Assiste.Forums

de **__Bertrand__** » 19 09 2010

Bonjour,

Depuis quelques semaines j'ai des problemes notamment avec le son de mon pc portable. En effet le Hardware fonctionne correctement car en désactivant / activant le périphérique son, le son revient normalement (après redémarrage du pc le problème revient).

voici les différents rapports nécessaires et merci d'avance de votre aide:

MBAM:
Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Version de la base de données: 4647

Windows 5.1.2600 Service Pack 3
Internet Explorer 6.0.2900.5512

18/09/2010 20:11:03
mbam-log-2010-09-18 (20-11-03).txt

Type d'examen: Examen rapide
Elément(s) analysé(s): 134414
Temps écoulé: 6 minute(s), 36 seconde(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 4
Fichier(s) infecté(s): 3

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
C:\Documents and Settings\Bertrand\Application Data\SystemProc (Trojan.Agent) -> No action taken.
C:\Program Files\Mozilla Firefox\extensions\{9CE11043-9A15-4207-A565-0C94C42D590D} (Worm.Prolaco.M) -> No action taken.
C:\Program Files\Mozilla Firefox\extensions\{9CE11043-9A15-4207-A565-0C94C42D590D}\chrome (Worm.Prolaco.M) -> No action taken.
C:\Program Files\Mozilla Firefox\extensions\{9CE11043-9A15-4207-A565-0C94C42D590D}\chrome\content (Worm.Prolaco.M) -> No action taken.

Fichier(s) infecté(s):
C:\Program Files\Mozilla Firefox\extensions\{9CE11043-9A15-4207-A565-0C94C42D590D}\chrome.manifest (Worm.Prolaco.M) -> No action taken.
C:\Program Files\Mozilla Firefox\extensions\{9CE11043-9A15-4207-A565-0C94C42D590D}\install.rdf (Worm.Prolaco.M) -> No action taken.
C:\Program Files\Mozilla Firefox\extensions\{9CE11043-9A15-4207-A565-0C94C42D590D}\chrome\content\timer.xul (Worm.Prolaco.M) -> No action taken.

de **__Bertrand__** » 19 09 2010

OTL logfile created on: 18/09/2010 20:16:37 - Run 1
OTL by OldTimer - Version 3.2.12.1 Folder = C:\Documents and Settings\Bertrand\Bureau
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

1 023,00 Mb Total Physical Memory | 565,00 Mb Available Physical Memory | 55,00% Memory free
2,00 Gb Paging File | 2,00 Gb Available in Paging File | 87,00% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 92,96 Gb Total Space | 49,00 Gb Free Space | 52,71% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: LAPTOP-BERTRAND
Current User Name: Bertrand
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2010/09/18 13:44:25 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Bertrand\Bureau\OTL.exe
PRC - [2010/09/07 17:12:02 | 002,838,912 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2010/09/07 17:11:59 | 000,040,384 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2010/06/14 15:07:14 | 000,615,936 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
PRC - [2010/06/07 13:51:24 | 000,138,752 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
PRC - [2009/10/27 10:15:02 | 000,120,832 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
PRC - [2009/03/20 14:32:32 | 001,312,256 | ---- | M] (Nokia) -- C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
PRC - [2008/04/14 04:34:03 | 001,037,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/05/10 13:18:26 | 000,835,584 | ---- | M] () -- C:\WINDOWS\vsnpstd3.exe
PRC - [2007/04/21 09:37:02 | 000,270,336 | ---- | M] () -- C:\WINDOWS\tsnpstd3.exe
PRC - [2005/01/21 11:28:10 | 000,266,240 | ---- | M] (TOSHIBA Corporation) -- C:\WINDOWS\system32\TPSMain.exe
PRC - [2005/01/21 11:27:58 | 000,040,960 | ---- | M] (TOSHIBA Corporation) -- C:\WINDOWS\system32\TPSBattM.exe
PRC - [2005/01/14 17:45:42 | 000,352,256 | ---- | M] (TOSHIBA) -- C:\Program Files\TOSHIBA\TOSHIBA Applet\THotkey.exe
PRC - [2004/12/21 10:48:00 | 000,118,784 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\Utilitaire de zoom TOSHIBA\SmoothView.exe
PRC - [2004/12/14 20:12:04 | 000,034,816 | ---- | M] (TOSHIBA Corp.) -- C:\Program Files\TOSHIBA\TOSHIBA Applet\TAPPSRV.exe
PRC - [2004/11/26 16:04:40 | 000,114,688 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\Commandes TOSHIBA\TFncKy.exe
PRC - [2004/11/17 11:56:10 | 001,077,327 | ---- | M] (TOSHIBA) -- C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe
PRC - [2004/11/13 06:54:56 | 000,929,792 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
PRC - [2004/11/12 17:57:12 | 000,073,728 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\Tvs\TvsTray.exe
PRC - [2004/11/10 20:14:08 | 000,036,864 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
PRC - [2004/10/15 00:28:02 | 000,098,394 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
PRC - [2004/07/27 13:48:04 | 001,388,544 | ---- | M] (Analog Devices, Inc.) -- C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
PRC - [2003/09/15 17:19:16 | 000,065,536 | ---- | M] (TOSHIBA) -- C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe
PRC - [2002/09/20 15:50:10 | 000,045,056 | ---- | M] (Analog Devices, Inc.) -- C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe

========== Modules (SafeList) ==========

MOD - [2010/09/18 13:44:25 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Bertrand\Bureau\OTL.exe
MOD - [2009/07/12 01:12:06 | 000,632,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\msvcr80.dll
MOD - [2008/04/14 04:32:02 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx
MOD - [2008/04/13 20:36:46 | 002,986,496 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\xpsp2res.dll
MOD - [2006/10/23 00:28:04 | 000,372,736 | ---- | M] (Adobe Systems, Inc.) -- C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\pdfshell.dll
MOD - [2004/10/15 00:27:48 | 000,069,722 | ---- | M] (Synaptics, Inc.) -- C:\WINDOWS\system32\SynTPFcs.dll

========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- C:\WINDOWS\System32\hidserv.dll -- (HidServ)
SRV - File not found [On_Demand | Stopped] -- C:\WINDOWS\System32\appmgmts.dll -- (AppMgmt)
SRV - [2010/09/07 17:11:59 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Web Scanner)
SRV - [2010/09/07 17:11:59 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Mail Scanner)
SRV - [2010/09/07 17:11:59 | 000,040,384 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2010/06/14 15:07:14 | 000,615,936 | ---- | M] (Nokia) [On_Demand | Running] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2009/03/06 21:11:02 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2006/10/01 15:37:00 | 000,016,384 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\OpenVPN\bin\openvpnserv.exe -- (OpenVPNService)
SRV - [2004/12/14 20:12:04 | 000,034,816 | ---- | M] (TOSHIBA Corp.) [Auto | Running] -- C:\Program Files\TOSHIBA\TOSHIBA Applet\TAPPSRV.exe -- (TAPPSRV)
SRV - [2004/11/10 20:14:08 | 000,036,864 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe -- (CFSvcs)
SRV - [2003/07/28 21:28:22 | 000,089,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
SRV - [2002/09/20 15:50:10 | 000,045,056 | ---- | M] (Analog Devices, Inc.) [Auto | Running] -- C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe -- (SoundMAX Agent Service (default))

========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\ewusbmdm.sys -- (hwdatacard)
DRV - [2010/09/07 16:52:25 | 000,046,672 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2010/09/07 16:52:03 | 000,165,584 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2010/09/07 16:47:46 | 000,023,376 | ---- | M] (AVAST Software) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2010/09/07 16:47:19 | 000,100,176 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2010/09/07 16:47:07 | 000,017,744 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2010/09/07 16:46:51 | 000,028,880 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2010/02/26 14:32:58 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2010/02/26 14:32:46 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2010/02/26 14:32:44 | 000,022,528 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2010/02/26 14:32:44 | 000,018,176 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2010/02/26 14:21:22 | 000,137,344 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmwcdnsu.sys -- (nmwcdnsu)
DRV - [2010/02/26 14:21:22 | 000,008,320 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmwcdnsuc.sys -- (nmwcdnsuc)
DRV - [2008/08/26 10:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2008/04/13 20:45:12 | 000,060,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbaudio.sys -- (usbaudio) Pilote USB audio (WDM)
DRV - [2007/11/20 17:43:46 | 010,401,024 | ---- | M] (Sonix Co. Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\snpstd3.sys -- (SNPSTD3) USB PC Camera (SNPSTD3)
DRV - [2007/03/27 18:59:40 | 000,166,912 | ---- | M] (Jungo) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\windrvr6.sys -- (WinDriver6)
DRV - [2006/10/01 15:37:00 | 000,026,624 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tap0801.sys -- (tap0801)
DRV - [2006/03/01 20:53:54 | 000,032,128 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\pcandis5.sys -- (PCANDIS5)
DRV - [2005/07/27 13:40:08 | 000,027,200 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\RTWTKRNL.sys -- (RTWTKRNL)
DRV - [2005/03/22 23:00:58 | 001,034,752 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2004/12/23 01:45:36 | 000,393,600 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ar5211.sys -- (AR5211)
DRV - [2004/11/26 16:29:00 | 000,224,000 | ---- | M] (Marvell) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\yk51x86.sys -- (yukonwxp)
DRV - [2004/11/26 13:04:38 | 000,029,056 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Tvs.sys -- (Tvs)
DRV - [2004/10/30 03:48:10 | 003,222,784 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\w29n51.sys -- (w29n51) Pilote de carte de connexion réseau Intel(R)
DRV - [2004/10/28 23:37:50 | 001,270,572 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2004/10/15 00:14:04 | 000,185,728 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SynTP.sys -- (SynTP)
DRV - [2004/09/13 22:40:56 | 000,146,304 | ---- | M] (Texas Instruments) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tifm21.sys -- (tifm21)
DRV - [2004/07/26 15:28:02 | 000,004,352 | ---- | M] (Toshiba Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NBSMI.sys -- (TVALD)
DRV - [2004/06/16 12:19:58 | 000,046,080 | ---- | M] (SMSC) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\smcirda.sys -- (SMCIRDA)
DRV - [2004/05/18 00:18:24 | 000,008,573 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Tosrfec.sys -- (tosrfec)
DRV - [2003/09/23 12:38:34 | 000,034,688 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\pcampr5.sys -- (PCAMPR5)
DRV - [2003/01/29 23:35:00 | 000,012,032 | ---- | M] (TOSHIBA Corporation.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\Netdevio.sys -- (Netdevio)
DRV - [2000/08/03 14:25:12 | 000,023,296 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\pedrv.sys -- (PEDRV)
DRV - [1996/04/03 22:33:26 | 000,005,248 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\GIVEIO.SYS -- (GIVEIO)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-3417073094-1580893332-2371373085-1006\..\URLSearchHook: {08C06D61-F1F3-4799-86F8-BE1A89362C85} - Reg Error: Key error. File not found
IE - HKU\S-1-5-21-3417073094-1580893332-2371373085-1006\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "www.google.com"
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.2.2
FF - prefs.js..extensions.enabledItems: uploader@adblockfilters.mozdev.org:2.0.1
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {9CE11043-9A15-4207-A565-0C94C42D590D}:2.0

FF - HKLM\software\mozilla\Firefox\Extensions\\bkmrksync@nokia.com: C:\Program Files\Nokia\Nokia PC Suite 7\bkmrksync\ [2009/05/31 13:55:27 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.9\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/09/10 18:45:17 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.9\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/09/10 18:45:17 | 000,000,000 | ---D | M]

[2009/02/12 02:28:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bertrand\Application Data\Mozilla\Extensions
[2010/09/18 12:44:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bertrand\Application Data\Mozilla\Firefox\Profiles\fs0cctmn.default\extensions
[2010/08/25 23:25:05 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Documents and Settings\Bertrand\Application Data\Mozilla\Firefox\Profiles\fs0cctmn.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2010/03/30 22:38:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bertrand\Application Data\Mozilla\Firefox\Profiles\fs0cctmn.default\extensions\illimitux@illimitux.net
[2009/12/12 15:56:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bertrand\Application Data\Mozilla\Firefox\Profiles\fs0cctmn.default\extensions\uploader@adblockfilters.mozdev.org
[2010/09/18 12:44:53 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010/07/24 20:31:53 | 000,000,000 | ---D | M] (Firefox security) -- C:\Program Files\Mozilla Firefox\extensions\{9CE11043-9A15-4207-A565-0C94C42D590D}
[2010/04/01 19:07:29 | 000,001,516 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazon-france.xml
[2010/04/01 19:07:29 | 000,001,822 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\cnrtl-tlfi-fr.xml
[2010/04/01 19:07:29 | 000,000,757 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-france.xml
[2010/04/01 19:07:29 | 000,001,426 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-fr.xml
[2010/04/01 19:07:29 | 000,000,956 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-france.xml

