[OK] Infection?

Sécurité et insécurité. Virus, Trojans, Spywares, Failles etc. …

Modérateur: Modérateurs et Modératrices

Règles du forum
Assiste.com a suspendu l'assistance à la décontamination après presque 15 ans sur l'ancien forum puis celui-ci. Voir :

Procédure de décontamination 1 - Anti-malware
Décontamination anti-malwares

Procédure de décontamination 2 - Anti-malware et antivirus (La Manip)
La Manip - Procédure standard de décontamination

Entretien périodique d'un PC sous Windows
Entretien périodique d'un PC sous Windows

Protection des navigateurs, de la navigation et de la vie privée
Protéger le navigateur, la navigation et la vie privée

[OK] Infection?

Messagede genesis973 » 21 Juil 2010, 10:12

Bonjour à tous,

Petit pb à vous soumettre: je suis possesseur d'un laptop ASUS A6, WinXP, j'utilise principalement Chrome. Anti Virus Avira et Kerio comme firewall.
Premier symptôme, perte de la commande de contrôle des périf. audio. Dans le panneaux de config, plus de périphériques Audio.
Puis, disparition de la surveillance anti-virus, du firewall. Pas de scan anti-virus possible (ce programme n'est pas une application Win32 valide). Aucun logiciel anti-virus "en ligne" ne fonctionne (s'arrête au bout de 3 secondes de lancement).
Pas de démarrage en mode sans échec, pas de restauration possible.
J'espère avoir été précis.
Pouvez vous m'aider? Merçi d'avance
Dernière édition par genesis973 le 03 Aoû 2010, 12:45, édité 1 fois.
genesis973
 
Messages: 36
Inscription: 21 Juil 2010, 10:03

Messagede Silure » 21 Juil 2010, 10:44

Bonjour.

Je te propose d'appliquer la procédure en vigueur sur le site: http://assiste.forum.free.fr/viewtopic.php?t=23982 et d'attendre l'intervention de notre spéblurpte NickW.

Ne crains pas d'être patient, d'autant que nous sommes en période de vacances pour certains.


A+
Image
Linux user #546171 Config <=
Avatar de l’utilisateur
Silure
Modérateur
 
Messages: 799
Inscription: 15 Juil 2005, 14:10
Localisation: Aquitaine

Infection?

Messagede genesis973 » 21 Juil 2010, 11:03

Merci pour cette réponse rapide
Je n'arrive a télécharger aucun des outils nécessaires... Dès que je tente d'accéder aux sites, le navigateur se ferme...
Je crois que c'est la m.....
En ce qui concerne la patience, pas de soucis, c'est déjà bien gentil de m'aider.
Bonne journée
genesis973
 
Messages: 36
Inscription: 21 Juil 2010, 10:03

Messagede nickW » 21 Juil 2010, 18:29

Bonjour,


On va tenter d'obtenir un rapport d'analyse:


Étape 1: OTH (de OldTimer), téléchargement

Note: Pour les téléchargements ci-dessous, si vous utilisez Firefox, faites un clic droit sur le lien et choisissez "Enregistrer sous"

Télécharger OTH.scr depuis: ce lien
Enregistrer ce fichier sur le Bureau.

Télécharger OTL.scr depuis: ce lien
Enregistrer ce fichier sur le Bureau.

Télécharger le fichier scan.zip depuis ce lien.
Extraire de cette archive le fichier scan.txt et placer ce fichier sur le Bureau.


Étape 2: OTH (de OldTimer), exécution
Fermer toutes les fenêtres de programme ouvertes.

Faire un double clic sur OTH.scr pour lancer l'outil.

L'écran principal de OTH s'affiche:
Image

  1. Cliquer sur le bouton "Kill All Processes"
    Le Bureau de Windows va disparaître: c'est normal!
  2. Cliquer sur le bouton "Start OTL"

    • L'écran principal de OTL s'affiche:
      Image
    • Faire un double clic dans la zone blanche située en bas sous Personnalisation Image

      Il y a ouverture d'une petite fenêtre "OTL":
      Image

      Cliquer sur le bouton Ok.

      A partir de la nouvelle fenêtre "Ouvrir", naviguer jusqu'au dossier de sauvegarde du fichier scan.txt puis cliquer sur le bouton Ouvrir.

      Le contenu du fichier scan.txt est ainsi inséré dans le panneau "Personnalisation" Image
    • Cliquer sur le bouton Analyse rapide:
      Image
    • Laisser l'outil travailler sans l'interrompre.
      Lorsque l'outil a terminé, il y a ouverture de deux fenêtres du Bloc-notes contenant chacune un rapport (log).
  3. Cliquer sur le bouton "Internet Explorer"
    Il y a ouverture d'une fenêtre d'Internet Explorer. Via IE, revenir sur le forum, dans ton sujet.

    Envoyer en réponse dans deux messages distincts (à cause de la longueur des fichiers):
    *- les deux rapports de OTL (contenu des fichiers OTL.Txt et Extras.Txt).
    Les rapports envoyés sur le forum doivent se terminer par une ligne contenant <End>. Si ce n'est pas le cas, ils sont incomplets, et doivent alors être découpés en plusieurs messages.

    Note importante: Pour l'envoi de ta(tes) réponse(s), il ne faut pas créer un nouveau sujet, mais cliquer sur le bouton "Répondre"
    Image pour continuer dans ce fil de discussion.
  4. Cliquer sur le bouton "Reboot"
    Le PC va redémarrer.


A suivre,
nickW - Image
30/07/2012: Plus de désinfection de PC jusqu'à nouvel ordre.
Pas de demande d'analyse de log en MP (Message Privé)
Mes configs
Avatar de l’utilisateur
nickW
Modérateur
 
Messages: 21698
Inscription: 20 Mai 2004, 17:41
Localisation: Dordogne/Île de France

Résultat du scan

Messagede genesis973 » 21 Juil 2010, 19:04

Voiçi le seul fichier que j'ai pû obtenir (pas de Extras .txt)

OTL logfile created on: 2010-07-21 19:47:51 - Run 1
OTL by OldTimer - Version 3.2.9.0 Folder = C:\Documents and Settings\Philippe\Bureau
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.11)
Locale: 0000040C | Country: France | Language: FRA | Date Format: yyyy-MM-dd

2.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 79.00% Memory free
3.00 Gb Paging File | 3.00 Gb Available in Paging File | 92.00% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 54.83 Gb Total Space | 13.85 Gb Free Space | 25.26% Space Free | Partition Type: FAT32
Drive D: | 36.45 Gb Total Space | 36.44 Gb Free Space | 99.98% Space Free | Partition Type: FAT32
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: PHILIPPE_ELO
Current User Name: Philippe
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan

========== Processes (SafeList) ==========

PRC - [2010-07-21 19:38:26 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Philippe\Bureau\OTL.scr
PRC - [2010-07-21 19:38:10 | 000,258,560 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Philippe\Bureau\OTH.scr
PRC - [2008-04-14 04:34:00 | 000,082,944 | ---- | M] (Microsoft Corp. et Executive Software International, Inc.) -- C:\WINDOWS\system32\dfrgfat.exe


========== Modules (SafeList) ==========

MOD - [2010-07-21 19:38:26 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Philippe\Bureau\OTL.scr
MOD - [2010-05-19 15:37:00 | 000,401,920 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll
MOD - [2010-05-04 15:25:46 | 000,597,504 | ---- | M] (STLport Consulting, Inc.) -- C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\stlport_vc7145.dll
MOD - [2009-12-09 03:19:44 | 000,094,208 | ---- | M] (Dropbox, Inc.) -- C:\Documents and Settings\Philippe\Application Data\Dropbox\bin\DropboxExt.13.dll
MOD - [2009-08-13 15:56:14 | 001,748,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6001.22319_x-ww_f0b4c2df\GdiPlus.dll
MOD - [2009-04-29 03:13:20 | 000,499,712 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\Philippe\Application Data\Dropbox\bin\msvcp71.dll
MOD - [2008-07-29 08:05:08 | 000,655,872 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_6f74963e\msvcr90.dll
MOD - [2008-04-14 04:33:22 | 000,640,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\dbghelp.dll
MOD - [2008-04-14 04:32:02 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx
MOD - [2008-04-13 20:36:46 | 002,986,496 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\xpsp2res.dll
MOD - [2008-03-04 02:34:38 | 000,348,160 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\Philippe\Application Data\Dropbox\bin\msvcr71.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- C:\WINDOWS\System32\appmgmts.dll -- (AppMgmt)
SRV - [2010-07-21 19:47:58 | 001,365,288 | ---- | M] (Sunbelt Software, Inc.) [Auto | Stopped] -- C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe -- (SPF4)
SRV - [2010-07-21 19:47:56 | 000,095,528 | ---- | M] (Sunbelt Software, Inc.) [Auto | Stopped] -- C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe -- (SbPF.Launcher)
SRV - [2010-07-21 19:47:54 | 000,185,089 | ---- | M] (Avira GmbH) [Auto | Stopped] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2010-07-21 19:47:54 | 000,108,289 | ---- | M] (Avira GmbH) [Auto | Stopped] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2010-06-10 21:03:08 | 000,144,176 | ---- | M] (Apple Inc.) [Auto | Stopped] -- C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2010-04-27 13:43:48 | 000,611,840 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2010-01-08 00:51:02 | 000,380,928 | ---- | M] (Spigot, Inc.) [Auto | Stopped] -- C:\Program Files\Application Updater\ApplicationUpdater.exe -- (Application Updater)
SRV - [2009-09-03 11:53:00 | 000,048,368 | ---- | M] (NOS Microsystems Ltd.) [On_Demand | Stopped] -- C:\Program Files\NOS\bin\getPlus_Helper.dll -- (getPlusHelper) getPlus(R)
SRV - [2006-06-20 21:08:48 | 000,049,152 | ---- | M] (Hewlett-Packard Company) [Auto | Stopped] -- C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe -- (LightScribeService)
SRV - [2005-12-28 11:47:10 | 000,540,745 | ---- | M] (Intel Corporation ) [Auto | Stopped] -- C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe -- (S24EventMonitor) Intel(R)
SRV - [2005-12-28 11:45:02 | 000,114,753 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Program Files\Intel\Wireless\Bin\EvtEng.exe -- (EvtEng) Intel(R)
SRV - [2005-12-28 11:44:24 | 000,217,164 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe -- (RegSrvc) Intel(R)
SRV - [2003-11-26 22:44:20 | 000,061,440 | ---- | M] (CrypKey (Canada) Ltd.) [Auto | Stopped] -- C:\WINDOWS\System32\Crypserv.exe -- (Crypkey License)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | Auto | Stopped] -- C:\WINDOWS\System32\drivers\tmcomm.sys -- (tmcomm)
DRV - File not found [Kernel | Auto | Stopped] -- C:\WINDOWS\System32\DRIVERS\threadPRIORITY.sys -- (ThreadPriority)
DRV - File not found [Kernel | On_Demand | Stopped] -- H:\Program\LiberKey\Apps\PartitionFindandMount\App\PartitionFindandMount\slicedisk.sys -- (SliceDisk5)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\R-Drive Image\R-ImageDisk.sys -- (R-ImageDisk)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\PalmUSBD.sys -- (PalmUSBD)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\hcw95rc.sys -- (hcw95rc)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\Drivers\hcw95bda.sys -- (hcw95bda)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\R-Drive Image\DrvSnSht.sys -- (DrvSnSht)
DRV - File not found [Kernel | On_Demand | Stopped] -- H:\Programmes\LiberKey\Apps\MediaCoder\App\MediaCoder\SysInfo.sys -- (CrystalSysInfo)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\Drivers\btwusb.sys -- (BTWUSB)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\btwdndis.sys -- (BTWDNDIS)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\btkrnl.sys -- (BTKRNL)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\btport.sys -- (BTDriver)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\btaudio.sys -- (btaudio)
DRV - [2010-07-21 18:56:50 | 000,108,800 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\wfsintwq.sys -- (srosa)
DRV - [2010-07-21 18:56:50 | 000,007,168 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\srosa2.sys -- (sK9Ou0s)
DRV - [2010-02-26 14:32:58 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2010-02-26 14:32:46 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2010-02-26 14:32:44 | 000,022,528 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2010-02-26 14:32:44 | 000,018,176 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2010-02-26 14:21:22 | 000,137,344 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmwcdnsu.sys -- (nmwcdnsu)
DRV - [2010-02-26 14:21:22 | 000,008,320 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmwcdnsuc.sys -- (nmwcdnsuc)
DRV - [2009-12-15 22:42:32 | 000,056,816 | ---- | M] (Avira GmbH) [File_System | Auto | Stopped] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2009-08-24 12:22:58 | 000,034,688 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\pcampr5.sys -- (PCAMPR5)
DRV - [2009-08-24 12:22:58 | 000,032,128 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\pcandis5.sys -- (PCANDIS5)
DRV - [2009-07-14 10:31:02 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2009-06-17 17:56:32 | 000,028,560 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LUsbFilt.sys -- (LUsbFilt)
DRV - [2009-06-17 17:56:16 | 000,037,392 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LMouFilt.Sys -- (LMouFilt)
DRV - [2009-06-17 17:56:06 | 000,035,472 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LHidFilt.Sys -- (LHidFilt)
DRV - [2009-03-30 10:32:48 | 000,096,104 | ---- | M] (Avira GmbH) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)
DRV - [2009-03-05 09:14:50 | 000,036,608 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\FsUsbExDisk.Sys -- (FsUsbExDisk)
DRV - [2009-02-13 12:34:34 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Stopped] -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys -- (avgio)
DRV - [2009-01-30 09:12:00 | 006,250,848 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2008-10-31 07:09:06 | 000,270,888 | R--- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\SbFw.sys -- (SbFw)
DRV - [2008-08-26 10:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2008-08-11 16:17:48 | 000,037,440 | ---- | M] (microOLAP Technologies LTD) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pssdklbf.drv -- (PsSdkLBF)
DRV - [2008-08-11 16:17:48 | 000,030,272 | ---- | M] (microOLAP Technologies LTD) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pssdk31.drv -- (PsSdk31)
DRV - [2008-06-21 04:54:54 | 000,066,600 | R--- | M] () [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\sbhips.sys -- (sbhips)
DRV - [2008-04-13 20:46:22 | 000,015,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mpe.sys -- (MPE)
DRV - [2008-04-13 18:36:06 | 000,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Hdaudbus.sys -- (HDAudBus)
DRV - [2007-05-02 11:11:18 | 000,109,704 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_mdm.sys -- (ss_mdm)
DRV - [2007-05-02 11:11:18 | 000,015,112 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_mdfl.sys -- (ss_mdfl)
DRV - [2007-05-02 11:11:16 | 000,083,592 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_bus.sys -- (ss_bus) SAMSUNG Mobile USB Device 1.0 driver (WDM)
DRV - [2005-12-28 13:22:08 | 000,013,568 | ---- | M] (Intel Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\s24trans.sys -- (s24trans)
DRV - [2005-12-13 15:10:00 | 000,007,040 | ---- | M] (Freecom) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Gonzales.sys -- (Gonzales)
DRV - [2005-12-05 00:55:30 | 001,428,096 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\w39n51.sys -- (w39n51) Intel(R)
DRV - [2005-11-28 21:55:46 | 000,012,160 | ---- | M] (Freecom) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Bonifay.sys -- (Bonifay)
DRV - [2005-11-16 03:08:16 | 000,078,976 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTL8023xp)
DRV - [2005-10-21 02:13:08 | 000,191,936 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SynTP.sys -- (SynTP)
DRV - [2005-09-08 02:20:52 | 003,959,808 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2005-08-24 13:49:04 | 000,030,189 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btwmodem.sys -- (btwmodem)
DRV - [2005-07-14 12:14:34 | 000,027,904 | ---- | M] (REDC) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\risdptsk.sys -- (risdptsk)
DRV - [2005-07-12 19:00:30 | 000,051,328 | ---- | M] (REDC) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2005-05-26 19:19:00 | 000,839,724 | ---- | M] (Motorola Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\smserial.sys -- (smserial)
DRV - [2005-04-18 06:24:44 | 000,646,656 | R--- | M] (Bison Electronics. Inc. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\BisonCam.sys -- (Cam5603D)
DRV - [2005-02-17 10:07:48 | 000,005,632 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ATKACPI.sys -- (MTsensor)
DRV - [2004-03-08 12:55:50 | 000,013,567 | ---- | M] (B.H.A Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\CDRBSDRV.SYS -- (cdrbsdrv)
DRV - [2003-12-05 11:46:36 | 000,010,368 | ---- | M] (Padus, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pfc.sys -- (pfc)
DRV - [2003-07-29 07:18:32 | 000,028,518 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\ckldrv.sys -- (NetworkX)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://fr.gdark.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://fr.gdark.com

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,AlwaysUseDefaultPrinter =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://fr.gdark.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://home.microsoft.com/access/allinone.asp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Gdark
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://fr.gdark.com/search.php?cx=partn ... e=UTF-8&q={searchTerms}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.orange.fr
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://fr.gdark.com
IE - HKCU\..\URLSearchHook: {08C06D61-F1F3-4799-86F8-BE1A89362C85} - Reg Error: Key error. File not found
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Chercher Malin"
FF - prefs.js..browser.search.defaulturl: "http://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q="
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=867034"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.google.fr/"
FF - prefs.js..extensions.enabledItems: {E2883E8F-472F-4fb0-9522-AC9BF37916A7}:1
FF - prefs.js..extensions.enabledItems: 6
FF - prefs.js..extensions.enabledItems: 2
FF - prefs.js..extensions.enabledItems: 44
FF - prefs.js..extensions.enabledItems: autopager@mozilla.org:0.6.1.6
FF - prefs.js..extensions.enabledItems: {75493B06-1504-4976-9A55-B6FE240FF0BF}:2.2
FF - prefs.js..extensions.enabledItems: bettergmail2@ginatrapani.org:1.2
FF - prefs.js..extensions.enabledItems: en-GB@dictionaries.addons.mozilla.org:1.19
FF - prefs.js..extensions.enabledItems: {71328583-3CA7-4809-B4BA-570A85818FBB}:0.6.3
FF - prefs.js..extensions.enabledItems: en-CA@dictionaries.addons.mozilla.org:1.1.5
FF - prefs.js..extensions.enabledItems: piclens@cooliris.com:1.11.7
FF - prefs.js..extensions.enabledItems: fr-FR@dictionaries.addons.mozilla.org:3.5
FF - prefs.js..extensions.enabledItems: fr@dictionaries.addons.mozilla.org:3.5
FF - prefs.js..extensions.enabledItems: {D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}:0.9.6.8
FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.7.3
FF - prefs.js..extensions.enabledItems: en-AU@dictionaries.addons.mozilla.org:2.1.1
FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.8.20100408.6
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {37E4D8EA-8BDA-4831-8EA1-89053939A250}:3.0.0.1
FF - prefs.js..extensions.enabledItems: tagmarks@felipc.com:1.0.1
FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:1.1.3
FF - prefs.js..extensions.enabledItems: {372765b9-6955-41a7-a0c9-062e4d323756}:1.03
FF - prefs.js..extensions.enabledItems: {ada4b710-8346-4b82-8199-5de2b400a6ae}:1.9.8.1
FF - prefs.js..extensions.enabledItems: gmailthis@lazyrussian.com:2.2.9
FF - prefs.js..extensions.enabledItems: {A5C87640-F7CF-11DA-974D-0800200C9A66}:0.2.1
FF - prefs.js..extensions.enabledItems: searchsettings@spigot.com:1.2.3
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {5c8bfb7c-9a54-11dc-8314-0800200c9a66}:3.6.3
FF - prefs.js..keyword.URL: "http://redirecterror.sfr.fr/?q="

