uh, sorry, I can use program as an administtrator, I just didn't right-clic on the .exe... sorry...
I'll do it again... thanks for comprehension...
for Rooter:
Rooter.exe (v1.0.2) by Eric_71
.
SeDebugPrivilege granted successfully ...
.
Windows Vista Home Edition (6.0.6001) Service Pack 1
[32_bits] - x86 Family 6 Model 14 Stepping 12, GenuineIntel
.
[wscsvc] (Security Center) RUNNING (state:4)
[MpsSvc] RUNNING (state:4)
Windows Firewall -> Enabled
Windows Defender -> Enabled
User Account Control (UAC) -> Disabled !
.
Internet Explorer 8.0.6001.18783
Mozilla Firefox 3.5 (fr)
.
C:\ [Fixed-NTFS] .. ( Total:96 Go - Free:40 Go )
D:\ [Fixed-NTFS] .. ( Total:6 Go - Free:2 Go )
E:\ [CD_Rom]
F:\ [Removable]
H:\ [Fixed-FAT32] .. ( Total:232 Go - Free:23 Go )
.
Scan : 21:53.39
Path : C:\Users\cam et Axel\Desktop\Sécurité\Rooter.exe
User : cam et Axel ( Administrator -> YES )
.
----------------------\\ Processes
.
Locked [System Process] (0)
Locked System (4)
______ \SystemRoot\System32\smss.exe (436)
______ C:\Windows\system32\csrss.exe (512)
______ C:\Windows\system32\wininit.exe (548)
______ C:\Windows\system32\csrss.exe (568)
______ C:\Windows\system32\services.exe (604)
______ C:\Windows\system32\lsass.exe (620)
______ C:\Windows\system32\lsm.exe (628)
______ C:\Windows\system32\winlogon.exe (780)
______ C:\Windows\system32\svchost.exe (812)
______ C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe (880)
______ C:\Windows\system32\svchost.exe (932)
Locked cmdagent.exe (1004)
______ C:\Windows\system32\svchost.exe (1068)
______ C:\Windows\System32\svchost.exe (1108)
______ C:\Windows\System32\svchost.exe (1180)
______ C:\Windows\System32\svchost.exe (1208)
______ C:\Windows\system32\svchost.exe (1220)
Locked audiodg.exe (1304)
______ C:\Windows\system32\svchost.exe (1332)
______ C:\Windows\system32\SLsvc.exe (1348)
______ C:\Windows\system32\svchost.exe (1412)
______ C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe (1640)
______ C:\Windows\system32\WLANExt.exe (1648)
______ C:\Windows\System32\spoolsv.exe (1800)
______ C:\Program Files\Avira\AntiVir Desktop\sched.exe (1836)
______ C:\Windows\system32\svchost.exe (1848)
______ C:\Windows\system32\agrsmsvc.exe (284)
______ C:\Program Files\Avira\AntiVir Desktop\avguard.exe (380)
______ C:\Windows\system32\svchost.exe (500)
______ C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (820)
______ C:\Windows\system32\svchost.exe (1544)
______ C:\Windows\system32\TODDSrv.exe (1600)
______ C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe (768)
______ C:\Windows\System32\svchost.exe (2100)
______ C:\Windows\system32\SearchIndexer.exe (2168)
______ C:\Windows\system32\wbem\unsecapp.exe (2660)
______ C:\Windows\system32\wbem\wmiprvse.exe (2800)
______ C:\Windows\system32\taskeng.exe (3224)
______ C:\Windows\system32\Dwm.exe (2844)
______ C:\Windows\system32\taskeng.exe (2240)
______ C:\Windows\Explorer.EXE (3056)
______ C:\Program Files\Windows Defender\MSASCui.exe (3524)
______ C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe (3468)
______ C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe (3632)
______ C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe (3496)
______ C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe (3644)
______ C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (3200)
Locked cfp.exe (3680)
______ C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (3184)
______ C:\Windows\System32\igfxtray.exe (3592)
______ C:\Windows\System32\hkcmd.exe (3332)
______ C:\Windows\System32\igfxpers.exe (2380)
______ C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe (3872)
______ C:\Program Files\Windows Sidebar\sidebar.exe (3088)
______ C:\Program Files\ltmoh\ltmoh.exe (3880)
______ C:\Windows\ehome\ehtray.exe (2412)
______ C:\Program Files\Skype\Phone\Skype.exe (2300)
______ C:\Program Files\Windows Live\Messenger\msnmsgr.exe (2896)
______ C:\Windows\system32\igfxsrvc.exe (2256)
______ C:\Program Files\Camera Assistant Software for Toshiba\CEC_MAIN.exe (3276)
______ C:\Windows\system32\WUDFHost.exe (3300)
______ C:\Windows\ehome\ehmsas.exe (2284)
______ C:\Program Files\Synaptics\SynTP\SynToshiba.exe (1052)
______ C:\Program Files\Windows Sidebar\sidebar.exe (4356)
______ C:\Program Files\Skype\Plugin Manager\skypePM.exe (4884)
______ C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (5636)
______ C:\Windows\system32\conime.exe (5648)
______ C:\Program Files\Winamp\winamp.exe (2864)
______ C:\Program Files\Internet Explorer\iexplore.exe (4568)
______ C:\Program Files\Windows Live\Toolbar\wltuser.exe (4492)
______ C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (808)
______ C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe (556)
______ C:\Users\cam et Axel\Desktop\Sécurité\OTL.exe (4800)
______ C:\Program Files\Internet Explorer\iexplore.exe (6016)
______ C:\Users\cam et Axel\Desktop\Sécurité\OTL.exe (4308)
______ C:\Program Files\Internet Explorer\iexplore.exe (4200)
______ C:\Windows\system32\SearchProtocolHost.exe (5064)
______ C:\Windows\system32\SearchFilterHost.exe (1116)
______ C:\Users\cam et Axel\Desktop\Sécurité\Rooter.exe (5404)
.
----------------------\\ Device\Harddisk0\
.
\Device\Harddisk0 [Sectors : 63 x 512 Bytes]
.
\Device\Harddisk0\Partition1 (Start_Offset:1048576 | Length:1572864000)
\Device\Harddisk0\Partition2 --[ MBR ]-- (Start_Offset:1573912576 | Length:103504936960)
\Device\Harddisk0\Partition3 (Start_Offset:105078849536 | Length:7825522688)
\Device\Harddisk0\Partition0 (Start_Offset:112908418560 | Length:7114867200)
\Device\Harddisk0\Partition4 (Start_Offset:112908450816 | Length:7114834944)
.
----------------------\\ Scheduled Tasks
.
C:\Windows\Tasks\Ad-Aware Update (Weekly).job
C:\Windows\Tasks\Driver Robot.job
C:\Windows\Tasks\DriverCure.job
C:\Windows\Tasks\ParetoLogic Update Version2.job
C:\Windows\Tasks\SA.DAT
C:\Windows\Tasks\SCHEDLGU.TXT
C:\Windows\Tasks\User_Feed_Synchronization-{42C4E31F-7980-4CAF-9C65-BC128CED30F0}.job
.
----------------------\\ Registry
.
.
----------------------\\ Files & Folders
.
----------------------\\ Scan completed at 21:53.47
.