O1 HOSTS File: ([2004/08/05 13:00:00 | 000,000,790 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Programme d'aide de l'Assistant de connexion Windows Live) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKU\S-1-5-21-3417073094-1580893332-2371373085-1006\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O3 - HKU\S-1-5-21-3417073094-1580893332-2371373085-1006\..\Toolbar\ShellBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [EPSON Stylus D68 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAAE.EXE (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [KernelFaultCheck] File not found
O4 - HKLM..\Run: [NDSTray.exe] File not found
O4 - HKLM..\Run: [PadTouch] C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe (TOSHIBA)
O4 - HKLM..\Run: [SmoothView] C:\Program Files\TOSHIBA\Utilitaire de zoom TOSHIBA\SmoothView.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [snpstd3] C:\WINDOWS\vsnpstd3.exe ()
O4 - HKLM..\Run: [SoundMAX] C:\Program Files\Analog Devices\SoundMAX\Smax4.exe (Analog Devices, Inc.)
O4 - HKLM..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe (Analog Devices, Inc.)
O4 - HKLM..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe (Synaptics, Inc.)
O4 - HKLM..\Run: [TFncKy] File not found
O4 - HKLM..\Run: [THotkey] C:\Program Files\TOSHIBA\TOSHIBA Applet\THotkey.exe (TOSHIBA)
O4 - HKLM..\Run: [TPSMain] C:\WINDOWS\System32\TPSMain.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [tsnpstd3] C:\WINDOWS\tsnpstd3.exe ()
O4 - HKLM..\Run: [Tvs] C:\Program Files\TOSHIBA\Tvs\TvsTray.exe (TOSHIBA Corporation)
O4 - HKU\.DEFAULT..\Run: [DWQueuedReporting] c:\Program Files\Fichiers communs\Microsoft Shared\DW\DWTRIG20.EXE (Microsoft Corporation)
O4 - HKU\S-1-5-18..\Run: [DWQueuedReporting] c:\Program Files\Fichiers communs\Microsoft Shared\DW\DWTRIG20.EXE (Microsoft Corporation)
O4 - HKU\S-1-5-21-3417073094-1580893332-2371373085-1006..\Run: [PC Suite Tray] C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe (Nokia)
O4 - HKU\S-1-5-21-3417073094-1580893332-2371373085-1006..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe (TOSHIBA)
O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Adobe Acrobat Speed Launcher.lnk = C:\WINDOWS\Installer\{AC76BA86-1033-0000-7760-000000000003}\_SC_Acrobat.exe ()
O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Adobe Acrobat Synchronizer.lnk = C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AdobeCollabSync.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-3417073094-1580893332-2371373085-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Append to existing PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert link target to Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert link target to existing PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selected links to Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selected links to existing PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selection to Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selection to existing PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Computer, Inc.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinsta ... s-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_15)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.3.1
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Fichiers communs\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Fichiers communs\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop Components:0 (Ma page d'accueil) - About:Home
O24 - Desktop WallPaper: C:\WINDOWS\TOSHIBA Satellite 1280x800.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\TOSHIBA Satellite 1280x800.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2005/01/24 13:43:51 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{189bca62-123e-11de-9540-9be243be19ed}\Shell - "" = AutoRun
O33 - MountPoints2\{189bca62-123e-11de-9540-9be243be19ed}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- File not found
O33 - MountPoints2\{2acf4ae3-71ed-11de-9622-8bfa6c35088d}\Shell - "" = AutoRun
O33 - MountPoints2\{2acf4ae3-71ed-11de-9622-8bfa6c35088d}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- File not found
O33 - MountPoints2\{2acf4ae4-71ed-11de-9622-8bfa6c35088d}\Shell - "" = AutoRun
O33 - MountPoints2\{2acf4ae4-71ed-11de-9622-8bfa6c35088d}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- File not found
O33 - MountPoints2\{879d30d0-6c60-11de-9614-00a0d1247f63}\Shell - "" = AutoRun
O33 - MountPoints2\{879d30d0-6c60-11de-9614-00a0d1247f63}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- File not found
O33 - MountPoints2\{879d30d1-6c60-11de-9614-00a0d1247f63}\Shell - "" = AutoRun
O33 - MountPoints2\{879d30d1-6c60-11de-9614-00a0d1247f63}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- File not found
O33 - MountPoints2\{a080ae40-1205-11de-953e-0013ce30f61f}\Shell - "" = AutoRun
O33 - MountPoints2\{a080ae40-1205-11de-953e-0013ce30f61f}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- File not found
O33 - MountPoints2\{da1185d0-82c5-11de-964d-c0d3b3f27d84}\Shell - "" = AutoRun
O33 - MountPoints2\{da1185d0-82c5-11de-964d-c0d3b3f27d84}\Shell\AutoRun\command - "" = G:\AutoRun.exe -- File not found
O33 - MountPoints2\{da1185d1-82c5-11de-964d-c0d3b3f27d84}\Shell - "" = AutoRun
O33 - MountPoints2\{da1185d1-82c5-11de-964d-c0d3b3f27d84}\Shell\AutoRun\command - "" = G:\AutoRun.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: AppMgmt - C:\WINDOWS\System32\appmgmts.dll File not found
NetSvcs: HidServ - C:\WINDOWS\System32\hidserv.dll File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: Wmi - C:\WINDOWS\System32\wmi.dll (Microsoft Corporation)
NetSvcs: WmdmPmSp - File not found

CREATERESTOREPOINT
Restore point Set: OTL Restore Point (16902109354000384)

========== Files/Folders - Created Within 30 Days ==========

[2010/09/18 20:11:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Bertrand\Bureau\rapports
[2010/09/18 14:18:40 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2010/09/18 14:15:23 | 000,000,000 | ---D | C] -- C:\Program Files\ERUNT
[2010/09/18 13:59:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Bertrand\Application Data\Malwarebytes
[2010/09/18 13:59:24 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/09/18 13:59:23 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010/09/18 13:59:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2010/09/18 13:59:22 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/09/18 13:48:21 | 006,153,352 | ---- | C] (Malwarebytes Corporation ) -- C:\Documents and Settings\Bertrand\Bureau\mbam-setup.exe
[2010/09/18 13:45:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Bertrand\Bureau\Nouveau dossier
[2010/09/18 13:41:43 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Bertrand\Bureau\OTL.exe
[2010/09/18 12:56:15 | 000,028,552 | ---- | C] (Panda Security, S.L.) -- C:\WINDOWS\System32\drivers\pavboot.sys
[2010/09/18 12:55:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\LastGood
[2010/09/18 12:54:33 | 000,000,000 | ---D | C] -- C:\Program Files\Panda Security
[2010/09/18 12:53:53 | 002,133,536 | ---- | C] (AVG Technologies) -- C:\Documents and Settings\Bertrand\Bureau\avg_free_stb_all_9_115_cnet.exe
[2010/09/14 20:24:56 | 000,017,744 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2010/09/14 20:24:55 | 000,165,584 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2010/09/14 20:24:51 | 000,023,376 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2010/09/14 20:24:48 | 000,046,672 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2010/09/14 20:24:45 | 000,100,176 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2010/09/14 20:24:45 | 000,094,544 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2010/09/14 20:24:44 | 000,028,880 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2010/09/14 20:24:27 | 000,038,848 | ---- | C] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2010/09/14 20:24:26 | 000,167,592 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2010/09/14 20:24:08 | 000,000,000 | ---D | C] -- C:\Program Files\Alwil Software
[2010/09/14 20:24:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Alwil Software
[2010/09/07 18:28:11 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Bertrand\Recent
[2010/08/23 22:58:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Nokia
[2010/08/23 22:55:46 | 000,018,816 | ---- | C] (Nokia) -- C:\WINDOWS\System32\drivers\pccsmcfd.sys
[2010/08/23 22:55:37 | 000,000,000 | ---D | C] -- C:\Program Files\PC Connectivity Solution
[2010/08/23 22:55:08 | 000,137,344 | ---- | C] (Nokia) -- C:\WINDOWS\System32\drivers\nmwcdnsu.sys
[2010/08/23 22:55:08 | 000,008,320 | ---- | C] (Nokia) -- C:\WINDOWS\System32\drivers\nmwcdnsuc.sys
[2010/08/23 22:55:07 | 000,008,192 | ---- | C] (Nokia) -- C:\WINDOWS\System32\drivers\usbser_lowerfltj.sys
[2010/08/23 22:55:06 | 000,008,192 | ---- | C] (Nokia) -- C:\WINDOWS\System32\drivers\usbser_lowerflt.sys
[2010/08/23 22:55:05 | 000,022,528 | ---- | C] (Nokia) -- C:\WINDOWS\System32\drivers\ccdcmbo.sys
[2010/08/23 22:55:04 | 001,461,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wdfcoinstaller01009.dll
[2010/08/23 22:55:04 | 000,662,016 | ---- | C] (Nokia) -- C:\WINDOWS\System32\nmwcdcocls.dll
[2010/08/23 22:55:04 | 000,018,176 | ---- | C] (Nokia) -- C:\WINDOWS\System32\drivers\ccdcmb.sys
[2009/07/13 11:21:31 | 000,155,648 | ---- | C] ( ) -- C:\WINDOWS\System32\rsnpstd3.dll
[2009/07/13 11:21:31 | 000,053,248 | ---- | C] ( ) -- C:\WINDOWS\csnpstd3.dll
[2007/03/12 12:41:52 | 000,057,344 | ---- | C] ( ) -- C:\WINDOWS\System32\vsnpstd3.dll
[2005/11/23 13:55:32 | 000,053,248 | ---- | C] ( ) -- C:\WINDOWS\System32\csnpstd3.dll
[2005/01/25 12:26:42 | 000,049,152 | ---- | C] ( ) -- C:\WINDOWS\System32\DLLVGA.dll
[4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\*.tmp files -> C:\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010/09/18 20:16:00 | 000,000,366 | ---- | M] () -- C:\WINDOWS\tasks\Symantec NetDetect.job
[2010/09/18 14:15:23 | 000,000,611 | ---- | M] () -- C:\Documents and Settings\Bertrand\Bureau\NTREGOPT.lnk
[2010/09/18 14:15:23 | 000,000,592 | ---- | M] () -- C:\Documents and Settings\Bertrand\Bureau\ERUNT.lnk
[2010/09/18 13:59:27 | 000,000,696 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Malwarebytes' Anti-Malware.lnk
[2010/09/18 13:49:33 | 006,153,352 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\Bertrand\Bureau\mbam-setup.exe
[2010/09/18 13:44:25 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Bertrand\Bureau\OTL.exe
[2010/09/18 12:53:55 | 002,133,536 | ---- | M] (AVG Technologies) -- C:\Documents and Settings\Bertrand\Bureau\avg_free_stb_all_9_115_cnet.exe
[2010/09/18 12:30:52 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/09/18 12:30:35 | 000,002,337 | ---- | M] () -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Adobe Acrobat Speed Launcher.lnk
[2010/09/18 12:30:15 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/09/18 12:30:08 | 1073,201,152 | -HS- | M] () -- C:\hiberfil.sys
[2010/09/18 00:03:07 | 007,602,176 | -H-- | M] () -- C:\Documents and Settings\Bertrand\NTUSER.DAT
[2010/09/18 00:03:07 | 000,000,184 | -HS- | M] () -- C:\Documents and Settings\Bertrand\ntuser.ini
[2010/09/17 00:10:29 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010/09/16 23:55:57 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/09/14 20:24:46 | 000,003,121 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2010/09/14 20:00:30 | 000,000,500 | ---- | M] () -- C:\WINDOWS\ODBC.INI
[2010/09/07 17:12:17 | 000,038,848 | ---- | M] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2010/09/07 17:11:54 | 000,167,592 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2010/09/07 16:52:25 | 000,046,672 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2010/09/07 16:52:03 | 000,165,584 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2010/09/07 16:47:46 | 000,023,376 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2010/09/07 16:47:19 | 000,100,176 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2010/09/07 16:47:16 | 000,094,544 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2010/09/07 16:47:07 | 000,017,744 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2010/09/07 16:46:51 | 000,028,880 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2010/08/23 23:01:17 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\Msft_User_PCCSWpdDriver_01_09_00.Wdf
[2010/08/23 23:01:13 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\MsftWdf_user_01_09_00.Wdf
[2010/08/23 23:00:31 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_ccdcmb_01009.Wdf
[2010/08/23 23:00:29 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\MsftWdf_Kernel_01009_Coinstaller_Critical.Wdf
[4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\*.tmp files -> C:\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/09/18 14:15:23 | 000,000,611 | ---- | C] () -- C:\Documents and Settings\Bertrand\Bureau\NTREGOPT.lnk
[2010/09/18 14:15:23 | 000,000,592 | ---- | C] () -- C:\Documents and Settings\Bertrand\Bureau\ERUNT.lnk
[2010/09/18 13:59:27 | 000,000,696 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Malwarebytes' Anti-Malware.lnk
[2010/09/16 23:59:30 | 000,001,374 | ---- | C] () -- C:\WINDOWS\imsins.BAK
[2010/08/23 23:01:17 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\Msft_User_PCCSWpdDriver_01_09_00.Wdf
[2010/08/23 23:01:13 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\MsftWdf_user_01_09_00.Wdf
[2010/08/23 23:00:31 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_ccdcmb_01009.Wdf
[2010/08/23 23:00:29 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\MsftWdf_Kernel_01009_Coinstaller_Critical.Wdf
[2010/07/12 21:30:16 | 000,029,184 | ---- | C] () -- C:\WINDOWS\System32\drivers\TSXT_kern_i386.sys
[2010/07/12 21:30:16 | 000,028,032 | ---- | C] () -- C:\WINDOWS\System32\drivers\WOWXT_kern_i386.sys
[2010/03/16 16:05:12 | 000,000,029 | ---- | C] () -- C:\WINDOWS\DEBUGSM.INI
[2010/03/16 16:00:54 | 000,290,919 | ---- | C] () -- C:\WINDOWS\System32\pythoncom21.dll
[2010/03/16 16:00:54 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\PyWinTypes21.dll
[2010/03/16 15:58:23 | 000,096,768 | ---- | C] () -- C:\WINDOWS\SlantAdj.dll
[2010/03/16 15:58:23 | 000,000,072 | ---- | C] () -- C:\WINDOWS\System32\epDPE.ini
[2010/03/16 15:49:59 | 000,000,130 | ---- | C] () -- C:\WINDOWS\EPSON Perfection 1670F.ini
[2009/06/08 19:36:14 | 000,000,066 | ---- | C] () -- C:\WINDOWS\SIMVIEW.INI
[2009/05/31 14:26:13 | 000,602,479 | ---- | C] () -- C:\Documents and Settings\Bertrand\Application Data\NMM-MetaData.db
[2009/05/21 14:40:22 | 000,000,072 | ---- | C] () -- C:\WINDOWS\DSDDDlgs_1_3_1.INI
[2009/05/14 11:04:08 | 000,027,200 | ---- | C] () -- C:\WINDOWS\System32\drivers\RTWTKRNL.sys
[2009/05/13 23:26:22 | 000,000,157 | ---- | C] () -- C:\WINDOWS\matlab.ini
[2009/04/16 11:19:12 | 000,000,015 | ---- | C] () -- C:\WINDOWS\System32\PROTOCOL.INI
[2009/02/24 20:24:27 | 002,463,976 | ---- | C] () -- C:\WINDOWS\System32\NPSWF32.dll
[2009/02/19 02:04:55 | 000,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI
[2009/02/13 01:36:29 | 000,087,552 | ---- | C] () -- C:\Documents and Settings\Bertrand\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2005/01/25 15:05:34 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2005/01/25 14:57:33 | 000,000,466 | ---- | C] () -- C:\WINDOWS\TBTdetect.ini
[2005/01/25 14:57:03 | 000,006,757 | ---- | C] () -- C:\WINDOWS\TcdsASC2.ini
[2005/01/25 14:46:44 | 000,000,500 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2005/01/25 14:25:33 | 000,000,138 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2005/01/25 14:13:14 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeW7.dll
[2005/01/25 14:13:14 | 000,200,704 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeA6.dll
[2005/01/25 14:13:14 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeP6.dll
[2005/01/25 14:13:14 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeM6.dll
[2005/01/25 14:13:14 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\IVIresizePX.dll
[2005/01/25 14:13:14 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\IVIresize.dll
[2005/01/25 13:21:28 | 000,000,000 | ---- | C] () -- C:\WINDOWS\NDSTray.INI
[2005/01/25 12:29:06 | 000,122,880 | ---- | C] () -- C:\WINDOWS\System32\MousePage.dll
[2005/01/25 12:26:42 | 000,118,784 | ---- | C] () -- C:\WINDOWS\System32\TCtrlIO.dll
[2005/01/25 12:09:37 | 000,010,179 | ---- | C] () -- C:\WINDOWS\System32\tosmreg.ini
[2005/01/25 12:09:37 | 000,007,671 | ---- | C] () -- C:\WINDOWS\System32\cseltbl.ini
[2005/01/25 12:09:36 | 000,128,113 | ---- | C] () -- C:\WINDOWS\System32\csellang.ini
[2005/01/25 12:09:36 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\csellang.dll
[2005/01/24 13:47:58 | 000,000,829 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2005/01/24 13:25:53 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\ToshBIOS.dll
[2005/01/24 13:25:53 | 000,000,083 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2004/09/15 03:25:40 | 000,114,688 | ---- | C] () -- C:\WINDOWS\System32\TosBtAcc.dll
[2004/07/21 02:04:02 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\TosBtHcrpAPI.dll
[2004/06/17 19:55:26 | 001,527,808 | ---- | C] () -- C:\WINDOWS\System32\TosMousePage.dll
[2004/06/17 19:48:42 | 000,770,048 | ---- | C] () -- C:\WINDOWS\System32\TosKeyboardPage.dll
[2004/05/12 20:56:36 | 000,634,880 | ---- | C] () -- C:\WINDOWS\System32\pemicro_serialcm2.dll
[2004/02/27 17:36:18 | 000,015,498 | ---- | C] () -- C:\WINDOWS\snpstd3.ini
[2004/01/15 23:43:28 | 000,114,688 | ---- | C] () -- C:\WINDOWS\System32\TBTMonUI.dll
[2004/01/14 03:46:34 | 000,172,032 | ---- | C] () -- C:\WINDOWS\System32\tifmicon.dll
[2003/07/30 00:33:24 | 000,061,440 | ---- | C] () -- C:\WINDOWS\System32\TosHidAPI.dll
[2002/06/04 18:58:30 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\TosCommAPI.dll
[2000/08/03 14:25:12 | 000,023,296 | ---- | C] () -- C:\WINDOWS\System32\pedrv.sys
[2000/08/03 14:25:12 | 000,023,296 | ---- | C] () -- C:\WINDOWS\System32\drivers\pedrv.sys
[1998/10/02 10:20:46 | 000,005,200 | ---- | C] () -- C:\WINDOWS\System32\drivers\vichw11.sys
[1996/05/29 17:20:04 | 000,035,072 | ---- | C] () -- C:\WINDOWS\System32\SENDKEY.DLL
[1996/04/03 22:33:26 | 000,005,248 | ---- | C] () -- C:\WINDOWS\System32\drivers\GIVEIO.SYS

