Signes divers

Sécurité et insécurité. Virus, Trojans, Spywares, Failles etc. …

Modérateur: Modérateurs et Modératrices

Règles du forum
Assiste.com a suspendu l'assistance à la décontamination après presque 15 ans sur l'ancien forum puis celui-ci. Voir :

Procédure de décontamination 1 - Anti-malware
Décontamination anti-malwares

Procédure de décontamination 2 - Anti-malware et antivirus (La Manip)
La Manip - Procédure standard de décontamination

Entretien périodique d'un PC sous Windows
Entretien périodique d'un PC sous Windows

Protection des navigateurs, de la navigation et de la vie privée
Protéger le navigateur, la navigation et la vie privée

Signes divers

Messagede laly1976 » 18 Déc 2009, 06:39

Bonjour,

tout d'abord, mon ordinateur "plante" régulièrement à l'allumage, il s'arrête sur la barre de progression verte de Windows.
De plus, un dossier et un fichier qui se trouve sur mon bureau sont impossibles à supprimer (même en mode sans échec) : le dossier s'intitule "nouveau dossier (2)" et le fichier est une toute petite vidéo faite via appareil photo numérique.
Enfin, je souhaite faire une sauvegarde sur disque externe (Z:) mais impossible, j'ai essayé avec différents logiciels de sauvegarde, ça tourne pendant plusieurs heures puis message d'erreur et aucun fichier sur le disque externe.
De façon générale mon système se ralentit souvent, très nombreux redémarrages d'explorer.exe, des messages d'impossibilité d'accès à certains dossiers, des bugs de plusieurs minutes voire irrémédiable (sauf par l'extinction) alors que je n'ai qu'un document Word ouvert ou 2-3 onglets Firefox...
Pour résumer : mon ordinateur marche mais semble vraiment, par rapport à ses capacités, avoir un problème et l'impossibilité de sauvegarder est très problématique (beaucoup de données, la copie sur DVD n'est pas vraiment envisageable).

Merci d'avance pour votre aide, je poste à la suite les deux rapports MBAM et OTL.
laly1976
 
Messages: 5
Inscription: 18 Déc 2009, 06:28

Messagede laly1976 » 18 Déc 2009, 06:40

Malwarebytes' Anti-Malware 1.42
Version de la base de données: 3383
Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.18865

18/12/2009 06:19:09
mbam-log-2009-12-18 (06-19-02).txt

Type de recherche: Examen rapide
Eléments examinés: 105924
Temps écoulé: 11 minute(s), 18 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 3

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
C:\Users\Aimel\AppData\Local\Temp\cvasds0.dll (Spyware.OnlineGames) -> No action taken.
C:\Users\Aimel\AppData\Local\Temp\cvasds1.dll (Spyware.OnlineGames) -> No action taken.
C:\Users\Aimel\Local Settings\Temporary Internet Files\pse_300_fra.exe (Trojan.Agent) -> No action taken.
laly1976
 
Messages: 5
Inscription: 18 Déc 2009, 06:28

Messagede laly1976 » 18 Déc 2009, 06:41

OTL logfile created on: 18/12/2009 06:21:22 - Run 1
OTL by OldTimer - Version 3.1.18.0 Folder = C:\Users\Aimel\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18865)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

2,00 Gb Total Physical Memory | 1,70 Gb Available Physical Memory | 85,23% Memory free
4,00 Gb Paging File | 4,00 Gb Available in Paging File | 100,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 455,46 Gb Total Space | 134,26 Gb Free Space | 29,48% Space Free | Partition Type: NTFS
Drive D: | 10,30 Gb Total Space | 1,00 Gb Free Space | 9,68% Space Free | Partition Type: NTFS
Drive E: | 465,76 Gb Total Space | 457,65 Gb Free Space | 98,26% Space Free | Partition Type: NTFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Drive Z: | 298,08 Gb Total Space | 288,79 Gb Free Space | 96,88% Space Free | Partition Type: NTFS

Computer Name: PC-AIMEL
Current User Name: Aimel
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2009/12/18 05:58:13 | 00,564,736 | ---- | M] (OldTimer Tools) -- C:\Users\Aimel\Desktop\OTL.exe
PRC - [2009/12/18 03:03:57 | 00,185,089 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2009/12/18 03:03:57 | 00,108,289 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2009/11/02 19:41:43 | 00,136,176 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Update\1.2.183.13\GoogleCrashHandler.exe
PRC - [2009/10/11 04:17:36 | 00,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jusched.exe
PRC - [2009/09/10 15:58:25 | 00,168,960 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmplayer.exe
PRC - [2009/05/19 10:36:18 | 00,240,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
PRC - [2009/04/11 07:28:08 | 00,037,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\unsecapp.exe
PRC - [2009/04/11 07:27:36 | 02,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009/04/11 07:27:28 | 00,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conime.exe
PRC - [2009/04/09 19:10:54 | 00,970,240 | ---- | M] (Spigot, Inc.) -- C:\Program Files\Search Settings\SearchSettings.exe
PRC - [2009/03/17 12:25:40 | 00,073,728 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe
PRC - [2009/03/02 13:08:11 | 00,209,153 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2008/12/18 17:49:35 | 00,185,872 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Common Files\Real\Update_OB\realsched.exe
PRC - [2008/12/05 15:11:54 | 00,935,208 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
PRC - [2008/10/20 21:18:26 | 00,071,096 | ---- | M] () -- C:\Program Files\CDBurnerXP\NMSAccessU.exe
PRC - [2008/09/22 12:40:50 | 00,014,336 | ---- | M] (Vodafone) -- C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe
PRC - [2008/09/22 12:40:46 | 02,073,088 | ---- | M] (Vodafone) -- C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe
PRC - [2008/07/03 10:27:12 | 06,266,880 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
PRC - [2008/06/10 03:27:04 | 00,054,672 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\jureg.exe
PRC - [2008/06/02 17:50:34 | 00,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
PRC - [2008/06/02 17:50:32 | 00,178,712 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
PRC - [2008/01/19 08:38:38 | 01,008,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe
PRC - [2008/01/19 08:33:40 | 00,142,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WUDFHost.exe
PRC - [2008/01/19 08:33:27 | 00,151,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\schtasks.exe
PRC - [2007/09/19 17:30:52 | 00,065,536 | ---- | M] (Hewlett-Packard) -- c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
PRC - [2007/08/24 16:07:00 | 00,149,864 | ---- | M] (Symantec Corporation) -- c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
PRC - [2007/05/29 14:19:06 | 00,198,240 | ---- | M] () -- c:\hp\HPEZBTN\HPBtnSrv.exe
PRC - [2007/05/08 15:24:20 | 00,054,840 | ---- | M] (Hewlett-Packard) -- C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
PRC - [2007/04/18 16:01:34 | 00,065,536 | ---- | M] (Hewlett-Packard Company) -- C:\hp\support\hpsysdrv.exe
PRC - [2007/02/15 12:59:00 | 00,118,784 | ---- | M] (OsdMaestro) -- C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe
PRC - [2006/09/11 03:40:34 | 00,086,960 | ---- | M] (Macrovision Corporation) -- C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe


========== Modules (SafeList) ==========

MOD - [2009/12/18 05:58:13 | 00,564,736 | ---- | M] (OldTimer Tools) -- C:\Users\Aimel\Desktop\OTL.exe
MOD - [2009/04/11 07:21:38 | 01,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - [2009/12/18 03:03:57 | 00,185,089 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2009/12/18 03:03:57 | 00,108,289 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2009/09/25 02:27:04 | 00,793,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\FntCache.dll -- (FontCache)
SRV - [2009/09/02 22:35:52 | 00,133,104 | ---- | M] (Google Inc.) [Auto | Stopped] -- C:\Program Files\Google\Update\GoogleUpdate.exe -- (gupdate) Service Google Update (gupdate)
SRV - [2009/05/19 10:36:18 | 00,240,512 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe -- (SeaPort)
SRV - [2009/05/04 12:54:37 | 00,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2009/03/17 12:25:40 | 00,073,728 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe -- (LightScribeService)
SRV - [2009/02/06 17:08:58 | 00,533,360 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Live\Family Safety\fsssvc.exe -- (fsssvc)
SRV - [2008/12/05 15:11:54 | 00,935,208 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe -- (Nero BackItUp Scheduler 4.0)
SRV - [2008/11/28 14:08:31 | 01,838,592 | ---- | M] (Google) [On_Demand | Stopped] -- C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe -- (GoogleDesktopManager)
SRV - [2008/11/04 00:06:28 | 00,441,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv)
SRV - [2008/10/20 21:18:26 | 00,071,096 | ---- | M] () [Auto | Running] -- C:\Program Files\CDBurnerXP\NMSAccessU.exe -- (NMSAccessU)
SRV - [2008/09/22 12:40:50 | 00,014,336 | ---- | M] (Vodafone) [Auto | Running] -- C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe -- (VMCService)
SRV - [2008/08/15 04:46:20 | 00,284,016 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe -- (Adobe Version Cue CS4)
SRV - [2008/07/01 21:26:11 | 00,138,168 | ---- | M] (Google) [On_Demand | Stopped] -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc)
SRV - [2008/06/02 17:50:34 | 00,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe -- (IAANTMON) Intel(R)
SRV - [2008/03/20 10:32:27 | 01,245,064 | ---- | M] () [On_Demand | Stopped] -- C:\PROGRA~1\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe -- (Symantec Core LC)
SRV - [2008/01/19 08:38:24 | 00,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)
SRV - [2007/09/19 17:30:52 | 00,065,536 | ---- | M] (Hewlett-Packard) [Auto | Running] -- c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe -- (HP Health Check Service)
SRV - [2007/08/24 16:07:00 | 00,149,864 | ---- | M] (Symantec Corporation) [Auto | Running] -- c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (LiveUpdate Notice)
SRV - [2007/08/24 16:07:00 | 00,149,864 | ---- | M] (Symantec Corporation) [Auto | Running] -- c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (CLTNetCnService)
SRV - [2007/08/24 16:07:00 | 00,149,864 | ---- | M] (Symantec Corporation) [Auto | Running] -- c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (ccSetMgr)
SRV - [2007/08/24 16:07:00 | 00,149,864 | ---- | M] (Symantec Corporation) [Auto | Running] -- c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (ccEvtMgr)
SRV - [2007/08/23 07:35:00 | 03,192,184 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- c:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE -- (LiveUpdate)
SRV - [2007/08/23 07:35:00 | 00,243,064 | ---- | M] (Symantec Corporation) [Disabled | Stopped] -- c:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe -- (Automatic LiveUpdate Scheduler)
SRV - [2007/08/21 18:21:00 | 00,055,640 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- c:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe -- (comHost)
SRV - [2007/07/24 00:33:06 | 00,181,800 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe -- (GameConsoleService)
SRV - [2007/05/29 14:19:06 | 00,198,240 | ---- | M] () [Auto | Running] -- c:\hp\HPEZBTN\HPBtnSrv.exe -- (HPBtnSrv)
SRV - [2006/11/02 13:35:29 | 00,013,312 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\ehome\ehstart.dll -- (ehstart)
SRV - [2006/10/26 13:03:08 | 00,145,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose)


========== Driver Services (SafeList) ==========

DRV - [2009/12/18 03:03:57 | 00,056,816 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2009/12/18 03:03:57 | 00,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2009/03/30 10:32:47 | 00,096,104 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2009/02/13 12:34:33 | 00,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Stopped] -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys -- (avgio)
DRV - [2009/02/06 17:08:52 | 00,055,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\fssfltr.sys -- (fssfltr)
DRV - [2008/09/15 13:26:14 | 00,110,080 | ---- | M] (ZTE Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ZTEusbnet.sys -- (ZTEusbnet)
DRV - [2008/09/15 13:26:14 | 00,104,960 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\zteusbvoice.sys -- (ZTEusbvoice)
DRV - [2008/09/15 13:26:14 | 00,104,960 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ZTEusbser6k.sys -- (ZTEusbser6k)
DRV - [2008/09/15 13:26:14 | 00,104,960 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ZTEusbnmea.sys -- (ZTEusbnmea)
DRV - [2008/09/15 13:26:14 | 00,104,960 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ZTEusbmdm6k.sys -- (ZTEusbmdm6k)
DRV - [2008/09/15 13:26:14 | 00,007,168 | R--- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\massfilter.sys -- (massfilter)
DRV - [2008/08/14 06:57:42 | 00,074,720 | ---- | M] (Adobe Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\adfs.sys -- (adfs)
DRV - [2008/07/03 16:03:48 | 02,152,088 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RTKVHDA.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2008/06/19 16:24:30 | 00,028,544 | ---- | M] (Panda Security, S.L.) [File_System | Boot | Running] -- C:\Windows\system32\drivers\pavboot.sys -- (pavboot)
DRV - [2008/06/02 17:49:48 | 00,305,688 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\iastor.sys -- (iaStor)
DRV - [2008/03/20 18:41:35 | 00,020,024 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\viaide.sys -- (viaide)
DRV - [2008/03/20 18:41:35 | 00,019,000 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide)
DRV - [2008/03/20 18:41:35 | 00,017,464 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\aliide.sys -- (aliide)
DRV - [2008/03/20 10:33:30 | 00,123,952 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2008/02/26 08:17:30 | 00,493,568 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\netr73.sys -- (netr73)
DRV - [2008/02/06 02:00:00 | 00,044,608 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\PxHelp20.sys -- (PxHelp20)
DRV - [2008/01/10 18:57:00 | 08,237,120 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2007/10/10 01:00:00 | 00,865,904 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Symantec\Definitions\VirusDefs\20071010.023\NAVEX15.SYS -- (NAVEX15)
DRV - [2007/10/10 01:00:00 | 00,395,312 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2007/10/10 01:00:00 | 00,081,232 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Symantec\Definitions\VirusDefs\20071010.023\NAVENG.SYS -- (NAVENG)
DRV - [2007/10/03 17:18:12 | 00,099,840 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169)
DRV - [2007/08/17 08:23:00 | 00,446,512 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys -- (SPBBCDrv)
DRV - [2007/08/15 08:27:00 | 00,180,272 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\ProgramData\Symantec\Definitions\SymcData\ipsdefs\20070823.002\IDSvix86.sys -- (IDSvix86)
DRV - [2007/08/13 07:50:00 | 00,188,464 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\Drivers\SYMTDI.SYS -- (SYMTDI)
DRV - [2007/08/13 07:50:00 | 00,022,320 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\SYMREDRV.SYS -- (SYMREDRV)
DRV - [2007/08/09 11:27:00 | 00,031,280 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SymIM.sys -- (SymIMMP)
DRV - [2007/08/09 11:27:00 | 00,031,280 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\SymIM.sys -- (SymIM)
DRV - [2007/08/08 10:39:00 | 00,036,056 | ---- | M] (Symantec Corporation) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\CO_Mon.sys -- (CO_Mon)
DRV - [2007/07/30 17:43:00 | 00,317,616 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\srtspl.sys -- (SRTSPL)
DRV - [2007/07/30 17:43:00 | 00,278,576 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\srtsp.sys -- (SRTSP)
DRV - [2007/07/30 17:43:00 | 00,043,696 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\srtspx.sys -- (SRTSPX)
DRV - [2007/03/14 14:34:16 | 00,005,120 | ---- | M] (Samsung Electronics) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\SSPORT.SYS -- (SSPORT)
DRV - [2006/11/02 10:51:45 | 00,900,712 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300)
DRV - [2006/11/02 10:51:38 | 00,420,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx)
DRV - [2006/11/02 10:51:34 | 00,316,520 | ---- | M] (Emulex) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor)
DRV - [2006/11/02 10:51:32 | 00,297,576 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci)
DRV - [2006/11/02 10:51:25 | 00,235,112 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci)
DRV - [2006/11/02 10:51:25 | 00,232,040 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV)
DRV - [2006/11/02 10:51:00 | 00,147,048 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320)
DRV - [2006/11/02 10:50:45 | 00,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2)
DRV - [2006/11/02 10:50:41 | 00,112,232 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid)
DRV - [2006/11/02 10:50:35 | 00,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx)
DRV - [2006/11/02 10:50:35 | 00,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata)
DRV - [2006/11/02 10:50:35 | 00,098,408 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m)
DRV - [2006/11/02 10:50:24 | 00,088,680 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid)
DRV - [2006/11/02 10:50:19 | 00,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960)
DRV - [2006/11/02 10:50:17 | 00,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp)
DRV - [2006/11/02 10:50:16 | 00,071,784 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4)
DRV - [2006/11/02 10:50:13 | 00,040,040 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor)
DRV - [2006/11/02 10:50:11 | 00,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx)
DRV - [2006/11/02 10:50:10 | 00,067,688 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas)
DRV - [2006/11/02 10:50:10 | 00,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI)
DRV - [2006/11/02 10:50:10 | 00,038,504 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid2.sys -- (SiSRaid2)
DRV - [2006/11/02 10:50:10 | 00,037,480 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs)
DRV - [2006/11/02 10:50:09 | 00,067,688 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arc.sys -- (arc)
DRV - [2006/11/02 10:50:09 | 00,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid)
DRV - [2006/11/02 10:50:07 | 00,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi)
DRV - [2006/11/02 10:50:05 | 00,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS)
DRV - [2006/11/02 10:50:05 | 00,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx)
DRV - [2006/11/02 10:50:04 | 00,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC)
DRV - [2006/11/02 10:50:03 | 00,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3)
DRV - [2006/11/02 10:49:59 | 00,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x)
DRV - [2006/11/02 10:49:56 | 00,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi)
DRV - [2006/11/02 10:49:53 | 00,028,776 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasas.sys -- (megasas)
DRV - [2006/11/02 09:25:24 | 00,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
DRV - [2006/11/02 09:24:47 | 00,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer)
DRV - [2006/11/02 09:24:46 | 00,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp)
DRV - [2006/11/02 09:24:45 | 00,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo)
DRV - [2006/11/02 09:24:44 | 00,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm)
DRV - [2006/11/02 09:24:44 | 00,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm)
DRV - [2006/11/02 08:36:50 | 00,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi)
DRV - [2006/11/02 08:30:54 | 00,117,760 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel(R)
DRV - [2006/11/02 07:37:21 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\secdrv.sys -- (secdrv)
DRV - [2004/10/18 14:02:20 | 00,041,472 | ---- | M] (DeviceGuys, Inc.) [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\DGIVECP.SYS -- (DgiVecp)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE= ... pf=desktop
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE= ... pf=desktop