FF - user.js..keyword.URL: "http://redirecterror.sfr.fr/?q="

FF - HKLM\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2010-04-03 00:16:22 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.6\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2006-08-22 17:34:38 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.6\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2006-08-22 17:34:38 | 000,000,000 | ---D | M]

[2008-08-09 13:34:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Philippe\Application Data\Mozilla\Extensions
[2006-08-22 17:34:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Philippe\Application Data\Mozilla\Firefox\Profiles\4mriagw0.default\extensions
[2007-06-11 18:09:08 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Philippe\Application Data\Mozilla\Firefox\Profiles\4mriagw0.default\extensions\{0784CD66-62FE-4cef-ABF4-F8ED9B654ACC}
[2010-03-08 20:00:16 | 000,000,000 | ---D | M] (Radio France Toolbar) -- C:\Documents and Settings\Philippe\Application Data\Mozilla\Firefox\Profiles\4mriagw0.default\extensions\{1a2cd84f-2175-4ae8-bd60-ce0d04442b4f}
[2010-04-30 09:45:02 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Philippe\Application Data\Mozilla\Firefox\Profiles\4mriagw0.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010-02-28 20:28:02 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Documents and Settings\Philippe\Application Data\Mozilla\Firefox\Profiles\4mriagw0.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2010-04-04 15:40:54 | 000,000,000 | ---D | M] () -- C:\Documents and Settings\Philippe\Application Data\Mozilla\Firefox\Profiles\4mriagw0.default\extensions\{372765b9-6955-41a7-a0c9-062e4d323756}
[2009-10-15 21:14:26 | 000,000,000 | ---D | M] (PDF Download) -- C:\Documents and Settings\Philippe\Application Data\Mozilla\Firefox\Profiles\4mriagw0.default\extensions\{37E4D8EA-8BDA-4831-8EA1-89053939A250}
[2010-02-11 23:34:24 | 000,000,000 | ---D | M] (Aero Fox) -- C:\Documents and Settings\Philippe\Application Data\Mozilla\Firefox\Profiles\4mriagw0.default\extensions\{5c8bfb7c-9a54-11dc-8314-0800200c9a66}
[2010-01-23 15:38:04 | 000,000,000 | ---D | M] (CacheViewer) -- C:\Documents and Settings\Philippe\Application Data\Mozilla\Firefox\Profiles\4mriagw0.default\extensions\{71328583-3CA7-4809-B4BA-570A85818FBB}
[2009-02-10 22:13:50 | 000,000,000 | ---D | M] (Barre de confiance) -- C:\Documents and Settings\Philippe\Application Data\Mozilla\Firefox\Profiles\4mriagw0.default\extensions\{75493B06-1504-4976-9A55-B6FE240FF0BF}
[2009-06-03 20:23:06 | 000,000,000 | ---D | M] (IE Tab) -- C:\Documents and Settings\Philippe\Application Data\Mozilla\Firefox\Profiles\4mriagw0.default\extensions\{77b819fa-95ad-4f2c-ac7c-486b356188a9}
[2010-05-27 08:46:58 | 000,000,000 | ---D | M] (Mobile Barcoder) -- C:\Documents and Settings\Philippe\Application Data\Mozilla\Firefox\Profiles\4mriagw0.default\extensions\{A5C87640-F7CF-11DA-974D-0800200C9A66}
[2010-04-23 18:02:16 | 000,000,000 | ---D | M] (ReminderFox) -- C:\Documents and Settings\Philippe\Application Data\Mozilla\Firefox\Profiles\4mriagw0.default\extensions\{ada4b710-8346-4b82-8199-5de2b400a6ae}
[2008-06-17 23:30:52 | 000,000,000 | ---D | M] (MEDIADICO Familial) -- C:\Documents and Settings\Philippe\Application Data\Mozilla\Firefox\Profiles\4mriagw0.default\extensions\{b055c535-4a3a-11db-9659-00e08161165f}
[2010-04-23 18:02:06 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Documents and Settings\Philippe\Application Data\Mozilla\Firefox\Profiles\4mriagw0.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2010-04-23 18:00:38 | 000,000,000 | ---D | M] (Web Developer) -- C:\Documents and Settings\Philippe\Application Data\Mozilla\Firefox\Profiles\4mriagw0.default\extensions\{c45c406e-ab73-11d8-be73-000a95be3b12}
[2010-03-30 23:50:56 | 000,000,000 | ---D | M] (Fast Video Download (with SearchMenu)) -- C:\Documents and Settings\Philippe\Application Data\Mozilla\Firefox\Profiles\4mriagw0.default\extensions\{c50ca3c4-5656-43c2-a061-13e717f73fc8}
[2010-04-23 18:02:02 | 000,000,000 | ---D | M] (Download Statusbar) -- C:\Documents and Settings\Philippe\Application Data\Mozilla\Firefox\Profiles\4mriagw0.default\extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}
[2009-09-12 21:41:38 | 000,000,000 | ---D | M] (Adobe DLM (powered by getPlus(R))) -- C:\Documents and Settings\Philippe\Application Data\Mozilla\Firefox\Profiles\4mriagw0.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}
[2010-04-23 18:02:12 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Documents and Settings\Philippe\Application Data\Mozilla\Firefox\Profiles\4mriagw0.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
[2010-05-19 19:11:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Philippe\Application Data\Mozilla\Firefox\Profiles\4mriagw0.default\extensions\autopager@mozilla.org
[2010-05-19 19:11:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Philippe\Application Data\Mozilla\Firefox\Profiles\4mriagw0.default\extensions\bettergmail2@ginatrapani.org
[2008-02-19 19:39:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Philippe\Application Data\Mozilla\Firefox\Profiles\4mriagw0.default\extensions\en-AU@dictionaries.addons.mozilla.org
[2009-11-11 09:29:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Philippe\Application Data\Mozilla\Firefox\Profiles\4mriagw0.default\extensions\en-CA@dictionaries.addons.mozilla.org
[2006-12-19 21:28:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Philippe\Application Data\Mozilla\Firefox\Profiles\4mriagw0.default\extensions\en-GB@dictionaries.addons.mozilla.org
[2008-01-03 22:16:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Philippe\Application Data\Mozilla\Firefox\Profiles\4mriagw0.default\extensions\ffe_opaque_clrtabs@game-point.net
[2010-05-19 19:10:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Philippe\Application Data\Mozilla\Firefox\Profiles\4mriagw0.default\extensions\firebug@software.joehewitt.com
[2010-02-12 00:01:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Philippe\Application Data\Mozilla\Firefox\Profiles\4mriagw0.default\extensions\fr@dictionaries.addons.mozilla.org
[2010-02-12 00:01:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Philippe\Application Data\Mozilla\Firefox\Profiles\4mriagw0.default\extensions\fr-FR@dictionaries.addons.mozilla.org
[2010-04-04 15:40:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Philippe\Application Data\Mozilla\Firefox\Profiles\4mriagw0.default\extensions\gmailthis@lazyrussian.com
[2010-04-23 18:02:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Philippe\Application Data\Mozilla\Firefox\Profiles\4mriagw0.default\extensions\personas@christopher.beard
[2010-03-20 17:04:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Philippe\Application Data\Mozilla\Firefox\Profiles\4mriagw0.default\extensions\piclens@cooliris.com
[2008-12-14 22:24:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Philippe\Application Data\Mozilla\Firefox\Profiles\4mriagw0.default\extensions\rtmgmail@rememberthemilk.com
[2008-08-31 19:19:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Philippe\Application Data\Mozilla\Firefox\Profiles\4mriagw0.default\extensions\tagmarks@felipc.com
[2007-06-11 13:36:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Philippe\Application Data\Mozilla\Firefox\Profiles\4mriagw0.default\extensions\videodowloader@videodownloader.net
[2010-03-20 17:04:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Philippe\Application Data\Mozilla\Firefox\Profiles\4mriagw0.default\extensions\wikilook@testpilot
[2010-02-11 23:34:24 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Philippe\Application Data\Mozilla\Firefox\Profiles\4mriagw0.default\extensions\{5c8bfb7c-9a54-11dc-8314-0800200c9a66}\chrome\mac\browser\extensions
[2010-02-11 23:34:24 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Philippe\Application Data\Mozilla\Firefox\Profiles\4mriagw0.default\extensions\{5c8bfb7c-9a54-11dc-8314-0800200c9a66}\chrome\mac\mozapps\extensions
[2010-02-11 23:34:24 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Philippe\Application Data\Mozilla\Firefox\Profiles\4mriagw0.default\extensions\{5c8bfb7c-9a54-11dc-8314-0800200c9a66}\chrome\win\browser\extensions
[2010-02-11 23:34:24 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Philippe\Application Data\Mozilla\Firefox\Profiles\4mriagw0.default\extensions\{5c8bfb7c-9a54-11dc-8314-0800200c9a66}\chrome\win\mozapps\extensions
[2008-12-30 19:55:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Philippe\Application Data\Mozilla\Sunbird\Profiles\yi305cgi.default\extensions
[2008-11-17 08:51:24 | 000,005,179 | ---- | M] () -- C:\Documents and Settings\Philippe\Application Data\Mozilla\Firefox\Profiles\4mriagw0.default\searchplugins\BitTorrent.xml
[2009-05-27 23:24:12 | 000,001,571 | ---- | M] () -- C:\Documents and Settings\Philippe\Application Data\Mozilla\Firefox\Profiles\4mriagw0.default\searchplugins\Gdark.xml
[2009-07-30 20:32:04 | 000,002,375 | ---- | M] () -- C:\Documents and Settings\Philippe\Application Data\Mozilla\Firefox\Profiles\4mriagw0.default\searchplugins\Chercher Malin.xml
[2010-05-20 13:58:14 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2007-02-26 18:25:58 | 000,000,000 | ---D | M] (MSN Pictures Displayer) -- C:\Program Files\Mozilla Firefox\extensions\{0497D7FA-B45F-11DB-9DCC-3D3756D89593}
[2010-07-18 17:26:34 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2008-05-22 05:56:12 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\sotfone-tracker@sotfone.ru
[2006-10-10 22:57:38 | 000,049,152 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npbittorrent.dll
[2008-06-30 22:02:00 | 000,663,072 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Mozilla Firefox\plugins\npOGAPlugin.dll
[2005-12-05 22:31:00 | 000,114,688 | ---- | M] () -- C:\Program Files\Mozilla Firefox\plugins\npmozax.dll
[2010-04-12 17:29:20 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2010-04-01 19:07:30 | 000,001,516 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazon-france.xml
[2010-04-01 19:07:30 | 000,001,822 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\cnrtl-tlfi-fr.xml
[2010-04-01 19:07:30 | 000,000,757 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-france.xml
[2010-04-01 19:07:30 | 000,001,426 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-fr.xml
[2010-04-01 19:07:30 | 000,000,956 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-france.xml

O1 HOSTS File: ([2009-10-14 11:48:48 | 000,000,789 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Objet d'aide à la navigation SFR) - {0F6E720A-1A6B-40E1-A294-1D4D19F156C8} - C:\Program Files\Neuf\Kit\SFRNavErrorHelper.dll (SFR)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (no name) - {724d43a9-0d85-11d4-9908-00400523e39a} - No CLSID value found.
O2 - BHO: (Programme d'aide de l'Assistant de connexion Windows Live) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (SearchSettings Class) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\SearchSettings.dll (Spigot, Inc.)
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {31CF9EBE-5755-4A1D-AC25-2834D952D9B4} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {724D43A0-0D85-11D4-9908-00400523E39A} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No CLSID value found.
O4 - HKLM..\Run: [ABLKSR] C:\WINDOWS\ABLKSR\ABLKSR.EXE (ASYSTeK Computer INC.)
O4 - HKLM..\Run: [AppleSyncNotifier] C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleSyncNotifier.exe (Apple Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [HControl] C:\WINDOWS\ATK0100\HControl.exe ()
O4 - HKLM..\Run: [ISUSPM Startup] C:\Program Files\Fichiers communs\InstallShield\UpdateService\ISUSPM.exe (InstallShield Software Corporation)
O4 - HKLM..\Run: [ISUSScheduler] C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe (InstallShield Software Corporation)
O4 - HKLM..\Run: [iTunesHelper] H:\Programmes\iTunesHelper.exe File not found
O4 - HKLM..\Run: [Kernel and Hardware Abstraction Layer] C:\WINDOWS\KHALMNPR.Exe (Logitech, Inc.)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [Omnipage] C:\Program Files\ScanSoft\OmniPageSE\opware32.exe (ScanSoft, Inc)
O4 - HKLM..\Run: [Power_Gear] C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe (ASUSTeK Computer Inc.)
O4 - HKLM..\Run: [REGSHAVE] C:\Program Files\REGSHAVE\REGSHAVE.EXE (FUJI PHOTO FILM CO., LTD.)
O4 - HKLM..\Run: [SSBkgdUpdate] C:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [UserFaultCheck] File not found
O4 - HKCU..\Run: [FreeRAM XP] C:\Program Files\YourWare Solutions\FreeRAM XP Pro\FreeRAM XP Pro.exe (YourWare Solutions (TM))
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Info soft)
O4 - Startup: C:\Documents and Settings\Philippe\Menu Démarrer\Programmes\Démarrage\Dropbox.lnk = C:\Documents and Settings\Philippe\Application Data\Dropbox\bin\Dropbox.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFavoritesMenu = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMMyDocs = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMMyPictures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoStartMenuMyMusic = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRecentDocsNetHood = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSimpleStartMenu = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 227
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideLegacyLogonScripts = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideLogoffScripts = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: RunLogonScriptSync = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: RunStartupScriptSync = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideStartupScripts = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFavoritesMenu = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMMyDocs = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMMyPictures = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoStartMenuMyMusic = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRecentDocsNetHood = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoUserNameInStartMenu = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoStartMenuPinnedList = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ForceStartMenuLogoff = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSharedDocuments = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 177
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideLegacyLogonScripts = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideLogoffScripts = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: RunLogonScriptSync = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: RunStartupScriptSync = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideStartupScripts = 0
O8 - Extra context menu item: Add to &Evernote - C:\Program Files\Evernote\Evernote3.5\enbar.dll (Evernote Corporation)
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Download Video on This Page - C:\Program Files\Tomato\YouTube Video Downloader\IEPage.html ()
O8 - Extra context menu item: Download Video This Links To - C:\Program Files\Tomato\YouTube Video Downloader\IELink.html ()
O9 - Extra Button: Trace - {04849C74-016E-4a43-8AA5-1F01DE57F4A1} - Reg Error: Key error. File not found
O9 - Extra 'Tools' menuitem : VisualRoute Trace - {04849C74-016E-4a43-8AA5-1F01DE57F4A1} - Reg Error: Key error. File not found
O9 - Extra Button: Download Video - {11F19C45-9675-488A-A8E0-8E8234DC245D} - C:\Program Files\Tomato\YouTube Video Downloader\IEPage.html ()
O9 - Extra 'Tools' menuitem : Download Video on This Page - {11F19C45-9675-488A-A8E0-8E8234DC245D} - C:\Program Files\Tomato\YouTube Video Downloader\IEPage.html ()
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O9 - Extra Button: Add to Evernote - {E0B8C461-F8FB-49b4-8373-FE32E92528A6} - C:\Program Files\Evernote\Evernote3.5\enbar.dll (Evernote Corporation)
O9 - Extra 'Tools' menuitem : Add to Evernote - {E0B8C461-F8FB-49b4-8373-FE32E92528A6} - C:\Program Files\Evernote\Evernote3.5\enbar.dll (Evernote Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - Reg Error: Value error. File not found
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - Reg Error: Value error. File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} Reg Error: Value error. (Reg Error: Key error.)
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab (BDSCANONLINE Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_19)
O16 - DPF: {CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinsta ... s-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_19)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} Reg Error: Value error. (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\LBTWlgn: DllName - Reg Error: Value error. - Reg Error: Value error. File not found
O24 - Desktop Components:0 (Ma page d'accueil) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Philippe\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Philippe\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 0
O32 - AutoRun File - [2006-06-05 22:00:00 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ FAT32 ]
O33 - MountPoints2\{0657d734-32d3-11df-84d2-0013024a62be}\Shell\AutoRun\command - "" = F:\PenInkViewer\Viewer_for_Windows\PenInkViewer.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: AppMgmt - C:\WINDOWS\System32\appmgmts.dll File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: Wmi - C:\WINDOWS\System32\wmi.dll (Microsoft Corporation)
NetSvcs: WmdmPmSp - File not found