C:\Rooter$\Rooter_2.txt - (19/07/2009 | 21:53.47)
and for OTL:
OTL.txt
OTL logfile created on: 19/07/2009 9:52:57 PM - Run 2
OTL by OldTimer - Version 3.0.9.2 Folder = C:\Users\cam et Axel\Desktop\Sécurité
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18783)
Locale: 00001009 | Country: Canada | Language: ENC | Date Format: dd/MM/yyyy
1.49 Gb Total Physical Memory | 0.62 Gb Available Physical Memory | 41.42% Memory free
3.23 Gb Paging File | 1.53 Gb Available in Paging File | 47.29% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 96.40 Gb Total Space | 40.61 Gb Free Space | 42.13% Space Free | Partition Type: NTFS
Drive D: | 6.63 Gb Total Space | 2.49 Gb Free Space | 37.59% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
Drive F: | 1.92 Gb Total Space | 0.68 Gb Free Space | 35.70% Space Free | Partition Type: FAT32
G: Drive not present or media not loaded
Drive H: | 232.83 Gb Total Space | 23.89 Gb Free Space | 10.26% Space Free | Partition Type: FAT32
I: Drive not present or media not loaded
Computer Name: ORDIDECAMETAXEL
Current User Name: cam et Axel
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
========== Processes (SafeList) ========== PRC - [2008/01/05 07:21:53 | 00,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
PRC - [2009/07/05 08:35:20 | 00,707,152 | ---- | M] (COMODO) -- C:\Program Files\COMODO\Firewall\cmdagent.exe
PRC - [2009/07/07 07:18:01 | 01,029,456 | ---- | M] (Lavasoft) -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
PRC - [2009/07/13 20:29:11 | 00,108,289 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2006/10/04 21:10:12 | 00,009,216 | ---- | M] (Agere Systems) -- C:\Windows\System32\agrsmsvc.exe
PRC - [2009/07/13 20:29:11 | 00,185,089 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2009/05/19 11:36:18 | 00,240,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
PRC - [2006/05/25 18:30:16 | 00,114,688 | ---- | M] (TOSHIBA Corporation) -- C:\Windows\System32\TODDSrv.exe
PRC - [2007/10/11 18:02:38 | 00,431,456 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
PRC - [2008/01/19 03:33:33 | 00,037,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\unsecapp.exe
PRC - [2009/03/02 22:16:04 | 00,247,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\wmiprvse.exe
PRC - [2008/10/29 02:29:41 | 02,927,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\Explorer.EXE
PRC - [2008/01/19 03:38:38 | 01,008,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe
PRC - [2007/05/22 10:50:02 | 00,413,696 | ---- | M] (Chicony) -- C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe
PRC - [2007/10/11 18:02:56 | 00,431,456 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
PRC - [2007/06/15 21:01:58 | 00,448,080 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe
PRC - [2007/10/11 14:02:02 | 00,712,704 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
PRC - [2009/03/20 07:36:38 | 01,451,304 | ---- | M] (Synaptics Incorporated) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
PRC - [2009/07/05 08:35:51 | 01,793,808 | ---- | M] (COMODO) -- C:\Program Files\COMODO\Firewall\cfp.exe
PRC - [2009/03/02 13:08:11 | 00,209,153 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2008/06/18 14:01:34 | 00,141,848 | ---- | M] (Intel Corporation) -- C:\Windows\System32\igfxtray.exe
PRC - [2008/06/18 14:01:26 | 00,166,424 | ---- | M] (Intel Corporation) -- C:\Windows\System32\hkcmd.exe
PRC - [2008/06/18 14:01:30 | 00,133,656 | ---- | M] (Intel Corporation) -- C:\Windows\System32\igfxpers.exe
PRC - [2009/07/07 07:18:02 | 00,520,024 | ---- | M] (Lavasoft) -- C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
PRC - [2008/01/19 03:33:30 | 01,233,920 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Sidebar\sidebar.exe
PRC - [2007/01/08 23:23:04 | 00,191,552 | ---- | M] (Agere Systems) -- C:\Program Files\ltmoh\ltmoh.exe
PRC - [2008/01/19 03:33:09 | 00,125,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehtray.exe
PRC - [2009/05/26 19:41:16 | 24,264,488 | R--- | M] (Skype Technologies S.A.) -- C:\Program Files\Skype\Phone\Skype.exe
PRC - [2009/02/06 18:51:28 | 03,885,408 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe
PRC - [2008/06/18 14:01:32 | 00,256,536 | ---- | M] (Intel Corporation) -- C:\Windows\System32\igfxsrvc.exe
PRC - [2007/07/19 16:27:18 | 04,765,184 | ---- | M] () -- C:\Program Files\Camera Assistant Software for Toshiba\CEC_MAIN.exe
PRC - [2008/01/19 03:33:40 | 00,142,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WUDFHost.exe
PRC - [2008/01/19 03:33:09 | 00,037,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehmsas.exe
PRC - [2009/03/20 07:36:58 | 00,210,216 | ---- | M] (Synaptics Incorporated) -- C:\Program Files\Synaptics\SynTP\SynToshiba.exe
PRC - [2008/01/19 03:33:30 | 01,233,920 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Sidebar\sidebar.exe
PRC - [2009/05/26 19:41:16 | 00,077,360 | R--- | M] (Skype Technologies) -- C:\Program Files\Skype\Plugin Manager\skypePM.exe
PRC - [2009/03/20 07:36:38 | 00,103,720 | ---- | M] (Synaptics Incorporated) -- C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
PRC - [2008/01/19 03:33:04 | 00,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conime.exe
PRC - [2009/07/01 12:38:40 | 01,481,056 | ---- | M] (Nullsoft) -- C:\Program Files\Winamp\winamp.exe
PRC - [2009/03/08 17:09:24 | 00,638,816 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Internet Explorer\iexplore.exe
PRC - [2009/02/06 18:21:00 | 00,224,632 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Toolbar\wltuser.exe
PRC - [2008/05/23 21:57:55 | 00,068,856 | ---- | M] (Google Inc.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
PRC - [2008/01/05 07:21:39 | 00,864,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
PRC - [2009/07/18 20:05:30 | 00,513,536 | ---- | M] (OldTimer Tools) -- C:\Users\cam et Axel\Desktop\Sécurité\OTL.exe
PRC - [2009/03/08 17:09:24 | 00,638,816 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Internet Explorer\iexplore.exe
PRC - [2009/07/18 20:05:30 | 00,513,536 | ---- | M] (OldTimer Tools) -- C:\Users\cam et Axel\Desktop\Sécurité\OTL.exe
PRC - [2009/03/08 17:09:24 | 00,638,816 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Internet Explorer\iexplore.exe
========== Win32 Services (SafeList) ========== SRV - [2008/06/24 18:25:55 | 00,072,704 | ---- | M] (Adobe Systems) -- C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe -- (Adobe LM Service [On_Demand | Stopped])
SRV - [2006/10/04 21:10:12 | 00,009,216 | ---- | M] (Agere Systems) -- C:\Windows\System32\agrsmsvc.exe -- (AgereModemAudio [Auto | Running])
SRV - [2009/07/13 20:29:11 | 00,108,289 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService [Auto | Running])
SRV - [2009/07/13 20:29:11 | 00,185,089 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService [Auto | Running])
SRV - [2008/05/28 20:12:12 | 00,069,120 | ---- | M] (BOONTY) -- C:\Program Files\Common Files\BOONTY Shared\Service\Boonty.exe -- (Boonty Games [Disabled | Stopped])
SRV - [2008/01/05 07:26:41 | 00,070,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32 [On_Demand | Stopped])
SRV - [2009/07/05 08:35:20 | 00,707,152 | ---- | M] (COMODO) -- C:\Program Files\COMODO\Firewall\cmdagent.exe -- (cmdAgent [Auto | Running])
SRV - [2008/01/19 03:33:09 | 00,292,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehRecvr.exe -- (ehRecvr [On_Demand | Stopped])
SRV - [2006/11/02 08:35:29 | 00,131,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehsched.exe -- (ehSched [On_Demand | Stopped])
SRV - [2006/11/02 08:35:29 | 00,013,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehstart.dll -- (ehstart [Auto | Stopped])
SRV - [2008/01/19 03:36:53 | 01,013,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wevtsvc.dll -- (Eventlog [Auto | Running])
SRV - [2008/01/05 07:21:53 | 00,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe -- (FontCache3.0.0.0 [Auto | Running])
SRV - [2009/05/18 08:32:56 | 00,183,280 | ---- | M] (Google) -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc [On_Demand | Stopped])
SRV - [2008/01/05 07:21:39 | 00,864,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe -- (idsvc [Unknown | Running])
SRV - [2009/07/07 07:18:01 | 01,029,456 | ---- | M] (Lavasoft) -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service [Auto | Running])
SRV - [2008/01/05 07:21:39 | 00,122,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing [Disabled | Stopped])
SRV - [2006/02/20 04:13:54 | 00,145,088 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose [On_Demand | Stopped])
SRV - [2009/05/19 11:36:18 | 00,240,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe -- (SeaPort [Auto | Running])
SRV - [2006/05/25 18:30:16 | 00,114,688 | ---- | M] (TOSHIBA Corporation) -- C:\Windows\System32\TODDSrv.exe -- (TODDSrv [Auto | Running])
SRV - [2007/10/11 18:02:38 | 00,431,456 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe -- (TosCoSrv [Auto | Running])
SRV - [2008/01/19 03:38:24 | 00,272,952 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend [Auto | Running])
SRV - [2008/01/19 03:33:39 | 00,896,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc [On_Demand | Stopped])
========== Driver Services (SafeList) ========== DRV - [2006/11/02 05:51:38 | 00,420,968 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx [Disabled | Stopped])
DRV - [2006/11/02 05:51:32 | 00,297,576 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci [Disabled | Stopped])
DRV - [2006/11/02 05:50:35 | 00,098,408 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m [Disabled | Stopped])
DRV - [2006/11/02 05:51:00 | 00,147,048 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320 [Disabled | Stopped])
DRV - [2006/11/28 00:11:00 | 01,161,888 | ---- | M] (Agere Systems) -- C:\Windows\System32\DRIVERS\AGRSM.sys -- (AgereSoftModem [On_Demand | Running])
DRV - [2006/11/02 05:50:11 | 00,071,272 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx [Disabled | Stopped])
DRV - [2006/11/02 05:49:20 | 00,014,952 | ---- | M] (Acer Laboratories Inc.) -- C:\Windows\system32\drivers\aliide.sys -- (aliide [Disabled | Stopped])
DRV - [2006/11/02 05:50:09 | 00,067,688 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\arc.sys -- (arc [Disabled | Stopped])
DRV - [2006/11/02 05:50:10 | 00,067,688 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas [Disabled | Stopped])
DRV - [2009/02/17 20:01:34 | 01,093,632 | ---- | M] (Atheros Communications, Inc.) -- C:\Windows\System32\DRIVERS\athr.sys -- (athr [On_Demand | Running])
DRV - [2009/02/13 12:34:33 | 00,011,608 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys -- (avgio [System | Running])
DRV - [2009/03/24 16:07:58 | 00,055,640 | ---- | M] (Avira GmbH) -- C:\Windows\System32\DRIVERS\avgntflt.sys -- (avgntflt [Auto | Running])
DRV - [2009/03/30 10:32:47 | 00,096,104 | ---- | M] (Avira GmbH) -- C:\Windows\System32\DRIVERS\avipbb.sys -- (avipbb [System | Running])
DRV - [2006/11/02 04:24:45 | 00,013,568 | ---- | M] (Brother Industries, Ltd.) -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo [On_Demand | Stopped])
DRV - [2006/11/02 04:24:46 | 00,005,248 | ---- | M] (Brother Industries, Ltd.) -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp [On_Demand | Stopped])