IE - HKU\.DEFAULT\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-2919847983-440680175-3184493004-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\S-1-5-21-2919847983-440680175-3184493004-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-2919847983-440680175-3184493004-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\S-1-5-21-2919847983-440680175-3184493004-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://fr.msn.com/?ocid=iehp
IE - HKU\S-1-5-21-2919847983-440680175-3184493004-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = fr
IE - HKU\S-1-5-21-2919847983-440680175-3184493004-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 28 B1 D7 3A 3D E8 C9 01 [binary data]
IE - HKU\S-1-5-21-2919847983-440680175-3184493004-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-2919847983-440680175-3184493004-1000\..\URLSearchHook: {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\kb128\SearchSettings.dll (Spigot, Inc.)
IE - HKU\S-1-5-21-2919847983-440680175-3184493004-1000\S-1-5-21-2919847983-440680175-3184493004-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..extensions.enabledItems: en-GB@dictionaries.addons.mozilla.org:1.19
FF - prefs.js..extensions.enabledItems: {01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C}:4.0
FF - prefs.js..extensions.enabledItems: es-es@dictionaries.addons.mozilla.org:1.2.1
FF - prefs.js..extensions.enabledItems: {3d7eb24f-2740-49df-8937-200b1cc08f8a}:1.5.11.2
FF - prefs.js..extensions.enabledItems: {000a9d1c-beef-4f90-9363-039d445309b8}:0.5.33.0
FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:1.0
FF - prefs.js..extensions.enabledItems: search@searchsettings.com:1.2.1

FF - HKLM\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Program Files\browserrecord [2008/12/18 17:49:53 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{000a9d1c-beef-4f90-9363-039d445309b8}: C:\Program Files\Google\Google Gears\Firefox\ [2009/11/04 09:46:47 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.15\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2009/10/28 19:06:14 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.15\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2009/10/28 19:06:14 | 00,000,000 | ---D | M]

[2008/08/05 11:40:59 | 00,000,000 | ---D | M] -- C:\Users\Aimel\AppData\Roaming\mozilla\Extensions
[2009/12/18 00:58:54 | 00,000,000 | ---D | M] -- C:\Users\Aimel\AppData\Roaming\mozilla\Firefox\Profiles\ky7wqwit.default\extensions
[2009/07/03 01:59:27 | 00,000,000 | ---D | M] (Flashblock) -- C:\Users\Aimel\AppData\Roaming\mozilla\Firefox\Profiles\ky7wqwit.default\extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a}
[2008/06/20 15:17:28 | 00,000,000 | ---D | M] -- C:\Users\Aimel\AppData\Roaming\mozilla\Firefox\Profiles\ky7wqwit.default\extensions\en-GB@dictionaries.addons.mozilla.org
[2009/04/27 22:54:24 | 00,000,000 | ---D | M] -- C:\Users\Aimel\AppData\Roaming\mozilla\Firefox\Profiles\ky7wqwit.default\extensions\es-es@dictionaries.addons.mozilla.org
[2009/11/20 01:32:03 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions
[2009/06/08 19:03:09 | 00,000,000 | ---D | M] (Dealio Toolbar Plugin) -- C:\Program Files\mozilla firefox\extensions\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C}
[2009/06/08 19:03:17 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\search@searchsettings.com
[2007/08/24 14:52:00 | 00,300,400 | ---- | M] (Symantec Corporation) -- C:\Program Files\mozilla firefox\components\coFFPlgn.dll
[2006/07/31 15:07:16 | 00,098,304 | ---- | M] (Zylom) -- C:\Program Files\mozilla firefox\plugins\npzylomgamesplayer.dll
[2009/08/10 10:03:25 | 00,001,516 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-france.xml
[2009/08/10 10:03:25 | 00,000,757 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-france.xml
[2009/08/10 10:03:25 | 00,000,748 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\MediaDICO-fr.xml
[2009/08/10 10:03:25 | 00,001,426 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-fr.xml
[2009/08/10 10:03:25 | 00,000,652 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-france.xml