========== Files/Folders - Created Within 90 Days ==========

[2010-07-21 19:38:24 | 000,574,976 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Philippe\Bureau\OTL.scr
[2010-07-21 19:38:08 | 000,258,560 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Philippe\Bureau\OTH.scr
[2010-07-21 15:04:44 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Philippe\Recent
[2010-07-21 14:55:30 | 000,000,000 | -HSD | C] -- C:\FOUND.001
[2010-07-21 11:23:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Philippe\Bureau\tsc
[2010-07-21 11:20:28 | 001,870,896 | ---- | C] (Trend Micro Inc.) -- C:\Documents and Settings\Philippe\Bureau\HousecallLauncher.exe
[2010-07-20 20:17:10 | 000,000,000 | -HSD | C] -- C:\FOUND.000
[2010-07-20 13:30:17 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Philippe\Application Data\m
[2010-07-20 13:21:10 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Philippe\Application Data\drivers
[2010-07-19 21:36:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Philippe\Application Data\DiskAid
[2010-07-19 21:35:54 | 000,000,000 | ---D | C] -- C:\Program Files\DigiDNA
[2010-07-18 19:00:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Bureau
[2010-07-18 17:51:05 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2010-07-18 14:28:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\WindSolutions
[2010-07-18 14:07:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Philippe\Bureau\MyDocuments
[2010-07-03 20:36:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Philippe\Application Data\AVS4YOU
[2010-07-03 20:35:10 | 000,000,000 | ---D | C] -- C:\Program Files\Fichiers communs\AVSMedia
[2010-07-03 20:35:09 | 000,000,000 | ---D | C] -- C:\Program Files\AVS4YOU
[2010-07-03 20:35:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AVS4YOU
[2010-06-27 16:52:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Philippe\Local Settings\Application Data\Orange
[2010-06-27 16:43:54 | 000,094,208 | ---- | C] (Printing Communications Assoc., Inc. (PCAUSA)) -- C:\WINDOWS\System32\w32n50.dll
[2010-06-27 16:43:54 | 000,034,688 | ---- | C] (Printing Communications Assoc., Inc. (PCAUSA)) -- C:\WINDOWS\System32\pcampr5.sys
[2010-06-27 16:43:54 | 000,032,128 | ---- | C] (Printing Communications Assoc., Inc. (PCAUSA)) -- C:\WINDOWS\System32\pcandis5.sys
[2010-06-27 16:43:35 | 000,000,000 | ---D | C] -- C:\Program Files\Orange
[2010-06-27 16:42:16 | 000,000,000 | ---D | C] -- C:\Program Files\Fichiers communs\France Telecom
[2010-06-21 23:09:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Philippe\Local Settings\Application Data\Scansoft
[2010-06-21 20:56:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2010-06-21 20:56:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Philippe\Application Data\Nuance
[2010-06-21 20:50:19 | 000,000,000 | ---D | C] -- C:\Program Files\Fichiers communs\Nuance
[2010-06-21 20:48:54 | 000,000,000 | ---D | C] -- C:\Program Files\Nuance
[2010-06-21 20:48:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Nuance
[2010-06-19 11:54:43 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2010-06-14 22:36:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Philippe\Local Settings\Application Data\Evernote
[2010-06-14 22:35:30 | 000,000,000 | ---D | C] -- C:\Program Files\Evernote
[2010-06-12 11:53:45 | 000,018,816 | ---- | C] (Nokia) -- C:\WINDOWS\System32\drivers\pccsmcfd.sys
[2010-06-12 11:53:34 | 000,000,000 | ---D | C] -- C:\Program Files\PC Connectivity Solution
[2010-06-12 11:52:37 | 000,008,320 | ---- | C] (Nokia) -- C:\WINDOWS\System32\drivers\nmwcdnsuc.sys
[2010-06-12 11:52:36 | 000,137,344 | ---- | C] (Nokia) -- C:\WINDOWS\System32\drivers\nmwcdnsu.sys
[2010-06-12 11:52:34 | 000,008,192 | ---- | C] (Nokia) -- C:\WINDOWS\System32\drivers\usbser_lowerfltj.sys
[2010-06-12 11:52:32 | 000,008,192 | ---- | C] (Nokia) -- C:\WINDOWS\System32\drivers\usbser_lowerflt.sys
[2010-06-12 11:52:30 | 000,022,528 | ---- | C] (Nokia) -- C:\WINDOWS\System32\drivers\ccdcmbo.sys
[2010-06-12 11:52:26 | 000,662,016 | ---- | C] (Nokia) -- C:\WINDOWS\System32\nmwcdcocls.dll
[2010-06-12 11:52:26 | 000,018,176 | ---- | C] (Nokia) -- C:\WINDOWS\System32\drivers\ccdcmb.sys
[2010-06-08 20:03:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Philippe\Application Data\Power Sound Editor Free
[2010-06-08 20:03:10 | 001,986,560 | ---- | C] (NCT Company Ltd.) -- C:\WINDOWS\System32\NCTAudioFile2.dll
[2010-06-08 20:03:10 | 001,212,416 | ---- | C] (Online Media Technologies Ltd.) -- C:\WINDOWS\System32\NCTAudioInformation2.dll
[2010-06-08 20:03:10 | 000,602,112 | ---- | C] (Online Media Technologies Ltd.) -- C:\WINDOWS\System32\NCTAudioTransform2.dll
[2010-06-08 20:03:10 | 000,479,232 | ---- | C] (Online Media Technologies Ltd.) -- C:\WINDOWS\System32\NCTAudioVisualization2.dll
[2010-06-08 20:03:10 | 000,458,752 | ---- | C] (Online Media Technologies Ltd.) -- C:\WINDOWS\System32\NCTAudioRecord2.dll
[2010-06-08 20:03:10 | 000,458,752 | ---- | C] (Online Media Technologies Ltd.) -- C:\WINDOWS\System32\NCTAudioPlayer2.dll
[2010-06-08 20:03:10 | 000,417,792 | ---- | C] (Online Media Technologies Ltd.) -- C:\WINDOWS\System32\NCTTextToAudio2.dll
[2010-06-08 20:03:10 | 000,348,160 | ---- | C] (NCT Company Ltd.) -- C:\WINDOWS\System32\NCTWMAFile2.dll
[2010-06-08 20:03:09 | 000,880,640 | ---- | C] (Online Media Technologies Ltd.) -- C:\WINDOWS\System32\NCTAudioEditor2.dll
[2010-06-08 20:03:09 | 000,835,584 | ---- | C] (NCT) -- C:\WINDOWS\System32\NCTAudioCDGrabber2.dll
[2010-06-08 20:03:08 | 000,000,000 | ---D | C] -- C:\Program Files\Power Sound Editor Free
[2010-06-04 16:02:07 | 000,000,000 | ---D | C] -- C:\Program Files\Total Video Converter
[2010-05-21 07:07:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Philippe\Application Data\Search Settings
[2010-05-20 13:58:12 | 000,000,000 | ---D | C] -- C:\Program Files\Search Settings
[2010-05-20 13:58:01 | 000,000,000 | ---D | C] -- C:\Program Files\Application Updater
[2010-05-20 13:57:35 | 000,040,960 | ---- | C] (vbAccelerator) -- C:\WINDOWS\System32\SSubTmr6.dll
[2010-05-20 13:57:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Philippe\Application Data\FreeBurner
[2010-05-19 19:19:51 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Live
[2010-05-18 21:15:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Philippe\Application Data\FreeVideoConverter
[2010-05-15 20:38:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Philippe\Application Data\Hitivi
[2010-05-15 20:32:46 | 000,000,000 | ---D | C] -- C:\Program Files\Convertym Media Converter
[2010-05-13 21:06:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Philippe\Application Data\SharePod
[2010-05-12 20:33:56 | 000,000,000 | ---D | C] -- C:\Program Files\RocketDock
[2010-05-10 23:46:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Philippe\Application Data\Foxit Software
[2010-05-10 23:43:36 | 000,000,000 | ---D | C] -- C:\Program Files\Foxit Software
[2010-05-10 23:43:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Foxit Software
[2010-04-30 22:02:35 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Philippe\Mes documents\My Dropbox
[2010-04-30 21:58:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Philippe\Application Data\Dropbox
[2010-04-23 22:11:08 | 000,000,000 | -HSD | C] -- C:\WINDOWS\ftpcache
[2010-04-23 22:10:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Philippe\Application Data\Blumentals

========== Files - Modified Within 90 Days ==========

[2010-07-21 19:38:38 | 000,000,371 | ---- | M] () -- C:\Documents and Settings\Philippe\Bureau\scan.zip
[2010-07-21 19:38:26 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Philippe\Bureau\OTL.scr
[2010-07-21 19:38:10 | 000,258,560 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Philippe\Bureau\OTH.scr
[2010-07-21 19:30:08 | 000,001,054 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010-07-21 18:56:50 | 000,007,168 | ---- | M] () -- C:\WINDOWS\System32\srosa2.sys
[2010-07-21 18:56:04 | 000,193,994 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2010-07-21 18:55:50 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010-07-21 18:55:46 | 000,001,050 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010-07-21 18:55:46 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-3148158295-4140714283-3407515131-1005.job
[2010-07-21 18:53:36 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010-07-21 18:53:30 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010-07-21 18:53:22 | 2146,881,536 | -HS- | M] () -- C:\hiberfil.sys
[2010-07-21 15:04:52 | 014,942,208 | ---- | M] () -- C:\Documents and Settings\Philippe\ntuser.dat
[2010-07-21 11:28:04 | 000,000,284 | -HS- | M] () -- C:\Documents and Settings\Philippe\ntuser.ini
[2010-07-21 11:22:18 | 002,331,463 | ---- | M] () -- C:\Documents and Settings\Philippe\Bureau\tsc.zip
[2010-07-21 11:20:32 | 001,870,896 | ---- | M] (Trend Micro Inc.) -- C:\Documents and Settings\Philippe\Bureau\HousecallLauncher.exe
[2010-07-21 10:55:08 | 000,000,428 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{CDBB5654-9B23-4C30-A2A5-C4D62D6B5C11}.job
[2010-07-20 22:20:04 | 004,232,526 | -H-- | M] () -- C:\Documents and Settings\Philippe\Local Settings\Application Data\IconCache.db
[2010-07-20 21:12:06 | 000,001,208 | ---- | M] () -- C:\WINDOWS\win.ini
[2010-07-20 21:12:02 | 000,164,597 | ---- | M] () -- C:\Documents and Settings\Philippe\Mes documents\Save Compte.SAV.CM
[2010-07-20 20:08:28 | 000,000,036 | ---- | M] () -- C:\Documents and Settings\Philippe\Local Settings\Application Data\housecall.guid.cache
[2010-07-20 20:05:48 | 000,178,688 | ---- | M] () -- C:\Documents and Settings\Philippe\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010-07-20 19:30:24 | 000,071,268 | -H-- | M] () -- C:\WINDOWS\System32\mlfcache.dat
[2010-07-20 13:20:38 | 000,000,292 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-3148158295-4140714283-3407515131-1005.job
[2010-07-19 08:14:56 | 000,360,936 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010-07-18 19:30:04 | 000,098,824 | ---- | M] () -- C:\WINDOWS\System32\GDIPFONTCACHEV1.DAT
[2010-07-18 17:48:56 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2010-07-18 17:28:30 | 015,204,352 | ---- | M] () -- C:\Documents and Settings\Philippe\ntuser.bak
[2010-07-12 14:48:16 | 004,571,980 | ---- | M] () -- C:\Documents and Settings\Philippe\Bureau\dossier randos les croix.odt
[2010-07-03 20:57:54 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2010-07-01 23:37:10 | 000,000,262 | ---- | M] () -- C:\WINDOWS\tasks\Malwarebytes' Anti-Malware.job
[2010-07-01 11:03:18 | 000,025,713 | ---- | M] () -- C:\WINDOWS\CSTBox.INI
[2010-06-23 09:31:18 | 001,097,094 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010-06-23 09:31:18 | 000,528,396 | ---- | M] () -- C:\WINDOWS\System32\perfh00C.dat
[2010-06-23 09:31:18 | 000,437,384 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010-06-23 09:31:18 | 000,092,024 | ---- | M] () -- C:\WINDOWS\System32\perfc00C.dat
[2010-06-23 09:31:18 | 000,069,610 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010-06-21 22:52:26 | 000,000,760 | ---- | M] () -- C:\Documents and Settings\Philippe\Application Data\setup_ldm.iss
[2010-06-21 21:14:06 | 000,002,155 | ---- | M] () -- C:\Documents and Settings\Philippe\Application Data\SAS7_000.DAT
[2010-06-19 13:14:04 | 000,002,619 | ---- | M] () -- C:\WINDOWS\System32\mapisvc.inf
[2010-06-18 19:42:22 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010-06-12 12:20:34 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\Msft_User_PCCSWpdDriver_01_07_00.Wdf
[2010-06-12 12:20:26 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\MsftWdf_user_01_07_00.Wdf
[2010-06-12 12:10:26 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_ccdcmb_01009.Wdf
[2010-06-12 12:10:24 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\MsftWdf_Kernel_01009_Coinstaller_Critical.Wdf
[2010-05-29 22:37:42 | 000,279,160 | ---- | M] () -- C:\Documents and Settings\Philippe\Mes documents\bookmarks.html
[2010-05-29 18:25:16 | 000,002,191 | ---- | M] () -- C:\Documents and Settings\Philippe\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2010-05-13 20:51:06 | 000,000,111 | ---- | M] () -- C:\WINDOWS\cdplayer.ini
[2010-05-12 20:34:08 | 000,000,554 | ---- | M] () -- C:\Documents and Settings\Philippe\Bureau\RocketDock.lnk
[2010-05-10 23:46:02 | 010,216,904 | ---- | M] (Foxit Software) -- C:\Program Files\FoxitReader.exe
[2010-05-10 23:44:36 | 002,228,326 | ---- | M] (Foxit Software Company) -- C:\Program Files\Foxit_JS_ExObjects.dll
[2010-05-10 23:44:34 | 000,474,368 | ---- | M] (Foxit Software Company) -- C:\Program Files\fxdecod1.dll
[2010-04-30 22:02:36 | 000,000,911 | ---- | M] () -- C:\Documents and Settings\Philippe\Menu Démarrer\Programmes\Démarrage\Dropbox.lnk
[2010-04-29 15:39:38 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010-04-29 15:39:26 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010-04-23 17:42:48 | 000,001,524 | ---- | M] () -- C:\Documents and Settings\Philippe\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk

========== Files Created - No Company Name ==========

[2010-07-21 19:38:35 | 000,000,371 | ---- | C] () -- C:\Documents and Settings\Philippe\Bureau\scan.zip
[2010-07-21 11:22:17 | 002,331,463 | ---- | C] () -- C:\Documents and Settings\Philippe\Bureau\tsc.zip
[2010-07-20 21:11:57 | 000,164,597 | ---- | C] () -- C:\Documents and Settings\Philippe\Mes documents\Save Compte.SAV.CM
[2010-07-20 20:08:27 | 000,000,036 | ---- | C] () -- C:\Documents and Settings\Philippe\Local Settings\Application Data\housecall.guid.cache
[2010-07-20 13:23:23 | 000,007,168 | ---- | C] () -- C:\WINDOWS\System32\srosa2.sys
[2010-07-18 16:59:02 | 000,000,000 | -H-- | C] () -- C:\Documents and Settings\Philippe\ntuser.rhk.LOG
[2010-07-12 14:48:09 | 004,571,980 | ---- | C] () -- C:\Documents and Settings\Philippe\Bureau\dossier randos les croix.odt
[2010-06-29 08:40:03 | 000,183,776 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2010-06-21 21:14:04 | 000,002,155 | ---- | C] () -- C:\Documents and Settings\Philippe\Application Data\SAS7_000.DAT
[2010-06-12 12:20:33 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\Msft_User_PCCSWpdDriver_01_07_00.Wdf
[2010-06-12 12:20:25 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\MsftWdf_user_01_07_00.Wdf
[2010-06-12 12:10:24 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_ccdcmb_01009.Wdf
[2010-06-12 12:10:23 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\MsftWdf_Kernel_01009_Coinstaller_Critical.Wdf
[2010-06-08 20:03:10 | 000,113,486 | ---- | C] () -- C:\WINDOWS\System32\NCTWMAProfiles.prx
[2010-05-29 22:37:39 | 000,279,160 | ---- | C] () -- C:\Documents and Settings\Philippe\Mes documents\bookmarks.html
[2010-05-29 18:25:14 | 000,002,191 | ---- | C] () -- C:\Documents and Settings\Philippe\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2010-05-12 20:34:06 | 000,000,554 | ---- | C] () -- C:\Documents and Settings\Philippe\Bureau\RocketDock.lnk
[2010-05-12 17:23:01 | 000,001,656 | ---- | C] () -- C:\Documents and Settings\Philippe\Mes documents\CyberMUT.lnk
[2010-04-30 22:02:35 | 000,000,911 | ---- | C] () -- C:\Documents and Settings\Philippe\Menu Démarrer\Programmes\Démarrage\Dropbox.lnk
[2010-04-23 17:42:46 | 000,001,524 | ---- | C] () -- C:\Documents and Settings\Philippe\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2009-08-03 19:40:11 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\FsUsbExDevice.Dll
[2009-08-03 19:40:11 | 000,036,608 | ---- | C] () -- C:\WINDOWS\System32\FsUsbExDisk.Sys
[2009-03-31 21:30:18 | 000,168,448 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2009-03-31 21:30:14 | 000,795,648 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2009-03-31 21:30:14 | 000,130,048 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2009-03-31 21:30:13 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2009-03-31 21:30:10 | 000,067,584 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2009-03-31 21:30:10 | 000,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest
[2009-03-22 22:45:16 | 000,270,888 | R--- | C] () -- C:\WINDOWS\System32\drivers\SbFw.sys
[2008-10-07 09:13:30 | 000,197,912 | ---- | C] () -- C:\WINDOWS\System32\physxcudart_20.dll
[2008-10-07 09:13:22 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll
[2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll
[2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll
[2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll
[2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll
[2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll
[2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll
[2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll
[2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll
[2008-07-14 14:51:47 | 000,027,648 | ---- | C] () -- C:\WINDOWS\System32\AVSredirect.dll
[2008-06-21 04:54:54 | 000,066,600 | R--- | C] () -- C:\WINDOWS\System32\drivers\sbhips.sys
[2008-05-26 22:23:32 | 000,016,698 | ---- | C] () -- C:\WINDOWS\System32\gthrctr.ini
[2008-05-26 22:23:30 | 000,021,596 | ---- | C] () -- C:\WINDOWS\System32\idxcntrs.ini
[2008-05-26 22:23:28 | 000,016,036 | ---- | C] () -- C:\WINDOWS\System32\gsrvctr.ini
[2008-05-20 15:49:26 | 000,116,224 | ---- | C] () -- C:\WINDOWS\System32\pdfcmnnt.dll
[2008-05-06 18:23:58 | 000,032,825 | ---- | C] () -- C:\WINDOWS\Irremote.ini
[2008-05-06 18:23:39 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\dmcrypto.dll
[2008-05-06 18:19:57 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\PsisDecd.dll
[2008-02-14 23:08:11 | 000,000,023 | -HS- | C] () -- C:\WINDOWS\System32\ffbfec7_g.dll
[2008-02-07 20:42:14 | 000,025,713 | ---- | C] () -- C:\WINDOWS\CSTBox.INI
[2008-02-07 20:25:26 | 000,000,525 | ---- | C] () -- C:\WINDOWS\MAXLINK.INI
[2007-12-11 22:22:15 | 000,000,064 | ---- | C] () -- C:\WINDOWS\yesmessenger.ini
[2007-12-03 09:13:29 | 000,000,112 | ---- | C] () -- C:\WINDOWS\ActiveSkin.INI
[2007-10-25 17:26:10 | 000,005,632 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys
[2007-08-03 00:08:30 | 000,000,259 | ---- | C] () -- C:\WINDOWS\lgfwup.ini
[2007-06-14 19:52:24 | 000,000,040 | ---- | C] () -- C:\WINDOWS\NAVIGMA.INI
[2007-04-05 18:42:37 | 000,003,712 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2007-03-07 21:39:16 | 000,000,041 | ---- | C] () -- C:\WINDOWS\Crypkey.ini
[2007-03-07 21:39:13 | 000,028,518 | ---- | C] () -- C:\WINDOWS\System32\Ckldrv.sys
[2007-03-07 21:39:13 | 000,018,432 | ---- | C] () -- C:\WINDOWS\Setup_ck.dll
[2007-01-07 18:22:14 | 000,014,848 | ---- | C] () -- C:\WINDOWS\System32\BASSMOD.dll
[2006-11-22 22:44:01 | 000,000,111 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2006-11-19 14:17:00 | 000,000,371 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2006-11-03 15:15:34 | 000,000,708 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2006-11-03 15:15:33 | 000,000,122 | ---- | C] () -- C:\WINDOWS\mdm.ini
[2006-11-03 15:15:26 | 000,000,000 | ---- | C] () -- C:\WINDOWS\NSREX.INI
[2006-10-03 23:52:51 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2006-09-20 21:24:54 | 000,000,049 | ---- | C] () -- C:\WINDOWS\MobileDB_PC.ini
[2006-08-16 20:55:32 | 000,000,000 | ---- | C] () -- C:\WINDOWS\QuickInstall.INI
[2006-08-16 18:36:31 | 000,000,058 | ---- | C] () -- C:\WINDOWS\RTEDiag.INI
[2006-08-16 11:03:39 | 000,000,035 | ---- | C] () -- C:\WINDOWS\System32\RTELM.dll
[2006-08-12 22:26:55 | 000,000,048 | ---- | C] () -- C:\WINDOWS\FileNamesinQueue.ini
[2006-06-05 22:28:18 | 000,012,288 | ---- | C] () -- C:\WINDOWS\impborl.dll
[2006-06-05 22:03:40 | 000,000,829 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2006-06-05 16:30:24 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2006-01-02 21:16:32 | 000,000,010 | ---- | C] () -- C:\WINDOWS\System32\ABLKSR.ini
[2005-12-07 12:31:00 | 000,202,752 | R--- | C] () -- C:\WINDOWS\System32\CddbCdda.dll
[2005-11-21 10:51:00 | 001,724
genesis973
 