========== LOP Check ==========

[2010/09/14 20:24:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Alwil Software
[2010/08/23 22:51:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Installations
[2010/08/23 22:58:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Nokia
[2009/05/31 14:08:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Suite
[2010/09/14 21:04:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sophos
[2010/04/25 12:58:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bertrand\Application Data\Braid
[2010/07/24 21:26:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bertrand\Application Data\CrazyLoader
[2010/03/16 16:06:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bertrand\Application Data\EPSON
[2010/01/31 21:39:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bertrand\Application Data\GetRightToGo
[2009/06/11 21:59:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bertrand\Application Data\InterVideo
[2009/05/31 14:05:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bertrand\Application Data\Nokia
[2009/05/31 14:08:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bertrand\Application Data\PC Suite
[2010/03/16 16:06:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bertrand\Application Data\Smart Panel
[2010/07/24 20:31:55 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\Bertrand\Application Data\SystemProc
[2009/06/06 19:20:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bertrand\Application Data\toshiba
[2009/12/24 17:49:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bertrand\Application Data\TP
[2005/01/25 13:24:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Default User\Application Data\toshiba

========== Purity Check ==========

========== Custom Scans ==========

<SYSTEMDRIVE>

<MD5>
[2004/08/05 13:00:00 | 018,779,217 | ---- | M] () .cab file -- C:\I386\sp2.cab:AGP440.sys
[2004/08/05 13:00:00 | 018,779,217 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2009/02/16 01:38:49 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
[2009/02/16 01:38:49 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys
[2008/04/13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008/04/13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys

<MD5>
[2004/08/05 13:00:00 | 018,779,217 | ---- | M] () .cab file -- C:\I386\sp2.cab:atapi.sys
[2004/08/05 13:00:00 | 018,779,217 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2009/02/16 01:38:49 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2009/02/16 01:38:49 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008/04/13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008/04/13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004/08/03 23:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys
[2004/08/05 13:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0004\DriverFiles\i386\atapi.sys

<MD5>
[1999/10/02 10:24:46 | 000,017,408 | ---- | M] () MD5=1363337A5301619F00F8033835EF30E9 -- C:\Program Files\MATLAB\MATLAB71\sys\perl\win32\site\lib\auto\Win32\EventLog\EventLog.dll
[2004/08/05 13:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=21E83876A6287F15538EF187D286FE11 -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll
[2008/04/14 04:33:24 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=4EC800BDF80521B0207BD2301DFC7D14 -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008/04/14 04:33:24 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=4EC800BDF80521B0207BD2301DFC7D14 -- C:\WINDOWS\system32\eventlog.dll

<MD5>
[2008/04/14 04:33:34 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=04821179C3171554C1BD1F9888A113E2 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2008/04/14 04:33:34 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=04821179C3171554C1BD1F9888A113E2 -- C:\WINDOWS\system32\netlogon.dll
[2004/08/05 13:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=FAF07FDCDE76000621A28D19F8E2E8EB -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll

<MD5>
[2008/04/14 04:33:40 | 000,187,392 | ---- | M] (Microsoft Corporation) MD5=973B36634C544948C663E8269AA1B3A3 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008/04/14 04:33:40 | 000,187,392 | ---- | M] (Microsoft Corporation) MD5=973B36634C544948C663E8269AA1B3A3 -- C:\WINDOWS\system32\scecli.dll
[2004/08/05 13:00:00 | 000,186,368 | ---- | M] (Microsoft Corporation) MD5=DEC0397F35D027874804EC72979D03CC -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll

<systemroot>

<systemroot>
[2008/04/14 04:33:21 | 000,033,280 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\cryptdll.dll
[2008/04/14 04:33:27 | 000,095,744 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\iphlpapi.dll
[2008/04/14 04:33:30 | 000,072,192 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\msacm32.dll
[2008/04/14 04:33:32 | 002,843,136 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\msi.dll
[2008/04/13 20:30:46 | 000,061,440 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\msvcrt40.dll
[2008/04/14 04:33:39 | 000,237,056 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\rasapi32.dll
[2008/04/14 04:33:39 | 000,061,440 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\rasman.dll
[2008/04/14 04:33:39 | 000,044,032 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\rtutils.dll
[2008/04/14 04:33:40 | 000,007,168 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\sensapi.dll
[2008/04/14 04:33:46 | 000,716,800 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\sxs.dll
[2008/04/14 04:33:46 | 000,181,760 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\tapi32.dll
[2008/04/13 20:36:46 | 002,986,496 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\xpsp2res.dll
[4 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

<systemroot>
<End>

de **__Bertrand__** » 19 09 2010

OTL Extras logfile created on: 18/09/2010 20:16:37 - Run 1
OTL by OldTimer - Version 3.2.12.1 Folder = C:\Documents and Settings\Bertrand\Bureau
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

1 023,00 Mb Total Physical Memory | 565,00 Mb Available Physical Memory | 55,00% Memory free
2,00 Gb Paging File | 2,00 Gb Available in Paging File | 87,00% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 92,96 Gb Total Space | 49,00 Gb Free Space | 52,71% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: LAPTOP-BERTRAND
Current User Name: Bertrand
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

[HKEY_USERS\S-1-5-21-3417073094-1580893332-2371373085-1006\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\MSN Messenger\livecall.exe" = C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone) -- File not found
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe" = C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\MSN Messenger\livecall.exe" = C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone) -- File not found
"C:\pemicro\pkgppcnexus_starter\progppcnexus_64k.exe" = C:\pemicro\pkgppcnexus_starter\progppcnexus_64k.exe:*:Enabled:progppcnexus_64k -- (P&E Microcomputer Systems, Inc.)
"C:\pemicro\pkgppcnexus_starter\ICDPPCNEXUS_64k.EXE" = C:\pemicro\pkgppcnexus_starter\ICDPPCNEXUS_64k.EXE:*:Enabled:ICDPPCNEXUS_64k -- (P&E Microcomputer Systems, Inc.)
"C:\Documents and Settings\Bertrand\Mes documents\Call of Duty\CoDMP.exe" = C:\Documents and Settings\Bertrand\Mes documents\Call of Duty\CoDMP.exe:*:Enabled:CoDMP -- File not found
"C:\Program Files\VideoLAN\VLC\vlc.exe" = C:\Program Files\VideoLAN\VLC\vlc.exe:*:Enabled:VLC media player -- ()
"C:\Program Files\CS\hl.exe" = C:\Program Files\CS\hl.exe:*:Enabled:Half-Life Launcher -- (Valve)
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe" = C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation)
"C:\Program Files\CrazyLoader\crazyloader.exe" = C:\Program Files\CrazyLoader\crazyloader.exe:*:Enabled:CrazyLoader v1.2 -- File not found
"C:\Program Files\Java\jre6\bin\javaw.exe" = C:\Program Files\Java\jre6\bin\javaw.exe:*:Enabled:Javaw (x64) -- (Sun Microsystems, Inc.)
"C:\Program Files\Java\jre6\bin\javaws.exe" = C:\Program Files\Java\jre6\bin\javaws.exe:*:Enabled:Javaws (x64) -- (Sun Microsystems, Inc.)