O1 HOSTS File: (761 bytes) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Dealio Toolbar) - {01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} - C:\Program Files\Dealio Toolbar\DealioToolbarIE.dll (Spigot, Inc.)
O2 - BHO: (Aide pour le lien d'Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (no name) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - c:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.0\coIEPlg.dll (Symantec Corporation)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\PROGRA~1\COMMON~1\SYMANT~1\IDS\IPSBHO.dll (Symantec Corporation)
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
O2 - BHO: (AOL Toolbar Launcher) - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll (AOL)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll (Google Inc.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Google Gears Helper) - {E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.33.0\gears.dll (Google Inc.)
O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O2 - BHO: (SearchSettings Class) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\kb128\SearchSettings.dll (Spigot, Inc.)
O3 - HKLM\..\Toolbar: (Dealio Toolbar) - {01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} - C:\Program Files\Dealio Toolbar\DealioToolbarIE.dll (Spigot, Inc.)
O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (&Google) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Show Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - c:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.0\CoIEPlg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (AOL Toolbar) - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll (AOL)
O3 - HKU\S-1-5-21-2919847983-440680175-3184493004-1000\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKU\S-1-5-21-2919847983-440680175-3184493004-1000\..\Toolbar\WebBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll (Google Inc.)
O3 - HKU\S-1-5-21-2919847983-440680175-3184493004-1000\..\Toolbar\WebBrowser: (AOL Toolbar) - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll (AOL)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Adobe ARM] C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe (Hewlett-Packard)
O4 - HKLM..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe (Intel Corporation)
O4 - HKLM..\Run: [ISUSScheduler] C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe (Macrovision Corporation)
O4 - HKLM..\Run: [MioNet] C:\Program Files\MioNet\MioNetLauncher.exe ()
O4 - HKLM..\Run: [MobileConnect] C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe (Vodafone)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvSvc] C:\Windows\System32\nvsvc.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [OsdMaestro] C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe (OsdMaestro)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [SearchSettings] C:\Program Files\Search Settings\SearchSettings.exe (Spigot, Inc.)
O4 - HKLM..\Run: [SunJavaUpdateReg] C:\Windows\System32\jureg.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-2919847983-440680175-3184493004-1000..\Run: [ISUSPM Startup] C:\Programmes\Common Files\InstallShield\UpdateService\ISUSPM.exe File not found
O4 - HKLM..\RunOnce: [] File not found
O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O8 - Extra context menu item: &Recherche AOL Toolbar - c:\program files\aol\aol toolbar 5.0\resources\fr-fr\local\search.html ()
O9 - Extra 'Tools' menuitem : Paramètres de Google &Gears - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.33.0\gears.dll (Google Inc.)
O9 - Extra Button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: AOL Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll (AOL)
O9 - Extra 'Tools' menuitem : Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe ()
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL (Microsoft Corporation)
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-2919847983-440680175-3184493004-1000\..Trusted Ranges: GD ([http] in Local intranet)
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} http://download.microsoft.com/download/ ... ontrol.cab (Office Genuine Advantage Validation Tool)
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} http://download.bitdefender.com/resourc ... oscan8.cab (BDSCANONLINE Control)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control)
O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} http://gigimatar.spaces.live.com/PhotoU ... dfr-fr.cab (Windows Live Photo Upload Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/fl ... rashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_17)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 89.2.0.1 192.168.0.1
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL) - C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL (Google)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008/03/20 10:20:56 | 00,000,074 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{14cc3dca-63a2-11dd-a465-f3754903a665}\Shell\AutoRun\command - "" = useinit.exe
O33 - MountPoints2\{14cc3dca-63a2-11dd-a465-f3754903a665}\Shell\Explore\Command - "" = useinit.exe
O33 - MountPoints2\{14cc3dca-63a2-11dd-a465-f3754903a665}\Shell\Open\Command - "" = useinit.exe
O33 - MountPoints2\{6850dbf3-61a1-11de-869d-001e8cc54b0e}\Shell - "" = AutoRun
O33 - MountPoints2\{6850dbf3-61a1-11de-869d-001e8cc54b0e}\Shell\AutoRun\command - "" = K:\setup_vmc_lite.exe -- File not found
O33 - MountPoints2\{6850dbfb-61a1-11de-869d-001e8cc54b0e}\Shell - "" = AutoRun
O33 - MountPoints2\{6850dbfb-61a1-11de-869d-001e8cc54b0e}\Shell\AutoRun\command - "" = L:\setup_vmc_lite.exe -- File not found
O33 - MountPoints2\{9b7e77a0-bd40-11dd-9e37-001e8cc54b0e}\Shell\AutoRun\command - "" = M:\hkn6k.bat -- File not found
O33 - MountPoints2\{9b7e77a0-bd40-11dd-9e37-001e8cc54b0e}\Shell\open\Command - "" = M:\hkn6k.bat -- File not found
O33 - MountPoints2\{f0da3782-38ce-11dd-b884-aecc44b74b18}\Shell\autoPlAy\ComMaNd - "" = sbcw.pif
O33 - MountPoints2\{f0da3782-38ce-11dd-b884-aecc44b74b18}\Shell\AutoRun\command - "" = sbcw.pif
O33 - MountPoints2\{f0da3782-38ce-11dd-b884-aecc44b74b18}\Shell\explORe\ComMaNd - "" = sbcw.pif
O33 - MountPoints2\{f0da3782-38ce-11dd-b884-aecc44b74b18}\Shell\OpeN\COmmAND - "" = sbcw.pif
O33 - MountPoints2\K\Shell\AutoRun\command - "" = K:\hkn6k.bat -- File not found
O33 - MountPoints2\K\Shell\open\Command - "" = K:\hkn6k.bat -- File not found
O34 - HKLM BootExecute: (autocheck autochk /r \??\C:) - File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - comfile [open] -- "%1" %*
O35 - exefile [open] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2009/12/18 05:59:49 | 00,000,000 | ---D | C] -- C:\Users\Aimel\AppData\Roaming\Malwarebytes
[2009/12/18 05:59:43 | 00,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2009/12/18 05:59:41 | 00,019,160 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2009/12/18 05:59:41 | 00,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2009/12/18 05:59:41 | 00,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2009/12/18 05:58:33 | 04,844,296 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\Aimel\Desktop\mbam-setup.exe
[2009/12/18 05:58:04 | 00,564,736 | ---- | C] (OldTimer Tools) -- C:\Users\Aimel\Desktop\OTL.exe
[2009/12/18 05:22:16 | 00,000,000 | ---D | C] -- C:\Program Files\SIW
[2009/12/18 04:50:59 | 00,000,000 | ---D | C] -- C:\UsbFix
[2009/12/18 03:14:28 | 00,000,000 | ---D | C] -- C:\ProgramData\Real
[2009/12/18 02:57:30 | 00,096,104 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avipbb.sys
[2009/12/18 02:57:30 | 00,056,816 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avgntflt.sys
[2009/12/18 02:57:30 | 00,028,520 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\ssmdrv.sys
[2009/12/18 02:57:28 | 00,000,000 | ---D | C] -- C:\ProgramData\Avira
[2009/12/18 02:57:28 | 00,000,000 | ---D | C] -- C:\Program Files\Avira
[2009/12/17 10:21:26 | 00,000,000 | ---D | C] -- C:\Users\Aimel\AppData\Local\Apps
[2009/12/17 10:09:06 | 00,000,000 | ---D | C] -- C:\Users\Aimel\AppData\Roaming\Backup MyPC
[2009/12/17 09:56:25 | 00,000,000 | ---D | C] -- C:\Users\Aimel\Desktop\Parque-Arte
[2009/12/17 09:50:10 | 00,000,000 | ---D | C] -- C:\HP Personal Media Drive
[2009/12/17 09:50:03 | 00,000,000 | ---D | C] -- C:\Program Files\Roxio
[2009/12/17 09:50:02 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Roxio Shared
[2009/12/10 10:54:56 | 00,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nshhttp.dll
[2009/12/10 10:54:54 | 00,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\httpapi.dll
[2009/12/10 10:51:28 | 00,594,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2009/12/10 10:51:28 | 00,387,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2009/12/10 10:51:27 | 01,638,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2009/12/10 10:51:27 | 01,469,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2009/12/10 10:51:27 | 00,184,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2009/12/10 10:51:27 | 00,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2009/12/10 10:51:27 | 00,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2009/12/10 10:51:27 | 00,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2009/12/10 10:51:27 | 00,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2009/12/10 10:51:27 | 00,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2009/12/10 10:51:27 | 00,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2009/12/10 10:51:27 | 00,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2009/12/10 10:51:27 | 00,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2009/12/10 10:51:27 | 00,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2009/12/10 10:51:02 | 00,243,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rastls.dll
[2009/12/08 13:57:57 | 00,000,000 | ---D | C] -- C:\Users\Aimel\Desktop\Nouveau dossier (2)
[2009/12/04 19:20:13 | 00,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2009/12/04 19:19:04 | 00,714,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\timedate.cpl
[2009/11/20 01:31:57 | 00,149,280 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe
[2009/11/20 01:31:57 | 00,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe
[2009/11/20 01:31:57 | 00,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe
[2009/11/20 01:30:44 | 02,036,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2009/11/20 01:30:02 | 00,355,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSDApi.dll
[2009/11/19 13:54:13 | 00,000,000 | ---D | C] -- C:\Users\Aimel\AppData\Roaming\Media Player Classic
[2009/11/19 13:47:18 | 00,839,680 | ---- | C] (http://www.mp3dev.org/) -- C:\Windows\System32\lameACM.acm
[2009/11/19 13:47:18 | 00,217,088 | ---- | C] (www.helixcommunity.org) -- C:\Windows\System32\yv12vfw.dll
[2009/11/19 13:47:18 | 00,118,784 | ---- | C] (fccHandler) -- C:\Windows\System32\ac3acm.acm
[2009/11/19 13:47:13 | 00,000,000 | ---D | C] -- C:\Program Files\K-Lite Codec Pack
[2009/11/19 13:12:13 | 00,000,000 | ---D | C] -- C:\Program Files\IrfanView
[2008/12/18 17:50:02 | 00,014,336 | ---- | C] (RealNetworks, Inc.) -- C:\Program Files\wmdmhelper.dll
[2008/12/18 17:50:01 | 00,692,224 | ---- | C] ( ) -- C:\Program Files\dtdr3260.dll
[2008/12/18 17:50:00 | 00,659,456 | ---- | C] (RealNetworks, Inc.) -- C:\Program Files\rjbres.dll
[2008/12/18 17:50:00 | 00,339,968 | ---- | C] (RealNetworks, Inc.) -- C:\Program Files\rjdlg.dll
[2008/12/18 17:50:00 | 00,139,264 | ---- | C] (Inner Media, Inc.) -- C:\Program Files\DUNZIP32.dll
[2008/12/18 17:50:00 | 00,019,456 | ---- | C] (RealNetworks, Inc.) -- C:\Program Files\rjprog.dll
[2008/12/18 17:49:59 | 00,041,472 | ---- | C] (RealNetworks, Inc.) -- C:\Program Files\mmcdda32.dll
[2008/12/18 17:49:59 | 00,036,352 | ---- | C] (RealNetworks, Inc.) -- C:\Program Files\ierjplug.dll
[2008/12/18 17:49:59 | 00,019,456 | ---- | C] (RealNetworks, Inc.) -- C:\Program Files\tnetdtct.dll
[2008/12/18 17:49:59 | 00,006,656 | ---- | C] (RealNetworks, Inc.) -- C:\Program Files\fixrjb.exe
[2008/12/18 17:49:58 | 00,081,920 | ---- | C] (RealNetworks, Inc.) -- C:\Program Files\tsasdk.dll
[2008/12/18 17:49:58 | 00,057,344 | ---- | C] (RealNetworks, Inc.) -- C:\Program Files\tpasdk.dll
[2008/12/18 17:49:54 | 00,032,768 | ---- | C] (RealNetworks, Inc.) -- C:\Program Files\rpwa3260.dll
[2008/12/18 17:49:53 | 00,153,152 | ---- | C] (RealNetworks, Inc.) -- C:\Program Files\RecordingManager.exe
[2008/12/18 17:49:53 | 00,043,056 | ---- | C] (RealNetworks, Inc.) -- C:\Program Files\rpshellsearch.dll
[2008/12/18 17:49:52 | 00,719,360 | ---- | C] (Microsoft Corporation) -- C:\Program Files\dbghelp.dll
[2008/12/18 17:49:52 | 00,304,736 | ---- | C] (RealPlayer) -- C:\Program Files\rpbrowserrecordplugin.dll
[2008/12/18 17:49:52 | 00,065,536 | ---- | C] (RealNetworks, Inc.) -- C:\Program Files\rjwmapln.dll
[2008/12/18 17:49:48 | 00,053,248 | ---- | C] (RealNetworks, Inc.) -- C:\Program Files\rpau3260.dll
[2008/12/18 17:49:41 | 00,098,304 | ---- | C] (RealPlayer) -- C:\Program Files\rpshellextension.dll
[2008/12/18 17:49:41 | 00,095,784 | ---- | C] (RealNetworks, Inc.) -- C:\Program Files\rdsf3260.dll
[2008/12/18 17:49:41 | 00,086,016 | ---- | C] (RealNetworks, Inc.) -- C:\Program Files\rpplugprot.dll
[2008/12/18 17:49:40 | 00,063,016 | ---- | C] (RealNetworks, Inc.) -- C:\Program Files\rpshell.dll
[2008/12/18 17:49:38 | 00,214,536 | ---- | C] (RealNetworks, Inc.) -- C:\Program Files\realplay.exe
[2008/12/18 17:49:38 | 00,009,216 | ---- | C] (RealNetworks, Inc.) -- C:\Program Files\rphelperapp.exe
[2008/12/18 17:49:38 | 00,007,168 | ---- | C] (RealNetworks, Inc.) -- C:\Program Files\realjbox.exe
[3 C:\Windows\System32\drivers\*.tmp files -> C:\Windows\System32\drivers\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2009/12/18 06:23:58 | 04,194,304 | -HS- | M] () -- C:\Users\Aimel\ntuser.dat
[2009/12/18 05:59:46 | 00,000,820 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2009/12/18 05:58:47 | 04,844,296 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\Aimel\Desktop\mbam-setup.exe
[2009/12/18 05:58:13 | 00,564,736 | ---- | M] (OldTimer Tools) -- C:\Users\Aimel\Desktop\OTL.exe
[2009/12/18 05:46:00 | 00,001,052 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2009/12/18 05:30:17 | 01,656,291 | ---- | M] () -- C:\Users\Aimel\Desktop\SIW_20091218_052813_PC-AIMEL.html
[2009/12/18 05:22:55 | 00,003,568 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2009/12/18 05:22:55 | 00,003,568 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2009/12/18 03:49:06 | 00,000,418 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{70165392-7111-443C-80AB-417CC1827FED}.job
[2009/12/18 03:03:57 | 00,056,816 | ---- | M] (Avira GmbH) -- C:\Windows\System32\drivers\avgntflt.sys
[2009/12/18 03:03:57 | 00,028,520 | ---- | M] (Avira GmbH) -- C:\Windows\System32\drivers\ssmdrv.sys
[2009/12/18 02:47:32 | 00,001,048 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2009/12/18 02:47:28 | 00,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2009/12/18 02:47:27 | 00,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2009/12/18 02:47:24 | 34,889,15456 | -HS- | M] () -- C:\hiberfil.sys
[2009/12/18 02:45:52 | 00,524,288 | -HS- | M] () -- C:\Users\Aimel\ntuser.dat{6e4f5099-633f-11dd-b7bc-00164496fe4d}.TMContainer00000000000000000001.regtrans-ms
[2009/12/18 02:45:52 | 00,065,536 | -HS- | M] () -- C:\Users\Aimel\ntuser.dat{6e4f5099-633f-11dd-b7bc-00164496fe4d}.TM.blf
[2009/12/18 02:44:30 | 00,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
[2009/12/18 01:28:52 | 03,508,620 | -H-- | M] () -- C:\Users\Aimel\AppData\Local\IconCache.db
[2009/12/18 00:45:50 | 00,000,031 | ---- | M] () -- C:\Windows\sbewin32.INI
[2009/12/17 19:04:08 | 01,470,810 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2009/12/17 19:04:08 | 00,669,328 | ---- | M] () -- C:\Windows\System32\perfh00C.dat
[2009/12/17 19:04:08 | 00,586,980 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2009/12/17 19:04:08 | 00,123,350 | ---- | M] () -- C:\Windows\System32\perfc00C.dat
[2009/12/17 19:04:08 | 00,101,052 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2009/12/17 12:30:38 | 00,420,902 | ---- | M] () -- C:\Users\Aimel\.recently-used.xbel
[2009/12/08 13:10:06 | 00,024,206 | ---- | M] () -- C:\Users\Aimel\AppData\Roaming\UserTile.png
[2009/12/03 16:14:06 | 00,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2009/12/03 16:13:56 | 00,019,160 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2009/11/30 22:33:18 | 00,320,216 | ---- | M] () -- C:\Users\Aimel\Documents\Commentaires budget.pdf
[2009/11/27 00:20:22 | 00,011,151 | ---- | M] () -- C:\Users\Aimel\Documents\Classeur1.xlsx
[2009/11/21 07:35:38 | 00,594,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2009/11/21 07:35:38 | 00,055,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2009/11/21 07:34:58 | 00,025,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2009/11/21 07:34:52 | 01,469,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2009/11/21 07:34:39 | 00,164,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2009/11/21 07:34:39 | 00,109,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2009/11/21 07:34:39 | 00,071,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2009/11/21 07:34:38 | 00,184,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2009/11/21 07:34:38 | 00,055,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2009/11/21 07:34:33 | 00,387,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2009/11/21 05:59:58 | 00,133,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2009/11/21 05:59:52 | 00,173,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2009/11/21 05:59:14 | 00,013,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2009/11/21 05:58:54 | 01,638,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2009/11/20 09:06:26 | 02,246,800 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2009/11/19 17:54:36 | 00,065,536 | ---- | M] () -- C:\Users\Aimel\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[3 C:\Windows\System32\drivers\*.tmp files -> C:\Windows\System32\drivers\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2009/12/18 05:59:46 | 00,000,820 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2009/12/18 05:28:27 | 01,656,291 | ---- | C] () -- C:\Users\Aimel\Desktop\SIW_20091218_052813_PC-AIMEL.html
[2009/12/18 01:35:35 | 34,889,15456 | -HS- | C] () -- C:\hiberfil.sys
[2009/12/18 00:45:50 | 00,000,031 | ---- | C] () -- C:\Windows\sbewin32.INI
[2009/12/17 12:30:38 | 00,420,902 | ---- | C] () -- C:\Users\Aimel\.recently-used.xbel
[2009/12/08 13:10:06 | 00,024,206 | ---- | C] () -- C:\Users\Aimel\AppData\Roaming\UserTile.png
[2009/11/30 22:33:17 | 00,320,216 | ---- | C] () -- C:\Users\Aimel\Documents\Commentaires budget.pdf
[2009/11/27 00:20:22 | 00,011,151 | ---- | C] () -- C:\Users\Aimel\Documents\Classeur1.xlsx
[2009/11/19 13:47:21 | 00,178,176 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2009/11/19 13:47:20 | 00,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini
[2009/11/19 13:47:18 | 00,000,414 | ---- | C] () -- C:\Windows\System32\lame_acm.xml
[2009/11/19 13:47:17 | 00,881,664 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2009/11/19 13:47:17 | 00,205,824 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2009/11/19 13:47:15 | 00,085,504 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2009/11/19 13:47:15 | 00,000,547 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll.manifest
[2009/08/09 09:13:59 | 00,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009/06/23 23:09:00 | 00,484,352 | ---- | C] () -- C:\Windows\System32\lame_enc.dll
[2009/06/08 19:38:59 | 00,074,390 | ---- | C] () -- C:\Program Files\Ri4m_Uninstal.exe
[2009/05/08 14:33:43 | 00,000,130 | ---- | C] () -- C:\Users\Aimel\AppData\Roaming\default.rss
[2009/05/08 13:08:36 | 00,004,767 | ---- | C] () -- C:\Windows\Irremote.ini
[2009/05/04 19:54:27 | 00,000,097 | ---- | C] () -- C:\Windows\System32\PICSDK.ini
[2009/05/04 19:43:08 | 00,000,025 | ---- | C] () -- C:\Windows\CDE DX7400DEFGIPS.ini
[2008/12/18 17:50:01 | 00,000,568 | ---- | C] () -- C:\Program Files\fpsectbl
[2008/12/18 17:49:59 | 00,002,851 | ---- | C] () -- C:\Program Files\cdroms.cfg
[2008/12/18 17:49:54 | 00,119,808 | ---- | C] () -- C:\Program Files\waiting.avi
[2008/12/18 17:49:54 | 00,057,762 | ---- | C] () -- C:\Program Files\howto.chm
[2008/12/18 17:49:54 | 00,056,721 | ---- | C] () -- C:\Program Files\realplay.chm
[2008/12/18 17:49:54 | 00,016,296 | ---- | C] () -- C:\Program Files\realtfon.fon
[2008/12/18 17:49:54 | 00,011,444 | ---- | C] () -- C:\Program Files\frw.bmp
[2008/12/18 17:49:53 | 00,001,209 | ---- | C] () -- C:\Program Files\flvplay.swf
[2008/12/18 17:49:53 | 00,000,685 | ---- | C] () -- C:\Program Files\RecordingManager.exe.manifest
[2008/12/18 17:49:47 | 00,060,064 | ---- | C] () -- C:\Program Files\RealNetworks License.html
[2008/12/18 17:49:47 | 00,060,064 | ---- | C] () -- C:\Program Files\playrlic.html
[2008/12/18 17:49:47 | 00,058,280 | ---- | C] () -- C:\Program Files\RealNetworks License.txt
[2008/12/18 17:49:47 | 00,058,280 | ---- | C] () -- C:\Program Files\playrlic.txt
[2008/12/18 17:49:47 | 00,053,098 | ---- | C] () -- C:\Program Files\presets.rnx
[2008/12/18 17:49:47 | 00,000,480 | ---- | C] () -- C:\Program Files\keys.dat
[2008/12/18 17:49:45 | 00,661,578 | ---- | C] () -- C:\Program Files\normal.vs
[2008/12/18 17:49:45 | 00,061,495 | ---- | C] () -- C:\Program Files\ssimages.vs
[2008/12/18 17:49:42 | 00,102,400 | ---- | C] () -- C:\Program Files\HXAudioDeviceHook.dll
[2008/12/18 17:49:40 | 00,001,001 | ---- | C] () -- C:\Program Files\autoplaylist.dat
[2008/12/18 17:49:40 | 00,000,071 | ---- | C] () -- C:\Program Files\strs23.dat
[2008/12/18 17:49:40 | 00,000,015 | ---- | C] () -- C:\Program Files\strs26.dat
[2008/12/18 17:49:38 | 00,000,682 | ---- | C] () -- C:\Program Files\realplay.exe.manifest
[2008/12/18 17:49:37 | 00,023,558 | ---- | C] () -- C:\Program Files\freeoffers.ico
[2008/12/18 17:49:37 | 00,017,846 | ---- | C] () -- C:\Program Files\videotest.rm
[2008/12/18 17:49:37 | 00,000,221 | ---- | C] () -- C:\Program Files\subscription.rnx
[2008/12/18 17:49:37 | 00,000,177 | ---- | C] () -- C:\Program Files\freeoffers.rnx
[2008/10/25 11:02:02 | 00,007,949 | ---- | C] () -- C:\Users\Aimel\AppData\Roaming\mdbu.bin
[2008/10/12 00:50:28 | 00,012,288 | ---- | C] () -- C:\Windows\impborl.dll
[2008/09/22 10:15:16 | 00,126,030 | R--- | C] () -- C:\ProgramData\DeviceManager.xml.rc4
[2008/09/15 13:28:10 | 00,020,270 | ---- | C] () -- C:\ProgramData\DeviceInstaller.xml
[2008/08/02 20:20:14 | 00,065,536 | ---- | C] () -- C:\Users\Aimel\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/06/11 17:31:54 | 00,000,680 | ---- | C] () -- C:\Users\Aimel\AppData\Local\d3d9caps.dat
[2008/03/20 10:14:44 | 00,000,342 | ---- | C] () -- C:\ProgramData\hpzinstall.log
[2008/03/20 09:57:26 | 00,327,680 | ---- | C] () -- C:\Windows\System32\pythoncom25.dll
[2008/03/20 09:57:26 | 00,102,400 | ---- | C] () -- C:\Windows\System32\pywintypes25.dll
[2008/02/04 17:23:10 | 00,693,792 | ---- | C] () -- C:\Windows\System32\OGACheckControl.DLL
[2006/12/09 03:54:38 | 00,022,723 | ---- | C] () -- C:\Windows\System32\sugg1l3.dll
[2006/11/02 13:35:32 | 00,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 08:40:29 | 00,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/10/30 01:00:00 | 00,028,672 | ---- | C] () -- C:\Windows\System32\besched.dll
[2005/03/14 13:38:28 | 00,000,469 | ---- | C] () -- C:\Windows\bdoscandellang.ini
[2003/10/02 01:00:00 | 00,208,896 | ---- | C] () -- C:\Windows\System32\lockout.dll
[2003/10/02 01:00:00 | 00,045,056 | ---- | C] () -- C:\Windows\System32\lockres.dll

========== Alternate Data Streams ==========

@Alternate Data Stream - 124 bytes -> C:\ProgramData\TEMP:E1F04E8D
<End>
laly1976
 
Messages: 5
Inscription: 18 Déc 2009, 06:28

Messagede laly1976 » 18 Déc 2009, 06:41

OTL logfile created on: 18/12/2009 06:21:22 - Run 1
OTL by OldTimer - Version 3.1.18.0 Folder = C:\Users\Aimel\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18865)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

2,00 Gb Total Physical Memory | 1,70 Gb Available Physical Memory | 85,23% Memory free
4,00 Gb Paging File | 4,00 Gb Available in Paging File | 100,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 455,46 Gb Total Space | 134,26 Gb Free Space | 29,48% Space Free | Partition Type: NTFS
Drive D: | 10,30 Gb Total Space | 1,00 Gb Free Space | 9,68% Space Free | Partition Type: NTFS
Drive E: | 465,76 Gb Total Space | 457,65 Gb Free Space | 98,26% Space Free | Partition Type: NTFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Drive Z: | 298,08 Gb Total Space | 288,79 Gb Free Space | 96,88% Space Free | Partition Type: NTFS

Computer Name: PC-AIMEL
Current User Name: Aimel
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2009/12/18 05:58:13 | 00,564,736 | ---- | M] (OldTimer Tools) -- C:\Users\Aimel\Desktop\OTL.exe
PRC - [2009/12/18 03:03:57 | 00,185,089 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2009/12/18 03:03:57 | 00,108,289 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2009/11/02 19:41:43 | 00,136,176 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Update\1.2.183.13\GoogleCrashHandler.exe
PRC - [2009/10/11 04:17:36 | 00,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jusched.exe
PRC - [2009/09/10 15:58:25 | 00,168,960 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmplayer.exe
PRC - [2009/05/19 10:36:18 | 00,240,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
PRC - [2009/04/11 07:28:08 | 00,037,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\unsecapp.exe
PRC - [2009/04/11 07:27:36 | 02,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009/04/11 07:27:28 | 00,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conime.exe
PRC - [2009/04/09 19:10:54 | 00,970,240 | ---- | M] (Spigot, Inc.) -- C:\Program Files\Search Settings\SearchSettings.exe
PRC - [2009/03/17 12:25:40 | 00,073,728 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe
PRC - [2009/03/02 13:08:11 | 00,209,153 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2008/12/18 17:49:35 | 00,185,872 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Common Files\Real\Update_OB\realsched.exe
PRC - [2008/12/05 15:11:54 | 00,935,208 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
PRC - [2008/10/20 21:18:26 | 00,071,096 | ---- | M] () -- C:\Program Files\CDBurnerXP\NMSAccessU.exe
PRC - [2008/09/22 12:40:50 | 00,014,336 | ---- | M] (Vodafone) -- C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe
PRC - [2008/09/22 12:40:46 | 02,073,088 | ---- | M] (Vodafone) -- C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe
PRC - [2008/07/03 10:27:12 | 06,266,880 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
PRC - [2008/06/10 03:27:04 | 00,054,672 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\jureg.exe
PRC - [2008/06/02 17:50:34 | 00,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
PRC - [2008/06/02 17:50:32 | 00,178,712 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
PRC - [2008/01/19 08:38:38 | 01,008,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe
PRC - [2008/01/19 08:33:40 | 00,142,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WUDFHost.exe
PRC - [2008/01/19 08:33:27 | 00,151,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\schtasks.exe
PRC - [2007/09/19 17:30:52 | 00,065,536 | ---- | M] (Hewlett-Packard) -- c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
PRC - [2007/08/24 16:07:00 | 00,149,864 | ---- | M] (Symantec Corporation) -- c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
PRC - [2007/05/29 14:19:06 | 00,198,240 | ---- | M] () -- c:\hp\HPEZBTN\HPBtnSrv.exe
PRC - [2007/05/08 15:24:20 | 00,054,840 | ---- | M] (Hewlett-Packard) -- C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
PRC - [2007/04/18 16:01:34 | 00,065,536 | ---- | M] (Hewlett-Packard Company) -- C:\hp\support\hpsysdrv.exe
PRC - [2007/02/15 12:59:00 | 00,118,784 | ---- | M] (OsdMaestro) -- C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe
PRC - [2006/09/11 03:40:34 | 00,086,960 | ---- | M] (Macrovision Corporation) -- C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe


========== Modules (SafeList) ==========

MOD - [2009/12/18 05:58:13 | 00,564,736 | ---- | M] (OldTimer Tools) -- C:\Users\Aimel\Desktop\OTL.exe
MOD - [2009/04/11 07:21:38 | 01,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - [2009/12/18 03:03:57 | 00,185,089 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2009/12/18 03:03:57 | 00,108,289 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2009/09/25 02:27:04 | 00,793,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\FntCache.dll -- (FontCache)
SRV - [2009/09/02 22:35:52 | 00,133,104 | ---- | M] (Google Inc.) [Auto | Stopped] -- C:\Program Files\Google\Update\GoogleUpdate.exe -- (gupdate) Service Google Update (gupdate)
SRV - [2009/05/19 10:36:18 | 00,240,512 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe -- (SeaPort)
SRV - [2009/05/04 12:54:37 | 00,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2009/03/17 12:25:40 | 00,073,728 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe -- (LightScribeService)
SRV - [2009/02/06 17:08:58 | 00,533,360 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Live\Family Safety\fsssvc.exe -- (fsssvc)
SRV - [2008/12/05 15:11:54 | 00,935,208 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe -- (Nero BackItUp Scheduler 4.0)
SRV - [2008/11/28 14:08:31 | 01,838,592 | ---- | M] (Google) [On_Demand | Stopped] -- C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe -- (GoogleDesktopManager)
SRV - [2008/11/04 00:06:28 | 00,441,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv)
SRV - [2008/10/20 21:18:26 | 00,071,096 | ---- | M] () [Auto | Running] -- C:\Program Files\CDBurnerXP\NMSAccessU.exe -- (NMSAccessU)
SRV - [2008/09/22 12:40:50 | 00,014,336 | ---- | M] (Vodafone) [Auto | Running] -- C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe -- (VMCService)
SRV - [2008/08/15 04:46:20 | 00,284,016 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe -- (Adobe Version Cue CS4)
SRV - [2008/07/01 21:26:11 | 00,138,168 | ---- | M] (Google) [On_Demand | Stopped] -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc)
SRV - [2008/06/02 17:50:34 | 00,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe -- (IAANTMON) Intel(R)
SRV - [2008/03/20 10:32:27 | 01,245,064 | ---- | M] () [On_Demand | Stopped] -- C:\PROGRA~1\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe -- (Symantec Core LC)
SRV - [2008/01/19 08:38:24 | 00,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)
SRV - [2007/09/19 17:30:52 | 00,065,536 | ---- | M] (Hewlett-Packard) [Auto | Running] -- c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe -- (HP Health Check Service)
SRV - [2007/08/24 16:07:00 | 00,149,864 | ---- | M] (Symantec Corporation) [Auto | Running] -- c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (LiveUpdate Notice)
SRV - [2007/08/24 16:07:00 | 00,149,864 | ---- | M] (Symantec Corporation) [Auto | Running] -- c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (CLTNetCnService)
SRV - [2007/08/24 16:07:00 | 00,149,864 | ---- | M] (Symantec Corporation) [Auto | Running] -- c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (ccSetMgr)
SRV - [2007/08/24 16:07:00 | 00,149,864 | ---- | M] (Symantec Corporation) [Auto | Running] -- c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (ccEvtMgr)
SRV - [2007/08/23 07:35:00 | 03,192,184 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- c:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE -- (LiveUpdate)
SRV - [2007/08/23 07:35:00 | 00,243,064 | ---- | M] (Symantec Corporation) [Disabled | Stopped] -- c:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe -- (Automatic LiveUpdate Scheduler)
SRV - [2007/08/21 18:21:00 | 00,055,640 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- c:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe -- (comHost)
SRV - [2007/07/24 00:33:06 | 00,181,800 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe -- (GameConsoleService)
SRV - [2007/05/29 14:19:06 | 00,198,240 | ---- | M] () [Auto | Running] -- c:\hp\HPEZBTN\HPBtnSrv.exe -- (HPBtnSrv)
SRV - [2006/11/02 13:35:29 | 00,013,312 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\ehome\ehstart.dll -- (ehstart)
SRV - [2006/10/26 13:03:08 | 00,145,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose)


========== Driver Services (SafeList) ==========

DRV - [2009/12/18 03:03:57 | 00,056,816 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2009/12/18 03:03:57 | 00,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2009/03/30 10:32:47 | 00,096,104 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2009/02/13 12:34:33 | 00,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Stopped] -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys -- (avgio)
DRV - [2009/02/06 17:08:52 | 00,055,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\fssfltr.sys -- (fssfltr)
DRV - [2008/09/15 13:26:14 | 00,110,080 | ---- | M] (ZTE Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ZTEusbnet.sys -- (ZTEusbnet)
DRV - [2008/09/15 13:26:14 | 00,104,960 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\zteusbvoice.sys -- (ZTEusbvoice)
DRV - [2008/09/15 13:26:14 | 00,104,960 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ZTEusbser6k.sys -- (ZTEusbser6k)
DRV - [2008/09/15 13:26:14 | 00,104,960 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ZTEusbnmea.sys -- (ZTEusbnmea)
DRV - [2008/09/15 13:26:14 | 00,104,960 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ZTEusbmdm6k.sys -- (ZTEusbmdm6k)
DRV - [2008/09/15 13:26:14 | 00,007,168 | R--- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\massfilter.sys -- (massfilter)
DRV - [2008/08/14 06:57:42 | 00,074,720 | ---- | M] (Adobe Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\adfs.sys -- (adfs)
DRV - [2008/07/03 16:03:48 | 02,152,088 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RTKVHDA.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2008/06/19 16:24:30 | 00,028,544 | ---- | M] (Panda Security, S.L.) [File_System | Boot | Running] -- C:\Windows\system32\drivers\pavboot.sys -- (pavboot)
DRV - [2008/06/02 17:49:48 | 00,305,688 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\iastor.sys -- (iaStor)
DRV - [2008/03/20 18:41:35 | 00,020,024 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\viaide.sys -- (viaide)
DRV - [2008/03/20 18:41:35 | 00,019,000 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide)
DRV - [2008/03/20 18:41:35 | 00,017,464 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\aliide.sys -- (aliide)
DRV - [2008/03/20 10:33:30 | 00,123,952 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2008/02/26 08:17:30 | 00,493,568 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\netr73.sys -- (netr73)
DRV - [2008/02/06 02:00:00 | 00,044,608 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\PxHelp20.sys -- (PxHelp20)
DRV - [2008/01/10 18:57:00 | 08,237,120 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2007/10/10 01:00:00 | 00,865,904 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Symantec\Definitions\VirusDefs\20071010.023\NAVEX15.SYS -- (NAVEX15)
DRV - [2007/10/10 01:00:00 | 00,395,312 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2007/10/10 01:00:00 | 00,081,232 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Symantec\Definitions\VirusDefs\20071010.023\NAVENG.SYS -- (NAVENG)
DRV - [2007/10/03 17:18:12 | 00,099,840 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169)
DRV - [2007/08/17 08:23:00 | 00,446,512 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys -- (SPBBCDrv)
DRV - [2007/08/15 08:27:00 | 00,180,272 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\ProgramData\Symantec\Definitions\SymcData\ipsdefs\20070823.002\IDSvix86.sys -- (IDSvix86)
DRV - [2007/08/13 07:50:00 | 00,188,464 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\Drivers\SYMTDI.SYS -- (SYMTDI)
DRV - [2007/08/13 07:50:00 | 00,022,320 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\SYMREDRV.SYS -- (SYMREDRV)
DRV - [2007/08/09 11:27:00 | 00,031,280 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SymIM.sys -- (SymIMMP)
DRV - [2007/08/09 11:27:00 | 00,031,280 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\SymIM.sys -- (SymIM)
DRV - [2007/08/08 10:39:00 | 00,036,056 | ---- | M] (Symantec Corporation) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\CO_Mon.sys -- (CO_Mon)
DRV - [2007/07/30 17:43:00 | 00,317,616 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\srtspl.sys -- (SRTSPL)
DRV - [2007/07/30 17:43:00 | 00,278,576 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\srtsp.sys -- (SRTSP)
DRV - [2007/07/30 17:43:00 | 00,043,696 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\srtspx.sys -- (SRTSPX)
DRV - [2007/03/14 14:34:16 | 00,005,120 | ---- | M] (Samsung Electronics) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\SSPORT.SYS -- (SSPORT)
DRV - [2006/11/02 10:51:45 | 00,900,712 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300)
DRV - [2006/11/02 10:51:38 | 00,420,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx)
DRV - [2006/11/02 10:51:34 | 00,316,520 | ---- | M] (Emulex) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor)
DRV - [2006/11/02 10:51:32 | 00,297,576 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci)
DRV - [2006/11/02 10:51:25 | 00,235,112 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci)
DRV - [2006/11/02 10:51:25 | 00,232,040 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV)
DRV - [2006/11/02 10:51:00 | 00,147,048 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320)
DRV - [2006/11/02 10:50:45 | 00,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2)
DRV - [2006/11/02 10:50:41 | 00,112,232 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid)
DRV - [2006/11/02 10:50:35 | 00,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx)
DRV - [2006/11/02 10:50:35 | 00,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata)
DRV - [2006/11/02 10:50:35 | 00,098,408 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m)
DRV - [2006/11/02 10:50:24 | 00,088,680 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid)
DRV - [2006/11/02 10:50:19 | 00,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960)
DRV - [2006/11/02 10:50:17 | 00,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp)
DRV - [2006/11/02 10:50:16 | 00,071,784 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4)
DRV - [2006/11/02 10:50:13 | 00,040,040 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor)
DRV - [2006/11/02 10:50:11 | 00,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx)
DRV - [2006/11/02 10:50:10 | 00,067,688 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas)
DRV - [2006/11/02 10:50:10 | 00,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI)
DRV - [2006/11/02 10:50:10 | 00,038,504 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid2.sys -- (SiSRaid2)
DRV - [2006/11/02 10:50:10 | 00,037,480 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs)
DRV - [2006/11/02 10:50:09 | 00,067,688 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arc.sys -- (arc)
DRV - [2006/11/02 10:50:09 | 00,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid)
DRV - [2006/11/02 10:50:07 | 00,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi)
DRV - [2006/11/02 10:50:05 | 00,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS)
DRV - [2006/11/02 10:50:05 | 00,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx)
DRV - [2006/11/02 10:50:04 | 00,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC)
DRV - [2006/11/02 10:50:03 | 00,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3)
DRV - [2006/11/02 10:49:59 | 00,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x)
DRV - [2006/11/02 10:49:56 | 00,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi)
DRV - [2006/11/02 10:49:53 | 00,028,776 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasas.sys -- (megasas)
DRV - [2006/11/02 09:25:24 | 00,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
DRV - [2006/11/02 09:24:47 | 00,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer)
DRV - [2006/11/02 09:24:46 | 00,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp)
DRV - [2006/11/02 09:24:45 | 00,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo)
DRV - [2006/11/02 09:24:44 | 00,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm)
DRV - [2006/11/02 09:24:44 | 00,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm)
DRV - [2006/11/02 08:36:50 | 00,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi)
DRV - [2006/11/02 08:30:54 | 00,117,760 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel(R)
DRV - [2006/11/02 07:37:21 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\secdrv.sys -- (secdrv)
DRV - [2004/10/18 14:02:20 | 00,041,472 | ---- | M] (DeviceGuys, Inc.) [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\DGIVECP.SYS -- (DgiVecp)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE= ... pf=desktop
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE= ... pf=desktop


IE - HKU\.DEFAULT\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-2919847983-440680175-3184493004-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\S-1-5-21-2919847983-440680175-3184493004-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-2919847983-440680175-3184493004-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\S-1-5-21-2919847983-440680175-3184493004-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://fr.msn.com/?ocid=iehp
IE - HKU\S-1-5-21-2919847983-440680175-3184493004-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = fr
IE - HKU\S-1-5-21-2919847983-440680175-3184493004-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 28 B1 D7 3A 3D E8 C9 01 [binary data]
IE - HKU\S-1-5-21-2919847983-440680175-3184493004-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-2919847983-440680175-3184493004-1000\..\URLSearchHook: {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\kb128\SearchSettings.dll (Spigot, Inc.)
IE - HKU\S-1-5-21-2919847983-440680175-3184493004-1000\S-1-5-21-2919847983-440680175-3184493004-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..extensions.enabledItems: en-GB@dictionaries.addons.mozilla.org:1.19
FF - prefs.js..extensions.enabledItems: {01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C}:4.0
FF - prefs.js..extensions.enabledItems: es-es@dictionaries.addons.mozilla.org:1.2.1
FF - prefs.js..extensions.enabledItems: {3d7eb24f-2740-49df-8937-200b1cc08f8a}:1.5.11.2
FF - prefs.js..extensions.enabledItems: {000a9d1c-beef-4f90-9363-039d445309b8}:0.5.33.0
FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:1.0
FF - prefs.js..extensions.enabledItems: search@searchsettings.com:1.2.1

FF - HKLM\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Program Files\browserrecord [2008/12/18 17:49:53 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{000a9d1c-beef-4f90-9363-039d445309b8}: C:\Program Files\Google\Google Gears\Firefox\ [2009/11/04 09:46:47 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.15\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2009/10/28 19:06:14 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.15\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2009/10/28 19:06:14 | 00,000,000 | ---D | M]

[2008/08/05 11:40:59 | 00,000,000 | ---D | M] -- C:\Users\Aimel\AppData\Roaming\mozilla\Extensions
[2009/12/18 00:58:54 | 00,000,000 | ---D | M] -- C:\Users\Aimel\AppData\Roaming\mozilla\Firefox\Profiles\ky7wqwit.default\extensions
[2009/07/03 01:59:27 | 00,000,000 | ---D | M] (Flashblock) -- C:\Users\Aimel\AppData\Roaming\mozilla\Firefox\Profiles\ky7wqwit.default\extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a}
[2008/06/20 15:17:28 | 00,000,000 | ---D | M] -- C:\Users\Aimel\AppData\Roaming\mozilla\Firefox\Profiles\ky7wqwit.default\extensions\en-GB@dictionaries.addons.mozilla.org
[2009/04/27 22:54:24 | 00,000,000 | ---D | M] -- C:\Users\Aimel\AppData\Roaming\mozilla\Firefox\Profiles\ky7wqwit.default\extensions\es-es@dictionaries.addons.mozilla.org
[2009/11/20 01:32:03 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions
[2009/06/08 19:03:09 | 00,000,000 | ---D | M] (Dealio Toolbar Plugin) -- C:\Program Files\mozilla firefox\extensions\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C}
[2009/06/08 19:03:17 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\search@searchsettings.com
[2007/08/24 14:52:00 | 00,300,400 | ---- | M] (Symantec Corporation) -- C:\Program Files\mozilla firefox\components\coFFPlgn.dll
[2006/07/31 15:07:16 | 00,098,304 | ---- | M] (Zylom) -- C:\Program Files\mozilla firefox\plugins\npzylomgamesplayer.dll
[2009/08/10 10:03:25 | 00,001,516 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-france.xml
[2009/08/10 10:03:25 | 00,000,757 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-france.xml
[2009/08/10 10:03:25 | 00,000,748 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\MediaDICO-fr.xml
[2009/08/10 10:03:25 | 00,001,426 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-fr.xml
[2009/08/10 10:03:25 | 00,000,652 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-france.xml