Messages: 36
Inscription: 21 Juil 2010, 10:03

Résultat du scan

Messagede genesis973 » 21 Juil 2010, 19:04

Voiçi le seul fichier que j'ai pû obtenir (pas de Extras .txt)

OTL logfile created on: 2010-07-21 19:47:51 - Run 1
OTL by OldTimer - Version 3.2.9.0 Folder = C:\Documents and Settings\Philippe\Bureau
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.11)
Locale: 0000040C | Country: France | Language: FRA | Date Format: yyyy-MM-dd

2.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 79.00% Memory free
3.00 Gb Paging File | 3.00 Gb Available in Paging File | 92.00% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 54.83 Gb Total Space | 13.85 Gb Free Space | 25.26% Space Free | Partition Type: FAT32
Drive D: | 36.45 Gb Total Space | 36.44 Gb Free Space | 99.98% Space Free | Partition Type: FAT32
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: PHILIPPE_ELO
Current User Name: Philippe
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan

========== Processes (SafeList) ==========

PRC - [2010-07-21 19:38:26 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Philippe\Bureau\OTL.scr
PRC - [2010-07-21 19:38:10 | 000,258,560 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Philippe\Bureau\OTH.scr
PRC - [2008-04-14 04:34:00 | 000,082,944 | ---- | M] (Microsoft Corp. et Executive Software International, Inc.) -- C:\WINDOWS\system32\dfrgfat.exe


========== Modules (SafeList) ==========

MOD - [2010-07-21 19:38:26 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Philippe\Bureau\OTL.scr
MOD - [2010-05-19 15:37:00 | 000,401,920 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll
MOD - [2010-05-04 15:25:46 | 000,597,504 | ---- | M] (STLport Consulting, Inc.) -- C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\stlport_vc7145.dll
MOD - [2009-12-09 03:19:44 | 000,094,208 | ---- | M] (Dropbox, Inc.) -- C:\Documents and Settings\Philippe\Application Data\Dropbox\bin\DropboxExt.13.dll
MOD - [2009-08-13 15:56:14 | 001,748,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6001.22319_x-ww_f0b4c2df\GdiPlus.dll
MOD - [2009-04-29 03:13:20 | 000,499,712 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\Philippe\Application Data\Dropbox\bin\msvcp71.dll
MOD - [2008-07-29 08:05:08 | 000,655,872 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_6f74963e\msvcr90.dll
MOD - [2008-04-14 04:33:22 | 000,640,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\dbghelp.dll
MOD - [2008-04-14 04:32:02 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx
MOD - [2008-04-13 20:36:46 | 002,986,496 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\xpsp2res.dll
MOD - [2008-03-04 02:34:38 | 000,348,160 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\Philippe\Application Data\Dropbox\bin\msvcr71.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- C:\WINDOWS\System32\appmgmts.dll -- (AppMgmt)
SRV - [2010-07-21 19:47:58 | 001,365,288 | ---- | M] (Sunbelt Software, Inc.) [Auto | Stopped] -- C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe -- (SPF4)
SRV - [2010-07-21 19:47:56 | 000,095,528 | ---- | M] (Sunbelt Software, Inc.) [Auto | Stopped] -- C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe -- (SbPF.Launcher)
SRV - [2010-07-21 19:47:54 | 000,185,089 | ---- | M] (Avira GmbH) [Auto | Stopped] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2010-07-21 19:47:54 | 000,108,289 | ---- | M] (Avira GmbH) [Auto | Stopped] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2010-06-10 21:03:08 | 000,144,176 | ---- | M] (Apple Inc.) [Auto | Stopped] -- C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2010-04-27 13:43:48 | 000,611,840 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2010-01-08 00:51:02 | 000,380,928 | ---- | M] (Spigot, Inc.) [Auto | Stopped] -- C:\Program Files\Application Updater\ApplicationUpdater.exe -- (Application Updater)
SRV - [2009-09-03 11:53:00 | 000,048,368 | ---- | M] (NOS Microsystems Ltd.) [On_Demand | Stopped] -- C:\Program Files\NOS\bin\getPlus_Helper.dll -- (getPlusHelper) getPlus(R)
SRV - [2006-06-20 21:08:48 | 000,049,152 | ---- | M] (Hewlett-Packard Company) [Auto | Stopped] -- C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe -- (LightScribeService)
SRV - [2005-12-28 11:47:10 | 000,540,745 | ---- | M] (Intel Corporation ) [Auto | Stopped] -- C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe -- (S24EventMonitor) Intel(R)
SRV - [2005-12-28 11:45:02 | 000,114,753 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Program Files\Intel\Wireless\Bin\EvtEng.exe -- (EvtEng) Intel(R)
SRV - [2005-12-28 11:44:24 | 000,217,164 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe -- (RegSrvc) Intel(R)
SRV - [2003-11-26 22:44:20 | 000,061,440 | ---- | M] (CrypKey (Canada) Ltd.) [Auto | Stopped] -- C:\WINDOWS\System32\Crypserv.exe -- (Crypkey License)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | Auto | Stopped] -- C:\WINDOWS\System32\drivers\tmcomm.sys -- (tmcomm)
DRV - File not found [Kernel | Auto | Stopped] -- C:\WINDOWS\System32\DRIVERS\threadPRIORITY.sys -- (ThreadPriority)
DRV - File not found [Kernel | On_Demand | Stopped] -- H:\Program\LiberKey\Apps\PartitionFindandMount\App\PartitionFindandMount\slicedisk.sys -- (SliceDisk5)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\R-Drive Image\R-ImageDisk.sys -- (R-ImageDisk)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\PalmUSBD.sys -- (PalmUSBD)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\hcw95rc.sys -- (hcw95rc)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\Drivers\hcw95bda.sys -- (hcw95bda)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\R-Drive Image\DrvSnSht.sys -- (DrvSnSht)
DRV - File not found [Kernel | On_Demand | Stopped] -- H:\Programmes\LiberKey\Apps\MediaCoder\App\MediaCoder\SysInfo.sys -- (CrystalSysInfo)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\Drivers\btwusb.sys -- (BTWUSB)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\btwdndis.sys -- (BTWDNDIS)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\btkrnl.sys -- (BTKRNL)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\btport.sys -- (BTDriver)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\btaudio.sys -- (btaudio)
DRV - [2010-07-21 18:56:50 | 000,108,800 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\wfsintwq.sys -- (srosa)
DRV - [2010-07-21 18:56:50 | 000,007,168 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\srosa2.sys -- (sK9Ou0s)
DRV - [2010-02-26 14:32:58 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2010-02-26 14:32:46 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2010-02-26 14:32:44 | 000,022,528 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2010-02-26 14:32:44 | 000,018,176 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2010-02-26 14:21:22 | 000,137,344 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmwcdnsu.sys -- (nmwcdnsu)
DRV - [2010-02-26 14:21:22 | 000,008,320 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmwcdnsuc.sys -- (nmwcdnsuc)
DRV - [2009-12-15 22:42:32 | 000,056,816 | ---- | M] (Avira GmbH) [File_System | Auto | Stopped] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2009-08-24 12:22:58 | 000,034,688 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\pcampr5.sys -- (PCAMPR5)
DRV - [2009-08-24 12:22:58 | 000,032,128 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\pcandis5.sys -- (PCANDIS5)
DRV - [2009-07-14 10:31:02 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2009-06-17 17:56:32 | 000,028,560 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LUsbFilt.sys -- (LUsbFilt)
DRV - [2009-06-17 17:56:16 | 000,037,392 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LMouFilt.Sys -- (LMouFilt)
DRV - [2009-06-17 17:56:06 | 000,035,472 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LHidFilt.Sys -- (LHidFilt)
DRV - [2009-03-30 10:32:48 | 000,096,104 | ---- | M] (Avira GmbH) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)
DRV - [2009-03-05 09:14:50 | 000,036,608 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\FsUsbExDisk.Sys -- (FsUsbExDisk)
DRV - [2009-02-13 12:34:34 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Stopped] -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys -- (avgio)
DRV - [2009-01-30 09:12:00 | 006,250,848 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2008-10-31 07:09:06 | 000,270,888 | R--- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\SbFw.sys -- (SbFw)
DRV - [2008-08-26 10:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2008-08-11 16:17:48 | 000,037,440 | ---- | M] (microOLAP Technologies LTD) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pssdklbf.drv -- (PsSdkLBF)
DRV - [2008-08-11 16:17:48 | 000,030,272 | ---- | M] (microOLAP Technologies LTD) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pssdk31.drv -- (PsSdk31)
DRV - [2008-06-21 04:54:54 | 000,066,600 | R--- | M] () [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\sbhips.sys -- (sbhips)
DRV - [2008-04-13 20:46:22 | 000,015,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mpe.sys -- (MPE)
DRV - [2008-04-13 18:36:06 | 000,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Hdaudbus.sys -- (HDAudBus)
DRV - [2007-05-02 11:11:18 | 000,109,704 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_mdm.sys -- (ss_mdm)
DRV - [2007-05-02 11:11:18 | 000,015,112 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_mdfl.sys -- (ss_mdfl)
DRV - [2007-05-02 11:11:16 | 000,083,592 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_bus.sys -- (ss_bus) SAMSUNG Mobile USB Device 1.0 driver (WDM)
DRV - [2005-12-28 13:22:08 | 000,013,568 | ---- | M] (Intel Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\s24trans.sys -- (s24trans)
DRV - [2005-12-13 15:10:00 | 000,007,040 | ---- | M] (Freecom) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Gonzales.sys -- (Gonzales)
DRV - [2005-12-05 00:55:30 | 001,428,096 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\w39n51.sys -- (w39n51) Intel(R)
DRV - [2005-11-28 21:55:46 | 000,012,160 | ---- | M] (Freecom) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Bonifay.sys -- (Bonifay)
DRV - [2005-11-16 03:08:16 | 000,078,976 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTL8023xp)
DRV - [2005-10-21 02:13:08 | 000,191,936 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SynTP.sys -- (SynTP)
DRV - [2005-09-08 02:20:52 | 003,959,808 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2005-08-24 13:49:04 | 000,030,189 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btwmodem.sys -- (btwmodem)
DRV - [2005-07-14 12:14:34 | 000,027,904 | ---- | M] (REDC) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\risdptsk.sys -- (risdptsk)
DRV - [2005-07-12 19:00:30 | 000,051,328 | ---- | M] (REDC) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2005-05-26 19:19:00 | 000,839,724 | ---- | M] (Motorola Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\smserial.sys -- (smserial)
DRV - [2005-04-18 06:24:44 | 000,646,656 | R--- | M] (Bison Electronics. Inc. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\BisonCam.sys -- (Cam5603D)
DRV - [2005-02-17 10:07:48 | 000,005,632 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ATKACPI.sys -- (MTsensor)
DRV - [2004-03-08 12:55:50 | 000,013,567 | ---- | M] (B.H.A Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\CDRBSDRV.SYS -- (cdrbsdrv)
DRV - [2003-12-05 11:46:36 | 000,010,368 | ---- | M] (Padus, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pfc.sys -- (pfc)
DRV - [2003-07-29 07:18:32 | 000,028,518 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\ckldrv.sys -- (NetworkX)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://fr.gdark.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://fr.gdark.com

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,AlwaysUseDefaultPrinter =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://fr.gdark.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://home.microsoft.com/access/allinone.asp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Gdark
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://fr.gdark.com/search.php?cx=partn ... e=UTF-8&q={searchTerms}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.orange.fr
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://fr.gdark.com
IE - HKCU\..\URLSearchHook: {08C06D61-F1F3-4799-86F8-BE1A89362C85} - Reg Error: Key error. File not found
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Chercher Malin"
FF - prefs.js..browser.search.defaulturl: "http://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q="
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=867034"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.google.fr/"
FF - prefs.js..extensions.enabledItems: {E2883E8F-472F-4fb0-9522-AC9BF37916A7}:1
FF - prefs.js..extensions.enabledItems: 6
FF - prefs.js..extensions.enabledItems: 2
FF - prefs.js..extensions.enabledItems: 44
FF - prefs.js..extensions.enabledItems: autopager@mozilla.org:0.6.1.6
FF - prefs.js..extensions.enabledItems: {75493B06-1504-4976-9A55-B6FE240FF0BF}:2.2
FF - prefs.js..extensions.enabledItems: bettergmail2@ginatrapani.org:1.2
FF - prefs.js..extensions.enabledItems: en-GB@dictionaries.addons.mozilla.org:1.19
FF - prefs.js..extensions.enabledItems: {71328583-3CA7-4809-B4BA-570A85818FBB}:0.6.3
FF - prefs.js..extensions.enabledItems: en-CA@dictionaries.addons.mozilla.org:1.1.5
FF - prefs.js..extensions.enabledItems: piclens@cooliris.com:1.11.7
FF - prefs.js..extensions.enabledItems: fr-FR@dictionaries.addons.mozilla.org:3.5
FF - prefs.js..extensions.enabledItems: fr@dictionaries.addons.mozilla.org:3.5
FF - prefs.js..extensions.enabledItems: {D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}:0.9.6.8
FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.7.3
FF - prefs.js..extensions.enabledItems: en-AU@dictionaries.addons.mozilla.org:2.1.1
FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.8.20100408.6
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {37E4D8EA-8BDA-4831-8EA1-89053939A250}:3.0.0.1
FF - prefs.js..extensions.enabledItems: tagmarks@felipc.com:1.0.1
FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:1.1.3
FF - prefs.js..extensions.enabledItems: {372765b9-6955-41a7-a0c9-062e4d323756}:1.03
FF - prefs.js..extensions.enabledItems: {ada4b710-8346-4b82-8199-5de2b400a6ae}:1.9.8.1
FF - prefs.js..extensions.enabledItems: gmailthis@lazyrussian.com:2.2.9
FF - prefs.js..extensions.enabledItems: {A5C87640-F7CF-11DA-974D-0800200C9A66}:0.2.1
FF - prefs.js..extensions.enabledItems: searchsettings@spigot.com:1.2.3
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {5c8bfb7c-9a54-11dc-8314-0800200c9a66}:3.6.3
FF - prefs.js..keyword.URL: "http://redirecterror.sfr.fr/?q="

FF - user.js..keyword.URL: "http://redirecterror.sfr.fr/?q="

FF - HKLM\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2010-04-03 00:16:22 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.6\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2006-08-22 17:34:38 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.6\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2006-08-22 17:34:38 | 000,000,000 | ---D | M]