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0046FA01-C5B9-4985-BACB-398DC480FC05}" = Adobe Photoshop CS3
"{0456ebd7-5f67-4ab6-852e-63781e3f389c}" = Macromedia Flash Player
"{04AF207D-9A77-465A-8B76-991F6AB66245}" = Adobe Help Viewer CS3
"{089DD780-DB3F-4CDB-A0C2-111360247298}" = PC Connectivity Solution
"{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting
"{09E2111C-16B1-4DDF-BF0D-F994C9A12350}" = Adobe Setup
"{0BEDBD4E-2D34-47B5-9973-57E62B29307C}" = ATI Control Panel
"{0E0131B2-CF18-40D9-A331-60A3746C1204}" = EPSON Scan
"{12B3A009-A080-4619-9A2A-C6DB151D8D67}" = Assist TOSHIBA
"{13B792AA-C078-43A4-8A3A-8B12D629940D}" = Counter-Strike 1.6
"{13C4E8F0-B747-4C7C-9090-884832F9F90A}" = Proteus 7 Professional
"{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}" = Adobe WinSoft Linguistics Plugin
"{188BA1CC-F3A1-49B0-A34D-8C861C64E1AE}" = Manuels TOSHIBA
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Outil de téléchargement Windows Live
"{212748BB-0DA5-46DE-82A1-403736DC9F27}" = MSVC80_x86
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{24D753CA-6AE9-4E30-8F5F-EFC93E08BF3D}" = Skype™ 4.0
"{26A24AE4-039D-4CA4-87B4-2F83216013FF}" = Java(TM) 6 Update 15
"{29E5EA97-5F74-4A57-B8B2-D4F169117183}" = Adobe Stock Photos CS3
"{2EFFFC71-1E66-454E-A6E6-CEEC800B96D2}" = Adobe Flash Video Encoder
"{3248F0A8-6813-11D6-A77B-00B0D0150000}" = J2SE Runtime Environment 5.0
"{3248F0A8-6813-11D6-A77B-00B0D0160030}" = Java(TM) 6 Update 3
"{350C940c-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{46ABBC54-1872-4AA3-95E2-F2C063A63F31}" = Installation Windows Live
"{48CF9A66-5F03-4025-ABD0-B3A3FA095A59}" = Formatage de carte mémoire SD TOSHIBA
"{4ECA710C-B818-4751-A3B8-42C2D93922A8}" = Nokia Software Updater
"{51846830-E7B2-4218-8968-B77F0FF475B8}" = Adobe Color EU Extra Settings
"{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3
"{5D96E2B1-D9AC-46E0-9073-425C5F63E338}" = Touch and Launch
"{5DD76286-9BE7-4894-A990-E905E91AC818}" = Windows Live Mail
"{64212898-097F-4F3F-AECA-6D34A7EF82DF}" = Utilitaire de zoom TOSHIBA
"{64DD71BC-3109-4C88-9AD3-D5422644B722}" = TOSHIBA Hotkey Utility
"{69BE47C2-36FE-4397-8199-85D8EAE69982}" = TOSHIBA TouchPad ON/Off Utility
"{6ABE0BEE-D572-4FE8-B434-9E72A289431B}" = Adobe Fonts All
"{6B52140A-F189-4945-BFFC-DB3F00B8C589}" = Adobe Flash CS3
"{6B708481-748A-4EB4-97C1-CD386244FF77}" = Adobe MotionPicture Color Files
"{6B8C6633-F586-46E8-BBC4-C0E6483AFA1D}" = P&E PowerPC Nexus Development Package Starter Edition
"{6BBAA81D-6A7E-43AD-8889-2F002DCAAFDD}" = AHV content for Acrobat and Flash
"{6C11D561-620B-47DA-A693-4C597F3CDF40}" = EPSON Smart Panel
"{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}" = Adobe Asset Services CS3
"{73B2BC65-F997-4208-AEE5-CF8B809A3A71}" = TIxx21/x515
"{7694EC32-CB0E-4B35-9088-7B320CB1F4FE}" = Nokia PC Suite
"{770F1BEC-2871-4E70-B837-FB8525FFA3B1}" = Windows Live Messenger
"{78C68CB9-3DF5-44F3-AB9D-FA305C5EB85C}" = TOSHIBA Utilities
"{802771A9-A856-4A41-ACF7-1450E523C923}" = Adobe XMP Panels CS3
"{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}" = Windows Live Call
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{8B12BA86-ADAC-4BA6-B441-FFC591087252}" = Son virtuel TOSHIBA
"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3
"{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}" = Adobe Type Support
"{9011040C-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3
"{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}" = InterVideo WinDVD for TOSHIBA
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95655ED4-7CA5-46DF-907F-7144877A32E5}" = Adobe Color NA Recommended Settings
"{9A394342-4A68-4EBA-85A6-55B559F4E700}" = Microsoft .NET Framework 1.1 French Language Pack
"{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3
"{9D10CB57-B085-44c3-B435-2D193BA153F0}" = Conseiller de mise à niveau vers Windows 7
"{9FE35071-CAB2-4E79-93E7-BFC6A2DC5C5D}" = Réducteur de bruit lect. CD/DVD
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}" = Adobe CMaps
"{A2D81E70-2A98-4A08-A628-94388B063C5E}" = Adobe Color - Photoshop Specific
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A6690C0E-B96E-4F0F-A8EB-D5B332454AC6}" = Commandes TOSHIBA
"{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}" = PDF Settings
"{AC76BA86-1033-0000-7760-000000000003}" = Adobe Acrobat 8 Professional
"{B1310222-C64A-4E1E-ABE7-2489B33955FB}" = Outil de diagnostic PC TOSHIBA
"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0
"{B671CBFD-4109-4D35-9252-3062D3CCB7B2}" = Adobe SING CS3
"{B69CC1A5-0404-11D6-ABCB-005004C21D30}" = EPSON Copy Utility
"{B7F560B3-6EFF-4026-A982-843895A41149}" = Adobe BridgeTalk Plugin CS3
"{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}" = Adobe Default Language CS3
"{BC4F8E84-5E29-49EC-B4E7-E6F9CB50986C}" = Adobe Flash Player 9 ActiveX
"{BDD83DC9-BEE9-4654-A5DA-CC46C250088D}" = TOSHIBA ConfigFree
"{BE5F3842-8309-4754-92D5-83E02E6077A3}" = Adobe Extension Manager CS3
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C24FE0B8-0A25-42E6-8532-A4ABAA1FA400}" = EPSON Photo Print
"{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}" = Adobe ExtendScript Toolkit 2
"{C45F4811-31D5-4786-801D-F79CD06EDD85}" = SD Secure Module
"{C5BD220A-EFE8-48A5-B70E-9503D535FACE}" = Adobe WAS CS3
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}" = Bluetooth Stack for Windows by Toshiba
"{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client
"{D1C18EDD-571A-4BDD-BE7B-1DD86027D7FF}" = Adobe Creative Suite 3 Design Premium
"{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}" = Adobe PDF Library Files
"{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}" = Adobe Color Common Settings
"{DCE8CD14-FBF5-4464-B9A4-E18E473546C7}" = Assistant de connexion Windows Live
"{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}" = Adobe Color JA Extra Settings
"{E2C689A9-1B68-4144-9D84-735A7F4F419E}" = P&E Device Drivers
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3
"{EA7B3CC4-366D-4CF6-8350-FD7A7034116E}" = Adobe InDesign CS3 Icon Handler
"{EBAE381B-60A6-4863-AA9F-FCAB755BC9E5}" = ScanToWeb
"{ECD03DA7-5952-406A-8156-5F0C93618D1F}" = Webcam Essentiel B Glob'mobile
"{F0A37341-D692-11D4-A984-009027EC0A9C}" = SoundMAX
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F1FDAA01-988C-423F-AC12-0D8F333943FD}" = Nokia Connectivity Cable Driver
"504244733D18C8F63FF584AEB290E3904E791693" = Package de pilotes Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"ActiveScan 2.0" = Panda ActiveScan 2.0
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Adobe_c14ac4070fd9614ffe63f4bb533db2c" = Add or Remove Adobe Creative Suite 3 Design Premium
"All ATI Software" = ATI - Utilitaire de désinstallation du logiciel
"ATI Display Driver" = ATI Display Driver
"avast5" = avast! Free Antivirus
"CCleaner" = CCleaner
"D978F69D5F15B845BD6BC6F8BF9BCD36982A2087" = Package de pilotes Windows - Nokia Modem (02/24/2009 4.0)
"DVD Decrypter" = DVD Decrypter (Remove Only)
"E7F682214B951640C9C539C41FDA1A7F836FF7B6" = Package de pilotes Windows - Nokia Modem (02/23/2009 7.01.0.2)
"EPSON Printer and Utilities" = EPSON Logiciel imprimante
"ERUNT_is1" = ERUNT 1.1j
"HijackThis" = HijackThis 2.0.2
"InstallShield_{73B2BC65-F997-4208-AEE5-CF8B809A3A71}" = Texas Instruments PCIxx21/x515 drivers.
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"MatlabR14SP3" = MATLAB 7.1
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.6.9)" = Mozilla Firefox (3.6.9)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"Nokia PC Suite" = Nokia PC Suite
"OpenVPN" = OpenVPN 2.0.9-gui-1.0.3-HE3.0
"Power Saver" = Gestion d'énergie TOSHIBA
"RealTimeWindowsTarget" = Real-Time Windows Target
"SuperCopier2" = SuperCopier2
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"TOSHIBA Software Modem" = TOSHIBA Software Modem
"TZM-toolset-MPC5567" = TZM-toolset-MPC5567
"VLC media player" = VLC media player 1.0.1
"Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
"Wdf01007" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
"Wdf01009" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Lecteur Windows Media 11
"Windows XP Service" = Windows XP Service Pack 3
"WinLiveSuite_Wave3" = Installation Windows Live
"WinRAR archiver" = Archiveur WinRAR
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01009" = Microsoft User-Mode Driver Framework Feature Pack 1.9

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 08/11/2009 05:46:07 | Computer Name = LAPTOP-BERTRAND | Source = PerfNet | ID = 2004
Description = Impossible d'ouvrir le Service serveur. Les données de performance
du serveur ne seront pas renvoyées. Le code d'erreur renvoyé est la donnée DWORD
0.

Error - 15/11/2009 16:40:38 | Computer Name = LAPTOP-BERTRAND | Source = PerfNet | ID = 2004
Description = Impossible d'ouvrir le Service serveur. Les données de performance
du serveur ne seront pas renvoyées. Le code d'erreur renvoyé est la donnée DWORD
0.

Error - 16/11/2009 16:54:43 | Computer Name = LAPTOP-BERTRAND | Source = PerfNet | ID = 2005
Description = Impossible de lire les données de performance du Service serveur. Aucune
donnée de performance du serveur ne sera renvoyée pour cet extrait. Le code d'erreur
renvoyé est la donnée DWORD 0, IOSB.Status est DWORD 1 et IOSB.Information est DWORD
2.

Error - 16/11/2009 16:54:43 | Computer Name = LAPTOP-BERTRAND | Source = PerfNet | ID = 2006
Description = Impossible de lire les données de performance de la file d'attente
serveur du Service serveur. Aucune donnée de performance de la file d'attente serveur
ne
sera renvoyée pour cet extrait. Le code d'erreur renvoyé est la donnée DWORD 0,
IOSB.Status est DWORD 1 et IOSB.Information est DWORD 2.

Error - 22/11/2009 07:44:58 | Computer Name = LAPTOP-BERTRAND | Source = PerfNet | ID = 2004
Description = Impossible d'ouvrir le Service serveur. Les données de performance
du serveur ne seront pas renvoyées. Le code d'erreur renvoyé est la donnée DWORD
0.

Error - 22/11/2009 12:06:50 | Computer Name = LAPTOP-BERTRAND | Source = PerfNet | ID = 2004
Description = Impossible d'ouvrir le Service serveur. Les données de performance
du serveur ne seront pas renvoyées. Le code d'erreur renvoyé est la donnée DWORD
0.

Error - 23/11/2009 16:06:36 | Computer Name = LAPTOP-BERTRAND | Source = PerfNet | ID = 2004
Description = Impossible d'ouvrir le Service serveur. Les données de performance
du serveur ne seront pas renvoyées. Le code d'erreur renvoyé est la donnée DWORD
0.

Error - 24/11/2009 13:18:45 | Computer Name = LAPTOP-BERTRAND | Source = PerfNet | ID = 2004
Description = Impossible d'ouvrir le Service serveur. Les données de performance
du serveur ne seront pas renvoyées. Le code d'erreur renvoyé est la donnée DWORD
0.

Error - 25/11/2009 16:09:00 | Computer Name = LAPTOP-BERTRAND | Source = PerfNet | ID = 2004
Description = Impossible d'ouvrir le Service serveur. Les données de performance
du serveur ne seront pas renvoyées. Le code d'erreur renvoyé est la donnée DWORD
0.

Error - 03/12/2009 14:08:35 | Computer Name = LAPTOP-BERTRAND | Source = PerfNet | ID = 2004
Description = Impossible d'ouvrir le Service serveur. Les données de performance
du serveur ne seront pas renvoyées. Le code d'erreur renvoyé est la donnée DWORD
0.

[ System Events ]
Error - 14/09/2010 15:13:56 | Computer Name = LAPTOP-BERTRAND | Source = Service Control Manager | ID = 7023
Description = Le service Gestion d'applications s'est arrêté avec l'erreur : %%126

Error - 14/09/2010 15:13:56 | Computer Name = LAPTOP-BERTRAND | Source = Service Control Manager | ID = 7023
Description = Le service Gestion d'applications s'est arrêté avec l'erreur : %%126

Error - 14/09/2010 15:13:57 | Computer Name = LAPTOP-BERTRAND | Source = Service Control Manager | ID = 7023
Description = Le service Gestion d'applications s'est arrêté avec l'erreur : %%126

Error - 14/09/2010 15:13:57 | Computer Name = LAPTOP-BERTRAND | Source = Service Control Manager | ID = 7023
Description = Le service Gestion d'applications s'est arrêté avec l'erreur : %%126

Error - 14/09/2010 15:13:57 | Computer Name = LAPTOP-BERTRAND | Source = Service Control Manager | ID = 7023
Description = Le service Gestion d'applications s'est arrêté avec l'erreur : %%126

Error - 14/09/2010 15:13:57 | Computer Name = LAPTOP-BERTRAND | Source = Service Control Manager | ID = 7023
Description = Le service Gestion d'applications s'est arrêté avec l'erreur : %%126

Error - 14/09/2010 15:13:57 | Computer Name = LAPTOP-BERTRAND | Source = Service Control Manager | ID = 7023
Description = Le service Gestion d'applications s'est arrêté avec l'erreur : %%126

Error - 14/09/2010 15:13:57 | Computer Name = LAPTOP-BERTRAND | Source = Service Control Manager | ID = 7023
Description = Le service Gestion d'applications s'est arrêté avec l'erreur : %%126

Error - 14/09/2010 15:13:57 | Computer Name = LAPTOP-BERTRAND | Source = Service Control Manager | ID = 7023
Description = Le service Gestion d'applications s'est arrêté avec l'erreur : %%126

Error - 17/09/2010 13:21:40 | Computer Name = LAPTOP-BERTRAND | Source = System Error | ID = 1003
Description = Code erreur 1000000a, paramètre 1 00000023, paramètre 2 00000002,
paramètre 3 00000000, paramètre 4 804f435e.