DRV - [2006/11/02 04:25:24 | 00,071,808 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\system32\drivers\brserid.sys -- (Brserid [Disabled | Stopped])
DRV - [2006/11/02 04:24:44 | 00,062,336 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm [Disabled | Stopped])
DRV - [2006/11/02 04:24:44 | 00,012,160 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm [Disabled | Stopped])
DRV - [2006/11/02 04:24:47 | 00,011,904 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer [On_Demand | Stopped])
DRV - [2009/07/07 20:17:47 | 00,128,888 | ---- | M] (COMODO) -- C:\Windows\System32\DRIVERS\cmdguard.sys -- (cmdGuard [System | Running])
DRV - [2009/07/05 08:36:54 | 00,029,520 | ---- | M] (COMODO) -- C:\Windows\System32\DRIVERS\cmdhlp.sys -- (cmdHlp [System | Running])
DRV - [2006/11/02 05:49:28 | 00,016,488 | ---- | M] (CMD Technology, Inc.) -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide [Disabled | Stopped])
DRV - [2008/06/10 22:38:57 | 00,018,816 | ---- | M] (RIF) -- C:\Windows\System32\DRIVERS\dvd43llh.sys -- (dvd43llh [On_Demand | Running])
DRV - [2006/11/02 03:30:54 | 00,117,760 | ---- | M] (Intel Corporation) -- C:\Windows\System32\DRIVERS\E1G60I32.sys -- (E1G60 [On_Demand | Stopped])
DRV - [2006/11/02 05:51:34 | 00,316,520 | ---- | M] (Emulex) -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor [Disabled | Stopped])
DRV - [2007/03/08 18:18:00 | 00,008,320 | ---- | M] (GARMIN Corp.) -- C:\Windows\System32\drivers\grmnusb.sys -- (grmnusb [On_Demand | Stopped])
DRV - [2006/11/02 05:50:10 | 00,037,480 | ---- | M] (Hewlett-Packard Company) -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs [Disabled | Stopped])
DRV - [2008/06/18 13:38:20 | 02,307,584 | ---- | M] (Intel Corporation) -- C:\Windows\System32\DRIVERS\igdkmd32.sys -- (ialm [On_Demand | Stopped])
DRV - [2006/11/02 05:51:25 | 00,232,040 | ---- | M] (Intel Corporation) -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV [Disabled | Stopped])
DRV - [2008/06/18 13:38:20 | 02,307,584 | ---- | M] (Intel Corporation) -- C:\Windows\System32\DRIVERS\igdkmd32.sys -- (igfx [On_Demand | Running])
DRV - [2006/11/02 05:50:17 | 00,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp [Disabled | Stopped])
DRV - [2009/07/05 08:39:25 | 00,074,328 | ---- | M] (COMODO) -- C:\Windows\System32\DRIVERS\inspect.sys -- (inspect [System | Running])
DRV - [2006/11/02 05:50:07 | 00,035,944 | ---- | M] (Integrated Technology Express, Inc.) -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi [Disabled | Stopped])
DRV - [2006/11/02 05:50:09 | 00,035,944 | ---- | M] (Integrated Technology Express, Inc.) -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid [Disabled | Stopped])
DRV - [2009/07/07 07:18:13 | 00,064,160 | ---- | M] (Lavasoft AB) -- C:\Windows\system32\DRIVERS\Lbd.sys -- (Lbd [Boot | Running])
DRV - [2006/07/28 16:25:26 | 00,019,456 | ---- | M] (COMPAL ELECTRONIC INC.) -- C:\Windows\system32\DRIVERS\LPCFilter.sys -- (LPCFilter [Boot | Running])
DRV - [2006/11/02 05:50:04 | 00,065,640 | ---- | M] (LSI Logic) -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC [Disabled | Stopped])
DRV - [2006/11/02 05:50:05 | 00,065,640 | ---- | M] (LSI Logic) -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS [Disabled | Stopped])
DRV - [2006/11/02 05:50:10 | 00,065,640 | ---- | M] (LSI Logic) -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI [Disabled | Stopped])
DRV - [2006/11/02 05:49:53 | 00,028,776 | ---- | M] (LSI Logic Corporation) -- C:\Windows\system32\drivers\megasas.sys -- (megasas [Disabled | Stopped])
DRV - [2006/11/02 05:49:59 | 00,033,384 | ---- | M] (LSI Logic Corporation) -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x [Disabled | Stopped])
DRV - [2008/06/23 19:17:12 | 00,027,136 | ---- | M] (NCH Swift Sound) -- C:\Windows\System32\drivers\nchssvad.sys -- (NCHSSVAD [On_Demand | Stopped])
DRV - [2006/11/02 05:50:19 | 00,045,160 | ---- | M] (IBM Corporation) -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960 [Disabled | Stopped])
DRV - [2006/11/02 03:36:50 | 00,020,608 | ---- | M] (N-trig Innovative Technologies) -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi [Disabled | Stopped])
DRV - [2006/11/02 05:50:24 | 00,088,680 | ---- | M] (NVIDIA Corporation) -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid [Disabled | Stopped])
DRV - [2006/11/02 05:50:13 | 00,040,040 | ---- | M] (NVIDIA Corporation) -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor [Disabled | Stopped])
DRV - [2006/11/02 05:51:45 | 00,900,712 | ---- | M] (QLogic Corporation) -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300 [Disabled | Stopped])
DRV - [2006/11/02 05:50:35 | 00,106,088 | ---- | M] (QLogic Corporation) -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx [Disabled | Stopped])
DRV - [2009/05/25 14:50:44 | 00,164,864 | ---- | M] (Realtek ) -- C:\Windows\System32\DRIVERS\Rtlh86.sys -- (RTL8169 [On_Demand | Running])
DRV - [2006/11/02 02:37:21 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\Windows\System32\drivers\secdrv.sys -- (secdrv [Auto | Running])
DRV - [2005/01/14 12:14:07 | 00,047,616 | ---- | M] (Protection Technology) -- C:\Windows\System32\drivers\sfdrv01.sys -- (sfdrv01 [Boot | Stopped])
DRV - [2004/10/28 06:47:59 | 00,006,656 | ---- | M] (Protection Technology) -- C:\Windows\System32\drivers\sfhlp02.sys -- (sfhlp02 [Boot | Running])
DRV - [2004/12/03 06:20:41 | 00,020,544 | ---- | M] (Protection Technology) -- C:\Windows\System32\drivers\sfsync02.sys -- (sfsync02 [Boot | Running])
DRV - [2006/11/02 05:50:10 | 00,038,504 | ---- | M] (Silicon Integrated Systems Corp.) -- C:\Windows\system32\drivers\sisraid2.sys -- (SiSRaid2 [Disabled | Stopped])
DRV - [2006/11/02 05:50:16 | 00,071,784 | ---- | M] (Silicon Integrated Systems) -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4 [Disabled | Stopped])
DRV - [2008/05/28 20:10:42 | 00,716,272 | ---- | M] () -- C:\Windows\System32\Drivers\sptd.sys -- (sptd [Boot | Running])
DRV - [2009/07/13 20:29:11 | 00,028,520 | ---- | M] (Avira GmbH) -- C:\Windows\System32\DRIVERS\ssmdrv.sys -- (ssmdrv [System | Running])
DRV - [2006/11/02 05:50:05 | 00,035,944 | ---- | M] (LSI Logic) -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx [Disabled | Stopped])
DRV - [2006/11/02 05:49:56 | 00,031,848 | ---- | M] (LSI Logic) -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi [Disabled | Stopped])
DRV - [2006/11/02 05:50:03 | 00,034,920 | ---- | M] (LSI Logic) -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3 [Disabled | Stopped])
DRV - [2009/03/20 07:37:42 | 00,208,688 | ---- | M] (Synaptics Incorporated) -- C:\Windows\System32\DRIVERS\SynTP.sys -- (SynTP [On_Demand | Running])
DRV - [2006/10/18 11:50:04 | 00,016,128 | ---- | M] (TOSHIBA Corporation.) -- C:\Windows\System32\DRIVERS\tdcmdpst.sys -- (tdcmdpst [On_Demand | Running])
DRV - [2007/11/09 05:00:52 | 00,023,640 | ---- | M] (TOSHIBA Corporation) -- C:\Windows\system32\DRIVERS\TVALZ_O.SYS -- (TVALZ [Boot | Running])
DRV - [2009/07/05 21:11:24 | 00,023,600 | ---- | M] (EnTech Taiwan) -- C:\Windows\System32\DRIVERS\TVICHW32.SYS -- (TVICHW32 [On_Demand | Stopped])
DRV - [2006/11/02 05:51:25 | 00,235,112 | ---- | M] (ULi Electronics Inc.) -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci [Disabled | Stopped])
DRV - [2006/11/02 05:50:35 | 00,098,408 | ---- | M] (Promise Technology, Inc.) -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata [Disabled | Stopped])
DRV - [2006/11/02 05:50:45 | 00,115,816 | ---- | M] (Promise Technology, Inc.) -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2 [Disabled | Stopped])
DRV - [2007/04/16 10:19:10 | 00,011,776 | ---- | M] (Chicony Electronics Co., Ltd.) -- C:\Windows\System32\Drivers\UVCFTR_S.SYS -- (UVCFTR [On_Demand | Running])
DRV - [2006/11/02 05:49:30 | 00,017,512 | ---- | M] (VIA Technologies, Inc.) -- C:\Windows\system32\drivers\viaide.sys -- (viaide [Disabled | Stopped])
DRV - [2006/11/02 05:50:41 | 00,112,232 | ---- | M] (VIA Technologies Inc.,Ltd) -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid [Disabled | Stopped])
========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://go.microsoft.com/fwlink/?LinkId=69157IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft.com/fwlink/?LinkId=54896IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft.com/fwlink/?LinkId=54896IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://go.microsoft.com/fwlink/?LinkId=69157 IE - HKU\.DEFAULT\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1214721553-2275925957-17590425-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft.com/fwlink/?LinkId=54896IE - HKU\S-1-5-21-1214721553-2275925957-17590425-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://www.blackle.com/IE - HKU\S-1-5-21-1214721553-2275925957-17590425-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-1214721553-2275925957-17590425-1000\S-1-5-21-1214721553-2275925957-17590425-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ========== FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.5
FF - HKLM\software\mozilla\Mozilla Firefox 3.5\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2009/07/06 16:00:10 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2009/07/06 15:59:52 | 00,000,000 | ---D | M]
[2009/07/06 16:00:31 | 00,000,000 | ---D | M] -- C:\Users\cam et Axel\AppData\Roaming\mozilla\Extensions
[2009/07/06 16:00:31 | 00,000,000 | ---D | M] -- C:\Users\cam et Axel\AppData\Roaming\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2009/07/06 16:00:31 | 00,000,000 | ---D | M] -- C:\Users\cam et Axel\AppData\Roaming\mozilla\Firefox\Profiles\cdjhjjl3.default\extensions
[2009/07/06 15:59:53 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions
[2009/07/06 15:59:53 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2009/06/24 11:27:47 | 00,023,544 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browserdirprovider.dll
[2009/06/24 11:27:47 | 00,137,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\brwsrcmp.dll
[2009/06/24 11:27:47 | 00,065,016 | ---- | M] (mozilla.org) -- C:\Program Files\mozilla firefox\plugins\npnul32.dll
[2009/06/24 08:31:33 | 00,001,516 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-france.xml
[2009/06/24 08:31:33 | 00,001,822 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\cnrtl-tlfi-fr.xml
[2009/06/24 08:31:33 | 00,000,757 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-france.xml
[2009/06/24 08:31:33 | 00,002,371 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\google.xml
[2009/06/24 08:31:33 | 00,001,426 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-fr.xml
[2009/06/24 08:31:33 | 00,000,652 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-france.xml
O1 HOSTS File: (761 bytes) - C:\Windows\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Aide pour le lien d'Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Skype add-on (mastermind)) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Programme d'aide de l'Assistant de connexion Windows Live) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.15642\swg.dll (Google Inc.)