[2008-08-09 13:34:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Philippe\Application Data\Mozilla\Extensions
[2006-08-22 17:34:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Philippe\Application Data\Mozilla\Firefox\Profiles\4mriagw0.default\extensions
[2007-06-11 18:09:08 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Philippe\Application Data\Mozilla\Firefox\Profiles\4mriagw0.default\extensions\{0784CD66-62FE-4cef-ABF4-F8ED9B654ACC}
[2010-03-08 20:00:16 | 000,000,000 | ---D | M] (Radio France Toolbar) -- C:\Documents and Settings\Philippe\Application Data\Mozilla\Firefox\Profiles\4mriagw0.default\extensions\{1a2cd84f-2175-4ae8-bd60-ce0d04442b4f}
[2010-04-30 09:45:02 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Philippe\Application Data\Mozilla\Firefox\Profiles\4mriagw0.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010-02-28 20:28:02 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Documents and Settings\Philippe\Application Data\Mozilla\Firefox\Profiles\4mriagw0.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2010-04-04 15:40:54 | 000,000,000 | ---D | M] () -- C:\Documents and Settings\Philippe\Application Data\Mozilla\Firefox\Profiles\4mriagw0.default\extensions\{372765b9-6955-41a7-a0c9-062e4d323756}
[2009-10-15 21:14:26 | 000,000,000 | ---D | M] (PDF Download) -- C:\Documents and Settings\Philippe\Application Data\Mozilla\Firefox\Profiles\4mriagw0.default\extensions\{37E4D8EA-8BDA-4831-8EA1-89053939A250}
[2010-02-11 23:34:24 | 000,000,000 | ---D | M] (Aero Fox) -- C:\Documents and Settings\Philippe\Application Data\Mozilla\Firefox\Profiles\4mriagw0.default\extensions\{5c8bfb7c-9a54-11dc-8314-0800200c9a66}
[2010-01-23 15:38:04 | 000,000,000 | ---D | M] (CacheViewer) -- C:\Documents and Settings\Philippe\Application Data\Mozilla\Firefox\Profiles\4mriagw0.default\extensions\{71328583-3CA7-4809-B4BA-570A85818FBB}
[2009-02-10 22:13:50 | 000,000,000 | ---D | M] (Barre de confiance) -- C:\Documents and Settings\Philippe\Application Data\Mozilla\Firefox\Profiles\4mriagw0.default\extensions\{75493B06-1504-4976-9A55-B6FE240FF0BF}
[2009-06-03 20:23:06 | 000,000,000 | ---D | M] (IE Tab) -- C:\Documents and Settings\Philippe\Application Data\Mozilla\Firefox\Profiles\4mriagw0.default\extensions\{77b819fa-95ad-4f2c-ac7c-486b356188a9}
[2010-05-27 08:46:58 | 000,000,000 | ---D | M] (Mobile Barcoder) -- C:\Documents and Settings\Philippe\Application Data\Mozilla\Firefox\Profiles\4mriagw0.default\extensions\{A5C87640-F7CF-11DA-974D-0800200C9A66}
[2010-04-23 18:02:16 | 000,000,000 | ---D | M] (ReminderFox) -- C:\Documents and Settings\Philippe\Application Data\Mozilla\Firefox\Profiles\4mriagw0.default\extensions\{ada4b710-8346-4b82-8199-5de2b400a6ae}
[2008-06-17 23:30:52 | 000,000,000 | ---D | M] (MEDIADICO Familial) -- C:\Documents and Settings\Philippe\Application Data\Mozilla\Firefox\Profiles\4mriagw0.default\extensions\{b055c535-4a3a-11db-9659-00e08161165f}
[2010-04-23 18:02:06 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Documents and Settings\Philippe\Application Data\Mozilla\Firefox\Profiles\4mriagw0.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2010-04-23 18:00:38 | 000,000,000 | ---D | M] (Web Developer) -- C:\Documents and Settings\Philippe\Application Data\Mozilla\Firefox\Profiles\4mriagw0.default\extensions\{c45c406e-ab73-11d8-be73-000a95be3b12}
[2010-03-30 23:50:56 | 000,000,000 | ---D | M] (Fast Video Download (with SearchMenu)) -- C:\Documents and Settings\Philippe\Application Data\Mozilla\Firefox\Profiles\4mriagw0.default\extensions\{c50ca3c4-5656-43c2-a061-13e717f73fc8}
[2010-04-23 18:02:02 | 000,000,000 | ---D | M] (Download Statusbar) -- C:\Documents and Settings\Philippe\Application Data\Mozilla\Firefox\Profiles\4mriagw0.default\extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}
[2009-09-12 21:41:38 | 000,000,000 | ---D | M] (Adobe DLM (powered by getPlus(R))) -- C:\Documents and Settings\Philippe\Application Data\Mozilla\Firefox\Profiles\4mriagw0.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}
[2010-04-23 18:02:12 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Documents and Settings\Philippe\Application Data\Mozilla\Firefox\Profiles\4mriagw0.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
[2010-05-19 19:11:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Philippe\Application Data\Mozilla\Firefox\Profiles\4mriagw0.default\extensions\autopager@mozilla.org
[2010-05-19 19:11:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Philippe\Application Data\Mozilla\Firefox\Profiles\4mriagw0.default\extensions\bettergmail2@ginatrapani.org
[2008-02-19 19:39:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Philippe\Application Data\Mozilla\Firefox\Profiles\4mriagw0.default\extensions\en-AU@dictionaries.addons.mozilla.org
[2009-11-11 09:29:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Philippe\Application Data\Mozilla\Firefox\Profiles\4mriagw0.default\extensions\en-CA@dictionaries.addons.mozilla.org
[2006-12-19 21:28:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Philippe\Application Data\Mozilla\Firefox\Profiles\4mriagw0.default\extensions\en-GB@dictionaries.addons.mozilla.org
[2008-01-03 22:16:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Philippe\Application Data\Mozilla\Firefox\Profiles\4mriagw0.default\extensions\ffe_opaque_clrtabs@game-point.net
[2010-05-19 19:10:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Philippe\Application Data\Mozilla\Firefox\Profiles\4mriagw0.default\extensions\firebug@software.joehewitt.com
[2010-02-12 00:01:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Philippe\Application Data\Mozilla\Firefox\Profiles\4mriagw0.default\extensions\fr@dictionaries.addons.mozilla.org
[2010-02-12 00:01:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Philippe\Application Data\Mozilla\Firefox\Profiles\4mriagw0.default\extensions\fr-FR@dictionaries.addons.mozilla.org
[2010-04-04 15:40:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Philippe\Application Data\Mozilla\Firefox\Profiles\4mriagw0.default\extensions\gmailthis@lazyrussian.com
[2010-04-23 18:02:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Philippe\Application Data\Mozilla\Firefox\Profiles\4mriagw0.default\extensions\personas@christopher.beard
[2010-03-20 17:04:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Philippe\Application Data\Mozilla\Firefox\Profiles\4mriagw0.default\extensions\piclens@cooliris.com
[2008-12-14 22:24:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Philippe\Application Data\Mozilla\Firefox\Profiles\4mriagw0.default\extensions\rtmgmail@rememberthemilk.com
[2008-08-31 19:19:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Philippe\Application Data\Mozilla\Firefox\Profiles\4mriagw0.default\extensions\tagmarks@felipc.com
[2007-06-11 13:36:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Philippe\Application Data\Mozilla\Firefox\Profiles\4mriagw0.default\extensions\videodowloader@videodownloader.net
[2010-03-20 17:04:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Philippe\Application Data\Mozilla\Firefox\Profiles\4mriagw0.default\extensions\wikilook@testpilot
[2010-02-11 23:34:24 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Philippe\Application Data\Mozilla\Firefox\Profiles\4mriagw0.default\extensions\{5c8bfb7c-9a54-11dc-8314-0800200c9a66}\chrome\mac\browser\extensions
[2010-02-11 23:34:24 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Philippe\Application Data\Mozilla\Firefox\Profiles\4mriagw0.default\extensions\{5c8bfb7c-9a54-11dc-8314-0800200c9a66}\chrome\mac\mozapps\extensions
[2010-02-11 23:34:24 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Philippe\Application Data\Mozilla\Firefox\Profiles\4mriagw0.default\extensions\{5c8bfb7c-9a54-11dc-8314-0800200c9a66}\chrome\win\browser\extensions
[2010-02-11 23:34:24 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Philippe\Application Data\Mozilla\Firefox\Profiles\4mriagw0.default\extensions\{5c8bfb7c-9a54-11dc-8314-0800200c9a66}\chrome\win\mozapps\extensions
[2008-12-30 19:55:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Philippe\Application Data\Mozilla\Sunbird\Profiles\yi305cgi.default\extensions
[2008-11-17 08:51:24 | 000,005,179 | ---- | M] () -- C:\Documents and Settings\Philippe\Application Data\Mozilla\Firefox\Profiles\4mriagw0.default\searchplugins\BitTorrent.xml
[2009-05-27 23:24:12 | 000,001,571 | ---- | M] () -- C:\Documents and Settings\Philippe\Application Data\Mozilla\Firefox\Profiles\4mriagw0.default\searchplugins\Gdark.xml
[2009-07-30 20:32:04 | 000,002,375 | ---- | M] () -- C:\Documents and Settings\Philippe\Application Data\Mozilla\Firefox\Profiles\4mriagw0.default\searchplugins\Chercher Malin.xml
[2010-05-20 13:58:14 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2007-02-26 18:25:58 | 000,000,000 | ---D | M] (MSN Pictures Displayer) -- C:\Program Files\Mozilla Firefox\extensions\{0497D7FA-B45F-11DB-9DCC-3D3756D89593}
[2010-07-18 17:26:34 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2008-05-22 05:56:12 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\sotfone-tracker@sotfone.ru
[2006-10-10 22:57:38 | 000,049,152 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npbittorrent.dll
[2008-06-30 22:02:00 | 000,663,072 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Mozilla Firefox\plugins\npOGAPlugin.dll
[2005-12-05 22:31:00 | 000,114,688 | ---- | M] () -- C:\Program Files\Mozilla Firefox\plugins\npmozax.dll
[2010-04-12 17:29:20 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2010-04-01 19:07:30 | 000,001,516 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazon-france.xml
[2010-04-01 19:07:30 | 000,001,822 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\cnrtl-tlfi-fr.xml
[2010-04-01 19:07:30 | 000,000,757 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-france.xml
[2010-04-01 19:07:30 | 000,001,426 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-fr.xml
[2010-04-01 19:07:30 | 000,000,956 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-france.xml

O1 HOSTS File: ([2009-10-14 11:48:48 | 000,000,789 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Objet d'aide à la navigation SFR) - {0F6E720A-1A6B-40E1-A294-1D4D19F156C8} - C:\Program Files\Neuf\Kit\SFRNavErrorHelper.dll (SFR)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (no name) - {724d43a9-0d85-11d4-9908-00400523e39a} - No CLSID value found.
O2 - BHO: (Programme d'aide de l'Assistant de connexion Windows Live) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (SearchSettings Class) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\SearchSettings.dll (Spigot, Inc.)
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {31CF9EBE-5755-4A1D-AC25-2834D952D9B4} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {724D43A0-0D85-11D4-9908-00400523E39A} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No CLSID value found.
O4 - HKLM..\Run: [ABLKSR] C:\WINDOWS\ABLKSR\ABLKSR.EXE (ASYSTeK Computer INC.)
O4 - HKLM..\Run: [AppleSyncNotifier] C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleSyncNotifier.exe (Apple Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [HControl] C:\WINDOWS\ATK0100\HControl.exe ()
O4 - HKLM..\Run: [ISUSPM Startup] C:\Program Files\Fichiers communs\InstallShield\UpdateService\ISUSPM.exe (InstallShield Software Corporation)
O4 - HKLM..\Run: [ISUSScheduler] C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe (InstallShield Software Corporation)
O4 - HKLM..\Run: [iTunesHelper] H:\Programmes\iTunesHelper.exe File not found
O4 - HKLM..\Run: [Kernel and Hardware Abstraction Layer] C:\WINDOWS\KHALMNPR.Exe (Logitech, Inc.)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [Omnipage] C:\Program Files\ScanSoft\OmniPageSE\opware32.exe (ScanSoft, Inc)
O4 - HKLM..\Run: [Power_Gear] C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe (ASUSTeK Computer Inc.)
O4 - HKLM..\Run: [REGSHAVE] C:\Program Files\REGSHAVE\REGSHAVE.EXE (FUJI PHOTO FILM CO., LTD.)
O4 - HKLM..\Run: [SSBkgdUpdate] C:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [UserFaultCheck] File not found
O4 - HKCU..\Run: [FreeRAM XP] C:\Program Files\YourWare Solutions\FreeRAM XP Pro\FreeRAM XP Pro.exe (YourWare Solutions (TM))
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Info soft)
O4 - Startup: C:\Documents and Settings\Philippe\Menu Démarrer\Programmes\Démarrage\Dropbox.lnk = C:\Documents and Settings\Philippe\Application Data\Dropbox\bin\Dropbox.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFavoritesMenu = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMMyDocs = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMMyPictures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoStartMenuMyMusic = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRecentDocsNetHood = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSimpleStartMenu = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 227
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideLegacyLogonScripts = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideLogoffScripts = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: RunLogonScriptSync = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: RunStartupScriptSync = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideStartupScripts = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFavoritesMenu = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMMyDocs = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMMyPictures = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoStartMenuMyMusic = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRecentDocsNetHood = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoUserNameInStartMenu = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoStartMenuPinnedList = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ForceStartMenuLogoff = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSharedDocuments = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 177
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideLegacyLogonScripts = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideLogoffScripts = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: RunLogonScriptSync = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: RunStartupScriptSync = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideStartupScripts = 0
O8 - Extra context menu item: Add to &Evernote - C:\Program Files\Evernote\Evernote3.5\enbar.dll (Evernote Corporation)
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Download Video on This Page - C:\Program Files\Tomato\YouTube Video Downloader\IEPage.html ()
O8 - Extra context menu item: Download Video This Links To - C:\Program Files\Tomato\YouTube Video Downloader\IELink.html ()
O9 - Extra Button: Trace - {04849C74-016E-4a43-8AA5-1F01DE57F4A1} - Reg Error: Key error. File not found
O9 - Extra 'Tools' menuitem : VisualRoute Trace - {04849C74-016E-4a43-8AA5-1F01DE57F4A1} - Reg Error: Key error. File not found
O9 - Extra Button: Download Video - {11F19C45-9675-488A-A8E0-8E8234DC245D} - C:\Program Files\Tomato\YouTube Video Downloader\IEPage.html ()
O9 - Extra 'Tools' menuitem : Download Video on This Page - {11F19C45-9675-488A-A8E0-8E8234DC245D} - C:\Program Files\Tomato\YouTube Video Downloader\IEPage.html ()
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O9 - Extra Button: Add to Evernote - {E0B8C461-F8FB-49b4-8373-FE32E92528A6} - C:\Program Files\Evernote\Evernote3.5\enbar.dll (Evernote Corporation)
O9 - Extra 'Tools' menuitem : Add to Evernote - {E0B8C461-F8FB-49b4-8373-FE32E92528A6} - C:\Program Files\Evernote\Evernote3.5\enbar.dll (Evernote Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - Reg Error: Value error. File not found
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - Reg Error: Value error. File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} Reg Error: Value error. (Reg Error: Key error.)
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab (BDSCANONLINE Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_19)
O16 - DPF: {CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinsta ... s-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_19)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} Reg Error: Value error. (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\LBTWlgn: DllName - Reg Error: Value error. - Reg Error: Value error. File not found
O24 - Desktop Components:0 (Ma page d'accueil) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Philippe\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Philippe\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 0
O32 - AutoRun File - [2006-06-05 22:00:00 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ FAT32 ]
O33 - MountPoints2\{0657d734-32d3-11df-84d2-0013024a62be}\Shell\AutoRun\command - "" = F:\PenInkViewer\Viewer_for_Windows\PenInkViewer.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: AppMgmt - C:\WINDOWS\System32\appmgmts.dll File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: Wmi - C:\WINDOWS\System32\wmi.dll (Microsoft Corporation)
NetSvcs: WmdmPmSp - File not found

========== Files/Folders - Created Within 90 Days ==========

[2010-07-21 19:38:24 | 000,574,976 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Philippe\Bureau\OTL.scr
[2010-07-21 19:38:08 | 000,258,560 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Philippe\Bureau\OTH.scr
[2010-07-21 15:04:44 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Philippe\Recent
[2010-07-21 14:55:30 | 000,000,000 | -HSD | C] -- C:\FOUND.001
[2010-07-21 11:23:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Philippe\Bureau\tsc
[2010-07-21 11:20:28 | 001,870,896 | ---- | C] (Trend Micro Inc.) -- C:\Documents and Settings\Philippe\Bureau\HousecallLauncher.exe
[2010-07-20 20:17:10 | 000,000,000 | -HSD | C] -- C:\FOUND.000
[2010-07-20 13:30:17 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Philippe\Application Data\m
[2010-07-20 13:21:10 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Philippe\Application Data\drivers
[2010-07-19 21:36:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Philippe\Application Data\DiskAid
[2010-07-19 21:35:54 | 000,000,000 | ---D | C] -- C:\Program Files\DigiDNA
[2010-07-18 19:00:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Bureau
[2010-07-18 17:51:05 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2010-07-18 14:28:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\WindSolutions
[2010-07-18 14:07:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Philippe\Bureau\MyDocuments
[2010-07-03 20:36:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Philippe\Application Data\AVS4YOU
[2010-07-03 20:35:10 | 000,000,000 | ---D | C] -- C:\Program Files\Fichiers communs\AVSMedia
[2010-07-03 20:35:09 | 000,000,000 | ---D | C] -- C:\Program Files\AVS4YOU
[2010-07-03 20:35:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AVS4YOU
[2010-06-27 16:52:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Philippe\Local Settings\Application Data\Orange
[2010-06-27 16:43:54 | 000,094,208 | ---- | C] (Printing Communications Assoc., Inc. (PCAUSA)) -- C:\WINDOWS\System32\w32n50.dll
[2010-06-27 16:43:54 | 000,034,688 | ---- | C] (Printing Communications Assoc., Inc. (PCAUSA)) -- C:\WINDOWS\System32\pcampr5.sys
[2010-06-27 16:43:54 | 000,032,128 | ---- | C] (Printing Communications Assoc., Inc. (PCAUSA)) -- C:\WINDOWS\System32\pcandis5.sys
[2010-06-27 16:43:35 | 000,000,000 | ---D | C] -- C:\Program Files\Orange
[2010-06-27 16:42:16 | 000,000,000 | ---D | C] -- C:\Program Files\Fichiers communs\France Telecom
[2010-06-21 23:09:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Philippe\Local Settings\Application Data\Scansoft
[2010-06-21 20:56:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2010-06-21 20:56:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Philippe\Application Data\Nuance
[2010-06-21 20:50:19 | 000,000,000 | ---D | C] -- C:\Program Files\Fichiers communs\Nuance
[2010-06-21 20:48:54 | 000,000,000 | ---D | C] -- C:\Program Files\Nuance
[2010-06-21 20:48:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Nuance
[2010-06-19 11:54:43 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2010-06-14 22:36:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Philippe\Local Settings\Application Data\Evernote
[2010-06-14 22:35:30 | 000,000,000 | ---D | C] -- C:\Program Files\Evernote
[2010-06-12 11:53:45 | 000,018,816 | ---- | C] (Nokia) -- C:\WINDOWS\System32\drivers\pccsmcfd.sys
[2010-06-12 11:53:34 | 000,000,000 | ---D | C] -- C:\Program Files\PC Connectivity Solution
[2010-06-12 11:52:37 | 000,008,320 | ---- | C] (Nokia) -- C:\WINDOWS\System32\drivers\nmwcdnsuc.sys
[2010-06-12 11:52:36 | 000,137,344 | ---- | C] (Nokia) -- C:\WINDOWS\System32\drivers\nmwcdnsu.sys
[2010-06-12 11:52:34 | 000,008,192 | ---- | C] (Nokia) -- C:\WINDOWS\System32\drivers\usbser_lowerfltj.sys
[2010-06-12 11:52:32 | 000,008,192 | ---- | C] (Nokia) -- C:\WINDOWS\System32\drivers\usbser_lowerflt.sys
[2010-06-12 11:52:30 | 000,022,528 | ---- | C] (Nokia) -- C:\WINDOWS\System32\drivers\ccdcmbo.sys
[2010-06-12 11:52:26 | 000,662,016 | ---- | C] (Nokia) -- C:\WINDOWS\System32\nmwcdcocls.dll
[2010-06-12 11:52:26 | 000,018,176 | ---- | C] (Nokia) -- C:\WINDOWS\System32\drivers\ccdcmb.sys
[2010-06-08 20:03:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Philippe\Application Data\Power Sound Editor Free
[2010-06-08 20:03:10 | 001,986,560 | ---- | C] (NCT Company Ltd.) -- C:\WINDOWS\System32\NCTAudioFile2.dll
[2010-06-08 20:03:10 | 001,212,416 | ---- | C] (Online Media Technologies Ltd.) -- C:\WINDOWS\System32\NCTAudioInformation2.dll
[2010-06-08 20:03:10 | 000,602,112 | ---- | C] (Online Media Technologies Ltd.) -- C:\WINDOWS\System32\NCTAudioTransform2.dll
[2010-06-08 20:03:10 | 000,479,232 | ---- | C] (Online Media Technologies Ltd.) -- C:\WINDOWS\System32\NCTAudioVisualization2.dll
[2010-06-08 20:03:10 | 000,458,752 | ---- | C] (Online Media Technologies Ltd.) -- C:\WINDOWS\System32\NCTAudioRecord2.dll
[2010-06-08 20:03:10 | 000,458,752 | ---- | C] (Online Media Technologies Ltd.) -- C:\WINDOWS\System32\NCTAudioPlayer2.dll
[2010-06-08 20:03:10 | 000,417,792 | ---- | C] (Online Media Technologies Ltd.) -- C:\WINDOWS\System32\NCTTextToAudio2.dll
[2010-06-08 20:03:10 | 000,348,160 | ---- | C] (NCT Company Ltd.) -- C:\WINDOWS\System32\NCTWMAFile2.dll
[2010-06-08 20:03:09 | 000,880,640 | ---- | C] (Online Media Technologies Ltd.) -- C:\WINDOWS\System32\NCTAudioEditor2.dll
[2010-06-08 20:03:09 | 000,835,584 | ---- | C] (NCT) -- C:\WINDOWS\System32\NCTAudioCDGrabber2.dll
[2010-06-08 20:03:08 | 000,000,000 | ---D | C] -- C:\Program Files\Power Sound Editor Free
[2010-06-04 16:02:07 | 000,000,000 | ---D | C] -- C:\Program Files\Total Video Converter
[2010-05-21 07:07:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Philippe\Application Data\Search Settings
[2010-05-20 13:58:12 | 000,000,000 | ---D | C] -- C:\Program Files\Search Settings
[2010-05-20 13:58:01 | 000,000,000 | ---D | C] -- C:\Program Files\Application Updater
[2010-05-20 13:57:35 | 000,040,960 | ---- | C] (vbAccelerator) -- C:\WINDOWS\System32\SSubTmr6.dll
[2010-05-20 13:57:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Philippe\Application Data\FreeBurner
[2010-05-19 19:19:51 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Live
[2010-05-18 21:15:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Philippe\Application Data\FreeVideoConverter
[2010-05-15 20:38:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Philippe\Application Data\Hitivi
[2010-05-15 20:32:46 | 000,000,000 | ---D | C] -- C:\Program Files\Convertym Media Converter
[2010-05-13 21:06:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Philippe\Application Data\SharePod
[2010-05-12 20:33:56 | 000,000,000 | ---D | C] -- C:\Program Files\RocketDock
[2010-05-10 23:46:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Philippe\Application Data\Foxit Software
[2010-05-10 23:43:36 | 000,000,000 | ---D | C] -- C:\Program Files\Foxit Software
[2010-05-10 23:43:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Foxit Software
[2010-04-30 22:02:35 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Philippe\Mes documents\My Dropbox
[2010-04-30 21:58:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Philippe\Application Data\Dropbox
[2010-04-23 22:11:08 | 000,000,000 | -HSD | C] -- C:\WINDOWS\ftpcache
[2010-04-23 22:10:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Philippe\Application Data\Blumentals