<End>

de **nickW** » 22 09 2010

Bonsoir,

1ère partie: Premiers nettoyages:

Étape 1: OTL (de OldTimer), préparation de la correction
Ouvrir une fenêtre du Bloc-notes, via Démarrer---->Exécuter, taper notepad puis cliquer sur OK

Sélectionner toutes les lignes de la zone blanche située sous "Code:" ci-dessous, puis appuyer simultanément sur les touches Ctrl et C

Code: Tout sélectionner: rien :otl FF - prefs.js..extensions.enabledItems: {9CE11043-9A15-4207-A565-0C94C42D590D}:2.0 [2010/07/24 20:31:53 | 000,000,000 | ---D | M] (Firefox security) -- C:\Program Files\Mozilla Firefox\extensions\{9CE11043-9A15-4207-A565-0C94C42D590D} O33 - MountPoints2\{189bca62-123e-11de-9540-9be243be19ed}\Shell - "" = AutoRun O33 - MountPoints2\{189bca62-123e-11de-9540-9be243be19ed}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- File not found O33 - MountPoints2\{2acf4ae3-71ed-11de-9622-8bfa6c35088d}\Shell - "" = AutoRun O33 - MountPoints2\{2acf4ae3-71ed-11de-9622-8bfa6c35088d}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- File not found O33 - MountPoints2\{2acf4ae4-71ed-11de-9622-8bfa6c35088d}\Shell - "" = AutoRun O33 - MountPoints2\{2acf4ae4-71ed-11de-9622-8bfa6c35088d}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- File not found O33 - MountPoints2\{879d30d0-6c60-11de-9614-00a0d1247f63}\Shell - "" = AutoRun O33 - MountPoints2\{879d30d0-6c60-11de-9614-00a0d1247f63}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- File not found O33 - MountPoints2\{879d30d1-6c60-11de-9614-00a0d1247f63}\Shell - "" = AutoRun O33 - MountPoints2\{879d30d1-6c60-11de-9614-00a0d1247f63}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- File not found O33 - MountPoints2\{a080ae40-1205-11de-953e-0013ce30f61f}\Shell - "" = AutoRun O33 - MountPoints2\{a080ae40-1205-11de-953e-0013ce30f61f}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- File not found O33 - MountPoints2\{da1185d0-82c5-11de-964d-c0d3b3f27d84}\Shell - "" = AutoRun O33 - MountPoints2\{da1185d0-82c5-11de-964d-c0d3b3f27d84}\Shell\AutoRun\command - "" = G:\AutoRun.exe -- File not found O33 - MountPoints2\{da1185d1-82c5-11de-964d-c0d3b3f27d84}\Shell - "" = AutoRun O33 - MountPoints2\{da1185d1-82c5-11de-964d-c0d3b3f27d84}\Shell\AutoRun\command - "" = G:\AutoRun.exe -- File not found :Files C:\Documents and Settings\Bertrand\Application Data\SystemProc :Commands [emptytemp]

Retourner dans la fenêtre du Bloc-notes, faire un clic droit dans la fenêtre et choisir Coller
Vérifier dans le menu Format (en haut) que "Retour automatique à ligne" n'est pas actif (pas coché).
Enregistrer le fichier sous le nom fix.txt <---- ne pas modifier le nom du fichier
Fermer le Bloc-notes.

Note: Les lignes de la zone Code ci-dessus ont été créées exclusivement pour CET utilisateur: __Bertrand__.
Si vous n'êtes pas CET utilisateur, il ne faut pas les utiliser: elles pourraient endommager votre système.

Étape 2: Pas de processus de contrôle en temps réel
Désactiver le module résident de l'antivirus.

avast5!: clic droit sur l'icône dans la SysBarre (à coté de l'horloge), choisir "Gestion des Agents avast!" et désactiver tous les agents de protection

Étape 3: Malwarebytes' Anti-Malware, nettoyage
Fermer toutes les fenêtres de programme ouvertes.
Lancer Malwarebytes' Anti-Malware via le Menu Démarrer.
Dans l'onglet Paramètres, vérifier que toutes les cases sont cochées sauf "Créer une option dans le menu contextuel pour analyser des fichiers (clic droit)".
Dans l'onglet Mise à jour, cliquer sur le bouton Recherche de mise à jour et installer toutes les mises à jour trouvées.
Dans l'onglet Recherche, cocher le bouton radio situé devant "Exécuter un examen rapide" puis cliquer sur le bouton Rechercher, comme ceci:

Attendre sans rien faire d'autre la fin de la recherche; dans la fenêtre annonçant la fin de l'analyse, cliquer sur OK; puis cliquer sur le bouton "Afficher les résultats":

Si des éléments nuisibles ont été détectés, cliquer sur le bouton "Supprimer la sélection":

Attendre patiemment sans rien faire d'autre la fin du nettoyage.
Un redémarrage est parfois nécessaire. Accepter.
Une fenêtre du Bloc-notes s'ouvre pour afficher le rapport. Fermer le Bloc-notes.
Cliquer sur le bouton "Quitter" pour fermer Malwarebytes' Anti-Malware.

Étape 4: Pas de processus de contrôle en temps réel
Si le PC a redémarré, et si l'antivirus a été réactivé, il faut de nouveau le désactiver.

Étape 5: OTL (de OldTimer), correction

Faire un double clic sur OTL.exe pour lancer l'outil.

L'écran principal de OTL s'affiche:

Cliquer sur le bouton Correction:

Il y a ouverture d'une petite fenêtre "OTL":

Cliquer sur le bouton Ok.

A partir de la nouvelle fenêtre "Ouvrir", naviguer jusqu'au dossier de sauvegarde du fichier fix.txt puis cliquer sur le bouton Ouvrir.

Le contenu du fichier fix.txt est ainsi inséré dans le panneau "Personnalisation"

Fermer toutes les fenêtres de programme ouvertes autres que OTL (navigateur, traitement de texte, etc...): un redémarrage du PC va se produire.

Cliquer de nouveau sur le bouton Correction:

Note: Lorsque le redémarrage est demandé, cliquer sur Ok

Lorsque l'outil a terminé son travail, il y a affichage dans une petite fenêtre du message "Correction terminée! Cliquez sur Ok pour afficher le rapport.". Cliquer sur Ok puis fermer OTL.

Étape 6: Processus de contrôle en temps réel
Important: Réactiver le module résident de l'antivirus.

Étape 7: OTL (de OldTimer), analyse rapide
Fermer toutes les fenêtres de programme ouvertes.

Faire un double clic sur OTL.exe pour lancer l'outil.

L'écran principal de OTL s'affiche:

Cliquer sur le bouton Analyse rapide:

Laisser l'outil travailler sans l'interrompre.
Lorsque l'outil a terminé, il y a ouverture d'une fenêtre du Bloc-notes contenant un rapport (log).
Fermer le Bloc-notes.
Fermer la fenêtre de OTL.

Étape 8: Résultats
Envoyer en réponse:
*- le rapport de correction de OTL (contenu du fichier SystemDrive\_OTL\MovedFiles\********_******.log - les *** sont des chiffres représentant la date [moisjourannée] et l'heure)
[SystemDrive représente la partition sur laquelle est installé le système, généralement C:]
*- le rapport de Malwarebytes' Anti-Malware (contenu du fichier mbam-log-****-**-** (**-**-**).txt situé dans le dossier SystemDrive\Documents and Settings\<tonprofil>\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs où ****-** (**-**-**) représente la date [année-mois-jour] et l'heure [hh-mn-ss])
[SystemDrive représente la partition sur laquelle est installé le système, généralement C:]

Envoyer ensuite en réponse dans un message distinct (à cause de la longueur du fichier):
*- le rapport principal de OTL (contenu du fichier OTL.txt situé sur le Bureau).
Le rapport envoyé sur le forum doit se terminer par une ligne contenant <End>. Si ce n'est pas le cas, il est incomplet, et doit alors être découpé en plusieurs messages.

Note importante: Pour l'envoi de ta(tes) réponse(s), il ne faut pas créer un nouveau sujet, mais cliquer sur le bouton "Répondre"

pour continuer dans ce fil de discussion.

A suivre,

de **nickW** » 22 09 2010

Re-,

2nde partie: des messages d'erreur de l'Observateur d'événements laissent supposer un problème matériel (mémoire, pilote ou autre).

Peux-tu voir dans le dossier C:\Windows\Minidump s'il existe des fichiers créés récemment.
S'il en existe, il faudrait les déposer sur un serveur externe pour que je puisse les récupérer:

*- Mettre dans un fichier archive nommé Bertrand.zip les cinq fichiers les plus récents
*- Aller sur: https://www.yousendit.com/
(Javascript doit être activé)
*- Dans les zones To et From, saisir n'importe quoi avec un @ dedans (Exemples: abc@def.com et abcdef@def.com)
*- Cliquer sur le bouton Select a file, puis dans la fenêtre "Choix des fichiers à transférer..." aller jusqu'au fichier Bertrand.zip - faire un double clic sur ce fichier
*- Cliquer sur le bouton vert "Send It"
*- Attendre la fin du transfert du fichier
*- Si une petite fenêre "Make your file available for download longer" apparaît, cliquer sur No thanks
*- Envoyer en réponse sur le forum le lien qui est affiché en dessous de "Here's the link to your file:".

A suivre,

de **__Bertrand__** » 28 09 2010

Bonjour,

En réponse à la première partie de la réponse:

OTL - MovedFiles

All processes killed
Error: Unable to interpret <rien> in the current context!
========== OTL ==========
Prefs.js: {9CE11043-9A15-4207-A565-0C94C42D590D}:2.0 removed from extensions.enabledItems
Folder C:\Program Files\Mozilla Firefox\extensions\{9CE11043-9A15-4207-A565-0C94C42D590D}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{189bca62-123e-11de-9540-9be243be19ed}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{189bca62-123e-11de-9540-9be243be19ed}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{189bca62-123e-11de-9540-9be243be19ed}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{189bca62-123e-11de-9540-9be243be19ed}\ not found.
File E:\AutoRun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{2acf4ae3-71ed-11de-9622-8bfa6c35088d}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2acf4ae3-71ed-11de-9622-8bfa6c35088d}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{2acf4ae3-71ed-11de-9622-8bfa6c35088d}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2acf4ae3-71ed-11de-9622-8bfa6c35088d}\ not found.
File F:\AutoRun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{2acf4ae4-71ed-11de-9622-8bfa6c35088d}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2acf4ae4-71ed-11de-9622-8bfa6c35088d}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{2acf4ae4-71ed-11de-9622-8bfa6c35088d}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2acf4ae4-71ed-11de-9622-8bfa6c35088d}\ not found.
File F:\AutoRun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{879d30d0-6c60-11de-9614-00a0d1247f63}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{879d30d0-6c60-11de-9614-00a0d1247f63}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{879d30d0-6c60-11de-9614-00a0d1247f63}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{879d30d0-6c60-11de-9614-00a0d1247f63}\ not found.
File E:\AutoRun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{879d30d1-6c60-11de-9614-00a0d1247f63}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{879d30d1-6c60-11de-9614-00a0d1247f63}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{879d30d1-6c60-11de-9614-00a0d1247f63}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{879d30d1-6c60-11de-9614-00a0d1247f63}\ not found.
File E:\AutoRun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a080ae40-1205-11de-953e-0013ce30f61f}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{a080ae40-1205-11de-953e-0013ce30f61f}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a080ae40-1205-11de-953e-0013ce30f61f}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{a080ae40-1205-11de-953e-0013ce30f61f}\ not found.
File E:\AutoRun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{da1185d0-82c5-11de-964d-c0d3b3f27d84}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{da1185d0-82c5-11de-964d-c0d3b3f27d84}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{da1185d0-82c5-11de-964d-c0d3b3f27d84}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{da1185d0-82c5-11de-964d-c0d3b3f27d84}\ not found.
File G:\AutoRun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{da1185d1-82c5-11de-964d-c0d3b3f27d84}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{da1185d1-82c5-11de-964d-c0d3b3f27d84}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{da1185d1-82c5-11de-964d-c0d3b3f27d84}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{da1185d1-82c5-11de-964d-c0d3b3f27d84}\ not found.
File G:\AutoRun.exe not found.
========== FILES ==========
File\Folder C:\Documents and Settings\Bertrand\Application Data\SystemProc not found.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Bertrand
->Temp folder emptied: 209765729 bytes
->Temporary Internet Files folder emptied: 1502865 bytes
->Java cache emptied: 7140 bytes
->FireFox cache emptied: 40931159 bytes
->Flash cache emptied: 6145 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 32902 bytes

User: LocalService
->Temp folder emptied: 66210 bytes
->Temporary Internet Files folder emptied: 44148657 bytes
->Flash cache emptied: 1270 bytes

User: NetworkService
->Temp folder emptied: 521354 bytes
->Temporary Internet Files folder emptied: 33170 bytes

%systemdrive% .tmp files removed: 2 bytes
%systemroot% .tmp files removed: 19569 bytes
%systemroot%\System32 .tmp files removed: 2953216 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 1818765 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 77085690 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 34313 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 361,00 mb

OTL by OldTimer - Version 3.2.12.1 log created on 09282010_215142

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...