O2 - BHO: (Google Dictionary Compression sdch) - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll (Google Inc.)
O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O2 - BHO: (Ask Toolbar BHO) - {F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL (Ask.com)
O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL (Ask.com)
O3 - HKU\S-1-5-21-1214721553-2275925957-17590425-1000\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKU\S-1-5-21-1214721553-2275925957-17590425-1000\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll (Google Inc.)
O3 - HKU\S-1-5-21-1214721553-2275925957-17590425-1000\..\Toolbar\WebBrowser: (Ask Toolbar) - {F0D4B239-DA4B-4DAF-81E4-DFEE4931A4AA} - C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL (Ask.com)
O4 - HKLM..\Run: [00TCrdMain] C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe (Lavasoft)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [Camera Assistant Software] C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe (Chicony)
O4 - HKLM..\Run: [COMODO Firewall Pro] C:\Program Files\COMODO\Firewall\cfp.exe (COMODO)
O4 - HKLM..\Run: [COMODO Internet Security] C:\Program Files\COMODO\Firewall\cfp.exe (COMODO)
O4 - HKLM..\Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe (Intel Corporation)
O4 - HKLM..\Run: [IgfxTray] C:\Windows\System32\igfxtray.exe (Intel Corporation)
O4 - HKLM..\Run: [Persistence] C:\Windows\System32\igfxpers.exe (Intel Corporation)
O4 - HKLM..\Run: [SmoothView] C:\Program Files\Toshiba\SmoothView\SmoothView.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics Incorporated)
O4 - HKLM..\Run: [TPwrMain] C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE (TOSHIBA Corporation)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.DLL (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.DLL (Microsoft Corporation)
O4 - HKU\S-1-5-21-1214721553-2275925957-17590425-1000..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-1214721553-2275925957-17590425-1000..\Run: [LtMoh] C:\Program Files\ltmoh\Ltmoh.exe (Agere Systems)
O4 - HKU\S-1-5-21-1214721553-2275925957-17590425-1000..\Run: [msnmsgr] C:\Program Files\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-1214721553-2275925957-17590425-1000..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-1214721553-2275925957-17590425-1000..\Run: [Skype] C:\Program Files\Skype\Phone\Skype.exe (Skype Technologies S.A.)
O4 - HKU\S-1-5-21-1214721553-2275925957-17590425-1000..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - Startup: C:\Users\cam et Axel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\PROGRA~1\MICROS~2\OFFICE12\EXCEL.EXE File not found
O8 - Extra context menu item: E&xporter vers Microsoft Excel - C:\Programmes\Microsoft Office\OFFICE11\EXCEL.EXE File not found
O9 - Extra 'Tools' menuitem : Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll (Sun Microsystems, Inc.)
O9 - Extra Button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programmes\Microsoft Office\OFFICE11\REFIEBAR.DLL File not found
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B}
http://appldnld.apple.com.edgesuite.net ... plugin.cab (QuickTime Object)
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83}
http://upload.facebook.com/controls/Fac ... oader5.cab (Facebook Photo Uploader 5)
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537}
http://gfx1.hotmail.com/mail/w2/resourc ... dfr-be.cab (MSN Photo Upload Tool)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93}
http://sdlc-esd.sun.com/ESD42/JSCDL/jre ... 586-jc.cab (Java Plug-in 1.6.0_06)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_05)
O16 - DPF: {CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_06)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_06)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000}
http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O16 - DPF: CabBuilder
http://kiw.imgag.com/imgag/kiw/toolbar/ ... ontrol.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programmes\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll File not found
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programmes\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll File not found
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Programmes\Common Files\microsoft shared\Web Components\11\OWC11.DLL File not found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programmes\Common Files\Skype\Skype4COM.dll File not found
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Filter: - text/xml - C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter: - x-sdch - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll (Google Inc.)
O20 - AppInit_DLLs: (C:\Windows\system32\guard32.dll) - C:\Windows\System32\guard32.dll (COMODO)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\Windows\System32\igfxdev.dll (Intel Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 17:43:36 | 00,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2007/06/13 22:43:16 | 00,000,000 | R--D | M] - H:\autorun -- [ FAT32 ]
O33 - MountPoints2\{b51ac4f0-803f-11dd-b4e0-001b381c4689}\Shell - "" = AutoRun
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\Windows\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - File not found
O34 - HKLM BootExecute: (lsdelete) - C:\Windows\System32\lsdelete.exe ()
========== Files/Folders - Created Within 30 Days ========== [5 C:\Windows\System32\*.tmp files]
[2009/07/19 21:53:23 | 00,000,000 | ---D | C] -- C:\Rooter$
[2009/07/19 08:58:57 | 00,000,188 | ---- | C] () -- C:\Users\cam et Axel\Desktop\AXL 232GB (H) - Raccourci.lnk
[2009/07/17 21:48:39 | 00,000,000 | ---D | C] -- C:\Users\cam et Axel\AppData\Local\Adobe
[2009/07/17 16:48:56 | 00,000,182 | ---- | C] () -- C:\Users\cam et Axel\Desktop\MP3 (F) - Raccourci.lnk
[2009/07/17 13:56:37 | 00,000,000 | ---D | C] -- C:\Users\cam et Axel\AppData\Roaming\Malwarebytes
[2009/07/17 13:56:31 | 00,038,160 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2009/07/17 13:56:28 | 00,019,096 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2009/07/17 13:56:28 | 00,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2009/07/17 13:56:12 | 00,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2009/07/17 13:36:02 | 00,000,000 | ---D | C] -- C:\MGADiagToolOutput
[2009/07/17 11:09:44 | 00,000,000 | ---D | C] -- C:\ProgramData\Office Genuine Advantage
[2009/07/15 12:47:47 | 00,156,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\t2embed.dll
[2009/07/15 12:47:46 | 00,289,792 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll
[2009/07/15 12:47:46 | 00,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fontsub.dll
[2009/07/15 12:47:46 | 00,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dciman32.dll
[2009/07/15 10:21:45 | 00,000,000 | R--D | C] -- C:\la_maison_aux_lilas_de_lanse
[2009/07/14 09:09:31 | 00,000,760 | ---- | C] () -- C:\Users\cam et Axel\Desktop\Music.lnk
[2009/07/13 15:28:02 | 00,000,000 | ---D | C] -- C:\WebUpdater
[2009/07/13 15:24:11 | 00,018,432 | ---- | C] (GARMIN Corp.) -- C:\Windows\System32\drivers\grmngen.sys
[2009/07/13 15:24:09 | 00,008,320 | ---- | C] (GARMIN Corp.) -- C:\Windows\System32\drivers\grmnusb.sys
[2009/07/13 15:23:49 | 00,000,000 | ---D | C] -- C:\Garmin
[2009/07/13 15:10:09 | 00,000,000 | ---D | C] -- C:\Program Files\dnrgarmin
[2009/07/13 13:59:05 | 00,000,000 | R--D | C] -- C:\Users\cam et Axel\Desktop\La Maison aux Lilas de l'Anse
[2009/07/12 15:17:41 | 00,000,205 | ---- | C] () -- C:\Users\cam et Axel\Desktop\Lecteur CD - Raccourci.lnk
[2009/07/07 20:35:02 | 00,000,000 | ---D | C] -- C:\Users\cam et Axel\Desktop\film
[2009/07/07 15:13:02 | 00,000,000 | ---D | C] -- C:\Program Files\Panda Security
[2009/07/07 07:49:28 | 00,015,688 | ---- | C] () -- C:\Windows\System32\lsdelete.exe
[2009/07/07 07:22:17 | 00,064,160 | ---- | C] (Lavasoft AB) -- C:\Windows\System32\drivers\Lbd.sys
[2009/07/07 07:22:17 | 00,000,000 | ---D | C] -- C:\Windows\System32\DRVSTORE
[2009/07/07 07:21:45 | 00,000,512 | ---- | C] () -- C:\Windows\tasks\Ad-Aware Update (Weekly).job
[2009/07/07 07:11:31 | 00,000,000 | -H-D | C] -- C:\ProgramData\{7972B2E5-3E09-4E5E-81B7-FE5819D6772F}