O1 HOSTS File: (761 bytes) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Dealio Toolbar) - {01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} - C:\Program Files\Dealio Toolbar\DealioToolbarIE.dll (Spigot, Inc.)
O2 - BHO: (Aide pour le lien d'Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (no name) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - c:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.0\coIEPlg.dll (Symantec Corporation)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\PROGRA~1\COMMON~1\SYMANT~1\IDS\IPSBHO.dll (Symantec Corporation)
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
O2 - BHO: (AOL Toolbar Launcher) - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll (AOL)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll (Google Inc.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Google Gears Helper) - {E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.33.0\gears.dll (Google Inc.)
O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O2 - BHO: (SearchSettings Class) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\kb128\SearchSettings.dll (Spigot, Inc.)
O3 - HKLM\..\Toolbar: (Dealio Toolbar) - {01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} - C:\Program Files\Dealio Toolbar\DealioToolbarIE.dll (Spigot, Inc.)
O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (&Google) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Show Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - c:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.0\CoIEPlg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (AOL Toolbar) - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll (AOL)
O3 - HKU\S-1-5-21-2919847983-440680175-3184493004-1000\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKU\S-1-5-21-2919847983-440680175-3184493004-1000\..\Toolbar\WebBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll (Google Inc.)
O3 - HKU\S-1-5-21-2919847983-440680175-3184493004-1000\..\Toolbar\WebBrowser: (AOL Toolbar) - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll (AOL)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Adobe ARM] C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe (Hewlett-Packard)
O4 - HKLM..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe (Intel Corporation)
O4 - HKLM..\Run: [ISUSScheduler] C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe (Macrovision Corporation)
O4 - HKLM..\Run: [MioNet] C:\Program Files\MioNet\MioNetLauncher.exe ()
O4 - HKLM..\Run: [MobileConnect] C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe (Vodafone)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvSvc] C:\Windows\System32\nvsvc.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [OsdMaestro] C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe (OsdMaestro)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [SearchSettings] C:\Program Files\Search Settings\SearchSettings.exe (Spigot, Inc.)
O4 - HKLM..\Run: [SunJavaUpdateReg] C:\Windows\System32\jureg.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-2919847983-440680175-3184493004-1000..\Run: [ISUSPM Startup] C:\Programmes\Common Files\InstallShield\UpdateService\ISUSPM.exe File not found
O4 - HKLM..\RunOnce: [] File not found
O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O8 - Extra context menu item: &Recherche AOL Toolbar - c:\program files\aol\aol toolbar 5.0\resources\fr-fr\local\search.html ()
O9 - Extra 'Tools' menuitem : Paramètres de Google &Gears - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.33.0\gears.dll (Google Inc.)
O9 - Extra Button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: AOL Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll (AOL)
O9 - Extra 'Tools' menuitem : Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe ()
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL (Microsoft Corporation)
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-2919847983-440680175-3184493004-1000\..Trusted Ranges: GD ([http] in Local intranet)
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} http://download.microsoft.com/download/ ... ontrol.cab (Office Genuine Advantage Validation Tool)
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} http://download.bitdefender.com/resourc ... oscan8.cab (BDSCANONLINE Control)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control)
O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} http://gigimatar.spaces.live.com/PhotoU ... dfr-fr.cab (Windows Live Photo Upload Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/fl ... rashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_17)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 89.2.0.1 192.168.0.1
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL) - C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL (Google)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008/03/20 10:20:56 | 00,000,074 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{14cc3dca-63a2-11dd-a465-f3754903a665}\Shell\AutoRun\command - "" = useinit.exe
O33 - MountPoints2\{14cc3dca-63a2-11dd-a465-f3754903a665}\Shell\Explore\Command - "" = useinit.exe
O33 - MountPoints2\{14cc3dca-63a2-11dd-a465-f3754903a665}\Shell\Open\Command - "" = useinit.exe
O33 - MountPoints2\{6850dbf3-61a1-11de-869d-001e8cc54b0e}\Shell - "" = AutoRun
O33 - MountPoints2\{6850dbf3-61a1-11de-869d-001e8cc54b0e}\Shell\AutoRun\command - "" = K:\setup_vmc_lite.exe -- File not found
O33 - MountPoints2\{6850dbfb-61a1-11de-869d-001e8cc54b0e}\Shell - "" = AutoRun
O33 - MountPoints2\{6850dbfb-61a1-11de-869d-001e8cc54b0e}\Shell\AutoRun\command - "" = L:\setup_vmc_lite.exe -- File not found
O33 - MountPoints2\{9b7e77a0-bd40-11dd-9e37-001e8cc54b0e}\Shell\AutoRun\command - "" = M:\hkn6k.bat -- File not found
O33 - MountPoints2\{9b7e77a0-bd40-11dd-9e37-001e8cc54b0e}\Shell\open\Command - "" = M:\hkn6k.bat -- File not found
O33 - MountPoints2\{f0da3782-38ce-11dd-b884-aecc44b74b18}\Shell\autoPlAy\ComMaNd - "" = sbcw.pif
O33 - MountPoints2\{f0da3782-38ce-11dd-b884-aecc44b74b18}\Shell\AutoRun\command - "" = sbcw.pif
O33 - MountPoints2\{f0da3782-38ce-11dd-b884-aecc44b74b18}\Shell\explORe\ComMaNd - "" = sbcw.pif
O33 - MountPoints2\{f0da3782-38ce-11dd-b884-aecc44b74b18}\Shell\OpeN\COmmAND - "" = sbcw.pif
O33 - MountPoints2\K\Shell\AutoRun\command - "" = K:\hkn6k.bat -- File not found
O33 - MountPoints2\K\Shell\open\Command - "" = K:\hkn6k.bat -- File not found
O34 - HKLM BootExecute: (autocheck autochk /r \??\C:) - File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - comfile [open] -- "%1" %*
O35 - exefile [open] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2009/12/18 05:59:49 | 00,000,000 | ---D | C] -- C:\Users\Aimel\AppData\Roaming\Malwarebytes
[2009/12/18 05:59:43 | 00,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2009/12/18 05:59:41 | 00,019,160 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2009/12/18 05:59:41 | 00,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2009/12/18 05:59:41 | 00,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2009/12/18 05:58:33 | 04,844,296 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\Aimel\Desktop\mbam-setup.exe
[2009/12/18 05:58:04 | 00,564,736 | ---- | C] (OldTimer Tools) -- C:\Users\Aimel\Desktop\OTL.exe
[2009/12/18 05:22:16 | 00,000,000 | ---D | C] -- C:\Program Files\SIW
[2009/12/18 04:50:59 | 00,000,000 | ---D | C] -- C:\UsbFix
[2009/12/18 03:14:28 | 00,000,000 | ---D | C] -- C:\ProgramData\Real
[2009/12/18 02:57:30 | 00,096,104 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avipbb.sys
[2009/12/18 02:57:30 | 00,056,816 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avgntflt.sys
[2009/12/18 02:57:30 | 00,028,520 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\ssmdrv.sys
[2009/12/18 02:57:28 | 00,000,000 | ---D | C] -- C:\ProgramData\Avira
[2009/12/18 02:57:28 | 00,000,000 | ---D | C] -- C:\Program Files\Avira
[2009/12/17 10:21:26 | 00,000,000 | ---D | C] -- C:\Users\Aimel\AppData\Local\Apps
[2009/12/17 10:09:06 | 00,000,000 | ---D | C] -- C:\Users\Aimel\AppData\Roaming\Backup MyPC
[2009/12/17 09:56:25 | 00,000,000 | ---D | C] -- C:\Users\Aimel\Desktop\Parque-Arte
[2009/12/17 09:50:10 | 00,000,000 | ---D | C] -- C:\HP Personal Media Drive
[2009/12/17 09:50:03 | 00,000,000 | ---D | C] -- C:\Program Files\Roxio
[2009/12/17 09:50:02 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Roxio Shared
[2009/12/10 10:54:56 | 00,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nshhttp.dll
[2009/12/10 10:54:54 | 00,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\httpapi.dll
[2009/12/10 10:51:28 | 00,594,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2009/12/10 10:51:28 | 00,387,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2009/12/10 10:51:27 | 01,638,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2009/12/10 10:51:27 | 01,469,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2009/12/10 10:51:27 | 00,184,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2009/12/10 10:51:27 | 00,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2009/12/10 10:51:27 | 00,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2009/12/10 10:51:27 | 00,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2009/12/10 10:51:27 | 00,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2009/12/10 10:51:27 | 00,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2009/12/10 10:51:27 | 00,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2009/12/10 10:51:27 | 00,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2009/12/10 10:51:27 | 00,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2009/12/10 10:51:27 | 00,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2009/12/10 10:51:02 | 00,243,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rastls.dll
[2009/12/08 13:57:57 | 00,000,000 | ---D | C] -- C:\Users\Aimel\Desktop\Nouveau dossier (2)
[2009/12/04 19:20:13 | 00,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2009/12/04 19:19:04 | 00,714,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\timedate.cpl
[2009/11/20 01:31:57 | 00,149,280 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe
[2009/11/20 01:31:57 | 00,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe
[2009/11/20 01:31:57 | 00,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe
[2009/11/20 01:30:44 | 02,036,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2009/11/20 01:30:02 | 00,355,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSDApi.dll
[2009/11/19 13:54:13 | 00,000,000 | ---D | C] -- C:\Users\Aimel\AppData\Roaming\Media Player Classic
[2009/11/19 13:47:18 | 00,839,680 | ---- | C] (http://www.mp3dev.org/) -- C:\Windows\System32\lameACM.acm
[2009/11/19 13:47:18 | 00,217,088 | ---- | C] (www.helixcommunity.org) -- C:\Windows\System32\yv12vfw.dll
[2009/11/19 13:47:18 | 00,118,784 | ---- | C] (fccHandler) -- C:\Windows\System32\ac3acm.acm
[2009/11/19 13:47:13 | 00,000,000 | ---D | C] -- C:\Program Files\K-Lite Codec Pack
[2009/11/19 13:12:13 | 00,000,000 | ---D | C] -- C:\Program Files\IrfanView
[2008/12/18 17:50:02 | 00,014,336 | ---- | C] (RealNetworks, Inc.) -- C:\Program Files\wmdmhelper.dll
[2008/12/18 17:50:01 | 00,692,224 | ---- | C] ( ) -- C:\Program Files\dtdr3260.dll
[2008/12/18 17:50:00 | 00,659,456 | ---- | C] (RealNetworks, Inc.) -- C:\Program Files\rjbres.dll
[2008/12/18 17:50:00 | 00,339,968 | ---- | C] (RealNetworks, Inc.) -- C:\Program Files\rjdlg.dll
[2008/12/18 17:50:00 | 00,139,264 | ---- | C] (Inner Media, Inc.) -- C:\Program Files\DUNZIP32.dll
[2008/12/18 17:50:00 | 00,019,456 | ---- | C] (RealNetworks, Inc.) -- C:\Program Files\rjprog.dll
[2008/12/18 17:49:59 | 00,041,472 | ---- | C] (RealNetworks, Inc.) -- C:\Program Files\mmcdda32.dll
[2008/12/18 17:49:59 | 00,036,352 | ---- | C] (RealNetworks, Inc.) -- C:\Program Files\ierjplug.dll
[2008/12/18 17:49:59 | 00,019,456 | ---- | C] (RealNetworks, Inc.) -- C:\Program Files\tnetdtct.dll
[2008/12/18 17:49:59 | 00,006,656 | ---- | C] (RealNetworks, Inc.) -- C:\Program Files\fixrjb.exe
[2008/12/18 17:49:58 | 00,081,920 | ---- | C] (RealNetworks, Inc.) -- C:\Program Files\tsasdk.dll
[2008/12/18 17:49:58 | 00,057,344 | ---- | C] (RealNetworks, Inc.) -- C:\Program Files\tpasdk.dll
[2008/12/18 17:49:54 | 00,032,768 | ---- | C] (RealNetworks, Inc.) -- C:\Program Files\rpwa3260.dll
[2008/12/18 17:49:53 | 00,153,152 | ---- | C] (RealNetworks, Inc.) -- C:\Program Files\RecordingManager.exe
[2008/12/18 17:49:53 | 00,043,056 | ---- | C] (RealNetworks, Inc.) -- C:\Program Files\rpshellsearch.dll
[2008/12/18 17:49:52 | 00,719,360 | ---- | C] (Microsoft Corporation) -- C:\Program Files\dbghelp.dll
[2008/12/18 17:49:52 | 00,304,736 | ---- | C] (RealPlayer) -- C:\Program Files\rpbrowserrecordplugin.dll
[2008/12/18 17:49:52 | 00,065,536 | ---- | C] (RealNetworks, Inc.) -- C:\Program Files\rjwmapln.dll
[2008/12/18 17:49:48 | 00,053,248 | ---- | C] (RealNetworks, Inc.) -- C:\Program Files\rpau3260.dll
[2008/12/18 17:49:41 | 00,098,304 | ---- | C] (RealPlayer) -- C:\Program Files\rpshellextension.dll
[2008/12/18 17:49:41 | 00,095,784 | ---- | C] (RealNetworks, Inc.) -- C:\Program Files\rdsf3260.dll
[2008/12/18 17:49:41 | 00,086,016 | ---- | C] (RealNetworks, Inc.) -- C:\Program Files\rpplugprot.dll
[2008/12/18 17:49:40 | 00,063,016 | ---- | C] (RealNetworks, Inc.) -- C:\Program Files\rpshell.dll
[2008/12/18 17:49:38 | 00,214,536 | ---- | C] (RealNetworks, Inc.) -- C:\Program Files\realplay.exe
[2008/12/18 17:49:38 | 00,009,216 | ---- | C] (RealNetworks, Inc.) -- C:\Program Files\rphelperapp.exe
[2008/12/18 17:49:38 | 00,007,168 | ---- | C] (RealNetworks, Inc.) -- C:\Program Files\realjbox.exe
[3 C:\Windows\System32\drivers\*.tmp files -> C:\Windows\System32\drivers\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2009/12/18 06:23:58 | 04,194,304 | -HS- | M] () -- C:\Users\Aimel\ntuser.dat
[2009/12/18 05:59:46 | 00,000,820 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2009/12/18 05:58:47 | 04,844,296 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\Aimel\Desktop\mbam-setup.exe
[2009/12/18 05:58:13 | 00,564,736 | ---- | M] (OldTimer Tools) -- C:\Users\Aimel\Desktop\OTL.exe
[2009/12/18 05:46:00 | 00,001,052 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2009/12/18 05:30:17 | 01,656,291 | ---- | M] () -- C:\Users\Aimel\Desktop\SIW_20091218_052813_PC-AIMEL.html
[2009/12/18 05:22:55 | 00,003,568 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2009/12/18 05:22:55 | 00,003,568 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2009/12/18 03:49:06 | 00,000,418 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{70165392-7111-443C-80AB-417CC1827FED}.job
[2009/12/18 03:03:57 | 00,056,816 | ---- | M] (Avira GmbH) -- C:\Windows\System32\drivers\avgntflt.sys
[2009/12/18 03:03:57 | 00,028,520 | ---- | M] (Avira GmbH) -- C:\Windows\System32\drivers\ssmdrv.sys
[2009/12/18 02:47:32 | 00,001,048 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2009/12/18 02:47:28 | 00,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2009/12/18 02:47:27 | 00,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2009/12/18 02:47:24 | 34,889,15456 | -HS- | M] () -- C:\hiberfil.sys
[2009/12/18 02:45:52 | 00,524,288 | -HS- | M] () -- C:\Users\Aimel\ntuser.dat{6e4f5099-633f-11dd-b7bc-00164496fe4d}.TMContainer00000000000000000001.regtrans-ms
[2009/12/18 02:45:52 | 00,065,536 | -HS- | M] () -- C:\Users\Aimel\ntuser.dat{6e4f5099-633f-11dd-b7bc-00164496fe4d}.TM.blf
[2009/12/18 02:44:30 | 00,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
[2009/12/18 01:28:52 | 03,508,620 | -H-- | M] () -- C:\Users\Aimel\AppData\Local\IconCache.db
[2009/12/18 00:45:50 | 00,000,031 | ---- | M] () -- C:\Windows\sbewin32.INI
[2009/12/17 19:04:08 | 01,470,810 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2009/12/17 19:04:08 | 00,669,328 | ---- | M] () -- C:\Windows\System32\perfh00C.dat
[2009/12/17 19:04:08 | 00,586,980 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2009/12/17 19:04:08 | 00,123,350 | ---- | M] () -- C:\Windows\System32\perfc00C.dat
[2009/12/17 19:04:08 | 00,101,052 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2009/12/17 12:30:38 | 00,420,902 | ---- | M] () -- C:\Users\Aimel\.recently-used.xbel
[2009/12/08 13:10:06 | 00,024,206 | ---- | M] () -- C:\Users\Aimel\AppData\Roaming\UserTile.png
[2009/12/03 16:14:06 | 00,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2009/12/03 16:13:56 | 00,019,160 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2009/11/30 22:33:18 | 00,320,216 | ---- | M] () -- C:\Users\Aimel\Documents\Commentaires budget.pdf
[2009/11/27 00:20:22 | 00,011,151 | ---- | M] () -- C:\Users\Aimel\Documents\Classeur1.xlsx
[2009/11/21 07:35:38 | 00,594,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2009/11/21 07:35:38 | 00,055,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2009/11/21 07:34:58 | 00,025,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2009/11/21 07:34:52 | 01,469,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2009/11/21 07:34:39 | 00,164,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2009/11/21 07:34:39 | 00,109,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2009/11/21 07:34:39 | 00,071,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2009/11/21 07:34:38 | 00,184,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2009/11/21 07:34:38 | 00,055,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2009/11/21 07:34:33 | 00,387,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2009/11/21 05:59:58 | 00,133,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2009/11/21 05:59:52 | 00,173,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2009/11/21 05:59:14 | 00,013,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2009/11/21 05:58:54 | 01,638,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2009/11/20 09:06:26 | 02,246,800 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2009/11/19 17:54:36 | 00,065,536 | ---- | M] () -- C:\Users\Aimel\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[3 C:\Windows\System32\drivers\*.tmp files -> C:\Windows\System32\drivers\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2009/12/18 05:59:46 | 00,000,820 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2009/12/18 05:28:27 | 01,656,291 | ---- | C] () -- C:\Users\Aimel\Desktop\SIW_20091218_052813_PC-AIMEL.html
[2009/12/18 01:35:35 | 34,889,15456 | -HS- | C] () -- C:\hiberfil.sys
[2009/12/18 00:45:50 | 00,000,031 | ---- | C] () -- C:\Windows\sbewin32.INI
[2009/12/17 12:30:38 | 00,420,902 | ---- | C] () -- C:\Users\Aimel\.recently-used.xbel
[2009/12/08 13:10:06 | 00,024,206 | ---- | C] () -- C:\Users\Aimel\AppData\Roaming\UserTile.png
[2009/11/30 22:33:17 | 00,320,216 | ---- | C] () -- C:\Users\Aimel\Documents\Commentaires budget.pdf
[2009/11/27 00:20:22 | 00,011,151 | ---- | C] () -- C:\Users\Aimel\Documents\Classeur1.xlsx
[2009/11/19 13:47:21 | 00,178,176 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2009/11/19 13:47:20 | 00,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini
[2009/11/19 13:47:18 | 00,000,414 | ---- | C] () -- C:\Windows\System32\lame_acm.xml
[2009/11/19 13:47:17 | 00,881,664 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2009/11/19 13:47:17 | 00,205,824 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2009/11/19 13:47:15 | 00,085,504 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2009/11/19 13:47:15 | 00,000,547 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll.manifest
[2009/08/09 09:13:59 | 00,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009/06/23 23:09:00 | 00,484,352 | ---- | C] () -- C:\Windows\System32\lame_enc.dll
[2009/06/08 19:38:59 | 00,074,390 | ---- | C] () -- C:\Program Files\Ri4m_Uninstal.exe
[2009/05/08 14:33:43 | 00,000,130 | ---- | C] () -- C:\Users\Aimel\AppData\Roaming\default.rss
[2009/05/08 13:08:36 | 00,004,767 | ---- | C] () -- C:\Windows\Irremote.ini
[2009/05/04 19:54:27 | 00,000,097 | ---- | C] () -- C:\Windows\System32\PICSDK.ini
[2009/05/04 19:43:08 | 00,000,025 | ---- | C] () -- C:\Windows\CDE DX7400DEFGIPS.ini
[2008/12/18 17:50:01 | 00,000,568 | ---- | C] () -- C:\Program Files\fpsectbl
[2008/12/18 17:49:59 | 00,002,851 | ---- | C] () -- C:\Program Files\cdroms.cfg
[2008/12/18 17:49:54 | 00,119,808 | ---- | C] () -- C:\Program Files\waiting.avi
[2008/12/18 17:49:54 | 00,057,762 | ---- | C] () -- C:\Program Files\howto.chm
[2008/12/18 17:49:54 | 00,056,721 | ---- | C] () -- C:\Program Files\realplay.chm
[2008/12/18 17:49:54 | 00,016,296 | ---- | C] () -- C:\Program Files\realtfon.fon
[2008/12/18 17:49:54 | 00,011,444 | ---- | C] () -- C:\Program Files\frw.bmp
[2008/12/18 17:49:53 | 00,001,209 | ---- | C] () -- C:\Program Files\flvplay.swf
[2008/12/18 17:49:53 | 00,000,685 | ---- | C] () -- C:\Program Files\RecordingManager.exe.manifest
[2008/12/18 17:49:47 | 00,060,064 | ---- | C] () -- C:\Program Files\RealNetworks License.html
[2008/12/18 17:49:47 | 00,060,064 | ---- | C] () -- C:\Program Files\playrlic.html
[2008/12/18 17:49:47 | 00,058,280 | ---- | C] () -- C:\Program Files\RealNetworks License.txt
[2008/12/18 17:49:47 | 00,058,280 | ---- | C] () -- C:\Program Files\playrlic.txt
[2008/12/18 17:49:47 | 00,053,098 | ---- | C] () -- C:\Program Files\presets.rnx
[2008/12/18 17:49:47 | 00,000,480 | ---- | C] () -- C:\Program Files\keys.dat
[2008/12/18 17:49:45 | 00,661,578 | ---- | C] () -- C:\Program Files\normal.vs
[2008/12/18 17:49:45 | 00,061,495 | ---- | C] () -- C:\Program Files\ssimages.vs
[2008/12/18 17:49:42 | 00,102,400 | ---- | C] () -- C:\Program Files\HXAudioDeviceHook.dll
[2008/12/18 17:49:40 | 00,001,001 | ---- | C] () -- C:\Program Files\autoplaylist.dat
[2008/12/18 17:49:40 | 00,000,071 | ---- | C] () -- C:\Program Files\strs23.dat
[2008/12/18 17:49:40 | 00,000,015 | ---- | C] () -- C:\Program Files\strs26.dat
[2008/12/18 17:49:38 | 00,000,682 | ---- | C] () -- C:\Program Files\realplay.exe.manifest
[2008/12/18 17:49:37 | 00,023,558 | ---- | C] () -- C:\Program Files\freeoffers.ico
[2008/12/18 17:49:37 | 00,017,846 | ---- | C] () -- C:\Program Files\videotest.rm
[2008/12/18 17:49:37 | 00,000,221 | ---- | C] () -- C:\Program Files\subscription.rnx
[2008/12/18 17:49:37 | 00,000,177 | ---- | C] () -- C:\Program Files\freeoffers.rnx
[2008/10/25 11:02:02 | 00,007,949 | ---- | C] () -- C:\Users\Aimel\AppData\Roaming\mdbu.bin
[2008/10/12 00:50:28 | 00,012,288 | ---- | C] () -- C:\Windows\impborl.dll
[2008/09/22 10:15:16 | 00,126,030 | R--- | C] () -- C:\ProgramData\DeviceManager.xml.rc4
[2008/09/15 13:28:10 | 00,020,270 | ---- | C] () -- C:\ProgramData\DeviceInstaller.xml
[2008/08/02 20:20:14 | 00,065,536 | ---- | C] () -- C:\Users\Aimel\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/06/11 17:31:54 | 00,000,680 | ---- | C] () -- C:\Users\Aimel\AppData\Local\d3d9caps.dat
[2008/03/20 10:14:44 | 00,000,342 | ---- | C] () -- C:\ProgramData\hpzinstall.log
[2008/03/20 09:57:26 | 00,327,680 | ---- | C] () -- C:\Windows\System32\pythoncom25.dll
[2008/03/20 09:57:26 | 00,102,400 | ---- | C] () -- C:\Windows\System32\pywintypes25.dll
[2008/02/04 17:23:10 | 00,693,792 | ---- | C] () -- C:\Windows\System32\OGACheckControl.DLL
[2006/12/09 03:54:38 | 00,022,723 | ---- | C] () -- C:\Windows\System32\sugg1l3.dll
[2006/11/02 13:35:32 | 00,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 08:40:29 | 00,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/10/30 01:00:00 | 00,028,672 | ---- | C] () -- C:\Windows\System32\besched.dll
[2005/03/14 13:38:28 | 00,000,469 | ---- | C] () -- C:\Windows\bdoscandellang.ini
[2003/10/02 01:00:00 | 00,208,896 | ---- | C] () -- C:\Windows\System32\lockout.dll
[2003/10/02 01:00:00 | 00,045,056 | ---- | C] () -- C:\Windows\System32\lockres.dll

