000,296,592 | ---- | M] (EldoS Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\cbfs3.sys -- (cbfs3)
DRV - [2011/09/02 08:31:28 | 000,039,192 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LMouFilt.Sys -- (LMouFilt)
DRV - [2011/09/02 08:31:28 | 000,030,360 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LUsbFilt.sys -- (LUsbFilt)
DRV - [2011/09/02 08:31:20 | 000,041,240 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LHidFilt.Sys -- (LHidFilt)
DRV - [2011/09/02 08:30:58 | 000,012,184 | ---- | M] (Logitech, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\LBeepKE.sys -- (LBeepKE)
DRV - [2011/07/29 13:54:56 | 000,013,192 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\epmntdrv.sys -- (epmntdrv)
DRV - [2011/07/29 13:54:56 | 000,008,456 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\EuGdiDrv.sys -- (EuGdiDrv)
DRV - [2011/07/21 19:55:50 | 000,016,640 | ---- | M] (CybelSoft) [Kernel | On_Demand | Stopped] -- C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys -- (driverhardwarev2)
DRV - [2010/11/26 06:17:40 | 005,555,712 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2010/06/14 10:32:54 | 000,036,608 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\FsUsbExDisk.Sys -- (FsUsbExDisk)
DRV - [2010/05/15 13:11:40 | 002,136,224 | R--- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\viahduaa.sys -- (VIAHdAudAddService)
DRV - [2010/04/27 04:25:12 | 000,123,776 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_mdm.sys -- (ss_mdm)
DRV - [2010/04/27 04:25:12 | 000,098,560 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_bus.sys -- (ss_bus)
DRV - [2010/04/27 04:25:12 | 000,014,848 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_mdfl.sys -- (ss_mdfl)
DRV - [2010/04/08 20:30:10 | 000,168,040 | R--- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\nvgts.sys -- (nvgts)
DRV - [2010/03/04 12:02:10 | 000,013,824 | R--- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus)
DRV - [2010/03/04 12:02:08 | 000,070,912 | R--- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD)
DRV - [2009/11/12 14:48:56 | 000,005,504 | ---- | M] () [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\StarOpen.sys -- (StarOpen)
DRV - [2009/06/15 13:45:36 | 000,102,656 | R--- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ewusbfake.sys -- (hwusbfake)
DRV - [2009/06/15 13:45:36 | 000,102,400 | R--- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ewusbmdm.sys -- (hwdatacard)
DRV - [2008/02/20 04:52:54 | 000,034,688 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\pcampr5.sys -- (PCAMPR5)
DRV - [2008/02/20 04:52:54 | 000,032,128 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\pcandis5.sys -- (PCANDIS5)
DRV - [2007/04/16 17:46:34 | 000,033,792 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdPPM.sys -- (AmdPPM)
DRV - [2006/03/01 19:37:32 | 000,217,088 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sis163u.sys -- (SIS163u)
DRV - [2004/08/13 04:56:20 | 000,005,810 | R--- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ASACPI.sys -- (MTsensor)
DRV - [2001/08/17 21:53:26 | 000,010,880 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\scsiscan.sys -- (scsiscan)
DRV - [1998/08/25 11:04:04 | 000,024,032 | R--- | M] (Advanced System Products, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\Ntaspi32.sys -- (Ntaspi32)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {006ee092-9658-4fd6-bd8e-a21a348e59f5}
IE - HKLM\..\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}: "URL" = http://feed.helperbar.com/?publisher=OP ... c=lnkry&q={searchTerms}


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-1085031214-1993962763-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKU\S-1-5-21-1085031214-1993962763-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://feed.helperbar.com/?publisher=OP ... c=lnkry&q={searchTerms}
IE - HKU\S-1-5-21-1085031214-1993962763-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://feed.helperbar.com/?publisher=OP ... c=lnkry&q={searchTerms}
IE - HKU\S-1-5-21-1085031214-1993962763-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-1085031214-1993962763-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://feed.helperbar.com/?publisher=OP ... c=lnkry_nt
IE - HKU\S-1-5-21-1085031214-1993962763-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://fr.msn.com/?ocid=iehp
IE - HKU\S-1-5-21-1085031214-1993962763-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = fr
IE - HKU\S-1-5-21-1085031214-1993962763-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = DC C3 F5 3C 03 07 CC 01 [binary data]
IE - HKU\S-1-5-21-1085031214-1993962763-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://feed.helperbar.com/?publisher=OP ... c=lnkry&q={searchTerms}
IE - HKU\S-1-5-21-1085031214-1993962763-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://feed.helperbar.com/?publisher=OP ... c=lnkry&q={searchTerms}
IE - HKU\S-1-5-21-1085031214-1993962763-725345543-1003\..\SearchScopes,DefaultScope = {006ee092-9658-4fd6-bd8e-a21a348e59f5}
IE - HKU\S-1-5-21-1085031214-1993962763-725345543-1003\..\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}: "URL" = http://feed.helperbar.com/?publisher=OP ... c=lnkry&q={searchTerms}
IE - HKU\S-1-5-21-1085031214-1993962763-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1085031214-1993962763-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "about:home"
FF - prefs.js..keyword.URL: "http://feed.helperbar.com/?publisher=OPENCANDY&dpid=OPENCANDYAPRIL&co=FR&userid=457fe700-b350-43bc-b168-7c9d0a408ab4&affid=111583&searchtype=ds&babsrc=lnkry&q="
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_3_300_271.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@canon.com/MycameraPlugin: C:\Program Files\Canon\MyCamera Download Plugin\NPCIG.dll (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_32: C:\WINDOWS\system32\npdeployJava1.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@ma-config.com/HardwareDetection: C:\Program Files\ma-config.com\nphardwaredetection.dll (Cybelsoft)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.2: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\Jean-Claude Houdry\Local Settings\Application Data\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\Jean-Claude Houdry\Local Settings\Application Data\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012/07/15 06:01:35 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{3112ca9c-de6d-4884-a869-9855de68056c}: C:\Documents and Settings\All Users\Application Data\Google\Toolbar for Firefox\{3112ca9c-de6d-4884-a869-9855de68056c} [2011/06/29 15:07:01 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/07/19 07:59:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/07/12 18:37:41 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Sunbird 1.0b1\extensions\\Components: C:\Program Files\Mozilla Sunbird\components [2012/07/12 18:36:37 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Sunbird 1.0b1\extensions\\Plugins: C:\Program Files\Mozilla Sunbird\plugins [2012/07/12 18:37:42 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 14.0\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2012/08/17 19:53:00 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 14.0\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins

[2011/12/02 09:41:38 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Jean-Claude Houdry\Application Data\Mozilla\Extensions
[2011/05/04 10:20:01 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Jean-Claude Houdry\Application Data\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2011/12/02 09:41:38 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Jean-Claude Houdry\Application Data\Mozilla\Extensions\{718e30fb-e89b-41dd-9da7-e25a45638b28}
[2012/08/19 10:42:27 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Jean-Claude Houdry\Application Data\Mozilla\Firefox\Profiles\bkm7uswq.default\extensions
[2012/08/19 10:42:27 | 000,000,000 | ---D | M] (iMacros for Firefox) -- C:\Documents and Settings\Jean-Claude Houdry\Application Data\Mozilla\Firefox\Profiles\bkm7uswq.default\extensions\{81BF1D23-5F17-408D-AC6B-BD6DF7CAF670}
[2012/03/16 10:38:33 | 000,000,000 | ---D | M] (Cookies Manager+) -- C:\Documents and Settings\Jean-Claude Houdry\Application Data\Mozilla\Firefox\Profiles\bkm7uswq.default\extensions\{bb6bc1bb-f824-4702-90cd-35e2fb24f25d}
[2012/08/17 17:46:59 | 000,000,000 | ---D | M] (FlashFirebug) -- C:\Documents and Settings\Jean-Claude Houdry\Application Data\Mozilla\Firefox\Profiles\bkm7uswq.default\extensions\flashfirebug@o-minds.com
[2012/01/18 06:45:07 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Jean-Claude Houdry\Application Data\Mozilla\Sunbird\Profiles\qert8fg3.default\extensions
[2012/01/18 06:43:09 | 000,000,000 | ---D | M] (ReminderFox) -- C:\Documents and Settings\Jean-Claude Houdry\Application Data\Mozilla\Sunbird\Profiles\qert8fg3.default\extensions\{ada4b710-8346-4b82-8199-5de2b400a6ae}
[2012/07/25 15:59:08 | 000,002,474 | ---- | M] () -- C:\Documents and Settings\Jean-Claude Houdry\Application Data\Mozilla\Firefox\Profiles\bkm7uswq.default\searchplugins\Web Search.xml
[2012/06/21 17:06:59 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012/03/16 10:38:32 | 000,025,332 | ---- | M] () (No name found) -- C:\DOCUMENTS AND SETTINGS\JEAN-CLAUDE HOUDRY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\BKM7USWQ.DEFAULT\EXTENSIONS\{8F6A6FD9-0619-459F-B9D0-81DE065D4E21}.XPI
[2012/01/25 09:05:34 | 000,085,264 | ---- | M] () (No name found) -- C:\DOCUMENTS AND SETTINGS\JEAN-CLAUDE HOUDRY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\BKM7USWQ.DEFAULT\EXTENSIONS\FIREFORM@MOZILLA.ORG.XPI
[2012/07/15 06:01:35 | 000,000,000 | ---D | M] (avast! WebRep) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF
[2012/05/18 18:28:18 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2012/07/19 07:59:51 | 000,136,672 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll

========== Chrome ==========

CHR - homepage: http://www.google.com/
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}
CHR - homepage: http://www.google.com/
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Documents and Settings\Jean-Claude Houdry\Local Settings\Application Data\Google\Chrome\Application\21.0.1180.79\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Documents and Settings\Jean-Claude Houdry\Local Settings\Application Data\Google\Chrome\Application\21.0.1180.79\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Documents and Settings\Jean-Claude Houdry\Local Settings\Application Data\Google\Chrome\Application\21.0.1180.79\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.300.12 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U30 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll
CHR - plugin: DivX Plus Web Player (Enabled) = C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.2.183.13\npGoogleOneClick8.dll
CHR - plugin: VLC Multimedia Plug-in (Enabled) = C:\Program Files\VideoLAN\VLC\npvlc.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Ma-Config.com plugin (Enabled) = C:\Program Files\ma-config.com\nphardwaredetection.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: YouTube = C:\Documents and Settings\Jean-Claude Houdry\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: YouTube = C:\Documents and Settings\Jean-Claude Houdry\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2_0\
CHR - Extension: Recherche Google = C:\Documents and Settings\Jean-Claude Houdry\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.14_0\
CHR - Extension: Recherche Google = C:\Documents and Settings\Jean-Claude Houdry\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: uTorrentBar_FR = C:\Documents and Settings\Jean-Claude Houdry\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\paoponfhfdfnjgddpnpjkambkcgdaaib\2.3.11.0_0\
CHR - Extension: uTorrentBar_FR = C:\Documents and Settings\Jean-Claude Houdry\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\paoponfhfdfnjgddpnpjkambkcgdaaib\2.3.15.10_0\
CHR - Extension: Gmail = C:\Documents and Settings\Jean-Claude Houdry\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\6.1.3_0\
CHR - Extension: Gmail = C:\Documents and Settings\Jean-Claude Houdry\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2001/08/28 14:00:00 | 000,000,790 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Aide pour le lien d'Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Virtual Storage Mount Notification) - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\WINDOWS\system32\CbFsMntNtf3.dll (EldoS Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKU\S-1-5-21-1085031214-1993962763-725345543-1003\..\Toolbar\ShellBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKU\S-1-5-21-1085031214-1993962763-725345543-1003\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [Adobe_ID0EYTHM] C:\Program Files\Fichiers communs\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3Tray.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [agentantidote.exe] C:\Program Files\Druide\Antidote 7\Programmes32\agentantidote.exe (Druide informatique inc.)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Fichiers communs\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [ColorPix] C:\Documents and Settings\Jean-Claude Houdry\Mes documents\Téléchargements\ColorPix.exe ()
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [NPSStartup] File not found
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
O4 - HKU\S-1-5-21-1085031214-1993962763-725345543-1003..\Run: [Browser Infrastructure Helper] C:\Documents and Settings\Jean-Claude Houdry\Local Settings\Application Data\Smartbar\Application\Linkury.exe (Smartbar)
O4 - HKU\S-1-5-21-1085031214-1993962763-725345543-1003..\Run: [ccleaner] C:\Program Files\CCleaner\CCleaner.exe (Piriform Ltd)
O4 - HKU\S-1-5-21-1085031214-1993962763-725345543-1003..\Run: [DisplayFusion] C:\Program Files\DisplayFusion\DisplayFusion.exe (Binary Fortress Software)
O4 - HKU\S-1-5-21-1085031214-1993962763-725345543-1003..\Run: [FMCore.exe] C:\Program Files\Extensis\Suitcase Fusion 3\FMCore.exe (Extensis a division of Celartem, Inc.)
O4 - HKU\S-1-5-21-1085031214-1993962763-725345543-1003..\Run: [SEO Soft] C:\Program Files\SEO Soft\seosoft.exe ()
O4 - HKU\S-1-5-21-1085031214-1993962763-725345543-1003..\Run: [uTorrent] C:\Program Files\uTorrent\uTorrent.exe (BitTorrent, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AdobeCollabSync.exe ()
O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Lancement rapide d'Adobe Acrobat.lnk = C:\WINDOWS\Installer\{AC76BA86-1033-F400-7760-000000000003}\_SC_Acrobat.exe ()
O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe (McAfee, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\My Ink Resident.lnk = C:\Program Files\MyInk\My Ink Resident.exe ()
O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE (WinZip Computing, S.L.)
O4 - Startup: C:\Documents and Settings\Jean-Claude Houdry\Menu Démarrer\Programmes\Démarrage\Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
O4 - Startup: C:\Documents and Settings\Jean-Claude Houdry\Menu Démarrer\Programmes\Démarrage\OpenOffice.org 3.3.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1085031214-1993962763-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Ajouter au fichier PDF existant - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convertir en Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convertir la cible du lien en Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convertir la cible du lien en un fichier PDF existant - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convertir la sélection en Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convertir la sélection en un fichier PDF existant - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convertir les liens sélectionnés en fichier Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convertir les liens sélectionnés en un fichier PDF existant - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O9 - Extra Button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll ()
O9 - Extra 'Tools' menuitem : Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll ()
O9 - Extra Button: FlashCapture - {753BBC4B-CC73-4fb8-A5B5-CA09C804C1DD} - res://C:\Program Files\Flash Capture\fciext.dll/FCIEXT.htm File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKU\S-1-5-21-1085031214-1993962763-725345543-1003\..Trusted Domains: ([]msn in My Computer)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_32)
O16 - DPF: {CAFEEFAC-0016-0000-0032-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_32)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_32)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7309E453-4692-4396-9063-E034D07DD5C8}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\vnd.ms.radio {3DA2AA3B-3D96-11D2-9BD2-204C4F4F5020} - C:\WINDOWS\system32\msdxm.ocx (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O21 - SSODL: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\WINDOWS\system32\CbFsMntNtf3.dll (EldoS Corporation)
O22 - SharedTaskScheduler: {5FF49FE8-B332-4CB9-B102-FB6951629E55} - Virtual Storage Mount Notification - C:\WINDOWS\system32\CbFsMntNtf3.dll (EldoS Corporation)
O24 - Desktop Components:0 () - C:\Documents and Settings\Jean-Claude Houdry\Mes documents\Perso\Fond écran\Saint-Céré_2011.jpg
O24 - Desktop Components:1 () - C:\Documents and Settings\Jean-Claude Houdry\Mes documents\Perso\Fond écran\Nieul-sur-mer-2011.jpg
O24 - Desktop Components:2 () - C:\Documents and Settings\Jean-Claude Houdry\Mes documents\Perso\Fond écran\verzy-03_recadre.jpg
O24 - Desktop Components:3 () - C:\Documents and Settings\Jean-Claude Houdry\Mes documents\Perso\Fond écran\chenay-02_rcadre.jpg
O24 - Desktop Components:4 () - C:\Documents and Settings\Jean-Claude Houdry\Mes documents\Perso\Fond écran\chenay-01.JPG
O24 - Desktop Components:5 (Ma page d'accueil) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Jean-Claude Houdry\Application Data\DisplayFusion\Wallpaper_2.bmp
O24 - Desktop BackupWallPaper:
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011/04/21 18:28:32 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{5dbe46dc-6c72-11e0-964b-806d6172696f}\Shell - "" = AutoRun
O33 - MountPoints2\{5dbe46dc-6c72-11e0-964b-806d6172696f}\Shell\AutoRun\command - "" = D:\Bin\ASSETUP.exe
O33 - MountPoints2\{979d67a8-7626-11e0-a6fe-e6a51ee88903}\Shell\AutoRun\command - "" = setupSNK.exe
O33 - MountPoints2\{979d67ac-7626-11e0-a6fe-e6a51ee88903}\Shell - "" = AutoRun
O33 - MountPoints2\{979d67ac-7626-11e0-a6fe-e6a51ee88903}\Shell\AutoRun\command - "" = F:\AutoRunCardDetector.exe
O33 - MountPoints2\{ed7f32d4-6881-11e1-9e6a-bcaec5dd538d}\Shell\AutoRun\command - "" = "F:\LaCie Setup.exe"
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

NetSvcs: 6to4 - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

CREATERESTOREPOINT
Restore point Set: OTL Restore Point
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin


... la seconde partie dans le message suivant...
Merci
Houdry
 
Messages: 6
Inscription: 21 Aoû 2012, 07:01

Re: INFECTION - Se débarrasser de Babylon

Messagede Houdry » 21 Aoû 2012, 07:42

Suite...

Seconde partie du fichier OTL.Txt :