[2009/07/07 07:11:15 | 00,000,000 | ---D | C] -- C:\ProgramData\Lavasoft
[2009/07/06 23:16:55 | 00,000,000 | ---D | C] -- C:\Users\cam et Axel\AppData\Roaming\Lavasoft
[2009/07/06 23:16:37 | 00,000,000 | ---D | C] -- C:\Program Files\Lavasoft
[2009/07/06 22:10:33 | 00,000,000 | ---D | C] -- C:\swsetup
[2009/07/06 22:08:53 | 00,000,000 | ---D | C] -- C:\DRIVERS
[2009/07/06 22:03:51 | 00,000,000 | -H-D | C] -- C:\Program Files\Temp
[2009/07/06 22:01:02 | 00,053,248 | ---- | C] (Windows XP Bundled build C-Centric Single User) -- C:\Windows\System32\CSVer.dll
[2009/07/06 22:01:02 | 00,000,000 | ---D | C] -- C:\Program Files\Intel
[2009/07/06 20:52:58 | 00,397,312 | ---- | C] (Atheros) -- C:\Windows\System32\athihvs.dll
[2009/07/06 20:52:58 | 00,061,440 | ---- | C] (Atheros) -- C:\Windows\System32\athihvui.dll
[2009/07/06 20:52:58 | 00,000,000 | ---D | C] -- C:\Windows\System32\nn-NO
[2009/07/06 20:47:16 | 00,073,728 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll
[2009/07/06 20:46:42 | 00,001,746 | ---- | C] () -- C:\Windows\Language_trs.ini
[2009/07/06 16:00:14 | 00,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2009/07/06 16:00:08 | 00,000,000 | ---D | C] -- C:\Users\cam et Axel\AppData\Roaming\Mozilla
[2009/07/06 16:00:08 | 00,000,000 | ---D | C] -- C:\Users\cam et Axel\AppData\Local\Mozilla
[2009/07/06 15:59:41 | 00,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2009/07/06 15:55:41 | 00,000,526 | ---- | C] () -- C:\Users\cam et Axel\Desktop\FinePix S1000fd - Raccourci.lnk
[2009/07/06 15:10:59 | 00,029,696 | ---- | C] () -- C:\Users\cam et Axel\Documents\recherche logement.doc
[2009/07/06 14:42:09 | 00,000,000 | ---D | C] -- C:\Users\Public\Documents\Downloads
[2009/07/06 14:40:34 | 00,000,428 | ---- | C] () -- C:\Windows\tasks\ParetoLogic Update Version2.job
[2009/07/06 14:40:20 | 00,000,392 | ---- | C] () -- C:\Windows\tasks\DriverCure.job
[2009/07/06 14:40:08 | 00,000,000 | ---D | C] -- C:\Program Files\ParetoLogic
[2009/07/06 14:40:08 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\ParetoLogic
[2009/07/06 14:39:01 | 00,000,000 | ---D | C] -- C:\ProgramData\Downloaded Installations
[2009/07/05 21:46:30 | 00,000,000 | ---D | C] -- C:\ProgramData\WindowsSearch
[2009/07/05 21:19:10 | 00,000,000 | ---D | C] -- C:\Users\cam et Axel\AppData\Roaming\DriverCure
[2009/07/05 21:19:01 | 00,000,000 | ---D | C] -- C:\ProgramData\ParetoLogic
[2009/07/05 21:19:01 | 00,000,000 | ---D | C] -- C:\ProgramData\DriverCure
[2009/07/05 21:11:33 | 00,023,600 | ---- | C] (EnTech Taiwan) -- C:\Windows\System32\drivers\TVICHW32.SYS
[2009/07/05 19:20:01 | 00,000,000 | ---D | C] -- C:\ProgramData\PC Drivers HeadQuarters
[2009/06/29 16:53:21 | 00,000,422 | ---- | C] () -- C:\Windows\tasks\Driver Robot.job
[2009/06/24 19:17:47 | 00,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_SynTP_01007.Wdf
[2009/06/24 19:02:45 | 01,638,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2009/06/24 19:02:44 | 00,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2009/06/24 19:02:43 | 01,985,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iertutil.dll
[2009/06/24 19:02:43 | 00,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2009/06/24 19:02:43 | 00,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2009/06/24 19:02:43 | 00,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2009/06/24 19:02:42 | 00,915,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wininet.dll
[2009/06/24 19:02:42 | 00,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2009/06/24 19:02:41 | 01,207,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\urlmon.dll
[2009/06/24 19:02:41 | 00,385,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2009/06/24 19:02:40 | 01,469,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2009/06/24 19:02:38 | 11,064,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieframe.dll
[2009/06/24 19:02:38 | 05,936,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.dll
[2009/06/24 19:00:27 | 00,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\admparse.dll
[2009/06/24 19:00:27 | 00,066,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtmled.dll
[2009/06/24 19:00:27 | 00,059,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\icardie.dll
[2009/06/24 19:00:27 | 00,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtmler.dll
[2009/06/24 19:00:26 | 00,156,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll
[2009/06/24 19:00:26 | 00,066,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tdc.ocx
[2009/06/24 19:00:26 | 00,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\corpol.dll
[2009/06/24 19:00:25 | 00,348,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
[2009/06/24 19:00:25 | 00,216,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
[2009/06/24 19:00:25 | 00,183,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2009/06/24 19:00:25 | 00,125,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakeng.dll
[2009/06/24 19:00:25 | 00,034,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imgutil.dll
[2009/06/24 19:00:24 | 00,236,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\webcheck.dll
[2009/06/24 19:00:24 | 00,229,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll
[2009/06/24 19:00:24 | 00,193,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll
[2009/06/24 19:00:24 | 00,109,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\occache.dll
[2009/06/24 19:00:24 | 00,094,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inseng.dll
[2009/06/24 19:00:24 | 00,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2009/06/24 19:00:24 | 00,043,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2009/06/24 19:00:23 | 00,611,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll
[2009/06/24 19:00:23 | 00,594,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2009/06/24 19:00:23 | 00,208,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WinFXDocObj.exe
[2009/06/24 19:00:23 | 00,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakui.dll
[2009/06/24 19:00:23 | 00,128,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\advpack.dll
[2009/06/24 19:00:23 | 00,066,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wextract.exe
[2009/06/24 19:00:23 | 00,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pngfilt.dll
[2009/06/24 19:00:23 | 00,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2009/06/24 19:00:22 | 00,445,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2009/06/24 19:00:22 | 00,057,667 | ---- | C] () -- C:\Windows\System32\ieuinit.inf
[2009/06/24 19:00:21 | 00,726,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll
[2009/06/24 19:00:21 | 00,420,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vbscript.dll
[2009/06/24 19:00:21 | 00,105,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2009/06/24 19:00:20 | 00,385,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2009/06/24 19:00:19 | 03,698,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat
[2009/06/24 19:00:19 | 00,169,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iexpress.exe
[2009/06/24 19:00:19 | 00,132,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2009/06/24 19:00:19 | 00,109,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PDMSetup.exe
[2009/06/24 19:00:19 | 00,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2009/06/24 19:00:19 | 00,107,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe
[2009/06/24 19:00:19 | 00,107,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SetIEInstalledDate.exe
[2009/06/24 19:00:19 | 00,103,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SetDepNx.exe
[2009/06/24 19:00:19 | 00,045,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshta.exe
[2009/06/20 15:39:06 | 00,000,000 | ---D | C] -- C:\Users\cam et Axel\Desktop\musique CAM
[2009/04/27 16:28:01 | 00,000,382 | ---- | C] () -- C:\Windows\ODBC.INI
[2009/04/05 20:46:16 | 00,000,510 | ---- | C] () -- C:\Windows\WORDPAD.INI
[2008/11/30 20:50:02 | 00,000,000 | ---- | C] () -- C:\Windows\pcfriend.INI
[2008/10/20 13:58:41 | 00,000,000 | ---- | C] () -- C:\Windows\ToDisc.INI