========== Files - Modified Within 90 Days ==========

[2010-07-21 19:38:38 | 000,000,371 | ---- | M] () -- C:\Documents and Settings\Philippe\Bureau\scan.zip
[2010-07-21 19:38:26 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Philippe\Bureau\OTL.scr
[2010-07-21 19:38:10 | 000,258,560 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Philippe\Bureau\OTH.scr
[2010-07-21 19:30:08 | 000,001,054 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010-07-21 18:56:50 | 000,007,168 | ---- | M] () -- C:\WINDOWS\System32\srosa2.sys
[2010-07-21 18:56:04 | 000,193,994 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2010-07-21 18:55:50 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010-07-21 18:55:46 | 000,001,050 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010-07-21 18:55:46 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-3148158295-4140714283-3407515131-1005.job
[2010-07-21 18:53:36 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010-07-21 18:53:30 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010-07-21 18:53:22 | 2146,881,536 | -HS- | M] () -- C:\hiberfil.sys
[2010-07-21 15:04:52 | 014,942,208 | ---- | M] () -- C:\Documents and Settings\Philippe\ntuser.dat
[2010-07-21 11:28:04 | 000,000,284 | -HS- | M] () -- C:\Documents and Settings\Philippe\ntuser.ini
[2010-07-21 11:22:18 | 002,331,463 | ---- | M] () -- C:\Documents and Settings\Philippe\Bureau\tsc.zip
[2010-07-21 11:20:32 | 001,870,896 | ---- | M] (Trend Micro Inc.) -- C:\Documents and Settings\Philippe\Bureau\HousecallLauncher.exe
[2010-07-21 10:55:08 | 000,000,428 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{CDBB5654-9B23-4C30-A2A5-C4D62D6B5C11}.job
[2010-07-20 22:20:04 | 004,232,526 | -H-- | M] () -- C:\Documents and Settings\Philippe\Local Settings\Application Data\IconCache.db
[2010-07-20 21:12:06 | 000,001,208 | ---- | M] () -- C:\WINDOWS\win.ini
[2010-07-20 21:12:02 | 000,164,597 | ---- | M] () -- C:\Documents and Settings\Philippe\Mes documents\Save Compte.SAV.CM
[2010-07-20 20:08:28 | 000,000,036 | ---- | M] () -- C:\Documents and Settings\Philippe\Local Settings\Application Data\housecall.guid.cache
[2010-07-20 20:05:48 | 000,178,688 | ---- | M] () -- C:\Documents and Settings\Philippe\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010-07-20 19:30:24 | 000,071,268 | -H-- | M] () -- C:\WINDOWS\System32\mlfcache.dat
[2010-07-20 13:20:38 | 000,000,292 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-3148158295-4140714283-3407515131-1005.job
[2010-07-19 08:14:56 | 000,360,936 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010-07-18 19:30:04 | 000,098,824 | ---- | M] () -- C:\WINDOWS\System32\GDIPFONTCACHEV1.DAT
[2010-07-18 17:48:56 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2010-07-18 17:28:30 | 015,204,352 | ---- | M] () -- C:\Documents and Settings\Philippe\ntuser.bak
[2010-07-12 14:48:16 | 004,571,980 | ---- | M] () -- C:\Documents and Settings\Philippe\Bureau\dossier randos les croix.odt
[2010-07-03 20:57:54 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2010-07-01 23:37:10 | 000,000,262 | ---- | M] () -- C:\WINDOWS\tasks\Malwarebytes' Anti-Malware.job
[2010-07-01 11:03:18 | 000,025,713 | ---- | M] () -- C:\WINDOWS\CSTBox.INI
[2010-06-23 09:31:18 | 001,097,094 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010-06-23 09:31:18 | 000,528,396 | ---- | M] () -- C:\WINDOWS\System32\perfh00C.dat
[2010-06-23 09:31:18 | 000,437,384 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010-06-23 09:31:18 | 000,092,024 | ---- | M] () -- C:\WINDOWS\System32\perfc00C.dat
[2010-06-23 09:31:18 | 000,069,610 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010-06-21 22:52:26 | 000,000,760 | ---- | M] () -- C:\Documents and Settings\Philippe\Application Data\setup_ldm.iss
[2010-06-21 21:14:06 | 000,002,155 | ---- | M] () -- C:\Documents and Settings\Philippe\Application Data\SAS7_000.DAT
[2010-06-19 13:14:04 | 000,002,619 | ---- | M] () -- C:\WINDOWS\System32\mapisvc.inf
[2010-06-18 19:42:22 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010-06-12 12:20:34 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\Msft_User_PCCSWpdDriver_01_07_00.Wdf
[2010-06-12 12:20:26 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\MsftWdf_user_01_07_00.Wdf
[2010-06-12 12:10:26 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_ccdcmb_01009.Wdf
[2010-06-12 12:10:24 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\MsftWdf_Kernel_01009_Coinstaller_Critical.Wdf
[2010-05-29 22:37:42 | 000,279,160 | ---- | M] () -- C:\Documents and Settings\Philippe\Mes documents\bookmarks.html
[2010-05-29 18:25:16 | 000,002,191 | ---- | M] () -- C:\Documents and Settings\Philippe\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2010-05-13 20:51:06 | 000,000,111 | ---- | M] () -- C:\WINDOWS\cdplayer.ini
[2010-05-12 20:34:08 | 000,000,554 | ---- | M] () -- C:\Documents and Settings\Philippe\Bureau\RocketDock.lnk
[2010-05-10 23:46:02 | 010,216,904 | ---- | M] (Foxit Software) -- C:\Program Files\FoxitReader.exe
[2010-05-10 23:44:36 | 002,228,326 | ---- | M] (Foxit Software Company) -- C:\Program Files\Foxit_JS_ExObjects.dll
[2010-05-10 23:44:34 | 000,474,368 | ---- | M] (Foxit Software Company) -- C:\Program Files\fxdecod1.dll
[2010-04-30 22:02:36 | 000,000,911 | ---- | M] () -- C:\Documents and Settings\Philippe\Menu Démarrer\Programmes\Démarrage\Dropbox.lnk
[2010-04-29 15:39:38 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010-04-29 15:39:26 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010-04-23 17:42:48 | 000,001,524 | ---- | M] () -- C:\Documents and Settings\Philippe\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk

========== Files Created - No Company Name ==========

[2010-07-21 19:38:35 | 000,000,371 | ---- | C] () -- C:\Documents and Settings\Philippe\Bureau\scan.zip
[2010-07-21 11:22:17 | 002,331,463 | ---- | C] () -- C:\Documents and Settings\Philippe\Bureau\tsc.zip
[2010-07-20 21:11:57 | 000,164,597 | ---- | C] () -- C:\Documents and Settings\Philippe\Mes documents\Save Compte.SAV.CM
[2010-07-20 20:08:27 | 000,000,036 | ---- | C] () -- C:\Documents and Settings\Philippe\Local Settings\Application Data\housecall.guid.cache
[2010-07-20 13:23:23 | 000,007,168 | ---- | C] () -- C:\WINDOWS\System32\srosa2.sys
[2010-07-18 16:59:02 | 000,000,000 | -H-- | C] () -- C:\Documents and Settings\Philippe\ntuser.rhk.LOG
[2010-07-12 14:48:09 | 004,571,980 | ---- | C] () -- C:\Documents and Settings\Philippe\Bureau\dossier randos les croix.odt
[2010-06-29 08:40:03 | 000,183,776 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2010-06-21 21:14:04 | 000,002,155 | ---- | C] () -- C:\Documents and Settings\Philippe\Application Data\SAS7_000.DAT
[2010-06-12 12:20:33 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\Msft_User_PCCSWpdDriver_01_07_00.Wdf
[2010-06-12 12:20:25 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\MsftWdf_user_01_07_00.Wdf
[2010-06-12 12:10:24 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_ccdcmb_01009.Wdf
[2010-06-12 12:10:23 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\MsftWdf_Kernel_01009_Coinstaller_Critical.Wdf
[2010-06-08 20:03:10 | 000,113,486 | ---- | C] () -- C:\WINDOWS\System32\NCTWMAProfiles.prx
[2010-05-29 22:37:39 | 000,279,160 | ---- | C] () -- C:\Documents and Settings\Philippe\Mes documents\bookmarks.html
[2010-05-29 18:25:14 | 000,002,191 | ---- | C] () -- C:\Documents and Settings\Philippe\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2010-05-12 20:34:06 | 000,000,554 | ---- | C] () -- C:\Documents and Settings\Philippe\Bureau\RocketDock.lnk
[2010-05-12 17:23:01 | 000,001,656 | ---- | C] () -- C:\Documents and Settings\Philippe\Mes documents\CyberMUT.lnk
[2010-04-30 22:02:35 | 000,000,911 | ---- | C] () -- C:\Documents and Settings\Philippe\Menu Démarrer\Programmes\Démarrage\Dropbox.lnk
[2010-04-23 17:42:46 | 000,001,524 | ---- | C] () -- C:\Documents and Settings\Philippe\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2009-08-03 19:40:11 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\FsUsbExDevice.Dll
[2009-08-03 19:40:11 | 000,036,608 | ---- | C] () -- C:\WINDOWS\System32\FsUsbExDisk.Sys
[2009-03-31 21:30:18 | 000,168,448 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2009-03-31 21:30:14 | 000,795,648 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2009-03-31 21:30:14 | 000,130,048 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2009-03-31 21:30:13 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2009-03-31 21:30:10 | 000,067,584 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2009-03-31 21:30:10 | 000,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest
[2009-03-22 22:45:16 | 000,270,888 | R--- | C] () -- C:\WINDOWS\System32\drivers\SbFw.sys
[2008-10-07 09:13:30 | 000,197,912 | ---- | C] () -- C:\WINDOWS\System32\physxcudart_20.dll
[2008-10-07 09:13:22 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll
[2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll
[2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll
[2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll
[2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll
[2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll
[2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll
[2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll
[2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll
[2008-07-14 14:51:47 | 000,027,648 | ---- | C] () -- C:\WINDOWS\System32\AVSredirect.dll
[2008-06-21 04:54:54 | 000,066,600 | R--- | C] () -- C:\WINDOWS\System32\drivers\sbhips.sys
[2008-05-26 22:23:32 | 000,016,698 | ---- | C] () -- C:\WINDOWS\System32\gthrctr.ini
[2008-05-26 22:23:30 | 000,021,596 | ---- | C] () -- C:\WINDOWS\System32\idxcntrs.ini
[2008-05-26 22:23:28 | 000,016,036 | ---- | C] () -- C:\WINDOWS\System32\gsrvctr.ini
[2008-05-20 15:49:26 | 000,116,224 | ---- | C] () -- C:\WINDOWS\System32\pdfcmnnt.dll
[2008-05-06 18:23:58 | 000,032,825 | ---- | C] () -- C:\WINDOWS\Irremote.ini
[2008-05-06 18:23:39 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\dmcrypto.dll
[2008-05-06 18:19:57 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\PsisDecd.dll
[2008-02-14 23:08:11 | 000,000,023 | -HS- | C] () -- C:\WINDOWS\System32\ffbfec7_g.dll
[2008-02-07 20:42:14 | 000,025,713 | ---- | C] () -- C:\WINDOWS\CSTBox.INI
[2008-02-07 20:25:26 | 000,000,525 | ---- | C] () -- C:\WINDOWS\MAXLINK.INI
[2007-12-11 22:22:15 | 000,000,064 | ---- | C] () -- C:\WINDOWS\yesmessenger.ini
[2007-12-03 09:13:29 | 000,000,112 | ---- | C] () -- C:\WINDOWS\ActiveSkin.INI
[2007-10-25 17:26:10 | 000,005,632 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys
[2007-08-03 00:08:30 | 000,000,259 | ---- | C] () -- C:\WINDOWS\lgfwup.ini
[2007-06-14 19:52:24 | 000,000,040 | ---- | C] () -- C:\WINDOWS\NAVIGMA.INI
[2007-04-05 18:42:37 | 000,003,712 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2007-03-07 21:39:16 | 000,000,041 | ---- | C] () -- C:\WINDOWS\Crypkey.ini
[2007-03-07 21:39:13 | 000,028,518 | ---- | C] () -- C:\WINDOWS\System32\Ckldrv.sys
[2007-03-07 21:39:13 | 000,018,432 | ---- | C] () -- C:\WINDOWS\Setup_ck.dll
[2007-01-07 18:22:14 | 000,014,848 | ---- | C] () -- C:\WINDOWS\System32\BASSMOD.dll
[2006-11-22 22:44:01 | 000,000,111 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2006-11-19 14:17:00 | 000,000,371 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2006-11-03 15:15:34 | 000,000,708 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2006-11-03 15:15:33 | 000,000,122 | ---- | C] () -- C:\WINDOWS\mdm.ini
[2006-11-03 15:15:26 | 000,000,000 | ---- | C] () -- C:\WINDOWS\NSREX.INI
[2006-10-03 23:52:51 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2006-09-20 21:24:54 | 000,000,049 | ---- | C] () -- C:\WINDOWS\MobileDB_PC.ini
[2006-08-16 20:55:32 | 000,000,000 | ---- | C] () -- C:\WINDOWS\QuickInstall.INI
[2006-08-16 18:36:31 | 000,000,058 | ---- | C] () -- C:\WINDOWS\RTEDiag.INI
[2006-08-16 11:03:39 | 000,000,035 | ---- | C] () -- C:\WINDOWS\System32\RTELM.dll
[2006-08-12 22:26:55 | 000,000,048 | ---- | C] () -- C:\WINDOWS\FileNamesinQueue.ini
[2006-06-05 22:28:18 | 000,012,288 | ---- | C] () -- C:\WINDOWS\impborl.dll
[2006-06-05 22:03:40 | 000,000,829 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2006-06-05 16:30:24 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2006-01-02 21:16:32 | 000,000,010 | ---- | C] () -- C:\WINDOWS\System32\ABLKSR.ini
[2005-12-07 12:31:00 | 000,202,752 | R--- | C] () -- C:\WINDOWS\System32\CddbCdda.dll
[2005-11-21 10:51:00 | 001,724
genesis973
 
Messages: 36
Inscription: 21 Juil 2010, 10:03

Des "extras"

Messagede genesis973 » 21 Juil 2010, 20:30

Après plusieurs tentatives, j'ai réussi à obtenir un extras.txt que je te joins:


OTL Extras logfile created on: 2010-07-21 19:47:51 - Run 1
OTL by OldTimer - Version 3.2.9.0 Folder = C:\Documents and Settings\Philippe\Bureau
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.11)
Locale: 0000040C | Country: France | Language: FRA | Date Format: yyyy-MM-dd

2.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 79.00% Memory free
3.00 Gb Paging File | 3.00 Gb Available in Paging File | 92.00% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 54.83 Gb Total Space | 13.85 Gb Free Space | 25.26% Space Free | Partition Type: FAT32
Drive D: | 36.45 Gb Total Space | 36.44 Gb Free Space | 99.98% Space Free | Partition Type: FAT32
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: PHILIPPE_ELO
Current User Name: Philippe
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.hta [@ = ] -- Reg Error: Key error. File not found
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
http [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
https [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\WINDOWS\Tasks\explorer.exe" = C:\WINDOWS\Tasks\explorer.exe:*:Enabled:Explorer -- File not found

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Palm\HOTSYNC.EXE" = C:\Program Files\Palm\HOTSYNC.EXE:*:Enabled:HotSync® Manager Application -- File not found
"C:\Program Files\Messenger\MSMSGS.EXE" = C:\Program Files\Messenger\MSMSGS.EXE:*:Enabled:Windows Messenger -- File not found
"C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe" = C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe:*:Enabled:Sunbelt Kerio Firewall GUI -- File not found
"C:\Program Files\SmartFTP Client 2.0\SmartFTP.exe" = C:\Program Files\SmartFTP Client 2.0\SmartFTP.exe:*:Enabled:SmartFTP Client 2.0 -- File not found
"C:\Program Files\Skype\Phone\Skype.exe" = C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype -- File not found
"C:\Program Files\Winamp Remote\bin\Orb.exe" = C:\Program Files\Winamp Remote\bin\Orb.exe:*:Enabled:Orb -- File not found
"C:\Program Files\Winamp Remote\bin\OrbTray.exe" = C:\Program Files\Winamp Remote\bin\OrbTray.exe:*:Enabled:OrbTray -- File not found
"C:\Program Files\Winamp Remote\bin\OrbStreamerClient.exe" = C:\Program Files\Winamp Remote\bin\OrbStreamerClient.exe:*:Enabled:Orb Stream Client -- File not found
"C:\Program Files\Samsung\Samsung New PC Studio\npsasvr.exe" = C:\Program Files\Samsung\Samsung New PC Studio\npsasvr.exe:*:Enabled:KTF MUSIC AoD Server -- File not found
"C:\Program Files\Samsung\Samsung New PC Studio\npsvsvr.exe" = C:\Program Files\Samsung\Samsung New PC Studio\npsvsvr.exe:*:Enabled:KTF MUSIC VoD Server -- File not found
"C:\Documents and Settings\Philippe\Application Data\Dropbox\bin\Dropbox.exe" = C:\Documents and Settings\Philippe\Application Data\Dropbox\bin\Dropbox.exe:*:Enabled:Dropbox -- ()
"C:\Program Files\sfr\Media Center\httpd\httpd.exe" = C:\Program Files\sfr\Media Center\httpd\httpd.exe:172.16.255.0/255.255.255.0,192.168.1.0/255.255.255.0:Enabled:Serveur de partage Media Center (Player SFR) -- (Apache Software Foundation)
"H:\Programmes\iTunes.exe" = H:\Programmes\iTunes.exe:*:Enabled:iTunes -- File not found