========== Files/Folders - Created Within 30 Days ==========

[2012/08/21 07:23:04 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Jean-Claude Houdry\Recent
[2012/08/21 06:51:20 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2012/08/21 06:50:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jean-Claude Houdry\Bureau\erunt
[2012/08/21 06:35:14 | 000,596,480 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Jean-Claude Houdry\Bureau\OTL.exe
[2012/08/19 08:32:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jean-Claude Houdry\Menu Démarrer\Programmes\Google Chrome
[2012/08/19 08:30:41 | 000,739,808 | ---- | C] (Google Inc.) -- C:\Documents and Settings\Jean-Claude Houdry\Bureau\ChromeSetup.exe
[2012/08/17 18:12:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jean-Claude Houdry\Mes documents\Illustrator Brushes
[2012/08/17 08:56:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jean-Claude Houdry\Bureau\Vistaprint
[2012/08/17 07:08:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jean-Claude Houdry\Bureau\Concours Gforce
[2012/08/14 10:09:12 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Jean-Claude Houdry\Mes documents\Dropbox
[2012/08/14 09:59:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jean-Claude Houdry\Application Data\Dropbox
[2012/08/14 09:57:31 | 017,798,272 | ---- | C] (Dropbox, Inc.) -- C:\Documents and Settings\Jean-Claude Houdry\Bureau\Dropbox 1.4.12.exe
[2012/08/11 18:33:17 | 000,128,392 | ---- | C] (Seiko Epson Corporation) -- C:\WINDOWS\System32\esdevapp.exe
[2012/08/11 18:33:17 | 000,015,872 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\escdev.dll
[2012/08/11 18:33:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\EPSON
[2012/08/09 17:18:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\SEO Soft
[2012/08/09 17:18:22 | 000,000,000 | ---D | C] -- C:\Program Files\SEO Soft
[2012/08/09 12:02:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Adobe
[2012/08/08 14:59:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\VideoLAN
[2012/07/23 14:33:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\WinHTTrack
[2012/07/23 14:33:52 | 000,000,000 | ---D | C] -- C:\Program Files\WinHTTrack
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/08/21 07:30:43 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2012/08/21 07:22:44 | 000,002,337 | ---- | M] () -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Lancement rapide d'Adobe Acrobat.lnk
[2012/08/21 07:21:58 | 000,000,316 | -H-- | M] () -- C:\WINDOWS\tasks\avast! Emergency Update.job
[2012/08/21 07:21:36 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012/08/21 07:20:36 | 008,650,752 | ---- | M] () -- C:\Documents and Settings\Jean-Claude Houdry\NTUSER.bak
[2012/08/21 07:19:00 | 000,001,002 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2012/08/21 06:59:10 | 000,198,449 | ---- | M] () -- C:\Documents and Settings\Jean-Claude Houdry\Bureau\00-PAD-nickW.pdf
[2012/08/21 06:58:07 | 000,000,793 | ---- | M] () -- C:\Documents and Settings\Jean-Claude Houdry\Bureau\ERDNT.EXE.lnk
[2012/08/21 06:48:32 | 000,005,024 | ---- | M] () -- C:\Documents and Settings\Jean-Claude Houdry\Bureau\erunt-loc_fr.zip
[2012/08/21 06:48:09 | 000,513,320 | ---- | M] () -- C:\Documents and Settings\Jean-Claude Houdry\Bureau\erunt.zip
[2012/08/21 06:44:33 | 000,000,417 | ---- | M] () -- C:\Documents and Settings\Jean-Claude Houdry\Bureau\scan.zip
[2012/08/21 06:40:00 | 000,001,200 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1085031214-1993962763-725345543-1003UA.job
[2012/08/21 06:37:05 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Jean-Claude Houdry\Bureau\OTL.exe
[2012/08/20 11:03:03 | 000,000,102 | ---- | M] () -- C:\WINDOWS\Antidote7.ini
[2012/08/20 08:40:01 | 000,001,148 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1085031214-1993962763-725345543-1003Core.job
[2012/08/20 06:25:56 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012/08/19 08:42:09 | 000,558,133 | ---- | M] () -- C:\WINDOWS\System32\sqlite3.dll
[2012/08/19 08:32:10 | 000,002,377 | ---- | M] () -- C:\Documents and Settings\Jean-Claude Houdry\Bureau\Google Chrome.lnk
[2012/08/19 08:32:10 | 000,002,357 | ---- | M] () -- C:\Documents and Settings\Jean-Claude Houdry\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2012/08/19 08:30:42 | 000,739,808 | ---- | M] (Google Inc.) -- C:\Documents and Settings\Jean-Claude Houdry\Bureau\ChromeSetup.exe
[2012/08/19 06:11:22 | 000,004,068 | ---- | M] () -- C:\Documents and Settings\Jean-Claude Houdry\Bureau\alain.jamme.danse@gmail.com-takeout.zip
[2012/08/18 11:17:03 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2012/08/17 21:09:20 | 000,060,416 | ---- | M] () -- C:\Documents and Settings\Jean-Claude Houdry\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/08/16 22:40:26 | 000,880,893 | ---- | M] () -- C:\Documents and Settings\Jean-Claude Houdry\Bureau\Moutons.pdf
[2012/08/16 22:39:31 | 003,358,720 | ---- | M] () -- C:\Documents and Settings\Jean-Claude Houdry\Bureau\Moutons.indd
[2012/08/16 21:19:33 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2012/08/16 21:19:33 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2012/08/14 11:33:28 | 000,057,361 | ---- | M] () -- C:\Documents and Settings\Jean-Claude Houdry\Bureau\255211_484526504891135_1583984865_n.jpg
[2012/08/14 09:57:52 | 017,798,272 | ---- | M] (Dropbox, Inc.) -- C:\Documents and Settings\Jean-Claude Houdry\Bureau\Dropbox 1.4.12.exe
[2012/08/11 18:33:17 | 000,000,665 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\EPSON Scan.lnk
[2012/08/11 18:24:43 | 012,526,592 | ---- | M] () -- C:\Documents and Settings\Jean-Claude Houdry\Bureau\epson325326eu.exe
[2012/08/10 06:31:30 | 000,002,285 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Reflect.lnk
[2012/08/09 17:18:23 | 000,000,499 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\SEO Soft.lnk
[2012/08/09 16:49:49 | 000,000,038 | ---- | M] () -- C:\WINDOWS\AviSplitter.INI
[2012/08/08 17:38:17 | 002,093,016 | ---- | M] () -- C:\Documents and Settings\Jean-Claude Houdry\Mes documents\essai_formulaire_pub_0001.pdf
[2012/08/08 17:38:16 | 002,042,882 | ---- | M] () -- C:\Documents and Settings\Jean-Claude Houdry\Mes documents\essai_formulaire_jeu de données_0001.pdf
[2012/08/08 17:37:25 | 002,044,641 | ---- | M] () -- C:\Documents and Settings\Jean-Claude Houdry\Mes documents\essai_formulaire.pdf
[2012/08/08 14:59:01 | 000,000,719 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\VLC media player.lnk
[2012/08/07 00:49:21 | 001,288,001 | ---- | M] () -- C:\Documents and Settings\Jean-Claude Houdry\Bureau\Didacticiel de scripts InDesign CS3.pdf
[2012/07/24 08:55:02 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Malwarebytes Anti-Malware.lnk
[2012/07/24 05:02:15 | 004,065,104 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012/07/23 16:27:59 | 000,000,774 | ---- | M] () -- C:\Documents and Settings\Jean-Claude Houdry\Bureau\Gridelicious_index.html.lnk
[2012/07/23 14:33:55 | 000,000,650 | ---- | M] () -- C:\Documents and Settings\Jean-Claude Houdry\Bureau\HTTrack Website Copier.lnk
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/08/21 07:30:43 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2012/08/21 06:59:10 | 000,198,449 | ---- | C] () -- C:\Documents and Settings\Jean-Claude Houdry\Bureau\00-PAD-nickW.pdf
[2012/08/21 06:57:40 | 000,000,793 | ---- | C] () -- C:\Documents and Settings\Jean-Claude Houdry\Bureau\ERDNT.EXE.lnk
[2012/08/21 06:48:31 | 000,005,024 | ---- | C] () -- C:\Documents and Settings\Jean-Claude Houdry\Bureau\erunt-loc_fr.zip
[2012/08/21 06:48:08 | 000,513,320 | ---- | C] () -- C:\Documents and Settings\Jean-Claude Houdry\Bureau\erunt.zip
[2012/08/21 06:44:32 | 000,000,417 | ---- | C] () -- C:\Documents and Settings\Jean-Claude Houdry\Bureau\scan.zip
[2012/08/19 08:42:16 | 000,558,133 | ---- | C] () -- C:\WINDOWS\System32\sqlite3.dll
[2012/08/19 08:32:10 | 000,002,377 | ---- | C] () -- C:\Documents and Settings\Jean-Claude Houdry\Bureau\Google Chrome.lnk
[2012/08/19 08:32:10 | 000,002,357 | ---- | C] () -- C:\Documents and Settings\Jean-Claude Houdry\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2012/08/19 08:30:53 | 000,001,200 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1085031214-1993962763-725345543-1003UA.job
[2012/08/19 08:30:53 | 000,001,148 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1085031214-1993962763-725345543-1003Core.job
[2012/08/19 06:11:21 | 000,004,068 | ---- | C] () -- C:\Documents and Settings\Jean-Claude Houdry\Bureau\alain.jamme.danse@gmail.com-takeout.zip
[2012/08/16 22:39:46 | 000,880,893 | ---- | C] () -- C:\Documents and Settings\Jean-Claude Houdry\Bureau\Moutons.pdf
[2012/08/16 22:24:37 | 003,358,720 | ---- | C] () -- C:\Documents and Settings\Jean-Claude Houdry\Bureau\Moutons.indd
[2012/08/14 11:33:27 | 000,057,361 | ---- | C] () -- C:\Documents and Settings\Jean-Claude Houdry\Bureau\255211_484526504891135_1583984865_n.jpg
[2012/08/11 18:24:13 | 012,526,592 | ---- | C] () -- C:\Documents and Settings\Jean-Claude Houdry\Bureau\epson325326eu.exe
[2012/08/09 17:18:23 | 000,000,499 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\SEO Soft.lnk
[2012/08/08 17:38:16 | 002,093,016 | ---- | C] () -- C:\Documents and Settings\Jean-Claude Houdry\Mes documents\essai_formulaire_pub_0001.pdf
[2012/08/08 17:38:16 | 002,042,882 | ---- | C] () -- C:\Documents and Settings\Jean-Claude Houdry\Mes documents\essai_formulaire_jeu de données_0001.pdf
[2012/08/08 17:37:25 | 002,044,641 | ---- | C] () -- C:\Documents and Settings\Jean-Claude Houdry\Mes documents\essai_formulaire.pdf
[2012/08/08 14:59:01 | 000,000,719 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\VLC media player.lnk
[2012/08/07 00:49:10 | 001,288,001 | ---- | C] () -- C:\Documents and Settings\Jean-Claude Houdry\Bureau\Didacticiel de scripts InDesign CS3.pdf
[2012/07/23 16:27:59 | 000,000,774 | ---- | C] () -- C:\Documents and Settings\Jean-Claude Houdry\Bureau\Gridelicious_index.html.lnk
[2012/07/23 14:33:55 | 000,000,650 | ---- | C] () -- C:\Documents and Settings\Jean-Claude Houdry\Bureau\HTTrack Website Copier.lnk
[2012/07/15 17:42:40 | 002,469,760 | ---- | C] () -- C:\WINDOWS\System32\BootMan.exe
[2012/07/15 17:42:40 | 000,086,408 | ---- | C] () -- C:\WINDOWS\System32\setupempdrv03.exe
[2012/07/15 17:42:40 | 000,019,840 | ---- | C] () -- C:\WINDOWS\System32\EuEpmGdi.dll
[2012/07/15 17:42:40 | 000,013,192 | ---- | C] () -- C:\WINDOWS\System32\epmntdrv.sys
[2012/07/15 17:42:40 | 000,008,456 | ---- | C] () -- C:\WINDOWS\System32\EuGdiDrv.sys
[2012/07/12 18:52:16 | 000,004,294 | ---- | C] () -- C:\Documents and Settings\Jean-Claude Houdry\UserCustomPreset_Adobe Premiere Pro 2.0.vpr
[2012/07/04 08:17:29 | 000,075,776 | ---- | C] () -- C:\WINDOWS\cadkasdeinst01e.exe
[2012/06/09 18:10:54 | 000,000,038 | ---- | C] () -- C:\WINDOWS\AviSplitter.INI
[2012/06/07 15:46:34 | 000,175,616 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2012/06/04 09:28:05 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Jean-Claude Houdry\fete_mere
[2012/06/04 09:26:22 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Jean-Claude Houdry\Fleur-fete-des-mères
[2012/04/20 15:59:12 | 000,000,930 | ---- | C] () -- C:\Documents and Settings\Jean-Claude Houdry\.recently-used.xbel
[2012/04/20 15:17:31 | 000,284,160 | ---- | C] () -- C:\WINDOWS\unin040c.exe
[2012/04/20 10:51:59 | 000,000,225 | ---- | C] () -- C:\WINDOWS\System32\inkconvert.ini
[2012/04/20 10:49:12 | 000,364,192 | ---- | C] () -- C:\WINDOWS\System32\ATWTUSB.EXE
[2012/04/20 10:49:12 | 000,102,048 | ---- | C] () -- C:\WINDOWS\RmTablet.exe
[2012/04/20 10:49:12 | 000,052,896 | ---- | C] () -- C:\WINDOWS\System32\InstallService.exe
[2012/04/20 10:49:10 | 000,005,725 | ---- | C] () -- C:\WINDOWS\aiptbl.ini
[2012/04/16 08:58:38 | 000,454,495 | ---- | C] () -- C:\Documents and Settings\Jean-Claude Houdry\Script_Laser_Vexler_correction
[2012/04/16 08:57:46 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Jean-Claude Houdry\Script_Laser_Terroirs_vexler
[2012/04/15 12:18:07 | 000,000,085 | ---- | C] () -- C:\Documents and Settings\Jean-Claude Houdry\mm_backup.cfg
[2012/03/14 07:45:51 | 000,000,230 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2012/03/13 18:02:17 | 000,000,112 | ---- | C] () -- C:\WINDOWS\visupol.ini
[2012/02/11 12:44:56 | 000,000,080 | ---- | C] () -- C:\WINDOWS\mapforms.ini
[2012/01/31 08:50:21 | 000,000,145 | ---- | C] () -- C:\WINDOWS\Eudcedit.ini
[2012/01/29 18:23:18 | 000,000,029 | ---- | C] () -- C:\WINDOWS\DEBUGSM.INI
[2012/01/29 10:16:10 | 000,290,919 | ---- | C] () -- C:\WINDOWS\System32\pythoncom21.dll
[2012/01/29 10:16:10 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\PyWinTypes21.dll
[2012/01/29 10:14:30 | 000,096,768 | ---- | C] () -- C:\WINDOWS\SlantAdj.dll
[2012/01/29 10:14:30 | 000,003,136 | ---- | C] () -- C:\WINDOWS\Ade001.bin
[2012/01/29 10:14:30 | 000,000,072 | R--- | C] () -- C:\WINDOWS\System32\epDPE.ini
[2011/12/16 18:11:36 | 000,000,102 | ---- | C] () -- C:\WINDOWS\Antidote7.ini
[2011/12/07 07:08:38 | 000,000,020 | ---- | C] () -- C:\WINDOWS\System32\lbj.ini
[2011/11/03 07:03:40 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\FsUsbExDevice.Dll
[2011/11/03 07:03:40 | 000,036,608 | ---- | C] () -- C:\WINDOWS\System32\FsUsbExDisk.Sys
[2011/11/03 07:03:33 | 000,002,528 | ---- | C] () -- C:\Documents and Settings\Jean-Claude Houdry\Application Data\$_hpcst$.hpc
[2011/10/12 07:36:34 | 000,002,272 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2011/07/05 07:25:59 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\pxhpinst.exe
[2011/06/16 09:48:30 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ativpsrm.bin
[2011/06/16 09:48:24 | 000,887,724 | R--- | C] () -- C:\WINDOWS\System32\ativva6x.dat
[2011/06/16 09:48:24 | 000,224,001 | R--- | C] () -- C:\WINDOWS\System32\atiicdxx.dat
[2011/06/16 09:48:24 | 000,000,003 | R--- | C] () -- C:\WINDOWS\System32\ativva5x.dat
[2011/05/12 07:36:54 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011/05/11 19:45:45 | 000,060,416 | ---- | C] () -- C:\Documents and Settings\Jean-Claude Houdry\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/05/06 16:59:15 | 000,254,000 | R--- | C] ( ) -- C:\WINDOWS\System32\Audio3D.dll
[2011/05/06 16:59:15 | 000,254,000 | R--- | C] ( ) -- C:\WINDOWS\System32\A3D.dll
[2011/05/06 16:49:19 | 000,010,084 | R--- | C] () -- C:\WINDOWS\System32\drivers\nvphy.bin
[2011/05/06 16:47:44 | 000,005,810 | R--- | C] () -- C:\WINDOWS\System32\drivers\ASACPI.sys
[2011/05/06 16:47:36 | 000,001,769 | ---- | C] () -- C:\WINDOWS\Language_trs.ini
[2011/05/06 16:47:30 | 000,026,635 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini
[2011/05/06 16:47:30 | 000,010,296 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS
[2011/05/04 19:50:13 | 000,000,600 | ---- | C] () -- C:\Documents and Settings\Jean-Claude Houdry\Local Settings\Application Data\FASTWiz.html
[2011/05/04 15:07:17 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Jean-Claude Houdry\reseau wifi
[2011/05/04 10:19:26 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2011/04/22 01:17:27 | 000,004,383 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2011/04/22 01:16:47 | 004,065,104 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011/04/21 19:33:00 | 002,463,976 | ---- | C] () -- C:\WINDOWS\System32\NPSWF32.dll
[2011/04/21 18:33:12 | 008,650,752 | ---- | C] () -- C:\Documents and Settings\Jean-Claude Houdry\NTUSER.bak
[2011/04/21 18:29:39 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2011/04/21 18:26:36 | 000,023,032 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat

========== LOP Check ==========

[2011/05/04 10:17:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVAST Software
[2011/07/04 22:55:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Canneverbe Limited
[2011/12/06 12:36:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\CELSYS
[2011/11/11 07:05:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Diagonal
[2012/06/06 10:53:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\dvdfab
[2011/09/29 08:23:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Extensis
[2012/03/08 19:43:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\FNET
[2011/12/07 08:07:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Free Devis Factures
[2012/01/27 14:41:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Guitar Pro 6
[2012/03/13 16:52:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\InstallMate
[2012/05/30 22:56:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ma-config.com
[2012/05/28 22:26:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Macrium
[2012/03/13 16:52:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Premium
[2011/11/03 07:03:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Samsung
[2012/04/20 10:49:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Tablet
[2012/05/26 10:22:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2012/06/07 16:33:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\vsosdk
[2011/06/29 15:16:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WinZip
[2011/10/21 08:59:57 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{13795121-80CF-4D45-9175-8FD79D18EF7E}
[2011/11/14 16:33:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2011/10/20 15:43:11 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{53EB2EF1-46AE-444E-B71D-7E3B56F8B6B4}
[2011/10/21 08:59:18 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{5E083C87-F3C2-42C0-B4DC-F0A0AA28F2DD}
[2011/10/21 08:59:48 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{682FE305-7958-4875-9B95-34673E7151AD}
[2011/10/21 08:59:10 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{8265C354-3D13-4FE5-95C7-65F277FF3041}
[2011/10/21 09:00:05 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{83F263BF-0076-4C4C-93DC-A3EA0CEB7184}
[2011/10/21 09:00:14 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{C8DF6520-3E59-4590-A678-CB275CEADF10}
[2012/06/05 07:41:49 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{CB26E0D6-79FF-4CEE-87EA-43680C82478D}
[2011/10/21 08:59:38 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{D9E0EE67-1483-4783-8326-7E411B3B012D}
[2011/10/21 08:59:27 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{E6AF2639-F710-4F5B-8830-95A396FB523F}
[2012/02/24 07:51:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jean-Claude Houdry\Application Data\Ancestrologie
[2012/06/01 08:06:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jean-Claude Houdry\Application Data\Audacity
[2012/02/01 10:02:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jean-Claude Houdry\Application Data\Axialis
[2011/10/30 10:57:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jean-Claude Houdry\Application Data\Bradsoft.com
[2011/07/04 22:55:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jean-Claude Houdry\Application Data\Canneverbe Limited
[2012/02/24 07:56:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jean-Claude Houdry\Application Data\CassiniVision
[2012/01/25 17:35:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jean-Claude Houdry\Application Data\ColorSchemer
[2012/04/06 10:10:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jean-Claude Houdry\Application Data\Diagonal
[2012/08/21 07:36:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jean-Claude Houdry\Application Data\DisplayFusion
[2012/08/16 20:12:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jean-Claude Houdry\Application Data\Dropbox
[2012/06/29 16:18:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jean-Claude Houdry\Application Data\Druide
[2012/01/29 18:23:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jean-Claude Houdry\Application Data\EPSON
[2011/09/29 08:23:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jean-Claude Houdry\Application Data\Extensis
[2012/08/20 10:40:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jean-Claude Houdry\Application Data\FileZilla
[2012/04/06 14:10:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jean-Claude Houdry\Application Data\Flash Undelete Software
[2012/05/11 10:03:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jean-Claude Houdry\Application Data\FlippingBook
[2012/05/11 06:18:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jean-Claude Houdry\Application Data\Free Audio Editor
[2012/03/21 08:43:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jean-Claude Houdry\Application Data\Genie-Soft
[2012/04/20 15:59:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jean-Claude Houdry\Application Data\gtk-2.0
[2012/01/27 14:56:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jean-Claude Houdry\Application Data\Guitar Pro 6
[2012/01/26 11:49:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jean-Claude Houdry\Application Data\IrfanView
[2012/05/11 14:40:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jean-Claude Houdry\Application Data\Leadertech
[2011/10/12 08:01:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jean-Claude Houdry\Application Data\Mediaparts Interactive
[2011/11/03 07:12:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jean-Claude Houdry\Application Data\ML
[2011/05/18 09:32:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jean-Claude Houdry\Application Data\OpenOffice.org
[2011/12/09 15:29:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jean-Claude Houdry\Application Data\Process Axis Pte. Ltd
[2012/03/13 18:48:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jean-Claude Houdry\Application Data\Proxima Software
[2011/11/03 07:03:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jean-Claude Houdry\Application Data\Samsung
[2011/12/06 12:36:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jean-Claude Houdry\Application Data\Smith Micro
[2011/05/11 15:37:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jean-Claude Houdry\Application Data\TeamViewer
[2011/05/04 10:20:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jean-Claude Houdry\Application Data\Thunderbird
[2012/08/21 07:34:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jean-Claude Houdry\Application Data\uTorrent
[2012/03/13 18:02:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jean-Claude Houdry\Application Data\Wuala
[2011/06/08 06:15:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jean-Claude Houdry\Application Data\YouSendIt
[2012/03/21 08:42:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\Genie-Soft
[2012/08/21 07:21:58 | 000,000,316 | -H-- | M] () -- C:\WINDOWS\Tasks\avast! Emergency Update.job

========== Purity Check ==========



========== Custom Scans ==========

< %SYSTEMDRIVE%\*.exe >

< MD5 for: AGP440.SYS >
[2004/08/04 01:05:42 | 018,779,217 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2004/08/04 01:05:42 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\WINDOWS\system32\drivers\agp440.sys

< MD5 for: ATAPI.SYS >
[2004/08/04 01:05:42 | 018,779,217 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2004/08/03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004/08/03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0000\DriverFiles\i386\atapi.sys

< MD5 for: CTFMON.EXE >
[2004/08/04 00:54:50 | 000,015,360 | ---- | M] (Microsoft Corporation) MD5=5584247B568C2E53934873F4B655FE6A -- C:\WINDOWS\system32\ctfmon.exe
[2004/08/04 00:54:50 | 000,015,360 | ---- | M] (Microsoft Corporation) MD5=5584247B568C2E53934873F4B655FE6A -- C:\WINDOWS\system32\dllcache\ctfmon.exe

< MD5 for: EVENTLOG.DLL >
[2004/08/04 00:54:26 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=21E83876A6287F15538EF187D286FE11 -- C:\WINDOWS\system32\dllcache\eventlog.dll
[2004/08/04 00:54:26 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=21E83876A6287F15538EF187D286FE11 -- C:\WINDOWS\system32\eventlog.dll

< MD5 for: EXPLORER.EXE >
[2004/08/04 00:54:50 | 001,036,288 | ---- | M] (Microsoft Corporation) MD5=4C33E5B9A6197B6ED215F6CFBA0A2DAA -- C:\WINDOWS\explorer.exe
[2004/08/04 00:54:50 | 001,036,288 | ---- | M] (Microsoft Corporation) MD5=4C33E5B9A6197B6ED215F6CFBA0A2DAA -- C:\WINDOWS\system32\dllcache\explorer.exe

< MD5 for: NETLOGON.DLL >
[2004/08/04 00:54:36 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=FAF07FDCDE76000621A28D19F8E2E8EB -- C:\WINDOWS\system32\dllcache\netlogon.dll
[2004/08/04 00:54:36 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=FAF07FDCDE76000621A28D19F8E2E8EB -- C:\WINDOWS\system32\netlogon.dll

< MD5 for: NVGTS.SYS >
[2010/04/08 20:30:10 | 000,168,040 | R--- | M] (NVIDIA Corporation) MD5=52DCE3B30C9D61C8E20FE3C6DA4BDFB7 -- C:\WINDOWS\system32\drivers\nvgts.sys

< MD5 for: SCECLI.DLL >
[2004/08/04 00:54:38 | 000,186,368 | ---- | M] (Microsoft Corporation) MD5=DEC0397F35D027874804EC72979D03CC -- C:\WINDOWS\system32\dllcache\scecli.dll
[2004/08/04 00:54:38 | 000,186,368 | ---- | M] (Microsoft Corporation) MD5=DEC0397F35D027874804EC72979D03CC -- C:\WINDOWS\system32\scecli.dll

< MD5 for: USERINIT.EXE >
[2004/08/04 00:55:02 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=D6D65EA32B190401B57EDB6706F29669 -- C:\WINDOWS\system32\dllcache\userinit.exe
[2004/08/04 00:55:02 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=D6D65EA32B190401B57EDB6706F29669 -- C:\WINDOWS\system32\userinit.exe

< MD5 for: WINLOGON.EXE >
[2012/07/03 13:46:42 | 000,217,672 | ---- | M] () MD5=8A7F34F0BBD076EC3815680A7309114F -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2004/08/04 00:55:02 | 000,506,368 | ---- | M] (Microsoft Corporation) MD5=D2DE785AEAB0BB8CA4C14A8A199DBE4E -- C:\WINDOWS\system32\dllcache\winlogon.exe
[2004/08/04 00:55:02 | 000,506,368 | ---- | M] (Microsoft Corporation) MD5=D2DE785AEAB0BB8CA4C14A8A199DBE4E -- C:\WINDOWS\system32\winlogon.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[4 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\Tasks\*.job /lockedfiles >

========== Alternate Data Streams ==========

@Alternate Data Stream - 145 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:63238B95

< End of report >


Le fichier Extras.txt dans le prochain message.
Merci
Houdry
 
Messages: 6
Inscription: 21 Aoû 2012, 07:01

Re: INFECTION - Se débarrasser de Babylon

Messagede Houdry » 21 Aoû 2012, 07:46

Pour finir, voici le Fichier Extras.Txt :


OTL Extras logfile created on: 21/08/2012 07:26:19 - Run 1
OTL by OldTimer - Version 3.2.58.1 Folder = C:\Documents and Settings\Jean-Claude Houdry\Bureau
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

3,00 Gb Total Physical Memory | 2,09 Gb Available Physical Memory | 69,76% Memory free
4,84 Gb Paging File | 4,01 Gb Available in Paging File | 82,86% Paging File free
Paging file location(s): c:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 127,99 Gb Total Space | 57,27 Gb Free Space | 44,75% Space Free | Partition Type: NTFS
Drive E: | 803,52 Gb Total Space | 633,84 Gb Free Space | 78,88% Space Free | Partition Type: NTFS

Computer Name: ATELIER-REIMS | User Name: Jean-Claude Houdry | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
.url [@ = InternetShortcut] -- rundll32.exe shdocvw.dll,OpenURL %l

[HKEY_USERS\S-1-5-21-1085031214-1993962763-725345543-1003\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
http [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -osint -url "%1" (Mozilla Corporation)
https [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -osint -url "%1" (Mozilla Corporation)
InternetShortcut [open] -- rundll32.exe shdocvw.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Digital Photo Professional] -- C:\Program Files\Canon\Digital Photo Professional\DPPViewer.exe /path "%1" (CANON INC.)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"3703:TCP" = 3703:TCP:*:Enabled:Adobe Version Cue CS3 Server
"3704:TCP" = 3704:TCP:*:Enabled:Adobe Version Cue CS3 Server
"50900:TCP" = 50900:TCP:*:Enabled:Adobe Version Cue CS3 Server
"50901:TCP" = 50901:TCP:*:Enabled:Adobe Version Cue CS3 Server
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008
"48113:TCP" = 48113:TCP:LocalSubNet:Enabled:maconfig_tcp
"48113:UDP" = 48113:UDP:LocalSubNet:Enabled:maconfig_udp

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Fichiers communs\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe" = C:\Program Files\Fichiers communs\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe:*:Enabled:Adobe Version Cue CS3 Server -- (Adobe Systems Incorporated)
"C:\Program Files\TeamViewer\Version6\TeamViewer.exe" = C:\Program Files\TeamViewer\Version6\TeamViewer.exe:*:Enabled:Teamviewer Remote Control Application -- (TeamViewer GmbH)
"C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe" = C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe:*:Enabled:Teamviewer Remote Control Service -- (TeamViewer GmbH)
"C:\Program Files\FileZilla FTP Client\filezilla.exe" = C:\Program Files\FileZilla FTP Client\filezilla.exe:*:Enabled:FileZilla FTP Client -- (FileZilla Project)
"C:\Program Files\Samsung\Samsung New PC Studio\npsasvr.exe" = C:\Program Files\Samsung\Samsung New PC Studio\npsasvr.exe:*:Enabled:KTF MUSIC AoD Server -- (PeeringPortal)
"C:\Program Files\Samsung\Samsung New PC Studio\npsvsvr.exe" = C:\Program Files\Samsung\Samsung New PC Studio\npsvsvr.exe:*:Enabled:KTF MUSIC VoD Server -- (PeeringPortal)
"C:\Program Files\VideoLAN\VLC\vlc.exe" = C:\Program Files\VideoLAN\VLC\vlc.exe:*:Enabled:VLC media player -- ()
"C:\Program Files\Recosoft PDF2ID\PDF2ID v3.0\PDF2IDDesktopServer.exe" = C:\Program Files\Recosoft PDF2ID\PDF2ID v3.0\PDF2IDDesktopServer.exe:*:Enabled:PDF2ID Desktop Server -- (Recosoft Corporation)
"C:\Program Files\TeamViewer\Version7\TeamViewer.exe" = C:\Program Files\TeamViewer\Version7\TeamViewer.exe:*:Enabled:Teamviewer Remote Control Application -- (TeamViewer GmbH)
"C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe" = C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe:*:Enabled:Teamviewer Remote Control Service -- (TeamViewer GmbH)
"C:\Program Files\Adobe\Adobe Dreamweaver CS3\Dreamweaver.exe" = C:\Program Files\Adobe\Adobe Dreamweaver CS3\Dreamweaver.exe:*:Enabled:Adobe Dreamweaver CS3 -- (Adobe Systems, Inc.)
"C:\Documents and Settings\Jean-Claude Houdry\Application Data\Wuala\Roaming\Wuala.exe" = C:\Documents and Settings\Jean-Claude Houdry\Application Data\Wuala\Roaming\Wuala.exe:*:Enabled:Wuala -- (LaCie)
"C:\Program Files\ma-config.com\maconfservice.exe" = C:\Program Files\ma-config.com\maconfservice.exe:LocalSubNet:Enabled:maconfservice -- (CybelSoft)
"C:\Program Files\uTorrent\uTorrent.exe" = C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.)
"C:\Program Files\Fichiers communs\Apple\Apple Application Support\WebKit2WebProcess.exe" = C:\Program Files\Fichiers communs\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit -- (Apple Inc.)
"C:\Documents and Settings\Jean-Claude Houdry\Application Data\Dropbox\bin\Dropbox.exe" = C:\Documents and Settings\Jean-Claude Houdry\Application Data\Dropbox\bin\Dropbox.exe:*:Enabled:Dropbox