[2008/06/18 13:51:06 | 00,147,456 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1504.dll
[2008/06/10 22:38:40 | 00,765,952 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2008/06/10 22:38:40 | 00,548,864 | ---- | C] () -- C:\Windows\System32\x264vfw.dll
[2008/06/10 22:38:40 | 00,180,224 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2008/06/10 22:38:40 | 00,110,080 | ---- | C] () -- C:\Windows\System32\advd.dll
[2008/06/10 22:38:40 | 00,061,440 | ---- | C] () -- C:\Windows\System32\cygz.dll
[2008/06/10 22:38:40 | 00,023,040 | ---- | C] () -- C:\Windows\System32\auth.dll
[2008/05/28 20:10:42 | 00,716,272 | ---- | C] () -- C:\Windows\System32\drivers\sptd.sys
[2008/05/21 22:59:25 | 00,128,113 | ---- | C] () -- C:\Windows\System32\csellang.ini
[2008/05/21 22:59:25 | 00,045,056 | ---- | C] () -- C:\Windows\System32\csellang.dll
[2008/05/21 22:59:25 | 00,010,150 | ---- | C] () -- C:\Windows\System32\tosmreg.ini
[2008/05/21 22:59:25 | 00,007,671 | ---- | C] () -- C:\Windows\System32\cseltbl.ini
[2008/05/21 22:27:22 | 00,204,800 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1227.dll
[2008/02/11 19:55:18 | 00,147,456 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1437.dll
[2006/11/02 08:35:32 | 00,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 06:23:31 | 00,000,219 | ---- | C] () -- C:\Windows\system.ini
[2006/11/02 06:23:31 | 00,000,144 | ---- | C] () -- C:\Windows\win.ini
[2006/11/02 03:40:29 | 00,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/03/09 00:58:00 | 01,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[1998/10/11 01:07:38 | 00,088,576 | ---- | C] () -- C:\Windows\System32\Iticheck.dll
========== Files - Modified Within 30 Days ========== [5 C:\Windows\System32\*.tmp files]
[2009/07/19 20:59:23 | 00,004,496 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2009/07/19 20:59:23 | 00,004,496 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2009/07/19 20:06:16 | 00,002,377 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2009/07/19 18:13:21 | 00,722,956 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2009/07/19 18:13:21 | 00,587,178 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2009/07/19 18:13:21 | 00,101,250 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2009/07/19 18:13:21 | 00,037,586 | ---- | M] () -- C:\Windows\System32\perfh00C.dat
[2009/07/19 18:13:21 | 00,013,966 | ---- | M] () -- C:\Windows\System32\perfc00C.dat
[2009/07/19 17:06:34 | 00,000,430 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{42C4E31F-7980-4CAF-9C65-BC128CED30F0}.job
[2009/07/19 16:59:13 | 00,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2009/07/19 16:59:09 | 00,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2009/07/19 16:59:07 | 16,002,49856 | -HS- | M] () -- C:\hiberfil.sys
[2009/07/19 09:39:11 | 04,127,941 | -H-- | M] () -- C:\Users\cam et Axel\AppData\Local\IconCache.db
[2009/07/19 08:58:57 | 00,000,188 | ---- | M] () -- C:\Users\cam et Axel\Desktop\AXL 232GB (H) - Raccourci.lnk
[2009/07/18 17:39:31 | 00,053,760 | ---- | M] () -- C:\Users\cam et Axel\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/07/17 16:48:56 | 00,000,182 | ---- | M] () -- C:\Users\cam et Axel\Desktop\MP3 (F) - Raccourci.lnk
[2009/07/17 00:35:00 | 00,000,428 | ---- | M] () -- C:\Windows\tasks\ParetoLogic Update Version2.job
[2009/07/16 18:58:01 | 00,000,760 | ---- | M] () -- C:\Users\cam et Axel\Desktop\Music.lnk
[2009/07/15 18:53:16 | 00,364,896 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2009/07/13 20:29:11 | 00,028,520 | ---- | M] (Avira GmbH) -- C:\Windows\System32\drivers\ssmdrv.sys
[2009/07/13 13:36:34 | 00,038,160 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2009/07/13 13:36:12 | 00,019,096 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2009/07/12 15:17:41 | 00,000,205 | ---- | M] () -- C:\Users\cam et Axel\Desktop\Lecteur CD - Raccourci.lnk
[2009/07/07 20:17:52 | 00,179,792 | ---- | M] (COMODO) -- C:\Windows\System32\guard32.dll
[2009/07/07 20:17:47 | 00,128,888 | ---- | M] (COMODO) -- C:\Windows\System32\drivers\cmdguard.sys
[2009/07/07 11:10:56 | 24,539,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mrt.exe
[2009/07/07 07:24:42 | 00,000,512 | ---- | M] () -- C:\Windows\tasks\Ad-Aware Update (Weekly).job
[2009/07/07 07:19:01 | 00,015,688 | ---- | M] () -- C:\Windows\System32\lsdelete.exe
[2009/07/07 07:18:13 | 00,064,160 | ---- | M] (Lavasoft AB) -- C:\Windows\System32\drivers\Lbd.sys
[2009/07/07 02:31:02 | 00,000,392 | ---- | M] () -- C:\Windows\tasks\DriverCure.job
[2009/07/06 22:20:00 | 00,016,096 | ---- | M] () -- C:\Windows\System32\results.xml
[2009/07/06 22:03:59 | 00,319,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\DIFxAPI.dll
[2009/07/06 20:46:42 | 00,001,746 | ---- | M] () -- C:\Windows\Language_trs.ini
[2009/07/06 16:00:14 | 00,000,000 | ---- | M] () -- C:\Windows\nsreg.dat
[2009/07/06 15:55:41 | 00,000,526 | ---- | M] () -- C:\Users\cam et Axel\Desktop\FinePix S1000fd - Raccourci.lnk
[2009/07/06 15:10:59 | 00,029,696 | ---- | M] () -- C:\Users\cam et Axel\Documents\recherche logement.doc
[2009/07/05 21:11:24 | 00,023,600 | ---- | M] (EnTech Taiwan) -- C:\Windows\System32\drivers\TVICHW32.SYS
[2009/07/05 08:39:25 | 00,074,328 | ---- | M] (COMODO) -- C:\Windows\System32\drivers\inspect.sys
[2009/07/05 08:36:54 | 00,029,520 | ---- | M] (COMODO) -- C:\Windows\System32\drivers\cmdhlp.sys
[2009/06/30 08:46:09 | 00,000,422 | ---- | M] () -- C:\Windows\tasks\Driver Robot.job
[2009/06/25 18:18:21 | 00,000,290 | RHS- | M] () -- C:\ProgramData\ntuser.pol
[2009/06/24 19:17:47 | 00,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_SynTP_01007.Wdf
========== LOP Check ========== [2009/07/17 13:56:37 | 00,000,000 | ---D | M] -- C:\Users\cam et Axel\AppData\Roaming
[2009/07/19 21:30:16 | 00,000,000 | ---D | M] -- C:\Users\cam et Axel\AppData\Roaming\com.zipeg
[2009/07/05 21:19:30 | 00,000,000 | ---D | M] -- C:\Users\cam et Axel\AppData\Roaming\DriverCure
[2009/06/19 20:58:10 | 00,000,000 | ---D | M] -- C:\Users\cam et Axel\AppData\Roaming\dvdcss
[2006/11/02 08:37:34 | 00,000,000 | ---D | M] -- C:\Users\cam et Axel\AppData\Roaming\Media Center Programs
[2008/07/28 17:24:39 | 00,000,000 | ---D | M] -- C:\Users\cam et Axel\AppData\Roaming\NCH Software
[2009/05/02 19:11:39 | 00,000,000 | ---D | M] -- C:\Users\cam et Axel\AppData\Roaming\NCH Swift Sound
[2009/06/12 22:08:18 | 00,000,000 | ---D | M] -- C:\Users\cam et Axel\AppData\Roaming\Opera
[2009/07/16 19:58:20 | 00,000,000 | ---D | M] -- C:\Users\cam et Axel\AppData\Roaming\Shareaza
[2008/05/21 23:15:44 | 00,000,000 | ---D | M] -- C:\Users\cam et Axel\AppData\Roaming\toshiba
[2008/10/11 21:05:10 | 00,000,000 | ---D | M] -- C:\Users\cam et Axel\AppData\Roaming\U3
[2008/06/13 18:01:02 | 00,000,000 | ---D | M] -- C:\Users\cam et Axel\AppData\Roaming\Uniblue
[2009/05/31 23:14:57 | 00,000,000 | ---D | M] -- C:\Users\cam et Axel\AppData\Roaming\uTorrent
[2006/11/02 08:37:34 | 00,000,000 | ---D | M] -- C:\Users\Default\AppData\Roaming
[2006/11/02 08:37:34 | 00,000,000 | ---D | M] -- C:\Users\Default\AppData\Roaming\Media Center Programs
[2006/11/02 08:37:34 | 00,000,000 | ---D | M] -- C:\Users\Default User\AppData\Roaming
[2006/11/02 08:37:34 | 00,000,000 | ---D | M] -- C:\Users\Default User\AppData\Roaming\Media Center Programs
[2009/07/07 07:24:42 | 00,000,512 | ---- | M] () -- C:\Windows\Tasks\Ad-Aware Update (Weekly).job
[2009/06/30 08:46:09 | 00,000,422 | ---- | M] () -- C:\Windows\Tasks\Driver Robot.job
[2009/07/07 02:31:02 | 00,000,392 | ---- | M] () -- C:\Windows\Tasks\DriverCure.job
[2009/07/17 00:35:00 | 00,000,428 | ---- | M] () -- C:\Windows\Tasks\ParetoLogic Update Version2.job
[2009/07/19 16:59:13 | 00,000,006 | -H-- | M] () -- C:\Windows\Tasks\SA.DAT
[2009/07/19 12:54:44 | 00,032,586 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2009/07/19 17:06:34 | 00,000,430 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{42C4E31F-7980-4CAF-9C65-BC128CED30F0}.job
========== Alternate Data Streams ========== @Alternate Data Stream - 16 bytes -> C:\Users\cam et Axel\Documents\Mes fichiers reçus:Shareaza.GUID