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{09C468CA-2940-466A-AAE8-DCC0C6E9323C}" = Nokia Software Updater
"{0CB9668D-F979-4F31-B8B8-67FE90F929F8}" = Bonjour
"{0E2B0B41-7E08-4F9F-B21F-41C4133F43B7}" = mLogView
"{133742BA-6F46-4D3E-85AF-78631D9AD8B8}" = Installation Windows Live
"{17E2F183-BAC4-4D01-BD7A-59F781E17EFA}" = REALTEK PCIE NIC Driver
"{1B9B5B3B-28E7-4E59-A80D-D670AA984514}" = Nokia Connectivity Cable Driver
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = Multimedia Launcher
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Outil de téléchargement Windows Live
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{23FB368F-1399-4EAC-817C-4B83ECBE3D83}" = mProSafe
"{26A24AE4-039D-4CA4-87B4-2F83216019FF}" = Java(TM) 6 Update 19
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{3248F0A8-6813-11D6-A77B-00B0D0150090}" = J2SE Runtime Environment 5.0 Update 9
"{3248F0A8-6813-11D6-A77B-00B0D0160010}" = Java(TM) SE Runtime Environment 6 Update 1
"{3248F0A8-6813-11D6-A77B-00B0D0160020}" = Java(TM) 6 Update 2
"{3248F0A8-6813-11D6-A77B-00B0D0160030}" = Java(TM) 6 Update 3
"{3248F0A8-6813-11D6-A77B-00B0D0160050}" = Java(TM) 6 Update 5
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java(TM) 6 Update 7
"{350C940c-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3D9892BB-A751-4E48-ADC8-E4289956CE1D}" = QuickTime
"{3E9D596A-61D4-4239-BD19-2DB984D2A16F}" = mIWA
"{3F7924B9-D148-3141-87B1-68F36043A940}" = Microsoft .NET Framework 2.0 Service Pack 1 Language Pack - FRA
"{445B183D-F4F1-45C8-B9DB-F11355CA657B}" = Windows Live Messenger
"{4462AD13-F2AA-4CBD-9F95-293C38EED870}" = Power4 Gear
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A57592C-FF92-4083-97A9-92783BD5AFB4}" = BisonCam, NB Pro
"{4A5A427F-BA39-4BF0-9A47-9999FBE60C9F}" = Visual C++ Runtime for Dragon NaturallySpeaking
"{4F41AD68-89F2-4262-A32C-2F70B01FCE9E}" = Photorécit 3 pour Windows
"{511DF669-2930-30C0-8EB6-552887E29EC8}" = Microsoft .NET Framework 3.0 Service Pack 1 Language Pack - FRA
"{5490882C-6961-11D5-BAE5-00E0188E010B}" = FUJIFILM USB Driver
"{57A48477-92F0-4C1F-ADF9-4806C4EC3CF2}" = Nokia PC Suite
"{5B76AEA2-D4E5-3B55-B965-ACC36AE0EAFC}" = Microsoft .NET Framework 3.5 Language Pack - fra
"{5D26BF7B-BEF6-477D-8FC1-0C1C159B6364}_is1" = Quicksys RegDefrag 2.1
"{5F05C28D-DEA9-4AD6-A73A-064175988EAB}" = Search Settings v1.2.3
"{6179550A-3E7C-499E-BCC9-9E8113E0A285}" = LG ODD Auto Firmware Update
"{6249C22D-E6A8-407B-BA8B-40298848ED94}" = OmniPage SE
"{6378CFE7-D898-4C41-A7DD-4BB54ED80BB7}" = MyScript Notes for DANE-ELEC
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{69B040CC-E9B1-4769-950E-87786C9E16AD}" = OpenOffice.org 3.2
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6B36DEBF-27D0-4B1E-858D-D397091C6C7D}" = HP Precisionscan Pro 3.1
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{748F4870-8350-11D3-B0BF-080009FB4A19}" = HP Share-to-Web
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7AB3A249-FB81-416B-917A-A2A10E74C503}" = iTunes
"{7E84FAC8-C518-40F9-9807-7455301D6D25}" = SamsungConnectivityCableDriver
"{7F815C5F-D2A4-4173-B7C0-55A9D6F87E38}" = MobileMe Control Panel
"{82B1150E-9B37-49FC-83EB-D52197D900D0}" = Sunbelt Personal Firewall
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83F73CB1-7705-49D1-9852-84D839CA2A45}" = Wireless Console 2
"{85991ED2-010C-4930-96FA-52F43C2CE98A}" = Apple Mobile Device Support
"{8AAB4176-A747-493A-A42C-B63CFADFD8E3}" = NVIDIA PhysX
"{8B928BA1-EDEC-4227-A2DA-DD83026C36F5}" = mPfMgr
"{8C6BB412-D3A8-4AAE-A01B-35B681789D68}" = mHelp
"{90B0D222-8C21-4B35-9262-53B042F18AF9}" = mPfWiz
"{94658027-9F16-4509-BBD7-A59FE57C3023}" = mZConfig
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95120000-0122-040C-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9CC89556-3578-48DD-8408-04E66EBEF401}" = mXML
"{9F7AF7CD-E3D0-4C68-A3BA-C76C359B3AA8}" = LightScribe 1.4.105.1
"{A0F925BF-5C55-44C2-A4E7-5A4C59791C29}" = mDriver
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{B2D328BE-45AD-4D92-96F9-2151490A203E}" = Apple Application Support
"{B3B487E7-6171-4376-9074-B28082CEB504}" = Windows Live Call
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B502B428-3386-40A9-98DB-079AAB72E64F}" = mEoU
"{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = PowerProducer
"{B97CF5C3-0487-11D8-A36E-0050BAE317E1}" = DVD Solution
"{BAF78226-3200-4DB4-BE33-4D922A799840}" = Windows Presentation Foundation
"{BCE46757-7674-4416-BEDB-68205A60409E}" = CanoScan Toolbox 4.1
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{C514C594-23AA-4F13-A070-DB8BDB27594F}" = Windows Live Mail
"{C5667570-09EF-4776-857B-DDFD461405D5}" = Scrypto LuCipher Freeware
"{C964A549-C74A-11D3-B88A-00A0C9379093}" = CyberGestion
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D680C913-5955-469D-9D88-C1940F7506D6}" = RAW FILE CONVERTER LE
"{DCD22647-6D31-479D-8F97-16D0AA934D9E}" = PC Connectivity Solution
"{DCE8CD14-FBF5-4464-B9A4-E18E473546C7}" = Assistant de connexion Windows Live
"{DE10AB76-4756-4913-BE25-55D1C1051F9A}" = WinFlash
"{E2883E8F-472F-4fb0-9522-AC9BF37916A7}" = Adobe Download Manager
"{E7712E53-7A7F-46EB-AA13-70D5987D30F2}" = Dragon NaturallySpeaking 10
"{E81667C6-2856-46D6-ABEA-6A2F42166779}" = mCore
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0BFC7EF-9CF8-44EE-91B0-158884CD87C5}" = mMHouse
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F4F4F84E-804F-4E9A-84D7-C34283F0088F}" = RealUpgrade 1.0
"{F6090A17-0967-4A8A-B3C3-422A1B514D49}" = mDrWiFi
"{F761359C-9CED-45AE-9A51-9D6605CD55C4}" = Evernote
"{FA54AFB1-5745-4389-B8C1-9F7509672ED1}" = Utilitaire de configuration iPhone
"{FCA651F3-5BDA-4DDA-9E4A-5D87D6914CC4}" = mWlsSafe
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"0852D05415AB9A4F1EF451E342267F76C776ED2F" = Package de pilotes Windows - Nokia Modem (11/03/2006 6.82.0.1)
"0C5EDC3653FED5B121F464339EAC12534D253B25" = Windows Driver Package - Nokia Modem (02/15/2007 3.1)
"504244733D18C8F63FF584AEB290E3904E791693" = Package de pilotes Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"6194C28A8F62DD817EA1B918E6E46E806A21B452" = Package de pilotes Windows - MobileTop (sshpmdm) Modem (02/23/2007 2.5.0.0)
"65B6FE5418CE28F4D72543FB2D964C3CEC83F161" = Package de pilotes Windows - MobileTop (sshpusb) USB (02/23/2007 2.5.0.0)
"7-Zip" = 7-Zip 9.07 beta
"Adobe Flash Player ActiveX" = Adobe Flash Player ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Asus ChkMail" = Asus ChkMail
"Asus_A_Series_ScreenSaver" = Asus_A_Series_ScreenSaver
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"AVS Update Manager_is1" = AVS Update Manager 1.0
"AVS4YOU Software Navigator_is1" = AVS4YOU Software Navigator 1.3
"AVS4YOU Video Converter 6_is1" = AVS Video Converter 6
"BankPerfect" = BankPerfect 6.51
"CCleaner" = CCleaner
"CODACOD V2" = CODACOD V2
"Code du Travail_is1" = Code du Travail
"Data Access Objects (DAO) 3.5" = Data Access Objects (DAO) 3.5
"DivX Codec" = DivX Pro Codec
"DVD Audio Extractor_is1" = DVD Audio Extractor 4.0.2
"DVD Shrink_is1" = DVD Shrink 3.2
"Firefox Windows Media Player XPI" = Firefox Windows Media Player XPI
"FLVplayer" = FLV Player
"Foxit Creator" = Foxit Creator
"Free Mp3 Wma Converter_is1" = Free Mp3 Wma Converter V 1.6.2
"Freecom Backup Software_is1" = Freecom Backup Software 1.15
"Freecom Personal Media Suite_is1" = Freecom Personal Media Suite 2.24
"GMailFS" = GMail Drive Shell Extension
"HControl" = ATK0100 ACPI UTILITY
"ie7" = Windows Internet Explorer 7
"KLiteCodecPack_is1" = K-Lite Codec Pack 4.7.5 (Full)
"La Marmite du Chef_is1" = La Marmite du Chef 6.3.0
"LameACM" = Lame ACM MP3 Codec
"LHTTSFRF" = L&H TTS3000 Français
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 3.5 Language Pack - fra" = Module linguistique Microsoft .NET Framework 3.5 - fra
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"MozBackup_is1" = MozBackup 1.4.4
"Mozilla Firefox (3.6.6)" = Mozilla Firefox (3.6.6)
"Nero - Burning Rom!UninstallKey" = Nero OEM
"Nokia PC Suite" = Nokia PC Suite
"NoteSearch" = NoteSearch 1.6
"NVIDIA Drivers" = NVIDIA Drivers
"Picasa 3" = Picasa 3
"Power Sound Editor Free" = Power Sound Editor Free
"ProInst" = Logiciel Intel(R) PROSet/Wireless
"RealAlt_is1" = Real Alternative 1.8.0
"RealPlayer 12.0" = RealPlayer
"RocketDock_is1" = RocketDock 1.3.5
"SAMSUNG Mobile Composite Device" = SAMSUNG Mobile Composite Device Software
"SAMSUNG Mobile Modem" = SAMSUNG Mobile Modem Driver Set
"Samsung Mobile phone USB driver" = Samsung Mobile phone USB driver Software
"SAMSUNG Mobile USB Modem" = SAMSUNG Mobile USB Modem Software
"SAMSUNG Mobile USB Modem 1.0" = SAMSUNG Mobile USB Modem 1.0 Software
"SFR_Kit" = SFR - Kit de connexion
"SFR_Media Center" = SFR - Media Center
"ShockwaveFlash" = Adobe Flash Player 9 ActiveX
"SMSERIAL" = Motorola SM56 Data Fax Modem
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"SystemRequirementsLab" = System Requirements Lab
"Wdf01009" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"WinGTK-2_is1" = GTK+ 2.8.18-1 runtime environment
"WinLiveSuite_Wave3" = Installation Windows Live
"Wudf01007" = Microsoft User-Mode Driver Framework Feature Pack 1.7
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0
"YouTube Video Downloader_is1" = YouTube Video Downloader 2.2.0

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox
"Google Chrome" = Google Chrome

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 2010-07-20 15:43:39 | Computer Name = PHILIPPE_ELO | Source = Windows Search Service | ID = 3058
Description = Impossible d'initialiser l'application. Contexte : Application Windows

Détails
: Impossible de lire l'index du contenu. (0xc0041800)

Error - 2010-07-21 04:52:25 | Computer Name = PHILIPPE_ELO | Source = Windows Search Service | ID = 7040
Description = Le service de recherche a détecté des fichiers de données corrompus
dans l’index. Le service tentera de corriger automatiquement ce problème en recréant
l’index. Contexte : Application Windows, Catalogue SystemIndex Détails : 0xc0041801
(0xc0041801)

Error - 2010-07-21 04:52:25 | Computer Name = PHILIPPE_ELO | Source = Windows Search Service | ID = 3029
Description = Impossible d'initialiser le plug-in dans <Search>. Contexte
: Application Windows, Catalogue SystemIndex Détails : Impossible de lire l'index
du contenu. (0xc0041800)

Error - 2010-07-21 04:52:25 | Computer Name = PHILIPPE_ELO | Source = Windows Search Service | ID = 3028
Description = Impossible d'initialiser l'objet rassembleur. Contexte : Application
Windows, Catalogue SystemIndex Détails : Impossible de lire l'index du contenu.
(0xc0041800)

Error - 2010-07-21 04:52:25 | Computer Name = PHILIPPE_ELO | Source = Windows Search Service | ID = 3058
Description = Impossible d'initialiser l'application. Contexte : Application Windows

Détails
: Impossible de lire l'index du contenu. (0xc0041800)

Error - 2010-07-21 05:30:12 | Computer Name = PHILIPPE_ELO | Source = Google Update | ID = 20
Description =

Error - 2010-07-21 06:30:05 | Computer Name = PHILIPPE_ELO | Source = Google Update | ID = 20
Description =

Error - 2010-07-21 07:30:05 | Computer Name = PHILIPPE_ELO | Source = Google Update | ID = 20
Description =

Error - 2010-07-21 08:30:05 | Computer Name = PHILIPPE_ELO | Source = Google Update | ID = 20
Description =

Error - 2010-07-21 13:30:05 | Computer Name = PHILIPPE_ELO | Source = Google Update | ID = 20
Description =

[ System Events ]
Error - 2010-07-21 13:47:08 | Computer Name = PHILIPPE_ELO | Source = Service Control Manager | ID = 7034
Description = Le service Intel(R) PROSet/Wireless Event Log s'est terminé de façon
inattendue pour la 1ème fois.

Error - 2010-07-21 13:47:08 | Computer Name = PHILIPPE_ELO | Source = Service Control Manager | ID = 7031
Description = Le service Apple Mobile Device s'est terminé de manière inattendue.
Ceci s'est produit 1 fois. L'action corrective suivante va être effectuée dans
60000 millisecondes : Redémarrer le service.

Error - 2010-07-21 13:47:08 | Computer Name = PHILIPPE_ELO | Source = Service Control Manager | ID = 7034
Description = Le service Intel(R) PROSet/Wireless Service s'est terminé de façon
inattendue pour la 1ème fois.

Error - 2010-07-21 13:47:09 | Computer Name = PHILIPPE_ELO | Source = Service Control Manager | ID = 7034
Description = Le service Application Updater s'est terminé de façon inattendue pour
la 1ème fois.

Error - 2010-07-21 13:47:09 | Computer Name = PHILIPPE_ELO | Source = Service Control Manager | ID = 7034
Description = Le service Service Bonjour s'est terminé de façon inattendue pour
la 1ème fois.

Error - 2010-07-21 13:47:09 | Computer Name = PHILIPPE_ELO | Source = Service Control Manager | ID = 7034
Description = Le service Crypkey License s'est terminé de façon inattendue pour
la 1ème fois.

Error - 2010-07-21 13:47:09 | Computer Name = PHILIPPE_ELO | Source = Service Control Manager | ID = 7034
Description = Le service LightScribeService Direct Disc Labeling Service s'est terminé
de façon inattendue pour la 1ème fois.

Error - 2010-07-21 13:47:09 | Computer Name = PHILIPPE_ELO | Source = Service Control Manager | ID = 7034
Description = Le service Java Quick Starter s'est terminé de façon inattendue pour
la 1ème fois.

Error - 2010-07-21 13:47:09 | Computer Name = PHILIPPE_ELO | Source = Service Control Manager | ID = 7034
Description = Le service NVIDIA Display Driver Service s'est terminé de façon inattendue
pour la 1ème fois.

Error - 2010-07-21 13:47:09 | Computer Name = PHILIPPE_ELO | Source = Service Control Manager | ID = 7034
Description = Le service Intel(R) PROSet/Wireless Registry Service s'est terminé
de façon inattendue pour la 1ème fois.


<End>
genesis973
 
Messages: 36
Inscription: 21 Juil 2010, 10:03

Messagede nickW » 21 Juil 2010, 23:53

Bonsoir,

genesis973 a écrit:Voiçi le seul fichier que j'ai pû obtenir (pas de Extras .txt)
OTL logfile created on: 2010-07-21 19:47:51 - Run 1

Ce rapport OTL.Txt est incomplet!
Peux-tu envoyer ce qui est situé après
========== Files Created - No Company Name ==========



genesis973 a écrit:Après plusieurs tentatives, j'ai réussi à obtenir un extras.txt que je te joins:
OTL Extras logfile created on: 2010-07-21 19:47:51 - Run 1

Bizarre ce "Après plusieurs tentatives", puisque le fichier Extras.Txt a été créé à la même heure que le fichier OTL.Txt, lors de la 1ère exécution de OTL.



Nouvelle recherche:


Note préliminaire importante
FindyKill est détecté par certains antivirus comme étant un RiskTool (outil à risque).
Ceci est exact puisque certains de ses composants, s'ils étaient mis entre de mauvaises mains, pourraient effectuer des actions dangereuses.
Dans le cas de FindyKill, il faut les laisser s'exécuter, et, si nécessaire, désactiver temporairement les programmes de protection en temps réel (lors du téléchargement et de l'exécution de l'outil).
Par exemple, il est indispensable d'arrêter la protection en temps réel d'Avira Antivir, Dr.Web et Kaspersky Anti-Virus.



Étape 1: Pas de processus de surveillance en temps réel
Désactiver TeaTimer de Spybot-S&D.
Dans la SysBarre (zone située juste à gauche de l'horloge) faire un clic droit sur l'icône du Résident de Spybot-S&D et choisir "Quitter Résident de Spybot-S&D".
Lancer Spybot-S&D, Mode avancé, Outils, Résident, décocher la case située devant TeaTimer. Fermer Spybot-S&D.
Faire redémarrer le PC.
Note:
Il ne faut pas réactiver TeaTimer avant la fin du nettoyage du PC (je te dirai quand et comment le faire).