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{003190C4-888F-834C-0780-601D304C9C32}" = CCC Help Spanish
"{04AF207D-9A77-465A-8B76-991F6AB66245}" = Adobe Help Viewer CS3
"{05653DE1-6567-40C6-B930-39D399B64369}" = OpenOffice.org 3.3
"{0813B2A4-85CF-491C-3C69-52463DCC4F4D}" = CCC Help Chinese Standard
"{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting
"{0CC4615C-7BA6-F3A1-FA76-A2AF370AC670}" = CCC Help Russian
"{0DE46A13-D4CB-BAD4-98FB-5262DDE76CE8}" = CCC Help Korean
"{0E64B098-8018-4256-BA23-C316A43AD9B0}" = QuickTime
"{0F5B4A82-9DAF-3D13-8CB8-AEB25E4A614E}" = Microsoft .NET Framework 4 Client Profile FRA Language Pack
"{0FC61FCF-0FAA-E9EE-7BD6-A75CAA0C3388}" = CCC Help Czech
"{12D9D635-2C58-8B60-C44B-C09DD307F4DC}" = CCC Help Chinese Traditional
"{14A487F2-1259-4E6C-AE3C-3C888DDBCB60}_is1" = Guitar Pro 6
"{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}" = Adobe WinSoft Linguistics Plugin
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{1B0BCA28-1F11-4D60-8A2F-DEBE04B5341E}" = Adobe Flash Video Encoder
"{1B19A54C-3692-4D12-BFD9-1362DD34CE78}" = Ma-Config.com
"{1D58229F-C505-45CA-8223-F35F3A34B963}" = Adobe Version Cue CS3 Server
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform
"{26405090-4A02-41C5-B7CB-EBD624BCB424}" = CCC Help French
"{2668AB7A-6937-107C-166E-31B230235B7B}" = Catalyst Control Center InstallProxy
"{26A24AE4-039D-4CA4-87B4-2F83216032FF}" = Java(TM) 6 Update 32
"{27CC6AB1-E72B-4179-AF1A-EAE507EBAF51}_is1" = ConvertHelper 2.2
"{29E5EA97-5F74-4A57-B8B2-D4F169117183}" = Adobe Stock Photos CS3
"{29ED20C9-5E15-4969-9279-25BF3727A3DA}" = iTunes
"{309E994A-1FE1-4198-036E-A01A02213E25}" = CCC Help Hungarian
"{338C2997-F8AE-4666-9885-D0EE4D2DCAD4}" = Linkury Smartbar
"{34E30A1C-E978-332B-9B94-520621C4E13E}" = CCC Help German
"{350C97B8-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = eReg
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4AA83D48-8658-1526-EC55-25514D46ACCD}" = ccc-core-static
"{4BDB76C6-902E-41D5-9064-68768E02886B}" = Adobe Dreamweaver CS3
"{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3
"{556F2137-B772-43BB-9A45-E0275234DD16}" = Free Notes & Office Ink
"{56CDB4FE-895F-4E0D-8BB4-9A8D4310898D}" = Antidote HD
"{572F1B5E-6FDF-422E-8FED-1156DD211269}" = PDF2ID v3.0
"{5DB38141-CCA8-4870-8EC1-FB06871AF278}" = FlippingBook PDF Publisher
"{5FD595B1-0A6E-2A69-C199-71E3B65A1910}" = CCC Help Danish
"{6288EA95-9AA5-47E1-A43B-C9E9F737F67A}" = Macrium Reflect Free Edition
"{6378CFE7-D898-4C41-A7DD-4BB54ED80BB7}" = MyScript Notes
"{65455A2D-1671-E83B-F15D-D0C887F9D608}" = ATI Catalyst Install Manager
"{6AB57823-3580-4CE0-9CF0-072E2A39460C}" = Catalyst Control Center - Branding
"{6ABE0BEE-D572-4FE8-B434-9E72A289431B}" = Adobe Fonts All
"{6B708481-748A-4EB4-97C1-CD386244FF77}" = Adobe MotionPicture Color Files
"{6BBAA81D-6A7E-43AD-8889-2F002DCAAFDD}" = AHV content for Acrobat and Flash
"{6C11D561-620B-47DA-A693-4C597F3CDF40}" = EPSON Smart Panel
"{6C3B0DF9-0214-45C4-9964-17EC250D6C90}_is1" = SEO Soft version 3.1.74
"{6E07CF4B-A9EB-45BF-BE74-613B3D708E13}" = Topaz Lens Effects
"{6E08CE13-C2AB-4749-9335-5900B958929E}" = Adobe Illustrator CS3
"{6FAB7C8A-F677-41D9-8841-62D92B8002DA}" = Extensis Suitcase Fusion 3
"{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}" = Adobe Asset Services CS3
"{73B5D990-04EA-4751-B10F-5534770B91F2}" = Adobe Color EU Recommended Settings
"{770D3BDC-19D7-49D0-B60B-C5BB77553FBB}" = Topaz Fusion Express 2
"{786C5747-1437-443D-B06E-79A00FE45110}" = Adobe Stock Photos 1.0
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7CFA46E3-CC2F-4355-82AE-6012DC3633FD}" = NVIDIA ForceWare Network Access Manager
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{802771A9-A856-4A41-ACF7-1450E523C923}" = Adobe XMP Panels CS3
"{80FD3971-8482-49C8-BA8C-B6464A15882F}" = Adobe Flash CS3
"{822C7522-8DEB-485A-A471-27BDBA524A49}" = Google SiteMap Generator
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{85E00941-FDFF-4796-A3B8-3ACC766FFCA5}" = Topaz Clean 3
"{8A1EBF29-7CF8-471E-B90B-95FF36AC8248}" = Topaz Simplify 3
"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3
"{8D5F535B-C5DC-47A9-8392-D757F7B600AC}" = CCC Help Greek
"{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}" = Adobe Type Support
"{8EDBA74D-0686-4C99-BFDD-F894678E5102}" = Adobe Common File Installer
"{8FAD04E8-1D32-22CC-701E-01E2A94015C3}" = CCC Help English
"{8FB3B66F-5A82-9ACB-0560-17C761A8A68B}" = CCC Help Dutch
"{8FFC924C-ED06-44CB-8867-3CA778ECE903}" = Adobe Help Center 2.0
"{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{971D71F5-CA24-52B1-811E-CB7CA0502CCE}" = CCC Help Portuguese
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3
"{9E146BA1-26DD-4C3B-9F0F-90F2E3CEC9D2}" = Topaz DeJpeg 4
"{9E82D1DB-3AFB-4D18-A221-081F1B4B4789}" = Topaz DeNoise 5
"{9FDC7042-CB9F-4336-A14C-DF10F53762E2}" = Topaz Adjust 4
"{A00B9A50-3090-4CFF-9CDA-82DA0BEDAA21}" = Apple Mobile Device Support
"{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}" = Adobe CMaps
"{A2D81E70-2A98-4A08-A628-94388B063C5E}" = Adobe Color - Photoshop Specific
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A488DCE3-1391-0843-531A-86246DEBE98C}" = ccc-utility
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{AC57B97F-3C19-0D35-45CF-CAE14918435C}" = MyFonts Order M3779212
"{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}" = PDF Settings
"{AC76BA86-1033-F400-7760-000000000003}" = Adobe Acrobat 8 Professional - English, Français, Deutsch
"{AC874BBA-8B7A-ABB3-5878-BB8CD05F2852}" = CCC Help Thai
"{AE3D38A6-13B1-40B3-9423-D1FA9982FB6A}" = Adobe Bridge 1.0
"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0
"{B671CBFD-4109-4D35-9252-3062D3CCB7B2}" = Adobe SING CS3
"{B69CC1A5-0404-11D6-ABCB-005004C21D30}" = EPSON Copy Utility
"{B73CFB12-C814-4638-AFFD-7E3AAFAF0B4E}" = Adobe BridgeTalk Plugin CS3
"{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}" = Adobe Default Language CS3
"{BBCC790B-FC18-B612-C8C1-851BEE493D55}" = CCC Help Italian
"{BCFFAF65-50B7-4419-AFCA-A7BA797E2C3D}" = Topaz ReMask 2
"{BE5F3842-8309-4754-92D5-83E02E6077A3}" = Adobe Extension Manager CS3
"{BEE8E835-BB38-4042-A80E-7F8CEDD5612A}" = Adobe Creative Suite 3 Design Premium
"{C07751B7-AAF1-ABA4-2BCF-0C5D3D932D19}" = CCC Help Norwegian
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C151CE54-E7EA-4804-854B-F515368B0798}" = AMD Processor Driver
"{C1FA4B3B-1625-4922-9C9D-780E8FCE161A}" = Adobe Photoshop CS3
"{C24FE0B8-0A25-42E6-8532-A4ABAA1FA400}" = EPSON Photo Print
"{C2D5B90E-92FF-4A5D-93EF-BE1EBA3EBE85}" = Free Devis Factures 2011
"{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}" = Adobe ExtendScript Toolkit 2
"{C5BD220A-EFE8-48A5-B70E-9503D535FACE}" = Adobe WAS CS3
"{C921D7C4-24D7-4210-AEE9-DFC5DDC78428}" = Topaz Detail 2
"{CA47A854-2BA9-498F-97EE-D8FBECF0BA79}" = MyInk
"{CD95F661-A5C4-44F5-A6AA-ECDD91C240BD}" = WinZip 14.5
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client
"{D21D0CE6-F81A-F051-93FA-F0D8925C87D8}" = Catalyst Control Center Localization All
"{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}" = Adobe PDF Library Files
"{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}" = Adobe Color Common Settings
"{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}" = Adobe Color JA Extra Settings
"{DEA314C4-0929-4250-BC92-98E4C105F28D}" = NVIDIA PhysX
"{E2C4175D-CE60-AA59-0BEF-8B454A789C95}" = CCC Help Japanese
"{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3
"{E7D868A8-DD31-4056-8057-993F49C4E173}" = MyInk
"{EA7B3CC4-366D-4CF6-8350-FD7A7034116E}" = Adobe InDesign CS3 Icon Handler
"{EAE2C948-26FA-49C1-8C80-99EBE55DD9E1}" = Adobe Setup
"{EB3E8237-FD20-C42C-9D93-9D6ADE03850C}" = ATI AVIVO Codecs
"{EB879750-CCBD-4013-BFD5-0294D4DA5BD0}" = Apple Application Support
"{EBAE381B-60A6-4863-AA9F-FCAB755BC9E5}" = ScanToWeb
"{F067EE71-369C-4D72-BDB7-DE7CF346660F}" = Google SketchUp Pro 8
"{F0E3837B-9DE3-4D2F-07A8-A85D765F38ED}" = CCC Help Polish
"{F193FC0E-9E18-40FC-A974-509A1BDD240A}" = Samsung New PC Studio
"{F196AC50-7C95-42E1-9947-BDAB18BF3C8C}" = Microsoft .NET Framework 2.0 Language Pack - FRA
"{F584B87B-4249-1331-345B-3C219F00C60B}" = CCC Help Swedish
"{FA17A726-B229-4116-B793-A2AB1A4EAE2E}" = Adobe Premiere Pro 2.0
"{FD26A504-690A-7631-104B-AA6917B9D207}" = CCC Help Finnish
"{FE5CD0C9-5A17-99C3-0B93-A820C3109049}" = Catalyst Control Center Graphics Previews Common
"{FE8327F9-3AC1-4586-8C7E-3DEE2BC92441}" = Adobe InDesign CS3
"{FF29A7E2-FF40-4D07-B7E4-2093DE59E10A}" = Adobe Color NA Extra Settings
"{FFD766D4-F724-1FD9-20CA-D3E6EDA5A663}" = CCC Help Turkish
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Premiere Pro 2.0" = Adobe Premiere Pro 2.0
"Adobe_5647dddec81b3798d8bab8c5ac5fcb0" = Ajouter ou supprimer Adobe Creative Suite 3 Design Premium
"AdvanSys NT ASPI" = AdvanSys NT ASPI
"Audacity_is1" = Audacity 2.0
"avast" = avast! Free Antivirus
"B076073A-5527-4f4f-B46B-B10692277DA2_is1" = DisplayFusion 3.4.1
"CANON iMAGE GATEWAY Task" = CANON iMAGE GATEWAY Task for ZoomBrowser EX
"Canon MOV Decoder" = Canon MOV Decoder
"Canon MOV Encoder" = Canon MOV Encoder
"CCleaner" = CCleaner
"ColorSchemerStudio2_is1" = ColorSchemer Studio 2
"DPP" = Canon Utilities Digital Photo Professional 3.10
"EASEUS Partition Master Home Edition_is1" = EASEUS Partition Master 9.1.0 Home Edition
"EOS Sample Music" = Canon Utilities EOS Sample Music
"EOS Utility" = Canon Utilities EOS Utility
"EOS Video Snapshot Task" = Canon Utilities EOS Video Snapshot Task for ZoomBrowser EX
"EPSON Scanner" = EPSON Scan
"FileZilla Client" = FileZilla Client 3.5.0
"FormatFactory" = FormatFactory 2.95
"iColorFolder" = iColorFolder
"InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}" = VIA Gestionnaire de périphériques de plate-forme
"InstallShield_{F193FC0E-9E18-40FC-A974-509A1BDD240A}" = Samsung New PC Studio
"IrfanView" = IrfanView (remove only)
"La boite a couleurs_is1" = La boite a couleurs version 1.6.15
"LADSPA_plugins-win_is1" = LADSPA_plugins-win-0.4.15
"LAME for Audacity_is1" = LAME v3.98.3 for Audacity
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.62.0.1300
"McAfee Security Scan" = McAfee Security Scan Plus
"Microsoft .NET Framework 2.0 Language Pack - FRA" = Module de prise en charge linguistique de Microsoft .NET Framework 2.0 - FRA
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile FRA Language Pack" = Module linguistique Microsoft .NET Framework 4 Client Profile FRA
"MovieEditTask" = Canon MovieEdit Task for ZoomBrowser EX
"MovieUploaderForYouTube" = Canon Utilities Movie Uploader for YouTube
"Mozilla Firefox 14.0.1 (x86 fr)" = Mozilla Firefox 14.0.1 (x86 fr)
"Mozilla Thunderbird 14.0 (x86 fr)" = Mozilla Thunderbird 14.0 (x86 fr)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MyCamera Download Plugin" = CANON iMAGE GATEWAY MyCamera Download Plugin
"NFO viewer_is1" = NFO viewer v 2.1
"NVIDIA Drivers" = NVIDIA Drivers
"PhotoStitch" = Canon Utilities PhotoStitch
"Picture Style Editor" = Canon Utilities Picture Style Editor
"Recover My Files_is1" = Recover My Files
"Riva FLV Encoder 2.0_is1" = Riva FLV Encoder 2.0
"Rmtablet" = USB Tablet Manager
"SiS163u" = 802.11 USB Wireless LAN Adapter
"TeamViewer 6" = TeamViewer 6
"TeamViewer 7" = TeamViewer 7
"Topaz Adjust 4" = Topaz Adjust 4
"Topaz Clean 3" = Topaz Clean 3
"Topaz DeJpeg 4" = Topaz DeJpeg 4
"Topaz DeNoise 5" = Topaz DeNoise 5
"Topaz Detail 2" = Topaz Detail 2
"Topaz Fusion Express 2" = Topaz Fusion Express 2
"Topaz Lens Effects" = Topaz Lens Effects
"Topaz ReMask 2" = Topaz ReMask 2
"Topaz Simplify 3" = Topaz Simplify 3
"Topaz Star Effects" = Topaz Star Effects
"TopStyle4_is1" = TopStyle 4
"uTorrent" = µTorrent
"Vector Magic" = Vector Magic
"VLC media player" = VLC media player 2.0.2
"Wdf01009" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
"WIC" = Windows Imaging Component
"Windows Media Format Runtime" = Windows Media Format Runtime
"WinHTTrack Website Copier_is1" = WinHTTrack Website Copier 3.46-1
"WinRAR archiver" = WinRAR 4.11 (32-bit)
"Wuala CBFS" = Wuala CBFS
"Wuala OverlayIcons" = Wuala OverlayIcons
"ZoomBrowser EX" = Canon Utilities ZoomBrowser EX
"ZoomBrowser EX Memory Card Utility" = Canon ZoomBrowser EX Memory Card Utility