< End of report >
and Extras.txt
OTL Extras logfile created on: 19/07/2009 9:52:57 PM - Run 2
OTL by OldTimer - Version 3.0.9.2 Folder = C:\Users\cam et Axel\Desktop\Sécurité
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18783)
Locale: 00001009 | Country: Canada | Language: ENC | Date Format: dd/MM/yyyy
1.49 Gb Total Physical Memory | 0.62 Gb Available Physical Memory | 41.42% Memory free
3.23 Gb Paging File | 1.53 Gb Available in Paging File | 47.29% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 96.40 Gb Total Space | 40.61 Gb Free Space | 42.13% Space Free | Partition Type: NTFS
Drive D: | 6.63 Gb Total Space | 2.49 Gb Free Space | 37.59% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
Drive F: | 1.92 Gb Total Space | 0.68 Gb Free Space | 35.70% Space Free | Partition Type: FAT32
G: Drive not present or media not loaded
Drive H: | 232.83 Gb Total Space | 23.89 Gb Free Space | 10.26% Space Free | Partition Type: FAT32
I: Drive not present or media not loaded
Computer Name: ORDIDECAMETAXEL
Current User Name: cam et Axel
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
[HKEY_USERS\S-1-5-21-1214721553-2275925957-17590425-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ========== ========== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{DCEFEA72-BB14-461D-A1D2-A8F1D532C92F}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{F3A4721A-2D7E-457E-8EDE-B23C00AC1600}" = lport=2869 | protocol=6 | dir=in | app=system |
========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{054311F3-2A17-45EF-859D-CB7821546F7C}" = dir=in | app=c:\program files\windows live\messenger\wlcsdk.exe |
"{150A5F6A-3815-4400-9445-AD60C05D58D4}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{1723E8AA-1724-44D5-82DA-221A0EE4F8F6}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{22C65408-18FF-421E-98C2-01638644E6DF}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{3A62957B-AFDC-4E7B-B7CC-E6F92852DD2A}" = protocol=6 | dir=in | app=c:\program files\winamp remote\bin\orbir.exe |
"{3AB9A310-5AD7-44FA-BD31-5A25005DC111}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{3ADB83B7-801F-4950-96C5-1BC739F2E6C4}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{3B72026E-321B-40DC-9E15-F9A859AB809D}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{4129BFBD-2EA9-438B-8A27-991A608F9BAE}" = protocol=17 | dir=in | app=c:\program files\winamp remote\bin\orbstreamerclient.exe |
"{501EBE2B-101A-44AD-A5E5-BA44EE1670E9}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{5E2EA5C6-4649-49CE-BB66-A73B938A9E26}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{64CA389B-82EE-470C-8330-6FA3B33E3819}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{68F65B40-1A97-46CB-9BDD-83004C19AD0E}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{6A021AAC-B5FF-45CB-9FD5-E28B18F9EB4D}" = protocol=6 | dir=in | app=c:\program files\winamp remote\bin\orbtray.exe |
"{6D157396-EBD1-4D96-A937-21F6117CC0B5}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{77DB21C7-83C8-4C64-9337-9932AF421E19}" = protocol=6 | dir=in | app=c:\program files\winamp remote\bin\orb.exe |
"{79216EFB-57CD-4ACC-91B4-62A7D8897DAE}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{7CE78871-4C43-4DAD-B036-8214B5CBC04B}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{7E9E6DC7-13ED-4B7D-9C91-9FB0E530EBAA}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{8E723A22-1AFA-4E2E-B7D8-43BD5EA1D4E2}" = protocol=6 | dir=in | app=c:\program files\winamp remote\bin\orbstreamerclient.exe |
"{9576C0D4-E441-4BAD-B81E-3C6767D6533E}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe |
"{9998F0D8-FA6C-43AD-9218-0B29D9065C7D}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{9C3F7562-2509-4B53-BC2F-315A03D3AD07}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{A07AC268-4E2F-4BF5-B49A-AC647727DE1A}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{A5973FC9-ECFC-4EAD-B4D4-42DD0AAA4B0D}" = protocol=6 | dir=in | app=c:\program files\veoh networks\veohwebplayer\veohwebplayer.exe |
"{AD72C3D7-7181-4D35-915B-C1C0310845E4}" = protocol=17 | dir=in | app=c:\program files\winamp remote\bin\orbir.exe |
"{BA50843C-A353-4C9E-AEF8-BCAA389DA04F}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{C3B7B3DD-C54D-438E-A0A4-BC36B45A710E}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{C472A02B-9200-41FE-90E8-856B9A358ADB}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{C50B8391-D37A-4FE2-8DD0-1C29BA910495}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{C8E0402B-BD78-43DE-B638-18CCC4BC015F}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{CDD5218A-1F1B-462A-A053-BC8DF0367833}" = protocol=17 | dir=in | app=c:\program files\winamp remote\bin\orb.exe |
"{DC7E5459-6564-451A-BEC9-DD7789BBD56E}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{DEC8D3EB-68CA-406C-961E-72CD63CC9495}" = protocol=17 | dir=in | app=c:\program files\veoh networks\veohwebplayer\veohwebplayer.exe |
"{E2E0D76A-E217-4F70-9F67-4B994FA8B2AD}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{E33446D3-C60D-46C6-A79D-1D958EB85A9B}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{E99F3D87-A04A-4C9F-8E14-06FC7C3D291D}" = protocol=17 | dir=in | app=c:\program files\winamp remote\bin\orbtray.exe |
"{F9961288-FBE1-4751-B100-5265FAF1FE89}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{FFC2582B-9345-45ED-9472-B8137BDB1EF2}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"TCP Query User{19A2E73C-3A21-4C32-9121-294CD2652138}C:\program files\soulseekns\slsk.exe" = protocol=6 | dir=in | app=c:\program files\soulseekns\slsk.exe |
"TCP Query User{4D646ECD-B8F1-4E80-8A70-B428258C6B85}C:\program files\videolan\vlc\vlc.exe" = protocol=6 | dir=in | app=c:\program files\videolan\vlc\vlc.exe |
"TCP Query User{50EB4C10-5E75-4C54-8401-1408136C3623}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"TCP Query User{5EDF479A-1E46-464F-9F12-F928862B5A46}C:\program files\soulseekns\slsk.exe" = protocol=6 | dir=in | app=c:\program files\soulseekns\slsk.exe |
"TCP Query User{6402FFBD-117B-4320-B699-2CE3D1C86F46}C:\program files\winamp\winamp.exe" = protocol=6 | dir=in | app=c:\program files\winamp\winamp.exe |
"TCP Query User{773D7F1B-7306-4267-A1E1-1CBF2A256E0A}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"TCP Query User{9B6B1BF6-5150-46D9-9C5B-6ADCF8EA1F0D}C:\program files\utorrent\utorrent.exe" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"TCP Query User{B6A4F749-27C5-4B47-8EB0-EABACDBC2766}C:\program files\soulseek\slsk.exe" = protocol=6 | dir=in | app=c:\program files\soulseek\slsk.exe |
"TCP Query User{BA1EEC1E-E500-4DF9-8EA8-AE8017F96AF5}C:\program files\adsltv\adsltv.exe" = protocol=6 | dir=in | app=c:\program files\adsltv\adsltv.exe |
"TCP Query User{D3E4473A-D58B-479F-9A36-1D52DBD9C9EC}C:\program files\soulseek\slsk.exe" = protocol=6 | dir=in | app=c:\program files\soulseek\slsk.exe |
"UDP Query User{2B464FD8-3A6E-4509-B0AA-E1C3CA05737F}C:\program files\adsltv\adsltv.exe" = protocol=17 | dir=in | app=c:\program files\adsltv\adsltv.exe |
"UDP Query User{8C89D9F7-92A3-4822-9D61-807D43D60330}C:\program files\soulseekns\slsk.exe" = protocol=17 | dir=in | app=c:\program files\soulseekns\slsk.exe |
"UDP Query User{AADAA93B-8298-4B81-874F-5708A44CB144}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{D0B76765-1959-4C49-8131-27BD08DE279A}C:\program files\soulseek\slsk.exe" = protocol=17 | dir=in | app=c:\program files\soulseek\slsk.exe |
"UDP Query User{D1A8CDD1-62EC-4F9D-9E82-1CAFC7638030}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{DDA92237-5BF9-491C-8D00-88C584E26563}C:\program files\soulseekns\slsk.exe" = protocol=17 | dir=in | app=c:\program files\soulseekns\slsk.exe |
"UDP Query User{DFB29A67-5F83-4F72-B61E-DFAD29883BE3}C:\program files\utorrent\utorrent.exe" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"UDP Query User{E9CEAC5A-97B6-492F-9DA4-78790744D6ED}C:\program files\videolan\vlc\vlc.exe" = protocol=17 | dir=in | app=c:\program files\videolan\vlc\vlc.exe |
"UDP Query User{EB60D57F-650C-4C2D-A57F-8C85C58B6708}C:\program files\winamp\winamp.exe" = protocol=17 | dir=in | app=c:\program files\winamp\winamp.exe |