========== Alternate Data Streams ==========

@Alternate Data Stream - 124 bytes -> C:\ProgramData\TEMP:E1F04E8D
<End>
laly1976
 
Messages: 5
Inscription: 18 Déc 2009, 06:28

Messagede laly1976 » 18 Déc 2009, 06:42

OTL Extras logfile created on: 18/12/2009 06:21:22 - Run 1
OTL by OldTimer - Version 3.1.18.0 Folder = C:\Users\Aimel\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18865)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

2,00 Gb Total Physical Memory | 1,70 Gb Available Physical Memory | 85,23% Memory free
4,00 Gb Paging File | 4,00 Gb Available in Paging File | 100,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 455,46 Gb Total Space | 134,26 Gb Free Space | 29,48% Space Free | Partition Type: NTFS
Drive D: | 10,30 Gb Total Space | 1,00 Gb Free Space | 9,68% Space Free | Partition Type: NTFS
Drive E: | 465,76 Gb Total Space | 457,65 Gb Free Space | 98,26% Space Free | Partition Type: NTFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Drive Z: | 298,08 Gb Total Space | 288,79 Gb Free Space | 96,88% Space Free | Partition Type: NTFS

Computer Name: PC-AIMEL
Current User Name: Aimel
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.chm [@ = chm.file] -- "%SystemRoot%\hh.exe" %1
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-2919847983-440680175-3184493004-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
chm.file [open] -- "%SystemRoot%\hh.exe" %1
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~3\Office12\ONENOTE.EXE "%L" File not found
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{06A58B39-94DA-484C-861E-5AC0368ACBF9}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{07E60C2B-F783-42B4-8AED-F3FDB7433005}" = lport=51001 | protocol=6 | dir=in | name=adobe version cue cs4 server |
"{15E43EBD-B1F7-41A4-9807-0A8956C14ADD}" = lport=1641 | protocol=6 | dir=in | name=mionet remote drive verification |
"{176DA40D-A4E6-44B1-AD61-D1549DB0065D}" = lport=1702 | protocol=6 | dir=in | name=mionet remote drive access 2 |
"{1A616B1F-3E5F-4B4A-84DF-B1F5A972A9A2}" = lport=5353 | protocol=6 | dir=in | name=adobe csi cs4 |
"{1C542C45-4847-42CB-A9FA-1F8C26599ED2}" = lport=51000 | protocol=6 | dir=in | name=adobe version cue cs4 server |
"{1CE18D8E-8EEF-4E58-82B5-32B9B6BB90D7}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{214178BF-D262-4DDB-BA56-B4CA24032853}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{2A70D5F3-A9B9-49B2-83ED-CECE74A7EB53}" = lport=1707 | protocol=6 | dir=in | name=mionet remote drive access 7 |
"{30DEBEAC-5EC8-444A-A94D-465B9FF757EB}" = lport=1708 | protocol=6 | dir=in | name=mionet remote drive access 8 |
"{3C8FB482-E206-4998-8E12-96E9D819B2E1}" = lport=1705 | protocol=6 | dir=in | name=mionet remote drive access 5 |
"{41709A01-BF3C-45D7-B084-75705BD95058}" = lport=1704 | protocol=6 | dir=in | name=mionet remote drive access 4 |
"{47D6B925-925B-4B8A-BD68-CE9F2EEA961E}" = lport=1700 | protocol=6 | dir=in | name=mionet remote drive access 0 |
"{55309254-D1E7-4A1B-8328-6D2A19B2A4EF}" = lport=5432 | protocol=17 | dir=in | name=mionet storage device discovery |
"{57FD236F-3AE4-4B12-9EAD-D88B466875EB}" = lport=3703 | protocol=6 | dir=in | name=adobe version cue cs4 server |
"{65D780F7-79D1-4C4B-8D8C-D48100E1BCF7}" = lport=1709 | protocol=6 | dir=in | name=mionet remote drive access 9 |
"{6C4F1E42-44B2-44BA-81C3-B62781A977D2}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{6DA98C49-A4E1-4E92-894F-B7A9CE0DF60A}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{7AC9B7A2-03D7-4D2B-9431-681239445CA2}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{8E4FF0EE-6ED3-4164-BBA1-9998502AB22C}" = lport=1647 | protocol=6 | dir=in | name=mionet storage device configuration |
"{A7CAC2C7-56DD-4F19-AA9C-D64B18783D2D}" = lport=1701 | protocol=6 | dir=in | name=mionet remote drive access 1 |
"{BA67ED7F-C1B3-44DC-9FB5-600888A7F806}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{C9649B2D-6D1F-4CBB-9A01-41A03A059567}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{D455D5E9-5040-4180-932B-47DEFC331BB4}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{DA1E5B5D-4835-46DA-BA9D-7E7FFB107473}" = lport=2869 | protocol=6 | dir=in | app=system |
"{E16AFEBC-C389-4828-8F54-2C08C7898DD5}" = lport=1706 | protocol=6 | dir=in | name=mionet remote drive access 6 |
"{E3C05497-EC9A-4FD1-8462-A2B2FEF381DB}" = lport=1703 | protocol=6 | dir=in | name=mionet remote drive access 3 |
"{F9E4AB2C-55AF-4EEF-9222-AD26C4606B7E}" = lport=3704 | protocol=6 | dir=in | name=adobe version cue cs4 server |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0E0F6FD2-ED78-4F37-BDBE-9B4ABA6D1F59}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{28400F0A-A1F7-44E0-B360-72A6C83D9171}" = dir=in | app=c:\program files\windows live\messenger\wlcsdk.exe |
"{2D555372-C558-4505-84A1-47615C2A9821}" = protocol=6 | dir=in | app=c:\program files\mionet\jvm\bin\mionet.exe |
"{3815D599-CBFD-4AB6-A61B-2D5DCDD1FE5F}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{4623EF95-E803-4884-8797-A404C1E12C5B}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{4E2813DD-708D-4196-9E45-D8569556ED38}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{5143B400-7B14-4392-A205-D0A85077E18B}" = protocol=17 | dir=in | app=c:\program files\common files\adobe\cs4servicemanager\cs4servicemanager.exe |
"{57F7EC6E-DC10-407C-BCB4-B05D5B107002}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{78E135C7-19AA-4969-B056-62BBDDB40C1D}" = protocol=17 | dir=in | app=c:\program files\common files\adobe\adobe version cue cs4\server\bin\versioncuecs4.exe |
"{92C7AD6D-08EF-4861-B28E-4A3B9B691F09}" = protocol=6 | dir=in | app=c:\program files\common files\adobe\cs4servicemanager\cs4servicemanager.exe |
"{9A417E88-1CEA-4139-99AA-CF5914A88F97}" = protocol=17 | dir=in | app=c:\program files\mionet\mionetmanager.exe |
"{A3C12740-70D6-4EC5-B49F-635A7C0FF292}" = protocol=17 | dir=in | app=c:\program files\mionet\jvm\bin\mionet.exe |
"{AA6CF739-DD24-4120-8BD1-29404B5BD89D}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{B63524AE-543A-4DA7-AB21-5796979E96C5}" = protocol=6 | dir=in | app=c:\program files\mionet\mionetmanager.exe |
"{C8BF44F2-43A0-459D-A6F5-20E82A321AF4}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{D9B380D2-FA45-43F2-BF23-D63C9C0D5DD3}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe |
"{EA3527E2-4533-4761-BB92-7AFCE56DF2C0}" = dir=in | app=c:\program files\cyberlink\powerdirector\pdr.exe |
"{FE34726B-6F6C-4945-9183-EC349309AA98}" = protocol=6 | dir=in | app=c:\program files\common files\adobe\adobe version cue cs4\server\bin\versioncuecs4.exe |
"TCP Query User{0A0B015C-EEF6-4E7B-940D-7BED18689BB5}C:\program files\java\jre6\bin\java.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\java.exe |
"TCP Query User{2374E5B8-ECAC-4A10-B7DC-F0AC545D9206}C:\program files\realplay.exe" = protocol=6 | dir=in | app=c:\program files\realplay.exe |
"TCP Query User{4FD6AD53-9181-4327-ACAF-E35FD3352AC6}C:\program files\mionet\jvm\bin\mionet.exe" = protocol=6 | dir=in | app=c:\program files\mionet\jvm\bin\mionet.exe |
"TCP Query User{C0932CF8-A9A4-447B-BBBE-5BF2A92D9469}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"UDP Query User{78576B5A-8E3E-420D-B8B4-84F41CBFD21B}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"UDP Query User{A48F2AF8-F0A5-4CAF-BA2E-7FA05F11007D}C:\program files\java\jre6\bin\java.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\java.exe |
"UDP Query User{B11F0DD0-FF93-4C5A-AF9A-C0376AC0485E}C:\program files\mionet\jvm\bin\mionet.exe" = protocol=17 | dir=in | app=c:\program files\mionet\jvm\bin\mionet.exe |
"UDP Query User{FA93542E-6C89-4A56-89D2-7AACC1D230FC}C:\program files\realplay.exe" = protocol=17 | dir=in | app=c:\program files\realplay.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{02627ee5-eaca-4742-a9cc-e687631773e4}" = Nero ShowTime
"{02DFF6B1-1654-411C-8D7B-FD6052EF016F}" = Apple Software Update
"{05308C4E-7285-4066-BAE3-6B50DA6ED755}" = Adobe Update Manager CS4
"{054EFA56-2AC1-48F4-A883-0AB89874B972}" = Adobe Extension Manager CS4
"{059C042E-796A-4ACC-A81A-ECC2010BB78C}" = Windows Live Messenger
"{086a7d8c-0a38-4c7f-819a-620275550d5c}" = Nero Burning ROM Help
"{08CA9554-B5FE-4313-938F-D4A417B81175}" = QuickTime
"{098727E1-775A-4450-B573-3F441F1CA243}" = kuler
"{098A2A49-7CF3-4F08-A38D-FB879117152A}" = Adobe Color NA Extra Settings CS4
"{0A2C5854-557E-48C8-835A-3B9F074BDCAA}" = Python 2.5
"{0B1AAC97-8563-41D9-AE47-58E6A222F0E1}" = Search Settings 1.2.1
"{0D6013AB-A0C7-41DC-973C-E93129C9A29F}" = Adobe Color JA Extra Settings CS4
"{0DC0E85F-36E4-463B-B3EA-4CD8ED2222A1}" = Adobe Color EU Recommended Settings CS4
"{0F723FC1-7606-4867-866C-CE80AD292DAF}" = Adobe CSI CS4
"{12A76360-388E-4B27-ABEB-D5FC5378DD2A}" = HPPhotoSmartPhotobookWebPack1
"{14F70205-1940-4000-88C7-BE799A6B2CAD}" = Adobe Soundbooth CS4
"{15BF7AAF-846C-4A6D-80E1-5D1FC7FB461B}" = Adobe SGM CS4
"{1618734A-3957-4ADD-8199-F973763109A8}" = Adobe Anchor Service CS4
"{16E16F01-2E2D-4248-A42F-76261C147B6C}" = Adobe Drive CS4
"{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}" = AdobeColorCommonSetRGB
"{197A3012-8C85-4FD3-AB66-9EC7E13DB92E}" = Adobe AIR
"{1B7C06E1-4888-47A6-992A-0990B9683486}" = Adobe Version Cue CS4 Server
"{1BCE2581-B7CA-4BB4-BDFB-D113506AA38B}" = HP Easy Setup - Frontend
"{1c00c7c5-e615-4139-b817-7f4003de68c0}" = Nero PhotoSnap Help
"{1DCA3EAA-6EB5-4563-A970-EA14D75037BA}" = Adobe InDesign CS4
"{1E04CB54-AF4E-4AC3-B4B7-C0A160BE57F1}" = Adobe InDesign CS4 Icon Handler
"{1E2F8094-9DCD-4B87-ADB3-25CC5A0442FF}" = Roxio Backup MyPC
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite Deluxe
"{20400dbd-e6db-45b8-9b6b-1dd7033818ec}" = Nero InfoTool
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Outil de téléchargement Windows Live
"{20C45B32-5AB6-46A4-94EF-58950CAF05E5}" = EPSON Attach To Email
"{2231CE39-B963-4B9D-823A-F412ECA637B1}" = Windows Live Writer
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{2348b586-c9ae-46ce-936c-a68e9426e214}" = Nero StartSmart Help
"{254C37AA-6B72-4300-84F6-98A82419187E}" = Hewlett-Packard Active Check
"{26A24AE4-039D-4CA4-87B4-2F83216011FF}" = Java(TM) 6 Update 17
"{297190A1-4B0D-4CD6-8B9F-3907F15C3FD8}" = Adobe CS4 American English Speech Analysis Models
"{2A88F1BF-7041-4E42-84B1-6B4ACB83AC64}" = EPSON Scan Assistant
"{2BAF2B96-7560-48B4-87D4-10178DDBE217}" = Adobe InDesign CS4 Application Feature Set Files (Roman)
"{2DA85B02-13C0-4E6D-9A76-22E6B3DD0CB2}" = SymNet
"{2EB81825-E9EE-44F4-8F51-1240C3898DC6}" = EPSON File Manager
"{30C8AA56-4088-426F-91D1-0EDFD3A25678}" = Adobe Dreamweaver CS4
"{31478BE1-CDE5-4753-A8B2-F6D4BC1FBE09}" = Component Framework
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java(TM) 6 Update 7
"{33cf58f5-48d8-4575-83d6-96f574e4d83a}" = Nero DriveSpeed
"{34BFB099-07B2-4E95-A673-7362D60866A2}" = PSSWCORE
"{359cfc0a-beb1-440d-95ba-cf63a86da34f}" = Nero Recode
"{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}" = PDF Settings CS4
"{3672B097-EA69-4BFE-B92F-29AE6D9D2B34}" = Norton Internet Security
"{368ba326-73ad-4351-84ed-3c0a7a52cc53}" = Nero Rescue Agent
"{3A2AF807-9F9F-43C9-A24A-17B617238B74}" = OpenOffice.org Installer 1.0
"{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}" = Adobe XMP Panels CS4
"{3B160861-7250-451E-B5EE-8B92BF30A710}" = Microsoft Works
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3D2C9DE6-9ADE-4252-A241-E43723B0CE02}" = Adobe Color - Photoshop Specific CS4
"{3D78F2A2-C893-4ABD-B5FE-AD7011837755}" = EPSON Easy Photo Print
"{3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF}" = Adobe WinSoft Linguistics Plugin
"{3E31821C-7917-367E-938E-E65FC413EA31}" = Microsoft .NET Framework 3.5 Language Pack SP1 - fra
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"{428FDF9F-E010-4C4C-A8BB-156960AFCA1C}" = Adobe Fireworks CS4
"{43509E18-076E-40FE-AF38-CA5ED400A5A9}" = Pixel Bender Toolkit
"{43e39830-1826-415d-8bae-86845787b54b}" = Nero Vision
"{44E54A81-9D91-4AA1-9417-80AFF134F5FF}" = Galerie de photos Windows Live
"{48F9998C-3BA0-42D3-82E6-5882441EB8CE}" = Adobe Flash CS4 STI-fr
"{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}" = Adobe Service Manager Extension
"{4A52555C-032A-4083-BDD9-6A85ABFB39A8}" = Adobe SING CS4
"{4CACFCD9-F71B-413A-8DF5-1A6419D5CDC6}" = Cards_Calendar_OrderGift_DoMorePlugout
"{4CBA3D4C-8F51-4D60-B27E-F6B641C571E7}" = Microsoft Search Enhancement Pack
"{4DE3E3D9-AE81-45DE-9195-3015F7B1DBF3}" = Junk Mail filter update
"{52232EF4-CC12-4C21-ABCF-ADB79618302D}" = Adobe Soundbooth CS4 Codecs