---------------------------------------------------------------------------------------------------------------------------------------------

Malware log-file

Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Version de la base de données: 4647

Windows 5.1.2600 Service Pack 3
Internet Explorer 6.0.2900.5512

19/09/2010 21:52:14
mbam-log-2010-09-19 (21-52-14).txt

Type d'examen: Examen rapide
Elément(s) analysé(s): 134457
Temps écoulé: 8 minute(s), 9 seconde(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 4
Fichier(s) infecté(s): 3

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
C:\Documents and Settings\Bertrand\Application Data\SystemProc (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Mozilla Firefox\extensions\{9CE11043-9A15-4207-A565-0C94C42D590D} (Worm.Prolaco.M) -> Quarantined and deleted successfully.
C:\Program Files\Mozilla Firefox\extensions\{9CE11043-9A15-4207-A565-0C94C42D590D}\chrome (Worm.Prolaco.M) -> Quarantined and deleted successfully.
C:\Program Files\Mozilla Firefox\extensions\{9CE11043-9A15-4207-A565-0C94C42D590D}\chrome\content (Worm.Prolaco.M) -> Quarantined and deleted successfully.

Fichier(s) infecté(s):
C:\Program Files\Mozilla Firefox\extensions\{9CE11043-9A15-4207-A565-0C94C42D590D}\chrome.manifest (Worm.Prolaco.M) -> Quarantined and deleted successfully.
C:\Program Files\Mozilla Firefox\extensions\{9CE11043-9A15-4207-A565-0C94C42D590D}\install.rdf (Worm.Prolaco.M) -> Quarantined and deleted successfully.
C:\Program Files\Mozilla Firefox\extensions\{9CE11043-9A15-4207-A565-0C94C42D590D}\chrome\content\timer.xul (Worm.Prolaco.M) -> Quarantined and deleted successfully.

de **__Bertrand__** » 28 09 2010

OTL logfile created on: 28/09/2010 22:00:36 - Run 2
OTL by OldTimer - Version 3.2.12.1 Folder = C:\Documents and Settings\Bertrand\Bureau
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

1 023,00 Mb Total Physical Memory | 550,00 Mb Available Physical Memory | 54,00% Memory free
2,00 Gb Paging File | 2,00 Gb Available in Paging File | 86,00% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 92,96 Gb Total Space | 49,77 Gb Free Space | 53,54% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: LAPTOP-BERTRAND
Current User Name: Bertrand
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan

========== Processes (SafeList) ==========

PRC - [2010/09/18 13:44:25 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Bertrand\Bureau\OTL.exe
PRC - [2010/09/07 17:12:02 | 002,838,912 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2010/09/07 17:11:59 | 000,040,384 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2010/06/14 15:07:14 | 000,615,936 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
PRC - [2010/06/07 13:51:24 | 000,138,752 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
PRC - [2009/10/27 10:15:02 | 000,120,832 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
PRC - [2009/03/20 14:32:32 | 001,312,256 | ---- | M] (Nokia) -- C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
PRC - [2008/04/14 04:34:03 | 001,037,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/05/10 13:18:26 | 000,835,584 | ---- | M] () -- C:\WINDOWS\vsnpstd3.exe
PRC - [2007/04/21 09:37:02 | 000,270,336 | ---- | M] () -- C:\WINDOWS\tsnpstd3.exe
PRC - [2005/01/21 11:28:10 | 000,266,240 | ---- | M] (TOSHIBA Corporation) -- C:\WINDOWS\system32\TPSMain.exe
PRC - [2005/01/21 11:27:58 | 000,040,960 | ---- | M] (TOSHIBA Corporation) -- C:\WINDOWS\system32\TPSBattM.exe
PRC - [2005/01/14 17:45:42 | 000,352,256 | ---- | M] (TOSHIBA) -- C:\Program Files\TOSHIBA\TOSHIBA Applet\THotkey.exe
PRC - [2004/12/21 10:48:00 | 000,118,784 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\Utilitaire de zoom TOSHIBA\SmoothView.exe
PRC - [2004/12/14 20:12:04 | 000,034,816 | ---- | M] (TOSHIBA Corp.) -- C:\Program Files\TOSHIBA\TOSHIBA Applet\TAPPSRV.exe
PRC - [2004/11/26 16:04:40 | 000,114,688 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\Commandes TOSHIBA\TFncKy.exe
PRC - [2004/11/17 11:56:10 | 001,077,327 | ---- | M] (TOSHIBA) -- C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe
PRC - [2004/11/13 06:54:56 | 000,929,792 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
PRC - [2004/11/12 17:57:12 | 000,073,728 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\Tvs\TvsTray.exe
PRC - [2004/11/10 20:14:08 | 000,036,864 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
PRC - [2004/10/15 00:28:02 | 000,098,394 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
PRC - [2004/07/27 13:48:04 | 001,388,544 | ---- | M] (Analog Devices, Inc.) -- C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
PRC - [2003/09/15 17:19:16 | 000,065,536 | ---- | M] (TOSHIBA) -- C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe
PRC - [2002/09/20 15:50:10 | 000,045,056 | ---- | M] (Analog Devices, Inc.) -- C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe

========== Modules (SafeList) ==========

MOD - [2010/09/18 13:44:25 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Bertrand\Bureau\OTL.exe
MOD - [2008/04/14 04:32:02 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx
MOD - [2004/10/15 00:27:48 | 000,069,722 | ---- | M] (Synaptics, Inc.) -- C:\WINDOWS\system32\SynTPFcs.dll

========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- C:\WINDOWS\System32\hidserv.dll -- (HidServ)
SRV - File not found [On_Demand | Stopped] -- C:\WINDOWS\System32\appmgmts.dll -- (AppMgmt)
SRV - [2010/09/07 17:11:59 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Web Scanner)
SRV - [2010/09/07 17:11:59 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Mail Scanner)
SRV - [2010/09/07 17:11:59 | 000,040,384 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2010/06/14 15:07:14 | 000,615,936 | ---- | M] (Nokia) [On_Demand | Running] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2009/03/06 21:11:02 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2006/10/01 15:37:00 | 000,016,384 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\OpenVPN\bin\openvpnserv.exe -- (OpenVPNService)
SRV - [2004/12/14 20:12:04 | 000,034,816 | ---- | M] (TOSHIBA Corp.) [Auto | Running] -- C:\Program Files\TOSHIBA\TOSHIBA Applet\TAPPSRV.exe -- (TAPPSRV)
SRV - [2004/11/10 20:14:08 | 000,036,864 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe -- (CFSvcs)
SRV - [2003/07/28 21:28:22 | 000,089,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
SRV - [2002/09/20 15:50:10 | 000,045,056 | ---- | M] (Analog Devices, Inc.) [Auto | Running] -- C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe -- (SoundMAX Agent Service (default))

========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\ewusbmdm.sys -- (hwdatacard)
DRV - [2010/09/07 16:52:25 | 000,046,672 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2010/09/07 16:52:03 | 000,165,584 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2010/09/07 16:47:46 | 000,023,376 | ---- | M] (AVAST Software) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2010/09/07 16:47:19 | 000,100,176 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2010/09/07 16:47:07 | 000,017,744 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2010/09/07 16:46:51 | 000,028,880 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2010/02/26 14:32:58 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2010/02/26 14:32:46 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2010/02/26 14:32:44 | 000,022,528 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2010/02/26 14:32:44 | 000,018,176 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2010/02/26 14:21:22 | 000,137,344 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmwcdnsu.sys -- (nmwcdnsu)
DRV - [2010/02/26 14:21:22 | 000,008,320 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmwcdnsuc.sys -- (nmwcdnsuc)
DRV - [2009/06/30 09:37:16 | 000,028,552 | ---- | M] (Panda Security, S.L.) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\pavboot.sys -- (pavboot)
DRV - [2008/08/26 10:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2008/04/13 20:45:12 | 000,060,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbaudio.sys -- (usbaudio) Pilote USB audio (WDM)
DRV - [2007/11/20 17:43:46 | 010,401,024 | ---- | M] (Sonix Co. Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\snpstd3.sys -- (SNPSTD3) USB PC Camera (SNPSTD3)
DRV - [2007/03/27 18:59:40 | 000,166,912 | ---- | M] (Jungo) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\windrvr6.sys -- (WinDriver6)
DRV - [2006/10/01 15:37:00 | 000,026,624 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tap0801.sys -- (tap0801)
DRV - [2006/03/01 20:53:54 | 000,032,128 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\pcandis5.sys -- (PCANDIS5)
DRV - [2005/07/27 13:40:08 | 000,027,200 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\RTWTKRNL.sys -- (RTWTKRNL)
DRV - [2005/03/22 23:00:58 | 001,034,752 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2004/12/23 01:45:36 | 000,393,600 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ar5211.sys -- (AR5211)
DRV - [2004/11/26 16:29:00 | 000,224,000 | ---- | M] (Marvell) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\yk51x86.sys -- (yukonwxp)
DRV - [2004/11/26 13:04:38 | 000,029,056 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Tvs.sys -- (Tvs)
DRV - [2004/10/30 03:48:10 | 003,222,784 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\w29n51.sys -- (w29n51) Pilote de carte de connexion réseau Intel(R)
DRV - [2004/10/28 23:37:50 | 001,270,572 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2004/10/15 00:14:04 | 000,185,728 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SynTP.sys -- (SynTP)
DRV - [2004/09/13 22:40:56 | 000,146,304 | ---- | M] (Texas Instruments) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tifm21.sys -- (tifm21)
DRV - [2004/07/26 15:28:02 | 000,004,352 | ---- | M] (Toshiba Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NBSMI.sys -- (TVALD)
DRV - [2004/06/16 12:19:58 | 000,046,080 | ---- | M] (SMSC) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\smcirda.sys -- (SMCIRDA)
DRV - [2004/05/18 00:18:24 | 000,008,573 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Tosrfec.sys -- (tosrfec)
DRV - [2003/09/23 12:38:34 | 000,034,688 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\pcampr5.sys -- (PCAMPR5)
DRV - [2003/01/29 23:35:00 | 000,012,032 | ---- | M] (TOSHIBA Corporation.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\Netdevio.sys -- (Netdevio)
DRV - [2000/08/03 14:25:12 | 000,023,296 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\pedrv.sys -- (PEDRV)
DRV - [1996/04/03 22:33:26 | 000,005,248 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\GIVEIO.SYS -- (GIVEIO)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm

IE - HKCU\..\URLSearchHook: {08C06D61-F1F3-4799-86F8-BE1A89362C85} - Reg Error: Key error. File not found
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "www.google.com"
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.2.2
FF - prefs.js..extensions.enabledItems: uploader@adblockfilters.mozdev.org:2.0.1
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0

FF - HKLM\software\mozilla\Firefox\Extensions\\bkmrksync@nokia.com: C:\Program Files\Nokia\Nokia PC Suite 7\bkmrksync\ [2009/05/31 13:55:27 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.10\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/09/28 20:13:18 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.10\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/09/28 20:13:18 | 000,000,000 | ---D | M]

[2009/02/12 02:28:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bertrand\Application Data\Mozilla\Extensions
[2010/09/27 23:22:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bertrand\Application Data\Mozilla\Firefox\Profiles\fs0cctmn.default\extensions
[2010/08/25 23:25:05 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Documents and Settings\Bertrand\Application Data\Mozilla\Firefox\Profiles\fs0cctmn.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2010/03/30 22:38:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bertrand\Application Data\Mozilla\Firefox\Profiles\fs0cctmn.default\extensions\illimitux@illimitux.net
[2009/12/12 15:56:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bertrand\Application Data\Mozilla\Firefox\Profiles\fs0cctmn.default\extensions\uploader@adblockfilters.mozdev.org
[2010/09/27 23:22:06 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010/04/01 19:07:29 | 000,001,516 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazon-france.xml
[2010/04/01 19:07:29 | 000,001,822 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\cnrtl-tlfi-fr.xml
[2010/04/01 19:07:29 | 000,000,757 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-france.xml
[2010/04/01 19:07:29 | 000,001,426 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-fr.xml
[2010/04/01 19:07:29 | 000,000,956 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-france.xml

O1 HOSTS File: ([2004/08/05 13:00:00 | 000,000,790 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Programme d'aide de l'Assistant de connexion Windows Live) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O3 - HKCU\..\Toolbar\ShellBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [EPSON Stylus D68 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAAE.EXE (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [NDSTray.exe] File not found
O4 - HKLM..\Run: [PadTouch] C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe (TOSHIBA)
O4 - HKLM..\Run: [SmoothView] C:\Program Files\TOSHIBA\Utilitaire de zoom TOSHIBA\SmoothView.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [snpstd3] C:\WINDOWS\vsnpstd3.exe ()
O4 - HKLM..\Run: [SoundMAX] C:\Program Files\Analog Devices\SoundMAX\Smax4.exe (Analog Devices, Inc.)
O4 - HKLM..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe (Analog Devices, Inc.)
O4 - HKLM..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe (Synaptics, Inc.)
O4 - HKLM..\Run: [TFncKy] File not found
O4 - HKLM..\Run: [THotkey] C:\Program Files\TOSHIBA\TOSHIBA Applet\THotkey.exe (TOSHIBA)
O4 - HKLM..\Run: [TPSMain] C:\WINDOWS\System32\TPSMain.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [tsnpstd3] C:\WINDOWS\tsnpstd3.exe ()
O4 - HKLM..\Run: [Tvs] C:\Program Files\TOSHIBA\Tvs\TvsTray.exe (TOSHIBA Corporation)
O4 - HKCU..\Run: [PC Suite Tray] C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe (Nokia)
O4 - HKCU..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe (TOSHIBA)
O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Adobe Acrobat Speed Launcher.lnk = C:\WINDOWS\Installer\{AC76BA86-1033-0000-7760-000000000003}\_SC_Acrobat.exe ()
O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Adobe Acrobat Synchronizer.lnk = C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AdobeCollabSync.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Append to existing PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert link target to Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert link target to existing PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selected links to Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selected links to existing PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selection to Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selection to existing PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Computer, Inc.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinsta ... s-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_15)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.3.1
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Fichiers communs\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Fichiers communs\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop Components:0 (Ma page d'accueil) - About:Home
O24 - Desktop WallPaper: C:\WINDOWS\TOSHIBA Satellite 1280x800.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\TOSHIBA Satellite 1280x800.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2005/01/24 13:43:51 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 90 Days ==========