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-1085031214-1993962763-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
"Wuala" = Wuala

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 21/05/2012 07:59:59 | Computer Name = ATELIER-REIMS | Source = Adobe Version Cue CS3 | ID = 3
Description = AssetServicesCS3: class vcfoundation::base::VCIllegalState: IVCPipeServer
already closed Trace: (null)

Error - 21/05/2012 07:59:59 | Computer Name = ATELIER-REIMS | Source = Adobe Version Cue CS3 | ID = 3
Description = AssetServicesCS3: class vcfoundation::base::VCIllegalState: IVCPipeServer
already closed Trace: (null)

Error - 21/05/2012 07:59:59 | Computer Name = ATELIER-REIMS | Source = Adobe Version Cue CS3 | ID = 3
Description = AssetServicesCS3: class vcfoundation::base::VCIllegalState: IVCPipeServer
already closed Trace: (null)

Error - 21/05/2012 07:59:59 | Computer Name = ATELIER-REIMS | Source = Adobe Version Cue CS3 | ID = 3
Description = AssetServicesCS3: class vcfoundation::base::VCIllegalState: IVCPipeServer
already closed Trace: (null)

Error - 21/05/2012 07:59:59 | Computer Name = ATELIER-REIMS | Source = Adobe Version Cue CS3 | ID = 3
Description = AssetServicesCS3: class vcfoundation::base::VCIllegalState: IVCPipeServer
already closed Trace: (null)

Error - 21/05/2012 07:59:59 | Computer Name = ATELIER-REIMS | Source = Adobe Version Cue CS3 | ID = 3
Description = AssetServicesCS3: class vcfoundation::base::VCIllegalState: IVCPipeServer
already closed Trace: (null)

Error - 21/05/2012 07:59:59 | Computer Name = ATELIER-REIMS | Source = Adobe Version Cue CS3 | ID = 3
Description = AssetServicesCS3: class vcfoundation::base::VCIllegalState: IVCPipeServer
already closed Trace: (null)

Error - 21/05/2012 07:59:59 | Computer Name = ATELIER-REIMS | Source = Adobe Version Cue CS3 | ID = 3
Description = AssetServicesCS3: class vcfoundation::base::VCIllegalState: IVCPipeServer
already closed Trace: (null)

Error - 21/05/2012 07:59:59 | Computer Name = ATELIER-REIMS | Source = Adobe Version Cue CS3 | ID = 3
Description = AssetServicesCS3: class vcfoundation::base::VCIllegalState: IVCPipeServer
already closed Trace: (null)

Error - 21/05/2012 07:59:59 | Computer Name = ATELIER-REIMS | Source = Adobe Version Cue CS3 | ID = 3
Description = AssetServicesCS3: class vcfoundation::base::VCIllegalState: IVCPipeServer
already closed Trace: (null)

[ System Events ]
Error - 17/05/2012 13:44:42 | Computer Name = ATELIER-REIMS | Source = Disk | ID = 262151
Description = Le périphérique \Device\Harddisk1\D comporte un bloc défectueux.

Error - 17/05/2012 13:44:42 | Computer Name = ATELIER-REIMS | Source = Disk | ID = 262151
Description = Le périphérique \Device\Harddisk1\D comporte un bloc défectueux.

Error - 17/05/2012 14:04:16 | Computer Name = ATELIER-REIMS | Source = Disk | ID = 262151
Description = Le périphérique \Device\Harddisk1\D comporte un bloc défectueux.

Error - 17/05/2012 14:04:16 | Computer Name = ATELIER-REIMS | Source = Disk | ID = 262151
Description = Le périphérique \Device\Harddisk1\D comporte un bloc défectueux.

Error - 17/05/2012 14:04:16 | Computer Name = ATELIER-REIMS | Source = Disk | ID = 262151
Description = Le périphérique \Device\Harddisk1\D comporte un bloc défectueux.

Error - 17/05/2012 14:11:17 | Computer Name = ATELIER-REIMS | Source = Disk | ID = 262151
Description = Le périphérique \Device\Harddisk1\D comporte un bloc défectueux.

Error - 17/05/2012 14:24:50 | Computer Name = ATELIER-REIMS | Source = sr | ID = 1
Description = Le filtre de restauration du système à rencontré l'erreur inattendue
'0xC0000001' pendant le traitement du fichier '' sur le volume 'HarddiskVolume1'.
Ceci a entraîné l'arrêt de la surveillance du volume.

Error - 17/05/2012 16:48:41 | Computer Name = ATELIER-REIMS | Source = sr | ID = 1
Description = Le filtre de restauration du système à rencontré l'erreur inattendue
'0xC0000001' pendant le traitement du fichier '' sur le volume 'HarddiskVolume1'.
Ceci a entraîné l'arrêt de la surveillance du volume.

Error - 21/05/2012 14:18:13 | Computer Name = ATELIER-REIMS | Source = Service Control Manager | ID = 7011
Description = Délai (30000 millisecondes) d'attente pour une réponse du service
avast! Firewall à une transaction.

Error - 21/05/2012 14:18:43 | Computer Name = ATELIER-REIMS | Source = Service Control Manager | ID = 7011
Description = Délai (30000 millisecondes) d'attente pour une réponse du service
à une transaction.


< End of report >


Voilà, je pense avoir fait tout le nécessaire.
Dans l'attente de votre réponse, je vous remercie par avance de cet examen de mes envois.
Cordialement
JCH
Houdry
 
Messages: 6
Inscription: 21 Aoû 2012, 07:01

Re: INFECTION - Se débarrasser de Babylon

Messagede Houdry » 21 Aoû 2012, 07:46

Pour finir, voici le Fichier Extras.Txt :


OTL Extras logfile created on: 21/08/2012 07:26:19 - Run 1
OTL by OldTimer - Version 3.2.58.1 Folder = C:\Documents and Settings\Jean-Claude Houdry\Bureau
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

3,00 Gb Total Physical Memory | 2,09 Gb Available Physical Memory | 69,76% Memory free
4,84 Gb Paging File | 4,01 Gb Available in Paging File | 82,86% Paging File free
Paging file location(s): c:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 127,99 Gb Total Space | 57,27 Gb Free Space | 44,75% Space Free | Partition Type: NTFS
Drive E: | 803,52 Gb Total Space | 633,84 Gb Free Space | 78,88% Space Free | Partition Type: NTFS

Computer Name: ATELIER-REIMS | User Name: Jean-Claude Houdry | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
.url [@ = InternetShortcut] -- rundll32.exe shdocvw.dll,OpenURL %l

[HKEY_USERS\S-1-5-21-1085031214-1993962763-725345543-1003\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
http [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -osint -url "%1" (Mozilla Corporation)
https [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -osint -url "%1" (Mozilla Corporation)
InternetShortcut [open] -- rundll32.exe shdocvw.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Digital Photo Professional] -- C:\Program Files\Canon\Digital Photo Professional\DPPViewer.exe /path "%1" (CANON INC.)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"3703:TCP" = 3703:TCP:*:Enabled:Adobe Version Cue CS3 Server
"3704:TCP" = 3704:TCP:*:Enabled:Adobe Version Cue CS3 Server
"50900:TCP" = 50900:TCP:*:Enabled:Adobe Version Cue CS3 Server
"50901:TCP" = 50901:TCP:*:Enabled:Adobe Version Cue CS3 Server
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008
"48113:TCP" = 48113:TCP:LocalSubNet:Enabled:maconfig_tcp
"48113:UDP" = 48113:UDP:LocalSubNet:Enabled:maconfig_udp