"{55979C41-7D6A-49CC-B591-64AC1BBE2C8B}" = HP Picasso Media Center Add-In
"{55A6283C-638A-4EE0-B491-51118554BDA2}" = Norton Confidential Core
"{561968FD-56A1-49FD-9ED0-F55482C7C5BC}" = Adobe Media Encoder CS4 Exporter
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}" = Microsoft Office Live Add-in 1.3
"{595a3116-40bb-4e0f-a2e8-d7951da56270}" = NeroExpress
"{5d9be3c1-8ba4-4e7e-82fd-9f74fa6815d1}" = Nero Vision
"{5e08ecd1-c98e-4711-bf65-8fd736b3f969}" = Nero RescueAgent Help
"{5EAD5443-7194-46CC-A055-428E6ABB1BAF}" = Adobe Encore CS4
"{60c731fb-c951-41ce-ad41-8e54c8594609}" = Nero Disc Copy Gadget Help
"{60DB5894-B5A1-4B62-B0F3-669A22C0EE5D}" = Adobe Dynamiclink Support
"{61D6891E-E822-4448-9F9A-0AAAAEB6AF6C}" = Adobe Creative Suite 4 Master Collection
"{62120008-8E1E-4807-860D-A8B48F8552DB}" = Norton Protection Center
"{62ac81f6-bdd3-4110-9d36-3e9eaab40999}" = Nero CoverDesigner
"{63C24A08-70F3-4C8E-B9FB-9F21A903801D}" = Adobe Color Video Profiles CS CS4
"{63DC2DA0-2A6C-4C38-9249-B75395458657}" = Windows Live Mail
"{63E5CDBF-8214-4F03-84F8-CD3CE48639AD}" = Adobe Photoshop CS4 Support
"{649C4B1A-6A76-499A-9AEC-0C9530FA7D2C}" = WD Anywhere Backup
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{669D4A35-146B-4314-89F1-1AC3D7B88367}" = Hewlett-Packard Asset Agent for Health Check
"{67A9747A-E1F5-4E9A-81CC-12B5D5B81B6E}" = Adobe After Effects CS4 Third Party Content
"{67EDD823-135A-4D59-87BD-950616D6E857}" = EPSON Copy Utility 3
"{67F0E67A-8E93-4C2C-B29D-47C48262738A}" = Adobe Device Central CS4
"{68243FF8-83CA-466B-B2B8-9F99DA5479C4}" = AdobeColorCommonSetCMYK
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{7059BDA7-E1DB-442C-B7A1-6144596720A4}" = HP Update
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7370DF47-B4F9-4279-BFC3-3F09919F720D}" = Installation Windows Live
"{73A43E42-3658-4DD9-8551-FACDA3632538}" = HP Advisor
"{7406DF60-016D-476B-A2C7-55D997592047}" = Adobe OnLocation CS4
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7748ac8c-18e3-43bb-959b-088faea16fb2}" = Nero StartSmart
"{77772678-817F-4401-9301-ED1D01A8DA56}" = SPBBC 32bit
"{77e33d87-255e-413e-9c8d-eed2a7f9bebf}" = Nero Live Help
"{77FFBA7E-0973-4F39-BBDB-AC2F537578D2}" = Norton AntiVirus
"{7829db6f-a066-4e40-8912-cb07887c20bb}" = Nero BurnRights
"{7CC7BDD5-6F10-4724-96A1-EAC7D9F2831C}" = Adobe InDesign CS4 Common Base Files
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{7F10292C-A190-4176-A665-A1ED3478DF86}" = LightScribe System Software
"{8186FF34-D389-4B7E-9A2F-C197585BCFBD}" = Adobe Media Encoder CS4 Importer
"{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}" = Adobe Type Support CS4
"{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}" = Windows Live Call
"{83202942-84b3-4c50-8622-b8c0aa2d2885}" = Nero Express Help
"{83877DB1-8B77-45BC-AB43-2BAC22E093E0}" = Adobe Bridge CS4
"{842B4B72-9E8F-4962-B3C1-1C422A5C4434}" = Suite Shared Configuration CS4
"{85243696-5e58-4357-9cf8-3498c609941d}" = NeroLiveGadget Help
"{869200db-287a-4dc0-b02b-2b6787fbcd4c}" = Nero DiscSpeed
"{87532CAB-7932-4F84-8937-823337622807}" = Adobe Illustrator CS4
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}" = Choice Guard
"{90120000-0016-040C-0000-0000000FF1CE}" = Microsoft Office Excel MUI (French) 2007
"{90120000-0016-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-040C-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (French) 2007
"{90120000-0018-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-040C-0000-0000000FF1CE}" = Microsoft Office Word MUI (French) 2007
"{90120000-001B-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0401-0000-0000000FF1CE}" = Microsoft Office Proof (Arabic) 2007
"{90120000-001F-0401-0000-0000000FF1CE}_HOMESTUDENTR_{14809F99-C601-4D4A-9391-F1E8FAA964C5}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0413-0000-0000000FF1CE}" = Microsoft Office Proof (Dutch) 2007
"{90120000-001F-0413-0000-0000000FF1CE}_HOMESTUDENTR_{D66D5A44-E480-4BA4-B4F2-C554F6B30EBB}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-0020-040C-0000-0000000FF1CE}" = Module de compatibilité pour Microsoft Office System 2007
"{90120000-002C-040C-0000-0000000FF1CE}" = Microsoft Office Proofing (French) 2007
"{90120000-006E-040C-0000-0000000FF1CE}" = Microsoft Office Shared MUI (French) 2007
"{90120000-006E-040C-0000-0000000FF1CE}_HOMESTUDENTR_{B165D3C2-40AE-4D39-86F7-E5C87C4264C0}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-040C-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (French) 2007
"{90120000-00A1-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00B2-040C-0000-0000000FF1CE}" = Complément Microsoft Enregistrer en tant que PDF ou XPS pour programmes Microsoft Office 2007
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel(R) Matrix Storage Manager
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{931AB7EA-3656-4BB7-864D-022B09E3DD67}" = Adobe Linguistics CS4
"{93EA9C3E-BDFD-4309-A605-9B5BBC0CCEFD}" = Camera RAW Plug-In for EPSON Creativity Suite
"{94C3BB3A-56A1-43DE-A242-8B41F46E97EF}" = Dealio Toolbar v4.0
"{94D398EB-D2FD-4FD1-B8C4-592635E8A191}" = Adobe CMaps CS4
"{95120000-00AF-040C-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (French)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{98a67610-a3b5-4098-a423-3708040026d3}" = "Nero SoundTrax Help
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9C5EB781-0D37-44B8-9A58-77B3E4BF5F5E}" = Windows Live Sync
"{9DBA770F-BF73-4D39-B1DF-6035D95268FC}" = HP Customer Feedback
"{9e82b934-9a25-445b-b8df-8012808074ac}" = Nero PhotoSnap
"{9e9fdde6-2c26-492a-85a0-05646b3f2795}" = NeroLiveGadget
"{9edd4a3c-12c0-49d0-91e2-f3ae6cf2d8ea}" = Nero 9 Trial
"{a209525b-3377-43f4-b886-32f6b6e7356f}" = Nero WaveEditor
"{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A987FEC8-5616-49BD-BCA6-ACFFFE7403FE}" = IKEA Home Planner
"{AB67580-257C-45FF-B8F4-C8C30682091A}_is1" = SIW version 2009.10.22
"{AC76BA86-7AD7-1036-7B44-A81300000003}" = Adobe Reader 8.1.7 - Français
"{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}" = ABBYY FineReader 6.0 Sprint
"{ad6bc5cc-2ef0-49c4-b33d-cdc8b2c4dc80}" = Nero Recode Help
"{B095B0A4-50A5-46D7-9988-D038FEB040C0}" = Adobe Encore CS4 Library
"{B169BC97-B8AA-4ACA-9CF2-9D0FF5BABDF7}" = Adobe Premiere Pro CS4 Functional Content
"{b1adf008-e898-4fe2-8a1f-690d9a06acaf}" = DolbyFiles
"{B24E05CC-46FF-4787-BBB8-5CD516AFB118}" = ccCommon
"{B29AD377-CC12-490A-A480-1452337C618D}" = Connect
"{b2ec4a38-b545-4a00-8214-13fe0e915e6d}" = Advertising Center
"{B5688129-7595-4E5B-9990-CEF981A31264}" = SyncToy
"{B65BA85C-0A27-4BC0-A22D-A66F0E5B9494}" = Adobe Photoshop CS4
"{b78120a0-cf84-4366-a393-4d0a59bc546c}" = Menu Templates - Starter Kit
"{B9F4561A-924D-4510-A85A-BB0960C338CB}" = Adobe Asset Services CS4
"{BAD0FA60-09CF-4411-AE6A-C2844C8812FA}" = HP Photosmart Essential 2.5
"{BB4E33EC-8181-4685-96F7-8554293DEC6A}" = Adobe Output Module
"{BC2FE771-EDBE-3087-A676-2B6C45A2BF7E}" = Google Gears
"{BD423B54-8668-44B6-8610-D24514445E88}" = Adobe Flash CS4 Extension - Flash Lite STI fr
"{bd5ca0da-71ad-43da-b19e-6eee0c9adc9a}" = Nero ControlCenter
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{BE9CEAAA-F069-4331-BF2F-8D350F6504F4}" = Adobe Media Encoder CS4 Additional Exporter
"{C1C185CA-C531-49F5-A6FA-B838405A049D}" = Norton Internet Security
"{C52E3EC1-048C-45E1-8D53-10B0C6509683}" = Adobe Default Language CS4
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"{c5a7cb6c-e76d-408f-ba0e-85605420fe9d}" = SoundTrax
"{C656142F-EFE1-44CD-BFAD-6CBC6DCB9860}" = Vodafone Mobile Connect Lite
"{C8D47273-7A1A-4614-A3D8-263632D8A5ED}" = HP Customer Experience Enhancements
"{C938BE91-3BB5-4B84-9EF6-88F0505D0038}" = Adobe Premiere Pro CS4 Third Party Content
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"{cc019e3f-59d2-4486-8d4b-878105b62a71}" = Nero DiscSpeed
"{CC75AB5C-2110-4A7F-AF52-708680D22FE8}" = Photoshop Camera Raw
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{ce96f5a5-584d-4f8f-aa3e-9baed413db72}" = Nero CoverDesigner Help
"{d025a639-b9c9-417d-8531-208859000af8}" = NeroBurningROM
"{D499F8DE-3F31-4900-9157-61061613704B}" = Adobe Premiere Pro CS4
"{D6A2DDE3-9D7C-412C-932A-756580D29919}" = Windows Live Contrôle parental
"{D6E6FA4A-5445-4850-8365-CF216C1CBB7A}" = Symantec Real Time Storage Protection Component
"{d9dcf92e-72eb-412d-ac71-3b01276e5f8b}" = Nero ShowTime
"{DBEA1034-5882-4A88-8033-81C4EF0CFA29}" = Google Toolbar for Internet Explorer
"{DCE8CD14-FBF5-4464-B9A4-E18E473546C7}" = Assistant de connexion Windows Live
"{DEB90B8E-0DCB-48CE-B90E-8842A2BD643E}" = Adobe Media Encoder CS4
"{df6a95f5-adc1-406a-bdc6-2aa7cc0182aa}" = Nero Live
"{E08DC77E-D09A-4e36-8067-D6DBBCC5F8DC}" = VideoToolkit01
"{E3EFA461-EB83-4C3B-9C47-2C1D58A01555}" = Norton AntiVirus Help
"{e498385e-1c51-459a-b45f-1721e37aa1a0}" = Movie Templates - Starter Kit
"{e5c7d048-f9b4-4219-b323-8bdb01a2563d}" = Nero DriveSpeed
"{E80F62FF-5D3C-4A19-8409-9721F2928206}" = LiveUpdate (Symantec Corporation)
"{e8631efb-6b9a-426c-b1ce-e7173ca26bf8}" = Nero WaveEditor Help
"{e8a80433-302b-4ff1-815d-fcc8eac482ff}" = Nero Installer
"{E8EE9410-8AC4-4F43-A626-DDECA75C79F3}" = Adobe Setup
"{EE353798-E875-42E0-B58D-7E6696182EA8}" = Adobe Media Encoder CS4 Dolby
"{EFB5B3B5-A280-4E25-BE1C-634EEFE32C1B}" = AppCore
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E64E2E-3A60-40D8-A55D-92F6831875DA}" = Adobe Search for Help
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{f1861f30-3419-44db-b2a1-c274825698b3}" = Nero Disc Copy Gadget
"{f4041dce-3fe1-4e18-8a9e-9de65231ee36}" = Nero ControlCenter
"{f6bdd7c5-89ed-4569-9318-469aa9732572}" = Nero BurnRights
"{F6E99614-F042-4459-82B7-8B38B2601356}" = Adobe Flash CS4
"{F7D27C70-90F5-49B9-B188-0A133C0CE353}" = Windows Live Toolbar
"{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}" = Adobe ExtendScript Toolkit CS4
"{F93C84A6-0DC6-42AF-89FA-776F7C377353}" = Adobe PDF Library Files CS4
"{FB2A5FCC-B81B-48C2-A009-7804694D83E9}" = Adobe Encore CS4 Codecs
"{FB9C5329-F982-435C-AEC5-EE0A75EE6395}" = muvee autoProducer 6.1
"{fbcdfd61-7dcf-4e71-9226-873ba0053139}" = Nero InfoTool
"{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}" = Adobe Fonts All
"104Space" = 104Space Screen Saver
"7-Zip" = 7-Zip 4.58 beta
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"ActiveScan 2.0" = Panda ActiveScan 2.0
"Adobe AIR" = Adobe AIR
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Adobe_5445c5ddd9a5c69582d3c1e2bba18f7" = Adobe Creative Suite 4 Master Collection
"AOL Toolbar" = AOL Toolbar 5.0
"Audacity_is1" = Audacity 1.2.6
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"AviSynth" = AviSynth 2.5
"Dia" = Dia (supprimer uniquement)
"DVD Flick_is1" = DVD Flick 1.3.0.6
"DVD Shrink_is1" = DVD Shrink 3.2
"EPSON Printer and Utilities" = EPSON Logiciel imprimante
"EPSON Scanner" = EPSON Scan
"EPSON Stylus CX7300_CX8300_DX7400_DX8400 Guide d'utilisation" = EPSON Stylus CX7300_CX8300_DX7400_DX8400 Manuel
"ESET Online Scanner" = ESET Online Scanner v3
"Free Mp3 Wma Converter_is1" = Free Mp3 Wma Converter V 1.81
"Google Desktop" = Google Desktop
"HOMESTUDENTR" = Version d'évaluation de Microsoft Office Home and Student 2007
"HP Photosmart Essential" = HP Photosmart Essential 2.5
"Inkscape" = Inkscape 0.46
"InstallShield_{20C45B32-5AB6-46A4-94EF-58950CAF05E5}" = EPSON Attach To Email
"InstallShield_{649C4B1A-6A76-499A-9AEC-0C9530FA7D2C}" = WD Anywhere Backup
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"IrfanView" = IrfanView (remove only)
"KLiteCodecPack_is1" = K-Lite Codec Pack 5.4.4 (Full)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Mes Créations Zen_is1" = Fnac
"Microsoft .NET Framework 3.5 Language Pack SP1 - fra" = Module linguistique Microsoft .NET Framework 3.5 SP1- fra
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.0.15)" = Mozilla Firefox (3.0.15)
"NVIDIA Drivers" = NVIDIA Drivers
"OsdMaestro" = HP On-Screen Cap/Num/Scroll Lock Indicator
"PC-Doctor 5 for Windows" = Outils de diagnostic du matériel
"Picasa2" = Picasa 2
"Picthema_is1" = Picthema
"PsuedoLiveUpdate" = LiveUpdate (Symantec Corporation)
"RealPlayer 6.0" = RealPlayer
"SecondLife" = SecondLife (remove only)
"SubtitleWorkshop" = Subtitle Workshop 2.51
"SymSetup.{C1C185CA-C531-49F5-A6FA-B838405A049D}" = Norton Internet Security (Symantec Corporation)
"SyncBack_is1" = SyncBack
"VirtualDub 1.6.9 Fr" = VirtualDub 1.6.9 Fr
"VSO DivxToDVD_is1" = DivxToDVD 0.5.2
"WildTangent hp Master Uninstall" = My HP Games
"WinGimp-2.0_is1" = GIMP 2.4.6
"WinLiveSuite_Wave3" = Installation Windows Live
"Zylom Games Player Plugin" = Zylom Games Player Plugin