[2010/09/28 21:51:42 | 000,000,000 | ---D | C] -- C:\_OTL
[2010/09/22 17:35:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Bertrand\Bureau\Muse - The Resistance [mp3-320-2009]
[2010/09/22 16:41:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Bertrand\Bureau\USB
[2010/09/18 20:11:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Bertrand\Bureau\rapports
[2010/09/18 14:18:40 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2010/09/18 14:15:23 | 000,000,000 | ---D | C] -- C:\Program Files\ERUNT
[2010/09/18 13:59:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Bertrand\Application Data\Malwarebytes
[2010/09/18 13:59:24 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/09/18 13:59:23 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010/09/18 13:59:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2010/09/18 13:59:22 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/09/18 13:48:21 | 006,153,352 | ---- | C] (Malwarebytes Corporation ) -- C:\Documents and Settings\Bertrand\Bureau\mbam-setup.exe
[2010/09/18 13:45:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Bertrand\Bureau\Nouveau dossier
[2010/09/18 13:41:43 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Bertrand\Bureau\OTL.exe
[2010/09/18 12:56:15 | 000,028,552 | ---- | C] (Panda Security, S.L.) -- C:\WINDOWS\System32\drivers\pavboot.sys
[2010/09/18 12:54:33 | 000,000,000 | ---D | C] -- C:\Program Files\Panda Security
[2010/09/18 12:53:53 | 002,133,536 | ---- | C] (AVG Technologies) -- C:\Documents and Settings\Bertrand\Bureau\avg_free_stb_all_9_115_cnet.exe
[2010/09/14 20:24:56 | 000,017,744 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2010/09/14 20:24:55 | 000,165,584 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2010/09/14 20:24:51 | 000,023,376 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2010/09/14 20:24:48 | 000,046,672 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2010/09/14 20:24:45 | 000,100,176 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2010/09/14 20:24:45 | 000,094,544 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2010/09/14 20:24:44 | 000,028,880 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2010/09/14 20:24:27 | 000,038,848 | ---- | C] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2010/09/14 20:24:26 | 000,167,592 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2010/09/14 20:24:08 | 000,000,000 | ---D | C] -- C:\Program Files\Alwil Software
[2010/09/14 20:24:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Alwil Software
[2010/09/07 18:28:11 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Bertrand\Recent
[2010/08/23 22:58:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Nokia
[2010/08/23 22:55:46 | 000,018,816 | ---- | C] (Nokia) -- C:\WINDOWS\System32\drivers\pccsmcfd.sys
[2010/08/23 22:55:37 | 000,000,000 | ---D | C] -- C:\Program Files\PC Connectivity Solution
[2010/08/23 22:55:08 | 000,137,344 | ---- | C] (Nokia) -- C:\WINDOWS\System32\drivers\nmwcdnsu.sys
[2010/08/23 22:55:08 | 000,008,320 | ---- | C] (Nokia) -- C:\WINDOWS\System32\drivers\nmwcdnsuc.sys
[2010/08/23 22:55:07 | 000,008,192 | ---- | C] (Nokia) -- C:\WINDOWS\System32\drivers\usbser_lowerfltj.sys
[2010/08/23 22:55:06 | 000,008,192 | ---- | C] (Nokia) -- C:\WINDOWS\System32\drivers\usbser_lowerflt.sys
[2010/08/23 22:55:05 | 000,022,528 | ---- | C] (Nokia) -- C:\WINDOWS\System32\drivers\ccdcmbo.sys
[2010/08/23 22:55:04 | 000,662,016 | ---- | C] (Nokia) -- C:\WINDOWS\System32\nmwcdcocls.dll
[2010/08/23 22:55:04 | 000,018,176 | ---- | C] (Nokia) -- C:\WINDOWS\System32\drivers\ccdcmb.sys
[2010/07/28 20:26:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Bertrand\Mes documents\Cuisine
[2010/07/24 21:26:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Bertrand\Local Settings\Application Data\crazyloader Air
[2010/07/24 21:26:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Bertrand\Application Data\CrazyLoader
[2010/07/14 22:32:40 | 000,000,000 | ---D | C] -- C:\Sophos
[2010/07/11 21:39:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Macromedia
[2009/07/13 11:21:31 | 000,155,648 | ---- | C] ( ) -- C:\WINDOWS\System32\rsnpstd3.dll
[2009/07/13 11:21:31 | 000,053,248 | ---- | C] ( ) -- C:\WINDOWS\csnpstd3.dll
[2007/03/12 12:41:52 | 000,057,344 | ---- | C] ( ) -- C:\WINDOWS\System32\vsnpstd3.dll
[2005/11/23 13:55:32 | 000,053,248 | ---- | C] ( ) -- C:\WINDOWS\System32\csnpstd3.dll
[2005/01/25 12:26:42 | 000,049,152 | ---- | C] ( ) -- C:\WINDOWS\System32\DLLVGA.dll

========== Files - Modified Within 90 Days ==========

[2010/09/28 22:01:00 | 000,000,366 | ---- | M] () -- C:\WINDOWS\tasks\Symantec NetDetect.job
[2010/09/28 21:54:42 | 000,002,337 | ---- | M] () -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Adobe Acrobat Speed Launcher.lnk
[2010/09/28 21:53:30 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/09/28 21:53:19 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/09/28 21:53:12 | 1073,201,152 | -HS- | M] () -- C:\hiberfil.sys
[2010/09/28 21:52:12 | 007,602,176 | -H-- | M] () -- C:\Documents and Settings\Bertrand\NTUSER.DAT
[2010/09/28 21:52:12 | 000,000,184 | -HS- | M] () -- C:\Documents and Settings\Bertrand\ntuser.ini
[2010/09/27 23:11:07 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/09/18 14:15:23 | 000,000,611 | ---- | M] () -- C:\Documents and Settings\Bertrand\Bureau\NTREGOPT.lnk
[2010/09/18 14:15:23 | 000,000,592 | ---- | M] () -- C:\Documents and Settings\Bertrand\Bureau\ERUNT.lnk
[2010/09/18 13:59:27 | 000,000,696 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Malwarebytes' Anti-Malware.lnk
[2010/09/18 13:49:33 | 006,153,352 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\Bertrand\Bureau\mbam-setup.exe
[2010/09/18 13:44:25 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Bertrand\Bureau\OTL.exe
[2010/09/18 12:53:55 | 002,133,536 | ---- | M] (AVG Technologies) -- C:\Documents and Settings\Bertrand\Bureau\avg_free_stb_all_9_115_cnet.exe
[2010/09/17 00:10:29 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010/09/14 20:24:46 | 000,003,121 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2010/09/14 20:00:30 | 000,000,500 | ---- | M] () -- C:\WINDOWS\ODBC.INI
[2010/09/07 17:12:17 | 000,038,848 | ---- | M] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2010/09/07 17:11:54 | 000,167,592 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2010/09/07 16:52:25 | 000,046,672 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2010/09/07 16:52:03 | 000,165,584 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2010/09/07 16:47:46 | 000,023,376 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2010/09/07 16:47:19 | 000,100,176 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2010/09/07 16:47:16 | 000,094,544 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2010/09/07 16:47:07 | 000,017,744 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2010/09/07 16:46:51 | 000,028,880 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2010/08/23 23:01:17 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\Msft_User_PCCSWpdDriver_01_09_00.Wdf
[2010/08/23 23:01:13 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\MsftWdf_user_01_09_00.Wdf
[2010/08/23 23:00:31 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_ccdcmb_01009.Wdf
[2010/08/23 23:00:29 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\MsftWdf_Kernel_01009_Coinstaller_Critical.Wdf
[2010/08/16 19:08:09 | 000,619,810 | ---- | M] () -- C:\Documents and Settings\Bertrand\Mes documents\Master_Urkunde.pdf
[2010/08/12 18:29:22 | 001,424,256 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/08/11 19:17:57 | 001,078,258 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010/08/11 19:17:57 | 000,510,980 | ---- | M] () -- C:\WINDOWS\System32\perfh00C.dat
[2010/08/11 19:17:57 | 000,441,458 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/08/11 19:17:57 | 000,084,964 | ---- | M] () -- C:\WINDOWS\System32\perfc00C.dat
[2010/08/11 19:17:57 | 000,071,394 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010/07/25 17:20:16 | 000,087,552 | ---- | M] () -- C:\Documents and Settings\Bertrand\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/07/15 21:50:53 | 000,000,921 | ---- | M] () -- C:\WINDOWS\win.ini
[2010/07/15 21:50:53 | 000,000,307 | ---- | M] () -- C:\WINDOWS\system.ini
[2010/07/15 21:50:53 | 000,000,216 | RHS- | M] () -- C:\boot.ini

========== Files Created - No Company Name ==========

[2010/09/18 14:15:23 | 000,000,611 | ---- | C] () -- C:\Documents and Settings\Bertrand\Bureau\NTREGOPT.lnk
[2010/09/18 14:15:23 | 000,000,592 | ---- | C] () -- C:\Documents and Settings\Bertrand\Bureau\ERUNT.lnk
[2010/09/18 13:59:27 | 000,000,696 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Malwarebytes' Anti-Malware.lnk
[2010/09/16 23:59:30 | 000,001,374 | ---- | C] () -- C:\WINDOWS\imsins.BAK
[2010/08/23 23:01:17 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\Msft_User_PCCSWpdDriver_01_09_00.Wdf
[2010/08/23 23:01:13 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\MsftWdf_user_01_09_00.Wdf
[2010/08/23 23:00:31 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_ccdcmb_01009.Wdf
[2010/08/23 23:00:29 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\MsftWdf_Kernel_01009_Coinstaller_Critical.Wdf
[2010/08/16 19:08:09 | 000,619,810 | ---- | C] () -- C:\Documents and Settings\Bertrand\Mes documents\Master_Urkunde.pdf
[2010/07/12 21:30:16 | 000,029,184 | ---- | C] () -- C:\WINDOWS\System32\drivers\TSXT_kern_i386.sys
[2010/07/12 21:30:16 | 000,028,032 | ---- | C] () -- C:\WINDOWS\System32\drivers\WOWXT_kern_i386.sys
[2010/03/16 16:05:12 | 000,000,029 | ---- | C] () -- C:\WINDOWS\DEBUGSM.INI
[2010/03/16 16:00:54 | 000,290,919 | ---- | C] () -- C:\WINDOWS\System32\pythoncom21.dll
[2010/03/16 16:00:54 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\PyWinTypes21.dll
[2010/03/16 15:58:23 | 000,096,768 | ---- | C] () -- C:\WINDOWS\SlantAdj.dll
[2010/03/16 15:58:23 | 000,000,072 | ---- | C] () -- C:\WINDOWS\System32\epDPE.ini
[2010/03/16 15:49:59 | 000,000,130 | ---- | C] () -- C:\WINDOWS\EPSON Perfection 1670F.ini
[2009/06/08 19:36:14 | 000,000,066 | ---- | C] () -- C:\WINDOWS\SIMVIEW.INI
[2009/05/31 14:26:13 | 000,602,479 | ---- | C] () -- C:\Documents and Settings\Bertrand\Application Data\NMM-MetaData.db
[2009/05/21 14:40:22 | 000,000,072 | ---- | C] () -- C:\WINDOWS\DSDDDlgs_1_3_1.INI
[2009/05/14 11:04:08 | 000,027,200 | ---- | C] () -- C:\WINDOWS\System32\drivers\RTWTKRNL.sys
[2009/05/13 23:26:22 | 000,000,157 | ---- | C] () -- C:\WINDOWS\matlab.ini
[2009/04/16 11:19:12 | 000,000,015 | ---- | C] () -- C:\WINDOWS\System32\PROTOCOL.INI
[2009/02/24 20:24:27 | 002,463,976 | ---- | C] () -- C:\WINDOWS\System32\NPSWF32.dll
[2009/02/19 02:04:55 | 000,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI
[2009/02/13 01:36:29 | 000,087,552 | ---- | C] () -- C:\Documents and Settings\Bertrand\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2005/01/25 15:05:34 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2005/01/25 14:57:33 | 000,000,466 | ---- | C] () -- C:\WINDOWS\TBTdetect.ini
[2005/01/25 14:57:03 | 000,006,757 | ---- | C] () -- C:\WINDOWS\TcdsASC2.ini
[2005/01/25 14:46:44 | 000,000,500 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2005/01/25 14:25:33 | 000,000,138 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2005/01/25 14:13:14 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeW7.dll
[2005/01/25 14:13:14 | 000,200,704 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeA6.dll
[2005/01/25 14:13:14 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeP6.dll
[2005/01/25 14:13:14 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeM6.dll
[2005/01/25 14:13:14 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\IVIresizePX.dll
[2005/01/25 14:13:14 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\IVIresize.dll
[2005/01/25 13:21:28 | 000,000,000 | ---- | C] () -- C:\WINDOWS\NDSTray.INI
[2005/01/25 12:29:06 | 000,122,880 | ---- | C] () -- C:\WINDOWS\System32\MousePage.dll
[2005/01/25 12:26:42 | 000,118,784 | ---- | C] () -- C:\WINDOWS\System32\TCtrlIO.dll
[2005/01/25 12:09:37 | 000,010,179 | ---- | C] () -- C:\WINDOWS\System32\tosmreg.ini
[2005/01/25 12:09:37 | 000,007,671 | ---- | C] () -- C:\WINDOWS\System32\cseltbl.ini
[2005/01/25 12:09:36 | 000,128,113 | ---- | C] () -- C:\WINDOWS\System32\csellang.ini
[2005/01/25 12:09:36 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\csellang.dll
[2005/01/24 13:47:58 | 000,000,829 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2005/01/24 13:25:53 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\ToshBIOS.dll
[2005/01/24 13:25:53 | 000,000,083 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2004/09/15 03:25:40 | 000,114,688 | ---- | C] () -- C:\WINDOWS\System32\TosBtAcc.dll
[2004/07/21 02:04:02 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\TosBtHcrpAPI.dll
[2004/06/17 19:55:26 | 001,527,808 | ---- | C] () -- C:\WINDOWS\System32\TosMousePage.dll
[2004/06/17 19:48:42 | 000,770,048 | ---- | C] () -- C:\WINDOWS\System32\TosKeyboardPage.dll
[2004/05/12 20:56:36 | 000,634,880 | ---- | C] () -- C:\WINDOWS\System32\pemicro_serialcm2.dll
[2004/02/27 17:36:18 | 000,015,498 | ---- | C] () -- C:\WINDOWS\snpstd3.ini
[2004/01/15 23:43:28 | 000,114,688 | ---- | C] () -- C:\WINDOWS\System32\TBTMonUI.dll
[2004/01/14 03:46:34 | 000,172,032 | ---- | C] () -- C:\WINDOWS\System32\tifmicon.dll
[2003/07/30 00:33:24 | 000,061,440 | ---- | C] () -- C:\WINDOWS\System32\TosHidAPI.dll
[2002/06/04 18:58:30 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\TosCommAPI.dll
[2000/08/03 14:25:12 | 000,023,296 | ---- | C] () -- C:\WINDOWS\System32\pedrv.sys
[2000/08/03 14:25:12 | 000,023,296 | ---- | C] () -- C:\WINDOWS\System32\drivers\pedrv.sys
[1998/10/02 10:20:46 | 000,005,200 | ---- | C] () -- C:\WINDOWS\System32\drivers\vichw11.sys
[1996/05/29 17:20:04 | 000,035,072 | ---- | C] () -- C:\WINDOWS\System32\SENDKEY.DLL
[1996/04/03 22:33:26 | 000,005,248 | ---- | C] () -- C:\WINDOWS\System32\drivers\GIVEIO.SYS