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Fichiers communs\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe" = C:\Program Files\Fichiers communs\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe:*:Enabled:Adobe Version Cue CS3 Server -- (Adobe Systems Incorporated)
"C:\Program Files\TeamViewer\Version6\TeamViewer.exe" = C:\Program Files\TeamViewer\Version6\TeamViewer.exe:*:Enabled:Teamviewer Remote Control Application -- (TeamViewer GmbH)
"C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe" = C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe:*:Enabled:Teamviewer Remote Control Service -- (TeamViewer GmbH)
"C:\Program Files\FileZilla FTP Client\filezilla.exe" = C:\Program Files\FileZilla FTP Client\filezilla.exe:*:Enabled:FileZilla FTP Client -- (FileZilla Project)
"C:\Program Files\Samsung\Samsung New PC Studio\npsasvr.exe" = C:\Program Files\Samsung\Samsung New PC Studio\npsasvr.exe:*:Enabled:KTF MUSIC AoD Server -- (PeeringPortal)
"C:\Program Files\Samsung\Samsung New PC Studio\npsvsvr.exe" = C:\Program Files\Samsung\Samsung New PC Studio\npsvsvr.exe:*:Enabled:KTF MUSIC VoD Server -- (PeeringPortal)
"C:\Program Files\VideoLAN\VLC\vlc.exe" = C:\Program Files\VideoLAN\VLC\vlc.exe:*:Enabled:VLC media player -- ()
"C:\Program Files\Recosoft PDF2ID\PDF2ID v3.0\PDF2IDDesktopServer.exe" = C:\Program Files\Recosoft PDF2ID\PDF2ID v3.0\PDF2IDDesktopServer.exe:*:Enabled:PDF2ID Desktop Server -- (Recosoft Corporation)
"C:\Program Files\TeamViewer\Version7\TeamViewer.exe" = C:\Program Files\TeamViewer\Version7\TeamViewer.exe:*:Enabled:Teamviewer Remote Control Application -- (TeamViewer GmbH)
"C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe" = C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe:*:Enabled:Teamviewer Remote Control Service -- (TeamViewer GmbH)
"C:\Program Files\Adobe\Adobe Dreamweaver CS3\Dreamweaver.exe" = C:\Program Files\Adobe\Adobe Dreamweaver CS3\Dreamweaver.exe:*:Enabled:Adobe Dreamweaver CS3 -- (Adobe Systems, Inc.)
"C:\Documents and Settings\Jean-Claude Houdry\Application Data\Wuala\Roaming\Wuala.exe" = C:\Documents and Settings\Jean-Claude Houdry\Application Data\Wuala\Roaming\Wuala.exe:*:Enabled:Wuala -- (LaCie)
"C:\Program Files\ma-config.com\maconfservice.exe" = C:\Program Files\ma-config.com\maconfservice.exe:LocalSubNet:Enabled:maconfservice -- (CybelSoft)
"C:\Program Files\uTorrent\uTorrent.exe" = C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.)
"C:\Program Files\Fichiers communs\Apple\Apple Application Support\WebKit2WebProcess.exe" = C:\Program Files\Fichiers communs\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit -- (Apple Inc.)
"C:\Documents and Settings\Jean-Claude Houdry\Application Data\Dropbox\bin\Dropbox.exe" = C:\Documents and Settings\Jean-Claude Houdry\Application Data\Dropbox\bin\Dropbox.exe:*:Enabled:Dropbox


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{003190C4-888F-834C-0780-601D304C9C32}" = CCC Help Spanish
"{04AF207D-9A77-465A-8B76-991F6AB66245}" = Adobe Help Viewer CS3
"{05653DE1-6567-40C6-B930-39D399B64369}" = OpenOffice.org 3.3
"{0813B2A4-85CF-491C-3C69-52463DCC4F4D}" = CCC Help Chinese Standard
"{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting
"{0CC4615C-7BA6-F3A1-FA76-A2AF370AC670}" = CCC Help Russian
"{0DE46A13-D4CB-BAD4-98FB-5262DDE76CE8}" = CCC Help Korean
"{0E64B098-8018-4256-BA23-C316A43AD9B0}" = QuickTime
"{0F5B4A82-9DAF-3D13-8CB8-AEB25E4A614E}" = Microsoft .NET Framework 4 Client Profile FRA Language Pack
"{0FC61FCF-0FAA-E9EE-7BD6-A75CAA0C3388}" = CCC Help Czech
"{12D9D635-2C58-8B60-C44B-C09DD307F4DC}" = CCC Help Chinese Traditional
"{14A487F2-1259-4E6C-AE3C-3C888DDBCB60}_is1" = Guitar Pro 6
"{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}" = Adobe WinSoft Linguistics Plugin
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{1B0BCA28-1F11-4D60-8A2F-DEBE04B5341E}" = Adobe Flash Video Encoder
"{1B19A54C-3692-4D12-BFD9-1362DD34CE78}" = Ma-Config.com
"{1D58229F-C505-45CA-8223-F35F3A34B963}" = Adobe Version Cue CS3 Server
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform
"{26405090-4A02-41C5-B7CB-EBD624BCB424}" = CCC Help French
"{2668AB7A-6937-107C-166E-31B230235B7B}" = Catalyst Control Center InstallProxy
"{26A24AE4-039D-4CA4-87B4-2F83216032FF}" = Java(TM) 6 Update 32
"{27CC6AB1-E72B-4179-AF1A-EAE507EBAF51}_is1" = ConvertHelper 2.2
"{29E5EA97-5F74-4A57-B8B2-D4F169117183}" = Adobe Stock Photos CS3
"{29ED20C9-5E15-4969-9279-25BF3727A3DA}" = iTunes
"{309E994A-1FE1-4198-036E-A01A02213E25}" = CCC Help Hungarian
"{338C2997-F8AE-4666-9885-D0EE4D2DCAD4}" = Linkury Smartbar
"{34E30A1C-E978-332B-9B94-520621C4E13E}" = CCC Help German
"{350C97B8-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = eReg
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4AA83D48-8658-1526-EC55-25514D46ACCD}" = ccc-core-static
"{4BDB76C6-902E-41D5-9064-68768E02886B}" = Adobe Dreamweaver CS3
"{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3
"{556F2137-B772-43BB-9A45-E0275234DD16}" = Free Notes & Office Ink
"{56CDB4FE-895F-4E0D-8BB4-9A8D4310898D}" = Antidote HD
"{572F1B5E-6FDF-422E-8FED-1156DD211269}" = PDF2ID v3.0
"{5DB38141-CCA8-4870-8EC1-FB06871AF278}" = FlippingBook PDF Publisher
"{5FD595B1-0A6E-2A69-C199-71E3B65A1910}" = CCC Help Danish
"{6288EA95-9AA5-47E1-A43B-C9E9F737F67A}" = Macrium Reflect Free Edition
"{6378CFE7-D898-4C41-A7DD-4BB54ED80BB7}" = MyScript Notes
"{65455A2D-1671-E83B-F15D-D0C887F9D608}" = ATI Catalyst Install Manager
"{6AB57823-3580-4CE0-9CF0-072E2A39460C}" = Catalyst Control Center - Branding
"{6ABE0BEE-D572-4FE8-B434-9E72A289431B}" = Adobe Fonts All
"{6B708481-748A-4EB4-97C1-CD386244FF77}" = Adobe MotionPicture Color Files
"{6BBAA81D-6A7E-43AD-8889-2F002DCAAFDD}" = AHV content for Acrobat and Flash
"{6C11D561-620B-47DA-A693-4C597F3CDF40}" = EPSON Smart Panel
"{6C3B0DF9-0214-45C4-9964-17EC250D6C90}_is1" = SEO Soft version 3.1.74
"{6E07CF4B-A9EB-45BF-BE74-613B3D708E13}" = Topaz Lens Effects
"{6E08CE13-C2AB-4749-9335-5900B958929E}" = Adobe Illustrator CS3
"{6FAB7C8A-F677-41D9-8841-62D92B8002DA}" = Extensis Suitcase Fusion 3
"{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}" = Adobe Asset Services CS3
"{73B5D990-04EA-4751-B10F-5534770B91F2}" = Adobe Color EU Recommended Settings
"{770D3BDC-19D7-49D0-B60B-C5BB77553FBB}" = Topaz Fusion Express 2
"{786C5747-1437-443D-B06E-79A00FE45110}" = Adobe Stock Photos 1.0
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7CFA46E3-CC2F-4355-82AE-6012DC3633FD}" = NVIDIA ForceWare Network Access Manager
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{802771A9-A856-4A41-ACF7-1450E523C923}" = Adobe XMP Panels CS3
"{80FD3971-8482-49C8-BA8C-B6464A15882F}" = Adobe Flash CS3
"{822C7522-8DEB-485A-A471-27BDBA524A49}" = Google SiteMap Generator
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{85E00941-FDFF-4796-A3B8-3ACC766FFCA5}" = Topaz Clean 3
"{8A1EBF29-7CF8-471E-B90B-95FF36AC8248}" = Topaz Simplify 3
"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3
"{8D5F535B-C5DC-47A9-8392-D757F7B600AC}" = CCC Help Greek
"{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}" = Adobe Type Support
"{8EDBA74D-0686-4C99-BFDD-F894678E5102}" = Adobe Common File Installer
"{8FAD04E8-1D32-22CC-701E-01E2A94015C3}" = CCC Help English
"{8FB3B66F-5A82-9ACB-0560-17C761A8A68B}" = CCC Help Dutch
"{8FFC924C-ED06-44CB-8867-3CA778ECE903}" = Adobe Help Center 2.0
"{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{971D71F5-CA24-52B1-811E-CB7CA0502CCE}" = CCC Help Portuguese
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3
"{9E146BA1-26DD-4C3B-9F0F-90F2E3CEC9D2}" = Topaz DeJpeg 4
"{9E82D1DB-3AFB-4D18-A221-081F1B4B4789}" = Topaz DeNoise 5
"{9FDC7042-CB9F-4336-A14C-DF10F53762E2}" = Topaz Adjust 4
"{A00B9A50-3090-4CFF-9CDA-82DA0BEDAA21}" = Apple Mobile Device Support
"{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}" = Adobe CMaps
"{A2D81E70-2A98-4A08-A628-94388B063C5E}" = Adobe Color - Photoshop Specific
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A488DCE3-1391-0843-531A-86246DEBE98C}" = ccc-utility
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{AC57B97F-3C19-0D35-45CF-CAE14918435C}" = MyFonts Order M3779212
"{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}" = PDF Settings
"{AC76BA86-1033-F400-7760-000000000003}" = Adobe Acrobat 8 Professional - English, Français, Deutsch
"{AC874BBA-8B7A-ABB3-5878-BB8CD05F2852}" = CCC Help Thai
"{AE3D38A6-13B1-40B3-9423-D1FA9982FB6A}" = Adobe Bridge 1.0
"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0
"{B671CBFD-4109-4D35-9252-3062D3CCB7B2}" = Adobe SING CS3
"{B69CC1A5-0404-11D6-ABCB-005004C21D30}" = EPSON Copy Utility
"{B73CFB12-C814-4638-AFFD-7E3AAFAF0B4E}" = Adobe BridgeTalk Plugin CS3
"{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}" = Adobe Default Language CS3
"{BBCC790B-FC18-B612-C8C1-851BEE493D55}" = CCC Help Italian
"{BCFFAF65-50B7-4419-AFCA-A7BA797E2C3D}" = Topaz ReMask 2
"{BE5F3842-8309-4754-92D5-83E02E6077A3}" = Adobe Extension Manager CS3
"{BEE8E835-BB38-4042-A80E-7F8CEDD5612A}" = Adobe Creative Suite 3 Design Premium
"{C07751B7-AAF1-ABA4-2BCF-0C5D3D932D19}" = CCC Help Norwegian
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C151CE54-E7EA-4804-854B-F515368B0798}" = AMD Processor Driver
"{C1FA4B3B-1625-4922-9C9D-780E8FCE161A}" = Adobe Photoshop CS3
"{C24FE0B8-0A25-42E6-8532-A4ABAA1FA400}" = EPSON Photo Print
"{C2D5B90E-92FF-4A5D-93EF-BE1EBA3EBE85}" = Free Devis Factures 2011
"{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}" = Adobe ExtendScript Toolkit 2
"{C5BD220A-EFE8-48A5-B70E-9503D535FACE}" = Adobe WAS CS3
"{C921D7C4-24D7-4210-AEE9-DFC5DDC78428}" = Topaz Detail 2
"{CA47A854-2BA9-498F-97EE-D8FBECF0BA79}" = MyInk
"{CD95F661-A5C4-44F5-A6AA-ECDD91C240BD}" = WinZip 14.5
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client
"{D21D0CE6-F81A-F051-93FA-F0D8925C87D8}" = Catalyst Control Center Localization All
"{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}" = Adobe PDF Library Files
"{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}" = Adobe Color Common Settings
"{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}" = Adobe Color JA Extra Settings
"{DEA314C4-0929-4250-BC92-98E4C105F28D}" = NVIDIA PhysX
"{E2C4175D-CE60-AA59-0BEF-8B454A789C95}" = CCC Help Japanese
"{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3
"{E7D868A8-DD31-4056-8057-993F49C4E173}" = MyInk
"{EA7B3CC4-366D-4CF6-8350-FD7A7034116E}" = Adobe InDesign CS3 Icon Handler
"{EAE2C948-26FA-49C1-8C80-99EBE55DD9E1}" = Adobe Setup
"{EB3E8237-FD20-C42C-9D93-9D6ADE03850C}" = ATI AVIVO Codecs
"{EB879750-CCBD-4013-BFD5-0294D4DA5BD0}" = Apple Application Support
"{EBAE381B-60A6-4863-AA9F-FCAB755BC9E5}" = ScanToWeb
"{F067EE71-369C-4D72-BDB7-DE7CF346660F}" = Google SketchUp Pro 8
"{F0E3837B-9DE3-4D2F-07A8-A85D765F38ED}" = CCC Help Polish
"{F193FC0E-9E18-40FC-A974-509A1BDD240A}" = Samsung New PC Studio
"{F196AC50-7C95-42E1-9947-BDAB18BF3C8C}" = Microsoft .NET Framework 2.0 Language Pack - FRA
"{F584B87B-4249-1331-345B-3C219F00C60B}" = CCC Help Swedish
"{FA17A726-B229-4116-B793-A2AB1A4EAE2E}" = Adobe Premiere Pro 2.0
"{FD26A504-690A-7631-104B-AA6917B9D207}" = CCC Help Finnish
"{FE5CD0C9-5A17-99C3-0B93-A820C3109049}" = Catalyst Control Center Graphics Previews Common
"{FE8327F9-3AC1-4586-8C7E-3DEE2BC92441}" = Adobe InDesign CS3
"{FF29A7E2-FF40-4D07-B7E4-2093DE59E10A}" = Adobe Color NA Extra Settings
"{FFD766D4-F724-1FD9-20CA-D3E6EDA5A663}" = CCC Help Turkish
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Premiere Pro 2.0" = Adobe Premiere Pro 2.0
"Adobe_5647dddec81b3798d8bab8c5ac5fcb0" = Ajouter ou supprimer Adobe Creative Suite 3 Design Premium
"AdvanSys NT ASPI" = AdvanSys NT ASPI
"Audacity_is1" = Audacity 2.0
"avast" = avast! Free Antivirus
"B076073A-5527-4f4f-B46B-B10692277DA2_is1" = DisplayFusion 3.4.1
"CANON iMAGE GATEWAY Task" = CANON iMAGE GATEWAY Task for ZoomBrowser EX
"Canon MOV Decoder" = Canon MOV Decoder
"Canon MOV Encoder" = Canon MOV Encoder
"CCleaner" = CCleaner
"ColorSchemerStudio2_is1" = ColorSchemer Studio 2
"DPP" = Canon Utilities Digital Photo Professional 3.10
"EASEUS Partition Master Home Edition_is1" = EASEUS Partition Master 9.1.0 Home Edition
"EOS Sample Music" = Canon Utilities EOS Sample Music
"EOS Utility" = Canon Utilities EOS Utility
"EOS Video Snapshot Task" = Canon Utilities EOS Video Snapshot Task for ZoomBrowser EX
"EPSON Scanner" = EPSON Scan
"FileZilla Client" = FileZilla Client 3.5.0
"FormatFactory" = FormatFactory 2.95
"iColorFolder" = iColorFolder
"InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}" = VIA Gestionnaire de périphériques de plate-forme
"InstallShield_{F193FC0E-9E18-40FC-A974-509A1BDD240A}" = Samsung New PC Studio
"IrfanView" = IrfanView (remove only)
"La boite a couleurs_is1" = La boite a couleurs version 1.6.15
"LADSPA_plugins-win_is1" = LADSPA_plugins-win-0.4.15
"LAME for Audacity_is1" = LAME v3.98.3 for Audacity
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.62.0.1300
"McAfee Security Scan" = McAfee Security Scan Plus
"Microsoft .NET Framework 2.0 Language Pack - FRA" = Module de prise en charge linguistique de Microsoft .NET Framework 2.0 - FRA
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile FRA Language Pack" = Module linguistique Microsoft .NET Framework 4 Client Profile FRA
"MovieEditTask" = Canon MovieEdit Task for ZoomBrowser EX
"MovieUploaderForYouTube" = Canon Utilities Movie Uploader for YouTube
"Mozilla Firefox 14.0.1 (x86 fr)" = Mozilla Firefox 14.0.1 (x86 fr)
"Mozilla Thunderbird 14.0 (x86 fr)" = Mozilla Thunderbird 14.0 (x86 fr)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MyCamera Download Plugin" = CANON iMAGE GATEWAY MyCamera Download Plugin
"NFO viewer_is1" = NFO viewer v 2.1
"NVIDIA Drivers" = NVIDIA Drivers
"PhotoStitch" = Canon Utilities PhotoStitch
"Picture Style Editor" = Canon Utilities Picture Style Editor
"Recover My Files_is1" = Recover My Files
"Riva FLV Encoder 2.0_is1" = Riva FLV Encoder 2.0
"Rmtablet" = USB Tablet Manager
"SiS163u" = 802.11 USB Wireless LAN Adapter
"TeamViewer 6" = TeamViewer 6
"TeamViewer 7" = TeamViewer 7
"Topaz Adjust 4" = Topaz Adjust 4
"Topaz Clean 3" = Topaz Clean 3
"Topaz DeJpeg 4" = Topaz DeJpeg 4
"Topaz DeNoise 5" = Topaz DeNoise 5
"Topaz Detail 2" = Topaz Detail 2
"Topaz Fusion Express 2" = Topaz Fusion Express 2
"Topaz Lens Effects" = Topaz Lens Effects
"Topaz ReMask 2" = Topaz ReMask 2
"Topaz Simplify 3" = Topaz Simplify 3
"Topaz Star Effects" = Topaz Star Effects
"TopStyle4_is1" = TopStyle 4
"uTorrent" = µTorrent
"Vector Magic" = Vector Magic
"VLC media player" = VLC media player 2.0.2
"Wdf01009" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
"WIC" = Windows Imaging Component
"Windows Media Format Runtime" = Windows Media Format Runtime
"WinHTTrack Website Copier_is1" = WinHTTrack Website Copier 3.46-1
"WinRAR archiver" = WinRAR 4.11 (32-bit)
"Wuala CBFS" = Wuala CBFS
"Wuala OverlayIcons" = Wuala OverlayIcons
"ZoomBrowser EX" = Canon Utilities ZoomBrowser EX
"ZoomBrowser EX Memory Card Utility" = Canon ZoomBrowser EX Memory Card Utility