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-2919847983-440680175-3184493004-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Applet Prox" = Applet Prox

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 04/11/2009 07:02:01 | Computer Name = PC-Aimel | Source = Windows Search Service | ID = 3013
Description =

Error - 04/11/2009 13:18:47 | Computer Name = PC-Aimel | Source = VMCService | ID = 0
Description = conflictManagerTypeValue

Error - 04/11/2009 18:50:50 | Computer Name = PC-Aimel | Source = VMCService | ID = 0
Description = conflictManagerTypeValue

Error - 05/11/2009 02:59:55 | Computer Name = PC-Aimel | Source = VMCService | ID = 0
Description = conflictManagerTypeValue

Error - 05/11/2009 08:25:14 | Computer Name = PC-Aimel | Source = Windows Search Service | ID = 3013
Description =

Error - 06/11/2009 03:59:30 | Computer Name = PC-Aimel | Source = VMCService | ID = 0
Description = conflictManagerTypeValue

Error - 06/11/2009 07:15:16 | Computer Name = PC-Aimel | Source = VMCService | ID = 0
Description = conflictManagerTypeValue

Error - 06/11/2009 11:25:51 | Computer Name = PC-Aimel | Source = VMCService | ID = 0
Description = conflictManagerTypeValue

Error - 07/11/2009 03:54:37 | Computer Name = PC-Aimel | Source = VMCService | ID = 0
Description = conflictManagerTypeValue

Error - 07/11/2009 11:46:05 | Computer Name = PC-Aimel | Source = VMCService | ID = 0
Description = conflictManagerTypeValue

[ OSession Events ]
Error - 26/10/2009 08:40:07 | Computer Name = PC-Aimel | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6504.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 278
seconds with 180 seconds of active time. This session ended with a crash.

Error - 26/10/2009 08:42:02 | Computer Name = PC-Aimel | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6504.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 37
seconds with 0 seconds of active time. This session ended with a crash.

Error - 02/12/2009 10:09:19 | Computer Name = PC-Aimel | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 1102
seconds with 1080 seconds of active time. This session ended with a crash.

Error - 02/12/2009 10:10:15 | Computer Name = PC-Aimel | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 9
seconds with 0 seconds of active time. This session ended with a crash.

Error - 02/12/2009 10:13:13 | Computer Name = PC-Aimel | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 19
seconds with 0 seconds of active time. This session ended with a crash.

Error - 02/12/2009 10:13:34 | Computer Name = PC-Aimel | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 5
seconds with 0 seconds of active time. This session ended with a crash.

[ System Events ]
Error - 17/12/2009 20:31:57 | Computer Name = PC-Aimel | Source = Service Control Manager | ID = 7026
Description =

Error - 17/12/2009 20:31:57 | Computer Name = PC-Aimel | Source = Service Control Manager | ID = 7001
Description =

Error - 17/12/2009 20:31:57 | Computer Name = PC-Aimel | Source = Service Control Manager | ID = 7001
Description =

Error - 17/12/2009 20:31:57 | Computer Name = PC-Aimel | Source = Service Control Manager | ID = 7001
Description =

Error - 17/12/2009 20:32:01 | Computer Name = PC-Aimel | Source = Service Control Manager | ID = 7001
Description =

Error - 17/12/2009 20:36:12 | Computer Name = PC-Aimel | Source = Service Control Manager | ID = 7000
Description =

Error - 17/12/2009 20:36:12 | Computer Name = PC-Aimel | Source = Service Control Manager | ID = 7026
Description =

Error - 17/12/2009 21:48:10 | Computer Name = PC-Aimel | Source = Service Control Manager | ID = 7000
Description =

Error - 17/12/2009 21:48:10 | Computer Name = PC-Aimel | Source = Service Control Manager | ID = 7026
Description =

Error - 18/12/2009 00:29:44 | Computer Name = PC-Aimel | Source = iaStor | ID = 262153
Description = Le périphérique \Device\Ide\iaStor0 n'a pas répondu dans le délai
imparti.


<End>
laly1976
 
Messages: 5
Inscription: 18 Déc 2009, 06:28

Messagede nickW » 19 Déc 2009, 02:10

Bonsoir,

Peux-tu effectuer deux autres analyses:

Note préliminaire importante
UsbFix est détecté par certains antivirus comme étant un RiskTool (outil à risque).
Ceci est exact puisque certains de ses composants, s'ils étaient mis entre de mauvaises mains, pourraient effectuer des actions dangereuses.
Dans le cas de UsbFix, il faut les laisser s'exécuter, et, si nécessaire, désactiver temporairement les programmes de protection en temps réel (lors du téléchargement et de l'exécution de l'outil).
Par exemple, il est indispensable d'arrêter la protection en temps réel d'Avira Antivir.



Note: Ces manips doivent être effectuées en ayant ouvert une session avec les "droits Administrateur"


Étape 1: Contrôle des comptes utilisateurs, désactivation
Désactiver l'UAC - User Account Control - contrôle des comptes utilisateurs:
Note importante: Ne pas oublier de le réactiver après la désinfection.
  • Démarrer ----> Panneau de Configuration
  • En mode d'affichage par défaut, cliquer sur Comptes d'utilisateurs; cliquer de nouveau sur Comptes d'utilisateurs
  • En mode d'affichage "Classique", faire un double clic sur Comptes d'utilisateurs
  • Cliquer sur Activer ou désactiver le contrôle des comptes d'utilisateurs (en bas)
  • Décocher la case située devant Utiliser le contrôle des comptes d'utilisateurs pour vous aider à protéger votre ordinateur
    Note: Si l'UAC était déjà désactivé, cliquer sur Annuler, quitter le Panneau de configuration et passer au téléchargement - pas de redémarrage requis
  • Cliquer sur OK pour valider.
  • Un message prévient que l'ordinateur doit redémarrer; cliquer sur OK. L'ordinateur doit maintenant redémarrer.



Étape 2: UsbFix (de Chiquitine29 et C_XX), téléchargement
Télécharger UsbFix par un clic droit sur l'un des deux liens ci-dessous:
http://pagesperso-orange.fr/NosTools/Ch ... UsbFix.exe
http://chiquitine.changelog.fr/UsbFix.exe
Enregistrer le fichier sur le Bureau.


Étape 3: Toolbar-S&D (de la Team IDN), téléchargement
Télécharger Toolbar-S&D via un clic droit sur l'un des liens ci-dessous:
http://eric71.geekstogo.com/tools/ToolBarSD.exe
http://eric.71.mespages.googlepages.com/ToolBarSD.exe
Enregistrer le fichier sur le Bureau.


Étape 4: Désactivation des programmes de sécurité résidents
Désactiver le module résident de l'antivirus et celui de l'antispyware.
Image Avira Antivir: clic droit sur l'icône dans la SysBarre (à coté de l'horloge), décocher "Activer Antivir Guard/AntiVir Guard enable"
Image Windows Defender: Démarrer---->Tous les programmes---->Windows Defender; cliquer sur "Outils", puis sur "Options"; Sous "Options de protection en temps réel", désactiver la case à cocher "Utiliser la protection en temps réel (recommandé)", puis cliquer sur "Enregistrer"


Étape 5: UsbFix (de Chiquitine29 et C_XX), Option 1
Fermer toutes les applications actives (comme traitement de texte, navigateur).

Brancher tous les périphériques externes susceptibles d'avoir été infectés sans les ouvrir (clés USB, disque dur externe, etc...).

Lancer UsbFix par un double clic sur UsbFix.exe situé sur le Bureau.

Choisir la langue française en tapant F et valider en appuyant sur la touche Entrée
Sur le menu principal, choisir l'option 1. Recherche. et valider par Entrée.
(ne pas choisir d'autre option sans mon avis/accord)

Laisser l'outil travailler (il y a affichage des fichiers/clés de Registre analysés).

Lorsque l'outil a terminé, il y a ouverture d'une fenêtre du Bloc-notes contenant le rapport.
Fermer le Bloc-notes.


Étape 6: Toolbar-S&D (de la Team IDN), option 1: Recherche
Faire un double clic sur ToolBarSD.exe situé sur le Bureau pour lancer l'exécution de l'outil.

Choisir la langue en tapant F puis en appuyant sur Entrée.
Lire l'avertissement, puis cliquer sur OK.

Après l'affichage du menu, taper 1 puis faire Entrée pour rechercher les fichiers responsables de l'infection.
Lorsque la recherche est terminée, une fenêtre du Bloc-notes s'ouvre et affiche le rapport (alias log).

Fermer le Bloc-notes, ce qui termine l'exécution de l'outil.

Note:
Si le Bureau ne réapparaît pas, ouvrir le Gestionnaire des tâches en utilisant simultanément les touches CTRL+ALT+SUPP.
Cliquer en haut sur le Menu Fichier et choisir Nouvelle tâche (Exécuter...).
Dans la nouvelle fenêtre Créer une nouvelle tâche qui s'est ouverte, dans la zone Ouvrir, taper exactement explorer puis cliquer sur le bouton OK. Le Bureau va réapparaître.


Étape 7: Réactivation des programmes de sécurité résidents
Important: Réactiver le module résident de l'antivirus et celui de l'antispyware.


Étape 8: Contrôle des comptes utilisateurs, réactivation
Réactiver le contrôle des comptes utilisateurs (UAC-User Account Control).


Étape 9: Résultat
Envoyer en réponse:
*- le rapport de UsbFix, Option 1 (contenu du fichier SystemDrive\UsbFix.txt)
[SystemDrive représente la partition sur laquelle est installé le système, généralement C:]
*- le rapport de ToolBar S&D (contenu du fichier SystemDrive\TB.txt)
[SystemDrive représente la partition sur laquelle est installé le système, généralement C:]

A suivre,
nickW - Image
30/07/2012: Plus de désinfection de PC jusqu'à nouvel ordre.
Pas de demande d'analyse de log en MP (Message Privé)
Mes configs
Avatar de l’utilisateur
nickW
Modérateur
 
Messages: 21698
Inscription: 20 Mai 2004, 17:41
Localisation: Dordogne/Île de France


Retourner vers Sécurité (Contamination - Décontamination)

Qui est en ligne

Utilisateurs parcourant ce forum: Aucun utilisateur enregistré et 34 invités