"UDP Query User{F8CC7AFD-1D4F-4581-BA19-0E985D83BC04}C:\program files\soulseek\slsk.exe" = protocol=17 | dir=in | app=c:\program files\soulseek\slsk.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{059C042E-796A-4ACC-A81A-ECC2010BB78C}" = Windows Live Messenger
"{08CA9554-B5FE-4313-938F-D4A417B81175}" = QuickTime
"{12688FD7-CB92-4A5B-BEE4-5C8E0574434F}" = Utility Common Driver
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{197A3012-8C85-4FD3-AB66-9EC7E13DB92E}" = Adobe AIR
"{1E0D8F69-A6AB-4934-9B2D-159D9F97BA4A}" = ParetoLogic DriverCure
"{1EBB57D4-63FF-87CC-A0F0-D73982CF6008}" = Adobe Media Player
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Outil de téléchargement Windows Live
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{236BB7C4-4419-42FD-0409-1E257A25E34D}" = Adobe Photoshop CS2
"{24D753CA-6AE9-4E30-8F5F-EFC93E08BF3D}" = Skype™ 4.0
"{28006915-2739-4EBE-B5E8-49B25D32EB33}" = Atheros Client Installation Program
"{3248F0A8-6813-11D6-A77B-00B0D0160050}" = Java(TM) 6 Update 5
"{3248F0A8-6813-11D6-A77B-00B0D0160060}" = Java(TM) 6 Update 6
"{37C866E4-AA67-4725-9E95-A39968DD7960}" = Camera Assistant Software for Toshiba
"{3A2AF807-9F9F-43C9-A24A-17B617238B74}" = OpenOffice.org Installer 1.0
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{414A373B-59DF-4102-94CA-9FE9A74CBDDA}" = Garmin Trip and Waypoint Manager v5
"{44E54A81-9D91-4AA1-9417-80AFF134F5FF}" = Galerie de photos Windows Live
"{4CBA3D4C-8F51-4D60-B27E-F6B641C571E7}" = Microsoft Search Enhancement Pack
"{4DE3E3D9-AE81-45DE-9195-3015F7B1DBF3}" = Junk Mail filter update
"{5DA0E02F-970B-424B-BF41-513A5018E4C0}" = TOSHIBA Disc Creator
"{63DC2DA0-2A6C-4C38-9249-B75395458657}" = Windows Live Mail
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7370DF47-B4F9-4279-BFC3-3F09919F720D}" = Installation Windows Live
"{786C5747-1033-0000-B58E-000000000001}" = Adobe Stock Photos 1.0
"{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}" = Windows Live Call
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8136 8168 8169 Ethernet Driver
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8EDBA74D-0686-4C99-BFDD-F894678E5B39}" = Adobe Common File Installer
"{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}" = Choice Guard
"{9084040C-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Excel Viewer 2003
"{90850409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Word Viewer 2003
"{90AF0409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office PowerPoint Viewer 2003
"{9112040C-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Standard Edition 2003
"{95120000-00AF-040C-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (French)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9C5EB781-0D37-44B8-9A58-77B3E4BF5F5E}" = Windows Live Sync
"{AC76BA86-7AD7-1036-7B44-A81200000003}" = Adobe Reader 8.1.2 - Français
"{B74D4E10-1033-0000-0000-000000000001}" = Adobe Bridge 1.0
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{D3116CC7-24DC-4CA3-9CE1-23FED836E9F2}" = Assistant de connexion Windows Live
"{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}" = Ad-Aware
"{E12337CF-154E-4191-A024-76561E06F3FF}" = DNRGarmin
"{E9787678-1033-0000-8E67-000000000001}" = Adobe Help Center 1.0
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F7D27C70-90F5-49B9-B188-0A133C0CE353}" = Windows Live Toolbar
"{FEDD27A0-B306-45EF-BF58-B527406B42C8}" = TOSHIBA Value Added Package
"Ad-Aware" = Ad-Aware
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Photoshop CS2 - {236BB7C4-4419-42FD-0409-1E257A25E34D}" = Adobe Photoshop CS2
"AskSBar Uninstall" = Ask Toolbar
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"CCleaner" = CCleaner (remove only)
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"COMODO Firewall Pro" = COMODO Firewall Pro
"DVD Shrink_is1" = DVD Shrink 3.2
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"HijackThis" = HijackThis 2.0.2
"InstallShield_{FEDD27A0-B306-45EF-BF58-B527406B42C8}" = TOSHIBA Value Added Package
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Mozilla Firefox (3.5)" = Mozilla Firefox (3.5)
"PCFriendly" = PCFriendly
"Postal 2" = Postal 2
"Postal 2 Apocalypse Weekend Expansion Pack" = Postal 2 Apocalypse Weekend Expansion Pack
"Power DVD to AVI XVID Extractor_is1" = Power DVD to AVI XVID Extractor 6.0.2
"SubtitleWorkshop" = Subtitle Workshop 2.51
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"VLC media player" = VideoLAN VLC media player 0.8.6c
"Winamp" = Winamp
"WinLiveSuite_Wave3" = Installation Windows Live
"Zipeg" = Zipeg
========== Last 10 Event Log Errors ========== [ Application Events ]
Error - 06/07/2009 10:08:28 PM | Computer Name = Ordidecametaxel | Source = VSS | ID = 8194
Description =
Error - 06/07/2009 10:09:06 PM | Computer Name = Ordidecametaxel | Source = VSS | ID = 8194
Description =
Error - 06/07/2009 10:10:05 PM | Computer Name = Ordidecametaxel | Source = VSS | ID = 8194
Description =
Error - 06/07/2009 10:11:06 PM | Computer Name = Ordidecametaxel | Source = VSS | ID = 8194
Description =
Error - 07/07/2009 7:11:41 AM | Computer Name = Ordidecametaxel | Source = Lavasoft Ad-Aware Service | ID = 0
Description =
Error - 12/07/2009 8:19:09 AM | Computer Name = Ordidecametaxel | Source = VSS | ID = 8194
Description =
Error - 12/07/2009 8:24:42 AM | Computer Name = Ordidecametaxel | Source = VSS | ID = 8194
Description =
Error - 12/07/2009 8:35:33 AM | Computer Name = Ordidecametaxel | Source = Application Error | ID = 1000
Description = Application défaillante RegCure.exe, version 1.5.2.7, horodatage 0x49590e89,
module défaillant unknown, version 0.0.0.0, horodatage 0x00000000, code d’exception
0xc0000005, décalage d’erreur 0x428d0824, ID du processus 0x15ec, heure de début
de l’application 0x01ca02ebfe10785b.
Error - 12/07/2009 3:19:31 PM | Computer Name = Ordidecametaxel | Source = Application Error | ID = 1000
Description = Application défaillante vlc.exe, version 0.8.6.0, horodatage 0x4675098d,
module défaillant libvlc.dll, version 0.0.0.0, horodatage 0x4675098d, code d’exception
0xc0000005, décalage d’erreur 0x0001177f, ID du processus 0x1228, heure de début
de l’application 0x01ca0325a8d086c0.
Error - 17/07/2009 11:23:22 PM | Computer Name = Ordidecametaxel | Source = Windows Search Service | ID = 3024
Description =
[ System Events ]
Error - 19/07/2009 10:30:02 AM | Computer Name = Ordidecametaxel | Source = Application Popup | ID = 875
Description = Le chargement du pilote sfdrv01.sys a été bloqué.
Error - 19/07/2009 10:30:43 AM | Computer Name = Ordidecametaxel | Source = HTTP | ID = 15016
Description =
Error - 19/07/2009 10:30:52 AM | Computer Name = Ordidecametaxel | Source = Service Control Manager | ID = 7026
Description =
Error - 19/07/2009 12:32:54 PM | Computer Name = Ordidecametaxel | Source = Application Popup | ID = 875
Description = Le chargement du pilote sfdrv01.sys a été bloqué.
Error - 19/07/2009 12:33:30 PM | Computer Name = Ordidecametaxel | Source = HTTP | ID = 15016
Description =
Error - 19/07/2009 12:33:39 PM | Computer Name = Ordidecametaxel | Source = Service Control Manager | ID = 7026
Description =
Error - 19/07/2009 12:35:23 PM | Computer Name = Ordidecametaxel | Source = Dhcp | ID = 1001
Description = Le réseau n'a attribué aucune adresse à votre ordinateur (par le serveur
DHCP) pour la carte réseau avec l'adresse réseau 001B9E36B2D9. Il s'est produit
l'erreur suivante : %%121. Votre ordinateur va continuer à essayer d'obtenir sa
propre adresse auprès du serveur d'adresse réseau (DHCP).
Error - 19/07/2009 4:58:31 PM | Computer Name = Ordidecametaxel | Source = Application Popup | ID = 875
Description = Le chargement du pilote sfdrv01.sys a été bloqué.
Error - 19/07/2009 4:59:13 PM | Computer Name = Ordidecametaxel | Source = HTTP | ID = 15016
Description =
Error - 19/07/2009 4:59:24 PM | Computer Name = Ordidecametaxel | Source = Service Control Manager | ID = 7026
Description =
< End of report >
I know there is some confidential things here so I hope I can trust you, but I'm sure I can... Thanks again for helping me...