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-1085031214-1993962763-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
"Wuala" = Wuala

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 21/05/2012 07:59:59 | Computer Name = ATELIER-REIMS | Source = Adobe Version Cue CS3 | ID = 3
Description = AssetServicesCS3: class vcfoundation::base::VCIllegalState: IVCPipeServer
already closed Trace: (null)

Error - 21/05/2012 07:59:59 | Computer Name = ATELIER-REIMS | Source = Adobe Version Cue CS3 | ID = 3
Description = AssetServicesCS3: class vcfoundation::base::VCIllegalState: IVCPipeServer
already closed Trace: (null)

Error - 21/05/2012 07:59:59 | Computer Name = ATELIER-REIMS | Source = Adobe Version Cue CS3 | ID = 3
Description = AssetServicesCS3: class vcfoundation::base::VCIllegalState: IVCPipeServer
already closed Trace: (null)

Error - 21/05/2012 07:59:59 | Computer Name = ATELIER-REIMS | Source = Adobe Version Cue CS3 | ID = 3
Description = AssetServicesCS3: class vcfoundation::base::VCIllegalState: IVCPipeServer
already closed Trace: (null)

Error - 21/05/2012 07:59:59 | Computer Name = ATELIER-REIMS | Source = Adobe Version Cue CS3 | ID = 3
Description = AssetServicesCS3: class vcfoundation::base::VCIllegalState: IVCPipeServer
already closed Trace: (null)

Error - 21/05/2012 07:59:59 | Computer Name = ATELIER-REIMS | Source = Adobe Version Cue CS3 | ID = 3
Description = AssetServicesCS3: class vcfoundation::base::VCIllegalState: IVCPipeServer
already closed Trace: (null)

Error - 21/05/2012 07:59:59 | Computer Name = ATELIER-REIMS | Source = Adobe Version Cue CS3 | ID = 3
Description = AssetServicesCS3: class vcfoundation::base::VCIllegalState: IVCPipeServer
already closed Trace: (null)

Error - 21/05/2012 07:59:59 | Computer Name = ATELIER-REIMS | Source = Adobe Version Cue CS3 | ID = 3
Description = AssetServicesCS3: class vcfoundation::base::VCIllegalState: IVCPipeServer
already closed Trace: (null)

Error - 21/05/2012 07:59:59 | Computer Name = ATELIER-REIMS | Source = Adobe Version Cue CS3 | ID = 3
Description = AssetServicesCS3: class vcfoundation::base::VCIllegalState: IVCPipeServer
already closed Trace: (null)

Error - 21/05/2012 07:59:59 | Computer Name = ATELIER-REIMS | Source = Adobe Version Cue CS3 | ID = 3
Description = AssetServicesCS3: class vcfoundation::base::VCIllegalState: IVCPipeServer
already closed Trace: (null)

[ System Events ]
Error - 17/05/2012 13:44:42 | Computer Name = ATELIER-REIMS | Source = Disk | ID = 262151
Description = Le périphérique \Device\Harddisk1\D comporte un bloc défectueux.

Error - 17/05/2012 13:44:42 | Computer Name = ATELIER-REIMS | Source = Disk | ID = 262151
Description = Le périphérique \Device\Harddisk1\D comporte un bloc défectueux.

Error - 17/05/2012 14:04:16 | Computer Name = ATELIER-REIMS | Source = Disk | ID = 262151
Description = Le périphérique \Device\Harddisk1\D comporte un bloc défectueux.

Error - 17/05/2012 14:04:16 | Computer Name = ATELIER-REIMS | Source = Disk | ID = 262151
Description = Le périphérique \Device\Harddisk1\D comporte un bloc défectueux.

Error - 17/05/2012 14:04:16 | Computer Name = ATELIER-REIMS | Source = Disk | ID = 262151
Description = Le périphérique \Device\Harddisk1\D comporte un bloc défectueux.

Error - 17/05/2012 14:11:17 | Computer Name = ATELIER-REIMS | Source = Disk | ID = 262151
Description = Le périphérique \Device\Harddisk1\D comporte un bloc défectueux.

Error - 17/05/2012 14:24:50 | Computer Name = ATELIER-REIMS | Source = sr | ID = 1
Description = Le filtre de restauration du système à rencontré l'erreur inattendue
'0xC0000001' pendant le traitement du fichier '' sur le volume 'HarddiskVolume1'.
Ceci a entraîné l'arrêt de la surveillance du volume.

Error - 17/05/2012 16:48:41 | Computer Name = ATELIER-REIMS | Source = sr | ID = 1
Description = Le filtre de restauration du système à rencontré l'erreur inattendue
'0xC0000001' pendant le traitement du fichier '' sur le volume 'HarddiskVolume1'.
Ceci a entraîné l'arrêt de la surveillance du volume.

Error - 21/05/2012 14:18:13 | Computer Name = ATELIER-REIMS | Source = Service Control Manager | ID = 7011
Description = Délai (30000 millisecondes) d'attente pour une réponse du service
avast! Firewall à une transaction.

Error - 21/05/2012 14:18:43 | Computer Name = ATELIER-REIMS | Source = Service Control Manager | ID = 7011
Description = Délai (30000 millisecondes) d'attente pour une réponse du service
à une transaction.


< End of report >


Voilà, je pense avoir fait tout le nécessaire.
Dans l'attente de votre réponse, je vous remercie par avance de cet examen de mes envois.
Cordialement
JCH
Houdry
 
Messages: 6
Inscription: 21 Aoû 2012, 07:01


Retourner vers Sécurité (Contamination - Décontamination)

Qui est en ligne

Utilisateurs parcourant ce forum: Aucun utilisateur enregistré et 10 invités