Étape 2: FindyKill (de El Desaparecido), téléchargement
Télécharger FindyKill.exe via un clic droit (suivi de Enregistrer sous....) sur l'un des deux liens ci-dessous:
http://pagesperso-orange.fr/NosTools/Ch ... /Setup.exe
http://findykill.changelog.fr/Setup.exe

Enregistrer ce fichier sur le Bureau.


Étape 3: FindyKill (de El Desaparecido), recherche
Brancher les périphériques de stockage externes (clé USB, disque dur externe, etc...).

Faire un double clic sur Setup.exe situé sur le Bureau.

Choisir la langue française en tapant F et valider en appuyant sur la touche Entrée
Image

Sur le menu principal, choisir l'option 1 (Recherche) et valider en appuyant sur la touche Entrée.
Image

Les icônes du Bureau et le Menu Démarrer vont disparaître: c'est normal.
Lorsque la recherche est terminée, appuyer sur une touche pour provoquer l'ouverture d'une fenêtre du Bloc-notes contenant le résultat de l'analyse. Fermer le Bloc-notes.


Étape 4: Résultat
Envoyer en réponse:
*- le rapport de FindyKill (contenu du fichier SystemDrive\FindyKill.txt).
[SystemDrive représente la partition sur laquelle est installé le système, généralement C:]

A suivre,
nickW - Image
30/07/2012: Plus de désinfection de PC jusqu'à nouvel ordre.
Pas de demande d'analyse de log en MP (Message Privé)
Mes configs
Avatar de l’utilisateur
nickW
Modérateur
 
Messages: 21698
Inscription: 20 Mai 2004, 17:41
Localisation: Dordogne/Île de France

La fin du fichier

Messagede genesis973 » 22 Juil 2010, 06:53

Bonjour,

Voilà la fin du fichier. Concernant "l'extra", je ne l'avais peut'être pas vu, pourtant il n'y avait pas grand monde sur le bureau.
J'applique le reste de la procédure en retrant du boulot ce soir.
Merci pour ta patience
Bonne journée




========== Files Created - No Company Name ==========

[2010-07-21 19:38:35 | 000,000,371 | ---- | C] () -- C:\Documents and Settings\Philippe\Bureau\scan.zip
[2010-07-21 11:22:17 | 002,331,463 | ---- | C] () -- C:\Documents and Settings\Philippe\Bureau\tsc.zip
[2010-07-20 21:11:57 | 000,164,597 | ---- | C] () -- C:\Documents and Settings\Philippe\Mes documents\Save Compte.SAV.CM
[2010-07-20 20:08:27 | 000,000,036 | ---- | C] () -- C:\Documents and Settings\Philippe\Local Settings\Application Data\housecall.guid.cache
[2010-07-20 13:23:23 | 000,007,168 | ---- | C] () -- C:\WINDOWS\System32\srosa2.sys
[2010-07-18 16:59:02 | 000,000,000 | -H-- | C] () -- C:\Documents and Settings\Philippe\ntuser.rhk.LOG
[2010-07-12 14:48:09 | 004,571,980 | ---- | C] () -- C:\Documents and Settings\Philippe\Bureau\dossier randos les croix.odt
[2010-06-29 08:40:03 | 000,183,776 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2010-06-21 21:14:04 | 000,002,155 | ---- | C] () -- C:\Documents and Settings\Philippe\Application Data\SAS7_000.DAT
[2009-08-03 19:40:11 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\FsUsbExDevice.Dll
[2009-08-03 19:40:11 | 000,036,608 | ---- | C] () -- C:\WINDOWS\System32\FsUsbExDisk.Sys
[2009-03-31 21:30:18 | 000,168,448 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2009-03-31 21:30:14 | 000,795,648 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2009-03-31 21:30:14 | 000,130,048 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2009-03-31 21:30:13 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2009-03-31 21:30:10 | 000,067,584 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2009-03-31 21:30:10 | 000,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest
[2009-03-22 22:45:16 | 000,270,888 | R--- | C] () -- C:\WINDOWS\System32\drivers\SbFw.sys
[2008-10-07 09:13:30 | 000,197,912 | ---- | C] () -- C:\WINDOWS\System32\physxcudart_20.dll
[2008-10-07 09:13:22 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll
[2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll
[2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll
[2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll
[2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll
[2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll
[2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll
[2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll
[2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll
[2008-07-14 14:51:47 | 000,027,648 | ---- | C] () -- C:\WINDOWS\System32\AVSredirect.dll
[2008-06-21 04:54:54 | 000,066,600 | R--- | C] () -- C:\WINDOWS\System32\drivers\sbhips.sys
[2008-05-26 22:23:32 | 000,016,698 | ---- | C] () -- C:\WINDOWS\System32\gthrctr.ini
[2008-05-26 22:23:30 | 000,021,596 | ---- | C] () -- C:\WINDOWS\System32\idxcntrs.ini
[2008-05-26 22:23:28 | 000,016,036 | ---- | C] () -- C:\WINDOWS\System32\gsrvctr.ini
[2008-05-20 15:49:26 | 000,116,224 | ---- | C] () -- C:\WINDOWS\System32\pdfcmnnt.dll
[2008-05-06 18:23:58 | 000,032,825 | ---- | C] () -- C:\WINDOWS\Irremote.ini
[2008-05-06 18:23:39 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\dmcrypto.dll
[2008-05-06 18:19:57 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\PsisDecd.dll
[2008-02-14 23:08:11 | 000,000,023 | -HS- | C] () -- C:\WINDOWS\System32\ffbfec7_g.dll
[2008-02-07 20:42:14 | 000,025,713 | ---- | C] () -- C:\WINDOWS\CSTBox.INI
[2008-02-07 20:25:26 | 000,000,525 | ---- | C] () -- C:\WINDOWS\MAXLINK.INI
[2007-12-11 22:22:15 | 000,000,064 | ---- | C] () -- C:\WINDOWS\yesmessenger.ini
[2007-12-03 09:13:29 | 000,000,112 | ---- | C] () -- C:\WINDOWS\ActiveSkin.INI
[2007-10-25 17:26:10 | 000,005,632 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys
[2007-08-03 00:08:30 | 000,000,259 | ---- | C] () -- C:\WINDOWS\lgfwup.ini
[2007-06-14 19:52:24 | 000,000,040 | ---- | C] () -- C:\WINDOWS\NAVIGMA.INI
[2007-04-05 18:42:37 | 000,003,712 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2007-03-07 21:39:16 | 000,000,041 | ---- | C] () -- C:\WINDOWS\Crypkey.ini
[2007-03-07 21:39:13 | 000,028,518 | ---- | C] () -- C:\WINDOWS\System32\Ckldrv.sys
[2007-03-07 21:39:13 | 000,018,432 | ---- | C] () -- C:\WINDOWS\Setup_ck.dll
[2007-01-07 18:22:14 | 000,014,848 | ---- | C] () -- C:\WINDOWS\System32\BASSMOD.dll
[2006-11-22 22:44:01 | 000,000,111 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2006-11-19 14:17:00 | 000,000,371 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2006-11-03 15:15:34 | 000,000,708 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2006-11-03 15:15:33 | 000,000,122 | ---- | C] () -- C:\WINDOWS\mdm.ini
[2006-11-03 15:15:26 | 000,000,000 | ---- | C] () -- C:\WINDOWS\NSREX.INI
[2006-10-03 23:52:51 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2006-09-20 21:24:54 | 000,000,049 | ---- | C] () -- C:\WINDOWS\MobileDB_PC.ini
[2006-08-16 20:55:32 | 000,000,000 | ---- | C] () -- C:\WINDOWS\QuickInstall.INI
[2006-08-16 18:36:31 | 000,000,058 | ---- | C] () -- C:\WINDOWS\RTEDiag.INI
[2006-08-16 11:03:39 | 000,000,035 | ---- | C] () -- C:\WINDOWS\System32\RTELM.dll
[2006-08-12 22:26:55 | 000,000,048 | ---- | C] () -- C:\WINDOWS\FileNamesinQueue.ini
[2006-06-05 22:28:18 | 000,012,288 | ---- | C] () -- C:\WINDOWS\impborl.dll
[2006-06-05 22:03:40 | 000,000,829 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2006-06-05 16:30:24 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2006-01-02 21:16:32 | 000,000,010 | ---- | C] () -- C:\WINDOWS\System32\ABLKSR.ini
[2005-12-07 12:31:00 | 000,202,752 | R--- | C] () -- C:\WINDOWS\System32\CddbCdda.dll
[2005-11-21 10:51:00 | 001,724,416 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2005-11-21 10:51:00 | 001,507,328 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2005-11-21 10:51:00 | 001,101,824 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2005-11-21 10:51:00 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2005-05-26 19:12:00 | 000,065,536 | ---- | C] () -- C:\WINDOWS\sm56spn.dll
[2005-05-26 19:12:00 | 000,065,536 | ---- | C] () -- C:\WINDOWS\sm56itl.dll
[2005-05-26 19:12:00 | 000,065,536 | ---- | C] () -- C:\WINDOWS\sm56ger.dll
[2005-05-26 19:12:00 | 000,065,536 | ---- | C] () -- C:\WINDOWS\sm56fra.dll
[2005-05-26 19:12:00 | 000,065,536 | ---- | C] () -- C:\WINDOWS\sm56eng.dll
[2005-05-26 19:12:00 | 000,065,536 | ---- | C] () -- C:\WINDOWS\sm56brz.dll
[2005-05-26 19:12:00 | 000,049,152 | ---- | C] () -- C:\WINDOWS\sm56jpn.dll
[2005-05-26 19:12:00 | 000,045,056 | ---- | C] () -- C:\WINDOWS\sm56cht.dll
[2005-05-26 19:12:00 | 000,045,056 | ---- | C] () -- C:\WINDOWS\sm56chs.dll
[2005-03-14 14:38:28 | 000,000,469 | ---- | C] () -- C:\WINDOWS\bdoscandellang.ini
[2005-02-17 10:07:48 | 000,005,632 | ---- | C] () -- C:\WINDOWS\System32\drivers\ATKACPI.sys
[2004-09-20 17:49:44 | 000,007,424 | ---- | C] () -- C:\WINDOWS\System32\drivers\MMIOPORT.SYS
[2004-09-20 17:49:44 | 000,002,538 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2003-09-22 01:49:36 | 000,015,190 | R--- | C] () -- C:\WINDOWS\M2000Twn.ini
[2000-04-14 16:50:02 | 000,343,040 | ---- | C] () -- C:\WINDOWS\System32\Lffpx7.dll
[1998-06-11 14:08:06 | 000,095,232 | ---- | C] () -- C:\WINDOWS\System32\Lfkodak.dll
[1997-11-19 00:00:00 | 000,022,016 | ---- | C] () -- C:\WINDOWS\System32\DOCOBJ.DLL
[1997-11-19 00:00:00 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\HLINKPRX.DLL

========== Custom Scans ==========


<SYSTEMDRIVE>
[2001-05-24 12:59:30 | 000,162,304 | ---- | M] () -- C:\UNWISE.EXE
[2008-11-26 21:39:28 | 000,335,646 | ---- | M] () -- C:\full_setup.exe


<MD5>
[2004-08-05 14:00:00 | 018,779,217 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2008-10-22 20:19:16 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
[2004-08-05 14:00:00 | 018,779,217 | ---- | M] () .cab file -- C:\WINDOWS\I386\sp2.cab:AGP440.sys
[2008-10-22 20:19:16 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys
[2008-04-13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008-04-13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys

<MD5>
[2004-08-05 14:00:00 | 018,779,217 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2008-10-22 20:19:16 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2004-08-05 14:00:00 | 018,779,217 | ---- | M] () .cab file -- C:\WINDOWS\I386\sp2.cab:atapi.sys
[2008-10-22 20:19:16 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008-04-13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008-04-13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004-08-05 14:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0006\DriverFiles\i386\atapi.sys

<MD5>
[2008-04-14 04:33:24 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=4EC800BDF80521B0207BD2301DFC7D14 -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008-04-14 04:33:24 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=4EC800BDF80521B0207BD2301DFC7D14 -- C:\WINDOWS\system32\eventlog.dll

<MD5>
[2008-04-14 04:33:34 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=04821179C3171554C1BD1F9888A113E2 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2008-04-14 04:33:34 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=04821179C3171554C1BD1F9888A113E2 -- C:\WINDOWS\system32\netlogon.dll

<MD5>
[2008-04-14 04:33:40 | 000,187,392 | ---- | M] (Microsoft Corporation) MD5=973B36634C544948C663E8269AA1B3A3 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008-04-14 04:33:40 | 000,187,392 | ---- | M] (Microsoft Corporation) MD5=973B36634C544948C663E8269AA1B3A3 -- C:\WINDOWS\system32\scecli.dll

<systemroot>

<systemroot>

<systemroot>
<End>
genesis973
 
Messages: 36
Inscription: 21 Juil 2010, 10:03

Report Findy.Kill

Messagede genesis973 » 22 Juil 2010, 07:00

C'était beaucoup plus rapide que je ne le pensais, voiçi donc le report.
Pour ton info, je n'ai pas eu à stopper SpyBoot car depuis mon problème, plus aucun programme de protection (anti-virus, anti-malwares etc..) ne fonctionne.

A+





############################## | FindyKill V5.045 |

# User : Philippe (Administrateurs) # PHILIPPE_ELO
# Update on 23/06/2010 by El Desaparecido
# Start at: 07:56:29 | 2010-07-22
# Website : http://pagesperso-orange.fr/NosTools/index.html
# Contact : FindyKill.Contact@gmail.com

# Genuine Intel(R) CPU T2300 @ 1.66GHz
# Microsoft Windows XP Édition familiale (5.1.2600 32-bit) # Service Pack 3
# Internet Explorer 7.0.5730.11
# Windows Firewall Status : Enabled
# AV : AntiVir Desktop 9.0.1.32 [ Enabled | Updated ]
# FW : Sunbelt Personal Firewall[ Enabled ]4.6.1861 T

# C:\ # Disque fixe local # 54.83 Go (16.8 Go free) # FAT32
# D:\ # Disque fixe local # 36.45 Go (36.44 Go free) # FAT32
# E:\ # Disque CD-ROM
# G:\ # Disque amovible
# H:\ # Disque fixe local # 465.65 Go (322.39 Go free) [FREECOM HDD] # FAT32
# J:\ # Disque CD-ROM

############################## | Processus infectieux stoppés |

"C:\Documents and Settings\Philippe\Application Data\drivers\winupgro.exe" (2208)
"C:\WINDOWS\wintems.exe" (2568)
"C:\Documents and Settings\Philippe\Application Data\m\flec006.exe" (1616)

################## | Eléments infectieux |

C:\WINDOWS\ban_list.txt
C:\WINDOWS\mdelk.exe
C:\WINDOWS\wintems.exe
C:\WINDOWS\system32\srosa2.sys
C:\WINDOWS\system32\wfsintwq.sys
C:\Documents and Settings\Philippe\Application Data\drivers
C:\Documents and Settings\Philippe\Application Data\drivers\downld
C:\Documents and Settings\Philippe\Application Data\drivers\winupgro.exe
C:\Documents and Settings\Philippe\Application Data\m
C:\Documents and Settings\Philippe\Application Data\m\data.oct
C:\Documents and Settings\Philippe\Application Data\m\flec006.exe
C:\Documents and Settings\Philippe\Application Data\m\list.oct
C:\Documents and Settings\Philippe\Application Data\m\srvlist.oct
C:\Documents and Settings\Philippe\Application Data\m\shared

################## | Registre |

[HKLM\SYSTEM\CurrentControlSet\Services\sK9Ou0s]
[HKLM\SYSTEM\ControlSet001\Services\sK9Ou0s]
[HKLM\SYSTEM\ControlSet003\Services\sK9Ou0s]
[HKLM\SYSTEM\CurrentControlSet\Services\srosa]
[HKLM\SYSTEM\ControlSet001\Services\srosa]
[HKLM\SYSTEM\ControlSet003\Services\srosa]
[HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SK9OU0S]
[HKLM\SYSTEM\ControlSet001\Enum\Root\LEGACY_SK9OU0S]
[HKLM\SYSTEM\ControlSet003\Enum\Root\LEGACY_SK9OU0S]
[HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SROSA]
[HKLM\SYSTEM\ControlSet001\Enum\Root\LEGACY_SROSA]
[HKCU\Software\bisoft]
[HKCU\Software\DateTime4]
[HKCU\Software\MuleAppData]
[HKCU\Software\WS4001]
[HKCR\ed2k]
[HKCU\Software\Classes\ed2k]
[HKCU\Software\Microsoft\Windows\CurrentVersion\Run] "drvsyskit"
[HKU\S-1-5-21-3148158295-4140714283-3407515131-1005\Software\Microsoft\Windows\CurrentVersion\Run] "drvsyskit"
[HKCU\Software\Microsoft\Windows\CurrentVersion\Run] "german.exe"
[HKU\S-1-5-21-3148158295-4140714283-3407515131-1005\Software\Microsoft\Windows\CurrentVersion\Run] "german.exe"
[HKCU\Software\Microsoft\Windows\CurrentVersion\Run] "mule_st_key"
[HKU\S-1-5-21-3148158295-4140714283-3407515131-1005\Software\Microsoft\Windows\CurrentVersion\Run] "mule_st_key"
[HKU\S-1-5-21-3148158295-4140714283-3407515131-1005\Software\bisoft]
[HKU\S-1-5-21-3148158295-4140714283-3407515131-1005\Software\DateTime4]
[HKU\S-1-5-21-3148158295-4140714283-3407515131-1005\Software\MuleAppData]
[HKCU\Software\Local AppWizard-Generated Applications\winupgro]
[HKU\S-1-5-21-3148158295-4140714283-3407515131-1005\Software\Local AppWizard-Generated Applications\winupgro]

################## | Etat |

# Affichage des fichiers cachés : OK

Clé manquante : HKLM\...\SafeBoot | Mode sans echec non fonctionnel !

# Ndisuio -> Start = 3 ( Good = 3 | Bad = 4 )
# EapHost -> Start = 2 ( Good = 2 | Bad = 4 )
# (!) Ip6Fw -> Start = 4 ( Good = 2 | Bad = 4 )
# (!) SharedAccess -> Start = 4 ( Good = 2 | Bad = 4 )
# (!) wuauserv -> Start = 4 ( Good = 2 | Bad = 4 )
# (!) wscsvc -> Start = 4 ( Good = 2 | Bad = 4 )

################## | ! Fin du rapport # FindyKill V5.045 ! |
genesis973
 
Messages: 36
Inscription: 21 Juil 2010, 10:03

Suivante

Retourner vers Sécurité (Contamination - Décontamination)

Qui est en ligne

Utilisateurs parcourant ce forum: Aucun utilisateur enregistré et 7 invités