========== LOP Check ==========

[2010/09/14 20:24:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Alwil Software
[2010/08/23 22:51:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Installations
[2010/08/23 22:58:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Nokia
[2009/05/31 14:08:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Suite
[2010/09/14 21:04:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sophos
[2010/04/25 12:58:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bertrand\Application Data\Braid
[2010/07/24 21:26:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bertrand\Application Data\CrazyLoader
[2010/03/16 16:06:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bertrand\Application Data\EPSON
[2010/01/31 21:39:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bertrand\Application Data\GetRightToGo
[2009/06/11 21:59:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bertrand\Application Data\InterVideo
[2009/05/31 14:05:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bertrand\Application Data\Nokia
[2009/05/31 14:08:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bertrand\Application Data\PC Suite
[2010/03/16 16:06:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bertrand\Application Data\Smart Panel
[2009/06/06 19:20:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bertrand\Application Data\toshiba
[2009/12/24 17:49:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bertrand\Application Data\TP

========== Purity Check ==========

<End>

de **__Bertrand__** » 28 09 2010

lien du zip file:
il y avait seulement 2 *.dmp

https://www.yousendit.com/download/ WTNKUXVuQVNGR0ZjR0E9PQ

merci pour ton aide nickW

de **__Bertrand__** » 28 09 2010

Enfin pour information,

J'ai toujours des problemes avec Internet Explorer

car j'utilise seulement Firefox et IExplorer intervient toujours pour me demander d'etre le navigateur par défaut!!!

Est ce normal?? ou bien ai-je fais une erreur dans les étapes précédemment décrites?

de **nickW** » 29 09 2010

Bonsoir,

Analyse des vidages mémoire:

Mini091810-01.dmp

*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************

Use !analyze -v to get detailed debugging information.

BugCheck 1000000A, {0, 2, 1, 804e60dc}

Probably caused by : ntoskrnl.exe ( nt!KiDeliverApc+18a )

Followup: MachineOwner
---------

kd> !analyze -v;r;kv;lmtn;.logclose;q
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************

IRQL_NOT_LESS_OR_EQUAL (a)
An attempt was made to access a pageable (or completely invalid) address at an
interrupt request level (IRQL) that is too high. This is usually
caused by drivers using improper addresses.
If a kernel debugger is available get the stack backtrace.
Arguments:
Arg1: 00000000, memory referenced
Arg2: 00000002, IRQL
Arg3: 00000001, bitfield :
bit 0 : value 0 = read operation, 1 = write operation
bit 3 : value 0 = not an execute operation, 1 = execute operation (only on chips which support this level of status)
Arg4: 804e60dc, address which referenced memory

Debugging Details:
------------------

OVERLAPPED_MODULE: Address regions for 'rdbss' and 'wdmaud.sys' overlap

WRITE_ADDRESS: 00000000

CURRENT_IRQL: 2

FAULTING_IP:
nt!KiDeliverApc+18a
804e60dc 8908 mov dword ptr [eax],ecx

CUSTOMER_CRASH_COUNT: 1

DEFAULT_BUCKET_ID: DRIVER_FAULT

BUGCHECK_STR: 0xA

PROCESS_NAME: services.exe

LAST_CONTROL_TRANSFER: from 804de855 to 804e60dc

STACK_TEXT:
f776dd4c 804de855 00000001 00000000 f776dd64 nt!KiDeliverApc+0x18a
f776dd4c 7c91e514 00000001 00000000 f776dd64 nt!KiServiceExit+0x58
WARNING: Frame IP not in any known module. Following frames may be wrong.
0007fe40 00000000 00000000 00000000 00000000 0x7c91e514

STACK_COMMAND: kb

FOLLOWUP_IP:
nt!KiDeliverApc+18a
804e60dc 8908 mov dword ptr [eax],ecx

SYMBOL_STACK_INDEX: 0

SYMBOL_NAME: nt!KiDeliverApc+18a

FOLLOWUP_NAME: MachineOwner

MODULE_NAME: nt

IMAGE_NAME: ntoskrnl.exe

DEBUG_FLR_IMAGE_TIMESTAMP: 4bd6eca8

FAILURE_BUCKET_ID: 0xA_W_nt!KiDeliverApc+18a

BUCKET_ID: 0xA_W_nt!KiDeliverApc+18a

Mini091410-01.dmp

*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************

Use !analyze -v to get detailed debugging information.

BugCheck 1000000A, {23, 2, 0, 804f435e}

Probably caused by : memory_corruption ( nt!MiRemoveImageSectionObject+f )

Followup: MachineOwner
---------

kd> !analyze -v;r;kv;lmtn;.logclose;q
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************

IRQL_NOT_LESS_OR_EQUAL (a)
An attempt was made to access a pageable (or completely invalid) address at an
interrupt request level (IRQL) that is too high. This is usually
caused by drivers using improper addresses.
If a kernel debugger is available get the stack backtrace.
Arguments:
Arg1: 00000023, memory referenced
Arg2: 00000002, IRQL
Arg3: 00000000, bitfield :
bit 0 : value 0 = read operation, 1 = write operation
bit 3 : value 0 = not an execute operation, 1 = execute operation (only on chips which support this level of status)
Arg4: 804f435e, address which referenced memory

Debugging Details:
------------------

READ_ADDRESS: 00000023

CURRENT_IRQL: 2

FAULTING_IP:
nt!MiRemoveImageSectionObject+f
804f435e f6402310 test byte ptr [eax+23h],10h

CUSTOMER_CRASH_COUNT: 1

DEFAULT_BUCKET_ID: DRIVER_FAULT

BUGCHECK_STR: 0xA

PROCESS_NAME: lsass.exe

LAST_CONTROL_TRANSFER: from 8051f982 to 804f435e

STACK_TEXT:
b7501b98 8051f982 86de9958 84234e38 00000000 nt!MiRemoveImageSectionObject+0xf
b7501bc0 804e37c8 84234e38 00000000 00000000 nt!MiCheckControlArea+0x5d
b7501bd8 805647c6 84234e38 00000001 00000000 nt!MiDereferenceControlAreaBySection+0x26
b7501bf4 80564777 84234e38 e2db3cf8 00000000 nt!MiSectionDelete+0x7e
b7501c10 804e36e5 e2db3d10 00000000 86519da0 nt!ObpRemoveObjectRoutine+0xe0
b7501c34 80582709 84229340 40010004 805829ca nt!ObfDereferenceObject+0x5f
b7501cf0 805829f0 40010004 b7501d4c 804e6101 nt!PspExitThread+0x63d
b7501cfc 804e6101 84229340 b7501d48 b7501d3c nt!PsExitSpecialApc+0x22
b7501d4c 804de855 00000001 00000000 b7501d64 nt!KiDeliverApc+0x1af
b7501d4c 7c91e514 00000001 00000000 b7501d64 nt!KiServiceExit+0x58
WARNING: Frame IP not in any known module. Following frames may be wrong.
015cff80 00000000 00000000 00000000 00000000 0x7c91e514

STACK_COMMAND: kb

FOLLOWUP_IP:
nt!MiRemoveImageSectionObject+f
804f435e f6402310 test byte ptr [eax+23h],10h

SYMBOL_STACK_INDEX: 0

SYMBOL_NAME: nt!MiRemoveImageSectionObject+f

FOLLOWUP_NAME: MachineOwner

MODULE_NAME: nt

DEBUG_FLR_IMAGE_TIMESTAMP: 4bd6eca8

IMAGE_NAME: memory_corruption

FAILURE_BUCKET_ID: 0xA_nt!MiRemoveImageSectionObject+f

BUCKET_ID: 0xA_nt!MiRemoveImageSectionObject+f

1/ Effectuer un test des barrettes mémoire:

Memtest+
Télécharger l'image ISO de Memtest depuis la page: http://www.memtest.org/#downiso
Cliquer sur Download - Pre-Compiled Bootable ISO (.zip)
Extraire de cette archive ZIP le fichier mt410.iso
Graver ce fichier sur un CD sous la forme: Graver une image ISO. Important: Il ne faut pas graver un CD de données!

Modifier le BIOS du PC afin que la séquence de démarrage soit: d'abord le lecteur de CD, ensuite le disque dur.
Voir: http://netah25.developpez.com/Tutoriels/TutoMemtest86/

Mettre le CD contenant l'image ISO de Memtest dans le lecteur et faire redémarrer le PC.

L'amorçage (le "boot") doit se faire sur le CD.

Laisser les tests tourner quelques heures.

2/ Souvent, cette erreur est dûe à un conflit de pilotes.
As-tu installé un nouveau logiciel / un nouveau matériel juste avant le début des problèmes de son?

As-tu vérifié sur le site TOSHIBA s'il y avait des mises à jour de pilotes pour ton modèle de portable?

3/ Il y a une trace active d'un logiciel Panda
As-tu cherché à le désinstaller?

4/ As-tu défini Firefox comme le navigateur par défaut?

A suivre,

de **__Bertrand__** » 30 09 2010

je réponds tes questions point par point histoire de ne rien oublier!!!!

1/ j'ai essayé de lancer les test de mémoire mais le cd ne fais rien du tout!!!
voila ce que j'ai fait:
- téléchargé et décompressé le fichier *.iso
- gravé sur un cdrw
- redémarré l'ordinateur
- changé la séquence de boot (avc cd-rom en premier)
- enregistré les modification et relancer la séquence de boot.
mais windows redémarre automatiquement il lit bien le cd en premier mais ne fait rien avec.
Qu'ai je donc fait qui ne soit pas correct??

2.1/ non aucun nouveau pilote ou logiciel a été installé récemment, et le problème de son est arrivé du jour au lendemain!!! c'est pour ça que je pouvais penser à une infection quelconque (mais je n'ai pas d'idée sur quoi exactement).

2.2/ oui quand j'ai remarqué ce problème de son j'ai premièrement été sur le site Toshiba afin de mettre à jour le pilote (en prenant une nouvelle version si il y avait).

3/ pour Panda, oui j'essaie de changer assez souvent de logiciel antivirus pour la sécurité du pc et aussi car je ne vois pas de différence entre les différents logiciels antivirus gratuits!!!!donc je change pour être sûr que l'un ne serait pas passé à côté d'une menace!!!

4/ enfin , oui Firefoox est mon SEUL navigateur internet, ce qui veut die que je n'utilise aucun autre navigateur et donc Firefox est le navigateur par défaut.

de **__Bertrand__** » 30 09 2010

ok j'ai passé le test de mémoire et le résultat est négatif.

Il n'y a aucune erreur détectée.

Assiste.Forums

Problemes de sons demande d'étude de rapport d'analyse

Problemes de sons demande d'étude de rapport d'analyse

Qui est en ligne